Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Particular communication authentication technique
Reexamination Certificate
1999-03-04
2003-11-11
Barron, Gilberto (Department: 2132)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Particular communication authentication technique
C713S168000, C713S169000, C380S263000
Reexamination Certificate
active
06647493
ABSTRACT:
TECHNICAL FIELD
The present invention relates to a method and system for authentication and electronic signature.
BACKGROUND OF THE INVENTION
In the modern theory of cryptographic techniques, a fundamental part is played by systems and methodologies for authentication of the user (sender or recipient), or of the message, and of certification of the authenticity of the data (electronic signature), to protect the exchange of data on channels that are publicly accessible against active attacks aimed at detracting from the integrity of an original message, with the possibility of a non-authorized third party interacting directly with the sender and/or recipient parties. The purpose of these systems is to prevent a communication channel, which is mistakenly thought to be secure, from being used for unplanned or undesirable purposes (undesirable execution of transactions and drawing up of contracts, acts of intimidation, computer piracy or terrorism, or acquisition of selective access data, for example relating to payment).
A problem of this type is all the more serious, the more the mechanism for handling the data can be kept concealed from one party or the other: the extent of the damage caused by an active attack is far greater than that caused by a passive attack, in which the pirate user simply listens to, and deciphers data considered secret, and is transmitted in cryptographic form on a channel.
Furthermore, it has been found in the last few years that by using ever more powerful computing means or distributed computer resources, successful attacks have been made on the most powerful cryptography algorithms now in existence, such as DES, which until a few years ago were considered impossible to “crack”.
Within the context of known authentication systems, use is frequently made of “challenge and response” authentication methods that have a private key (secret-type cryptographic algorithm), which is known only to the two parties which want to communicate. In these methods, one of the two parties generates a random number, which is also supplied to the other party, both parties compute independently, and each uses its respective private key and the random number generated, and this code is then compared with the code calculated by the other party, to verify the authorization and access to specific resources and/or to authenticate a message sent with the acknowledgement code.
As is known, in an authentication system of this type, the security of the system itself, i.e., the probability of a pirate user finding the key that opens the entire system, once the authentication system is known to everyone, is associated with the following factors:
(1) secrecy of the key;
(2) statistical incidence of the key in the coded message, i.e., to what extent the statistical distribution of the symbols in the key can detract from the security of the system (this is the case of cryptographic systems in which the user is asked to select the cryptographic key; here there is a high probability that words which make complete sense will be used, with statistical incidence of each symbol that is typical of the language or vocabulary used, to the detriment of the security of the algorithm itself and the cryptographic key);
(3) pseudo-random distribution of the symbols in the coded text, i.e., index of coincidence of each symbol that is as small as possible, according to the Friedman test or K-test (the typical case of a cryptographic system which does not comply with this principle, and is therefore easy to attack, is Vigenere's cipher);
(4) statistical recurrence of the maps of correspondence between a text or portion of text written out in full, and the corresponding text in coded form.
SUMMARY OF THE INVENTION
The object of the invention is thus to provide a method of the challenge and response type that has an improved level of security compared with the known methods, as far as the above-described criteria (2)-(4) are concerned.
According to the present invention, a method, an integrated circuit, and a system for authentication and electronic signature are provided, as defined respectively in the claims.
REFERENCES:
patent: 5048086 (1991-09-01), Bianco et al.
patent: 5365589 (1994-11-01), Gutowitz
patent: 5479513 (1995-12-01), Protopopescu et al.
patent: 5696826 (1997-12-01), Gao
patent: 5841866 (1998-11-01), Bruwer et al.
patent: 5923760 (1999-07-01), Abarbanel et al.
patent: 5930364 (1999-07-01), Kim
patent: 6018582 (2000-01-01), Francois et al.
patent: 6078665 (2000-06-01), Anderson et al.
patent: 6178217 (2001-01-01), Defries et al.
patent: 09153014 (1997-06-01), None
Hopkins, “Transaction Incrementing Message Authentication Key,”IBM Technical Disclosure Bulletin, 26 (1):199-201, Jun. 1983.
Walker, “Security in Mobile and Cordless Telecommunications,”Proceedings of the Annual European Computer Conference on Computer Systems and Software Engineering, pp. 493-496, May 4, 1992.
Caponetto Riccardo
Cola Eusebio Di
Di Bernardo Giovanni
Occhipinti Luigi
Barron Gilberto
STMicroelectronics S.r.l.
Tarleton E. Russell
Zand Kambiz
LandOfFree
Method and system for authentication and electronic signature does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method and system for authentication and electronic signature, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method and system for authentication and electronic signature will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3161165