Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Particular communication authentication technique
Reexamination Certificate
1998-07-31
2001-01-09
Peeso, Thomas R. (Department: 2767)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Particular communication authentication technique
C713S168000, C713S171000, C713S182000, C713S152000, C380S255000, C380S278000, C380S283000
Reexamination Certificate
active
06173400
ABSTRACT:
FIELD OF THE INVENTION
The present invention relates generally to secure communications, and more particularly, to methods and systems for establishing a shared secret between devices connected over a communication medium using an authentication token to provide user authentication, data encryption, and integrity protection.
RELATED ART
Traditionally, network users simply enter a user name and a password to gain access to network resources and other users of the network. After entering a user name and password to gain access to the network, a user usually sends and receives data in the clear during the network session without any protective measures. That is, the data is sent over a communication channel “as-is” without any level of security protection. This traditional method of gaining access to and communicating over a network presents many problems with regard to the integrity of the network.
First, a user name and password only provides a minimal level of user authentication to access the network. If the password is simple (e.g., the user's birth date) a hacker can easily determine the user's password and access the network with this information assuming the user's name. Second, sending and receiving data in the clear makes the network susceptible to eavesdroppers. An eavesdropper can intercept data sent over a network communication channel and use it for improper purposes such as hijacking the user's session. Moreover, data sent in the clear is susceptible to malicious software that can modify the data (e.g., delete or change bits) or copy the data to a hidden peripheral (e.g., copy data to a remote storage device unknown to the user).
Many users currently rely on authentication tokens to provide an additional level of user authentication based on “something you have” (versus “something you know”, like a password). Authentication tokens are physical devices that people carry while passwords are simply remembered. There are a variety of authentication tokens currently available in the marketplace. These authentication tokens include time-synchronized authentication tokens, challenge-response authentication tokens, and smart cards.
A time-synchronized authentication token typically displays a different character string (i.e., password) at approximate, predetermined intervals of time (e.g., every minute). In this instance, for example, a server and token synchronize (within a predetermined tolerance) using the time of day in minutes to produce a character string (e.g., the time of day in minutes encrypted with a secret code known only to the token and the server). A user then enters the current character string displayed on the token into a workstation to authenticate the user to a server. The workstation sends the character string to the server in the clear. The server checks the character string against a list and then determines whether the character string could have been generated by the token in the last few minutes (to allow for delay in typing and transmission).
A challenge-response token is a device with a keypad, such as a card. Traditionally, when authenticating using this token, for example, the user first contacts a server which generates a challenge (e.g., a character string) and sends it to the user via a local computer. The user then enters the challenge into the token which processes the challenge and displays a response (e.g., another character string). The user sends the response to the server which checks the response against a predetermined character string value. If there is a match, the server grants the requested access.
A smart card is a device with a central processing unit (CPU) and memory. When inserted or positioned near a smart card reader, the card communicates with the reader to transfer data or perform desired functions. The smart card may have any shape. For instance, the smart card may have the shape of a credit card or a pendant worn on an article of clothing.
Any of the aforementioned authentication tokens may require an authentication code for operation. The activation code may be in the form of a personal identification number (PIN) or a biometric. For example, to operate a time-synchronized authentication token, a user may be required to enter in a character string or touch an area of the token with their thumb. With a challenge response token, an activation code may be required to activate the token before entering the challenge. Finally, certain smart cards may require a user to enter an activation code to “unlock” information stored therein (e.g., character string). Usually, after some number of wrong guesses, the card “locks” itself and will not permit access to stored information. If the information is accessible, the smart card reader can communicate it to a workstation to use for authentication purposes.
Typically, with time-synchronized authentication tokens, challenge-response authentication tokens, and smart cards, the character string values generated therein are transferred between a user's workstation and a remote computer in the clear. As a result, all communications between the user and the remote terminal become susceptible to hijackers and eavesdroppers who can easily decipher the unprotected code and intercept communicated information.
In conventional use, the only purpose for authentication tokens is user authentication. No session key—a quantity used to encrypt or decrypt information during a session—is established and therefore no integrity protection or confidentiality is provided for the session. In addition, there is no way for the client to know that it is talking to the correct server. The character string value generated by an authentication token usually contains less than 32 bits of significant information. This allows for an inexpensive display and avoids requiring users to enter long character strings. However, it makes the system more vulnerable to various attacks.
Shared secret key exchange protocols allow two computers with a shared secret to establish a stronger shared secret without risking attacks on the shared secret. The stronger shared secret may then be used to encrypt data exchanged between them. These protocols are commercially available and include the Bellovin-Merritt shared secret key exchange protocol and the Strong Password only Authentication Key Exchange (SPEKE). A description of several shared secret key exchange protocols is included in Kaufman, Perlman, and Speciner,
Network Security: Private Communication in a Public World,
Prentice Hall PTR (1995) (hereinafter “Network Security”). The Bellovin-Merritt protocol is discussed in Network Security, pp. 249-253 and described in U.S. Pat. No. 5,241,599. A discussion of SPEKE can be found in D. Jablon, “Strong Password only Authentication Key Exchange,”
Computer Communication Review,
ACM SIGCOMM, vol. 26, no. 5, pp. 5-26, October 1996. Shared secret key exchange protocols strengthen password-based systems by avoiding sending the password in the clear. Currently, shared secret key exchange protocols are not used with authentication tokens to enhance session security. Therefore, there is a need for a solution that involves both authentication tokens and shared secret key exchange protocols to provide adequate user authentication, data encryption, and integrity protection.
SUMMARY OF THE INVENTION
Based on the foregoing shortcomings, it is desirable to establish a shared secret between parties communicating over a network using an authentication token to provide adequate user authentication, data encryption, and integrity protection.
Methods and systems consistent with the present invention meet the foregoing desires. Specifically, a method for establishing a shared secret among a plurality of devices, comprises the steps of providing an authentication token; and utilizing the authentication token to establish a shared secret among the plurality of devices.
A system for establishing a shared secret among a plurality of devices comprises an authentication token; a local device; and a remote device, wherein the au
Hanna Stephen R.
Perlman Radia J.
Finnegan Henderson Farabow Garrett & Dunner L.L.P.
Peeso Thomas R.
Sun Microsystems Inc.
LandOfFree
Methods and systems for establishing a shared secret using... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Methods and systems for establishing a shared secret using..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Methods and systems for establishing a shared secret using... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2472009