Challenge-and-response user authentication protocol

G - Physics – 06 – F

Patent

Rate now

  [ 0.00 ] – not rated yet Voters 0   Comments 0

Details

G06F 1/00 (2006.01) G06F 21/00 (2006.01) G07F 7/10 (2006.01)

Patent

CA 2066715

A distributed authentication system that prevents unauthorized access to any computer system (10) in a distributed environment. Authentication using the present invention involves three distinct phases. In the first phase, user passwords are gener- ated by the computer system (10) and encrypted on a coded card (27) together with a message authentication code to prevent alterations prior to any access attempts. These are complex and impersonal enough not to be easily guessed. This coded card (27)must be used whenever requesting access to the system (10). Second, in addition to supplying a password, the user is required to correctly respond to a set of randomly selected authentication challenges (28) when requesting access. The correct responses (29) may vary between the right response, a wrong response or no response depending on some predetermined variable, e.g., the day of the week or hour of the day. The dual randomness thus introduced significantly reduces the usefulness of observed lo- gon information. Third, at random times during the session, the user is required again to respond to selected authentication challenges (28). This detects piggybacking at- tempts. Since authentication depends on the correctness of the entire set of responses (29) rather than on the response to a single question, the present invention provides a significant increase in the probability of detecting and preventing unauthorized com- puter access.

LandOfFree

Say what you really think

Search LandOfFree.com for Canadian inventors and patents. Rate them and share your experience with other people.

Rating

Challenge-and-response user authentication protocol does not yet have a rating. At this time, there are no reviews or comments for this patent.

If you have personal experience with Challenge-and-response user authentication protocol, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Challenge-and-response user authentication protocol will most certainly appreciate the feedback.

Rate now

     

Profile ID: LFCA-PAI-O-1600712

  Search
All data on this website is collected from public sources. Our data reflects the most accurate information available at the time of publication.