Appendix, which is a part of the present disclosure, is a microfiche appendix consisting of 3 sheets of microfiche having a total of 176 frames. The microfiche Appendix is a source code listing of one embodiment of the present invention, which is described more completely in the sequel.
A Portion of the disclosure of this patent document contains material that is subject to copyright protection. The copyright owner has no objection to the facsimile reproduction by anyone of the patent document or the patent disclosure, as it appears in the Patent and Trademark Office patent file or records, but otherwise reserves all copyrights whatsoever.
1. Field of Invention
The invention relates to wireless data communications, and more particularly relates to secure lightweight transactions between mobile devices and landline servers over wireless data networks; wherein the mobile devices have very limited computing power, memory and graphical display capability.
2. Description of the Related Art
A fast-growing trend on the Internet is electronic commerce. The electronic commerce is an integrative concept designed to draw together a wide range of business support services, trading support systems for commodities, products, customized products and custom-built goods and services; ordering and logistic support systems; settlement support systems; and management information and statistical reporting systems, all via the Internet. It is well known, however, that the Internet is a wide open, public and international network of interconnected computers and electronic devices around the world. Anyone who has access to a computer in the network can intercept signals carrying proprietary information traveling along the network. To transact business over the open network, companies or individuals must have an efficient, reliable and secured manner to conduct private communications therebetween. Security thus becomes a primary concern over the open Internet and there have been many efforts in progress aimed at protecting the proprietary information travelling in the Internet. One of the efforts is to use cryptographic techniques to secure a private communication between two parties. The cryptographic techniques provide a way to transmit information across untrusted communication channel without disclosing the contents of the information to anyone accessing the communication channel.
U.S. Pat. No. 5,671,279 to Taher Elgamal discloses a courier electronic payment system for conducting the electronic commerce using a secure courier system. The system governs the relationship between a customer, merchant, and acquirer gateway to perform credit card purchases over the open network by using a secure connection to simplify the problem of Internet-based financial transactions. Visa International Service Association, in collaboration with Microsoft Corporation, provides a secured transaction technology using digital signature to authenticate a credit card and merchant decal, referring to http://www.visa.com for detail. The technologies developed by RSA Data Security, Inc. are the global de facto standard for public key encryption and digital signature and may be part of existing and proposed standards for the Internet as well as business and financial networks around the world. More information about the Internet security can be found at http://www.rsa.com.
The above and other ongoing efforts are all primarily targeted at the Internet that is a plurality of landline or wired networks. To use the Internet, one has to have a physical access to a computer wired into the network. To provide the mobility of the network, wireless data networks were introduced, as such the landline networks become an integral part of the wireless data networks. With the wireless data networks, people, as they travel or move about, are able to perform, through wireless computing devices or handheld communication devices, exactly the same tasks as they could do with computers in the landline networks. Similar to the Internet, however, the nature of the wireless communications provides an opportunity for intrusion since the mobile data is sent through the air. Anyone who has an appropriate receiver with a designed antenna can intercept signals being communicated between a wireless computing device and a landline base-station or network. Privacy, authentication, authorization, and integrity are thus deemed the important elements in a wireless data network. Therefore additional efforts have been started to ensure that the proprietary information is sent via wireless networks that must be restricted only to those with a need to know.
Many networks employ encryption and other security measures to protect mobile data from access by an unauthorized third party. Certain technologies and access methods contribute to network security. Spread spectrum technology, for example, is inherently secure, but it only provides a link level security. There is no guarantee that a mobile device has a secure communication to a landline device through a complete wireless network that generally comprises an airnet, the Internet and a gateway therebetween. U.S. Pat. No. 5,604,806 to Hassan, et al, discloses an apparatus and method for secure radio communication by using key sequences derived from the short-term reciprocity and radio spatial decorrelation of phase of the radio channel. U.S. Pat. No. 5,371,794 to Whitfield, et al, shows another method and apparatus for providing a secure communication between a mobile wireless data processing device and a base data processing device. The mobile device sends the base device a digitally signed mutually trusted certificate according to a public encryption key and the base device sends a modified version to the mobile device upon successfully recovering the certificate. If the mobile device recovers the modified version, both devices enter a secure data communication. The disclosed system by Whitfield may work well with mobile devices that have competitive computing resources to satisfy the public-key-based encryption speed. Nevertheless the connection time in an airnet is expensively measured and many mobile devices such as mobile phones have a small fraction of the computing resources provided in a typical desktop or portable computer. The computing power in a typical cellular phone is less than one percent of what is in a regular desktop computer, the memory capacity thereof is generally less than 250 kilobytes and the LCD display is perhaps four lines high by twelve or twenty characters, the graphics capabilities thereof are very limited or nearly nonexistent. There has been thus a great need for a generic solution that provides a secure communication with competitive performance between mobile devices of limited computing resources and landline devices through an open network.
Further many current networks operate based on Hypertext Transfer Protocol (HTTP) that is built on the Transmission Control Protocol/Internet Protocol (TCP/IP). But the TCP protocol requires considerable computing power and network bandwidth resources. A single connection, for example, may require an exchange of more than ten packets between a sender and a receiver in the Internet. Therefore there has been further a need for a generic method and system that provide a secure communication between mobile devices and landline devices using fewer number of packets so as to increase transmission efficiency in mobile devices of limited computing resources.
The present invention has been made in consideration of the above described problems. According to a preferred embodiment, the present invention is a method and system for establishing an authenticated and secure communication session for transactions between a server and a client in a wireless data network that generally comprises an airnet, a landline network and a link server therebetween. The client is remotely located with respect to the server and communicates to the server through the wireless data network. The method comprises the steps of:
(a) the client sending a session-request signal to the server for creating the session therebetween, the session-request signal comprising at least one client message encrypted according to a shared secret encrypt key;
(b) the server conducting a first client authentication by decrypting the encrypted client message according to the shared secret encrypt key upon receiving the session-request signal;
(c) the server generating a session key for the session in creation, a first derivative from the decrypted client message and generating a server message;
(d) the server sending a session-reply signal comprising the session key, the first derivative and the server message; the session key, the first derivative and the server message being encrypted according to the shared secret encrypt key;
(e) the client conducting a first server authentication by decrypting the first derivative and the server message being encrypted according to the shared secret encrypt key;
(f) the client conducting a second server authentication by validating the first derivative with the client message;
(g) the client generating a second derivative from the server message if the step (f) of the second server authentication succeeds;
(h) the server conducting a second client authentication by decrypting the second derivative and verifying the second derivative with the server message upon receiving; thereby the authenticated and secure communication session is established between the client and the server after the first and the second client authentication as well as the first and the second server authentication are all successful.
Upon the establishment of the secure communication between the client and the server, either the client or the server may initiate a transaction therebetween. To ensure the transaction between a valid session, the transaction is encrypted by a mutually accepted cipher according to the session key and identified by a session ID embedded therein. The mutually accepted cipher is obtained by the server through a cipher negotiation with the client and the transaction ID in the transaction is always examined in the server before the server responds to the client with a service reply. Upon receiving the service reply from the server, the client can proceed the transaction with the server.
The system for establishing an authenticated and secure communication; the system comprises:
a landline network running on a first communication protocol that is usually HTTP;
at least one server coupled into the landline network and communicating with the landline network;
an airnet running on a second communication protocol that is usually HDTP;
a client remotely located with respect to the server and communicating with the airnet by radio transmission means;
a link server, coupling the airnet to the landline network, for linking the first communication protocol to the second communication protocol, whereby the client can communicate with the server;
means for generating a session-request signal comprising at least one first message encrypted according to a shared secret encrypt key; the first message usually being a first nonce represented by a first 2-byte numeral, the session-request signal being transmitted to the aimet;
means for sending a session-reply signal comprising at lease one second message encrypted according to the shared secret encrypt key; the second message usually being a second nonce represented by a second 2-byte numeral, the session-reply signal sending means comprising:
means for conducting a first client authentication when the session-request signal is received, the first client authentication comprising means for recovering the encrypted first message from the received session-request signal; and
means for generating a first derivative from the recovered first message; means for conducting server authentication upon receiving the session-reply signal, the conducting server authentication means comprising:
means for recovering the encrypted second message when the session-reply signal is received; and
means for verifying the received first derivative with the first message; and means for generating a second derivative from the second message; means for generating a session-authentication-complete signal comprising the second derivative;
means for conducting a second client authentication, the second client authentication means comprising means for verifying the received second derivative with the second message when the session-authentication-complete signal is received; and
whereby the authenticated and secure communication between the client and the server is established when the first and second client authentication and the server authentication are complete.
Accordingly, an important object of the present invention is to provide a generic solution for secure lightweight transaction in wireless data networks. Other objects, together with the forgoing are attained in the exercise of the invention in the following description and resulting in the embodiment illustrated in the accompanying drawings.