As computer-based access to information systems has become more pervasive and popular, different types of authentication systems have been developed. Currently, Internet-accessible systems for numerous types of consumer transactions abound—and permit a very broad range of activities to be conveniently carried out by a user/client from a very broad range of physical locations. It is possible to file income tax returns, purchase goods and services, and to carry out banking and account servicing activities (e.g., pay bills) via broad-based and highly accessible computer networks.
As a result, sensitive information such as financial data, account numbers, identification indicia and the like need to be transmissible while preserving confidentiality via such networked media. Accordingly, there is a need to verify user identity and to preserve secrecy with respect to information and with respect to granting access to information while still permitting appropriate access to such resources and facilities.
Maintaining appropriate privacy yet still facilitating real-time access or communication involves a tradeoff between the degree of privacy protection obtained (the security of the communications process) and the degree to which communication is encumbered by the privacy protection process. For example, public key encryption can be highly secure but is so computationally intensive and thus in some sense cumbersome that it does not lend itself to direct encoding of large bodies of data for real-time interactive data exchange such as encrypted speech in conversation. The extent to which an encryption or security system presents computational obstacles to rapid exchange of data depends on both the algorithm employed and the amount of data involved in the exchange and encryption/decryption processes.
Accordingly, the kinds of privacy or encryption systems typically employed in Internet-accessible information systems are not generally among the most robust possible from an information security perspective. The amount of information a user must supply in order to gain access to a particular system is limited to an extent that provides some security but that also does not present computational obstacles to communication or require the user to have the sophistication and equipment to be able to interact via extremely high security approaches.
However, as the level of sophistication of such systems increases, the degree to which some parties find challenge in subverting such systems (e.g., “hackers”) also increases. The motivations of such parties range from larceny to nihilism; the ingenuity and perseverance of such efforts has reached remarkable levels and has led to need for newly-defined criminal sanctions as well as need for improved security protocols for publicly-accessible computer systems.
Symmetric key authentication systems rely on the client and the server or system being accessed both having a predetermined Name-Key pair (or other credential) that is employed by the server to authenticate the client's request for access. A first step in most such systems is for the client to present the name in plaintext along with some “proof of key knowledge” for the key corresponding to that name. The server then uses the plaintext name to look up a corresponding key on a database, which is typically accessible via another computer. The key then may be used to verify the “proof of knowledge” proffered by the client. For example, the client key may be used to encrypt a current time, and the result transmitted to the authentication server, which decrypts the result and compares the decrypted information to current time. Examples of such systems include Kerberos (IETF RFC 1510) and Digest, as well as others.
A problem with this scheme is that the system can be attacked by sending numerous sham names to the system, possibly even by spreading a virus that causes recipient computers to transmit such sham requests. The process of looking up keys typically involves delay in order to search the database and this results in a “bottleneck” which cripples the overall authentication system when numerous sham names are used to cause the system to attempt to look up non-existent keys. As a result, even limited resources may be able to bottleneck the system such that it may be unable to respond to legitimate clients presenting legitimate credentials in order to try to gain access to the system. Such is known as a “denial of service” attack.
Accordingly, there are needs for improved techniques, systems and apparatuses for providing both more robust security (e.g., involving a larger amount of authentication data) together with rapidly and efficiently avoiding becoming too encumbered by bogus or sham requests without denying legitimate clients timely access to available facilities.