Distributed Single Sign-On

摘要

Methods and apparatus are provided for authenticating user computers 2 in distributed single sign-on systems 1. A user computer 2 is connectable via a network 3 to a plurality of verifier servers 4 and a plurality n of authentication servers 5. Through communication with authentication servers 5, the user computer 2 can generate a cryptographic token for authenticating the user computer 2 to a selected verifier server 4 under a username identifying the user computer to that verifier server. Respective cryptographic shares of password data, which is dependent on a predetermined user password, are provided at the n authentication servers 5. A plurality t1≦n of the password data shares is needed to determine if the user password matches a password attempt. Respective cryptographic shares of secret data, which enables determination of said username for each verifier server, are also provided at the n authentication servers 5. A plurality t2≦t1 of the secret data shares is needed to reconstruct the secret data. On input of a password attempt at the user computer 2, the user computer communicates via the network with at least t1 authentication servers 5 to implement an authentication procedure in which the password data shares of those authentication servers are used to determine if the user password matches the password attempt and, if so, the user computer 2 receives at least t2 secret data shares from respective authentication servers 5. On receipt of these secret data shares, the user computer 2 reconstructs and uses the secret data to generate, via communication with at least a plurality T≦t1 of said at least t1 servers 5, a cryptographic token for authenticating the user computer 2 to a selected verifier server 4, secret from said at least T servers, under said username for the selected verifier server 4.

主权项

1. A method for generating a cryptographic token for authenticating a user computer, connectable via a network to a plurality of verifier servers and a plurality n of authentication servers, to a said verifier server under a username identifying the user computer to that verifier server, the method comprising:
providing at the n authentication servers respective cryptographic shares of password data, which is dependent on a predetermined user password, such that a plurality t1≦n of the password data shares is needed to determine if said user password matches a password attempt; providing at the n authentication servers respective cryptographic shares of secret data, which enables determination of said username for each verifier server, such that a plurality t2≦t1 of the secret data shares is needed to reconstruct the secret data; at the user computer, on input of a password attempt, communicating via said network with at least t1 authentication servers to implement an authentication procedure in which said password data shares of those authentication servers are used to determine if said user password matches the password attempt and, if so, the user computer receives at least t2 secret data shares from respective authentication servers; and at the user computer, on receipt of said secret data shares, reconstructing and using said secret data to generate, via communication with at least a plurality T≦t1 of said at least t1 servers, a cryptographic token for authenticating the user computer to a selected verifier server, secret from said at least T servers, under said username for the selected verifier server.