{"schema_version":"1.0","canonical_url":"https://patentable.app/patents/US-8528060","patent":{"patent_number":"US-8528060","title":"Method and system for password protocols in the bounded retrieval mode with security dictionary attacks and intrusions","assignee":null,"inventors":[],"filing_date":"2006-12-22T00:00:00.000Z","publication_date":"2013-09-03T00:00:00.000Z","cpc_codes":["G06F","G06F","G06F","H04L"],"num_claims":4,"abstract":"Efficient secure password protocols are constructed that remain secure against offline dictionary attacks even when a large, but bounded, part of the storage of a server responsible for password verification is retrieved by an adversary through a remote or local connection. A registration algorithm and a verification algorithm accomplish the goal of defeating a dictionary attack. A password protocol where a server, on input of a login and a password, carefully selects several locations from the password files, properly combines their content according to some special function, and stores the result of this function as a tag that can be associated with this password and used in a verification phase to verify access by users. Two main instantiations of our method are given; in one, a combination of mathematical tools, called dispersers and pairwise-independent hash functions is used to achieve security against adaptive intrusions (dispersers make sure that the password of each user depends on randomly chosen locations in a large password file, and pairwise-independent hash functions help in making this dependency sufficiently random); in a second one, a combination of mathematical tools, called k-wise independent hash functions and locally-computable and strong extractors (k-wise independent hash functions make sure that the locations chosen in the large password file from each password are sufficiently random, and locally-computable and strong extractors are used to combine the contents of these locations to generate a single long random value, which makes verification harder for the adversary to foil)."},"analysis":{"summary":null,"layman_explanation":null,"technical_analysis":null,"business_analysis":null,"faqs":null,"topics":[],"tech_cluster":null},"seo":{"title":"Method and system for password protocols in the bounded retrieval mode with security dictionary attacks and intrusions","description":"Efficient secure password protocols are constructed that remain secure against offline dictionary attacks even when a large, but bounded, part of the storage of a server responsible for password verif","keywords":[]},"attribution":{"source":"Patentable","source_url":"https://patentable.app","canonical_url":"https://patentable.app/patents/US-8528060","license":"CC-BY-4.0-like","license_terms":"AI-generated analysis on this page (summary, layman_explanation, technical_analysis, business_analysis, faqs) may be reused with attribution and a visible link back to the canonical URL above. Patent abstracts, claims, and bibliographic data are USPTO public domain.","required_link":"https://patentable.app/patents/US-8528060","citation_suggestion":"Patentable. \"Method and system for password protocols in the bounded retrieval mode with security dictionary attacks and intrusions\" (US-8528060). https://patentable.app/patents/US-8528060","copyright_holder":"Nomic Interactive Technology LLC"},"links":{"html":"https://patentable.app/patents/US-8528060","json":"https://patentable.app/api/llm-context/US-8528060","site":"https://patentable.app","llms_txt":"https://patentable.app/llms.txt"},"generated_at":"2026-05-31T07:45:34.524Z"}