Method and apparatus for protecting the confidentiality of passwords in a distributed data processing system
First Claim
1. In a public key, distributed data processing network system including a plurality of nodes interconnected by a communications medium, an arrangement for authenticating a user to said network using a password and username entered during a login procedure, and comparing the information indicative of the password with information contained in a doubly-encrypted credential which is stored in a network database, said arrangement comprising:
- A. a user node which receives a password and a usemarne during login and computes first and a second hash totals from the password using a first and a second hash algorithm, respectively, and generates a nonce key, and encrypts said second hash total and said nonce key using a first public key to create an encrypted message;
B. a login agent node, comprisingB1. means for receiving and decrypting said encrypted message using a first private key to obtain said second hash total and said nonce key;
B2. means for receiving said d-ably-encrypted credential which contains (i) an encrypted credential formed by encrypting a user private key with a first stored hash total computed from the password, and (ii) a second stored hash total computed from the password, wherein said encrypted credential and said second stored hash total are appended and encrypted by said first public key to form the doubly encrypted credential;
B3. metres for decrypting said doubly-encrypted credential using said first private key to obtain said encrypted credential and said second stored hash total, for comparing said second stored hash total with said second hash total to determine if said password entered by the user is correct, for encrypting said encrypted credential with said nonce key when said second stored hash total and said second hash total match to create a return message, and for forwarding said return message to said user node; and
wherein said user node comprises means responsive to said return message, for decrypting said return message using said nonce key to obtain said encrypted credential, and for decrypting said encrypted credential with said first hash total to obtain said private key.
2 Assignments
0 Petitions
Accused Products
Abstract
Apparatus for protecting the confidentiality of a user'"'"'s password during a remote login authentication exchange between a user node and a directory service node of a distributed, public key cryptography system includes a specialized server application functioning as an intermediary agent for the login procedure. The login agent has responsibility for approving the user'"'"'s login attempt and distributing a private key to the user. However, the login agent is not trusted with the user'"'"'s password and is therefore a "semi-trusted" node. In another aspect of the invention, a login protocol enables remote authentication of the user password without transmitting the password over the network.
241 Citations
7 Claims
-
1. In a public key, distributed data processing network system including a plurality of nodes interconnected by a communications medium, an arrangement for authenticating a user to said network using a password and username entered during a login procedure, and comparing the information indicative of the password with information contained in a doubly-encrypted credential which is stored in a network database, said arrangement comprising:
-
A. a user node which receives a password and a usemarne during login and computes first and a second hash totals from the password using a first and a second hash algorithm, respectively, and generates a nonce key, and encrypts said second hash total and said nonce key using a first public key to create an encrypted message; B. a login agent node, comprising B1. means for receiving and decrypting said encrypted message using a first private key to obtain said second hash total and said nonce key; B2. means for receiving said d-ably-encrypted credential which contains (i) an encrypted credential formed by encrypting a user private key with a first stored hash total computed from the password, and (ii) a second stored hash total computed from the password, wherein said encrypted credential and said second stored hash total are appended and encrypted by said first public key to form the doubly encrypted credential; B3. metres for decrypting said doubly-encrypted credential using said first private key to obtain said encrypted credential and said second stored hash total, for comparing said second stored hash total with said second hash total to determine if said password entered by the user is correct, for encrypting said encrypted credential with said nonce key when said second stored hash total and said second hash total match to create a return message, and for forwarding said return message to said user node; and wherein said user node comprises means responsive to said return message, for decrypting said return message using said nonce key to obtain said encrypted credential, and for decrypting said encrypted credential with said first hash total to obtain said private key. - View Dependent Claims (2, 3)
-
-
4. In a public key, distributed data processing network system including a plurality of nodes interconnected by a communications medium, an arrangement for authenticating a user to said network using a password and usemarne entered during a login procedure, said arrangement comprising:
-
A. a user node which receives a password and a username during login and computes first and a second hash totals from the password using a first and a second hash algorithm, respectively, and generates a nonce key, and encrypts said second hash total and said nonce key using a first public key to create an encrypted message; B. a certificate storage server node which includes a database containing a plurality of doubly encrypted credentials each uniquely associated with a particular system user, wherein each of said doubly encrypted credentials contains (i) an encrypted credential formed by encrypting a user private key with a first stored hash total computed from the password, and (ii) a second stored hash total computed from the password, wherein said encrypted credential and said second stored hash total are appended and encrypted by said first public key to form said doubly encrypted credential; C. a login agent node, comprising C1. means for receiving and decrypting said encrypted message using a first private key to obtain said second hash total and said nonce key; C2. means for receiving said doubly-encrypted credential which is associated with the particular user attempting to login; C3. means, for decrypting said doubly-encrypted credential using said first private key to obtain said encrypted credential said said second stored hash total, for comparing said second stored hash total with said second hash total to determine if the password is correct, encrypting said encrypted credential with said nonce key when said second stored hash total and said second hash total are equal to create a return message and for forwarding said return message to said user node; and wherein said user node comprises means responsive to said return message, for decrypting said return message using said nonce key to obtain said encrypted credential, and for decrypting said encrypted credential with said first hash total to obtain said private key, to allow the user to participate in public key based authentication over the network. - View Dependent Claims (5)
-
-
6. In a public key, distributed data processing network system including a plurality of nodes interconnected by a communications medium, an arrangement for authenticating a user to said network using a password and usemarne entered during a login procedure, said arrangement comprising:
-
A. a user node which receives a password and a username during login and computes first and a second hash totals from the password using a first and a second hash algorithm, respectively, and generates a nonce key, and encrypts said second hash total and said nonce key using a first public key to create an encrypted message; B. a certificate storage server node which includes a database containing a plurality of doubly encrypted credentials each uniquely associated with a particular system user, wherein each of said doubly encrypted credential contains (i) an encrypted credential formed by encrypting a user private key with a first stored hash total computed from the password, and (ii) a second stored hash total computed from the password, wherein said encrypted credential and said second stored hash total are appended sad encrypted by said first public key to form said doubly encrypted credential; C. a login agent node which receives said encrypted message and said doubly-encrypted message, and decrypts said encrypted message using a first private key to obtain said second hash total and said nonce key, and decrypts said doubly-encrypted credential using said first private key to obtain said encrypted credential and said second stored hash total and compares said second stored hash total with said second hash total to determine if the user has entered the proper password, and the hashing totals are equal encrypting said encrypted credential with said nonce key to create a return, message which is forwarded to said user node; and wherein said user node comprises means responsive to said return message, for decrypting said return message using said nonce key to obtain said encrypted credential, and for decrypting said encrypted credential with said first hash total to obtain said private key, to allow the user to participate in public key based authentication over the network. - View Dependent Claims (7)
-
Specification