1. Field of the Invention
The present invention relates generally to communications systems for transmission of data. More particularly, the present invention relates to data security.
2. Background Art
The Internet, particularly the World Wide Web (Web), has become a ubiquitous fixture in modern society. Originally, the Web consisted primarily of text documents with little to no graphics or interaction. However, as developers began introducing multimedia, interaction, and security features into the Web, it transformed into an attractive platform for both the general population as well as commercial interests. Today, many websites offer some value added service in exchange for registration, such as customization or additional features. Some examples might include tracking preferences and recommendations for an e-commerce website, the ability to communicate with other registered users on a social networking site or forum, and access to content unavailable to the general public. These services are enabled by authentication, so that the web server can differentiate and associate particular users in a consistent manner. For the user, this typically manifests in the familiar username and password login page that is often prominently displayed at the top level of many websites.
However, the tradeoff is the inconvenience of having to constantly retype the username and password to take advantage of services offered only to authenticated users. A user might simply forego these services when considering the hassle of logging into many different websites, each with their own username and password.
The users are also accustomed to seeing the “Remember Me” checkbox to help alleviate this problem. Typically, a Hypertext Transfer Protocol (HTTP) cookie provided by the web server after an initial authentication enables this functionality. This HTTP cookie contains a small amount of data and is hosted on the user computer for future retrieval by the web server. In an authentication context, the cookie acts as a substitute for the user manually typing in his or her credentials. The cookie also allows the creation of a session, so that a user does not have to keep typing in credentials for every successive page within a certain expiration period. The web server simply receives the cookie instead to authenticate the user.
Although the use of cookies makes the task of authentication simpler for the user, there are security disadvantages to this method. Since the HTTP cookie acts as a substitute for authentication, it can be used for identity theft by a malicious third party. For example, if a third party is able to access the computer with the cookie, the third party can login without giving username and password credentials. If the cookie itself is transferred in an insecure communications channel, such as an insecure wireless network, a third party might eavesdrop on the data and duplicate the cookie in an attempt to impersonate the user on the website. If the cookie further contains unencrypted data, a malicious user might attempt to create his own cookie to impersonate another user or an administrator with elevated privileges. For this reason, cookies are often transferred in an encrypted form to prevent the generation of fake cookies. For the reasons stated above, the cookie authentication method is not suitable for high security applications such as online banking. Alternatively, cookie authentication might be paired with a more secure authentication step for sensitive actions such as account management and placing an order on an e-commerce site.
One might wonder why all communications are not done in a secure channel to avoid the security issues inherent in the cookie method. Performance and complexity are the typical reasons why secure communications are not used for less critical applications, as the administrative and computational costs for supporting multiple secure users may outweigh the security benefits. Thus, an encrypted cookie coupled with an initial authentication step represents a compromise between conserving computing resources and enhancing security. This method of authentication is already employed on many websites today, but there are still significant problems remaining.
Focusing specifically on the cookie encryption step, many websites use a single symmetric encryption key that is hardcoded into the web server and never changes. A security breach or a compromised key in this case may be disastrous, requiring the manual reconfiguration of the web server. Moreover, a breach might not be detected until an inopportune time, since a compromised key might be reserved for future use due to the unchanging nature of the key. Additionally, a malicious user might stealthily gather valuable and private personal information over a long period of time without causing changes that might alert the user or the administrators of a security breach.
Accordingly, there is a need to overcome the drawbacks and deficiencies in the art by providing a way to improve the security of authentication cookie encryption keys, thus providing both convenience and security for users of cookie authenticated websites.