Cryptography – Particular algorithmic function encoding – Nbs/des algorithm
Patent
1996-04-26
1998-06-02
Barron, Jr., Gilberto
Cryptography
Particular algorithmic function encoding
Nbs/des algorithm
380 23, H04L 932
Patent
active
057613095
DESCRIPTION:
BRIEF SUMMARY
TECHNICAL FIELD
The present invention relates to an authentication system for identifying a user by network when the user intends to get network services.
BACKGROUND ART
In order to confirm that a user who requests network services or communications (hereinafter called as a network user) is a legitimate user, it is necessary at the network side to authenticate this user.
A prover is in general identified such that; person authenticating.
The information possessed only by the prover (1) can be classified to the following two information of; secret key, etc), and voiceprint, retina pattern, etc).
Authentication depending on the information based upon individual attribute (1-2) except for the holograph is now not appropriate for use in an authentication device via a network because of its low receptive capacity in society, its poor convenience, its poor identification ratio and a high manufacturing cost of the authentication apparatus. Therefore, in most cases, the information artificially provided (1-1) such as password, secret number or secret key are used as the information possessed only by the prover.
The information artificially provided (information inherent in user) can be classified, depending upon its storing way, to the following three methods of; number, etc), key, magnetic card, IC card, etc), and dispenser provided in a banking organ, etc).
Since the above classification is performed from a standpoint of an authentication system, a case wherein the user takes a note of his password or identification number to his memorandum will be classified to (1-1-1).
In a computer network, the above-mentioned method of storing information in mind of the user (1-1-1) is mainly utilized. However, according to this storing method (1-1-1), impersonation can be relatively easily performed by decoding or stealing the password or identification number and also, in most cases, this impersonation will not be found out by the person himself until he practically suffers damage. This is because the secret information according to this method (1-1-1) itself may be directly revealed, and thus leakage, stealing or wiretap of the password or of the identification number will be easily succeeded without consciousness of the user.
Contrary to this, according to the method of storing information in a storage possessed by the user (1-1-2), since the user can found out loss or stealing of his possessed storage and thus possible damage can be foreknown, the damage can be prevented from occurring by performing an adequate procedure against the loss or stealing. The storing method (1-1-3) combined by (1-1-1) and (1-1-2) will be effective so as to prevent illegality even if the possessed storage is stolen. Of course, however, the damage will not be prevented from occurring if the storage is forged without consciousness of the network and the user. Therefore, it is desired to use a storage which is difficult to forge. For this aim, an IC card with CPU (herein after called as a smart card) which will keep high confidentiality is the optimum.
The method of identifying by the verifier (2) can be substantially classified, depending upon what kind of information does the prover present to the verifier (network), to the following two methods of;
However, the method of presenting user's inherent information (2-1) has disadvantage of easily revealing his secret inherent information. In particular, if this method is combined with the aforementioned method of storing information in mind of user (1-1-1), there may be extremely dangerous for revealing the secret inherent information to public. The method of presenting a calculation result of the user's inherent information (2-2) may be classified in accordance with kinds of this calculation.
Anyway, the present invention relates to an authentication method of sharing secret user's inherent information between a prover (user) and a verifier (network), encrypting and decrypting the information at the user and the network, respectively, and then checking identification of the decrypted informat
REFERENCES:
patent: 5349643 (1994-09-01), Cox et al.
patent: 5495533 (1996-02-01), Linehan et al.
IEICE Technical Research Report, CS94-107, Sep. 1, 1994, pp. 105-110.
IEICE Technical Research Report, CS91-19, Jun. 26, 1991, pp. 15-22.
Ohashi Masayoshi
Suzuki Toshinori
Barron Jr. Gilberto
Kokusai Denshin Denwa Co. Ltd.
LandOfFree
Authentication system does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Authentication system, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Authentication system will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-1470256