USER AUTHENTICATION BASED ON PASSWORD-SPECIFIC CRYPTOGRAPHIC KEYS
Techniques are disclosed relating to user authentication based on password-specific cryptographic keys. In some embodiments, a user device receives, from an authentication server, an authentication challenge that includes an item of challenge information. Further, in some embodiments, the user devic...
Gespeichert in:
| Hauptverfasser: | , |
|---|---|
| Format: | Patent |
| Sprache: | eng |
| Schlagworte: | |
| Online-Zugang: | Volltext bestellen |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| Zusammenfassung: | Techniques are disclosed relating to user authentication based on password-specific cryptographic keys. In some embodiments, a user device receives, from an authentication server, an authentication challenge that includes an item of challenge information. Further, in some embodiments, the user device receives user input indicative of a password and then performs a cryptographic function on the password to generate a password-specific cryptographic key. The computing device may access an initial seed value that was previously provided by the authentication server and generate an updated cryptographic key based on the initial seed value and the password-specific key. Further, in various embodiments, the user device generates authentication information based on the updated cryptographic key and the item of challenge information. The user device may then send an authentication response, including the authentication information, to the authentication server. In various embodiments, the password is not included in the authentication response. |
|---|