KR102257943B1 - 영구 인증을 위한 프라이버시 보호 지식/팩터 보유 테스트들 - Google Patents

영구 인증을 위한 프라이버시 보호 지식/팩터 보유 테스트들 Download PDF

Info

Publication number
KR102257943B1
KR102257943B1 KR1020157029514A KR20157029514A KR102257943B1 KR 102257943 B1 KR102257943 B1 KR 102257943B1 KR 1020157029514 A KR1020157029514 A KR 1020157029514A KR 20157029514 A KR20157029514 A KR 20157029514A KR 102257943 B1 KR102257943 B1 KR 102257943B1
Authority
KR
South Korea
Prior art keywords
authentication
hashes
hash
server
user
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
KR1020157029514A
Other languages
English (en)
Korean (ko)
Other versions
KR20150132467A (ko
Inventor
오메르 버크만
마르셀 엠.엠. 영
Original Assignee
구글 엘엘씨
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 구글 엘엘씨 filed Critical 구글 엘엘씨
Publication of KR20150132467A publication Critical patent/KR20150132467A/ko
Application granted granted Critical
Publication of KR102257943B1 publication Critical patent/KR102257943B1/ko
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/40User authentication by quorum, i.e. whereby two or more security principals are required
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0407Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the identity of one or more communicating identities is hidden
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3218Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using proof of knowledge, e.g. Fiat-Shamir, GQ, Schnorr, ornon-interactive zero-knowledge proofs
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2103Challenge-response

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Software Systems (AREA)
  • Computing Systems (AREA)
  • Storage Device Security (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)
  • User Interface Of Digital Computer (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)
KR1020157029514A 2013-03-15 2014-03-07 영구 인증을 위한 프라이버시 보호 지식/팩터 보유 테스트들 Active KR102257943B1 (ko)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US13/844,619 2013-03-15
US13/844,619 US8949960B2 (en) 2013-03-15 2013-03-15 Privacy preserving knowledge and factor possession tests for persistent authentication
PCT/US2014/022075 WO2014150064A1 (en) 2013-03-15 2014-03-07 Privacy preserving knowledge/factor possession tests for persistent authentication

Publications (2)

Publication Number Publication Date
KR20150132467A KR20150132467A (ko) 2015-11-25
KR102257943B1 true KR102257943B1 (ko) 2021-05-28

Family

ID=51535030

Family Applications (1)

Application Number Title Priority Date Filing Date
KR1020157029514A Active KR102257943B1 (ko) 2013-03-15 2014-03-07 영구 인증을 위한 프라이버시 보호 지식/팩터 보유 테스트들

Country Status (8)

Country Link
US (1) US8949960B2 (https=)
EP (1) EP2973162B1 (https=)
JP (2) JP6352381B2 (https=)
KR (1) KR102257943B1 (https=)
CN (1) CN105210071B (https=)
AU (1) AU2014237590B2 (https=)
BR (1) BR112015023183B1 (https=)
WO (1) WO2014150064A1 (https=)

Families Citing this family (18)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
ES2707533T3 (es) * 2014-03-16 2019-04-03 Haventec Pty Ltd Sistema de autenticación persistente que incorpora códigos de acceso de un solo uso
CN110765429B (zh) * 2014-06-24 2023-10-27 创新先进技术有限公司 用户身份识别方法、安全保护问题生成方法及装置
US12598197B2 (en) 2015-10-28 2026-04-07 Qomplx Llc System and methods for detecting authentication object forgery or manipulation attacks
US12224992B2 (en) 2015-10-28 2025-02-11 Qomplx Llc AI-driven defensive cybersecurity strategy analysis and recommendation system
US12506715B2 (en) 2015-10-28 2025-12-23 Qomplx Llc Network authentication toxicity assessment
US12500870B2 (en) 2015-10-28 2025-12-16 Qomplx Llc Network action classification and analysis using widely distributed and selectively attributed sensor nodes and cloud-based processing
US12556523B2 (en) 2015-10-28 2026-02-17 Qomplx Llc Dynamic authentication attack detection and enforcement at network, application, and host level
US10742647B2 (en) * 2015-10-28 2020-08-11 Qomplx, Inc. Contextual and risk-based multi-factor authentication
US12580898B2 (en) 2015-10-28 2026-03-17 Qomplx Llc Master ledger and local host log extension detection and mitigation of forged authentication attacks
US20250039196A1 (en) 2023-07-27 2025-01-30 Qomplx Llc System and method for track and trace user and entity behavior analysis
US20220014555A1 (en) 2015-10-28 2022-01-13 Qomplx, Inc. Distributed automated planning and execution platform for designing and running complex processes
US11570209B2 (en) 2015-10-28 2023-01-31 Qomplx, Inc. Detecting and mitigating attacks using forged authentication objects within a domain
CN107070871B (zh) * 2017-01-12 2020-04-24 阿里巴巴集团控股有限公司 一种身份验证的方法及装置
US20240146734A1 (en) * 2017-06-24 2024-05-02 Crowdstrike, Inc. Large language model-based authentication
JP7597027B2 (ja) * 2019-06-05 2024-12-10 ソニーグループ株式会社 情報処理装置、及び情報処理方法
US20220239489A1 (en) * 2019-06-05 2022-07-28 Sony Group Corporation Identity verification program, identity verification method, user terminal, and user authentication program
CN111310234B (zh) * 2020-05-09 2020-11-03 支付宝(杭州)信息技术有限公司 基于零知识证明的个人数据处理方法、装置及电子设备
US12309132B1 (en) * 2024-07-12 2025-05-20 Cortwo Corp. Continuous universal trust architecture and method

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060037073A1 (en) * 2004-07-30 2006-02-16 Rsa Security, Inc. PIN recovery in a smart card
US20130046993A1 (en) * 2007-01-22 2013-02-21 Spyrus, Inc. Portable Data Encryption Device with Configurable Security Functionality and Method for File Encryption

Family Cites Families (17)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6760752B1 (en) 1999-06-28 2004-07-06 Zix Corporation Secure transmission system
US20060085647A1 (en) * 2000-03-24 2006-04-20 Neff C A Detecting compromised ballots
US7228417B2 (en) 2002-02-26 2007-06-05 America Online, Inc. Simple secure login with multiple-authentication providers
US7725730B2 (en) 2002-08-09 2010-05-25 Emc Corporation Cryptographic methods and apparatus for secure authentication
CN101115072B (zh) * 2003-07-28 2012-11-14 索尼株式会社 信息处理设备和方法
US20070162961A1 (en) 2005-02-25 2007-07-12 Kelvin Tarrance Identification authentication methods and systems
JP4697583B2 (ja) 2005-03-02 2011-06-08 琢晃 伊藤 個人情報の漏洩を回避した個人認証システム
US7694138B2 (en) * 2005-10-21 2010-04-06 Avaya Inc. Secure authentication with voiced responses from a telecommunications terminal
US7739733B2 (en) 2005-11-02 2010-06-15 Emc Corporation Storing digital secrets in a vault
US9166782B2 (en) 2006-04-25 2015-10-20 Stephen Laurence Boren Dynamic distributed key system and method for identity management, authentication servers, data security and preventing man-in-the-middle attacks
JP4917453B2 (ja) * 2007-02-22 2012-04-18 Kddi株式会社 閾値秘密分散装置、閾値秘密分散方法、秘密情報復元方法およびプログラム
CN101145911B (zh) 2007-10-30 2010-05-19 江汉大学 具有私密保护及口令找回功能的身份认证方法
US8156333B2 (en) * 2008-05-29 2012-04-10 Red Hat, Inc. Username based authentication security
JP6220110B2 (ja) * 2008-09-26 2017-10-25 コーニンクレッカ フィリップス エヌ ヴェKoninklijke Philips N.V. デバイス及びユーザの認証
US8527758B2 (en) * 2009-12-09 2013-09-03 Ebay Inc. Systems and methods for facilitating user identity verification over a network
US8842827B2 (en) * 2010-07-16 2014-09-23 Intryca, Inc. Mobile phone aided operations system and method
JP4820928B1 (ja) 2011-07-08 2011-11-24 株式会社野村総合研究所 認証システムおよび認証方法

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060037073A1 (en) * 2004-07-30 2006-02-16 Rsa Security, Inc. PIN recovery in a smart card
US20130046993A1 (en) * 2007-01-22 2013-02-21 Spyrus, Inc. Portable Data Encryption Device with Configurable Security Functionality and Method for File Encryption

Also Published As

Publication number Publication date
EP2973162A1 (en) 2016-01-20
AU2014237590A1 (en) 2015-09-10
CN105210071A (zh) 2015-12-30
JP2016512931A (ja) 2016-05-09
AU2014237590B2 (en) 2019-02-28
BR112015023183B1 (pt) 2022-04-05
US8949960B2 (en) 2015-02-03
BR112015023183A8 (pt) 2018-01-02
JP6352381B2 (ja) 2018-07-04
KR20150132467A (ko) 2015-11-25
WO2014150064A1 (en) 2014-09-25
US20140282942A1 (en) 2014-09-18
JP6494584B2 (ja) 2019-04-03
JP2017073789A (ja) 2017-04-13
EP2973162A4 (en) 2016-09-07
BR112015023183A2 (pt) 2017-07-18
CN105210071B (zh) 2018-06-01
EP2973162B1 (en) 2018-06-06

Similar Documents

Publication Publication Date Title
KR102257943B1 (ko) 영구 인증을 위한 프라이버시 보호 지식/팩터 보유 테스트들
US11233637B2 (en) System and method for validating an entity
US11271926B2 (en) System and method for temporary password management
US10735407B2 (en) System and method for temporary password management
US11388174B2 (en) System and method for securing a communication channel
US20250088507A1 (en) Privacy-Preserving Biometric Authentication
US9286466B2 (en) Registration and authentication of computing devices using a digital skeleton key
US20240121098A1 (en) Scalable Authentication System with Synthesized Signed Challenge
Yang et al. Cloud password manager using privacy-preserved biometrics
Assiri et al. Homomorphic password manager using multiple-hash with PUF
CN116318617B (zh) 基于rfid和区块链的医疗救援物资慈善捐助方法
Nakouri et al. A new biometric-based security framework for cloud storage
JP6087480B1 (ja) 認証装置、認証システム及び認証プログラム
EP3909197A1 (en) Authentication system with reduced attack surface
CN117235763A (zh) 一种联邦大模型聚合操作加密方法及设备
Jubur On the security and usability of new paradigms of Web authentication
WO2025122333A1 (en) Scalable authentication system with synthesized signed challenge
WO2023073050A1 (en) Recovering access to a user account
Maqbali Strengthening Password-Based Authentication

Legal Events

Date Code Title Description
PA0105 International application

Patent event date: 20151014

Patent event code: PA01051R01D

Comment text: International Patent Application

PG1501 Laying open of application
A201 Request for examination
PA0201 Request for examination

Patent event code: PA02012R01D

Patent event date: 20190306

Comment text: Request for Examination of Application

E902 Notification of reason for refusal
PE0902 Notice of grounds for rejection

Comment text: Notification of reason for refusal

Patent event date: 20200617

Patent event code: PE09021S01D

AMND Amendment
E601 Decision to refuse application
PE0601 Decision on rejection of patent

Patent event date: 20210128

Comment text: Decision to Refuse Application

Patent event code: PE06012S01D

Patent event date: 20200617

Comment text: Notification of reason for refusal

Patent event code: PE06011S01I

X091 Application refused [patent]
AMND Amendment
PX0901 Re-examination

Patent event code: PX09011S01I

Patent event date: 20210128

Comment text: Decision to Refuse Application

Patent event code: PX09012R01I

Patent event date: 20200917

Comment text: Amendment to Specification, etc.

PX0701 Decision of registration after re-examination

Patent event date: 20210325

Comment text: Decision to Grant Registration

Patent event code: PX07013S01D

Patent event date: 20210302

Comment text: Amendment to Specification, etc.

Patent event code: PX07012R01I

Patent event date: 20210128

Comment text: Decision to Refuse Application

Patent event code: PX07011S01I

Patent event date: 20200917

Comment text: Amendment to Specification, etc.

Patent event code: PX07012R01I

X701 Decision to grant (after re-examination)
GRNT Written decision to grant
PR0701 Registration of establishment

Comment text: Registration of Establishment

Patent event date: 20210524

Patent event code: PR07011E01D

PR1002 Payment of registration fee

Payment date: 20210524

End annual number: 3

Start annual number: 1

PG1601 Publication of registration