JP2007521525A - System for authenticating and authorizing a party in a secure communication network - Google Patents

Abstract

A system and device for authenticating and authorizing a party of a secure communication network located at a plurality of remote sites, each remote site received from a second site and blinded using values associated with the remote site A code for determining the first authentication value, a code for encrypting and transmitting the determined value, a code for decrypting the second authentication value, and the unblinded first authentication value are the second A device is provided that is operable to execute code that activates the sending site if equal to the authentication value. In addition, the sending site may generate and transmit a first authentication value that is blinded by a value associated with the remote site, a code that decrypts the value, and an authentication value that is equal to the received and decrypted value. And a device operable to execute code for enabling the remote site.

Description

  The present application relates to the field of secure networks, and more particularly to an apparatus for authenticating and authorizing a party in a secure network configuration.

  Since the advent of public networks such as the Internet, the operating style of many businesses has changed significantly. Manufacturers and retailers use interactive dialog pages to allow consumers to purchase products directly using traditional credit cards. In this case, protection of credit card information is important to prevent theft and fraud of credit card information. Conventionally, credit card information is transmitted via a secure socket layer (SSL) that encrypts information using well-known encryption algorithms such as RSA and digital authentication. As will be appreciated by those skilled in the art, RSA is an encryption algorithm developed by Rivest, Shamir and Adelman that generates public and private keys based on large prime calculations. In operation, each party generates a pair of public / private keys and the public key is made available to all other parties. This allows the first party to encrypt the information item using another party's public key, and the other party to decrypt the information item using the corresponding private key. . Similarly, a party can digitally sign a document by encrypting an information item with its private key, while another party can only have access to the corresponding public key, The encrypted information can be decrypted. In this way, public / private encryption algorithms can be used to securely transmit information items over the network while ensuring to a certain level that the party is permitted to send and receive information items.

  Video conferencing is one example where secure communication between parties is particularly important. In this case, each party can sign on to the video conference using the given public key or their private key. Thus, each party can participate in the conference, so that the conference can proceed. However, encryption code may be compromised, cracked or hacked, network party authentication may be suspicious, and information sent over that network must receive that information There is a possibility that a party that is not allowed to use will be available. The disclosure of this information can also cause significant social and / or economic losses.

  Therefore, there is a need for systems and devices that ensure party authentication and that authorize authorized parties to enter a secure network.

  A system and device for authenticating and authorizing a party of a secure communication network located at a plurality of remote sites, each remote site received from a second site and blinded using values associated with the remote site A code for determining the first authentication value, a code for encrypting and transmitting the determined value, a code for decrypting the second authentication value, and the unblinded first authentication value are the second A device is provided that is operable to execute code that activates the sending site if equal to the authentication value. In addition, the sending site may generate and transmit a first authentication value that is blinded by a value associated with the remote site, a code that decrypts the value, and an authentication value that is equal to the received and decrypted value. And a device operable to execute code for enabling the remote site.

  It should be understood that the drawings are only for purposes of illustrating the concepts of the invention and are not intended to define the scope of the invention. The embodiments shown in FIGS. 1-7 and described in the accompanying detailed description are to be used as exemplary embodiments and should not be construed as the only way of practicing the present invention. Moreover, although a reference mark may be attached as needed, the same reference number is used as the same element.

  FIG. 1 is a block diagram illustrating a system 100 that requires a secure communication link between multiple available remote sites over a network in accordance with the principles of the present invention. In this figure, server 110 is in communication with remote sites 115, 120, 125, 130 and 135 via network 150. Protocols for performing bi-directional communication over network 150, such as TCP / IP, are well known in the art and need not be discussed in detail herein.

  Server 110 further includes information that uniquely identifies each remote site, such as values, codes, and labels. That is, each remote site is registered with the server 110. For example, the site 115 may be identified, associated or registered using a unique value, code or label, in this case indicated by “identification number 1”. Further, the site 120 can be identified, associated or registered using a value, code or label that is unique to the site 120. In this case, the site 120 is shown as being uniquely identified by the label “identification number 2”. Similarly, the site 135 can be identified, associated or registered using a unique value, code or label indicated by “identification number 5”. Remote sites 125 and 130 are similarly identified.

  In one aspect of the invention, the associated identification value, identification code or identification label can each be an arbitrarily selected value or a combination of alphanumeric characters. In another aspect of the invention, the associated identification value, identification code or identification label may be selected to have a known characteristic, such as a prime number of known digit or magnitude.

  Server 110 may generate and maintain a unique value associated with each remote site and provide this information to the associated remote site. In another aspect, each unique value may be provided to server 110 from a corresponding remote site. In any aspect of the invention, unique remote site code information is maintained only by server 110 and its associated remote site. In addition, the server 110 includes a public / private key encryption algorithm such as RSA. In one aspect, a common server public key can be distributed to each remote site. In another aspect of the invention, server 110 can generate and associate a public / private key for each remote site. In this aspect, the remote site is given a separate server public key. Distribution of these public keys to each remote site can be done periodically, at random times, or when remote sites are registered with the server 110, or when a meeting between sites is scheduled It can also be done dynamically or on demand. The public key (s) are preferably provided when a connection request is received.

  FIG. 2 is a flow diagram illustrating an exemplary process 200 maintained by server 110 for authenticating a secure transaction or secure communication party in accordance with the principles of the present invention. For the sake of simplicity, here, a novel aspect of the present invention will be described by taking the case of a conference inviter and a conference invitee as examples. In this exemplary process 200, the server 110 responds to a request to establish secure communication between an invitee, eg, the remote site 120 of FIG. 1, and an invitee, eg, site 130, block 205. Generate random numbers for each party. At block 210, the generated random numbers are encrypted, warped or blinded using the unique identification values associated with these sites. In the preferred embodiment of the present invention, the generated random numbers are blinded using the following relationship:

ここで、Ｒ＿ｅｘｐ１およびＲ＿ｅｘｐ２は生成された２つの乱数であり、ＩＤａは第１のサイトに関連付けられた一意的な値であり、ＩＤｂは第２のサイトに関連付けられた一意的な値であり、ＸＯＲは従来のブール論理関数である。

Where R_exp1 and R_exp2 are the two generated random numbers, IDa is a unique value associated with the first site, IDb is a unique value associated with the second site, XOR is a conventional Boolean logic function.

  Next, at block 215, the two blinded values are encrypted using a secret key associated with the server 110. That is, the server 110 encrypts or scrambles these blinded values. As those skilled in the art will appreciate, the process of encrypting a value obfuscates the value so that the value is treated as being indistinguishable, obscure, or translated by someone who does not have a corresponding decryption process That is, scramble. At block 220, the blinded and encrypted value is transmitted over the network 150 shown in FIG. At block 225, the server 110 waits for a response from the remote site. If a response is detected, at block 230 the received message is decrypted using server 110's private key.

  At block 235, it is determined whether the received and decrypted value is equal to the random number value transmitted at block 220. If the result is NO, it means that a response from an unauthorized site has been received. In this case, since the remote site cannot be authenticated, the process ends.

  However, if the result is affirmative, only the specified remote site can return the generated and provided random number, i.e. R_exp1 or R_exp2, to confirm the identity of the remote site. That's right. The random number associated with the site is then encrypted using the private key of server 110 at block 240 and transmitted over the network at block 245. At block 250, the server 110 waits for a response to the encrypted and transmitted message.

  When a response is received, at block 260, a list of encryption algorithms available to each party is obtained. At block 265, the server 110 confirms that a secure connection between the parties has been established and an encryption algorithm has been selected. The encryption algorithm is preferably present at each party site. In another aspect, each party may provide a list of available encryption algorithms from which the server 110 may select a corresponding algorithm. In another aspect, the server 110 may provide an appropriate encryption algorithm for each party.

  FIG. 3 is a flow diagram illustrating a process 300 that may be performed at a remote site for authenticating parties and establishing a secure communication link between the parties. In this exemplary process, at block 310, a remote site, such as site 130, receives an initial transmission from server 110. At block 315, the message is decrypted using the public key of server 110. Then, at block 320, the decrypted message is unblinded using a unique identification code associated with each remote site. In the preferred embodiment of the invention shown in equation [1], the information can be deblinded using the following principle.

ここで、ａは生成された乱数を表し、ｂは遠隔サイトの識別値を表す。

Here, a represents a generated random number, and b represents a remote site identification value.

  As will be appreciated by those skilled in the art, the generated random numbers can only be accurately determined by remote sites that know the associated identification value, identification code or identification label.

  Next, at block 325, the deblinded random number is encrypted using the public key of server 110 and transmitted over the network at block 330. At block 335, the remote site waits for a response from the server 110.

  When the response is received, the information is decrypted using the public key of the server 110. At block 345, it is determined whether the decrypted value obtained at block 340 is the same as the deblinded and decrypted value obtained at block 320. If the result is NO, the authentication process has failed and the process is terminated.

  However, if the result is positive, at block 350 a list of encryption algorithms available to the remote site is provided to the server 110 and at block 355 it is verified that the authentication process is complete.

  FIG. 4 is a flow diagram illustrating an exemplary process 400 for authorizing an authenticated party in a secure network configuration. In this illustrated process, at block 410, the server 110 receives a random number generated at each remote site that can be authenticated, ie, can successfully complete the processes shown in FIGS. These random numbers are arbitrarily generated. There is preferably no correlation between the generated random numbers. Although not shown, these random numbers may be received in encrypted or scrambled form using a public key and then decrypted using a local key before use. It will be understood.

  At block 415, the server 110 blinds the received random number using each of the unique identification values of the remote sites. In one aspect of the invention, the random number is blinded using the following logical function.

ここで、Ｒ＿ｓｉｔｅ１は第１のサイトが生成する乱数、Ｒ＿ｓｉｔｅ２は第２のサイトが生成する乱数、ＩＤａは第１のサイトに関連付けられた一意的な値、ＩＤｂは、第２のサイトに関連付けられた一意的な値、ＸＯＲは従来のブール論理関数である。

Here, R_site1 is a random number generated by the first site, R_site2 is a random number generated by the second site, IDa is a unique value associated with the first site, and IDb is associated with the second site. The unique value, XOR, is a conventional Boolean logic function.

  Block 420 then sends the blinded value to each remote site such that each remote site receives a blinded random number of another remote site.

  In another preferred aspect of the invention, the random number is blinded using the following logic function:

  FIG. 5 is a flow diagram illustrating an example process 500 for authorizing an authenticated party in a secure network configuration, performed at each remote site. In this exemplary process, a random number is generated at block 510. At block 515, the generated random number is encrypted using the public key of server 110 and transmitted over the network at block 520. At block 525, the remote site waits for a response from server 110.

  When a response is received, the received value is deblinded. In the aspect of the present invention represented by Equation 3, these values can be deblinded using a process similar to that shown in Equation 2. In the aspect of the present invention represented by Equation 4, these values can be deblinded according to the following equation:

ここで、ａはあるサイトの乱数を表し、ｂは別のサイトの乱数を表す。

Here, a represents a random number of one site, and b represents a random number of another site.

  Thus, each remote site has a random number generated by another remote site. At block 535, an encryption key is formulated using a random number generated by each site according to the selected encryption algorithm. Although not shown, those skilled in the art will appreciate that the received blinded value may be further encrypted using a secret key. Thus, the received value is decrypted using the supplied corresponding public key. It will further be appreciated that the order in which blinding information and encryption information are processed can be interchanged without affecting the scope of the present invention.

FIG. 6 is a diagram showing a time sequence 600 of information transfer between the party that requested the conference called Client 1 (610), the server 615, and the invitee to the conference called Client 2 (620). In the illustrated order, the client 1 (610) transmits a request 630 for requesting a meeting with the invitee 620 to the server 615. The server 615 transmits the values obtained by blinding and encrypting the random numbers R_exp1 and R_exp2, that is, E _kr (R_exp1 XOR ID1) and E _kr (R_exp2 XOR ID2) to the client 1 (610) and the client 2 (620), respectively. To do.

Client 1 (610) and client 2 (620) each send an encrypted value representing R_exp1, ie, E _ku (R_exp1), and an encrypted value representing R_exp2, ie, E _ku (R_exp2), to server 615. Next, the server 615 transmits values E _kr (R_exp1) and E _kr (R_exp2) obtained by encrypting the random values R_exp1 and R_exp2 and digitally signing them to the client 1 (610) and the client 2 (620), respectively.

  After the client 1 (610) and the client 2 (620) successfully decrypt the transmitted value, the client 1 (610) and the client 2 (620) transmit a list of encryption algorithms, that is, cipher suites, to the server 615 for confirmation. The server 615 then provides an indication that a connection between parties has been established and selects a cipher that protects the communication between the parties.

In one aspect of the present invention, client 1 (610) and client 2 (620) then generate random numbers Rand1 and Rand2, respectively, and send values obtained by encrypting Rand1 and Rand2 to server 615. The server 615 then sends the blinded and digitally signed value E _kr (Rand1 XOR Rand2) to both client 1 (610) and client 2 (620). Client 1 (610) and client 2 (620) then use a known combination of Rand1 and Rand2 to form a session key suitable for the selected cipher.

  FIG. 7 is a diagram illustrating a system 700 that implements the principles of the present invention illustrated in the exemplary process illustrated in FIGS. In this exemplary system embodiment 700, input data is received from source 705 via network 750 and processed according to one or more software programs executed by processing system 710. Processor 710 may be a handheld computer, a dedicated or general-purpose processing system, a desktop computer, a laptop computer, a palmtop computer, a personal digital assistant (PDA) device, or the like, or the operations illustrated in FIGS. May represent a portion or combination of other devices capable of performing. Results obtained with processing system 710 may be transmitted over network 770 for viewing on display 780, reporting device 790 and / or second processing system 795.

  Specifically, the processing system 710 includes one or more input / output devices 740 that receive data from the illustrated source device 705 via the network 750. The received data can then be provided to the processor 720. The processor 720 is in communication with the input / output device 740 and the memory 730. The processor 720 may be a central processing unit (CPU) or dedicated hardware / software that can operate to execute computer instruction code or a combination of code and logical operations, such as PAL, ASIC, FGPA, etc. . The input / output device 740, the processor 720, and the memory 730 can communicate via the communication medium 725. Communication medium 725 represents a communication network such as, for example, an ISA bus, PCI bus, PCMCIA bus, one or more internal connections of a circuit, circuit card, or other device, and some and combinations of these and other communication media. be able to.

  In one embodiment, the processor 720 may include code that, when executed, performs the operations described herein. This code is stored in the memory 730, read or downloaded from a memory medium 783 such as a CD-ROM or floppy disk, provided by a manual input device 785 such as keyboard input or keypad input, or as needed. It can be read from magnetic or optical media (not shown) that the processor 720 can access. As shown, processor 720 can access via input / output device 740 to information items provided by input devices 783, 785 and / or magnetic media. Further, the data received by the input / output device 740 can be immediately accessed by the processor 720 and stored in the memory 730. Further, processor 720 can provide the results of the processing described herein to display 780, reporting device 790 or second processing unit 795 via I / O device 740.

  The terms processor, processing system, computer or computer system refer to one or more memory units that are electronically connected to and in communication with the at least one processing unit, and other such as, for example, peripheral devices. Those skilled in the art will appreciate that one or more processing units can be represented in communication with the device. Furthermore, the illustrated devices include, for example, serial buses, parallel buses, ISA buses, microchannel buses, PCI buses, PCMCIA buses, USB, wireless buses, infrared buses, radio frequency buses, and other internal buses, circuits, and circuit cards. Or electronically connected to one or more processing units via one or more internal connections of other devices, parts and combinations of the above and other communication media, or an external network such as the Internet or an intranet be able to. In other embodiments, the present invention may be implemented using hardware circuitry instead of or in combination with software instructions. For example, each element shown herein can be implemented as a separate hardware element or can be combined into a single unit.

  It will be appreciated that the operations shown in FIGS. 2-5 can be performed sequentially or in parallel using one or more different processors to determine a particular value. Let's go. The processor system 710 can also communicate bi-directionally with each source 705. Further, the processor system 710 includes a global computer communication network such as the Internet, an intranet, a wide area network (WAN), a metropolitan area network (MAN), a local area network (LAN), a terrestrial broadcasting system, a cable, a network, and a satellite. Receiving or transmitting data over one or more network connections from one or more servers via a network, wireless network or telephone network (POTS), as well as part or combination of the other types of networks mentioned above it can. Networks 750 and 770 may be internal networks or one or more internal connections of circuits, circuit cards or other devices, some and combinations of these and other communication media, or external networks such as the Internet or intranet. It will be understood that it can be done.

  In a preferred embodiment of the present invention, the selected encryption algorithm can be selected from a stream encryption algorithm and a fast block encryption algorithm. It will be appreciated in the art that the particular algorithm to choose can be determined based on the overall performance of the application and network configuration. Furthermore, the size of the generated random value or the key used in the encryption algorithm may depend on the estimated length of the session. In another aspect of the invention, the length of the encryption key can be selected depending on the maximum number of packets that can be transmitted. For example, the length of the encryption key can be set to 10000 packets when the session is 1 hour, and 20000 packets when the session is 2 hours. Thus, after a certain amount of time has elapsed or after a certain number of packets have been transmitted, the encryption key can be terminated and a new key can be generated.

  While the basic novel features of the invention have been illustrated, described, and pointed out in connection with the preferred embodiments, those skilled in the art will recognize that the described apparatus, disclosed device configurations, and the like can be used without departing from the spirit of the invention. It will be understood that various omissions, substitutions and changes may be made to the details and their operation. For example, although the present invention has been disclosed by way of example for a video conference, those skilled in the art will appreciate that the present invention can also be used for voice and / or multimedia conferences or data exchange between parties. Although the present invention has been described with respect to a set of keys as an example, determining multiple sets of keys is also considered to be within the scope of the present invention. For example, in multimedia exchange, one set of keys can be used for audio transmission and a second set of keys can be generated for video transmission. Furthermore, those skilled in the art will also understand that blinding operations can be performed by functions and / or operations similar to the XOR operations described above.

  Obviously, all combinations of elements that perform substantially the same function in substantially the same manner and produce the same result are within the scope of the invention. The replacement of elements from one above embodiment to another is all contemplated and contemplated.

1 is a block diagram illustrating a system that utilizes the principles of the present invention to authenticate a party of a transaction. 2 is a flow diagram illustrating a first process for authenticating a party in accordance with the principles of the present invention. 4 is a flow diagram illustrating a second process for authenticating a party of a transaction in accordance with the principles of the present invention. 3 is a flow diagram illustrating a process for authorizing a transaction party in accordance with the principles of the present invention. 4 is a flow diagram illustrating a second process for authorizing a party for a transaction in accordance with the principles of the present invention. FIG. 2 illustrates bi-directional communication between a server and a site for authenticating and establishing a link between parties in accordance with the principles of the present invention. It is a figure which shows the device which performs the process shown in FIGS.

Claims (24)

A system for authenticating and authorizing a party of the secure communication network located at a plurality of remote sites, each comprising a device that communicates with the secure communication network,
Determining a first authentication value received via the network from a second site of the plurality of remote sites and blinded by a value associated with the remote site; Code,
A code that encrypts the determined first authentication value using an encryption key associated with the second site of the plurality of remote sites;
A code for transmitting the encrypted first authentication value via the network;
A code for decrypting a second authentication value received from the network and decrypted using the encryption key;
A memory and a communication, operable to execute code for activating the second site of the plurality of remote sites when the first authentication value is equal to the second authentication value A system that includes a processor to perform. The processor further comprises:
The system of claim 1, wherein the system is operable to execute code that transmits at least one instruction associated with at least one encryption algorithm over the network.   The system of claim 1, wherein the first authentication value is encrypted. The processor further comprises:
The system of claim 3, wherein the system is operable to execute a code that decrypts the encrypted first authentication value using the encryption key. The processor further comprises:
An encrypted authorization value for transmitting an authorization value local to the remote site via the network;
A code for unblinding the second value received via the network;
The system of claim 1, wherein the authorization value and the deblinded second received value are used to execute a code that formulates a session encryption key.   The system of claim 5, wherein the second received value is encrypted. The processor further comprises:
The system of claim 6, wherein the system is operable to execute a code that decrypts the second received value.   The system of claim 5, wherein the authorization value is a random value.   The system of claim 1, wherein the encryption key is provided by the second site of the plurality of remote sites.   The system of claim 9, wherein the encryption key is a public key associated with a public / private key encryption algorithm. The device is
The system of claim 1, further comprising an input / output unit operable to establish communication between the processor and the network.   The system of claim 1, wherein the code is stored in the memory.   The system of claim 1, wherein the second site of the plurality of remote sites is not involved in the secure communication. The processor is
The system of claim 1, wherein the system is operable to execute code that performs a logical operation to determine the first authentication value. A system for authenticating and authorizing a party of a secure communication network located at a plurality of remote sites, wherein a dedicated site not related to the secure communication network comprises a device for communicating with the network,
A code for transmitting, via the network, an authentication value blinded by a value associated with each of the plurality of remote sites;
A code for decrypting a value received via the network using an encryption key local to the dedicated site;
A system including a processor in communication with a memory, operable to execute code for enabling the remote site when the authentication value is equal to the received and decrypted value. The processor further comprises:
The system of claim 15, wherein the system is operable to execute code that encrypts the blinded value using an encryption key local to the dedicated site. The processor further comprises:
The system of claim 15, wherein the system is operable to execute a code that transmits an authentication value scrambled using a local encryption key to the dedicated site. The processor further comprises:
A code to receive authorization values from the associated remote site;
The system of claim 15, wherein the system is operable to execute a code that transmits a blinded value associated with the received authorization value.   The system of claim 18, wherein the authorization value is encrypted using an encryption key available to the remote site. The processor further comprises:
The system of claim 19, wherein the system is operable to execute code that decrypts the encrypted authorization value.   The system of claim 18, wherein the blinded value is based on an authorization value received from a corresponding remote site.   The system of claim 18, wherein the blinded value is based on the authorization value and a remote site identification value.   The system of claim 15, further comprising an input / output unit in communication with the processor and the network.   The system of claim 15, wherein the code is stored in the memory.

Images