SAN JOSE, CA--(Marketwired - Oct 10, 2017) - SPYRUS, Inc. today announced the issuance of US patent 9,742,561 for remote authenticated logon of a computing device via shares of a secret that are delivered over a network. SPYRUS uses the Shamir mathematical algorithm to create and distribute among servers secret shares whereby a defined minimum number of shares is required to be collected in order to reconstruct and activate the secret key over the network. Subsequent to logon, the secret key can also be used as an index to unique attributes incorporating parameters such as geolocation, domain, biometrics, and even platform device characteristics.
Intellectual property covered by the '561 patent provides major security protection advantages over other remote computer device authentication schemes because it does not require the use or storage of passcodes or tokens anywhere in the system. By using the Shamir secret sharing algorithm, and preprovisioning servers, authentication for secure device boot-up or log-on can be facilitated by broadcast self-discovery protocols that do not require server addresses. Since there is no need for passcode, biometric, or token repositories or sign-on credentials, a major target for stolen credential and password security breaches is removed from the system, also permitting computing platforms to be "headless" and placed in difficult or hostile environments since the system does not require human intervention. The '561 patent is also applicable to cloud based identity management, whereby biometric enrollment, authentication, and even the fulfillment of credentials can benefit from the significantly enhanced security. Disaggregating the biometric template into two or more shares via a distributed network mitigates threats due to tampering.
The '561 patent joins the ever growing repertoire of SPYRUS patents relevant to the connected universe, including the recently announced US Patents 7,356,692, "Method and system for enforcing access to a computing resource using a Licensing Attribute Certificate" and 9,521,123 for Secure File Encryption. SPYRUS' IP portfolio is complemented by the company's recent addition to Microsoft Azure Certified for Internet of Things (IoT), ensuring customers get secure IoT solutions up and running quickly with hardware and software that has been pre-tested and verified to work with Microsoft Azure IoT services.
"Hackers accompanied by continued evolution in malware have increased the attack surface in cyberspace to become increasingly successful at penetrating secrets-based systems," said Tom Dickens, SPYRUS COO. "In conjunction with our repertoire of encryption products, SPYRUS Intellectual Property creates a compelling ensemble with utility in the Internet of Things, cloud based IDaM systems, and mission critical applications such as telematics, payment systems, and wearable computing. Made in the USA, all SPYRUS products are FIPS 140-2 Level 3, verified by NIST, and employ the highest level of military grade security functions available in a non-classified commercial environment."