Classifications

• • G—PHYSICS
  • G06—COMPUTING; CALCULATING OR COUNTING
  • G06F—ELECTRIC DIGITAL DATA PROCESSING
  • G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
  • G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
  • G06F21/31—User authentication
  • G06F21/36—User authentication by graphic or iconic representation
• • G—PHYSICS
  • G07—CHECKING-DEVICES
  • G07C—TIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
  • G07C9/00—Individual registration on entry or exit
  • G07C9/30—Individual registration on entry or exit not involving the use of a pass
  • G07C9/32—Individual registration on entry or exit not involving the use of a pass in combination with an identity check
  • G07C9/33—Individual registration on entry or exit not involving the use of a pass in combination with an identity check by means of a password
• • G—PHYSICS
  • G07—CHECKING-DEVICES
  • G07F—COIN-FREED OR LIKE APPARATUS
  • G07F7/00—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
  • G07F7/08—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
  • G07F7/10—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data

Definitions

• the present invention relates to a process according to the preamble of claim 1. It further relates to a product obtained by this process and to a process using this product.
• An object of the invention is therefore to propose a method making it possible to create a data structure which can be used, for example in the form of a readable representation or stored on a disk, to create passwords requiring considerably less memory effort. for the user.
• a method is defined in independent claim one.
• the dependent claims relate to preferred embodiments, a product thus obtained and a method of application of this product.
• the invention is part of a new identification system making it possible to create passwords, that is to say sequences of determined symbols and to store them according to a single principle valid for all the passwords created. Applying the principle used to create passwords allows a system to find them. Without knowledge of this principle this is impossible.
• the system includes an encryption system, a password creation system and an identification system.
• Encoding system
• the encoding system is based on the list of symbols used in the composition of passwords and on a list of symbols chosen arbitrarily.
• the encoding system creates a matrix whose dimensions are given, on the one hand, by the number of "characters” and, on the other hand, by the number of "symbols".
• the encoding system thus creates a matrix comprising a number of columns equal to the number of "characters” and a number of lines equal to the number of "symbols", or vice versa. We choose precisely the first case for the rest of the explanation.
• the encoding system arbitrarily distributes all the "characters" in the list of symbols used in the composition of passwords on the first line of the matrix. It repeats the operation with a new list of "characters” on the second line and so on until the matrix is filled.
• the encoding system adds a column to the matrix. It arbitrarily distributes in this column all the "symbols" of the list of arbitrary symbols.
• the encoding system then associates with each "character" of the matrix one of the "symbols" exactly once. To do this, the encoding system can prepare as many symbol lists in memory locations. arbitrary that there are “characters”. It arbitrarily orders the "symbols" of each of the lists and associates each of them with one of the "characters”. Then the encoding system traverses each box of the matrix and reads the "character” which is there, it then takes from the list associated with this character one of the "symbols" being there. The encoding system repeats the operation for each cell of the matrix.
• the encoding system stores or prints the matrix on any medium so that it can be transported physically or electronically.
• the password creation system chooses a code composed of one or more "characters” drawn from the list of symbols used in the composition of passwords. He then creates a matrix in which he chooses one of the boxes as being the so-called original box. He then chooses in the created matrix a "reading path” according to which he moves in relation to the original box.
• the "reading path” is made up of the following coordinates relative to the position of the original box.
• the “reading route” is not subject to any rules and may be discontinuous.
• the password creation system uses the matrix encoded by the encoding system. He chooses one of the "symbols” as “starting point”. He crosses the line with the associated "starting point symbol” and compares the "characters” there with the first "character” he has chosen for his code. When it finds the same "character”, the password creation system reads the "symbol” associated with this "character” in the matrix. It then crosses the line with the new "symbol” associated with it and compares the "characters" with the second "character” it has chosen for its code. It repeats the operation until it finds in the matrix the last "character” it has chosen for its code.
• the password creation system then reads the characters by moving in the matrix following the "reading path” it created before and using the box where the last "character” found is found as the original box.
• the password created is made up of “characters” read according to this approach.
• the password created is transmitted to the identification system.
• the identification system applies with the elements supplied to it the same principle as that used to create the password and compares the password obtained with that transmitted to it by the password creation system. If they are similar, identification is accepted; otherwise it is not. Variants with additional elements
• the elements necessary for the creation of passwords can be given in part by the identification system. This can transmit to the password creation system part of the code necessary for creating passwords and change this part each time it is identified.
• the password creation system integrates these elements when creating passwords, then transmits the password (s) to the identification system.
• the identification system also incorporates these elements during identification.
• the password creation system can use the same principle more than once to create passwords different by simply changing the "starting point symbol” or changing the encoded matrix.
• Passwords are not stored or printed in plain text. It is practically impossible to find them in the encoded matrix without knowing the principle of creating passwords used.
• the encoding system makes it possible to create a practically unlimited number of different encoded matrices.
• the encoding matrix can be printed and it is possible to find passwords manually in order to have access to simple systems that do not have automatic identification systems.
• the elements are chosen according to the systems for which they are used. In our example we use a limited number of elements, for the sake of simplification. We choose the symbols used in the composition of passwords from the following symbols 1: "ABCDE" (Fig. 1).
• the encoding system creates, for example, a matrix 5 having 5 columns and 4 lines, corresponding to the number of "characters" 1 and "symbols" 3 available.
• the encoding system arbitrarily distributes the "characters" 1 on the first line 7 of the matrix, for example: "C B A D E”. It repeats the operation on the second 8, third 9 and fourth 10 line.
• We obtain the matrix 5 ("C B A D E”, “A C D B E”, “E C D B A”, “B A C E D") as described in FIG. 2.
• the encoding system adds a column 12 to the matrix and distributes therein the symbols 3 from the list of arbitrary symbols, for example "heart square clover spades” (Fig. 3).
• the encoding system places in memory five lists of "symbols” 3 (because there are 5 “characters” 1) in which it places the symbols 3 in an arbitrary manner, for example “heart clover square spades” 16, “square spades clover heart “17,” clover heart spades square “18,” heart spades square clover “19 and” spades heart square clover “20.
• the encoding system associates with each "character” 1 one of the lists of “symbols" 16-20. It associates for example with the character “A” 21 the first list 16, with the character “B” 22 the second 17, at “C” 23 the third 18, at "D” 24 the fourth 19 and at "E” 25 the fifth 20 (Fig. 4).
• the encoding system traverses the matrix and associates with each "character” 1 the following "symbol” 3 taken from the list 16-19 of associated "symbols".
• "clover” with "C”
• "spades” with "B”
• "heart” with "A”
• "spades” with "E” He applies the same method on each line of the table and obtains the matrix 27 (Fig. 5).
• the password creation system uses the encoded matrix. It creates a coordinate system allowing it to locate each box of the matrix 27 by its absolute coordinates. For example, it uses as its origin the first box 29 at the top left of the matrix 27 and numbers on the abscissa and ordered from 0 (Fig. 6).
• the password creation system creates an arbitrary matrix 31, for example of 5 rows and 4 columns, and chooses a box as the origin box 33 which it chooses as the origin (0; 0). He chooses a "reading path” consisting, for example, of moving from box 34 above the original box, two boxes 35-36 to the right, then two boxes 37-38 down.
• Fig. 7 describes the "reading route", the original box 33 is given by an "X”, the boxes 34-38 making up the route are numbered from 1 to 5.
• the system stores the relative coordinates 39 of each box 34-38 of the route in relation to the original space 33.
• the password creation system then chooses a code composed for example of two "characters” 1: "DB”. he also chooses a "symbol” 3 as "starting point", for example "clover”.
• the system browses in the encoded matrix 27 column 12 having only
• the system reads with respect to this original box 45 by following the "reading path" which it previously determined the “characters” present in the matrix 27. To do this, it suffices to add to the absolute coordinates of the original box 45 (4; 1) the relative coordinates 39 of the "reading path". If the values it obtains are outside the limits of the matrix 27, the system creates a copy 47 of the matrix 5 of characters and places it adjacent to the first matrix 27, in order to be able to extend the "reading path". To this end, column 12 is ignored, that is to say a copy of the matrix 27 to the right, if any, is added to the last column 49 of the "characters" 1.
• the system can then read boxes (4; 0), (5; 0), (6; 0), (6; 1) and (6; 2), as described in Fig. 9.
• the system reads in these boxes the sequence 51 of "characters” 1 "DECAE". This is the password it transmits to the identification system.
• the identification system In order to carry out an identification, - the identification system must be supplied with the encoded matrix 27 which the system will read and memorize. It must then be given the code "DB" in our example, the "starting point symbol” "clover” and the “reading path” as described in Fig. 7.
• the identification system applies the same principle as that used by the password creation system with the elements provided to it. He finds a series of "characters" which he compares to the password that the password creation system transmitted to him before. If the two sequences of characters are identical, the identification has succeeded; otherwise, it does not take place.
• An example of use can be given for access to a computer workstation (computer).
• Each user is given a floppy disk on which is stored any encoded matrix 27.
• Each user must log in to the system for the first time. For this, he must insert his floppy disk into the computer equipped with the password creation system and choose the elements necessary to create his password, i.e. a code (of two letters for example), a "starting point symbol” and a "reading path” (which he can draw on a grid on the screen).
• the system saves the password created using the system described above and transmits it to the identification system.
• a computer program is running on the user's personal computer. When the latter wishes to identify himself, he must introduce his floppy disk containing the encoded matrix and provide the system with the same elements that he had previously chosen, ie his code, his "starting point symbol” and his "reading journey".
• the identification system reads the matrix encoded from the diskette and uses the same system as described above and compares the string of characters obtained with the password which had been transmitted to it by the password creation system. If they are identical, the system authorizes the user to access the services, otherwise it prohibits it.
• the user can create new passwords by changing the "starting point symbol" or by changing the encoded matrix (by taking a new floppy disk for example). He no longer has to remember his passwords but only the elements necessary to create them which remain identical for all his passwords, so he no longer has any memory problems.
• a password can also be done manually by the user, using a graphic production printed on any support (cardboard, plastic).
• the password can also be entered in a counter, computer, etc. without an appropriate reader, by typing on a standard alphanumeric keyboard, or even using a reduced set of keys, for example similar to the keyboard of a telephone where the keys are additionally associated with several characters.
• FIG. 10 shows the example of a matrix 52 containing additional elements 53 (in this case numbers) randomly distributed as well as an additional line 55 also containing numbers, ie additional elements.
• additional elements 53 in this case numbers
• additional line 55 also containing numbers, ie additional elements.
• the additional elements 53 as well as the additional line 55 are not taken into account by the encoding system.
• the password creation system takes into account additional elements when reading according to the predefined path.
• the password created using the method described above then becomes "DEC2E".

Landscapes

• Engineering & Computer Science (AREA)
• Physics & Mathematics (AREA)
• General Physics & Mathematics (AREA)
• Computer Security & Cryptography (AREA)
• Theoretical Computer Science (AREA)
• Computer Hardware Design (AREA)
• Software Systems (AREA)
• General Engineering & Computer Science (AREA)
• Storage Device Security (AREA)
• Document Processing Apparatus (AREA)

Applications Claiming Priority (3)

Publications (1)

Family

ID=4333898

Family Applications (1)

Country Status (5)

Families Citing this family (20)

Family Cites Families (8)

• 2001
  • 2001-01-16 CA CA002399302A patent/CA2399302A1/en not_active Abandoned
  • 2001-01-16 WO PCT/CH2001/000031 patent/WO2001054073A1/fr active Application Filing
  • 2001-01-16 AU AU2001223393A patent/AU2001223393A1/en not_active Abandoned
  • 2001-01-16 US US10/181,330 patent/US7363503B2/en not_active Expired - Fee Related
  • 2001-01-16 EP EP01900078A patent/EP1249008A1/de not_active Ceased
• 2006
  • 2006-05-30 US US11/442,879 patent/US20060218524A1/en not_active Abandoned

Non-Patent Citations (1)

Also Published As

Similar Documents

Legal Events