Method and system for secure authentication of a user by a host system
First Claim
1. A method for allowing a user to securely log on to a host system via an electronic interface, comprising:
- receiving, using a web server computer having a processor and memory, a request from the user at a user'"'"'s computing device having a processor and memory and with a browser to access a website via the web server computer;
sending, using the web server computer, an encryption applet, a replay prevention ID, and a public key of a public/private key pair, the private key for which is known by a tamper-proof physical hardware security module of an application server computer having a processor and memory, to the browser of the user'"'"'s computing device;
receiving, using the user'"'"'s computing device, entry of the user'"'"'s credentials into the encryption applet;
encrypting, using the user'"'"'s computing device, the user'"'"'s credentials with a symmetric key and encrypting, using the user'"'"'s computing device, the symmetric key and replay prevention ID with the public key of the public/private key pair by the encryption applet;
sending, using the user'"'"'s computing device, the symmetric key-encrypted user'"'"'s credentials and public key-encrypted symmetric key and replay prevention ID via the web server computer to the application server computer from the browser of the user'"'"'s computing device by the encryption applet without decrypting the symmetric key-encrypted user'"'"'s credentials and public key-encrypted symmetric key and replay prevention ID at the web server computer and passing, using the user'"'"'s computing device via the web server computer, the symmetric key-encrypted user'"'"'s credentials and public key-encrypted symmetric key and replay prevention ID into the tamper-proof physical hardware security module of the application server computer;
decrypting, using the application server computer, internally within the tamper-proof physical hardware security module of the application server computer the public key-encrypted symmetric key and replay prevention ID with the private key of the public/private key pair known by the tamper-proof physical hardware security module of the application server computer and decrypting, using the application server computer, internally within the tamper-proof physical hardware security module of the application server computer the symmetric key-encrypted user'"'"'s credentials with the decrypted symmetric key;
re-encrypting, using the application server computer, internally within the tamper-proof physical hardware security module of the application server computer the decrypted user'"'"'s credentials with a new symmetric key known to an authentication server computer having a processor and memory and passing, using the application server computer, the re-encrypted user'"'"'s credentials and decrypted replay prevention ID out of the tamper-proof physical hardware security module of the application server computer;
comparing, using the application server computer, the decrypted replay prevention ID with a clear-text version of the replay prevention ID retained by the application server computer, and if the decrypted replay prevention ID and the retained version are identical, sending, using the application server computer, the re-encrypted user'"'"'s credentials to the authentication server computer for verification; and
decrypting, using the authentication server computer, the re-encrypted user'"'"'s credentials with the new symmetric key known to the authentication server computer, checking, using the authentication server computer, the decrypted user'"'"'s credentials for veracity, and if verified, allowing, using the authentication server computer, the user'"'"'s logon.
3 Assignments
0 Petitions
Accused Products
Abstract
A method and system for securely logging onto a banking system authentication server so that a user credential never appears in the clear during interaction with the system in which during a log on process, an encryption applet and the public key of a public/private key pair of a banking application server, the private key for which is known by a hardware security module (HSM) of the banking application, are downloaded by a user'"'"'s browser. The applet contains code for generating a DES key and performing DES and PKI encryption. A user'"'"'s credential is DES encrypted, and the DES key is PKI encrypted with the public key of the application server by the applet before being transmitted to the application server. Within the HSM of the application server, the HSM decrypts and re-encrypts the credential under a new DES key known to the authentication server, the re-encrypted credential is forwarded to the authentication server, decrypted with the new DES key known to the authentication server, and verified by the authentication server.
90 Citations
16 Claims
-
1. A method for allowing a user to securely log on to a host system via an electronic interface, comprising:
-
receiving, using a web server computer having a processor and memory, a request from the user at a user'"'"'s computing device having a processor and memory and with a browser to access a website via the web server computer; sending, using the web server computer, an encryption applet, a replay prevention ID, and a public key of a public/private key pair, the private key for which is known by a tamper-proof physical hardware security module of an application server computer having a processor and memory, to the browser of the user'"'"'s computing device; receiving, using the user'"'"'s computing device, entry of the user'"'"'s credentials into the encryption applet; encrypting, using the user'"'"'s computing device, the user'"'"'s credentials with a symmetric key and encrypting, using the user'"'"'s computing device, the symmetric key and replay prevention ID with the public key of the public/private key pair by the encryption applet; sending, using the user'"'"'s computing device, the symmetric key-encrypted user'"'"'s credentials and public key-encrypted symmetric key and replay prevention ID via the web server computer to the application server computer from the browser of the user'"'"'s computing device by the encryption applet without decrypting the symmetric key-encrypted user'"'"'s credentials and public key-encrypted symmetric key and replay prevention ID at the web server computer and passing, using the user'"'"'s computing device via the web server computer, the symmetric key-encrypted user'"'"'s credentials and public key-encrypted symmetric key and replay prevention ID into the tamper-proof physical hardware security module of the application server computer; decrypting, using the application server computer, internally within the tamper-proof physical hardware security module of the application server computer the public key-encrypted symmetric key and replay prevention ID with the private key of the public/private key pair known by the tamper-proof physical hardware security module of the application server computer and decrypting, using the application server computer, internally within the tamper-proof physical hardware security module of the application server computer the symmetric key-encrypted user'"'"'s credentials with the decrypted symmetric key; re-encrypting, using the application server computer, internally within the tamper-proof physical hardware security module of the application server computer the decrypted user'"'"'s credentials with a new symmetric key known to an authentication server computer having a processor and memory and passing, using the application server computer, the re-encrypted user'"'"'s credentials and decrypted replay prevention ID out of the tamper-proof physical hardware security module of the application server computer; comparing, using the application server computer, the decrypted replay prevention ID with a clear-text version of the replay prevention ID retained by the application server computer, and if the decrypted replay prevention ID and the retained version are identical, sending, using the application server computer, the re-encrypted user'"'"'s credentials to the authentication server computer for verification; and decrypting, using the authentication server computer, the re-encrypted user'"'"'s credentials with the new symmetric key known to the authentication server computer, checking, using the authentication server computer, the decrypted user'"'"'s credentials for veracity, and if verified, allowing, using the authentication server computer, the user'"'"'s logon. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A system for allowing a user to securely log on to a host system via an electronic interface, comprising:
-
a web server computer having a processor and memory, the web server computer processor being programmed for; receiving a request from the user at a user'"'"'s computing device having a processor and memory and with a browser to access a website via a the web server computer; and sending an encryption applet, a replay prevention ID, and a public key of a public/private key pair, the private key for which is known by a tamper-proof physical hardware security module of an application server computer having a processor and memory, to the browser of the user'"'"'s computing device; the user'"'"'s computing device processor being programmed for; receiving entry of the user'"'"'s credentials into the encryption applet; encrypting the user'"'"'s credentials with a symmetric key and encrypting the symmetric key and replay prevention ID with the public key of the public/private key pair by the encryption applet; and sending the symmetric key-encrypted user'"'"'s credentials and public key-encrypted symmetric key and replay prevention ID via the web server computer to the application server computer from the browser of the user'"'"'s computing device by the encryption applet without decrypting the symmetric key-encrypted user'"'"'s credentials and public key-encrypted symmetric key and replay prevention ID at the web server computer and passing the symmetric key-encrypted user'"'"'s credentials and public key-encrypted symmetric key and replay prevention ID into the tamper-proof physical hardware security module of the application server computer; the application server computer processor being programmed for; decrypting internally within the tamper-proof physical hardware security module of the application server computer the public key-encrypted symmetric key and replay prevention ID with the private key of the public/private key pair known by the tamper-proof physical hardware security module of the application server computer and decrypting internally within the tamper-proof physical hardware security module of the application server computer the symmetric key-encrypted user'"'"'s credentials with the decrypted symmetric key; re-encrypting internally within the tamper-proof physical hardware security module of the application server computer the decrypted user'"'"'s credentials with a new symmetric key known to an authentication server computer having a processor and memory and for passing the re-encrypted user'"'"'s credentials and decrypted replay prevention ID out of the tamper-proof physical hardware security module of the application server computer; comparing the decrypted replay prevention ID with a clear-text version of the replay prevention ID retained by the application server computer, and if the decrypted replay prevention ID and the retained version are identical, for sending the re-encrypted user'"'"'s credentials to the authentication server computer for verification; and the authentication server computer processor being programmed for; decrypting the re-encrypted user'"'"'s credentials with the new symmetric key known to the authentication server computer, checking the decrypted user'"'"'s credentials for veracity, and if verified, allowing the user'"'"'s logon.
-
-
15. A method for allowing a user to securely log on to a host system via an electronic interface, comprising:
-
receiving, using a web server computer having a processor and memory, a request from the user at a user'"'"'s computing device having a processor and memory and with a browser to access an application server computer program executing on an application and authentication server computer having a processor and memory via the web server computer; sending, using the web server computer, an encryption applet, a replay prevention ID, and a public key of a public/private key pair of an authentication server computer program executing on the application and authentication server computer that is co-resident with the application server computer program executing on the application and authentication server computer to the user'"'"'s browser by the application server computer program executing on the application and authentication server computer; receiving, using the user'"'"'s computing device, entry of the user'"'"'s credentials into the encryption applet; encrypting, using the user'"'"'s computing device, the user'"'"'s credentials with a symmetric key and encrypting, using the user'"'"'s computing device, the symmetric key and replay prevention ID with the public key of the public/private key pair of the authentication server by the encryption applet; sending, using the user'"'"'s computing device, the symmetric key-encrypted user'"'"'s credentials and public key-encrypted symmetric key and replay prevention ID via the web server computer to the application server computer program executing on the application and authentication server computer from the browser of the user'"'"'s computing device without decrypting the symmetric key-encrypted user'"'"'s credentials and public key-encrypted symmetric key and replay prevention ID at the web server computer; passing, using the application and authentication server computer, the symmetric key-encrypted user'"'"'s credentials and public key-encrypted symmetric key and replay prevention ID by the application server computer program executing on the application and authentication server computer to the authentication server computer program executing on the application and authentication server computer without decrypting the key-encrypted user'"'"'s credentials and public key-encrypted symmetric key and replay prevention ID at the application server computer program executing on the application and authentication server computer; decrypting, using the application and authentication server computer, the public key-encrypted symmetric key and replay prevention ID with the private key of the public/private key pair of the authentication server computer program executing on the application and authentication server computer and decrypting, using the application and authentication server computer, the symmetric key-encrypted user'"'"'s credentials with the decrypted symmetric key by a tamper-proof physical hardware security module of the authentication server computer program executing on the application and authentication server computer; and checking, using the application and authentication server computer, the decrypted replay prevention ID and the decrypted user'"'"'s credentials for veracity, and if verified, allowing, using the application and authentication server computer, the user'"'"'s logon, by the authentication server computer program executing on the application and authentication server computer.
-
-
16. A method for allowing a user to securely log on to a host system via an electronic interface, comprising:
-
receiving, using a web server computer having a processor and memory, a request from the user at a user'"'"'s computing device having a processor and memory and with a browser to access an application server computer having a processor and memory via a the web server computer; sending, using the web server computer, an encryption applet, a replay prevention ID, and a public key of a public/private key pair, the private key for which is known by a tamper-proof physical hardware security module of the application server computer to the browser of the user'"'"'s computing device by the application server computer via the web server computer; receiving, using the user'"'"'s computing device, entry of the user'"'"'s credentials into the encryption applet; encrypting, using the user'"'"'s computing device, the user'"'"'s credentials with a symmetric key and encrypting, using the user'"'"'s computing device, the symmetric key and replay prevention ID with the public key of the public/private key pair by the encryption applet; sending, using the user'"'"'s computing device, the symmetric key-encrypted user'"'"'s credentials and the public key-encrypted symmetric key and replay prevention ID via the web server computer to the application server computer from the browser of the user'"'"'s computing device without decrypting the symmetric key-encrypted user'"'"'s credentials and public key-encrypted symmetric key and replay prevention ID by the web server computer and passing, via the web server computer, the symmetric key-encrypted user'"'"'s credentials and public key-encrypted symmetric key and replay prevention ID into the tamper-proof physical hardware security module of the application server computer; decrypting, using the application server computer, internally within the tamper-proof physical hardware security module of the application server computer the public key-encrypted symmetric key and replay prevention ID with the private key of the public/private key pair known by the tamper-proof physical hardware security module of the application server computer and decrypting, using the application server computer, internally within the tamper-proof physical hardware security module of the application server computer the symmetric key-encrypted user'"'"'s credentials with the decrypted symmetric key; re-encrypting, using the application server computer, internally within the tamper-proof physical hardware security module of the application server computer the decrypted user'"'"'s credentials with a new symmetric key known to an authentication server computer having a processor and memory and passing, using the application server computer, the re-encrypted user'"'"'s credentials and decrypted replay prevention ID out of the tamper-proof physical hardware security module of the application server computer; comparing, using the application server computer, the decrypted replay prevention ID with a clear-text version of the replay prevention ID retained by the application server computer, and if the decrypted replay prevention ID and the retained version are identical, sending, using the application server computer, the re-encrypted user'"'"'s credentials to the authentication server computer by the application server computer for verification; and decrypting, using the authentication server computer, the re-encrypted user'"'"'s credentials with the new symmetric key known to the authentication server computer, checking, using the authentication server computer, the decrypted user'"'"'s credentials for veracity, and if verified, allowing, using the authentication server computer, the user'"'"'s logon.
-
Specification