GB2510895A - A method and system for generation of dynamic password - Google Patents
A method and system for generation of dynamic password Download PDFInfo
- Publication number
- GB2510895A GB2510895A GB201302805A GB201302805A GB2510895A GB 2510895 A GB2510895 A GB 2510895A GB 201302805 A GB201302805 A GB 201302805A GB 201302805 A GB201302805 A GB 201302805A GB 2510895 A GB2510895 A GB 2510895A
- Authority
- GB
- United Kingdom
- Prior art keywords
- password
- client
- value
- server
- values
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/45—Structures or tools for the administration of authentication
- G06F21/46—Structures or tools for the administration of authentication by designing passwords or checking the strength of passwords
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/36—User authentication by graphic or iconic representation
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Document Processing Apparatus (AREA)
Abstract
The invention provides a method of independently generating a dynamic password by a client and a server for subsequent verification of the generated password by either the server or the client. The method includes: registering a user ID for identification of the client; providing one or more static values and options to generate one or more variable values for the registered user ID; providing options to generate and apply instructions (e.g. mathematical, logical, locating, selection, or mixing-values operations); deriving a base value (e.g. a matrix, a phrase, text, numeric value, alphabets, characters, images, colours) by the server; applying the instructions on the one or more static value, the one or more variable value and the base value to generate the password; providing the generated password in the server by the client; generating a random password by the server and verifying the generated password with the random password generated by the client. Examples of static and variable values are numeric or alphanumeric values, date, century, year, month, week, season, rainbow, time or timestamp, age, measurements of distance, time, currency, weight, capacity, area, numbers or words or letters in a sentence or a captcha value.
Description
A METHOD AND SYSTEM FOR GENERATION OF DYNAMIC PASSWORD
BACKGROUND OF THE INVENTION
1. Field Of The Invention
[0001] The present invention generally relates to a method and system for generation of dynamic password, and more particularly relates to the method and system for generation of dynamic password from instructions applied on a base value, a static value, a variable value or any combination of some or all of these.
2. Description of Related Art
[0002] In today's world where a lot of interactions between different parties like people and computer systems are fact of life, one of the main concerns is how to identity each party. To be certain that they are who they are a common practice is to require one of the parties that acting in the client capacity to identify itself via sign in (authentication) process by providing its user id and associated password.
[0003] It is well known that a client determines a meaningful password, in the form of, for example, the name of their dog, the birth date of their child or an election year of the favorite candidate. This type of password is easily compromised with investigation. Conversely, a computer can randomly associate a password for a client, but this type of password is meaningless to the client and as such difficult to memorize.
Consequently, the former method, which is simple, is insecure and the latter method, which is more secure, is difficult to use and often leads to a client writing their password next to their computer, thereby making the system insecure.
[0004] The problem with current sign in (authentication) and what makes hacking very possible is that credentials are static in nature (user id and password are set once and used many) and when supplied are transmitted between the client and authenticator. These make them vulnerable for interception for further malicious use.
[0004] To make it less vulnerable, the password that is part of transmission needs to be dynamic and of different value every time so even if intercepted will be of no use in the future. Currently there are available options for the dynamic password which are achieved by utilizing Secure ID token that changes every so often. This token is generated by either a physical device or software installed on a physical device like mobile phone or a computing device.
[0005] Therefore there is a need of a method and system for generating a common dynamic password independently by both server and client. Further, the generated password validates the client to operate through the server. Furthermore, the generated password depends upon the instructions applied on static value, base value, variable value or any combination of some or all of these.
SUMMARY OF THE INVENTION
[0006] In accordance with the teachings of the present invention, a method and system for independent generation of dynamic password by a client and a server for subsequent verification of the generated password is provided.
[0007] An objective of the present invention is to provide a method and a system for generation of dynamic password by applying instructions on static value, variable value, base value or any combination of some or all of these. Further, the generated password is verified by the random password for authentication of the client.
[0008] Another objective of the present invention is to provide a method and a system for creating a base value in the form of matrix, text, numeric or other values or any combination of some or all of these for generating the random password.
[0009] Another objective of the present invention is to provide a method and a system for providing an option of re-entering the password when the verification attempts failed as the generated password is different from the random password.
[0010] Another objective of the present invention is to provide a method and a system for providing disabling the registration of User ID on entering of wrong password for a predetermined times.
BRIEF DESCRIPTION OF DRAWINGS
[0011] FIG. I is a flow diagram of a method of generation of dynamic password by a client and a server for subsequent verification of the generated password by either the server or the client, in accordance with a preferred embodiment of the present invention; and [0012] Fig. 2 is a block diagram for indicating an example of generating a dynamic password; and [0013] Fig. 3 is an exemplary embodiment of determining random password through a matrix.
DETAILED DESCRIPTION OF DRAWINGS
[0014] While this technology is illustrated and described in a preferred embodiment, a system and method for generating an optimized set of meeting assignments for meeting participants may be described in many different configurations, forms and various methods, without deviating from the scope of present invention. There is depicted in the drawings, and will herein be described in detail, as a preferred embodiment of the invention, with the understanding that the present disclosure is to be considered as an exemplification of the principles of the invention and the associated functional specifications for its construction and is not intended to limit the invention to the embodiment illustrated. Those skilled in the art will envision many other possible variations within the scope of the technology described herein.
[0015] FIG. 1 is a flow diagram of a method 100 of generation of dynamic password by a client and a server for subsequent verification of the generated password by either the server or the client, in accordance with a preferred embodiment of the present invention.
[0016] In a preferred embodiment, the method 100 initiates with a step 102 for registering a user ID for identification of the client and associating client's related information. The user ID is registered by the client on the server and is further stored in the data storage. Examples of user ID includes but not limited to numeric value, alphabets, characters and alphanumeric value etc. In order to prepare for the subsequent verifications processes, the client has to register with the server and creates the user ID which is submitted to the server with request to register the client.
The server than responds with a facility screen where client may enter detailed information required to register the user ID. The server then provides a screen for the client to provide detailed information regarding the requirements on generation of dynamic password.
[0017] The step 102 is followed by a step 104 for providing one or more static values and options to generate one or more variable values for the registered user ID.
In a preferred embodiment of the present invention, the client enters one or more static values and options to generate one or more variable values to the server.
[0018] The step 104 is then followed by a step 106 is providing options to generate instructions for the registered user ID. Examples of instructions include but not limited to mathematical operators, logical operations, locating operations, selection operations, mixing values operations, or any mixture of some or all of these operations.
The client enters one or more options to generate instructions for the server.
[0019] The step 106 is followed by a step 108 for providing options to apply instructions for the registered user ID. Examples of instructions include but not limited to mathematical operations logical operations, locating operations, selection operations, mixing values operations, or any mixture of some or all of these operations.
[0020] The step 108 is followed by a step 110 for storing the information in the data storage upon validation by the server. Examples of data storage includes but not limited to databases and files located on any devices virtual or physical. The step 110 completes the registration process of the client. Further, the following steps explain about the initiation of authentication process till the completion of verification process of client by the server.
[0021] The step 110 is followed by a step 112 for deriving a base value by the server. In a preferred embodiment, the base value depends upon the information provided by the client in the step 102, the step 104, the step 106 and the step 108. In a preferred embodiment, the client enters one or more options to generate one or more base values to the server. Examples of base value include but not limited to numeric value(s), alphabets, characters, alphanumeric value, images, text, colors and/or matrix containing some or all of them. In another preferred embodiment, the server would randomly pick or generate values for the base value.
[0022] Examples of one or more static values, the variable values and the base value include but not limited to numeric values, alphabets, characters and alphanumeric value, date, century, year, month, week, season of the year, day of the year, month or week, rainbow (it has certain numbers of colors and each colors has a code in various systems), time from common sources or timestamp from server's or client's system, age, anniversary of an event, measurements of distance, time, currency, weight, capacity, area, numbers or words or letters in a sentence or number of letters in a word or a captcha value.
[0022] The step 112 is then followed by a step 114 for applying instructions on the static value, the variable value and the base value to generate the password. In a preferred embodiment of the present invention, with reference to the step 106 and step 108; wherein the client provides option for generating and applying instructions. Thus, the server applies instructions on the static value, the variable value and the base value.
[0022] The step 114 is then followed by a step 116 for providing the generated password in the server and by the client. In the step 116, the generated password is submitted into the server by the client for the verification and authentication process [0023] The step 116 is then followed by a step 118 for generating a random password by the server. The random password generated by the server should be identical to the generated password provided to the server by the client.
[0024] The step 118 is followed by a step 120 for verifying the generated password with the random password generated by the client. The verification process is processed by the server. On successful verification of the generated password with the random password by the server, the client is authenticated by the server.
[0025] In another embodiment of the present invention, if the client is not verified (as from step 120) due to wrong password provided by the client, then a step 122 provides an option of re-entering the password when the generated password is different from the random password. In another preferred embodiment of the invention, every time a facility to re-enter the password is given to the client, a new version of base value would be presented by the server.
[0026] In another embodiment of the present invention, as per step 124, the registration of user ID is disabled upon entering of a wrong password for a predetermined times. For example if a client provides a wrong password for consecutively more than three or five times then the user ID is disabled. Thus, the client will have to use other means to contact the service provided and undergo the provider's applicable procedures to enable the registration in order to operate the server.
[0027] To summarize, the step 102 to the step 110 falls under Registration of a client onto the server and the step 112 to the step 124 falls under Sign In and Authentication of the user onto the server.
[0028] However it is to be noted the step 102 for registration is a preferred embodiment and the novelty of the system is independent of the registration process of a client. Those who skilled in the art would appreciate that the method 100 may be performed without step 102 i.e. registration of the client, without deviating from the scope of the present invention.
[0029] Fig. 2 is a block diagram 200 for indicating an example of generating a dynamic password. As shown, the static value is 4951, the first variable value is 5 (Friday -5th day of the week), the second value is 3 (Date of Joining, May 3, 2013) as provided by the client. Further, the base value is a matrix. The matrix is explained in detailed in conjunction with Fig. 3 of the present invention.
[0030] The next step is to apply instructions on the static values and variable values by the server. In an exemplary embodiment as shown in the block diagram 200, the instructions are as follows: 1st digit of the Static Value 1st Variable Value 2nd digit of the Static Value 3rd digit of the Static Value 4th digit of the Static Value 2nd Variable Value Thus, the value generated after applying instructions is 459513.
[0031] As per set instructions/options the letters from the Matrix are located by using each number in the constructed value for both coordinates (horizontal and vertical). So:
1st letter coordinate 4x4: H 2nd letter coordinate 5x5: O 3rd letter coordinate 9x9: G' 4th letter coordinate 5x5: 0' 5th letter coordinate lxi: Y' 6th letter coordinate 3x3: 5' The generated password: HOGOYS The generated password matches with the random password and thus the client is authenticated.
[0032] Fig. 3 is an exemplary embodiment of deriving generated password through a matrix 300. In exemplary embodiment, the matrix would have mixture of various values and coordinates for the client to locate those values. Examples of values include numbers, letters or symbols etc. The values are generated by the server. Each value in the matrix replicates random multiple places to prevent guessing which exact coordinate were used by the client to select value that was used by the client that is used to construct password. This is done in event if someone monitors the process of generated password by the client or intercepts the transmissions of the facility with matrix, instructions and password. Every time the server generates a matrix from randomly chosen values for having variations of coordinates associated with matrix. All this would allow unpredictability of which matrix would be presented to the client for generating password process and therefore impossible to reverse engineer by malicious party.
[0033] Furthermore, in another preferred embodiment the system for independently generating a dynamic password by a client and a server for subsequent verification of the generated password by either the server or the client may also be used. The system includes a data storage accessible to the server and a processor connected to the server and the data storage. The processor is configured to process the steps of method 100 (with reference to Fig. 1). Examples of data storage includes but not limited to memory card, read-only memory (ROM), flash memory, dynamic random access memory (DRAM) (such as synchronous DRAM (SDRAM) or Rambus DRAM (RDRAM), static random access memory (SRAM) etc or on any other devices virtual or physical.
[0034] Examples of processor includes but not limited to one or more special-purpose processing devices such as an application specific integrated circuit (ASIC), a field programmable gate array (FPGA), a digital signal processor (DSP), network processor, virtual processor etc. The processor represents one or more general-purpose processing devices such as a microprocessor, central processing unit, or the like.
[0035] Hereinafter, three examples are presented for explaining the embodiments of the present invention in further details.
[0036] Example 1
[0037] The static value is 4951, the first variable value is 5 (Friday -5tb day of the week), the second value is 3 (Date of Joining, May 3,2013) and the base value is a matrix (as shown in Fig. 3).
[0038] The instruction for deriving the password is first the static value and then variable value for vertical coordinates and for horizontal coordinates first variable and then static values. Thus putting the values in the base value i.e. matrix (as shown in Fig. 3). Hence, one axis would be 495153 and on another axis would be 534951. So:
1st letter coordinate 4x5: S 2nd letter coordinate 9x3: Y' 3rd letter coordinate 5x4: J' 4th letter coordinate 1x9: J' 5th letter coordinate 5x5: 0' 6th letter coordinate 3x1: 0' The generated password: SYJJOO Thus, if the generated password is same as the random password, then the client is authenticated.
[0039] Example 2
[0040] The static value is 4951, the first variable value is 5 (Friday -5tb day of the week), the second value is 3 (Date of Joining, May 3, 2013) and the base value is a phrase or text.
[0041] In example 2, the phrase or text is "In today's world where a lot of interactions between different parties like people and computer systems are fact of life, one of the main concerns is how to identify each party." [0042] The first instruction for deriving the password is as follows: 1. 1st digit of the Static value -4 2. 1st Variable value-S 3. 2nd digit of the Static value -9 4. 3rd digit of the Static value-S 5. 4th digit of the Static value -1 6. 2nd Variable value -3 [0043] The second instruction for deriving the password is to locate letters in the base value and the letters would start with the word number indicated by 2'' variable (in this case, number 3), hence: world where a lot of interactions...' Hence the password would be as follows: 4-I, 5-d, 9-r, 5-d, 1-w, 3-r, thus the password is ldrdwr'.
Thus, if the generated password is same as the random password, then the client is authenticated.
[0044] Example 3
The static value is 4951, the first variable value is 5 (Friday -5th day of the week), the second value is 3 (Date of Joining, May 3, 2013) and the base value is a series of a number. For example 3, the base value is 258649.
First set of instructions remain the same as in Example 2 and thus the derived value is 459513.
[0045] Second set of instructions are as follows: * Each digit of the constructed value should be applied arithmetically separately to the digit in the corresponding position in Base Value * For each digit pair o If Base Value digit is even number, use arithmetical operation add and If Base Value digit is odd number, use arithmetical operation subtract to determine intermediate result 1.
o If the value of the single arithmetic operation in intermediate result I is even number then subtract 1 and If the result of the single arithmetic operation in intermediate result 1 is odd number then add 2 o In the event the resulted number is negative, disregard the negative sign * For the Password use only the last digit of each resulted number [0046] Following table describes the value derived from the second set of instructions.
BaseValue 2 5 8 6 4 9 Utilized Value 4 5 9 5 1 3 Intermediate result 1 6 0 17 11 5 6 Intermediate result 2 5 -9 19 13 7 5 Generated Password 5 9 9 3 7 5 [0047] Here as per the second set of instructions, if base value is an even number, then utilized value is added to the base value and if base value is an odd number, then utilized value is subtracted to the base value and thus the intermediate result 1' to 6, 0, 17, 11, 5 and 6. Further, as per second instructions, if the single arithmetic operation is even number then subtract 1 and if the single arithmetic operation is odd number then add 2, thus the intermediate result 2' is 5, -9, 19, 13, 7 and 5. Further, disregarding the negative sign, therefore the generated password is 599375.
Thus, if the generated password is same as the random password, then the client is authenticated.
[0048] However, it will be readily apparent to those with ordinary skill in the art that the password may be generated with various other values of static value, variable value and base value as well as different sets of instructions, without deviating from the scope of the present invention.
[0049] The present invention offers various advantages. The present invention allows utilization of very simple key value which is easily remembered and actually can be the same across various server environments without jeopardizing security. Further, the system allows independent dynamic password generation by client in the same manner as by the server without any tie to any physical devices, only server side is tied to devices. Furthermore, the generated password is always of different values and the invention allows it to be observed and transmitted freely and openly without jeopardizing security as it will be of no use for any subsequent submissions.
[0050] The foregoing discussion discloses and describes merely exemplary embodiments of the present invention. One skilled in the art will readily recognize from such discussion and from the accompanying drawings that various changes, modifications and variations can be made therein without departing from the spirit and scope of the invention.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
GB201302805A GB2510895A (en) | 2013-02-18 | 2013-02-18 | A method and system for generation of dynamic password |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
GB201302805A GB2510895A (en) | 2013-02-18 | 2013-02-18 | A method and system for generation of dynamic password |
Publications (2)
Publication Number | Publication Date |
---|---|
GB201302805D0 GB201302805D0 (en) | 2013-04-03 |
GB2510895A true GB2510895A (en) | 2014-08-20 |
Family
ID=48048551
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
GB201302805A Withdrawn GB2510895A (en) | 2013-02-18 | 2013-02-18 | A method and system for generation of dynamic password |
Country Status (1)
Country | Link |
---|---|
GB (1) | GB2510895A (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2015154625A1 (en) * | 2014-09-05 | 2015-10-15 | 中兴通讯股份有限公司 | Timing event processing method, storage method, execution method and corresponding device |
Families Citing this family (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112348998B (en) * | 2020-07-24 | 2024-03-12 | 深圳Tcl新技术有限公司 | Method and device for generating one-time password, intelligent door lock and storage medium |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2009001020A1 (en) * | 2007-06-26 | 2008-12-31 | G3-Vision Limited | Authentication system and method |
WO2012046304A1 (en) * | 2010-10-05 | 2012-04-12 | 株式会社シー・エス・イー | Two- factor user authentication system, and method therefor |
US20120137352A1 (en) * | 2010-11-30 | 2012-05-31 | Platez Pty Ltd. | Method and system for abstracted and randomized one-time use passwords for transactional authentication |
-
2013
- 2013-02-18 GB GB201302805A patent/GB2510895A/en not_active Withdrawn
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2009001020A1 (en) * | 2007-06-26 | 2008-12-31 | G3-Vision Limited | Authentication system and method |
WO2012046304A1 (en) * | 2010-10-05 | 2012-04-12 | 株式会社シー・エス・イー | Two- factor user authentication system, and method therefor |
EP2626807A1 (en) * | 2010-10-05 | 2013-08-14 | CSE Co., Ltd. | Two- factor user authentication system, and method therefor |
US20120137352A1 (en) * | 2010-11-30 | 2012-05-31 | Platez Pty Ltd. | Method and system for abstracted and randomized one-time use passwords for transactional authentication |
WO2013061171A1 (en) * | 2010-11-30 | 2013-05-02 | Platez Pty Ltd. | Abstracted and randomized one-time passwords for transactional authentication |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2015154625A1 (en) * | 2014-09-05 | 2015-10-15 | 中兴通讯股份有限公司 | Timing event processing method, storage method, execution method and corresponding device |
Also Published As
Publication number | Publication date |
---|---|
GB201302805D0 (en) | 2013-04-03 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US8869303B2 (en) | Method and system for generation of dynamic password | |
US11811936B2 (en) | Public/private key biometric authentication system | |
US8042159B2 (en) | Website log in system with user friendly combination lock | |
EP2732400B1 (en) | Method and system for verifying an access request | |
US8904482B1 (en) | Techniques for securing a one-time passcode with an alteration code | |
US7904947B2 (en) | Gateway log in system with user friendly combination lock | |
Neumann et al. | Civitas and the real world: problems and solutions from a practical point of view | |
ES2905097T3 (en) | An electronic voting method and system implemented in a portable device | |
US9654466B1 (en) | Methods and systems for electronic transactions using dynamic password authentication | |
Khelifi et al. | M-Vote: a reliable and highly secure mobile voting system | |
KR20150084678A (en) | Method of inputting confidential data on a terminal | |
US20130042318A1 (en) | Authentication System and Method Using Arrays | |
Singhal et al. | Software tokens based two factor authentication scheme | |
EP2973162B1 (en) | Privacy preserving knowledge/factor possession tests for persistent authentication | |
GB2510895A (en) | A method and system for generation of dynamic password | |
KR101039909B1 (en) | User authentication system and method for immunizing from hacking | |
EP3867782A1 (en) | Authentication system and method | |
AU2013200905A1 (en) | A method and system for generation of dynamic password | |
Palekha et al. | Cross-platforming web-application of electronic on-line voting system on the elections of any level | |
US10491391B1 (en) | Feedback-based data security | |
İşler et al. | User Study on Single Password Authentication | |
KR20140090012A (en) | Variable password generation method and internet authentication system using the same | |
CN109995745B (en) | Information matching method, terminal and computer readable storage medium | |
GB2533067A (en) | Anonymous and secure electronic voting system for use in open networks | |
Yamini et al. | Secured Voting System based on Blockchain |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
WAP | Application withdrawn, taken to be withdrawn or refused ** after publication under section 16(1) |