The present invention relates to a method and apparatus for securing the transmission of data between a remote terminal and a main computer system. More particularly, the present invention concerns a security unit for controlling access to a computer facility such as a data base system, electronic fund transfer system, management information system and the like.
A major problem that has recently become an important public issue is the illegitimate access to computer operations and files. Simple password protection has proven inadequate because of the relative ease with which passwords can be improperly obtained and because of the speed that such passwords may be disseminated, after a breach in security, to other potential abusers of the system. A useful, but limited, technical solution to this problem is the callback method, wherein the potential user calls up the main computer system from a prearranged location, self-identifies, and then breaks the connection. If the user-supplied information is acceptable, the main computer then calls the user back to make the connection. If an improper user (hereinafter called an "attacker") attempts to use the system from a different location, the proper user will be notified of the fact by the call back at his/her location and will be able to change the password(s). Unfortunately, this system is not appropriate for individuals who cannot call from a unique or predetermined set of numbers. Other means must be provided to allow secure access for authorized users who must access the system from various public or non-unique locations.
The first question that must be answered when considering the question of secure computer access is: Against what threat must the system be secure? To be conservative, one must assume that potential attackers of the system are (1) technically competent, (2) have access to considerable computational resources and (3) are capable of wiretapping a user's telephone line. To prevent or restrict the damage that such attackers can do to a computer system places heavy demands upon the method and apparatus for securing access to the system.
Countless schemes have been devised in the past to secure the transmission of data between a remote terminal and a main computer system. The following patents disclose various systems which provide access with a greater or lessor degree of security:
U.S. Pat. No. 3,781,473 PA2 U.S. Pat. No. 4,215,421 PA2 U.S. Pat. No. 4,268,715 PA2 U.S. Pat. No. 4,281,215 PA2 U.S. Pat. No. 4,283,599 PA2 U.S. Pat. No. 4,288,659 PA2 U.S. Pat. No. 4,315,101 PA2 U.S. Pat. No. 4,316,055 PA2 U.S. Pat. No. 4,317,957 PA2 U.S. Pat. No. 4,322,576 PA2 U.S. Pat. No. 4,349,695 PA2 U.S. Pat. No. 4,386,266 PA2 U.S. Pat. No. 4,408,202 PA2 European Patent Application No. 68,805 PA2 PCT Application No. WO83/02343 PA2 (i) in the clear, a first message including a security unit identification number; PA2 (ii) encrypted, a second message including a personal identification string entered into the remote terminal by the terminal user, a first internal password, generated automatically by the security unit, and the telephone number of the calling telephone; PA2 (i) encrypted, a third message acknowledging the callback and possibly including a second internal password; and PA2 (ii) encrypted, a fourth message including the data to be transmitted from the remote terminal to the main computer system.
From these patents it is known to provide a remote terminal or modem with a fixed identification number for self-identification. It is also known to provide personal passwords, such as a personal identification number (PIN) coupled with the name of the user. It is also known to encrypt the transmitted data using a master key which is constant for a relatively long period (e.g., one month). Furthermore, it is known to supply a new password to each remote terminal after each transaction.
The U.S. Pat. No. 4,386,266 discloses a computer security system in which the PIN of a terminal user is encrypted using a first encryption key to give a first resultant. This first resultant is concatenated with a terminal-generated random number, and then this concatenated number is encrypted, using a second encryption key, to generate a double encrypted, personal identification number. The double encrypted PIN is sent to a main computer along with account identification data. The double encrypted number is decrypted using the second encryption key to yield the first resultant and this first resultant is compared with the validation number and the account identification data stored in the data base of the main computer.
Most of the systems disclosed in the above-noted patents are relatively complex and therefore expensive. Furthermore, these systems are subject to compromise by a sophisticated attacker who has tapped the transmission line and broken the encryption algorithm. Under this condition, the attacker can simply read the next transaction number/variable password and use this information to compromise the system. Since the master key for encryption is constant for a long period of time--e.g., one month--the attacker will have sufficient time to compromise the system.