Combination of challenge-response pair mechanisms for multi-factor authentication schemes protecting private keys
Patent Information
- Authority / Receiving Office
- WO · WO
- Patent Type
- Applications
- Current Assignee / Owner
- ARIZONA BOARD OF REGENTS ACTING FOR & ON BEHALF OF NORTHERN ARIZONA UNIV
- Filing Date
- 2025-12-19
- Publication Date
- 2026-06-25
Smart Images

Figure US2025060731_25062026_PF_FP_ABST
Abstract
Description
ATTORNEY DOCKET NO. 2025-019 (133502.00232)COMBINATION OF CHALLENGE-RESPONSE PAIR MECHANISMS FOR MULTI-FACTOR AUTHENTICATION SCHEMES PROTECTING PRIVATE KEYSCROSS-REFERENCE TO RELATED APPLICATIONS
[0001] The present application claims priority to U. S. Provisional Application 63 / 759,651 entitled “COMBINATION OF CHALLENGE-RESPONSE PAIR MECHANISMS FOR MULTI-FACTOR AUTHENTICATION SCHEMES PROTECTING PRIVATE KEYS INCORPORATING THE USE OF ARRAYS OF SENSORS,” filed on February 18, 2025, U. S. Provisional Application 63 / 749,904 entitled “COMBINATION OF CHALLENGERESPONSE PAIR MECHANISMS FOR MULTI-FACTOR AUTHENTICATION SCHEMES PROTECTING PRIVATE KEYS,” filed on January 27, 2025, and to U. S. Provisional Application 63 / 736,319 entitled “COMBINATION OF CHALLENGE-RESPONSE PAIR MECHANISMS FOR MULTI-FACTOR AUTHENTICATION SCHEMES PROTECTING PRIVATE KEYS,” filed on December 19, 2024. The entirety of each of the foregoing provisional applications is incorporated herein by reference.STATEMENT REGARDING FEDERALLY-SPONSORED RESEARCH
[0002] Not Applicable.BACKGROUND
[0003] A crypto wallet is a digital or physical management tool used to secure public and private keys, for example, for use in an asymmetrical public key infrastructure. The keys stored in a crypto wallet are generally usable for tasks like accessing cryptocurrency residing on a blockchain, or engaging in PKI encryption / decryption / signature tasks. Crypto wallets may be hardware (e.g., cold storage devices) or may be realized in software. Crypto wallets and the keys stored therein are critical to various communication and transaction systems. For example, crypto wallets are used to secure the private keys needed to sign transactions in crypto currency. Because of their extreme value, crypto wallets may be subject to enhanced access protection through techniques such as multi-factor authentication. However, the loss of a wallet, or malfunctioning MFA, can be catastrophic, resulting in the loss of keys and the associated cryptocurrency. For example, an estimated 20% of all bitcoin is associated with lost keys.1QB\ 100060338.1ATTORNEY DOCKET NO. 2025-019 (133502.00232)Improved MFA for securing access to crypto wallets, and for other purposes such as protecting public key insfrastructures, tokens, smart phones and smart cards would be advantageous,BRIEF SUMMARY
[0004] Embodiments of the invention are directed to improve methods for using challenge-response-pair (CRP) generation mechanisms derived from various data structures, physical tokens and biological tokens for cryptographic purposes such as management of keys, for example, in a PKI. In one embodiment, there is an enrollment cycle carried out to enroll a terminal device (referred to below as a “user” or a “client”) with a central device, which may be a keystore or a certificate authority (referred to below as a “server”). In an enrollment cycle, a first random number RN1 is picked and converted into a first set of challenges that generates N sets of responses through one or more CRP generation mechanisms based on each of the N factors. The method is not limited by the CRP mechanisms, but preferably one or more of a physical token (i.e., an addressable array of physical unclonable function devices), a biometric print based on a unique biological object (e.g., an image of a human face, fingerprint, palm print, iris, retina, etc.), a sensor based token, or a virtual token (e.g., a digital file that has been processed to act as a CRP mechanism). A single reference table with nxn trits is computed from these N factors. A second random number RN2 is picked to compute a set of challenges generating a new set of responses from the reference table, then converted into an ephemeral key K encrypting a private key Sk for PKI environment. In normal operations, the terminal device uses all factors of authentication (e.g., the tokens, as well as additional information such as a password) to retrieve the reference table from RN1, and to decrypt the private key Sk with the ephemeral key K generated from the reference table and RN2. In PKI operations, the user signs a transaction, or otherwise uses the decrypted key, after MFA authentication. The users can download the software stack into multiple terminal devices turning all of them into backups. The disclosed architecture includes secure ways to recover the private keys when the tokens are lost.
[0005] In other disclosed embodiments, an MFA protocol is combined with CRP mechanisms for protecting private keys. The CRP mechanisms disclosed can be physical (e.g., a PUF array), biological or virtual. In this last case, the private keys are kept secret by the user, while a Keystore corporation securely authenticates the users.2QB\ 100060338.1ATTORNEY DOCKET NO. 2025-019 (133502.00232)
[0006] The features and advantages of the present invention will be better understood from the following detailed description taken in conjunction with the accompanying drawings.BRIEF DESCRIPTION OF THE DRAWINGS
[0007] The drawings described herein constitute part of this specification and include example embodiments of the present invention which may be embodied in various forms. It is to be understood that in some instances, various aspects of the invention may be shown exaggerated or enlarged to facilitate an understanding of the invention. Therefore, drawings may not be to scale.
[0008] FIG. 1 shows an arrangement for how a PUF -based physical token may be used as a CRP generation mechanism.
[0009] FIGs. 2 and 3 schematically depict an arrangement for enrollment and subsequent key exchange between a server and client device.
[0010] FIG. 4 shows how a biometric print of a human face may be used as a CRP generation mechanism according to the inventive embodiments.
[0011] FIG. 5 depicts one example of an enrollment cycle with multiple factors of authentication completed by a user having a terminal device in cooperation with a Keystore corporation.
[0012] FIG. 6 depicts one example of computation of the reference table CT with 8^8 matrices.
[0013] FIG. 7 depicts a block diagram showing how the terminal device can recover the ephemeral key K from RN1, and RN2; in normal operation the key K encrypts or decrypts the private key Sk.
[0014] FIG. 8 depicts a block diagram showing the public-private key generation {Sk; Pk} from the reference table CT, two random numbers RN2 and RN3, and randomly picked seed b.
[0015] FIG. 9 depicts a block diagram showing the recovery of the reference table CT with MFA followed by the recovery of the private key, and signature of transaction T.3QB\ 100060338.1ATTORNEY DOCKET NO. 2025-019 (133502.00232)DETAILED DESCRIPTION
[0016] The described features, advantages, and characteristics may be combined in any suitable manner in one or more embodiments. One skilled in the relevant art will recognize that the invention may be practiced without one or more of the specific features or advantages of a particular embodiment. In other instances, additional features and advantages may be recognized in certain embodiments that may not be present in all embodiments.
[0017] Reference throughout this specification to “one embodiment,” “an embodiment,” or similar language means that a particular feature, structure, or characteristic described in connection with the embodiment is included in at least one embodiment. Thus, appearances of the phrase “in one embodiment,” “in an embodiment,” and similar language throughout this specification may, but do not necessarily, all refer to the same embodiment.
[0018] It is contemplated that, in preferred embodiments, the methods described below will be carried out in a computing environment including at least two computing devices in electronic communication with one another. The first device will be referred to as a “keystore”, “server” or a “central” device, and the second device will be referred to as a “user”, “client” or a “terminal” device. References to “users” refer generally to individuals accessing a particular computing device or resource, to an external computing device accessing a particular computing device or resource, or to various processes executing in any combination of hardware, software, or firmware that access a particular computing device or resource. Both the client and server devices are, preferably, general purpose or specialized computing devices, which may include non-volatile storage, a programmable processor, input / output devices, and network interface devices. The non-volatile storage may encode computer readable instructions that, when executed, cause the processors in the server and client devices to execute the method steps described throughout this disclosure.
[0019] In some cases, the client and server devices discussed below preferably also include circuitry and electronic instruments necessary to measure a physical characteristic of some physical object (“physical token”), such as an addressable array of PUF devices, or a biological object, and to generate responses from the resulting measurements. An optical image capture4QB\ 100060338.1ATTORNEY DOCKET NO. 2025-019 (133502.00232)device such as a camera (having an optical imaging system, a 2-D detector and, optionally, illumination optics such as LEDs) is one example of such an electronic instrument. Other examples would include 2-D or 1-D flatbed scanners for taking image data of a fingerprint. In other cases, the client and server devices may include one or more sensors (e.g., devices that generate an electrical data signal reflecting the presence and degree of some external physical signal such as heat, light, pressure, etc.), as well as associated electronics such as ADCs, sensor calibration tables, etc. In certain cases, the client device may be a smart phone including a camera. In certain cases, the central and terminal devices may be processes running on the same device.
[0020] In the examples that follow, a method of securing private keys in a PKI is disclosed that relies on the use of one or more tokens as CRP generation mechanisms. The tokens will return unique responses as a function of some input information (“challenges”). The challenges will generally be an instruction set for interacting with the token. For example, if the token is a physical token such as an addressable PUF, the challenge may be an address location of an individual addressable PUF device, and possibly a set of measurement conditions. The response would be a measurement of some physical characteristic of the identified device. If the token is a biological object (e.g., a human face) or a biometric print (e.g., a data representation of an image of a human face), the challenges might be a location on the face (or image) and a facial landmark. The response might be the distance from the identified location to the landmark, or the angle of a vector pointing from the identified location to the landmark with respect to some predetermined axis. The token may also be a digital file, as will be discussed below. The token may also be a sensor, or groups of sensors. For example, a pair of sensor elements in an array of sensors (like a 2D optical sensor) may have a unique difference in their electrical signals in response to measurement of the same physical signal. As such, such sensor pairs act as PUFs and may be used in the same manner as PUFs generally.
[0021] The systems and methods described herein are not limited in the sorts tokens used, however, the selected token or tokens should have certain characteristics:
[0022] Unclonability - Each token (the CRP mechanism) should be unclonable, which means cannot be easily reproduced without possession of the token itself.5QB\ 100060338.1ATTORNEY DOCKET NO. 2025-019 (133502.00232)
[0023] Uniqueness - The token should generate a unique pattern of responses as a function of a set of challenges.
[0024] Unpredictability - The responses should not be predictable or determinable from the challenges without possession of the token itself.
[0025] Repeatability - the same challenge should repeatably generate the same response.
[0026] Thus, while tokens are usable according to the methods below should be unique, random, deterministic and repeatable, where the tokens are physical or biological, some amount of variation is to be expected. Biological and physical objects change over time. Measurements of physical properties may be noisy. Accordingly, the methods below may include steps to identify challenges that result in noisy, erratic or inconsistent responses, and masks may be built to exclude such challenges from the challenge sets described below.
[0027] Some of the usable CRP response mechanisms (tokens) usable with the methods below will now be described.
[0028] Physical Tokens
[0029] U. S. Patent No. 11303462, entitled “Unequally Powered Cryptography Using Physical Unclonable Functions”, which issued on April 12, 2022, describes the use of an addressable array of PUF devices as a CRP mechanism for producing a shared pair of encryption keys usable in a symmetrical or asymmetrical (e.g., PKI) system. The entirety of that patent’s disclosure is incorporated herein by reference. Other relevant disclosure may be found in U. S. Patent No. 11533300, entitled “Encryption schemes with addressable elements”, which issued on December 20, 2022, the disclosure of which is also incorporated by reference herein in its entirety. In these disclosures, key generation and encryption systems are established in a networked computing environment, i.e., between a server and a client. One device, typically the client, is in possession of an arrays of addressable PUF generators (APG), which is a functional unit that includes a relatively large number of PUFs. Within an APG, the PUFs are arranged in an addressable array (e.g., a two-dimensional array), in which each PUF has a specific and known address within the array. During operation, the PUFs exploit manufacturing variations which are introduced during device fabrication, such as local variations in doping levels of6QB\ 100060338.1ATTORNEY DOCKET NO. 2025-019 (133502.00232)semiconducting layers which make all PUF devices identifiable from each other. In response to an input signal (e.g., an input voltage), each PUF generates an output signal (e.g., an output voltage) that can be used to create output values usable as security keys, for example. Due to their individual manufacturing variations, the output of a particular PUF is difficult to predict and, therefore, difficult to duplicate, meaning that an individual PUF cannot be simply cloned, making them useful as physical security tokens.
[0030] PUF -based challenge response authentication schemes and key sharing or shared key generation scheme rely on network situations where one device (typically the terminal or client device) is in physical possession of the PUF, while another device, typically the server device, is in possession of an image of the PUF that was generated and stored during an enrollment procedure in a secure environment. The image is, ideally, an exhaustive characterization of the PUF array, containing a lookup table having every challenge and every response to that challenge as measured during enrollment. The server may also have masking or error correction data usable to identify and exclude erratic devices in the PUF array which are excluded from processing. So, a client in possession of the physical PUF array can measure the unique “fingerprint” of the PUF array, while a server, which stores or has access to previous measurements of the devices, issues a challenge to the client which instructs the client to measure the devices (or a subset) and generate a response to the challenge which includes the measurements or other information derived from the measurements. For example, a server might send a challenge to which the client responds by measuring a particular subset of devices and then performing a mathematical operation on those measurements.
[0031] The previously measured responses retrieved from the server’s image, and the contemporaneously measured responses from the client’s PUF (both sets of responses having been generated by a shared set of challenges) may be used in a variety of ways. The response sets may be compared for devices to authenticate each other. Indicia from the devices (e.g., hashes of response bitstreams) may be compared for the same purpose. The responses may be used themselves as encryption keys, or as seed inputs to keying algorithms for generation of a shared key pair. With a shared key pair, the devices may then use the keys in conventional ways (e.g., to encrypt / decrypt files, to digitally sign, etc.).7QB\ 100060338.1ATTORNEY DOCKET NO. 2025-019 (133502.00232)
[0032] Exemplary PUF devices usable as physical tokens in the methods described include PUF devices of the following types: SRAM cells; ReRAM cells, DRAM cells, MEMS devices, sensors, ring oscillator circuits; gate delay circuits; ferroelectric memory devices; phase change memory devices; magnetic memory devices; flash memory devices; and one-time programmable memory devices. Non-limiting examples of measurable physical characteristics of devices used in PUF arrays are time delays of transistor-based ring oscillators and transistor threshold voltages. Additional examples include data stored in SRAM or information derived from such data. For example, an SRAM PUF exploits the metastability in the start-up process of SRAM cells. In the instant after start-up, the two halves of each SRAM cell circuit both try to pull the output of the memory cell to either a “f” or ''‘O’’ state. Depending on the specific process variation of the transistors in the circuit, one half of the SRAM cell will be unpredictably stronger and will force the SRAM cell into the corresponding state. The behavior of the structure of SRAM: cells must then be combined in some way by a control system or architecture to provide the challenge / response mechanism and provide the PUF interface. In the example of an SRAM-based PUF device, the device could be power-cycled 100 times and the frequency of the “0” or ‘T’ state could be used as a characteristic of that device. Other non-limiting examples of suitable characteristics include optical measurements. For instance, a PUF device may be an optical PUF device which, when illuminated by a light source such as a laser, produces a unique image. This image may be digitized, and the pixels may be used as an addressable PUF array. A good PUF should be predictable, and subsequent responses to the same challenge should be similar to each other (and preferably identical) As stated, a good PUF need only be predictable, and subsequent responses to the same challenge should be similar to each other (and preferably identical).
[0033] The use of PUFs for the generation of encryption keys will be described briefly in relation to FIG. 1. The FIG. 1 example will also be used to illustrate how error correction and masking may be performed for erratic responses, generally, regardless of the sort of token being used.
[0034] A PUF-enabled authentication protocol includes the following stages: (1) Enrollment, (2) Handshaking, and (3) Authentication / Encryption Key generation. These stages are described below, beginning with reference to FIG. 1 illustrating an example environment 100 in which8QB\ 100060338.1ATTORNEY DOCKET NO. 2025-019 (133502.00232)embodiments disclosed herein may be practiced. The environment 100 includes a server 102 and client devices, hereinafter clients 105. The server 102 manages a database 104 which may be stored in memory of the server 102. The database 104 stores a set of initial challenge responses 130, which may be generated in response to challenges issued by the server 102 to the clients 105, each of which may respond to the challenges by accessing a respective PUF array 160 belonging to the clients 105. Alternatively, the server 102 may be otherwise provided with information suitable to generate the initial challenge responses 130.
[0035] The client 105 has an addressable PUF generator 110. The PUF array 160 may form part of the APG 110 as described further below. The APG 110 may contain additional processing circuitry and execute instructions for generating challenge responses. Enrollment is performed for each client 105 in a secure environment. After enrollment, the constellation of clients 105 may operate in an insecure environment and communicate with each other over public networks. Secure information needs to be encrypted. The PUF array 160 of a client 105 is an array of electronic or other devices with measurable physical characteristics, configured in an addressable array similar to an addressable memory device such as RAM or ROM chip. Due to small variations which occur during semiconductor manufacturing or other manufacturing processes, each PUF device (and hence each PUF array 160) may be unique, even if the PUF arrays are mass-produced by a process designed to produce nominally identical devices. The PUF array 160 (shown as a 2D-array of cells) of a client 105 may be accessed by the client 105 which receives challenges 120 (originating in this example from the server 102). The APG 110 responds by to challenges 120 by generating responses 130 using measured characteristics of one or more PUF devices within the PUF array 160 identified by the challenge 120 or derived from it using instructions stored by the APG 110.
[0036] Each client 105 has an APG 110 containing a PUF array 160 that is unique to that client 105. The APG 110 of a client 105 may be used to generate numerous responses 130 (i.e., responses unique to that client 105). These responses 130 cannot be replicated by an attacker without physical access to the PUF array 160. During the Enrollment stage, the server 102 may obtain the initial responses 130 for each client 105 by generating all possible challenges 120 and storing responses 130 to those challenges 120 generated by each APG 110 in a database 104 (i.e., an “image”). Alternatively, the server 102 may be otherwise supplied with characteristics of each9QB\ 100060338.1ATTORNEY DOCKET NO. 2025-019 (133502.00232)PUF array 160 sufficient to generate the expected responses 130. The processor 112 may include instructions to combine information from the challenge 120 with additional information (such as a user password 124) and pass the combination through a hash function 121 the result to produce the address 125 (or range of addresses) within the PUF array 160 to measure in order to generate the proper response 130.
[0037] After the clients 105 are enrolled with the server 102, embodiments disclosed herein may be utilized to authenticate the client 105 and produce an encryption key which the server 102 and client 105 may use to communicate securely. First, the server 102 and a client 105 enter the Handshaking stage. In the Handshaking stage an objective is for the server 102 to transmit the information needed to identify a particular portion of the PUF array 160 of the client 105. Both the server 102 and the client 105 can independently produce a response to the challenge: the server can lookup information about the PUF array 160 obtained during enrollment (or otherwise supplied to the server 102) and the client 105 can retrieve the same information by using the APG 110 to access the PUF array 160.
[0038] During Handshaking, the server 102 issues a challenge 120 to the APG 110 of the client 105. This challenge 120 is used by the APG 110 to identify the portion of the devices belonging to the PUF array 160 to access. This challenge 120 may be a random number. In some embodiments such as embodiment 100, the server 102 and the client 105 may have access to the same random number generator or may have synchronized random number generators. In such embodiments, the server 102 does not need to transmit the challenge 120 to the client 105 in order for the client 105 to generate the challenge response 130 using the APG 110.
[0039] In embodiment 100 and similar embodiments the ability of the client 105 to generate the challenge response 130 may be protected by a password 124. In such embodiments, the address 125 specifying which device(s) in the PUF array 160 to access may be produced by combining the challenge 120 with the password 124. As a non-limiting example, the client 105 may input the password and the challenge into a hashing function to produce the address in the PUF array 160. As an example, if the PUF array 160 is represented as a two-dimensional array containing 256 rows and 256 columns, 8 bits of the message digest can be used to find the first coordinate X in the PUF array 160; the following 8 bits can be used to find the second coordinate Y.10QB\ 100060338.1ATTORNEY DOCKET NO. 2025-019 (133502.00232)
[0040] As discussed above, the measurement of characteristics of individual PUF devices may not be perfectly deterministic. As part of the Handshaking process, the server 102 may send additional information 122 to the client 105 for use in making generation of the challenge response 130 more reliable. The additional information 122 may include error correction instructions 122 a (sometimes called a “helper” or “helper instructions”) and / or masking instructions 122 b. The error correction instructions 122 a may include a checksum or other error-correcting information for use with error-correcting codes, or other information or instructions used in response generation schemes to be discussed later below. The masking instructions 122 b instruct the APG 110 to exclude cells which the server 102 characterized as unreliable cells during Enrollment. The APG 110 may generate corrected responses 132 which simply exclude measurements of the unreliable cells. Alternatively the processor 112 may measure additional cells to ensure that the corrected challenge responses 132 are of a specified length. The processor 112 may store instructions for selecting the additional cells to measure, or may receive such instructions as part of the additional information 122.
[0041] Upon receiving the challenge response 130, the APG 110 may use the additional information 122 to generate corrected responses 132. Use of the additional information 122 and other methods of improving the reliability of the APG 110 will be discussed further below. The corrected responses 132 may be used directly as encryption keys 140 or may otherwise be used to derive the encryption keys 140. The server 102 may similarly independently produce the encryption keys 140 using the initial responses 130 stored in the database 104. The server 102 and the client 105 may then communicate securely by encrypting messages using the shared encryption keys 140 or encryption keys derived from them (e.g., public keys corresponding to the keys 140 according to an asymmetric cryptographic scheme).
[0042] The server 102 can authenticate a client 105 by issuing the challenge 120 to the client 105 and then comparing the corrected challenge response 132 generated by APG 110 with the initial response to that challenge stored by the server 102 for that client 105 (e.g., initial challenge responses 130) or determine that the corrected challenge response 232 is consistent with the initial challenge response 130 by comparing information derived from the corrected challenge responses 132 with information derived similarly by the server 102 from one of the initial challenge responses 130 corresponding to the challenge 120 issued by the server. The11QB\ 100060338.1ATTORNEY DOCKET NO. 2025-019 (133502.00232)server 102 may require that the corrected response 132 is identical to the expected response to the challenge 120 (i.e., the initial response 130 corresponding to the challenge 120) in order to authenticate the client 105. Alternatively, the server 102 may accept a corrected response 132 with a Hamming distance (or a value of another distance metric) less than a predetermined maximum value from the expected response as evidence that the challenge response 130 is consistent with the expected response. For example, the server 102 may infer that the client 105 has generated a response which differs by less than a predetermined maximum number of symbols from the initial response 130 and determine that the challenge response 130 is consistent with the initial response 130 (i.e., was generated by a client 105 in possession of the same PUF array used to obtain the initial response 130). When the CRP error rates are relatively low, the responses can be used as part of authentication protocols. In such cases, Hamming distances between responses and the expected responses as large as 10% of the total response length may still be used to provide acceptable false-accept and false-reject rates (FRR and FAR). When the CRP error rates are too high, the use of error-correcting methods may be used to improve both FAR and FRR.
[0043] In some embodiments, ternary PUF schemes may include characterizing each PUF device in a PUF array (e.g., a PUF array 160). During Enrollment, the server issues each possible challenge repeatedly and tracks the statistical distribution of values included in the challenge responses The server then assigns the elements of each challenge response corresponding to individual PUF devices to one of three ternary states, which will be referred to using the ternary digits {-, x, +}. Measured device characteristics which fall within a first range of values are assigned the ternary value Measured device characteristics which fall within a second range of values exclusive of the first range are assigned the ternary value ‘+’. Measured device characteristics which fall within a third range of values exclusive of the first range and the second range are assigned the ternary value ‘x’.
[0044] For example, if the PUF devices are SRAM cells, the measured device characteristics may be the frequency of the binary data states stored by the SRAM cells after power cycling. Cells which are always (or almost always) in the ‘0’ state may be assigned to the ternary state, while cells which are always in the ‘ 1’ state may be assigned to the ‘+’ ternary state.Meanwhile, cells which are “unreliable” fluctuate between the ‘0’ and ‘1’ state may be assigned12QB\ 100060338.1ATTORNEY DOCKET NO. 2025-019 (133502.00232)to the ‘x’ ternary state. The resulting ternary representations may be stored by the server in the database as initial challenge responses for the clients. The server may disregard values generated using unreliable cells when comparing challenge responses to expected challenge response. In some embodiments, the server may send instructions to exclude previously-characterized unreliable cells to the client. For example, if a challenge requires a 256-bit response the instructions may instruct the client to select the first 256 devices which are not excluded from the challenge generation process started at a given address The CRP rate can be significantly reduced using this approach when a sufficiently large number of initial responses are gathered in response to each challenge. In some embodiments the server shares the location of the unreliable cells (a “mask”) with the clients during the Enrollment process, thereby reducing the size of the instructions transmitted by the server during subsequent authentication and generation of challenge responses by the clients since the clients are able to store the information necessary to exclude the unreliable cells from the challenge generation process.
[0045] The basic methods of using a PUF just described have been extended to include pseudo-homomorphic method to increase security. Such arrangements and methods are described in U. S. Patent Application 17 / 879,697, entitled “PUF -Protected Pseudo-Homomorphic Methods to Generate Session Keys,” published as 20230045288 on February 9, 2023, which is incorporated herein by reference in its entirety. That application discusses systems and methods for using physical unclonable functions (PUFs) to enable a user to authenticate a server, or a server to authenticate a user, and to generate session keys to enable authenticated communication between a client (user) and server. In one embodiment described in that application, the generation of session keys, initiated by client devices, is based on the use of PUFs embedded in the server. During an initial setup, the client device selects a set of passwords and a set of random numbers to hash the passwords multiple times. The server uses the resulting stream as a set of challenges to generate a set of responses from the PUF, which are stored as reference. To generate a session key, the client device picks a new set of random numbers which are smaller than the initial set of random numbers, to hash its password multiple times; the resulting messages are sent to the server. Using its PUF and the initial responses, the server can find the differences between both random numbers which are used to generate a shared session key. This method is pseudo-homomorphic because the computations never disclose the original passwords. Without the PUF, it is not possible to analyze the information and generate shared keys.13QB\ 100060338.1ATTORNEY DOCKET NO. 2025-019 (133502.00232)
[0046] Biological Tokens
[0047] Other CRP generation mechanisms that demonstrate good levels of entropy, uniqueness / unclonability, and repeatability include biological and other natural objects and digital data representations (e.g., images) taken of those objects. In the disclosure that follows it will be explained how a biological object, unique to an individual, is used as an unclonable function, capable of generating unique and repeatable responses when measured according to certain measurement parameters (challenges). In practice, the biological object is some feature of an individual user’s body (e.g., a fingerprint, iris, retina, facial features, etc.). The challenges are instructions that specify a particular set of biological object measurement conditions. For example, a challenge might be a location on an image of a fingerprint, and an area at that location to be measured. The responses might be features (variations in color or shade or shape, intersection of lines, etc.) measured at the specified area or areas, or along a specified direction. In some embodiments, a biological object may be subject to a pre-enrollment setup to generate calibration data that is used to standardize all future image data taken from the object. This enables future measurements of the same object to perform under the same conditions as prior measurements. In the case of taking image data from the object, the pre-enrollment data may enable the system to rotate and scale future images to a baseline orientation and scale before each response measurement such that all measurements of the same features are as repeatable as possible. This same calibration and scaling methodology may be applied to any of the protocols described below, which all involve measuring a first set of enrollment responses from a biological object, and comparing those responses to a second set of responses from the same biological object measured at a different time in the future. These two measurements have to be compatible, so inventive embodiments are capable of rotating and scaling images, and calibration data may be stored to accomplish this.
[0048] As for the physical tokens (PUFs) described above, erratic responses detected in response to certain challenge measurements of biological objects can be identified and masked with repeated measurements. To this end, the reference tables of responses built during enrollment can carry a ternary representation in which the content of each address is either a state “0”, “1” or “x”. To identify the “x” states, repetitive enrollment cycles generating multiple14QB\ 100060338.1ATTORNEY DOCKET NO. 2025-019 (133502.00232)reference tables permit the identifications of the addresses that are not stable. These unstable positions are masked during key generation.
[0049] Biological objects may be used as CRP generation tools either directly, with a direct measurement, or preferably by first making a biometric print of the object. A biometric print is some accurate data representation of the biological object, e.g., processed or unprocessed image data of fingerprints, palms, facial features, retinal vasculature and other vein patterns, iris appearance, combinations thereof, image data regarding body gait or infrared images of body parts.
[0050] The use of biological objects and biometric prints therefrom is disclosed in the following published patent applications: U. S. Patent Publication No. US20240348436A1 entitled “Biometry With Challenge Response Pair Mechanism”, published on October 17, 2024; U. S. Patent Publication No. US20250373437A1 entitled “Template-less Object Recognition With Challenge / Response Pair Mechanism”, published on December 4, 2025; U. S. Publication No. US20240214224A1 entitled “Pseudo-homomorphic Authentication of Users With Biometry” published on June 27, 2024. The disclosures of all the foregoing references are incorporated herein by reference in their entirety. An example of how a biometric print may be used as a CRP generator is described below in reference to FIGs. 2-4.
[0051] Referring now to FIG. 2, an enrollment procedure is conducted in a secure environment. The enrollment procedure begins with the generation of an ordered sequence of n random seed numbers. In the exemplary methods described below, input parameters, “challenges”, which are measurement conditions for the biological object, in this case a face, are generated from random seeds. These seeds are shared by the client and the server and used by both to generate n challenges: Cl, C2,..,, Cn. These challenges are functions that operate on information generated from biometric images, in a manner similar to that of a one-way function to produce outputs. In the exemplary cases described below, a user individual presents an image of her face by looking into a camera. This image is transformed into a vector v (i.e., a biometric print) upon which the challenge functions Ci operate, producing an ordered sequence of n responses: Rl, R2,..., Rn, with each Ri = Ci (v). The challenge functions have the following properties. In a manner similar to a one-way function, it should be a very hard problem to map back from the responses Ri and obtain any information about the biometric information v. Also,15QB\ 100060338.1ATTORNEY DOCKET NO. 2025-019 (133502.00232)different responses Ri, Rj with i not equal to j, arising from different randomly generated Ci, Cj, should be completely independent of each other. However, if the identical challenges Ci are applied to a slightly different vector v’ arising from a very similar image of the same person, the responses R’i = Ci(v’) should be very close to each other. This behavior is quite different from a standard hash function, where even one bit of difference in the input should create an entirely different output. To summarize, a vector of n functions of slightly different images of the same face: (R’I, R’2,., R’n) should be very close to the original vector (Rl, R2,.,., Rn) when the same collection of challenges Cl, C2,..., Cn is applied to the two vectors v and v’ generated by the same client. One way of thinking about this is that a collection of different images of the same client should map to n-dimensional vectors inside a sphere of small radius in n-dimensional space. However, a different client should produce a vector w of biometric information whose corresponding vector of responses under the same challenges: (Cl(w), C2(w),..., Cn(w)) is as distant as possible from the sphere containing (Cl(v), C2(v),..., Cn(v)). The methods described below achieve this balance, that is, mapping similar images of one client to a small sphere, and mapping images of a different person to a discemably different position in space, is achieved, which greatly enhances the usability and security of the described protocols.
[0052] At the end of the enrollment the server and client each store the ordered list of challenge-generating seeds. In the first protocol presented below, the server can store the ordered list of responses. Neither stores any private biometric information.
[0053] During an authentication session a client looks into a camera second time, and creates a second image of her face, and maps this to a vector v’, duplicating the process used during enrollment. The client then regenerates the challenges C i from the stored seeds. The client then generates, from a random seed, a cryptographic key of length n, for example a sequence of n 1’s and 0’s. Suppose there is a 1 in location m. The client then applies C m to v’, obtaining R’m = Cm.(v’). The client repeats this with each 1 in the key: computing a response for each. This list, averaging n / 2 responses, is then conveyed, possibly insecurely, to the server. The server compares this subset of responses to its ordered list of the full set of n responses. The server takes the first response on the list and compares it with its original list of responses. If there is a sufficiently close match with a response on the original ordered list, the server places a 1 in the16QB\ 100060338.1ATTORNEY DOCKET NO. 2025-019 (133502.00232)corresponding key. It then continues, matching the subset of responses to the closest fitting ones in its list. At the end, the key was shared.
[0054] Referring now to FIG. 3, there is shown a method of cryptographic key exchange between a server device (“server’) and a terminal device (“user”) according to one inventive embodiment. The protocol described in reference to FIG. 2 and throughout the remaining examples of this disclosure uses biometry (i.e., the measurement of some biological object) to share cryptographic keys without keeping any image data captured during enrollment.
[0055] In the arrangement of FIG. 3, there is an initial enrollment process shown in “1”, “initial set up”. Preferably, this process occurs in a trusted environment as part of a secure video conferencing event. During the enrollment cycle, a biometric print of an individual using the terminal device is sent to the server for processing (i.e., the generation of responses). The response generation step will be repeated by the user later, using a different (i.e., contemporaneous) biometric print. During the enrollment cycle, the server needs to process the biometric image of the user with CRP mechanism; the user follows the same CRP -based process during the key exchange operation.
[0056] The enrollment cycle proceeds as follows:1. During the secure setup session, the terminal device creates a sequence of 256 bit seeds and sends them to the server. The seeds may be generated with the assistance of a random number generator (RNG), running on a processor at the terminal device. The seeds may also be generated with a password, supplied by the user, which may be processed (e.g., sequentially hashed with an extended output function). Some combination of the aforementioned methods may also be used (e.g., by hashing a password with the output of a RNG, concatenating the two, etc.). The result is preferably an ordered sequence of 256 bit seeds of length n, as shown below:{Si, S2,..., Sn) with Si G {0, 1} and i G {1, n{2. The server uses the seeds as, or preferably to create an ordered sequence of n challenges, for example by using a hash function with an extended output function (XoF):{Ci, C2,..., C„}HSi, S2,..., Sn}3. The terminal device captures a biometric print (e.g., image data of a biological object of the individual user such as an image of the user’s face, retina etc.), and sends it to the 17QB\ 100060338.1ATTORNEY DOCKET NO. 2025-019 (133502.00232)server. Alternatively, the server is in real time video conferencing with the terminal device and user and is allowed to capture a biometric image using the terminal device’s camera.4. The server applies the CRP mechanism of the image to the n challenges to generate n responses. That is to say, the server uses the challenges as measurement instructions and measures the biometric print in accordance with those instructions:{Ri, R2,..., RnJHCi, C2,..., Cn}It is preferrable for the responses to be appreciably long to achieve BERs of below 20%, for example, 256-bits long. In certain embodiments, this may be accomplished by providing the raw response data to a hashing for XoF function, which is then stored as the responses.5. The server finally erases the seeds {Si, S2,..., Sn}, the sequence of n challenges {Ci, C2,..., Cn}, retaining in memory only the sequence of n responses{Ri, R2,..., Rn}.6. The user retains only in its memory the sequence of seeds {Si, S2,..., Sn}.
[0057] At the end of the enrollment the server and client each store the ordered list of challenge-generating seeds, and the server can store the ordered list of responses. Neither stores any private biometric information.
[0058] The key exchange cycle proceeds as follows:1. The seeds are used again to create an ordered sequence of n challenges:{Ci, c2,..., c„ {Si, s2,..., s„}2. The terminal device captures a biometric self-image of the user with the same camera, and similar macro-measurement conditions as the capture used during enrollment. The system may optionally calibrate the second image data such that it matches the image data taken during enrollment. This process may involve scaling and rotating the image and adjusting signal level such that it matches the initial image taken during enrollment.3. The terminal device applies the CRP mechanism to the n challenges to get n responses:{R’l, R’2,.., R’nHCl, C2,..., Cn}4. The terminal device randomly generates (e.g., with an RNG) an n-bit long key K. The bits are then ordered from position 1 to position n. An m-bit long subset of index18QB\ 100060338.1ATTORNEY DOCKET NO. 2025-019 (133502.00232)integers {ii, iz,is generated by capturing the positions of K’s entries equal to “1”, ignoring the entries equal to “0”; ij G { 1, n}, and j G { 1, m}.The space of choices here has size roughly 2n, n should be large enough, 256, or higher 5. The client sends only the list of m responses {R'q, R'j2,..., R'jm} to the server,6. The server identifies the sequence {ii, iz, im} as follows:a. Let d(R'jj, Rk) denote the hamming distance between the responses R'q and Rk. b. For each R',., the server cycles through the list of responses from position 1 to position n, and finds the unique k such that:d(R'i., Rk) < e, where £ is the cutoff point.[With n = 256 and BER < 20%, an £ of 52 bits should keep FARs and FRRs low] 7. From the list of indices {ii, iz,...,i(m)} the server can uncover the key K.
[0059] The server and client can then use the shared Ks to engage in encypted communications. The shared keys may be used to encrypt and decrypt communications according to any symmetrical encryption protocol (e.g., AES). The keys may also be used by each party to authenticate the other, e.g., by signing some shared piece of information and comparing the result.
[0060] To restate the key sharing process, the client uses its stored seeds to generate a sequence of n challenges. The biometric print is measured in accordance with the challenges to generate an ordered sequence of n responses (i.e., a first response, a second response, etc., up to the nth response). A random binary number K is generated of length n. That number will have a sequence of m Is. Responses in the ordered sequence corresponding to positions in the random number having the value “1” are identified, and only these m responses are sent to the server. In other words, if n = 3, there are three responses R’ 1, R’2 and R’3. If the random number K is 101, m=2 and only responses R’ 1 and R’3 are sent to the server, corresponding to the first and third 1 s in K. The server knows the length of K, because it is equal to the originally received number of responses, n. The server selects R’ 1, and it sequentially computes the Hamming distance between R’ 1 and every response that it stored during enrollment R1.. Rn. Where this computation results in a Hamming distance below some threshold, or the minimum Hamming distance of all the computations in the sequence, the server has determined the position of R’ 1 in19QB\ 100060338.1ATTORNEY DOCKET NO. 2025-019 (133502.00232)the order of the original responses. In the example above, the Hamming distance between R’l and R1 will be low, and in fact, it should be the lowest Hamming distance of any of the comparison steps. The server knows that R1 was the first response in the enrollment sequence, so it knows that R’ 1 is also the first response in the sequence of exchange responses, so it assigns the first position in the key a “1”. R’3 will match with R3, and so the third position in the key will be assigned a “1”. All other positions are assigned “0”. In this manner, the server has generated K.
[0061] In another embodiment of the key exchange protocol, steps 4 to 7 in the algorithm above are modified by sending n responses in the key exchange step, but where random responses have been inserted for enrollment responses within m corresponding to positions in n where the entries for K are zero. Optionally, but preferably, the enrollment response string is reordered randomly. The server then takes each of the new responses, and sequentially attempts to match it against the enrollment responses. If there is a match, an entry of 1 is assigned to the server’s copy of K in the position of the match response. For all unmatching responses, the server’s copy of K is assigned a zero in the corresponding position. This embodiment introduces more entropy to the system at a cost of requiring the server to check matches for all n of the received responses during the key exchange step. As above, a match between a second response and a first response may be determined by computing a Hamming distance and declaring a match when the Hamming distance is below some threshold, or for whatever first response the second response demonstrates the minimal Hamming distance across the set.
[0062] This modified protocol proceeds as follows:1. The user chooses randomly a n-bit long key K. The bits are then ordered from position 1 to position n. The sequence of n responses is altered by replacing the responses positioned at entries equal to “0” by randomly generated streams of the same length. The responses positioned at entries equal to “1” are kept intact. This results in a new set of n responses that are reordered randomly: {R'P1, R'P2,..., RPn}.2. The client sends only the list of n responses {R'P1, R'P2, • R^,} to the server.3. The server differentiates the valid responses as follows:a. Let d(R'p., Rk) denotes the hamming distance between the responses R'p. and Rk.20QB\ 100060338.1ATTORNEY DOCKET NO. 2025-019 (133502.00232)b. For each R'p. with intact response, corresponding to a “ 1” entry of K, the server cycles through the list of responses from position 1 to position n, and finds the unique k such that: d(R'k., Rk) < £, where s is the cutoff point.c. For each R'p. with a response changed to a random stream, corresponding to a “0” entry of K, no Rk matches are available due to the high entropy of the CRP mechanism.4. From the list of matching positions, the server can uncover the key K.
[0063] This last protocol is simplified in other alternative embodiments by eliminating the random reordering of the revised n responses at the end of step 4. The search of step 6 is then much faster as the server does not have any more to cycle through the list of responses. The number of searches is reduced to n searches rather than a number that could be as high as (n2) / 4.
[0064] The key exchange protocols described above can be further enhanced to eliminate collisions and remove the pairs that are not reliable. One possible protocol starts with a greater number of challenges, for example 2n, and selects only half of the challenges. The server iterates multiple CRP cycles with the set of 2n challenges to test BERs. The server only keeps the n collision-free challenges with the lowest BERs. A 2n-bit long mask is generated with the entries at 0 for the positions that should be eliminated, and entries at 1 for the positions that are kept. An outline of the modified enrollment is the following:1. n-bit long seed: {Si, S2,..., Sn{ with Si G {0, 1} and i E {1, n}2. The server generates 2n long challenge: {Ci, C2,..., C2n}«-{Si, S2,..., Sn{.3. Capture a biometric image.4. The server finds a 2n-bit long mask M to generate the responses:[{Ri, R2,..., Rn}; Mask M] {Ci, C2,..., C2n{5. The server retains in memory the sequence of n responses{Ri, R2,..., Rn}, and sends M to the user.6. The user retains only in its memory mask M, and the sequence of seeds {Si, S2,..., Sn}.
[0065] The outline of the modified key exchange cycle is described as follows:1. The user generates the 2n long set of challenges: {Ci, C2,..., C2n}«-{Si, S2,..., Sn{.21QB\ 100060338.1ATTORNEY DOCKET NO. 2025-019 (133502.00232)2. Biometric image.3. The user applies the CRP mechanism to the 2n challenges with the mask M to get n responses:{R’i, R’2,..., R’n} [{Cl, C2, C2n}, M]4. The user chooses key K. The subset of integers {ii, i2, im} is generated by capturing the l’s.5. The client sends the m responses {R^, R'i2, R'im} to the server.6. The server identifies K from the sequence {ii, i2,..., im}.
[0066] This collision avoidance and masking protocol can also adopt the variation presented above, in which the size of the sequences of responses is kept constant by replacing the responses positioned at entries of 0 of K by random streams.
[0067] FIG. 4 shows, in additional detail, how a human face can be used as the basis of a CRP mechanism. In the example of FIG. 4, the biological object is a human face, and the biometric print being measured is an image of the face. An image of a human face contains identifiable landmarks such as the bridge of the nose, the tip of the nose, pupils, etc. A set of these landmarks L is identified in a pre-enrollment process, and the landmarks L are chosen to be facial landmarks that are easily identified by conventional facial recognition algorithms.Calibration data is stored to rotate and orient future images of the same face to a standard x-y coordinate system, and to scale future images to a standard scale. An example of this process would be to define a line connecting the center of pupils as the X axis of a reference coordinate system, and to scale the facial images such that the interpupillary distance for all images is a set amount in the coordinate system. This enables all images of the same face to be compared accurately.
[0068] As shown in FIG. 4, an exemplary set of challenges is a starting X-Y coordinate in the system, and a facial feature (e.g., -3, -4, center of left pupil). Random numbers (e.g., the seeds discussed above) may be parsed to render coordinates in a straightforward manner, and it is contemplated that a lookup table may be constructed that maps numbers to facial features. Thus, a random number like 11001010 may be decomposed into a first portion that maps to a first coordinate, a second portion that maps to a second coordinate, and third portion that maps to a facial feature through a predetermined lookup table. In this way, challenges may be constructed 22QB\ 100060338.1ATTORNEY DOCKET NO. 2025-019 (133502.00232)of random numbers, or random numbers expanded to certain lengths and / or hashed with passwords as discussed above. The responses are the results of applying these challenges. An exemplary response would be a scalar distance, e.g., the distance in the coordinate system from (-3, -4) to the center of the left pupil. Angle information may also be incorporated, e.g., the distance and angle to a feature from the challenge coordinate.
[0069] In alternative embodiments, a set of facial landmarks L is defined, and each challenge is read to map to coordinates in the facial image, as above. The responses in this case are a set of scalar distance values from the identified coordinate to all of the facial landmarks in the set L. This set of values may be an ordered set. As above, angles of vectors pointing to the landmarks may also be used instead of or in addition to the scalar distance values. Using multiple landmarks for each challenge address, and storing the responses as an ordered set, greatly increases the entropy achievable with this method.
[0070] It will be recognized that this sort of use of biological features as a CRP mechanism may be extended to other objects that have recognizable landmarks, such as irises, retinas, fingerprints and palm prints, all of which are within the scope of this invention as biological objects form which biometric prints may be generated.
[0071] The use of a human face as a biological object is advantageous because it has relatively high levels of intrinsic entropy, and modern image recognition algorithms are particularly good at identifying facial features. A sense of the number of unique responses that can be generated from a biometric print of a human face (i.e., a rotated and scaled image) is shown in FIG. 4. Again, it is contemplated that x-y addresses and facial features will be identified as a challenge, and the response may be distance, angle, or some combination of the two, to the feature.
[0072] Other natural objects may also be used as CRP mechanisms in the manner described above in reference to FIGs. 2-4. For example, image data may be taken and measured of biological objects from non-human subjects, or from non-biological natural objects, the appearance of which, demonstrates sufficient randomness and complexity. For example, U. S. Patent Application No. 15 / 434976, entitled “Authentication of images extracted from unclonable objects”, published as 20170235938 on December 10, 2019, describes taking image data of DNA23QB\ 100060338.1ATTORNEY DOCKET NO. 2025-019 (133502.00232)or nanoparticles and then measuring those images as a CRP mechanism. That application is incorporated by reference herein in its entirety
[0073] Virtual Tokens
[0074] Digital files themselves may also be used as CRP generation mechanisms. Co-owned U. S. Patent Publication No. US20250274289A1 (Application No. US19 / 064,331) entitled “Protocols for Protecting Digital Files”, which published on August 28, 2025, discloses a method of processing digital files such that they can be used to generate CRPs. According to one method, an encrypted digital file is concatenated with a random nonce and the resulting number is subject to one-way cryptographic functions and / or extended output functions such that a result C* is obtained having a known bit length. This result is organized into a series of addressable segments. A random seed is generated and is used to derive a random bit stream that is parsed into segments, each of which is read as an address in C*. These segments are applied as challenges to C*, and the corresponding responses may be used as or to generate or store an encryption key. This basic method is applicable to any file, but is particularly well suitable to encrypted files, which already have a high degree of randomness, such as blocks on a blockchain.
[0075] Sensor Based Tokens
[0076] Sensors, and in particular, arrays of sensors may also be used as CRP generation mechanisms. U. S. Patent Publication No. US20230358579A1 entitled “Enhancing System Resilience With Differential, Sensor-based PUFs”, published on November 9, 2023, discloses such a system. This disclosure is incorporated herein by reference in its entirety. That disclosure describes the use of sensor arrays as PUFs.
[0077] Sensors convert physical and / or chemical signals into electric signals driving microelectronic systems. Sensors, generally, are configured to produce an electric signal that convey accurate information about the physical or chemical stimulus applied to the sensor. That is, the goal of a sensor system is to create a signal that accurately reflects an input chemical or physical stimulus or condition that exists in the real world (e.g., light, heat, acceleration, magnetic field strength, or the like). In order to generate electric signals that accurately represent the physical or chemical signals, calibration techniques are used to compensate for the natural 24QB\ 100060338.1ATTORNEY DOCKET NO. 2025-019 (133502.00232)variations which are created during the manufacturing of the sensors. Calibration is the process of modifying raw electrical sensor output signals such that those signals accurately reflect the objective reality of the physical or chemical input signal. For example, if a sensor is an optical sensor, a calibration process may be applied to the raw electrical output of the sensor so that a calibrated signal is generated that accurately represents an input stimulus (e.g., the amount of light actually incident on the sensor).
[0078] In the system in the disclosure above, there are one or more sensors or sensor arrays arranged to sense the same environmental stimulus. During enrollment, the raw sensor output from both sensors is differenced over a range of sensor input to build an unclonable fingerprint of the sensor pair. This fingerprint is checked against a contemporaneously generated fingerprint to ensure continued fidelity of the calibrated sensor. The table of difference values is random and unclonable, because it results from slight variations in the responsivities of the individual sensor elements (e.g., camera detector pixels), which are uncalibrated. An addressable table of these differences, or yet better, a matrix of addressable tables reflecting different combinations of differences of pair of sensors, can be used as a CRP generation mechanism.
[0079] Additionally, a sensor array may be used as PUF by comparing calibrated and uncalibrated electrical data signals from sensor elements, or even by querying an addressable calibration table with a set of challenges.
[0080] Additional disclosure of sensor-based PUFs may be found at U. S. Patent No.US 11533188B2, entitled “Multi-PUF Authentication from Sensors and Their Calibration”, and U. S. Patent Publication No. US20250379754A1 entitled “Physically Unclonable Functions (PUFS) With Different Paths of Sensor Devices That Are Randomly Addressable”, published December 11, 2025. The entirety of both these disclosures are incorporated by reference herein.
[0081] Improved MFA Schemes for Protecting Private Keys
[0082] Developing protection for private keys to sign or decrypt messages in PKI environments is an important and active field in the cyber security space. In addition to MFA, solutions include the use of blockchains, fragmenting and encrypting the private keys, and combining hardware with software remedies. The current use of MFA to protect crypto wallets, and other terminal devices storing private keys could be unpleasant for the users, while a loss of 25QB\ 100060338.1ATTORNEY DOCKET NO. 2025-019 (133502.00232)these factors could have catastrophic effects. In a departure from prior art, this disclosure describes secure MFA schemes that are friendly to use, combined with methods to generate the private keys that truly protect users’ privacy.
[0083] Protocols Protecting Private Keys with MFA
[0084] Examples of factors for the MFA
[0085] The methods set forth below contemplate combinations of security factors that can be used to secure private keys in an asymmetrical, PKT system. Here factor may include, but is not limited to, passwords and the output of physical, sensor-based, virtual and biometric tokens, as explained above. Thus, in the disclosed systems, in addition to a password, multiple factors of choice can be selected to protect a private key. Examples, of these additional factors include, but are not limited to the following:
[0086] A physical token with a physical a SRAM-based physical unclonable function (PUF) that can support a CRP mechanism, such as the ones described above. In the case where the PUF array is an SRAM, for example, the challenges are a set of addresses pointing at addressable SRAM cells e.g., a set of n x n addresses. The responses are the reading of the SRAM at these n x n positions. Each SRAM device is unique and exhibits a unique pattern of “l”s and “0”s in its cells when they are subjected to power-off power-on cycles, that is, each cell powers up either as a consistent “0” or “1”. Small cells in the array are erratic, and will power up randomly as a “0” and a “1”. As noted above, these erratic cells can be identified and recorded with a third state “x” for masking later.
[0087] A biometric scheme supporting a CRP mechanism. For example, the biometric images are described by a set of L landmarks. The challenges are a set of n addresses within a predetermined coordinate system containing a scaled and rotated version of the image. The responses are the reading of the distances between a challenge addressed position in the image and each L landmark. Angles of a pointing vector to the landmarks from the position may also be used. The distances can be converted in a s-bit data stream, thereby the total size of the responses is n X (s X L). When submitted to repetitive enrollment cycles, the streams of responses are consistent “0s” or “Is” Small portions of the information may be erratic, owing to noise in the measurement, or more likely, problems with identifying certain features, or changes 26QB\ 100060338.1ATTORNEY DOCKET NO. 2025-019 (133502.00232)to a person’s appearance over time. Response data associated with such features may exhibit consistent Is and Os with repeated measurements, and these responses can be recorded with a third state “x” for exclusion.
[0088] A virtual token can be generated from a digital file resulting from the computation of a chain of information and its blockchain, which is supporting a CRP mechanism. The challenges are a set of n x n addresses pointing at the digital file, the responses are the reading of the digital file at these n x n positions.
[0089] Arrays of sensors can be inserted into a wearable device sending the information to the terminal device needed to generate reference tables with the same size n x n that can be combined with the tables generated from other factors. Alternatively, sensors that are already present in the user’s terminal device can be used. For example, a smart phone’s cameras will have calibration tables, which may allow a comparison between calibrated and uncalibrated sensor data to be used as a PUF. Alternatively, the raw sensor signals from pairs of pixels on a single sensor looking at a constant scene (e.g., blue sky) could be used. Alternatively, where a smart phone has multiple cameras, the raw responses of the same pixel element on multiple cameras could be compared in some matter (e.g., differenced). This last method has the advantage of not requiring a uniform scene since any image will occupy roughly the same place on each of the camera’s detectors.
[0090] Enrollment cycle
[0091] An enrollment cycle is needed to record the reference tables generated from the multiple factors of the MFA. The operation can be solely controlled by a user with a terminal device equipped with physical tokens, biometric schemes, and virtual tokens. The enrollment cycle can also be completed in cooperation with a service company, called Keystore, which may maintain the central computing device (e.g., the server) in the networked arrangements discussed in this disclosure. The Keystore’s server may generate a first random number RNi, and the physical token, as shown in FIG.5. In these cases, the physical token may be a PUF and the hardware electronics necessary to apply challenges to the PUF and read responses, that is, will in include at least some elements of the APG discussed above. In some cases, elements of the token and its APG may rely on both a hardware device (where the SRAM array, for example, is27QB\ 100060338.1ATTORNEY DOCKET NO. 2025-019 (133502.00232)stored), and the terminal device, whose processor may supply challenges to the PUF and read the responses when plugged into the token.
[0092] The first random number may be concatenated with a password, which may be user-supplied, to generate the set of responses used by each of the multiple factors of authentication, for example a physical token, biometric scheme, and virtual token. From each factor an x n reference table is generated from the responses, CT-T from the physical token, CT-Bio from the biometric image, CT-VT from the virtual token. A combined n X n reference table CT is computed from the multiple reference tables, for example CT-T, CT-bio, and CT-VT.
[0093] It will be noticed from FIG. 5 that the user of the terminal device is in possession of the original primitives used to generate the server’s reference table. The user receives the physical token including the PUF; it is the user’s own biological object that forms the biometric print (i.e., the biological token), and the virtual token may be a digital file on the user’s device, that may be selected based on it having randomness above some threshold.
[0094] Returning to the discussion of the enrollment process, one way to compute the combined table is to apply an addition modulo 2 as follows:
[0095] Let us use the notation a for the information contained at the position (i, j) of the n x n table CT-T generated from the physical token.
[0096] Let us use the notation bq for the information contained at the position (i, j) of the n x n table CT-bio generated from the biometric scheme
[0097] Let us use the notation ci;for the information contained at the position (i, j) of the n x n table CT-VT generated from the biometric scheme
[0098] Let us use the notation dq for the information contained at the position (i, y) of the resulting n x n table CT computed from CT-T, CT-Bio, and CT-VT.
[0099] At each position (i, j) of the matrices perform the followingIf all three factors aq, b^, and Cq consist of “0” and “1” states then:28QB\ 100060338.1ATTORNEY DOCKET NO. 2025-019 (133502.00232)dtj = (atj+ bij + Qy) mod2 = © bij©Else: d-ij = x
[0100] When the information contained in one of the tables is the flaky state “x”, the resulting state in the combined table CT is the state “x”. This process is shown in FIG. 6 with n = 8.
[0101] Normal operation
[0102] Normal operation is illustrated in FIG. 7. After the enrollment cycle, the user picks a second random number RN2 that is also concatenated with the password to generate a second set of challenges pointing to m positions in the combined reference table CT. An m-bit long ephemeral key K is computed from the responses. This may be done in a number of ways. By way of example, the response bitstream may be used as an encryption key directly, it may be hashed some number of times and / or applied to an XOF, or it may be used as a seed input to some keying algorithm. In some case, this may be the same algorithm used to generate the secret key Sk (e.g., lattice cryptography, hash-based cryptography, code-base cryptography. RSA, ECC, CRYSTALS Dilithium, CRYSTALS Kyber, NTRU, Falcon, SABER SPHINCS or Classic McElice.) The resulting key K is finally used to encrypt the private key Sk needed by the PKI scheme to sign transactions. The terminal device can be a crypto wallet, a smartcard, a token, a smartphone, or a personal computer. After encryption, the terminal device keeps in storage both random numbers RNi, RN2, and the encrypted private key SK. All other information is erased, which includes all reference tables CT-T, CT-Bio, CT-VT, CT, and the ephemeral key K. The user can recover the private key SK with RNi, RN2, and the encrypted key SK, as shown in FIG.3, by plugging the physical token in to the terminal device, presenting his visual image, and computing the virtual token. Liveness tests can be inserted in the protocol to avoid third parties passing the visual test with an image of the user. The use of biometric images is “template-less” (i.e., does not require long term storage of the biometric data), which protects privacy of the user.
[0103] The user can prepare backup hardware devices by downloading the same software stack, as well as RNi, RN2, and the encrypted key SK. Such a scheme can, for example, protect a user against the loss of a crypto wallet, without compromising security, as the same MFA is 29QB\ 100060338.1ATTORNEY DOCKET NO. 2025-019 (133502.00232)always needed to retrieve the private key Sk. At every cycle, the user can easily pick a new second random number RN2 to generate a new ephemeral key K, thereby encrypting the private key Sk with a one-time use key. This prevents attacks such as side channel attacks finding the ephemeral key during decryption cycles.
[0104] Role of the Key store
[0105] One of the problems that exists conventionally is the potential loss or failure of the token. One possible mitigation can come from a Keystore corporation that can store the reference table CT-T generated during enrollment cycle from the token. When the token is lost, the user can ask the Key store to transmit the table CT-T, then use it as part of the full MFA process. Such a recovery operation is still relatively secure as malicious parties can do very little from the table CT-T, since it does not include the information from the other tokens that are in the exclusive possession of the user. To intercept the ephemeral key K, the malicious parties still need RNi, RN2, the password, the biometric information, and the virtual token. A new physical token, and a new enrollment cycle will be needed to re-establish the full protection.
[0106] The Keystore corporation can also provide valuable services to reduce the rates of errors in the key recovery process, and the use of ternary cryptographic schemes. Rather than generating the tables CT-T from the physical token and CT-bio from the biometric scheme by a single operation, multiple cycles allow a better identification of the erratic positions’ “x”. For example, 100 repetitive cycles have been successfully demonstrated to catch 99.99% of the flaky positions. The Keystore corporation can generate a masking table CTwask from CT to capture the erratic positions. For example, the position (i, j) of the making table CTMask can be a “0” when a solid state of “0” or “1” is detected, and a state of “1” when the position is erratic. The Keystore will transmit the making table CTwask to the user, which can skip the erratic positions when generating the ephemeral Key K. The resulting Key K will have a lower rate of bad bits during subsequent recovery cycles and can be corrected by ultra-light schemes.
[0107] Protocols for PKI Enhancing Privacy with MFA
[0108] The MFA protocol with CRP protecting private keys disclosed previously can be combined with additional protocols that permit a trusted central authority to verify the authenticity of public keys without ever having access to the private keys. In this use case, the 30QB\ 100060338.1ATTORNEY DOCKET NO. 2025-019 (133502.00232)Keystore and the users coordinate the public-private key generation while the private keys are always kept secret by the user.
[0109] Enrollment cycle with private key generation
[0110] After completion of the enrollment cycle described previously, both the Key store and the user generate concurrently the same combined reference table CT. During this operation, the client is physically present in the office of the Key store and downloads the “Crypto Wallet” in its smart phone. Such an in-person cycle described can be done through video conferencing. In this case, the visual image of the user will be captured during the conference, while the token will be shipped to the physical address of the user. Such a virtual session will, for example, facilitate the replacement of a lost token.
[0111] A second part of the enrollment cycle must be completed to generate the public-private key pair, as shown in FIG. 8. In this example, the standardized post-quantum cryptographic (PQC) Dilithium was implemented. At the end of the enrollment cycle, the Key store makes the user ID and the public key Pk of the user “public” by posting it on-line. The user needs to keep in storage the random numbers RNi and RN2, as well as C, and indeed the encrypted private key Sk. The step-by-step operations are shown below:
[0112] / . Initial operations driven by the Key store corporation KSC:i. Generation of the reference table CT:RN1’«-RN1®PW: with random number RNI, and password PW n challenges <- RNI’: with XoF function.With CRP mechanisms generate 4 n x n reference tablesCT-bio«- n challenges: CRP from the facial imageCT-T <- n challenges: CRP from a tokenCT-VT «- n challenges: CRP from a virtual tokenCT «- (CT-bio)®(CT-T)©(CT-VT): concatenationii. Generation of Seed-a:RN2’«-RN2®PW: with random number RN2, and password PW n challenges <- RN2’: with XoF function.31QB\ 100060338.1ATTORNEY DOCKET NO. 2025-019 (133502.00232)Seed-a <- n challenges: with a CRP mechanism and table CTiii. KSC transmit RN1 and RN2 by email to the client’s smart phone
[0113] 2. Operations driven by the “Crypto-Wallet” apps in the client’s phone:ii. Generation of Seed-a following the same steps than above:Seed-a «- RN1, RN2, PW, image, token, and virtual token.iii. Generate a public / private key pair with Dilithium and sign M:Matrix- A«- Seed-a: with XoF functionVectors Vi and V2 «- Seed-h. Private key Sk’. {Vi; V2} Vector t «- A Vi + V2; Public key Pk’. {Seed-a; t } S «- Sign M, Sky. Sign message M with Skiv. Protect the private key Sk:RN3’«-RN3®PW’: with random number RN3, and PW’m challenges «- RN3’: with XoF functionKey K <- m challenges: with a CRP mechanism and table CTC «- Encrypt(Sk, K): Encrypt Sk with AES and Kv. Transmit by email the message M, the signature S and vector t to KSC, and store RN2; RN3; and C
[0114] 3. Final verification, and posting of the public keysvi. Between seed-a that was generated from the table CT, and t from the user, KSC is in possession of the full public key Pk: {Seed-a; t}vii. KSC can verify the signature S of message M with Pkviii. KSC transmits to a Certificate Authority, or the cloud the client’s ID and Pkix. KSC only keeps record of the crypto-table of the token CT-T
[0115] Signature of a transaction in a PKI environment
[0116] Within a PKI environment, the user needs to retrieve the private key Sk, sign a transaction N, and transmit both the transaction with its signature to the cloud. The transaction can then be openly verified by third parties with the public key. The protocol, illustrated in FIG. 9, is the following:32QB\ 100060338.1ATTORNEY DOCKET NO. 2025-019 (133502.00232)
[0117] The user can recover the reference table CT with RNi by plugging in the physical token, presenting his visual image, and computing the virtual token. Liveness tests can be inserted in the protocol to avoid third parties passing the visual test with an image of the user. The use of biometric images is “template-less”, which protects privacy of the user.
[0118] The user can recover the ephemeral key K from the reference table CT and RN3 with a CRP mechanism.
[0119] The ephemeral key allows the decryption of Sk the private key.
[0120] Sk is used to compute S, the signature of transaction T.
[0121] The user transmits on-line the signature S, transaction T, and the public key Pk.
[0122] The signature can be openly verified by third parties having access to S, N, and Pk.
[0123] As presented at the end of the discussion of FIG. 5, the use of a masking table CTmask can reduce the bit error rates. Additional error management schemes, and error correcting schemes can be inserted to ensure that the ephemeral key K is exactly the same as the one generated during the enrollment cycle.
[0124] Protecting the Biometric Scheme
[0125] It is important to prevent an opponent from exploiting the table CT-Bio. The protocol could be vulnerable to an attack in which the opponent has access to both the table CT-bio, and the visual images of the subject. Let us assume that each CT-bio consists of a 256 x 256 matrix resulting from the association of 256 columns, each column resulting from the measurements from one randomly selected position in the visual image to a group of 68 landmarks. For example, with a 7-bit analog to digital converter, each column is formed by measuring 37 distances position-to landmark and using only 4 bits of the last measurement. Considering that the visual images typically consist of 128 x 128 positions, the brute force attack will be based on trying sequentially 16,384 positions on the visual image of the subject and comparing the measurements to the 256 columns. With 68 landmarks, this requires 16,384 X 68 measurements, which add up to only 1.1 million measurements-analysis cycles. Therefore, if we assume that33QB\ 100060338.1ATTORNEY DOCKET NO. 2025-019 (133502.00232)each cycle takes 1 ms, the opponent could be able to find the 258 positions in less than 16 minutes.
[0126] One effective mitigation is to truncate the most significant bits of the streams resulting from the measurements position-to-landmark. For example, the following 7-bit long streams 0000111, 0010111, 0100111, 0110111, 1000111, 1010111, 1100111, 1110111 are sharing the same stream 0111. So, we will need 64 landmarks rather than 37 to generate a 256-bit long response. For each 4-bit long stream the number of possible positions located at a given distance of each landmark is 8 times higher than the number of positions located from the same landmark when the full 7-bit streams are used. The brute force attack will become statistically unlikely to succeed as the number of possible combinations for each cycle is increased by a factor of 864= 6 1057. Such a method does not degrade FRR and FAR as the 4 lowest bits are the ones that are sensitive to small changes, while the 3 highest bits are mainly stable.
[0127] Use of Arrays of Sensors as Additional MFA Protection
[0128] As is noted above, sensors may be used in various ways to reveal unique device fingerprints, and generally in the same manner as PUFs to support authentication and key generation. Generally, these schemes use multiple sensors, or arrays of sensors, and they rely on the individual (i.e., at the pixel level) device to device responsivity variation across one or more sensor arrays, which is random and unpredictable. The design of these PUFs shares similarity with the broadly used ring oscillator PUFs in which pairs of ring oscillators are replaced by pairs of sensing elements. A circuitry uses double MUX to address a pair of randomly selected sensing elements which are compared with differential circuitry.
[0129] This section describes ways to generate reference tables from arrays of sensors that can be combined with other reference tables, as described above in this disclosure. The arrays of sensors can be for example integrated into a wearable device which transmits information to a terminal device managing a set of factors such as tokens, and biometry. The reference table generated from the arrays of sensors needs to have the same n x n size as the one generated from the other factors, for example 256x256.34QB\ 100060338.1ATTORNEY DOCKET NO. 2025-019 (133502.00232)
[0130] The first method to generate a n x n reference table from arrays of sensing elements is based on a double MUX circuitry similar to the one used with ring oscillators and is described as follows:b. A first random number RNi generates n x n pairs of addresses,c. By measuring the sensing elements, a n x n reference table is generated. For each pair, a state of “0” is generated when the value of the parameter of the first element is lower than the second one, a state of “1” in the opposite configuration, and a state of “x” when the values of the parameters of two sensing elements are close to each other.d. The reference table is concatenated with tables generated with other factors of authentication to generate a combined reference table.e. With random number RN2 a public-private key pair is generated with a challenge- response-pair mechanism and the combined reference table.f. With random number RN3 an ephemeral key is generated with a challenge-response-pair mechanism and the combined reference table. The ephemeral key is used to encrypt the private key previously generated, or conversely to decrypt the private key during a key recovery cycle, and signature of a crypto transaction.
[0131] The preferred embodiment of this disclosure does not use the double MUX circuitry of a ring oscillator and is the following second method:g. All sensing elements of the arrays of sensors are measured sequentially and converted into digital streams with analog to digital conversion (ADC).h. The measurements are stored in a look up table organized along the addresses of the sensing elements.i. A first random number RNi generates n x n pairs of addresses,j. By reading the look up table, a n x n reference table is generated. For each pair, a state of “0” is generated when the value of the parameter of the first element is lower than the second one, a state of “1” in the opposite configuration, and a state of “x” when the values of the parameters of two sensing elements are close to each other.35QB\ 100060338.1ATTORNEY DOCKET NO. 2025-019 (133502.00232)k. The remaining protocol to generate cryptographic keys is identical to the one described just above.
[0132] The second embodiment is faster, and more secure. Measuring a pair of sensing elements takes typically a few milliseconds, which is several orders of magnitude slower than reading measurements in a look up table.
[0133] The bit entropy of such a system is excellent. For example, when the 16 sensing elements contained in an array are different because the accuracy of sensing circuitry is greater than the variations sensing element to sensing element, the number of possible sensors having 16 elements is given by the equation:Nb=16!= 2.1 x 1013= 244.2
[0134] The entropy of such a system with 3 arrays is 44.2 x 3 = 133, which is excellent. When only 14 sensing elements are different from each other, and two are identical, the number of possible sensors having 16 elements is given by the equation:Nb = 15 x 14! = 120 x 15! = 1.6 x 1014= 247.6
[0135] The entropy of such a system with 3 arrays is 47.6 x 3 = 143, which is even higher than the precedent case. Having identical sensing elements is adding an interesting entropy because a randomly selected pair of sensing elements generates ternary information, 0 with the value measured with the first element is lower than the second element, 1 with the opposite case, and x when both pairs are identical. In an extreme case when only 8 sensing elements are different, and 8 elements are identical, the number of possible sensors having 16 elements is given by the equation:Nb = (“’) 9 x 8! - 12870x 9! = 4.7 x 109= 2321
[0136] The entropy of such a system is 32.1 x 3 = 96.3, which is still acceptable.
[0137] Summary of the advantages of the novel methods
[0138] The enrollment process, token distribution, and recovery cycles can be managed by an independent KeyStore Corporation KSC.36QB\ 100060338.1ATTORNEY DOCKET NO. 2025-019 (133502.00232)
[0139] During normal operation, the MFA is directly under the control of each user, and friendly to operate. To get its private key and sign a crypto-transaction, the user enters the password, inserts the token in one of the terminals pre-loaded with the app, gets an image from the camera, and retrieves the virtual token.
[0140] On-demand, the Keystore corporation can transmit to the user the reference table of the token CT-T. This allows the user to retrieve the private key when the token is lost. A new virtual enrollment using a new token is recommended.
[0141] The users can use multiple devices, thereby being protected against HW failure or loss of a single crypto wallet. With current technologies, the loss of a crypto wallet is catastrophic, the private keys are lost. The flexibility does not compromise the security as the public keys are not stored in a single crypto wallet that can be stolen and hacked.
[0142] The novel key pair generating scheme preserves the privacy of the users, as the private keys are never shared. The method is compatible with current PKI infrastructures, and crypto wallets with NIST’s standardized PQC.
[0143] It should be understood that, unless explicitly stated or otherwise required, the features disclosed in embodiments explicitly described herein and elsewhere in this disclosure may be used in any suitable combinations. Other embodiments and uses of the above inventions will be apparent to those having ordinary skill in the art upon consideration of the specification and practice of the invention disclosed herein. It should be understood that features listed and described in one embodiment may be used in other embodiments unless specifically stated otherwise. The specification and examples given should be considered exemplary only, and it is contemplated that the appended claims will cover any other such embodiments or modifications as fall within the true scope of the invention.37QB\ 100060338.1
Claims
ATTORNEY DOCKET NO. 2025-019 (133502.00232)CLAIMSThe invention claimed is:
1. A method of securing a cryptographic key using a plurality of challenge-response-pair (CRP) generation mechanisms between and first and second computing device, comprising:executing an enrollment procedure, comprising:at the first computing device:generating a first set of challenges from at least a first random number; measuring physical characteristics of a physical CRP token using the first set of challenges to generate a reference table for the physical CRP token;receiving a second CRP token from the second computing device; measuring characteristics of the second CRP token in accordance with the first set of challenges to generate a reference table for the second CRP token;combining the reference table for the physical CRP token and the reference table for the second CRP token to generate a server combined reference table and storing the server combined reference table in storage, and transmitting the first random number to the second computing device.
2. The method of claim 1, further comprising excluding erratic responses from the server combined reference table.
3. The method of claim 1, wherein the first random number is generated at the first computing device using a RNG or a PRNG.
4. The method of claim 1, wherein the physical CRP token comprises an addressable array of physical unclonable function devices.
5. The method of claim 4, wherein measuring physical characteristics of a physical CRP token using the set of challenges comprises identifying device addresses with the set of38QB\ 100060338.1ATTORNEY DOCKET NO. 2025-019 (133502.00232)challenges and measuring physical characteristics of identified devices within the addressable array of physical unclonable function devices.
6. The method of claim 4, wherein the addressable array of physical unclonable function devices comprises one or more of an addressable array of ring oscillators, SRAM cells; ReRAM cells, DRAM cells, MEMS devices, sensors, ring oscillator circuits; gate delay circuits, ferroelectric memory devices; phase change memory devices, magnetic memory devices; flash memory devices, or one-time programmable memory devices.
7. The method of claim 1, further comprising physically providing the physical CRP token to the second computing device.
8. The method of claim 1, further comprising, at the first computing device, storing the reference table for the physical CRP token.
9. The method of claim 1, wherein generating a first set of challenges from at least a first random number comprises generating the first set of challenges from the first random number and a user supplied password.
10. The method of claim 1, wherein the second CRP token comprises a virtual token.
11. The method of claim 10, wherein the virtual token comprises the output of digital processing to blockchain data.
12. The method of claim 1, wherein the second CRP token comprises a biometric print.
13. The method of claim 12, wherein the biometric print comprises data reflecting a face, fingerprint, palm print, iris or retina of a user of the second computing device14. The method of claim 1, wherein the second CRP token is data derived from the output of one or more sensor arrays at the second computing device.39QB\ 100060338.1ATTORNEY DOCKET NO. 2025-019 (133502.00232)15. The method of claim 1, further comprising:at the second computing device:receiving the first random number;generating the first set of challenges from at least the first random number; measuring physical characteristics of the physical CRP token using the first set of challenges to generate a reference table for the physical CRP token;measuring characteristics of the second CRP token in accordance with the first set of challenges to generate a reference table for the second CRP token,combining the reference table for the physical CRP token and the reference table for the second CRP token to generate a client combined reference table.
16. The method of claim 15, further comprising executing a key encryption cycle, comprising:at the second computing device:generating a second set of challenges from at least a first random number; applying the second set of challenges to the client combined reference table to generate a set of responses, andusing the set of responses to encrypt a secret key.
17. The method of claim 16, wherein the set of responses is applied to a cryptographic keying algorithm to generate an ephemeral key.
18. The method of claim 16, wherein the secret key was generated in accordance with an asymmetrical cryptographic algorithm.
19. The method of claim 18, wherein the asymmetrical cryptographic algorithm comprises one of lattice cryptography, hash-based cryptography, code-base cryptography. RS A, ECC, CRYSTALS Dilithium, CRYSTALS Kyber, NTRU, Falcon, SABER SPHINCS or Classic McElice.40QB\ 100060338.1ATTORNEY DOCKET NO. 2025-019 (133502.00232)20. The method of claim 16, further comprising deleting the client combined reference table and storing the first and second random numbers and deleting the client combined reference table and any set of challenges.41QB\ 100060338.1