发明名称 |
Utilization of a protected module to prevent offline dictionary attacks |
摘要 |
Various technologies pertaining to authenticating a password in a manner that prevents offline dictionary attacks are described. A protected module, which can be a hardware security module, a trusted platform module, or the like, is in communication with an authentication server. The protected module comprises a key that is restricted to the protected module. The key is employed in connection with authenticating the password on the protected module. |
申请公布号 |
US9544280(B2) |
申请公布日期 |
2017.01.10 |
申请号 |
US201615048989 |
申请日期 |
2016.02.19 |
申请人 |
Microsoft Technology Licensing, LLC |
发明人 |
Schechter Stuart Edward;Molnar David Alexander;Lorch Jacob Rubin;Bond Barry Clayton;Parno Bryan Jeffrey |
分类号 |
H04L9/32;H04L29/06;G06F21/31;H04L9/08 |
主分类号 |
H04L9/32 |
代理机构 |
|
代理人 |
Corie Alin;Swain Sandy;Minhas Micky |
主权项 |
1. A method executed by a computer processor in a protected hardware module, the method comprising:
executing a hash function over a string to generate a first hash value, wherein the string comprises:
first data that is indicative of a purported password for a user account; anda key, the key unable to be removed from the protected hardware module; comparing the first hash value with a second hash value, the second hash value previously generated by the protected hardware module, the protected hardware module previously generated the second hash value by executing the hash function over a second string, the second string comprises:
second data that is indicative of a proper password for the user account; andthe key; when the protected hardware module determines that the first hash value is equivalent to the second hash value, outputting a signal that indicates that the purported password matches the proper password. |
地址 |
Redmond WA US |