1. Field of the Invention
The present invention relates to computer security and more particularly to an undetectable system and method for preventing unauthorized access to a computer resource, even when the right password is supplied by chance.
2. Background of the Invention
Passwords have been used for more than 40 years to restrict access to certain computer operations by a set of given authorized users. However, with the generalization of the World Wide Web and the Internet connections, it becomes frequent for a home site to be probed by hackers 3 or 4 times a day. A well-known site may be probed more than 1000 times a day. While there are 456,976 possible 6-letter passwords if only alphabetic characters in the same case are used, trying 1000 passwords a day on each of 1000 accounts would give statistically in such a case a reasonable chance to crack one password on one account every day.
In order to prevent a hacker from trying all possible passwords at computer speed, two measures are generally used, either separately or in conjunction:
1. Locking the user""s account when more than N incorrect passwords have been supplied. Only a system administrator will then be able to unlock the account once it is locked.
2. Increasing the system response delay for a user every time an incorrect password is given for that user. It is worth noting that if the delay is initially set to 1 second and doubled for every invalid attempt, the delay will be of 4,096 seconds, more than one hour, after the 12th invalid password has been supplied, which is an unbearable time for the average hacker.
But both these solutions have drawbacks, because they stay in effect after the attack is over. This allows the hacker a very easy way to induce a denial of service by saturating the system""s wrong password tolerance threshold while not saturating the machine. As for example, a disgruntled employee or ex-employee could efficiently and repeatedly paralyze a whole service in a matter of minutes if he knows the list of user IDs of his ex-colleagues.
U.S. Pat. No. 5,559,505 issued to McNair E. Bruce on Sep. 24, 1996 and entitled xe2x80x9cSecurity system providing lockout for invalid access attemptsxe2x80x9d discloses a system for controlling access to a resource to operate such that when an attempt to access a resource using a password fails, the time interval that must elapse before a subsequent attempt at access can be successful is incremented. And by making the increments increasingly large, repeated access attempts by hackers or unauthorized users is discouraged. This solution offers an enhancement to previous point 2 by also decreasing in relatively small decrements the wait time for each successful password. Such approach aims to be xe2x80x9ca better compromise between access control and denialxe2x80x9d as mentioned in the description.
However, none of the prior art techniques teach, claim or even suggest a method where no information whatsoever would be provided by the system to the hacker. Such a xe2x80x9csilentxe2x80x9d method, in complete opposition with previous approaches, should not provide any information useful for a hacker to detect the right password, even by a careful analysis of response times. Ideally, even a careful analysis by the hacker of unsuccessfully used passwords should be useless; indeed, the method will be the most perfect if even the right password has the most chance to be crossed out by the hacker as being invalid, and thus not to be tried by him/her anymore.
Accordingly, what is needed is a new and utterly different method which eliminates the aforementioned problems and implements a stealth solution.
One object of the present invention is to provide a method allowing a resource to be practically invulnerable to fast online brute-force attacks. The resource may be any file server, data base, computing resource, Web server or any other resource using a password protection scheme, either alone or in conjunction with other protection methods.
Another object of the invention is to deprive a hacker of any information required in order to make an efficient so-called xe2x80x9cslow attackxe2x80x9d. A xe2x80x9cslow attackxe2x80x9d tries only the maximum number of allowed passwords minus one, but does it every day for every known user ID, many weeks in sequence.
Still another object of the present invention to offer a stealth protection method which prevents an unauthorized user from discovering that the right password has been tried, or even that a protection system other than the password is present.
It is yet another object of the invention to provide a method wherein neither the hacker nor the user will be slowed down. Moreover, security is even based on the fact that the attacker will make his attempts at the fastest speed he can, whether or not consistent with the idea that the real user is trying to log on, for instance through the use of a program trying different passwords at computer speed. In fact, the faster his attempts, the better the security and the greater the probability that he will be denied access, even when, by pure chance, he is using the right password, and will never know that he is using the right password.
In a preferred embodiment, a method for controlling access to a computer resource consists in performing a user authentication procedure upon receiving a request from a user to access the computer resource. As part of the user authentication procedure, a password verification procedure is performed which comprises the steps of requesting a password from the user and comparing the entered password to an expected valid one. The next steps are to check the number of rejected access attempts for that user during a predefined time interval N if the given password matches the expected one and to grant access to the user only if the computed number is lower than a predetermined number K of authorized requests. Otherwise, if either the password does not match the expected one or the number of unsuccessful attempts to log is higher than the predetermined number, access is denied to the user and a new time stamp of the ungranted access is stored.
The novel features believed to be characteristic of this invention are set forth in the appended claims. The invention itself, however, as well as these and other related objects and advantages thereof, will be best understood by reference to the following detailed description to be read in conjunction with the accompanying drawings.