WO2001013201A2 - Peer-to-peer network user authentication protocol - Google Patents

Peer-to-peer network user authentication protocol Download PDF

Info

Publication number
WO2001013201A2
WO2001013201A2 PCT/US2000/021965 US0021965W WO0113201A2 WO 2001013201 A2 WO2001013201 A2 WO 2001013201A2 US 0021965 W US0021965 W US 0021965W WO 0113201 A2 WO0113201 A2 WO 0113201A2
Authority
WO
WIPO (PCT)
Prior art keywords
user
terminal
authentication
encrypted
message
Prior art date
Application number
PCT/US2000/021965
Other languages
French (fr)
Other versions
WO2001013201A3 (en
Inventor
Harvey Waldman
Original Assignee
Sarnoff Corporation
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Sarnoff Corporation filed Critical Sarnoff Corporation
Priority to EP00952730A priority Critical patent/EP1203479A2/en
Priority to JP2001517237A priority patent/JP2003529126A/en
Priority to AU65374/00A priority patent/AU6537400A/en
Priority to KR1020027001769A priority patent/KR20020021404A/en
Publication of WO2001013201A2 publication Critical patent/WO2001013201A2/en
Publication of WO2001013201A3 publication Critical patent/WO2001013201A3/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/104Peer-to-peer [P2P] networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/80Wireless

Definitions

  • the present invention relates to computer networks and, in particular, to systems and methods for authentication of users seeking access to the network.
  • Computer networks are widely used. These include private networks such as local-area networks (“LANs”), wide-area networks (“WANs”), and the Internet.
  • the network consists of a variety of nodes, interconnected by transmission media. Some nodes may be terminals and/or personal computers ("PCs") by which a user gains access to the network. Other network nodes are functional units such as routers, servers, and the like.
  • Various communications media are used to interconnect the nodes of a network, such as fiber-optic cables, Integrated Services Digital Network (“ISDN”), wireless links, and the like.
  • ISDN Integrated Services Digital Network
  • various nodes of a networked computer system may be connected through a variety of communication media.
  • a given private network is typically maintained and operated by a specific company, where access to the networkis limited to authorized users.
  • networks are often configured to "authenticate" a user attempting to access the network, to ensure that the user is an authorized user.
  • the authentication procedure is thus designed to ensure that only authorized (authenticated) users are allowed to access the network.
  • the simplest form of authentication requires a username or user ID, and password to gain access to a particular account.
  • Authentication protocols can also be based on secret-key encryption or on public-key systems using digital signatures.
  • users are required to be periodically re-authenticatedto retain network access.
  • the authentication process authenticates an authorized user.
  • the outcome of the authentication can be said to be successful if the user is successfully authenticated, i.e. authorized to access the network.
  • the authentication fails if the user is not granted authorization to access the network.
  • authentication procedures may be subject to infiltration by unauthorized users, or other forms of "attack".
  • the attack may permit substitute or false information to be inserted into the network, or delivered from the network, or it may otherwise permit the unauthorized user to gain access to the network, further allowing them to perform a range of hostile acts.
  • authentication information resides in the memory of a network terminal, whether mobile, wireless, or fixed, it may be possible for an unauthorized user to attack the memory to acquire the authentication information, and thus access to the system.
  • a network with mobile users i.e., wireless, mobile terminals
  • the terminal memory may be attacked.
  • the hacker acquires authentication information stored in the memory of the terminal, this may be used togain unauthorized access of the network.
  • some networks and authentication procedures are vulnerable to so-called "man-in-the-middle" attacks.
  • an unauthorized user interferes with the initial public key exchange, by intercepting the very first message to a new correspondent (e.g., from the terminal to some authentication server of the network) and substituting a bogus public key for the genuine public key.
  • a "self-forming" or peer-to-peer type network is often used.
  • all users are peers and there is no central network controller. Rather, every computer (node) can share files and peripherals with all other computers on the network, given that all are granted access privileges.
  • authentication information is distributed to many terminals in the network and any terminal may be called on to authenticate a user. Since the authentication database is distributed, it is subject to a wider range of attacks than a network where there is a well-protected central authentication site. There is, therefore, a need for improved authentication systems and techniques which do not suffer the foregoing disadvantages and problems. Summary
  • a method for authenticating a user In a peer-to-peer network having a plurality of user terminals, each capable of serving as a user authentication site for other terminals of the network and having an open side of a firewall and a secure side of the firewall, a method for authenticating a user.
  • a user authentication database is stored in memories in the secure side of first and second terminals of the network.
  • the first terminal receives a password from the user, and translates the password into an authentication encryption key for the user.
  • the first terminal generates a first random number, encrypts the first random number with the authentication encryption key to provide a first encrypted message, and transmits the first encrypted message to the second terminal, which serves as a user authentication site for the first terminal.
  • the user authentication site decrypts the encrypted first message to provide the first random number, and generates a second random number, which is transmitted to the first terminal.
  • the first terminal combines and encrypts the first and second random numbers, with the authentication encryption key, to provide a second encrypted message.
  • the first terminal transmits the second encrypted message to the user authentication site, which decrypts the encrypted second message to provide the combined first and second random numbers.
  • the user authentication site verifies that the first and second random numbers are correct, and authenticates the user in accordance with this verification.
  • FIG. 1 is a block diagram of a computer network in accordance with an embodiment of the present invention.
  • Fig. 2 is a flow chart illustrating the authentication protocol of the network of Fig. 1, in accordance with an embodiment of the present invention. Description of the Preferred Embodiment
  • the present invention provides an authentication protocol designed to prevent unauthorized entities from gaining access to a peer-to-peer network either by obtaining authentication information through communications attack or by gaining access to a network terminal.
  • only information personally retained by an authorized user may be used for authentication.
  • the network is a peer-to-peer network
  • multiple terminals must store a user authentication database which is distributed throughout the network. Some terminals of the network thus can double as a user terminal and as a user authentication site for another terminal.
  • the authentication protocol of the present invention protects against an unauthorized user gaining access through a terminal, despite the authentication information stored on the terminal.
  • the authentication protocol of the present invention is not susceptible to a man-in- the-middle attack. Referring now to Fig.
  • Network 100 includes a first user terminal 110, and a user authentication site 120, interconnected by a communications or transmission channel 125, which may be a LAN, fiber optic, wireless, or other digital communications means.
  • User terminal 110 maybe a PC at a fixed location, a remote PC connected to authentication site 120 by a telephone or other link, or a mobile unit connected by a wireless link.
  • Terminal 110 contains a processor 117 and memory 112 which stores a local copy of a distributed user authentication database.
  • User authentication site 120 may be another user terminal, or a dedicated piece of hardware, a PC, or even a site manned by human operators.
  • network 100 comprises a plurality of user terminals which can also perform user authentication for other user terminals.
  • Network 100 may also contain dedicated user terminals that cannot provide user authentication, and dedicated user authentication sites that are not user terminals.
  • Each authorized user of network 100 is assigned a unique password, and an authentication encryption and decryption key pair.
  • a given user's authentication encryption key is the outcome of applying a specified encryption-key generation algorithm to the user's password.
  • the user's authentication decryption key is the key that can decrypt messages encrypted using the user's authentication encryption key. These keys are used only for authentication and no other purpose, such as data encryption/decryption.
  • User authentication information for all authorized users of the network is maintained in a distributed user authentication database, which is distributed among and stored on several user terminals of network 100, such as terminals 110, 120.
  • the database contains authentication information for each user, such as the user's authentication encryption and decryption keys, password, and other information about the user, such as the user's security clearance, authority to access the network (access authority).
  • each user may also have a Smart Card with personal information pre-encrypted with the user's individual authentication encryption key.
  • Each user may also have health sensors mounted on his body, for additional security.
  • every user terminal that can perform authentication for other terminals stores a local copy of the user authentication database.
  • This database is stored in a memory 112, 122 on the secure side 114, 124 of a firewall 111, 121.
  • All terminals of network 100 such as terminals 110, 120, have a firewall (e.g., Ill) where the user enters and receives data from the open side 113 and all authentication information is on the secure side 114.
  • each terminal 110 may serve as a relay for network traffic for other terminals, the transmitter, receiver, and all network traffic are on the secure side.
  • the terminal's secure side is protected against both physical and software attacks.
  • the local copy of the distributed user authentication database stored in each terminal's memory 112 are all present and potential users' individual authentication encryption and decryption keys, which are used only for authentication, and for no other purpose.
  • the distributed user authentication database is maintained autonomously by the secure side of the network 100. Any terminal with a user authentication database can serve as a user authentication site for one or more other terminals.
  • the second user terminal can serve as a user authentication site 120 for first user terminal 110, which itself can serve as a user authentication site for terminal 120 or other terminals of network 100.
  • Each user terminal has a means of translating the user's password to the user's individual encryption key.
  • user terminal 110 contains processor 117 and the above-mentioned encryption-key generation algorithm.
  • User terminal 110 also has the ability to generate random numbers, and to encrypta given message with the user's individual authentication encryption key.
  • terminal 110 can run the encryption-key generation algorithm using the password as input, to generate the user's authentication encryption key. It can then generate a random number and use the authentication encryption key to encrypt the random number, to provide an encrypted random number (which is also a random number).
  • the password, random number, authentication encryption key, encrypted messages, and received messages can be stored by terminal 110 temporarily in memory 112.
  • a terminal 110 can be equipped with sensors to read and transmit the user's Smart Card information, health sensors, and/or an iris recognition device, for additional security.
  • a terminal only grants access to a user who inserts his smart card and then enters the appropriate user ID and password.
  • the user's password and smart card data are the only authentication data that may pass through the firewall. Terminal access is denied if the user is de- authenticated by any user authentication site.
  • Terminals of network 100 are configured such that only certain specially-designated users have read/write access to the user authentication database stored in the terminal's memory 112.
  • each soldier of a squad may have a wireless, mobile user terminal 110, and a designated communications expert of the squad may be designated as having the authority to have read and/or read/write access to the database in memory 112 of his user terminal. Other soldiers are not designated.
  • the user authentication database stored in a terminal's memory is destroyed (e.g., the memory is erased) under certain conditions, for example where a non-designated user attempts to access the database, or where a suspicious or non-standard attempt is made to access the database.
  • the database may also be destroyed if the terminal detects a physical attack, e.g. opening the physical case of the terminal.
  • a terminal's user is de-authenticated (fails an authentication process)
  • the user authentication database residing in that terminal's memory 112 is destroyed.
  • the user/terminal detachment procedure may specify that the user has to first enter a detachment code, then log off, and then remove his smart card from a smart card port in the terminal 110. If terminal 110 detects detachment without the detachment procedure being followed, it destroys the user authentication database in memory 112. During use, each terminal 110 is connected to the network and permits the authenticated user to access the network.
  • users are required to wear health sensors and the terminal contains health sensor detectors that continually or periodically monitor the user's health.
  • the user terminal 110 detects that the user is unable to conduct a terminal session, based on status from the health sensors (e.g. the user has been killed), this information is transmitted to the user authentication site 120 and the latter withdraws authentication.
  • terminal 110 directly withdraws authentication and/or removes itself from the network 100.
  • the user's health sensors in order to maintain terminal and network access, the user's health sensors must indicate to terminal 110 that the user is alive.
  • the terminal 110 detects this, de-authenticates the user, and automatically transmits this information to other user authentication sites to update the user authentication database.
  • user terminals must also store user authentication database so they can function as user authentication sites.
  • each terminal places all authentication information behind a firewall and does not in general permit its user to access this database.
  • a user cannot be authenticated by his terminal. He can only be authenticated by one or more other terminals.
  • user terminal 110 requests another terminal, e.g. terminal 120, to serve as a user authentication site.
  • re-authentication of all users is conducted periodically. For example, after some time, terminal 120 or another terminal may notice, e.g. from inspecting its own local copy of user the authentication database, that a time out period has elapsed since the user of terminal 110 has last been authenticated. It can then initiate the next scheduled re- authentication.
  • a re-authentication procedure may also be initiated by any terminal if it suspects that another user has been killed or captured or another terminal has been captured. Also, in an embodiment, if a terminal is detached from its user, even according to the detachment protocol, it removes itself from the network for further security.
  • a user initiates access of a user terminal 110 (step 201).
  • authentication site 120 notifies user terminal 110 to re-authenticate the user (step 203).
  • Authentication site 120 may also initiate re-authentication if it suspects that the user of terminal 110 has been killed or captured or that terminal 110 has been captured.
  • Terminal 110 then notifies the user to enter a user ID and password, for example within a given time period (step 205).
  • step 205 may involve issuing an Authentication Warning to the user, which may be in the form of a visual, auditory, or skin sensation message. Also, in the case of re-authentication in which the user is currently engaged in a session, the terminal 110 may still have user ID stored, in which case it need only prompt the user for the password.
  • the user in the case of authentication of a new user, the user must first insert his smart card into terminal 110.
  • the user In the case of re- authentication of a currently-authenticated user, the user is already logged onto his terminal 110 with his smart card in place. In this embodiment, the smart card must be in place and the information thereon read and verified in order to continue with or maintain authentication.
  • the authentication protocol of the present invention does not require a smart card.
  • the user presumably will only have a password if he is an authorized user. In this case, the authorized user enters his user ID and password (step 207), within a specified timeout period if this is required in step 205.
  • Terminal 110 then generates the user's authentication encryption key by translating the password into this key with the encryption-key generation algorithm (209). Thus, the user need not ever possess or even know his authentication encryption key, but only his password (and ID).
  • Terminal 110 also generates a first random number (step 211), and then encrypts this random number using the user's authentication encryption key (step 213).
  • the user terminal then notifies the user authentication site 120 of the user's identity and transmits the encrypted random number to user authentication site 120 (step 215).
  • the authentication site is notified of the user's identity by transmitting the user ID to the authentication site.
  • the user ID is preferably first encrypted with the user's authentication encryption key and then the encrypted ID is transmitted to authentication site 120.
  • Authentication site 120 can then exhaustively decrypt the received encrypted message, with every possible authentication decryption key, until there is produced a user ID which matches a valid user ID of the network (and which also matches the user ID of the decryption key used to successfully decrypt the message). Thus, once authentication site 120 has successfully decrypted the user ID message, it knows the user ID and thus which authentication decryption key to use to decrypt subsequent encrypted messages transmitted during the authentication process.
  • the user terminal 10 ID is also encrypted and transmitted to authentication site 120 along with the user ID.
  • the encrypting and sending of the user ID can be skipped; or, for convenience and simplicity, it can still be transmitted, but the authentication site 120 can in this case simply use the already- determined decryption key to decrypt the encrypted user ID, rather than perform an exhaustive decryption.
  • authentication site 120 After decrypting the encrypted user ID message, authentication site 120 receives the encrypted first random number. User authentication site 120 decrypts this message with the particular user's authentication decryption key, to provide the original first random number (step 217). User authentication site 120 then generates a second random number, and transmits it to user terminal 110 (step 219). In an alternative embodiment, an encrypted version of the second random number is transmitted to user terminal 110, in which a second encryption/decryption key pair is utilized.
  • user authentication site 120 knows the identity of the user and/or his password, that user's authentication encryption/decryption keys (or at least the decryption key), and the first and second random numbers.
  • the user terminal 110 only temporarily, during the authentication process, stores the user's password and authentication encryption key. After receiving the second random number from authentication site
  • the user's terminal 110 combines and encrypts both random numbers with the user's authentication encryption key and transmits this message to the user authentication site (step 221).
  • the two random numbers may be combined in a variety of specified ways, e.g. adding, subtracting, multiplying, concatenating strings, and so forth, so long as the technique used by user terminal 110 is known to user authentication site 120.
  • the combining technique used is preferably set apriori and specified as part of the authentication protocol of the present invention.
  • the user authentication site 120 thus receives an encrypted message, which is an encrypted version of the combined two random numbers, and decrypts this message using the user's authentication decryption key. Authentication site 120 then verifies that both random numbers are correct.
  • authentication site 120 knows the identity of the user attempting to gain access. If the user's identify and access authority permit network access, authentication site 120 authenticates the user by transmittingthe appropriate authentication message to terminal 110 and allowing network resources to be used by the user from user terminal 110, in accordance with the user's level of access authority (step 223). If the user is a new user, he is authenticated, or denied access if the authentication fails. In the case of re- authentication, the user is re-authenticated, or authentication is withdrawn if the authentication fails. If the user is authenticated, and new transport and message keys are required, a new method of obtaining them from the terminal's clock is sent to terminal 110.
  • the user authentication site indicates to all other users on the network that he is de-authenticated and all communications to and from him are terminated. Terminal access is also denied.
  • the distributed user authentication database is updated to indicate the de-authentication, and every local copy is updated accordingly as the update is distributed through the network.
  • user authentication site 120 may also query user terminal 110 for Smart Card information, the status of the user's health, and/or iris recognition information. This information may be used for additional security by authentication site 120, in step 223, in verifying the user's identity and ability to conduct a terminal session. Whether authentication fails or is successful, the user terminal 110 in both cases erases the user's password and authentication encryption key from its memory 112 immediately after the authentication process is completed (step 225), for extra security, even though the memory 112 maintains a copy of the entire user authentication database.
  • the term "user” as used herein refers to a person either attempting to gain access, or already having access, to the network 100 via a user terminal 110.
  • a prospective user as well as one already authorized by an authentication process is a user.
  • the authentication protocol of the present invention is not vulnerable to a man-in-the-middle attack. Further, authentication data security is attained by not permitting individual terminal users to access the authentication information residing on the secure side of any user terminal 110. Having another terminal, e.g. user authentication site 120, control access to user terminal 110 attains terminal access and security. It will be understood that various changes in the details, materials, and arrangements of the parts which have been described and illustrated above in order to explain the nature of this invention may be made by those skilled in the art without departing from the principle and scope of the invention as recited in the following claims.

Abstract

In a peer-to-peer network having a plurality of user terminals, each capable of serving as a user authentication site for other terminals of the network and having an open side of a firewall and a secure side of the firewall, a method for authenticating a user. A user authentication database is stored in memories in the secure side of first and second terminals of the network. The first terminal receives a password from the user, and translates the password into an authentication encryption key for the user. The first terminal generates a first random number, encrypts the first random number with the authentication encryption key to provide a first encrypted message, and transmits the first encrypted message to the second terminal, which serves as a user authentication site for the first terminal. The user authentication site decrypts the encrypted first message to provide the first random number, and generates a second random number, which is transmitted to the first terminal. The first terminal combines and encrypts the first and second random numbers, with the authentication encryption key, to provide a second encrypted message. The first terminal transmits the second encrypted message to the user authentication site, which decrypts the encrypted second message to provide the combined first and second random numbers. The user authentication site verifies that the first and second random numbers are correct, and authenticates the user in accordance with this verification.

Description

PFFR TO-PFFR NETWORK USER AUTHJENTICATION PROTOCOL
CROSS-REFERENCES TO RELATED APPLICATIONS This nonprovisional U.S. national application, filed under 35 U.S.C.
§ 111(a), claims, under 37 C.F.R. § 1.78(a)(3), the benefit of the filing date of provisional U.S. national application no. 60/148,624, attorney docket no. SAR13431P, filed on 08/12/99 under 35 U.S.C. § 111(b), the entirety of which is incorporated herein by reference. Government Interests
This invention was at least partially supported by U.S. Army CECOM Government Contract No. DAAB07-97-C-D607. The government may have certain rights in this invention.
BACKGROUND OF THE INVENTION Field of the Invention
The present invention relates to computer networks and, in particular, to systems and methods for authentication of users seeking access to the network.
Description of the Related Art Computer networks are widely used. These include private networks such as local-area networks ("LANs"), wide-area networks ("WANs"), and the Internet. The network consists of a variety of nodes, interconnected by transmission media. Some nodes may be terminals and/or personal computers ("PCs") by which a user gains access to the network. Other network nodes are functional units such as routers, servers, and the like. Various communications media are used to interconnect the nodes of a network, such as fiber-optic cables, Integrated Services Digital Network ("ISDN"), wireless links, and the like. As will be understood, various nodes of a networked computer system may be connected through a variety of communication media.
A given private network is typically maintained and operated by a specific company, where access to the networkis limited to authorized users.
In order to limit access to authorized users, networks are often configured to "authenticate" a user attempting to access the network, to ensure that the user is an authorized user. The authentication procedure is thus designed to ensure that only authorized (authenticated) users are allowed to access the network. The simplest form of authentication requires a username or user ID, and password to gain access to a particular account. Authentication protocols can also be based on secret-key encryption or on public-key systems using digital signatures. In some networks, in order to maintain network access control, users are required to be periodically re-authenticatedto retain network access. The authentication process authenticates an authorized user. The outcome of the authentication can be said to be successful if the user is successfully authenticated, i.e. authorized to access the network. The authentication fails if the user is not granted authorization to access the network.
Conventional authentication procedures, however, may be subject to infiltration by unauthorized users, or other forms of "attack". The attack may permit substitute or false information to be inserted into the network, or delivered from the network, or it may otherwise permit the unauthorized user to gain access to the network, further allowing them to perform a range of hostile acts. If authentication information resides in the memory of a network terminal, whether mobile, wireless, or fixed, it may be possible for an unauthorized user to attack the memory to acquire the authentication information, and thus access to the system.
For example, in a network with mobile users (i.e., wireless, mobile terminals), there may be opportunity for user terminals to fall into unauthorized hands in which the terminal memory may be attacked. If the hacker acquires authentication information stored in the memory of the terminal, this may be used togain unauthorized access of the network. Also, some networks and authentication procedures are vulnerable to so-called "man-in-the-middle" attacks. In this kind of an attack, an unauthorized user interferes with the initial public key exchange, by intercepting the very first message to a new correspondent (e.g., from the terminal to some authentication server of the network) and substituting a bogus public key for the genuine public key.
A "self-forming" or peer-to-peer type network is often used. In such a network, all users are peers and there is no central network controller. Rather, every computer (node) can share files and peripherals with all other computers on the network, given that all are granted access privileges. In such a network, because there is no dedicated, central network controller, authentication information is distributed to many terminals in the network and any terminal may be called on to authenticate a user. Since the authentication database is distributed, it is subject to a wider range of attacks than a network where there is a well-protected central authentication site. There is, therefore, a need for improved authentication systems and techniques which do not suffer the foregoing disadvantages and problems. Summary
In a peer-to-peer network having a plurality of user terminals, each capable of serving as a user authentication site for other terminals of the network and having an open side of a firewall and a secure side of the firewall, a method for authenticating a user. A user authentication database is stored in memories in the secure side of first and second terminals of the network. The first terminal receives a password from the user, and translates the password into an authentication encryption key for the user.
The first terminal generates a first random number, encrypts the first random number with the authentication encryption key to provide a first encrypted message, and transmits the first encrypted message to the second terminal, which serves as a user authentication site for the first terminal.
The user authentication site decrypts the encrypted first message to provide the first random number, and generates a second random number, which is transmitted to the first terminal. The first terminal combines and encrypts the first and second random numbers, with the authentication encryption key, to provide a second encrypted message. The first terminal transmits the second encrypted message to the user authentication site, which decrypts the encrypted second message to provide the combined first and second random numbers. The user authentication site verifies that the first and second random numbers are correct, and authenticates the user in accordance with this verification. Brief Description of the Drawings
These and other features, aspects, and advantages of the present invention will become more fully apparent from the following description, appended claims, and accompanying drawings in which: Fig. 1 is a block diagram of a computer network in accordance with an embodiment of the present invention; and
Fig. 2 is a flow chart illustrating the authentication protocol of the network of Fig. 1, in accordance with an embodiment of the present invention. Description of the Preferred Embodiment
The present invention provides an authentication protocol designed to prevent unauthorized entities from gaining access to a peer-to-peer network either by obtaining authentication information through communications attack or by gaining access to a network terminal. In the present invention, only information personally retained by an authorized user may be used for authentication. Because the network is a peer-to-peer network, multiple terminals must store a user authentication database which is distributed throughout the network. Some terminals of the network thus can double as a user terminal and as a user authentication site for another terminal. The authentication protocol of the present invention protects against an unauthorized user gaining access through a terminal, despite the authentication information stored on the terminal. In addition, the authentication protocol of the present invention is not susceptible to a man-in- the-middle attack. Referring now to Fig. 1, there is shown a block diagram of a computer network system 100 in accordance with an embodiment of the present invention. Network 100 includes a first user terminal 110, and a user authentication site 120, interconnected by a communications or transmission channel 125, which may be a LAN, fiber optic, wireless, or other digital communications means. User terminal 110 maybe a PC at a fixed location, a remote PC connected to authentication site 120 by a telephone or other link, or a mobile unit connected by a wireless link. Terminal 110 contains a processor 117 and memory 112 which stores a local copy of a distributed user authentication database. User authentication site 120 may be another user terminal, or a dedicated piece of hardware, a PC, or even a site manned by human operators. In an embodiment, network 100 comprises a plurality of user terminals which can also perform user authentication for other user terminals. Network 100 may also contain dedicated user terminals that cannot provide user authentication, and dedicated user authentication sites that are not user terminals.
Each authorized user of network 100 is assigned a unique password, and an authentication encryption and decryption key pair. A given user's authentication encryption key is the outcome of applying a specified encryption-key generation algorithm to the user's password. The user's authentication decryption key is the key that can decrypt messages encrypted using the user's authentication encryption key. These keys are used only for authentication and no other purpose, such as data encryption/decryption. User authentication information for all authorized users of the network is maintained in a distributed user authentication database, which is distributed among and stored on several user terminals of network 100, such as terminals 110, 120. The database contains authentication information for each user, such as the user's authentication encryption and decryption keys, password, and other information about the user, such as the user's security clearance, authority to access the network (access authority).
In some embodiments, each user may also have a Smart Card with personal information pre-encrypted with the user's individual authentication encryption key. Each user may also have health sensors mounted on his body, for additional security. Thus, as illustrated, every user terminal that can perform authentication for other terminals stores a local copy of the user authentication database. This database is stored in a memory 112, 122 on the secure side 114, 124 of a firewall 111, 121. All terminals of network 100, such as terminals 110, 120, have a firewall (e.g., Ill) where the user enters and receives data from the open side 113 and all authentication information is on the secure side 114. Since each terminal 110 may serve as a relay for network traffic for other terminals, the transmitter, receiver, and all network traffic are on the secure side. The terminal's secure side is protected against both physical and software attacks. The local copy of the distributed user authentication database stored in each terminal's memory 112 are all present and potential users' individual authentication encryption and decryption keys, which are used only for authentication, and for no other purpose. The distributed user authentication database is maintained autonomously by the secure side of the network 100. Any terminal with a user authentication database can serve as a user authentication site for one or more other terminals. Thus, the second user terminal can serve as a user authentication site 120 for first user terminal 110, which itself can serve as a user authentication site for terminal 120 or other terminals of network 100. Each user terminal, such as user terminal 110, has a means of translating the user's password to the user's individual encryption key. For example, user terminal 110 contains processor 117 and the above-mentioned encryption-key generation algorithm. User terminal 110 also has the ability to generate random numbers, and to encrypta given message with the user's individual authentication encryption key. Thus, if the user provides a password to terminal 110, terminal 110 can run the encryption-key generation algorithm using the password as input, to generate the user's authentication encryption key. It can then generate a random number and use the authentication encryption key to encrypt the random number, to provide an encrypted random number (which is also a random number). The password, random number, authentication encryption key, encrypted messages, and received messages, can be stored by terminal 110 temporarily in memory 112. In some embodiments, a terminal 110 can be equipped with sensors to read and transmit the user's Smart Card information, health sensors, and/or an iris recognition device, for additional security.
In an embodiment, a terminal only grants access to a user who inserts his smart card and then enters the appropriate user ID and password. The user's password and smart card data are the only authentication data that may pass through the firewall. Terminal access is denied if the user is de- authenticated by any user authentication site.
Terminals of network 100 are configured such that only certain specially-designated users have read/write access to the user authentication database stored in the terminal's memory 112. For example, in a military context, each soldier of a squad may have a wireless, mobile user terminal 110, and a designated communications expert of the squad may be designated as having the authority to have read and/or read/write access to the database in memory 112 of his user terminal. Other soldiers are not designated. In an embodiment, the user authentication database stored in a terminal's memory is destroyed (e.g., the memory is erased) under certain conditions, for example where a non-designated user attempts to access the database, or where a suspicious or non-standard attempt is made to access the database. The database may also be destroyed if the terminal detects a physical attack, e.g. opening the physical case of the terminal. In an embodiment, if a terminal's user is de-authenticated (fails an authentication process), the user authentication database residing in that terminal's memory 112 is destroyed.
Also, in some embodiments, there may be provided a specific user/terminal detachment procedure. For example, the user/terminal detachment procedure may specify that the user has to first enter a detachment code, then log off, and then remove his smart card from a smart card port in the terminal 110. If terminal 110 detects detachment without the detachment procedure being followed, it destroys the user authentication database in memory 112. During use, each terminal 110 is connected to the network and permits the authenticated user to access the network. In an embodiment, users are required to wear health sensors and the terminal contains health sensor detectors that continually or periodically monitor the user's health. Thus, in this embodiment, if at any time during a session user terminal 110 detects that the user is unable to conduct a terminal session, based on status from the health sensors (e.g. the user has been killed), this information is transmitted to the user authentication site 120 and the latter withdraws authentication. Alternatively, terminal 110 directly withdraws authentication and/or removes itself from the network 100. In an embodiment, in order to maintain terminal and network access, the user's health sensors must indicate to terminal 110 that the user is alive.
If the health sensors indicate that the user has died, the terminal 110 detects this, de-authenticates the user, and automatically transmits this information to other user authentication sites to update the user authentication database. Thus, in the present invention, because a peer-to-peer network is used, user terminals must also store user authentication database so they can function as user authentication sites. However, to prevent an unauthorized person who gains access to the terminal from being able to access the network or acquire the user authentication database by attacking the terminal's memory, each terminal places all authentication information behind a firewall and does not in general permit its user to access this database. Also, a user cannot be authenticated by his terminal. He can only be authenticated by one or more other terminals. Thus, when a user attempts to access user terminal 110, user terminal 110 requests another terminal, e.g. terminal 120, to serve as a user authentication site. Also, if a user accesses a terminal other than the one assigned to him he must be re- authenticated.
Further, in an embodiment, re-authentication of all users is conducted periodically. For example, after some time, terminal 120 or another terminal may notice, e.g. from inspecting its own local copy of user the authentication database, that a time out period has elapsed since the user of terminal 110 has last been authenticated. It can then initiate the next scheduled re- authentication. A re-authentication procedure may also be initiated by any terminal if it suspects that another user has been killed or captured or another terminal has been captured. Also, in an embodiment, if a terminal is detached from its user, even according to the detachment protocol, it removes itself from the network for further security.
Referring now to Fig. 2, there is shown a flow chart illustrating the network user authentication protocol method 200 of network 100, in accordance with an embodiment of the present invention. First, a user initiates access of a user terminal 110 (step 201). Alternatively, if a user has been using a given terminal 110 for some time, after a timeout, authentication site 120 notifies user terminal 110 to re-authenticate the user (step 203). Authentication site 120 may also initiate re-authentication if it suspects that the user of terminal 110 has been killed or captured or that terminal 110 has been captured. Terminal 110 then notifies the user to enter a user ID and password, for example within a given time period (step 205). In the case of re-authentication, step 205 may involve issuing an Authentication Warning to the user, which may be in the form of a visual, auditory, or skin sensation message. Also, in the case of re-authentication in which the user is currently engaged in a session, the terminal 110 may still have user ID stored, in which case it need only prompt the user for the password.
In an embodiment, in the case of authentication of a new user, the user must first insert his smart card into terminal 110. In the case of re- authentication of a currently-authenticated user, the user is already logged onto his terminal 110 with his smart card in place. In this embodiment, the smart card must be in place and the information thereon read and verified in order to continue with or maintain authentication. In alternative embodiments, the authentication protocol of the present invention does not require a smart card. The user presumably will only have a password if he is an authorized user. In this case, the authorized user enters his user ID and password (step 207), within a specified timeout period if this is required in step 205. Terminal 110 then generates the user's authentication encryption key by translating the password into this key with the encryption-key generation algorithm (209). Thus, the user need not ever possess or even know his authentication encryption key, but only his password (and ID).
Terminal 110 also generates a first random number (step 211), and then encrypts this random number using the user's authentication encryption key (step 213). The user terminal then notifies the user authentication site 120 of the user's identity and transmits the encrypted random number to user authentication site 120 (step 215). In an embodiment, the authentication site is notified of the user's identity by transmitting the user ID to the authentication site. The user ID is preferably first encrypted with the user's authentication encryption key and then the encrypted ID is transmitted to authentication site 120. Authentication site 120 can then exhaustively decrypt the received encrypted message, with every possible authentication decryption key, until there is produced a user ID which matches a valid user ID of the network (and which also matches the user ID of the decryption key used to successfully decrypt the message). Thus, once authentication site 120 has successfully decrypted the user ID message, it knows the user ID and thus which authentication decryption key to use to decrypt subsequent encrypted messages transmitted during the authentication process. In an embodiment, the user terminal 10 ID is also encrypted and transmitted to authentication site 120 along with the user ID. In the case of re-authentication, the encrypting and sending of the user ID can be skipped; or, for convenience and simplicity, it can still be transmitted, but the authentication site 120 can in this case simply use the already- determined decryption key to decrypt the encrypted user ID, rather than perform an exhaustive decryption.
After decrypting the encrypted user ID message, authentication site 120 receives the encrypted first random number. User authentication site 120 decrypts this message with the particular user's authentication decryption key, to provide the original first random number (step 217). User authentication site 120 then generates a second random number, and transmits it to user terminal 110 (step 219). In an alternative embodiment, an encrypted version of the second random number is transmitted to user terminal 110, in which a second encryption/decryption key pair is utilized.
At this point in time, user authentication site 120 knows the identity of the user and/or his password, that user's authentication encryption/decryption keys (or at least the decryption key), and the first and second random numbers. The user terminal 110 only temporarily, during the authentication process, stores the user's password and authentication encryption key. After receiving the second random number from authentication site
120, the user's terminal 110 combines and encrypts both random numbers with the user's authentication encryption key and transmits this message to the user authentication site (step 221). The two random numbers may be combined in a variety of specified ways, e.g. adding, subtracting, multiplying, concatenating strings, and so forth, so long as the technique used by user terminal 110 is known to user authentication site 120. The combining technique used is preferably set apriori and specified as part of the authentication protocol of the present invention. The user authentication site 120 thus receives an encrypted message, which is an encrypted version of the combined two random numbers, and decrypts this message using the user's authentication decryption key. Authentication site 120 then verifies that both random numbers are correct. If so, there has been no man-in-the-middle attack. At this point, authentication site 120 knows the identity of the user attempting to gain access. If the user's identify and access authority permit network access, authentication site 120 authenticates the user by transmittingthe appropriate authentication message to terminal 110 and allowing network resources to be used by the user from user terminal 110, in accordance with the user's level of access authority (step 223). If the user is a new user, he is authenticated, or denied access if the authentication fails. In the case of re- authentication, the user is re-authenticated, or authentication is withdrawn if the authentication fails. If the user is authenticated, and new transport and message keys are required, a new method of obtaining them from the terminal's clock is sent to terminal 110. If he is not authenticated, the user authentication site indicates to all other users on the network that he is de-authenticated and all communications to and from him are terminated. Terminal access is also denied. The distributed user authentication database is updated to indicate the de-authentication, and every local copy is updated accordingly as the update is distributed through the network.
In an embodiment, as described above, user authentication site 120 may also query user terminal 110 for Smart Card information, the status of the user's health, and/or iris recognition information. This information may be used for additional security by authentication site 120, in step 223, in verifying the user's identity and ability to conduct a terminal session. Whether authentication fails or is successful, the user terminal 110 in both cases erases the user's password and authentication encryption key from its memory 112 immediately after the authentication process is completed (step 225), for extra security, even though the memory 112 maintains a copy of the entire user authentication database.
As will be understood, the term "user" as used herein refers to a person either attempting to gain access, or already having access, to the network 100 via a user terminal 110. Thus a prospective user as well as one already authorized by an authentication process is a user.
As will be appreciated, the authentication protocol of the present invention is not vulnerable to a man-in-the-middle attack. Further, authentication data security is attained by not permitting individual terminal users to access the authentication information residing on the secure side of any user terminal 110. Having another terminal, e.g. user authentication site 120, control access to user terminal 110 attains terminal access and security. It will be understood that various changes in the details, materials, and arrangements of the parts which have been described and illustrated above in order to explain the nature of this invention may be made by those skilled in the art without departing from the principle and scope of the invention as recited in the following claims.

Claims

What is claimed is:
1. In a peer-to-peer network (100) having a plurality of user terminals (110, 120), a method for authenticating a user, comprising the steps of:
(a) storing, in a memory (112) on a secure side (114) of a first terminal (110) and in a memory (122) on a secure side (124) of a second terminal (120), a user authentication database;
(b) receiving (207), at the first terminal of the network, a password from a user;
(c) translating (209) the password into an authentication encryption key for the user; and
(d) using (211-225)the authentication encryption key to authenticate the user with the second terminal serving as a user authentication site for the first terminal.
2. The method of claim 1, wherein step (d) comprises the steps of:
(1) generating (211), with the first terminal, a first random number;
(2) encrypting (213) the first random number with the authentication encryption key to provide a first encrypted message and transmitting (215) the first encrypted message from the first terminal to the user authentication site;
(3) decrypting (217), at the user authentication site, the encrypted first message to provide the first random number;
(4) generating (219), with the user authentication site, a second random number and transmitting the second random number to the first terminal;
(5) combining and encrypting (221), with the first terminal, the first and second random numbers to provide a second encrypted message and transmitting the second encrypted message from the first terminal to the user authentication site; (6) decrypting (223), at the user authentication site, the encrypted second message to provide the combined first and second random numbers;
(7) verifying that the first and second random numbers are correct; and
(8) authenticatingthe user in accordance with said verification.
3. The method of claim 2, comprising the further step of erasing (225) from the first terminal the password after the user authentication, whether the authentication is successful or not.
4. The method of claim 2, wherein: step (b) comprises the further step of receiving (207), at the first terminal, a user ID from the user; step (d)(2) comprises the further step of encrypting the user ID with the authentication encryption key to provide an encrypted user ID message and transmitting (215) the encrypted use ID message from the first terminal to the user authentication site; and step (d)(3) comprises the further step of decrypting, at the user authentication site, the encrypted user ID message with valid authentication decryption keys until a decrypted user ID is produced which matches a valid user ID of the network, step (d)(3) further comprising the step of decrypting the encrypted first message with the authentication decryption key used to successfully decrypt the encrypted user ID message, to provide the first random number.
5. The method of claim 2, wherein step (d)(8) comprises the step of authenticating (223) the user if the first and second numbers are correct and if the user has authority to access the network.
6. The method of claim 2, further comprising the steps of reading, with a health sensor, the user's health status, transmitting said health status to the user authentication site, and authenticating the user in accordance with said health status and said verification of step (d)(7).
7. The method of claim 2, further comprising the steps of querying, with the authentication site, the first terminal to read user information from a user smart card and authenticating the user in accordance with said user information and said verification of step (d)(7).
8. The method of claim 1, wherein step (b) comprises the steps of: notifying (205) the user, with the terminal, to enter a user ID and the password when one of(l) a new user initiates (201) access of the terminal and (2) the authentication site notifies (203) the terminal when being used to re-authenticate after a time-out; and receiving, at the first terminal, the user ID from the user.
9. The method of claim 1, comprising the further step preventing the user from accessing the secure side of the first terminal unless the user is a designated user.
PCT/US2000/021965 1999-08-12 2000-08-11 Peer-to-peer network user authentication protocol WO2001013201A2 (en)

Priority Applications (4)

Application Number Priority Date Filing Date Title
EP00952730A EP1203479A2 (en) 1999-08-12 2000-08-11 Peer-to-peer network user authentication protocol
JP2001517237A JP2003529126A (en) 1999-08-12 2000-08-11 Peer-to-peer network user authentication protocol
AU65374/00A AU6537400A (en) 1999-08-12 2000-08-11 Peer-to-peer network user authentication protocol
KR1020027001769A KR20020021404A (en) 1999-08-12 2000-08-11 Peer-to-peer network user authentication protocol

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US14862499P 1999-08-12 1999-08-12
US60/148,624 1999-08-12

Publications (2)

Publication Number Publication Date
WO2001013201A2 true WO2001013201A2 (en) 2001-02-22
WO2001013201A3 WO2001013201A3 (en) 2001-12-06

Family

ID=22526589

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2000/021965 WO2001013201A2 (en) 1999-08-12 2000-08-11 Peer-to-peer network user authentication protocol

Country Status (1)

Country Link
WO (1) WO2001013201A2 (en)

Cited By (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2003079635A1 (en) * 2002-03-15 2003-09-25 International Business Machines Corporation Secured and access controlled peer-to-peer resource sharing method and apparatus
EP1377061A2 (en) * 2002-06-26 2004-01-02 Microsoft Corporation Access authorization controlled content exchange
JP2004159298A (en) * 2002-07-23 2004-06-03 Matsushita Electric Ind Co Ltd Terminal equipment, communication method, and communication system
WO2005009019A3 (en) * 2003-07-16 2005-04-28 Skyper Ltd Peer-to-peer telephone system and method
CN1301608C (en) * 2003-06-25 2007-02-21 神州亿品科技有限公司 Method for implementing peer-to-peer WLAN with center certification
CN1310109C (en) * 2001-11-08 2007-04-11 皇家飞利浦电子股份有限公司 System and method for a peer-to-peer data file service
WO2008003923A1 (en) * 2006-07-04 2008-01-10 David Irvine File system authentication
US7373507B2 (en) 2000-08-10 2008-05-13 Plethora Technology, Inc. System and method for establishing secure communication
US7379967B2 (en) 2005-01-28 2008-05-27 Grid Solutions, Inc. Download method for file by bit torrent protocol
US7392375B2 (en) 2002-09-18 2008-06-24 Colligo Networks, Inc. Peer-to-peer authentication for real-time collaboration
US7613772B2 (en) 2002-07-25 2009-11-03 Colligo Networks, Inc. Method for context based discovery and filtering of portable collaborative networks
US7949750B2 (en) 2008-02-14 2011-05-24 Samsung Electrinics Co., Ltd. Apparatus and method for controlling access in P2P network
US8418239B2 (en) 2005-11-04 2013-04-09 Konica Minolta Holdings, Inc. Authentication method, authentication device and information processor
US8909710B2 (en) 2002-01-14 2014-12-09 Colligo Networks, Inc. Method for discovering and discriminating devices on local collaborative networks to facilitate collaboration among users
US9780954B2 (en) 2014-02-03 2017-10-03 Tata Consultancy Services Ltd. Computer implemented system and method for lightweight authentication on datagram transport for internet of things

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5406628A (en) * 1993-03-04 1995-04-11 Bell Communications Research, Inc. Public key authentication and key agreement for low-cost terminals
WO1995024698A1 (en) * 1992-10-14 1995-09-14 Cp8 Transac A secure memory card

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1995024698A1 (en) * 1992-10-14 1995-09-14 Cp8 Transac A secure memory card
US5406628A (en) * 1993-03-04 1995-04-11 Bell Communications Research, Inc. Public key authentication and key agreement for low-cost terminals

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
KWON T ET AL: "Authenticated key exchange protocols resistant to password guessing attacks" IEE PROCEEDINGS: COMMUNICATIONS, INSTITUTION OF ELECTRICAL ENGINEERS, GB, vol. 145, no. 5, 13 October 1998 (1998-10-13), pages 304-308, XP006010921 ISSN: 1350-2425 *

Cited By (29)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7373507B2 (en) 2000-08-10 2008-05-13 Plethora Technology, Inc. System and method for establishing secure communication
CN1310109C (en) * 2001-11-08 2007-04-11 皇家飞利浦电子股份有限公司 System and method for a peer-to-peer data file service
US8909710B2 (en) 2002-01-14 2014-12-09 Colligo Networks, Inc. Method for discovering and discriminating devices on local collaborative networks to facilitate collaboration among users
WO2003079635A1 (en) * 2002-03-15 2003-09-25 International Business Machines Corporation Secured and access controlled peer-to-peer resource sharing method and apparatus
US7441037B2 (en) 2002-06-26 2008-10-21 Microsoft Corporation Authorization access controlled content exchange
EP1377061A2 (en) * 2002-06-26 2004-01-02 Microsoft Corporation Access authorization controlled content exchange
US7444413B2 (en) 2002-06-26 2008-10-28 Microsoft Corporation Authorization access controlled content exchange
EP1377061A3 (en) * 2002-06-26 2004-06-16 Microsoft Corporation Access authorization controlled content exchange
JP2004159298A (en) * 2002-07-23 2004-06-03 Matsushita Electric Ind Co Ltd Terminal equipment, communication method, and communication system
US8725865B2 (en) 2002-07-25 2014-05-13 Colligo Networks, Inc. Method for context based discovery and filtering of portable collaborative networks
US7613772B2 (en) 2002-07-25 2009-11-03 Colligo Networks, Inc. Method for context based discovery and filtering of portable collaborative networks
US7392375B2 (en) 2002-09-18 2008-06-24 Colligo Networks, Inc. Peer-to-peer authentication for real-time collaboration
CN1301608C (en) * 2003-06-25 2007-02-21 神州亿品科技有限公司 Method for implementing peer-to-peer WLAN with center certification
AU2004301258B2 (en) * 2003-07-16 2007-04-26 Microsoft Technology Licensing, Llc Peer-to-peer telephone system and method
US8009572B2 (en) 2003-07-16 2011-08-30 Skype Limited Peer-to-peer telephone system
WO2005009019A3 (en) * 2003-07-16 2005-04-28 Skyper Ltd Peer-to-peer telephone system and method
US8593978B2 (en) 2003-07-16 2013-11-26 Microsoft Corporation Peer-to-peer telephone system
US7379967B2 (en) 2005-01-28 2008-05-27 Grid Solutions, Inc. Download method for file by bit torrent protocol
US8418239B2 (en) 2005-11-04 2013-04-09 Konica Minolta Holdings, Inc. Authentication method, authentication device and information processor
GB2453077A (en) * 2006-07-04 2009-03-25 David Irvine File System Authentication
CN102510370A (en) * 2006-07-04 2012-06-20 大卫·欧文 File system authentication
AU2007270991B2 (en) * 2006-07-04 2012-09-20 Maidsafe Foundation File system authentication
US8386786B2 (en) 2006-07-04 2013-02-26 David Irvine File system authentication
GB2453077B (en) * 2006-07-04 2011-02-16 David Irvine File System Authentication
GB2454602B (en) * 2006-07-04 2009-10-07 David Irvine File system authentication
GB2454602A (en) * 2006-07-04 2009-05-13 David Irvine Peer-to-peer storage network
WO2008003923A1 (en) * 2006-07-04 2008-01-10 David Irvine File system authentication
US7949750B2 (en) 2008-02-14 2011-05-24 Samsung Electrinics Co., Ltd. Apparatus and method for controlling access in P2P network
US9780954B2 (en) 2014-02-03 2017-10-03 Tata Consultancy Services Ltd. Computer implemented system and method for lightweight authentication on datagram transport for internet of things

Also Published As

Publication number Publication date
WO2001013201A3 (en) 2001-12-06

Similar Documents

Publication Publication Date Title
US7231526B2 (en) System and method for validating a network session
US5491752A (en) System for increasing the difficulty of password guessing attacks in a distributed authentication scheme employing authentication tokens
US5418854A (en) Method and apparatus for protecting the confidentiality of passwords in a distributed data processing system
US7865936B2 (en) System and method for controlling access to multiple public networks and for controlling access to multiple private networks
US8644516B1 (en) Universal secure messaging for cryptographic modules
US5751812A (en) Re-initialization of an iterated hash function secure password system over an insecure network connection
US5841871A (en) Method for authenticating a user working in a distributed environment in the client/server mode
US8103871B2 (en) Method and apparatus for pervasive authentication domains
US8028329B2 (en) Proxy authentication network
US6732270B1 (en) Method to authenticate a network access server to an authentication server
CA2463286C (en) Multi-factor authentication system
US20030196084A1 (en) System and method for secure wireless communications using PKI
US20100195824A1 (en) Method and Apparatus for Dynamic Generation of Symmetric Encryption Keys and Exchange of Dynamic Symmetric Key Infrastructure
US20030188201A1 (en) Method and system for securing access to passwords in a computing network environment
EP2544117A1 (en) Method and system for sharing or storing personal data without loss of privacy
US20060206616A1 (en) Decentralized secure network login
WO2002073861A9 (en) Method and apparatus for cryptographic key storage wherein key servers are authenticated by possession and secure distribution of stored keys
WO2008039582A2 (en) System and method for securing software applications
WO2001013201A2 (en) Peer-to-peer network user authentication protocol
WO2005088892A1 (en) A method of virtual challenge response authentication
WO2001011817A2 (en) Network user authentication protocol
KR19990038925A (en) Secure Two-Way Authentication Method in a Distributed Environment
EP1203479A2 (en) Peer-to-peer network user authentication protocol
Dippel et al. AUTHENTICATION OF COMPUTER COMMUNICATIONS

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A2

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CR CU CZ DE DK DM DZ EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG UZ VN YU ZA ZW

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
AK Designated states

Kind code of ref document: A3

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CR CU CZ DE DK DM DZ EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG UZ VN YU ZA ZW

AL Designated countries for regional patents

Kind code of ref document: A3

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG

WWE Wipo information: entry into national phase

Ref document number: 2000952730

Country of ref document: EP

WWE Wipo information: entry into national phase

Ref document number: 1020027001769

Country of ref document: KR

WWP Wipo information: published in national office

Ref document number: 1020027001769

Country of ref document: KR

WWP Wipo information: published in national office

Ref document number: 2000952730

Country of ref document: EP

REG Reference to national code

Ref country code: DE

Ref legal event code: 8642

WWW Wipo information: withdrawn in national office

Ref document number: 2000952730

Country of ref document: EP