Check patentability & draft patents in minutes with Patsnap Eureka AI!

Password authentication method for preventing password certificate from being leaked

A password authentication and credential technology, applied in user identity/authority verification, digital transmission systems, electrical components, etc., can solve problems such as obtaining user passwords, achieve strong security guarantees, and enhance password protection effects

Active Publication Date: 2022-01-18
UNIV OF ELECTRONIC SCI & TECH OF CHINA
View PDF8 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

An external adversary cannot obtain any information about user passwords from the compromised credential database, even if he is able to compromise some key servers

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0022] (1) System initialization phase

[0023] Determine the system public parameter set {p, G, g, G according to the security parameters T , H, e, t, n}, where p is a prime number, G is a multiplicative cyclic group of order p, g is a generator of G, and G T is a cyclic group of order p, H: {0, 1} * →G is a secure hash function, e: G×G→G T is a bilinear map, t is the threshold in the threshold secret sharing scheme, and n is the number of key servers.

[0024] authentication server Generate a secret k according to the following steps, and in the key server Share the secret k in a threshold manner:

[0025] 1) Choose a secret evenly and consistently Compute and store g k ;

[0026] 2) random selection Where i=1,...,t-1, construct a t-1 degree polynomial f(x)=k+a 1 x+…+a t-1 x t-1 mod p;

[0027] 3) for each key server Calculate the sub-secret f(i)=k+a 1 i+…+a t-1 i t-1 mod p, where i=1,...,n;

[0028] 4) Send the sub-secret f(i) to the key serve...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides a password authentication method for preventing a password certificate from being leaked. A group of key servers are introduced at a server side, and a system server is composed of an authentication server and a key server; and the authentication server generates a password authentication credential for the user under the assistance of the key server. In order to prevent the key server from knowing the password of the user, the authentication server blinds the password and then sends the password to the key server. The authentication certificate is jointly generated by the user password and the server-side secret, the certificate is stored in the authentication server, and the server-side secret is shared between the key servers in a threshold mode, so that even if an external enemy takes the certificate, any information of the user password cannot be obtained without the server-side secret, and protection on the password is enhanced. According to the method, protection on the password of the user is enhanced, no extra overhead is brought to the user, and the user only needs to send the user name and the password to the authentication server through the TLS channel and only needs to change the deployment of the existing server side.

Description

technical field [0001] The invention relates to a password authentication technology, in particular to a password authentication technology against leakage of password credential. [0002] technical background [0003] Password authentication is currently the most convenient and efficient authentication method, and is widely used in many scenarios such as mail services. In password authentication, the user only needs to use the transport layer security protocol TLS (Transport layer security) to send the user name and password to the server. After the server verifies the correctness of the user name and password, the user can log in to the server to obtain services. The TLS protocol is used to verify the identity of the server and protect the confidentiality and integrity of usernames and passwords. The server maintains a credential database generated based on user passwords to verify the user's identity. Typically, external adversaries obtain user passwords through leaked c...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L9/40H04L9/32
CPCH04L63/083H04L9/3226
Inventor 许春香宋雅晴张源
Owner UNIV OF ELECTRONIC SCI & TECH OF CHINA
Features
  • R&D
  • Intellectual Property
  • Life Sciences
  • Materials
  • Tech Scout
Why Patsnap Eureka
  • Unparalleled Data Quality
  • Higher Quality Content
  • 60% Fewer Hallucinations
Social media
Patsnap Eureka Blog
Learn More

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2025 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com