Authentication is the act of confirming the truth of one or more attributes of an entity. The attributes in question may be the identity of a person, the identity of a device, or some other attribute or attributes of the person or device. For instance, to check email managed by an email service provider, a person may supply a userid to specify the persons identity, and a password to prove that the person who is supplying the userid is actually the person to whom the userid belongs. The email service provider may authenticate the identity of the person (or “user”) by determining whether the supplied password matches a predefined password for the supplied userid. Such a password may be referred to in general as an authentication factor. For purposes of this disclosure, the entity that is attempting to prove that it is what it claims to be is referred to as the prover, and the entity that is determining whether or not the prover is what it claims to be is called the verifier.
In the field of computer security, at least three different kinds of authentication factors are recognized: possession or ownership factors (involving something the prover has, such as a security token), knowledge factors (involving something the prover knows, such as a password), and inherence factors (involving something the prover is or does, such as a fingerprint or a voice print).
For two-factor authentication, one factor is often a possession factor. A security token distributed under the trademark “RSA SECURID” (or “RSA SecurID”), for example, may provide an authentication code which a user may utilize as a possession factor. Many conventional security tokens use shared secrets between the authentication server and the token to validate the token's identity. Tokens that use shared secrets typically require time synchronization between server and token. Also, if the shared secret is leaked on either side then the authentication is essentially broken.
To avoid using shared secrets, some authentication products employ digital signatures. For example, a token may use a private key to digitally sign a challenge from a server, and the server may then verify the signature using the token's public key. This approach is costly, however, in terms of computing resources, as the token must perform private key operations. This cost may be particularly significant when the token is a small form factor device with very limited computation capability.