EP2213038A1 - Système d'information et procédé d'identification par un serveur d'application d'un utilisateur - Google Patents
Système d'information et procédé d'identification par un serveur d'application d'un utilisateurInfo
- Publication number
- EP2213038A1 EP2213038A1 EP08786974A EP08786974A EP2213038A1 EP 2213038 A1 EP2213038 A1 EP 2213038A1 EP 08786974 A EP08786974 A EP 08786974A EP 08786974 A EP08786974 A EP 08786974A EP 2213038 A1 EP2213038 A1 EP 2213038A1
- Authority
- EP
- European Patent Office
- Prior art keywords
- num
- server
- terminal
- hardware element
- sess
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0407—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the identity of one or more communicating identities is hidden
- H04L63/0414—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the identity of one or more communicating identities is hidden during transmission, i.e. party's identity is protected against eavesdropping, e.g. by using temporary identifiers, but is known to the other party or parties involved in the communication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/34—User authentication involving the use of external additional devices, e.g. dongles or smart cards
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0853—Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0442—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
Definitions
- the present invention relates to an information system and a method of identifying a user accessing an information system.
- a user uses a computer to access a service on a communication network, for example the Internet, hosted by a computer server
- a service on a communication network for example the Internet
- a computer server it is desirable that the server can identify that user.
- the server it is desirable for the server to know if it is not an automatic program that attempts to impersonate a user.
- access to the password may be possible by a third party on the user's computer.
- the passwords that must be retained by the user are often stored on his computer, for example in an internet browser.
- some passwords are transmitted in clear. It should be noted that it is possible to dispense with the storage of passwords on the server. Indeed, the server does not need to memorize the passwords: it must just be able to distinguish a correct password.
- the server uses a one-way function that is applied to the password. The result of the function on a particular password is stored. At each identification:
- the server applies the one-way function of the password
- the server compares the result of this calculation to that it has in memory to identify the user.
- the list of results of the application of the one-way function on the passwords is unusable because this function has the property of being very difficult to reverse.
- This protocol is known to have significant security vulnerabilities. Indeed, when the password is presented to the system that transmits it to the server, anyone who has access to data on the link between the point of entry and the server can read it.
- the server sends a randomly generated session number or pseudo randomly
- the user encrypts this number with his private key and sends the result with his identification number to the server.
- the server uses the public key of the user who is in the database and decrypts the message. 4. If the result obtained is the same as the one the server sent, the server knows that it is the user identified by the identification number.
- the present invention aims to solve all or part of the disadvantages mentioned above by providing a system for enhancing security in the identification of a user without requiring securing the user's terminal.
- the present invention relates to an information system comprising:
- a computer server comprising network communication means
- the terminal comprising network communication means, the terminal being intended to be used by a user to make a connection to the server, characterized in that the system further comprises a hardware element arranged to be connected to the terminal, the hardware element comprising data storage means arranged to store an encryption key and an identification number, in that the server is arranged to generate a unique session number during a connection session between the terminal and the server, and for communicating the session number to the terminal, the terminal being arranged to communicate the session number to the hardware element and in that the hardware element comprises processing means arranged to perform encryption with the aid of the encryption key of a set of data combining:
- the terminal being arranged to transmit the encrypted password and the identification number to the server in order to to proceed to the identification of the user.
- a hardware element external to the terminal is used to present the password of the user in a different form to each communication session, using the uniqueness of the session numbers.
- the hardware element assigned to the user identifies it with the information system.
- the information circulating on the information network is difficult to interpret because their content is different with each communication. Moreover, no secret information is stored on the user's terminal. As a result, the security of the entire system is improved.
- the password is stored on the data storage means of the hardware element.
- the hardware element is used to store a password outside the terminal, which increases the security of the system.
- the terminal comprises means for entering the password by the user and is arranged to communicate the password to the hardware element.
- the server is arranged to communicate a unique session number in response to the provision of an identification number by the hardware element.
- the server is arranged to perform encryption by a session number encryption key into an encrypted session number and to communicate the encrypted session number to the terminal, the terminal being arranged to communicate the session number.
- the processing means of the hardware element being arranged to perform a decryption of the session number encrypted into a session number by the encryption key stored in the storage means.
- the server is arranged to perform a decryption of the encrypted password by means of a decryption key corresponding to the encryption key stored in the storage means of the hardware element, to obtain the values of the password and the number session.
- the server is arranged to compare the session number from the encrypted password with the one it has generated, and then to compare the result of the application of a hash function on a combination of data. including the password with a predetermined value.
- the password and the identification number form a unique pair of information in the system.
- the hardware element comprises means for generating a random sequence, the processing means being arranged to perform a first encryption of a set of data combining:
- the identification number of the user and arranged to transmit a first data frame comprising the result of the first encryption to the terminal, the terminal being arranged to transmit this first data frame to the server, the server being arranged to perform the decrypting the first data frame and then a second encryption of a data set combining:
- the hardware element has the ability to determine to which recipient server the password is sent. For this, it launches a "challenge" to the server, to determine if it is connected to a specific server. Preferentially, two pairs of private keys and public keys are used respectively for the encryption and the decryption of a first and a second data exchange between the server and the hardware element
- the means for generating a random sequence of the hardware element are arranged to take into account the occurrence of a random event.
- the random events taken into account by the random sequence generation means include interruptions signaling the arrival of new information to the hardware element from the terminal.
- the present invention also relates to a method of identification by a computer server of a user in possession of a terminal having communication means for making a connection between the server and the terminal and a hardware element, connected to the terminal, comprising data storage means on which is stored an encryption key and an identification number, in which
- the server generates a unique session number during a connection session between the terminal and the server
- the terminal communicates the session number to the hardware element; the hardware element performs an encryption using an encryption key of a data set combining: the password and the session number; and communicates the result of the encryption to the terminal,
- the hardware element also transmits the identification number to the terminal, the terminal transmits the result of the encryption and the identification number to the server in order to proceed to the identification of the user.
- the password is stored on the data storage means of the hardware element.
- the password is entered by the user on the terminal and communicated to the hardware element by the terminal.
- the server communicates a unique session number in response to the provision of an identification number by the hardware element.
- the server encrypts the session number with an encrypted session number and communicates the encrypted session number to the terminal, the terminal communicating the encrypted session number to the encrypted session number.
- the hardware element the means for processing the hardware element performing a decryption of the session number encrypted into a session number by the encryption key stored in the storage means.
- the server performs a decryption of the encrypted password by means of a decryption key corresponding to the encryption key stored in the storage means of the hardware element, to obtain the values of the password and the session number.
- the server compares the session number from the encrypted password with the one it generated, and compares the result of applying a hash function to a combination of data including the password with a predetermined value.
- the password and the identification number form a unique pair of information.
- the hardware element generates a random sequence, performs a first encryption of a set of data combining: the random sequence, and
- the identification number of the user transmits a first data frame corresponding to the result of the encryption to the terminal which transmits this first data frame to the server, the server realizing a decryption of the first data frame and then a second encryption a dataset combining:
- two pairs of private keys and public keys are used respectively for the encryption and decryption of a first and a second data exchange between the server and the hardware element.
- the generation of a random sequence takes into account the occurrence of a random event.
- the random events taken into account during the generation of random sequences include interrupts signaling the arrival of new information to the hardware element from the terminal.
- At least one data frame exchanged between the hardware element and the terminal comprises both a random sequence generated by the hardware element and a session number generated by the server.
- Figure 1 is a schematic representation of a system according to the invention.
- Figure 2 is a schematic representation of a first embodiment of a method according to the invention.
- Figure 3 is a schematic representation of a second embodiment of a method according to the invention.
- Figure 4 is a schematic representation of a third embodiment of a method according to the invention.
- Figure 5 is a schematic representation of a fourth embodiment of a method according to the invention.
- FIG. 6 is an explanatory diagram of the operation of the means for generating a random sequence by a hardware element included according to a variant of the system according to the invention.
- an information system according to the invention comprises:
- an application server 2 comprising network communication means 3 enabling it to connect to a network 4, and data storage means, for example constituted by a database 5,
- At least one terminal 6 comprising network communication means 7 enabling it to be connected to the network 4 intended to be used by a user.
- the system further comprises a hardware element 8 arranged to be connected to the terminal, this element 8 being in the possession of the user.
- the hardware element 8 may take the form of a USB key, a smart card or a processor that can be used in the production of a barcode reader or electronic tags, for example.
- This hardware element 8 comprises data storage means 9, and processing means 10 arranged in particular for performing data encryption operations from a secret private key K1.
- the terminal 6 may for example be constituted by a personal computer of the user who has an Internet connection allowing him to connect to the application server.
- a client software 12 is installed on this computer which controls the exchanges between the hardware element, the computer and the server.
- a private key K1 Before supplying the hardware element 8 to the user, or during an initialization operation of the hardware element 8, a private key K1, a password num_MDP and an identification number numJD are generated and registered. in the storage means of the hardware element.
- the identification number numJD is a number that will be visible in clear during different operations.
- the password num_MDP is intended to remain secret. The equipment performing this operation ensures that the public key K2 corresponding to the private key K1 of the user is stored by the server 2.
- the hash function is used to check the validity of the password without having to memorize it.
- the server 2 stores the pair num_HID and numJD in the database 5.
- the hardware element 8 is provided to the user who can then connect it to a terminal 6 of his choice, equipped with the client software 12, to connect to the server 2.
- the information system When connected to the server, the information system uses a password presentation protocol that follows the following steps:
- a first step E1 the hardware element 8 transmits its identification number numJD to the client software 12 installed on the computer 6 of the user.
- the identification number numJD is transmitted to the server 2 in a request for a session number.
- a session number num_Sess is generated by the server 2.
- the server 2 transmits this session number num_Sess to the computer 6 of the user.
- the server can also store the identification number numJD of the user for whom the session number num_Sess was generated.
- a fourth step E4 the user's computer transmits the session number num_Sess to the hardware element 8.
- a fifth step E5 the processing means 10 of the hardware element 8 concatenate the password num_MDP and the session number num_Sess, then perform an encryption E using the private key K1, to obtain a result C :
- E K i (num_MDP; num_Sess) C and sends the result C which we will call a password C signed to the client software 12.
- the client software 12 will transmit the signed password C in turn to the server 2.
- the server 2 realizes a decryption D of the signed password C by means of the public key K2 corresponding to the user's private key K1, which enables him to obtain the Password values num_MDP and session number num_Sess:
- the server 2 compares the session number num_Sess with that which it has transmitted, then it calculates and compares the imprint H (num_ID, num_MDP) of the concatenation of the user identifier numJD and the password num_MDP with the imprint num_HID stored in the database 5 corresponding to the identifier numJD to accept or refuse the identification of the user.
- the method according to the invention therefore uses the session number num_Sess to hide the password num_MDP.
- the hardware element 8 uses a private key cryptography algorithm K1 to authenticate with the application server the password num_MDP which corresponds with the identification number numJD assigned to a user.
- the server authenticates itself with the hardware element in order to obtain the word of past.
- the server encrypts the session number that the hardware element will use to hide the password.
- a connection request is initiated by the user on the terminal which transmits this request to the server.
- the server transmits this encrypted session number num_Sess_Sign to the user's computer.
- a third step E3 the user's computer transmits the encrypted session number num_Sess_Sign to the hardware element.
- E K i (num_MDP; num_Sess) C and sends the result C which corresponds to a signed password to the client software, accompanied by the identification number numJD.
- a fifth step E5 the client software 12 transmits the signed password C and the identification number numJD to the server 2.
- the server then performs the decryption and comparison operations with the stored fingerprint as in the first embodiment. These latter operations are not shown in FIG.
- the public key K2 remains secret.
- the private key K1 is used to transmit the response to the server.
- the hardware element 8 comprises means for generating a random sequence or a random number Num_Alea.
- the hardware element also stores two separate private keys Ks1 and Ks2.
- the operation of the generating means 13 is illustrated in FIG. 6.
- the random sequence Num_Alea is generated taking into account the occurrence of a random event.
- random events may consist of interrupts Int signaling the arrival of new information to the hardware element 8 from the terminal 6.
- such an interruption is an interruption in the USB protocol used between the terminal and the key.
- the sequence of these events over time depends on the exchanges between two hardware entities, namely the hardware element 8 and the terminal 6 via a communication medium governed by a software protocol subject to physical constraints directly related to the components that make up these entities. .
- the hardware element 8 is programmed to increment a counter Ctr at the rate of the frequency of its microprocessor from the moment this element is powered up.
- This counter Ctr is stored on a finite number of bits, for example 16 bits, which implies that it is cyclic and that it will return to its initial state.
- the processing means 9 of the hardware element 8 are arranged to consult the current value of the counter Ctr.
- An operation for example of the type Xor, is then performed between the value of the counter Ctr and a value extracted from a table of value Tab containing a data set of size greater than that of the counter.
- An Int event is used to change the value of the pointer indicating where the value is extracted from the Tab array.
- the data initially recorded in the Tab Table are kept secret. From the result of the operation between the value of the counter and the value extracted from the table is deduced a value on a bit, for example by an extraction or the application of a specific function.
- rS constitutes a random sequence of which is conserved a definite number of elements in a sliding way and to constitute a random number or random sequence Num_Alea.
- the occurrence of a random event is combined with a measured value of a complex physical phenomenon to enhance the security of the system.
- a third embodiment of the method according to the invention represented in FIG. 4, which corresponds to an improvement of the first mode of implementation, the variant embodiment of the system including means for generating a random sequence Num_Alea is used.
- the identification number of the user Numjdllser and no longer numJD to differentiate it from an identifier of the server 2 also used in this mode of implementation of the method is used.
- an initialization of a data exchange is requested by the user via the terminal 6, by sending a frame of data Trame_0.
- a first generation phase of a random sequence Gen_1 is performed by the hardware element 8 which allows the determination of a random sequence Num_Alea.
- the processing means of the hardware element 8 sign the identifier of the user Numjdllser from the random sequence Num_Alea, concatenate the result of this signature with the random sequence Num_Alea then perform a C encryption with the help of its first private key Ks1, to obtain a frame of data Trame_1, which can be represented by the formula below, in which the sign + represents a concatenation and the sign ⁇ an operation of type Xor:
- Trame_1 C ⁇ s i (Num_Alea + Num_Alea ⁇ Num_ldllser)
- the frame Trame_1 is sent to the client software.
- the frame Trame_1 is transmitted to the server 2 in a request for a session number.
- a third step E3 the server 2 realizes a decryption D of the frame Trame_1 thanks to a first public key Ks2 corresponding to the private key Ks1 of the user, which enables him to obtain the values of the identifier of the user.
- a test can then be performed on the user's identifier.
- the server 2 also generates a Gen_2 generation of a Num_Sess session number.
- the server 2 then realizes a signature of the random sequence Num_Alea and an identifier of the NumJdServer server by the Session Number Num_Sess, then an encryption of these two signature results concatenated by a second public key Ku2, to obtain a data frame.
- Trame_2: Trame_2 C ⁇ u2 (Num_Alea ⁇ Num_Sess + Num_Sess ⁇ Num_ldServer)
- the frame Trame_2 is then sent to the client software 12.
- the user's computer transmits the frame Trame_2 to the hardware element 8.
- a fifth step E5 the processing means 10 of the hardware element 8 perform a decryption D of the frame Trame_2 by means of a second private key Ku1 corresponding to the public key Ku2 of the server, which enables it to obtain the values the NumJdServer server identifier and the Num_Sess session number and a value returned by the server of the Num_Alea random sequence.
- a test can then be performed on the identifier of the server 2 while also verifying that the random sequence Num_Alea returned by the server corresponds to that sent.
- the processing means of the hardware element 8 then perform a signature of the identifier of the user Numjdllser and the password Num_MDP by the Session Number Num_Sess, then an encryption of these two signature results concatenated by the second key.
- private Ku1 to obtain a frame of data Trame_3:
- Trame_3 C Ku i (Num_Sess ⁇ Num_ldUser + Num_Sess ⁇ Num_MdP)
- the frame Trame_3 is then sent to the client software 12.
- the client software 12 transmits the frame Trame_3 in turn to the server 2.
- the server 2 realizes a decryption D of the frame Trame_3 thanks to the public key Ku2 corresponding to the private key Ku1 of the user, which enables him to obtain the values of the password Num_MDP and session number num_Sess, as well as the user ID NumJdUser.
- the server 2 compares the session number num_Sess with that which it has transmitted, then it carries out tests on the identifier NumJdUser and the password Num_MDP to accept or refuse the identification of the user. If the identification is accepted, the requested service can then be provided by the server in a seventh step E7.
- the system thus performs mutual authentication of the server and the user before transmitting the critical data.
- This system has been designed to address the current problems facing Internet users.
- the hardware element 8 has the ability to determine to which recipient the password is sent. For this, the hardware element 8 challenges the server to determine if it is connected to a specific server. The hardware element 8 can subsequently warn the user, for example by means of a diode, if it is connected to a server that has impersonated the site. These arrangements are improved by the use of means for generating numbers or random sequences in the hardware element 8.
- a "hacker" element attempting to replay a frame_1, will have to be able to answer the challenge of the server without being able to use the material element 8.
- the frame Trame_2 includes the use of the random number generated by the hardware element 8 which makes it possible to verify the identity of the server and thus to accept to answer it.
- the method can be implemented so as to take place entirely before informing the user of his authentication or not.
- the system will respond with a false frame which will be the subject of the same treatment until the protocol is finished. This in order to give the minimum elements to a "hacker" element to compromise the security of the system.
- the link between the number that identifies the NumJdUser user and its identity is made at the server level. Thus it is not necessary to transmit a critical element such as the blue card number of the user to use the system.
- a fourth mode of implementation of the method according to the invention represented in FIG. 5, which corresponds to an improvement of the second mode of implementation, the variant embodiment of the system comprising the means of generating a random sequence Num_Alea is used.
- a preliminary step EO an initialization of a data exchange is requested by the user via the terminal 6, by sending a frame of data Trame_0 to the server 2.
- the server 2 realizes a Gen_2 generation of a first session number Num_Sess1.
- the server 2 then realizes a signature of the identifier of the NumJdServer server by the first Session Number Num_Sess1, then a concatenation of the identifier of the server with the result of the signature, and an encryption of these data concatenated by a first public key Ks2, to obtain a frame of data Trame_1:
- Trame_1 CK S2 (Num_Sess1 + Num_Sess1 ⁇ Num_ldServer)
- the frame Trame_1 is then sent to the client software 12.
- a second step E2 the user's computer transmits the frame Trame_1 to the hardware element 8.
- the processing means 10 of the hardware element 8 perform a decryption D of the frame Trame_1 through to a first private key Ks1 corresponding to the public key Ks2 of the server, which allows it to obtain the values of the identifier of the NumJdServer server and the first session number Num_Sess1. A test can then be performed on the identifier of the server 2.
- the processing means 10 of the hardware element 8 perform a generation phase of a random sequence Gen_1 which allows the determination of a random sequence Num_Alea.
- the frame Trame_2 is sent to the client software.
- a fourth step E4 the frame Trame_2 is transmitted to the server 2.
- a fifth step E5 the server 2 realizes a decryption D of the frame Trame_2 thanks to the first public key Ks2 corresponding to the private key Ks1 of the user, which enables him to obtain the values of the identifier of the user.
- NumJdUser user and random sequence the server 2 realizes a decryption D of the frame Trame_2 thanks to the first public key Ks2 corresponding to the private key Ks1 of the user, which enables him to obtain the values of the identifier of the user.
- the server 2 also carries out a Gen_2 generation of a second Num Sess2 session number.
- the server 2 then realizes a signature of the random sequence Num_Alea and an identifier of the NumJdServer server by the second Session Number Num_Sess2, then an encryption of these two signature results concatenated by a second public key Ku2, to obtain a frame of data Trame_3:
- Trame_3 C ⁇ u2 (Num_Alea ⁇ Num_Sess2 + Num_Sess2 ⁇ Num_ldServe)
- the frame Trame_3 is then sent to the client software 12.
- a sixth step E6 the user's computer transmits the frame Trame_3 to the hardware element 8.
- a seventh step E7 the processing means 10 of the hardware element 8 perform a decryption D of the frame Trame_3 by virtue of a second private key Ku1 corresponding to the public key Ku2 of the server, which enables it to obtain the values the identifier of the NumJdServer server and the second session number Num_Sess2 and a value returned by the server of the random sequence Num_Alea.
- a test can then be performed on the identifier of the server 2 while also verifying that the random sequence Num_Alea returned by the server corresponds to that sent.
- the processing means of the hardware element 8 then perform a signature of the identifier of the user Num_ldUser by the first Session Number Num_Sess1 and the password Num_MDP by the second Session Number Num_Sess2, then an encryption of these two. concatenated signature results by the second private key Ku1, to obtain a frame of data Trame_4:
- Trame_4 C ⁇ ui (Num_Sess1 ⁇ Num_ldUser + Num_Sess2 ⁇ Num_MdP)
- the frame Trame_4 is then sent to the client software 12.
- the client software 12 transmits the frame Trame_4 in turn to the server 2.
- the server 2 realizes a decryption D of the frame Trame_4 by means of the public key Ku2 corresponding to the user's private key Ku1, which enables him to obtain the values of the password Num_MDP and session numbers Num_Sess1 and Num_Sess2, as well as the identifier of the user Num IdUser.
- the server 2 compares the session numbers Num_Sess1 and Num_Sess2 with those it has transmitted, then it performs tests on the identifier Numjdllser and the password Num_MDP to accept or refuse the identification of the user. If the identification is accepted, the requested service can then be provided by the server in a ninth step not shown.
- Trame_1 C ⁇ s i [Num_Alea_1 + Num_Alea_1 ⁇ Num_ldllser]
- Trame_2 C Ku2 [Num_Alea_1 ⁇ Num_Sess_1 + Num_Sess_1 ⁇ Num_ldServer]
- Trame_3 C Ku i [Num_Sess_1 ⁇ Num_Alea_2 + Num_Alea_2 ⁇ Num_ldUser]
- Trame_2f C KU2 - [Num_Alea_f ⁇ Num_Sess_f + Num_Sess_f ⁇ Num_IDServer]
- Scale_1 C Ks2 [Scs_Sess_1 + Scs_Sess_1 ⁇ Sc_ldServer]
- Scale_2 C Ks i [Scs_Sess_1 ⁇ Num_Alea_1 + Sc_Alea_1 ⁇ NumJdUser]
- Scale_3 C Ku2 '[Num_Alea_1 ⁇ Num_Sess_2 + Num_Sess_2 ⁇ NumJdServer]
- Scale_4 C Ku i [Num_Sess_2 ⁇ Num_Alea_2 + Num_alea_2 ⁇ Num_ldUser] ...
- Trame_2f-1 C KU2 - [Num_Alea_f-1 ⁇ Num_Sess_f + Num_Sess_f ⁇ Num_IDServer]
- Final_frame (2f) C K ur "[Num_Sess_f ⁇ NumDdUser * + Num_Sess_f ⁇ Num_MdP]
- the session number num_Sess can be the result of a function, a date or a combination of both. This combination can be verified by the hardware element before the presentation of a password. The hardware element can ask the application server to prove its identity in the same way.
- the password num_MDP can be requested by the client software 12 to the user to be signed and transmitted to the server 2.
- a random number can be added in the calculation of the signed password in order to counter the exhaustive attacks (by salting).
- This random number can be calculated by operating a one-way function on a number. The result of this operation being subsequently used for calculating the next random number, the one-way function is thus used recursively.
- the combination of the password and the session number in the hardware element can be achieved not by concatenation, but for example by bitwise addition.
- the server which also knows the session number, can subtract the one from the combination to deduce the password.
- the password of the user is not stored in the hardware element, but entered by the user via input means of the terminal.
- the system and the method according to the invention may in particular be applied to avoid impersonation of a website or a service, the purpose of this usurpation is to obtain confidential identification data of a user.
- These usurpations correspond in particular to practices known as phishing or pharming.
- Another application is the fight against validations of fraudulent purchases by credit card identification numbers without entering the PIN, by a person other than the card holder.
Abstract
Description
Claims
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
FR0705763A FR2919974B1 (fr) | 2007-08-08 | 2007-08-08 | Systeme d'information et procede d'identification par un serveur d'application d'un utilisateur |
PCT/EP2008/060371 WO2009019298A1 (fr) | 2007-08-08 | 2008-08-07 | Système d'information et procédé d'identification par un serveur d'application d'un utilisateur |
Publications (1)
Publication Number | Publication Date |
---|---|
EP2213038A1 true EP2213038A1 (fr) | 2010-08-04 |
Family
ID=39183229
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
EP08786974A Withdrawn EP2213038A1 (fr) | 2007-08-08 | 2008-08-07 | Système d'information et procédé d'identification par un serveur d'application d'un utilisateur |
Country Status (4)
Country | Link |
---|---|
US (1) | US20120005474A1 (fr) |
EP (1) | EP2213038A1 (fr) |
FR (1) | FR2919974B1 (fr) |
WO (1) | WO2009019298A1 (fr) |
Families Citing this family (14)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8166547B2 (en) | 2005-09-06 | 2012-04-24 | Fortinet, Inc. | Method, apparatus, signals, and medium for managing a transfer of data in a data network |
WO2010006450A1 (fr) * | 2008-07-18 | 2010-01-21 | Absolute Software Corporation | Gestion de confidentialité pour dispositifs suivis |
US8640212B2 (en) * | 2010-05-27 | 2014-01-28 | Red Hat, Inc. | Securing passwords with CAPTCHA based hash when used over the web |
CN102142961B (zh) * | 2010-06-30 | 2014-10-08 | 华为技术有限公司 | 一种网关、节点和服务器进行鉴权的方法、装置及系统 |
US9311119B2 (en) * | 2012-05-30 | 2016-04-12 | Red Hat, Inc. | Reconfiguring virtual machines |
CN104756126B (zh) * | 2012-10-29 | 2018-09-07 | 三菱电机株式会社 | 设备管理装置、设备管理系统以及设备管理方法 |
WO2014138882A1 (fr) * | 2013-03-13 | 2014-09-18 | Jumpto Media Inc. | Espace de stockage en réseau chiffré |
CN104102858B (zh) * | 2013-04-07 | 2018-02-13 | 中兴通讯股份有限公司 | 应用程序加密处理方法、装置和终端 |
US9148284B2 (en) * | 2014-01-14 | 2015-09-29 | Bjoern Pirrwitz | Identification and/or authentication method |
JP6404928B2 (ja) * | 2014-07-28 | 2018-10-17 | エンクリプティア株式会社 | ユーザ情報管理システム、及びユーザ情報管理方法 |
EP3065366B1 (fr) * | 2015-03-02 | 2020-09-09 | Bjoern Pirrwitz | Système et procédé d'identification et/ou d'authentification |
US10333903B1 (en) * | 2015-06-16 | 2019-06-25 | Amazon Technologies, Inc. | Provisioning network keys to devices to allow them to provide their identity |
US11005971B2 (en) * | 2018-08-02 | 2021-05-11 | Paul Swengler | System and method for user device authentication or identity validation without passwords or matching tokens |
CN111953582B (zh) * | 2020-08-10 | 2022-03-25 | 四川阵风科技有限公司 | 一种基于硬件装置的加密即时通信方法和系统 |
Family Cites Families (11)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
FR2730076B1 (fr) * | 1995-01-31 | 1997-03-28 | Sorep Sa | Procede d'authentification par un serveur du porteur d'un objet portatif a microprocesseur, serveur et objet portatif correspondants |
FR2765985B1 (fr) * | 1997-07-10 | 1999-09-17 | Gemplus Card Int | Procede de gestion d'un terminal securise |
CA2276872A1 (fr) * | 1998-08-28 | 2000-02-28 | Lucent Technologies Inc. | Methode de protection d'anonymat d'equipement mobile |
IT1308078B1 (it) * | 1999-06-08 | 2001-11-29 | Eutron Infosecurity S R L | Dispositivo di idientificazione e sistema per l'inserimento di unnumero di identificazione personale all'interno di tale dispositivo |
AU2002225768A1 (en) * | 2000-11-28 | 2002-06-11 | Rcd Technology, Inc. | Replacing stored code with user inputting code on the rf id card |
US7231526B2 (en) * | 2001-10-26 | 2007-06-12 | Authenex, Inc. | System and method for validating a network session |
FR2845222B1 (fr) * | 2002-09-26 | 2004-11-19 | Gemplus Card Int | Identification d'un terminal aupres d'un serveur |
US7373509B2 (en) * | 2003-12-31 | 2008-05-13 | Intel Corporation | Multi-authentication for a computing device connecting to a network |
US20060291660A1 (en) * | 2005-12-21 | 2006-12-28 | Telefonaktiebolaget Lm Ericsson (Publ) | SIM UICC based broadcast protection |
US8418235B2 (en) * | 2006-11-15 | 2013-04-09 | Research In Motion Limited | Client credential based secure session authentication method and apparatus |
US8051297B2 (en) * | 2006-11-28 | 2011-11-01 | Diversinet Corp. | Method for binding a security element to a mobile device |
-
2007
- 2007-08-08 FR FR0705763A patent/FR2919974B1/fr not_active Expired - Fee Related
-
2008
- 2008-08-07 EP EP08786974A patent/EP2213038A1/fr not_active Withdrawn
- 2008-08-07 US US12/672,632 patent/US20120005474A1/en not_active Abandoned
- 2008-08-07 WO PCT/EP2008/060371 patent/WO2009019298A1/fr active Application Filing
Non-Patent Citations (1)
Title |
---|
See references of WO2009019298A1 * |
Also Published As
Publication number | Publication date |
---|---|
US20120005474A1 (en) | 2012-01-05 |
FR2919974A1 (fr) | 2009-02-13 |
FR2919974B1 (fr) | 2010-02-26 |
WO2009019298A1 (fr) | 2009-02-12 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
EP2213038A1 (fr) | Système d'information et procédé d'identification par un serveur d'application d'un utilisateur | |
EP2673732B1 (fr) | Procede de transaction securisee a partir d'un terminal non securise | |
EP1549011A1 (fr) | Procédé et système de communication entre un terminal et au moins un équipment communicant | |
FR3041195A1 (fr) | Procede d'acces a un service en ligne au moyen d'un microcircuit securise et de jetons de securite restreignant l'utilisation de ces jetons a leur detenteur legitime | |
EP2345202A2 (fr) | Procédé de signature numérique en deux étapes | |
FR2822002A1 (fr) | Authentification cryptographique par modules ephemeres | |
WO2013021107A1 (fr) | Procede, serveur et systeme d'authentification d'une personne | |
EP2193626B1 (fr) | Communication securisee entre une etiquette electronique et un lecteur | |
EP2509025A1 (fr) | Procédé d'accès à une ressource protégée d'un dispositif personnel sécurisé | |
EP3991381B1 (fr) | Procédé et système de génération de clés de chiffrement pour données de transaction ou de connexion | |
EP2306668B1 (fr) | Système et procédé de transaction sécurisée en ligne | |
FR3075423A1 (fr) | Technique de protection d'une cle cryptographique au moyen d'un mot de passe utilisateur | |
FR3033205A1 (fr) | Procede de transaction sans support physique d'un identifiant de securite et sans jeton, securise par decouplage structurel des identifiants personnels et de services. | |
EP3673633B1 (fr) | Procédé d'authentification d'un utilisateur auprès d'un serveur d'authentification | |
EP3266148B1 (fr) | Dispositif et procédé d'administration d'un serveur de séquestres numériques | |
WO2013083923A1 (fr) | Procede d'echange de donnee chiffree entre un terminal et une machine | |
FR2903544A1 (fr) | Procede de securisation d'une authentification par utilisation de plusieurs canaux | |
WO2017005644A1 (fr) | Procédé et système de contrôle d'accès à un service via un média mobile sans intermediaire de confiance | |
FR2948839A1 (fr) | Procede d'authentification securisee d'acces a des donnees chiffrees | |
FR3007929A1 (fr) | Procede d'authentification d'un utilisateur d'un terminal mobile | |
FR3118225A1 (fr) | Procédé et dispositif de génération d'informations d'authentification pour une entité sécurisée et procédé et dispositif de contrôle d'identité associés | |
WO2020128203A1 (fr) | Procédé et système de sécurisation d'opérations, et poste utilisateur associé | |
FR2902253A1 (fr) | Procede et dispositif d'authentification d'un utilisateur | |
WO2012022856A1 (fr) | Procédé d'authentification d' un utilisateur du réseau internet | |
EP3394780A1 (fr) | Procede et dispositif de connexion a un serveur distant |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PUAI | Public reference made under article 153(3) epc to a published international application that has entered the european phase |
Free format text: ORIGINAL CODE: 0009012 |
|
17P | Request for examination filed |
Effective date: 20100520 |
|
AK | Designated contracting states |
Kind code of ref document: A1 Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MT NL NO PL PT RO SE SI SK TR |
|
AX | Request for extension of the european patent |
Extension state: AL BA MK RS |
|
DAX | Request for extension of the european patent (deleted) | ||
RIC1 | Information provided on ipc code assigned before grant |
Ipc: G06F 21/20 20060101ALI20120106BHEP Ipc: H04L 29/06 20060101ALI20120106BHEP Ipc: H04L 9/32 20060101AFI20120106BHEP |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN |
|
18D | Application deemed to be withdrawn |
Effective date: 20120301 |