| CPC H04L 9/3213 (2013.01) [H04L 9/0869 (2013.01); H04L 9/3226 (2013.01); H04L 9/3247 (2013.01)] | 10 Claims |
|
1. A cyber security method, comprising:
in a first device:
randomly generating a first ephemeral decryption key in response to an input of an authentication information;
encrypting an identity information based on the first ephemeral decryption key to generate an electronic digital signature;
randomly generating a second ephemeral decryption key;
encrypting the electronic digital signature based on the second ephemeral decryption key to generate an authentication token;
transmitting the first ephemeral decryption key and the second ephemeral decryption key to a third device and retrieving a token index from the third device, wherein the token index is generated by the third device and refers to a strictly smaller portion that is sufficient to retrieve the first and second ephemeral decryption keys from the third device;
combining the authentication information, the identity information, the token index and the authentication token to form an ephemeral string and sending the ephemeral string to a second device;
in the second device:
acquiring the authentication information, the identity information, the token index and the authentication token by receiving and parsing the ephemeral string;
requesting to retrieve the first ephemeral decryption key and the second ephemeral decryption key from the third device based on the token index;
decrypting the authentication token based on the second ephemeral decryption key to obtain the electronic digital signature;
verifying whether the electronic digital signature is correctly encrypted and not altered during the above transmitting and retrieving based on the first ephemeral decryption key; and
decrypting the electronic digital signature based on the first ephemeral decryption key to obtain the identity information, if the electronic digital signature is correctly encrypted and not altered.
|