This invention relates to computer security, and more particularly, to ways of authenticating computer transactions between distant parties.
Many operations in electronic commerce can be understood in terms of client/server transactions. For example, a bank customer wants to log into a bank web site, identify himself, transfer some money from one account to another, and log out. The bank web site acts as the server, the customer computer as the client, and the transaction is the money transfer. Some network protocols are symmetric, or peer-to-peer, but it is often helpful to think of transactions between them as client/server transactions anyway.
The Public Key Infrastructure (PKI) is a way of managing identifying credentials in a computer network. Each entity typically has a certificate with its name and public key signed by a certificate authority (CA). Certificates can be validated by checking signatures against root certificates, and also by checking lists of revoked certificates. X.509 certificates bind a distinguished name to a public key, for a given time interval, possibly with some constraints. X.509 certificates, and how they are used in a PKI, are described in IETF RFC 2459 and in the book Digital Certificates—Applied Internet Security, by Feghii, Feghii, and Williams. Addison-Wesley, 1999.
A PKI is commonly used to help secure commerce on the internet. For example, a bookstore will have books listed for sale on a web site, and customers can connect with a web browser and make a purchase. Internet protocols such as SSL (or TLS) can establish a session key for encrypting transmissions and use certificates to authenticate the parties. It works well enough that millions of people are ordering products online with credit card numbers. But there is a need for systems with a higher degree of reliability for some applications. SSL is described in U.S. Pat. No. 5,657,390. TLS is very similar to SSL and is described in IETF RFC 2246. More information on cryptography is described in Handbook of Applied Cryptography, by Menezes, van Oorshot, and Vanstone, CRC Press, 1997. There are standard cryptographic operations for secure hash, message authentication code, block cipher, and public key operations, such as SHA-1, HMAC, AES, RSA, DSA, and ECC. These are described or referenced in US NIST FIPS, IEEE 1363, and related documents.
With either a cipher key or a public key, there are known methods for encrypting a data block into a ciphertext that is nonmalleable and resistant to an adaptive chosen ciphertext attack. Such a ciphertext is very difficult to forge.
Truly secure operating systems are difficult with current technology. Most computers today are susceptible to viruses and other problems. To reduce those problems, computers are being developed with trusted components. The trusted hardware might be the motherboard, cryptographic unit, keyboard, mouse, and a video display mode, so that the user can reliably have some tamper-resistant input and output. It might also include other peripherals. The trusted software is a trusted kernel that is a highly reliable part of the operating system. When the trusted kernel starts up, it verifies various hashes or certificates, and it is capable of attestation that a program is running in an environment with specified security properties. The attestation can take the form of hashes and certificates that can be validated elsewhere. A combination of hardware and software features may also protect certain program operations from interference by other programs, and provide sealed storage for programs running in the trusted environment. The Trusted Computing Platform Alliance (TCPA) issues specifications for trusted computing platforms, and their effort is described in the book Trusted Computing Platforms: TCPA Technology in Context, edited by Siani Pearson (Hewlett-Packard Books and Prentice-Hall, July 2002). U.S. Pat. Nos. 6,327,652 and 6,330,670 describe a digital rights management operating system that could act as a trusted platform. Other approaches may also be possible.
The TCPA specification uses a PKI to manage certificates that assure trust for certain hardware components. A PKI has the advantage that, in some cases, trust can be withdrawn by revoking a certificate. If a trusted kernel uses a PKI to attest that a system is securely doing what it pretends to be doing, then a verifier might have to check some signatures on some certificates as well as check that the certificates have not been revoked. Someone might attack the hardware to release secrets that are supposed to stay within a trusted computing platform, but that does not destroy the security of other trusted computing platforms.
Secure distribution of electronic content presents some unusual challenges. In particular it is difficult to buy just one copy of a digital file because files are copied so easily on computers. Some digital rights management systems are described in U.S. Pat. Nos. 6,385,596, 6,427,140, and 6,445,797, and in US patent application 20020006204.
Smart cards are often used to help secure computers. Typically they hold a public/private key pair and can act as a secure component to a computer that otherwise might not be so secure. But it is difficult to use a smart card for a secure transaction if the computer itself is insecure.
There is a need for a computer system component that can manage transactions securely in environments where the operating system, network, and users cannot be trusted.
In some applications, there is a need for a server to obtain assurance that it is dealing with a live person. For example, an email provider might want to let legitimate users subscribe to email accounts, but not allow automated junk mailers to subscribe to large numbers of accounts for the purpose of sending unsolicited bulk mail.
In other applications, bank customers rely on internet terminals in public libraries to transfer funds. The customer can usually assume that no one has tampered with the computer motherboard, but cannot be sure whether a previous user might have deliberately or accidentally installed software to intercept passwords or perform other malicious acts. Thus there is a need for users to be able to engage in some trusted transactions on a computer that is only partially trusted.
Computer security features are subject to attacks. There is a need for systems that are sufficiently flexible that they can adapt if parts of the system are compromised and secrets are revealed.
Getting certificates in today's PKI can be cumbersome and privacy invading, and the certificates do not always have the information that the user wants. There is a need for users to generate their own certificates.
There is a need for systems that provide client security services like secure email, by having clients communicating privately with servers.
There is a need for a smart card that can securely hold user and vendor secrets, and that can be safely used at a public computer terminal.
A PKI can be undermined by a compromised key, so security requirements often involve checking a certificate revocation list (CRL). Many systems use PKI but ignore CRLs. There is a need for systems that make CRL checking mandatory.
There is a need for a convenient system of electronic money on personal computers and smart cards, for buying documents and services on the internet.
There is a need for secure mechanisms that can work with a security boundary that is within a client or server computer.