Computer and telecommunications systems are almost pervasive in the industrialized world today. Many of these systems provide access to personal and/or commercial data, services and resources that must be kept secure, limiting access to those individuals and devices with proper authorization. This is a major challenge. Unauthorized access is known to occur on a regular basis to some of the most heavily guarded computer systems and local networks on the planet, including for example, servers in the Pentagon.
Almost all existing authorization processes employ a model wherein Users communicate their access information in the form of single electronic messages to single servers. An exemplary block diagram of such a system is shown in FIG. 1.
In the course of the login process, a prospective User 12 will send a single electronic message containing, for example, a User ID (identification) and password. This single electronic message is received by the single server 14 over the network 16 (which may be a local Ethernet, wide area network, telecommunications network, Internet; wireless, hard wired or fiber optic network; or any combination of these or similar networks) and it determines whether the submitted data correlates with a stored, authorized User ID and hashed password 18. If the User ID and password are valid then access to the secure resources 20 is allowed, while if the information is invalid, access is denied.
This existing authorization process is highly and increasingly vulnerable to hacking (i.e. unauthorized entry) into servers that often carry private, valuable and confidential information. The above process is highly vulnerable because a hacker 22 (i.e. an individual or computer attempting to obtain unauthorized entry) is often able to intercept the single electronic message containing the User's ID and password, and thereby obtain all necessary information to gain access. Hackers are also able to trick single servers into believing they are an authorized User by exploiting known weaknesses or gaining back door entry.
Either way, the use of a single electronic message to a single server has been found to be an insecure method of authentication and security.
A similar paradigm is used for encryption, where a single key or phrase is used to protect a document or dataset. Again, this is an ineffective method of protection. Keys and phrases that are too short are easily discovered simply by guesswork. Keys that are long are generally stored electronically, and thus are vulnerable to being found or intercepted. Accordingly, the use of a single key or phrase stored in a single location has also been found to be an ineffective model for encryption.
There is therefore a need for a method of and system for electronic encryption, authentication and security over networked systems, which addresses the problems outlined above.