A SYSTEM AND METHOD FOR CRYPTOGRAPHIC INTERACTIONS FOR AUTHENTICATION AND AUTHORIZATION USING OUT-OF-BAND INPUTS AND OUTPUTS

摘要

Cryptographic interactions for authentication and authorization is mediated by means of visual inputs (via camera) and outputs (graphical display) using visual channel as out-of-band (OOB) medium for cryptographic handshaking based on strong public-key protocols. The system comprising at least one out-of-band (OOB) channel which allows machine to machine and machine to user interaction using same input and output devices; and bidirectional actions which comprises at least one or both entities computing and transmitting action parameter at remote entity. The at least one out-of-band (OOB) channel is deployed for entirety of interaction sequences in different phases of the system which allows machine to machine and machine to user interaction that adopts visual codes of cryptographic parameters. The general methodology of the present invention comprising steps of initializing interaction between entities (202); computing action through ZK integration of commitment of entity credentials on challenge (204) upon obtaining password from user (206); encoding cryptographic codeword used in computing actions (208) into machine readable visual representation to be displayed (210); decoding received barcodes from other interacting entities (214) into internal representations (212); synchronizing computation on each entity (216); determining if outcome of computation is correct (218); presenting outcome as image-based visualization if computation is correct (222, 224); and transmitting said image-based visualization with equivalent computation of other entity (228) as perceptible images on visual outputs (232). Cryptographic interactions of the present invention fully utilize visual inputs and outputs capabilities without having requirement of additional hardware tokens, and without external connectivity or TTP (trusted third party) involvement provided trusted device associated with user of interest is capable of undertaking the necessary computations.