Method and apparatus for protecting the confidentiality of passwords in a distributed data processing system
First Claim
1. In a public key, distributed data processing network system including a plurality of nodes interconnected by a communications medium, said nodes including a login agent (LA) node, a user node and a central certificate storage (CSS) node, a method for authenticating a user to said network using a password and username entered during a login procedure, said method also protecting the confidentiality of said password used to acquire a private key of said user to enable access to said nodes, said method comprising the steps of:
- computing a first and a second hash total from said password at said user node using a first and a second hash algorithm, respectively, and generating a nonce key at said user node;
encrypting, at said user node, said second hash total and said nonce key using a public key of said LA node to create an encrypted message, and forwarding said encrypted message from said user node to said LA node;
decrypting said encrypted message at said LA node using a private key of said LA node to obtain said second hash total and said nonce key;
acquiring, at said LA node, a doubly-encrypted credential from said CSS node, said doubly-encrypted credential comprising a credential of said user private key encrypted with a first stored hash total computed from said password to form an encrypted credential, said encrypted credential being appended to a second stored hash total computed from said password and thereafter encrypted under said public key of said LA node;
decrypting said doubly-encrypted credential at said LA node to obtain said encrypted credential and said second stored hash total, and further comparing said second stored hash total with said second hash total at said LA node;
encrypting said encrypted user private key with said nonce key at said LA node when said hash totals match to create a return message, and forwarding said return message from said LA node to said user node;
decrypting said return message at said user node using said nonce key to obtain said private key encrypted with said stored first hash number, and further decrypting, at said user node, said private key encrypted with said stored first hash number with said first hash number to obtain said private key, thereby protecting the confidentiality of said password during said login procedure.
4 Assignments
0 Petitions
Accused Products
Abstract
Apparatus for protecting the confidentiality of a user'"'"'s password during a remote login authentication exchange between a user node and a directory service node of a distributed, public key cryptography system includes a specialized server application functioning as an intermediary agent for the login procedure. The login agent has responsibility for approving the user'"'"'s login attempt and distributing a private key to the user. However, the login agent is not trusted with the user'"'"'s password and is therefore a "semi-trusted" node. In another aspect of the invention, a login protocol enables remote authentication of the user password without transmitting the password over the network.
-
Citations
13 Claims
-
1. In a public key, distributed data processing network system including a plurality of nodes interconnected by a communications medium, said nodes including a login agent (LA) node, a user node and a central certificate storage (CSS) node, a method for authenticating a user to said network using a password and username entered during a login procedure, said method also protecting the confidentiality of said password used to acquire a private key of said user to enable access to said nodes, said method comprising the steps of:
-
computing a first and a second hash total from said password at said user node using a first and a second hash algorithm, respectively, and generating a nonce key at said user node; encrypting, at said user node, said second hash total and said nonce key using a public key of said LA node to create an encrypted message, and forwarding said encrypted message from said user node to said LA node; decrypting said encrypted message at said LA node using a private key of said LA node to obtain said second hash total and said nonce key; acquiring, at said LA node, a doubly-encrypted credential from said CSS node, said doubly-encrypted credential comprising a credential of said user private key encrypted with a first stored hash total computed from said password to form an encrypted credential, said encrypted credential being appended to a second stored hash total computed from said password and thereafter encrypted under said public key of said LA node; decrypting said doubly-encrypted credential at said LA node to obtain said encrypted credential and said second stored hash total, and further comparing said second stored hash total with said second hash total at said LA node; encrypting said encrypted user private key with said nonce key at said LA node when said hash totals match to create a return message, and forwarding said return message from said LA node to said user node; decrypting said return message at said user node using said nonce key to obtain said private key encrypted with said stored first hash number, and further decrypting, at said user node, said private key encrypted with said stored first hash number with said first hash number to obtain said private key, thereby protecting the confidentiality of said password during said login procedure. - View Dependent Claims (2, 3)
-
-
4. In a public key, distributed data processing network system including a plurality of nodes interconnected by a communications medium, said nodes including a login agent (LA) node, a user node and a central certificate storage (CSS) node, an arrangement for authenticating a user to said network using a password and username entered during a login procedure, said arrangement also protecting the confidentiality of said password used to acquire a private key of said user to enable access to said nodes, said arrangement comprising:
-
user node computing means for computing a first and a second hash total from said password using a first and a second hash algorithm, respectively, and user node generating means for generating a nonce key; user node encrypting means for encrypting said second hash total and said nonce key using a public key of said LA node to create an encrypted message, and user node forwarding means for forwarding said encrypted message to said LA node; LA node decrypting means for decrypting said encrypted message using a private key of said LA node to obtain said second hash total and said nonce key; LA node acquiring means for acquiring a doubly-encrypted credential comprising a credential of said user private key encrypted with a first stored hash total computed from said password to form an encrypted credential, said encrypted credential being appended to a second stored hash total computed from said password and thereafter encrypted under said public key of said LA node; said LA node decrypting means for decrypting said doubly-encrypted credential to obtain said encrypted credential and said second stored hash total, and LA node comparing means for comparing said second stored hash total with said second hash total; LA node encrypting means for encrypting said encrypted user private key with said nonce key when said hash totals match to create a return message, and LA node forwarding means for forwarding said return message to said user node; user node decrypting means for decrypting said return message using said nonce key to obtain said private key encrypted with said stored first hash number, said user node decrytping means further decrypting said private key encrypted with said stored first hash number with said first hash number to obtain said private key, thereby protecting the confidentiality of said password during said login procedure. - View Dependent Claims (5, 6, 7, 8, 9, 10, 11, 12, 13)
-
Specification