Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Protection at a particular protocol layer
Reexamination Certificate
1998-11-19
2001-07-17
Swann, Tod (Department: 2762)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Protection at a particular protocol layer
C713S153000, C713S155000, C713S156000, C713S159000, C380S259000, C380S264000, C380S282000, C380S286000, C705S056000, C705S064000, C705S065000, C705S066000, C705S067000, C705S073000
Reexamination Certificate
active
06263446
ABSTRACT:
BACKGROUND OF THE INVENTION
In networked computer deployments, users of client computers are required to authenticate themselves to server computers for applications such as electronic mail, accessing privileged or confidential information, purchasing goods or services, and many other electronic commerce transactions. When the information involved is of relatively low value, it may be sufficient for the user to authenticate himself with a simple password. However, when the information is of high value, or when the data network is unsecured, simple passwords are insufficient to control access effectively. For example, when computers are accessed across the Internet, passwords are easy to capture by filtering packets as they traverse the network. Alternatively, passwords can be guessed or “cracked” by intelligent trials, since passwords are often six or fewer characters. In brief, the convenience of passwords makes them easy to break—if they are sufficiently easy for the user to remember, they are sufficiently easy for the hacker to guess.
To overcome the insecurity of the password, alternative technologies have been developed. One such technology is asymmetric key cryptography. In this technology, each user has two keys, a private key and a public key. The user performs a cryptographic operation (e.g., an encryption or a digital signature) on a digital quantity using his private key, such that the quantity may be authenticated by a verifier having access only to the user's public key. The private key therefore serves as the user's authentication credential. That is, the verifier need not know the user's private key in order to authenticate the user. Because the public key may be widely disseminated while the private key remains confidential, strong authentication is provided with enhanced security. Private keys are generally too long and complex for the user to memorize, and are therefore usually stored in software or hardware tokens, and interfaced with computers prior to use.
One such software token is the so-called software wallet, in which the private key is encrypted with a password or other access-controlled datum. In such software wallets, an intruder is not deterred from repeatedly trying passwords, in an exhaustive manner, until he recovers the private key. This poses analogous security risks to the simple password schemes described above. In addition, the software wallet is stored on a user's computer, which may be inconvenient if the user needs to freely roam from one location to another.
In contrast to software wallets, hardware tokens such as smart cards are more secure, and can be conveniently carried as the user roams. In a typical hardware smart card, the private key is stored in hardware, and protected by a watchdog chip that allows the user to access the private key, should he enter the correct password that unlocks the smart card. The smart card can even be configured so that, if a hacker attempts to guess passwords, the card locks up after a small number of successive missed attempts. The disadvantages of hardware token are: (1) roaming is restricted to locations where the appropriate token reader hardware is installed; (2) hardware tokens are expensive in contrast to software tokens; (3) hardware tokens must be physically carried wherever the user wishes to roam; and (4) hardware tokens are often lost, misplaced, or stolen.
Thus, while hardware token systems offer increased security, they have several disadvantages compared to software based systems. It would, therefore, be desirable to have a system that combines the best features of both hardware and software based systems.
SUMMARY OF THE INVENTION
The present invention discloses a method and apparatus for the on-demand delivery of authentication credentials to roaming users. Credentials are stored, delivered and transmitted in software, obviating the need for additional hardware. In a basic embodiment of the system, a user can demand his credential at will, upon providing proof of identity in the form of shared secret(s) that he has previously escrowed with the credential server. The shared secret may be chosen by the user, and could be easily remembered secrets such as: mother's maiden name, third grade teacher, etc. The user will respond to challenges from the server via a challenge-response protocol, with the server demanding correct answers to such questions prior to releasing the user's credentials. In another embodiment of the invention, a user's authentication credential can be stored on the server protected by a simple shared secret scheme such as a password, a biometric authentication scheme based on a fingerprint or retinal image, or a one-to-one hashed shared secret. In yet another embodiment of the invention, the user interacts with the server via a cryptographically camouflaged challenge-response protocol. In particular, if the user responds correctly to the server's challenges, the user will receive his authentication credentials. However, if the user responds incorrectly, such as might be the case with a hacker trying to break the system, the user will receive plausible and well-formed but invalid credentials. Furthermore, the authentication credential itself could be encrypted or camouflaged with an additional secret that is known only to the user. An authentication credential is said to be in cryptographically camouflaged form when it is embedded among many pieces of similar (pseudo-valid) data. These data are sufficiently different that the user can locate the correct piece without any difficulty, using a shared secret that he can remember. However, the pieces of data are also sufficiently alike that an intruder will find all of them equally plausible. Such a cryptographically camouflaged authentication credential can be provided to the user in either camouflaged or decamouflaged form that is, the decamouflaging can be performed at either the credential server or at the user's computer. The various embodiments of the invention described above provide one or more or the following advantages: No additional hardware is required for deployment. This is in contrast with hardware tokens such as smart cards where cards and card readers need to deployed in a widespread fashion.
(1) High user convenience. Roaming users need not carry tokens with them, but can demand them as required.
(2) Low administrative overhead. Users who have lost, misplaced or forgotten tokens do not require administrative intervention.
(3) Rapid deployment rate. Soft credentials with roaming access can be deployed rapidly, since they are intuitive to use and require little user/administrator training.
(4) Enhanced security over purely one-factor systems.
REFERENCES:
patent: 3798605 (1974-03-01), Feistel
patent: 5148479 (1992-09-01), Bird et al.
patent: 5475756 (1995-12-01), Merritt
patent: 5491752 (1996-02-01), Kaufman et al.
patent: 5668876 (1997-09-01), Falk et al.
patent: 5689566 (1997-11-01), Nguyen
patent: 5757918 (1998-05-01), Hopkins
patent: 5764890 (1998-06-01), Glasser et al.
patent: 5778065 (1998-07-01), Hauser et al.
Kausik Balas Natarajan
Varadarajan Rammohan
Arcot Systems, Inc.
Callahan Paul E.
Skadden, Arps Slate Meagher & Flom LLP
Swann Tod
Yang Joseph
LandOfFree
Method and apparatus for secure distribution of... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method and apparatus for secure distribution of..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method and apparatus for secure distribution of... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2503916