公开(公告)号：GB2530726A

公开(公告)日：2016-04-06

申请号：GB201416888

申请日：2014-09-25

Applicant: IBM

Inventor： CAMENISCH JAN LEONHARD ,  GILAD YOSSI ,  LEHMANN ANJA ,  NAGY ZOLTAN ARNOLD ,  NEVEN GREGORY

IPC: G06F21/41 ,  G06F21/33 ,  H04L9/08 ,  H04L9/32 ,  H04L29/06

Abstract: A user computer (2, fig. 1) connects via a network (3, fig. 1) to verifier servers (4, fig. 1) and authentication servers (5, fig. 1). Respective cryptographic shares of password data, dependent on a predetermined user password, are provided at the authentication servers. A plurality of password data shares is needed to determine if the password matches a password attempt. Respective cryptographic shares of secret data, enabling determination of a username for a verifier server, are provided at the authentication servers. A plurality of secret data shares is needed to reconstruct the secret data. The user computer communicates 32, via the network, with a minimum threshold number of the authentication servers and the password data shares of those servers are used to determine if 33 the user password matches an input password attempt 31. If so, the user computer receives 35 secret data shares from respective authentication servers. On receipt of said shares, the user computer reconstructs 36 and uses the secret data to generate 37, in communication with a plurality of the authentication servers, a cryptographic token for authenticating 38, 39 secretly from the authentication servers the user computer to a selected verifier server under the username that server.