Security method and system for persistent storage and communications on computer network systems and computer network systems employing the same

US 20010001876A1
Filed: 01/12/2001
Published: 05/24/2001
Est. Priority Date: 12/11/1997
Status: Active Grant

First Claim

Patent Images

1. A login method to enhance security in a network computer system having at least one server computer coupled over a communication network to a plurality of client computers, wherein each client computer is coupled to directly access a persistent storage device and wherein each client computer is operated by a control program after login, the method comprising the steps of:

receiving a login ID and password PW from a user at a first one of said client computers;

computing, at said first client computer, a hash value H1PW of the password PW;

transmitting a first-stage login request including ID from said first client computer to a first one of said server computers;

receiving said first-stage login request at said first server computer;

providing, at said first server computer, a key-exchange key KEK;

encrypting KEK at said first server computer;

transmitting a first-stage login response, including the encrypted KEK, from said first server computer to said first client computer;

receiving said first-stage login response at said first client computer;

decrypting, at said first client computer, the encrypted KEK, to yield KEK;

providing, at said first client computer, a first split key SK1;

encrypting, it said first client computer, key SK1, using KEK as an encryption key, to yield ESK1;

transmitting a second-stage login request, including ESK1, from said first client computer to said first server computer;

receiving said second-stage login request at said first server computer;

decrypting, at said first server computer, ESK1, using KEK as a decryption key, to yield SK1;

providing, at said first server computer, a second split key SK2;

combining, at said first server computer, the first and second split keys SK1 and SK2, to yield session key SK;

encrypting, at said first server computer, the second split key SK2, using KEK as an encryption key, to yield ESK2;

transmitting a second-stage login response, including ESK2, from said first server computer to said first client computer;

receiving the second-stage login response at said first client computer;

decrypting, at said first client computer, ESK2 received with the second-stage login response, using KEK as a decryption key, to yield SK2;

combining, at said first client computer, the first and second split keys SK1 and SK2, to yield sessions key SK;

encrypting further transmissions between said first client computer and said first server computer, using sessions key SK as an encryption key.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A multi-stage login procedure and system involves a first stage in which a login ID and a public key (encrypted) is transmitted from a client computer to a server computer and a key-exchange key (encrypted) is provided from the server computer to the client computer. In a second stage, a first split symmetric key and a server authentication string is generated and encrypted by the client computer and then transmitted to the server computer. In addition, the server computer generates a second split symmetric key and combines the same with the first split symmetric key to obtain a complete symmetric key for encrypting further communications from the server to the client computer. The server also generates a client authentication string, encrypts the same and transmits the encrypted string, the server authentication string (encrypted and incremented) and the second split symmetric key (encrypted) to the client computer. In a third stage, the client computer uses the server authentication string to authenticate the server. In addition, the client computer combines the second split symmetric key with the first split symmetric key to obtain the complete symmetric key for encrypting further communications from the client computer to the server computer. The client computer also decrypts, increments and encrypts the client authentication string and transmits the same to the server. The server then uses the client authentication string (after decryption and decrementation) to authenticate the client computer. Thereafter, the server provides the client computer with a first split symmetric persistent storage key (encrypted), which the client computer combines (after decryption) with a one-way hash value to obtain a persistent storage key for use by the client computer to communication information to and from persistent storage.

155 Citations

20 Claims

1. A login method to enhance security in a network computer system having at least one server computer coupled over a communication network to a plurality of client computers, wherein each client computer is coupled to directly access a persistent storage device and wherein each client computer is operated by a control program after login, the method comprising the steps of:
- receiving a login ID and password PW from a user at a first one of said client computers;
  
  computing, at said first client computer, a hash value H1PW of the password PW;
  
  transmitting a first-stage login request including ID from said first client computer to a first one of said server computers;
  
  receiving said first-stage login request at said first server computer;
  
  providing, at said first server computer, a key-exchange key KEK;
  
  encrypting KEK at said first server computer;
  
  transmitting a first-stage login response, including the encrypted KEK, from said first server computer to said first client computer;
  
  receiving said first-stage login response at said first client computer;
  
  decrypting, at said first client computer, the encrypted KEK, to yield KEK;
  
  providing, at said first client computer, a first split key SK1;
  
  encrypting, it said first client computer, key SK1, using KEK as an encryption key, to yield ESK1;
  
  transmitting a second-stage login request, including ESK1, from said first client computer to said first server computer;
  
  receiving said second-stage login request at said first server computer;
  
  decrypting, at said first server computer, ESK1, using KEK as a decryption key, to yield SK1;
  
  providing, at said first server computer, a second split key SK2;
  
  combining, at said first server computer, the first and second split keys SK1 and SK2, to yield session key SK;
  
  encrypting, at said first server computer, the second split key SK2, using KEK as an encryption key, to yield ESK2;
  
  transmitting a second-stage login response, including ESK2, from said first server computer to said first client computer;
  
  receiving the second-stage login response at said first client computer;
  
  decrypting, at said first client computer, ESK2 received with the second-stage login response, using KEK as a decryption key, to yield SK2;
  
  combining, at said first client computer, the first and second split keys SK1 and SK2, to yield sessions key SK;
  
  encrypting further transmissions between said first client computer and said first server computer, using sessions key SK as an encryption key.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
- - 2. A method as recited in claim 1, wherein said key KEK comprises a symmetric encryption key and wherein said key SK comprises a symmetric encryption key.
  - 3. A method as recited in claim 1, further comprising the steps of:
    - transmitting a third-stage login request from said client computer to said first server computer, following said step of combining, at said first client computer, the first and second split keys SK1 and SK2;
      
      receiving the third-stage login request at said first server computer;
      
      looking up, at said first server computer, a first split persistent storage key PK1 associated in a database with the ID received with said first-stage login request;
      
      encrypting, at said first server computer, key PK1, using SK as an encryption key, to yield EPK1;
      
      transmitting a third-stage login response, including EPK1, from said first server computer to said first client computer;
      
      receiving the third-stage login response at said first client computer;
      
      decrypting, at said first client computer, EPK1 received with said third-stage login response, using SK as a decryption key;
      
      providing, at said first client computer, a second split persistent storage key PK2;
      
      combining, at said first client computer, the first and second split persistent storage keys PK1 and PK2, to yield persistent storage key PK; and
      
      encrypting further data stored in the persistent storage device operatively coupled to said first client computer, using PK as an encryption key.
  - 4. A method as recited in claim 3, wherein said step of providing, at said first client computer, a second split persistent storage key PK2, comprises the step of generating PK2 by pseudo-random generation.
  - 5. A method as recited in claim 3:
    - wherein, after said step of computing a hash value H1PW at said first client computer, and prior to said step of transmitting a first-stage login request, said method further includes the steps of;
      
      providing, at said first client computer, a public key PUB and a corresponding private key PVT; and
      
      encrypting, at said first client computer, the public key PUB, using H1PW as an encryption key, to yield EPUB;
      
      wherein said first-stage login request includes ID and EPUB and wherein, following said step of receiving said first-stage login request at said first server computer and prior to said step of encrypting KEK at said first server computer, said method further comprises the steps of;
      
      looking up, at said first server computer, the hash value H1PW associated in a database with the ID received with said first-stage login request;
      
      decrypting, at said first server computer, the EPUB received with said first-stage login request, using H1PW as a decryption key, yielding PUB;
      
      wherein, said step encrypting KEK at said first server computer comprises the steps of;
      
      encrypting KEK, at said first server computer, using PUB as a public key, to yield EKEK; and
      
      encrypting EKEK, at said first server computer, using H1PW as an encryption key, to yield DEKEK;
      
      wherein, said first-stage login response includes DEKEK and wherein said step of decrypting, at said first client computer, the encrypted KEK, comprises the steps of;
      
      decrypting DEKEK, at said first client computer, using H1PW as a decryption key, to yield EKEK; and
      
      decrypting EKEK, at said first client computer, using PVT as a private key, to yield KEK.
  - 6. A method as recited in claim 5, wherein said step of providing, at said first client computer, a public key PUB and a corresponding private key PVT, comprises the step of generating PUB and PVT by pseudo-random generation.
  - 7. A method as recited in claim 3, wherein after said step of decrypting, at said first client computer, the encrypted KEK, and prior to said step of transmitting a second-stage login request, said method further comprising the steps of:
    - providing a server authentication string SRV at said first client computer; and
      
      encrypting SRV at said first client computer, using KEK as an encryption key, to yield ESRV;
      
      wherein said second-stage login request further includes ESRV and wherein, after said step of receiving said second-stage login request at said first server computer, and prior to said step of transmitting a second-stage login response, said method further comprising the steps of;
      
      decrypting ESRV at said first server computer, using KEK as a decryption key, to yield SRV;
      
      modifying SRV, it said first server computer, by applying a predetermined algorithm function to SRV, to yield ISRV; and
      
      encrypting ISRV at said first server computer, using KEK as an encryption key, to yield EISRV;
      
      wherein said second-stage login response further includes EISRV and wherein, after said step of receiving said second-stage login response at said client computer, said method further comprises the steps of;
      
      decrypting EISRV at said first client computer, using KEK as a decryption key, to yield ISRV;
      
      applying, it said first client computer, the inverse of said predetermined algorithm function to ISRV, to yield SRV; and
      
      comparing, at said first client computer, the yielded SRV with the SRV provided in said step of providing a server authentication string SRV at said first client computer; and
      
      aborting the login procedure upon a insufficient match of said yielded SRV with said SRV provided in said step of providing a server authentication string SRV at said first client computer.
  - 8. A method as recited in claim 7, wherein said step of providing a server authentication string SRV at said first computer comprises the step of generating SRV by pseudo-random generation.
  - 9. A method as recited in claim 7, wherein after said step of receiving said second-stage login request at said first server computer, and prior to said step of transmitting a second-stage login response, said method further comprising the steps of:
    - providing a client authentication string CLT at said first server computer; and
      
      encrypting CLT at said first server computer, using KEK as an encryption key, to yield ECLT;
      
      wherein said second-stage login response further includes ECLT and wherein, after said step of receiving said second-stage login response at said first client computer said method further comprising the steps of;
      
      decrypting ECLT at said first client computer, using KEK as a decryption key, to yield CLT;
      
      modifying CLT, at said first client computer, by applying a predetermined algorithm function to CLT, to yield ICLT;
      
      encrypting ICLT at said first client computer, using SK as an encryption key, to yield EICLT;
      
      transmitting a third-stage login request, including EICLT, from said first client computer to said first server computer;
      
      receiving said third-stage login request at said first server computer;
      
      decrypting EICLT at said first server computer, using SK as a decryption key, to yield ICLT;
      
      applying, at said first server computer, the inverse of said predetermined algorithm function to ICLT, to yield CLT;
      
      comparing, at said first server computer, the yielded CLT with the CLT provided in said step of providing a client authentication string CLT at said first server computer; and
      
      rejecting the login procedure upon a insufficient match of said yielded CLT with said CLT provided in said step of providing a client authentication string CLT at said first server computer.
  - 10. A method as recited in claim 9, wherein said step of providing a client authentication string CLT at said first server comprises the step of generating CLT by pseudo-random generation.
  - 11. A method as recited in claim 1, wherein said step of providing, at said first client computer, a first split encryption key SK1 comprises the step of generating SK1 by pseudo-random generation.
  - 12. A method as recited in claim 1, wherein said step of providing, at said first server computer, a second split encryption key SK2 comprises the step of generating SK2 by pseudo-random generation.
  - 13. A method as recited in claim 1, wherein said step of providing, at said first server computer, a key-exchange key KEK, comprises the step of generating KEK by pseudo-random generation.
  - 14. A method as recited in claim 1, wherein after said step of receiving said second-stage login request at said first server computer, and prior to said step of transmitting a second-stage login response, said method further comprising the steps of. providing a client authentication string CLT at said first server computer;
    - and encrypting CLT at said first server computer, using KEK as an encryption key, to yield ECLT;
      
      wherein said second-stage login response further includes ECLT and wherein, after said step of receiving said second-stage login response at said first client computer said method further comprising the steps of. decrypting ECLT at said first client computer, using KEK as a decryption key, to yield CLT;
      
      modifying CLT, at said first client computer, by applying a predetermined algorithm function to CLT, to yield ICLT;
      
      encrypting ICLT at said first client computer, using SK as an encryption key, to yield EICLT;
      
      transmitting a third-stage login request, including EICLT, from said first client computer to said first server computer;
      
      receiving said third-stage login request at said first server computer;
      
      decrypting EICLT at said first server computer, using SK as a decryption key, to yield ICLT;
      
      applying, at said first server computer, the inverse of said predetermined algorithm function to ICLT, to yield CLT;
      
      comparing, at said first server computer, the yielded CLT with the CLT provided in said step of providing a client authentication string CLT at said first server computer; and
      
      rejecting the login procedure upon a insufficient match of said yielded CLT with said CLT provided in said step of providing a client authentication string CLT at said first server computer.
  - 15. A method as recited in claim 1, wherein after said step of decrypting, at said first client computer, the encrypted KEK, and prior to said step of transmitting a second-stage login request, said method further comprising the steps of:
    - providing a server authentication string SRV at said first client computer; and
      
      encrypting SRV at said first client computer, using KEK as an encryption key, to yield ESRV;
      
      wherein said second-stage login request further includes ESRV and wherein, after said step of receiving said second-stage login request at said first server computer, and prior to said step of transmitting a second-stage login response, said method further comprising the steps of;
      
      decrypting ESRV at said first server computer, using KEK as a decryption key, to yield SRV;
      
      modifying SRV, at said first server computer, by applying a predetermined algorithm function to SRV, to yield ISRV; and
      
      encrypting ISRV at said first server computer, using KEK as an encryption key, to yield EISRV;
      
      wherein said second-stage login response further includes EISRV and wherein, after said step of receiving said second-stage login response at said client computer, said method further comprises the steps of;
      
      decrypting EISRV at said first client computer, using KEK as a decryption key, to yield ISRV;
      
      applying, at said first client computer, the inverse of said predetermined algorithm function to ISRV, to yield SRV; and
      
      comparing, at said first client computer, the yielded SRV with the SRV provided in said step of providing a server authentication string SRV at said first client computer; and
      
      aborting the login procedure upon a insufficient match of said yielded SRV with said SRV provided in said step of providing a server authentication string SRV at said first client computer.
  - 16. A method as recited in claim 1, wherein, after said step of computing a hash value H1PW at said first client computer, and prior to said step of transmitting a first-stage login request, said method further includes the steps of:
    - providing, at said first client computer, a public key PUB and a corresponding private key PVT; and
      
      encrypting, at said first client computer, the public key PUB, using H1PW as an encryption key, to yield EPUB;
      
      wherein said first-stage login request includes ID and EPUB and wherein, following said step of receiving said first-stage login request at said first server computer and prior to said step of encrypting KEK at said first server computer, said method further comprises the steps of;
      
      looking up, at said first server computer, the hash value H1PW associated in a database with the ID received with said first-stage login request;
      
      decrypting, at said first server computer, the EPUB received with said first-stage login request, using H1PW as a decryption key, yielding PUB; and
      
      wherein, said step of encrypting KEK at said first server computer comprises the steps of;
      
      encrypting KEK, at said first server computer, using PUB as a public key, to yield EKEK; and
      
      encrypting EKEK, at said first server computer, using H1PW as an encryption key, to yield DEKEK;
      
      wherein, said first-stage login response includes DEKEK and wherein said step of decrypting, at said first client computer, the encrypted KEK, comprises the steps of;
      
      decrypting DEKEK, at said first client computer, using H1PW as a decryption key, to yield EKEK; and
      
      decrypting EKEK, at said first client computer, using PVT as a private key, to yield KEK.

17. A system to enhance security in a network computer environment, said system comprising:
- a communication network;
  
  at least one server computer, including a first server computer, coupled to said communication network;
  
  a plurality of client computers, including a first client computer, coupled to said communication network;
  
  a persistent storage device operatively coupled to each of said client computers;
  
  means, associated with said first client computer, for receiving a login ID and password PW;
  
  means, associated with said first computer, for computing a hash value H1PW of the password PW;
  
  means, associated with said first computer, for transmitting a first-stage login request including ID, through said communication network, to said first server computer;
  
  means, associated with said first server computer, for providing a first encryption key KEK;
  
  means, associated with said first server computer, for encrypting KEK;
  
  means, associated with said first server computer, for transmitting a first-stage login response, including the encrypted KEK, through said communication network, to said first client computer;
  
  means, associated with said first client computer, for decrypting the encrypted KEK, to yield KEK;
  
  means, associated with said first client computer, for providing a first split encryption key SK1;
  
  means, associated with said first client computer, for encrypting the first split key SK1, using KEK as an encryption key, to yield ESK1;
  
  means, associated with said first client computer, for transmitting a second-stage login request, including ESK1, through said communication network, to said first server computer;
  
  means, associated with said first server computer, for decrypting ESK1, using KEK as a decryption key, to yield SK1;
  
  means, associated with said first server computer, for providing a second split encryption key SK2;
  
  means, associated with said first server computer, for combining the first and second split keys SK1 and SK2, to yield session key SK;
  
  means, associated with said first server computer, for encrypting the second split symmetric key SK2, using KEK as an encryption key, to yield ESK2;
  
  means, associated with said first server computer, for transmitting a second-stage login response, including ESK2, through said communication network, to said first client computer;
  
  means, associated with said first client computer, for decrypting ESK2 received with the second-stage login response, using KEK as a decryption key, to yield SK2;
  
  means, associated with said first client computer, for combining the first and second split keys SK1 and SK2, to yield session key SK;
  
  means, associated with said first client computer, for encrypting further transmissions from said first client computer to said first server computer, using symmetric session key SK as an encryption key; and
  
  means, associated with said first server computer, for encrypting further transmissions from said first server computer to said first client computer, using symmetric session key SK as an encryption key.
- View Dependent Claims (18)
- - 18. A method as recited in claim 17, wherein said key KEK and said key SK comprise symmetric encryption keys.

19. An article of manufacture comprising a computer program carrier readable by a first client computer coupled to a computer network system having a plurality of client computers and a computer program carrier readable by a first server computer coupled to said computer network system, the computer program carriers embodying one or more instructions executable by the first remote computer and the first server computer to perform method steps of:
- receiving a login ID and password PW from a user at a first one of said client computers;
  
  computing, at said first client computer, a hash value H1PW of the password PW;
  
  transmitting a first-stage login request including ID from said first client computer to a first one of said server computers;
  
  receiving said first-stage login request at said first server computer;
  
  providing, at said first server Computer, a key-exchange key KEK;
  
  encrypting KEK at said first server computer;
  
  transmitting a first-stage login response, including the encrypted KEK, from said first server computer to said first client computer;
  
  receiving said first-stage login response at said first client computer;
  
  decrypting, at said first client computer, the encrypted KEK, to yield KEK;
  
  providing, at said first client computer, a first split key SK1;
  
  encrypting, at said first client computer, key SK1, using KEK as an encryption key, to yield ESK1;
  
  transmitting a second-stage login request, including ESK1, from said first client computer to said first server computer;
  
  receiving said second-stage login request at said first server computer;
  
  decrypting, at said first server computer, ESK1, using KEK as a decryption key, to yield SK1;
  
  providing, at said first server computer, a second split key SK2;
  
  combining, at said first server computer, the first and second split keys SK1 and SK2, to yield session key SK;
  
  encrypting, at said first server computer, the second split key SK2, using KEK as an encryption key, to yield ESK2;
  
  transmitting a second-stage login response, including ESK2, from said first server computer to said first client computer;
  
  receiving the second-stage login response at said first client computer;
  
  decrypting, at said first client computer, ESK2 received with the second-stage login response, using KEK as a decryption key, to yield SK2;
  
  combining, at said first client computer, the first and second split keys SK1 and SK2, to yield sessions key SK;
  
  encrypting further transmissions between said first client computer and said first server computer, using sessions key SK as an encryption key.
- View Dependent Claims (20)
- - 20. A method as recited in claim 19, wherein said key KEK and said key SK comprise symmetric keys.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Morgan, Stephen P., Reed, Benjamin Clay, Russell, Lance W.

Granted Patent

US 6,816,970 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/171
CPC Class Codes

H04L 9/0841   involving Diffie-Hellman or...

H04L 9/3271   using challenge-response

Y10S 707/99939   Privileged access

Y10S 707/99952   Coherency, e.g. same view t...

Y10S 707/99953   Recoverability

Security method and system for persistent storage and communications on computer network systems and computer network systems employing the same

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

155 Citations

20 Claims

Specification

Use Cases

Quick Links

Others

Security method and system for persistent storage and communications on computer network systems and computer network systems employing the same

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

155 Citations

20 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others