System and method for scrambling keystrokes related to a password

CLAIM OF PRIORITY

The present patent application claims the priority benefit of the filing date of European Application (EPO) No. 05291874.5 filed Sep. 09, 2005, the entire content of which is incorporated herein by reference.

TECHNICAL FIELD

Embodiments relate generally to the field of electronic data processing and more specifically to security of passwords.

BACKGROUND AND PRIOR ART

These days, more and more people use a growing number of computer systems. The use of the computer systems has advanced in the business world as well as in the private domain. Frequently, a computer system runs an application program that provides an application to a user. Many applications are provided by a remote computer system that the user accesses through a personal device. The personal computer system may be, for example, a personal computer, a laptop, or a personal digital assistant. The remote computer system may be, for example, an application server or a web application server. The remote computer system and the personal computer system may be connected for example through an intranet of an enterprise or through the Internet.

Frequently, applications require that the user has an authorization to access the application. Such an access control may for example request that the user enters a user identification and a password. In such cases, the application can check with the user identification that the user has been given the authorization to access the application. Furthermore, the application may verify the identity of the user by checking that the password is associated to the user identification. Such verification may for example assume an integrity of the password, that is, the access control may provide security as long as only the authentic user knows the password.

A further party without an authorization to access the application may be interested in accessing the application. The further party may use legal or illegal ways to gain the access. Therefore, there is a general and ongoing desire to increase the security of the access control.

BRIEF DESCRIPTION OF DRAWINGS

FIG. 1 is an example system for scrambling characters of a password for an application.

FIG. 2 shows a few results of an example transformation rule.

FIG. 3A is a sequence diagram of an example first scrambling of a password.

FIG. 3B is a sequence diagram of an example scrambling of a character of a password.

FIG. 3C is a sequence diagram showing a keystroke without a scrambling procedure.

FIG. 4A shows method operations according to an embodiment.

FIG. 4B shows further method operations according to the embodiment.

DETAILED DESCRIPTION

A possible way to address the access control of the application is to obtain the password of the authentic user when the user enters the password on an input device. This may involve spying or eavesdropping on the user, for example, by using a hidden camera recording the keystrokes on a keyboard when the user types in the password. A further example is using an advanced acoustic recorder allowing for an analysis of keystrokes. A further example is using a key catcher device that may be plugged between the keyboard and the personal computer system to record the keystrokes of the user.

It may be desired, in certain example embodiments, to provide security against obtaining the password from the authentic user when the user enters the password on the input device.

A first embodiment may be a system for scrambling characters of the password. The system may include a keystroke controller identifying keystrokes related to the password and a scrambling pad scrambling a character of the password. The system may provide the security against obtaining the password through keystrokes of the user because the password that the user enters is different from the scrambled password that the application requests for an access. A high level of security may be provided because knowledge of the entered password and further knowledge of a scrambling procedure leads to the requested scrambled password. Therefore, the user may protect the scrambled password by protecting the scrambling procedure, that is, the system for scrambling the password characters. Knowledge of the scrambling procedure alone may be not sufficient to break the requested scrambled password. A further level of security may be provided because frequently a scrambled password is more difficult to guess by an unauthorized party than a meaningful password selected by the user. Furthermore, an additional security may be provided because the user can select a password that is easy to memorize without writing down the password allowing for a detection of the written password.

A second embodiment is a method for scrambling characters of the password. The method may include identifying a keystroke related to the password and scrambling a character represented by the keystroke. The method provides levels of security that correspond to levels of security of the first embodiment.

A third embodiment is a computer program product referring to features of the second embodiment. Accordingly, the computer program product may share desired security aspects with the second embodiment.

The following examples and example embodiments may have specific features for illustrative purposes. The specific example features are not intended to limit or the scope of the invention or to be exhaustive regarding embodiments of the invention.

FIG. 1 is an example system 100 for scrambling characters of a password for an application 250. In the figure, a line between two elements represents a communicative coupling for exchange of data between the two elements. The scrambling system 100 may be a part of a personal device 200. The application 250 is provided by an application program running for example on a remote computer system or on the personal device 200. The characters of the password are entered by a user on an input device, for example, a keyboard 210. A further example for the input device may be a device with two or more keys to enter a password. The keys of the further example may represent numbers or different symbols and a password may be a sequence of keystrokes.

The scrambling system 100 may include a keystroke controller 110 to identify a keystroke that represents a character of the password entered on the keyboard 210. The scrambling system 100 may further include a scrambling pad 120 to scramble the character represented by the identified keystroke into a scrambled character according to a transformation rule. The scrambling system 100 may for example be an external device that is to establish a connection to computer systems of one or more types. This may for example involve a standard interface provided by the computer systems through which the scrambling system has an access on a keystroke flow.

The personal device 200 may for example be a personal computer or a laptop that provides an interface for the scrambling system 100. Such an interface may be for example a slot of the personal computer and the scrambling system may be a plug in card. Further examples for the interface are a universal serial bus (USB) or a small computer system interface (SCSI) that allow for a connection with the scrambling system 100 through a corresponding interface. Through the interface the scrambling system 100 may become a part of the personal computer system and may have an access on the keystroke flow from the keyboard. Furthermore, the scrambling system 100 may have an access to data of the personal computer system that allow for an identification of keystrokes that are related to the password. A control of the keystroke flow from the keyboard to the application by the keystroke controller is represented by lines between the keyboard, the keystroke controller and the application. The identified keystroke may be transmitted to the scrambling pad 120 and the scrambling pad 120 may send the scrambled keystroke to the keystroke controller through an interface. In a further example, the scrambling pad may also send the scrambled keystroke to the application.

In the example, the scrambling pad 120 of the scrambling system is further to generate the transformation rule for the password prior to scrambling a first character of the password. In case that the keystroke controller identifies a first keystroke related to a new password that has not been scrambled previously the scrambling pad may generate the transformation rule for the new password. Following a generation of the transformation rule the first character represented by the first keystroke may be scrambled. In an example, the generation of the transformation rule may be done following a last keystroke related to the new password. The system 100 may identify the last keystroke by the fact that it is followed by a keystroke that confirms the entering of the password such as the “return” key of the keyboard. In the example, the system may withhold the characters related to the new password and transmit the scrambled characters to the application following the generation of the transformation rule. In a further example, the generation of the transformation rule may be done following the first keystroke. Following this the scrambled character is transmitted to the application prior to identifying a further keystroke related to the password.

In the example, a scrambling of a character of a password may be deactivated by the user. Therefore, the user may be able to select if a password is scrambled. It may be desired that the user enters an unscrambled password, for example, in case that the user is given an initial password that may not be changed when entered for the first time.

The keystroke controller 110 may be further configured to identify an application program for which the password is entered and the scrambling pad 120 may be further to apply a transformation rule that is associated to the identified application program. Therefore, the example system scrambles the password for the application 250 with the transformation rule which may be different from a further transformation rule used for a further application. This may provide additional security because even in case that an unauthorized party discovers the transformation rule related to the application the unauthorized party may not be able to use the transformation rule for accessing the further application.

In the example, the transformation rule associated to the application complies with a restriction for scrambled characters of the password. The restriction may be required by the application. An example for the restriction is that the requested password contains at least one number. A further example is that the requested password contains a capital letter. Such restrictions may be requested in order to force the user to select a more complicated and therefore secure password. An application may also request that the password fulfills more than one restriction. In such cases the transformation rule is generated so that the one or more restrictions are fulfilled by the scrambled password.

In the example, the scrambling system 100 is stored on a portable storage device. The portable storage device has the interface to connect to the personal computer system. The user may use the scrambling system for different computer systems and by carrying the scrambling system personally the user may make the scrambling system more secure. Therefore an unauthorized person may have to take the scrambling system away from the user for accessing the application.

FIG. 2 shows a few results of an example transformation rule 220. The example transformation rule 220 substitutes a character according to a position in the alphabet by a character two positions later. The second last character and the last character of the alphabet may be substituted by the first character and second character of the alphabet. The example transformation rule 220 is an example for a shift transformation or a homophonic substitution. According to the example transformation rule, the character 212 which is entered by the user is scrambled to the scrambled character 222. Similarly, character 214 is mapped to scrambled character 224 and character 216 is mapped to scrambled character 226. A mapping of the characters 212-216 represented by keystrokes to the scrambled characters 222-226 may use for example a mapping table with 2 columns. One column includes the characters 212-216 represented by keystrokes and a further column includes the scrambled characters 222-226. In a further example, the mapping may use an instruction how to shift the characters 212-216 represented by keystrokes to get to the scrambled characters 222-226.

The example transformation can be extended by shifting elements of the “American Standard Code for Information Interchange” (ASCII). Furthermore, the number of positions by which a character is shifted may be changed. In further transformation rules the characters represented by keystrokes may be mapped by a permutation to the scrambled characters. The number of possible permutations may be large also for a restricted set of characters. Furthermore, a transformation rule may also map different characters on a single scrambled character.

FIG. 3A is a sequence diagram of an example first scrambling of a password. On the keyboard 210, the user may enter keystrokes related to a password for the application 250. The scrambling system 100 may withhold the characters represented by the entered keystrokes within the scrambling system so that the transformation rule may be generated prior to scrambling the characters. The transformation rule may for example be generated by selecting an integer and shifting each character by the integer using a shift transformation (see FIG. 2). The integer may be selected in a random-like way or from a predefined set of integers. A permutation for mapping characters to scrambled characters may be generated for example by mapping each character of a sequence to a free scrambled character. The free scrambled character is a scrambled character to which no character of the sequence has been mapped previously. Following scrambling the characters the scrambled password, that is, the password with the scrambled characters may be transmitted to the application. The application may accept the scrambled password as a new password and request at future accesses the scrambled password as a proof of authentication. In order to change the password of the application a new transformation rule may be generated according to the example first scrambling. In a further example, a change of the password may be done according to the generated transformation rule.

FIG. 3B is a sequence diagram of an example scrambling of a character of a password. The situation is similar to FIG. 3A but the user may enter a keystroke related to a password that has been scrambled previously. In the figure, the character represented by the keystroke may be scrambled individually and the scrambled character may be transmitted to the application. The sequence diagram may be repeated for each keystroke representing a character of the password. Following receiving the last scrambled character of the password the application may compare the scrambled characters with the characters of the password from the first scrambling and therefore authenticate the user.

FIG. 3C is a sequence diagram showing a keystroke without a scrambling procedure. A reason may for example be that the keystroke does not represent a character of a password. A further reason may be that the scrambling procedure is deactivated. According to the sequence diagram the character represented by the keystroke may be directly transmitted to the application with a small delay. Therefore, the scrambling system may hardly affect the personal device in case that keystrokes unrelated to a password are entered.

FIG. 4A shows method operations according to an embodiment. The method operations may be from a computer implemented method 300 for scrambling characters of a password entered by a user on the input device. The computer implemented method may include identifying 310 the keystroke that represents the character of the password. Identifying 310 the keystroke may for example include controlling a flow of keystrokes. In an example, the method 300 may be used for a web based application. Generating the password may be executed on the client side or on a server side. In case of the web based application a password field may be identified by identifying a tag of the following structure in the HyperText Markup Language (HTML) page: <INPUT Type=‘password’>. Furthermore, the method may be implemented as a plug in for a web browser and control the flow of keystrokes.

The method may further include scrambling 370 the character represented by the identified keystroke into a scrambled character according to a transformation rule. In the example, there are further method operations that may be optional and that are indicated by dashed lines. The scrambling 370 may be executed for a first password scrambling following optional operation generating 360 the transformation rule. The scrambling 370 may also be executed following a check 330 if a transformation rule is to be generated and in case that the check 330 has a negative result (see FIG. 4B). After the operation identifying 310 the keystroke may follow operation identifying 320 the application program for which the password is entered. Accordingly, the transformation rule may be associated to the identified application program and may have been generated specifically for the application or may be intended to be generated specifically for the application. It may follow the check 330 if the transformation rule is to be generated and in case of a positive result it may follow a check 340 if a further keystroke related to the password has been entered. In case of a positive result it may follow identifying 350 the further keystroke representing a further character of the password. In the example, operation identifying 350 the further keystroke is repeated as long as the check 340 gives a positive result.

After a last password keystroke has been entered and the check 340 for the password keystroke gives a negative result operation generating 360 the transformation rule for the password may be executed. In accordance with an embodiment generating 360 may be executed following identifying 310 the keystroke. In a further example, operation identifying a restriction for scrambled characters of the password may be executed prior to generating 360 the transformation rule. Accordingly, in the further example the transformation rule may be generated so that the restriction is fulfilled.

In the figure follows scrambling 370 the character and a check 380 if further characters of the password are to be scrambled. In case of a positive result it may follow scrambling 390 the further character into a further scrambled character according to the transformation rule. In the example, operation scrambling 390 the further keystroke is repeated as long as the check 380 gives a positive result. In case of a negative result it may follow transmitting 410 the scrambled password for example by transmitting the scrambled characters of the password.

FIG. 4B shows further method operations according to the embodiment. The further method operations may be executed in case that the result of the check 330 is negative, that is, the transformation rule has been generated previously. Accordingly, it may follow scrambling 370 the character represented by the identified keystroke and the check 340 if further password keystrokes are entered. In case of a positive result operations identifying 350 the further keystroke and scrambling 390 the further character may be executed and repeated as long as the check gives a positive result.

The method operations of the method 300 may be executed in a sequence that differs from a sequence depicted in FIG. 4A and FIG. 4B. In a further embodiment, operation scrambling 370 the character may be executed prior to identifying 350 the further password keystroke. A person skilled in the art may find further sequences of the method operations that are in accordance with embodiments.

A further embodiment is a computer program product comprising instructions that are transferable to a computer system and that may cause the computer system to execute method operations of any one of the method 300 claims 7 to 12. The computer program product may be for example a USB stick, a floppy disc, or a compact disc (CD). Such portable storage devices may allow the user to profit from the method on different computer systems. In an example embodiment of the method the method may be executable only from the portable storage device. Therefore, after removing the portable storage device from the computer system the method may be inaccessible for execution.

Generally, the computer program product may include RAM, ROM, EPROM, EEPROM, CD-ROM or other optical disk storage, magnetic disk storage or other magnetic storage devices, or any other medium that may be used to carry or store desired program code in the form of computer-executable instructions or data structures and which can be accessed by a general purpose or special purpose computer. When information is transferred or provided over a network or another communications connection (either hardwired, wireless, or a combination of hardwired or wireless) to a computer, the computer properly views the connection as a computer-readable medium. Thus, any such connection is properly termed a computer-readable medium or a computer program product. Combinations of the above are also to be included within the scope of computer-readable media. Computer-executable instructions include, for example, instructions and data which cause a general purpose computer, a special purpose computer, or a special purpose processing device to perform a certain function or group of functions. Furthermore, computer-executable instructions include, for example, instructions that have to be processed by a computer to transform the instructions into a format that is executable by a computer. The computer-executable instructions may be in a source format that is compiled or interpreted to obtain the instructions in the executable format.

The personal computer system may include a general purpose computing device in the form of a conventional computer, including a processing unit, a system memory, and a system bus that couples various system components including the system memory to the processing unit. The system memory may include read only memory (ROM) and random access memory (RAM). The computer may also include a magnetic hard disk drive for reading from and writing to a magnetic hard disk, a magnetic disk drive for reading from or writing to a removable magnetic disk, and an optical disk drive for reading from or writing to removable optical disk such as a CD-ROM or other optical media. The drives and their associated computer-readable media provide nonvolatile storage of computer-executable instructions, data structures, program modules and other data for the computer.

Software and web implementations of present embodiments could be accomplished with standard programming techniques with rule based logic and other logic to accomplish the various database searching operations, correlation operations, comparison operations and decision operations. It should also be noted that the word component as used herein and in the claims is intended to encompass implementations using one or more lines of software code, and/or hardware implementations, and/or equipment for receiving manual inputs.

System and method for scrambling keystrokes related to a password

Information

Publication Number

Date Filed

Date Published

Inventors

Original Assignees

CPC

US Classifications

International Classifications

Abstract

Description

Claims

Priority Claims (1)