KR20020021404A - Peer-to-peer network user authentication protocol - Google Patents

Abstract

In a peer to peer network having a plurality of user terminals, each terminal can act as a user authentication site for other terminals in the network and has a public side of the firewall and a secure side of the firewall. The user authentication database is stored in the security side memory of the network first and second terminals. The first terminal receives the password from the user and translates the password into an authentication encryption key for the user. The first terminal generates a first random number, encrypts the first random number with an authentication encryption key, provides a first encrypted message, transmits the first encrypted message to the second terminal, and the second terminal is a user for the first terminal. Act as an authentication site. The user authentication site decrypts the encrypted first message to provide a first random number, generates a second random number, and the second random number is transmitted to the first terminal. The first terminal combines and encrypts the first and second random numbers with an authentication encryption key to provide a second encrypted message. The first terminal sends a second encrypted message to the user authentication site, and the user authentication site decrypts the encrypted second message to generate the combined first and second random numbers. The user authentication site verifies whether the first and second random numbers are correct and authenticates the user according to this verification.

Description

Peer-to-peer network user authentication protocol {PEER-TO-PEER NETWORK USER AUTHENTICATION PROTOCOL}

Computer networks are widely used. These include private networks such as local area network (LAN), wide area network (WAN), and the Internet. The network consists of various nodes interconnected by a transmission medium. Some nodes may be terminals and / or personal computers (PCs) through which a user gains access to the network. Other network nodes are functional units such as routers, servers, and the like. Various communication media, such as fiber optic cables, integrated digital networks (ISDN), wireless links, and the like, are used to interconnect network nodes. Various nodes of a networked computer system are connected through various communication media.

A given private network is generally maintained and operated by a particular computer, where access to the network is limited to authorized users. To limit access to authenticated users, a network is often implemented to authenticate users attempting to connect to the network to verify that the user is an authenticated user. Therefore, the authentication process is designed so that only authenticated users can access the network. The simplest form of authentication is to require a username or user ID, and a password to gain access to a particular account. Authentication protocols may be based on public key systems and private key cryptography using digital signatures. In some networks, in order to maintain network connection control, reauthentication is required for the user periodically to keep the network connection. The authentication process authenticates authenticated users. If the user was successfully authenticated, i.e., a network connection was granted, the authentication output may be said to be successful. If the user fails to obtain authentication for the connection to the network, the authentication fails.

However, existing authentication processes are sensitive to intrusion by unauthorized users or other forms of attack. Such attacks present the possibility of replacing or misleading information being inserted into or transmitted from the network, or allowing unauthorized users to gain access to the network and perform malicious activities. When authentication information is present in the memory of a mobile, wireless or fixed network terminal, an unauthenticated user attacks the memory to obtain authentication information, thus accessing the system.

For example, in a network of mobile users (ie, wireless, mobile terminals), there may be a case where the terminal memory is attacked and the user terminals fall into an unauthenticated state. Once a hacker obtains authentication information stored in the terminal memory, it can be used to obtain unauthorized authentication of the network. In addition, some network and authentication procedures are vulnerable to so-called "man-in-the-midlle" attacks. In such an attack, an unauthorized user intercepts the first public key exchange by intercepting the first message to a new account (eg, from the terminal to some network server) and replacing the real public key with a fake public key.

"Self-forming" or peer-to-peer type networks are often used. In such a network, all users are peers and there is no central network controller. If everyone is given access, then every computer (node) can share files and peripherals with every other computer on the network. In such a network, since there is no dedicated, central network controller, the authentication information is distributed to many terminals in the network, and any terminal can be called to authenticate the user. Because the authentication database is distributed, it is more susceptible to attacks than a network where a well-protected central authentication site exists. Therefore, there is a need for an improved authentication system and technology that can address the above disadvantages and problems.

TECHNICAL FIELD The present invention relates to computer networks, and more particularly, to a system and method for authentication of users seeking access to a network.

1 is a block diagram of a computer network in accordance with an embodiment of the present invention.

2 is a flow chart showing an authentication protocol of the FIG. 1 network according to an embodiment of the invention.

In a peer to peer network having a plurality of user terminals, each terminal can act as a user authentication site for other terminals in the network and has a public side of the firewall and a secure side of the firewall. The user authentication database is stored in the security side memory of the network first and second terminals. The first terminal receives the password from the user and translates the password into an authentication encryption key for the user. The first terminal generates a first random number, encrypts the first random number with an authentication encryption key, provides a first encrypted message, transmits the first encrypted message to the second terminal, and the second terminal is a user for the first terminal. Act as an authentication site. The user authentication site decrypts the encrypted first message to provide a first random number, generates a second random number, and the second random number is transmitted to the first terminal. The first terminal combines and encrypts the first and second random numbers with an authentication encryption key to provide a second encrypted message. The first terminal sends a second encrypted message to the user authentication site, and the user authentication site decrypts the encrypted second message to generate combined first and second random numbers. The user authentication site verifies whether the first and second random numbers are correct and authenticates the user according to this verification.

Additional features and advantages of the present invention will be described in more detail with reference to the following drawings.

The present invention provides an authentication protocol that prevents unauthenticated entities from gaining connection to a peer-to-peer network by obtaining authentication information or a network connection through a communication attack. In the present invention, only information held personally by the authenticated user can be used for authentication. Since the network is a peer-to-peer network, multiple terminals must store user authentication databases distributed over the network. Thus, some terminals in the network also serve as user authentication sites for user terminals and other terminals. The authentication protocol of the present invention prevents an unauthorized user from acquiring a connection through the terminal despite the authentication information stored in the terminal. In addition, the authentication protocol of the present invention is resistant to man-in-the-middle attack.

1, a block diagram of a computer network system 100 in accordance with one embodiment of the present invention is shown. The network 100 comprises a first user terminal 110 and a user authentication site 120, which are interconnected via a communication or transmission channel 125, which channel is LAN, optical fiber, wireless or other digital communication means. This can be The user terminal 110 may be a PC in a fixed location, a remote PC connected to the authentication site by phone or other link, or a mobile unit connected by a wireless link. The terminal 110 includes a processor 117 and a memory 112 that stores a local copy of a distributed user authentication database. The user authentication site 120 may be another user terminal or a site operated by dedicated hardware, PC, or operator. In an embodiment, the network 100 includes a plurality of user terminals, and the user terminals may perform user authentication for other user terminals. The network 100 may also include dedicated user terminals that are not capable of providing user authentication and dedicated user authentication sites that are not user terminals.

A unique password and authentication password / decryption key pair are assigned to each authenticated user on the network. A given user authentication encryption key is generated by applying a specific encryption-key generation algorithm to the user password. The user authentication decryption key is a key that can decrypt a message encrypted using the user authentication encryption key. These keys are used only for authentication and not for other purposes. User authentication information for all authenticated users of the network is maintained in a distributed user authentication database, which is distributed and stored among several user terminals, such as terminals 110 and 120. This database contains authentication information for each user such as user authentication password / decryption key, password, and other information about the user.

In some embodiments, each user may have a smart card having personal information previously encrypted with the user's respective authentication encryption key. Each user may have a health sensor built into the user's body for additional security.

As illustrated, therefore, all user terminals capable of performing authentication for other terminals store a local copy of the user authentication database. This database is stored in memories 112 and 122 on the security side 114 of the firewalls 111 and 121. All terminals of the network 100, such as terminals 110, 120, have a firewall (e. G. 111), where the user enters and receives data from the public side 113 and all authentication information is secure side 114. Exists in Since each terminal 110 performs a network traffic relay role to other terminals, the transmitter, receiver, and all network traffic are present on the security side. The security side of the terminal is protected against physical and software attacks. All local copies of the distributed user authentication database stored in each terminal memory 112 are provided, and the individual user's individual authentication passwords and decryption keys are used only for authentication and not for other purposes. The distributed user authentication database is maintained autonomously by the network 100 security side. Any terminal having a user authentication database can be provided as a user authentication site for one or the other terminals. Accordingly, the second user terminal may be provided as a user authentication site 120 for the first user terminal 110, and the first user terminal 110 may authenticate the user for the terminal 120 or other terminals in the network. Can be provided as a site.

Each user terminal, such as user terminal 110, has a means for translating the user password into a user individual encryption key. For example, the user terminal 110 includes a processor 117 and the encryption key generation algorithm. The user terminal 110 also has the ability to generate random numbers and to encrypt a given message with an individual authentication encryption key. Therefore, when the user provides a password to the terminal 110, the terminal 110 can operate the encryption key generation algorithm using the password as an input, through which it can generate a user authentication encryption key. It then generates a random number, uses an authentication encryption key to encrypt the random number, and provides an encrypted random number (which is also a random number). The password, random number, authentication encryption key, encrypted message, and received message may be temporarily stored in the memory 112 by the terminal 110. In some embodiments, the terminal 110 may be provided with a sensor capable of reading and transmitting the user's smart card information, health sensor, and / or iris recognition device for additional security.

In an embodiment, the terminal only grants access to the user who inserts the user smart card and enters the appropriate user ID and password. User password and smart card data are the only authentication data that can pass through the firewall. If the user is not authenticated by the user authentication site, the terminal connection is refused.

Network 100 terminals are implemented such that any specified users read / write a connection to a user authentication database stored in terminal memory 112. For example, in military use, each soldier in the squad has a wireless, mobile user terminal 110, and the squad's designated communications specialist reads and records a connection to the database of memory 112 of that user terminal. Have permission to read No other soldiers are assigned. In an embodiment, the user authentication database stored in the terminal memory is destroyed if certain conditions, for example, a non-designated user attempts to connect to the database, or if a suspicious or non-standard attempt attempts to connect to the database. (For example, memory is deleted). If the terminal detects a physical attack, the database can also be destroyed. In an embodiment, if the terminal user is de-authenticated (failure of the authentication process), the user authentication database present in the terminal memory 112 is destroyed.

In addition, in some embodiments, a specific user / terminal detach procedure may be provided. For example, the user / terminal separation procedure is defined as the user entering a separation code, logging off, and then removing their own smart card from the smart card port of terminal 110. If the terminal 110 detects the detachment without following the detach procedure, the terminal destroys the user authentication database in the memory 112.

During the usage period, each terminal 110 is connected to the network to allow an authenticated user to access the network. In an embodiment, users are required to wear a health sensor, and the terminal includes a health sensor detector for continuously or periodically monitoring user health. Thus, in this embodiment, if at any time during the session the user terminal 110 detects that the user cannot perform the terminal session according to the state from the health sensor (eg, the user is killed) This information is sent to the user authentication site 120, and the user authentication site revokes the authentication. Alternatively, terminal 110 may remove itself from the network or revoke authentication.

In an embodiment, to maintain the terminal and network connection, the user health sensor must indicate to the terminal 110 that the user is alive. When the health sensor indicates that the user is dead, the terminal 110 detects this, removes the user's authentication, and automatically transmits this information to another user authentication site to update the user authentication database.

Thus, in the present invention, since a peer to peer network is used, user terminals must store a user authentication database in order to function as a user authentication site. However, in order to prevent unauthorized users from accessing the network or obtaining a user authentication database by attacking the terminal memory, each terminal should place all authentication information behind a firewall and generally allow that user to access such a database. Do not allow it. In addition, the user cannot be authenticated by the user terminal. The user is authenticated only by one or more other terminals. Therefore, when a user attempts to access the user terminal 110, the user terminal 110 requests another terminal (eg, the terminal 120) to operate as a user authentication site. Also, if a user accesses a terminal other than the terminal assigned to him, the user must be reauthenticated.

In addition, in an embodiment, all users are reauthenticated periodically. For example, after a period of time, the terminal 120 or another terminal has elapsed since the timeout period has elapsed since the terminal 110 user was last authenticated, for example by examining its own local copy of the user authentication database. I can recognize it. The next scheduled reauthentication can then be initiated. If it is suspected that another user has been killed or captured or another terminal has been captured, the reauthentication process may be initiated by any terminal. Further, in an embodiment, when a terminal is detached from its user, it removes itself from the network for additional security according to the separation protocol.

Referring to FIG. 2, a flow diagram is presented presenting a network user authentication protocol method 200 of a network 100 in accordance with an embodiment of the present invention. First, the user initiates connection to the user terminal 110 (step 201). Alternatively, if the user has been using the given terminal 110 for a period of time, after timeout the authentication site 120 notifies the user terminal 110 to re-authenticate the user (step 203). If it is suspected that the terminal user 110 has been killed or captured, or that the terminal 110 has been captured, the authentication site 120 may initiate reauthentication. Then, the terminal 110 notifies the user to input the user ID and password within a given time (step 205).

In the case of re-authentication, step 205 may include delivering an authentication alert message to the user in the form of visual, auditory or tactile. In addition, in the case of reauthentication where the user is in the current session state, since the terminal 110 still has the stored user ID, it only needs to prompt the user for a password.

In an embodiment, for new user authentication, the user must first insert his own smart card in the terminal 110. In the case of reauthentication of the currently authenticated user, the user is already logged on to the terminal 110 with his own smart card. In this embodiment, the smart card must be in place to continue or maintain authentication, and the information thereon must be read and verified. In alternative embodiments, the authentication protocol of the present invention does not require a smart card.

If the user is an authenticated user, the user will probably only have one password. In this case, the authenticated user enters the user ID and password (step 207), and if a timeout period is required in step 205, then enters the user ID and password within a specific timeout period. Then, the terminal 110 translates the password into an encryption key using an encryption key generation algorithm to generate a user authentication encryption key (step 209). Thus, the user does not need to own or know his own authentication encryption key, but only needs to own and know his own password (and ID).

Terminal 110 also generates a first random number (step 211) and encrypts the random number using a user authentication encryption key (step 213). The user terminal then notifies the user authentication site 120 of the user identity and transmits the encrypted random number to the user authentication site 120 (step 215). In an embodiment, the user identity is notified to the authentication site by passing the user ID to the authentication site. Preferably the user ID is first encrypted with a user authentication encryption key, and then the encrypted ID is sent to the authentication site 120. The authentication site 120 then generates all possible decryption keys until a user ID is generated that matches the effective user ID of the network (and also matches the user ID of the decryption key used to successfully decrypt the message). To decrypt the received encrypted message. Thus, once authentication site 120 successfully decrypts the user ID message, the authentication site can know the user ID, and thus this authentication encryption key can be used to decrypt subsequent encryption messages sent during the authentication process. . In an embodiment, the user terminal ID is also encrypted and sent to the authentication site 120 along with the user ID. In case of re-authentication, encryption and transmission of the user ID can be omitted; Or, for convenience and simplicity, when the user ID is encrypted and transmitted, the authentication site 120 may decrypt the encrypted user ID using an already determined decryption key rather than performing excessive decryption.

After decrypting the encrypted user ID message, the authentication site 120 receives the encrypted first random number. User authentication site 120 decrypts this message with a particular user authentication key to provide the original first random number (step 217). The user authentication site 120 then generates a second random number and transmits the second random number to the user terminal 110 (step 219). In an alternative embodiment, an encrypted version of the second random number is sent to the user terminal 110 where a second crypto / decryption key pair is used.

At this point, the user authentication site 120 knows the user ID and / or user password, the user authentication password / decryption key (at least the decryption key), and the first and second random numbers. The user terminal 110 only temporarily stores the user password and the authentication encryption key during the authentication process.

After receiving the second random number from the authentication site 120, the user terminal 110 combines and encrypts the random numbers with a user authentication encryption key and sends this message to the user authentication site (step 221). As long as the technique used by the user terminal 110 is known to the user authentication site 120, the two random numbers can be combined in various ways, for example, addition, subtraction, multiplication, concatenation string, and the like. The binding technique used is preferably established or defined a priori as part of the authentication protocol of the present invention.

Authentication site 120 then receives the encrypted message, which is an encrypted version of the two random numbers, and decrypts the message using the user authentication decryption key. The authentication site 120 then checks whether all of the random numbers are correct. If correct, there is no man-in-the-middle attack. At this point, the authentication site 120 knows the user identity to which to obtain a connection. Once the user is identified and authorized to access, the authentication site 120 sends an appropriate authentication message to the terminal 110 and allows network resources to be used by the user from the user terminal 110 according to the user's access authority level. To authenticate the user. If the user is a new user, the new user is authenticated or connection is denied if authentication fails. In the case of reauthentication, the user is reauthenticated, or the authentication is withdrawn if authentication fails.

If the user is authenticated and new transmission and message keys are required, a new method of obtaining these keys from the terminal clocks is sent to the terminal 110. If the user is not authenticated, the user authentication site instructs all other users on the network that the user has been deauthenticated and communication with the user has been terminated. The terminal connection is also refused. The distributed user authentication database is updated to indicate the deauthentication, and all local copies are updated accordingly such that updates are distributed over the network.

As described above, in an embodiment, the user authentication site 120 may query the user terminal 110 for smart card information, user health status, and / or iris recognition information. This information may be used for additional security by authentication site 120 at step 223 in checking user identity and the ability to conduct a terminal session. Although the memory 112 maintains a complete user authentication database, the user terminal immediately deletes the user password and the authentication encryption key from the memory 112 regardless of whether the authentication is successful when the authentication procedure is completed for additional security. do.

As used herein, “user” refers to a person who attempts to obtain a connection to the network 100 through the user terminal 110 or has already obtained a connection. Thus, both the person already authenticated by the authentication process and the expected user are users.

As will be appreciated, the authentication protocol of the present invention is not vulnerable to man-in-the-middle attack. In addition, authentication data security is achieved by not allowing individual terminal users to access the authentication information located on the security side of the user terminal 110. Because of having another terminal, for example a user authentication site 120, the control connection to the user terminal achieves terminal connection and security.

Although the present invention has been described through the preferred embodiments above, the present invention is not limited to these and various modifications are possible.

Claims (9)

In a peer-to-peer network having a plurality of user terminals (110, 120), as a method for authenticating a user, (a) storing a user authentication database in a memory 112 on the first terminal 110 security side 114 and a memory 122 on the second terminal 120 security side 124; (b) receiving (207) a password from a user at a first terminal of the network; (c) translating (209) the password into an authentication encryption key for the user; And (d) authenticating the user through the second terminal provided to the user authentication site for the first terminal using the authentication encryption key (211-225). The method of claim 1, wherein step (d) (1) generating a first random number through the first terminal (211); (2) encrypting the first random number with an authentication encryption key to provide a first encrypted message (213) and transmitting the first encrypted message from a first terminal to a user authentication site (215); (3) decrypting (217) the encrypted first message at a user authentication site to provide a first random number; (4) generating a second random number through the user authentication site and transmitting the second random number to the first terminal (219); (5) combining and encrypting the first and second random numbers through a first terminal to provide a second encrypted message, and transmitting the second encrypted message from the first terminal to a user authentication site (221); (6) decrypting (223) the encrypted second message at a user authentication site to provide combined first and second random numbers; (7) verifying whether the first and second random numbers are correct; And (8) authenticating a user according to the verification. The method of claim 2, Regardless of whether the authentication is successful, the method further comprises the step of deleting (225) the password from the first terminal after user authentication. The method of claim 2, Step (b) further comprises the step (207) of receiving a user ID from a user at the first terminal; The step (d) (2) further comprises the step (215) of encrypting the user ID with an authentication encryption key to provide an encrypted user ID message and transmitting the encrypted user ID message from the first terminal to the user authentication site. Includes; And The step (d) (3) includes decrypting the encrypted user ID message with valid authentication decryption keys until a decryption user ID is generated at a user authentication site that matches a valid user ID of the network, wherein the encryption Decrypting the encrypted first message with an authentication decryption key used to successfully decrypt the encrypted user ID message and providing a first random number. The method of claim 2, Step (d) (8) comprises the step (223) of authenticating the user if the first and second random numbers are correct and the user has access rights to the network. The method of claim 2, Reading a user's health state through a health sensor; Transmitting the health condition to a user authentication site; And Authenticating a user according to the health condition and the verification of step (d) (7). The method of claim 2, User authentication further comprising querying the first terminal to read the user information from the user smart card via the authentication site and authenticating the user according to the verification of the user information and step (d) (7). Way. The method of claim 1, wherein step (b) Notifying the user to enter a user ID and password through the first terminal when a new user initiates access to the first terminal or the authentication site notifies that re-authentication is used after a timeout. . The method of claim 1, And if the user is not a designated user, blocking the user from accessing the security side of the first terminal.