Method and System for Secure Authentication and Data Exchange in Client Server Architecture
First Claim
1. A method for secure authentication and data exchange, in client server architecture, comprising:
- registering a user and creating a first tabular data using the user'"'"'s password for authentication of the user, at a server machine,deleting the password in its original form from the server,said server processing said first tabular data and generating a second tabular data to be sent to the client machine when said user logs in for a transaction at the client machine,said server initiating a communication session with the user using said second tabular data and generating a first set of numbers to be used for decryption by the server,encrypting and transferring said second tabular data to said user at the client machine,said client machine generating a second set of numbers to be used for encryption, using said second tabular data,said client encrypting the plain text using said second set of numbers, in a loop for a predetermined number of iterations,said client transmitting the encrypted data to the server,said server performing a decryption on the encrypted text using said first set of numbers,said server authenticating the user in the event correct plain text is generated, andsaid server completing the transaction.
0 Assignments
0 Petitions
Accused Products
Abstract
The present invention relates to a method for secure authentication and data exchange, in client server architecture, comprising: registering a user and creating a first tabular data using the user'"'"'s password for authentication of the user, at a server machine, deleting the password in its original form from the server, said server processing said first tabular data and generating a second tabular data to be sent to the client machine when said user logs in for a transaction at the client machine, said server initialing a communication session with the user using said second tabular data and generating a first set of numbers to be used for decryption by the server, encrypting and transferring said second tabular data to said user at the client machine, said client machine generating a second set of numbers to be used for encryption, using said second tabular data, said client encrypting the plain text using said second set of numbers, in a loop for a predetermined number of iterations, said client transmitting the encrypted data to the server, said server performing a decryption on the encrypted text using said first set of numbers, said server authenticating the user in the event correct plain text is generated, and said server completing the transaction.
-
Citations
28 Claims
-
1. A method for secure authentication and data exchange, in client server architecture, comprising:
-
registering a user and creating a first tabular data using the user'"'"'s password for authentication of the user, at a server machine, deleting the password in its original form from the server, said server processing said first tabular data and generating a second tabular data to be sent to the client machine when said user logs in for a transaction at the client machine, said server initiating a communication session with the user using said second tabular data and generating a first set of numbers to be used for decryption by the server, encrypting and transferring said second tabular data to said user at the client machine, said client machine generating a second set of numbers to be used for encryption, using said second tabular data, said client encrypting the plain text using said second set of numbers, in a loop for a predetermined number of iterations, said client transmitting the encrypted data to the server, said server performing a decryption on the encrypted text using said first set of numbers, said server authenticating the user in the event correct plain text is generated, and said server completing the transaction. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25)
-
-
26. A system for secure authentication and data exchange in client server architecture, said system comprising:
-
a chip based card allotted to the user, means at the client end for registering the user and setting the password, encrypting means in said chip based card for encrypting the password, means at the server end for processing the password and storing the password in the form of tabular data, a logging in machine for the user to log in and send username to the server end, said server comprising means to generate a first set of numbers for use in decryption, said client and card comprising means to generate a second set of numbers for use in encryption, said card and server comprising means to encrypt and decrypt data, data transmitting means for transmitting encrypted text between the client and the server, and means at the server to verify the plain text. - View Dependent Claims (28)
-
-
27. A computer program product stored on a computer readable medium for secure authentication and data exchange in client server architecture, comprising computer readable program code means configured for:
-
registering a user and creating a first tabular data using the user'"'"'s password for authentication of the user, at a server machine, deleting the password in its original form from the server, said server processing said first tabular data and generating a second tabular data to be sent to the client machine when said user logs in for a transaction at the client machine, said server initiating a communication session with the user using said second tabular data and generating a first set of numbers to be used for decryption by the server, encrypting and transferring said second tabular data to said user at the client machine, said client machine generating a second set of numbers to be used for encryption, using said second tabular data, said client encrypting the plain text using said second set of numbers, in a loop for a predetermined number of iterations, said client transmitting the encrypted data to the server, said server performing a decryption on the encrypted text using said first set of numbers, said server authenticating the user in the event correct plain text is generated, and said server completing the transaction.
-
Specification