EP1116085A1 - Procede et dispositif de mise a jour d'un mot de passe - Google Patents

Procede et dispositif de mise a jour d'un mot de passe

Info

Publication number
EP1116085A1
EP1116085A1 EP99955678A EP99955678A EP1116085A1 EP 1116085 A1 EP1116085 A1 EP 1116085A1 EP 99955678 A EP99955678 A EP 99955678A EP 99955678 A EP99955678 A EP 99955678A EP 1116085 A1 EP1116085 A1 EP 1116085A1
Authority
EP
European Patent Office
Prior art keywords
computer
password
service request
request message
updated
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
EP99955678A
Other languages
German (de)
English (en)
Inventor
Steffen Fries
Martin Euchner
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Siemens AG
Original Assignee
Siemens AG
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Siemens AG filed Critical Siemens AG
Publication of EP1116085A1 publication Critical patent/EP1116085A1/fr
Withdrawn legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/068Network architectures or network communication protocols for network security for supporting key management in a packet data network using time-dependent keys, e.g. periodically changing keys
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • H04L63/0846Network architectures or network communication protocols for network security for authentication of entities using passwords using time-dependent-passwords, e.g. periodically changing passwords
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2131Lost password, e.g. recovery of lost or forgotten passwords

Definitions

  • the invention relates to a method and an arrangement for updating a password.
  • a list of permitted users of the arrangement is stored in the arrangement database. Each user is assigned a password, which is saved and with which the entered password is compared. A time specification is also assigned to each password. The time is used to specify the period for which the password should be valid. If the period has expired, the stored password becomes invalid and the user is prompted to update the password if he wants to start using the arrangement.
  • the password information can be stored in the database in encrypted form (encrypted or formed using a one-way hash function). From [1] is still known that the password information can be transported cryptically over a communication link. An example of this is the domain logon in Windows NT. However, the time of changing the password is limited to the time of the login procedure.
  • a communication standard is known from [2], in which framework conditions, in particular message formats, which can be exchanged between interconnected computers in the context of multimedia communication.
  • the computers can be logically or permanently connected to one another.
  • [4] describes the so-called Abstract Syntax Notation 1 (ASN.l), which is used to define the format of a message and which is used to define the format of a message in the sense of the standards known from [2] and [3] .
  • ASN.l Abstract Syntax Notation 1
  • the invention is therefore based on the problem of specifying a method and an arrangement for updating a password between two interconnected computers.
  • a method for updating a password between a first computer and a second computer has the following steps: a) the second computer receives a service request message sent by the first computer within the framework of a communication connection between the first computer and the second computer, the service request - Message has the password, b) with the service request message, the first computer requests the provision of a service, c) the second computer checks whether the password contained in the service request message is valid for the first computer, d) in the event that if the password is valid, the service is provided, e) in the event that the password is invalid, an update message is sent from the second computer to the first computer requesting an update of the password, and f) from the first computer and / or the second computer is updated ized password is formed, which is further used as a password in the context of the communication link.
  • An arrangement at least comprises a first computer and min ⁇ least a second computer on for updating a password between the computers, wherein the first computer and the second computer each include a processor, which are set up such that the following steps are carried out: "" a ) the second computer receives a service request message sent by the first computer within the framework of a communication connection between the first computer and the second computer, the service request message having the password, b) the service computer uses the service request message to request the provision of a service , c) the second computer checks whether the password contained in the service request message is valid for the first computer, d) in the event that the password is valid, the service is provided, e) in the event that the password is invalid, an update from the second computer tion message sent to the first computer, with which an update of the password is required, and f) an updated password is formed by the first computer and / or the second computer, which is subsequently used as a password in the context of the communication connection.
  • the invention makes it possible to update a password between two computers during a communication link existing between the two computers.
  • the second computer can clearly force the first computer to require the first computer to update the password when the first computer requests a service from the second computer.
  • the second computer thus ensures that the passwords are up-to-date, which increases the security of communication between the computers. Preferred developments of the invention result from the dependent claims.
  • the updated password is formed in the following way: a) the first computer sends a password message to the second computer, which contains the updated password in such a way that the updated password can only be determined using the password, b) the second computer uses the password to determine the updated password from the password message, c) the second computer stores the updated password.
  • the second computer can send a confirmation message with which the use of the updated password in the context of the communication connection is confirmed.
  • the first computer is preferably authenticated by the second computer using an authentication information from the first computer contained in the service request message. This increases the security level of the respective communication connection.
  • the check as to whether the password contained in the service request message is valid for the first computer is carried out using a control database in which it is specified for the first computer whether an update message has previously been sent from the second computer to the first computer is.
  • the service request message is preferably an indication included for securing the integrity of the service request message with which indication from the second computer, the "received service request message is checked for its integrity. Only in the event that the integrity of the service request message is guaranteed is performed drive the comparison otherwise the requested service will be rejected, thus further increasing the security level of the respective communication connection.
  • the updated password is preferably contained in encrypted form in the password message, the key for encrypting the updated password being formed depending on the password.
  • the key is preferably formed by lining up the password several times.
  • a plurality of first computers are preferably provided, each of which has a password together with the second computer, the password being unique in each case for the communication link between the respective first computer and the second computer.
  • the invention can therefore be used very well in a large communication network in which a server, the second computer, several clients, the first computers, offers services via the communication network.
  • second computers can be provided, each of which has a password together with each first computer. zen, the password being unique for the communication link between the respective second computer and the respective second computer.
  • Figure 1 is a flowchart showing the method steps of the embodiment
  • Figure 2 is a sketch showing computers that are connected to each other via a communication network.
  • FIG. 2 shows a first computer 200 with a memory 202 and a processor 203, each of which is connected to one another and to an input / output interface 201 via a bus 204.
  • the first computer 200 is connected to a screen 205, a keyboard 206 and a computer mouse 207 via the input / output interface 201.
  • the first computer 200 is connected to further computers 210, 220, 230, 240 and 250 via a communication network 260, in the example an ISDN network (Iritegrated Services Digital Network).
  • a communication network 260 in the example an ISDN network (Iritegrated Services Digital Network).
  • a database 208 is stored in the first computer 200
  • the further computers 210, 220, 230, 240 and 250 each likewise have a processor 213, 223, 233, 243 and 253 and a memory 212, 222, 232, 242 and 252 each.
  • Processors 213, 223, 233, 243 and 253 and memories 212, 222, 232, 242 and 252 are each one Bus 214, 224, 234, 244 and 254 are connected to communication network 260 via an input / output interface 211, 221, 231, 241 and 251.
  • the other computers 210, 220, 230, 240 and 250 each have a screen 215, 225, 235, 245 and 255 as well as a keyboard 216, 226, 236, 246 and 256 and a computer mouse 217, 227, "" 237, 247 and 257 connected.
  • Communication takes place between computers 200, 210, 220, 230, 240 and 250, i.e. a secure exchange of multimedia data, according to the H.235 standard, as described in [2].
  • the first computer 200 is designed as a server and provides the other computers 210, 220, 230, 240 and 250 with various services.
  • a second computer 210 wants to use a service from the first computer 200.
  • a communication link is established between the second computer 210 and the first computer 200 in accordance with the methods described in [2] and [3].
  • a logical connection is assigned to the communication link and is clearly identifiable.
  • Messages 270, 280 are exchanged between the computers 200, 210, 220, 230, 240, 250 via the logical channel.
  • the second computer 210 can use the first computer 200 to provide a service, in this case a database query from a database 208 stored in the first computer 200.
  • a service in this case a database query from a database 208 stored in the first computer 200.
  • a user of the second computer 210 enters the desired criteria for the database query into the second computer 210.
  • a service request message 101 is formed by the second computer 210 (step 100), which contains the criteria for the database query (cf. FIG. 1).
  • an authentication information (authentication token) with which the times computer 210 can be authenticated by the first computer 200; the authentication information allows the password to be displayed in various forms (for example, encrypted or formed using a one-way hash function as a one-way hash value); an H.235 address with which the first computer 200 is uniquely identified;
  • a password assigned to the respective computer 210, 220, 230, 240 and 250 is stored in the first computer 200 for each additional computer 210, 220, 230, 240 and 250. If a service request message 101, which is formed by a further computer 210, 220, 230, 240 and 250, contains a password which is the same as the stored password for the further computer 210, 220, 230, 240 and 250, so the requested service is granted to the user, ie executed by the first computer 200.
  • a first time specification t1 is assigned to the password, which is used to indicate the time at which the password was formed.
  • the password is also a second one Assigned time t2, which is used to specify the period for which the password is valid.
  • the service request message 101 is transmitted from the second computer 210 to the first computer 200 (step 102).
  • the second computer 210 After receiving the service request message 101 in the first computer 200 (step 103), the second computer 210 is authenticated using the authentication information in the service request message 101 (step 104).
  • the password specification PW is determined in a further step (step 105) from the authentication specification of the service request message 101 and the password specification is compared with the password stored in the first computer 200 and assigned to the second computer 200 ( Step 106).
  • the service request message 101 is discarded (step 110) and the requested service is not carried out.
  • step 107 it is checked whether the password is valid. This is done in such a way that a current time t3 at which the service request message 101 has been received by the first computer 200 is determined.
  • the service request message 101 is rejected (step 115) and the requested service is not carried out.
  • a check is carried out to determine whether the current time t3 is less than or equal to the sum of the first time t1 and the second time t2, ie whether:
  • the service requested with the service request 101 is carried out by the first computer 200 (step 108) and the result of the database query is transmitted to the second computer 210 in a result message 116 (step 109)
  • Step 110 in which the result of the database query is processed further (Step 111).
  • step 120 if the password is invalid, an update message 121 is generated by the first computer 200 and sent to the second computer 210 (step 122), with which an update of the password is requested. Furthermore, the first computer 200 transfers a bit (control value) to a first in a control database
  • an updated password aPW is formed by the second computer (step 124). If the second computer 210 does not follow the prescribed procedure and generates a service request again without changing the password, the first computer 200 can determine this after the authentication of the second computer 210 and the checking of the control value. If the control value is set to the first value, the method can be ended (step 131).
  • the updated password aPW is encrypted symmetrically according to the Data Encryption Standard (DES).
  • DES Data Encryption Standard
  • the password PW which is also known and stored in the second computer 210, is used as the key for encrypting the updated password aPW.
  • the encrypted updated password aPW is transmitted to the first computer in a password message 125 (step 126) formed by the second computer 210 (step 126).
  • the password message 125 contains an integrity statement with which the integrity of the password message 125 can be checked.
  • step 129 Upon receipt of the password message 125 (step 128), the integrity of the password message 125 is checked (step 129).
  • step 130 If the integrity check is negative, the password message 125 is discarded (step 130) and the method is ended (step 131).
  • the encrypted updated password aPW is determined by the first computer 200 (step 132) and the updated password aPW is decrypted (step 133).
  • the updated updated password aPW is determined in a further step as a new password for the second computer 210. saves (step 134). Furthermore, the first computer 200 in the control database sets the corresponding control value to a second value, which indicates that the respective password is valid.
  • a confirmation message 135 is then formed by the first computer 200 (step 136) and transmitted to the second computer 210 (step 137) and received by the second computer 210 (step 138). With the confirmation message 135, the second computer 210 confirms the further use of the updated password aPW in the context of the communication connection.
  • the service is provided by the first computer 200 (step 108), the result message 116 is formed
  • Step 109 and transmit the result message 116 to the second computer 210 (Step 110).
  • the result message 116 is processed further in the second computer 210 (step 111).
  • the corresponding computer in the control database sets the corresponding bit to a second value, which indicates that the respective password is valid.
  • the first computer 200 checks whether the respective password is valid or not based on the control database after it has been received. In this way, the password can be checked very quickly.
  • the abstract syntax notation 1 (ASN.l) described in [4] is used to define the format of the individual messages described below.
  • the messages are encoded as a non-standard message provided in [3], as described below:
  • NonStandard Identifier CHOICE ⁇ object OBJECT IDENTIFIER, h221NonStandard H221NonStandard,
  • EncryptlntAlg as core block encryption algorithm - (Short MAC) hMAC-isol0118-2-l EncryptlntAlg, - according to ISO / IEC 10118-2 using
  • OID is SHA-1, RIPE-MD160, - RIPE-MD128)
  • the type of integrity assurance is basically arbitrary, as is the encryption algorithm for encrypting the updated password.
  • the formation of the service request message and / or the update message and / or the password message and / or the confirmation message can take place separately as independent messages and can be transmitted separately between the computers involved. It is also possible in a variant to transmit the respective message together with other messages between the computers involved in accordance with the principle of what is known as "piggyback".
  • the second computer can also request the creation of a new password from the second computer by sending an update request to the second computer.
  • the second computer can use a control database stored with it and the corresponding control value to check whether the first computer has complied with its request to change the password.
  • the second computer can break off the communication and end the process.

Abstract

Procédé de mise à jour d'un mot de passe entre un premier ordinateur et un second ordinateur, selon lequel (a) le second ordinateur reçoit un message de demande de service envoyé par le premier ordinateur dans le cadre d'une liaison de communication entre le premier ordinateur et le second ordinateur, ledit message contenant le mot de passe, (b) l'exécution d'un service est demandée par le premier ordinateur par l'intermédiaire du message de demande de service, (c) le second ordinateur vérifie si le mot de passe contenu dans le message est valable pour le premier ordinateur, (d) le service est exécuté si le mot de passe est valable, (e) en cas de non validité du mot de passe, un message de mise à jour dans lequel est demandée une mise à jour du mot de passe est envoyé par le second ordinateur au premier ordinateur et (f) le premier ordinateur forme un mot de passe mis à jour qui est utilisé ultérieurement en tant que mot de passe dans le cadre de la liaison de communication.
EP99955678A 1998-09-30 1999-09-08 Procede et dispositif de mise a jour d'un mot de passe Withdrawn EP1116085A1 (fr)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
DE19845055 1998-09-30
DE1998145055 DE19845055A1 (de) 1998-09-30 1998-09-30 Verfahren und Anordnung zur Aktualisierung eines Paßwortes
PCT/DE1999/002844 WO2000019297A1 (fr) 1998-09-30 1999-09-08 Procede et dispositif de mise a jour d'un mot de passe

Publications (1)

Publication Number Publication Date
EP1116085A1 true EP1116085A1 (fr) 2001-07-18

Family

ID=7882939

Family Applications (1)

Application Number Title Priority Date Filing Date
EP99955678A Withdrawn EP1116085A1 (fr) 1998-09-30 1999-09-08 Procede et dispositif de mise a jour d'un mot de passe

Country Status (3)

Country Link
EP (1) EP1116085A1 (fr)
DE (1) DE19845055A1 (fr)
WO (1) WO2000019297A1 (fr)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7921290B2 (en) 2001-04-18 2011-04-05 Ipass Inc. Method and system for securely authenticating network access credentials for users
US7961884B2 (en) 2002-08-13 2011-06-14 Ipass Inc. Method and system for changing security information in a computer network
US7734051B2 (en) * 2004-11-30 2010-06-08 Novell, Inc. Key distribution
WO2009121905A1 (fr) 2008-04-04 2009-10-08 International Business Machines Corporation Gestion de mots de passe expirés

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5611048A (en) * 1992-10-30 1997-03-11 International Business Machines Corporation Remote password administration for a computer network among a plurality of nodes sending a password update message to all nodes and updating on authorized nodes
US5734718A (en) * 1995-07-05 1998-03-31 Sun Microsystems, Inc. NIS+ password update protocol

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See references of WO0019297A1 *

Also Published As

Publication number Publication date
WO2000019297A1 (fr) 2000-04-06
DE19845055A1 (de) 2000-04-06

Similar Documents

Publication Publication Date Title
DE19722424C1 (de) Verfahren zum Sichern eines Zugreifens auf ein fernab gelegenes System
DE60114986T2 (de) Verfahren zur herausgabe einer elektronischen identität
EP0903026B1 (fr) Procédé de négociation d'une politique de sécurité entre une première et une seconde unité informatique
DE60314871T2 (de) Verfahren zur authentifizierung eines anwenders bei einem zugang zu einem dienst eines diensteanbieters
DE60119857T2 (de) Verfahren und Vorrichtung zur Ausführung von gesicherten Transaktionen
EP1105998B1 (fr) Procede et dispositif permettant de composer une cle secrete de communication pour une paire de cles de chiffrement asymetrique prealablement determinee
EP0903027A1 (fr) Procede de gestion de cles cryptographiques, fonde sur un groupe, entre une premiere unite informatique et des unites informatiques d'un groupe
EP3949309B1 (fr) Certificat digital et méthode sécure pour fournier une clé publique
EP0884869B1 (fr) Procédé d'affichage sécurisé lors de la transmission de fichiers ou de données entre utilisateurs
EP1116085A1 (fr) Procede et dispositif de mise a jour d'un mot de passe
EP1468520B1 (fr) Procede de securisation du trafic de donnees dans un environnement de reseau de telephonie mobile
DE10296626T5 (de) Verfahren zur unleugbaren Verwendung kryptographischer Signaturen in kleinen Einrichtungen
DE60310872T2 (de) Verfahren zur Verwaltung einer Einstellung eines Gateways von einem Benutzer des Gateways
DE102019109341B4 (de) Verfahren zum sicheren Austausch von verschlüsselten Nachrichten
WO1998002991A1 (fr) Procede de repartition d'une cle entre deux unites qui participent a une liaison par rnis/internet
WO2000059155A1 (fr) Dispositif et procede permettant une transmission electronique sure des donnees
EP1364512A2 (fr) Procede et systeme de communication permettant de preparer un element-programme
EP3964977A1 (fr) Mise en cache des ensembles de données dans un système de base de données distribué
EP4270863A1 (fr) Reconstruction sécurisée de clés privées
EP1168750A1 (fr) Procédé de sécurisation anonyme des données personelles utilisateur dans un réseau informatique
EP3840321A1 (fr) Procédé et système d'authentification d'un id mobile au moyen des valeurs de hachage
DE10358021B3 (de) Verfahren zum Aufbau von zwei Kommunikationsverbindungen zwischen zwei Benutzern
DE60030176T2 (de) Kommunikationssystem zur Unterstützung von voneinander abhängigen Nachrichten
EP2723111A1 (fr) Authentification multifactorielle pour terminaux mobiles
EP0912013A1 (fr) Procédé de sécurisation des accès à une application dans un réseau

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

17P Request for examination filed

Effective date: 20010223

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LI LU MC NL PT SE

RBV Designated contracting states (corrected)

Designated state(s): DE GB

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN

18D Application deemed to be withdrawn

Effective date: 20040401