Authenticating method

US 20050144484A1
Filed: 02/14/2002
Published: 06/30/2005
Est. Priority Date: 02/14/2002
Status: Abandoned Application

First Claim

Patent Images

1. A user authentication method comprising the steps of authenticating user-ID carrying equipment connected to a communication network, such as communication terminal equipment in which a user ID used for user authentication is registered, or equipment in which a user ID, such as an electronic ID card used by mounting on communication terminal equipment is recorded, by carrying out “

authentication having ‘

the possibility of spoofing by the authenticating side though there is no danger of monitoring,’ and

‘

the possibility of spoofing as the result of theft of authentication information from the authentication device,’ and

specific problems in the contents of authentication”

using a dual-key encryption system, a biometrics-based system, a one-time password system or a pass-sentence system based on a long-worded, sentence-like password in a pass-code p1 authentication process (10), so as to prevent “

spoofing as the result of ‘

leakage of authentication information through the interception of communications,’

‘

leakage of authentication information through monitoring of the traffic,’

‘

leakage of authentication information through a stealthy glance,’

‘

leakage of authentication information through a brute-force attack,’

‘

leakage of authentication information beyond the control of the user and outside the system,’ and

‘

duplication or forgery of authentication information’

” and

prevent “

spoofing by the authenticating side”

and “

spoofing as the result of theft of authentication information from the authentication device”

by establishing a collatable but irreversible relationship to compare using random numbers the authentication information issued by the user with the authentication information registered in the authentication device, and authenticating a user by carrying out authentication while securing safety against “

spoofing by the authenticating side,”

“

spoofing as the result of theft of authentication information from the authentication device,” and

“

spoofing as the result of ‘

leakage of authentication information through interception of communications,’

‘

leakage of authentication information through a stealthy glance,’

‘

leakage of authentication information through a brute-force attack,’

‘

duplication and forgery of authentication information,’ and

‘

theft of user-ID carrying equipment’

using the fact that the user can be identified by carrying out authentication using authenticating key information, such as a password having a large number of combinations, with which no spoofing is possible against the user'"'"'s will in the pass-code p2 authentication process (11), so that user authentication can be performed at least specifically to prevent “

spoofing by the authenticating side,”

“

spoofing as the result of theft of authentication information from the authentication device,”

“

spoofing as the result of ‘

leakage of authentication information through monitoring,’

‘

leakage of authentication information through interception of communications,’

‘

leakage of authentication information through a stealthy glance,’

‘

leakage of authentication information through a brute-force attack,’

‘

leakage of authentication information beyond the control of the user and outside the system,’

‘

duplication or forgery of authentication information,’ and

‘

theft of user-ID carrying equipment’

by carrying out “

user authentication” and

”

authentication of user-ID carrying equipment connected to a communication network in two stages.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

All conceivable problems associated with user authentication can be coped with at least individually by preventing spoofing as the result of leakage of authentication information through interception of communications, monitoring, stealthy glance, brute-force attack, and beyond the control of the user and outside the system, duplication and forgery of authentication information by carrying out an “authentication method that can cope with every possible problem in relation to authentication, excluding monitoring” and an “authentication method authentication having the possibility of spoofing by the authenticating side though there is no danger of monitoring and he possibility of spoofing as the result of theft of authentication information from the authentication device” in two stages in one user authentication processing, and “preventing spoofing by the authenticating side and as the result of theft of authentication information from the authentication device by establishing a collatable and irreversible relationship between the authentication information issued by the user and the authentication information registered in the authentication device” in the latter authentication method.

Citations

5 Claims

1. A user authentication method comprising the steps of authenticating user-ID carrying equipment connected to a communication network, such as communication terminal equipment in which a user ID used for user authentication is registered, or equipment in which a user ID, such as an electronic ID card used by mounting on communication terminal equipment is recorded, by carrying out “
- authentication having ‘
  
  the possibility of spoofing by the authenticating side though there is no danger of monitoring,’ and
  
  ‘
  
  the possibility of spoofing as the result of theft of authentication information from the authentication device,’ and
  
  specific problems in the contents of authentication”
  
  using a dual-key encryption system, a biometrics-based system, a one-time password system or a pass-sentence system based on a long-worded, sentence-like password in a pass-code p1 authentication process (10), so as to prevent “
  
  spoofing as the result of ‘
  
  leakage of authentication information through the interception of communications,’
  
  ‘
  
  leakage of authentication information through monitoring of the traffic,’
  
  ‘
  
  leakage of authentication information through a stealthy glance,’
  
  ‘
  
  leakage of authentication information through a brute-force attack,’
  
  ‘
  
  leakage of authentication information beyond the control of the user and outside the system,’ and
  
  ‘
  
  duplication or forgery of authentication information’
  
  ” and
  
  prevent “
  
  spoofing by the authenticating side”
  
  and “
  
  spoofing as the result of theft of authentication information from the authentication device”
  
  by establishing a collatable but irreversible relationship to compare using random numbers the authentication information issued by the user with the authentication information registered in the authentication device, and authenticating a user by carrying out authentication while securing safety against “
  
  spoofing by the authenticating side,”
  
  “
  
  spoofing as the result of theft of authentication information from the authentication device,” and
  
  “
  
  spoofing as the result of ‘
  
  leakage of authentication information through interception of communications,’
  
  ‘
  
  leakage of authentication information through a stealthy glance,’
  
  ‘
  
  leakage of authentication information through a brute-force attack,’
  
  ‘
  
  duplication and forgery of authentication information,’ and
  
  ‘
  
  theft of user-ID carrying equipment’
  
  using the fact that the user can be identified by carrying out authentication using authenticating key information, such as a password having a large number of combinations, with which no spoofing is possible against the user'"'"'s will in the pass-code p2 authentication process (11), so that user authentication can be performed at least specifically to prevent “
  
  spoofing by the authenticating side,”
  
  “
  
  spoofing as the result of theft of authentication information from the authentication device,”
  
  “
  
  spoofing as the result of ‘
  
  leakage of authentication information through monitoring,’
  
  ‘
  
  leakage of authentication information through interception of communications,’
  
  ‘
  
  leakage of authentication information through a stealthy glance,’
  
  ‘
  
  leakage of authentication information through a brute-force attack,’
  
  ‘
  
  leakage of authentication information beyond the control of the user and outside the system,’
  
  ‘
  
  duplication or forgery of authentication information,’ and
  
  ‘
  
  theft of user-ID carrying equipment’
  
  by carrying out “
  
  user authentication” and
  
  ”
  
  authentication of user-ID carrying equipment connected to a communication network in two stages.
- View Dependent Claims (2, 3, 4, 5)
- - 2. A user authentication method as set forth in claim 1 wherein a password system that has a logically unlimited strength against brute-force attacks and cannot easily be leaked even when an entered password is stolen through a stealthy glance, and is hard to leak even from the owner of the password is employed;
    - the password system comprising a “
      
      password having a large number of combinations”
      
      is created by expressing values having large bases in the notation method using characters or graphic forms (c) that can be produced infinitely and allocating one unique character code or a plurality of unique character codes to each character for use to denote the password, so that a large number of combinations can be given easily and unlimitedly to a password array having a small number of elements.
  - 3. A user authentication method as set forth in claim 1 wherein the “
    - password having a large number of combinations”
      
      is such that when a request for authentication is issued by the user, the authentication device creates random numbers, rearranges the password registered in the authentication device with the random numbers and presents the rearranged password to the user (d″
      
      Presentation of password graphic forms), the authentication device generates an array sequence for rearranging the user'"'"'s password registered in the authentication device using the random numbers (d″
      
      Extraction and rearrangement of password graphic forms), the user informs the authentication device of the array sequence for rearranging the password characters presented by the authentication device into an array of the password the user initially registered (d″
      
      Pass code p2), and the authentication device compares the array sequence sent from the user with the array sequence created by the authentication device at the time when the user issued a request for authentication, whereby the illegal use of password through a stealthy glance at input information or interception of communications is practically nullified.
  - 4. A user authentication method as set forth in claim 1 wherein user-ID carrying equipment connected to a communication network, such as communication terminal equipment in which a user ID used for user authentication is registered, or equipment in which a user ID, such as an electronic ID card used by mounting on communication terminal equipment is recorded is authenticated in such a manner that the authentication device converts in an irreversible manner user-specific authentication information, such as character-string information including a pass sentence, or biometrics information or any other key information, or terminal equipment number, into a pass code p1 (b) using user-specific random numbers or one-way functions and registers the generated pass code p1 in the authentication device, together with the user-specific random numbers or one-way functions, the user issues a request for authentication by transmitting from the user terminal authentication information, such as the character-string information or key information, together with the user ID, or entering from the user terminal and transmitting authentication information, such as biometrics information or key information registered in an IC card or any other portable device, and the authentication device invokes the user-specific random numbers or one-way functions registered in the authentication device, generates a pass code p1 from authentication information, such as the character-string information sent from the user terminal or the authenticating terminal, biometrics information or any other key encryption information, or terminal equipment number, using the user-specific random numbers or one-way functions, and compares the generated pass code p1 with the pass code p1 registered in the authentication device.
  - 5. A user authentication method as set forth in claim 2 wherein the “
    - password having a large number of combinations”
      
      is such that when a request for authentication is issued by the user, the authentication device creates random numbers, rearranges the password registered in the authentication device with the random numbers and presents the rearranged password to the user (d″
      
      Presentation of password graphic forms), the authentication device generates an array sequence for rearranging the user'"'"'s password registered in the authentication device using the random numbers (d″
      
      Extraction and rearrangement of password graphic forms), the user informs the authentication device of the array sequence for rearranging the password characters presented by the authentication device into an array of the password the user initially registered (d″
      
      Pass code p2), and the authentication device compares the array sequence sent from the user with the array sequence created by the authentication device at the time when the user issued a request for authentication, whereby the illegal use of password through a stealthy glance at input information or interception of communications is practically nullified.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Hironori Wakayama
Original Assignee
Hironori Wakayama
Inventors
Wakayama, Hironori

Application Number

US10/504,516
Publication Number

US 20050144484A1
Time in Patent Office

Days
Field of Search
US Class Current

726/19
CPC Class Codes

G06F 21/31 User authentication

G06F 21/36 by graphic or iconic repres...

Authenticating method

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

5 Claims

Specification

Solutions

Use Cases

Quick Links

Authenticating method

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

5 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links