DE102008042180A1 - Method for transmission of e.g. password between keypad and notebook during home banking via Internet, involves encoding data by input device, transmitting encoded data to program, and transmitting encoded data from program to receiver - Google Patents

Abstract

The method involves recognizing a selection of an input field in a program (3) of a network processor (2). An input device (8) i.e. keypad, is informed about initiation of an input of data to be encoded. The data to be encoded is input by a user (1) in the device. The input data is temporarily stored in a buffer memory (7). Deselection of the field is recognized in the program. The device is informed about completion of the input of the data. The stored data is encoded by the device and transmitted to the program. The encoded data is transmitted from the program to a network receiver (6). An independent claim is also included for a system for secure transmission of data between an input device and a network receiver.

Description

The The invention relates to methods for secure data transmission between an input device connected to a network computer and a Network counterpart, which with the network computer via a Data network is connected.

nowadays is a variety of personal computers and other computers, for example, via the Internet and / or company networks with other computers networked and exchange about this Networks also confidential and sensitive data. These are transferred Data especially in public accessible Networks - but not only in these - always the risk of espionage, manipulation and / or other misuse exposed. A particularly well-known example of the misuse of data on the Internet, the spying on access data Home banking dar. This example, the authentication and transaction data of a banking customer using home banking Spying software spied out and misused to the detriment of the bank customer.

Currently a user authenticates when accessing a protected area, For example, in the account area of the web server of a bank Home banking usually by entering authentication data such as user ID, Password, Account Data, PIN (Personal Identification Number) and / or TAN (transaction number) via a computer keyboard.

to increase the authentication security suggests the state of the art Use of authentication devices, such as card terminals, in particular for smart cards (Memory chip cards, processor chip cards), RFID readers (reader for radio Frequency identification tags or transponders), biometric readers (especially iris or finger-line image scanner, static or dynamic signature recognition, Keystroke dynamics analysis), OCR - (= "Optical Character Recognition ") readers (devices for optical Character recognition), barcode readers or Magnetic stripe card readers before, whereby the bank customer after one compared to the present widespread authentication through data entry via a computer keyboard much safer procedures authenticated. Such additional devices for authentication as the above are common as so-called USB devices on the USB interface (Universal Serial Bus) of a bank customer's computer. According to the state of the art, this authentication, as well further sensitive information preferably via a secure Internet connection for example, the SSL (Secure Socket Layer) or TSL (Transport Security Layer) Transferring the procedure to the web server of a bank.

there However, it should be noted that - im Contrary to the secured Internet connection between the network computers (for example, the bank client's computer and the bank's web server) - the data stream from the keyboard, as well as from the authentication device to the computer Bank customers transparent and unprotected runs, and for example by a manipulated driver software or a so-called. Trojan tapped and / or can be manipulated.

State of the art

Using the example of home banking, the currently most common method according to the prior art is described in more detail:
A user opens his Internet program on his PC (personal computer) and opens it in z. For example, the secure and trusted site of his bank on the web server of the bank. The Internet program builds a secure connection to the web server of the bank via a well-known encryption method such. SSL or TLS. On the user's monitor, this secure connection between the Internet program and the bank's web server is displayed, for example, via an icon (eg lock symbol) in the Internet program. The user is now prompted by the bank application to enter his PIN and TAN and, if necessary, further authentication data for authentication.

In the method according to the prior art, in particular two problem areas occur:
A problem is the connection between the keyboard and the PC. Although there is a (largely) secure connection between the web server of the bank and the user's PC, but not between the keyboard and the PC, in the above-mentioned prior art method. Thus, data entered via the keyboard can be intercepted at any time, for example by means of phishing (interception of data by unauthorized third parties), Trojans or other methods. Trojans are malicious computer programs that run without the knowledge of the PC user in the background, for example, to record keystrokes secretly and transmit to third parties, for example, to spy passwords, PIN's or TAN's.

Another problem is the identification of a secure connection between the web server of the bank and the user's PC, for example by means of the lock icon in the Internet program. This marking can easily be overlooked by the PC user or the PC user is not at all aware of how a secure verbin between the web server and the PC and what dangers it poses in the event of an unsecured Internet connection. Thus, the PC user does not notice at all if there is no secure connection at all or the PC user inputs his data, for example, on a fake website.

task

It is therefore the object of the present invention, the above using the example of home banking eliminate identified security gaps and the Security of stored, edited and / or transmitted Data, in particular data during transmission in data networks in general and to increase authentication data in particular. To in particular, the protection of between one with a network computer connected input device and a remote site, which communicate with the network computer via a Connected to the data network Data to be improved, it being at the network computer and network counterpart example to a networkable Calculator, server, desktop PC, notebook, thin client, but also one for dialing into a network (eg Internet, WAP, WLAN) capable PDA or smartphone or any other network-enabled component with processor can act. The input device is preferably a conventional keyboard.

These The object is achieved by the method according to claims 1, 14 and 23 and the System according to the claims 31, 36 and 41 solved. Further developments of the present invention are given in the subclaims.

The Invention will be exemplified below with reference to the accompanying drawings explained in more detail. It demonstrate:

1 a flowchart of the method according to a preferred embodiment of the present invention;

2 a flowchart of the method according to another embodiment of the present invention;

3 a flowchart of the method according to a third embodiment of the present invention;

4 a flowchart of the method according to a fourth embodiment of the present invention.

embodiments

The The invention relates to a method for secure data transmission between an input device connected to a network computer and a Network counterpart, which with the network computer via a Data network is connected.

The secure data transmission can be carried out according to different procedures. To encrypt the data is first requires a public key to be sent by the remote site.

A Differentiation can take place in that the public key after calling an internet page from the network counterpart z. B. with a html page to the network computer and then the Input device transmitted becomes.

alternative can the public Key too at the remote site after recognizing the selection of a Input field in a program of the network computer, which the Input to be encrypted Data requested, queried. The remote site transmitted then the public key to a conversion device of the network computer, which in turn the public key transmitted to the input device.

In the above embodiment In each case, an automatic recognition of the selection of an input field in a program of the network computer, which the input to be encrypted Requires data, or an automatic detection of deselection of the input field in the program.

alternative For this purpose, according to another embodiment of the present Invention also initiate the input to be encrypted Data by a manual operation an actuator performed by the user and press again the actuator by the user completing the input of the to be encrypted Show data.

1 shows a method for secure data transmission between an input device connected to a network computer and a network counterpart, which is connected to the network computer via a data network, according to a preferred embodiment of the present invention.

In step ( 11 ) the user enters the desired address of the website, the ge should be opened. According to step ( 12 ), the program sends a request for the website to be opened to the corresponding remote site. The remote site replies in step ( 13 ) with the return of, for example, a html page to the program. According to step ( 14 ) is located in the page called in the program an input field that requires to be encrypted inputs.

Here an example may be an online banking site. Will the user To use online banking, he must be on the home page of the bank log in by identifying himself and entering his pin. For this The user sets the focus to the corresponding input field. In the program there is a software module (plugin), the advance must be installed. This software module recognizes that the Focus was placed by the user on the input field at which secure data are required. The software module in turn informed the implementation device (Translating Proxy, also on the Client PC preinstalled) that now an input is expected, their data is encrypted should be.

In step ( 15 ) the translator passes this information directly to the input device on which the input is made. In step ( 16 ), the user next inputs the data to be encrypted. According to step ( 17 ) enter the data entered and to be encrypted in a buffer in the input device. In step ( 18 ) recognizes the software module when the user removes the focus from the corresponding secure data entry field.

In step ( 19 In turn, the software module informs the conversion device that the focus has been removed from the field. The conversion device forwards this information to the input device. The input device now encrypts the buffered data with a public key provided by the remote site. The public key was sent in advance together with the html page from the remote site to the program.

The Passes software module the public Key over the Conversion device to the input device. The time when this handover of public key must be done is not relevant. The only important thing is that the public key no later than to encrypt the Data on the input device is provided.

According to step ( 110 ), the encrypted data is now transmitted to the program. The encrypted data is either transmitted via the normal keyboard channel from the input device to the program, or the encrypted data is not passed as a normal keyboard input, but transmitted from the input device via the software module to the program (this variant is not in the 1 shown).

In step ( 111 ) is now given the impetus to transmit the secure data to the remote site. This can be done for example by pressing a Enter key or otherwise. The transmission of the data from the program to the remote site is done in step ( 112 ) then on the known way. The remote site decrypts the public key encrypted data with the corresponding private key.

The advantages of the method according to 1 Among other things, they are easy to use, easy to create and easy to set up. Furthermore, the transmission paths are not time-critical, the method also works for individual input fields and no additional user interaction is necessary. The overall system is simple, minor requirements / adaptations of the remote network counter necessary and the release of the input field (which requires inputs to be encrypted) takes place only when the input device is in antiphishing mode. The latter is optional.

2 shows a method for secure data transmission between an input device connected to a network computer and a network counterpart, which is connected to the network computer via a data network, according to another preferred embodiment of the present invention.

In step ( 21 ), the user enters the desired address of the website to be opened. According to step ( 22 ), the program sends a request for the website to be opened to the corresponding remote site. The remote site replies in step ( 23 ) with the return of, for example, a html page to the program. According to step ( 24 ) is located in the page called in the program an input field that requires to be encrypted inputs.

Here an example may be an online banking site. Will the user To use online banking, he must be on the home page of the bank log in by identifying himself and entering his pin. For this The user sets the focus to the corresponding input field. In the program there is a software module (plugin), the advance must be installed.

This software module detects that the focus has been placed on the input field by the user, where secure data is required. The software module in turn informs the conversion device (Translating Proxy, also preinstalled on the client PC) that now an input is expected whose data is to be encrypted. In step ( 25 ) the software module informs the converter and in step ( 25a ) the translator informs the network remote site that a public key is needed. According to step ( 25b ) transmits the network counterpart the public key to the conversion device, which in turn transmits the public key to the input device.

In step ( 26 ), the user next inputs the data to be encrypted. According to step ( 27 ) enter the data entered and to be encrypted in a buffer in the input device. In step ( 28 ) recognizes the software module when the user removes the focus from the corresponding secure data entry field. In step ( 29 In turn, the software module informs the conversion device that the focus has been removed from the field.

The conversion device forwards this information to the input device. The input device now encrypts the buffered data with the public key provided by the remote site. According to step ( 210 ), the encrypted data is now transmitted to the program. The encrypted data is either transmitted via the normal keyboard channel from the input device to the program, or the encrypted data is not passed as a normal keyboard input, but transmitted from the input device via the software module to the program (this variant is not in the 2 shown).

In step ( 211 ) is now given the impetus to transmit the secure data to the remote site. This can be done for example by pressing a Enter key or otherwise. The transmission of the data from the program to the remote site is done in step ( 212 ) then on known way. The remote site decrypts the public key encrypted data with the corresponding private key.

The advantages of the method according to 2 are among other things in the simple operation. The procedure also works for individual input fields and no additional user interaction is necessary. The whole system is simple and the release of the input field (which requires inputs to be encrypted) only takes place when the input device is in antiphishing mode. The latter is optional.

3 shows a method for secure data transmission between an input device connected to a network computer and a network counterpart, which is connected to the network computer via a data network, according to another preferred embodiment of the present invention.

In step ( 31 ), the user enters the desired address of the website to be opened. According to step ( 32 ), the program sends a request for the website to be opened to the corresponding remote site. The remote site replies in step ( 33 ) with the return of, for example, a html page to the program. According to step ( 34 ) is located in the page called in the program an input field in which an input to be encrypted makes sense. Here's an example of an online banking site.

Want the user to use online banking, he must be on the home page sign in to the bank by identifying and entering his PIN. To do this, the user sets the focus to the corresponding input field.

In step ( 35 ) an actuation of an actuator by the user to initiate the input to be encrypted data. The conversion device recognizes the step ( 35a ) and requests the public key from the remote site. In step ( 35b ) transmits the public domain key to the translation device, which in turn is forwarded to the input device.

In step ( 36 ), the user next inputs the data to be encrypted. According to step ( 37 ), the data entered and to be encrypted are buffered in a buffer in the input device. In step ( 38 ), the user actuates the actuator to indicate the completion of the input of the data to be encrypted. This operation encrypts the data stored in the buffer using the public key. The encrypted data is then retrieved in step ( 39 ) is sent to the program via the normal keyboard channel.

In step ( 310 ) is now given the impetus to transmit the secure data to the remote site. This can be done for example by pressing a Enter key or otherwise. The transmission of the data from the program to the remote site is done in step ( 311 ) then on known way. The network counter The user decrypts the data encrypted with the public key with the corresponding private key.

The advantages of the method according to 3 Among other things, the ease of use and the ease of creation. The method also works for individual input fields and the user decides whether he wants to encrypt data or not (in the procedures according to 1 and 2 decides this the remote site). The overall system is simple and provides security by deliberately switching on the safety function.

4 shows a method for secure data transmission between an input device connected to a network computer and a network counterpart, which is connected to the network computer via a data network, according to another preferred embodiment of the present invention.

In step ( 41 ), the user enters the desired address of the website to be opened. According to step ( 42 ), the program sends a request for the website to be opened to the corresponding remote site. The remote site replies in step ( 43 ) with the return of, for example, a html page to the program.

According to step ( 44 ) the data contained in the program of the network computer are read out. An encrypted data connection between two communication stations is normally established by the direct transmission / reception of data telegrams (TCP / IP). In accordance with this embodiment, the remote site does not directly transmit the data telegrams to the subscriber but generates data in a web site where the data may be non-visible HTML code. These data are read by a software module in the program and forwarded to a conversion device (step ( 44 )), which then forwards it to the input device (step (step 45 )).

The encoding the connection between the input device and the remote network can now based on the data received from the remote site respectively.

The response of the input device is sent via the translation device (step (step 46 )) and the software module (step ( 47 )) z. B. converted into HTML code, which in turn is passed to the remote site (step ( 48 )). In this way, an encrypted connection of the endpoints of the remote network input device can be established without the two partners communicating directly with each other. The input of securely transmitted data (eg PIN) can now be carried out by the user (step ( 49 )).

The advantages of the method according to 4 Among other things, the fact that the input devices or peripheral devices do not have to be networkable. Furthermore, no firewalls need to be reconfigured. Network settings (proxy, DNS, etc.) also need not be taken into account by the implementation facility.

1

user

2

Network computer

3

program

4

software module

5

conversion means

6

Network remote station

7

buffer memory

8th

input device

11

input the website

12

Send the request

13

answer the remote site

14

focus set to password field

15

Activate safety

16

input of the password

17

buffers the input

18

focus put on another field

19

Deactivate safety

110

Encrypted data send

111

Confirmation through user

112

dates send to remote site

21

input the website

22

Send the request

23

answer the remote site

24

focus set to password field

25

Activate safety

25a

inquiry of the key at remote site

25b

Send of the key by network counterpart

26

input of the password

27

buffers the input

28

focus put on another field

29

Deactivate safety

210

Encrypted data send

211

Confirmation through user

212

dates send to remote site

31

input the website

32

Send the request

33

answer the remote site

34

focus set to password field

35

Activate safety

35a

inquiry of the key at remote site

35b

Send of the key by network counterpart

36

input of the password

37

buffers the input

38

Deactivate safety

39

Encrypted data send

310

Confirmation through user

311

dates send to remote site

41

input the website

42

Send the request

43

answer the remote site

44

select the code by software module and forwarding to conversion device

45

To transfer the code to input device

46

Send the answer to the conversion device

47

Hand off the answer to software module and translate into code

48

Hand off to remote site

49

input of data

Claims (47)

Method for secure data transmission between a a network computer connected input device and a remote network, which with the network computer via a data network is connected, wherein the input device is an encryption device and the method comprises the following steps: a) Recognizing the selection of an input field in a program of the Network computer, which requires the input to be encrypted data; b) Inform the input device about the Start of input to be encrypted Dates; c) Entry of the data to be encrypted by the user in the input device; d) Buffering the input data in a buffer memory; e) Recognizing the deselection of the input field in the program f) Inform the input device about the End of input to be encrypted Dates; g) Encrypt the buffered data through the input device and transmitting the encrypted data to the program of the network computer; and h) submit the encrypted Data from the program of the network computer to the remote network. Method according to claim 1, characterized in that that the input device a keyboard is. Method according to claim 1 or 2, characterized that the network computer software means containing a software module as well as a conversion device. Method according to claim 3, characterized that the conversion device of the network computer is a protocol converter, preferably has a translating proxy. Method according to one of claims 3 or 4, characterized that recognizing the selection of an input field in the program of the network computer by the software module. Method according to one of claims 3 to 5, characterized that forwarding the recognition of the selection of the input field by the software module to the conversion device and by the Conversion device in turn takes place on the input device. Method according to one of claims 3 to 6, characterized that recognizing the deselection of the input field in the program of the network computer by the software module. Method according to one of claims 3 to 7, characterized that forwarding the recognition of the deselection of the input field by the software module to the conversion device and by the Conversion device in turn takes place on the input device. Method according to one of claims 1 to 8, characterized that the buffer memory is arranged on the input device. Method according to one of claims 1 to 9, characterized that for encrypting the Data through the input device the presence of a public key is required. Method according to claim 10, characterized in that that the public key with a call of a web page by the program related can be. Method according to claim 10, characterized in that that the public key can be obtained by the software module, the conversion device and the conversion device in turn informs the network counterpart, that a public key to encrypt of data needed becomes. Method according to claim 12, characterized in that that the remote office opposite the public key the conversion device transmitted and the translator turn the public key transmitted to the input device. Method for secure data transmission between an input device connected to a network computer and a network counterpart, which is connected to the network computer via a data network, wherein the input device has an encryption device and the method comprises the following steps: a) informing the input device by the user about the beginning of the input to be encrypted data; b) input of the data to be encrypted by the user into the input device; c) buffering the input data in a buffer memory; d) informing the input device of the completion of input of data to be encrypted by the user; e) encrypting the buffered data by the input device; f) transmitting the encrypted data to the program of the network computer; and g) transmitting the encrypted data from the program of the network computer to the remote site. Method according to claim 14, characterized in that that the input device a keyboard is. Method according to claim 14 or 15, characterized informing the input device about the beginning and / or the Completion of input to encrypted data by the user via a actuator on the input device he follows. Method according to one of claims 14 to 16, characterized the network computer has a conversion device. Method according to claim 17, characterized in that that the conversion device of the network computer is a protocol converter, preferably has a translating proxy. Method according to one of claims 15 to 18, characterized that the buffer memory is arranged on the input device. Method according to one of claims 15 to 19, characterized that for the encryption the data through the input device the presence of a public key is required. Method according to claim 20, characterized in that that the public key by the translator opposing the network informed that a public key to encode of data is needed. Method according to claim 21, characterized that the remote office opposite the public key the conversion device transmitted and the translator turn the public key transmitted to the input device. Method for secure data transmission between a a network computer connected input device and a remote network, which with the network computer via a data network is connected, wherein the input device is an encryption device and the method comprises the following steps: a) Receiving data from the remote site; b) Readout and submit the data from the program of the network computer to the input device; c) submit the answer of the input device to the program of the network computer; d) submit the answer of the input device from the program of the network computer to the remote site to set up an encrypted connection between input device and network counterpart; e) input of data by the user. Method according to claim 23, characterized that the input device a keyboard is. Method according to claim 23 or 24, characterized that the network computer software means containing a software module as well as a conversion device. Method according to claim 25, characterized in that that the conversion device of the network computer is a protocol converter, preferably has a translating proxy. Method according to one of claims 25 or 26, characterized that reading and transmitting the data from the program of the network computer to the input device the software means takes place. Method according to one of claims 23 to 27, characterized that for the encryption the data through the input device the presence of a public key is required. Method according to Claim 28, characterized that the public key is included in the data generated by the remote site. Method according to one of claims 23 to 29, characterized that encrypting the Connection between the input device and the remote network based on the data received from the remote site. A system for secure data transmission between an input device connected to a network computer and a network counterpart connected to the network computer via a data network, the system comprising: an input device with an encryption device; Means for detecting the selection of an input field in a program of the network computer requesting the input of data to be encrypted; Means for informing the input device of the beginning of input of data to be encrypted; Means for buffering input data in the input device; Means for detecting the deselection of the input field in the program; Means for informing the input device of the end of input of data to be encrypted; and means for transmitting the encrypted data to the program of the network computer. System according to claim 31, characterized that the input device a keyboard is. System according to claim 31 or 32, characterized that the network computer a software module and a conversion device having. System according to claim 33, characterized in that that the conversion device of the network computer is a protocol converter, preferably has a translating proxy. System according to one of claims 31 to 34, characterized in that the means for buffering is a buffer memory on the input device is arranged. System for secure data transmission between one with a network computer connected input device and a remote network, which with the network computer via a data network is connected, the system comprising: one input device with an encryption device; medium to inform the input device about the beginning the input to be encrypted Data by the user; Means for caching the entered data; Means for informing the input device of the termination the input to be encrypted Data by the user; Means of transmitting the encrypted Data to the program of the network computer; System according to claim 36, characterized that the input device a keyboard is. System according to claim 36 or 37, characterized the network computer has a conversion device. System according to claim 38, characterized that the conversion device of the network computer is a protocol converter, preferably has a translating proxy. System according to one of Claims 36 to 39, characterized that the buffer memory is arranged on the input device. System for secure data transmission between one with a network computer connected input device and a remote network, which with the network computer via a data network is connected, the system comprising: medium for receiving data from the remote site; Means to Read out and submit the data from the program of the network computer to the input device; medium to submit the answer of the input device to the program of the network computer; Means of transmission the answer of the input device from the program of the network computer to the remote site to build an encrypted Connection between input device and network counterpart; System according to claim 41, characterized that the input device a keyboard is. System according to claim 41 or 42, characterized that the network computer a software module and a conversion device having. System according to claim 43, characterized that the conversion device of the network computer is a protocol converter, preferably has a translating proxy. System according to one of Claims 41 to 44, characterized that for encrypting the Data through the input device the presence of a public key is required. System according to claim 45, characterized in that that the public key is included in the data generated by the remote site. System according to one of Claims 41 to 46, characterized that the input device is a encryptor having the connection between the input device and the network encrypted based on the data received from the remote site.