Showing papers on "Authentication published in 1987"
Patent•
IBM1
TL;DR: In this paper, the authors make a distinction between insiders and outsiders, i.e., insiders who have access to the system and outsiders who do not, and make a comparison between two types of attacks.
Abstract: A cryptographic method and apparatus are disclosed which transform a message or arbitrary length into a block of fixed length (128 bits) defined modification detection code (MDC). Although there are a large number of messages which result in the same MDC, because the MDC is a many-to-one function of the input, it is required that it is practically not feasible for an opponent to find them. In analyzing the methods, a distinction is made between two types of attacks, i.e., insiders (who have access to the system) and outsiders (who do not). The first method employs four encryption steps per DEA block and provides the higher degree of security. Coupling between the different DEA operations is provided by using the input keys also as data in two of the four encryption steps. In addition, there is cross coupling by interchanging half of the internal keys. Although this second coupling operation does not add to security in this scheme, it is mandatory in the second method, which employs only two encryption steps per DEA block to trade off security for performance. By providing key cross coupling in both schemes, an identical kernel is established for both methods. This has an implementation advantage since the first method can be achieved by applying the second method twice. The MDC, when loaded into a secure device, authorizes one and only one data set to be authenticated by the MDC, whereas methods based on message authentication codes or digital signatures involving a public key algorithm authorize a plurality of data sets to be authenticated. The MDC therefore provides for greater security control.
181 citations
Patent•
18 Dec 1987TL;DR: A system for reliably authenticating a document includes a device having a decryption key therein that, upon application to information provided by a user, reveals not only a plain text message indicating the source of the authentication but, in addition, provides the decryption keys for use with the information given by the mailer as discussed by the authors.
Abstract: A system for reliably authenticating a document includes a device having a decryption key therein that, upon application to information provided by a user, reveals not only a plain text message indicating the source of the authentication but, in addition, provides the decryption key for use with the information provided by the mailer.
146 citations
Patent•
11 Sep 1987TL;DR: In this paper, a system for permitting access to a data field area in an IC card for multiple services using an individual card holder identification number for each of a plurality of data fields or for each group of different data fields was proposed.
Abstract: A system for permitting access to a data field area in an IC card for multiple services using an individual card holder identification number for each of a plurality of data fields or for each group of data fields. Data field identification information, a personal identification number, access qualification information, and an authentication code are supplied to the IC card before an execution of an access to the data field. An authentication is made between the personal identification number and the authentication code stored in the IC card for the selected data field, and the personal identification number and the authentication code supplied to the IC card. Based on the result of the authentication, an access to the data field area to which access is requested is permitted within the limit of the access right stored in the IC card corresponding to the access qualification information supplied to the IC card.
112 citations
Patent•
22 Sep 1987TL;DR: In this paper, a method of controlling the operation of a security module was proposed, where the authentication key was encrypted using a key storage key (KSK) stored in a resettable shift register (54) in the security module.
Abstract: In a method of controlling the operation of a security module, wherein firmware controlling the operation of the security module (10) is stored in a program memory (40), new firmware may be loaded into the module (10). An authentication key (KA) is encrypted using a key storage key (KSK) stored in a resettable shift register (54) in the security module and the encrypted authentication key is stored in a secure memory (36). A firmware authentication value FAV is calculated, using the authentication key (KA), externally of the security module (10), for the new firmware, and the new firmware, together with FAV is loaded into a data memory (38) in the security module (10). A processor (30) in the security module (10) recalculates the firmware authentication value using the stored authentication key (KA) and compares the recalculated value with the loaded value FAV. If a correct comparison is achieved, the new firmware is transferred into the program memory (40). Otherwise, a reject status signal is issued and the firmware in the data memory (38) is erased.
80 citations
1 Jan 1987
TL;DR: In this article, the authors review and generalize bounds on the probability that an opponent can deceive the transmitter/receiver by means of impersonation or substitution, and give several constructions for authentication codes that meet one or more of these bounds with equality.
Abstract: We investigate authentication codes, using the model described by Simmons. We review and generalize bounds on the probability that an opponent can deceive the transmitter/receiver by means of impersonation or substitution. Also, we give several constructions for authentication codes that meet one or more of these bounds with equality. These constructions use combinatorial designs, such as transversal designs, group-divisible designs, and BIBDs (balanced incomplete block designs).
77 citations
Patent•
9 Jul 1987
TL;DR: In this paper, a method for diversification of a basic key and authentication of a thus-diversified key as having been fashioned on the basis of a predetermined basic key is presented.
Abstract: The subject of the invention is a method for diversification of a basic key and for authentication of a thus-diversified key as having been fashioned on the basis of a predetermined basic key, and a system for performing the method. An initializing system calculates a diversified key (Sd) on the basis of a basic key (Sb) processed by a biunique combination transformation (T). The key (Sd) recorded in the memory (M3) of a user card (CU3) is authenticated by an exploitation system (4), which calculates a certificate on the basis of the basic key (Sb), while the card (CU3) calculates a certificate on the basis of its key (Sd). These certificates must be identical, taken into account the properties of the transformation (T). The invention is applicable in particular to the secret keys recorded in memory cards.
73 citations
Patent•
15 May 1987
TL;DR: In this paper, the authors propose a check-sum or MAC that is computed from the data within the message in dependence upon a cryptographic key. But this MAC is issued as a "challenge" to the user who is also equipped with a separate portable token for computing a "response" in dependent upon a second cryptographic key which is unique to his token.
Abstract: In order to improve the security of message transmission from a terminal apparatus in an electronic banking or other data communications system a check-sum or MAC is computed from the data within the message in dependence upon a cryptographic key. This MAC is issued as a "challenge" to the user who is also equipped with a separate portable token for computing a "response" in dependence upon a second cryptographic key which is unique to his token. This "response" is then entered into the terminal and appended to the message as its authentication code before transmission. A recipient of the message and authentication code equipped with the same cryptographic keys can therefore check both the contents of the message and the correct identity of the sender by computing an expected authentication code from the received message and comparing it with the code received.
62 citations
Patent•
26 Feb 1987
TL;DR: In this paper, the authors verify suitability for use of disposable elements by evaluation of characteristic data stored on a non-volatile read/write memory element, especially useful in a photoactivatable agent patient treatment system.
Abstract: Authentication and verification of suitability for use of disposable elements can be made by evaluation of characteristic data stored on a non-volatile read/write memory element, especially useful in a photoactivatable agent patient treatment system wherein photoactivatable agents, in contact with patient blood cells, are irradiated extracorporeally and then returned to the patient.
61 citations
Patent•
3 Sep 1987TL;DR: In this article, a telecommunications security device for use on the communication medium includes a first and a second security unit each arranged to be inserted into for example the telephone line adjacent a user device.
Abstract: A telecommunications security device for use on the communication medium includes a first and a second security unit each arranged to be inserted into for example the telephone line adjacent a user device. The units are identical and therefore either can act as a central unit for example for a computer access port with the other providing one of a set of remote units. Each unit includes a separable memory module with all the modules having a memory storing identical information. The information stored includes a plurality of pairs of random signals one of each pair providing a request signal and the other the security code. The central unit on receipt of a telephone call provides a signal requesting an ID code from the remote unit and on receipt of the ID code issues from one of the pairs the security code request signal. On matching the received code with the expected code a transmission gate is opened. The pairs are used in turn until all of the pairs have been used whereupon an indicator shows this condition. The modules can be removed and the memory re-written with fresh pairs of codes. The key includes a security logic circuit which controls access to the numbers to a fixed set of access rules allowing authentication and/or encryption and providing security against unauthorized access.
50 citations
Patent•
31 Dec 1987TL;DR: In this article, a system for authenticating a plurality of documents includes a device for solving a set of polynomial equations to develop a string of characters and having a decryption key therein that reveals not only a plain text message indicating the source of the authentication but, in addition, provides the decoding key for use with the information provided by the mailer.
Abstract: A system for conveying information for the reliable authentication of a plurality of documents includes a device for solving a set of polynomial equations to develop a string of characters and having a decryption key therein that, upon application to the string of characters provided, reveals not only a plain text message indicating the source of the authentication but, in addition, provides the decryption key for use with the information provided by the mailer. The solution of the set of polynomial equations requires the accumulation of individual documents, each having a random x i and a solution f(x i ) associated therewith.
46 citations
TL;DR: An identity-based key distribution system to generate a common secret conference key for three or more users that is authenticated using each user's identification information is proposed.
Abstract: We propose an identity-based key distribution system to generate a common secret conference key for three or more users. Users are connected in a ring so that each user sends messages to the neighbouring user to generate a conference key. These messages are authenticated using each user's identification information.
TL;DR: A quantitative measure for password robustness and 'lasting' power is provided, which discusses encryption possibilities and provides a comparative evaluation of various password methods.
TL;DR: This paper introduces the reader to hand-held devices for identifying users to computer systems and discusses alternative key/system interfacing technologies, the problems of managing and supporting populations of key devices, and the administration of the lock software.
Patent•
19 May 1987
TL;DR: In this article, an electronic token of the type including on-board processing and memory is provided with either authentication and password software or a partially complete program, and arranged for interaction with a host computer via a read/write unit, so that the computer will not function in a chosen manner without the presence of the token.
Abstract: In order to overcome the problem of security of data held within a program, an electronic token (3) of the type including on-board processing and memory is provided with either authentication and password software or a partially complete program, and arranged for interaction with a host computer (1) via a read/write unit (2) so that the computer will not function in a chosen manner without the presence of the token. When the token contains a partially complete program the remainder of the program is held within the computer so that both elements must be present before the program will run.
TL;DR: A digital signature system, where the authentication of a large number of users can be performed by a single public-key, which appears to be equivalent to that of RSA or the digital signature based on RSA.
Abstract: This paper proposes a new user authentication scheme, which does not require a management file for users' passwords. It has a high security, realizing the authentication of a large number of users by a single public key. Because of this property, the proposed system has merits in the application to off-line and mutual authentication. The scheme is also useful in the authentication in a large system with a large number of users. The system is constructed using the public-key digital signature and a oneway function with the commutative property. An example is presented where RSA is employed as the digital signature and the congruent exponential function is employed as the one-way function. It is described that the security of the proposed system appears to be equivalent to that of RSA or the digital signature based on RSA. Following the same idea, a digital signature system is proposed, where the authentication of a large number of users can be performed by a single public-key. A variation of the scheme is presented which has the same performance as the proposed scheme.
1 Jan 1987
TL;DR: This work proposes a secure communication architecture for distributed systems that puts security below the transport level, and uses host-to-host rather than process- to-process secure channels, and that it can simplify and improve the performance of transport protocols.
Abstract: We propose a secure communication architecture for distributed systems that puts security below the transport level, and uses host-to-host rather than process-to-process secure channels. We argue that this provides the same level of end-to-end security as putting security at higher levels, and that it can simplify and improve the performance of transport protocols. The architecture is designed for very large distributed systems, which in general have security requirements beyond those of LAN-based systems.
TL;DR: The Belgian banking community has designed a standard security system TRASEC (TRAnsmission SECurity) for EFT (Electronic Funds Transfer) between corporate customers and all financial institutions, which will become operational by the end of 1987.
TL;DR: The answer given is: Let a hierarchically structured, offline trusted third party issue to the subscribers computer active tokens, which can authenticate their owners and can communicate with each other securely by applying certified signatures, that can be authenticated to access control information, messages and money orders.
Patent•
24 Jul 1987
TL;DR: In this article, a public key whose length is longer than that of the encipherment secret key is adopted as the public key for deciphering, and a high-speed remainder calculation system using a remainder table is adopted to generate the authentication data.
Abstract: PURPOSE: To realize the high-speed efficient processing on operation by using a public key for deciphering whose length is shorter than that of an encipherment secret key in an electronic transaction authentication system using a public key encipherment system. CONSTITUTION: In the processing system where documents are substituted for electric information to perform electronic transactions, data indicating contents of a transaction text is enciphered by the public key encipherment system to generate authentication data. Enciphered authentication data is deciphered by the public key for deciphering to confirm the authentication data. At this time, a public key whose length is longer than that of the encipherment secret key is adopted as the public key for deciphering. A high-speed remainder calculation system using a remainder table is adopted to generate the authentication data. A conventional system where a quotient is obtained and is subtracted from a dividend is adopted to generate the authentication data. Consequently, the speed of the confirmation processing of authentication data is increased because the length of the public key for deciphering is longer than that of the encipherment secret key.
TL;DR: The scheme proposed aims to deal with simple processors which are unmanaged, as well as managed timesharing systems and would provide authentication tokens which can be included in the applications protocols.
1 Mar 1987
TL;DR: A model of communication security and a subtransport-level protocol called ADP the Authenticated Datagram Protocol, which provides end-to-end authentication and privacy consistently with the definitions of the model and some experimental results from the measurement of a prototype of ADP confirm the expected performance benefits of this approach.
Abstract: We argue that end-to-end authentication and privacy in loosely-coupled distributed systems are not only achievable by mechanisms at the host-to-host (i.e., subtransport) level under generally satisfiable conditions, but that this solution can be more advantageous than those based on security mechanisms at higher levels of the protocol hierarchy in terms of both functionality and performance. We introduce a model of communication security and a subtransport-level protocol called ADP the Authenticated Datagram Protocol, which provides end-to-end authentication and privacy consistently with the definitions of the model. We then discuss the advantages of the subtransport approach, and present some experimental results from the measurement of a prototype of ADP that confirm the expected performance benefits of this approach.
Proceedings Article•
16 Aug 1987
TL;DR: Much work has been done in the area of analyzing encryption algorithms, such as DES and formally verifying encryption protocols, but very little work is devoted to the analysis and formal verification of encryption protocols.
16 Aug 1987
TL;DR: The mere existence of such algorithms is not enough to solve the problems of message secrecy and authentication, so the procedures for handling the data, including the use of a cryptoalgorithm, must insure that the desired level of security is achieved.
Abstract: Recent progress in the area of cryptography has given rise to strong cryptoalgorithms using complex mathematical systems. These algorithms often require quite sophisticated computing capabilities for their implementation and are designed to withstand attack by equally sophisticated opponents with nearly unlimited resources available to them. However, the mere existence o f such algorithms is not enough to solve the problems of message secrecy and authentication. The procedures for handling the data, including the use of a cryptoalgorithm, must insure that the desired level of security is achieved. Such a set of rules or procedures is known as a cryptographic protocol.
TL;DR: A local authentication mechanism in which system information must be protected from both codebreaking and faking is proposed, and the key is the two-step usage of public key cryptosystem which allows the public decryption.
Patent•
17 Apr 1987
TL;DR: A manual authorship system between a mobile phone post to payment line and transmission line and the report of AUTHENTICATION FREQUENCY SIGNAL FREquENCY AUDIBLE is considered.
Abstract: THE INVENTION CONCERNS A MUTUAL AUTHENTICATION SYSTEM BETWEEN A TERMINAL FOR EXAMPLE A TELEPHONE POST TO PREPAID AND TRANSMISSION LINE. 2 POSITION IS CONNECTED TO THE LINE BY THE INTERMEDIATE 14 DEVICE CONTROL OF ELECTRONIC CIRCUITS 18. 18 AND 12 ARE ASSOCIATED WITH MONITORING DEVICE AND POSITION TO DEVELOP THROUGHOUT THE REPORTING OF AUTHENTICATION FREQUENCY SIGNAL FREQUENCY AUDIBLE NO.
TL;DR: A broadcast primitive that provides properties of authenticated broadcasts is presented that gives a methodology for deriving non-authenticated algorithms and is applied to various problems and obtained simpler and more efficient solutions than those previously known.
Abstract: Fault-tolerant algorithms for distributed systems with arbitrary failures are simpler to develop and prove correct if messages can be authenticated. However, using digital signatures for message authentication usually incurs substantial overhead in communication and computation. To exploit the simplicity provided by authentication without this overhead, we present a broadcast primitive that provides properties of authenticated broadcasts. This gives a methodology for deriving non-authenticated algorithms. Starting with an authenticated algorithm, we replace signed communication with the broadcast primitive to obtain an equivalent non-authenticated algorithm. We have applied this approach to various problems and in each case obtained simpler and more efficient solutions than those previously known.