Patents Assigned to Fiske Software
  • Patent number: 11128453
    Abstract: A common vulnerability during a Diffie-Hellman key exchange is a man-in-the-middle attack, where Eve is able to pretend she is Bob to Alice and also pretend that she is Alice to Bob. In an embodiment, after a key exchange is completed, visual image authentication between Alice and Bob can notify Alice and Bob that Eve has launched a man-in-the-middle attack. When Alice's sequence of visual images derived from her shared secret do not match Bob's sequence of visual images, Alice and Bob know that their key exchange has been compromised by Eve. In this case, Alice and Bob should perform their key exchange again. Our invention provides a malware resistant alternative to not using a root certificate during a key exchange. It is well-known that a root certificate can be compromised by an dishonest or corrupt insider. Since the institution has access to the root certificate, there is no guarantee that a rogue network administrator will not use it to personally profit, or breach the security of the system.
    Type: Grant
    Filed: March 15, 2020
    Date of Patent: September 21, 2021
    Assignee: Fiske Software
    Inventor: Michael Stephen Fiske