Authentication credential protection method and system

Assignee

• Huawei Technologies Co., Ltd. · CN

Inventors

• Ji Li · San Jose, US
• Leting Ren · Beijing, CN
• Li Duan · Shanghai, CN
• Jun Xia · Hefei, CN

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L2209/46
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

This application provides an authentication credential protection method and system. The protection method includes the following steps: generating authentication secret information based on a lock screen password and hardware secret information of a first device; randomly generating, by the first device, a symmetric key, and using the symmetric key as an encryption key for the authentication secret information; splitting the encryption key into at least two first key segments by using a multi-party data splitting algorithm, where one of the at least two first key segments is stored on the first device; and sending, by the first device, another first key segment to a trusted device. In the foregoing technical solution, the authentication secret information is generated by using the lock screen password and the hardware secret information, increasing information complexity. In addition, different trusted devices are used to store the split key segments, improving security of the encryption key.