CA2566253A1 - System and method for protecting a password against brute force attacks - Google Patents
System and method for protecting a password against brute force attacks Download PDFInfo
- Publication number
- CA2566253A1 CA2566253A1 CA002566253A CA2566253A CA2566253A1 CA 2566253 A1 CA2566253 A1 CA 2566253A1 CA 002566253 A CA002566253 A CA 002566253A CA 2566253 A CA2566253 A CA 2566253A CA 2566253 A1 CA2566253 A1 CA 2566253A1
- Authority
- CA
- Canada
- Prior art keywords
- client device
- authentication
- key
- pub
- message
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract 30
- 238000010295 mobile communication Methods 0.000 claims 4
- 238000004891 communication Methods 0.000 claims 3
- 238000009795 derivation Methods 0.000 claims 2
- 238000012795 verification Methods 0.000 claims 2
- 238000004590 computer program Methods 0.000 claims 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/002—Countermeasures against attacks on cryptographic mechanisms
- H04L9/003—Countermeasures against attacks on cryptographic mechanisms for power analysis, e.g. differential power analysis [DPA] or simple power analysis [SPA]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0863—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving passwords or one-time passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3226—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/80—Wireless
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Mobile Radio Communication Systems (AREA)
- Storage Device Security (AREA)
Abstract
In a system and method for authenticating a client device by an authentication device, the client device user is assigned a PIN generated by the authentication device. The user provides the PIN and a password to the client device, from which the client device generates a symmetric key and further generates a public/private key pair. The private key is encrypted using the symmetric key and stored in encrypted form only. The public key and a message authentication code generated from the PIN
are provided to the authentication device, which stores the public key.
Subsequently, when the user seeks to be authenticated, the user enters a password at the client device, which is used to generate a symmetric key to decrypt the encrypted private key. A message to the authentication device is signed using the resultant value. The authentication device uses the public key to verify the signature of the message.
are provided to the authentication device, which stores the public key.
Subsequently, when the user seeks to be authenticated, the user enters a password at the client device, which is used to generate a symmetric key to decrypt the encrypted private key. A message to the authentication device is signed using the resultant value. The authentication device uses the public key to verify the signature of the message.
Claims (31)
1. A method for providing authentication information from a client device to an authentication device, the authenticating device being provided with a public key K pub paired to a private key K priv associated with the client device, wherein K
pub and K priv are generated at the client device, and K priv is stored at the client device in encrypted form E Kpriv, wherein K priv is encrypted by a key K(P) derived from a password P to provide E Kpriv, the method comprising the steps of:
receiving an input password P' at the client device;
deriving, using the input password P', a key K(P'), wherein the key K(P') is derived from the input password P' using the same method used to derive the key K(P) from the password P;
decrypting, using the key K(P'), the encrypted private key E Kpriv to provide a signing value;
digitally signing a message using the signing value; and transmitting the message to the authentication device, the authentication device being configured to verify the digitally signed message using the paired public key K pub.
pub and K priv are generated at the client device, and K priv is stored at the client device in encrypted form E Kpriv, wherein K priv is encrypted by a key K(P) derived from a password P to provide E Kpriv, the method comprising the steps of:
receiving an input password P' at the client device;
deriving, using the input password P', a key K(P'), wherein the key K(P') is derived from the input password P' using the same method used to derive the key K(P) from the password P;
decrypting, using the key K(P'), the encrypted private key E Kpriv to provide a signing value;
digitally signing a message using the signing value; and transmitting the message to the authentication device, the authentication device being configured to verify the digitally signed message using the paired public key K pub.
2. The method of claim 1, wherein the authentication device, upon verifying the digitally signed message, is configured to deliver a digital certificate associated with the provider of the input password P' to the client device.
3. The method of claim 1, wherein the key K(P) is a symmetric key derived from the password P and the key K(P') is a symmetric key derived from the password P'.
4. The method of any of claims 1, 2, or 3, wherein the client device is a communication device.
5. The method of claim 4, wherein the client device is a mobile communication device.
6. The method of claim 1, wherein the public key K pub is associated with the user of a client device by means of authentication data associated with the user of the client device, the authentication data having been generated and stored by the authentication device and provided to the user of the client device prior to provision of the public key K pub to the authentication device, the method further comprising the step of transmitting, to the authentication device, a message comprising K pub and information derived from the authentication data, such that the authentication device can verify the message using the information derived from the authentication data and, if said information is verified, store K pub in association with the user of the client device.
7. The method of claim 6, wherein the information derived from the authentication data comprises a message authentication code generated at the client device from the authentication data.
8. The method of claim 6, wherein the key K(P) is a symmetric key derived from the password P and the key K(P') is a symmetric key derived from the password P'.
9. The method of any of claims 6, 7, or 8, wherein the client device is a communication device.
10. The method of claim 9, wherein the client device is a mobile communication device.
11. A method for authenticating a client device by an authentication device, comprising the steps of claim 2, and further comprising the step of receiving, at the client device, the digital certificate upon verification of the digitally signed message by the authentication device.
12. The method of claim 11, wherein the authentication device is a certificate authority.
13. A method for providing authentication information to a client device and an authentication device for authenticating the client device by the authentication device, comprising the steps of:
receiving an input password P at the client device;
deriving, using the input password P, a key K(P);
generating a private key K priv and a paired public key K pub;
encrypting, using the key K(P), the private key K priv to derive E Kpriv wherein E Kpriv is stored at the client device; and transmitting the public key K pub to the authentication device for storage.
receiving an input password P at the client device;
deriving, using the input password P, a key K(P);
generating a private key K priv and a paired public key K pub;
encrypting, using the key K(P), the private key K priv to derive E Kpriv wherein E Kpriv is stored at the client device; and transmitting the public key K pub to the authentication device for storage.
14. The method of claim 13, further comprising the step of receiving, at the client device, authentication data associated with a user of the client device; and wherein the step of transmitting the public key K pub to the authentication device for storage comprises the steps of composing a message comprising information derived from the authentication data and the public key K pub and transmitting the message to the authentication device.
15. The method of claim 14, further comprising the step of providing the authentication data to the user of the client device and at the authentication device before the step of transmitting the public key K pub to the authentication device.
16. The method of claim 15, wherein the step of providing the authentication data to the user of the client device and at the authentication device comprises the step of generating the authentication data at the authentication device.
17. The method of claim 16, wherein the step of providing the authentication data to the user of the client device and at the authentication device further comprises the step of communicating the authentication data after verifying the identity of the user.
18. The method of claim 13, wherein the step of transmitting the public key K
pub to the authentication device for storage comprises the steps of generating a hash of the public key K pub; signing a message comprising the public key K pub with the hash; and transmitting the signed message to the authentication device.
pub to the authentication device for storage comprises the steps of generating a hash of the public key K pub; signing a message comprising the public key K pub with the hash; and transmitting the signed message to the authentication device.
19. The method of claim 18, wherein the step of transmitting the public key K
pub to the authentication device for storage comprises the steps of generating a hash of the public key K pub; generating a message authentication code from the authentication data; signing a message comprising the public key K pub and the message autentication code with the hash; and transmitting the signed message to the authentication device.
pub to the authentication device for storage comprises the steps of generating a hash of the public key K pub; generating a message authentication code from the authentication data; signing a message comprising the public key K pub and the message autentication code with the hash; and transmitting the signed message to the authentication device.
20. A method for authenticating a client device, comprising the steps of:
receiving, at an authentication device, a message from a client device comprising a public key K pub;
storing the public key K pub at the authentication device;
receiving, at the authentication device, a message comprising a request for authentication and a digital signature;
verifying, at the authentication device, the digital signature of the message, such that if the digital signature is verified further data requiring prior authentication may be delivered to the client device;
wherein the digital signature is derived from a first value stored at the client device processed in accordance with a decryption algorithm using a key K(P'), the key K(P') in turn derived using a key derivation algorithm from a user-entered password P', wherein the first value was previously derived at the client device as a private key K priv paired with the public key K pub and encrypted using an encryption algorithm corresponding to the decryption algorithm and using a key K(P), the key K(P) in turn derived from the key derivation algorithm from a password P, such that the digital signature is verified if the user-entered password P' matches the password P.
receiving, at an authentication device, a message from a client device comprising a public key K pub;
storing the public key K pub at the authentication device;
receiving, at the authentication device, a message comprising a request for authentication and a digital signature;
verifying, at the authentication device, the digital signature of the message, such that if the digital signature is verified further data requiring prior authentication may be delivered to the client device;
wherein the digital signature is derived from a first value stored at the client device processed in accordance with a decryption algorithm using a key K(P'), the key K(P') in turn derived using a key derivation algorithm from a user-entered password P', wherein the first value was previously derived at the client device as a private key K priv paired with the public key K pub and encrypted using an encryption algorithm corresponding to the decryption algorithm and using a key K(P), the key K(P) in turn derived from the key derivation algorithm from a password P, such that the digital signature is verified if the user-entered password P' matches the password P.
21. The method of claim 20, further comprising the steps of:
providing, at the authentication device, first authentication data associated with a user of the client device;
storing, at the authentication device, the first authentication data, the first authentication data being provided to the user of the client device;
wherein the message received from the client device comprising the public key K pub further comprises information derived from the first authentication data, the first authentication data being received by the client device from the user of the client device, and the step of storing the public key K pub at the authentication device comprises the step of correlating the message received from the client device with the first authentication data stored at the authentication device and storing K
pub in association with an identifier associated with the user of the client device.
providing, at the authentication device, first authentication data associated with a user of the client device;
storing, at the authentication device, the first authentication data, the first authentication data being provided to the user of the client device;
wherein the message received from the client device comprising the public key K pub further comprises information derived from the first authentication data, the first authentication data being received by the client device from the user of the client device, and the step of storing the public key K pub at the authentication device comprises the step of correlating the message received from the client device with the first authentication data stored at the authentication device and storing K
pub in association with an identifier associated with the user of the client device.
22. The method of claim 21, further comprising, prior to the step of receiving, at an authentication device, a message from a client device comprising a public key K pub, the steps of:
generating, at the client device, the public key K pub and the private key K
priv;
encrypting the private key K priv with a key K(P) derived from a password P to provide E Kpriv;
storing, at the client device, E Kpriv.
generating, at the client device, the public key K pub and the private key K
priv;
encrypting the private key K priv with a key K(P) derived from a password P to provide E Kpriv;
storing, at the client device, E Kpriv.
23. The method of claim 21, wherein the key K(P) and the key K(P') are symmetric keys.
24. The method of any of claims 1 through 12 , wherein the step of digitally signing a message comprises the step of generating a message comprising a nonce or randomly generated value.
25. A client device for a system for authenticating the client device using an authentication device, the client device comprising:
an input for receiving an input password and authentication data;
a processor and memory for:
generating symmetric keys and paired public and private keys, encrypting and decrypting data and digitally signing messages using keys, and generating and transmitting messages;
wherein the client device is further adapted to:
generate a symmetric key from a first password P, generate a public and private key pair K pub, K priv, generate and transmit a message to the authentication device comprising the public key K pub and received authentication data, encrypt the private key K priv using the symmetric key and store the encrypted private key K priv, generate and transmit a message to the authentication device comprising a request for authentication digitally signed with a value derived from decrypting the stored encrypted private key K priv using a symmetric key generated from an input password P', for verification by the authentication device using the public key K pub.
an input for receiving an input password and authentication data;
a processor and memory for:
generating symmetric keys and paired public and private keys, encrypting and decrypting data and digitally signing messages using keys, and generating and transmitting messages;
wherein the client device is further adapted to:
generate a symmetric key from a first password P, generate a public and private key pair K pub, K priv, generate and transmit a message to the authentication device comprising the public key K pub and received authentication data, encrypt the private key K priv using the symmetric key and store the encrypted private key K priv, generate and transmit a message to the authentication device comprising a request for authentication digitally signed with a value derived from decrypting the stored encrypted private key K priv using a symmetric key generated from an input password P', for verification by the authentication device using the public key K pub.
26. An authentication device for a system for authenticating a client device using the authentication device, the authentication device comprising:
a processor and memory for:
generating and providing authentication data;
storing data;
verifying digitally signed messages using public keys;
generating and transmitting messages;
wherein the authentication device is further adapted to:
receive a message comprising a public key K pub generated by the client device and information derived from the authentication data generated by the authentication device and provided to a user of the client device and subsequently received by the client device, the public key K pub corresponding to a paired private key K pub encrypted using a first password P and stored at the client device in encrypted form, store the public key K pub, receive a message from the client device comprising a request for authentication provided with a digital signature generated by the client device using a value derived from decrypting the encrypted private key K priv stored at the client device using a symmetric key generated from an input password P' received at the client device, and verify the digital signature using the public key K pub, wherein the authentication device is adapted to authenticate a user of the client device if the digital signature is verified using the public key K pub.
a processor and memory for:
generating and providing authentication data;
storing data;
verifying digitally signed messages using public keys;
generating and transmitting messages;
wherein the authentication device is further adapted to:
receive a message comprising a public key K pub generated by the client device and information derived from the authentication data generated by the authentication device and provided to a user of the client device and subsequently received by the client device, the public key K pub corresponding to a paired private key K pub encrypted using a first password P and stored at the client device in encrypted form, store the public key K pub, receive a message from the client device comprising a request for authentication provided with a digital signature generated by the client device using a value derived from decrypting the encrypted private key K priv stored at the client device using a symmetric key generated from an input password P' received at the client device, and verify the digital signature using the public key K pub, wherein the authentication device is adapted to authenticate a user of the client device if the digital signature is verified using the public key K pub.
27. A system comprising the client device of claim 25 and the authentication device of claim 26.
28. The client device of claim 25, wherein the client device is a communication device.
29. The client device of claim 28, wherein the client device is a mobile communication device.
30. The system of claim 27, wherein the client device is a mobile communication device.
31. A computer program product comprising program code operative to carry out the method of any of claims 1 through 24.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CA2566253A CA2566253C (en) | 2006-10-31 | 2006-10-31 | System and method for protecting a password against brute force attacks |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CA2566253A CA2566253C (en) | 2006-10-31 | 2006-10-31 | System and method for protecting a password against brute force attacks |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CA2566253A1 true CA2566253A1 (en) | 2008-04-30 |
| CA2566253C CA2566253C (en) | 2012-08-21 |
Family
ID=39367031
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CA2566253A Active CA2566253C (en) | 2006-10-31 | 2006-10-31 | System and method for protecting a password against brute force attacks |
Country Status (1)
| Country | Link |
|---|---|
| CA (1) | CA2566253C (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8838975B2 (en) | 2006-10-31 | 2014-09-16 | Blackberry Limited | System and method for protecting a password against brute force attacks |
-
2006
- 2006-10-31 CA CA2566253A patent/CA2566253C/en active Active
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8838975B2 (en) | 2006-10-31 | 2014-09-16 | Blackberry Limited | System and method for protecting a password against brute force attacks |
Also Published As
| Publication number | Publication date |
|---|---|
| CA2566253C (en) | 2012-08-21 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US12242621B2 (en) | Protecting data from brute force attack | |
| US8130961B2 (en) | Method and system for client-server mutual authentication using event-based OTP | |
| CN102413132B (en) | Two-way-security-authentication-based data downloading method and system | |
| US8526606B2 (en) | On-demand secure key generation in a vehicle-to-vehicle communication network | |
| US8799657B2 (en) | Method and system of reconstructing a secret code in a vehicle for performing secure operations | |
| US20180034810A1 (en) | A system and methods for protecting keys in computerized devices operating versus a server | |
| CN103152366B (en) | Obtain the method for terminal authorization, terminal and server | |
| CA2551113A1 (en) | Authentication system for networked computer applications | |
| CA2530944A1 (en) | Challenge response system and method | |
| CN114826659B (en) | Encryption communication method and system | |
| CN113868684A (en) | Signature method, device, server, medium and signature system | |
| CN101296083A (en) | An encrypted data transmission method and system | |
| CN103701787A (en) | User name password authentication method implemented on basis of public key algorithm | |
| EP3000216B1 (en) | Secured data channel authentication implying a shared secret | |
| CN111031061A (en) | Verification method and gateway equipment | |
| CN109218251B (en) | Anti-replay authentication method and system | |
| CN110572257B (en) | Identity-based data source identification method and system | |
| US20210044435A1 (en) | Method for transmitting data from a motor vehicle and method for another vehicle to receive the data through a radio communication channel | |
| Luring et al. | Analysis of security features in DLMS/COSEM: Vulnerabilities and countermeasures | |
| CN118659923B (en) | A quantum-resistant security enhancement method for the Simple Authentication and Security Layer protocol | |
| EP3185504A1 (en) | Security management system for securing a communication between a remote server and an electronic device | |
| CN108768958B (en) | Verification method for data integrity and source based on no leakage of verified information by third party | |
| WO2023199619A8 (en) | Remote signature system and tamper resistant device | |
| JP4840575B2 (en) | Terminal device, certificate issuing device, certificate issuing system, certificate acquisition method and certificate issuing method | |
| US8769280B2 (en) | Authentication apparatus and method for non-real-time IPTV system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| EEER | Examination request |