RU2178913C1 - Mechanism of mutual authentication in real-time distributed data-control systems - Google Patents

Abstract

FIELD: miscellaneous systems handling secret information. SUBSTANCE: authentication mechanism has two or more unified functionally completed mutual- authentication modules incorporated in subscriber stations and in data processing centers (application program servers) of system; each of n modules has switch storage unit, ciphering and deciphering units, timer, shaping unit, receiving unit, comparison unit, comparator, decipherer, and coincidence gate. EFFECT: enlarged functional capabilities. 1 dwg

Description

 The invention relates to distributed information management systems (RIUS), mainly to RIUS, operating in real time, and can be used in systems for various purposes, operating with confidential information.

 One of the features of RIUS is the complexity of the communication structure, due to the dispersion of subscriber points (AP) and data centers (application servers - SP). Interaction between the AP and the joint venture is carried out using a communication network, including communication lines and switching nodes. This circumstance is fraught with the potential danger of deliberate interception of exchange information, as well as violation of the physical and (or) logical interface in order to organize such communications that would meet the intentions of the attacker. For example, it is possible to connect a false AP to obtain confidential information from other APs and (or) from a joint venture, or to organize a false joint venture to mislead the interacting APs and to obtain information necessary for the attacker from them. Therefore, in distributed systems that operate with confidential information, mutual authentication of the interacting parties is necessary not only at the beginning of the information exchange session, but also the authentication of the sender of each message within the session.

 These requirements are contained in the current regulatory documents on the protection of information from unauthorized access (unauthorized access), for example, in the guidance document of the State Technical Commission of Russia "Computer facilities. Firewalls. Protection against unauthorized access to information. Indicators of protection from unauthorized access to information", approved on July 25 1997

 Another feature of modern RIUS is the presence of “intelligent” APs that have their own computers and can interact with each other and with the SP in any way, while messages addressed to one recipient (“selectively”), as well as messages with the recipient's group address ( “broadcast”, “by list”, “circularly”, etc.). The message is switched in the communication network in accordance with the recipient address indicated in the message header.

 As an example of real-time mutual authentication process implementation in RIUS, the technical solution according to RF patent 2126170 is considered. The mutual authentication mechanism between the peripheral terminal and the data processing center (Center) is implemented in the terminal (TMA) and central (TsMA) authentication modules in a single two-way communication session. In TMA, the identifier of the terminal (IT) that is transformed using an arithmetic logic unit (ALU) is used as an identifier transmitted to the Center, which is then encrypted with the terminal key. The cryptogram thus formed along with the name of the terminal is transmitted to the Center. At the same time, the converted IT is stored in TMA as a standard for analyzing the response of the Center. In CMA, the terminal name is converted to ALU according to the same algorithm as in ALU TMA, as a result of which a similar identifier is generated, which is compared with the identifier obtained when decrypting the cryptogram received from the terminal using the terminal key selected from the key storage unit in accordance with IT If the compared values coincide, the authenticity of the terminal is considered established, after which the identifier received from it (the transformed name of the terminal) is returned from the CMA as a response from the Center. The identifier received from the TSMA is compared in the TMA with the standard, and if their values coincide, the authenticity of the Center is considered established.

 The described mutual authentication mechanism is asymmetric, while the initiative is the terminal, and the information transmitted during the mutual authentication from the terminal to the Center (terminal name and cryptogram) differs from the composition of the Center’s response information (transformed terminal name). In this regard, the described mechanism cannot be used for mutual authentication in the exchange of information between the AP (SP), since the initiative in this case can come from either side.

 The closest in technical essence to the proposed invention is the technical solution described in the patent of the Russian Federation 2154856. The process of mutual authentication is also implemented in the terminal and central authentication modules in one communication session. However, unlike the technical solution described above, the value of the current timer time is used as an identifier, and on the receiving side, a value close to it is determined by the value of the current time of the own timer. If the received difference between the identifiers ΔТ is not more than the maximum ΔТmax, then the authenticity of the initiating party is considered established.

 In TMA and CMA, the identifier transmitted to the other side is encrypted and decrypted at the receiving side.

 The described mutual authentication mechanism is also asymmetric, however, the composition of the information transmitted during the mutual authentication from the terminal to the Center (the name of the terminal and the encrypted value of the current time) is similar to the composition of information transmitted in the opposite direction (the name of the Center and the encrypted value of the current time).

 The problem to which the invention is directed is to expand the scope by ensuring the symmetry of the mutual authentication mechanism, which also allows for one-way authentication on the initiative of either side.

 This is achieved by the fact that in the well-known mechanism of mutual authentication in distributed real-time information-control systems containing n identical modules of mutual authentication (MVA), where n = 1, 2,. . . n, each of which includes a key storage unit, the first output of which is connected to the first inputs of the encryption unit and the decryption unit, a timer output is connected to the second input of the encryption unit and the first input of the comparison unit, the output of the decryption unit is connected to the second input of the comparison unit, the first output of which is connected to the first output of the comparator and is the output of the Alarm signal, and the second output of the comparison unit is connected to the first input of the comparator, the second input of which is connected to the second output of the key storage unit, the second output of the comparator is the output of the “Norma” signal, each of the n MVAs has a generating unit and series-connected receiving unit, a decoder and a matching element, the second output of the comparator is connected to its other input, two other outputs of the receiving unit are connected to the first input of the storage unit keys and to the second input of the decryption unit, respectively, the output of the matching element is connected to the second input of the key storage unit and to the first input of the generating unit, the second input of which is connected to the output of the cipher block Hovhan and the third forming unit input is connected to the third input key storage unit and the input signal is "Request", the output and input of which is the output formation unit and the input receiving unit, respectively.

 A block diagram of the proposed mutual authentication mechanism is shown in the drawing.

 n mutual authentication modules are integrated into n APs and SPs connected by a communication network (one MVA in each AP or SP). The mechanism of mutual authentication is implemented in the process of interaction of n APs and (or) SPs with each other.

 A detailed exposition of the mechanism for exchanging APs (SPs) with authenticators during mutual authentication would require the inclusion of other components of APs (SPs), including computers, as well as the corresponding interface between them, which would complicate the consideration of the process of mutual authentication. Therefore, the mechanism of mutual authentication is described only at the level of interacting MBAs.

 An authenticator is included in the message header of information exchange between APs (SP), while mutual authentication (or authentication) is carried out during the exchange of messages between one AP (SP) - the initiator and one AP (SP) - the responder, and between one AP (SP) - the initiator and the group of AP (SP) - respondents, determined by the address of the recipient, also present in the message header.

 The procedures for the formation and processing of authentication information and its exchange both between one AP (SP) - the initiator and one AP (SP) - the responder, and between one AP (SP) - the initiator and any AP (SP) from the AP (SP) group - defendants are identical.

 Each of the n MBAs includes a key storage unit 1, a timer 2, a generating unit 3, an encryption unit 4, a receiving unit 5, a decryption unit 6, a comparison unit 7, a comparator 8, a decoder 9, and a match element 10.

 In the manufacture of MBA, each of them is assigned a unique (serial) number.

Each mutual authentication module is configured on a specially equipped terminal of the system Security Service, during which the following are recorded in the key storage unit of the 1st i-MVA:
- the encryption key set for this module (located in memory at the address corresponding to the number assigned to this MBA);
- the encryption key and ΔT _max for each MVA interacting with the ith MVA (at the memory address corresponding to the number of the interacting MVA).

 After connecting n configured MBAs to the interacting APs (SP), the current time of timers 2 is set, the periodic adjustment of which is carried out in the future in accordance with the exact time signals.

The process of mutual authentication is carried out in one session of two-way exchange, which goes through three phases:
1. The formation of the authenticator in MBA1 AP (SP) - the initiator and its transfer to the address of the AP (SP) - the defendant.

 2. Reception of the authenticator in the MVA2 AP (SP) - the responder, authentication of the MBA1 AP (SP) - the initiator and, if it is successful, the formation of the response and the transfer of the authenticator to the address of the AP (SP) - the initiator.

 3. Reception authenticator response in MBA1 AP (SP) - the initiator and authentication MBA2 AP (SP) - the defendant.

 The sequence of formation and processing of the authenticator is determined by the sign of the exchange procedure: B - mutual authentication; A - one-way authentication (in which the response of the other side is not required).

 Let us first consider the operation of the mechanism for the case of mutual authentication.

In phase 1, a request is sent to MBA1 AP (SP) of the initiator with an indication of exchange procedure B containing the number of this MBA, by which the corresponding encryption key is selected from key storage unit 1. In the unit of formation 3 MVA1, an authenticator is formed for transmission to the address of the AP (SP) - responder in the form of signals:
- MBA1 number;
- sign of exchange procedure - B;
- an identifier formed in the form of a cryptogram containing the value of the current time of timer 2 encrypted by the encryption unit 4 using the encryption key selected from the storage unit 1.

 The generated authenticator is transmitted to the address of the AP (SP) -responder in the header of the current message in the process of information exchange.

The second phase begins with the receipt in MBA2 AP (SP) - the authenticator responder in the receiving unit 5, from the outputs of which:
- MBA1 number enters the key storage unit 1 (used as a memory address for selecting the corresponding values of the encryption key and ΔT _max );
- a sign of the exchange procedure (B) enters the decoder 9;
- the authenticator in the form of a cryptogram enters the decryption unit 6 and is decrypted using the encryption key selected from the key storage unit 1.

The decrypted authenticator, which is the value of the current time, is analyzed in MBA2 in the following order:
- in the comparison unit 7, an algebraic comparison is made of the current time value of timer 2 with the decrypted authenticator; the calculated difference ΔT between them must be positive;
- in the comparator 8 is an algebraic comparison of the difference ΔT obtained from the comparison unit 7, with ΔT _max ; ΔT must not exceed ΔT _max .
If any of the above conditions is not fulfilled, then an alarm signal is generated.

 If both conditions are met, the authentication MBA1 AP (SP) is considered successful and a signal is generated "Norm", which is also sent to the element of coincidence 10 MVA2.

 If the permission signal from the decoder 9 coincides with the “Normal” signal from the comparator 8, a “Request” appears with the sign of the exchange procedure O (response) at the output of coincidence element 10. The specified "Request" is received at the inputs of the key storage unit 1 MVA2 and the generating unit 3. From the key storage unit 1 MVA2, the corresponding encryption key is selected at the address of the MBA2 number.

In the 3 MVA2 formation block, an authenticator is formed for transmission to the address of the AP (SP) - initiator in the form of signals:
- MBA2 number;
- sign of the exchange procedure - O;
- an identifier in the form of a cryptogram containing the value of the current time of timer 2 encrypted by the encryption unit 4 using the encryption key selected from the key storage unit 1.

 The generated authenticator is transmitted in the header of the current message to the address of the AP (SP) - the initiator.

 In the third phase, the response authenticator adopted in the MBA1 of the initiator (SP) of the initiator is received at the receiving unit 5 and processed in the manner described above in phase 2 for processing the received authenticator in the MVA2 of the responder, with the difference that the decoder is 9 In accordance with the received sign of the exchange procedure, O prohibits the signal from passing through coincidence element 10 and the processing ends only by issuing a “Normal” or “Alarm” signal from comparator 8.

 If one-way authentication is performed, then “Request” is received at the input of MBA1, which contains a sign of the exchange procedure, A (no response is required). In the first phase, the formation of the authenticator for transmission to the address of another AP (SP) is carried out in the manner described above for phase 1 of the mutual authentication procedure, with the difference that in the authenticator formed in the forming unit 3, instead of attribute B, sign A.

 In phase 2, the processing of the authenticator received in the receiving unit 5 MVA2 is carried out in the manner described above in phase 2 for processing the received authenticator in MBA2 during mutual authentication, with the difference that the decoder 9, in accordance with the received sign of the exchange procedure A, prevents the signal from passing through the matching element 10 and the processing ends only by issuing from the comparator 8 a signal of "Normal" or "Alarm".

 The proposed technical solution provides the possibility of authentication and mutual authentication at the initiative of any party. The small length of the identifier - cryptograms (of the order of 10-16 bytes) allows authentication to be implemented automatically with each current exchange message, since the inclusion of the authenticator in the message header will not significantly increase the cost of communication channel resources and message transit time.

Claims (1)

 Mutual authentication mechanism in distributed real-time information management systems containing n identical modules for mutual authentication (MVA), where n = 1, 2.. . , n, each of which includes a key storage unit, the first output of which is connected to the first inputs of the encryption unit and the decryption unit, the first input of the key storage unit is the MBA input, the timer output is connected to the second input of the encryption unit and the first input of the comparison unit, the output of the decryption unit is connected to the second input of the comparison unit, the first output of which is connected to the first output of the comparator and is the output of the Alarm signal, and the second output of the comparison unit is connected to the first input of the comparator, the second output to of which is connected to the second output of the key storage unit, the second output of the comparator is the “Normal” signal output, characterized in that each of the n MVAs contains an authenticator forming unit and serially connected receiving unit, a decoder and a matching element, the second input of which is connected to the second the output of the comparator, the other two outputs of the receiving unit are connected to the first input of the key storage unit and to the second input of the decryption unit, respectively, the output of the matching element is connected to the second input of the storage unit keys to the first input of the authenticator forming unit, the second input of which is connected to the output of the encryption unit, and the third input of the authenticator forming unit is connected to the first input of the storage unit and is the input of the MVA Request signal, the output and input of which is the authenticator forming unit and the input a receiving unit, respectively, wherein the authenticator forming unit is for generating and transmitting the authenticator to another MBA, and the receiving unit is for receiving a response authenticator from rugogo MBA.