Bilateral authentication and information encryption token system and method
First Claim
1. A network system for secure exchange of information, which comprises:
- a token system having stored therein a token system ID, n answering system IDs, n static secrets, n dynamic secrets, a first many-to-few bit mapping program, and a second many-to-few bit mapping program, and having means for generating a pseudo-random message digest comprised of a first originating system password, a first answering system password, a session encryption key, and a change value by applying one of said n static secrets and one of said n dynamic secrets as inputs to said first many-to-few bit mapping program and applying results thereof as an input to said second many-to-few bit mapping program, for verifying authenticity of a first answering system ID by comparison with said n answering system IDs stored within said token system to gain a first match, and of a second answering system password by comparison with said first answering system password to gain a second match, and generating said pseudo-random message digest upon verification of authenticity of said first answering system ID, and altering said one of said n dynamic secrets with said change value upon verification of authenticity of said second answering system password;
an originating system in electrical communication with said token system and having stored therein an originating system ID, and said n answering system IDs, and having means for selecting said first answering system ID from said n answering system IDs and supplying said first answering system ID to said token system for a first authenticity verification, and upon receipt of said session encryption key from said token system, determining if a prior bilateral authentication has occurred, and if a prior bilateral authentication has not occurred, transmitting said token system ID and an access request, and if a prior bilateral authentication has occurred encrypting said token system ID with said session encryption key and transmitting an encrypted token system ID with said access request, receiving a second answering system ID, and if a prior bilateral authentication has not occurred verifying authenticity of said second answering system ID by comparing said second answering system ID with said first answering system ID, and if a prior bilateral authentication has occurred, receiving and decrypting an encrypted second answering system ID with said session encryption key to provide said second answering system ID for comparison with said first answering system ID, and upon an occurrence of a match transmitting an acknowledgment of authenticity, and upon receipt of an encrypted second answering system password, decrypting said encrypted second answering system password with said session encryption key and providing said second answering system password to said token system to compare with said first answering system password to gain said second match, and upon receiving an acknowledgment of authenticity of said second answering system password from said token system, encrypting said originating system password and said originating system ID to generate respectively an encrypted first originating system password and an encrypted originating system ID, and upon receiving an acknowledgment of authenticity of said first originating system password and an acknowledgment of authenticity of said token system and said originating system as an authorized pair, encrypting information with said session encryption key for transfer over said network system during a system connection;
communication link means in electrical communication with said originating system for accommodating information transfers over said network system; and
an answering system in electrical communication with said communication link means and having stored therein n originating system IDs, n token system IDs, said second answering system ID, said n static secrets, said n dynamic secrets, said first many-to-few bit mapping program, said second many-to-few bit mapping program, and said means for generating said pseudo-random message digest comprised of a second originating system password, said second answering system password, said session encryption key, and said change value by applying said one of said n static secrets and said one of said n dynamic secrets as inputs to said first many-to-few bit mapping program and analyzing results thereof as an input to said second many-to-few bit mapping program, for receiving from said originating system by way of said communication link means said token system ID if a prior bilateral authentication of said token system ID has not occurred in said originating system, receiving said encrypted token system ID from said originating system by way of said communication link means if a prior bilateral authentication of said token system ID has occurred, decrypting said encrypted token system ID with said session encryption key upon receipt from said originating system over said communication link means, and upon verifying authenticity of said token system ID by comparing with said n token system IDs, determining if a prior bilateral authentication has occurred, and if a prior bilateral authentication has not occurred transmitting said second answering system ID to said originating system by way of said communication link means, and if a prior bilateral authentication has occurred encrypting said second answering system ID with said session encryption key to provide said encrypted second answering system ID over said communication link means to said originating system, and upon receiving an acknowledgment of verification of authenticity of said second answering system ID from said originating system over said communication link means, generating said pseudo-random message digest and encrypting said second answering system password with said session encryption key to send said second encrypted answering system password over said communication link means to said originating system, and upon receipt of said encrypted first originating system password and said encrypted originating system ID, decrypting said encrypted first originating system password and said encrypted originating system ID with said session encryption key to verify authenticity of said first originating system password by comparing said first originating system password with said second originating system password, and verifying authenticity of use of said token system with said originating system by comparing said originating system ID with said n originating system IDs to gain a match, and upon verification of authenticity of said first originating system password, and upon verification of authenticity of said token system and said originating system as an authorized pair, issuing an acknowledgment of authenticity over said communication link means to said originating system, and thereafter decrypting said information with said session encryption key for further use.
3 Assignments
0 Petitions
Accused Products
Abstract
An authentication and information encryption system and method which uses a token system for increased security in accommodating bilateral encrypted communications between an originating system and an answering system, with each system without synchronization independently generating a message digest through use of an encryption key generator which employs bit-shuffling, many-to-few bit mapping, and secure hash processing to forestall attempts to discover the secret inputs to the generator, or the system password, encryption key, or change value outputs extracted from the message digest, through cryptographic analysis or brute force trial-and-error attacks, and with each system using the passwords, encryption key and change value during only a single system connection before using the change value to update one of the secret inputs to the key generator to provide new password, encryption key and change value parameters having no predictable relationship to their previous counterparts, and with each system accommodating plural authentication cycles to verify the originating system, the answering system, the token system, and the pairing of the token system with either the originating system, the answering system, or both, all without public exposure of the secret inputs, encryption key or change value. Further, a deterministic, non-predictable, pseudo-random, and symmetric encryption key is generated, used during only a single system connection, and then destroyed. Thus, the need for key directories is obviated. Lastly, the token system ID, the originating system ID, and the answering system ID may be altered by a component of the message digest upon completion of a system connection to significantly reduce the risk of playback impersonations.
184 Citations
46 Claims
-
1. A network system for secure exchange of information, which comprises:
-
a token system having stored therein a token system ID, n answering system IDs, n static secrets, n dynamic secrets, a first many-to-few bit mapping program, and a second many-to-few bit mapping program, and having means for generating a pseudo-random message digest comprised of a first originating system password, a first answering system password, a session encryption key, and a change value by applying one of said n static secrets and one of said n dynamic secrets as inputs to said first many-to-few bit mapping program and applying results thereof as an input to said second many-to-few bit mapping program, for verifying authenticity of a first answering system ID by comparison with said n answering system IDs stored within said token system to gain a first match, and of a second answering system password by comparison with said first answering system password to gain a second match, and generating said pseudo-random message digest upon verification of authenticity of said first answering system ID, and altering said one of said n dynamic secrets with said change value upon verification of authenticity of said second answering system password; an originating system in electrical communication with said token system and having stored therein an originating system ID, and said n answering system IDs, and having means for selecting said first answering system ID from said n answering system IDs and supplying said first answering system ID to said token system for a first authenticity verification, and upon receipt of said session encryption key from said token system, determining if a prior bilateral authentication has occurred, and if a prior bilateral authentication has not occurred, transmitting said token system ID and an access request, and if a prior bilateral authentication has occurred encrypting said token system ID with said session encryption key and transmitting an encrypted token system ID with said access request, receiving a second answering system ID, and if a prior bilateral authentication has not occurred verifying authenticity of said second answering system ID by comparing said second answering system ID with said first answering system ID, and if a prior bilateral authentication has occurred, receiving and decrypting an encrypted second answering system ID with said session encryption key to provide said second answering system ID for comparison with said first answering system ID, and upon an occurrence of a match transmitting an acknowledgment of authenticity, and upon receipt of an encrypted second answering system password, decrypting said encrypted second answering system password with said session encryption key and providing said second answering system password to said token system to compare with said first answering system password to gain said second match, and upon receiving an acknowledgment of authenticity of said second answering system password from said token system, encrypting said originating system password and said originating system ID to generate respectively an encrypted first originating system password and an encrypted originating system ID, and upon receiving an acknowledgment of authenticity of said first originating system password and an acknowledgment of authenticity of said token system and said originating system as an authorized pair, encrypting information with said session encryption key for transfer over said network system during a system connection; communication link means in electrical communication with said originating system for accommodating information transfers over said network system; and an answering system in electrical communication with said communication link means and having stored therein n originating system IDs, n token system IDs, said second answering system ID, said n static secrets, said n dynamic secrets, said first many-to-few bit mapping program, said second many-to-few bit mapping program, and said means for generating said pseudo-random message digest comprised of a second originating system password, said second answering system password, said session encryption key, and said change value by applying said one of said n static secrets and said one of said n dynamic secrets as inputs to said first many-to-few bit mapping program and analyzing results thereof as an input to said second many-to-few bit mapping program, for receiving from said originating system by way of said communication link means said token system ID if a prior bilateral authentication of said token system ID has not occurred in said originating system, receiving said encrypted token system ID from said originating system by way of said communication link means if a prior bilateral authentication of said token system ID has occurred, decrypting said encrypted token system ID with said session encryption key upon receipt from said originating system over said communication link means, and upon verifying authenticity of said token system ID by comparing with said n token system IDs, determining if a prior bilateral authentication has occurred, and if a prior bilateral authentication has not occurred transmitting said second answering system ID to said originating system by way of said communication link means, and if a prior bilateral authentication has occurred encrypting said second answering system ID with said session encryption key to provide said encrypted second answering system ID over said communication link means to said originating system, and upon receiving an acknowledgment of verification of authenticity of said second answering system ID from said originating system over said communication link means, generating said pseudo-random message digest and encrypting said second answering system password with said session encryption key to send said second encrypted answering system password over said communication link means to said originating system, and upon receipt of said encrypted first originating system password and said encrypted originating system ID, decrypting said encrypted first originating system password and said encrypted originating system ID with said session encryption key to verify authenticity of said first originating system password by comparing said first originating system password with said second originating system password, and verifying authenticity of use of said token system with said originating system by comparing said originating system ID with said n originating system IDs to gain a match, and upon verification of authenticity of said first originating system password, and upon verification of authenticity of said token system and said originating system as an authorized pair, issuing an acknowledgment of authenticity over said communication link means to said originating system, and thereafter decrypting said information with said session encryption key for further use. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. A method for bilateral authentication of an originating system in electrical communication with a token system, and an answering system in electrical communication with said originating system by way of a communication link, which comprises the steps of:
-
storing a token system ID, n answering system IDs, n static secrets, and n dynamic secrets in said token system; storing an originating system ID and said n answering system IDs in said originating system, and storing a first answering system ID, n originating system IDs, n token system IDs, said n static secrets, and said n dynamic secrets in said answering system; said token system receiving a second answering system ID from said originating system and verifying authenticity of said second answering system ID by comparing said second answering system ID with said n answering system IDs stored within said token system to gain a first match; bilaterally authenticating said token system and said answering system by said token system transmitting said token system ID to said originating system, and said originating system transmitting said token system ID by way of said communication link to said answering system, said answering system verifying authenticity of said token system ID by comparing said token system ID with said n token system IDs to gain a second match, and said answering system transmitting said first answering system ID by way of said communication link to said originating system, said originating system verifying authenticity of said first answering system ID by comparing said first answering system ID with said second answering system ID to gain a third match; said answering system and said token system independently combining one of said n static secrets and one of said n dynamic secrets by way of a bit-shuffling operation to produce a first pseudo random result; said token system and said answering system independently applying a many-to-few bit mapping to said first pseudo random result to produce a second pseudo random result; said token system and said answering system independently extracting an originating system password, an answering system password, an encryption key, and a change value from said second pseudo-random result; bilaterally authenticating said originating system and said answering system by said originating system receiving said originating system password from said token system and encrypting said originating system ID and said originating system password with said encryption key to produce respectively an encrypted originating system ID and an encrypted originating system password, said answering system encrypting said answering system password with said encryption key to produce an encrypted answering system password, and said answering system transmitting said encrypted answering system password to said originating system by way of said communication link, said originating system decrypting said encrypted answering system password with said encryption key to produce a second answering system password, and transmitting said second answering system password to said token system, said token system verifying authenticity of said second answering system password by comparing said second answering system password with said answering system password produced by said token system to gain a fourth match, and said originating system transmitting said encrypted originating system ID and said encrypted originating system password by way of said communication link to said answering system, said answering system decrypting said encrypted originating system ID and said encrypted originating system password with said encryption key to produce respectively said originating system ID and a second originating system password, said answering system verifying authenticity of said originating system ID by comparing with said n originating system IDs to gain a fifth match and verifying authenticity of said second originating system password by comparing with said originating system password produced by said answering system to gain a sixth match; said token system and said answering system independently altering said one of said n dynamic secrets upon successful completion of both of above bilaterally authenticating steps; said answering system and said originating system exchanging information encrypted with said encryption key over said communication link to complete a task; and repeating all of above steps in event a new system connection between said originating system and said answering system is made. - View Dependent Claims (21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36)
-
-
37. A method of authenticating an originating system, a token system, and an answering system, and protecting information to be exchanged over a communication link, with said token system and said answering system having a static secret and a dynamic secret, and said token system in communication with said originating system, and said originating system and said answering system in communication by way of said communication link, which comprises the steps of:
-
said originating system transmitting a token activation code to said token system; said token system verifying said token activation code; said token system transmitting a token system ID to said originating system; said originating system transmitting a begin authentication command and a first answering system ID to said token system; said token system verifying authenticity of said first answering system ID; said token system transmitting a session encryption key to said originating system; transmitting an access request and said token system ID from said originating system to said answering system; verifying authenticity of said token system ID at said answering system; transmitting a second answering system ID from said answering system to said originating system; verifying authenticity of said second answering system ID by said originating system; said originating system transmitting an acknowledgment of verification of said second answering system ID to said answering system; said token system and said answering system independently combining said static secret and said dynamic secret with a first function to shuffle all bits in said static secret and said dynamic secret and perform a first many-to-few bit mapping to produce a first pseudo-random result; said token system and said answering system independently hashing said first pseudo-random result with a secure hash algorithm (SHA) to perform a second many-to-few bit mapping to produce a second pseudo-random result; said token system and said answering system independently extracting an originating system password, an answering system password, an encryption key, and a change value from said second pseudo-random result; encrypting said answering system password with said encryption key by said answering system to generate a first encrypted password; transmitting said first encrypted password by said answering system to said originating system; receiving said encryption key from said token system and decrypting said first encrypted password with said encryption key by said originating system to produce a second answering system password; transmitting said second answering system password to said token system by said originating system; verifying authenticity of said second answering system password by said token system; said originating system receiving said originating system password from said token system and encrypting said originating system ID and said originating system password with said encryption key by said originating system to generate respectively an encrypted originating system ID and a second encrypted password; transmitting said encrypted originating system ID and said second encrypted password to said answering system by said originating system; decrypting said encrypted originating system ID and said second encrypted password with said encryption key to produce respectively said originating system ID and a second originating system password and verifying authenticity of said originating system ID and said second originating system password by said answering system, thereby verifying combination of said token system and said originating system as an authorized pair; transmitting an access granted signal by said answering system to said originating system; said token system and said answering system independently altering said dynamic secret with said change value to produce a second dynamic secret; said originating system encrypting information to be sent by said originating system to said answering system, and decrypting information received by said originating system from said answering system until all sessions of a system connection between said originating system and said answering system are completed; said answering system encrypting information to be sent by said answering system to said originating system, and decrypting information received by said answering system from said originating system until all sessions of a system connection between said originating system and said answering system are completed; and repeating all of the above steps in event a new system connection between said originating system and said answering system is made. - View Dependent Claims (38, 39, 40, 41)
-
-
42. A method of securing information exchanged over a communication link between an answering system, and an originating system in electrical communication with a token system, which comprises the steps of:
-
said token system verifying authenticity of a first answering system ID received from said originating system, said originating system verifying authenticity of a second answering system ID received from said answering system by way of said communication link, and said answering system verifying authenticity of a token system ID received from said token system by way of said originating system and said communication link; said token system and said answering system independently creating a pseudo-random message digest, and independently extracting from said pseudo-random message digest an encryption key, an originating system password, an answering system password, and a change value; said originating system receiving an encrypted answering system password from said answering system by way of said communication link, and said encryption key and said originating system password from said token system, using said encryption key to decrypt said encrypted answering system password to produce a second answering system password which is provided to said token system, and to encrypt an originating system ID and said originating system password to provide respectively an encrypted originating system ID and an encrypted originating system password that are sent by way of said communication link to said answering system; said token system verifying authenticity of said second answering system password; said answering system receiving said encrypted originating system ID and said encrypted originating system password from said originating system by way of said communication link, using said encryption key to decrypt said encrypted originating system ID and said encrypted originating system password to produce respectively said originating system ID and a second originating system password, and to encrypt said answering system password created by said answering system to produce said encrypted answering system password, and verifying authenticity of said originating system ID, said second originating system password, and use of said token system in combination with said originating system; and said answering system and said originating system using said encryption key to encrypt and decrypt said information exchanged over said communication link. - View Dependent Claims (43, 44, 45, 46)
-
Specification