1. Field of Invention
The present invention relates generally to security measures used to restrict access to resources. More particularly, the present invention relates to an authentication protocol that is based on utilizing challenge-response rules to achieve a relatively high level of security.
2. Description of the Related Art
Authenticating a user prior to allowing the user to access the resources of a system allows the resources to be relatively secure, as unauthorized access to the resources may be greatly reduced. Many authentication processes are based on passwords, which are generally static. As passwords are generally static, passwords may be abducted or otherwise obtained. For example, passwords may be sniffed, determined by listening to keystrokes used to enter passwords, or viewed by an individual watching a password owner enter a password. Further, any interaction between a user and an untrusted display or input device may lead to passwords being sniffed or otherwise intercepted, e.g., stolen.
To prevent passwords from being abducted, protocols such as zero knowledge proofs (ZKPs) may be used for authentication. However, such protocols often require complex mathematics, and may be impractical, e.g., when a user does not have access to a trusted augmenting processor that enables calculations of public key exponentiations or discrete logs.
Therefore, what is needed is a method and an apparatus that allows users to be authenticated without requiring passwords or access to a secure computer. That is, what is desired is a system that allows a user to be authenticated in a secure, relatively uncomplicated manner