US 12,069,163 B2
Data protection with two password asymmetric encryption
Hao Cheng, Oakton, VA (US)
Assigned to Capital One Services, LLC, McLean, VA (US)
Filed by Capital One Services, LLC, McLean, VA (US)
Filed on Jul. 27, 2022, as Appl. No. 17/874,362.
Prior Publication US 2024/0039705 A1, Feb. 1, 2024
Int. Cl. H04L 9/32 (2006.01); H04L 9/08 (2006.01)
CPC H04L 9/0825 (2013.01) [H04L 9/0863 (2013.01); H04L 9/0894 (2013.01); H04L 9/3213 (2013.01); H04L 9/3226 (2013.01)] 20 Claims
OG exemplary drawing
 
1. A method comprising:
receiving, at a first computing device, data to be encrypted;
receiving, at the first computing device and from a second computing device, a first time-constraint token;
receiving, at the first computing device, a current system time and a predetermined shared secret associated with the first computing device and the second computing device;
deriving, using a first key derivation function and based on the current system time and the predetermined shared secret, a first cryptographic key;
decrypting, by the first computing device and using the first cryptographic key, the first time-constraint token to recover a public key;
receiving, at the first computing device, a first password associated with a first user;
deriving, by the first computing device and based on the first password, a private key;
deriving, by the first computing device and based on the private key and the public key, a second cryptographic key;
encrypting, by the first computing device and based on the second cryptographic key, the data to generate encrypted data; and
storing, by the first computing device, the encrypted data.