User authentication over networks

US 10,263,962 B2
Filed: 05/10/2017
Issued: 04/16/2019
Est. Priority Date: 07/28/2015
Status: Active Grant

First Claim

Patent Images

1. A method for authenticating user authentication data, associated with a user ID, at an authentication system comprising an authentication server connected to a network and a secure cryptoprocessor operatively coupled to the authentication server, the method comprising:

providing, in data storage operatively coupled to the authentication server, a first token for said user ID, the first token being produced by the secure cryptoprocessor by encoding the user authentication data associated with the user ID via an encoding process dependent on a secret key of the secure cryptoprocessor, said first token for said user ID produced at the authentication server by;

receiving a registration request for the user ID from the remote computer via the network, the registration request comprising a ciphertext encrypting the user authentication data associated with the user ID under a public key of a first public-private key pair, the private key of which is secret to the secure cryptoprocessor, and supplying the ciphertext to the secure cryptoprocessor;

at the secure cryptoprocessor, decrypting the ciphertext using said private key to obtain the user authentication data associated with the user ID, encoding the user authentication data via a deterministic function using said secret key to produce said first token, and supplying the first token to the authentication server; and

wherein said decryption and encoding is performed as a single atomic operation in the cryptoprocessor;

at the authentication server, storing the first token for the user ID in said data storage;

at the authentication server, receiving an authentication request for the user ID from a remote computer via the network, the authentication request comprising a ciphertext encrypting user authentication data under said public key of said first public-private key pair, and supplying the ciphertext to the secure cryptoprocessor;

at the secure cryptoprocessor, decrypting the ciphertext using said private key to obtain plaintext user authentication data; and

encoding said obtained plaintext user authentication data via said deterministic function using said secret key to produce a second token, and supplying the second token to the authentication server, wherein said decryption and encoding is performed as a single atomic operation in the cryptoprocessor;

at the authentication server, retrieving said first token for the user ID from said data storage;

at the authentication server, comparing the first and second tokens to check for equality of said plaintext user authentication data and the user authentication data encoded in the first token via a cryptographic processing operation in which the authentication data is not exposed outside the secure cryptoprocessor; and

at the authentication server, in response to said equality, sending an authentication confirmation message to the remote computer via the network.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Methods are provided for authenticating user authentication data, associated with a user ID, at an authentication system. The authentication system comprises an authentication server connected to a network, and a secure cryptoprocessor operatively coupled to the authentication server. A first token for the user ID is provided in data storage operatively coupled to the authentication server. The first token is produced by the secure cryptoprocessor by encoding the user authentication data associated with the user ID via an encoding process dependent on a secret key of the secure cryptoprocessor. The authentication server receives an authentication request for the user ID from a remote computer via the network. The authentication request comprises a ciphertext encrypting user authentication data under a public key of a first public-private key pair, the private key of which is secret to the secure cryptoprocessor. The authentication server supplies the ciphertext to the secure cryptoprocessor which decrypts the ciphertext using this private key to obtain plaintext user authentication data. The authentication server retrieves the first token for the user ID from the data storage. The authentication system checks for equality of the plaintext user authentication data and the user authentication data encoded in the first token via a cryptographic processing operation in which the authentication data is not exposed outside the secure cryptoprocessor. In response to such equality, the authentication server sends an authentication confirmation message to the remote computer via the network.

32 Citations

16 Claims

1. A method for authenticating user authentication data, associated with a user ID, at an authentication system comprising an authentication server connected to a network and a secure cryptoprocessor operatively coupled to the authentication server, the method comprising:
- providing, in data storage operatively coupled to the authentication server, a first token for said user ID, the first token being produced by the secure cryptoprocessor by encoding the user authentication data associated with the user ID via an encoding process dependent on a secret key of the secure cryptoprocessor, said first token for said user ID produced at the authentication server by;
  
  receiving a registration request for the user ID from the remote computer via the network, the registration request comprising a ciphertext encrypting the user authentication data associated with the user ID under a public key of a first public-private key pair, the private key of which is secret to the secure cryptoprocessor, and supplying the ciphertext to the secure cryptoprocessor;
  
  at the secure cryptoprocessor, decrypting the ciphertext using said private key to obtain the user authentication data associated with the user ID, encoding the user authentication data via a deterministic function using said secret key to produce said first token, and supplying the first token to the authentication server; and
  
  wherein said decryption and encoding is performed as a single atomic operation in the cryptoprocessor;
  
  at the authentication server, storing the first token for the user ID in said data storage;
  
  at the authentication server, receiving an authentication request for the user ID from a remote computer via the network, the authentication request comprising a ciphertext encrypting user authentication data under said public key of said first public-private key pair, and supplying the ciphertext to the secure cryptoprocessor;
  
  at the secure cryptoprocessor, decrypting the ciphertext using said private key to obtain plaintext user authentication data; and
  
  encoding said obtained plaintext user authentication data via said deterministic function using said secret key to produce a second token, and supplying the second token to the authentication server, wherein said decryption and encoding is performed as a single atomic operation in the cryptoprocessor;
  
  at the authentication server, retrieving said first token for the user ID from said data storage;
  
  at the authentication server, comparing the first and second tokens to check for equality of said plaintext user authentication data and the user authentication data encoded in the first token via a cryptographic processing operation in which the authentication data is not exposed outside the secure cryptoprocessor; and
  
  at the authentication server, in response to said equality, sending an authentication confirmation message to the remote computer via the network.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method as claimed in claim 1 wherein said ciphertext in the user authentication request encrypts said user authentication data and an authentication nonce, and wherein the method includes:
    - at the secure cryptoprocessor, in response to said equality, producing an authentication signature comprising the authentication nonce cryptographically signed with a private key, secret to the secure cryptoprocessor, of a second public-private key pair, and supplying the signature to the authentication server;
      
      wherein said authentication confirmation message comprises the authentication signature.
  - 3. The method as claimed in claim 1 further comprising:
    - at the secure cryptoprocessor, in response to failure of the equality check, producing a failure signature comprising the authentication nonce cryptographically signed with a private key, secret to the secure cryptoprocessor, of a second public-private key pair, and supplying the failure signature to the authentication server; and
      
      at the authentication server, sending an authentication failure message, comprising the failure signature, to the remote computer via the network.
  - 4. The method as claimed in claim 1 including, in a registration operation for said user ID:
    - at the authentication server, receiving a registration request for the user ID from the remote computer via the network, the registration request comprising a ciphertext encrypting the user authentication data associated with the user ID, and a registration nonce, under said public key, and supplying the ciphertext to the secure cryptoprocessor;
      
      at the secure cryptoprocessor, decrypting the ciphertext using said private key to obtain the user authentication data associated with the user ID and the registration nonce, encrypting the user authentication data and the registration nonce under said public key to produce said first token, and supplying the first token to the authentication server; and
      
      at the authentication server, storing the first token for the user ID in said data storage.
  - 5. The method as claimed in claim 4 further comprising, in said registration operation:
    - at the secure cryptoprocessor, producing a registration signature comprising the registration nonce cryptographically signed with a private key, secret to the secure cryptoprocessor, of a second public-private key pair, and supplying the registration signature to the authentication server; and
      
      at the authentication server, sending a registration confirmation message, comprising the registration signature, to the remote computer via the network.
  - 6. The method as claimed in claim 4 further comprising:
    - at the authentication server, in response to said authentication request, supplying the first token to the secure cryptoprocessor; and
      
      at the secure cryptoprocessor, decrypting the first token using said private key to obtain the user authentication data associated with the user ID and comparing that user authentication data with said plaintext user authentication data to check for said equality.
  - 7. The method as claimed in claim 1 wherein said first token is produced by encoding the user authentication data associated with the user ID via a deterministic function using said secret key to produce a preliminary token, and encrypting the preliminary token under said public key to produce the first token, and wherein the method further comprises:
    - at the authentication server, supplying the first token to the secure cryptoprocessor;
      
      at the secure cryptoprocessor, decrypting the first token using said private key to obtain the preliminary token, encoding said plaintext user authentication data via said deterministic function using said secret key to produce a second token, and comparing the second token and the preliminary token to check for said equality.
  - 8. The method as claimed in claim 7 further comprising, in a registration operation for said user ID:
    - at the authentication server, receiving a registration request for the user ID from the remote computer via the network, the registration request comprising a ciphertext encrypting the user authentication data associated with the user ID, and a registration nonce, under said public key, and supplying the ciphertext to the secure cryptoprocessor;
      
      at the secure cryptoprocessor, decrypting the ciphertext using said private key to obtain the user authentication data associated with the user ID and the registration nonce, encoding the user authentication data associated with the user ID via said deterministic function using said secret key to produce said preliminary token, encrypting the preliminary token and the registration nonce under said public key to produce the first token, and supplying the first token to the authentication server; and
      
      at the authentication server, storing the first token for the user ID in said data storage.
  - 9. The method as claimed in claim 8 further comprising, in said registration operation:
    - at the secure cryptoprocessor, producing a registration signature comprising the registration nonce cryptographically signed with a private key, secret to the secure cryptoprocessor, of a second public-private key pair, and supplying the registration signature to the authentication server; and
      
      at the authentication server, sending a registration confirmation message, comprising the registration signature, to the remote computer via the network.
  - 10. The method as claimed in claim 1 wherein said user authentication data associated with the user ID comprises the user ID and user password data.

11. A system for authenticating user authentication data associated with a user ID, the system comprising:
- an authentication server connectable to a network;
  
  a secure cryptoprocessor operatively coupled to the authentication server; and
  
  a data storage device, operatively coupled to the authentication server, for storing for said user ID a first token produced by the secure cryptoprocessor by encoding the user authentication data associated with the user ID via an encoding process dependent on a secret key of the secure cryptoprocessor, wherein;
  
  the authentication server is adapted, in response to receipt of a registration request for the user ID from the remote computer via the network, the registration request comprising a ciphertext encrypting the user authentication data associated with the user ID under a public key of a first public-private key pair, the private key of which is secret to the secure cryptoprocessor, to supply the ciphertext to the secure cryptoprocessor;
  
  the secure cryptoprocessor is adapted to decrypt the ciphertext using said private key to obtain the user authentication data associated with the user ID, encode the user authentication data via a deterministic function using said secret key to produce said first token, and supply the first token to the authentication server for storage in said data storage device; and
  
  wherein said decryption and encoding is performed as a single atomic operation in the cryptoprocessor;
  
  the authentication server is adapted, in response to receipt of an authentication request for the user ID from a remote computer via the network, the authentication request comprising a ciphertext encrypting user authentication data under a public key of said first public-private key pair to supply the ciphertext to the secure cryptoprocessor and to retrieve said first token for the user ID from the data storage;
  
  the secure cryptoprocessor is adapted to decrypt the ciphertext using said private key to obtain plaintext user authentication data and encode said obtained plaintext user authentication data via said deterministic function using said secret key to produce a second token, and supply the second token to the authentication server, wherein said decryption and encoding is performed as a single atomic operation in the cryptoprocessor;
  
  the system is adapted to compare the first and second tokens to check for equality of said plaintext user authentication data and the user authentication data encoded in the first token via a cryptographic processing operation in which the authentication data is not exposed outside the secure cryptoprocessor; and
  
  the authentication server is adapted, in response to said equality, to send an authentication confirmation message to the remote computer via the network.
- View Dependent Claims (12, 13)
- - 12. The system as claimed in claim 11 wherein:
    - the authentication server is adapted, in a registration operation for said user ID wherein the authentication server receives a registration request for the user ID from the remote computer via the network, the registration request comprising a ciphertext encrypting the user authentication data associated with the user ID, and a registration nonce, under said public key, to supply the ciphertext to the secure cryptoprocessor;
      
      the secure cryptoprocessor is adapted, in response to receipt of the ciphertext in said registration operation, to decrypt the ciphertext using said private key to obtain the user authentication data associated with the user ID and the registration nonce, to encrypt the user authentication data and the registration nonce under said public key to produce said first token, and to supply the first token to the authentication server;
      
      the authentication server is adapted, in response to receipt of the first token in said registration operation, to store the first token for the user ID in said data storage;
      
      the authentication server is adapted, in response to said authentication request, to supply the first token to the secure cryptoprocessor; and
      
      the secure cryptoprocessor is adapted, in response to receipt of the first token, to decrypt the first token using said private key to obtain the user authentication data associated with the user ID and to compare that user authentication data with said plaintext user authentication data to check for said equality.
  - 13. The system as claimed in claim 11 wherein said first token comprises an encryption under said public key of a preliminary token produced by encoding the user authentication data associated with the user ID via a deterministic function using said secret key, and wherein:
    - the authentication server is adapted, in response to said authentication request, to supply the first token to the secure cryptoprocessor;
      
      the secure cryptoprocessor is adapted, in response to receipt of the first token, to decrypt the first token using said private key to obtain the preliminary token, to encode said plaintext user authentication data via said deterministic function using said secret key to produce a second token, and to compare the second token and the preliminary token to check for said equality.

14. A computer program product for authenticating user authentication data, associated with a user ID, in an authentication system comprising:
- an authentication server connectable to a network,a secure cryptoprocessor operatively coupled to the authentication server, anda data storage device, operatively coupled to the authentication server, for storing for said user ID a first token produced by the secure cryptoprocessor by encoding the user authentication data associated with the user ID via an encoding process dependent on a secret key of the secure cryptoprocessor, said computer program product comprising a computer readable storage medium having embodied therein;
  
  first program instructions executable by the authentication server responsive to receipt of a registration request for the user ID from the remote computer via the network, the registration request comprising a ciphertext encrypting the user authentication data associated with the user ID under a public key of a first public-private key pair, the private key of which is secret to the secure cryptoprocessor, to supply the ciphertext to the secure cryptoprocessor;
  
  second program instructions executable by the authentication server to configure the secure cryptoprocessor to decrypt the ciphertext using said private key to obtain the user authentication data associated with the user ID, encode the user authentication data via a deterministic function using said secret key to produce said first token, and supply the first token to the authentication server for storage of the first token in said data storage device; and
  
  wherein said decryption and encoding is performed as a single atomic operation in the cryptoprocessor;
  
  at the authentication server;
  
  third program instructions executable by the authentication server after receipt by the server of an authentication request for the user ID from a remote computer via the network, the authentication request comprising a ciphertext encrypting user authentication data under said public key of said first public-private key pair, to cause the server to supply the ciphertext to the secure cryptoprocessor and to retrieve said first token for the user ID from the data storage;
  
  fourth program instructions executable by the secure cryptoprocessor to cause the cryptoprocessor to decrypt the ciphertext using said private key to obtain plaintext user authentication data and encode said obtained plaintext user authentication data via said deterministic function using said secret key to produce a second token, and supply the second token to the authentication server, wherein said decryption and encoding is performed as a single atomic operation in the cryptoprocessor;
  
  fifth program instructions executable by at least one of the server and cryptoprocessor of said system to cause the system to compare the first and second tokens to check for equality of said plaintext user authentication data and the user authentication data encoded in the first token via a cryptographic processing operation in which the authentication data is not exposed outside the secure cryptoprocessor; and
  
  sixth program instructions executable by the authentication server, in response to said equality, to cause the server to send an authentication confirmation message to said remote computer via the network.
- View Dependent Claims (15, 16)
- - 15. The computer program product as claimed in claim 14 including:
    - seventh program instructions executable by the authentication server in a registration operation for said user ID wherein the server receives a registration request for the user ID from the remote computer via the network, the registration request comprising a ciphertext encrypting the user authentication data associated with the user ID, and a registration nonce, under said public key, to cause the server to supply the ciphertext to the secure cryptoprocessor;
      
      eighth program instructions executable by the secure cryptoprocessor to cause the cryptoprocessor, in response to receipt of the ciphertext in said registration operation, to decrypt the ciphertext using said private key to obtain the user authentication data associated with the user ID and the registration nonce, to encrypt the user authentication data and the registration nonce under said public key to produce said first token, and to supply the first token to the authentication server; and
      
      ninth program instructions executable by the authentication server, to cause the server, in response to receipt of the first token in said registration operation, to store the first token for the user ID in said data storage;
      
      wherein said third program instructions comprise tenth program instructions executable by the authentication server, to cause the server, in response to said authentication request, to supply the first token to the secure cryptoprocessor, and eleventh program instructions executable by the secure cryptoprocessor to cause the cryptoprocessor, in response to receipt of the first token, to decrypt the first token using said private key to obtain the user authentication data associated with the user ID and to compare that user authentication data with said plaintext user authentication data to check for said equality.
  - 16. The computer program product as claimed in claim 14 wherein said first token comprises an encryption under said public key of a preliminary token produced by encoding the user authentication data associated with the user ID via a deterministic function using said secret key, and wherein said fifth program instructions comprise:
    - twelfth program instructions executable by the authentication server, to cause the server, in response to said authentication request, to supply the first token to the secure cryptoprocessor; and
      
      thirteenth program instructions executable by the secure cryptoprocessor to cause the cryptoprocessor, in response to receipt of the first token, to decrypt the first token using said private key to obtain the preliminary token, to encode said plaintext user authentication data via said deterministic function using said secret key to produce a second token, and to compare the second token and the preliminary token to check for said equality.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Korondi, Mark, Kovacs, Daniel, Nagy, Zoltan Arnold
Primary Examiner(s)
Turchen, James R

Application Number

US15/591,409
Publication Number

US 20170244678A1
Time in Patent Office

706 Days
Field of Search
US Class Current
CPC Class Codes

H04L 63/0428   wherein the data content is...

H04L 63/06   for supporting key manageme...

H04L 63/061   for key exchange, e.g. in p...

H04L 63/08   for authentication of entit...

H04L 63/0815   providing single-sign-on or...

H04L 63/083   using passwords cryptograph...

H04L 9/006   involving public key infras...

H04L 9/0618   Block ciphers, i.e. encrypt...

H04L 9/0861   Generation of secret inform...

H04L 9/14   using a plurality of keys o...

H04L 9/30   Public key, i.e. encryption...

H04L 9/3213   using tickets or tokens, e....

H04L 9/3226   using a predetermined code,...

H04L 9/3247   involving digital signatures

User authentication over networks

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

32 Citations

16 Claims

Specification

Solutions

Use Cases

Quick Links

User authentication over networks

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

32 Citations

16 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links