A method is described for the identification of a party authorised to have the benefit of a service delivered by a provider party via a telematics network, in which the provider party and each user party are connected to the network by means of a respective electronic communications and processing system (S, C), and the provider party requests a temporary password (PWD) identifying the user party to allow access to the services delivered. The method is characterised in that it involves autonomous execution of a procedure for calculating the password (PWD) in the processing systems (S, C) of both parties on the basis or predetermined algorithms, the above-mentioned calcultaing procedure comprising the operations of: generating a first string of characters (N30) by means of a first pre-established algorithm (ALGN30), on the basis of a random number (RND) and a hidden dynamic variable (n; p) not transmitted over the network, but obtained by the processing systems (S, C) independently; extracting a second string of characters (N3), a subset of the first string (N30), by means of a second preestablished algorithm (ALGN3), as a function of the hidden dynamic variable (n; p) and of said random number (RND); ; and generating the temporary password (PWD) by means of a third pre-established algorithm (ALGPWD), on the basis of the above-mentioned second string of characters (N3). The authorsed party is identified as a result of the comparison between the password (PWD) calculated by the processing system (S) of the provider party and that calculated by the processing system (C) of the user party, whereby access to the service is permitted if this comparison gives a positive result and otherwise is denied. The password thus obtained may also be used as a single-use key in a system for encrypting all the information exchanged between the authorised user party and the service provider party.
A method and system for identifying an authorized individual by means of unpredictable single-use passwords. Procedimento e sistema per l’identificazione di un soggetto autorizzato in una rete di comunicazione, per mezzo di parole d’ordine monouso non prevedibili
POLICHETTI, Massimiliano;BLASONE, MASSIMO
2003-01-01
Abstract
A method is described for the identification of a party authorised to have the benefit of a service delivered by a provider party via a telematics network, in which the provider party and each user party are connected to the network by means of a respective electronic communications and processing system (S, C), and the provider party requests a temporary password (PWD) identifying the user party to allow access to the services delivered. The method is characterised in that it involves autonomous execution of a procedure for calculating the password (PWD) in the processing systems (S, C) of both parties on the basis or predetermined algorithms, the above-mentioned calcultaing procedure comprising the operations of: generating a first string of characters (N30) by means of a first pre-established algorithm (ALGN30), on the basis of a random number (RND) and a hidden dynamic variable (n; p) not transmitted over the network, but obtained by the processing systems (S, C) independently; extracting a second string of characters (N3), a subset of the first string (N30), by means of a second preestablished algorithm (ALGN3), as a function of the hidden dynamic variable (n; p) and of said random number (RND); ; and generating the temporary password (PWD) by means of a third pre-established algorithm (ALGPWD), on the basis of the above-mentioned second string of characters (N3). The authorsed party is identified as a result of the comparison between the password (PWD) calculated by the processing system (S) of the provider party and that calculated by the processing system (C) of the user party, whereby access to the service is permitted if this comparison gives a positive result and otherwise is denied. The password thus obtained may also be used as a single-use key in a system for encrypting all the information exchanged between the authorised user party and the service provider party.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
