Abstract: A party can authenticate itself by interacting with multiple servers without revealing the shared secret to any of the involved parties. The stored shared secret is strengthened and broken into shares and saved on the servers. The shared secret is safe against offline brute force attack unless all servers where the shares are stored are compromised. The compromise of any single server, or multiple servers—but less than the maximum number—will not allow the attacker to do a brute force analysis on the shared secret. This back end security enhancement is suitable for probabilistic front end authentication algorithms.

Abstract: A party can authenticate itself by interacting with multiple servers without revealing the shared secret to any of the involved parties. The stored shared secret is strengthened and broken into shares and saved on the servers. The shared secret is safe against offline brute force attack unless all servers where the shares are stored are compromised. The compromise of any single server, or multiple servers—but less than the maximum number—will not allow the attacker to do a brute force analysis on the shared secret. This back end security enhancement is suitable for probabilistic front end authentication algorithms.

Abstract: An interactive method for authentication is based on two shared secrets, both shared secrets in the form of an ordered path on the frame of reference. An instance of the frame of reference comprises a set of characters which is arranged in a random or other irregular pattern. The first step of authentication that a user performs requires the user to remember one or all of the characters in the displayed instance of the frame of reference found in the locations in the random subset of the first ordered path by indicating characters either in these locations, or any other locations having the same characters. The second step of authentication requires that a user enter the position of the second ordered path, which only they know during an authentication session, where the challenge identifying the position of the ordered path is the single or multiple values that matches the value of the digital content of the frame of reference.

Abstract: An interactive method for authentication is based on a shared secret which is in the form of an enumerated pattern of fields on a frame of reference. An instance of the frame of reference comprises an array of characters in which the characters are arranged in a random or other irregular pattern on a grid of content fields. An authentication challenge includes characters from the character set, and is delivered in- or out-of-band. The authentication response includes the enumerated position numbers on the enumerated pattern of the field locations on the grid at which the challenge characters are found.

Abstract: An interactive method for authentication is based on two shared secrets, both shared secrets in the form of an ordered path on the frame of reference. An instance of the frame of reference comprises a set of characters which is arranged in a random or other irregular pattern. The first step of authentication that a user performs requires the user to remember one or all of the characters in the displayed instance of the frame of reference found in the locations in the random subset of the first ordered path by indicating characters either in these locations, or any other locations having the same characters. The second step of authentication requires that a user enter the position of the second ordered path, which only they know during an authentication session, where the challenge identifying the position of the ordered path is the single or multiple values that matches the value of the digital content of the frame of reference.

Abstract: An interactive method for authentication is based on a shared secret which is in the form of an enumerated pattern of fields on a frame of reference. An instance of the frame of reference comprises an array of characters in which the characters are arranged in a random or other irregular pattern on a grid of content fields. An authentication challenge includes characters from the character set, and is delivered in- or out-of-band. The authentication response includes the enumerated position numbers on the enumerated pattern of the field locations on the grid at which the challenge characters are found.

Abstract: Two parties can establish a cryptographic key using a matrix based key exchange protocol, for secure communications without any prior distribution of secret keys or other secret data, and without revealing said key to any third party who may have access to all of the transmissions between them. The two parties use a shared secret to produce a common matrix M. The common matrix M, is multiplied by a random matrix K on the sending side, and a different random matrix N on the receiving side. The matrix product KM is sent from the sending side to the receiving side, and the matrix product MN is sent from the receiving side to the sending side. Both sides produce the common matrix product KMN, and use it for producing a symmetric key for encrypted communications, after mutually authenticating one another over an insecure network.

Abstract: Two parties can establish a cryptographic key using a matrix based key exchange protocol, for secure communications without any prior distribution of secret keys or other secret data, and without revealing said key to any third party who may have access to all of the transmissions between them. A common matrix M, shared in advance, is multiplied by a random matrix K on the sending side, and a different random matrix N on the receiving side. The matrix product KM is sent from the sending side to the receiving side, and the matrix product MN is sent from the receiving side to the sending side. Both sides produce the common matrix product KMN, and use it for producing a symmetric key for encrypted communications.

Abstract: Two parties can establish a cryptographic key using a matrix based key exchange protocol, for secure communications without any prior distribution of secret keys or other secret data, and without revealing said key to any third party who may have access to all of the transmissions between them. The two parties use a shared secret to produce a common matrix M. The common matrix M, is multiplied by a random matrix K on the sending side, and a different random matrix N on the receiving side. The matrix product KM is sent from the sending side to the receiving side, and the matrix product MN is sent from the receiving side to the sending side. Both sides produce the common matrix product KMN, and use it for producing a symmetric key for encrypted communications, after mutually authenticating one another over an insecure network.

Abstract: Two parties can establish a cryptographic key using a matrix based key exchange protocol, for secure communications without any prior distribution of secret keys or other secret data, and without revealing said key to any third party who may have access to all of the transmissions between them. A common matrix M, shared in advance, is multiplied by a random matrix K on the sending side, and a different random matrix N on the receiving side. The matrix product KM is sent from the sending side to the receiving side, and the matrix product MN is sent from the receiving side to the sending side. Both sides produce the common matrix product KMN, and use it for producing a symmetric key for encrypted communications.

Abstract: One aspect of the invention is a method for ensuring consistency of a group, which for example, includes receiving a first list that identifies objects in the group, and gathering for at least one attribute, the value of the attribute for each object in the first list. The first list, and the attribute values gathered in the gathering operation, are stored to create a first snapshot. This example also includes receiving a second list that identifies objects that are in the group after at least part of a task is performed, and the value after at least part of the task is performed of the at least one attribute for each object identified in the second list. The second list and the received attribute values are stored to create a second snapshot, which is compared with the first snapshot.