Classifications

• • H—ELECTRICITY
  • H04—ELECTRIC COMMUNICATION TECHNIQUE
  • H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
  • H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
  • H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
  • H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
• • H—ELECTRICITY
  • H04—ELECTRIC COMMUNICATION TECHNIQUE
  • H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
  • H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
  • H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
• • H—ELECTRICITY
  • H04—ELECTRIC COMMUNICATION TECHNIQUE
  • H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
  • H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
  • H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
• • H—ELECTRICITY
  • H04—ELECTRIC COMMUNICATION TECHNIQUE
  • H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
  • H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
  • H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
  • H04L9/3263—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
• • H—ELECTRICITY
  • H04—ELECTRIC COMMUNICATION TECHNIQUE
  • H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
  • H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
  • H04L2209/60—Digital content management, e.g. content distribution

Definitions

• the present invention relates to a method and devices for securing transactions or interactions, hereinafter referred to as operations, on a network between a user and a service or product provider, hereinafter referred to as provider.
• a currently known solution consists in issuing a certificate by a certification authority that has tested the provider's reality.
• an icon appears such as a padlock on the site of the provider seen from a device made available to a user.
• An example of such a solution is the SSL protocol
• a secure SSL mode operation works if the provider's site is certified and encryption is guaranteed. But this solution does not solve all fraud situations since certificates of convenience can be obtained. Thus, certain fraud techniques, such as the one known as "Man In The Middle” or "P-Fishing" can not be prevented with this solution.
• This fraud technique involves usurping the identity of a user with the aim of obtaining enough information to impersonate a service provider and carry out operations for his benefit. The usurper has a certificate here to make the client believe that he is on the provider's site, for example a banking site, and that he has his certificate. Thus a user who will try to connect to the site of a provider will be, in reality, routed to another site.
• the present invention prevents this type of fraud. It relates to a method of securing operations performed within a network between a user and a provider. This method is implemented using devices according to the invention.
• the method includes, for the user, a step of sending at least one identification data of the user to the provider and, for the provider, a step of sending at least one authentication data of the user. provider to the user.
• identification and authentication data are intended to be used in a secure mode of operations, for example SSL type.
• the method includes, for the user, a step of generating a dynamic encryption key, an encryption step using said dynamic encryption key, the authentication data received, and a step sending, to the provider, the encrypted authentication data.
• the method further includes, for the provider, a step of dynamically decrypting the encrypted authentication data and a step of verifying the decrypted authentication data in order to allow the operation in secure mode.
• the invention makes it possible to have a changing information, the dynamic encryption key, known to the user and the real provider and unknown to the usurper.
• the dynamic nature of the encryption key makes it possible to prevent the fraudster from easily discovering it by any known means of hacking. Indeed, an encryption key unchanged over time could be hacked using techniques similar to those observed with a credit card code which is itself unchanged over time.
• the identification data is also encrypted during the encryption step using the dynamic encryption key, sent with the encrypted authentication data, and decrypted during the encryption step. decryption step.
• the encryption of the identification data using the dynamic key allows the provider to know with which user the connection is hacked. It also allows the user to be protected against subsequent use of his identification data or data, known to the usurper, in an identification method that does not have security such as that proposed by the invention. Such a situation is encountered, for example, when a partial migration is performed between two types of identification methods and / or when several types of identification methods remain at the same time.
• such encryption of the identification data may allow the user to not communicate unencrypted identification data with the dynamic encryption key and thus does not disclose identification data in the clear. Such a feature allows even greater security especially against the principle of fraud such as "Phishing".
• the authentication data is for example a certificate according to the SSL (Secured Socket Layer) protocol.
• the method includes, for the user, a step of downloading means for performing the encryption step.
• Such means for performing the encryption step may be what is commonly referred to as a "plug-in".
• the means for performing the encryption step can also be integrated natively or by various installation techniques in a device made available to the user.
• the step of generating the dynamic encryption key is at least partially performed by an autonomous object.
• the identification data is a first acoustic signature provided by the autonomous object.
• the autonomous object implements an acoustic variation method intended to vary a second acoustic signature from which the dynamic encryption key is generated, the decryption step also being implemented using said method of acoustic variation.
• the invention also relates to a device intended to be made available to a user and including the means for implementing the steps of the method carried out by the user.
• means for generating the dynamic encryption key associated with the device are at least partly implemented on an autonomous object with respect to said device.
• the autonomous object is a card.
• the format of such a card can be ISO or not.
• the card is an acoustic card.
• the acoustic map provides the identification data in the form of a first acoustic signature.
• the invention also relates to a device intended to be made available to a service provider and including means for carrying out the steps of the method carried out by the service provider.
• at least part of the dynamic decryption means are implemented in a server associated with the provider's device.
• the dynamic decryption means implement variation means for varying the dynamic decryption means at each reception of the identification data.
• FIG. 2 illustrates a pirated operation as encountered with the operations of the state of the art
• FIG. 3 illustrates a secure operation with a method according to the invention, this operation implementing devices according to the invention
• Figure 4 is a diagram of a device according to the invention to be made available to a user
• Figure 5 is a diagram of a device according to the invention to be made available to a provider.
• an operation 13 in secure SSL mode is performed between a user 1 and a provider 2.
• the user connects to the provider's site, for example on the site of a banking service, and authenticates with the help of an identifier and a password for example.
• Identification data 14 is therefore sent to the provider 2.
• User 1 also receives a certificate from the provider in a step 12 which may be before or after identification. Such a certificate constitutes an authentication datum 15.
• the provider 2 authorizes the establishment of an operation 13 in secure mode.
• routing tables for example Address Resolution Protocol (ARP) tables in which one finds the last visited sites kept in cache and / or the favorites, are used to store the addresses of the sites (MAC addresses for Media Access Control for example).
• ARP Address Resolution Protocol
• Such tables serve in particular for the user to connect to the sites of the service providers.
• FIG. 2 a "man in the middle" or “P-Fishing” or “Phishing” attack is a type of attack where an identity thief 3 interposes seamlessly in a connection between a user 1 and 2.
• an identity theft device 3 issues a request to know the addresses of target devices 1 and 2 with which it wishes to communicate.
• each packet sent from one device to another during the connection passes through the identity theft device 3.
• the falsified data packet transmission including routing tables is carried out regularly to avoid a return to normal where correct addresses are stored in the routing tables. Indeed, a device connected to a network updates its routing tables very frequently: every 30 seconds or 2 minutes for example, this time being configurable on most operating systems.
• the identity theft device 3 receives all the packets exchanged between the two devices 1 and 2. But this is not enough to hack an operation in secure mode.
• the identity theft device 3 retransmits the packets to the target devices 1 and 2 so that the connection between the two target devices 1 and 2 continues and that the device usurper identity can "listen" to the connection while remaining transparent in the connection.
• the identity theft device 3 retrieves the identification data 14 from the user.
• the identity theft device 3 then transfers these identification data 14 to the provider device 2.
• the provider 2 authorizes the identity theft device 3 to access the services in a secure mode of operation based on the presence of a certificate 15 provided to the usurper device. identity in a step 23.
• the identity theft device In a step 24, the identity theft device
• the identity thievery device 3 informs the user 1 of an error and asks him to reconnect later.
• the identity thievery device 3 is, for its part, identified and can perform all kinds of operations in secure mode 25 instead of the user 1 with the provider 2. Many sectors offering services on networks, including Internet, are affected by such hacking.
• a method according to the invention is implemented in at least two devices made available respectively to the user 1 and the provider 2.
• the user 1 connects to the provider 2 during A first step 11.
• An authentication certificate 15 of the provider 2 is provided in a step 12 which may be before or after a step of sending by the user 1 of identification data 14 to the provider.
• the device of the user comprises means 33 for generating a dynamic key of encryption and to encrypt at least the authentication data 15. It has been seen that the identification data 14 was also advantageously encrypted using the dynamic encryption key.
• this encrypted data 4 is sent to the provider.
• the encrypted data 4 is thus introduced into a virtual envelope 4 that a potential identity theft device would not have the possibility to open. Indeed, to open the envelope 4, that is to say decrypt the encrypted data, it should be that the identity theft device is aware of the dynamic key encryption. Since this key is dynamic, it varies over time. Moreover, since it is not transmitted, it is therefore not accessible for any device placed between the device of the user 1 and that of the provider 2.
• the envelope 4 is then transmitted to the provider 2 in a step 35.
• the device of the provider 2 is associated with means for opening the envelope 4, that is to say for decrypting the encrypted data 4. These means can in particular, as shown in FIG. 3, be implemented in a server 5 communicating with the device provider 2.
• the device provider 2 sends the envelope 4 to the server 5 in a step 36 and the server returns the decrypted data 14 'and, where appropriate 15', in Step 37.
• the decryption can also be performed in the device provider 2 itself. According to the invention, it is then verified that the user 1 has indeed received the correct authentication data 15 by comparing the decrypted authentication data 15 'with the authentic data item 15. This verification can be performed both within the server 5 within the device of the provider 2. Once this verification is performed, access to services and / or operation in secure mode 13 is allowed or not.
• the identification data is also encrypted and sent, the decrypted identification data 14 'of the user 1 makes it possible to determine the user on the connection from which the identity theft device has introduced.
• the method according to the invention allows a very high security.
• the identity thievery device does not have access to the data contained in the envelope 4. Nor does it have any means to modify or create a false envelope since the dynamic encryption key is not known. from him and is not transmitted.
• the dynamic encryption key is, in fact, managed, on the one hand, on the side of the user and, on the other hand, on the provider side without transmission between the two.
• the method according to the invention makes it possible to find the identity theft device. Indeed, when the provider receives the envelope, he can decrypt it and discover that the certificate is not identical to the one he sent himself. The provider, thus knowing the false certificate, the source IP address of the Internet access provider with which the impersonator has an access contract (such an access provider can then give the identity of the identity theft device) and the MAC address of the identity theft device, can take action against the identity thievery.
• the means for producing the envelope that include the encryption means using the dynamic encryption key are downloaded by the user, for example from the site of the invention. provider and / or sent by the service provider.
• This downloading (or sending) is for example made during the first connection of the user or during each connection of the user on the site of the provider.
• the identity theft device also downloads the encryption means and can return the key by return
• the size of the key is important (for example 128 bits) so that the time needed to decode the key is higher than the provider is willing to accept when attempting to identify a user.
• the means for producing the envelope 4 can advantageously be such that the envelope 4 includes, in addition to the authentication data and possibly the identification data, other data such as the date of the connection, the time, session data of the user, a signature that is transmitted during the connection ...
• a device 1 intended to be made available to a user includes sending means 42 for sending at least one user identification data 14 to the provider device 2 and receiving means 41 for receiving at least one authentication data item 15
• the device 1 is associated with means for generating a dynamic encryption key 46.
• the generation means are implemented on an autonomous object represented by a card 43.
• This card 43 is advantageously an acoustic card 43 which can provide two types of signature: a first signature called “online” that will be transmitted in an operation and a second signature called “offline” that is not transmitted.
• the sound card 43 has means for varying these two types of signature, in particular according to the number of uses, the time or the duration of use of the card.
• the method of variation of such signatures may therefore in particular be based on the number of uses of the autonomous object.
• Counters are implemented in the autonomous object and in association with the decryption means. These counters advance at the same time taking into account all triggers of the object, including accidental triggers. The number of times that the variation process is activated (for example by pressing a button placed on the autonomous object) can therefore be taken into account.
• the number of uses may, for example, be set as the number of times the first signature is transmitted.
• the variation method can also be time-based.
• the autonomous object and the decryption means calculate the variation in the same period of time, for example 30 seconds.
• the first signature advantageously provides the identification data item 1.
• the second acoustic signature is advantageously used by the card 43 to generate the dynamic encryption key 46.
• This second signature can also be the dynamic encryption key 46 itself.
• the device 1 includes encryption means 44 for encrypting at least the received authentication data 15, using said dynamic encryption key 46 and sending means 45 for sending to the provider device 2 the data item.
• encrypted authentication 4 represented by an envelope 4 on all the figures.
• Such means can also encrypt said identification data and thus include it in the virtual envelope 4.
• a device 2 intended to be made available to a service provider 2 includes receiving means 52 for receiving at least one identification data item 14 of the device of the user 1 and sending means 51 to send at least one authentication data from the provider 2 to the device of the user 1.
• the device 2 further includes receiving means 56 for receiving said encrypted authentication data 4 by means of a dynamic key 46. If necessary, the device 2 also receives the identification data 14 encrypted.
• the device 2 is associated with dynamic decryption means 54 for decrypting said encrypted authentication data 4 and means 55 for verifying the decrypted authentication data 15 'in order to authorize the operation in secure mode.
• the decryption and verification means may be implemented in an equivalent manner in the provider's device itself or on a server to which the provider's device is associated.
• the dynamic decryption means are implemented by a server 58 distinct from the provider device but connected to it.
• the server includes variation means 57 intended to vary the dynamic decryption means 54.
• variation means 57 may be similar to those implemented in the means for generating the dynamic encryption key 46 and thus provide at the same time as the dynamic encryption key 46 is generated, a corresponding decryption key 46 '.
• Software can therefore be implemented on both sides of the devices of the user and the provider to allow the encryption means and decryption means are in phase.
• such software may be such that it generates at the same time and independently of a connection between the devices of the user and the provider, the dynamic encryption key 46 in the device of the user 1 and a dynamic decryption key 46 'in the device of the provider 2.
• These key generations are advantageously performed at particular times, for example at each sending / receiving of identification data 14.
• the use of an acoustic card has many advantages. An acoustic signature can be easily modified. An acoustic signature is generally not resident in a precise but traveling machine. In addition, an acoustic signature is difficult to copy.
• an acoustic microphone the most widespread acoustic drive
• the steps of a method according to the invention take place within the devices described in FIGS. 4 and 5.
• the functionalities implemented according to this method can be carried out by hardware or software means or by a combination of such means.
• the invention may use a computer program product including instructions so as to perform the method according to the invention.

Landscapes

• Engineering & Computer Science (AREA)
• Computer Security & Cryptography (AREA)
• Computer Networks & Wireless Communication (AREA)
• Signal Processing (AREA)
• Storage Device Security (AREA)
• Data Exchanges In Wide-Area Networks (AREA)

Applications Claiming Priority (2)

Publications (1)

Family

ID=34946420

Family Applications (1)

Country Status (5)

Families Citing this family (2)

Family Cites Families (15)

• 2004
  • 2004-04-16 FR FR0404077A patent/FR2869175B1/fr not_active Expired - Fee Related
• 2005
  • 2005-04-15 JP JP2007507820A patent/JP5175541B2/ja not_active Expired - Fee Related
  • 2005-04-15 US US11/578,021 patent/US20080005556A1/en not_active Abandoned
  • 2005-04-15 EP EP05757122A patent/EP1741226A1/de not_active Withdrawn
  • 2005-04-15 WO PCT/FR2005/000924 patent/WO2005109745A1/fr not_active Application Discontinuation

Non-Patent Citations (1)

Also Published As

Similar Documents

Legal Events