GB2510895A - A method and system for generation of dynamic password - Google Patents

A method and system for generation of dynamic password Download PDF

Info

Publication number
GB2510895A
GB2510895A GB201302805A GB201302805A GB2510895A GB 2510895 A GB2510895 A GB 2510895A GB 201302805 A GB201302805 A GB 201302805A GB 201302805 A GB201302805 A GB 201302805A GB 2510895 A GB2510895 A GB 2510895A
Authority
GB
United Kingdom
Prior art keywords
password
client
value
server
values
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
GB201302805A
Other versions
GB201302805D0 (en
Inventor
Mikhail Fleysher
Original Assignee
Mikhail Fleysher
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Mikhail Fleysher filed Critical Mikhail Fleysher
Priority to GB201302805A priority Critical patent/GB2510895A/en
Publication of GB201302805D0 publication Critical patent/GB201302805D0/en
Publication of GB2510895A publication Critical patent/GB2510895A/en
Application status is Withdrawn legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/45Structures or tools for the administration of authentication
    • G06F21/46Structures or tools for the administration of authentication by designing passwords or checking the strength of passwords
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/36User authentication by graphic or iconic representation

Abstract

The invention provides a method of independently generating a dynamic password by a client and a server for subsequent verification of the generated password by either the server or the client. The method includes: registering a user ID for identification of the client; providing one or more static values and options to generate one or more variable values for the registered user ID; providing options to generate and apply instructions (e.g. mathematical, logical, locating, selection, or mixing-values operations); deriving a base value (e.g. a matrix, a phrase, text, numeric value, alphabets, characters, images, colours) by the server; applying the instructions on the one or more static value, the one or more variable value and the base value to generate the password; providing the generated password in the server by the client; generating a random password by the server and verifying the generated password with the random password generated by the client. Examples of static and variable values are numeric or alphanumeric values, date, century, year, month, week, season, rainbow, time or timestamp, age, measurements of distance, time, currency, weight, capacity, area, numbers or words or letters in a sentence or a captcha value.

Description

A METHOD AND SYSTEM FOR GENERATION OF DYNAMIC PASSWORD

BACKGROUND OF THE INVENTION

1. Field Of The Invention

[0001] The present invention generally relates to a method and system for generation of dynamic password, and more particularly relates to the method and system for generation of dynamic password from instructions applied on a base value, a static value, a variable value or any combination of some or all of these.

2. Description of Related Art

[0002] In today's world where a lot of interactions between different parties like people and computer systems are fact of life, one of the main concerns is how to identity each party. To be certain that they are who they are a common practice is to require one of the parties that acting in the client capacity to identify itself via sign in (authentication) process by providing its user id and associated password.

[0003] It is well known that a client determines a meaningful password, in the form of, for example, the name of their dog, the birth date of their child or an election year of the favorite candidate. This type of password is easily compromised with investigation. Conversely, a computer can randomly associate a password for a client, but this type of password is meaningless to the client and as such difficult to memorize.

Consequently, the former method, which is simple, is insecure and the latter method, which is more secure, is difficult to use and often leads to a client writing their password next to their computer, thereby making the system insecure.

[0004] The problem with current sign in (authentication) and what makes hacking very possible is that credentials are static in nature (user id and password are set once and used many) and when supplied are transmitted between the client and authenticator. These make them vulnerable for interception for further malicious use.

[0004] To make it less vulnerable, the password that is part of transmission needs to be dynamic and of different value every time so even if intercepted will be of no use in the future. Currently there are available options for the dynamic password which are achieved by utilizing Secure ID token that changes every so often. This token is generated by either a physical device or software installed on a physical device like mobile phone or a computing device.

[0005] Therefore there is a need of a method and system for generating a common dynamic password independently by both server and client. Further, the generated password validates the client to operate through the server. Furthermore, the generated password depends upon the instructions applied on static value, base value, variable value or any combination of some or all of these.

SUMMARY OF THE INVENTION

[0006] In accordance with the teachings of the present invention, a method and system for independent generation of dynamic password by a client and a server for subsequent verification of the generated password is provided.

[0007] An objective of the present invention is to provide a method and a system for generation of dynamic password by applying instructions on static value, variable value, base value or any combination of some or all of these. Further, the generated password is verified by the random password for authentication of the client.

[0008] Another objective of the present invention is to provide a method and a system for creating a base value in the form of matrix, text, numeric or other values or any combination of some or all of these for generating the random password.

[0009] Another objective of the present invention is to provide a method and a system for providing an option of re-entering the password when the verification attempts failed as the generated password is different from the random password.

[0010] Another objective of the present invention is to provide a method and a system for providing disabling the registration of User ID on entering of wrong password for a predetermined times.

BRIEF DESCRIPTION OF DRAWINGS

[0011] FIG. I is a flow diagram of a method of generation of dynamic password by a client and a server for subsequent verification of the generated password by either the server or the client, in accordance with a preferred embodiment of the present invention; and [0012] Fig. 2 is a block diagram for indicating an example of generating a dynamic password; and [0013] Fig. 3 is an exemplary embodiment of determining random password through a matrix.

DETAILED DESCRIPTION OF DRAWINGS

[0014] While this technology is illustrated and described in a preferred embodiment, a system and method for generating an optimized set of meeting assignments for meeting participants may be described in many different configurations, forms and various methods, without deviating from the scope of present invention. There is depicted in the drawings, and will herein be described in detail, as a preferred embodiment of the invention, with the understanding that the present disclosure is to be considered as an exemplification of the principles of the invention and the associated functional specifications for its construction and is not intended to limit the invention to the embodiment illustrated. Those skilled in the art will envision many other possible variations within the scope of the technology described herein.

[0015] FIG. 1 is a flow diagram of a method 100 of generation of dynamic password by a client and a server for subsequent verification of the generated password by either the server or the client, in accordance with a preferred embodiment of the present invention.

[0016] In a preferred embodiment, the method 100 initiates with a step 102 for registering a user ID for identification of the client and associating client's related information. The user ID is registered by the client on the server and is further stored in the data storage. Examples of user ID includes but not limited to numeric value, alphabets, characters and alphanumeric value etc. In order to prepare for the subsequent verifications processes, the client has to register with the server and creates the user ID which is submitted to the server with request to register the client.

The server than responds with a facility screen where client may enter detailed information required to register the user ID. The server then provides a screen for the client to provide detailed information regarding the requirements on generation of dynamic password.

[0017] The step 102 is followed by a step 104 for providing one or more static values and options to generate one or more variable values for the registered user ID.

In a preferred embodiment of the present invention, the client enters one or more static values and options to generate one or more variable values to the server.

[0018] The step 104 is then followed by a step 106 is providing options to generate instructions for the registered user ID. Examples of instructions include but not limited to mathematical operators, logical operations, locating operations, selection operations, mixing values operations, or any mixture of some or all of these operations.

The client enters one or more options to generate instructions for the server.

[0019] The step 106 is followed by a step 108 for providing options to apply instructions for the registered user ID. Examples of instructions include but not limited to mathematical operations logical operations, locating operations, selection operations, mixing values operations, or any mixture of some or all of these operations.

[0020] The step 108 is followed by a step 110 for storing the information in the data storage upon validation by the server. Examples of data storage includes but not limited to databases and files located on any devices virtual or physical. The step 110 completes the registration process of the client. Further, the following steps explain about the initiation of authentication process till the completion of verification process of client by the server.

[0021] The step 110 is followed by a step 112 for deriving a base value by the server. In a preferred embodiment, the base value depends upon the information provided by the client in the step 102, the step 104, the step 106 and the step 108. In a preferred embodiment, the client enters one or more options to generate one or more base values to the server. Examples of base value include but not limited to numeric value(s), alphabets, characters, alphanumeric value, images, text, colors and/or matrix containing some or all of them. In another preferred embodiment, the server would randomly pick or generate values for the base value.

[0022] Examples of one or more static values, the variable values and the base value include but not limited to numeric values, alphabets, characters and alphanumeric value, date, century, year, month, week, season of the year, day of the year, month or week, rainbow (it has certain numbers of colors and each colors has a code in various systems), time from common sources or timestamp from server's or client's system, age, anniversary of an event, measurements of distance, time, currency, weight, capacity, area, numbers or words or letters in a sentence or number of letters in a word or a captcha value.

[0022] The step 112 is then followed by a step 114 for applying instructions on the static value, the variable value and the base value to generate the password. In a preferred embodiment of the present invention, with reference to the step 106 and step 108; wherein the client provides option for generating and applying instructions. Thus, the server applies instructions on the static value, the variable value and the base value.

[0022] The step 114 is then followed by a step 116 for providing the generated password in the server and by the client. In the step 116, the generated password is submitted into the server by the client for the verification and authentication process [0023] The step 116 is then followed by a step 118 for generating a random password by the server. The random password generated by the server should be identical to the generated password provided to the server by the client.

[0024] The step 118 is followed by a step 120 for verifying the generated password with the random password generated by the client. The verification process is processed by the server. On successful verification of the generated password with the random password by the server, the client is authenticated by the server.

[0025] In another embodiment of the present invention, if the client is not verified (as from step 120) due to wrong password provided by the client, then a step 122 provides an option of re-entering the password when the generated password is different from the random password. In another preferred embodiment of the invention, every time a facility to re-enter the password is given to the client, a new version of base value would be presented by the server.

[0026] In another embodiment of the present invention, as per step 124, the registration of user ID is disabled upon entering of a wrong password for a predetermined times. For example if a client provides a wrong password for consecutively more than three or five times then the user ID is disabled. Thus, the client will have to use other means to contact the service provided and undergo the provider's applicable procedures to enable the registration in order to operate the server.

[0027] To summarize, the step 102 to the step 110 falls under Registration of a client onto the server and the step 112 to the step 124 falls under Sign In and Authentication of the user onto the server.

[0028] However it is to be noted the step 102 for registration is a preferred embodiment and the novelty of the system is independent of the registration process of a client. Those who skilled in the art would appreciate that the method 100 may be performed without step 102 i.e. registration of the client, without deviating from the scope of the present invention.

[0029] Fig. 2 is a block diagram 200 for indicating an example of generating a dynamic password. As shown, the static value is 4951, the first variable value is 5 (Friday -5th day of the week), the second value is 3 (Date of Joining, May 3, 2013) as provided by the client. Further, the base value is a matrix. The matrix is explained in detailed in conjunction with Fig. 3 of the present invention.

[0030] The next step is to apply instructions on the static values and variable values by the server. In an exemplary embodiment as shown in the block diagram 200, the instructions are as follows: 1st digit of the Static Value 1st Variable Value 2nd digit of the Static Value 3rd digit of the Static Value 4th digit of the Static Value 2nd Variable Value Thus, the value generated after applying instructions is 459513.

[0031] As per set instructions/options the letters from the Matrix are located by using each number in the constructed value for both coordinates (horizontal and vertical). So:

1st letter coordinate 4x4: H 2nd letter coordinate 5x5: O 3rd letter coordinate 9x9: G' 4th letter coordinate 5x5: 0' 5th letter coordinate lxi: Y' 6th letter coordinate 3x3: 5' The generated password: HOGOYS The generated password matches with the random password and thus the client is authenticated.

[0032] Fig. 3 is an exemplary embodiment of deriving generated password through a matrix 300. In exemplary embodiment, the matrix would have mixture of various values and coordinates for the client to locate those values. Examples of values include numbers, letters or symbols etc. The values are generated by the server. Each value in the matrix replicates random multiple places to prevent guessing which exact coordinate were used by the client to select value that was used by the client that is used to construct password. This is done in event if someone monitors the process of generated password by the client or intercepts the transmissions of the facility with matrix, instructions and password. Every time the server generates a matrix from randomly chosen values for having variations of coordinates associated with matrix. All this would allow unpredictability of which matrix would be presented to the client for generating password process and therefore impossible to reverse engineer by malicious party.

[0033] Furthermore, in another preferred embodiment the system for independently generating a dynamic password by a client and a server for subsequent verification of the generated password by either the server or the client may also be used. The system includes a data storage accessible to the server and a processor connected to the server and the data storage. The processor is configured to process the steps of method 100 (with reference to Fig. 1). Examples of data storage includes but not limited to memory card, read-only memory (ROM), flash memory, dynamic random access memory (DRAM) (such as synchronous DRAM (SDRAM) or Rambus DRAM (RDRAM), static random access memory (SRAM) etc or on any other devices virtual or physical.

[0034] Examples of processor includes but not limited to one or more special-purpose processing devices such as an application specific integrated circuit (ASIC), a field programmable gate array (FPGA), a digital signal processor (DSP), network processor, virtual processor etc. The processor represents one or more general-purpose processing devices such as a microprocessor, central processing unit, or the like.

[0035] Hereinafter, three examples are presented for explaining the embodiments of the present invention in further details.

[0036] Example 1

[0037] The static value is 4951, the first variable value is 5 (Friday -5tb day of the week), the second value is 3 (Date of Joining, May 3,2013) and the base value is a matrix (as shown in Fig. 3).

[0038] The instruction for deriving the password is first the static value and then variable value for vertical coordinates and for horizontal coordinates first variable and then static values. Thus putting the values in the base value i.e. matrix (as shown in Fig. 3). Hence, one axis would be 495153 and on another axis would be 534951. So:

1st letter coordinate 4x5: S 2nd letter coordinate 9x3: Y' 3rd letter coordinate 5x4: J' 4th letter coordinate 1x9: J' 5th letter coordinate 5x5: 0' 6th letter coordinate 3x1: 0' The generated password: SYJJOO Thus, if the generated password is same as the random password, then the client is authenticated.

[0039] Example 2

[0040] The static value is 4951, the first variable value is 5 (Friday -5tb day of the week), the second value is 3 (Date of Joining, May 3, 2013) and the base value is a phrase or text.

[0041] In example 2, the phrase or text is "In today's world where a lot of interactions between different parties like people and computer systems are fact of life, one of the main concerns is how to identify each party." [0042] The first instruction for deriving the password is as follows: 1. 1st digit of the Static value -4 2. 1st Variable value-S 3. 2nd digit of the Static value -9 4. 3rd digit of the Static value-S 5. 4th digit of the Static value -1 6. 2nd Variable value -3 [0043] The second instruction for deriving the password is to locate letters in the base value and the letters would start with the word number indicated by 2'' variable (in this case, number 3), hence: world where a lot of interactions...' Hence the password would be as follows: 4-I, 5-d, 9-r, 5-d, 1-w, 3-r, thus the password is ldrdwr'.

Thus, if the generated password is same as the random password, then the client is authenticated.

[0044] Example 3

The static value is 4951, the first variable value is 5 (Friday -5th day of the week), the second value is 3 (Date of Joining, May 3, 2013) and the base value is a series of a number. For example 3, the base value is 258649.

First set of instructions remain the same as in Example 2 and thus the derived value is 459513.

[0045] Second set of instructions are as follows: * Each digit of the constructed value should be applied arithmetically separately to the digit in the corresponding position in Base Value * For each digit pair o If Base Value digit is even number, use arithmetical operation add and If Base Value digit is odd number, use arithmetical operation subtract to determine intermediate result 1.

o If the value of the single arithmetic operation in intermediate result I is even number then subtract 1 and If the result of the single arithmetic operation in intermediate result 1 is odd number then add 2 o In the event the resulted number is negative, disregard the negative sign * For the Password use only the last digit of each resulted number [0046] Following table describes the value derived from the second set of instructions.

BaseValue 2 5 8 6 4 9 Utilized Value 4 5 9 5 1 3 Intermediate result 1 6 0 17 11 5 6 Intermediate result 2 5 -9 19 13 7 5 Generated Password 5 9 9 3 7 5 [0047] Here as per the second set of instructions, if base value is an even number, then utilized value is added to the base value and if base value is an odd number, then utilized value is subtracted to the base value and thus the intermediate result 1' to 6, 0, 17, 11, 5 and 6. Further, as per second instructions, if the single arithmetic operation is even number then subtract 1 and if the single arithmetic operation is odd number then add 2, thus the intermediate result 2' is 5, -9, 19, 13, 7 and 5. Further, disregarding the negative sign, therefore the generated password is 599375.

Thus, if the generated password is same as the random password, then the client is authenticated.

[0048] However, it will be readily apparent to those with ordinary skill in the art that the password may be generated with various other values of static value, variable value and base value as well as different sets of instructions, without deviating from the scope of the present invention.

[0049] The present invention offers various advantages. The present invention allows utilization of very simple key value which is easily remembered and actually can be the same across various server environments without jeopardizing security. Further, the system allows independent dynamic password generation by client in the same manner as by the server without any tie to any physical devices, only server side is tied to devices. Furthermore, the generated password is always of different values and the invention allows it to be observed and transmitted freely and openly without jeopardizing security as it will be of no use for any subsequent submissions.

[0050] The foregoing discussion discloses and describes merely exemplary embodiments of the present invention. One skilled in the art will readily recognize from such discussion and from the accompanying drawings that various changes, modifications and variations can be made therein without departing from the spirit and scope of the invention.

GB201302805A 2013-02-18 2013-02-18 A method and system for generation of dynamic password Withdrawn GB2510895A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
GB201302805A GB2510895A (en) 2013-02-18 2013-02-18 A method and system for generation of dynamic password

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
GB201302805A GB2510895A (en) 2013-02-18 2013-02-18 A method and system for generation of dynamic password

Publications (2)

Publication Number Publication Date
GB201302805D0 GB201302805D0 (en) 2013-04-03
GB2510895A true GB2510895A (en) 2014-08-20

Family

ID=48048551

Family Applications (1)

Application Number Title Priority Date Filing Date
GB201302805A Withdrawn GB2510895A (en) 2013-02-18 2013-02-18 A method and system for generation of dynamic password

Country Status (1)

Country Link
GB (1) GB2510895A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2015154625A1 (en) * 2014-09-05 2015-10-15 中兴通讯股份有限公司 Timing event processing method, storage method, execution method and corresponding device

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2009001020A1 (en) * 2007-06-26 2008-12-31 G3-Vision Limited Authentication system and method
WO2012046304A1 (en) * 2010-10-05 2012-04-12 株式会社シー・エス・イー Two- factor user authentication system, and method therefor
US20120137352A1 (en) * 2010-11-30 2012-05-31 Platez Pty Ltd. Method and system for abstracted and randomized one-time use passwords for transactional authentication

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2009001020A1 (en) * 2007-06-26 2008-12-31 G3-Vision Limited Authentication system and method
WO2012046304A1 (en) * 2010-10-05 2012-04-12 株式会社シー・エス・イー Two- factor user authentication system, and method therefor
EP2626807A1 (en) * 2010-10-05 2013-08-14 CSE Co., Ltd. Two- factor user authentication system, and method therefor
US20120137352A1 (en) * 2010-11-30 2012-05-31 Platez Pty Ltd. Method and system for abstracted and randomized one-time use passwords for transactional authentication
WO2013061171A1 (en) * 2010-11-30 2013-05-02 Platez Pty Ltd. Abstracted and randomized one-time passwords for transactional authentication

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2015154625A1 (en) * 2014-09-05 2015-10-15 中兴通讯股份有限公司 Timing event processing method, storage method, execution method and corresponding device

Also Published As

Publication number Publication date
GB201302805D0 (en) 2013-04-03

Similar Documents

Publication Publication Date Title
Odelu et al. A secure biometrics-based multi-server authentication protocol using smart cards
Shi et al. Implicit authentication through learning user behavior
EP2965253B1 (en) Security challenge assisted password proxy
US9281945B2 (en) Offline methods for authentication in a client/server authentication system
US8826406B2 (en) Password security input system using shift value of password key and password security input method thereof
JP2006508471A (en) Identification and authentication system and method
US20170093920A1 (en) User authentication
CN103548031A (en) Pictures gesture certification
EP2873192A1 (en) Methods and systems for using derived credentials to authenticate a device across multiple platforms
EP2626807A1 (en) Two- factor user authentication system, and method therefor
US20160180072A1 (en) System and methods for authentication using multiple devices
JP2008090547A (en) User authentication method, user side authentication device, and program
JP2008538146A (en) Architecture for privacy protection of biometric templates
ES2326175T3 (en) Procedure and electronic voting system in high security network.
EP2626806A1 (en) Offline two- factor user authentication system, method thereforthereof, and program thereforthereof
US8813219B2 (en) Method for producing dynamic data structures for authentication and/or password identification
Khan et al. An authentication scheme for secure access to healthcare services
US20120254935A1 (en) Authentication collaboration system and authentication collaboration method
Kim et al. Cryptanalysis and improvement of a biometrics-based multi-server authentication with key agreement scheme
US20150067786A1 (en) Visual image authentication and transaction authorization using non-determinism
US9152779B2 (en) Protecting codes, keys and user credentials with identity and patterns
EP3320667A1 (en) Method for mapping at least two authentication devices to a user account using an authentication server
Wu et al. A novel and provably secure authentication and key agreement scheme with user anonymity for global mobility networks
US8655027B1 (en) Method of image-based user authentication
US20150312242A1 (en) User authentication method, system for implementing the same, and information communication terminal used in the same

Legal Events

Date Code Title Description
WAP Application withdrawn, taken to be withdrawn or refused ** after publication under section 16(1)