| CPC H04L 9/0825 (2013.01) [H04L 9/088 (2013.01); H04L 9/0863 (2013.01); H04L 9/14 (2013.01); H04L 9/3226 (2013.01); H04L 9/3242 (2013.01)] | 18 Claims |
|
1. A method of enabling access to a PKI private key usable by a user's digital computing device operable to communicate with a digital communications network, to enable the user of the digital computing device to obtain secure access to a service or resource of a provider entity operable to communicate with the network, the method of enabling access comprising:
at the user's digital computing device, utilizing a plurality of secret inputs to compute first and second cryptographically secure hashes and a location reference;
transmitting a first of the secure hashes and the location reference from the user's device to an authentication server;
at the authentication server, utilizing the first secure hash and the location reference to look up an encrypted data item;
transmitting the encrypted data item and an encrypted cryptographic salt parameter to the user's device; and
at the user's device, decrypting the encrypted data item using the second secure hash, at least one of the plurality of secret inputs and the cryptographic salt parameter, so as to enable access to the PKI private key;
wherein the first secure hash is required to compute the location reference to the storage location of the encrypted data item.
|