JP2002523941A - Improvements in and related to data communication - Google Patents

Abstract

(57) Summary The present invention provides a method for strengthening a password, comprising the steps of entering a user password and irreversibly encrypting the user password. The preferred embodiment of the present invention enhances passwords so that they can be handled more securely.

Description

DETAILED DESCRIPTION OF THE INVENTION

The present invention relates to a data communication device and a data communication method, a program for executing the method, and a medium therefor.

BACKGROUND OF THE INVENTION The Internet, local area networks, wide area networks,
And with the development of computer networks, including intranets, additional programs have been devised for computer security. In particular, the potential for unauthorized remote access to a computer (sometimes called "hacking") is increasing.

[0003] Hackers seeking unauthorized access have developed various forms of software to assist in these attacks, including software that makes numerous attempts to break through and gain access to password control systems. Generally, such software tries various combinations of possible passwords until the correct password is found. This can be either a "dictionary" attack limited to known words, or a "brute force" attack trying any combination. Thus, in particular, many systems require a minimum length of passwords, but since these passwords must be remembered by the user, only certain minimum lengths are practical. Thus, the length of many passwords is concentrated in the range of 4-8 characters, and such passwords are often used in common language to make them easier to remember.
This makes software-assisted attacks in the system a real threat to password-protected functions or data.

[0004] It is an object of a preferred embodiment of the present invention to avoid or overcome at least one of the disadvantages described herein or encountered in the prior art.

SUMMARY OF THE INVENTION In a first aspect of the present invention, a method for enhancing a password comprises the steps of entering a user password and irreversibly encrypting the user password.

[0006] Preferred embodiments of the present invention allow for more secure handling of passwords due to password strengthening. Preferably, the encryption comprises a hashing operation. Preferably, the method comprises irreversibly encrypted user password (HAS
And H) encrypting H) with an additional step of using the encrypted first storage key (NEPKEY). Preferably, the first storage key is encrypted by a public key encryption algorithm.

[0007] Preferably, the method comprises the additional step of decrypting the encrypted second storage key (UPEK) using the decrypted first storage key (NEPKEY). Preferably, the second storage key is encrypted by a reversible algorithm.

[0008] Preferably, the result of the irreversibly encrypted user password (HUSH)
Are encrypted using the second storage key (UPEK) as the encryption key. In a second aspect according to the present invention, a data access method comprises the steps of generating an enhanced password according to the first aspect of the invention, comparing the enhanced password with a password associated with the data, and enhancing the data. And permitting access to data only when the password and the data password match.

[0009] The data to be accessed can be any type of data, including files, applications, data records, and the like. In a third aspect according to the present invention, there is provided a computer program for performing a method according to the second aspect of the present invention.

In a fourth aspect according to the present invention, a medium comprises a program according to the third aspect of the present invention. In a fifth aspect according to the present invention, a data communication system comprises an input device for generating a plurality of input signals available from a set of input signals, receiving the input signals, and a plurality of signals from the set of input signals. A character generator configured to generate an output signal. In the character generator, the output signal is different from the signal input to the character generator.

[0011] Preferably, the output signal is a signal having a different length from the signal input to the character generator. More preferably, the output signal is longer than the signal input to the character generator.

Preferably, the system further comprises means for comparing the output signal with the stored password. More preferably, the comparing means further comprises means for outputting a signal when the output signal matches the stored password.

[0013] Preferably, the input device includes a keyboard. Preferably, the set of available input signals comprises all or part of the keyboard character set. Preferably, the system comprises a first input and a second input, wherein the character generator receives a signal from the first input and does not receive a signal from the second input.

Preferably, the first input unit is a local input device such as a keyboard or a microphone, and the second input unit is a remote operation-based input device generally providing a signal via a modem connection.

[0015] Preferably, the input signal consists of or corresponds to one of the set of input signals. Preferably, the set of input signals consists of alphanumeric characters. In a sixth aspect according to the present invention, a digital computer comprises a data communication system according to the fifth aspect of the present invention.

In a seventh aspect according to the present invention, a data communication method comprises receiving an input signal available from a set of input signals, and outputting an output signal comprising a plurality of signals from the set of available input signals. And generating. In the data communication method, the output signal is different from the input signal.

Preferably, the method further comprises repeating the operation for a plurality of input signals. Preferably, the lengths of the output signals are individually different. Preferably, the method according to the eighth aspect of the invention is modified according to the sixth aspect of the invention.

DESCRIPTION OF THE PREFERRED EMBODIMENTS Referring to FIG. 1, an electronic digital computer 2, typically a personal computer (“PC”), includes a keyboard 4 connected to a processor 8 via data lines 6. It is shown to comprise. Those skilled in the art will recognize that there are various elements between the keyboard and the processor.

The CGD 10 is located on the data line 6 between the keyboard 4 and the processor 8. In the present application, a character generator d is used.
device) is indicated by the initial letter “CGD”.

Also shown are other input ports 12, 14, which may be from a modem, for example. The CGD 10 changes the output of the key operation from the keyboard 4 so as to be controllable until the normal keyboard output operation is performed after the password is verified, and generates an additional output for verifying the password. It is configured as follows.

The operation of the device will be described in more detail with reference to FIG. When the application runs, a password is required to be entered and the number of characters in the enhanced password is set. Input is CTRL and <SHIFT
These non-character codes are not used in the user password because they are "filtered" to recognize non-character codes>.

Referring to FIG. 2, an overview of the keyboard 4, CGD 10, and PC hard drive 16 is shown. The user password (PW) is input from the keyboard 4. For the sake of explanation, it is assumed that the input user password is “BOB”. The user increases the length of the character string of the password, and thus strengthens it, for example, to 10 characters. By pressing the <Execute> key (or, in the case of a Windows (registered trademark) application, usually clicking an “OK” button), the user password “BOB” is increased and thus strengthened.

The CGD 10 has a common key called NEPKEY. The CGD 10 encrypts the NEPKEY using a private public key encryption algorithm that has its own unique public key (public key varies between character generators). The result is called Spk and is stored on the PC hard drive. Therefore, the NEPKEY itself is not disclosed outside the CGD10.

The CGD 10 generates a user password enhanced encryption key called UPEK in a function called “GUPEK”. UPEK is generated as a random number in CGD10. However, UPEK need not be a random number,
The main requirement of UPEK is that it is not exposed outside of CGD10. Each CGD1
0 has the same NEPKEY (or a separate set of NEPKEYs may be used), but has no unique UPEK (or set of UPEKs).

GUPEK passes the new UPEK, how many new UPEKs are in the set, and the Spk (NEPKEY) to be used to encrypt the location of the temporary resident program that can generate the UPEK. It is. After that, GUPEK is CG
Pass the encrypted NEPKEY to D10 (ie, T _NEPKEY (UPEK), where T is a symmetric encryption algorithm). When each new UPEK is generated according to the number to be generated, the CGD 10 will NEPKEY (ie, T _NEPKEY (UP
EK)) to encrypt UPEK. When the encryption is completed, the temporary resident program is unloaded from the CGD 10. The CGD 10 then places the encrypted UPEKs in a set, as shown in FIG.
Along with the header 102 indicating whether or not it includes 104a and 104b, it is added to one block of data. The NEPKEY encrypted UPEK is stored on the hard drive. Therefore, UPEK is not disclosed outside CGD10. Spk (NE
PKEY) and T _NEPKEY are generated in the setup phase. CGD
There may be several UPEKs in 10.

In step 100, the input user password is hashed to produce a predictable length, in this case, 16 bytes of output. The hash processing is performed
Primarily to generate irreversible results.

In step 106 of the strong password generation method, the encrypted NEPKEY
Is read from the PC hard drive 16, decrypted by the CGD 10, and NE
Generate PKEY. In the next step 108, the NEPKEY encrypted UPEK is read, and the CGD10 is decrypted using the NEPKEY decrypted in step 106.
To generate UPEK.

The UPEK is encrypted by the hash output from step 100 and the output of the enhanced password, which is the output having the desired number of characters. This enhanced password
It is usually stored in the application or document header.

When access to an application or a document is requested, a password strengthening application is activated and a password is strengthened as described above by inputting a user password, and the result is stored in the application or the document. Compared to password. This comparison is performed by the application itself, not by the CGD 10 that generates the enhanced password. As another example, if the CGD 10 is loaded with the appropriate software, the CGD 1
Zero may be used for password verification.

The CGD 10 is configured to accept only one user password per second. In password strengthening, the interval between acceptable inputs can be changed to provide additional security.

[0031] Preferably, the new NEPKEY may be input at a desired time from a secure source so that the NEPKEY is not intercepted. The output length of the hash processing can be changed by the constituent device. Usually, the output length is 64 to 128 bytes.

This system has several advantages, described below. i) Since the user password is not stored on the PC, it cannot be read by a hacker. ii) The relationship between keyboard input and character generator output (ie, enhanced password) is not practically reversible. iii) By only allowing a single password to be entered at time intervals such as every second, the system substantially avoids brute force attacks on the password. For a brute force attack to be successful, a vast number of combinations must be tried. If one entry is made every second, the time required for a dictionary or brute force attack is impractical. For example, in a six character password, each character is selected from 72 possible character sets, and the password has 139, 314, 069, 504 possible combinations. With 1 million inputs per second, these combinations take nearly 38 hours to try with force. If the input is limited to once per second, a brute force attack would take 4,417 years. iv) Since NEPKEY is shared, hot seating (i.e., one user using multiple machines) is accommodated, even if each machine's CGD 10 has a different public key. . The UPEK associated with a particular user is keyed using NEPKEY, ie, T _NEPKEY (UPEK)
, It can be safely transmitted between machines. NEPKE
It is noted that neither Y nor UPEK is seen or censored outside of secure CGD 10 in ordinary (ie, unencrypted) characters.

If desired, the new NEPKEY may use the security protocol to CG
It can be downloaded into D10. With reference to FIG. 4, a further embodiment of the present invention will be described. From mode 200 in which the PC is operating normally, access to either the function or data is requested, and the PC verifies step 202 to determine whether the function or data (ie, file) is password protected. I do. If not protected by a password, access is permitted and normal operation resumes according to the "NO" branch. If the function or data is protected by a password, "YES
, The appropriate password is requested in step 204 and step 206
, The character generator is configured to output additional characters according to a predetermined scheme.

Thereafter, as each keystroke of the password is entered at step 208, a signal is received by device 10, and at step 210, a corresponding long output is generated. Therefore, as an example, when the key operation “F” is input, the device operates “P7TTWR”.
0 "may be output. The actual output is of no consequence, as long as the predetermined relationship between the input keys and the output sequence from the device 10 is followed.

Next, the system determines at step 212 whether the password entry has been completed. This is done by detecting the input of the <Execute> key, the length of the input, or other characteristics. If the input has not been completed, the system requests further keying of the input. If the input has been completed, the input password is compared to the password in memory at step 214, according to the "YES" branch.
If the password is correct, according to the "YES" branch, the character generator is configured to pass the input normally in step 216, and access to the function or data is permitted and normal operation resumes. If the password is incorrect, access is denied at step 218 according to the "NO" branch.

Instead of denying access at the first incorrect password entry, several attempts may be allowed, but usually not an unlimited number. In addition to denying access due to improper password entry, an additional alert function may be activated.

Also, a unique password can be entered using the method and apparatus. There is no need for the user to know or be involved with the long version of the password.

Thus, using the present invention, a user can enter a relatively short password, eg, “FRE”
D "can be stored, but the processor can require verification of a very long password, which is not necessarily required to include the original password element. As an example, the key operation of the keyboard “FRED” in the password requesting step is P7aTWROX3NR? B2aR88CISCcAB may be generated.

Therefore, a key operation of inputting a four-character password generates a long 26-character password for verification. Remote access requires the entry of a full (long) password required by the processor, since the device and system are configured such that remote access to PC 2 does not go through device 10. Therefore, protection against hacking from the outside is improved.

The present invention may be embodied in hardware and / or software.
Typically, in a hardware embodiment, the device is located in a keyboard.

Although the word “password” is used here, it may be any signal or combination of signals, and need not be a “word”. Although this embodiment is described for use in a PC, it will be appreciated that the invention can be implemented on other platforms, devices, or equipment at the same time.

In connection with the present application, it draws the reader's attention to all papers and documents filed at the same time as, or prior to, the present application and published together with the present application. It is here incorporated.

All of the features disclosed in this application (including the claims, the abstract and the drawings) and / or all steps of any similarly disclosed method or process are characterized by these features and / or Except for combinations in which at least one of the steps is incompatible with each other, it is possible to combine them as arbitrary combinations.

Each feature disclosed in this application (including the claims, the abstract and the drawings) is, unless otherwise indicated, replaced by another feature serving the same, equivalent, or similar purpose. Is possible. That is, unless otherwise noted, each feature disclosed is one example only of a series of equivalent or similar general features.

The invention is not limited to the details of the embodiments described above. The present invention
Of the features disclosed in this application (including the claims, the abstract and the drawings), any novel feature or combination of novel features, or the like, of all disclosed methods or process steps The present invention covers any new one or any new combination.

[Brief description of the drawings]

FIG. 1 is a schematic functional diagram showing an embodiment of the present invention.

FIG. 2 is a functional flowchart showing an operation in a preferred embodiment of the present invention.

FIG. 3 illustrates how data is stored in accordance with an embodiment of the present invention described with respect to FIG.

FIG. 4 is a functional flowchart showing the operation of a character generator according to another embodiment of the present invention.

──────────────────────────────────────────────────続 き Continuation of front page (81) Designated country EP (AT, BE, CH, CY, DE, DK, ES, FI, FR, GB, GR, IE, IT, LU, MC, NL, PT, SE ), OA (BF, BJ, CF, CG, CI, CM, GA, GN, GW, ML, MR, NE, SN, TD, TG), AP (GH, GM, KE, LS, MW, SD, SL, SZ, UG, ZW), EA (AM, AZ, BY, KG, KZ, MD, RU, TJ, TM), AE, AL, AM, AT, AU, AZ, BA, BB, BG, BR , BY, CA, CH, CN, CR, CU, CZ, DE, DK, DM, EE, ES, FI, GB, GD, GE, GH, GM, HR, HU, ID, IL , IN, IS, JP, KE, KG, KP, KR, KZ, LC, LK, LR, LS, LT, LU, LV, MD, MG, MK, MN, MW, MX, NO, NZ, PL, PT, RO, RU, SD, SE, SG, SI, SK, SL, TJ, TM, TR, TT, UA, UG, US, UZ, VN, YU, ZA, ZW

Claims (25)

[Claims] 1. A method for strengthening a password, comprising: entering a user password; and irreversibly encrypting the user password. 2. The method according to claim 1, wherein the encryption comprises a hashing operation. 3. The method as claimed in claim 1, wherein the method comprises the steps of:
The method according to claim 1 or 2, comprising the additional step of using the encrypted first storage key (NEPKEY) to encrypt the HASH). 4. The method of claim 3, wherein the first stored key is encrypted with a public key encryption algorithm. 5. The method according to claim 3, wherein the method comprises the additional step of decrypting the encrypted second storage key (UPEK) using the decrypted first storage key (NEPKEY). The described method. 6. The method according to claim 5, wherein the second storage key is encrypted by a reversible algorithm.
The method described in. 7. The result of the irreversibly encrypted user password (HUS
Method according to claim 5 or 6, wherein H) is encrypted using the second storage key (UPEK) as an encryption key. 8. A method for generating an enhanced password according to the method of claim 1, comparing the enhanced password with a password associated with the data, and an enhanced password. Permitting access to data only when the data password matches the data password. 9. A computer program for performing the method according to claim 8. 10. A medium comprising the program according to claim 9. 11. An input device for generating a plurality of input signals available from a set of input signals, and configured to receive the input signals and generate an output signal comprising a plurality of signals from the set of input signals. A character generator wherein the output signal is different from the signal input to the character generator. 12. The data communication system according to claim 11, wherein the output signal is a signal having a different length from a signal input to the character generator. 13. The data communication system according to claim 12, wherein the output signal is longer than a signal input to the character generator. 14. The data communication system according to claim 11, wherein said system further comprises means for comparing an output signal with a stored password. 15. The data communication system according to claim 14, wherein the comparing means further comprises means for outputting a signal when the output signal matches the stored password. 16. The data communication system according to claim 11, wherein the input device includes a keyboard. 17. The data communication system according to claim 16, wherein the set of available input signals comprises all or part of a keyboard character set. 18. The system according to claim 11, wherein the system comprises a first input and a second input, wherein the character generator receives a signal from the first input and does not receive a signal from the second input. 18. The data communication system according to any one of claims 17 to 17. 19. The first input unit is a local input device such as a keyboard or a microphone, and the second input unit is a remote-controlled input device generally providing a signal via a modem connection. 19. The data communication system according to 18. 20. The data communication system according to claim 19, wherein the input signal comprises or corresponds to one of a set of input signals. 21. The data communication system according to claim 20, wherein the set of input signals comprises alphanumeric characters. 22. A digital computer comprising the data communication system according to claim 11. 23. A method comprising: receiving an input signal available from a set of input signals; and generating an output signal comprising a plurality of signals from the set of available input signals, wherein the output signal is an input signal. Data communication method different from signal. 24. The method of claim 23, wherein the method further comprises repeating the operation for a plurality of input signals. 25. The method according to claim 23, wherein the lengths of the output signals are individually different.