Showing papers on "Password published in 1999"

A fuzzy commitment scheme

Abstract: We combine well-known techniques from the areas of error-correcting codes and cryptography to achieve a new type of cryptographic primitive that we refer to as a fuzzy commitment scheme. Like a conventional cryptographic commitment scheme, our fuzzy commitment scheme is both concealing and binding: it is infeasible for an attacker to learn the committed value, and also for the committer to decommit a value in more than one way. In a conventional scheme, a commitment must be opened using a unique witness, which acts, essentially, as a decryption key. By contrast, our scheme is fuzzy in the sense that it accepts a witness that is close to the original encrypting witness in a suitable metric, but not necessarily identical.This characteristic of our fuzzy commitment scheme makes it useful for applications such as biometric authentication systems, in which data is subject to random noise. Because the scheme is tolerant of error, it is capable of protecting biometric data just as conventional cryptographic techniques, like hash functions, are used to protect alphanumeric passwords. This addresses a major outstanding problem in the theory of biometric authentication. We prove the security characteristics of our fuzzy commitment scheme relative to the properties of an underlying cryptographic hash function.

The design and analysis of graphical passwords

Abstract: In this paper we propose and evaluate new graphical password schemes that exploit features of graphical input displays to achieve better security than text-based passwords. Graphical input devices enable the user to decouple the position of inputs from the temporal order in which those inputs occur, and we show that this decoupling can be used to generate password schemes with substantially larger (memorable) password spaces. In order to evaluate the security of one of our schemes, we devise a novel way to capture a subset of the "memorable" passwords that, we believe, is itself a contribution. In this work we are primarily motivated by devices such as personal digital assistants (PDAs) that offer graphical input capabilities via a stylus, and we describe our prototype implementation of one of our password schemes on such a PDA, namely the Palm PilotTM.

System and method for providing secure URL-based access to private resources

Abstract: In a Web site system in which different private records or other resources are personal to different users, a method is provided for allowing users to securely access a private resource without the need to enter a username, password, or other authentication information, and without the need to download special authentication software or data to the user's computer. Each resource is assigned a private uniform resource locator (URL) which includes a fixed character string and a unique token, and the URLs are conveyed by email (preferably using hyperlinks) to users that are entitled to access such resources. The tokens are generated using a method which distributes the tokens substantially randomly over the range of allowable token values (“token space”). The token space is selected to be sufficiently large relative to the expected number of valid tokens to inhibit the identification of valid tokens through trial and error. When a user attempts to access a private URL (such as to access a private account information page), a token validation program is used to determine whether the token is valid. The method may be used to provide users secure to access private account information on the Web site of merchant. Other practical applications include electronic gift certificate and coupon redemption, gift registries, order confirmation electronic voting, and electronic greeting cards.

Password hardening based on keystroke dynamics

Abstract: We present a novel approach to improving the security of passwords. In our approach, the legitimate user's typing patterns (e.g., durations of keystrokes, and latencies between keystrokes) are combined with the user's password to generate a hardened password that is convincingly more secure than conventional passwords against both online and offline attackers. In addition, our scheme automatically adapts to gradual changes in a user's typing patterns while maintaining the same hardened password across multiple logins, for use in file encryption or other applications requiring a longterm secret key. Using empirical data and a prototype implementation of our scheme, we give evidence that our approach is viable in practice, in terms of ease of use, improved security, and performance

Public-key cryptography and password protocols

Abstract: We study protocols for strong authentication and key exchange in asymmetric scenarios where the authentication server possesses ~a pair of private and public keys while the client has only a weak human-memorizable password as its authentication key. We present and analyze several simple password authentication protocols in this scenario, and show that the security of these protocols can be formally proven based on standard cryptographic assumptions. Remarkably, our analysis shows optimal resistance to off-line password guessing attacks under the choice of suitable public key encryption functions. In addition to user authentication, we describe ways to enhance these protocols to provide two-way authentication, authenticated key exchange, defense against server's compromise, and user anonymity. We complement these results with a proof that strongly indicates that public key techniques are unavoidable for password protocols that resist off-line guessing attacks.As a further contribution, we introduce the notion of public passwords that enables the use of the above protocols in situations where the client's machine does not have the means to validate the server's public key. Public passwords serve as "hand-held certificates" that the user can carry without the need for specal computing devices.

Electronic identification, control, and security system and method for consumer electronics and the like

Abstract: An electronic identification, control, and security system comprises a unique identification code associated with each manufactured article, a password code, communication circuitry capable of transmitting the password code to the manufactured articles, and appliance disabling circuitry. The appliance disabling circuitry may be integrated with the manufactured articles and precludes operation of the manufactured articles upon receipt of the password code. The communication circuitry preferably includes RFID technology to transmit the password code to the article and receive the unique identification code from the article. Such system deters theft of the articles. A method for deterring theft of manufactured articles includes the steps of providing a unique identification code for each manufactured article, transmitting a password via radio frequency to each manufactured article, and disabling operation of each manufactured article in response to receipt of the password. A manufactured appliance comprises security and control logic circuitry, data storage memory, a unique identification code stored in the memory, and communication circuitry for receiving a transmitted password. The security and control logic disables operation of the manufactured appliance in response to receipt of the password.

Method and apparatus for setting automotive performance tuned preferences set differently by a driver

Abstract: An onboard computer is used to control many aspects of a vehicle including performance and ride characteristics. Used in combination with the onboard computer, a smart card key is used to authorize a user. In addition, the smart card key stores user preference data, such as performance and ride parameters, which are in turn used by the onboard computer to adjust performance and ride characteristics of the vehicle. Because the parameters are stored on individual smart card keys, each operator of the vehicle stores user parameters specific to each user. User parameters may also be stored in the computer memory itself. Access to the user preference data is controlled by user identification parameters that are also stored on a smart card memory or in the memory of the computer. These user identification parameters may include, for example, user identification by a combination of means including a password, finger print, eye print and/or voice print or other biologic attributes unique to the user.

Loyalty file structure for smart card

Abstract: A loyalty file structure for a smart card (104) includes any number of loyalty files (106-112) preinstalled by a card manufacturer. Each loyalty file (300) has a password (302), a file number (304), a label (306), an indicator of whether or not the file is currently being rented by a merchant (308), a length indicator (310), a data format indicator (312), and a data region (314). An issuer (102) creates a unique password for each loyalty file on a card and then issues cards to customers (514). For customer enrollment at a point-of-sale, a merchant determines if a loyalty file is available (FIG. 8A). The merchant password is sent to the issuer on-line in real time (FIG. 8B) and is returned along with authorization from the issuer to replace the password of the loyalty file with the merchant password (FIG. 8C). The file label (306) is changed to a merchant identifier and the file (300) is indicated as being rented. The merchant sends payment or a credit transaction to the issuer (102) for use of the loyalty file (300). For use with a loyalty program, a merchant terminal (202) finds the loyalty file (300) of a customer's card (104) for that merchant and reads or updates information within that file. The loyalty file on a card (926) is also used with electronic ticketing to store information pertaining to a purchased ticket. Upon later presentation of the card (926) at an airline boarding gate (930), stored information in the loyalty file is compared with the same information downloaded from the airline host computer (910). A match indicates a valid purchase and a boarding pass is issued.

Password security: an empirical study

Abstract: Organizations are more dependent than ever on the reliable operation of their information systems, which have become a key to their success and effectiveness. While the growing dependence on information systems creates an urgent need to collect information and make it accessible, the proliferation of computer technology has also spawned opportunities for ill-intentioned individuals to violate the information systems' integrity and validity.One of the most common control mechanisms for authenticating users of computerized information systems is the use of passwords. However, despite the widespread use of passwords, little attention has been given to the characteristics of their actual use. This paper addresses the gap in evaluating the characteristics of real-life passwords and presents the results of an empirical study on password usage. It investigates the core characteristics of user-generated passwords and associations among those characteristics.

A future-adaptive password scheme

Abstract: Many authentication schemes depend on secret passwords Unfortunately, the length and randomness of user-chosen passwords remain fixed over time In contrast, hardware improvements constantly give attackers increasing computational power As a result, password schemes such as the traditional UNIX user-authentication system are failing with time This paper discusses ways of building systems in which password security keeps up with hardware speeds We formalize the properties desirable in a good password system, and show that the computational cost of any secure password scheme must increase as hardware improves We present two algorithms with adaptable cost--eksblowfish, a block cipher with a purposefully expensive key schedule, and bcrypt, a related hash function Failing a major breakthrough in complexity theory, these algorithms should allow password-based systems to adapt to hardware improvements and remain secure well into the future

User authentication using a virtual private key

Abstract: A method, computer system, and program product provides for authentication of user messages using PKI technology in environments where limited capacity prevents direct PKI technology use, and strong security is provided using magnetic swipe cards or the like, and a passphrase is used for enhanced security and to avoid the need for special purpose devices. The invention is advantageous where there are limitations on the space available for PKI credentials, such as in the userid and password fields of a remote access protocol. PKI techniques are used without transferring lengthy keys or certificates once an initial registration process is complete. A secret key is used. A digest is computed of the secret key, the user's certificate serial number, and a time stamp. The digest, together with the user's certificate serial number and the time stamp, forms a compact message that may be transmitted. Private keys and secret keys are not sent during authentication. Replay attacks are prevented.

Authentication and access control in a management console program for managing services in a computer network

Abstract: A method and apparatus of securing access to a service manager for the administration of services residing on multiple service host computers from an administration server computer is described. A user identifier, such as a user name, and a corresponding password are provided to the service manager. The user identifier is associated with a system administrator having administrative access to the services. The service manager authenticates the user by comparing the user identifier and password against a list of user identifiers and corresponding passwords stored in a persistent memory. A list of services to which the system administrator has administrative access is derived from the data in persistent memory. When the system administrator makes a request to administer one or more services from the list of services, the administrator's access control is verified at the service host computers on which the requested services reside by examining access control data in the persistent memory. Management files are transferred from the service host computers to the administration server computer thereby facilitating manipulation of the management files utilizing the service manager.

Biometric authentication system with encrypted models

Abstract: A method of performing biometric authentication of a person's identity including a biometric template prior to storing it in a biometric database. The encryption algorithm encrypts the biometric template using a pass-phrase, known only to the individual, to generate the cryptographic key used to store and retrieve the biometric template. When an individual wishes to access a secured resource, he must be authenticated by providing an identifier which is used to retrieve the appropriate record. He must also provide the correct password to allow the system to decrypt the model.

Methods and system for providing data and telephony security

Abstract: A method and system for providing security for a computing device include resolving conflicts between a password-protected screen saver and communication notification capabilities by selectively enabling access to specific communications when the computing device is in a locked mode. The screen saver of the computing device is configured to switch the device from a normal operative mode to a locked mode in response to detection of a preset condition, such as the expiration of an idle-time timer. The computing device then remains in the locked mode until a preset authorization condition is recognized, e.g., entering a password. However, with the computing device in the locked mode, a subset of communication access capabilities is enabled. Specifically, notification of incoming communications is enabled. Preferably, connectivity for select types of outgoing calls is also enabled, e.g., connectivity for emergency calls. In the preferred embodiment, the conflicts are resolved by integrating the screen saver with communication access capabilities in a single software package. Also in the preferred embodiment, the communication access capabilities are provided by a telephony over LAN application and a switch to the locked mode is disabled during communication sessions involving the computing device. In other embodiments, while in a locked mode, incoming calls may be preconfigured by the user to selectively break through security features based on caller identification information.

Voice authentication system having cognitive recall mechanism for password verification

Abstract: A voice authentication system having a cognitive recall mechanism for password verification is provided. A user is enrolled for password verification by receiving a first voice input from the user representing the password prompt and a second voice input representing a correct response to the password prompt. The first and second voice inputs may be stored as waveforms, as voiceprints, recognized speech data, or a combination thereof. During verification, the identity of the user is verified by outputting the user-provided password prompt and evaluating a response to password prompt against the correct response. Thus, the user is able to select his own password prompt to facilitate cognitive recall of the password during a subsequent verification phase.

Public-key cryptography and password protocols.

Abstract: We study protocols for strong authentication and key exchange in asymmetric scenarios where the authentication server possesses ~a pair of private and public keys while the client has only a weak human-memorizable password as its authentication key. We present and analyze several simple password authentication protocols in this scenario, and show that the security of these protocols can be formally proven based on standard cryptographic assumptions. Remarkably, our analysis shows optimal resistance to off-line password guessing attacks under the choice of suitable public key encryption functions. In addition to user authentication, we describe ways to enhance these protocols to provide two-way authentication, authenticated key exchange, defense against server's compromise, and user anonymity. We complement these results with a proof that strongly indicates that public key techniques are unavoidable for password protocols that resist off-line guessing attacks.As a further contribution, we introduce the notion of public passwords that enables the use of the above protocols in situations where the client's machine does not have the means to validate the server's public key. Public passwords serve as "hand-held certificates" that the user can carry without the need for specal computing devices.

Method and apparatus for efficiently initializing secure communications among wireless devices

Abstract: A method and system for efficiently establishing secure communications between mobile devices in a radio network. The present invention utilizes public key cryptography and unique hardware identifiers to enable authorizations for access to wireless networks, such as picocells. The present invention prevents the mobile user from maintaining a plurality of secrets such as user identifier/password pairs, PINs, or encryption keys, for access to each device to which he might require access.

Method and apparatus for limited online access to restricted documentation

Abstract: A system and method are disclosed for providing access over a computer network to system documentation at an online central service facility. A user is required to enter identifying indicia prior to accessing the online central service facility, the facility having at least one documentation database containing product and/or service data therein. The identifying indicia can include a user identification and a password, for example, and are matched with user data stored in a user database in the online central service facility to authenticate the user before providing user access into a document management system. Also, the user is checked to further determine what particular product and/or service data the user is entitled to. Such particular product or service data is then delivered to the user.

A Real-World Analysis of Kerberos Password Security.

Abstract: Kerberos is a distributed authentication system that many organizations use to handle domain-wide password security. Although it has been known for quite some time that Kerberos is vulnerable to brute-force password searches, there has so far been little analysis of the scope and extent of this vulnerability. This paper discusses the nature of this weakness in detail and attempts to quantify the severity of the danger it poses to existing Kerberized installations. The results of a controlled experiment, in which a large number of passwords from a Kerberos realm were broken o -line and subjected to analysis, will be presented. The author explores possible strategies for repairing this security hole, the most viable of which is the use of Kerberos V5 preauthentication coupled with a secure password authentication protocol such as SRP,

A Weakness in the 4.2BSD Unix† TCP/IP Software

Abstract: The 4.2 Berkeley Software Distribution of the Unix operating system (4.2BSD for short) features an extensive body of software based on the "TCP/IP" family of protocols. In particular, each 4.2BSD system "trusts" some set of other systems, allowing users logged into trusted systems to execute commands via a TCP/IP network without supplying a password. These notes describe how the design of TCP/IP and the 4.2BSD implementation allow users on untrusted and possibly very distant hosts to masquerade as users on trusted hosts. Bell Labs has a growing TCP/IP network connecting machines with varying security needs; perhaps steps should be taken to reduce their vulnerability to each other.

System and method for encrypting and decrypting files

Abstract: A system and method distribute the task of decryption between a server and a client. To encrypt data, the client generates an encryption/decryption key. Namely, a user interface obtains a password, generally from a user. A hint generator generates a hint. A key generator generates the key based on the password and the hint. In one embodiment, the key generator hashes the password to generate a first secret, hashes the first secret to generate a second secret, hashes the first secret with the hint to generate an intermediate index, and hashes the second secret and the intermediate index to generate the key. An encryption engine can then use the key to encrypt data. The client then sends the encrypted data and possibly the hint for storage on the server. To decrypt the data, the key must be determined. Accordingly, the server knows some information and the user knows some information for decrypting the data. To generate the key, the decrypting client must first obtain rights to retrieve the hint from the server and must obtain the password from the user. Increased level of security is achieved.

Computer security system

Abstract: Several embodiments of computer security systems are described and which are adapted to grant an authorized individual access to a secured domain, such as a computer or data stream. In one embodiment, the security system comprises: an analyzing means for receiving first and second passwords, each of said passwords being transmitted over a first communication channel, analyzing said first password, transmitting a first signal output only if said first password is authorized, and granting access to said secured domain only if said second password is substantially identical to a code; and a random code generating means for generating said code, transmitting said code over a second communication channel upon receipt of first signal output, and transmitting said code to said analyzing means; and a notification means for receiving said code and for notifying said authorized individual of the identity of said code.

Simple authenticated key agreement algorithm

Abstract: A password-based method is described which modifies the Diffie-Hellman key agreement protocol to provide user authentication. It is simpler than previously published schemes, prevents the man-in-the-middle attack and requires only two packets to agree on the secret session key. An optional exchange of two more packets allows the key agreement to be verified.

Method and apparatus for securing software to reduce unauthorized use

Abstract: A method and apparatus for securing software to reduce unauthorized use include associating a password (16) or series of passwords (18) with each copy or group of authorized software and requiring entry of a first password obtained from the developer or authorized representative (24) of the software after exchanging registration information (38) The method and apparatus may also require entry of a second password from the series associated with the software to continue using the software A password (16) or authorization code series may be associated with each authorized copy or with a group of copies such as those distributed to a particular organization or site (32) Preferably, subsequent passwords (16) or authorization codes are obtained from an authorized software developer (24), manufacturer, or distributor which gathers current information from the user (30) to monitor compliance with licensing restrictions The number and frequency of required password updates may be regular or irregular A code which disables the software may be communicated if the manufacturer determines that the user (30) is an unauthorized user

Method of controlling usage of software components

Abstract: Controlling the usage of a software component (16) by an application program (12) in an end user computer system (10) includes obtaining an identifier of the application program by a controller computer system (24) and generating a first password from the received application program identifier and an identifier of the component. The component, the component's identifier and the first password are communicated to the end user computer system. The component is registered with the application as a 'snap-in' or 'plug-in' component. The application program generates a second password from the application program identifier and the received component identifier, compares the first password and the second password, and allows use of the 'snap-in' component by application program on the end user computer system when the first password matches the second password.

V-chip plus +: in-guide user interface apparatus and method

Abstract: A system and method are provided for restricting access to a television by providing parental control functions. Separate parental control levels are set for different users with each user having a different password. When the television is initially turned on, the default parental control level chosen is to be the level that corresponds with the most restrictive parental control level. If another user with a less restrictive parental control level wishes to change the parental control level, they enter their password for their level of parental control.

Security and password mechanisms in a database system

Abstract: A mechanism is described for determining whether a password may be used in a system that determines access privileges based on passwords. A computer system, such as a database system, receives user supplied routines that are each associated with a group of users. A proposed password (e.g. string) is received that is associated with a particular user that belongs to particular group. The user supplied routine associated with the group is used to determine whether the proposed password may be used as a password.

Method and system for implementing universal login via web browser

Abstract: A method is described for allowing remote login to a user's personal workstation. The workstation is a client terminal connected to a server within a network. The method comprises the steps of searching, from a remote location, for a login web page of the network via a web browser and entering a series of login credential information into a particular login request area on the web page. In response to correctly entering the login credential information into the login request area, the user is provided with a graphical user interface (GUI) of the particular user's network terminal and full access to the personal network information such as software applications stored in the memory of the client terminal. (i.e. simulating the user's client terminal GUI and providing full access to locally stored software and functional elements of the user's client terminal). In a preferred embodiment, the login credential information includes the server site, the user identification, and the user's security password. The search for the particular web page and user's workstation using the login credential information is managed by a directory access protocol.

System for authenticating access to online content referenced in hardcopy documents

Abstract: A system for controlling access to online content referenced in a hardcopy document. A user requesting access to online content available on a server responds to an authentication challenge from the server using a password mechanism printed in the hardcopy document. The password mechanism allows the user to identify a password for responding to an authentication request by the server. After authenticating the user, the server initiates a state change to enable subsequent access to the online content by the user with a different password that is also identified with the password mechanism.