PASSWORD SELF ENCRYPTION METHOD AND SYSTEM AND ENCRYPTION BY KEYS GENERATED FROM PERSONAL SECRET INFORMATION

US 20090300362A1
Filed: 03/12/2009
Published: 12/03/2009
Est. Priority Date: 05/29/2008
Status: Active Grant

First Claim

Patent Images

1. A method comprisingsubmitting a user identification for a user from a user computer to a server computer;

receiving a set of information at the user computer, that is related to the user and useful for encryption from the server computer, andusing the set of information at the user computer in encrypting confidential information to form at least a cipher; and

submitting the cipher from the user computer to the server computer.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A public key cryptographic system and method is provided for a password or any other predefined personal secret information that defeats key factoring and spoofing attacks. The method adopts a new technique of encrypting a password or any predefined secret information by a numeric function of itself, replacing the fixed public key of the conventional RSA encryption. The whole process involving key generation, encryption, decryption and password handling is discussed in detail. Mathematical and cryptanalytical proofs of defeating factoring and spoofing attacks are furnished.

49 Citations

View as Search Results

17 Claims

1. A method comprisingsubmitting a user identification for a user from a user computer to a server computer;
- receiving a set of information at the user computer, that is related to the user and useful for encryption from the server computer, andusing the set of information at the user computer in encrypting confidential information to form at least a cipher; and
  
  submitting the cipher from the user computer to the server computer.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
- - 2. The method of claim 1 whereinthe confidential information includes a password.
  - 3. The method of claim 1 whereinthe confidential information includes individual identity information.
  - 4. The method of claim 2 further comprisingencrypting any information with a public key generated using the password once the user logs into a web application.
  - 5. The method of claim 2 further comprisingusing the password as a digital certificate of the user and digitally signing messages using a public key generated from the password.
  - 6. The method of claim 1 whereinencrypting confidential information to form at least the cipher is implemented using a layer underlying communication between a user computer and the server computer.
  - 7. The method of claim 6 whereinthe layer includes a web browser.
  - 8. The method of claim 6 whereinthe layer includes a web page.
  - 9. The method of claim 2 further comprisingdecrypting messages from the server computer to the user computer using a public key generated from the password in order to secure information communicated both from the server computer to the user computer and from the user computer to the server computer.
  - 10. The method of claim 3 further comprisingdecrypting messages from the server computer to the user computer using a public key generated from the individual identity information in order to secure information communicated both from the server computer to the user computer and from the user computer to the server computer
  - 11. The method of claim 2 further comprisingencrypting a message digest by using a public key generated from the password.
  - 12. The method of claim 3 further comprisingencrypting a message digest by using a public key generated from the individual identity information.
  - 13. The method of claim 3 further comprisingusing the individual identity information as a digital certificate of the user and digitally signing messages using a public key generated from the individual identity information.
  - 14. The method of claim 1 whereinthe set of information received from the server computer comprises a part of a public key used for encryption on the user computer.
  - 15. The method of claim 1 whereinthe server computer is comprised of a plurality of computers.
  - 16. The method of claim 1 further comprisingentering the user identification and the set of information in a single web page on a user computer;
    - submitting the user identification from the user computer to the server computer, without the set of information; and
      
      subsequently receiving a further set of information at the user computer, from the server computer, and then submitting a cipher of the set of information from the user computer to the server computer.
  - 17. The method of claim 1 further comprisingentering the user identification in a first web page on a user computer;
    - submitting the user identification from the user computer to the server computer, without the set of information;
      
      subsequently receiving a further set of information at the user computer, from the server computer;
      
      entering the set of information in a second web page on the user computer after the further set of information has been received at the user computer;
      
      and submitting a cipher of the set of information to the server computer.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Cheman Shaik
Original Assignee
Cheman Shaik
Inventors
Shaik, Cheman

Granted Patent

US 8,023,647 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/176
CPC Class Codes

H04L 2209/56   Financial cryptography, e.g...

H04L 9/002   Countermeasures against att...

H04L 9/0844   with user authentication or...

H04L 9/302   involving the integer facto...

PASSWORD SELF ENCRYPTION METHOD AND SYSTEM AND ENCRYPTION BY KEYS GENERATED FROM PERSONAL SECRET INFORMATION

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

49 Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

PASSWORD SELF ENCRYPTION METHOD AND SYSTEM AND ENCRYPTION BY KEYS GENERATED FROM PERSONAL SECRET INFORMATION

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

49 Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links