EP1249008A1 - Verfahren zum erzeugen einer für eine passwortidentifizierung anwendbaren datenstruktur - Google Patents
Verfahren zum erzeugen einer für eine passwortidentifizierung anwendbaren datenstrukturInfo
- Publication number
- EP1249008A1 EP1249008A1 EP01900078A EP01900078A EP1249008A1 EP 1249008 A1 EP1249008 A1 EP 1249008A1 EP 01900078 A EP01900078 A EP 01900078A EP 01900078 A EP01900078 A EP 01900078A EP 1249008 A1 EP1249008 A1 EP 1249008A1
- Authority
- EP
- European Patent Office
- Prior art keywords
- list
- symbol
- symbols
- lists
- matrix
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Ceased
Links
- 238000004519 manufacturing process Methods 0.000 title claims description 4
- 238000000034 method Methods 0.000 claims abstract description 17
- 239000011159 matrix material Substances 0.000 claims description 56
- 230000015572 biosynthetic process Effects 0.000 claims 1
- 241000219793 Trifolium Species 0.000 description 11
- 230000008569 process Effects 0.000 description 3
- 230000008859 change Effects 0.000 description 2
- 238000004590 computer program Methods 0.000 description 1
- 230000001419 dependent effect Effects 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000004044 response Effects 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/36—User authentication by graphic or iconic representation
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07C—TIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
- G07C9/00—Individual registration on entry or exit
- G07C9/30—Individual registration on entry or exit not involving the use of a pass
- G07C9/32—Individual registration on entry or exit not involving the use of a pass in combination with an identity check
- G07C9/33—Individual registration on entry or exit not involving the use of a pass in combination with an identity check by means of a password
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F7/00—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
- G07F7/08—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
- G07F7/10—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
Definitions
- the present invention relates to a process according to the preamble of claim 1. It further relates to a product obtained by this process and to a process using this product.
- An object of the invention is therefore to propose a method making it possible to create a data structure which can be used, for example in the form of a readable representation or stored on a disk, to create passwords requiring considerably less memory effort. for the user.
- a method is defined in independent claim one.
- the dependent claims relate to preferred embodiments, a product thus obtained and a method of application of this product.
- the invention is part of a new identification system making it possible to create passwords, that is to say sequences of determined symbols and to store them according to a single principle valid for all the passwords created. Applying the principle used to create passwords allows a system to find them. Without knowledge of this principle this is impossible.
- the system includes an encryption system, a password creation system and an identification system.
- Encoding system
- the encoding system is based on the list of symbols used in the composition of passwords and on a list of symbols chosen arbitrarily.
- the encoding system creates a matrix whose dimensions are given, on the one hand, by the number of "characters” and, on the other hand, by the number of "symbols".
- the encoding system thus creates a matrix comprising a number of columns equal to the number of "characters” and a number of lines equal to the number of "symbols", or vice versa. We choose precisely the first case for the rest of the explanation.
- the encoding system arbitrarily distributes all the "characters" in the list of symbols used in the composition of passwords on the first line of the matrix. It repeats the operation with a new list of "characters” on the second line and so on until the matrix is filled.
- the encoding system adds a column to the matrix. It arbitrarily distributes in this column all the "symbols" of the list of arbitrary symbols.
- the encoding system then associates with each "character" of the matrix one of the "symbols" exactly once. To do this, the encoding system can prepare as many symbol lists in memory locations. arbitrary that there are “characters”. It arbitrarily orders the "symbols" of each of the lists and associates each of them with one of the "characters”. Then the encoding system traverses each box of the matrix and reads the "character” which is there, it then takes from the list associated with this character one of the "symbols" being there. The encoding system repeats the operation for each cell of the matrix.
- the encoding system stores or prints the matrix on any medium so that it can be transported physically or electronically.
- the password creation system chooses a code composed of one or more "characters” drawn from the list of symbols used in the composition of passwords. He then creates a matrix in which he chooses one of the boxes as being the so-called original box. He then chooses in the created matrix a "reading path” according to which he moves in relation to the original box.
- the "reading path” is made up of the following coordinates relative to the position of the original box.
- the “reading route” is not subject to any rules and may be discontinuous.
- the password creation system uses the matrix encoded by the encoding system. He chooses one of the "symbols” as “starting point”. He crosses the line with the associated "starting point symbol” and compares the "characters” there with the first "character” he has chosen for his code. When it finds the same "character”, the password creation system reads the "symbol” associated with this "character” in the matrix. It then crosses the line with the new "symbol” associated with it and compares the "characters" with the second "character” it has chosen for its code. It repeats the operation until it finds in the matrix the last "character” it has chosen for its code.
- the password creation system then reads the characters by moving in the matrix following the "reading path” it created before and using the box where the last "character” found is found as the original box.
- the password created is made up of “characters” read according to this approach.
- the password created is transmitted to the identification system.
- the identification system applies with the elements supplied to it the same principle as that used to create the password and compares the password obtained with that transmitted to it by the password creation system. If they are similar, identification is accepted; otherwise it is not. Variants with additional elements
- the elements necessary for the creation of passwords can be given in part by the identification system. This can transmit to the password creation system part of the code necessary for creating passwords and change this part each time it is identified.
- the password creation system integrates these elements when creating passwords, then transmits the password (s) to the identification system.
- the identification system also incorporates these elements during identification.
- the password creation system can use the same principle more than once to create passwords different by simply changing the "starting point symbol” or changing the encoded matrix.
- Passwords are not stored or printed in plain text. It is practically impossible to find them in the encoded matrix without knowing the principle of creating passwords used.
- the encoding system makes it possible to create a practically unlimited number of different encoded matrices.
- the encoding matrix can be printed and it is possible to find passwords manually in order to have access to simple systems that do not have automatic identification systems.
- the elements are chosen according to the systems for which they are used. In our example we use a limited number of elements, for the sake of simplification. We choose the symbols used in the composition of passwords from the following symbols 1: "ABCDE" (Fig. 1).
- the encoding system creates, for example, a matrix 5 having 5 columns and 4 lines, corresponding to the number of "characters" 1 and "symbols" 3 available.
- the encoding system arbitrarily distributes the "characters" 1 on the first line 7 of the matrix, for example: "C B A D E”. It repeats the operation on the second 8, third 9 and fourth 10 line.
- We obtain the matrix 5 ("C B A D E”, “A C D B E”, “E C D B A”, “B A C E D") as described in FIG. 2.
- the encoding system adds a column 12 to the matrix and distributes therein the symbols 3 from the list of arbitrary symbols, for example "heart square clover spades” (Fig. 3).
- the encoding system places in memory five lists of "symbols” 3 (because there are 5 “characters” 1) in which it places the symbols 3 in an arbitrary manner, for example “heart clover square spades” 16, “square spades clover heart “17,” clover heart spades square “18,” heart spades square clover “19 and” spades heart square clover “20.
- the encoding system associates with each "character” 1 one of the lists of “symbols" 16-20. It associates for example with the character “A” 21 the first list 16, with the character “B” 22 the second 17, at “C” 23 the third 18, at "D” 24 the fourth 19 and at "E” 25 the fifth 20 (Fig. 4).
- the encoding system traverses the matrix and associates with each "character” 1 the following "symbol” 3 taken from the list 16-19 of associated "symbols".
- "clover” with "C”
- "spades” with "B”
- "heart” with "A”
- "spades” with "E” He applies the same method on each line of the table and obtains the matrix 27 (Fig. 5).
- the password creation system uses the encoded matrix. It creates a coordinate system allowing it to locate each box of the matrix 27 by its absolute coordinates. For example, it uses as its origin the first box 29 at the top left of the matrix 27 and numbers on the abscissa and ordered from 0 (Fig. 6).
- the password creation system creates an arbitrary matrix 31, for example of 5 rows and 4 columns, and chooses a box as the origin box 33 which it chooses as the origin (0; 0). He chooses a "reading path” consisting, for example, of moving from box 34 above the original box, two boxes 35-36 to the right, then two boxes 37-38 down.
- Fig. 7 describes the "reading route", the original box 33 is given by an "X”, the boxes 34-38 making up the route are numbered from 1 to 5.
- the system stores the relative coordinates 39 of each box 34-38 of the route in relation to the original space 33.
- the password creation system then chooses a code composed for example of two "characters” 1: "DB”. he also chooses a "symbol” 3 as "starting point", for example "clover”.
- the system browses in the encoded matrix 27 column 12 having only
- the system reads with respect to this original box 45 by following the "reading path" which it previously determined the “characters” present in the matrix 27. To do this, it suffices to add to the absolute coordinates of the original box 45 (4; 1) the relative coordinates 39 of the "reading path". If the values it obtains are outside the limits of the matrix 27, the system creates a copy 47 of the matrix 5 of characters and places it adjacent to the first matrix 27, in order to be able to extend the "reading path". To this end, column 12 is ignored, that is to say a copy of the matrix 27 to the right, if any, is added to the last column 49 of the "characters" 1.
- the system can then read boxes (4; 0), (5; 0), (6; 0), (6; 1) and (6; 2), as described in Fig. 9.
- the system reads in these boxes the sequence 51 of "characters” 1 "DECAE". This is the password it transmits to the identification system.
- the identification system In order to carry out an identification, - the identification system must be supplied with the encoded matrix 27 which the system will read and memorize. It must then be given the code "DB" in our example, the "starting point symbol” "clover” and the “reading path” as described in Fig. 7.
- the identification system applies the same principle as that used by the password creation system with the elements provided to it. He finds a series of "characters" which he compares to the password that the password creation system transmitted to him before. If the two sequences of characters are identical, the identification has succeeded; otherwise, it does not take place.
- An example of use can be given for access to a computer workstation (computer).
- Each user is given a floppy disk on which is stored any encoded matrix 27.
- Each user must log in to the system for the first time. For this, he must insert his floppy disk into the computer equipped with the password creation system and choose the elements necessary to create his password, i.e. a code (of two letters for example), a "starting point symbol” and a "reading path” (which he can draw on a grid on the screen).
- the system saves the password created using the system described above and transmits it to the identification system.
- a computer program is running on the user's personal computer. When the latter wishes to identify himself, he must introduce his floppy disk containing the encoded matrix and provide the system with the same elements that he had previously chosen, ie his code, his "starting point symbol” and his "reading journey".
- the identification system reads the matrix encoded from the diskette and uses the same system as described above and compares the string of characters obtained with the password which had been transmitted to it by the password creation system. If they are identical, the system authorizes the user to access the services, otherwise it prohibits it.
- the user can create new passwords by changing the "starting point symbol" or by changing the encoded matrix (by taking a new floppy disk for example). He no longer has to remember his passwords but only the elements necessary to create them which remain identical for all his passwords, so he no longer has any memory problems.
- a password can also be done manually by the user, using a graphic production printed on any support (cardboard, plastic).
- the password can also be entered in a counter, computer, etc. without an appropriate reader, by typing on a standard alphanumeric keyboard, or even using a reduced set of keys, for example similar to the keyboard of a telephone where the keys are additionally associated with several characters.
- FIG. 10 shows the example of a matrix 52 containing additional elements 53 (in this case numbers) randomly distributed as well as an additional line 55 also containing numbers, ie additional elements.
- additional elements 53 in this case numbers
- additional line 55 also containing numbers, ie additional elements.
- the additional elements 53 as well as the additional line 55 are not taken into account by the encoding system.
- the password creation system takes into account additional elements when reading according to the predefined path.
- the password created using the method described above then becomes "DEC2E".
Landscapes
- Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- General Engineering & Computer Science (AREA)
- Storage Device Security (AREA)
- Document Processing Apparatus (AREA)
Applications Claiming Priority (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CH802000 | 2000-01-17 | ||
CH802000 | 2000-01-17 | ||
PCT/CH2001/000031 WO2001054073A1 (fr) | 2000-01-17 | 2001-01-16 | Procédé pour la production d'une structure de données, utilisable dans l'identification par mot de passe |
Publications (1)
Publication Number | Publication Date |
---|---|
EP1249008A1 true EP1249008A1 (de) | 2002-10-16 |
Family
ID=4333898
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
EP01900078A Ceased EP1249008A1 (de) | 2000-01-17 | 2001-01-16 | Verfahren zum erzeugen einer für eine passwortidentifizierung anwendbaren datenstruktur |
Country Status (5)
Country | Link |
---|---|
US (2) | US7363503B2 (de) |
EP (1) | EP1249008A1 (de) |
AU (1) | AU2001223393A1 (de) |
CA (1) | CA2399302A1 (de) |
WO (1) | WO2001054073A1 (de) |
Families Citing this family (20)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20040053654A1 (en) * | 2000-07-25 | 2004-03-18 | Hitoshi Kokumai | Secret information record medium, secret information protection method, secret information protective storing method, and system for reporting emergency such as theft or confinement when secret information is accessed |
US6897790B2 (en) * | 2001-09-11 | 2005-05-24 | Kevin Orton | Aircraft flight security system and method |
AU2003211960B2 (en) * | 2002-02-13 | 2009-12-10 | Passlogy Co., Ltd. | User authentication method and user authentication system |
US7543156B2 (en) * | 2002-06-25 | 2009-06-02 | Resilent, Llc | Transaction authentication card |
KR20020077838A (ko) * | 2002-08-09 | 2002-10-14 | 박승배 | 타인의 관찰에 의한 패스워드의 노출 문제를 해결한 패스워드 시스템 |
AT413775B (de) * | 2004-03-31 | 2006-05-15 | Helmut Dipl Ing Schluderbacher | Verfahren zur sicheren anmeldung an ein technisches system |
AT413894B (de) * | 2004-04-15 | 2006-07-15 | Helmut Dipl Ing Schluderbacher | Nicht personenabhängiger zugangscode |
WO2006003675A2 (en) * | 2004-07-12 | 2006-01-12 | Syed Ibrahim Abdul Hameed Khan | System, method of generation and use of bilaterally generated variable instant passwords |
EP1868125A1 (de) * | 2006-06-16 | 2007-12-19 | Savernova S.A. | Verfahren zur Identifizierung eines Computersystembenutzers |
US7992005B2 (en) * | 2006-12-06 | 2011-08-02 | International Business Machines Corporation | Providing pattern based user password access |
US7266693B1 (en) | 2007-02-13 | 2007-09-04 | U.S. Bancorp Licensing, Inc. | Validated mutual authentication |
US8286000B2 (en) | 2007-12-07 | 2012-10-09 | Novell, Inc. | Techniques for dynamic generation and management of password dictionaries |
US7562227B1 (en) | 2008-03-24 | 2009-07-14 | International Business Machines Corporation | Method of authenticating a user on multiple devices using a procedural memory based password |
MY163811A (en) * | 2010-08-31 | 2017-10-31 | Hideharu Ogawa | Communication Apparatus, Reminder Apparatus, and Information Recording Medium |
GB201106943D0 (en) * | 2011-04-27 | 2011-06-01 | Burkill Vance | Improvements in or relating to password generation, recall and protection |
US10120989B2 (en) * | 2013-06-04 | 2018-11-06 | NOWWW.US Pty. Ltd. | Login process for mobile phones, tablets and other types of touch screen devices or computers |
CN103500299B (zh) * | 2013-10-12 | 2016-03-23 | 陈璞 | 一种随机电子密码***及方法 |
US10558790B2 (en) | 2017-05-31 | 2020-02-11 | International Business Machines Corporation | Multi-level matrix passwords |
US11853102B2 (en) | 2018-12-25 | 2023-12-26 | Passlogy Co., Ltd. | Remote control system, remote control method, and non-transitory information recording medium |
US11062001B2 (en) * | 2019-04-02 | 2021-07-13 | International Business Machines Corporation | Matrix transformation-based authentication |
Family Cites Families (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4962530A (en) * | 1987-09-10 | 1990-10-09 | Computer Security Corporation | System for cryptographing and identification |
FR2654238B1 (fr) | 1989-11-07 | 1992-01-17 | Lefevre Jean Pierre | Procede d'authentification de l'identite d'une personne physique et dispositif authentificateur de mise en óoeuvre du procede. |
JP2689287B2 (ja) * | 1991-01-23 | 1997-12-10 | 松下電器産業株式会社 | オンライン端末機 |
US5177789A (en) * | 1991-10-09 | 1993-01-05 | Digital Equipment Corporation | Pocket-sized computer access security device |
US5428349A (en) * | 1992-10-01 | 1995-06-27 | Baker; Daniel G. | Nondisclosing password entry system |
US5583933A (en) * | 1994-08-05 | 1996-12-10 | Mark; Andrew R. | Method and apparatus for the secure communication of data |
NL1000548C2 (nl) | 1995-06-13 | 1996-12-13 | Frits Hans Michael Traugott | Systeem voor het genereren van een wachtwoord. |
US20020178370A1 (en) * | 1999-12-30 | 2002-11-28 | Gurevich Michael N. | Method and apparatus for secure authentication and sensitive data management |
-
2001
- 2001-01-16 CA CA002399302A patent/CA2399302A1/en not_active Abandoned
- 2001-01-16 WO PCT/CH2001/000031 patent/WO2001054073A1/fr active Application Filing
- 2001-01-16 AU AU2001223393A patent/AU2001223393A1/en not_active Abandoned
- 2001-01-16 US US10/181,330 patent/US7363503B2/en not_active Expired - Fee Related
- 2001-01-16 EP EP01900078A patent/EP1249008A1/de not_active Ceased
-
2006
- 2006-05-30 US US11/442,879 patent/US20060218524A1/en not_active Abandoned
Non-Patent Citations (1)
Title |
---|
See references of WO0154073A1 * |
Also Published As
Publication number | Publication date |
---|---|
CA2399302A1 (en) | 2001-07-26 |
AU2001223393A1 (en) | 2001-07-31 |
US20060218524A1 (en) | 2006-09-28 |
US20030005338A1 (en) | 2003-01-02 |
WO2001054073A1 (fr) | 2001-07-26 |
US7363503B2 (en) | 2008-04-22 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
EP1249008A1 (de) | Verfahren zum erzeugen einer für eine passwortidentifizierung anwendbaren datenstruktur | |
US8359659B2 (en) | Method and apparatus for protecting private information on a user apparatus | |
US20130254293A1 (en) | System and methods for an on-line event lander | |
US9038000B2 (en) | Method of and system for browsing and displaying items from a collection | |
US7631273B2 (en) | Interactive inventor's menus within a software computer and video display system | |
US20030050976A1 (en) | Structure for accessing and populating community websites | |
US20110131633A1 (en) | Systems and methods for permissioning remote file access via permissioned links | |
JP6023815B2 (ja) | 共有レベルの特定 | |
US20090216724A1 (en) | Network resources structuring system | |
US20080086475A1 (en) | Internet memory website | |
US6621405B1 (en) | Customizable combination locking system using textual combinations | |
Wagner | Building Facebook applications for dummies | |
WO2002054199A1 (fr) | Procede d'acces a un systeme securise | |
FR2638002A1 (fr) | Procede de personnalisation pour cartes a microcalculateur et systeme pour sa mise en oeuvre | |
AU2022221543A1 (en) | Computer System Configured for Issuing a Personalised Vehicle Number Plate | |
US20160217416A1 (en) | Anthology and archiving platform and display system for collectibles, methods and uses thereof | |
GB2367451A (en) | Communication of location information | |
JP2016528607A (ja) | 印刷物から情報を提供するための方法及びシステム | |
JP2002007349A (ja) | 機密情報の記録再生方法および本人認証のための暗号鍵等を記録した記録媒体 | |
McManus | Social Networking for the Older and Wiser: Connect with Family and Friends, Old and New | |
WO2001098912A1 (fr) | Procede d'enregistrement et de reproduction pour des informations classees telles que des informations de validation d'identite et support d'enregistrement pour lesdites informations classees | |
Knopf | “Hope Ambassadors” bring stories of recovery to Summit | |
Nierenberg et al. | The Times, They Are a-Changing at Psychiatric Annals | |
US20180018631A1 (en) | Reverse Digital Information Disbursement Method | |
JP2021521531A (ja) | 単一デバイスマルチファクタ認証システム |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PUAI | Public reference made under article 153(3) epc to a published international application that has entered the european phase |
Free format text: ORIGINAL CODE: 0009012 |
|
17P | Request for examination filed |
Effective date: 20020712 |
|
AK | Designated contracting states |
Kind code of ref document: A1 Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LI LU MC NL PT SE TR |
|
AX | Request for extension of the european patent |
Free format text: AL;LT;LV;MK;RO;SI |
|
RAP1 | Party data changed (applicant data changed or rights of an application transferred) |
Owner name: SOLIOZ, ROGER |
|
RIN1 | Information on inventor provided before grant (corrected) |
Inventor name: SOLIOZ, ROGER |
|
RAP1 | Party data changed (applicant data changed or rights of an application transferred) |
Owner name: SAVERNOVA AG Owner name: SOLIOZ, ROGER |
|
RIN1 | Information on inventor provided before grant (corrected) |
Inventor name: SAVERNOVA AG Inventor name: SOLIOZ, ROGER |
|
17Q | First examination report despatched |
Effective date: 20070430 |
|
REG | Reference to a national code |
Ref country code: DE Ref legal event code: R003 |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: THE APPLICATION HAS BEEN REFUSED |
|
18R | Application refused |
Effective date: 20110324 |