瑞典专利SE538349C2 Method of authentication using an electronic device

专利PDF首页>>瑞典专利

专利附录

专利说明

权利要求

类似技术

同族专利

引用文献

法律状态

优先权

专利摘要:
4l Abstract Method for authenticating a user to a central server (130) and using an electronic device with a screen dis- (l2l,l23). (l20,l22)play The method comprises the following steps: a) associating each of the devices or users, (132), with a unique set of codes and. each. code with za piece of infor- mation; b) providing' a software function, accessible fronl the se-lected electronic device; a user interface acti- c) providing, on the screen display, vatable in several different ways, corresponding to different codes; d) specifying pieces of information and determining thecorresponding codes; e) calculating a one-way function; f) communicating the calculated value to the central server;g) calculating a comparison output value; andh) authenticating the user if the values are equal.The invention also relates to a system (100) and a computer software product arranged to cooperate with such a system. Ansökningstext 2014-09-30 140041SE
公开号:SE538349C2
申请号:SE1451162
申请日:2014-09-30
公开日:2016-05-24
发明作者:Neal Hindocha；Christopher Lindfeldt
申请人:Tokon Security Ab；
IPC主号:

专利说明:

Method for authentication using an electronic device The present invention relates to a næthod and a system forauthenticating a user to a central server, using an electronic device having a screen display. In particular, the inventionrelates to such a method and system for entering and transfer-from ring a shared secret, such as an alphanumerical string, such an electronic device to a central server.
In many situations it is desirable to use an electronic device,such as a personal computing device, a handheld communications unit such as a smartphone, or the like, for authenticating a user to a central server, many times over the internet. For instance, when logging into various services, it is often nec- essary to provide login credentials such as user names, pass- words, etc., via an electronic device used to access said ser- vice. In other cases, a PIN code is provided to a user via a secondary channel, such as via an SMS (Short Message Service)message, and the user needs to provide the PIN code to a centralserver for authentication. There are many more, similar exam-ples of when information representing a shared secret is re-quested, for authentication purposes, by a central server andfrom a user operating an electronic device which is in commu- nication with the central server.
There are typically security problems relating to such infor- mation provision. For instance, a malware, such as a so called Trojan Horse, can be planted on the electronic device and usedto scan for user input via an input control such as a software-implemented on-screen keyboard on a touchscreen smartphone, inparticular if such keyboard is provided by the operating systemof the smartphone, or a physical keyboard on a PC computer.Another threat is a man-in-the-middle attack in which a third person intercepts a data stream between the electronic device and the central server. Brute force attacks are also common, where a great number of possible PIN codes, or the like, are tested using automated scripts. In these and other cases, theshared secret runs the risk of being captured and interpretedby a non-eligible third party, which is not desirable.
In order to solve this problem, encryption may be used. How- ever, even an encrypted signal is sensitive to attacks, espe-cially keyboard monitoring-type attacks and software designedto scan the internal memory of a particular electronic devicefor information similar to PIN codes, passwords and the like.Hence, there is a need for providing a secure way of communi-cating a shared secret from an electronic device to a central server.The present invention solves this problem.Hence, the invention relates to a method for authenticating auser to a central server and using a selected one of severalelectronic devices, which electronic devices each comprises ascreen display and is arranged to communicate with the centralserver, characterised in that the method comprises the steps a) associating, in the central server, each of the electronic devices and/or each of a set of registered users, with a re-spective unique set of different digitally stored codes, knownto both the electronic device in question and to the centralserver, and associating each individual code with a certainpiece of information in a predetermined set of informationaccessible from the pieces; b) providing a software function, selected electronic device; c) causing the software functionto provide, on the said screen display of the selected elec-tronic device, a graphical user interface comprising a user control which can be activated in several different ways, where different ways of activation are associated with different re-spective codes selected from said unique set of codes for theselected electronic device and/or the user; d) allowing theuser to specify at least one piece of information by activatingthe user control in the corresponding respective way, and de-termining the corresponding at least one associated code; e)calculating an output value of a predetermined one-way func-tion, to which the said determined at least one code is usedas input value; f) communicating the calculated output valuefrom the selected electronic device to the central server; g)causing the central server to calculate a comparison outputvalue of the said one-way function, using as input values the respective codes having been associated, in step a), with acertain expected set of information pieces which the user isexpected to have specified in step d); and h) authenticatingthe user if the calculated comparison output value equals thecalculated output value.
Furthermore, the invention relates to a system for authenti-cating a user, comprising a central server arranged to authen-ticate the user using a selected one of several electronicdevices, which electronic devices each comprises a screen dis-play and is arranged to communicate with the central server,characterised in that the central server is arranged to asso-ciate each of the electronic devices and/or each of a set ofregistered users, with a respective unique set of differentdigitally stored codes, known to both the electronic device inquestion and to the central server, and to further associateeach individual code with a certain piece of information in apredetermined set of information pieces, in that the systemfurther comprises a software function, accessible from the se-lected electronic device, which software function is arrangedto provide, on the said screen display of the selected elec- tronic device, a graphical user interface comprising a user control which can be activated in several different ways, wheredifferent ways of activation are associated with different re-spective codes selected from said unique set of codes for theselected electronic device and/or the user, to allow the userto specify at least one piece of information by activating theuser control in the corresponding respective way, and deter-mining the corresponding at least one associated code to cal-culate an output value of a predetermined one-way function, towhich the said determined at least one code is used as inputvalue, and to communicate the calculated output value from theselected electronic device to the central server, and in thatthe central server is arranged to calculate a comparison outputvalue of the said one-way function, using as input values re-spective codes having been associated with a certain expectedset of information pieces which the user is expected to havespecified and to authenticate the user if the calculated com-parison output value equals the calculated output value.
Also, the present invention relates to a computer softwareproduct arranged to be accessible from an electronic devicecomprising a screen display and being arranged to communicatewith a central server in turn being arranged to authenticate auser of the electronic device, characterised in that the com-puter software product is arranged to store a set of differenta set of and a digitally stored codes, information pieces specification of a predetermined one-way function, and to as-sociate each individual code with a certain piece of infor-mation in the said set of information pieces, in that thecomputer software product is further arranged to provide, onthe said screen display of the electronic device, a graphicaluser interface comprising a user control which can be activatedin several different ways, where different ways of activationare associated with different respective codes selected from said set of codes, to allow the user to specify at least one piece of information by activating the user control in thecorresponding respective way, and to determine the correspond-ing at least one associated code, and in that the computersoftware product is further arranged to calculate an outputvalue of the said one-way function, to which the said deter- mined at least one code is used as input value, and to com- municate the calculated output value from the selected elec-tronic device to the central server.
In the following, the invention will be described in detail,with reference to exemplifying embodiments of the inventionand to the enclosed drawings, in which:Figure 1 is an overview diagram of a system arranged to performa method according to the present invention; Figure 2 is a flow chart of an exemplifying embodiment of themethod according to the invention; Figures 3-6 are views of component parts of four exemplifyingembodiments of a system according to the present invention, inwhich an exemplifying respective electronic device, in the formis shown. of a telephone comprising a screen display, Hence, figure 1 illustrates a systen1 100 for* performing' a method according to the present invention.
Two different electronic devices 120, 122, preferably mobile electronic devices, are each connected to the internet 110, preferably but not necessarily via a wireless connection such as WiFi, GPRS, LTE or the like. The electronic device 120 is in the form of a handheld, portable device such as a mobileThe device 122 is phone, for instance a so-called smartphone. in the form of a personal computer, such as a PC, which is also preferably portable. Both devices 120, 122 feature a respective screen display 121, 123 capable of showing raster images de-fined by pixel sets of certain color and/or light intensity.It is realized that the electronic devices 120, 122 merelyconstitute examples of electronic devices suitable for use withthe present method. For instance, a stationary computer with aseparate screen may also be used, having a wired internet con-nection.
Furthermore, according to the invention a central server 130is also connected to the internet 110, 120, 122. and thereby to devicesThe central server 130 is connected to or comprisessaid herein that certain a first database 131. When it is information is stored in the server 130, it may equally wellbe stored in the database 131 and vice versa. All such storingis preferably digital storing.
It is preferred that at least two, however more preferably at least ten, more preferably at least 100, most preferably at least 1000 different electronic devices 120, 122 are used to-gether with the server 130, in the sense that they are eachregistered with the server 130 and able to communicate withthe server 130.
A requesting server 140 is preferably connected to, and ar- ranged to communicate with, the central server 130. Specifi- cally, the server 140 is arranged to request the server 130 toin turn authenticate the user of either device 120, 122, byrequesting that the user submits to the server 130 a secretwhich is shared between the central server 130 and the user.Moreover, the server 140 is preferably also connected to theinternet 110. The server 140 needs not be a part of the system 100, but may be an external, standalone server 140. Preferably, the system 100 comprises the server 130, the database 131 and the below described software function accessible via the elec- tronic devices 120, 122, which devices need not be a part of the system 100 as such.130, Servers 140 can be standalone or distributed servers, physical or virtual servers, or any other conventional type ofserving functionality arranged to provide digital services toclients via some type of digital interface. The corresponding is true regarding the database 131.
Figure 2 illustrates a method according the invention for au-thenticating a user to the central server 130 and using aselected one of the several electronic devices 120, 122, whichelectronic devices each comprises a respective screen display121, 130. 123 and is arranged to communicate with the central server In one preferred embodiment, the requesting server 140 is in communication with a user to be authenticated, for instance via the device 120, 122, before the method commences. For in- stance, the server 140 may provide a service to a user of thedevice 120, 122 such as an online banking service or any otherconventional online service which is performed or deliveredfor instance over the internet 110. During such communication, as a part of a particular service provision, the server 140 wishes to authenticate the user for some reason.
What is said herein applies equally well to the situation inwhich the server 130 itself provides a particular service tothe user in question, as a result of which service provision the server 130 wishes to authenticate the user. Hence, in some embodiments there is only one server 130.
Hence, in a first step, each of the electronic devices 120, 122 and/or each of the users being registered with the system100, in the central server 130, are associated, with a respec- tive unique set of different digitally stored codes, known toboth each electronic device 120,122 in question and to thecentral server 130. Such codes may be any information whichmay be stored for reference both in the database 131 and thedevice 120, 122 in question, with preferred examples comprisingpreferably numbers. for each 122, alphanumerical strings, Hence, participating electronic device 120, a set of such codesis stored, both in the database 131 (and hence known to thecentral server) and in a way accessible to the electronic de-vice, such as in a safe and preferably encrypted storage area in the internal memory of the device (such as the “keychain” functionality of the operating system IOS), or alternatively in a local or external (to the electronic device) database,safely accessible from the software function described below.Preferably, the respective software function described belowhas sole access to one copy of the codes associated with theelectronic device in question, and the central server has soleaccess to another such copy. It is preferred that the copy ofsaid codes which is accessible to the said software functionis stored physically in the electronic device in question.
The set of codes for each participating device 120, 122 and/orfor each registered user is unique in the sense that no twoparticipating devices 120, 122 and/or no two registered users share the same set of codes. In either case, it is preferred that the codes are stored in a safe way, preferably encryptedlocally in a 122. and only accessible to the software function,memory of a respective electronic device 120, In caseseveral electronic devices 120, 122 are used by one and thesame user, a respective copy of the codes may be stored in each of these devices. One and the same electronic device 120, 122 may also store codes for several users. In the latter case, it is preferred that a user can select in the name of what userto act as a sub step of the authentication method according to the present invention. Such selection can be made dependent on a conventional, locally performed username/password login step.
Furthermore, each individual code is associated with a certain piece of information in a predetermined set of information pieces. Such a piece of information may be any well-defined information, such as different logical entities, such as “cat”, “red” or “fast”; an alphanumerical character; or any other type of information.
Hence, in this first step both the unique code sets, and pref- erably also the corresponding pieces of information, are sharedbetween the server 130 and the respective electronic device 120, 122. The pieces of information are preferably also stored in both the database 131 and in a way accessible to the software function, as described above. This sharing may take place in a conventional, safe manner. Preferred examples comprise setting up a secure channel, such as a VPN (Virtual Private Network) tunnel, between the server 130 and the electronic device 120, 122 in question, and communicating the shared information be- tween the parties over this channel. For instance, the tele- phone 120 may receive an SMS (Short Message Service) with a one-time password, in turn used to set up a VPN tunnel to the server 130. Alternatively, the shared information may be com-which thereafter communi- 122. municated to the software function,cates directly with the respective electronic device 120,This step preferably takes place only once, in connection withinstallation or registration of the electronic device 120, 122in question.
Hence, this first step is preferably performed for several mobile electronic devices, such as all the abovementioned electronic devices used with the central server 130.Moreover, it is preferred that each code is created as a ran-domly selected value upon said installation or registration.Preferably, each code is a randomized alphanumerical sequencewhich is generated upon initiation of the software function onthe electronic device 120, 122 in question, and shared betweenthe software function and the central server 130. The “initi-ation” of the software function means, for instance, the in-stallation or first access of the software function on or fromthe electronic device 120, 122 in question.
Then, in a second step, the said software function is provided to the selected one electronic device 120, 122 to be used forauthenticating the user, in such a way so that it is accessiblefrom the specific electronic device.
That the software function is “accessible from” the selectedelectronic device means that a user of the device is providedaccess to functionality of the software function via the device120, 122 itself, preferably in the form of the below describedinteractive graphical user interface to the software function,which is then provided by the software function on a screendisplay 121, 123 of the device 120, 122 in question. As such,the software function may for instance be a computer programlocally installed on the device itself; a remotely accessedsoftware function such as a HTML5 web page accessed from thedevice itself via a standard web browser; or a combination ofa locally installed application and remotely accessed web ser- vices.
It is important that the software function in one way or the other is accessible via the electronic device 120, 122 in an ll individualized way, in the sense that the software function will have access to unambiguous information regarding the iden- tity of the electronic device 120, 122 itself in connection to such access. Such unambiguous information preferably uniquely identifies hardware of the electronic device 120, 122 in ques- tion itself, and preferably not only information which is not necessarily unique to the device itself, such as an IMSI (In- ternational Mobile Subscriber Identity) or MSISDN of a SIM card installed in the electronic device 120, 122.
Then, in a third step, the said software function is arranged to provide, on the said screen display 121, 123 of the selected electronic device 120, 122 in question, a graphical user in- terface, which is preferably interactive.
According to the invention, the graphical user interface com-prises a user control which can be activated in several dif-ferent ways, where different ways of activation are associatedwith different respective codes selected from the above de-scribed unique set of codes for the selected electronic device120, the user will, by activating 122 in question. Typically, the user control in a particular way, such as by pressing abutton or marking a field comprised in the user control, spec-ify a particular one of said pieces of information, which isalso associated with a particular one of said unique set ofcodes.
Such a user control can have many different forms, such as adrop-down list, where the selection of different items resultsin the user control being activated in different ways; a setof graphical buttons each one representing a different activa-tion way; and the two examples of selectable fields and an input field, respectively, as described in detail below. 12In general, it is preferred that the software function is ar-ranged to produce and control the behavior of the user controlitself, in a way so that the software function can capture userinteraction events with the user control directly and withoutany other software function gaining access to such interactionevents. In particular, it is preferred that services providedby the operating system of the electronic device will not beused in such a way so that the operating system gains accessto the informational content of the communication between theuser and the device. For instance, the operating system maynot be used for any user interactivity functionality on higherprogramming architecture levels than those being specified interms of pixels on the screen display.
Specifically, an oper- ating system-provided text entering functionality, such as avirtual keyboard, is preferably not used by the software func- tion. However, an operating system-provided graphics pro-cessing service can be employed for drawing individual linesand the like on the screen display, for capturing user selec-tion events in terms of selected pixel on-screen locations,and so on.
As an example, in the above-described drop-down list example,the drop-down control itself should be drawn by the softwarefunction rather than using a service provided by the operatingsystem or any other piece of software which is not an integrated part of the software function.
What is important in all these cases is that no other softwarefunctions, such as the operating system of the electronic de- vice 120, 122, gains access to information in a context makingit possible for such software function to determine the piecesof information specified by the user, or the codes associated with these pieces of information. 13 Thereafter, in a fourth step, the user is namely allowed, by the software function, to specify at least one, preferably at least two, most preferably at least four, of the above dis- cussed pieces of information. This specification takes place,according to the invention, by activating the user control inthe corresponding respective ways. Namely, the different acti-vation ways of the user control are associated with differentpieces of information.
Moreover, the corresponding at least one code in said unique set of codes is determined, which codebeforehand has been associated with the particular activationway imparted to the user control by the user.
It is realized that the activation ways, the pieces of infor-mation and the codes can be associated one with the other invarious ways. What is important is that each activation waycan be tied unambiguously to one particular piece of infor-mation and to one particular code.
Moreover, the piece of in- formation may be only implied, in the sense that an activationway may be associated with a particular code without beingexplicitly associated with the piece of information, while thepiece of information is deduced by the user based upon infor- mation presented in or in connection with the user control.
It is preferred that the user control provides information tothe user regarding what respective piece of information corre-sponds to what activation way of the user control. In thepreferred embodiment in which the actual pieces of informationhave been shared between the central server 130 and the device120, 122 in question, the software function may use graphics, such as symbols and/or text and/or patterns, to point out tothe user what activation ways result in the specification ofthe central 122 with which piece of information. In other examples, server 130 may provide the electronic device 120,digital information, such as an image, comprising the pieces 14 of information in a way which is not readily understandable bythe software function with respect to its information content.For instance, the user control may comprise different fields, as described below, and the central server 130 may, in aninitial step, have provided the software function with an imageintended to be displayed on the screen display 121, 123 in anoverlay fashion, said image comprising markings or the likeproviding information to the user regarding what fields corre-spond to what piece of information. In yet other embodiments, such an image, or other corresponding information, may be pro- vided by the user him- or herself, which information makes iteasy for the user to distinguish between different fields onthe screen display 121, 123 in a way not readily understandableby the software function because the software function has noknowledge about how to interpret the said image data contextu- ally.
It is preferred that the order of the user activations of theuser control, and hence the order of the specified codes, isnoted.
Thereafter, in a fifth step, an output value of a predeterminedone-way function is calculated, by the software function andpreferably exclusively locally on and by the electronic device120, 122 using software executing on the hardware of the elec- tronic device 120, 122. In the one-way function, the said de- termined at least one code, associated with a particular wayin which the user has activated the user control, is used asinput value.
A “one-way function” is a function the input value of whichis, in practice, impossible to determine based only upon the corresponding function output value, and which is substantially one-to-one in the sense that in practical applications, twodifferent input values will in practice always result in twodifferent output values. Examples include many hash functionswhich are conventional as such, such as SHA hash functions, for instance SHA-1, SHA-2 and SHA-3, as well as MD5.
Hence, the one or several codes indirectly specified by theuser by said activation are used as input parameters in such aone-way function, whereby the said output value is created in a way so that it is, in practice, impossible to derive theoutput value without knowledge of the values of the specifiedcodes. It is preferred that the above mentioned order of thecodes is used in this calculation.Then, in a sixth step, the calculated output value is communi- cated from. the selected electronic device to the central server. This communication of the calculated output value cantake place over a non-encrypted communication channel, sincean eavesdropper will not be able to interpret the output value.In a seventh step, the central server 130 is then arranged tocalculate a comparison output value of the same one-way func-tion. In this calculation, the pieces of information indirectlyspecified by the user by his or her activation in differentways of said user control are compared to an expected set ofinformation pieces, selected from the same general set of in-formation pieces as described above in connection to the device120, 122, with the aim of checking for correspondence between the two. Hence, in the corresponding way as in the above de- scribed calculation of the output value by the electronic de-122, vice 120, the respective codes having been previously associated, in the central server 130, with the certain ex- pected set of information pieces are used as input values to the one-way function, here also preferably using the expected 16 order of the codes. Thus, the expected pieces of information are those that the user is expected to have specified usingthe user control as described above, preferably in a particular order.
Then, in an eight step, the user is authenticated if the cal- culated comparison output value, as calculated by the central server 130, equals the calculated output value, as calculated by the electronic device 120, 122 and communicated to the cen- tral server 130. This authentication is preferably determined by the central server 130 after the calculation of the said comparison value.
Then, the central server 130 may communicate the result of the \ l/ \ authentication (such as yes or no”) to a requesting server such as the server 140, possibly also comprising personal in-formation regarding the user.
Preferably, the expected set of (possibly ordered) informationpieces constitutes a secret which has beforehand been sharedsoftware function. between. the central server 130 and the Hence, if the two calculated output values are equal, the cen-tral server 130 can deduce that the user specified the samepieces of information as was expected, thereby verifying thecontents of the shared secret to the central server 130. Then,the user can be authenticated with high security.
Using such a method and such a system 100, an authenticationcan be achieved with the highest security standards, and withsince the 122, a built-in two-factor authentication level. Namely,set of codes is unique to every electronic device 120,and/or to every registered user, the data provided from the122 to the central server 130 will de- 122 used for electronic device 120, pend on the identity of the actual device 120, 17 authentication. Hence, the user needs to know the shared se- cret, in terms of a sequence of information pieces as repre-sented by the activation ways of the user control, and alsoneeds to actually have physical access to the electronic device120, 122. In a preferred embodiment, the database 131 comprisesan association between each user and a specific electronicdevice 120, 122 as identified in the way described above, andrequires each particular user to authenticate using a partic-ular electronic device. The central server 130 will know thatthe authentication was performed using the particular device,since another device would in this case produce another one-way function output value since it uses a different unique set of codes than the particular device in question.
In the case in which the set of codes is unique to each regis-tered user, it is preferred that a separate authenticationstep, in which the user is authenticated by the software func-tion, is used before the user is allowed to specify the infor- mation pieces. Examples comprise cases where several users share one and the same electronic device 120, 122. Then, a userto be authenticated first logs in to the software function,using the electronic device in question, and then starts theauthentication procedure illustrated in figure 2, using the graphical user interface provided by the software function. it is preferred that each set of codes is tied to and 122, However,unique for each electronic device 120, and that each reg-istered user is also tied to a particular electronic device120, 122, all by associations in the database 131. intrusive attacks 122, Moreover, using such a method and system 100,directed to one or several electronic devices 120, suchas installation of malicious code on the device, will not be successful, since there is no simple way for a piece of code 18 which is not an integrated part of the above described softwarefunction to gain access to the set of unique codes for the electronic device 120, 122 in question, even if allowed to execute thereon and granted full access rights.
Still, the user experience can be identical or similar to that of entering a PIN code, a password, a swiping pattern, or similar conventional methods of authentication, wherein the possession of the actual device is not conventionally used as a separate, independent authentication factor as such. This will be detailed in a number of exemplifying embodiments that are described in the following.
It is preferred that the central server 130 is arranged to identify each individual electronic device 120, 122 based on a detected respective individualized local presence of the said software function on the electronic device 120, 122 in ques- tion. For instance, the software function can be installed locally on the device 120, 122 and therefore be able to digi- tally verify to the central server directly that it has a local presence on the device. As an alternative or supplement, the central server 130 is arranged to, preferably via the softwarefunction, identify each individual electronic device 120, 122using a unique hardware property itself, such as a serial num-122, as opposed to infor- 122 itself ber of the electronic device 120,mation which is not pertinent to the device 120,but rather to a SIM (Subscriber Identity Module)122. card comprised in the electronic device 120, This way, the second au-will be tied to the 122. thentication factor (something you have) very hardware of the electronic device 120, The identify-ing information can be read by the software function when ex- ecuting on the electronic device 120, 122 hardware. 19As described above, the said one-way function used must be thesame when calculating the output value and the comparison out-put value.
According to one preferred embodiment, the one-way function comprises a hash function, preferred such hash func-tions comprising PBKDF2 and SCRYPT. According to one embodi-ment, the one-way function comprises a series of looped one-way functions, so that the output value of a first one-wayfunction is fed as an input value to another one-way function.It is preferred that the series of one-way functions comprisesa series of one and the same one-way function used repeatedlyin this manner, comprising at least 10, preferably at least1000, more preferably at least 100000 loops, particularly pref-erably in the case in which the one-way function is or comprisesa hash function. This will make brute force attacks on the system 100 difficult to succeed. Preferably, the number of loops is a random variable, the value of which is determined during an initial step, such as user registration, in depend- ence on the hardware performance of the mobile device 120, 122,such that it will take at least 0.1 seconds for the device 120,122 to calculate the one-way function output value, cluded. loops in- According to a particularly preferred embodiment, in the firststep described above, fied, a respective one-way function is identi-or selected among a set of possible one-way functions,and individually associated with each electronic device 120,122. The associate is stored both in the database 131 and bythe software function. This may be a part of a registration or installation step performed ahead of time. Hence, different electronic devices 120, 122 and/or different users may be as-sociated with different ones of the possible one-way functions.be different Different one-way functions may, for instance, hash functions. According to a preferred embodiment, different one-way functions involve different number of loops as de- scribed above. In other words, one particular device 120 may be associated with 146322 loops, while another one is associ- ated with 36701 loops. This will further increase protection against brute force attacks.
Figure 3 illustrates a first exemplifying embodiment of the present invention. The central server 130, the internet 110 and the database 131 are the same as in figure 1, and the device 300 corresponds to devices 120, 122. The database 131 comprises a unique set of codes 132 associated with the par- ticular electronic device 300, using which a particular user is to be authenticated to the server 130. The device 300 com- prises a screen display 310, on which a software function, such as a locally installed software application executing on thedevice 300 and arranged to communicate with the central server 130 via wireless internet 110, is arranged to provide an in- teractive graphical interface, as shown in figure 3. The graph- ical interface comprises a text box 330, in which the user may enter a PIN code used for authentication. The text box and its informational content is not produced by the operating system of the device 300, but rather by the software application di- rectly. The input is made via a set of graphical buttons 331, presented on the screen 310 by the software function, that may be selected for instance using touchscreen technology. The software handles selection events, redrawing of the user in- terface, etc., itself. Hence, the operating system will not be notified or informed about events, such as the user enteringcharacters in the text box 330, as such.In this case, the text box 330 in combination with the set ofbuttons 331 is the user control, and the above described dif-ferent activation ways corresponds to entering different char-in the text box 330. acters, one after the other, 21 The software function executing on the device 300 also com- prises or has access to the information 132, both the values of the unique set of codes “123”, “234”, etc., and the associ- ation to the respective pieces of information “1”, “2”, etc.The information 132 has been communicated to the software func-tion during an installation procedure of the software function.The graphical user interface further comprises a send button333, the text box 330, which when pressed is arranged to take each character indetermining a corresponding code, concate-nating the codes to a character string, hashing the resultingstring 100000 times and sending the resulting hash value tothe central server 130. In the example shown in figure 3, thecode entered is 1442, \l23//, corresponding to codes (see reference“456”, “456” and “234”. “123456456234”.
The concatenated hashed numeral 132) string' is therefore This 100000 times, string is using a predetermined looped hash function, and the final result, in other words the output value of the one- way function, is sent to the central server 130.
Hence, in this case, the “information pieces” are the individ- ual digits entered in the text box 330. The unique set of codes is the set of codes “123”, “234”, etc., shown in 132.
The central server 130, in turn, expects the user to enter the PIN code “1442”, since this PIN code constitutes the shared secret which has been shared between the software function and the central server 130 in an initial step, such as during registering of the user in question. Therefore, the server 130 produces the concatenated string “123456456234”, in a way sim- ilar to the one described above, using the information 132 stored. in the database 131, and. hashes this string 100000 times, using the same, previously agreed, looped hash function as the software function, to produce a final result which is 22 then compared to the said output value of the one-way function.
In this case, the two compared values will be the same, and the user will be authenticated by the central server 130.
It is realized that concatenation is one of many possible ex-amples of how to feed several input values to a one-way func-tion. Even if concatenation into one single character stringis a particularly simple method, it would also be possible to,for instance, provide a one-way function with four distinct,ordered or non-ordered, input values.
It is realized that the graphical user interface comprisingthe text box 330 could also be provided by a software functionwhich is accessed from a remote location by the device 300,such as via a HTML5 web page, as described above, which softwarefunction has access to individualized information regardingthe hardware of the device 300 itself, such as its MAC address or serial number.
Figure 4 illustrates a second exemplifying embodiment of thepresent invention, sharing reference numerals for like partswith figure 3, and the device 400 corresponds to devices 120,122. play 410, The electronic mobile device 400 comprises a screen dis-on which a software function is arranged to providea graphical user interface comprising a user control. The usercontrol in turn comprises several fields 423, 424 (only twoindicated in figure 4, however it is realized that a corre-sponding field should be present for each one of the digits 0-9 shown) on the said screen display 410. Then, the user controlcan be activated in different ways by the user selecting dif-ferent ones of said several fields 423, 424. Each field 423,424 is associated with a respective code in the unique set of codes 132 for the electronic device 400 in question. As in 23 figure 3, the information 132 is stored also in a way accessibleto the software function, such as in the electronic device 400.As is illustrated in figure 4, the screen display 410 is pref-erably a touchscreen, in other words a screen which providesinteractivity to a user by sensing touches by the user on thescreen display 4l0 itself. Alternatively, user selections onthe screen display 4l0 can be made using a conventional com-puter mouse or the like.
According to a preferred embodiment, shown in figure 4, thesoftware function is arranged to display digitally coded imageon the screen display 4l0 in question, covering at 424. material, least several of said fields 423, In figure 4, the image material 420 is a raster image, such as a JPG or BMP image,graphically' representing' a respective piece of information(digits 0-9) 424 on display 4l0. in a respective field 423, the screen In particular, the image material 420 is a graph-ical illustration of a number grid, much like the one conven- tionally used on a smartphone for dialing a phone number. The fields 423, 424 themselves may be invisible graphically, merelydefined by a respective set of connected pixels on the screen 4l0.
It is preferred that the image material 420 represents a number of different pieces of information, the respective location of which on the screen display 4l0 is occupied by the correspond- ing field 423, 424. However, the image material 420 could de- pict anything, as long as there is a consistent relationship between the dimensions of the displayed image material 420 and the extension on the screen of the above said fields 423, 424.
For instance, a picture of a kitten can be used, whereby the user would be informed that the nose of the kitten represents\OI/, the left eye “l”, and so forth. 24 According to a preferred embodiment, the software function is arranged to provide an interactive interface, preferably pro- vided on the electronic device 400 but possibly via another device such as a web browser, via which the user is allowed to modify the contents of the image material 420. Examples com- prise changing the image 420 to another image, or manipulating the image, such as rotating, stretching, mirroring, skewing, etc., the image 420. For instance, the screen coordinates 421, 422 at which the image 420 is displayed on the display screen410 may be altered by the user so that the image 420 is trans-lated across the screen 410. In the case of such image manip-ulations, it is preferred that the software function is alsoarranged to automatically impart the corresponding geometricmanipulations, if any, of the fields 423, 424 on the displayscreen 410. 421, 422, In case of a translation by altering coordinatesthis would imply parallel translating all fields 423,424 by the same (X, Y) magnitude as the image 420 itself.
In other embodiments, such manipulations may be automatically imparted, either by the software function, preferably in con-nection to the display of the image material 420 on the screen,or by the central server 130. For instance, one or severalrandomly selected image modifications may be made each timethe user is to be authenticated, so that the displayed imagewill look different between two authentication events. In these424 are modified cases, it is important that the fields 423, in the corresponding way.Then, the software function is arranged to read a selectedscreen display coordinate 430, which is selected by the userfor instance by touching it with the user's finger or stylus, and to translate the screen display coordinate 430 into a cor- responding selected field 423 using a digitally stored mapping between screen coordinates 431, 432 and fields 423, 424 which mapping is only known to the software function. In other words, this mapping is not available to the operating system of theelectronic device 400 in question, or to any piece of software which is not an integrated part of the software function.
Preferably, the mapping is defined by the software function in connection to displaying the image 420.
As is clear from figure 4, the database 431 comprises the same dataset 132 as in the example illustrated in figure 3. This isbecause in the example illustrated in figure 4, the differentfields 423, 424 correspond to different activation ways of theuser control, whereby the selection of for instance field 423is translated, by the software function and using the associ-ation in the software function between fields and pieces ofinformation, into the specification the piece of information“3”, having the associated code “345” in the software function.Hence, if the user in the image 420 selects, \l//, in order, \4//, \4//, \2//, the same concatenated code would be produced asdescribed above in connection to figure 3, resulting in the same hash output value being sent to the central server 130.
It is preferred that no information regarding what image sub- part 423, 424 corresponds to what particular field (“3”, “5”)is provided to any software code executing on the electronicdevice 400 apart from the software function described herein.Hence, in the device 400, no such other software has access tothe association information using which the software functionperforms the translation from display screen 410 coordinate431, 432 to particular piece of information. in which an 122, Figure 5 illustrates a third preferred embodiment, electronic device 500, corresponding to devices 120, com- prises a screen display 510 showing a user control comprising 26 image data 520. Figure 5 shares reference numerals with the other figures for like parts.
In this example, the graphical user interface provided by the software function is arranged to allow the user to swipe afinger across the screen display 510 in such a way so that several of the fields 521, 522, 523, 524, 525, 526 are touched in the process, and that the specified pieces of information correspond to the touched fields in question. Hence, the fields may be associated, in the software function, according to the following: Field Piece of information Code 521 “north part of circle” 123 522 “north east part of circle” 234 523 “south east part of circle” 345 524 “south part of circle” 456 525 “south west part of circle” 567 526 “north west part of circle” 678 Hence, by the user swiping his or her finger from the top of the circle, clockwise, through fields 521, 522, 523, 524, 525 and finally ending on field 526,234, 345, 456, the corresponding codes 123,567 and 678 are specified,“123234345456567678”, resulting in theconcatenated code which is hashed in alooped fashion and is thereafter communicated to the centralserver 130, in a way which is similar to the above described.
The shared secret in this case is hence comprised in the par- 27 ticular swipe pattern (the ellipse, clockwise), or alterna- tively the combination of information piece selection resulting in such swipe pattern, the latter in case the interpretation of each field (“north”, “north east", etc.) is given a partic- ular meaning to the user in the context of authentication.
According to a preferred embodiment, the image material 520 comprises image features corresponding to the swipe pattern to be used by the user. For instance, the image material comprises the gray ellipse shown in figure 5 (however possibly not the dotted lines, shown only for increased clarity in figure 5).
In other examples, an image comprising elliptical features that cover the approximately same area as the gray ellipse, such as an image of a loaf of bread or anything else with roughly the same shape, can be used as image material 420. It is also realized that it is, of course, possible to use any open or closed shape, and not necessarily an elliptical one.
In one preferred embodiment, a user is allowed to select any image freely, and then to define a swipe pattern using that image. Then, the software function is arranged to track the swipe pattern specified by the user and to define a set offields in relation to display screen 510 coordinates coveringthe swipe track path across the screen, to associate each oneof these fields with a corresponding code, and then to sharethis information with the central server 130 over an encryptedThen, communications channel. when the user again swipes a finger across the display screen 510, the particular codes will be specified, in the correct order, and they are then expected for specification from the point of view of the central server130, which in turn can authenticate the user. This provides aparticularly simple way for the user to add additional securityto the method, since the pieces of information will then not be visible as such on the screen 510 during use. Only the user 28 will have knowledge about how to swipe across the particular image 520.
In figures 4 and 5, the software function is arranged to display520 as a. two-dimensional 510. the image 420, image on the two- dimensional screen display 410,which illustrates another In contrast thereto, in figure 6, preferred. embodiment of the present invention, which also shares reference numerals with figure 1 for like parts, andwherein the electronic device 600 corresponds to devices 120,122, the image material 620 is displayed as a two-dimensionalimage surface in a three-dimensional structure 621, a projec-tion of which three-dimensional structure 621 is shown on thescreen display 610 of the electronic device 600. In the exampleshown in figure 6, the structure 621 is a cube which can berotated along three axes of rotation R1, R2, R3, and translatedalong three linear directions X, Y, Z. The software functionis, in this case, arranged to present an interactive graphicaluser interface allowing the user to preferably at least rotatethe structure 621 in at least one rotational direction R1, R2,R3, preferably in all three rotational directions R1, R2, R3,and preferably also to translate the structure 621 along atleast one direction X, Y, Z, preferably along all three direc- tions X, Y, Z. Such rotation and translation may, for instance,take place by the user swiping a finger across the touchscreen610 in suitable patterns. As the variables R1, R2, R3, X, Y, Zare altered, the projection of the cube 621 updates on the screen 610.
The image 620 is painted on one of the sides of the cube 621.Hence, the user can modify the location of the image 620 onthe two-dimensional screen 610 by rotating and/or translating the three-dimensional structure 621. The 3D structure can be 29any suitable 3D structure, and one or several identical ordifferent images 620 may be painted on surfaces of such 3Dthe selected point 630, with structure in any way. In figure 6, coordinates 631, 632 at the current rotation and translationof the structure 621, pertains to a field 623 associated with the piece of information being the number “2” and the code “234” (see reference numeral 132, pointing to a set of associ-ation information stored in the database 131 but also in the device 600).
Hence, the software function provides an interactive, graphicaluser interface on the screen display 610, allowing the user tomanipulate the said three-dimensional structure 621, which con-stitutes the above described user control, so as to modify theposition on the screen display 610 of the said image material620 before selecting said at least one field 623 (only oneshown in figure 6 for reasons of clarity), so that the positionsof the fields 623 change as a result thereof. In other words,the software function is arranged to modify the geometric ex-tension of the fields 623 so that they follow the correspondinggeometric extensions of the parts of the image material repre-senting particular pieces of information when the structure621 is manipulated. Then, the user can specify a particularpiece of information by activating the user control by select-one of the several fields 623. ing, on the screen display 610, This general principle, of using a user manipulatable three-dimensional structure 621 with two-dimensional image material620 painted on surfaces thereof, can be used in several ways.For instance, different character sets can be depicted on dif-ferent surfaces of a suitable 3D structure; or the user can beencouraged to enter a PIN on the side of a cube which hascertain one of several different available background colors.
Then, image material painted on different sides of the three- dimensional structure 621 may correspond to different fields 623. In all such methods, it is preferred that the softwarefunction takes care of the graphical rendering of the structure621 itself, in the sense that no other software, not being an integrated part of the software function, has access to theinformational content of the structure 621. By such methods,the added security is achieved that an intercepting third partywill also need knowledge about the nature and current state ofthe structure 621 in order to be able to intercept the userspecifications. As described above, it is important that thetwo-dimensional geometric extensions of the fields 623 are up-dated in the same way as the image material 620 during usermanipulations of the 3D structure 621.
According to another preferred embodiment, which may for in-stance be used with either the displaying approach illustratedin figures 4 or 5, or with the one illustrated in figure 6,the software function is arranged to provide a displayed image420, 520, 620 which is variable, such as over time or in ac-cordance with a progress parameter the value of which the useris allowed to influence using the said interactive graphical user interface software function. the software function is arranged to 520, In one example of this, automatically change the image 420, 620 over time. For instance, the image 420 can be moved around the display 410 bycontinuously incrementing or modifying the coordinates 421,skewed 422; the structure 621 can be continuously stretched, or rotated in the R2 direction; or the image can be altered in any other way, preferably so that the location of at least one field 423, 521-526, 623 is also altered as a cmnsequence.Fields and image are modified synchronously, as describedabove. Then, the user control can be activated in different ways by selecting a particular field at different current time 31or progress parameter values, for instance by different acti-vation ways being identified both by selected field and selec-tion time.
In a second example, the software function is arranged to allowthe user to set the value of a progress parameter to a specificThe value before selecting the specific part of the image. progress parameter can, for instance, be set by a slider con-trol in the said interactive graphical user interface and can,for instance, control how long the image 420 or the structure621 has travelled along a predetermined, possibly curvilinearpath.
This will add an additional layer of security, since the useris allowed to control a parameter which is not readily avail-able to software functions that are not integrated part of the software function described herein.
It is preferred that each code in said unique sets of codes comprises at least 128 bits of information.
As mentioned above, the invention relates to a method for au- thenticating a user to a central server 130, via an electronic device 120, 122, 300, 400, 500, 600. Furthermore, the invention relates to a system 100 and a software function, such as an installable, executable or accessible piece of computer soft- ware product, which system and software function are arrangedto cooperate in the performance of a method according to theinvention. As such, the system 100 in one aspect comprises the electronic devices 120, 122, 300, 400, 500, 600 themselves, and in another aspect, which is particularly useful when coop-erating with a plurality of different electronic devices 120,122, 300, 400, 500, 600, each running their own respective software product according to the invention, the system 100 32 does not comprise the electronic devices 120, 122, 300, 400, 500, 600 as such, but on the other hand the software function.It is realized that all the aspects of the present invention described above are applicable, when possible, to said method, said system 100 and said computer software product, respec-tively.
In case the user forgets the shared secret (such as the PINcode to be entered in the example of figure 3), it is preferredthat a message is sent over a separate communication channel,such as via an SMS message to the device 120, 122 in question,with the PIN code or a new PIN code. Since the device 120, 122already has the associations between the pieces of informationbuilding up such a PIN code and the corresponding codes, theuser can enter the new or same PIN code in the usual way (asdescribed above), the corresponding one-way function output value can be calculated, and the server 130 can then, by per- forming the corresponding calculation, verify that the user entered the correct PIN code. Then, the user may be allowed to change the shared secret to something new.In case the user has changed telephone numbers, such as aftera SIM card replacement, the software function, which is alreadyinstalled on the mobile device, can guarantee to the centralserver 130 that the user is still using the same mobile deviceby for instance reading a piece of hardware-specific infor-122, mation from the mobile device 120, as described above, and communicating this to the central server 130.
It is preferred that the software function is arranged to allowthe user to specify various parameters of the user control,in case either during initiation or afterwards. For instance, an NXM grid of fields is used in combination with an image, 33 the user may change the values of N and M. Such specified orupdated parameter data is shared between the device 120, 122and the server 130 in a secure way, such as over a VPN tunnelset up using an authentication in turn based upon the usercontrol as it was before an updated parameter value.
Above, a number of preferred embodiments have been described.However, it is apparent to the skilled person that many modi-fications can be made to the described embodiments withoutdeparting from the basic idea of the invention.
In general, the various embodiments described herein can beused in combination with one another when so is applicable.Moreover, the present methods for authenticating a user via anelectronic device can be used in many situations. For instance,such authentication can be used to set up a secure internet(Virtual Private Network) tunnel for tunnel, such as a VPN subsequent communication; to authenticate a nwney transfer;and for authenticating purchases and/or payments at physicalpoints of sale.
In particular, it is preferred that the one- way function output value as described above is used as apassword used for setting up a SRP-TLS (Secure Remote Password- Transport Layer Security) tunnel between the sever 130 andthe device 120, 122.
In jparticular, the various functionalities of the softwarefunction as described herein in relation to the different ex-emplifying embodiments can be applied across embodiments, when-ever possible.
Hence, the present invention is not to be considered limitedto the described embodiments, but is variable within the scope of the enclosed claims.

权利要求:
Claims (17)
[1] 1. l. Method for authenticating a user to a central server (130) and selected one of several electronic devices (l20,l22,300,400,500,600),(l2l,l23,3lO,4lO,5lO,6lO) using awhich electronic devices each com-prises a screen display and are ar-ranged to communicate with the central server, c h a r a c -t e r i s e d i n that the method comprises the steps a) associating, in the central server, each of the electronic devices and/or each of a set of registered users, with a respective unique set of different digitally stored codes (132), known to both the electronic device in question andto the central server, and associating each individual codewith a certain piece of information in a predetermined setof information pieces; b) providing a software function, accessible from.the selectedelectronic device; on the said c) causing' the software function. to jprovide, screen display of the selected electronic device, a graph- ical user interface comprising a user control which can be activated in several different ways, where different waysof activation. are associated. with. different respectivecodes selected from said unique set of codes for the se-lected electronic device and/or the user; d) allowing the user to specify at least one piece of infor-mation by activating the user control in the correspondingrespective way, and determining the corresponding at leastone associated code; e) calculating' an output value of 51 predetermined. one-way function, to which the said determined at least one codeis used as input value; f) communicating the calculated output value from.the selected electronic device to the central server; g) causing the central server to calculate a comparison outputvalue of the said one-way function, using as input valuesthe respective codes having been associated, in step a),with a certain expected set of information pieces whichthe user is expected to have specified in step d); andh) authenticating the user if the calculated comparison output value equals the calculated output value.
[2] 2. Method according to claim l, c h a r a c t e r i s e d i n that the user control comprises several fields(33l;423,424;52l-526;623) on the screen display (3lO;4lO;5lO;610) of the selected electronic device (300;400;500;600), and that the user control can be activated in different ways by the user selecting different ones of said several fields.
[3] 3. Method according to claim 2, c h a r a c t e r i s e d i n that the screen display (3lO;4lO;5lO;6lO) is a touchscreen.
[4] 4. Method according to claim 2 or 3, c h a r a c t e r i s e di n that the software function is arranged to display imagematerial (420;520;620), on the screen(3lO;4lO;5lO;6lO) said fields (33l;423,424;52l-526;623), displayin question, covering at least several ofwhich image materialpossibly represents the corresponding piece of information thelocation of which on the screen display is occupied by the corresponding field.
[5] 5. Method according to claim 3, c h a r a c t e r i s e d i n that the graphical user interface is caused to allow the user to swipe a finger across the screen display (510) in such a way so that several of said fields (521-526) are touched in the process, and that the specified pieces of information cor- respond to the touched fields. 36
[6] 6. Method according to claim 5, c h a r a c t e r i s e d i n that the image material (520) comprises image features corre- sponding to the swipe pattern to be used by the user.
[7] 7. Method according to any one of claims 4-6, c h a r a c - t e r i s e d i n that the software function provides an in-terface via which the user can modify the contents of said image material (420;520;620).
[8] 8. Method according to any one of claims 4-7, c h a r a c - t e.ri.s e d i n that the software function displays theimage material as a two-dimensional image on the screen display(420;520).
[9] 9. Method according to any one of claims 4-8, c h a r a c -i n that the software function displays the (620) t e r i s e das a two-dimensional surface in a three-dimensional structure (62l), (6l0). image materiala projection of which is shown on the screen display
[10] 10. Method according to claim 9, c h a r a c t e r i s e d i n that the software function provides an interactive, graphical(610), allowing the user (62l) user interface on the screen displayto manipulate the said three-dimensional structure so asto modify the position on the screen display of the said image material (620) before selecting said at least one field (623), so that the positions of the fields change as a result of said manipulation.
[11] 11. ll. Method according to any one of claims 4-10, c h a r a c - t e r i s e d i n that the image material (420;520;620) is variable, in that the software function either automaticallychanges the image material over time or provides an interactivegraphical user interface on the screen display (4l0;5l0;6l0) allowing the user to set the value of a progress parameter to 37 a specific value before specifying the at least one field (423,424;521-526;623), and in that the user control is acti- vated in different ways by selecting a particular field for different current time or progress parameter values.
[12] 12. Method according to any one of the preceding claims, c h a r a c t e r i s e d i n that each code is a randomized alphanumerical sequence which is generated upon initiation of the software function on the electronic device (120,122;300;400;500;600) in question and shared between the software function and the central server (130).
[13] 13. Method according to any one of the preceding claims, i n that the software function reads 610) c h a r a c t e r i s e d a selected (410; coordinate (431,432; 631,632) screen displayand translates the screen display coordinate into acorresponding selected field (423,424; 623) using a digitallystored mapping between screen coordinates and fields which isas opposed to the (400: 600) only available to the software function,operating system of the electronic device in ques- tion. of the preceding claims,(130)(120,122;300;
[14] 14. Method according to any one characterised in that the central server identifies each individual electronic device 400;500;600)of the using a respective individualized local presencesaid. software function. on the electronic device inquestion or using a hardware serial number of the electronic device, as opposed to information which is not pertinent to the device itself but rather to a SIM (Subscriber Identity Module) card comprised in the electronic device.
[15] 15. Method according to any one of the preceding claims, c h a r a c t e r i s e d i n that, in step a), a respective one-way function is selected among a set of possible one-way 38 functions and individually associated with each electronic de- vice (l20,l22;300;400;500;600).
[16] 16. Systen1 for* authenticating za user, (l30) comprising a. centralserver arranged to authenticate the user using a selectedone of several electronic devices (l20,l22,300,400,500,600),which (l2l,l23,3lO,4lO,5lO,610) electronic devices each comprises a screen display and are arranged to communicate withthe central server, c h a r a c t e r i s e d i n that thecentral server is arranged to associate each of the electronicwith a re- (132), devices and/or each of a set of registered users,spective unique set of different digitally stored codesknown to both the electronic device in question and to thecentral server, and to further associate each individual codewith a certain piece of information in a predetermined set ofinformation pieces, in that the system further comprises asoftware function, accessible from the selected electronic de- vice, which software function is arranged to provide, on the said screen display of the selected electronic device, a graph-ical user interface comprising a user control which can beactivated in several different ways, where different ways ofactivation are associated with different respective codes se-lected from said unique set of codes for the selected elec-tronic device and/or the user, to allow the user to specify atleast one piece of information by activating the user controlin the corresponding respective way, and determining the cor-responding at least one associated code to calculate an outputvalue of a predetermined one-way function, to which the saiddetermined at least one code is used as input value, and tocommunicate the calculated output value from the selected elec-tronic device to the central server, and in that the centralserver is arranged to calculate a comparison output value ofthe said one-way function, using as input values respective codes having been associated with a certain expected set of W ß 39 information pieces which the user is expected to have specifiedand to authenticate the user if the calculated comparison out- put value equals the calculated output value.
[17] 17. Computer software product, arranged to be accessible froman electronic device (l20,l22,300,400,500,600)(l2l,l23,3lO,4lO,5lO,610) (l30) comprising ascreen display and being arranged tocommunicate with a central server in turn being arrangedto authenticate a user of the electronic device, c h a r a c -t e r i s e d i n that the computer software product is ar-ranged ixn store a set of different digitally stored codes(132), a set of information pieces and a specification of apredetermined one-way function, and to associate each individ-ual code with a certain piece of information in the said setof information pieces, in that the computer software productis further arranged to provide, on the said screen display ofthe electronic device, a graphical user interface comprising auser control which can be activated in several different ways,where different ways of activation are associated with differ-ent respective codes selected from said set of codes, to allowthe user to specify at least one piece of information by acti-vating the user control in the corresponding respective way,and to determine the corresponding at least one associatedcode, and in that the computer software product is furtherarranged. to calculate an output value of the said. one-wayfunction, to which the said determined at least one code isused as input value, and to communicate the calculated output value from. the selected electronic device to the central SGIVGI.

类似技术:

公开号 | 公开日 | 专利标题

TWI557588B|2016-11-11|Computing device with graphical authentication interface

US10296162B2|2019-05-21|User authentication security system

US9652604B1|2017-05-16|Authentication objects with delegation

US20040230843A1|2004-11-18|System and method for authenticating users using image selection

US10630675B2|2020-04-21|Generating web service picture passwords with user-specific cypher keys

US9258123B2|2016-02-09|Multi-layered color-sensitive passwords

US8904482B1|2014-12-02|Techniques for securing a one-time passcode with an alteration code

US10587598B2|2020-03-10|Method for providing information from an electronic device to a central server

US10050787B1|2018-08-14|Authentication objects with attestation

US20150100913A1|2015-04-09|Method for providing personalized virtual keyboard

US10049202B1|2018-08-14|Strong authentication using authentication objects

US9160744B1|2015-10-13|Increasing entropy for password and key generation on a mobile device

CN109891418A|2019-06-14|Method for protecting the transaction executed from non-security terminal

JP2019522277A|2019-08-08|Terminal device password unlocking method, apparatus, and terminal device

CZ2013558A3|2015-01-21|Method of entering secret information to electronic digital devices

KR20150047735A|2015-05-06|User Authentication Method base on User Input on the Image and Electronic Device using the same

CA2760826C|2016-09-27|Multi-layered color-sensitive passwords

EP3201814B1|2020-06-10|Method for authentication using an electronic device

KR102014408B1|2019-10-21|Method and computer program for user authentication using image touch password

CN111679781A|2020-09-18|Verification processing method, device, equipment and medium

US9613201B1|2017-04-04|Access control by a mobile device using an image

US20160103989A1|2016-04-14|Device authentication

US10263972B1|2019-04-16|Authenticating by labeling

JP2014081729A|2014-05-08|Information processing apparatus, information processing system, control method, and program

US9407441B1|2016-08-02|Adding entropy to key generation on a mobile device

同族专利:

公开号 | 公开日

WO2016053175A1|2016-04-07|

SE1451162A1|2016-03-31|

US20180234242A1|2018-08-16|

EP3201814A1|2017-08-09|

US10454684B2|2019-10-22|

EP3201814B1|2020-06-10|

SE538349C3|2016-06-28|

EP3201814A4|2017-08-23|

引用文献:

公开号 | 申请日 | 公开日 | 申请人 | 专利标题

US6272545B1|1997-10-24|2001-08-07|Microsoft Corporation|System and method for interaction between one or more desktop computers and one or more mobile devices|

US6134661A|1998-02-11|2000-10-17|Topp; William C.|Computer network security device and method|

US6161185A|1998-03-06|2000-12-12|Mci Communications Corporation|Personal authentication system and method for multiple computer platform|

US7219368B2|1999-02-11|2007-05-15|Rsa Security Inc.|Robust visual passwords|

US6668322B1|1999-08-05|2003-12-23|Sun Microsystems, Inc.|Access management system and method employing secure credentials|

US8117644B2|2000-01-07|2012-02-14|Pennar Software Corporation|Method and system for online document collaboration|

US6934860B1|2000-05-08|2005-08-23|Xerox Corporation|System, method and article of manufacture for knowledge-based password protection of computers and other systems|

US20050005174A1|2003-06-18|2005-01-06|Xerox Corporation|Configurable password authentication policies|

EP1879127A1|2006-07-13|2008-01-16|Cipherstone Technologies AB|User authentication method and system and password management system|

US7841000B2|2006-10-16|2010-11-23|Lenovo Pte. Ltd.|Authentication password storage method and generation method, user authentication method, and computer|

JP4258551B2|2007-01-25|2009-04-30|日本電気株式会社|Authentication system, authentication method, and authentication program|

US8769637B2|2007-03-23|2014-07-01|Sap Ag|Iterated password hash systems and methods for preserving password entropy|

JP5400301B2|2008-01-23|2014-01-29|インターナショナル・ビジネス・マシーンズ・コーポレーション|Authentication server device, authentication method, and authentication program|

US8159327B2|2008-11-13|2012-04-17|Visa International Service Association|Device including authentication glyph|

EP2396742A2|2009-02-10|2011-12-21|Uniloc Usa, Inc.|Web content access using a client device identifier|

US20100242104A1|2009-03-23|2010-09-23|Wankmueller John R|Methods and systems for secure authentication|

GB0910545D0|2009-06-18|2009-07-29|Therefore Ltd|Picturesafe|

US8613059B2|2009-12-18|2013-12-17|At&T Intellectual Property I, L.P.|Methods, systems and computer program products for secure access to information|

US20130047236A1|2010-04-09|2013-02-21|Jasbir Singh|Authentication system and method thereof|

US8850539B2|2010-06-22|2014-09-30|American Express Travel Related Services Company, Inc.|Adaptive policies and protections for securing financial transaction data at rest|

US8756672B1|2010-10-25|2014-06-17|Wms Gaming, Inc.|Authentication using multi-layered graphical passwords|

US8510820B2|2010-12-02|2013-08-13|Duo Security, Inc.|System and method for embedded authentication|

US9135426B2|2010-12-16|2015-09-15|Blackberry Limited|Password entry using moving images|

US8953796B2|2011-06-29|2015-02-10|International Business Machines Corporation|Techniques for accessing features of a hardware adapter|

US8949974B2|2012-05-11|2015-02-03|Tyfone, Inc.|Mobile device with password protected desktop screen|

US8959359B2|2012-07-11|2015-02-17|Daon Holdings Limited|Methods and systems for improving the security of secret authentication data during authentication transactions|

US10270748B2|2013-03-22|2019-04-23|Nok Nok Labs, Inc.|Advanced authentication techniques and applications|

US9357388B2|2014-05-27|2016-05-31|Lenovo Pte. Ltd.|Symbol selection for swipe based authentication|

法律状态:

优先权:

申请号 | 申请日 | 专利标题

SE1451162A|SE538349C3|2014-09-30|2014-09-30|Method for authentication using an electronic device|SE1451162A| SE538349C3|2014-09-30|2014-09-30|Method for authentication using an electronic device|

PCT/SE2015/051033| WO2016053175A1|2014-09-30|2015-09-29|Method for authentication using an electronic device|

US15/515,932| US10454684B2|2014-09-30|2015-09-29|Method for authentication using an electronic device|

EP15846635.9A| EP3201814B1|2014-09-30|2015-09-29|Method for authentication using an electronic device|

[返回顶部]