| 摘要 |
<p>The present application relates to systems or methods for a user authentication when said user whishes to access a remote service. This invention proposes a method for a user authentication implementing a first server connected to a public network, and a second server connected to the first server but no connected to the public network, this method comprising a step of enrolment comprising: - receiving by the first server an reference identifier U and of a reference password P, and transmission of this information to the second server, - loading a security parameter R by the second server, and calculating a first cryptogram H by a one-way function Hash on the reference identifier U, the reference password P, and the security parameter R, - encrypting at least the reference identifier U and the password P by using an asymmetrical encryption method, and storing the encrypted data by the second server, - returning the first cryptogram H to the first server and storing said cryptogram by the first server, and a verification step of an user comprising: - receiving by the first server of the current identifier IT and of the current password P', and transmission of said information to the second server, - calculating a second cryptogram H' by the one-way function Hash on the current identifier U', the current password P', and the security parameter R by the second server, - returning the second cryptogram H' to the first server and verification that the first cryptogram is included in the database, if not, generating an error message.</p> |
