Gesture-extracted passwords for authenticated key exchange
US10778450B1 · kind B1 · utility
Assignee
Inventors
Key dates
| Filing date | Apr 24, 2018 |
| Grant date | Sep 15, 2020 |
| Priority date | — |
| Expiry date | Mar 13, 2039 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L2463/082
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
A method for gesture-based multi-factor authentication includes receiving a gesture password from a user. The gesture password is mapped to a first substitution string. A cryptographic key is generated using the substitution string as an input to a password authenticated key exchange (“PAKE”) protocol. A challenge response is encrypted with the cryptographic key to generate an encrypted challenge response. A user identifier and the encrypted challenge question are transmitted to a relying party. The encrypted challenge response can be verified by the relying party by retrieving the first substitution string based on the user identifier, generating the cryptographic key using the first substitution string as an input to the PAKE protocol, decrypting the encrypted challenge response using the cryptographic key, and verifying the challenge response so as to authenticate the user.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.