摘要 |
Methods for regenerating a strong secret for a user, based on input of a wea k secret, such as a password, are assisted by communications exchanges with a set of independent servers. Each server holds a distinct secret value (i.e., server secret data). The strong secret is a function of the user's weak secr et and of the server secret data, and a would-be attacker cannot feasible compu te the strong secret without access to both the user's weak secret and the serv er secret data. Any attacker has only a limited opportunity to guess the weak secret, even if he has access to all messages transmitted in the generation and regeneration processes plus a subset (but not all) of the server secret data.
|