[go: up one dir, main page]

WO2016050891A1 - User authentication information - Google Patents

User authentication information Download PDF

Info

Publication number
WO2016050891A1
WO2016050891A1 PCT/EP2015/072646 EP2015072646W WO2016050891A1 WO 2016050891 A1 WO2016050891 A1 WO 2016050891A1 EP 2015072646 W EP2015072646 W EP 2015072646W WO 2016050891 A1 WO2016050891 A1 WO 2016050891A1
Authority
WO
WIPO (PCT)
Prior art keywords
token
algorithm
modified
user
parameter set
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/EP2015/072646
Other languages
French (fr)
Inventor
Nigel BELL
Anthony Stephens
George KALLOS
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
British Telecommunications PLC
Original Assignee
British Telecommunications PLC
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by British Telecommunications PLC filed Critical British Telecommunications PLC
Publication of WO2016050891A1 publication Critical patent/WO2016050891A1/en
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • H04L9/3228One-time or temporary data, i.e. information which is sent for every authentication or authorization, e.g. one-time-password, one-time-token or one-time-key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3271Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response

Definitions

  • the invention relates to user authentication information processing, for example to support requests to access secure resources.
  • resources such as content may be protected for commercial reasons, for example content such as a film or newspaper that is only available on a subscription or information that is share price-sensitive such as commercial forecasts. Resources may also be protected on security grounds, for example data that includes details of a user's bank account.
  • a common scheme for protecting access to such resources is to provide an authorised user with a token to enable the user to be authenticated by a computer system.
  • a token suitable for user authentication using computer systems is a password consisting of a series of alphanumeric characters.
  • a request 120 is generated at a source 102 for access to secure content held at resource repository 104.
  • the request for access to secure content may, for example originate with a user (not shown) activating a hyperlink displayed to the user on the screen of a computing device or smart phone.
  • Such hyperlinks are commonly provided in electronic messages, including email and IM, and in web pages. Activation of the hyperlink initiates access to content that is protected and only available to authenticated users.
  • a resource request 120, generated at a source 102 is not routed directly to the resource repository 104 but is first validated at an authentication server 106.
  • authentication server 106 On receiving resource request 120, authentication server 106 responds by sending an authentication challenge, for example logon page 122, to source 102 to prompt the user to provide security details, which include a password or some other token and some form of user identification, such as a username.
  • the token is a form of shared secret between the user and the authentication server and the token is normally selected by the user in response to a prompt from the authentication server, which stores a copy of the token in a database (not shown). For reasons of security, the token is typically not stored in a form accessible to authentication server 106. Instead, a hash or one-way encrypted form of the token is stored in the database.
  • security details 124 including the token and the other details entered in the logon page, are sent to authentication server 106.
  • Authentication server 106 can now check the security details against a database of security credentials.
  • authentication server 106 applies the required hash or encrypting operation to the token and compares the result with the stored hashed or encrypted value. If the comparison indicates the token is not valid, authentication server 106 sends to source 102 a resource request rejection 126(a). If the comparison indicates the token is valid, authentication server 106 sends to resource repository 104 a requester authentication notification 126(b) incorporating details of the requested resource. In response to receipt of the requester authentication notification 126(b), resource repository 104 sends to source 102 requested resource 128.
  • US5428349 describes a password access method effected by displaying to a user, a pseudorandom array of letters and numerals such that password entry can be achieved without the need to type characters on a keyboard.
  • the user input comprises information on the position on the display of the password characters and the not the characters in the password.
  • US5559961 describes a graphical password arrangement, wherein a user is required to point to (e.g. touch) one or more predetermined positions on a displayed image in a predetermined order as a way of indicating their authorisation to access a secure resource. Again, the user input comprises information on display locations and not the characters in the password.
  • US7735124 describes a user entering string of characters that incorporates the password but is much longer than the password. The user is authenticated if the password is embedded as a whole anywhere within the input string. This method is still vulnerable to copying and brute force attacks.
  • US2014165169 describes a password verification system that is tolerant of typing mistakes.
  • the system allows a plurality of variations on a password that may be generated by user data-entry errors, however, this reduces security and makes it easier to guess an acceptable password by brute force methods.
  • the invention provides a method for processing user authentication information, in which the method comprises: receiving from a source, in response to a user authentication challenge, user authentication information comprising a token; identifying a parameter set associated with the challenge; in which the parameter set comprises at least one parameter; modifying an algorithm according to the parameter set to generate a modified algorithm; in which the algorithm is modifiable according to a plurality of parameter sets to generate a plurality of distinct modified algorithms; modifying the token using information comprised in the modified algorithm to generate a comparison value; sending the comparison value to an authentication service for authenticating the user.
  • the invention is able to receive a modified form of token and to process it - enabling authentication to be carried out on the basis of the (unmodified) base token.
  • the invention removes the need for the user to enter the base token in response to an authentication challenge and supports use of a different, modified token in response to successive authentication challenges.
  • using information comprised in the modified algorithm to generate a comparison value comprises applying the inverse of the modified algorithm to modify the received token to generate a comparison value.
  • a valid received token is derivable from a base token by applying the modified algorithm to the base token.
  • a base token is derivable from a valid received token by applying the inverse of the modified algorithm to the valid received token.
  • the request is allowable when the comparison value matches the base token.
  • the base token comprises a plurality of character positions; in which the parameter set comprises an indication of at least one character position in the base token to which the modified algorithm is to be applied.
  • the modified algorithm is logically identical to an original modified algorithm used to generate the received token from a base token.
  • the invention comprises sending to the source a user authentication challenge together with the parameter set.
  • the invention comprises receiving at least one of the algorithm and the parameter set from the source of the request.
  • the invention comprises generating at least one of the algorithm and the parameter set.
  • the invention comprises sharing at least one of the algorithm and the parameter set with the source of the request.
  • the invention comprises receiving from the source, in response to a user authentication challenge, user authentication information; determining that the user authentication information comprises the base token and determining that the user authentication information is invalid.
  • the user authentication information is associated with a request for access to a secure resource.
  • the invention also provides a system for processing user authentication information, in which the system comprises a processor configured to: receive, in response to a user authentication challenge, user authentication information comprising a token ; identify a parameter set associated with the challenge; in which the parameter set comprises at least one parameter; modify an algorithm according to the parameter set to generate a modified algorithm; in which the algorithm is modifiable according to a plurality of parameter sets to generate a plurality of distinct modified algorithms; modify the token using information comprised in the modified algorithm to generate a comparison value; send the comparison value to an authentication service for authenticating the user.
  • the system comprises a processor configured to: receive, in response to a user authentication challenge, user authentication information comprising a token ; identify a parameter set associated with the challenge; in which the parameter set comprises at least one parameter; modify an algorithm according to the parameter set to generate a modified algorithm; in which the algorithm is modifiable according to a plurality of parameter sets to generate a plurality of distinct modified algorithms; modify the token using information comprised in the modified algorithm to generate a
  • Figure 1 shows a schematic representation of aspects of a communications network according to the prior art
  • Figure 2 shows a schematic representation of aspects of a communications network according to embodiments of the present invention
  • FIG. 3 shows a sequence diagrams according to embodiments of the present invention
  • Figure 4 shows a block diagram of a computer system suitable for the operation of embodiments of the present invention.
  • the invention provides a mechanism for frequently changing the token characters entered by a user in response to an authentication challenge whilst leaving the original (base) token unchanged.
  • the token characters entered by the user may contain some, but not all, of the characters in the base token.
  • the invention does not require any changes to the underlying authentication mechanism.
  • An extra layer of security is provided that generates an on-screen prompt to allow the user to modify a base token to generate a modified token for use in supporting authentication.
  • a mechanism is also provided at the back-end (token processing server) for reconstructing the base token. Modification of the base token is based on an algorithm that is, itself, variable depending on parameters provided to the user, so that a range of different modified tokens are possible.
  • the algorithm is reversible and the back-end (token processing server) is able to use the algorithm, parameters and the modified token entered by the user to reconstruct the base token.
  • the reconstructed base token is then passed to the authentication server, which functions as normal, for token verification. That is, token management remains essentially the same, but with the addition of an extra layer of security.
  • the user generates an algorithm and associated parameter values for modifying the base token.
  • the choice of algorithm and associated parameter values can be determined in an initialisation phase by the user responding to an on-screen prompt.
  • Figure 2 shows an enhancement to the communications network of Figure 1 according to embodiments of the present invention.
  • the network of Figure 2 provides enhanced security when relying on token authentication.
  • token authentication As before, there exists a token that is a shared secret between the user and the authentication server 206 (which we shall refer to as the base token), however, an authentication challenge in the network of Figure 2 is not met by providing the base token but a token that is a morphed or modified version of the base token and which may not be known to the authentication server 206.
  • Figure 2 shows a system in which a request for access to a secure resource is processed and the request either allowed or rejected.
  • a request is generated by a user at a source 202 for access to a secure resource held at resource repository 204.
  • Resource request 220 generated at a source 202, is not routed directly to the resource repository 204 but is first validated at an authentication server 206.
  • authentication server 206 responds, as before, by sending an authentication challenge, for example in the form of a logon page 222, to request source 202.
  • the base token is not provided to authentication server 206 but instead, source 202 provides the modified variant of the base token to authentication server 206.
  • Logon page 222 may comprise a web page or on-screen form with suitable annotation to prompt the user to provide security details and fields for user- entry of requested data.
  • security details 224 including the modified token and the other details entered in the logon page, are sent to authentication server 206.
  • Authentication server 206 receives from request source 202, response 224 to the authentication challenge including the modified token and shares the modified token with token processing server 208 with the aim of recovering the base token for completing user authentication.
  • Authentication server 206 and token processing server 208 together constitute an authentication service.
  • the algorithm, and hence the base token can be modified in a different way for each successive resource request, thereby enhancing security, and rendering requests immune to the user being overlooked while entering characters and to key-logging malware, as the modified token used in one request will not be valid in subsequent requests.
  • This also provides protection from brute force attacks as, where a different modified token is used in each successive request, the brute force attack is chasing a moving target.
  • the user selects a token, for example a password, in the normal way, for example, by typing a sequence of alphanumeric characters into a field on a token registration page and then, optionally, typing the same token again in a different field to protect against any mis-keying.
  • a token for example a password
  • the token is entered consistently and meets any minimum security requirements of the system, it is registered against the user's identity.
  • the user is then presented with a token modifying wizard, which assists the user in creating a suitable token algorithm and parameters.
  • the token modifying wizard checks the proposed algorithm to ensure that it is reversible, that it is possible to derive from the algorithm an inverse algorithm that reverses changes introduced into the token by application of the algorithm.
  • the base token comprises a plurality of character positions; in which a parameter set comprises an indication of at least one character position in the base token to which the modified algorithm is to be applied and applying the modified algorithm to a token applies the same operation at each indicated character position in the token.
  • a token modifying prompt is displayed to the user showing one or more parameters that the user must apply, in combination with the selected algorithm, to the base token in order to generate a modified token to achieve authentication in support of the request.
  • a parameter set is amenable to display in a visual prompt comprising at least one of a graphic, a colour, a number and a word.
  • the algorithm may be selected and sets of parameters may be defined by the user, for example, when the account is created.
  • a prompt is displayed to the user, indicating one or more parameter.
  • the user uses the parameter or parameters indicated by the prompt to modify the secret algorithm and then applies the modified algorithm to the base token.
  • the combination of prompt and algorithm is a shared secret, not between the user and authentication server 206, but between the user and token processing server 208.
  • the algorithm includes instructions for modifying the base token to produce modified tokens. As indicated above, in use, the algorithm is, itself, modifiable to form different modified algorithms according to different parameters.
  • Each different modified algorithm is capable of generating a different variant of the token. That is, the algorithm may comprise sections that are configurable according to one or more parameters to produce a plurality of different modified algorithms by applying different ones of the parameters. Each modified algorithm will effect different modifications to the base token to produce a different modified token.
  • the algorithm may state: "add the indicated number to the last digit of the token”. The user may at a later time be presented with the parameter 5, so that they will know that the modified algorithm to be applied to the base token is: “add 5 to the last digit of the token”.
  • the algorithm may state: "add the indicated number to the indicated digit of the token”. The user may at a later time be presented with the parameters 5/2, so that they will know that the modified algorithm to be applied to the base token is: "add 5 to the 2nd digit of the token”. More sophisticated examples are provided, later.
  • a prompt 210 comprises information, for example parameters, for the user concerning modification of the algorithm and is made available to the user so that it may guide the user in modifying the algorithm to produce a modified algorithm that is then used to modify the base token to generate a modified token in preparation for authenticating a resource request.
  • the user has access to prompt 210, which token processing server 208 may, for example, provide to request source 202 along with logon page 222, where it is displayed to the user.
  • the user also has knowledge of the algorithm (for example, the user may have generated the algorithm) and is able to combine prompt and algorithm to generate the appropriate modified algorithm for the current request.
  • the one or more parameters are selected randomly by token processing server 208 from a set of parameters that are pre-configured in the system.
  • token processing server 208 can then retrieve the algorithm from local storage, based on user identity information provided with the security details.
  • token processing server 208 can generate a local copy of the modified algorithm.
  • Token processing server 208 then applies the inverse of the modified algorithm to the modified token. Taking one of the above, simple examples: "add 5 to the 2nd digit of the token", token processing server 208 subtracts 5 from the second digit of the received modified token to recover the base token.
  • an algorithm may be combined with a parameter to generate a set of instructions (i.e. a modified algorithm) and how these instructions may be applied to a base token to produce a modified token.
  • the user chooses to modify the characters in alphanumeric base token abc123.
  • the prompts display one or more characters as an image with the colour red, green or blue. According to the present example, the colours associated with the prompts determine how one or more parameters of the prompt should be used to change characters in the base token.
  • Example Algorithm 1 the relevant algorithm is as follows:
  • Example Prompt 1 .1 the parameter is 12 (displayed in red), the algorithm is modified to generate modified algorithm:
  • Example Prompt 1 .2 the parameter is 10 (displayed in green), the algorithm is modified to generate modified algorithm:
  • Example Prompt 1 .3 the parameter is 9 (displayed in blue), the algorithm is modified to generate modified algorithm:
  • Example Algorithm 2 the relevant algorithm is as follows: the user chooses to swap:
  • Example Prompt 2.1 the parameter is "cat" (displayed in red), the algorithm is modified to generate modified algorithm:
  • Example Prompt 2.2 the parameter is "deer” (displayed in blue), the algorithm is modified to generate modified algorithm:
  • Authentication server 206 receives the modified token from request source 202 and shares the modified token and the user's identity information with token processing server 208 with the aim of recovering the base token for completing user authentication.
  • Token processing server 208 has access to the algorithm and to the parameter use in association with the current transaction.
  • token processing server 208 applies the parameter to the algorithm to generate a modified algorithm.
  • Token processing server 208 then applies the inverse of the generated modified algorithm to the received parameter. If the received parameter was correctly generated from the base token, this action should generate the base token from the modified token.
  • authentication server 206 can now check the security details against a database of security credentials.
  • authentication server 206 applies the required hash or encrypting operation to the processed modified token and compares the result with the stored hashed or encrypted value of the base token. If comparison indicates there is no match, so that the processed modified token is not valid (i.e. it was not correctly derived from the base token), authentication server 206 sends to source 202 a resource request rejection 230(a). If the comparison indicates the processed modified token does match, so that the processed modified token is valid (i.e.
  • authentication server 206 sends to resource repository 204 a requester authentication notification 230(b) incorporating details of the requested resource.
  • resource repository 204 sends to source 202 requested resource 232.
  • the user generates a resource request which is sent to the authentication service.
  • the authentication service gets, at 303, one or more parameter values.
  • the parameter values may have been generated by the user during initialisation or generated by the authentication service and, in any case, a copy is stored locally to the authentication service.
  • the authentication service generates an on-screen prompt embodying the parameter values.
  • the authentication service sends, at 305, an authentication challenge (e.g. logon page) to the user together with the on-screen prompt.
  • the logon page together with parameter values are displayed, at 306, to the user by request source.
  • the user constructs a modified version of the base token using the parameters in the on-screen prompt in combination with the algorithm and, at 307, enters the characters of the modified token on the logon page and sends the completed logon page to the authentication service.
  • the authentication service applies the reverse of the modifying operation to the modified token with the aim of reconstructing the base token. However, whether the result of the reverse modifying operation is the base token or not will depend on whether the user correctly applied the appropriate modified algorithm to the correct base token.
  • the authentication service is then able to proceed, as normal, to compare the result of the reverse modifying operation with the base token and, at 310, to authorise or reject the request as appropriate.
  • FIG. 4 shows a computer system 40 in accordance with the disclosed embodiments.
  • Computer system 40 may correspond to an apparatus that includes a processor 410, memory 412, storage 414, user interface 416 and communications interface 418 with other components commonly found in electronic computing devices.
  • Computer system 40 may also include input/output devices (not shown) such as a keyboard, a pointing device and a display communicating with processor 410 via user interface module 416.
  • Computer system 40 may also, via communications interface module 418 (which may comprise a plurality of network interfaces), be connected to or have the capability for connection to one or more communications network, such as a wired, wireless or hybrid LAN, WAN or internet.
  • communications interface module 418 which may comprise a plurality of network interfaces
  • Request source 202 comprises a processing platform (such as that shown in Figure 4) provided with appropriate software and interfaces.
  • Suitable processing platforms include, for example, a personal computer, a laptop computer, a tablet computer, a mobile telephone, a smartphone such as an Android, Windows or iOS smartphone, a portable terminal device or any other suitable mobile device with appropriate connection capability.
  • Other elements of Figure 2 will typically be implemented in software executing on one or more processing platforms (such as that shown in Figure 4), for example, commercially available servers. Connections between elements of Figure 2 may, for example, at least in part use Wi-Fi wireless technology, GPRS mobile technology or Ethernet IEEE 802.3 wired technology.
  • the communications network of Figure 2 may be implemented, at least in part, using the Internet or a globally routable TCP/IP network such as a privately addressed WAN or point to point link.
  • a computing device such as shown in Figure 4
  • a software-controlled programmable processing device such as a microprocessor, digital signal processor or other data processing device, apparatus or system
  • a computer program for configuring a programmable device, apparatus or system to implement the foregoing described methods is envisaged as an aspect of the present invention.
  • the computer program may be embodied as source code or undergo compilation for implementation on a processing device, apparatus or system or may, for example, be embodied as object code.
  • the computer program is stored on a carrier medium in machine or device readable form, for example in solid-state memory, magnetic memory such as disk or tape, optically or magneto-optically readable memory such as compact disk or digital versatile disk etc., and the processing device utilises the program or a part thereof to configure it for operation.
  • the computer program may be supplied from a remote source embodied in a communications medium such as an electronic signal, radio frequency carrier wave or optical carrier wave.
  • a communications medium such as an electronic signal, radio frequency carrier wave or optical carrier wave.
  • carrier media are also envisaged as aspects of the present invention.
  • the prompt could be audible.
  • the range of modifying techniques can be extended beyond those described, above, with the caveat that the modified algorithm must be reversible.
  • the invention improves security by obscuring the base token and acts as a complementary mechanism, rather than a replacement, to existing token protection policies, such as enforced periodic renewal.
  • the invention also acts as a deterrent to token sharing, as it requires the users to share not one but multiple secrets.
  • the modified token from request source 202 may be sent direct to token processing server 208 with the aim of recovering the base token for authentication server 206.
  • Authentication server 206 and token processing server 208 may be realised on individual hardware servers or as different functions incorporated into a single hardware server.
  • One or both of the algorithm and the parameter sets may be generated by the authentication service or a third party, rather than by the user.
  • the user authentication information may be deemed invalid when accompanied by the base token, in which case, the comparison value sent to an authentication service for authenticating the user may be set to an invalid value. Setting the comparison value to an invalid value will cause

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)

Abstract

A method for processing user authentication information by receiving from a source, in response to a user authentication challenge, user authentication information comprising a token; identifying a parameter set associated with the challenge; in which the parameter set comprises at least one parameter; modifying an algorithm according to the parameter set to generate a modified algorithm; in which the algorithm is modifiable according to a plurality of parameter sets to generate a plurality of distinct modified algorithms; modifying the token using information comprised in the modified algorithm to generate a comparison value; sending the comparison value to an authentication service for authenticating the user.

Description

USER AUTHENTICATION INFORMATION
INTRODUCTION
The invention relates to user authentication information processing, for example to support requests to access secure resources.
Typically, resources such as content may be protected for commercial reasons, for example content such as a film or newspaper that is only available on a subscription or information that is share price-sensitive such as commercial forecasts. Resources may also be protected on security grounds, for example data that includes details of a user's bank account. A common scheme for protecting access to such resources is to provide an authorised user with a token to enable the user to be authenticated by a computer system. A token suitable for user authentication using computer systems is a password consisting of a series of alphanumeric characters.
A system for providing secure access to resources is shown in Figure 1 . In Figure 1 , a request 120 is generated at a source 102 for access to secure content held at resource repository 104. The request for access to secure content may, for example originate with a user (not shown) activating a hyperlink displayed to the user on the screen of a computing device or smart phone. Such hyperlinks are commonly provided in electronic messages, including email and IM, and in web pages. Activation of the hyperlink initiates access to content that is protected and only available to authenticated users. A resource request 120, generated at a source 102, is not routed directly to the resource repository 104 but is first validated at an authentication server 106. On receiving resource request 120, authentication server 106 responds by sending an authentication challenge, for example logon page 122, to source 102 to prompt the user to provide security details, which include a password or some other token and some form of user identification, such as a username. The token is a form of shared secret between the user and the authentication server and the token is normally selected by the user in response to a prompt from the authentication server, which stores a copy of the token in a database (not shown). For reasons of security, the token is typically not stored in a form accessible to authentication server 106. Instead, a hash or one-way encrypted form of the token is stored in the database.
When the user has entered the requested details on the logon page and selected "send", security details 124, including the token and the other details entered in the logon page, are sent to authentication server 106. Authentication server 106 can now check the security details against a database of security credentials. On receiving the token from source 102, authentication server 106 applies the required hash or encrypting operation to the token and compares the result with the stored hashed or encrypted value. If the comparison indicates the token is not valid, authentication server 106 sends to source 102 a resource request rejection 126(a). If the comparison indicates the token is valid, authentication server 106 sends to resource repository 104 a requester authentication notification 126(b) incorporating details of the requested resource. In response to receipt of the requester authentication notification 126(b), resource repository 104 sends to source 102 requested resource 128.
There a several weaknesses in the system of Figure 1 relying on a password for authentication. Submitting a password when challenged by a computer system is vulnerable to various attacks such as being overlooked while entering characters on a keyboard or having a computer device infected with malware that logs and reports keystrokes. Brute force techniques, where a computer is used to generate and submit to a secure server (e.g. authentication server 106), millions of passwords in the hope that one will be the correct value, have also proved successful.
US5428349 describes a password access method effected by displaying to a user, a pseudorandom array of letters and numerals such that password entry can be achieved without the need to type characters on a keyboard. The user input comprises information on the position on the display of the password characters and the not the characters in the password. US5559961 describes a graphical password arrangement, wherein a user is required to point to (e.g. touch) one or more predetermined positions on a displayed image in a predetermined order as a way of indicating their authorisation to access a secure resource. Again, the user input comprises information on display locations and not the characters in the password. These methods require a complex user interface and may still be vulnerable to copying or to a sophisticated brute force attack.
US7735124 describes a user entering string of characters that incorporates the password but is much longer than the password. The user is authenticated if the password is embedded as a whole anywhere within the input string. This method is still vulnerable to copying and brute force attacks.
US2014165169 describes a password verification system that is tolerant of typing mistakes. The system allows a plurality of variations on a password that may be generated by user data-entry errors, however, this reduces security and makes it easier to guess an acceptable password by brute force methods.
SUMMARY OF THE INVENTION
Accordingly, the invention provides a method for processing user authentication information, in which the method comprises: receiving from a source, in response to a user authentication challenge, user authentication information comprising a token; identifying a parameter set associated with the challenge; in which the parameter set comprises at least one parameter; modifying an algorithm according to the parameter set to generate a modified algorithm; in which the algorithm is modifiable according to a plurality of parameter sets to generate a plurality of distinct modified algorithms; modifying the token using information comprised in the modified algorithm to generate a comparison value; sending the comparison value to an authentication service for authenticating the user.
Hence, the invention is able to receive a modified form of token and to process it - enabling authentication to be carried out on the basis of the (unmodified) base token. The invention removes the need for the user to enter the base token in response to an authentication challenge and supports use of a different, modified token in response to successive authentication challenges.
According to a first aspect, using information comprised in the modified algorithm to generate a comparison value comprises applying the inverse of the modified algorithm to modify the received token to generate a comparison value. Hence, it is possible to derive from the modified algorithm an inverse algorithm that reverses changes introduced into the token by application of the modified algorithm. Application of the inverse algorithm to a token that is correctly generated by applying the modified algorithm to the base token, will therefore yield the base token.
According to a further aspect, a valid received token is derivable from a base token by applying the modified algorithm to the base token. According to a further aspect, a base token is derivable from a valid received token by applying the inverse of the modified algorithm to the valid received token. According to a further aspect, the request is allowable when the comparison value matches the base token. According to a further aspect, the base token comprises a plurality of character positions; in which the parameter set comprises an indication of at least one character position in the base token to which the modified algorithm is to be applied. According to a further aspect, the modified algorithm is logically identical to an original modified algorithm used to generate the received token from a base token.
According to a further aspect, the invention comprises sending to the source a user authentication challenge together with the parameter set. According to a further aspect, the invention comprises receiving at least one of the algorithm and the parameter set from the source of the request. According to a further aspect, the invention comprises generating at least one of the algorithm and the parameter set. According to a further aspect, the invention comprises sharing at least one of the algorithm and the parameter set with the source of the request.
According to a further aspect, the invention comprises receiving from the source, in response to a user authentication challenge, user authentication information; determining that the user authentication information comprises the base token and determining that the user authentication information is invalid. According to a further aspect, the user authentication information is associated with a request for access to a secure resource.
The invention also provides a system for processing user authentication information, in which the system comprises a processor configured to: receive, in response to a user authentication challenge, user authentication information comprising a token ; identify a parameter set associated with the challenge; in which the parameter set comprises at least one parameter; modify an algorithm according to the parameter set to generate a modified algorithm; in which the algorithm is modifiable according to a plurality of parameter sets to generate a plurality of distinct modified algorithms; modify the token using information comprised in the modified algorithm to generate a comparison value; send the comparison value to an authentication service for authenticating the user.
BRIEF DESCRIPTION OF THE DRAWINGS
Embodiments of the invention will now be described by way of example with reference to the drawings in which:
Figure 1 shows a schematic representation of aspects of a communications network according to the prior art;
Figure 2 shows a schematic representation of aspects of a communications network according to embodiments of the present invention;
Figure 3 shows a sequence diagrams according to embodiments of the present invention;
Figure 4 shows a block diagram of a computer system suitable for the operation of embodiments of the present invention.
DETAILED DESCRIPTION
The invention provides a mechanism for frequently changing the token characters entered by a user in response to an authentication challenge whilst leaving the original (base) token unchanged. The token characters entered by the user may contain some, but not all, of the characters in the base token. However, the invention does not require any changes to the underlying authentication mechanism. An extra layer of security is provided that generates an on-screen prompt to allow the user to modify a base token to generate a modified token for use in supporting authentication. A mechanism is also provided at the back-end (token processing server) for reconstructing the base token. Modification of the base token is based on an algorithm that is, itself, variable depending on parameters provided to the user, so that a range of different modified tokens are possible. The algorithm is reversible and the back-end (token processing server) is able to use the algorithm, parameters and the modified token entered by the user to reconstruct the base token. The reconstructed base token is then passed to the authentication server, which functions as normal, for token verification. That is, token management remains essentially the same, but with the addition of an extra layer of security.
According to one implementation, the user generates an algorithm and associated parameter values for modifying the base token. The choice of algorithm and associated parameter values can be determined in an initialisation phase by the user responding to an on-screen prompt.
Figure 2 shows an enhancement to the communications network of Figure 1 according to embodiments of the present invention. The network of Figure 2 provides enhanced security when relying on token authentication. As before, there exists a token that is a shared secret between the user and the authentication server 206 (which we shall refer to as the base token), however, an authentication challenge in the network of Figure 2 is not met by providing the base token but a token that is a morphed or modified version of the base token and which may not be known to the authentication server 206.
As with Figure 1 , Figure 2 shows a system in which a request for access to a secure resource is processed and the request either allowed or rejected. A request is generated by a user at a source 202 for access to a secure resource held at resource repository 204. Resource request 220, generated at a source 202, is not routed directly to the resource repository 204 but is first validated at an authentication server 206. On receiving request 220, authentication server 206 responds, as before, by sending an authentication challenge, for example in the form of a logon page 222, to request source 202. According to the invention, the base token is not provided to authentication server 206 but instead, source 202 provides the modified variant of the base token to authentication server 206. Logon page 222 may comprise a web page or on-screen form with suitable annotation to prompt the user to provide security details and fields for user- entry of requested data. When the user has entered the requested details on the logon page and selected "send", security details 224, including the modified token and the other details entered in the logon page, are sent to authentication server 206. Authentication server 206 receives from request source 202, response 224 to the authentication challenge including the modified token and shares the modified token with token processing server 208 with the aim of recovering the base token for completing user authentication. Authentication server 206 and token processing server 208 together constitute an authentication service. The algorithm, and hence the base token, can be modified in a different way for each successive resource request, thereby enhancing security, and rendering requests immune to the user being overlooked while entering characters and to key-logging malware, as the modified token used in one request will not be valid in subsequent requests. This also provides protection from brute force attacks as, where a different modified token is used in each successive request, the brute force attack is chasing a moving target.
We now describe initialisation of the token modifying system. The user selects a token, for example a password, in the normal way, for example, by typing a sequence of alphanumeric characters into a field on a token registration page and then, optionally, typing the same token again in a different field to protect against any mis-keying. If the token is entered consistently and meets any minimum security requirements of the system, it is registered against the user's identity. The user is then presented with a token modifying wizard, which assists the user in creating a suitable token algorithm and parameters. As part of its operation, the token modifying wizard checks the proposed algorithm to ensure that it is reversible, that it is possible to derive from the algorithm an inverse algorithm that reverses changes introduced into the token by application of the algorithm. Application of the inverse algorithm to a modified token (i.e. a token generated by applying the algorithm to the base token) will therefore yield the base token. The onus is on the user to remember the algorithm. According to various embodiments, the character position or positions to which the algorithm is to be applied may be included in the algorithm, in a prompt provided to the user at the time of making a request or the onus may be on the user to remember the character positions as well as the algorithm. According to other embodiments, the base token comprises a plurality of character positions; in which a parameter set comprises an indication of at least one character position in the base token to which the modified algorithm is to be applied and applying the modified algorithm to a token applies the same operation at each indicated character position in the token.
After the algorithm and parameters have been registered, the user may optionally be presented with an opportunity to trial modified token entry using the algorithm and parameters to ensure that the user understands how the system works and how to use the selected algorithm. The next time the user initiates a request for access to a secure resource, a token modifying prompt is displayed to the user showing one or more parameters that the user must apply, in combination with the selected algorithm, to the base token in order to generate a modified token to achieve authentication in support of the request. According to an embodiment, a parameter set is amenable to display in a visual prompt comprising at least one of a graphic, a colour, a number and a word.
We now describe generation of modified tokens. As well as a shared secret base token, the user is aware of a secret algorithm. The algorithm may be selected and sets of parameters may be defined by the user, for example, when the account is created. When the user is challenged for security details, a prompt is displayed to the user, indicating one or more parameter. The user uses the parameter or parameters indicated by the prompt to modify the secret algorithm and then applies the modified algorithm to the base token. The combination of prompt and algorithm is a shared secret, not between the user and authentication server 206, but between the user and token processing server 208. The algorithm includes instructions for modifying the base token to produce modified tokens. As indicated above, in use, the algorithm is, itself, modifiable to form different modified algorithms according to different parameters. Each different modified algorithm is capable of generating a different variant of the token. That is, the algorithm may comprise sections that are configurable according to one or more parameters to produce a plurality of different modified algorithms by applying different ones of the parameters. Each modified algorithm will effect different modifications to the base token to produce a different modified token. To take a very simple example, the algorithm may state: "add the indicated number to the last digit of the token". The user may at a later time be presented with the parameter 5, so that they will know that the modified algorithm to be applied to the base token is: "add 5 to the last digit of the token". To take another very simple example, the algorithm may state: "add the indicated number to the indicated digit of the token". The user may at a later time be presented with the parameters 5/2, so that they will know that the modified algorithm to be applied to the base token is: "add 5 to the 2nd digit of the token". More sophisticated examples are provided, later.
A prompt 210 comprises information, for example parameters, for the user concerning modification of the algorithm and is made available to the user so that it may guide the user in modifying the algorithm to produce a modified algorithm that is then used to modify the base token to generate a modified token in preparation for authenticating a resource request. Accordingly, the user has access to prompt 210, which token processing server 208 may, for example, provide to request source 202 along with logon page 222, where it is displayed to the user. The user also has knowledge of the algorithm (for example, the user may have generated the algorithm) and is able to combine prompt and algorithm to generate the appropriate modified algorithm for the current request.
It is not necessary that the one or more parameters used are different each time, but variation will increase security. According to one embodiment, the one or more parameters are selected randomly by token processing server 208 from a set of parameters that are pre-configured in the system. When the security details 224 are provided, token processing server 208 can then retrieve the algorithm from local storage, based on user identity information provided with the security details. By applying to the retrieved algorithm, the one or more parameters conveyed to the user in the prompt sent with the logon page, token processing server 208 can generate a local copy of the modified algorithm. Token processing server 208 then applies the inverse of the modified algorithm to the modified token. Taking one of the above, simple examples: "add 5 to the 2nd digit of the token", token processing server 208 subtracts 5 from the second digit of the received modified token to recover the base token.
We now provide some further examples of how an algorithm may be combined with a parameter to generate a set of instructions (i.e. a modified algorithm) and how these instructions may be applied to a base token to produce a modified token. In the following examples, the user chooses to modify the characters in alphanumeric base token abc123. The prompts display one or more characters as an image with the colour red, green or blue. According to the present example, the colours associated with the prompts determine how one or more parameters of the prompt should be used to change characters in the base token.
Example Algorithm 1 : the relevant algorithm is as follows:
• If the colour is red, the number in the prompt is added to all numbers in the base token.
• If the colour is green, the number in the prompt is added to the first number in the base token.
• If the colour is blue, the number in the prompt is added to the last number in the base token.
Example Prompt 1 .1 : the parameter is 12 (displayed in red), the algorithm is modified to generate modified algorithm:
"add 12 to all numbers in the base token"
and the base token is modified by application of the modified algorithm to generate modified token: abc131415
Example Prompt 1 .2: the parameter is 10 (displayed in green), the algorithm is modified to generate modified algorithm:
"add 10 to the first number in the base token"
and the base token is modified to generate modified token:
abc1 123
Example Prompt 1 .3: the parameter is 9 (displayed in blue), the algorithm is modified to generate modified algorithm:
"add 9 to the last number in the base token"
and the base token is modified to generate modified token:
abc1212
So, we have three different modified algorithms generated from a single algorithm by application of different parameters to a base algorithm. We then are able to derive three different modified tokens, with each modified token being generated from a single base token by application of a different one of the modified algorithms.
Example Algorithm 2: the relevant algorithm is as follows: the user chooses to swap:
• the first 2 characters of the base token if the displayed word is red.
• the second 2 characters of the base token if the displayed word is blue.
• in addition, the number of letters in the displayed word is suffixed to the token. Example Prompt 2.1 : the parameter is "cat" (displayed in red), the algorithm is modified to generate modified algorithm:
"swap the first 2 characters and suffix the base token with 3"
and the base token is modified to generate modified token:
bad 233
Example Prompt 2.2: the parameter is "deer" (displayed in blue), the algorithm is modified to generate modified algorithm:
"swap the second 2 characters and suffix the base token with 4"
and the base token is modified to generate modified token:
acbl 234 So, we have two different modified algorithms generated from a single algorithm by application of different parameters to a base algorithm. We then are able to derive two different modified tokens, with each modified token being generated from a single base token by application of a different one of the modified algorithms.
We now continue describing the communications network according the present invention of Figure 2. In response to the logon page issued by authentication server 206 and displayed to the user by request source 202, the user provides security details. The user enters the usual security details but, instead of entering the base token, generates a modified algorithm, as indicated above, and applies that to the base token to generate a modified token. The user then enters the modified token on the logon page in place of the base token. When the user has entered the requested details on the logon page and selected "send", security details 224, including the modified token and the other security details entered in the logon page, are sent to authentication server 206.
Authentication server 206 receives the modified token from request source 202 and shares the modified token and the user's identity information with token processing server 208 with the aim of recovering the base token for completing user authentication. Token processing server 208 has access to the algorithm and to the parameter use in association with the current transaction. On receipt of the modified token from authentication server 206, token processing server 208 applies the parameter to the algorithm to generate a modified algorithm. Token processing server 208 then applies the inverse of the generated modified algorithm to the received parameter. If the received parameter was correctly generated from the base token, this action should generate the base token from the modified token.
Following example which applied modified algorithm "swap the first 2 characters and suffix the base token with 3", application of the inverse modified algorithm would involve the following: "remove the suffix "3" and swap the first 2 characters". Applying this inverse modified algorithm to modified token bad 233, will result in processed modified token abc123 (which matches the base token).
Once in receipt from token processing server 208 of the processed modified token, authentication server 206 can now check the security details against a database of security credentials. On receiving the processed modified token from token processing server 208, authentication server 206 applies the required hash or encrypting operation to the processed modified token and compares the result with the stored hashed or encrypted value of the base token. If comparison indicates there is no match, so that the processed modified token is not valid (i.e. it was not correctly derived from the base token), authentication server 206 sends to source 202 a resource request rejection 230(a). If the comparison indicates the processed modified token does match, so that the processed modified token is valid (i.e. it was correctly derived from the base token), authentication server 206 sends to resource repository 204 a requester authentication notification 230(b) incorporating details of the requested resource. In response to receipt of the requester authentication notification 230(b), resource repository 204 sends to source 202 requested resource 232.
We now describe, with reference to Figure 3, a sequence of events according to embodiments of the present invention. In the following sequence, reference numerals refer to the elements of Figure 3. At 301 , the user generates a resource request which is sent to the authentication service. In response to receipt of the user's request, the authentication service gets, at 303, one or more parameter values. The parameter values may have been generated by the user during initialisation or generated by the authentication service and, in any case, a copy is stored locally to the authentication service. At 304, the authentication service generates an on-screen prompt embodying the parameter values. The authentication service sends, at 305, an authentication challenge (e.g. logon page) to the user together with the on-screen prompt. The logon page together with parameter values are displayed, at 306, to the user by request source. In response to display of the logon page, the user constructs a modified version of the base token using the parameters in the on-screen prompt in combination with the algorithm and, at 307, enters the characters of the modified token on the logon page and sends the completed logon page to the authentication service. On receipt of the completed logon page, at 308, the authentication service applies the reverse of the modifying operation to the modified token with the aim of reconstructing the base token. However, whether the result of the reverse modifying operation is the base token or not will depend on whether the user correctly applied the appropriate modified algorithm to the correct base token. At 309, the authentication service is then able to proceed, as normal, to compare the result of the reverse modifying operation with the base token and, at 310, to authorise or reject the request as appropriate.
Figure 4 shows a computer system 40 in accordance with the disclosed embodiments. Computer system 40 may correspond to an apparatus that includes a processor 410, memory 412, storage 414, user interface 416 and communications interface 418 with other components commonly found in electronic computing devices. Computer system 40 may also include input/output devices (not shown) such as a keyboard, a pointing device and a display communicating with processor 410 via user interface module 416. Computer system 40 may also, via communications interface module 418 (which may comprise a plurality of network interfaces), be connected to or have the capability for connection to one or more communications network, such as a wired, wireless or hybrid LAN, WAN or internet.
Request source 202 comprises a processing platform (such as that shown in Figure 4) provided with appropriate software and interfaces. Suitable processing platforms include, for example, a personal computer, a laptop computer, a tablet computer, a mobile telephone, a smartphone such as an Android, Windows or iOS smartphone, a portable terminal device or any other suitable mobile device with appropriate connection capability. Other elements of Figure 2 will typically be implemented in software executing on one or more processing platforms (such as that shown in Figure 4), for example, commercially available servers. Connections between elements of Figure 2 may, for example, at least in part use Wi-Fi wireless technology, GPRS mobile technology or Ethernet IEEE 802.3 wired technology. The communications network of Figure 2 may be implemented, at least in part, using the Internet or a globally routable TCP/IP network such as a privately addressed WAN or point to point link.
Insofar as embodiments of the invention described are implementable, at least in part, using a computing device such as shown in Figure 4 (i.e. a software-controlled programmable processing device, such as a microprocessor, digital signal processor or other data processing device, apparatus or system), it will be appreciated that a computer program for configuring a programmable device, apparatus or system to implement the foregoing described methods is envisaged as an aspect of the present invention. The computer program may be embodied as source code or undergo compilation for implementation on a processing device, apparatus or system or may, for example, be embodied as object code.
Suitably, the computer program is stored on a carrier medium in machine or device readable form, for example in solid-state memory, magnetic memory such as disk or tape, optically or magneto-optically readable memory such as compact disk or digital versatile disk etc., and the processing device utilises the program or a part thereof to configure it for operation. The computer program may be supplied from a remote source embodied in a communications medium such as an electronic signal, radio frequency carrier wave or optical carrier wave. Such carrier media are also envisaged as aspects of the present invention.
It will be understood by those skilled in the art that, although the present invention has been described in relation to the above described example embodiments, the invention is not limited thereto and that there are many possible variations and modifications which fall within the scope of the invention. For example, the prompt could be audible.
The range of modifying techniques can be extended beyond those described, above, with the caveat that the modified algorithm must be reversible. The invention improves security by obscuring the base token and acts as a complementary mechanism, rather than a replacement, to existing token protection policies, such as enforced periodic renewal. The invention also acts as a deterrent to token sharing, as it requires the users to share not one but multiple secrets. The modified token from request source 202 may be sent direct to token processing server 208 with the aim of recovering the base token for authentication server 206. Authentication server 206 and token processing server 208 may be realised on individual hardware servers or as different functions incorporated into a single hardware server. One or both of the algorithm and the parameter sets may be generated by the authentication service or a third party, rather than by the user. The user authentication information may be deemed invalid when accompanied by the base token, in which case, the comparison value sent to an authentication service for authenticating the user may be set to an invalid value. Setting the comparison value to an invalid value will cause authentication to fail.
The scope of the present invention includes any novel features or combination of features disclosed herein. The applicant hereby gives notice that new claims may be formulated to such features or combination of features during prosecution of this application or of any such further applications derived therefrom. In particular, with reference to the appended claims, features from dependent claims may be combined with those of the independent claims and features from respective independent claims may be combined in any appropriate manner and not merely in the specific combinations enumerated in the claims.

Claims

Claims
1 . A method for processing user authentication information, in which the method comprises:
receiving from a source, in response to a user authentication challenge, user authentication information comprising a token ;
identifying a parameter set associated with the challenge; in which the parameter set comprises at least one parameter;
modifying an algorithm according to the parameter set to generate a modified algorithm; in which the algorithm is modifiable according to a plurality of parameter sets to generate a plurality of distinct modified algorithms;
modifying the token using information comprised in the modified algorithm to generate a comparison value;
sending the comparison value to an authentication service for authenticating the user.
2. The method as claimed in claim 1 , in which using information comprised in the modified algorithm to generate a comparison value comprises applying the inverse of the modified algorithm to modify the received token to generate a comparison value.
3. The method as claimed in any above claim, in which a valid received token is derivable from a base token by applying the modified algorithm to the base token.
4. The method as claimed in any above claim, in which a base token is derivable from a valid received token by applying the inverse of the modified algorithm to the valid received token.
5. The method as claimed in any of claims 3 to 4, in which the request is allowable when the comparison value matches the base token.
6. The method as claimed in any of claims 3 to 5, in which the base token comprises a plurality of character positions; in which the parameter set comprises an indication of at least one character position in the base token to which the modified algorithm is to be applied.
7. The method as claimed in any above claim, in which the parameter set comprises an indication of a plurality of character positions in the token to which the same operation is to be applied.
8. The method as claimed in any above claim, in which the modified algorithm is logically identical to an original modified algorithm used to generate the received token from a base token.
9. The method as claimed in any of above claim, further comprising sending to the source a user authentication challenge together with the parameter set.
10. The method as claimed in any of above claim, further comprising receiving at least one of the algorithm and the parameter set from the source of the request.
1 1 . The method as claimed in any above claim, further comprising generating at least one of the algorithm and the parameter set.
12. The method as claimed in claim 1 1 , further comprising sharing at least one of the algorithm and the parameter set with the source of the request.
13. The method as claimed in any above claim, further comprising receiving from the source, in response to a user authentication challenge, user authentication information; determining that the user authentication information comprises the base token and determining that the user authentication information is invalid.
14. The method as claimed in any above claim, in which the user authentication information is associated with a request for access to a secure resource.
15. The method as claimed in any above claim, in which the algorithm comprises a plurality of sections, in which each section is configurable according to one or more parameters to produce a plurality of different modified.
16. The method as claimed in any above claim, in which modifying an algorithm according to the parameter set comprises generated a modified algorithm that is active to add an indicated number to an indicated digit of the token.
17. The method as claimed in any above claim, in which modifying an algorithm according to the parameter set comprises generating a modified algorithm that is active to modify the characters in an alphanumeric base token.
18. The method as claimed in any above claim, in which the parameter set comprises an indication of a number and an indication of a digit of the token and the base algorithm comprises adding the indicated number to the indicated digit.
19. The method as claimed in any above claim, in which an on-screen prompt is generated to allow the user to modify a base token to generate a modified token.
20. The method as claimed claim 19, in which the parameter set comprises an indication of colours associated with prompts and in which the colours associated with the prompts determine how one or more parameters of the prompt should be used to change characters in the base token.
21 . The method as claimed in any above claim, in which the one or more parameters are selected randomly from a set of parameters that are pre- configured in the system.
22. A non-transitory computer-readable storage medium storing a computer program or suite of computer programs which upon execution by a computer system performs the method of any of claims 1 to 21 .
23. A system for processing user authentication information, in which the system comprises a processor configured to:
receive, in response to a user authentication challenge, user authentication information comprising a token ;
identify a parameter set associated with the challenge; in which the parameter set comprises at least one parameter;
modify an algorithm according to the parameter set to generate a modified algorithm; in which the algorithm is modifiable according to a plurality of parameter sets to generate a plurality of distinct modified algorithms; modify the token using information comprised in the modified algorithm to generate a comparison value;
send the comparison value to an authentication service for authenticating the user.
24. The system as claimed in claim 23, in which the combination of prompt and algorithm is a shared secret between a user and a token modifying server.
PCT/EP2015/072646 2014-09-30 2015-09-30 User authentication information Ceased WO2016050891A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
EP14250115.4 2014-09-30
EP14250115 2014-09-30

Publications (1)

Publication Number Publication Date
WO2016050891A1 true WO2016050891A1 (en) 2016-04-07

Family

ID=51752056

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/EP2015/072646 Ceased WO2016050891A1 (en) 2014-09-30 2015-09-30 User authentication information

Country Status (1)

Country Link
WO (1) WO2016050891A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11050560B2 (en) 2019-09-27 2021-06-29 International Business Machines Corporation Secure reusable access tokens
CN114297627A (en) * 2021-12-31 2022-04-08 深圳市伊力科电源有限公司 Function parameter setting method, power supply device and computer-readable storage medium

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070250920A1 (en) * 2006-04-24 2007-10-25 Jeffrey Dean Lindsay Security Systems for Protecting an Asset
US20130333007A1 (en) * 2012-06-07 2013-12-12 International Business Machines Corporation Enhancing Password Protection
US20140181529A1 (en) * 2012-12-21 2014-06-26 Advanced Biometric Controls, Llc Verification of password using a keyboard with a secure password entry mode

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070250920A1 (en) * 2006-04-24 2007-10-25 Jeffrey Dean Lindsay Security Systems for Protecting an Asset
US20130333007A1 (en) * 2012-06-07 2013-12-12 International Business Machines Corporation Enhancing Password Protection
US20140181529A1 (en) * 2012-12-21 2014-06-26 Advanced Biometric Controls, Llc Verification of password using a keyboard with a secure password entry mode

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
ANONYMOUS: "RADIUS - Wikipedia, the free encyclopedia", 30 July 2014 (2014-07-30), pages 1 - 19, XP055175346, Retrieved from the Internet <URL:http://en.wikipedia.org/w/index.php?title=RADIUS&oldid=619124609> [retrieved on 20150310] *

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11050560B2 (en) 2019-09-27 2021-06-29 International Business Machines Corporation Secure reusable access tokens
CN114297627A (en) * 2021-12-31 2022-04-08 深圳市伊力科电源有限公司 Function parameter setting method, power supply device and computer-readable storage medium

Similar Documents

Publication Publication Date Title
US11468151B2 (en) System and method for memetic authentication and identification
US10904218B2 (en) Secure proxy to protect private data
US9398009B2 (en) Device driven user authentication
EP3824592B1 (en) Public-private key pair protected password manager
US8918849B2 (en) Secure user credential control
US9680836B2 (en) Generation of a visually obfuscated representation of an alphanumeric message that indicates availability of a proposed identifier
CN113711211A (en) First-factor contactless card authentication system and method
Ferry et al. Security evaluation of the OAuth 2.0 framework
US9077713B1 (en) Typeless secure login to web-based services
US20160127134A1 (en) User authentication system and method
WO2015188426A1 (en) Method, device, system, and related device for identity authentication
US11997210B2 (en) Protection of online applications and webpages using a blockchain
US20170091441A1 (en) Password interposer
US11424929B2 (en) Authentication using encrypted biometric information
WO2022053868A2 (en) Systems and methods for non-deterministic multi-party, multi-user sender-receiver authentication and non-repudiatable resilient authorized access to secret data
EP4231178A1 (en) Synthetic biometrics for user privacy
WO2016050891A1 (en) User authentication information
US20250071108A1 (en) Decentralized identifier based authentication with verifiable credentials
JP2024526117A (en) System and method for contactless card communication and key pair encryption authentication using distributed storage - Patents.com
CA2904646A1 (en) Secure authentication using dynamic passcode
US20250240290A1 (en) Authentication using sequence of facial images
WO2024210736A1 (en) An authentication protocol for establishing a momentary trust zone during a login and operation procedure
KR102168098B1 (en) A secure password authentication protocol using digitalseal
WO2024210737A1 (en) A personal cryptograhic key generator for use in a computer implementable protocol for establishing a momentary trust zone
Kamesh et al. Authenticating Clients without using their Login IDs through Mind Metrics

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 15775668

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 15775668

Country of ref document: EP

Kind code of ref document: A1