FR3041196A1 - METHOD FOR MANAGING A LIST OF AT LEAST ONE PASSWORD - Google Patents

Abstract

The invention relates to a method of managing a list of at least one password, said password being intended to access a service, the method comprising: obtaining (E2) an associated label (li) audit service from a list of at least one label, - generation (E5) of a password (pwdi) associated with the service by applying a password derivation function (F) to the label and a master password (mp) specific to all the labels in the list.

Description

Method of managing a list of at least one password

The present invention relates to a method for managing at least one password.

It finds a particularly interesting application in the management of access to sensitive services whose access is conditioned by the provision of a password. It is customary for an entity subscribed to a plurality of services respectively subject to the provision of a password to manage all of its passwords by means of a tool called a "password manager". A password manager is software designed to enable an entity, for example a user, to centralize all of its service identifiers and passwords in a database accessible by means of a password of a user. single access. Thus, the user has to remember only one password to access all of its services. He can also choose a different service password for each service without worrying about having to memorize them. The passwords he chooses for his services can be complicated in terms of the characters used and the length of the passwords; they are then more robust. In addition, the compromise of a password specific to a first service does not affect access to other services.

A traditional password manager protects the passwords that it manages by using an encryption function. Thus, the passwords are stored in encrypted form. However, when encrypted encrypted passwords are corrupted, it becomes impossible to recover passwords in clear text and automatically access the services.

One of the aims of the invention is to remedy the shortcomings / disadvantages of the state of the art and / or to make improvements thereto. To this end, the invention proposes a method of managing a list of at least one password, said password being intended to access a service, the method comprising: obtaining a label associated with said service; from a list of at least one label, - generating a password associated with the service by applying a password derivation function to the label and a master password specific to the set labels from the list.

With the solution described here, the password of services, noted pwd ,, managed by the password manager are not stored in a perennial manner in a database associated with the password manager, but regenerated on demand from labels rated 1; which constitute public data, ie non-confidential data. The password manager, which stores the identifiers and the labels associated with the services of the user, is therefore a less sensitive information base and in any case less subject to attacks than an information base which stores words. password, these passwords being stored encrypted or not. With the method described here, the corruption of an IL label or the label database is less penalizing than the corruption of an encrypted stored password database in the case of a known password manager. In this case, it is no longer possible to access passwords in the clear. With the method described here, when the label 1; is user-selectable so that it can easily be corrected by the user to allow access to the service again without changing the password. Such a correction may for example consist of replacing "www.MaBqiteMail.fr" by "www.MaBoiteMail.fr". Thus, a data corruption does not require the regeneration of the entire password database.

Compared to known password managers whose security is based on the secret database managed by the password manager and on the encryption key used to decrypt it, security here rests entirely on the security of the password. master. This limits the attack possibilities of the password list.

With the method described here, the change of the master password noted mp makes it possible to simultaneously change all the passwords managed by the secret manager, without necessarily changing the labels associated with the passwords. This use is comfortable for a user who wishes to memorize the labels. Changing the master password does not affect the labels.

With the described method, passwords pwd; are not chosen by the user but derived from labels 1 ;. It is therefore interesting that the password derivation cryptographic function F is defined in such a way that it generates complex passwords in terms of, for example, the number of characters, the type of characters used, and so on. Robust passwords ensure better security of access to services.

In an exemplary embodiment, the method comprises a definition of properties of the password associated with said label, and an application of a second function to an intermediate data obtained by applying the password derivation function to the label, a word pass resulting from the application of the second function to the intermediate data having the properties defined for the password.

With this embodiment, it is possible to define and take into account constraints on the passwords associated with the services. These constraints are integrated at the level of the password generation function from the labels of the list.

In an exemplary embodiment, the method comprises a control of the master password implemented after input of said master password.

The verification of the master password mp when it is entered avoids, when the entered master password is wrong, the execution of the function of generation of passwords and the presentation of an invalid password during the access to the service. This prevents, when the number of erroneous password entry attempts for a service is limited, to be blocked for access to the service. More precisely, such a control makes it easier to identify an error when accessing services. The invention also relates to a user terminal, arranged to manage a list of at least one password, said password being intended to access a service, said terminal comprising: means for obtaining a label , arranged to obtain from a list of at least one label, a label associated with said service, - generation means, arranged to generate a password associated with the service by applying a password derivation function of passes to the label and a master password specific to all the labels in the list. The invention also relates to a computer program on a data medium and loadable in the memory of a terminal, the program comprising portions of code for executing the steps of the method of managing a list of at least a password as described above, when the program is executed on said computer. The invention also relates to a data carrier in which the program described above is recorded. Other features and advantages of the present invention will be better understood from the description and the appended drawings in which: FIG. 1 presents the steps of a method of managing a list of at least one password, according to an exemplary embodiment; - Figure 2 is a schematic representation of a management terminal of a list of at least password, according to an exemplary embodiment.

The steps of a method of managing a list of at least one sensitive data, according to an exemplary embodiment will now be described in relation to FIG.

A user equipped with a user device (not shown in Figure 1) subscribed to at least one service Si, ... Sn, subject to access control. When accessing one of the S services; from the list, the user provides an identifier I; and a password pwd; which are his own.

In this example, it is assumed that the user has on his device a password management tool, arranged to store a set of access information each comprising an identifier and a label. Each access information is intended to allow automatic access to a service with which it is associated. More specifically, the label included in the access information is intended to be used to generate a password which, associated with the identifier, allows access to the service.

In an initial step EO, the user chooses for each of the services S; to which it wishes to access automatically by means of its password manager, a label 1; that it associates with an identifier I; connection to the service. The label 1; is non-confidential information intended to be used for the generation of a password pwd; associated with the service S ;. The label 1; being a priori public data, it can be chosen by the user so as to be understandable, and semantically associated with the service S ;. The label can be representative of an application, a website identifier, etc. For example, for an S service; messaging accessible via a "URL" (of the "Uniform Resource Locator") of the form "www.MaBoiteMail.fr", the user can associate the messaging service with the label 1; : "Www.MaBoiteMail.fr".

In a next step El association, the user associates to each of the services access information. To do this, the user orders for each service S; the generation of a password pwd; from the associated access information. For this purpose, a password generating function P is applied to a master password mp, known to the user, and to the label 1; associated with the service S ;. The function P is for example a cryptographic function such as a hash function, for example SHA-2 or SHA-3, an authentication algorithm (or "HMAC" for keyed-hash Message Authentication Code), a derivation function keys, an encryption function, or a signature function. The application of the password generation function P to the label 1; and the master password mp allows to obtain a password pwd; access to the S service; The user configures the S service; so that the reference password for access to the service corresponds to that generated. In an exemplary embodiment, the user manually enters the generated password pwd; as a reference password when configuring the S service ;. In another example, it is the password management tool that automatically informs the reference password in an initial configuration phase of the service.

The steps E0 and E1 are part of a configuration phase PO which is executed during an initialization of access passwords to one or more services S ;.

In a later phase of use of the service, the user wishes to access the service S; For this purpose he selects the service S; in a menu of his terminal. This triggers, in a step E2 obtaining a label, the execution of the password management application and obtaining the label 1; associated with the S service; selected by the user. The label 1; is included in the list of access information obtained during the configuration phase PO.

In a master password request step E3, the password manager instructs the user to enter the master password mp in order to generate the password for access to the service S ;.

In an input step E4, the user enters the master password mp. This triggers in a generation step E5, the generation of the password pwd; service-specific; More precisely, the cryptographic function F for generating passwords is applied to the master password mp entered by the user and to the label 1; associated with the S service; and selected by the user.

In a next step E6 of supplying the password, the password manager supplies the identifier I; if applicable and the password pwd; which has just been generated as identification and authentication data of the user for his access to the service S ;.

It is assumed here that the identifier I; and the password pwd; are correct. The user then accesses the service S; during a step E7 of using the service.

The security of the password management method thus relies on the security of the master password whereas in the known password managers, the security is based on the secret database managed by the password manager and on the security of the password. encryption key used to decrypt it.

With the solution described here, the password of the services pwd; managed by the password manager are not stored permanently in a base associated with the password manager, but regenerated on demand from labels 1; which constitute public data, ie non-confidential data. The password manager, which stores the identifiers and the labels associated with the services of the user, is therefore a less sensitive information base and in any case less subject to attacks than an information base which stores words. password, these passwords being stored encrypted or not. Indeed, with the solution described here, when a label 1; is corrupt, the password pwd; partner is not generated correctly and access to the service is not possible. However, when the label 1; is chosen by the user to be understandable and simple, it can easily be corrected to allow access to the service again without changing the password. Such a correction may for example consist of replacing "www.MaBqiteMail.fr" by "www.MaBoiteMail.fr". This is not the case with known password managers.

Indeed, in this case a corruption of the encrypted stored data, in this case the passwords, prohibits the recovery of all or part of the associated clear data. Thus, with the described method, a data corruption does not require the regeneration of the entire password database.

With the method described here, the change of the master password mp makes it possible to simultaneously change all the passwords managed by the secret manager.

With the described method, passwords pwd; are not chosen by the user but derived from labels 1 ;. It is therefore interesting that the password derivation cryptographic function F is defined in such a way that it generates complex passwords in terms of, for example, the number of characters, the type of characters used, and so on. Robust passwords ensure better security of access to services.

In another exemplary embodiment, a control function of the master password mp is used to check the validity of the master password mp when the user enters it. Checking the master password mp at the time of the entry avoids, when the entered master password is wrong, the execution of the function F of generation of passwords and the presentation of an invalid password at the time of the entry. access to the service. More generally, such a control makes it easier to identify an error when accessing services. A control function of the master password consists for example of a hash function, such as SHA-2 or SHA-3. Such a function calculates a fingerprint of the master password mp that can be stored by the password manager in an initialization phase and compared to a current fingerprint, calculated each time the master password mp is entered. If the current fingerprint is different from the reference fingerprint, then the master password entered by the user has an error. In another exemplary embodiment, the control function of the master password is identical to the password derivation function F. In this case, the function F is applied to a reference constant, stored by the password manager; the secret key used being the password mp entered by the user. A reference value was previously calculated in the configuration phase and stored in association with the constant to allow control of the master password during access to the service.

In another exemplary embodiment, particular properties are defined for one or more passwords pwd; to generate. For example, for a password pwd; given, it is specified a minimum size and / or a particular alphabet. For example, it is specified that the word passes pwd; must contain at least one number, at least one punctuation character, and so on. These constraints impact the function F of generating passwords. In this example, the generation of passwords consists in combining several functions, that is to say successively applying a first function F 'of derivation of an intermediate password and a second function F' 'adapted for obtain, from the intermediate password generated by the function F ', the password pwd; to be used for access to the S service; and who has the expected properties. For example, the password pwd; must have a given size, the second function F "may consist in truncating or completing the intermediate password obtained by applying the first function F 'so as to have a password pwd; the desired size. In another exemplary embodiment, the second function F "consists of extracting a certain number of most significant bits, or least significant bits, of the intermediate password obtained by applying the first function F 'to form the word of pass pwd; When it comes to using a particular alphabet, the second function F "may consist of a transformation function that some initial characters will associate characters of the desired alphabet. The invention is of course not limited to these few examples and many constraints and many second functions F "to take into account constraints on passwords can be defined. The second function F ", which makes it possible to take account of constraints of the password, is stored in the secret database, in association with the access information or information for which it is used.

In an exemplary embodiment, the management method implements a control of the master password and a management of constraints on the password pwd;

A user terminal 20, arranged to manage a list of at least one password, according to an exemplary embodiment, will now be described in relation with FIG. 2.

The user terminal 20 is a user computer device, for example a personal computer, a mobile terminal of the smartphone type, a digital tablet, etc. The terminal 20 is arranged to communicate with a remote server to access an S service.

The user terminal 20 comprises: a processing unit or processor 201, or "CPU" (of the "Central Processing Unit"), intended to load instructions in memory, to execute them, to perform operations; a set of memories, including a volatile memory 202, or "RAM" (for "Random Access Memory") used to execute code instructions, store variables, etc., and a storage memory 203 of "EEPROM" type (English "Electrically Erasable Programmable Read Only Memory"). In particular, the storage memory 203 is arranged to store a password management application that includes code instructions for implementing the steps of the method of managing a list of at least one password such as previously described. The storage memory 203 is also arranged to store a list of access information to S services. An access information includes, where appropriate, an identifier I; of the user and a label 1; associated with the service S ;. The label 1; is intended to be used to generate a password pwd ,, necessary to access the service Si; input means 204, arranged to allow the user to enter a password mp used to generate the password pwd; S services; from labels 1 ;. Note that the master password mp can generate all the password pwd; access to S services. The input means 204 are for example a keyboard. In another example, the input means are a microphone associated with voice recognition means.

The terminal 20 also comprises: a obtaining module 205, arranged to obtain from a list of at least one label, a label associated with said service. The obtaining module 205 is arranged to implement the step E2 obtaining a label of the method of management of at least one secret described above, - a generation module 206, arranged to generate a password pwd; associated with the S service; by applying a password derivation function F to the label 1; and the master password mp specific to all the labels in the list. The generation module is arranged to implement the step E5 of generating the password of the method described above.

The obtaining 205 and providing 206 modules are preferably software modules comprising software instructions for implementing the steps of the method of managing a list of at least one previously described password. The invention therefore also relates to: a computer program comprising instructions for implementing the method of managing a list of at least one password as described above when this program is executed by a processor of the user terminal 20, - a readable recording medium on which is recorded the computer program described above.

The software modules can be stored in, or transmitted by, a data carrier. This may be a hardware storage medium, for example a CD-ROM, a magnetic diskette or a hard disk, or a transmission medium such as a signal or a telecommunications network.

In an exemplary embodiment, the terminal 20 also comprises configuration means (not shown in Figure 2), arranged to configure the services S; which he wishes to access. More specifically, the configuration means are arranged to define for each service If a label 1; and to associate with the service S; a password pwd; obtained by applying the password generation function F to the label 1; chosen for the service S ;.

At the end of the configuration of the service S ;, the password pwd; allows access to the S service; in association, if necessary, with an identifier I; of the user included in the service access information S ;.

In an exemplary embodiment, the user terminal 20 comprises means for defining constraints (not shown in FIG. 2), arranged to define properties of the passwords pwd; access to S services. These properties are constraints that pwd passwords must respect; generated to access S services. In this case, the terminal 20 also includes constraint control means arranged to take into account the password generation constraints defined by the defining means. In particular, the control means comprise the application of a second function to an intermediate data obtained by applying the password derivation function to the label. The second function takes into account the constraints imposed for the generation of passwords pwd ;. For example, when the constraint imposes a size on the passwords, the second function can consist of truncating the intermediate data or, on the contrary, completing it so as to respect the size constraint. When the constraint imposes to use certain types of characters in the passwords pwd ;, the second function can consist of transforming certain characters of a starting alphabet into characters of an arrival alphabet which corresponds to the imposed constraints. The means for defining the constraints and controlling the constraints are preferably software modules.

In another embodiment, the terminal 20 also comprises master password control means, arranged to control the validity of the master password when it is entered by the user. The control means of the master password preferably form a software module.

Claims (6)

A method of managing a list of at least one password, said password being intended to access a service, the method comprising: obtaining (E2) a label (1;) associated with said service; from a list of at least one label, - generating (E5) a password (pwd,) associated with the service by applying a password derivation function (F) to the label and to a master password (mp) specific to all the labels in the list. 2. Method of managing a list of at least one password according to the preceding claim, comprising a definition of properties of the password associated with said label, and an application of a second function to an intermediate data obtained by application. from the password derivation function to the label, a password resulting from the application of the second function to the intermediate data having the properties defined for the password. 3. Management method according to one of the preceding claims, comprising a control of the master password implemented after input of said master password. 4. User terminal, arranged to manage a list of at least one password, said password being intended to access a service, said terminal comprising: - means (205) for obtaining a label, arranged to obtain from a list of at least one label, a label associated with said service, - generation means (206), arranged to generate a password associated with the service by applying a word derivation function password to the label and a master password specific to all the labels in the list. 5. Computer program on a data medium and loadable in the memory of a terminal, the program comprising portions of code for executing the steps of the method of managing a list of at least one password according to any one of claims 1 to 3, when the program is executed on said computer. Data carrier in which the program according to claim 5 is recorded.