With development of computer technology, information security is increasingly eyed. Authentication is an important aspect of information security, as a process of verifying operator's identity by a PC or network system. In computer systems and networks, the authorization is assigned to a digital identity of a user.
At present, a widely used authentication mechanism is the username/password verification. A user has to enter a combination of username and password to complete authentication, which is requested by a software application. A user password is set by the user himself. Others don't know the password. If the user enters a correct password, the user will be accepted as a legitimate user. But this mechanism fails to provide security and use convenience. To prevent from forgetting the password, many users often save the password at a “secure” place. In this case, it is easy for the password to be known by others. For different software applications, a user may set different combinations of username and password. It is difficult to remember those different usernames and/or passwords. The username/password mechanism is of one-factor authentication (one criteria is used to authenticate the user). This can be counterfeited readily. For example, some attackers may use illegally obtained user identification, such as username and password, to use software applications or resell those information. Some legitimate users are harmed by this kind of acts.
In recent years, the key device based authentication mechanism develops fast, which is more convenient and secure. The key device consists of a processor and a memory in a compact form. The key device can be plugged into a data communication port of the computer. Typically, the data communication port uses Universal Serial Bus (USB). Thus, the key device is also known as the USB key or the USB token. The key device is designed to physically resist attacks so that it provides high-level security.
The key device is broadly applied to authentication in online banking and Virtual Private Network (VPN) systems. The key device could encrypt and decrypt data stored in its memory, thus it is suitable for software copyright protection. Furthermore, sensitive information (e.g. passwords) can be kept in the key device to implement secure storage or to avoid forgetting. Presently, advanced key devices are programmable, i.e. any code previously stored in the key device can be executed there.
In most cases, the key device employs a security-designed chip to perform security functions. The security-designed chip has an outstanding security performance advantage in addition to the features of a common embedded microcontroller. During design stage, the architecture of a security-designed chip is specially processed for high security performance. Generally, the security-designed chip should be compliant with some standard (e.g. TCG TPM v1.2 specification or ISO 15408 standard), or be certified by an authority (e.g. China Password Administration Commission). Among generally available security-designed chips, the ST19WP18 microcontroller, manufactured by STMicroelectronics, is EAL5+ (enhanced) certified. EAL5+ (enhanced) is one of the highest levels for this kind of products in ISO 15408 standard certification. The smartcard chip is a sort of security-designed chips.
In general, a security module is formed by coupling a security-designed chip to other circuitry in a key device to perform information security operations. The operations performed by the security module include data interacting (encrypting of data to be written into the device, or decrypting of data to be read from the device), authentication information processing, storing/verifying a password, storing/verifying a signature, storing/verifying a certificate, access right management, and presetting code and executing data computation. Presetting code includes presetting a user software fragment, which cannot be read out of the device and is used to perform data computation within the device, and presetting a software protection application interface function, which is an interface-level function between the device and the software developer application.
Currently, a user is authenticated to a key device via a verification code. The user enters a verification code on the computer to which the key device is connected. The key device then obtains the verification code and compares the verification code with another verification code stored in its memory. If a match is found, the user is deemed as a legitimate holder of the device and is authorized access to the device; otherwise, access to the device is prohibited.
Although the user can change his verification code regularly, it is almost impossible to change it every time it is used. Thus, if the verification code is obtained by a hacker, it could be used to get access to sensitive information, such as a certificate, stored in the key device, which might bring great loss to the legitimate user.