Abstract: A computer-based system and method for performing an offline login to a local device, including: generating a pair of an auxiliary (AUX) public key and an AUX private key; receiving a password at the local device; reconstructing a symmetric key from a first value stored on the local device and a second value stored on an authenticator; encrypting the password with the AUX public key to obtain a locally encrypted password; encrypting the AUX private key with the symmetric key to obtain an encrypted AUX private key; and deleting the symmetric key, and when performing the offline login: reconstructing the symmetric key; decrypting the encrypted AUX private key with the symmetric key to obtain the AUX private key; decrypting the locally encrypted password with the AUX private key to obtain the password; and using the password to perform the offline login.

Abstract: A computer-based system and method for securing passwords, including: obtaining, by an authentication service, a plurality of public keys, each associated with one of a plurality of devices associated with a user; generating, by the authentication service, a password for the user; sending, by the authentication service, the password to a password management entity; encrypting, by the authentication service, the password with each of the public keys, thus generating a plurality of encrypted passwords, each encrypted with one of the public keys and associated with a device of the plurality of devices; and deleting the password by the authentication service.

Abstract: A computer-based system and method for securing passwords, including: obtaining, by an authentication service, a plurality of public keys, each associated with one of a plurality of devices associated with a user; generating, by the authentication service, a password for the user; sending, by the authentication service, the password to a password management entity; encrypting, by the authentication service, the password with each of the public keys, thus generating a plurality of encrypted passwords, each encrypted with one of the public keys and associated with a device of the plurality of devices; and deleting the password by the authentication service.

Abstract: A system and method for validating an entity may include obtaining by at least a first system, a set of entity details related to the entity; associating with the entity, by the first system, a first trust level based on at least some of the entity details; and validating the entity based on the first trust level. A system and method for validating an entity may include providing at least one of first and second values to a respective at least one of first and second devices; providing the entity, by at least one of the first and second devices, with the at least one of first and second values; and using the at least one of first and second values, by the entity, to identify the entity to an identifying entity.

Abstract: A computer-based system and method for performing an offline login to a local device, including: generating a pair of an auxiliary (AUX) public key and an AUX private key; receiving a password at the local device; reconstructing a symmetric key from a first value stored on the local device and a second value stored on an authenticator; encrypting the password with the AUX public key to obtain a locally encrypted password; encrypting the AUX private key with the symmetric key to obtain an encrypted AUX private key; and deleting the symmetric key, and when performing the offline login: reconstructing the symmetric key; decrypting the encrypted AUX private key with the symmetric key to obtain the AUX private key; decrypting the locally encrypted password with the AUX private key to obtain the password; and using the password to perform the offline login.

Abstract: A system and method for of temporary password management may include: obtaining, by a password management entity, a request to login a local device into an authentication authority; generating, by the password management entity, a temporary password; sending, by the password management entity, the temporary password to the authentication authority; sending, by the password management entity, the temporary password to a user device; obtaining, at the authentication authority the temporary password from the local device; comparing, by the authentication authority, the temporary password obtained from the local device with the temporary password obtained from the password management entity; and authorizing the login if a match is found.

Abstract: A system and method for securing a communication channel may include obtaining a first value by first and second devices. A second value may be randomly selected by the first device and may be provided to the second device. The first and second devices may independently from one another apply a function to the first and second values and may use a result of the function to secure and authenticate a communication channel between the first and second devices.

Abstract: A system and method for of temporary password management may include: obtaining, by a password management entity, a request to login a local device into an authentication authority; generating, by the password management entity, a temporary password; sending, by the password management entity, the temporary password to the authentication authority; sending, by the password management entity, the temporary password to a user device; obtaining, at the authentication authority the temporary password from the local device; comparing, by the authentication authority, the temporary password obtained from the local device with the temporary password obtained from the password management entity; and authorizing the login if a match is found.

Abstract: A system and method for of temporary password management may include: obtaining, by a password management entity, a request to login a local device into an authentication authority; generating, by the password management entity, a temporary password; sending, by the password management entity, the temporary password to the authentication authority; sending, by the password management entity, the temporary password to a user device; obtaining, at the authentication authority the temporary password from the local device; comparing, by the authentication authority, the temporary password obtained from the local device with the temporary password obtained from the password management entity; and authorizing the login if a match is found.

Abstract: A system and method for of temporary password management may include: obtaining, by a password management entity, a request to login a local device into an authentication authority; generating, by the password management entity, a temporary password; sending, by the password management entity, the temporary password to the authentication authority; sending, by the password management entity, the temporary password to a user device; obtaining, at the authentication authority the temporary password from the local device; comparing, by the authentication authority, the temporary password obtained from the local device with the temporary password obtained from the password management entity; and authorizing the login if a match is found.

Abstract: A system and method for providing secure communication between a source and a destination that is secured by secret sharing, during a vulnerability window in which all secret shares are collected in one or more points along the communication paths. Accordingly, during the regular operation of the communication protocol, a common random secret OTP is created by sending random bits from the sender to the receiver and the source is allowed to perform bitwise XOR operation between the information to be sent and the common random secret OTP, prior to using secret sharing. The results of the bitwise XOR operation are sent to the destination using secret sharing and the destination reconstructs the random secret and decrypts the received data, using the common established random secret. The common random secret is based on polynomial randomization being transferred from the source to the destination using secret sharing.

Abstract: A system and method for validating an entity may include obtaining by at least a first system, a set of entity details related to the entity; associating with the entity, by the first system, a first trust level based on at least some of the entity details; and validating the entity based on the first trust level. A system and method for validating an entity may include providing at least one of first and second values to a respective at least one of first and second devices; providing the entity, by at least one of the first and second devices, with the at least one of first and second values; and using the at least one of first and second values, by the entity, to identify the entity to an identifying entity.

Abstract: A system and method for of temporary password management may include: obtaining, by a password management entity, a request to login a local device into an authentication authority; generating, by the password management entity, a temporary password; sending, by the password management entity, the temporary password to the authentication authority; sending, by the password management entity, the temporary password to a user device; obtaining, at the authentication authority the temporary password from the local device; comparing, by the authentication authority, the temporary password obtained from the local device with the temporary password obtained from the password management entity; and authorizing the login if a match is found.

Abstract: A system and method for of temporary password management may include: obtaining, by a password management entity, a request to login a local device into an authentication authority; generating, by the password management entity, a temporary password; sending, by the password management entity, the temporary password to the authentication authority; sending, by the password management entity, the temporary password to a user device; obtaining, at the authentication authority the temporary password from the local device; comparing, by the authentication authority, the temporary password obtained from the local device with the temporary password obtained from the password management entity; and authorizing the login if a match is found.

Abstract: A system and method for securing a communication channel may include obtaining a first value by first and second devices. A second value may be randomly selected by the first device and may be provided to the second device. The first and second devices may independently from one another apply a function to the first and second values and may use a result of the function to secure and authenticate a communication channel between the first and second devices.

Abstract: A system and method for providing secure communication between a source and a destination that is secured by secret sharing, during a vulnerability window in which all secret shares are collected in one or more points along the communication paths. Accordingly, during the regular operation of the communication protocol, a common random secret OTP is created by sending random bits from the sender to the receiver and the source is allowed to perform bitwise XOR operation between the information to be sent and the common random secret OTP, prior to using secret sharing. The results of the bitwise XOR operation are sent to the destination using secret sharing and the destination reconstructs the random secret and decrypts the received data, using the common established random secret. The common random secret is based on polynomial randomization being transferred from the source to the destination using secret sharing.