Entering confidential information on an untrusted machine

摘要

Confidential information is provided to a proxy computer in communication between an unsecured computer and a computer having information desired by a user. The proxy computer receives the confidential information in either an encrypted form or having arbitrary information combined therewith. The proxy computer ascertains the confidential information and forwards it to the computer having the information desired by the user.

主权项

1. A computer-implemented method of transferring confidential information through a network, the method comprising: initiating that a set of prompts including prompt information are rendered to a user, without rendering a selected secret that is known to the user, to selectively input a set of user input comprising portions of the confidential information and arbitrary information in a sequence that alternates at least in part between portions of the confidential information and the arbitrary information, such that input of the confidential information is divided by input of the arbitrary information according to the sequence, the sequence of the portions of the confidential information and the arbitrary information being based at least in part on the selected secret, the selected secret being information that is different from the confidential information and identifies that a given prompt in the set of prompts receives a portion of confidential information in the sequence rather than a portion of arbitrary information, the prompt information informing only a user who knows the selected secret when to input the portions of confidential information within the set of prompts and when to input the arbitrary information within the set of prompts, wherein the prompt information distinguishes the portions of confidential information from the portions of arbitrary information to only a user who knows the selected secret;
receiving and processing the set of user input, using one or more processors, having access to the selected secret and comparing the set of user input with the set of prompts and with the selected secret so as to separate the arbitrary information from the portions of the confidential information, thereby ascertaining the confidential information, and wherein without using the information of the selected secret, the confidential information cannot be ascertained from the sequence of portions of the confidential information and the arbitrary information; and transmitting the ascertained confidential information.