Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Particular communication authentication technique
Reexamination Certificate
1999-02-04
2003-02-04
Smithers, Matthew (Department: 2134)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Particular communication authentication technique
C713S182000
Reexamination Certificate
active
06516413
ABSTRACT:
BACKGROUND OF THE INVENTION
1. Field of the Invention
This invention relates to a technique and methods for authenticating a user's access rights to digital data, services, and the like, by applying encryption and decryption.
2. Discussion of the Related Art
Methods with which to authenticate users' access rights can be largely divided into two types.
In the first type, an access right verifier possesses a list of users having an access right to an object(referred to as an access control list from hereinafter), The verifier, upon a user's request for access, examines if the user is included in the list, and determines his accessibility.
In the second type, a user possesses a data, or a “capability” that shows his access right to an object. When requesting for access, a user proves to an access right verifier that he holds a capability. The verifier determines the user's accessibility by examining whether or not the possession of the capability has been correctly proven.
There is a critical problem to the first type when the object to be accessed is such digital contents as digital data or an application program operated on a computer or the like.
Digital contents can easily be copied. Even when an access right to the original content can be authenticated, it is not possible to authenticate the access right to a copied digital content.
In order to solve this problem, it is possible to make the digital content, the access right verifier and the access control list inseparable so that the access right verifier and the access control list are copied when the digital content itself is copied. However, when an access control list to a content needs to be changed, it is almost impossible to change the access control lists of every copy of the content that have been distributed until then.
Using capabilities is a more appropriate and effective way for authentication of users' access rights to digital contents, but there is a problem with this method as well.
A capability is data representing a user's access right that can be copied. When a user, possessing a capability to a digital content makes a copy of his capability and provides it to a third person without a legitimate access right, it becomes possible for the third person to access to the content.
An apparatus for controlling access to digital data suggested in the Japanese Laid-Open Patent No.10-247905 by some of the inventors of the present invention aims to solve this problem. The apparatus consists of a proving apparatus to prove possession of a user's access right to a digital content and a verification apparatus to verify the result of the proving apparatus.
The proving apparatus possesses user identifying information which is not revealed, to the user. The capability to a digital content is masked using the user identifying information and handed out to each user as an “access ticket”.
The proving apparatus proves the capability of a user using the access ticket and the user identifying information. Access tickets are masked using a value unique to each user so that it is not possible for a third person to prove his capability with a copied access ticket.
The method as suggested in Japanese Laid-Open Patent No.10-247905 is a method that distributes capabilities to users while preventing illegal access by users' copying of capabilities.
The verification apparatus of this method possesses an encrypted digital content and an encrypted key K*(=K
E
mod n), which is obtained by encrypting the decryption key K of the digital content with an RSA(Rivest-Shamir-Adleman) modulo n and an encryption key E. The proving apparatus possesses such tamper-resistant hardware as an IC card that can perform modular exponentiation and calculate one-way Hash function f(x;y). User identifying information e is stored in the IC card.
A decryption key D correspondent to the RSA modulo n and the encryption key E represent a capability for access to a digital content.
An access ticket t is data with a value as shown in the following equation (1).
t=D−f
(
e;n
) (1)
The possession of a capability is proven if the proving apparatus can decrypt K* correctly and the verification apparatus can obtain the decryption key K of the digital content.
(1)The verification apparatus generates a random number r.
(2)The verification apparatus calculates C=r
E
K* mod n and sends n and C to the proving apparatus.
(3)The proving apparatus calculates R
1
=C
f(e;n)
mod n inside the IC card.
(4)The proving apparatus calculates R
2
=C
t
mod n.
(5)The proving apparatus calculates R=R
1
R
2
mod n and sends the result to the verification apparatus.
(6)The verification apparatus calculates r
−1
that satisfies the equation, r
−1
r≡1 mod n, then calculates K′=r
−1
R mod n.
If the above process is performed correctly, then the possession of the capability is proven since as shown in the following equation (2), K≡K′ mod n is obtained.
K
′
≡
r
-
1
R
≡
r
-
1
R
1
R
2
≡
r
-
1
C
f
(
e
;
n
)
C
t
≡
r
-
1
C
f
(
e
;
n
)
+
t
≡
r
-
1
C
D
≡
r
-
1
(
r
E
K
*
)
D
≡
r
-
1
(
r
E
K
E
)
D
≡
r
-
1
rK
≡
K
mod
n
(
2
)
With this method, if each user holds an IC card containing user identifying information e, then the access ticket necessary for access to a digital content will be different for each user. The possession of a capability cannot be proven using an access ticket of another user.
The problem with the above method is, however, that there is only a limited degree of flexibility when distributing capabilities.
Capability is represented here as a RSA decryption key D. The capability shows the possession of an access right to a digital content the RSA public key of which was used in calculating K* corresponds to D. Thus, it is required that the digital contents accessible with capability D
1
and the digital contents accessible with capability D
2
do not overlap. With capabilities having such a restriction, it is very difficult to distribute capabilities when the boundaries of the scope of digital contents accessible by each user are entangled in a complex manner.
For example, when:
(1) Set S
A
of digital contents accessible by user A is a subset of set S
B
of digital contents accessible by user B; or
(2) Set S
A
of digital contents accessible by user A and set S
B
of digital contents accessible by user B do not coincide but have an intersection which is not empty.
With the method as suggested above, it is not possible to express the access rights of user A with a single capability D
A
or the access rights of user B with a single capability D
B
. Instead, in example (1), capabilities need to be distributed in the following manner:
(1) A capability D
1
representing the access rights to S
A
; and
(2) A capability D
2
representing the access rights to S
B
−S
A
.
User A holds an access ticket of capability D
1
and user B holds access tickets for both capabilities D
1
and D
2
.
In example (2), the following three kinds of capabilities need to be distributed:
(1) A capability D
1
showing the access rights to S
A
∩S
B
;
(2) A capability D
2
showing the access rights to S
A
−S
B
; and
(3) A capability D
3
showing the access rights to S
B
−S
A
.
User A holds access tickets for capabilities D
1
and D
2
and user B holds access tickets for capabilities D
1
and D
3
.
When such a complicated relationship exists among a large number of users, one capability needs to be distributed for one digital content, with each user holding the same number of access tickets as the number of digital contents to which, he has rights to access. As the number of digital contents increases, the administration cost of the distributors
Aratani Toru
Kakehi Rumiko
Kyojima Masaki
Fuji 'Xerox Co., Ltd.
Smithers Matthew
LandOfFree
Apparatus and method for user authentication does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Apparatus and method for user authentication, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Apparatus and method for user authentication will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3142572