Patent · US Active

Secure detection and management of compromised credentials using a salt and a set model

US10911438B2 · kind B2 · utility

2Cited by

3References

32Claims

0Family size

Assignee

Shape Security, Inc. · US

Inventors

Zhipu Jin · Milpitas, US
Gautam Agrawal · Saratoga, US
Daniel G. Moen · Sunnyvale, US
Weiguo Liang · Mountain View, US
Xingang Wang · Tangxia, CN

Key dates

Filing date	Jul 2, 2018
Grant date	Feb 2, 2021
Priority date	—
Expiry date	Mar 19, 2039

Classification

Technology area (CPC H)Electricity
CPC primaryH04L63/20
WIPO fieldDigital communication
WIPO sectorElectrical engineering

Abstract

Techniques are provided for secure detection and management of compromised credentials. A first candidate credential is received, comprising a first username and a first password, wherein the first candidate credential was sent in a first request from a first client computer to log in to a first server computer. A first salt associated with the first username in a salt database is obtained. A first hashed credential is generated based on the first password and the first salt. The first hashed credential is transmitted to a set model server computer, wherein the set model server computer is configured to maintain a set model that represents a set of spilled credentials, determine whether the first hashed credential is represented in the set model, and in response to determining that the first hashed credential is represented in the set model, performing additional processing on the first hashed credential.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.