Password Management with Addressable Physically Unclonable Function (PUF) Generators
Description
This technology is a continuation of physically unclonable function (PUF) password generation schemes. The objective of this novel password management protocol is to mitigate attacks on cyber-physical systems, such as the hacking of databases with user ID and password pairs and side-channel analysis. The architecture is based on the use of an addressable PUF generator (APG) to authenticate clients on the network without keeping passwords in memory or the hashing of passwords. APGs are more difficult to attack than look-up tables because they are unclonable, contain a high degree of randomness, and do not store information.
Additional information
Patent number and inventor
16/415,235
Bertrand Cambou
Potential applications
This technology is designed for use with password managers, cryptographic systems, and authentication methods.
Benefits and advantages
This technology provides additional lines of cybersecurity defense. Password databases, message databases, and message digests are replaced with the use of PUFs to protect password management systems. Password managers are exposed to insider attacks, which this technology reduces the risk of by hiding both the passwords and user IDs.
Case number and licensing status
2018-039
This invention is available for licensing.