Instructional Leadership, emphasis: K-12 School Leadership (MEd)
Wires that are connected to a computer.

Resilient Password Management System Using an Array of Addressable Physical Unclonable Functions (PUFs)


Description

Attacks from insiders able to divert databases of passwords are a major risk that cannot be resolved by hashing and salting schemes. The use of physical unclonable functions (PUFs) to convert the message digests into streams of responses is attractive because the databases cannot be exploited without controlling the PUFs. The objective of this invention is to offer a way to mitigate the potential failure of the PUFs, thereby enhancing the resilience of architecture. The hardware includes multiple PUFs which can be combined with the usage of multiple passwords to provide backdoor capabilities for ITS management systems in the case of a user forgetting their password. Furthermore, the cases in which a user operates in an insecure environment are also considered. This method does not decrease the throughput of the password management system.

Additional information

Patent number and inventor

17/231,914

Bertrand Cambou and Mohammad Mohammadi

Potential applications

This technology is designed for use with cryptographic systems and authentication methods.

Benefits and advantages

This is a resilient architecture system and method designed to provide a secure backup mechanism in the event of a failing PUF, and can support multiple PUFs and the creation of multiple databases.

Case number and licensing status

2020-030

This invention is available for licensing.