Method and System for Secure Authentication and Data Exchange in Client Server Architecture

US 20090235085A1
Filed: 01/17/2006
Published: 09/17/2009
Est. Priority Date: 01/17/2005
Status: Abandoned Application

First Claim

Patent Images

1. A method for secure authentication and data exchange, in client server architecture, comprising:

registering a user and creating a first tabular data using the user'"'"'s password for authentication of the user, at a server machine,deleting the password in its original form from the server,said server processing said first tabular data and generating a second tabular data to be sent to the client machine when said user logs in for a transaction at the client machine,said server initiating a communication session with the user using said second tabular data and generating a first set of numbers to be used for decryption by the server,encrypting and transferring said second tabular data to said user at the client machine,said client machine generating a second set of numbers to be used for encryption, using said second tabular data,said client encrypting the plain text using said second set of numbers, in a loop for a predetermined number of iterations,said client transmitting the encrypted data to the server,said server performing a decryption on the encrypted text using said first set of numbers,said server authenticating the user in the event correct plain text is generated, andsaid server completing the transaction.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present invention relates to a method for secure authentication and data exchange, in client server architecture, comprising: registering a user and creating a first tabular data using the user'"'"'s password for authentication of the user, at a server machine, deleting the password in its original form from the server, said server processing said first tabular data and generating a second tabular data to be sent to the client machine when said user logs in for a transaction at the client machine, said server initialing a communication session with the user using said second tabular data and generating a first set of numbers to be used for decryption by the server, encrypting and transferring said second tabular data to said user at the client machine, said client machine generating a second set of numbers to be used for encryption, using said second tabular data, said client encrypting the plain text using said second set of numbers, in a loop for a predetermined number of iterations, said client transmitting the encrypted data to the server, said server performing a decryption on the encrypted text using said first set of numbers, said server authenticating the user in the event correct plain text is generated, and said server completing the transaction.

Citations

28 Claims

1. A method for secure authentication and data exchange, in client server architecture, comprising:
- registering a user and creating a first tabular data using the user'"'"'s password for authentication of the user, at a server machine,deleting the password in its original form from the server,said server processing said first tabular data and generating a second tabular data to be sent to the client machine when said user logs in for a transaction at the client machine,said server initiating a communication session with the user using said second tabular data and generating a first set of numbers to be used for decryption by the server,encrypting and transferring said second tabular data to said user at the client machine,said client machine generating a second set of numbers to be used for encryption, using said second tabular data,said client encrypting the plain text using said second set of numbers, in a loop for a predetermined number of iterations,said client transmitting the encrypted data to the server,said server performing a decryption on the encrypted text using said first set of numbers,said server authenticating the user in the event correct plain text is generated, andsaid server completing the transaction.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25)
- - 2. The method as claimed in claim 1, wherein said registering said user comprises:
    - allotting a chip based card to said user, said card having stored, a universal identification number (UID),a personality table,a current mood table,user'"'"'s key chain, andinitial spectrum.
  - 3. The method as claimed in claim 2, wherein said universal identification number comprises said user'"'"'s details including the username, user'"'"'s nationality and user'"'"'s bank.
  - 4. The method as claimed in claim 2, wherein said personality table is a conversion table having numeric equivalents of all characters said characters from A→
    - Z, a→
      
      z, 1→
      
      0, and the character period (.).
  - 5. The method as claimed in claim 2, wherein said mood table is used for creating said second tabular data.
  - 6. The method as claimed in claim 2, wherein said key chain and initial spectrum is used for said encryption.
  - 7. The method as claimed in claim 1, wherein said user sets a password during registration, at the client machine, and said password is transmitted to said server machine in an encrypted state, said encryption being done using said initial spectrum.
  - 8. The method as claimed in claim 1, wherein said first tabular data at the server comprises:
    - serial number,character set, andsum of products.
  - 9. The method as claimed in claim 8, wherein said character set contains random number.
  - 10. The method as claimed in claim 1, wherein generating said first tabular data comprises:
    - generating a predetermined number of random numbers for the character set, each digit of said random numbers not being more than the length of the password,for each character set, picking the characters of the password which have the face value equal to the digits of the character set,forming pairs of numeric equivalents of said picked characters of the password, said equivalents being fetched from said personality table,summing the product of said pairs.
  - 11. The method as claimed in claim 1, wherein said server fetches the corresponding first tabular data when a user logs in for transaction and swipes the chip based card, sending his user name to the server.
  - 12. The method as claimed in claim 2, wherein said second tabular data comprises a critical mass character set (CMCS).
  - 13. The method as claimed in claim 12, wherein generation of CMCS comprises:
    - randomly generating numbers having values between 1 and the total entries in the first tabular data,fetching first bunch of character sets from said first tabular data corresponding to the serial number equal to said random numbers,for each of the character sets in said first bunch, linearly searching and fetching a second character set from said first tabular data, which has the digit not present in the character set of the first bunch, said search being done on character sets starting from the character set in the first bunch, andforming pairs of such character set.
  - 14. The method as claimed in claim 13, wherein initiating a communication session comprises:
    - fetching the sum of products corresponding to each of the character sets in the CMCS,fetching the corresponding sum of products from the first tabular data,identifying the least significant digit (LSD) for each of the sum of products of each CMCS,fetching the style of multiplication from the mood table, the mood table comprising the style of multiplication depending on scenario of the least significant digits, andmultiplying the sum of products according to the style fetched from the mood table.
  - 15. The method as claimed in claim 14, wherein the mood table comprises:
    - scenario in the mood table, said scenarios selected from one ofthe LSD of first SOP even and second SOP odd,the LSD of first SOP even and second SOP even,the LSD of first SOP odd and second SOP odd, andthe LSD of first SOP odd and second SOP even.product style.
  - 16. The method as claimed in claim 15, wherein said product style comprises rotating the second SOP from the position accordingly as defined in the mood table.
  - 17. The method as claimed in claim 14, wherein two said products form a spectrum, one product of said spectrum being used for dividing the plain text and one product being used for deciding the key for encryption.
  - 18. The method as claimed in claim 1, wherein the memory at the server is divided into a predetermined number of blocks, each block having one column and a configurable number of rows.
  - 19. The method as claimed in claim 17, wherein the digits of said first product determines the total bytes of data to be stored in each row of each block.
  - 20. The method as claimed in claim 19 wherein said data is stored block wise in a row, subsequent data being stored cyclically block wise in the next row.
  - 21. The method as claimed in claim 20, wherein data from all the rows of each block are concatenated block wise and encrypted by one key.
  - 22. The method as claimed in claim 21, wherein the encrypted and concatenated complete CMCS is sent to the user at the client machine.
  - 23. The method as claimed in claim 1, wherein generating a second spectrum by the user comprises steps as explained in previous claims.
  - 24. The method as claimed in claim 20, wherein said encrypting the text comprises:
    - dividing said key-chain into subkeys of the size of the length of the password,breaking the plain text into blocksconcatenating and encrypting the text of all the rows of each block using the corresponding key,concatenating the encrypted text and breaking again as explained in a loop for as many times as the number of CMCS,
  - 25. The method as claimed in claim 1, wherein said decryption by server comprises reverse encryption.

26. A system for secure authentication and data exchange in client server architecture, said system comprising:
- a chip based card allotted to the user,means at the client end for registering the user and setting the password,encrypting means in said chip based card for encrypting the password,means at the server end for processing the password and storing the password in the form of tabular data,a logging in machine for the user to log in and send username to the server end,said server comprising means to generate a first set of numbers for use in decryption,said client and card comprising means to generate a second set of numbers for use in encryption,said card and server comprising means to encrypt and decrypt data,data transmitting means for transmitting encrypted text between the client and the server, andmeans at the server to verify the plain text.
- View Dependent Claims (28)
- - 28. A computer program product comprising computer readable program code means configured for configuring the system as claimed in claim 26, to optimize the performance and achieve the desired result.

27. A computer program product stored on a computer readable medium for secure authentication and data exchange in client server architecture, comprising computer readable program code means configured for:
- registering a user and creating a first tabular data using the user'"'"'s password for authentication of the user, at a server machine,deleting the password in its original form from the server,said server processing said first tabular data and generating a second tabular data to be sent to the client machine when said user logs in for a transaction at the client machine,said server initiating a communication session with the user using said second tabular data and generating a first set of numbers to be used for decryption by the server,encrypting and transferring said second tabular data to said user at the client machine,said client machine generating a second set of numbers to be used for encryption, using said second tabular data,said client encrypting the plain text using said second set of numbers, in a loop for a predetermined number of iterations,said client transmitting the encrypted data to the server,said server performing a decryption on the encrypted text using said first set of numbers,said server authenticating the user in the event correct plain text is generated, andsaid server completing the transaction.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Seemant Shankar Mathur
Original Assignee
Seemant Shankar Mathur
Inventors
Mathur, Seemant Shankar

Application Number

US11/795,416
Publication Number

US 20090235085A1
Time in Patent Office

Days
Field of Search
US Class Current

713/186
CPC Class Codes

G06F 21/31   User authentication

G06F 21/34   involving the use of extern...

G06F 21/445   by mutual authentication, e...

G06F 21/606   by securing the transmissio...

G06F 2221/2107   File encryption

G06F 2221/2117   User registration

G06F 2221/2129   Authenticate client device ...

G06Q 20/341   Active cards, i.e. cards in...

G06Q 20/40975   using encryption therefor

G07F 7/1008   Active credit-cards provide...

H04L 63/0428   wherein the data content is...

H04L 63/083   using passwords cryptograph...

H04L 63/0853   using an additional device,...

Method and System for Secure Authentication and Data Exchange in Client Server Architecture

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

Citations

28 Claims

Specification

Solutions

Use Cases

Quick Links

Method and System for Secure Authentication and Data Exchange in Client Server Architecture

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

28 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links