Challenge-response authentication and key exchange for a connectionless security protocol
First Claim
1. A method in a data processing system for a client protocol component and a server protocol component to facilitate secure communication according to a protocol that allows the server protocol component to release security state information that the client protocol component retains, the client protocol component and the server protocol component being interconnected by a network and communicating over the network, the method comprising:
- the client protocol component receiving a request for invoking a function of a server computer program from a client computer program, encrypting the request using a key and sending the encrypted request to a server computer via the network;
the server protocol component receiving the encrypted request;
when the server protocol component possesses the key, the server protocol component decrypting the encrypted request using the key; and
when the server protocol component lacks the key after selectively releasing security state information including the key, the server protocol component sending a challenge to the client protocol component;
the client protocol component receiving the challenge, encoding the challenge and the key, and sending the encoded challenge and the encoded key to the server protocol component; and
the server protocol component receiving the encoded challenge and the encoded key, decoding the encoded challenge and the encoded key, and decrypting the encrypted request using the decoded key.
2 Assignments
0 Petitions
Accused Products
Abstract
The disclosed system uses a challenge-response authentication protocol for datagram-based remote procedure calls. Using a challenge-response authentication protocol has many advantages over using a conventional authentication protocol. There are two primary components responsible for communication using the challenge-response protocol: a challenge-response protocol component on the client computer (client C-R component) and a challenge-response protocol component on the server computer (server C-R component). In order to start a session using the challenge-response protocol, the client C-R component first generates a session key. The session key is used by both the client C-R component and the server C-R component for encrypting and decrypting messages. After creating the session key, the client C-R component encrypts a message containing a request for a remote procedure call and sends it to the server C-R component. In response, the server C-R component sends a challenge to the client C-R component. The challenge contains a unique identifier generated by the server C-R component. The client C-R component responds to the challenge by sending a challenge response and the session key. The challenge response is the unique identifier contained within the challenge encrypted with the password of the user of the client computer. The session key is also encrypted using this password. Upon receiving the challenge response, the server C-R component uses its copy of the client'"'"'s password to create its own version of the challenge response and compares it to the version received from the client C-R component. If the two versions of the challenge response are identical, the identity of the user of the client computer has been verified. If the two versions are not identical, an attempted unauthorized access has been detected. After verification, the server C-R component extracts the session key, decrypts the message, and invokes the requested procedure of the server program. Subsequently, the server C-R component will send and receive encrypted messages from the client C-R component, thereby facilitating a remote procedure call.
225 Citations
28 Claims
-
1. A method in a data processing system for a client protocol component and a server protocol component to facilitate secure communication according to a protocol that allows the server protocol component to release security state information that the client protocol component retains, the client protocol component and the server protocol component being interconnected by a network and communicating over the network, the method comprising:
-
the client protocol component receiving a request for invoking a function of a server computer program from a client computer program, encrypting the request using a key and sending the encrypted request to a server computer via the network;
the server protocol component receiving the encrypted request;
when the server protocol component possesses the key, the server protocol component decrypting the encrypted request using the key; and
when the server protocol component lacks the key after selectively releasing security state information including the key, the server protocol component sending a challenge to the client protocol component;
the client protocol component receiving the challenge, encoding the challenge and the key, and sending the encoded challenge and the encoded key to the server protocol component; and
the server protocol component receiving the encoded challenge and the encoded key, decoding the encoded challenge and the encoded key, and decrypting the encrypted request using the decoded key. - View Dependent Claims (2, 3, 4, 5, 6, 7)
the client protocol component generating the key.
-
-
3. The method of claim 2 wherein the client computer has an operating system managing resources of the client computer and wherein the generating the key includes retrieving status information of the resources from the operating system and basing a value of the key on the retrieved status information.
-
4. The method of claim 1 wherein a user of the client computer has a password and wherein the client protocol component encoding the challenge includes encrypting the challenge using the password of the user as an encryption key.
-
5. The method of claim 4 wherein the server protocol component decoding includes decrypting the encoded challenge using the password of the client as a decryption key.
-
6. The method of claim 1 wherein the server protocol component decoding includes encrypting the challenge using a password of a user of the client computer as an encryption key and comparing the challenge encrypted by the server protocol component to the challenge encrypted by the client protocol component to verify an identity of the user.
-
7. The method of claim 1, further including:
-
the server protocol component discarding the decoded key; and
the data processing system repeating as necessary the acts for when the server protocol component lacks the key so that the server protocol component can re-obtain the discarded key.
-
-
8. A data processing system for communicating across a network that connects a client computer to a server computer, the data processing system comprising:
-
a server computer comprising;
a server computer program having a function for remote invocation, wherein the server computer program receives a request to invoke the function from a client computer;
a server challenge-response protocol component that receives an encrypted request to invoke the function, and that as necessary sends a unique identifier to the client computer to request a key so that the encrypted request can be decrypted and passed to the server computer program, wherein the server challenge-response protocol component sends the unique identifier if the server challenge-response protocol component lacks the key, the server challenge-response protocol component unilaterally discarding the key when the server challenge-response protocol component fails to receive any encrypted requests from the client computer within a pre-determined time duration; and
a server transport component for sending and receiving a plurality of packets over the network to facilitate the invocation of the function; and
the client computer comprising;
a client computer program for sending the request to remotely invoke the function of the server computer program;
a client challenge-response protocol component that receives and encrypts the request to remotely invoke the function, and that as necessary receives the unique identifier from the server challenge-response protocol component, encodes the unique identifier, and sends the encoded unique identifier to the server computer with the key; and
a client transport component for sending and receiving the plurality of packets over the network to facilitate the invocation of the function. - View Dependent Claims (9, 10)
-
-
11. A method in a data processing system for a client computer program on a client computer having a client protocol component to invoke a function of a server computer program on a server computer, the client computer and the server computer being interconnected by a network and communicating over the network, the method performed by the client protocol component comprising:
-
encrypting using a key a request from the client computer program to invoke the function of the server computer program;
sending the encrypted request to the server computer via the network, the client protocol component lacking reliable information as to whether a server authentication component on the server computer has the key;
when the server authentication component lacks the key after discarding the key, receiving a challenge from the server computer;
creating a response to the challenge by encoding the challenge and encoding the key; and
sending the response to the server computer so that the server computer can verify an identity of an originator of the request and so that the server computer can decrypt the encrypted request to invoke the function. - View Dependent Claims (12)
generating the key.
-
-
13. A method in a data processing system for a client computer program on a client computer to invoke a function of a server computer program on a server computer having a server authentication component, the client computer and the server computer being interconnected by a network and communicating over the network, the method performed by the server authentication component comprising:
-
receiving an encrypted request for an invocation of the function from the client computer, wherein the request is encrypted using a key;
checking by the server authentication component whether the server authentication component has the key, the server authentication component selectively discarding the key according to a connectionless security model, and if the server authentication component lacks the key,sending a challenge that requests the key to the client computer via the network;
receiving a response from the client computer containing an encoded challenge and an encoded key;
decoding the encoded key;
evaluating the encoded challenge to verify an identity of a user of the client computer; and
decrypting the encrypted request with the key. - View Dependent Claims (14)
-
-
15. A method in a data processing system for transmitting a message from a first computer system to a second computer system using an encryption key generated unilaterally by the first computer system, the first computer system and the second computer system being interconnected by a network and communicating over the network, the method comprising:
-
the first computer system generating a first encryption key to use in communicating with the second computer system;
the first computer system sending a message to the second computer system via the network, the message being encrypted with the first encryption key, wherein the first computer system sends the message whether or not the second computer system has the first encryption key according to a connectionless security protocol;
the second computer system receiving the message;
the second computer system decrypting the message with the first encryption key when possible to do so, otherwise, sending a unique identifier to the first computer system;
the first computer system receiving the unique identifier, encrypting the unique identifier using a password of the first computer system as a second encryption key, and sending the encrypted unique identifier with an encrypted version of the first encryption key to the second computer system;
the second computer system receiving the encrypted unique identifier, encrypting the unique identifier using the password of the first computer system, and comparing the encrypted unique identifier encrypted by the first computer system to the encrypted unique identifier encrypted by the second computer system to determine equivalence thereof, wherein when the encrypted unique identifier encrypted by the first computer system is equivalent to the encrypted unique identifier encrypted by the second computer system, the identity of the first computer system is verified; and
if the identity of the first computer system is verified, the second computer system decrypting the first encryption key and using the decrypted first encryption key to decrypt the message.
-
-
16. A computer-readable medium containing instructions for controlling a data processing system to perform a method, the method for a client computer program on a client computer having a client protocol component to invoke a function of a server computer program on a server computer having a server protocol component, the client computer and the server computer being interconnected by a network and communicating over the network, the method comprising:
-
the client protocol component receiving a request for invoking the function of the server computer program from the client computer program, encrypting the request using a key and sending the encrypted request to the server computer via the network;
the server protocol component receiving the encrypted request;
when the server protocol component possesses the key, the server protocol component decrypting the encrypted request using the key; and
when the server protocol component lacks the key after independently discarding the key to reduce server overhead, the server protocol component sending a challenge containing a unique identifier to the client protocol component;
the client protocol component receiving the challenge, encoding the challenge and the key, and sending the encoded challenge and the encoded key to the server protocol component; and
the server protocol component receiving the encoded challenge and the encoded key, decoding the encoded challenge and the encoded key, and decrypting the encrypted request using the decoded key. - View Dependent Claims (17, 18)
the client protocol component generating the key.
-
-
18. The computer-readable medium of claim 16 wherein the method further includes:
-
the server protocol component discarding the decoded key; and
the data processing system repeating as necessary the acts for when the server protocol component lacks the key so that the server protocol component can re-obtain the discarded key.
-
-
19. A computer-readable medium having stored thereon a data structure storing response data representing a response to a challenge, the challenge made by a first computer system to a second computer system and indicating a challenge value, the response data comprising:
-
a response value generated by encrypting the challenge value using a pre-determined key in the possession of the first and second computer systems; and
a session key for use in communications between the first and second computer systems, such that if the first computer system determines that the response value is proper in view of the challenge value, the first computer system uses the session key to communicate with the second computer system during a session according to a security model under which the first computer system selectively releases session security state information that the second computer system retains. - View Dependent Claims (20)
-
-
21. A computer-readable medium storing instructions for performing on a client a method of secure message communication for a session between the client and a server according to a connectionless security model, the method comprising:
-
encrypting a message with a session key;
sending the encrypted message to a server via the network, the client lacking reliable information as to whether a security component on the server has the session key;
when the security component lacks the session key after discarding the session key, receiving a challenge;
creating an encrypted version of the session key; and
sending the encrypted version of the session key to the server for decryption of the encrypted message after decryption of the encrypted version of the session key. - View Dependent Claims (22)
creating a challenge-response, wherein the challenge-response is the challenge encrypted with a user password retained by the client and the server, and wherein the encrypted version of the session key is encrypted based upon the user password; and
sending the challenge-response to the server for authentication.
-
-
23. A computer-readable medium storing instructions for performing on a server a method of secure message communication for a session between a client and the server, the method comprising:
-
receiving an encrypted message from a client, the message encrypted with a session key;
checking by a security component on the server whether the security component has the session key, the security component selectively discarding the session key, and if the security component lacks the session key, sending a challenge that requests the session key to the client;
receiving an encrypted version of the session key from the client;
decrypting the encrypted version of the session key; and
decrypting the encrypted message with the session key. - View Dependent Claims (24)
receiving a challenge-response from the client; and
evaluating the challenge-response for authentication, including encrypting the challenge to create a second challenge-response and comparing the second challenge-response to the first challenge-response.
-
-
25. A method in a computer system for securely transmitting messages between a client and a server, the client including a client-side security context, the server including a connectionless server-side security context, the client and the server communicating over a network, the method comprising:
-
establishing by a client a client-side security context;
encrypting by the client one or more messages with a key;
sending by the client the one or more encrypted messages to a server;
checking by the server whether the server has security state information including the key, a connectionless server-side security context on the server selectively releasing security state information that the client-side security context keeps;
as necessary when the server lacks security state information, authenticating the client and obtaining the key from the client;
decrypting the encrypted message with the key.
-
-
26. A server system for secure session message communication with one or more client systems, the system comprising:
-
a server network communication component that receives an encrypted message from a first client system over a network, the encrypted message encrypted with a session key;
a server security component that decrypts the encrypted message with the session key, as necessary performing authentication of the first client system and obtaining the session key, wherein the server security component selectively releases session security state information including the session key according to a connectionless security model; and
a server computer program that receives the decrypted message. - View Dependent Claims (27)
-
-
28. A client system for session message communication with a server system according to a connectionless security model, the system comprising:
-
a client computer program that generates a message for sending to a server computer program;
a client security component that encrypts the message with a session key for a session, the client security component as necessary providing the session key and authentication information to the server system, wherein the client security component retains security state information for the session that a server security component of the server system selectively releases, and wherein the client security component lacks reliable information as to whether the server security component currently has the security state information for the session;
a client network communication component that supports logically connectionless message transfer with the server system.
-
Specification