Method for providing mutual authentication of a user and a server on a network
First Claim
1. A mutual authentication method for use in authenticating a user operating a client workstation that is coupled to a file server workstation comprising a password file having a password known to the user, said method comprising the steps of:
- sending a logon ID from the client workstation to the server workstation;
retrieving the stored user password corresponding to time logon ID;
generating an encrypted password that comprises a random number that is encrypted by a symmetric encryption algorithm on the server workstation using the retrieved user password from the password file;
prompting the user to enter the password into the user workstation;
decrypting the encrypted password received from the server workstation using the entered password to retrieve the random number therefrom to authenticate the server workstation;
using the random number as an encryption and decryption key for communication between the client and server workstations;
transmitting an encrypted message using the random number from the client workstation to the server workstation; and
decrypting the encrypted message at the server workstation to authenticate the user.
2 Assignments
0 Petitions
Accused Products
Abstract
An authentication method that permits a user and a file serving workstation to mutually authenticate themselves. This is accomplished by exchanging a random number that is encrypted by a password that is known to the user and stored in a password file on the file serving workstation. A logon ID is sent from the client workstation to the server workstation. The stored user password corresponding to the user ID is retrieved from the password file. A random number is created that is encrypted by a symmetric encryption algorithm on the server workstation using the retrieved user password, and which provides an encrypted password. The user is then requested to enter the password into the user workstation. The entered password is used to decrypt the encrypted password received from the server workstation and retrieve the random number therefrom to authenticate the server workstation. The random number is then used as the encryption and decryption key for communication between the user and server workstations. An encrypted message is transmitted using the random number from the client workstation to the server workstation. The encrypted message is decrypted at the server workstation to authenticate the user.
-
Citations
1 Claim
-
1. A mutual authentication method for use in authenticating a user operating a client workstation that is coupled to a file server workstation comprising a password file having a password known to the user, said method comprising the steps of:
-
sending a logon ID from the client workstation to the server workstation; retrieving the stored user password corresponding to time logon ID; generating an encrypted password that comprises a random number that is encrypted by a symmetric encryption algorithm on the server workstation using the retrieved user password from the password file; prompting the user to enter the password into the user workstation; decrypting the encrypted password received from the server workstation using the entered password to retrieve the random number therefrom to authenticate the server workstation; using the random number as an encryption and decryption key for communication between the client and server workstations; transmitting an encrypted message using the random number from the client workstation to the server workstation; and decrypting the encrypted message at the server workstation to authenticate the user.
-
Specification