TU Darmstadt / ULB / TUbiblio

Method and system for secure access of a first computer to a second computer

Wiesmaier, Alexander ; Braun, Johannes ; Horsch, Moritz (2014)
Method and system for secure access of a first computer to a second computer.
Norm, Patent, Standard, Bibliographie

Kurzbeschreibung (Abstract)

A computer implemented method, computer program product and computer system for securing PIN based access from a first computer (1001) to a second computer (1002). The first computer (1001) sends (5100) identifier information (ID1, ID1a), which identifies a user (1) of the first computer (1001), to at least one trusted computer (1004, 1005). The first computer receives (5200) from the user (1) a first secret share (311) of a key (400) derived from a PIN (300) used for the PIN based access, wherein the first secret share (311) results from a secret sharing algorithm and is associated with an association identifier (390) generated by the at least one trusted computer (1004, 1005) in response to the identifier information (ID1, ID1a). The association identifier (390) is further associated with at least one corresponding secret share (341, 351) of the key (400) at the at least one trusted computer (1004, 1005). The first computer (1001) generates (5310), by using the secret sharing algorithm, for an encrypted nonce value (500) received (5300) from the second computer (1002) a set of further secret shares (501, 504, 505) for the first computer (1001) and for the at least one trusted computer (1004, 1005), wherein the encrypted nonce value (500) is a nonce value (510) encrypted with the key (400) and then sends (5400) corresponding secret shares (504, 505) of the encrypted nonce value (500) to the corresponding at least one trusted computer (1004, 1005). The first computer participates (5500) in a secure multiparty computation of the nonce value (510), wherein the secure computation is based on corresponding pairs ((311,501), (341,504), (351,505)) of the secret shares (311, 341, 351) of the key (400) and the secret shares (501, 504, 505) of the encrypted nonce value (500), and wherein the computed nonce value (510) is hidden from the first computer (1001); and receives (5600) access permission from the second computer (1002) in case the secure multiparty computation results in the nonce value (510) generated originally by the second computer (1002).

Typ des Eintrags: Norm, Patent, Standard
Erschienen: 2014
Autor(en): Wiesmaier, Alexander ; Braun, Johannes ; Horsch, Moritz
Art des Eintrags: Bibliographie
Titel: Method and system for secure access of a first computer to a second computer
Sprache: Englisch
Publikationsjahr: September 2014
Patent-Nummer: EP 2639997
Kurzbeschreibung (Abstract):

A computer implemented method, computer program product and computer system for securing PIN based access from a first computer (1001) to a second computer (1002). The first computer (1001) sends (5100) identifier information (ID1, ID1a), which identifies a user (1) of the first computer (1001), to at least one trusted computer (1004, 1005). The first computer receives (5200) from the user (1) a first secret share (311) of a key (400) derived from a PIN (300) used for the PIN based access, wherein the first secret share (311) results from a secret sharing algorithm and is associated with an association identifier (390) generated by the at least one trusted computer (1004, 1005) in response to the identifier information (ID1, ID1a). The association identifier (390) is further associated with at least one corresponding secret share (341, 351) of the key (400) at the at least one trusted computer (1004, 1005). The first computer (1001) generates (5310), by using the secret sharing algorithm, for an encrypted nonce value (500) received (5300) from the second computer (1002) a set of further secret shares (501, 504, 505) for the first computer (1001) and for the at least one trusted computer (1004, 1005), wherein the encrypted nonce value (500) is a nonce value (510) encrypted with the key (400) and then sends (5400) corresponding secret shares (504, 505) of the encrypted nonce value (500) to the corresponding at least one trusted computer (1004, 1005). The first computer participates (5500) in a secure multiparty computation of the nonce value (510), wherein the secure computation is based on corresponding pairs ((311,501), (341,504), (351,505)) of the secret shares (311, 341, 351) of the key (400) and the secret shares (501, 504, 505) of the encrypted nonce value (500), and wherein the computed nonce value (510) is hidden from the first computer (1001); and receives (5600) access permission from the second computer (1002) in case the secure multiparty computation results in the nonce value (510) generated originally by the second computer (1002).

ID-Nummer: TUD-CS-2014-0978
Fachbereich(e)/-gebiet(e): 20 Fachbereich Informatik
20 Fachbereich Informatik > Theoretische Informatik - Kryptographie und Computeralgebra
Profilbereiche
Profilbereiche > Cybersicherheit (CYSEC)
Hinterlegungsdatum: 04 Aug 2016 15:08
Letzte Änderung: 11 Dez 2020 14:20
PPN:
Export:
Suche nach Titel in: TUfind oder in Google
Frage zum Eintrag Frage zum Eintrag

Optionen (nur für Redakteure)
Redaktionelle Details anzeigen Redaktionelle Details anzeigen