United States Patent [19J
`Bosen et al.
`
`[11] Patent Number:
`[45] Date of Patent:
`
`5,060,263
`Oct. 22, 1991
`
`[54] COMPUTER ACCESS CONTROL SYSTEM
`AND METHOD
`
`[75]
`
`Inventors: Robert J. Bosen, Pittsburg; John R.
`Muir, Antioch, both of Calif.
`[73] Assignee: Enigma Logic, Inc., Concord, Calif.
`[21] Appl. No.: 165,868
`
`Mar. 9, 1988
`[22] Filed:
`Int. CJ.s ............................................... H04L 9/00
`[51]
`[52] U.S. Cl . ........................................ 380/25; 380/23;
`340/825.31
`[58] Field of Search ............... 364/918.7, 943.7, 949.7,
`364/922.5, 222.5, 260.6, 225.2; 340/825.31,
`825.34, 825.56, 825.3; 235/382, 382.5, 380;
`380/23, 24, 25
`
`[56]
`
`References Cited
`U.S. PATENT DOCUMENTS
`4,310,720 1/1982 Check ............................. 340/825.31
`4,396,914 8/1983 Aston ............................. 340/825.31
`4,697,072 9/1987 Kawana .............................. 235/380
`4,847,614 7/1989 Keller ............................. 340/825.31
`
`FOREIGN PATENT DOCUMENTS
`8503785 8/1985 PCT Int'! Appl. ............ 340/825.31
`0225010 6/1987 United Kingdom .................. 380/23
`Primary Examiner-Thomas H. Tarcza
`Assistant Examiner-David Cain
`
`Attorney, Agent, or Firm-Flehr, Hohbach, Test,
`Albritton & Herbert
`ABSTRACT
`[57]
`An access control system is disclosed in which pro(cid:173)
`tected systems and corresponding portable password
`issuing devices both generate new authentic passwords
`by successively encrypting a stored password with a
`selected sequence of predefined encryption steps. The
`protected system generates and displays one or more
`random digits, selects an encryption sequence by ap(cid:173)
`pending the random digits to the user's personal identifi(cid:173)
`cation number, and generates an authentic password by
`sequentially encrypting the user's previous password
`with encryption steps corresponding to each of the
`digits in the selected encryption sequence. The user
`generates a purported password by entering his PIN
`and the displayed random number(s) on the keyboard of
`his password issuing device, which responds to encrypt(cid:173)
`ing a stored previous password value with encryption
`steps corresponding to the user's keystrokes, and dis(cid:173)
`playing a new password on its display. The user submits
`his purported new password to the protected system,
`and the protected system enables access to the pro(cid:173)
`tected system when the purported password matches
`the internally generated authentic password. Each pass(cid:173)
`word issuing device can store and generate passwords
`for a multiplicity of distinct protected host systems.
`
`25 Claims, 8 Drawing Sheets
`
`PROTECTED COMPUTER SYSTEM
`
`22
`
`STORED PROGRAMS
`
`STORED DATA
`
`PROTECTED PROGRAMS
`
`UNPROTECTED PROGRAMS
`
`ACCESS CONTROL PROGRAM
`
`40
`
`42
`
`PROTECTED DATA
`
`UNPROTECTED DATA
`
`44
`
`PROCESSOR($)
`
`32
`
`34
`
`1/0MEANS
`
`(E.G., KEYBOARD AND DISPLAY)
`
`20
`
`PASSWORD ISSUING DEVICE
`
`PASSWORD
`DISPLAY
`
`26
`
`24
`
`KEYBOARD
`
`ADDITIONAL PASSWORD
`ISSUING DEVICES
`
`BANK OF AMERICA ET AL. EXHIBIT 1008
`
`Page 1 of 19
`
`

`

`U.S. Patent
`
`Oct. 22, 1991
`
`Sheet 1 of 8
`
`5,060,263
`
`PROTECTED COMPUTER SYSTEM
`
`22
`
`STORED PROGRAMS
`
`30
`
`STORED DATA
`
`PROTECTED PROGRAMS --
`
`UNPROTECTED PROGRAMS --
`
`ACCESS CONTROL PROGRAM
`
`"-40-..... ....
`
`PROTECTED DATA
`
`42--...,,
`t-- UNPROTECTED DATA
`
`\_44
`
`PROCESSOR(S)
`
`32_)
`
`/34
`
`1/0 MEANS
`
`(E.G., KEYBOARD AND DISPLAY)
`
`20
`
`PASSWORD ISSUING DEVICE
`
`26
`
`PASSWORD
`DISPLAY
`
`KEYBOARD
`
`24
`
`ADDITIONAL PASSWORD
`ISSUING DEVICES
`
`FIGURE 1
`
`Page 2 of 19
`
`

`

`U.S. Patent
`
`Oct. 22, 1991
`
`Sheet 2 of 8
`
`5,060,263
`
`PASSWORD
`
`PIN
`
`LIMITATIONS ON
`AUTHORIZED ACCESS
`
`DES KEYS 0-9
`
`USER0
`
`PASSWORD0
`
`PIN 0
`
`SPECIFIED LIMITS: 0 DES KEYS FOR 0
`
`USER 1
`
`PASSWORD 1
`
`PIN 1
`
`SPECIFIED LIMITS: 1 DES KEYS FOR 1
`
`USER2
`
`PASSWORD2
`
`PIN 2
`
`SPECIFIED LIMITS: 2 DES KEYS FOR 2
`
`USER3
`
`PASSWORD3
`
`PIN 3
`
`SPECIFIED LIMITS: 3 DES KEYS FOR 3
`
`USER N PASSWORD N
`
`PIN N SPECIFIED LIMITS: N DES KEYS FOR N
`
`50
`
`52
`
`FIGURE2
`
`Page 3 of 19
`
`

`

`U.S. Patent
`
`Oct. 22, 1991
`
`Sheet 3 of 8
`
`5,060,263
`
`60
`
`ACCESS REQUEST BY USER
`(INCLUDES USER'S ID)
`
`62
`
`GENERATE ENCRYPTION SEQUENCE
`K1, K2, K3 ... KN
`= USER'S PIN + RANDOM CHALLENGE
`
`GENERATE NEW AUTHENTIC PASSWORD Au :
`
`64
`
`(PREVIOUS PASSWORD)
`X1 = DESK1
`X2 = DESK2
`(X1)
`X3 = DESK3 (X2)
`X4 = DESK4
`{X3)
`X5 = DESKS
`(X4)
`•
`•
`Au = DESKN (X N-1)
`
`66
`
`DISPLAY CHALLENGE
`
`USER ENTERS PURPORTED PASSWORD Pp
`
`MATCH
`
`NO MATCH
`
`74
`
`DISPLAY: INCORRECT
`
`72
`
`PERMIT ACCESS TO SYSTEM
`USING SPECIFIED LIMITS,
`AND REPLACE STORED PASSWORD
`WITH Au
`
`76
`
`NUMBER OF TRIES N:
`
`GENERATE NEW Au
`AND DISPLAY NEW
`CHALLENGE
`
`GENERATE NEW Au USING
`RESYCHRONIZATION
`CHALLENGE, AND
`DISPLAY RESYCHRONIZATION
`CHALLENGE
`
`DISCONNECT
`
`80
`
`78
`
`FIGURE 3
`
`Page 4 of 19
`
`

`

`U.S. Patent
`
`Oct. 22, 1991
`
`Sheet 4 of 8
`
`5,060,263
`
`2 6~
`
`96
`
`ROM
`
`94
`
`90
`
`KEYBOARD
`
`MICROPROCESSOR
`
`100
`
`BATTERY
`
`SCRATCHPAD
`MEMORY
`
`92.
`
`98
`LCD
`DISPLAY
`
`102
`
`OSCILLATOR
`
`FIGURE 4
`
`LCD DISPLAY
`
`I
`csa
`~ 0 0
`CLEAR 10 0 0
`I BACKUP I 0 0 0
`I HOST/ON I
`0
`
`108
`
`96
`
`FIGURES
`
`Page 5 of 19
`
`

`

`U.S. Patent
`
`Oct. 22, 1991
`
`Sheet 5 of 8
`
`5,060,263
`
`HARDWARE
`
`SOFTWARE
`(ROM)
`
`MEMORY/DATA STRUCTURES
`
`KEY PADS l I
`
`95_/
`
`98\
`
`LCD
`DISPLAY
`
`I
`I
`I
`I
`I
`I
`I
`I
`I
`I
`I
`I
`I
`I
`I
`I
`I
`I
`I
`I
`I
`I
`I
`I
`I
`I
`I
`I
`
`KEYSTROKE
`HANDLER
`& PASSWORD
`GENERATOR
`
`11 o___;
`
`122\
`
`DISPLAY
`UPDATE
`ROUTINE
`
`114 '\
`PASSWORD0
`PASSWORD 1
`PASSWORD2
`PASSWORD3
`PASSWORD4
`PASSWORDS
`PASSWORDS
`PASSWORD7
`PASSWORDS
`PASSWORDS
`
`112,
`
`DES KEY 0
`DES KEY 1
`DES KEY 2
`DES KEY 3
`DES KEY 4
`DES KEY 5
`DES KEYS
`DES KEY7
`DES KEY 8
`DES KEY 9
`
`116\
`
`TEMPORARY PASSWORD BUFFER
`FOR BACKSTEPPING
`
`11a,
`
`SCRATCHPAD FOR DENOTING
`SELECTED HOST, ETC.
`
`120\
`
`DISPLAY
`BUFFER
`
`I
`I
`I
`I
`I
`I
`I
`I
`I
`I
`I
`I
`I
`I
`I
`I
`I
`I
`I
`I
`I
`I
`
`I
`I
`I
`I
`I
`I
`I
`
`FIGURE6
`
`Page 6 of 19
`
`

`

`U.S. Patent
`
`Oct. 22, 1991
`
`Sheet 6 of 8
`
`5,060,263
`
`START
`
`WAKE UP
`
`SCAN KEYBOARD
`
`138
`
`LOAD DELAY TIMER
`0.2 SEC
`
`LOAD DELAY TIMER
`0.1 SEC
`
`SLEEP UNTIL DELAY
`TIMER EXPIRES
`
`144
`
`140
`
`INCREMENT KEYSCAN
`TIMER
`
`146
`
`(ON BUTTON RELEASED)
`
`FIGURE 7
`
`Page 7 of 19
`
`

`

`U.S. Patent
`
`Oct. 22, 1991
`
`Sheet 7 of 8
`
`5,060,263
`
`RESET KEYSCAN TIMER
`
`INCREMENT KEYSCAN TIMER
`
`SCAN KEYBOARD
`
`160
`
`162
`
`NO BUTTON
`PRESSED
`
`RESET KEYSCAN TIMER
`
`176
`
`SET HOST# = BUTTON VALUE
`AND
`DISPLAY HOST#
`
`178
`
`SCAN KEYBOARD
`
`y
`
`182
`
`RETRIEVE DYNAMIC PASSWORD FOR THIS HOST
`AND
`DISPLAY DYNAMIC PASSWORD
`
`Page 8 of 19
`
`

`

`U.S. Patent
`
`Oct. 22, 1991
`
`Sheet 8 of 8
`
`5,060,263
`
`INCREMENT KEYSCAN TIMER
`
`SCAN KEYBOARD
`
`190
`
`192
`
`196
`
`y
`
`202
`
`DISPLAY OFF
`
`206
`
`GET DES CIPHER
`CORRESPONDING
`TO BUTTON
`
`208
`
`DISPLAY BUTTON #
`
`21 O WAIT UNTIL BUTTON IS RELEASED
`
`212
`
`STORE OLD DYNAMIC PASSWORD
`
`220
`
`214
`
`ENCRYPT OLD DYNAMIC PASSWORD,
`STORE AND DISPLAY NEW PASSWORD
`
`RESET PASSWORD
`
`224 DISPLAY RESET PASSWORD
`
`226
`
`RESET KEYSCAN TIMER
`
`234
`
`DISPLAY BACKUP VALUE
`
`236 WAIT UNTIL BUTTON IS RELEASED
`
`238
`
`DISPLAY PASSWORD
`
`FIGURE9
`
`Page 9 of 19
`
`

`

`1
`
`5,060,263
`
`COMPUTER ACCESS CONTROL SYSTEM AND
`METHOD
`
`The present invention relates generally to computer
`systems, and particularly to methods and systems for
`controlling access to data and programs contained in
`computer systems through the use of dynamically gen(cid:173)
`erated passwords.
`
`BACKGROUND OF THE INVENTION Many types
`of electronic access control systems are used for
`controlling access to a variety of places and things. The
`present invention is primarily concerned with
`controlling access to computer systems, but like other 15
`electronic access control systems could also be used for
`controlling access to buildings and other locations.
`Electronic access control systems generally restrict
`access on the basis of (1) possession of a device or object
`(e.g., a key) which enables access, (2) knowledge of a 20
`password, and/or (3) testing a physical attribute of the
`person requesting access (e.g., the person's fingerprint).
`The inherent limitations of access control systems
`based solely on possession of a physical object (e.g., a
`key), including insufficient security when large numbers 25
`of users are involved, have prompted the development
`of more secure access control systems.
`Systems that allow access based solely on knowledge
`of a password are the easiest to set up, but are the least
`secure because passwords can be inadvertently im- 30
`parted to unauthorized persons. For example, if an au(cid:173)
`thorized person writes down his password, any unau(cid:173)
`thorized person who obtains access to the written re(cid:173)
`cord of the password can pose a permanent threat to the
`security of the system. Even if the password is changed 35
`from time to time, distribution of new passwords re(cid:173)
`quires additional security precautions, all of which are
`cumbersome and expensive.
`Access control systems based on testing of a physical
`attribute of the user are currently too expensive for use 40
`in most commercial applications.
`A large number of prior art systems restrict access by
`using a combination of the first two techniques de(cid:173)
`scribed above, i.e., by requiring possession of a device
`and knowledge of a password. For example automatic 45
`teller machines (ATMs) restrict access to a person's
`bank accounts by requiring possession of a card with an
`encoded magnetic strip, and knowledge of a personal
`identification number (PIN).
`Another example of a security system which restricts 50
`assess by requiring a combination of possession of a
`device and knowledge of a password is a system, called
`the SAFEWORD System, made and marketed by
`Enigma Logic, Inc., the assignee of the present inven(cid:173)
`tion. The SAFEWORD System provides a much 55
`higher level of security than A TMs by requiring the
`user to know a password (to identify the user) and to
`possess an electronic key that specifies an encryption
`algorithm. Possession of the electronic key, in combina(cid:173)
`tion with a decoder, enables the user to dynamically 60
`generate a password in response to a challenge pres(cid:173)
`ented by the computer that the user wants to access.
`The computer allows access to its resources only if
`the dynamically generated password matches an inter(cid:173)
`nally generated password. A more complete description 65
`of the SAFEWORD system can be found in patent
`application Ser. No. 370,902, filed Apr. 22, 1982, which
`is hereby incorporated by reference.
`
`2
`DYNAMIC PASSWORD SYSTEMS
`The SAFEWORD system mentioned above is an
`example of a class of access control systems which
`5 employ dynamic passwords. Generally, access control
`systems which employ dynamic passwords can be clas(cid:173)
`sified into three groups according to the means by
`which they derive their dynamic passwords: (1) "asyn(cid:173)
`chronous" systems derive passwords by generating
`10 and/or encrypting randomly generated numbers, (2)
`"synchronous" systems derive passwords using algo(cid:173)
`rithms based on the passage of time, and (3) "semisyn(cid:173)
`chronous" systems derive passwords by encrypting
`prior usage history.
`Asynchronous password systems, such as the SAFE(cid:173)
`WORD system mentioned above, generally require the
`user to generate a password in response to a "chal(cid:173)
`lenge" value generated by the security system. Asyn(cid:173)
`chronous password systems are more secure than either
`of the other two types of dynamic password systems.
`Their disadvantage is that they require the user to exert
`or enter more keystrokes (i.e., by entering the random
`number challenge) than synchronous and semisynchro(cid:173)
`nous systems. This usually amounts to 7 or 8 more key(cid:173)
`strokes than the other systems.
`The term "conventional PIN logic" is used herein to
`refer to access control systems that require the user to
`enter a memorized personal identification number as
`part of the system's access request protocol. The pur(cid:173)
`pose of conventional PIN logic is to add a layer of
`security to the access control system. However, using
`conventional PIN logic increases the number of key(cid:173)
`strokes expended. For example, two prior art access
`control systems (the PFX Passport made by Sytek, and
`the Confidant device made by Atalla Corporation) that
`use PIN logic require the user to enter a keystroke to
`mark the beginning of the PIN sequence, then the user's
`PIN, and then another keystroke to mark the end of the
`PIN sequence.
`While the prior art asynchronous password systems
`have not generally employed conventional PIN logic,
`one aspect of the present invention is the incorporation
`of PIN logic into an asynchronous password system by
`requiring the user to append his PIN to the challenge
`supplied by the system when generating the dynamic
`password. As will be described below, the present in-
`vention incorporates PIN logic without requrring addi(cid:173)
`tional keystrokes to mark the beginning and end of the
`PIN sequence, thereby reducing the keystroke burden
`of using PIN logic.
`Time synchronous access control systems are gener(cid:173)
`ally less secure than asynchronous ones because the
`security provided is usually based solely on possession
`of a time synchronous password generator. The premise
`of these systems is that the "keys" which enable access
`are very difficult to counterfeit. However, they are also
`difficult to administer due to the difficulty of maintain(cid:173)
`ing a large population of such devices in exact time-lock
`step. On the other hand, they are extremely easy to use,
`requiring no keystrokes at all on the part of the user
`(other than entering the password generated by the
`device into the computer). That is, most synchronous
`password generators are used by entering a password
`generated by the password generator into a computer
`which verifies the password transmitted by the genera(cid:173)
`tor.
`The time synchronous devices currently in use lack
`keyboards, so they can't implement PIN logic. This is a
`
`Page 10 of 19
`
`

`

`5,060,263
`
`3
`serious limitation because illicit access requires only
`possession of the password generator.
`Semisynchronous security systems, in their primary
`mode of operation, require only a single keystroke be(cid:173)
`cause semisynchronous password generators typically 5
`encode the prior usage history of the device using a
`predefined cryptographic algorithm and key. For exam(cid:173)
`ple, assume that F(A,K,P) represents the cryptographic
`function performed by a semisynchronous password
`generator, where A specifies the cryptographic algo- IO
`rithm, K specifies the cryptographic key to be used with
`the algorithm, and P represents the previous password
`value (i.e., the prior usage history of the device). If
`"1234" is the previous dynamic password generated by
`the device, the next password will generated by com- 15
`puting the value of F(A,K, 1234).
`For all practical purposes this makes semisynchro(cid:173)
`nous password generators as easy to use as time syn(cid:173)
`chronous devices. However, semisynchronous devices
`must execute a full asynchronous challenge/response 20
`sequence approximately 10% of the time-when the
`dynamic password generator and the computer system
`become desynchronized-effectively
`increasing
`the
`average basic keystroke burden to (a still very attrac(cid:173)
`tive) total of 2. Conventional PIN logic and entry of the 25
`resulting dynamic password increases this total to about
`14 or 15 keystrokes.
`Semisynchronous devices are less secure than asyn(cid:173)
`chronous devices because they can be compromised if
`they fall into the hands of an attacker, even momen- 30
`tarily. Momentary possession allows an attacker to ob(cid:173)
`tain the next valid password by simply pressing a single
`button, causing execution of the cryptographic function
`F(A,K,P) as explained above. Since only P, the previ(cid:173)
`ous password value, changes each time that the semis- 35
`ynchronous device is used, an attacker can easily obtain
`the next dynamic password before it is needed if he can
`get momentary possession of the device. Thus, it would
`appear that semisynchronous devices are more secure
`than time synchronous devices if they are continuously 40
`in the possession of the authorized user, but they are less
`secure if they ever pass (even temporarily) into the
`hands of an attacker.
`Shortcomings of the Prior Art. In general, the prior
`art devices have either compromised convenience to 45
`provide security by requiring too many keystrokes, or
`have compromised security by eliminating or requiring
`only a very small number of keystrokes.
`A general shortcoming of the prior art systems which
`dynamically generate passwords is that they generally 50
`use only a single encryption or password generation
`algorithm. While many encryption methods, such as
`DES, are quite secure, the use of a single encryption
`method makes it conceivable that a persistent attack on
`the encryption algorithm will eventually be successful. 55
`An additional shortcoming of the semisynchronous
`systems in the prior art is that it is difficult to use a single
`password issuing device for enabling access to more
`than one computer system. The problem is that the
`semisynchronous password issuing devices in the prior 60
`art maintain and successively encrypt a single prior
`usage history. Therefore if a single password device is
`used first with one computer and then with a second
`computer, the prior usage history in the password de(cid:173)
`vice will no longer be in synchronization with the prior 65
`usage history of the first computer. Thus, each time the
`password device is used to obtain access to a different
`property or computer, the password device would have
`
`4
`to be resynchronized with that system-which almost
`entirely defeats the benefits of using a semisynchronous
`access security system.
`
`SUMMARY OF THE INVENTION
`The present invention is based on a new dynamic
`password concept which combines the advantages of
`asynchronous and semisynchronous systems, described
`above. It reduces the number of keystrokes required of
`its users, and yet provides a much higher level of secu(cid:173)
`rity than previous dynamic password systems. Further(cid:173)
`more, it provides a single dynamic password issuing
`device which can be conveniently used with a multi(cid:173)
`plicity of access protected systems.
`Generally, the present invention is an improvement
`for an access control system which controls access to at
`least one protected system, such as a computer. Each
`protected system includes a keyboard or other input
`mechanism for reading a purported password submitted
`as part of a request for access to at least a specified
`portion of the protected system, and a display or similar
`mechanism for conveying information to someone re(cid:173)
`questing access to at least a portion of the protected
`system. As in previous systems, the protected system
`stores or calculates at least one authentic password,
`typically one for each authorized user.
`The primary aspects of the improvements in the pres(cid:173)
`ent invention are (1) the generation of each new authen(cid:173)
`tic password by sequentially encrypting a previous au(cid:173)
`thentic password with a plurality of distinct encryption
`steps, each of which uses a distint encryption algorithm
`or cipher, (2) enabling a single password issuing device
`to store and generate semisynchronous passwords for a
`multiplicity of distinct protected host systems, and (3)
`the incorporation of PIN logic into the means for gener(cid:173)
`ating new authentic passwords. The level of security
`provided by the present invention is substantially in(cid:173)
`creased by using multiple distinct encryption steps,
`because each added encryption step uses a distinct en(cid:173)
`cryption cipher, which makes illicit password genera(cid:173)
`tion vastly more difficult. Like existing semisynchro(cid:173)
`nous systems, synchronization is maintained by basing
`new passwords on "prior usage history", i.e., the previ(cid:173)
`ously generated password. Furthermore, incorporating
`PIN logic improves security by making the generation
`of authentic passwords dependent not only possession
`of a password issuing device, but also on possession of
`confidential information which is easily customized for
`each user of the system.
`In summary, the present invention is an access con(cid:173)
`trol system in which protected systems and correspond(cid:173)
`ing portable password issuing devices both generate
`new authentic passwords using a multiplicity of distinct
`predefined encryptio steps. In particular, new authentic
`passwords are generated by successively encrypting a
`stored password with a selected sequence of predefined
`encryption steps, each using a distinct encryption ci(cid:173)
`pher. In other words, when the sequence contains more
`than one encryption step, the result of each encryption
`step is used as the starting point for the next encryption
`step.
`In the preferred embodiment, ten distinct predefined
`DES encryption steps are available for use, and a se(cid:173)
`quence of encryption steps is selected by randomly
`selecting at least one decimal digit and appending the
`randomly selected digit(s) to the user's personal identifi(cid:173)
`cation number. Only the randomly selected digits are
`displayed on the protected system's display. Then, a
`
`Page 11 of 19
`
`

`

`5,060,263
`
`5
`new password is generated by the protected system by
`sequentially encrypting the stored password for that
`user using the encryption steps corresponding to the
`selected sequence.
`Authentic password issuing devices contain a digital 5
`computer capable of performing the same predefined
`DES encryption steps as used in the protected system,
`and a keyboard for initiating the execution of corre(cid:173)
`sponding ones of these encryption steps.
`The user, if authorized and in possession of an authen- 10
`tic password issuing device, generates an authentic pass(cid:173)
`word by entering his PIN and the displayed random
`number(s) on the keyboard of his password issuing de(cid:173)
`vice 26, which responds to each keystroke by displaying
`a new password on its display.
`The user submits or enters his purported new pass(cid:173)
`word to the protected system, which compares the
`purported password submitted by the user with the new
`authentic password that it has internally generated.
`Access to the protected system (or portion thereof cor- 20
`responding to the user's identity) is allowed when the
`purported password matches the internally generated
`authentic password.
`
`15
`
`6
`distributed system having a multiplicity of computers
`interconnected in various ways.
`In general, the computer system 22 will include mem(cid:173)
`ory or storage means 30 for storing data and programs,
`as well as one or more processors 32 (i.e., central pro(cid:173)
`cessing units or other processing means), and input/out-
`put ports 34 for communicating with the users of the
`system 22. The , input/output ports 34 will typically be
`a keyboard and display on small computer systems. In
`larger system, the input/output ports 34 may include a
`multiplicity of computer terminals (including terminals
`which are connected to the system via telephone con(cid:173)
`nections).
`For the purposes of this description, it is assumed that
`the computer's storage means 30 is being used to store
`protected data and/or computer programs 40 and may
`also stored unprotected data and computer programs
`42.
`As indicated in Figure every protected system incor(cid:173)
`porating the present invention must contain an access
`control program 44 for limiting access to the protected
`data and/or computer programs 40 in the protected
`system 22.
`As mentioned above, access control systems in accor-
`25 dance with the present invention also contain a set 24 of
`password issuing devices 26. As will be described in
`more detail below, each password issuing device 26
`contains its own digital processor and password gener-
`ating software which enables its user to dynamically
`generate passwords needed to gain access to at least a
`portion of the protected data and/ or programs 40 in the
`protected system 22.
`
`30
`
`BRIEF DESCRIPTION OF THE DRAWINGS
`Additional objects and features of the invention will
`be more readily apparent from the following detailed
`description and appended claims when taken in con-
`junction with the drawings, in which:
`FIG. 1 is a block diagram of an access control system
`in accordance with the present invention.
`FIG. 2 is a block diagram of the access control data
`stored in a protected system.
`FIG. 3 is a flow chart of the password confirmation 35
`process used in the preferred embodiment.
`FIG. 4 is a block diagram of the circuitry in a pass(cid:173)
`word issuing device.
`FIG. 5 depicts a preferred embodiment of the front
`panel of a password issuing device.
`FIG. 6 is a conceptual block diagram of a password
`issuing device.
`FIGS. 7, 8 and 9 are detailed flow charts showing the
`operation of the password issuing device in the pre-
`ferred embodiment.
`DESCRIPTION OF THE PREFERRED
`EMBODIMENT
`Referring to FIG. 1, there is shown a generalized
`block diagram of an access control system 20 in accor- 50
`dance with the present invention. The basic compo(cid:173)
`nents of the system 20 are a protected computer system
`22 and a set 24 of password issuing devices 26.
`For the purposes of this description, the term "pro(cid:173)
`tected computer system" shall mean a digital computer 55
`system in which at least a portion of the stored informa(cid:173)
`tion (e.g., data, programs, or both) are protected from
`unauthorized access. However, it should also be under(cid:173)
`stood that the present invention is applicable to systems
`for protecting other types of systems (e.g., systems for 60
`limiting access to a room or other physical area), in
`which case the protected system 22 will include a digi-
`tal computer system for controlling access into the
`protected system.
`There are no particular restraints on the nature of the 65
`"computer system" being protected, and thus the "com(cid:173)
`puter system" may be a personal computer, a data pro(cid:173)
`cessing installation, a telecomputing system, or even a
`
`45
`
`Access Control Data
`As in most computer security systems, the access
`control software in the present invention uses certain
`access control data, including user identifier and pass(cid:173)
`words. FIG. 2 is a block diagram of the access control
`data stored in the preferred embodiment. As is standard,
`40 this data is stored in encrypted form to make reverse
`engineering of the access control data extremely diffi(cid:173)
`cult.
`An array 50 of access control data is used to store the
`access control data associated with each authorized
`user, or each unique user identification. For the pur(cid:173)
`poses of this discussion, it is assumed that each autho-
`rized user is authorized to access at least a portion of the
`protected data 40 stored in the protected computer
`system 22. This array 50 is embeded in the access con(cid:173)
`trol software 44. In the preferred embodiment, for each
`authorized user there is stored the last value of a dy-
`namic password, a personal identification number
`(PIN), and an indication of the limitations, if any, placed
`on the user's access to the protected portions of the
`system 22. These limits may be specified in terms of the
`number of times, and/or the length ohime that the user
`may access the system 22 before having to request a
`renewal of the authorization to access the system.
`In the present invention, the access control data for
`each authorized user also includes a set 52 often ciphers
`or keys, herein labelled DES KEY O through DES
`KEY 9, which are used to encrypt passwords. As will
`be described in more detail below, new passwords are
`generated from previous passwords by sequentially
`encrypting the previous password with a sequence of
`encryption steps. Each encryption step uses one of the
`ten ciphers, and uses the result of the previous encryp(cid:173)
`tion step as the data to be encrypted.
`
`Page 12 of 19
`
`

`

`5,060,263
`
`7
`As noted, in the preferred embodiment every user has
`a personal identification number (PIN). Typically, each
`PIN is a sequence of two or more digits known only to
`the user and the access control program. While the use
`of PINs is not essential to the present invention, the use
`of PINs can greatly increase the level of security
`provided- particularly because the present invention
`provides an unusually secure method for communica(cid:173)
`tion of the PIN by the user to the access control pro(cid:173)
`gram, as will be explained in more detail below.
`
`Access Control Method.
`FIG. 3 is a flow chart of the password confirmation
`process used in the preferred embodiment. The process
`begins when a user requests access to the system (box 15
`60). As part of the request, the user generally must
`specify his purported user identification so that the
`system can test whether the person requesting access is
`in fact the specified user.
`In response to the request, the access control soft- 20
`ware generates or selects an encryption sequence Kl,
`K2, K3, ... KN which will be used to generate a new
`authentic password for the specified user (box 62). In
`the preferred embodiment, the encryption sequence is
`represented as a series of "digits", where each "digit" 25
`corresponds to an encryption step using a correspond(cid:173)
`ing cipher value. In the preferred embodiment, each
`encryption step uses an encryption algorightm called
`the Data Encryption Standard (DES), and thus the
`ciphers used are herein called DES ciphers. Further- 30
`more, the encryption sequence is selected by appending
`a randomly generated "challenge" value, correspond(cid:173)
`ing to one or more encryption steps, to a sequence of
`encryption steps determined by the user's PIN.
`Next (box 64) the access control software generates a 35
`new authentic password Au by performing the selected
`sequence of encryption steps:
`
`X1=
`X2 =
`X3 =
`Xi=
`Xs =
`
`DESK! (PREVIOUS PASSWORD)
`DESK2(X1)
`DESK3 (X2)
`DESK4 (X3)
`DESKS (Xi)
`
`8
`that user is replaced with the new dynamic password
`value Au (box 72).
`It should be noted that in the preferred embodiment,
`the password issuing device 26 displays only a portion
`5 (e.g., six decimal digits) of the password which it has
`generated. Therefore, when the access control software
`compares the purported password Pp with the authentic
`password Au only a portion of the authentic password is
`compared with the purported password. If A 11 and Pp do
`10 not match, then the access control software displays an
`error message (box 74). The access control software,
`however, takes into account that the user may have
`accidentally made a data entry error. Therefore, the
`next step depends on how many incorrect purported
`passwords the user has entered. After the first mistake,
`the access control program gives the user another
`chance by generating a new authentic password Au,
`using a new challenge value (box 78).
`Another problem taken into account by the access
`control program is that the user's password issuing
`device may have become desynchronized with the ac(cid:173)
`cess control program. This can happen, for instance, by
`randomly pushing the buttons on the password issuing
`device. Thus, after the user enters an incorrect pur(cid:173)
`ported password, the access control program attempts
`to resynchronize with the user's password issuing de(cid:173)
`vice (box 78). This is done by using a predefined resy(cid:173)
`chronization password (e.g., a value of zero, or any
`other predefined value) as the "previous" password,
`and encrypting it with a new challenge value. This new
`challenge value is called a resynchronization challenge
`because, when it is displayed, the display includes the
`letter "C" to indicate that the user should use the
`CLEAR button on his password issuing device-as will
`be described in more detail below. The process then
`continues with the entry by the user of a new purported
`password (box 68).
`Finally, if the user fails to enter a correct password in
`40 response to the resynchronization challenge, the access
`control program "disconnects"-to prevent him from
`further attempts to gain access to the system (box 80)
`because, insofar as the access control program can de(cid:173)
`termine, the user is not an authorized user of the pro-
`45 tected system 22.
`It sh