1. Field of the Invention
This invention relates, in general, to computer communication systems and, more specifically, to user authorization and security in connections between remote computer users and a host computer.
2. Description Of The Prior Art
Security between communicating computer systems is important when the systems are being used in certain specific applications. Banking, brokerage, and accessing confidential information are a few of the types of applications in which fraudulent interception of the transferred data can be especially devastating to one or both of the communicating computer systems. Interception can be accomplished by tapping the communicating lines or channels and observing the transferred data between the computers. This can provide enough information to enable the interceptor to later pose as a valid user and obtain data or funds fraudulently under the name of the intercepted user. Another form of fraudulent activity involves the changing of data sent by one computer system to the other in order to alter the actual request or instructions made by the system, such as the destination and amount of a monetary withdrawal from a bank account.
Many different types of security measures are known which can lower the possibility that a particular transaction or session can be intercepted or tapped. Ciphering the data transferred between the users offers a predictable degree of indirection or difficulty to the possible interceptor, thus discouraging the fraudulent act by making a successful interception much more difficult. Another method is to use a confidential user code or personal identification number (PIN) known only by the remote user and the host computer. However, in the event the interception can determine the PIN of the user, that information is no longer secure and a fraudulent transaction under the intercepted PIN is a reality.
Validation of the user and ciphering of the transferred communications data are two methods of security which have been used in thwarting unauthorized access to and control of remote computer systems. Typically, the remote user system goes through a predefined process which establishes the user as legitimate. This usually involves the use of the PIN and possibly a user identification (ID). In such systems, it is possible that the PIN can be intercepted unless other measures, such as ciphering, are used to make the PIN less detectable in the intercepted data stream. Ciphering of the data also provides a security enhancement, but some methods of ciphering are more secure than others. A conventional and very satisfactory method of ciphering uses readily available ciphering algorithms or functions which require a ciphering key to operate on the data. Without knowledge of the key, it is virtually impossible to decipher the ciphered data. Therefore, one of the important facets of such ciphering systems is to maintain the secrecy of the ciphering key value.
Various systems have been proposed and used according to the prior art to enhance the security of communicating computer systems. Whether by authenticating the validity of the remote user or by obtaining a secret key for ciphering operations, or by a combination of both, the systems sometimes offer their advantages only in specific applications. Certain applications use physically secure remote computer systems, such as automatic teller machines (ATM's). With such devices, the security of this secret ciphering key can be maintained since access to the internal hardware and software is not possible to most people. Systems which self-destruct and erase or obliterate the key value when the system is opened are also used to protect the key value against unauthorized interception or discovery. Of particular interest in the present invention is the protection of transaction privacy and security when the remote user computer is not physically secure and the channel or communications path with the host computer is also relatively insecure. For example, this type of system occurs when a remote user uses a personal computer for home banking transactions over conventional telephone lines. The security and user validity issues considered sufficient for other types of systems are not necessarily appropriate solutions in these cases where the remote equipment can easily be accessed internally and the communications path is readily susceptible to tapping or monitoring.
Several prior art references have addressed the security issue for particular applications U.S. Pat. No. 4,799,061, issued on Jan. 17, 1989 to the same assignee as the present invention, discloses a system for authenticating components in a communications system using cryptographic techniques to determine if each has the proper key without disclosing information which would be useful to an imposter in deriving the key. The ciphering key is stored at both computer locations. While this is acceptable in applications where the remote computer is physically secure, using this type of security system with a communicating personal computer does not offer the degree of security required by a security conscious host computer operator, such as a bank. The system in the referenced patent provides for authentication of the equipment, not the user. It is desirable, and an object of the present invention, to be able to validate the authority of a user and establish a ciphering key without regard to a particular computer being used to make the transaction. This allows the user, for example, to do personal banking at home and at work on different computers without changing the procedure or authorizing numbers.
U.S. Pat. No. 4,649,233, issued on Mar. 10, 1987 to the same assignee as the present invention, discloses a system for establishing user authentication Which uses keys stored at each location and which generates a random number at each location. The system is useful when used between nodes of communications facilities wherein the equipment, and the internally stored keys, are reasonably secure and not easily tampered with or accessed by a computer hacker or fraudulent interceptor. Although this system offers significant security in specific applications, it would not provide the security and objectives desired with a remote user personal computer system.
A publication in the IBM Technical Disclosure Bulletin, Volume 24, Number 12, May, 1982, entitled "Personal Verification and Message Authentication Using Personal Keys" discloses a system whereby the user s PIN and a ciphering key value are stored on a magnetic stripe card. This helps to prevent an unauthorized user from using the system without actual possession of the card. While this system is also useful in some applications, it requires the use of a card reader and is costly for use with an ordinary personal computer.
Further background on computer data security is presented in the book "Cryptography" by Meyer and Matyas, John Wiley and Sons, Inc., 1982.
The objective of the present invention is to provide secure communications for remote users without the disadvantages associated with some of the prior art systems. A desirable feature is to transfer the user s PIN only in ciphered or encrypted form rather than in the clear. This makes it much more difficult for an unauthorized user to intercept the PIN. Another desirable feature is to not store any ciphering keys at the personal computer, both for security reasons and for versatility in allowing the user to communicate from any personal computer. Regardless of how sophisticated the encryption scheme, a stored key value is susceptible to discovery by one who has enough patience and expertise in breaking or detecting secure parameters. Still another objective is to provide a security system wherein the ciphering functions in the personal computer do not come under any difficult export restrictions. Data Encryption Standard (DES) based ciphering functions presently present restrictions as to exporting of programs which contain such functions or algorithms. Therefore, in order to make the personal computer software used in the secured communications as free from export limitations as possible, it is desirable to accomplish ciphering functions at the personal computer without using any DES algorithms which are under strict export control.
Therefore, it is desirable, and it is an object of this invention, to provide a secure communications system which is versatile, hardware unrelated, void of significant export problems, and extremely secure from the interception of data which can be fraudulently used for bogus transactions and/or for obtaining unauthorized data.