摘要 |
A method for authenticating a user to a computer system is disclosed, comprising using a first input and a second input in producing a digital signature in response to a challenge. The digital signature is valid when the first input matches a personalized secret and the second input matches a trio comprising a public modulus, a public exponent, and a private-key-dependent exponent. Selection of the personalized secret is discretionary and changeable. A crypto-key generation process uses the personalized secret and two primes as input to produce the trio. The public modulus and public exponent of the trio form a public key used in digital signature validation. Also disclosed is a business method that replaces the conventional public-key certificate with an agreement on the user's public key.
|