GB2347248A - Super passwords - Google Patents

Super passwords Download PDF

Info

Publication number
GB2347248A
GB2347248A GB9904233A GB9904233A GB2347248A GB 2347248 A GB2347248 A GB 2347248A GB 9904233 A GB9904233 A GB 9904233A GB 9904233 A GB9904233 A GB 9904233A GB 2347248 A GB2347248 A GB 2347248A
Authority
GB
United Kingdom
Prior art keywords
password
resource
super
string
responsive
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
GB9904233A
Other versions
GB9904233D0 (en
Inventor
Colin David Mccall
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
International Business Machines Corp
Original Assignee
International Business Machines Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by International Business Machines Corp filed Critical International Business Machines Corp
Priority to GB9904233A priority Critical patent/GB2347248A/en
Publication of GB9904233D0 publication Critical patent/GB9904233D0/en
Publication of GB2347248A publication Critical patent/GB2347248A/en
Withdrawn legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • H04W12/041Key generation or derivation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • H04W12/068Authentication using credential vaults, e.g. password manager applications or one time password [OTP] applications
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security
    • H04W12/084Access security using delegated authorisation, e.g. open authorisation [OAuth] protocol
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2211/00Indexing scheme relating to details of data-processing equipment not covered by groups G06F3/00 - G06F13/00
    • G06F2211/007Encryption, En-/decode, En-/decipher, En-/decypher, Scramble, (De-)compress
    • G06F2211/008Public Key, Asymmetric Key, Asymmetric Encryption
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2131Lost password, e.g. recovery of lost or forgotten passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W88/00Devices specially adapted for wireless communication networks, e.g. terminals, base stations or access point devices
    • H04W88/02Terminal devices

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computing Systems (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)

Abstract

A system for ensuring secure access to a resource 14 comprises a password checker 12 adapted to check a user's password before allowing access to the resource. The password checker further includes means, responsive to user input, for generating a string indicative of the identity of the resource; means, responsive to receipt of a super-password from a super-password generator 10, for decrypting the super-password with a public key 22 associated with the resource; and means, responsive to the string and the decrypted super-password matching, for allowing access to the resource. The super-password generator responds to the string being provided by an accredited user to encode the string with a private key 20 corresponding to the public key 22.

Description

SUPER PASSWORDS The present invention relates to a method and apparatus for providing secure access to resources.
Computers and many other devices (such as mobile computer hard drives or car radios) contain passwords in non-volatile memory eg. flash memory, battery backed up memory or on a storage medium, to protect them from unauthorized use. It is also possible that certain aspects of a device's functionality may have access restricted only to a user providing a password. For example, many application programs require a password which may be written to a predefined location in memory.
Furthermore, some applications or devices have aspects of their functionality restricted to administrator type users providing an administrator password.
In any case, if a user sets a password and forgets it, or sets a password maliciously to deny legitimate access to a resource, be it a computer, a computer application or an electronic device such as a phone, it usually requires physical intervention at the resource to reset the password. In the case of a computer, this may require the covers to be opened and a jumper set on the system board. This is a very expensive process involving a skilled technician visiting the machine on site, or the machine being taken out of service and shipped to a service centre.
In some cases it may be impossible to recover the resource.
Cellular Mobile Phones already implement a super password technique. In the case of GSM phones, the phone is equipped with a SIM card which gives the phone its unique identity on the GSM network. The SIM card can be password protected to prevent illegal use of the customer's account on the phone network if the phone is lost. In the event that the password is forgotten, the network operator can provide the customer with a PUK (personal unlocking key) which is unique to the SIM card serial number and is generated using some non-obvious algorithm and the SIM card serial number. The PUK overrides the password and allow access to the SIM card and is only divulged once the customer has proven that he/she is the proper owner of the SIM card. The system works because there are relatively few network operators and, so far, they have managed to keep this algorithm secret.
This system is clearly not workable where many manufacturers or parties who verify a user's identity before supplying a super password may be involved.
The present invention provides a system according to claim 1, a resource according to claim 2 and a super-password generator according to claim 12.
The invention solves the problem of the prior art by implementing a super password that overrides any password set by a user, which can be calculated from some attribute of the resource such as its serial number, licence number or Universally Unique IDentifier (UUID), and transmitted to the end user and typed into the machine, but which does not rely on maintaining the secrecy of the algorithm for generating the password.
This is based on the fact that counter to common asymmetric cryptography implementations, the user's private key is not actually held by the user rather it is held by the party entrusted with issuing super-passwords.
Because, the super password generated according to the invention is based on a resource-specific property and a public key (which can be programmed into the device), the resource can only be unlocked knowing 1) the algorithm, 2) the resource specific attribute and 3) the private key corresponding to the public key. This means that security is not compromised even if the algorithm, public key and resource specific property are widely known.
This gives the invention far wider appeal than if it relied on a manufacturer guarding the algorithm and giving out the super-passwords.
Nonetheless, reading the public key is allowed because the private key cannot be easily deduced from the public key (using a scheme such as RSA encryption).
Further, including a resource-specific attribute to the calculation (which in one embodiment is a random number generated each time the challenge is made) prevents the super-password for one resource being used to access a different resource where, for example, a site wide public key is common to a number of resources.
Embodiments of the invention will now be described with reference to the accompanying drawing which is a schematic view of the system according to the invention.
The system according to the invention comprises two computer programs: a super password generator 10 cooperable with a database 20 of private keys which is kept secure by the resource manufacturer or a party trusted to dispense super-passwords, and a password checker 12 which is built into resources protected with the invention.
A preferred embodiment of the invention will be described in terms of a system for providing secure access to a device 14 such as a personal computer. It is well known for such devices to include a start-up or bootstrap program 16 which runs when a computer is started or re-started.
Such bootstrap programs may include the routine 12 for setting and checking for a password which executes before continuing to load the operating system for the computer.
If a user forgets the password 18 stored in memory, or a system owner finds that the password 18 has been set maliciously to deny access, the present embodiment allows the user to hit a special function key which causes the password checker routine 12 to generate and display a unique identifier string rather than prompt the user for the stored password 18.
The unique identifier string is preferably generated using a secure combination of the current (lost) password 18 and some unique attribute of the system. (using an irreversible, for example, MD5 to generate a message digest which is used as the ID string prevents 3rd parties discovering the password 18 even if they discover the ID string.) Typically the device serial number, UUID, or MAC (Media Access Control) address could be used as the unique attribute. In any case, the attribute should be unique to the resource, not normally modifiable by the user, and accessible to the password checker routine.
The user must now supply proof that he is entitled to use the resource, along with the identifier string to an authorised dispenser of super-passwords. This can be done in any number of ways such as telephoning a manufacturers service line or e-mailing the manufacturer with the ID string and the user's credentials.
Once the user's credentials are verified, and this can be done automatically, if the credentials are supplied electronically, the password generator program 10 then uses the identifier string and the users private key, stored in the database 20, to generate a'super' password which is highly likely to be unique to the supplied identifier.
This program 10 may use any of several well known public keyt encryption technologies, for example RSA.
The super password is returned to the user, either electronically or orally and the user then enters the super password. It will be seen that if the ID string is generated from constants like the old password and the device serial number, the super password will remain the same, and so the user need not wait for the super password with the device in the same state as when the ID string was generated. Rather, the user can use the device in so far as is allowed without the password, and then re start the password checker program to arrive at the point of requiring the super-password.
The password checker 12 decrypts the super password using a'public key, 22 matching the private key used by the super password generator.
Where a computer or phone is used, this is stored in non-volatile, whereas for an application program the key would more likely be stored on disk. The decrypted super password supplied will only match the identifier string if matching public and private keys are used. If so, the checker 12 can reset the password 18 to allow the user access and allow the user to set a different password if required.
It will be seen that the invention can be applied to application programs or any other device simply by allowing a user to run the password checker routine before being prompted for the password for the program or device.
In an alternative embodiment, the ID string is generated from a random number output by a random number generator 24. This means that a different ID string is generated every time a request to override the password 18 is made. It means that, although the user must wait with the resource in the same state as when the ID string was generated, only one resource may be released at a time and so this is particularly useful if a single private key is used for many resources.
The invention is also adaptable to mitigate problems caused by such a single private key for a group of resources being revealed.
In one embodiment, the public key is set in flash memory, but changes every time the code changes. So if the private key is compromised, the manufacturer can issue a new level of flash code. in this case, the password checker 12 displays both the ID string and the Flash level, and the password generator 10 looks up the Flash level to get the private key matching the public key for that level of Flash code.
Alternatively, the public key is stored in EEPROM and is setable by a user. In this case an owning organization owns its own private/public key pair. Once a public key is set for the first time, the user must first get the super password from his administrator before changing the key. This gives less protection from the'trusted malicious user'tan the Flash option, but is still better than the current password protection.

Claims (16)

  1. CLAIMS 1. A system for ensuring secure access to a resource comprising: password checker means adapted to check a user's password before allowing access to said resource, said password checker means further including: means, responsive to user input, for generating a string indicative of the identity of said resource; means, responsive to receipt of a super-password from a superpassword generator means, for decrypting said super-password with a public key associated with said resource; and means, responsive to said string and said decrypted super-password matching, for allowing access to said resource; super-password generator means, responsive to said string being provided by an accredited user, for encoding said string with a private key corresponding to said public key.
  2. 2. An access controlled resource comprising password checker means adapted to check a user's password before allowing access to said resource, said password checker means further including: means, responsive to user input, for generating a string indicative of the identity of said resource ; means, responsive to receipt of a super-password from a superpassword generator means, for decrypting said super-password with a public key corresponding to a private key accessible only by a superpassword generator means; and means, responsive to said string and said decrypted super-password matching, for allowing access to said resource.
  3. 3. A resource according to claim 2 in which said string generator means is adapted to generate said string from any combination of said password and a resource serial number.
  4. 4. A resource according to claim 2 in which said string generator means is adapted to generate said string from a random number generator.
  5. 5. A resource according to claim 3 in which said string generator means is adapted to generate said string using a non-reversible algorithm.
  6. 6. A resource according to claim 5 in which said algorithm is the MD5 algorithm.
  7. 7. A resource according to claim 2, said resource being one of a computer, a computer application or an electronic device.
  8. 8. A resource according to claim 2 wherein said string generating means is adapted to transmit said string and said users credentials to said super-password generator means.
  9. 9. A resource according to claim 2 wherein the string generator means is adapted to be initiated by a user striking a special function key.
  10. 10. A resource according to claim 2 in which said public key is stored in electrically erasable memory and said resource comprises means, responsive to said super-password being provided by an accredited user, to enable a user to update said public key.
  11. 11. A resource according to claim 2 in which said public key is stored in a flash memory having an associated flash-level and said private key, accessible only by said super-password generator means, is associated with said flash level.
  12. 12. A super-password generator for ensuring secure access to a resource comprising: super-password generator means, responsive to a string indicative of the identity of said resource being provided by an accredited user, for encoding said string with a private key corresponding to a public key associated with said resource.
  13. 13. A super-password generator according to claim 12 including means for verifying a user's credentials and means for transmitting said superpassword to said resource.
  14. 14. A method of controlling access to a resource comprising the steps of: responsive to user input, generating a string indicative of the identity of said resource; responsive to receipt of a super-password from a super-password generator means, decrypting said super-password with a public key corresponding to a private key accessible only by a super-password generator means ; and responsive to said string and said decrypted super-password matching, allowing access to said resource.
  15. 15. A computer program product comprising computer program code stored on a computer readable storage medium for, when executed on a computer, controlling access to a resource, the program code comprising password checker means adapted to check a user's password before allowing access to said resource, said password checker means further including: means, responsive to user input, for generating a string indicative of the identity of said resource; means, responsive to receipt of a super-password from a superpassword generator means, for decrypting said super-password with a public key corresponding to a private key accessible only by a superpassword generator means; and means, responsive to said string and said decrypted super-password matching, for allowing access to said resource.
  16. 16. A computer program product comprising computer program code stored on a computer readable storage medium for, when executed on a computer, generating a super-password, the program code comprising super-password generator means according to claim 12.
GB9904233A 1999-02-25 1999-02-25 Super passwords Withdrawn GB2347248A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
GB9904233A GB2347248A (en) 1999-02-25 1999-02-25 Super passwords

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
GB9904233A GB2347248A (en) 1999-02-25 1999-02-25 Super passwords

Publications (2)

Publication Number Publication Date
GB9904233D0 GB9904233D0 (en) 1999-04-21
GB2347248A true GB2347248A (en) 2000-08-30

Family

ID=10848403

Family Applications (1)

Application Number Title Priority Date Filing Date
GB9904233A Withdrawn GB2347248A (en) 1999-02-25 1999-02-25 Super passwords

Country Status (1)

Country Link
GB (1) GB2347248A (en)

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2003104953A2 (en) * 2002-06-05 2003-12-18 Sun Microsystems, Inc. Method and apparatus for protecting against side channel attacks on personal identification numbers
EP1580643A2 (en) * 2004-03-23 2005-09-28 International Business Machines Corporation Access protection for computer systems
AT500997A1 (en) * 2004-11-09 2006-05-15 Kapsch Trafficcom Ag METHOD AND APPARATUS FOR USER-SPECIFIC INITIALIZATION OF IDENTIFICATION DEVICES IN THE FIELD
US7162456B2 (en) 2002-06-05 2007-01-09 Sun Microsystems, Inc. Method for private personal identification number management
US7167843B2 (en) 2002-06-05 2007-01-23 Sun Microsystems, Inc. Apparatus for private personal identification number management
WO2008012020A1 (en) * 2006-07-26 2008-01-31 Carl Zeiss Meditec Ag Method for generating access data for a medical device
US7870376B2 (en) 2004-03-23 2011-01-11 International Business Machines Corporation System, method and program product for controlling access to computer system
CN106302335A (en) * 2015-05-22 2017-01-04 杭州海康威视数字技术股份有限公司 Network monitoring device and reset the methods, devices and systems of its password, server

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4453074A (en) * 1981-10-19 1984-06-05 American Express Company Protection system for intelligent cards
US5398285A (en) * 1993-12-30 1995-03-14 Motorola, Inc. Method for generating a password using public key cryptography

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4453074A (en) * 1981-10-19 1984-06-05 American Express Company Protection system for intelligent cards
US5398285A (en) * 1993-12-30 1995-03-14 Motorola, Inc. Method for generating a password using public key cryptography

Cited By (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2003104953A3 (en) * 2002-06-05 2004-07-08 Sun Microsystems Inc Method and apparatus for protecting against side channel attacks on personal identification numbers
US7162456B2 (en) 2002-06-05 2007-01-09 Sun Microsystems, Inc. Method for private personal identification number management
US7167843B2 (en) 2002-06-05 2007-01-23 Sun Microsystems, Inc. Apparatus for private personal identification number management
WO2003104953A2 (en) * 2002-06-05 2003-12-18 Sun Microsystems, Inc. Method and apparatus for protecting against side channel attacks on personal identification numbers
US7596531B2 (en) 2002-06-05 2009-09-29 Sun Microsystems, Inc. Method and apparatus for protecting against side channel attacks against personal identification numbers
EP1580643A2 (en) * 2004-03-23 2005-09-28 International Business Machines Corporation Access protection for computer systems
EP1580643A3 (en) * 2004-03-23 2006-10-11 International Business Machines Corporation Access protection for computer systems
US7870376B2 (en) 2004-03-23 2011-01-11 International Business Machines Corporation System, method and program product for controlling access to computer system
US9098950B2 (en) 2004-11-09 2015-08-04 Kapsch Trafficcom Ag Method and system for the user-specific initialization of identification devices in the field
AT500997A1 (en) * 2004-11-09 2006-05-15 Kapsch Trafficcom Ag METHOD AND APPARATUS FOR USER-SPECIFIC INITIALIZATION OF IDENTIFICATION DEVICES IN THE FIELD
AT500997B1 (en) * 2004-11-09 2007-02-15 Kapsch Trafficcom Ag METHOD AND APPARATUS FOR USER-SPECIFIC INITIALIZATION OF IDENTIFICATION DEVICES IN THE FIELD
WO2008012020A1 (en) * 2006-07-26 2008-01-31 Carl Zeiss Meditec Ag Method for generating access data for a medical device
CN106302335A (en) * 2015-05-22 2017-01-04 杭州海康威视数字技术股份有限公司 Network monitoring device and reset the methods, devices and systems of its password, server
EP3300328A4 (en) * 2015-05-22 2019-01-23 Hangzhou Hikvision Digital Technology Co., Ltd. Network monitoring device and method, apparatus and system for resetting password thereof, and server
CN106302335B (en) * 2015-05-22 2020-02-07 杭州海康威视数字技术股份有限公司 Network monitoring equipment, method, device and system for resetting password thereof and server
US10831879B2 (en) 2015-05-22 2020-11-10 Hangzhou Hikvision Digital Technology Co., Ltd. Network monitoring device, method, apparatus and system for resetting password thereof, and server

Also Published As

Publication number Publication date
GB9904233D0 (en) 1999-04-21

Similar Documents

Publication Publication Date Title
US7886355B2 (en) Subsidy lock enabled handset device with asymmetric verification unlocking control and method thereof
US10565400B2 (en) Implementation of an integrity-protected secure storage
EP3522580B1 (en) Credential provisioning
AU2011261152B2 (en) Method and system for providing continued access to authentication and encryption services
EP2063378B1 (en) Telecommunications device security
CN101452514B (en) User data protection method for safety computer
US20030065934A1 (en) After the fact protection of data in remote personal and wireless devices
US20020066039A1 (en) Anti-spoofing password protection
US20080003980A1 (en) Subsidy-controlled handset device via a sim card using asymmetric verification and method thereof
EP3462366A1 (en) Device with a cryptographic coprocessor
JP2004180310A (en) Method for setting and managing confidence model between chip card and radio terminal
CN101523399A (en) Methods and systems for modifying an integrity measurement based on user athentication
KR20060116822A (en) Method for the authentication of applications
CN101999125A (en) System and method for improving restrictiveness on accessingsoftware applications
EP1362274A2 (en) Method and apparatus for controlling access to functions with different securitylevels
US10680814B2 (en) Device key security
CN106982186A (en) A kind of online safe key guard method and system
US20130097427A1 (en) Soft-Token Authentication System
US20140143896A1 (en) Digital Certificate Based Theft Control for Computers
US20210281399A1 (en) Methods and systems of securely transferring data
GB2347248A (en) Super passwords
CN112182669A (en) System and method for storing data records to be protected
EP2479696A1 (en) Data security
JP7431382B2 (en) Exclusive self-escrow methods and equipment
JP2003152718A (en) Mobile terminal, information management system, information management method, management program, and recording medium for recording the management program

Legal Events

Date Code Title Description
WAP Application withdrawn, taken to be withdrawn or refused ** after publication under section 16(1)