Patent Grant
9277403
The present invention is directed towards a method for authentication. More particularly, the present invention provides a method and a device using a long cryptographic key to implement a personal identification number (PIN) protection method for user authentication.
With the advancements in the field of Web and Mobile based commerce and communications, secure authentication has emerged as one of the most important requirements for any electronic commerce or mobile commerce based organization. Various situations require a user to be authenticated, in particular for financial transactions and it is anticipated that such authentications will only grow with time.
With the increase in penetration of mobile handheld devices, the number of applications designed for these platforms is also on the rise. In some mobile applications, it is essential for users to be able to authenticate themselves to other users on the phone network or to a service provider on the same network. One such application is mobile-phone based banking, wherein users maintain bank accounts with a central authority (both connected via a mobile phone network) and transfer money from their account into another user's account using a phone-based messaging protocol. Whenever the banking authority receives requests for such transactions from a user, it must first authenticate the user and only then let the transaction take place.
Mobile-phone based banking systems are becoming popular in many parts of the world, particularly in the developing countries of the world. Implementing authentication protocols on mobile phones in the developing world is a challenge since a large number of such phones have low computing and storage capabilities and thus cannot implement robust cryptographic algorithms that one may want to use for secure user authentication. The problem is exacerbated by the fact that mobile phone manufacturers are upping their investment in low-end phones due to their increasing demand in rural areas, but without much parallel effort to equip such phones with security features. In fact, several current implementations for implementing secure communication over mobile phone networks (e.g., those for GSM-based telephony) have been shown to be susceptible to easy attacks.
A paper-based solution for authentication in mobile-phone based banking is proposed in an article titled “Secure Branchless Banking” by Ashlesh Sharma and Lakshmi Subramanian and Dennis Shasha from New York University published in NSDR [Please provide full form] 2009. The solution proposed relies on transmitting fresh random nonces and a voice-based identifier per transaction. Hence, the proposed solution is not easy to use and requires additional software support.
Consequently, an authentication device and method which is strong, reliable, and resistant to security breaches, and at the same time is easy to use by a wide variety of users hailing from diverse backgrounds is required. Also is required an authentication device and method which may be implemented on low-end phones without the installation of any cryptographic software and without modifying the communication protocols used for messaging through mobile phones
The present invention provides a method for authenticating a user of a mobile device by a verification authority, by making use of at least a personal identification number (PIN) and at least one cryptographic key, the PIN and the cryptographic key being known only to the user and the verification authority. The cryptographic key comprises at least one session key. The method at least comprises the steps of: a. the user encoding the PIN by using at least one session key; b. the user transferring the encoded PIN to a predefined address of the verification authority via the mobile device; c. the verification authority decoding the PIN by using the cryptographic key; and d. the verification authority authenticating the user if the decoded PIN matches a PIN stored corresponding to the user. In an embodiment, the mobile device is a cellular telephone, whereas in another it is a mobile computing device.
In an embodiment, the PIN comprises a sequence of predefined number of characters and is known only to the user and the verification authority. The step of encoding the PIN by using a cryptographic key comprises replacing each character of the PIN by a corresponding character of at least one session key. In an embodiment, the cryptographic key comprises a sequence of digits, wherein each digit is selected randomly from the number set {0, 1, . . . , 9} by using a secure random number generator, the cryptographic key being broken up into one or more session keys comprising 10 digits each.
The user is provided with a cryptographic key comprising a plurality of session keys, each session key being used for authenticating the user only once. In an embodiment, the cryptographic key being provided in the form of a paper booklet. Also in another embodiment, the cryptographic key comprises a sequence of alphabets, wherein each alphabet is selected randomly from a predefined alphabet set by using a secure random alphabet generator, the cryptographic key being broken up into one or more session keys comprising a predefined number of alphabets each, one or more transformation codes being presented to the user in a plurality of presentation styles.
In an embodiment, a session key used for encoding the PIN once is removed from the cryptographic key by the user and the verification authority. Each PIN is stored by the verification authority in a hashed format by using a cryptographically secure hash function. In another embodiment, the step of encoding the PIN by using a cryptographic key comprises replacing each character of the PIN by a corresponding character of at least one session key by using a slider to assist in looking up a session key, the slider being movable over a plurality of session keys enabling a user to lookup a desired session key by sliding the slider over a medium containing the cryptographic key, the slider comprising grooves of predefined size causing each digit of a session key fall into one of the grooves when the slider is placed over the session key.
Further, in one embodiment the present invention provides an electronic device for storing one or more session keys used for authenticating a user of a mobile device having at least a personal identification number (PIN), the PIN and the one or more session keys being known only to the user and a verification authority. The user encodes the PIN by using at least one session key and transfers the encoded PIN to the verification authority for authenticating the user by decoding the PIN and verifying if the decoded PIN matches a PIN stored corresponding to the user. The electronic device comprises: a processor; a screen for displaying at least one current session key; memory for storing a plurality of session keys; and at least two navigational buttons for accessing a previous or a next session key.
The PIN comprises a sequence of predefined number of characters and encoding the PIN by using a session key comprises replacing each character of the PIN by a corresponding character of at least one session key. In an embodiment, each session key comprises a sequence of digits, wherein each digit is selected randomly from the number set {0, 1, . . . , 9} by using a secure random number generator.
In an embodiment, the screen is an LCD screen comprising a 3 digit display for providing a session key number and a 10 digit display for providing a session key. In another embodiment, each session key comprises a sequence of alphabets, wherein each alphabet is selected randomly from a predefined alphabet set by using a secure random alphabet generator. Also, in an embodiment, the processor prompts the user to delete a session key from the memory once the session key has been used for encoding the PIN, enabling a session key to be used for encoding the PIN only once. The electronic device is powered by one of: a power source and a battery, and further comprises a numeric keypad for entering the PIN into the electronic device, the encoding of the entered PIN by using a session key stored in the electronic device being performed by the processor, the encoded PIN being displayed on the screen.
The present invention is described by way of embodiments illustrated in the accompanying drawings wherein:
The present invention provides a device for authenticating a user of a mobile device such as a mobile phone or other personal computing device. The present invention also provides a plurality of methods to perform remote user authentication over a communication network without the installation of any cryptographic software on the access devices and without modifying the default communication protocol in any manner. The methods rely on a shared personal identification number (PIN) between the user and the verifying authority. Authentication is performed by having the user input the PIN into an associated network access point in an encrypted manner, transmitting the encrypted PIN and verifying, at the authority's end, that the transmitted data can be decrypted to recover the PIN. Encryption is performed by the user prior to PIN entry using a unique cryptographic key that is stored on paper and the encryption protocol is designed to be usable even by low-literate users.
The authentication methods and device described herein is cost effective, and provides secure authentication to organizations involving mobile or electronic commerce, online transfer of funds, other banking functionalities which can be performed electronically, and other places where user authentication is a requirement to access the device.
The following disclosure is provided in order to enable a person having ordinary skill in the art to practice the invention. Exemplary embodiments are provided only for illustrative purposes and various modifications will be readily apparent to persons skilled in the art. The general principles defined herein may be applied to other embodiments and applications without departing from the spirit and scope of the invention. Also, the terminology and phraseology used is for the purpose of describing exemplary embodiments and should not be considered limiting. Thus, the present invention is to be accorded the widest scope encompassing numerous alternatives, modifications and equivalents consistent with the principles and features disclosed. For purpose of clarity, details relating to technical material that is known in the technical fields related to the invention have not been described in detail so as not to unnecessarily obscure the present invention.
The user authentication methods provided by the present invention require that each user shares a unique personal identification number (PIN) with a verification authority. In various embodiments, each PIN is a sequence of digits and for purpose of illustration each PIN described herein has 4 digits. The solution provided herein can easily be extended to a setting where PINs are longer or shorter. Security of the present solution relies on the secrecy of a PIN and no party other than the legitimate user or the verification authority must be aware of the PIN.
The present invention would now be discussed in context of embodiments as illustrated in the accompanying drawings.
In various embodiments, the present invention provides methods of user authentication involving generation of a long cryptographic key for each user.
The cryptographic key may be stored on a paper card or a booklet of cards or any other medium from which the keys may easily be accessed or read by the user. A copy of the key is given to the user and another copy is maintained by a verification authority in digital form. In an embodiment, each key is represented by a sequence of digits wherein each digit is selected randomly from the number set {0, 1, . . . , 9} by using a secure random number generator. The cryptographic key is broken up into segments of 10 digits each and each segment is referred to as a session key.
In an embodiment of the present invention a user is required to use a single session key for each encryption operation. The user is required to append each outgoing message with his/her encrypted PIN where the encryption is performed under the first unused session key in the list of session keys. In an embodiment of the present invention, the session keys are provided to users in the form of paper booklets. There are a large number of session keys in each paper booklet, of the order of about 100. (In the figures, only one card in such a booklet is shown.) Upon exhaustion of all session keys, the user is issued a new paper booklet with a fresh cryptographic key suitably segmented into session keys.
With reference to
If the user is currently working with the second session key 118 illustrated in
In various embodiments of the present invention, the user appends the encrypted PIN to the message that needs to be transmitted and sends the resulting message to the verification authority, along with his/her identifier (like mobile phone number). Upon receipt of the message, the verification authority decrypts the last 4 digits in the message using the copy of the user's key it maintains (decryption involves performing a reverse lookup in the table corresponding to the session key) and checks if the decryption is the same as the user's PIN. If it is, authentication succeeds; else, it fails.
In an embodiment of the present invention, in certain scenarios, encryption of multiple PINs may result in the same digits, i.e multiple PINs may have the same encryption. This would happen if the session key being used has repeated digits causing two digits from two different PINs to be mapped to the same encryption digit. In order to address this possibility, in an embodiment of the present invention, an encrypted PIN received by the verification authority may be decrypted to multiple user PIN values. The verification authority determines if any one of obtained user PIN values correspond to the expected PIN. Authentication fails only if none of the obtained user PIN values corresponds to an expected Pin value. In an embodiment, the session keys are generated in a manner such that each session key is a random permutation of the digits {0, 1, . . . , 9}, picked uniformly at random from all such permutations. Such a random selection of session key digits automatically eliminates the possibility of an encryption being decrypted to multiple candidate PINs. In various embodiments, the user PINs are stored in a hashed manner at the verification authority using a cryptographically secure hash function. This is meant to ensure that an attacker who gets access to the storage at the verification authority has little advantage in deriving the users' PINs which are meant to remain secret.
In an embodiment of the present invention, the encrypted PIN is not numeric, but consists of symbols from an arbitrary alphabet. For example, the PINs could be obtained from the English alphabet or from any other alphabet readable by the target users. Session keys would be of the same length as the alphabet size and would consist of random symbols from the alphabet. For encrypting the PIN, the same lookup operation would be used as in the case of digits described with reference to
In an embodiment of the present invention, the session keys are represented not as tables but just as a sequence of digits (or alphabets, in the general case). To make the lookup process easy for the user, a “slider” is implemented.
In an embodiment of the present invention, where PIN-based transactions are very frequent and session keys expire early, the session keys are stored electronically rather than on paper.
In an embodiment, the dongle is equipped with a numeric keypad and the encryption operation itself is performed by the dongle, thus making the user interface even more accessible to illiterate users.
Referring now to
Similarly, referring to
Hence the present invention provides a paper-based interface for storing a long sequence of cryptographic session keys and using secure methods for performing PIN encryption. The invention also provides a low-cost electronic equipment for performing the encryption. The present invention also provides a method for performing PIN encryption, or more generally, of short numeric messages, where both the encryption and decryption operations are easy to implement and can be performed by humans with very limited literacy and numeric skills. Consequently, a method for encrypting messages at the “user interface” layer (above the application layer) of the communication protocol is provided, i.e., even before messages are received by a software application, they have been encrypted by the user. This makes the encryption more robust against potential mal-ware on the communication network. Hence, the present invention builds upon a simple cryptographic scheme like the one-time pad to design an encryption method which can be implemented entirely by humans and without any software support.
While the exemplary embodiments of the present invention are described and illustrated herein, it will be appreciated that they are merely illustrative. It will be understood by those skilled in the art that various changes in form and detail may be made therein without departing from or offending the spirit and scope of the invention.
| Number | Date | Country | Kind |
|---|---|---|---|
| 451/DEL/2010 | Mar 2010 | IN | national |
| Filing Document | Filing Date | Country | Kind | 371c Date |
|---|---|---|---|---|
| PCT/IN2011/000128 | 3/1/2011 | WO | 00 | 11/12/2012 |
| Publishing Document | Publishing Date | Country | Kind |
|---|---|---|---|
| WO2011/108004 | 9/9/2011 | WO | A |
| Number | Name | Date | Kind |
|---|---|---|---|
| 5177789 | Covert | Jan 1993 | A |
| 6166733 | Yamada | Dec 2000 | A |
| 6696919 | Leickel et al. | Feb 2004 | B1 |
| 8769784 | Ganesan et al. | Jul 2014 | B2 |
| 20040003287 | Zissimopoulos et al. | Jan 2004 | A1 |
| 20040187018 | Owen et al. | Sep 2004 | A1 |
| 20050150945 | Choi | Jul 2005 | A1 |
| 20050250538 | Narasimhan et al. | Nov 2005 | A1 |
| 20060136334 | Atkinson et al. | Jun 2006 | A1 |
| 20060212706 | Jiang et al. | Sep 2006 | A1 |
| 20070067833 | Colnot | Mar 2007 | A1 |
| 20080103984 | Choe et al. | May 2008 | A1 |
| 20080172730 | Sandhu et al. | Jul 2008 | A1 |
| 20080228653 | Holdsworth | Sep 2008 | A1 |
| 20080276098 | Florencio et al. | Nov 2008 | A1 |
| 20090235339 | Mennes et al. | Sep 2009 | A1 |
| 20090323972 | Kohno et al. | Dec 2009 | A1 |
| 20100088754 | Ghislanzoni | Apr 2010 | A1 |
| 20100127083 | Brown et al. | May 2010 | A1 |
| 20100180328 | Moas et al. | Jul 2010 | A1 |
| 20100191977 | Landrock et al. | Jul 2010 | A1 |
| 20100332398 | Aage et al. | Dec 2010 | A1 |
| 20110060690 | Mohss et al. | Mar 2011 | A1 |
| 20110231648 | Robertson et al. | Sep 2011 | A1 |
| 20120066504 | Hird et al. | Mar 2012 | A1 |
| 20120066749 | Taugbol et al. | Mar 2012 | A1 |
| 20130167213 | Sandhu et al. | Jun 2013 | A1 |
| 20140100973 | Brown et al. | Apr 2014 | A1 |
| Entry |
|---|
| Som et al, Session Key Based Manipulated Iteration Encryption Technique, IEEE, 2008, pp. 694-698. |
| Cheng, A Novel Rubbing Encryption Algorithm and the Implementation of a Web Based One-time Password Token, IEEE, 2010, pp. 147-154. |
| Number | Date | Country | |
|---|---|---|---|
| 20130061057 A1 | Mar 2013 | US |
