System and method for generating and authenticating a computer password
First Claim
1. In a network access device, an apparatus for constructing and transmitting a network password utilized by an authentication device to authenticate the network access device, said apparatus comprising:
- means for receiving from a user, a plurality of predefined characters forming a user password;
a memory for storing a plurality of time intervals in a predefined sequence;
a network password generator comprising;
packet forming means for placing the received characters of the user password in different ones of a plurality of data packets; and
timing means for delaying transmission of each data packet by a time interval retrieved from the memory without regard to any timing characteristics with which the characters were received from the user; and
means for transmitting the network password to the authentication device with the data packets separated by the time interval retrieved from the memory, wherein the network password comprises both the plurality of predefined characters and the retrieved time interval, which separates the data packets.
1 Assignment
0 Petitions
Accused Products
Abstract
A system and method for generating and authenticating a password to protect a computer system from unauthorized access. The characters of the password are placed in data packets by an access device. Prior to sending the packets, the device inserts predefined time intervals between each of the data packets. The value of the time intervals is retrieved from a sequence of time intervals that is shared between the access device and an authentication device. The authentication device determines whether the received set of password characters matches a stored set of password characters, measures the time intervals between the packets, and determines whether the measured time intervals match the predefined time intervals. The authentication device positively authenticates the access device only if both the characters and the time intervals match. Periodically, different time intervals from the sequence are inserted to change the password.
39 Citations
13 Claims
-
1. In a network access device, an apparatus for constructing and transmitting a network password utilized by an authentication device to authenticate the network access device, said apparatus comprising:
-
means for receiving from a user, a plurality of predefined characters forming a user password; a memory for storing a plurality of time intervals in a predefined sequence; a network password generator comprising; packet forming means for placing the received characters of the user password in different ones of a plurality of data packets; and timing means for delaying transmission of each data packet by a time interval retrieved from the memory without regard to any timing characteristics with which the characters were received from the user; and means for transmitting the network password to the authentication device with the data packets separated by the time interval retrieved from the memory, wherein the network password comprises both the plurality of predefined characters and the retrieved time interval, which separates the data packets. - View Dependent Claims (2, 3, 4)
-
-
5. A method of authenticating a user device by an authentication device, said method comprising the steps of:
-
sending from the authentication device to the user device, information regarding time intervals to be inserted by the user device between each pair of data packets forming a password, wherein the time intervals have no relationship to timing characteristics with which password characters were input to the user device by a user; receiving by the authentication device, a password sent from the user device, said password comprising a plurality of data packets that transport a set of password characters, wherein each data packet is separated from an adjacent data packet by a time interval retrieved from a first memory in the user device in accordance with the information sent by the authentication device; determining by the authentication device, whether the received set of password characters matches a stored set of password characters; comparing the time intervals separating the data packets with predefined time intervals retrieved from a second memory in the authentication device; and positively authenticating the user device only if the received set of password characters matches the stored set of password characters, and the time intervals separating the data packets match the retrieved predefined time intervals. - View Dependent Claims (6, 7, 8)
-
-
9. A system for protecting a network against unauthorized access, said system comprising:
-
an access device for constructing and transmitting a network password through the network; and an authentication server connected to the network for receiving the network password and authenticating the access device utilizing the network password; wherein the access device comprises; means for receiving from a user, a plurality of predefined characters forming a user password; a lookup table for determining at least one time interval based on information received by the access device from the authentication server, wherein the at least one time interval is determined without regard to any timing characteristics with which the characters were received from the user; a network password generator comprising; packet forming means for placing the received characters of the user password in different ones of a plurality of data packets; and timing means for delaying transmission of each data packet by the at least one time interval determined by the lookup table; and means for transmitting the network password to the authentication server with the data packets separated by the at least one time interval determined by the lookup table, wherein the network password comprises both the plurality of predefined characters and the determined time interval, which separates the data packets; and wherein the authentication server comprises; means for receiving the network password sent from the access device; means for determining whether the received set of password characters matches a stored set of password characters; means for comparing the at least one time interval separating the data packets with at least one predefined time interval retrieved from a memory; means for positively authenticating the user device only if the received set of password characters matches the stored set of password characters, and the at least one time interval separating the data packets matches the at least one retrieved predefined time interval; and means for sending information regarding the time intervals to the access device, wherein the information is utilized by the access device to determine the at least one time interval to be used for constructing a new network password. - View Dependent Claims (10, 11, 12, 13)
-
Specification