DE19614139A1 - Psycho-metric authentication method - Google Patents

Abstract

The method involves using polyads (1) which are stored on a data carrier and which consist of a first number of elements (AE) and a second number of elements (ae) of user-specific term associations and characters or numbers, whereby one or more authentication criterion is formed from the numbers. The association elements are put into a regular order during initialization, by which the authentication criterion is formed. Each association element is combined with a respective number and shuffled into an irregular, arbitrary order by which they are stored. The original regular arrangement of the numbers is reconstructed during authentication through associating the elements in the irregular order, and the authentication criterion is formed again.

Description

In German patent applications P 44 02 430.4-35, P 44 16 665.6-35, P 44 19 882.5-35, P 44 23 415.5-35, P 44 30 368.8, P 44 36 340.0, P 44 43 039.6-35, 195 34 666.1-35 and 195 44 358.6-35 are authentic methods according to the psychometric principle in various forms disclosed. Among other things, it describes how elements stored in groups in an unordered manner related word pairs with assigned basic numbers BZ, according to only one person to be authenticated reproducible plan to be linked to from the so ordered base numbers to calculate a result number EZ that serves as an authentication criterion.

The object of the present invention is to determine the scope, the user friendliness and security of such Enlarge authentication process. The solution to this task takes place with those described in the claims Precautions in the form of two alternatives: first, through the use of a special variable authentication number AZ and secondly through mutual authentication.

As a basis for understanding the present invention, the principle of the psychometric authentication method is explained in summary with reference to the attached FIGS. 1 to 4.

Fig. 1 shows a ring of ten three-digit base numbers BZ, which make up the algorithm
Z _x = Round ((BZ · previous BZ) ² / 1000; 0)
EZ = Σ Z _x

the result number EZ = 616 187 491 333 320 is calculated.

Fig. 2 shows another number ring, in which the ten FCs are listed in a different order. In total there are about 3.6 million different number rings with the ten FCs and as many DCs. The "arbitrary" arrangement of the FC in Fig. 2 can be thought of as "mixing" the FC in the number ring according to Fig. 1. Fig. 3 shows the same number ring as Fig. 1.

In addition, each BZ is assigned a name and a first name, with the names and first names of ten people being used. Matching surnames and first names are in neighboring places. This arrangement ensures that all surnames and first names are contained in a closed chain. To simplify matters, the triad consisting of a BG, a name and a first name is referred to as a triad. The arrangement of the BZ in Fig. 4 corresponds to that of Fig. 2 with arbitrarily mixed triads.

According to the principle of psychometric authentication, the authentand is assigned a BZ ring with the resulting EZ ( Fig. 1). The authentand extends this ring during the system initialization by adding his person-specific names and first names to a triad ring ( Fig. 3). Then the ten triads are mixed by the system and stored in this arbitrary arrangement ( Fig. 4). The authentication consists in that the authentand restores the original BZ ring ( Fig. 3) by associating the related names and first names in the arbitrary triad ring in Fig. 4 and recalculates it with the corresponding software EZ and compares it with the stored original EZ.

Fig. 4 shows the result of the combination with the letter sequence ABCDEFGHIJ. The original BZ ring results from rearranging the BZ according to this link.

In practice, the individual process steps of this psychometric authentication using modern means Computer technology realized.

First alternative: The use of BZ that can be changed with each authentication to form a special variable authentication number AZ according to the first main claim 1 and sub-claim 2 is a further development of the general principle of "variable" AZ, which is set out in the patent applications listed at the beginning, among others. This principle states that for offline remote authentication with a chain of electronic triads stored in a disordered sequence, each consisting of a base number BZ and two person-specific association elements A _x -a _y , in which the associated association elements Aa are each in an ordered sequence neighboring triads are located, some or all of the BZ are changed in the authenticator's electronic authenticity system and in conformity in the electronic authenticity system of the institution to which the remote authentication takes place. From the changed BZ set both systems calculate an altered EZ _new, which is used as Authentkriterium. The BZ changes are passed on from AZ to the authenticating institution, whereby AZ is different for each authentication.

The change of the BZ can be done in the electronic authentication system of the authentand by chance or using suitable ones Algorithms are created in such a way that neither the complete BG set, nor its structure, nor the original EZ for a possible emulator during transmission are recognizable. Only individual ones are derived Transfer partial data. Furthermore, user friendliness half AZ should be as simple as possible, especially from only  few characters.

It is known to use the so-called difference numbers To change DELTA, for example according to the relationship:

BZ _new = BZ _old + DELTA

AZ can then, for example, from DELTA and some components _reassembled and EZ are as follows: AZ = 738-481.

For security reasons, the control institution must reject AZ values that have already been used. This can be done with a lock, as is usual with the TAN values of telebanking. In addition, the authenticator's electronic authentication system should not even generate such identical AZ. The algorithm:
DELTA _{n + 1} = Mod ((DELTA _n + z₁); 10 ^z2 )

= Mod ((n + 1) z₁; 10 ^z2 ),

in which
· Z₁ an integer ending with 9,
· Z₂ is a positive integer,
· The index n means the nth authentication,
fulfills this requirement, has the result that the calculated DELTA _{n form} a sequence of numbers in which all numbers up to the largest value for DELTA _n occur exactly once.

If AZ is composed of n or a function of n as well as parts of "EZ _new = function of DELTA", the authentication institution's lock against re-use of previously used AZ becomes particularly easy. In the corresponding software, the command is sufficient:

If (n ← n _last ; "not authentic";"continue"),

to eliminate all AZ already used. This is from Data volume of the software is extremely economical, in contrast on the well-known blocking procedure for TANs, in which hundreds of multi-digit numbers can be stored for each authenticant have to.

The special variable authentication number AZ according to the invention can z. B. generate with pocket devices and instead of previously unchangeable passwords, codes, PINs and Use TANs.

Second alternative: Fig. 5 shows the method for mutual psychometric authentication of two authentants A and B according to main claim 3 and sub-claims 4 to 7. When this system is initialized, two BZ rings are generated, one of which is assigned to authentand A and the other to authentand B. Authentand A forms his personal triad chain with his BZ ring (219-429-176-296-342-401-769-684-915-856) and his specific names and first names, Authentand B does the same with the second BZ ring ( 036-152-896-025-728- 615-664-410-099-674). The system calculates the result numbers EZ _A = 616 187 491 333 320 and EZ _B = 118 332 065 306 766 at the beginning of initialization.

The counter authentication according to the invention, consisting of two Self and two control authentications, runs in individual for example as follows if the system consists of two interconnected PC and the corresponding software consists:

* In a first initialization step, Authentand A generates ten BZ _A and ten EZ _B with its software. Authentand B receives the partially initialized software.

* In a second step, both authentants complete the Initialization of their respective software with their PC, by giving their person-specific names and first names enter.

* For the purpose of counter authentication, the two PCs are networked. With each counter authentication process, authentants A and B first link their respective surnames and first names, whereby the BZ _A and BZ _{B are brought} into the correct order in both PCs. In PC _A , EZ _{A is} calculated and compared (self-authentication of authentand A), in PC _B EZ _{B is} calculated and compared (self-authentication of authentand B).

* Using the relationships BZ _A new = BZ _A old + DELTA _A and BZ _B new = BZ _B old + DELTA _B , ten new BZ _A and BZ _B as well as a new EZ _A and a new EZ _{B are} calculated in both PCs. The difference numbers DELTA _A and DELTA _{B are} expediently generated by the software in PC _A or PC _B at random.

* Then DELTA _A and EZ _{A are} newly transmitted from PC _A to PC _B ; PC _B uses BZ _A new = BZ _A old + DELTA _{A to} calculate ten new BZ _A and one new EZ _A , which is compared with the transmitted EZ _A again (control authentication by Authentand B).

* After that, PC _B DELTA _B and EZ _{B are} newly transmitted to PC _A ; PC _A uses BZ _B new = BZ _B old + DELTA _{B to} calculate ten new BZ _B and one new EZ _B , which is compared with the transmitted EZ _B again (control authentication by Authentand A).

* After successful self and control authentication, the counter authentication according to the invention is completed - apart from the mixing of the hexades. _A combined authentication number (signature) can be calculated from the new BZ or EZ _A new and EZ _B new, which is used to identify information that is to be exchanged between PC _A and PC _B.

* The ten new BZ _A new and BZ _B new available in the two PCs after counter-authentication can replace the BZ _A old and BZ _B old as characteristic BZ rings together with EZ _A new in PC _A and EZ _B new in PC _B can be saved for the next counter authentication. This increases the security of the process, because with each counter authentication different EZ are exchanged between the two PCs.

* Furthermore, the two authentants can follow successful authentication and before mixing the hexades their personal names and first names in total or partially change.

The counter authentication according to the invention can be in the Use communication when it comes down to it Ensure authenticity of sender and receiver. Examples of this are electronic legal transactions and secure transmission of encrypted or unencrypted information.

Claims (8)

1. A method for psychometric authentication, characterized in that in a chain serving as an authentication medium of electronic triads stored in a disordered sequence, each consisting of a base number BZ which can be changed with each authentication and two person-specific association elements A _x and a _y , in which is in order Follow the associated association elements Aa each on adjacent triads and from the BZ _new a result number EZ is _newly calculated, the BZ changes are determined according to the formula BZ _new = BZ _old + DELTA, the difference number DELTA resulting from the algorithm:
DELTA _{n + 1} = Mod ((DELTA _n + z₁); 10 ^z2 ) = Mod ((n + 1) z₁; 10 ^z2 ); here · z₁ is an integer ending with 9,
· Z₂ is a positive integer,
· The index n denotes the nth authentication. 2. The method according to claim 1, characterized in that a variable authentication number AZ is formed for the purpose of control authentication from n or a function of n and from components of "EZ _new = function of DELTA". 3. A method for psychometric authentication, characterized in that a chain of electronic hexads stored in a disordered sequence, each consisting of two basic numbers BZ _A and BZ _B and four person-specific association elements A _x -a _y and B _x -b _y , in which the associated association elements Aa and Bb are each in an ordered sequence on neighboring hexads, serves as an authentic medium. 4. The method according to claim 3, characterized in that the unordered hexades of two authentants A and B are brought into the order in that the authentand A from the association elements A and a and the authentand B from the association elements B and b each one forms a closed chain, and two result numbers EZ _A and EZ _{B are} calculated from the BZ _A and BZ _{B of} the ordered hexad chain, each of which serves as a criterion for self-authentication. 5. The method according to claim 4, characterized in that difference numbers DELTA _A and DELTA _{B are} generated with which new basic numbers BZ _A new and BZ _B new from the BZ _A old and BZ _B old of the ordered hexad chain, and two new ones from the latter Result numbers EZ _A new and EZ _{B are} calculated, which serve as a criterion for a control authentication of the authentand A by the authentand B and vice versa, whereby DELTA _A from the subsystem for the authentand A to the subsystem for the authentand B and DELTA _B from the subsystem for the Authentanden B to the subsystem for the authentanden A are transmitted. 6. The method according to claim 5, characterized in that as a function of the basic numbers BZ _A new and BZ _B new or the result numbers EZ _A new and EZ _B new a new authentication number AZ is formed for each successful counter authentication process, with which information is identified must be exchanged between PC _A and PC _B. 7. The method according to claim 5, characterized in that after successful counter authentication of the system the BZ _A old and BZ _B old by BZ _A new and BZ _B new, the EZ _A old and EZ _B old replaced by EZ _A new and EZ _B new will. 8. The method according to claim 1 or 3, characterized in that that in the state of orderly triads or hexads the related person-specific association elements in whole or in part by others belonging together personal association elements are replaced.