WO2016030874A1 - Bidirectional password verification - Google Patents

Bidirectional password verification Download PDF

Info

Publication number
WO2016030874A1
WO2016030874A1 PCT/IL2015/050709 IL2015050709W WO2016030874A1 WO 2016030874 A1 WO2016030874 A1 WO 2016030874A1 IL 2015050709 W IL2015050709 W IL 2015050709W WO 2016030874 A1 WO2016030874 A1 WO 2016030874A1
Authority
WO
WIPO (PCT)
Prior art keywords
user
subsequence
authentication
authentication sequence
sequence
Prior art date
Application number
PCT/IL2015/050709
Other languages
French (fr)
Inventor
Avinoam SAPIR SINWANI
Alon Nisim RONEN
Original Assignee
Kmky Ltd.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Kmky Ltd. filed Critical Kmky Ltd.
Publication of WO2016030874A1 publication Critical patent/WO2016030874A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication
    • GPHYSICS
    • G09EDUCATION; CRYPTOGRAPHY; DISPLAY; ADVERTISING; SEALS
    • G09CCIPHERING OR DECIPHERING APPARATUS FOR CRYPTOGRAPHIC OR OTHER PURPOSES INVOLVING THE NEED FOR SECRECY
    • G09C5/00Ciphering apparatus or methods not provided for in the preceding groups, e.g. involving the concealment or deformation of graphic data such as designs, written or printed messages

Definitions

  • the present invention in some embodiments thereof, relates to user authentication and, more specifically, but not exclusively, to bidirectional authentication between a user and a computerized system.
  • phishing systems attempt to acquire a user's login data, such as a username and password, by a phishing system masquerading as a legitimate web site.
  • a phishing system attempts to acquire a username and password by copying the look and feel of a legitimate web site, application, computerized system, and the like.
  • a phishing system masquerades as a legitimate web sites, a social media web site, a electronic mail (email) web site, a online auction web site, a banking web site, an online payment processing web site, and the like.
  • the user may be directed to the phishing system by an electronic communication, such as an email and/or message, presented as a legitimate message from an information technology administrator, the legitimate web site, and the like.
  • an email pretending to be from a banking web site asks the user to click on a link directing the user to the phishing system.
  • the web site system searches a database for that username and loads the user authentication data to match the authentication sequence entered by the user with the database authentication sequence.
  • the web site system authenticates the user according to this match.
  • the login procedures may vary and may have additional functionality, but the basic principle and limitations are common to most login procedures.
  • the term authentication sequence means a sequence of characters, graphic elements, motion elements, audible elements, or the like that are used to authenticate a user requesting access to a computerized system.
  • a password is an authentication sequence.
  • a finger swipe sequence is an authentication sequence.
  • a sequence of tones is an authentication sequence.
  • a phishing web site masquerading as the legitimate web site receives the username and authentication sequence, and stores the stolen data to access the user's accounts on one or more legitimate web sites.
  • the user may be presented a common error message or redirected to the legitimate web site.
  • a method for bidirectional authentication between a user and a system comprises an action of identifying, by a system, an authentication sequence associated with a user of a client terminal, where the authentication sequence comprises two or more sequence elements.
  • the method comprises an action of receiving a first input from a user interface of the client terminal.
  • the method comprises an action of forwarding for presentation by the client terminal a second subsequence of the authentication sequence when a first match between the first input and a first subsequence of the authentication sequence is identified.
  • the second subsequence is consecutive to the first subsequence in the authentication sequence and the presentation authenticates the legitimacy of the system to the user.
  • the method comprises an action of authenticating the user when a second match between a second input from the user interface and a third subsequence of the authentication sequence is identified, where the presentation and the authentication are a bidirectional authentication between the user and the system.
  • the first input is entered, the second subsequence is presented, and the second input is entered in a single field of the user interface.
  • the second subsequence is a fake second subsequence.
  • the authentication sequence is a member from a group consisting of a password, a passcode, a passkey, an encrypted password, a password-authenticated key, a balanced password-authenticated key, and an augmented password-authenticated key.
  • the authentication sequence comprises two or more data elements, and the data elements are members of a group consisting of letters, numbers, alphanumeric characters, symbol characters, computer printable character codes, digital images, graphic characters, angled lines, graphic shapes, user gestures, hand signals, hand gestures, and audible tones.
  • the second subsequence is one or more sequence elements of the authentication sequence.
  • the authentication sequence is partitioned by a combinatorial analysis of the sequence elements to generate the first, second and third subsequences.
  • the combinatorial analysis determines that the first subsequence is two or more sequence elements of the authentication sequence.
  • the combinatorial analysis determines that the first subsequence comprises between two and four elements of the sequence elements of the authentication sequence.
  • the method further comprises receiving a user awareness indicator from a client terminal after the forwarding, where the user awareness indicator is generated from a user awareness input in response to the presentation and a user perceiving the presentation.
  • any of the second subsequence is presented in a multiple-choice field of the user interface.
  • the multiple-choice field comprises two or more alternative sequences and a graphical element indicating a direction to one of the alternative sequences.
  • a user selection is received from the client terminal identifying one of the alternative sequences in the multiple-choice field, and matching between the user selection and the one of the alternative sequences is the user awareness indicator.
  • a mismatching between the user selection and the one of the alternative sequences is a phishing system indicator.
  • the second subsequence is presented by the client terminal comprising a visual modification on the user interface, where a user visual correction is received from the client terminal, and matching between the user visual correction and the visual modification is the user awareness indicator.
  • a mismatching between the user visual correction and the visual modification is a phishing system indicator.
  • the second subsequence is contained in the second input.
  • the third subsequence is consecutive to the second subsequence in the authentication sequence.
  • the second subsequence is encrypted prior to forwarding for presentation by the client terminal and decrypted by the client terminal before presentation.
  • the method further comprises one or more intermediate inputs prior to the second input.
  • Each of the one or more intermediate inputs is matched to respective one or more intermediate subsequences and a respective one or more second intermediate subsequence is forwarded to the client terminal for presentation to the user.
  • Each of the one or more intermediate subsequences and one or more second intermediate subsequences are consecutive in the authentication sequence according to a temporal ordering of user inputs.
  • a method for bidirectional authentication between a user and a system comprises an action of identifying, by a system, an authentication sequence associated with a user of a client terminal.
  • the method comprises an action of forwarding for presentation by the client terminal a first subsequence of the authentication sequence.
  • the presentation authenticates the identity of the system to the user.
  • the method comprises an action of receiving a first input from a user interface of the client terminal.
  • the method comprises an action of authenticating the user when a match between the first input from the user interface and a second subsequence of the authentication sequence is identified.
  • the presentation and the authentication are a bidirectional authentication between the user and the system.
  • the method further comprises forwarding for presentation by the client terminal a third subsequence, receiving a second input from a user interface of the client terminal, and confirming an authentication of the user when a match between the second input and a fourth subsequence of the authentication sequence is identified.
  • a non-transitory computer readable medium with an executable program stored thereon for bidirectional authentication between a user and a system.
  • the executable program instructs a processing device of the system to identify an authentication sequence associated with a user of a client terminal.
  • the executable program instructs a processing device to receive a first input from a user interface of the client terminal.
  • the executable program instructs a processing device to forward for presentation by the client terminal a second subsequence of the authentication sequence when a first match between the first input and a first subsequence of the authentication sequence is identified.
  • the second subsequence is consecutive to the first subsequence in the authentication sequence.
  • the presentation authenticates the identity of the system to the user.
  • the executable program instructs a processing device to authenticate the user when a second match between a second input from the user interface and a third subsequence of the authentication sequence is identified.
  • the presentation and the authentication are a bidirectional authentication between the user and the system.
  • a system for bidirectional authentication between a user and the system comprises a network interface for receiving input from a client terminal and forwarding output to a client terminal for presentation to a user.
  • the system comprises a processor adapted to perform the action of identifying an authentication sequence associated with the user of the client terminal.
  • the processor is adapted to perform the action of receiving a first input from a user interface of the client terminal.
  • the processor is adapted to perform the action of forwarding for presentation by the client terminal a second subsequence of the authentication sequence when a first match between the first input and a first subsequence of the authentication sequence is identified.
  • the second subsequence is consecutive to the first subsequence in the authentication sequence.
  • the presentation authenticates the identity of the system to the user.
  • the processor is adapted to perform the action of authenticating the user when a second match between a second input from the user interface and a third subsequence of the authentication sequence is identified.
  • the presenting and the authenticating are a bidirectional authentication between the user and the system.
  • a method of generating two or more subsequences from a single authentication sequence for bidirectional authentication between a user and a system comprises an action of receiving a single authentication sequence.
  • the method comprises an action of partitioning the single authentication sequence into two or more subsequence sets, each of the subsequence sets comprising two or more consecutive subsequences of the single authentication sequence.
  • the method comprises an action of computing a predictability value for each of the subsequence sets.
  • the method comprises an action of selecting one of the subsequence sets.
  • the selected set has a predictability value matches a required threshold criterion.
  • the selected set is used for bidirectional authentication between a user and a system.
  • the single authentication sequence comprises two or more sequence elements.
  • Each sequence element comprising an element type and the predictability value is a combinatorial analysis of respective the consecutive subsequences in each set computed using respective the element types.
  • the predictability value is a linguistic analysis of respective the consecutive subsequences in each set.
  • the single authentication sequence comprises two or more sequence elements, and the predictability value is a personal data analysis of respective user.
  • Implementation of the method and/or system of embodiments of the invention may involve performing or completing selected tasks manually, automatically, or a combination thereof.
  • several selected tasks could be implemented by hardware, by software or by firmware or by a combination thereof using an operating system.
  • hardware for performing selected tasks according to embodiments of the invention could be implemented as a chip or a circuit.
  • selected tasks according to embodiments of the invention could be implemented as a plurality of software instructions being executed by a computer using any suitable operating system.
  • one or more tasks according to exemplary embodiments of method and/or system as described herein are performed by a data processor, such as a computing platform for executing a plurality of instructions.
  • the data processor includes a volatile memory for storing instructions and/or data and/or a non- volatile storage, for example, a magnetic hard-disk and/or removable media, for storing instructions and/or data.
  • a network connection is provided as well.
  • a display and/or a user input device such as a keyboard or mouse are optionally provided as well.
  • FIG. 1 is a system for managing bidirectional authentication based on a single authentication sequence, according to some embodiments of the invention
  • FIG. 2A is a flowchart of a method for bidirectional authentication using a single authentication sequence, according to some embodiments of the invention.
  • FIG. 2B is a flowchart of a method for determining a first subsequence length in bidirectional authentication using a single authentication sequence, according to some embodiments of the invention
  • FIG. 3A is a flowchart of a method for a subsequence presentation of a single authentication sequence to a user interface using a single entry field, according to some embodiments of the invention
  • FIG. 3B is a schematic illustration of a user interface for presenting a subsequence in the flowchart of FIG. 3A, according to some embodiments of the invention
  • FIG. 4A is a flowchart of a method for a subsequence presentation of a single authentication sequence to a user interface using a visual modification, according to some embodiments of the invention
  • FIG. 4B is a schematic illustration of a user interface for presenting a subsequence in the flowchart of FIG. 4A, according to some embodiments of the invention.
  • FIG. 5A is a flowchart of a method for a subsequence presentation of a single authentication sequence to a user interface using a multiple choice field, according to some embodiments of the invention
  • FIG. 5B is a schematic illustration of a user interface for presenting a subsequence in the flowchart of FIG. 5A, according to some embodiments of the invention.
  • FIG. 6 is a flowchart of a method to for bidirectional authentication using a single authentication sequence starting with forwarding a first subsequence, according to some embodiments of the invention.
  • phishing web site or application may look and behave identically to the legitimate web site or application. Even when the look and feel of the web site or application is not identical, the user may not notice the differences and the user identity may be stolen by the phishing system.
  • bidirectional authentication means the authentication of a user to a system, such as a user authentication, and the system to the user, such as a reverse authentication.
  • bidirectional authentication means a mutual authentication, two-way authentication, and/or the like.
  • the system forwards part of the single authentication sequence, such as a subsequence, to a client terminal to present to the user, the user receives a reverse authentication that the system is legitimate.
  • bidirectional authentication is established between the user and the system. For example, a user enters a first subsequence of the authentication sequence, the system forwards a second subsequence to the client terminal to present on a user interface, and the user enters a third subsequence that completes the authentication sequence. For example, a system enters a first subsequence of the authentication sequence to provide reverse authentication from the system to the user, and the user completes the authentication sequence to achieve bidirectional authentication.
  • Bidirectional authentication may prevent a user from revealing the full authentication sequence to a phishing system, and may prevent a phishing system from determining the password by smart guessing, brute force guessing, and the like.
  • the process of performing the bidirectional authentication includes many additions and alternatives that may be implemented in selected embodiments according to anti-phishing security level requirements.
  • the type of sequence elements such as numerical characters, alphanumerical characters, symbol characters, and the like, and the location of each type of sequence element, such as the second element being a numerical element, and the like, may affect the anti-phishing security.
  • a system may require the user to perform an action and/or enter an input to confirm the user awareness of the system legitimacy, to create a user habit of confirming the reverse authentication, and the like, to increase the level of anti-phishing security.
  • the system may send a fake second subsequence to prevent revealing the second subsequence to a phishing system, thereby increasing the level of anti-phishing security.
  • the system forwards a fake response for presentation, such as a random subsequence, a constant fake subsequence different from the true subsequence, and the like. In such a manner, the exposure of sensitive information is avoided and phishing systems that try to acquire data by iterative submission of subsequences are blocked.
  • the first, second and third subsequences are presented and/or entered in a single field of the user interface of the client terminal.
  • the user enters the first subsequence of the authentication sequence in a single password field of the user interface.
  • the system may forward a second subsequence of the authentication sequence to the client terminal for presentation on the single password field of the user interface.
  • the user may enter the third subsequence of the authentication sequence in the single password field.
  • the second subsequence verifies the site legitimacy to the user before the third subsequence is entered.
  • the second subsequence makes the user that the site is legitimate and not a phishing site.
  • the legitimate site receives an awareness indicator from the user, such as an input from the user that acknowledges the user receiving and/or viewing the second subsequence.
  • the awareness indicator causes the user to acquire the habit of the process of mutual identification.
  • the awareness indicator requires the user to stop after the first subsequence in anticipation of the legitimate site identification using the second subsequence, and then the user enters the awareness indicator.
  • the user may type the complete authentication sequence, such as a password, in the first user input on a phishing site.
  • the second subsequence is a single-element data of the authentication sequence.
  • the authentication sequence is a password of alphanumeric characters
  • the second subsequence is the fourth alphabetic character.
  • the second subsequence of the authentication sequence is presented to the user, such as to verify the site legitimacy, with a visual modification and the user corrects the visual modification prior to entering the third subsequence of the authentication sequence, thus the visual correction is a confirmation of the reverse authentication.
  • the second subsequence of the authentication sequence is presented with a rotational modification, such as a character presented with a 90-degree clockwise rotation and the user presses the arrow keys to correct the rotation.
  • a rotational modification such as a character presented with a 90-degree clockwise rotation and the user presses the arrow keys to correct the rotation.
  • the second subsequence of the authentication sequence is presented as part of a multiple-choice field, and the user is required to enter a new data element prior to entering the third subsequence of the authentication sequence, thus confirming the reverse authentication.
  • the benefits of embodiments of the invention include prevention of a phishing system from stealing an authentication sequence.
  • a phishing system may not be able to forward for presentation on the client terminal the first or second subsequence of the authentication sequence as the phishing system lacks the authentication sequence needed for extracting the subsequence.
  • the user may abort the login process upon failure to receive the correct subsequence prior to disclosure of the authentication sequence.
  • embodiments of the invention are to utilize an existing single authentication sequence in a novel way to achieve extra authentication functionality without compromising security. Furthermore, no effort is required from the user to start using embodiments of the invention. For example, Google, Facebook, Paypal, Ebay, and the like may adopt the anti-phishing login embodiments of the invention for all its users by incorporating an embodiment of this invention on their servers without any special effort or action taken by the users.
  • the generating subsequences from a single existing authentication sequence for bidirectional authentication, and the legitimate site approving or rejecting all the subsequences as a whole, such as a fake second subsequence response allows present authentication systems to upgrade easily to bidirectional authentication.
  • the system uses existing passwords and no user involvement and/or effort is required in the upgrade process, without compromising the security of using the current password as a whole.
  • the bidirectional authentication using a single authentication sequence provides the user with a way to authenticate the login system identity prior to the disclosure of sensitive information optionally without using additional information, images, hardware, codes, cookies, and the like.
  • the bidirectional authentication is performed using a username and user password.
  • the present invention may be a system, a method, and/or a computer program product.
  • the computer program product may include a computer readable storage medium (or media) having computer readable program instructions thereon for causing a processor to carry out aspects of the present invention.
  • the computer readable storage medium can be a tangible device that can retain and store instructions for use by an instruction execution device.
  • the computer readable storage medium may be, for example, but is not limited to, an electronic storage device, a magnetic storage device, an optical storage device, an electromagnetic storage device, a semiconductor storage device, or any suitable combination of the foregoing.
  • a non- exhaustive list of more specific examples of the computer readable storage medium includes the following: a portable computer diskette, a hard disk, a random access memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or Flash memory), a static random access memory (SRAM), a portable compact disc read-only memory (CD-ROM), a digital versatile disk (DVD), a memory stick, a floppy disk, a mechanically encoded device such as punch-cards or raised structures in a groove having instructions recorded thereon, and any suitable combination of the foregoing.
  • RAM random access memory
  • ROM read-only memory
  • EPROM or Flash memory erasable programmable read-only memory
  • SRAM static random access memory
  • CD-ROM compact disc read-only memory
  • DVD digital versatile disk
  • memory stick a floppy disk
  • mechanically encoded device such as punch-cards or raised structures in a groove having instructions recorded thereon
  • a computer readable storage medium is not to be construed as being transitory signals per se, such as radio waves or other freely propagating electromagnetic waves, electromagnetic waves propagating through a waveguide or other transmission media (e.g., light pulses passing through a fiber-optic cable), or electrical signals transmitted through a wire.
  • Computer readable program instructions described herein can be downloaded to respective computing/processing devices from a computer readable storage medium or to an external computer or external storage device via a network, for example, the Internet, a local area network, a wide area network and/or a wireless network.
  • the network may comprise copper transmission cables, optical transmission fibers, wireless transmission, routers, firewalls, switches, gateway computers, and/or edge servers.
  • a network adapter card or network interface in each computing/processing device receives computer readable program instructions from the network and forwards the computer readable program instructions for storage in a computer readable storage medium within the respective computing/processing device.
  • Computer readable program instructions for carrying out operations of the present invention may be assembler instructions, instruction- set- architecture (ISA) instructions, machine instructions, machine dependent instructions, microcode, firmware instructions, state-setting data, or either source code or object code written in any combination of one or more programming languages, including an object oriented programming language such as Smalltalk, C++ or the like, and conventional procedural programming languages, such as the "C" programming language or similar programming languages.
  • the computer readable program instructions may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on the remote computer or server.
  • the remote computer may be connected to the user's computer through any type of network, including a local area network (LAN) or a wide area network (WAN), or the connection may be made to an external computer (for example, through the Internet using an Internet Service Provider).
  • electronic circuitry including, for example, programmable logic circuitry, field-programmable gate arrays (FPGA), or programmable logic arrays (PLA) may execute the computer readable program instructions by utilizing state information of the computer readable program instructions to personalize the electronic circuitry, in order to perform aspects of the present invention.
  • These computer readable program instructions may be provided to a processor of a general purpose computer, special purpose computer, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions/acts specified in the flowchart and/or block diagram block or blocks.
  • These computer readable program instructions may also be stored in a computer readable storage medium that can direct a computer, a programmable data processing apparatus, and/or other devices to function in a particular manner, such that the computer readable storage medium having instructions stored therein comprises an article of manufacture including instructions which implement aspects of the function/act specified in the flowchart and/or block diagram block or blocks.
  • the computer readable program instructions may also be loaded onto a computer, other programmable data processing apparatus, or other device to cause a series of operational steps to be performed on the computer, other programmable apparatus or other device to produce a computer implemented process, such that the instructions which execute on the computer, other programmable apparatus, or other device implement the functions/acts specified in the flowchart and/or block diagram block or blocks.
  • each block in the flowchart or block diagrams may represent a module, segment, or portion of instructions, which comprises one or more executable instructions for implementing the specified logical function(s).
  • the functions noted in the block may occur out of the order noted in the figures.
  • two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved.
  • each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration can be implemented by special purpose hardware-based systems that perform the specified functions or acts or carry out combinations of special purpose hardware and computer instructions.
  • the computerized system 100 comprises a network interface 112 for communication with a client terminal 110 operated by a user 120 to receive one or more user inputs on a user interface 111.
  • the network interface 112 is used to forward for presentation by a client terminal 110 one or more subsequences of an authentication sequence on a user interface 111.
  • the computerized system 100 comprises a processor 102 for execution of one or more software modules 103 and 104 for bidirectional authentication.
  • the computerized system 100 comprises an authentication sequence module 103 that identifies an authentication sequence associated with a user 120 of a client terminal 110, such as using a username of a user.
  • the authentication sequence module 103 receives a first input from a user interface 111 of the client terminal 110 and compares the first input with a first subsequence of the authentication sequence. When the authentication sequence module 103 identifies a match between the first input and the first subsequence, the authentication sequence module 103 forwards to the client terminal 110 a second subsequence of the authentication sequence for presentation on the user interface 111.
  • the authentication sequence is two or more characters, and the second subsequence is the next character that the user 120 is about to input.
  • the presentation of the second subsequence of the single authentication sequence confirms to the user 120 that the system 100 is legitimate, and provides to the user 120 a reverse authentication that the system 100 is not a phishing system.
  • the computerized system 100 comprises a bidirectional authentication module 104 that receives a second input from the user interface 111 of the client terminal 110. When the bidirectional authentication module 104 identifies a second match between the second input and a third subsequence of the single authentication sequence, the user 120 is authenticated and allowed access to the system 100 operations.
  • FIG. 2A is a flowchart of a method to perform bidirectional authentication using a single authentication sequence, according to some embodiments of the invention.
  • a single authentication sequence is identified 201 by the authentication sequence module 103 from a username, user email address, and the like.
  • a single authentication sequence is retrieved by the authentication sequence module 103 from a repository, an encrypted local database, a password server, a login provider database, an authentication sequence subsystem, and the like.
  • a first input is received 202 by the authentication sequence module 103 from a user interface 111 of a client terminal 110.
  • the authentication sequence module 103 forwards 204 the second subsequence of the authentication sequence to the client terminal 110 for presentation on a user interface 111.
  • the bidirectional authentication module 104 receives 205 the second input 315 using the user interface 111, a second match 206 is performed with a third subsequence 315 of the single authentication sequence.
  • the bidirectional authentication module 104 authenticates 207 the user to the system 100.
  • the bidirectional authentication module 104 sends a notification to the client device 110 to clear the user interface 111 fields and returns to the step of identifying 201 an authentication sequence.
  • the authentication sequence module 103 forwards the second subsequence to the client terminal 110 together with processor instructions for the client terminal 110 to present the second subsequence and, further optionally, wait for a user awareness indication.
  • processor instructions for the client terminal 110 forwarded 204 to the client terminal 110 as processor instruction together with the second subsequence.
  • An aspect of embodiments of the present invention is the partitioning of the single authentication sequence to generate multiple subsequences, and the options and alternatives for this aspect are described prior to describing the multiple options for presenting the second subsequence.
  • the system 100 partitions the single authentication sequence into two or more consecutive subsequences to assess the anti-phishing security level of the single authentication sequence.
  • the partitioning may be performed with many alternative subsequences, and each alternative may be considered a subsequence sets.
  • a predictability value is computed and compared between the sets and/or to a required threshold criterion to select one or more optimal subsequences meeting the security requirements.
  • the selected set is then used for bidirectional authentication between a user 120 and the computerized system 100.
  • the selected set determines the number of sequence elements of the first subsequence, second subsequence, third subsequences, and the like. For example, if the single authentication sequence is partitioned into five subsequences, the selected set may determine the number of sequence elements in each subsequence.
  • the user 120 chooses the selected subsequence set. For example, when two or more of the sets meet the criteria.
  • the user 120 selectively modifies one or more of the sequence elements of authentication sequence to meet the criteria and/or increase the level of security.
  • the predictability value of each set is a measure of the security level, and may be computed based on analysis of the sequence elements by the system 100.
  • the combinations of element types in each subsequence are used to compute a predictability value from guessing one or more subsequences. Examples of combinatorial analyses are described hereinbelow.
  • a lexical and/or linguistic analysis determines when the single authentication sequence and/or any subsequences may be used by a phishing system to smart guess any of the sequence elements. For example, when the single authentication sequence contains the word "love” it may be easy to guess that the letter "e” comes after the subsequence "/ov".
  • an analysis of a user's personal information analysis may determine the predictability value of a subsequence and/or sequence element. For example, if the single authentication sequence contains the first name of the user, such as the name i davi it may be easy to guess that the letter "d” comes after the subsequence "davi". For example, if the single authentication sequence contains the birth year of the user, such as the name "1980", it may be easy to guess that the number "0" comes after the subsequence "198".
  • the data elements of the first subsequence of the authentication sequence are entered by the user 120 to the user interface 111, the authentication sequence module 103 computes the length of the first input to receive before matching to a first subsequence of the authentication sequence.
  • the length of the first input to receive is computed when the password is initially entered by the user.
  • the length of the first input to receive is computed before the user is identified, such as when the password is first entered during a registration process.
  • the number of data elements in the first subsequence is two or more data elements to confirm the identity of a user by the authentication sequence module 103 before presenting the second subsequence of the authentication sequence.
  • the system 100 may check the password for a high security password transition between the first and second subsequences.
  • the password has a low security transition
  • the user may be sent a warning to assist the user in modifying the password to improve the anti-phishing security.
  • an existing user password may be used, and the transition between the first and second subsequences is selected by the system 100 as using an algorithm that optimizes the anti-phishing security.
  • the system 100 notifies the user of a low anti-phishing security password, such as below a threshold, not containing suitable characters, suitable characters not at the correct location, and the like.
  • a low anti-phishing security password such as below a threshold, not containing suitable characters, suitable characters not at the correct location, and the like.
  • the user may be requested to change the password to increase the anti- phishing security level.
  • the choice of password elements and determination of the transition between the first and second subsequences has a strong effect on the anti-phishing security level.
  • the first subsequence of the authentication sequence is as short as possible.
  • the first subsequence is short to prevent a phishing system from determining the second subsequence of the authentication sequence and thus increasing authentication security.
  • the first subsequence is 2 to 4 elements long so as not to reveal enough of the authentication password to the phishing site to allow the phishing site to use brute force, guessing, dictionary lookup, and the like, to determine the second subsequence.
  • the user may notice the missing or incorrect second subsequence before the user enters enough of the password to allow the phishing site to determine additional elements of the authentication sequence.
  • the first subsequence is long to prevent a brute force guessing of the second part by a phishing site.
  • the first subsequence of the authentication sequence is long enough for the authentication sequence module 103 to confirm the user's identity prior to presenting the second subsequence of the authentication sequence.
  • a first subsequence of the authentication sequence when the authentication sequence is an alphanumeric password, a first subsequence of the authentication sequence, comprising two characters, results in 3,844 combinations of mixed alphanumeric letters and numbers, or 9,025 combinations when special characters are included.
  • a three characters length for the first subsequence of the authentication sequence gives 238,328 combinations of mixed letters and numbers and 857,375 combinations when special characters are included. Therefore, a first subsequence of the authentication sequence containing between two to six elements have enough combinations for identifying a user by the authentication sequence module 103.
  • a first subsequence of the authentication sequence contains between two and four elements of an eight-element password, leaving enough characters in the third subsequence to prevent guessing the password.
  • no feedback is given to differentiate a correct first input from an erroneous first input, such as a fake second subsequence when the first input does not match the first subsequence.
  • giving the correct second subsequence after receiving an erroneous first subsequence may let a phishing site learn the second subsequence.
  • giving a fake second subsequence after receiving an erroneous first subsequence may prevent a phishing site from learning the second subsequence.
  • the phishing site may not know which element of the authentication sequence and/or process is incorrect.
  • the fake subsequence increases the anti-phishing security and reduces the effectiveness of phishing attacks after the first, more vulnerable, subsequence is compromised. For example, approving or rejecting the authentication sequence as a whole maintains the same authentication security as the original authentication method while adding anti- phishing security.
  • approving or rejecting the authentication sequence as a whole maintains the same authentication security as the original authentication method while adding anti- phishing security.
  • FIG. 2B is a flowchart of a method for determining a first subsequence length in bidirectional authentication using a single authentication sequence, according to some embodiments of the invention.
  • the password is separated into the individual data elements, denoted here as PI for the first data element thru P8 for the eight data element.
  • P2 is not an alphabetic character, such as a numerical character
  • P3 is an alphabetic character 221
  • the length, denoted n of the first subsequence is set 231 to 2.
  • P4 is an alphabetic character 222
  • the length of the first subsequence is set 232 to 3.
  • the length of the first subsequence is set 233 to 2.
  • P4 is an alphabetic character 224 the length of the first subsequence is set 234 to 3.
  • the length of the first subsequence is set 235 to 2.
  • the first element of the second subsequence of the authentication sequence is an element with greater than 10 different possibilities to reduce the risk of a phishing system from guessing or smart guessing the second subsequence of the single authentication sequence forwarded by the authentication sequence module 103.
  • a first data element of a second subsequence of the authentication sequence is an alphabetic character, greatly reducing the possibility to guess the first data element of the second subsequence of the authentication sequence based on the characters of the first subsequence of the authentication sequence.
  • a first data element of a second subsequence of the authentication sequence is a non-numeric character, to avoid a 1 in 10 chance of a phishing system guessing the second subsequence of the authentication sequence.
  • the first data element of a second subsequence of the authentication sequence is symbol.
  • an alternative second subsequence is selected by the authentication sequence module 103 and/or a user 120 to perform the reverse authentication.
  • an authentication sequence comprises numerical characters and an alphabetic character is selected by a user 120 as a new second sequence for reverse authentication.
  • an alternative second sequence for reverse authentication is used when the authentication sequence is short, such as less than four data elements, is a poor anti phishing password, such as according to a system 100 policy, and the like.
  • different methods for presenting the second subsequence may be selected based on anti-phishing security requirements and/or system 100 policy.
  • the different methods of authentication may offer tradeoffs between verifying user attention and user effort.
  • the user may have the habit of entering the complete password without noticing when the web page belongs to a phishing system of the legitimate system 100. This may result in a low level of security in preventing password theft, and therefore not allowable according the system 100 policy.
  • a second subsequence may be presented on the graphical display of the user's client terminal 110 as an overlay on the single password entry field, not requiring a user to acknowledge their awareness of the second subsequence.
  • This example may allow a phishing site to gain the full password when the user is not in the habit of noticing the presentation of the second subsequence.
  • the user is required to perform an action on the graphical user interface to confirm to the system 100 that the user is aware of the presentation of the second subsequence and that the system is the legitimate server system 100.
  • a user is required to click on dialog box button to acknowledge their awareness of the legitimacy of the server system 100.
  • the user is required to make a choice between multiple options to select the correct second subsequence.
  • the user is required to slide a graphical tracker to align two halves of the same image showing the second subsequence.
  • the user is required to input the second subsequence shown in a distorted raster image, and the like.
  • the client terminal 110 is required to decode an encrypted second subsequence, wherein a phishing site may not have the decryption code.
  • the degree of user awareness and confirmation of the user awareness to the presentation of the second subsequence may vary between no awareness, such as when no response from the user is required, and full confirmation of the user awareness, such as a pause in the authentication process until the user has confirmed their awareness.
  • the authentication sequence module 103 pauses the login process until the user sends an awareness indicator, such as a user input confirming that the user acknowledges the reverse authentication.
  • the authentication sequence module 103 pausing at the same spot in the password sequence and waiting for a user input showing an awareness indicator causes a habit and/or tendency of the user to expect and/or acknowledge the second subsequence, and thus the mutual identification and/or authentication.
  • the user may notice the absence of the presentation of the second subsequence or the presentation of an incorrect second subsequence and leave the phishing site before entering the second subsequence.
  • the actions of pausing, getting feedback, and the like may create a habit and/or tendency of user to confirm the legitimacy of the server, optionally always at the same point in the password sequence, to prevent the user from missing the implication that the user is entering their password on a phishing site.
  • FIG. 3 A and 3B is a flowchart of a method and a schematic illustration of a user interface, respectively, to perform a subsequence presentation to a user interface using a single entry field, according to some embodiments of the invention.
  • This example describes in detail an optionally method for presenting the second subsequence to the user 120 of a client terminal 110 without receiving an acknowledgement, indication and/or confirmation of the user awareness subsequent to the forwarding 204 described in FIG. 2A.
  • the client terminal 110 receives 301 the second subsequence of the authentication sequence from the authentication sequence module 103 and presents 302 the second subsequence to the user 120 in a single password field 312 of the user interface 111.
  • the user 120 enters a username in the username field 311 of a user interface 111 and a first input 313 of the authentication sequence in a password field 312 of the user interfacel l l, and the username and first input are sent to the authentication sequence module 103.
  • the second subsequence 314 of the authentication sequence is presented 302 as characters in the password field 312 of the user interfacel l l.
  • the second subsequence of the authentication sequence is presented with a visual enhancement, such as a in a bold font, highlighted, blinking, shadowed, and/or the like.
  • the client terminal 110 pauses 303, such as for one or more seconds.
  • Presenting 302 the second subsequence 314 of the authentication sequence to the user interface 111 gives the user 120 a way to verify that the system 100 knows the authentication sequence and is not a phishing site.
  • the bidirectional authentication module 104 proceeds with receiving 205 the second input 315 using the user interface 111 and single password field 312.
  • the login procedure presented here relies on the user's attention and there is no confirmation to the system 100 that the user 120 received the reverse authentication.
  • FIG. 4A and 4B is a flowchart of a method and a schematic illustration of a user interface, respectively, to perform a subsequence presentation to a user interface using a visual modification, according to some embodiments of the invention.
  • These examples describe details of optional methods for presenting the second subsequence to the user 120 of a client terminal 110 with receiving an acknowledgement, indication and/or confirmation of the user awareness subsequent to the forwarding 204 described in FIG. 2A.
  • the user awareness may vary to a lesser or greater amount, respectively, depending on the effort required by the user.
  • effort required by the user may include answering a security question.
  • the effort required by the user may vary from a single key press and/or mouse click, to a complex sequence of operations requiring decision making to confirm an indication of the awareness of the user to the legitimacy of the server.
  • a high security server such as a corporate bank account server, might require a very high level of legitimacy awareness and subsequent effort by the user to confirm, indicate, and/or acknowledge this legitimacy.
  • the client terminal 110 receives 401 the second subsequence of the authentication sequence from the authentication sequence module 103, performs 402 a visual modification of the second subsequence, and presents 402 the visually modified second subsequence to the user 120.
  • the user 120 enters a username in the username field 311 of a user interface 111, and a first input 313 in a password field 312 of the user interfacel l l.
  • the second subsequence of the authentication sequence is presented 402 with a visual modification 314A, such as a 90-degree counterclockwise rotation, in the password field 312 of the user interfacel l l.
  • the second subsequence of the authentication sequence is presented 402 with a visual modification 314B such as a 90-degree clockwise rotation.
  • the second subsequence of the authentication sequence is presented 402 with a visual modification 314C such as a 180-degree clockwise rotation.
  • the second subsequence of the authentication sequence is presented 402 with a visual modification 314D such as a 60-degree counterclockwise rotation.
  • the client terminal 110 pauses 403, such as for one or more seconds.
  • the client terminal 110 receives 405 a reverse modification as input from the user 120 and sends the reverse modification input to the authentication sequence module 103, such as a sequence of arrow keys that result in a correct 406 display of the second sequence of the authentication sequence.
  • the authentication sequence module 103 sends 407 a successful revere authentication notification to the bidirectional authentication module 104.
  • the authentication sequence module 103 sends 408 a failed reverse authentication alert to the bidirectional authentication module 104.
  • the bidirectional authentication module 104 proceeds with receiving 205 the second input 315 using the user interface 111.
  • a failed login notification is forwarded to the client terminal 110 by the authentication sequence module 103 for presentation on the user interface 111.
  • Presenting 302 the second subsequence 314 of the authentication sequence to the user interface 111 with a visual modification gives the user 120 a way to verify that the system 100 knows the authentication sequence and therefore is not a phishing site.
  • Receiving the reverse modification allows the authentication sequence module 103 to confirm the reverse authentication and thereby notify the system 100 accordingly.
  • This example embodiment requires additional effort by the user 120 to correct the visual modification but this example embodiment guaranties that the user 120 has noticed the visual modification 402 and provides a confirmation 407 of the reverse authentication.
  • FIG. 5A and 5B is a flowchart of a method and a schematic illustration of a user interface, respectively, to perform a subsequence presentation to a user interface using a multiple-choice field, according to some embodiments of the invention.
  • the client terminal 110 receives 501 the second subsequence of the authentication sequence from the authentication sequence module 103, generates 502 alternative sequences, and presents 502 the second subsequence and alternative sequences in a multiple choice field to the user 120.
  • the user 120 enters a username in the username field 311 of a user interface 111, and a first input 313 of the authentication sequence in a password field 312 of the user interfacel l l.
  • the second subsequence of the authentication sequence and alternative sequences 316A are presented 502, such as in a three by three multiple-choice field overlaid on the password field 312 of the user interface 111, with the second subsequence in the center and alternative sequences surrounding the center.
  • a graphical element such as a mark, a line, an arrow, a pointer, a highlighted alternative, and the like, is added 509 to indicate one of the alternative sequences.
  • the client terminal 110 pauses 504, such as for one or more seconds.
  • the client terminal 110 receives 505 the marked alternative sequence as input from the user 120, such as an alphanumeric character.
  • the client terminal 110 sends 507 a successful reverse authentication notification to the bidirectional authentication module 104.
  • the client terminal 110 sends 508 a failed reverse authentication alert to the bidirectional authentication module 104.
  • the bidirectional authentication module 104 proceeds with receiving 205 the second input (not shown) using the user interface 111.
  • a failed login notification is forwarded to the client terminal 110 by the authentication sequence module 103 for presentation on the user interface 111.
  • Presenting 503 the second subsequence 316 of the authentication sequence to the user interface 111 with a visual modification gives the user 120 a way to verify that the system 100 knows the authentication sequence and therefore is not a phishing site.
  • Receiving the reverse modification allows the client terminal 110 to confirm the reverse authentication and thereby notify the system 100 accordingly.
  • This example embodiment requires additional effort by the user 120 to input the marked alternative subsequence but this example embodiment guaranties that the user 120 has noticed the added 509 mark and provides a confirmation 507 of the reverse authentication.
  • the sending of a failed or successful reverse authentication is performed by the client terminal 110 to the bidirectional authentication module 104, such as using a javascript routine.
  • the sending of a failed or successful reverse authentication is performed by the authentication sequence module 103 to the bidirectional authentication module 104.
  • the second subsequence 314 of the authentication sequence is temporarily presented on the user interface 111, such as during an optional delay 303, and the second input to the user interface includes the second subsequence.
  • the second subsequence of the authentication sequence is presented for 2 seconds, disappears from the user interface, and the user inputs the second subsequence as part of the third subsequence.
  • the second subsequence 314 of the authentication sequence is permanently presented on the user interface 111, such as a server side input into the password field 312, and the second input to the user interface does not includes the second subsequence.
  • the second subsequence of the authentication sequence is inserted into the password field by instructions forwarded to the client terminal 110 from the authentication sequence module 103, and the user inputs the third subsequence starting from the first data element following the second subsequence.
  • a one or more intermediate input is received by the authentication sequence module 103 from the user following the presentation of the second subsequence of the authentication sequence.
  • an intermediate match is performed by the authentication sequence module 103 between each intermediate input and an intermediate subsequence of the authentication sequence.
  • a second intermediate subsequence of the authentication sequence is forwarded by the authentication sequence module 103 to the client terminal 110 for presentation on the user interface 111.
  • a fake second subsequence is forwarded by the authentication sequence module 103 to the client terminal 110 for presentation on the user interface 111.
  • the authentication sequence module 103 forwards a first subsequence of the authentication sequence to the client terminal 110 for presentation on the user interface 111 before a first input from a user 120.
  • This method has the disadvantage of presenting to a phishing site all or part of the first subsequence, but might be useful in some embodiments, such as when a site is prone to phishing attacks or the process has more than three subsequences and giving up the first character has little impact on the security.
  • FIG. 6, is a flowchart of a method to perform bidirectional authentication using a single authentication sequence starting with forwarding a first subsequence of the authentication sequence by the authentication sequence module 103, according to some embodiments of the invention.
  • the authentication sequence module 103 identifies 601 an authentication sequence, and forwards 602 a first subsequence of the authentication sequence to the client terminal 110 for presentation on the user interface 111.
  • the user 120 views the first subsequence of the authentication sequence on the user interface thereby receiving the reverse authentication that the system 100 is legitimate, and enters a first input on the user interface.
  • the first input is received 603 by the bidirectional authentication module 104, along with an optional confirmation of the reverse authentication according to embodiments described herein.
  • the bidirectional authentication module 104 matches 604 the first input to a second subsequence of the authentication sequence, and when correct authenticates 605 the user.
  • the second subsequence of the authentication sequence an instruction to clear the fields of the user interface 111 is sent to the client terminal 110 by the bidirectional authentication module 104 and the identification 601 of an authentication sequence is repeated.
  • the reverse authentication is performed after the user 120 is identified but before the first input is received 603 by the bidirectional authentication module 104.
  • the authentication sequence module 103 forwards 204B a fake second subsequence for presentation instead of the second subsequence.
  • a fake second subsequence prevents a brute force attack on a legitimate site by a phishing site to determine the second subsequence.
  • the authentication sequence module 103 and/or bidirectional authentication module 104 behave exactly as through the match was completed.
  • the authentication sequence module 103 forwards 204B a fake second subsequence, such as a random sequence, a constant fake sequence, and the like, instead of the second subsequence of the authentication sequence, thus preventing a phishing system from attacking the legitimate site and stealing the second subsequence.
  • the fake second subsequence prevents an attacker from determining which element of the first subsequence is incorrect, thus greatly reducing the effectiveness of the attack against the shorter and more vulnerable first subsequence.
  • approving or rejecting all the subsequences as a single authentication sequence maintains the same security as the original authentication method while adding anti-phishing security.
  • the data element forwarded 204B by the authentication sequence module 103 to perform the reverse authentication is not the second subsequence of the authentication sequence but a fake subsequence, such as a randomly selected alphanumeric character.
  • a fake subsequence such as a randomly selected alphanumeric character.
  • the bidirectional authentication module 104 when the first match 203 fails the second input is received 205B by the bidirectional authentication module 104 and subsequently sends 208 a failed login notification and/or alert to the authentication sequence module 103 and/or bidirectional authentication module 104, preventing a phishing system from verification of any part of the authentication sequence.
  • the server sends a fake second subsequence.
  • the authentication sequence is a password, a passcode, a passkey, an encrypted password, a password-authenticated key, a balanced password- authenticated key, an augmented password-authenticated key, and the like.
  • the authentication sequence and subsequences of the authentication sequence are encrypted before being transmitted between the system 100 and client terminal 110.
  • the authentication sequence is a passcode of numeric character such as "12345678".
  • the password protect and encryption key such as password-authenticated key, a balanced password-authenticated key, an augmented password-authenticated key, and the like.
  • the authentication sequence comprises a set of sequence elements such as letters, numbers, alphanumeric characters, symbol characters, computer printable character codes, graphic elements, user gestures, angled lines, graphic characters, hand signals, hand gestures, audible tones, and the like.
  • sequence elements such as letters, numbers, alphanumeric characters, symbol characters, computer printable character codes, graphic elements, user gestures, angled lines, graphic characters, hand signals, hand gestures, audible tones, and the like.
  • an authentication sequence is a character string of "qlw2e3r4", "! @#$% A &*", "asdfghj"
  • an authentication sequence is a sequence of graphic elements, such as swipes on a smartphone screen, and the second subsequence is a presentation of the next swipe in the sequence.
  • an authentication sequence is a sequence of graphic elements, such as angled lines.
  • an authentication sequence is a sequence of graphic elements, such as graphic shapes.
  • an authentication sequence is a sequence of hand gestures, such as used in sign language.
  • an authentication sequence is a sequence of user gestures, such as hand signals acquired using an image capturing device, and the second subsequence of the authentication sequence is a presentation of the next image in the sequence.
  • an authentication sequence of the authentication sequence is a sequence of audible tones and/or musical notes, and the second subsequence of the authentication sequence is a presentation of the next tone and/or note in the sequence using the audio output of the system 100.
  • Adopting embodiments of the present invention for anti-phishing login may develop, such as after a few logins, a habit of the user 120 to pause after entering the first part of the password to received the reverse authentication, as the second subsequence of the authentication sequence may be identical for a given authentication sequence.
  • the user 120 may positively identify the system 100 as legitimate by verification of the first character of the second subsequence of an alphanumeric password, which is also the next character that the user is about to input.
  • a phishing system may fail the reverse authentication and may be able to steal the two or three first characters of the user's alphanumeric password. That failure of the phishing system may alert the user to replace the current password on the legitimate system 100.
  • each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s).
  • the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved.
  • each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration can be implemented by special purpose hardware-based systems that perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
  • composition or method may include additional ingredients and/or steps, but only if the additional ingredients and/or steps do not materially alter the basic and novel characteristics of the claimed composition or method.
  • a compound or “at least one compound” may include a plurality of compounds, including mixtures thereof.
  • range format is merely for convenience and brevity and should not be construed as an inflexible limitation on the scope of the invention. Accordingly, the description of a range should be considered to have specifically disclosed all the possible subranges as well as individual numerical values within that range. For example, description of a range such as from 1 to 6 should be considered to have specifically disclosed subranges such as from 1 to 3, from 1 to 4, from 1 to 5, from 2 to 4, from 2 to 6, from 3 to 6 etc., as well as individual numbers within that range, for example, 1, 2, 3, 4, 5, and 6. This applies regardless of the breadth of the range.

Abstract

According to some embodiments of the present invention there is provided a method for bidirectional authentication between a user and a system. A system identifies an authentication sequence associated with a user of a client terminal, the authentication sequence comprising two or more sequence elements. A first input is received from a user interface of the client terminal. A second subsequence of the authentication sequence is forwarded for presentation by the client terminal when a first match between the first input and a first subsequence of the authentication sequence is identified. The second subsequence is consecutive to the first subsequence in the authentication sequence and the presentation authenticates the legitimacy of the system to the user. The user is authenticated when a second match between a second input from the user interface and a third subsequence of the authentication sequence is identified.

Description

BIDIRECTIONAL PASSWORD VERIFICATION
RELATED APPLICATIONS
This application claims the benefit of priority from U.S. Provisional Patent Application No. 62/041,576 filed on August 25, 2014, the contents of which are incorporated herein by reference.
BACKGROUND
The present invention, in some embodiments thereof, relates to user authentication and, more specifically, but not exclusively, to bidirectional authentication between a user and a computerized system.
In login procedures, such as used in the World Wide Web to authenticate a user's identity, phishing systems attempt to acquire a user's login data, such as a username and password, by a phishing system masquerading as a legitimate web site.
For example, a phishing system attempts to acquire a username and password by copying the look and feel of a legitimate web site, application, computerized system, and the like. For example, a phishing system masquerades as a legitimate web sites, a social media web site, a electronic mail (email) web site, a online auction web site, a banking web site, an online payment processing web site, and the like.
The user may be directed to the phishing system by an electronic communication, such as an email and/or message, presented as a legitimate message from an information technology administrator, the legitimate web site, and the like. For example, an email pretending to be from a banking web site asks the user to click on a link directing the user to the phishing system.
Typically, when the user enters their username and authentication sequence during a login procedure to a legitimate web site, the web site system searches a database for that username and loads the user authentication data to match the authentication sequence entered by the user with the database authentication sequence.
The web site system authenticates the user according to this match. The login procedures may vary and may have additional functionality, but the basic principle and limitations are common to most login procedures. As used herein, the term authentication sequence means a sequence of characters, graphic elements, motion elements, audible elements, or the like that are used to authenticate a user requesting access to a computerized system. For example, a password is an authentication sequence. For example, a finger swipe sequence is an authentication sequence. For example, a sequence of tones is an authentication sequence.
On the other hand, a phishing web site masquerading as the legitimate web site receives the username and authentication sequence, and stores the stolen data to access the user's accounts on one or more legitimate web sites. To avoid suspicion that might alert the user that their login data is stolen, the user may be presented a common error message or redirected to the legitimate web site.
SUMMARY
According to some embodiments of the present invention there is provided a method for bidirectional authentication between a user and a system. The method comprises an action of identifying, by a system, an authentication sequence associated with a user of a client terminal, where the authentication sequence comprises two or more sequence elements. The method comprises an action of receiving a first input from a user interface of the client terminal. The method comprises an action of forwarding for presentation by the client terminal a second subsequence of the authentication sequence when a first match between the first input and a first subsequence of the authentication sequence is identified. The second subsequence is consecutive to the first subsequence in the authentication sequence and the presentation authenticates the legitimacy of the system to the user. The method comprises an action of authenticating the user when a second match between a second input from the user interface and a third subsequence of the authentication sequence is identified, where the presentation and the authentication are a bidirectional authentication between the user and the system.
Optionally, the first input is entered, the second subsequence is presented, and the second input is entered in a single field of the user interface.
Optionally, when the first match is not found, the second subsequence is a fake second subsequence. Optionally, the authentication sequence is a member from a group consisting of a password, a passcode, a passkey, an encrypted password, a password-authenticated key, a balanced password-authenticated key, and an augmented password-authenticated key.
Optionally, the authentication sequence comprises two or more data elements, and the data elements are members of a group consisting of letters, numbers, alphanumeric characters, symbol characters, computer printable character codes, digital images, graphic characters, angled lines, graphic shapes, user gestures, hand signals, hand gestures, and audible tones.
Optionally, the second subsequence is one or more sequence elements of the authentication sequence.
Optionally, the authentication sequence is partitioned by a combinatorial analysis of the sequence elements to generate the first, second and third subsequences.
Optionally, the combinatorial analysis determines that the first subsequence is two or more sequence elements of the authentication sequence.
Optionally, the combinatorial analysis determines that the first subsequence comprises between two and four elements of the sequence elements of the authentication sequence.
Optionally, the method further comprises receiving a user awareness indicator from a client terminal after the forwarding, where the user awareness indicator is generated from a user awareness input in response to the presentation and a user perceiving the presentation.
Optionally, any of the second subsequence is presented in a multiple-choice field of the user interface. The multiple-choice field comprises two or more alternative sequences and a graphical element indicating a direction to one of the alternative sequences. A user selection is received from the client terminal identifying one of the alternative sequences in the multiple-choice field, and matching between the user selection and the one of the alternative sequences is the user awareness indicator.
Optionally, a mismatching between the user selection and the one of the alternative sequences is a phishing system indicator.
Optionally, the second subsequence is presented by the client terminal comprising a visual modification on the user interface, where a user visual correction is received from the client terminal, and matching between the user visual correction and the visual modification is the user awareness indicator.
Optionally, a mismatching between the user visual correction and the visual modification is a phishing system indicator.
Optionally, the second subsequence is contained in the second input.
Optionally, the third subsequence is consecutive to the second subsequence in the authentication sequence.
Optionally, the second subsequence is encrypted prior to forwarding for presentation by the client terminal and decrypted by the client terminal before presentation.
Optionally, the method further comprises one or more intermediate inputs prior to the second input. Each of the one or more intermediate inputs is matched to respective one or more intermediate subsequences and a respective one or more second intermediate subsequence is forwarded to the client terminal for presentation to the user.
Each of the one or more intermediate subsequences and one or more second intermediate subsequences are consecutive in the authentication sequence according to a temporal ordering of user inputs.
According to some embodiments of the present invention there is provided a method for bidirectional authentication between a user and a system. The method comprises an action of identifying, by a system, an authentication sequence associated with a user of a client terminal. The method comprises an action of forwarding for presentation by the client terminal a first subsequence of the authentication sequence.
The presentation authenticates the identity of the system to the user. The method comprises an action of receiving a first input from a user interface of the client terminal.
The method comprises an action of authenticating the user when a match between the first input from the user interface and a second subsequence of the authentication sequence is identified. The presentation and the authentication are a bidirectional authentication between the user and the system.
Optionally, the method further comprises forwarding for presentation by the client terminal a third subsequence, receiving a second input from a user interface of the client terminal, and confirming an authentication of the user when a match between the second input and a fourth subsequence of the authentication sequence is identified. According to some embodiments of the present invention there is provided a non-transitory computer readable medium with an executable program stored thereon for bidirectional authentication between a user and a system. The executable program instructs a processing device of the system to identify an authentication sequence associated with a user of a client terminal. The executable program instructs a processing device to receive a first input from a user interface of the client terminal. The executable program instructs a processing device to forward for presentation by the client terminal a second subsequence of the authentication sequence when a first match between the first input and a first subsequence of the authentication sequence is identified. The second subsequence is consecutive to the first subsequence in the authentication sequence. The presentation authenticates the identity of the system to the user. The executable program instructs a processing device to authenticate the user when a second match between a second input from the user interface and a third subsequence of the authentication sequence is identified. The presentation and the authentication are a bidirectional authentication between the user and the system.
According to some embodiments of the present invention there is provided a system for bidirectional authentication between a user and the system. The system comprises a network interface for receiving input from a client terminal and forwarding output to a client terminal for presentation to a user. The system comprises a processor adapted to perform the action of identifying an authentication sequence associated with the user of the client terminal. The processor is adapted to perform the action of receiving a first input from a user interface of the client terminal. The processor is adapted to perform the action of forwarding for presentation by the client terminal a second subsequence of the authentication sequence when a first match between the first input and a first subsequence of the authentication sequence is identified. The second subsequence is consecutive to the first subsequence in the authentication sequence. The presentation authenticates the identity of the system to the user. The processor is adapted to perform the action of authenticating the user when a second match between a second input from the user interface and a third subsequence of the authentication sequence is identified. The presenting and the authenticating are a bidirectional authentication between the user and the system. According to some embodiments of the present invention there is provided a method of generating two or more subsequences from a single authentication sequence for bidirectional authentication between a user and a system. The method comprises an action of receiving a single authentication sequence. The method comprises an action of partitioning the single authentication sequence into two or more subsequence sets, each of the subsequence sets comprising two or more consecutive subsequences of the single authentication sequence. The method comprises an action of computing a predictability value for each of the subsequence sets. The method comprises an action of selecting one of the subsequence sets. The selected set has a predictability value matches a required threshold criterion. The selected set is used for bidirectional authentication between a user and a system.
Optionally, the single authentication sequence comprises two or more sequence elements. Each sequence element comprising an element type and the predictability value is a combinatorial analysis of respective the consecutive subsequences in each set computed using respective the element types.
Optionally, the predictability value is a linguistic analysis of respective the consecutive subsequences in each set.
Optionally, the single authentication sequence comprises two or more sequence elements, and the predictability value is a personal data analysis of respective user.
Unless otherwise defined, all technical and/or scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which the invention pertains. Although methods and materials similar or equivalent to those described herein can be used in the practice or testing of embodiments of the invention, exemplary methods, and/or materials are described below. In case of conflict, the patent specification, including definitions, will control. In addition, the materials, methods, and examples are illustrative only and are not intended to be necessarily limiting.
Implementation of the method and/or system of embodiments of the invention may involve performing or completing selected tasks manually, automatically, or a combination thereof. Moreover, according to actual instrumentation and equipment of embodiments of the method and/or system of the invention, several selected tasks could be implemented by hardware, by software or by firmware or by a combination thereof using an operating system. For example, hardware for performing selected tasks according to embodiments of the invention could be implemented as a chip or a circuit. As software, selected tasks according to embodiments of the invention could be implemented as a plurality of software instructions being executed by a computer using any suitable operating system.
In an exemplary embodiment of the invention, one or more tasks according to exemplary embodiments of method and/or system as described herein are performed by a data processor, such as a computing platform for executing a plurality of instructions.
Optionally, the data processor includes a volatile memory for storing instructions and/or data and/or a non- volatile storage, for example, a magnetic hard-disk and/or removable media, for storing instructions and/or data. Optionally, a network connection is provided as well. A display and/or a user input device such as a keyboard or mouse are optionally provided as well.
BRIEF DESCRIPTION OF THE SEVERAL VIEWS OF THE DRAWINGS
Some embodiments of the invention are herein described, by way of example only, with reference to the accompanying drawings. With specific reference now to the drawings in detail, it is stressed that the particulars shown are by way of example and for purposes of illustrative discussion of embodiments of the invention. In this regard, the description taken with the drawings makes apparent to those skilled in the art how embodiments of the invention may be practiced.
In the drawings:
FIG. 1 is a system for managing bidirectional authentication based on a single authentication sequence, according to some embodiments of the invention;
FIG. 2A is a flowchart of a method for bidirectional authentication using a single authentication sequence, according to some embodiments of the invention;
FIG. 2B is a flowchart of a method for determining a first subsequence length in bidirectional authentication using a single authentication sequence, according to some embodiments of the invention;
FIG. 3A is a flowchart of a method for a subsequence presentation of a single authentication sequence to a user interface using a single entry field, according to some embodiments of the invention; FIG. 3B is a schematic illustration of a user interface for presenting a subsequence in the flowchart of FIG. 3A, according to some embodiments of the invention;
FIG. 4A is a flowchart of a method for a subsequence presentation of a single authentication sequence to a user interface using a visual modification, according to some embodiments of the invention;
FIG. 4B is a schematic illustration of a user interface for presenting a subsequence in the flowchart of FIG. 4A, according to some embodiments of the invention;
FIG. 5A is a flowchart of a method for a subsequence presentation of a single authentication sequence to a user interface using a multiple choice field, according to some embodiments of the invention;
FIG. 5B is a schematic illustration of a user interface for presenting a subsequence in the flowchart of FIG. 5A, according to some embodiments of the invention; and
FIG. 6 is a flowchart of a method to for bidirectional authentication using a single authentication sequence starting with forwarding a first subsequence, according to some embodiments of the invention. DETAILED DESCRIPTION
When a user is entering an authentication sequence on a web site or application, the user may not be able to authenticate the legitimacy of the web site or application. A phishing web site or application may look and behave identically to the legitimate web site or application. Even when the look and feel of the web site or application is not identical, the user may not notice the differences and the user identity may be stolen by the phishing system.
According to embodiments of the present invention, there are provided systems and methods of bidirectional authentication between a user and a computerized system, such as a web site or application, using a single authentication sequence that is known to both sides, such as a single password sequence. As used herein, the term bidirectional authentication means the authentication of a user to a system, such as a user authentication, and the system to the user, such as a reverse authentication. As used herein, the term bidirectional authentication means a mutual authentication, two-way authentication, and/or the like. When a user enters the username on a client terminal in electronic communication with a legitimate system, both the user and system know the authentication sequence. When the system forwards part of the single authentication sequence, such as a subsequence, to a client terminal to present to the user, the user receives a reverse authentication that the system is legitimate. When the user completes the input of the authentication sequence on the client terminal, bidirectional authentication is established between the user and the system. For example, a user enters a first subsequence of the authentication sequence, the system forwards a second subsequence to the client terminal to present on a user interface, and the user enters a third subsequence that completes the authentication sequence. For example, a system enters a first subsequence of the authentication sequence to provide reverse authentication from the system to the user, and the user completes the authentication sequence to achieve bidirectional authentication. For example, the user input and the system presentation complete a single authentication sequence, such as an alphanumeric string. When the user or the system does not know the single authentication sequence, the bidirectional authentication fails. Bidirectional authentication according to embodiments of the invention may prevent a user from revealing the full authentication sequence to a phishing system, and may prevent a phishing system from determining the password by smart guessing, brute force guessing, and the like.
According to aspects of embodiments of the invention, the process of performing the bidirectional authentication includes many additions and alternatives that may be implemented in selected embodiments according to anti-phishing security level requirements. The type of sequence elements, such as numerical characters, alphanumerical characters, symbol characters, and the like, and the location of each type of sequence element, such as the second element being a numerical element, and the like, may affect the anti-phishing security. A system may require the user to perform an action and/or enter an input to confirm the user awareness of the system legitimacy, to create a user habit of confirming the reverse authentication, and the like, to increase the level of anti-phishing security. When an incorrect first subsequence is entered, the system may send a fake second subsequence to prevent revealing the second subsequence to a phishing system, thereby increasing the level of anti-phishing security. Optionally, when the system receives an erroneous subsequence, the system forwards a fake response for presentation, such as a random subsequence, a constant fake subsequence different from the true subsequence, and the like. In such a manner, the exposure of sensitive information is avoided and phishing systems that try to acquire data by iterative submission of subsequences are blocked.
Optionally, the first, second and third subsequences are presented and/or entered in a single field of the user interface of the client terminal. For example, the user enters the first subsequence of the authentication sequence in a single password field of the user interface. The system may forward a second subsequence of the authentication sequence to the client terminal for presentation on the single password field of the user interface. The user may enter the third subsequence of the authentication sequence in the single password field.
Optionally, the second subsequence verifies the site legitimacy to the user before the third subsequence is entered. For example, the second subsequence makes the user that the site is legitimate and not a phishing site.
Optionally, the legitimate site receives an awareness indicator from the user, such as an input from the user that acknowledges the user receiving and/or viewing the second subsequence. For example, the awareness indicator causes the user to acquire the habit of the process of mutual identification. For example, the awareness indicator requires the user to stop after the first subsequence in anticipation of the legitimate site identification using the second subsequence, and then the user enters the awareness indicator. Without the awareness indicator, the user may type the complete authentication sequence, such as a password, in the first user input on a phishing site.
Optionally, the second subsequence is a single-element data of the authentication sequence. For example, the authentication sequence is a password of alphanumeric characters, and the second subsequence is the fourth alphabetic character.
Optionally, the second subsequence of the authentication sequence is presented to the user, such as to verify the site legitimacy, with a visual modification and the user corrects the visual modification prior to entering the third subsequence of the authentication sequence, thus the visual correction is a confirmation of the reverse authentication. For example, the second subsequence of the authentication sequence is presented with a rotational modification, such as a character presented with a 90-degree clockwise rotation and the user presses the arrow keys to correct the rotation. For example, when the user does not correct the visual modification the second input is received but the system responds with a failed login attempt notification and/or operation.
Optionally, the second subsequence of the authentication sequence is presented as part of a multiple-choice field, and the user is required to enter a new data element prior to entering the third subsequence of the authentication sequence, thus confirming the reverse authentication.
The benefits of embodiments of the invention include prevention of a phishing system from stealing an authentication sequence. A phishing system may not be able to forward for presentation on the client terminal the first or second subsequence of the authentication sequence as the phishing system lacks the authentication sequence needed for extracting the subsequence. Thus, the user may abort the login process upon failure to receive the correct subsequence prior to disclosure of the authentication sequence.
The benefits of embodiments of the invention are to utilize an existing single authentication sequence in a novel way to achieve extra authentication functionality without compromising security. Furthermore, no effort is required from the user to start using embodiments of the invention. For example, Google, Facebook, Paypal, Ebay, and the like may adopt the anti-phishing login embodiments of the invention for all its users by incorporating an embodiment of this invention on their servers without any special effort or action taken by the users.
For example, the generating subsequences from a single existing authentication sequence for bidirectional authentication, and the legitimate site approving or rejecting all the subsequences as a whole, such as a fake second subsequence response, allows present authentication systems to upgrade easily to bidirectional authentication. In this example, the system uses existing passwords and no user involvement and/or effort is required in the upgrade process, without compromising the security of using the current password as a whole.
The bidirectional authentication using a single authentication sequence provides the user with a way to authenticate the login system identity prior to the disclosure of sensitive information optionally without using additional information, images, hardware, codes, cookies, and the like. For example, the bidirectional authentication is performed using a username and user password.
Before explaining at least one embodiment of the invention in detail, it is to be understood that the invention is not necessarily limited in its application to the details of construction and the arrangement of the components and/or methods set forth in the following description and/or illustrated in the drawings and/or the Examples. The invention is capable of other embodiments or of being practiced or carried out in various ways.
The present invention may be a system, a method, and/or a computer program product. The computer program product may include a computer readable storage medium (or media) having computer readable program instructions thereon for causing a processor to carry out aspects of the present invention.
The computer readable storage medium can be a tangible device that can retain and store instructions for use by an instruction execution device. The computer readable storage medium may be, for example, but is not limited to, an electronic storage device, a magnetic storage device, an optical storage device, an electromagnetic storage device, a semiconductor storage device, or any suitable combination of the foregoing. A non- exhaustive list of more specific examples of the computer readable storage medium includes the following: a portable computer diskette, a hard disk, a random access memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or Flash memory), a static random access memory (SRAM), a portable compact disc read-only memory (CD-ROM), a digital versatile disk (DVD), a memory stick, a floppy disk, a mechanically encoded device such as punch-cards or raised structures in a groove having instructions recorded thereon, and any suitable combination of the foregoing. A computer readable storage medium, as used herein, is not to be construed as being transitory signals per se, such as radio waves or other freely propagating electromagnetic waves, electromagnetic waves propagating through a waveguide or other transmission media (e.g., light pulses passing through a fiber-optic cable), or electrical signals transmitted through a wire.
Computer readable program instructions described herein can be downloaded to respective computing/processing devices from a computer readable storage medium or to an external computer or external storage device via a network, for example, the Internet, a local area network, a wide area network and/or a wireless network. The network may comprise copper transmission cables, optical transmission fibers, wireless transmission, routers, firewalls, switches, gateway computers, and/or edge servers. A network adapter card or network interface in each computing/processing device receives computer readable program instructions from the network and forwards the computer readable program instructions for storage in a computer readable storage medium within the respective computing/processing device.
Computer readable program instructions for carrying out operations of the present invention may be assembler instructions, instruction- set- architecture (ISA) instructions, machine instructions, machine dependent instructions, microcode, firmware instructions, state-setting data, or either source code or object code written in any combination of one or more programming languages, including an object oriented programming language such as Smalltalk, C++ or the like, and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The computer readable program instructions may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on the remote computer or server. In the latter scenario, the remote computer may be connected to the user's computer through any type of network, including a local area network (LAN) or a wide area network (WAN), or the connection may be made to an external computer (for example, through the Internet using an Internet Service Provider). In some embodiments, electronic circuitry including, for example, programmable logic circuitry, field-programmable gate arrays (FPGA), or programmable logic arrays (PLA) may execute the computer readable program instructions by utilizing state information of the computer readable program instructions to personalize the electronic circuitry, in order to perform aspects of the present invention.
Aspects of the present invention are described herein with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the invention. It will be understood that each block of the flowchart illustrations and/or block diagrams, and combinations of blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer readable program instructions.
These computer readable program instructions may be provided to a processor of a general purpose computer, special purpose computer, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions/acts specified in the flowchart and/or block diagram block or blocks. These computer readable program instructions may also be stored in a computer readable storage medium that can direct a computer, a programmable data processing apparatus, and/or other devices to function in a particular manner, such that the computer readable storage medium having instructions stored therein comprises an article of manufacture including instructions which implement aspects of the function/act specified in the flowchart and/or block diagram block or blocks.
The computer readable program instructions may also be loaded onto a computer, other programmable data processing apparatus, or other device to cause a series of operational steps to be performed on the computer, other programmable apparatus or other device to produce a computer implemented process, such that the instructions which execute on the computer, other programmable apparatus, or other device implement the functions/acts specified in the flowchart and/or block diagram block or blocks.
The flowchart and block diagrams in the Figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods, and computer program products according to various embodiments of the present invention.
In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of instructions, which comprises one or more executable instructions for implementing the specified logical function(s). In some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems that perform the specified functions or acts or carry out combinations of special purpose hardware and computer instructions.
Reference is now made to FIG. 1, which is a system for managing bidirectional authentication based on a single authentication sequence, according to some embodiments of the invention. The computerized system 100 comprises a network interface 112 for communication with a client terminal 110 operated by a user 120 to receive one or more user inputs on a user interface 111. The network interface 112 is used to forward for presentation by a client terminal 110 one or more subsequences of an authentication sequence on a user interface 111. The computerized system 100 comprises a processor 102 for execution of one or more software modules 103 and 104 for bidirectional authentication. The computerized system 100 comprises an authentication sequence module 103 that identifies an authentication sequence associated with a user 120 of a client terminal 110, such as using a username of a user.
The authentication sequence module 103 receives a first input from a user interface 111 of the client terminal 110 and compares the first input with a first subsequence of the authentication sequence. When the authentication sequence module 103 identifies a match between the first input and the first subsequence, the authentication sequence module 103 forwards to the client terminal 110 a second subsequence of the authentication sequence for presentation on the user interface 111.
For example, the authentication sequence is two or more characters, and the second subsequence is the next character that the user 120 is about to input. The presentation of the second subsequence of the single authentication sequence confirms to the user 120 that the system 100 is legitimate, and provides to the user 120 a reverse authentication that the system 100 is not a phishing system. The computerized system 100 comprises a bidirectional authentication module 104 that receives a second input from the user interface 111 of the client terminal 110. When the bidirectional authentication module 104 identifies a second match between the second input and a third subsequence of the single authentication sequence, the user 120 is authenticated and allowed access to the system 100 operations.
Reference is now made to FIG. 2A, which is a flowchart of a method to perform bidirectional authentication using a single authentication sequence, according to some embodiments of the invention. A single authentication sequence is identified 201 by the authentication sequence module 103 from a username, user email address, and the like.
For example, a single authentication sequence is retrieved by the authentication sequence module 103 from a repository, an encrypted local database, a password server, a login provider database, an authentication sequence subsystem, and the like. A first input is received 202 by the authentication sequence module 103 from a user interface 111 of a client terminal 110.
When the first input matches 203 the first subsequence of the single authentication sequence, the authentication sequence module 103 forwards 204 the second subsequence of the authentication sequence to the client terminal 110 for presentation on a user interface 111. Varying alternatives exist for presentation of the second subsequence to the user, and optionally receive an awareness indicator and/or reverse authentication confirmation from the user via the client terminal 110. Some aspects of these embodiments for presentation are describe hereinbelow in FIG. 3A thru FIG. 6B.
Subsequent to forwarding 204 the second subsequence, the bidirectional authentication module 104 receives 205 the second input 315 using the user interface 111, a second match 206 is performed with a third subsequence 315 of the single authentication sequence. When the match is successful, the bidirectional authentication module 104 authenticates 207 the user to the system 100. When the match is not successful, the bidirectional authentication module 104 sends a notification to the client device 110 to clear the user interface 111 fields and returns to the step of identifying 201 an authentication sequence.
Optionally, the authentication sequence module 103 forwards the second subsequence to the client terminal 110 together with processor instructions for the client terminal 110 to present the second subsequence and, further optionally, wait for a user awareness indication. For example, one of the varying alternatives for presenting the second subsequence on the client terminal 110, such as presented in FIG. 3A thru FIG. 6B, are forwarded 204 to the client terminal 110 as processor instruction together with the second subsequence.
An aspect of embodiments of the present invention is the partitioning of the single authentication sequence to generate multiple subsequences, and the options and alternatives for this aspect are described prior to describing the multiple options for presenting the second subsequence.
According to embodiments of the invention, when a system 100 receives the a single authentication sequence, the system 100 partitions the single authentication sequence into two or more consecutive subsequences to assess the anti-phishing security level of the single authentication sequence. The partitioning may be performed with many alternative subsequences, and each alternative may be considered a subsequence sets. For each subsequence set, a predictability value is computed and compared between the sets and/or to a required threshold criterion to select one or more optimal subsequences meeting the security requirements. The selected set is then used for bidirectional authentication between a user 120 and the computerized system 100. The selected set determines the number of sequence elements of the first subsequence, second subsequence, third subsequences, and the like. For example, if the single authentication sequence is partitioned into five subsequences, the selected set may determine the number of sequence elements in each subsequence.
Optionally, the user 120 chooses the selected subsequence set. For example, when two or more of the sets meet the criteria.
Optionally, the user 120 selectively modifies one or more of the sequence elements of authentication sequence to meet the criteria and/or increase the level of security.
The predictability value of each set is a measure of the security level, and may be computed based on analysis of the sequence elements by the system 100. Optionally, the combinations of element types in each subsequence are used to compute a predictability value from guessing one or more subsequences. Examples of combinatorial analyses are described hereinbelow. Optionally, a lexical and/or linguistic analysis determines when the single authentication sequence and/or any subsequences may be used by a phishing system to smart guess any of the sequence elements. For example, when the single authentication sequence contains the word "love" it may be easy to guess that the letter "e" comes after the subsequence "/ov". Optionally, an analysis of a user's personal information analysis may determine the predictability value of a subsequence and/or sequence element. For example, if the single authentication sequence contains the first name of the user, such as the name i davi it may be easy to guess that the letter "d" comes after the subsequence "davi". For example, if the single authentication sequence contains the birth year of the user, such as the name "1980", it may be easy to guess that the number "0" comes after the subsequence "198".
Optionally, the data elements of the first subsequence of the authentication sequence are entered by the user 120 to the user interface 111, the authentication sequence module 103 computes the length of the first input to receive before matching to a first subsequence of the authentication sequence. Optionally, the length of the first input to receive is computed when the password is initially entered by the user.
Optionally, the length of the first input to receive is computed before the user is identified, such as when the password is first entered during a registration process.
Optionally, the number of data elements in the first subsequence is two or more data elements to confirm the identity of a user by the authentication sequence module 103 before presenting the second subsequence of the authentication sequence. According to some embodiments of the invention, when a user first enters their preferred password, such as during registration and/or opening a web account, the system 100 may check the password for a high security password transition between the first and second subsequences. When the password has a low security transition, the user may be sent a warning to assist the user in modifying the password to improve the anti-phishing security. According to some embodiments of the invention, an existing user password may be used, and the transition between the first and second subsequences is selected by the system 100 as using an algorithm that optimizes the anti-phishing security.
According to some embodiments of the invention, the system 100 notifies the user of a low anti-phishing security password, such as below a threshold, not containing suitable characters, suitable characters not at the correct location, and the like. For example, the user may be requested to change the password to increase the anti- phishing security level.
The choice of password elements and determination of the transition between the first and second subsequences has a strong effect on the anti-phishing security level. For example, to prevent a phishing system from using brute force, password dictionaries, smart guessing, and the like, to determine the second subsequence of the authentication sequence, the first subsequence of the authentication sequence is as short as possible. For example, the first subsequence is short to prevent a phishing system from determining the second subsequence of the authentication sequence and thus increasing authentication security. For example, the first subsequence is 2 to 4 elements long so as not to reveal enough of the authentication password to the phishing site to allow the phishing site to use brute force, guessing, dictionary lookup, and the like, to determine the second subsequence. In this example, the user may notice the missing or incorrect second subsequence before the user enters enough of the password to allow the phishing site to determine additional elements of the authentication sequence. For example, the first subsequence is long to prevent a brute force guessing of the second part by a phishing site. For example, the first subsequence of the authentication sequence is long enough for the authentication sequence module 103 to confirm the user's identity prior to presenting the second subsequence of the authentication sequence. For example, when the authentication sequence is an alphanumeric password, a first subsequence of the authentication sequence, comprising two characters, results in 3,844 combinations of mixed alphanumeric letters and numbers, or 9,025 combinations when special characters are included. A three characters length for the first subsequence of the authentication sequence gives 238,328 combinations of mixed letters and numbers and 857,375 combinations when special characters are included. Therefore, a first subsequence of the authentication sequence containing between two to six elements have enough combinations for identifying a user by the authentication sequence module 103. For example, a first subsequence of the authentication sequence contains between two and four elements of an eight-element password, leaving enough characters in the third subsequence to prevent guessing the password. Optionally, no feedback is given to differentiate a correct first input from an erroneous first input, such as a fake second subsequence when the first input does not match the first subsequence. For example, giving the correct second subsequence after receiving an erroneous first subsequence may let a phishing site learn the second subsequence. For example, giving a fake second subsequence after receiving an erroneous first subsequence may prevent a phishing site from learning the second subsequence. For example, the phishing site may not know which element of the authentication sequence and/or process is incorrect. For example, the fake subsequence increases the anti-phishing security and reduces the effectiveness of phishing attacks after the first, more vulnerable, subsequence is compromised. For example, approving or rejecting the authentication sequence as a whole maintains the same authentication security as the original authentication method while adding anti- phishing security. Hereinbelow, details of providing a fake second subsequence are given.
Reference is now made to FIG. 2B, which is a flowchart of a method for determining a first subsequence length in bidirectional authentication using a single authentication sequence, according to some embodiments of the invention. In this example, when a password is received 220, the password is separated into the individual data elements, denoted here as PI for the first data element thru P8 for the eight data element. When P2 is not an alphabetic character, such as a numerical character, and P3 is an alphabetic character 221 the length, denoted n, of the first subsequence is set 231 to 2. When not 221, P3 is not an alphabetic character and P4 is an alphabetic character 222 the length of the first subsequence is set 232 to 3. When not 222, and P3 is an alphabetic character 223 the length of the first subsequence is set 233 to 2. When not 223, and P4 is an alphabetic character 224 the length of the first subsequence is set 234 to 3. When not 224, the length of the first subsequence is set 235 to 2. Once the length is set it is sent 230 as a return value to the password sender, such as a password server, and authentication server, a client terminal 110, and the like.
Optionally, the first element of the second subsequence of the authentication sequence is an element with greater than 10 different possibilities to reduce the risk of a phishing system from guessing or smart guessing the second subsequence of the single authentication sequence forwarded by the authentication sequence module 103. For example, a first data element of a second subsequence of the authentication sequence is an alphabetic character, greatly reducing the possibility to guess the first data element of the second subsequence of the authentication sequence based on the characters of the first subsequence of the authentication sequence. For example, a first data element of a second subsequence of the authentication sequence is a non-numeric character, to avoid a 1 in 10 chance of a phishing system guessing the second subsequence of the authentication sequence. For example, the first data element of a second subsequence of the authentication sequence is symbol. These suggested embodiments may be incorporated in the system 100 as an additional password evaluation procedure to allow users to select better anti-phishing passwords. For example, an authentication sequence contains six or more alphanumeric characters and a priority is given to an alphabetic character as the first data element of a second subsequence.
Optionally, when a second subsequence of the authentication sequence may not be identified with more than 10 possible combinations, an alternative second subsequence is selected by the authentication sequence module 103 and/or a user 120 to perform the reverse authentication. For example, an authentication sequence comprises numerical characters and an alphabetic character is selected by a user 120 as a new second sequence for reverse authentication. For example, an alternative second sequence for reverse authentication is used when the authentication sequence is short, such as less than four data elements, is a poor anti phishing password, such as according to a system 100 policy, and the like.
Following are described some examples of embodiment aspects for presenting the second subsequence. Optionally, different methods for presenting the second subsequence may be selected based on anti-phishing security requirements and/or system 100 policy. The different methods of authentication may offer tradeoffs between verifying user attention and user effort. When there is no user verification of attention and/or awareness that the web site is legitimate according to the presentation of the second subsequence, the user may have the habit of entering the complete password without noticing when the web page belongs to a phishing system of the legitimate system 100. This may result in a low level of security in preventing password theft, and therefore not allowable according the system 100 policy. For example, a second subsequence may be presented on the graphical display of the user's client terminal 110 as an overlay on the single password entry field, not requiring a user to acknowledge their awareness of the second subsequence. This example may allow a phishing site to gain the full password when the user is not in the habit of noticing the presentation of the second subsequence.
According to some embodiments of the present invention, the user is required to perform an action on the graphical user interface to confirm to the system 100 that the user is aware of the presentation of the second subsequence and that the system is the legitimate server system 100. For example, a user is required to click on dialog box button to acknowledge their awareness of the legitimacy of the server system 100. For example, the user is required to make a choice between multiple options to select the correct second subsequence. For example, the user is required to slide a graphical tracker to align two halves of the same image showing the second subsequence. For example, the user is required to input the second subsequence shown in a distorted raster image, and the like. For example, the client terminal 110 is required to decode an encrypted second subsequence, wherein a phishing site may not have the decryption code.
The degree of user awareness and confirmation of the user awareness to the presentation of the second subsequence may vary between no awareness, such as when no response from the user is required, and full confirmation of the user awareness, such as a pause in the authentication process until the user has confirmed their awareness. For example, the authentication sequence module 103 pauses the login process until the user sends an awareness indicator, such as a user input confirming that the user acknowledges the reverse authentication. For example, the authentication sequence module 103 pausing at the same spot in the password sequence and waiting for a user input showing an awareness indicator causes a habit and/or tendency of the user to expect and/or acknowledge the second subsequence, and thus the mutual identification and/or authentication. For example, when the user tries to log on to a phishing site, the user may notice the absence of the presentation of the second subsequence or the presentation of an incorrect second subsequence and leave the phishing site before entering the second subsequence. During presentation of the second subsequence the actions of pausing, getting feedback, and the like, may create a habit and/or tendency of user to confirm the legitimacy of the server, optionally always at the same point in the password sequence, to prevent the user from missing the implication that the user is entering their password on a phishing site.
Following are described three detailed examples of varying options for presenting the second subsequence of the authentication sequence by a client terminal 110 on a user interface 111, as non-limiting examples. These optional are particular examples of many different varying alternatives for presenting the second subsequence to a user and optionally receiving a user awareness indication.
Reference is now made to FIG. 3 A and 3B, which is a flowchart of a method and a schematic illustration of a user interface, respectively, to perform a subsequence presentation to a user interface using a single entry field, according to some embodiments of the invention. This example describes in detail an optionally method for presenting the second subsequence to the user 120 of a client terminal 110 without receiving an acknowledgement, indication and/or confirmation of the user awareness subsequent to the forwarding 204 described in FIG. 2A. The client terminal 110 receives 301 the second subsequence of the authentication sequence from the authentication sequence module 103 and presents 302 the second subsequence to the user 120 in a single password field 312 of the user interface 111. For example, the user 120 enters a username in the username field 311 of a user interface 111 and a first input 313 of the authentication sequence in a password field 312 of the user interfacel l l, and the username and first input are sent to the authentication sequence module 103. For example, the second subsequence 314 of the authentication sequence is presented 302 as characters in the password field 312 of the user interfacel l l. Optionally, the second subsequence of the authentication sequence is presented with a visual enhancement, such as a in a bold font, highlighted, blinking, shadowed, and/or the like. Optionally, the client terminal 110 pauses 303, such as for one or more seconds. Presenting 302 the second subsequence 314 of the authentication sequence to the user interface 111 gives the user 120 a way to verify that the system 100 knows the authentication sequence and is not a phishing site. The bidirectional authentication module 104 proceeds with receiving 205 the second input 315 using the user interface 111 and single password field 312. The login procedure presented here relies on the user's attention and there is no confirmation to the system 100 that the user 120 received the reverse authentication.
Reference is now made to FIG. 4A and 4B, which is a flowchart of a method and a schematic illustration of a user interface, respectively, to perform a subsequence presentation to a user interface using a visual modification, according to some embodiments of the invention. These examples describe details of optional methods for presenting the second subsequence to the user 120 of a client terminal 110 with receiving an acknowledgement, indication and/or confirmation of the user awareness subsequent to the forwarding 204 described in FIG. 2A. The user awareness may vary to a lesser or greater amount, respectively, depending on the effort required by the user.
Optionally, effort required by the user may include answering a security question. Optionally, the effort required by the user may vary from a single key press and/or mouse click, to a complex sequence of operations requiring decision making to confirm an indication of the awareness of the user to the legitimacy of the server. For example, a high security server, such as a corporate bank account server, might require a very high level of legitimacy awareness and subsequent effort by the user to confirm, indicate, and/or acknowledge this legitimacy. The client terminal 110 receives 401 the second subsequence of the authentication sequence from the authentication sequence module 103, performs 402 a visual modification of the second subsequence, and presents 402 the visually modified second subsequence to the user 120. For example, the user 120 enters a username in the username field 311 of a user interface 111, and a first input 313 in a password field 312 of the user interfacel l l. For example, the second subsequence of the authentication sequence is presented 402 with a visual modification 314A, such as a 90-degree counterclockwise rotation, in the password field 312 of the user interfacel l l. For example, the second subsequence of the authentication sequence is presented 402 with a visual modification 314B such as a 90-degree clockwise rotation. For example, the second subsequence of the authentication sequence is presented 402 with a visual modification 314C such as a 180-degree clockwise rotation.
For example, the second subsequence of the authentication sequence is presented 402 with a visual modification 314D such as a 60-degree counterclockwise rotation. Optionally, the client terminal 110 pauses 403, such as for one or more seconds. The client terminal 110 receives 405 a reverse modification as input from the user 120 and sends the reverse modification input to the authentication sequence module 103, such as a sequence of arrow keys that result in a correct 406 display of the second sequence of the authentication sequence. When the sequence of arrow keys received 405 by the authentication sequence module 103 results in a visual correction 406, the authentication sequence module 103 sends 407 a successful revere authentication notification to the bidirectional authentication module 104. When the sequence of arrow keys received 405 does not result in a visual correction 406, the authentication sequence module 103 sends 408 a failed reverse authentication alert to the bidirectional authentication module 104. The bidirectional authentication module 104 proceeds with receiving 205 the second input 315 using the user interface 111.
When the bidirectional authentication module 104 receives a failed reverse authentication alert, a failed login notification is forwarded to the client terminal 110 by the authentication sequence module 103 for presentation on the user interface 111. Presenting 302 the second subsequence 314 of the authentication sequence to the user interface 111 with a visual modification gives the user 120 a way to verify that the system 100 knows the authentication sequence and therefore is not a phishing site.
Receiving the reverse modification allows the authentication sequence module 103 to confirm the reverse authentication and thereby notify the system 100 accordingly. This example embodiment requires additional effort by the user 120 to correct the visual modification but this example embodiment guaranties that the user 120 has noticed the visual modification 402 and provides a confirmation 407 of the reverse authentication.
Reference is now made to FIG. 5A and 5B, which is a flowchart of a method and a schematic illustration of a user interface, respectively, to perform a subsequence presentation to a user interface using a multiple-choice field, according to some embodiments of the invention. Subsequent to the forwarding 204 described in FIG. 2A, The client terminal 110 receives 501 the second subsequence of the authentication sequence from the authentication sequence module 103, generates 502 alternative sequences, and presents 502 the second subsequence and alternative sequences in a multiple choice field to the user 120. For example, the user 120 enters a username in the username field 311 of a user interface 111, and a first input 313 of the authentication sequence in a password field 312 of the user interfacel l l. For example, the second subsequence of the authentication sequence and alternative sequences 316A are presented 502, such as in a three by three multiple-choice field overlaid on the password field 312 of the user interface 111, with the second subsequence in the center and alternative sequences surrounding the center. A graphical element, such as a mark, a line, an arrow, a pointer, a highlighted alternative, and the like, is added 509 to indicate one of the alternative sequences. For example, when the user refreshes the login screen the second subsequence and different alternative sequences 316B are presented 503 with a different line added 509 indicating one of the alternative sequences. For example, when the user refreshes the login screen a second time the second subsequence of the authentication sequence and second different alternative sequences 316C are presented 502 with a second different line added 509 indicating one of the alternative sequences. Optionally, the client terminal 110 pauses 504, such as for one or more seconds. The client terminal 110 receives 505 the marked alternative sequence as input from the user 120, such as an alphanumeric character. When the input received 505 is the correctly 506 marked alternative sequence, the client terminal 110 sends 507 a successful reverse authentication notification to the bidirectional authentication module 104. When the input received 505 is not correct 506, the client terminal 110 sends 508 a failed reverse authentication alert to the bidirectional authentication module 104. The bidirectional authentication module 104 proceeds with receiving 205 the second input (not shown) using the user interface 111. When the bidirectional authentication module 104 receives an incorrect input, a failed login notification is forwarded to the client terminal 110 by the authentication sequence module 103 for presentation on the user interface 111. Presenting 503 the second subsequence 316 of the authentication sequence to the user interface 111 with a visual modification gives the user 120 a way to verify that the system 100 knows the authentication sequence and therefore is not a phishing site. Receiving the reverse modification allows the client terminal 110 to confirm the reverse authentication and thereby notify the system 100 accordingly. This example embodiment requires additional effort by the user 120 to input the marked alternative subsequence but this example embodiment guaranties that the user 120 has noticed the added 509 mark and provides a confirmation 507 of the reverse authentication.
Optionally, the sending of a failed or successful reverse authentication is performed by the client terminal 110 to the bidirectional authentication module 104, such as using a javascript routine. Optionally, the sending of a failed or successful reverse authentication is performed by the authentication sequence module 103 to the bidirectional authentication module 104.
The following paragraphs describe additional aspects of embodiments of the present invention.
Optionally, the second subsequence 314 of the authentication sequence is temporarily presented on the user interface 111, such as during an optional delay 303, and the second input to the user interface includes the second subsequence. For example, the second subsequence of the authentication sequence is presented for 2 seconds, disappears from the user interface, and the user inputs the second subsequence as part of the third subsequence. Optionally, the second subsequence 314 of the authentication sequence is permanently presented on the user interface 111, such as a server side input into the password field 312, and the second input to the user interface does not includes the second subsequence. For example, the second subsequence of the authentication sequence is inserted into the password field by instructions forwarded to the client terminal 110 from the authentication sequence module 103, and the user inputs the third subsequence starting from the first data element following the second subsequence.
Optionally, a one or more intermediate input is received by the authentication sequence module 103 from the user following the presentation of the second subsequence of the authentication sequence. For each intermediate input, an intermediate match is performed by the authentication sequence module 103 between each intermediate input and an intermediate subsequence of the authentication sequence. When the particular intermediate match is correct, a second intermediate subsequence of the authentication sequence is forwarded by the authentication sequence module 103 to the client terminal 110 for presentation on the user interface 111. When the particular intermediate match is erroneous, a fake second subsequence is forwarded by the authentication sequence module 103 to the client terminal 110 for presentation on the user interface 111. For example, each intermediate cycle of input, matching, and presenting results in additional authentication and reverse authentication confirmations by the authentication sequence module 103.
Optionally, the authentication sequence module 103 forwards a first subsequence of the authentication sequence to the client terminal 110 for presentation on the user interface 111 before a first input from a user 120. This method has the disadvantage of presenting to a phishing site all or part of the first subsequence, but might be useful in some embodiments, such as when a site is prone to phishing attacks or the process has more than three subsequences and giving up the first character has little impact on the security. Reference is now made to FIG. 6, which is a flowchart of a method to perform bidirectional authentication using a single authentication sequence starting with forwarding a first subsequence of the authentication sequence by the authentication sequence module 103, according to some embodiments of the invention. The authentication sequence module 103 identifies 601 an authentication sequence, and forwards 602 a first subsequence of the authentication sequence to the client terminal 110 for presentation on the user interface 111. The user 120 views the first subsequence of the authentication sequence on the user interface thereby receiving the reverse authentication that the system 100 is legitimate, and enters a first input on the user interface. The first input is received 603 by the bidirectional authentication module 104, along with an optional confirmation of the reverse authentication according to embodiments described herein. The bidirectional authentication module 104 matches 604 the first input to a second subsequence of the authentication sequence, and when correct authenticates 605 the user. When the first input does not match 604 the second subsequence of the authentication sequence an instruction to clear the fields of the user interface 111 is sent to the client terminal 110 by the bidirectional authentication module 104 and the identification 601 of an authentication sequence is repeated. In this embodiment, the reverse authentication is performed after the user 120 is identified but before the first input is received 603 by the bidirectional authentication module 104.
Now referring again to FIG. 2A, some aspects of embodiments of the invention may be described relating to the condition when the first user input does not match the first subsequence, such as an invalid first subsequence. Optionally, when the first input does not match 203 the first subsequence of the single authentication sequence, the authentication sequence module 103 forwards 204B a fake second subsequence for presentation instead of the second subsequence. For example, a fake second subsequence prevents a brute force attack on a legitimate site by a phishing site to determine the second subsequence. For example, when a first match 203 fails, the authentication sequence module 103 and/or bidirectional authentication module 104 behave exactly as through the match was completed. The authentication sequence module 103 forwards 204B a fake second subsequence, such as a random sequence, a constant fake sequence, and the like, instead of the second subsequence of the authentication sequence, thus preventing a phishing system from attacking the legitimate site and stealing the second subsequence. For example, the fake second subsequence prevents an attacker from determining which element of the first subsequence is incorrect, thus greatly reducing the effectiveness of the attack against the shorter and more vulnerable first subsequence. For example, approving or rejecting all the subsequences as a single authentication sequence maintains the same security as the original authentication method while adding anti-phishing security. For example, the data element forwarded 204B by the authentication sequence module 103 to perform the reverse authentication is not the second subsequence of the authentication sequence but a fake subsequence, such as a randomly selected alphanumeric character. For example, when the first match 203 fails the second input is received 205B by the bidirectional authentication module 104 and subsequently sends 208 a failed login notification and/or alert to the authentication sequence module 103 and/or bidirectional authentication module 104, preventing a phishing system from verification of any part of the authentication sequence. For example, when the user makes a legitimate mistake in typing the first subsequence the server sends a fake second subsequence.
Following are described varying types of single authentication sequences that may be used according to aspects of the present invention by way of non-limiting examples. Optionally, the authentication sequence is a password, a passcode, a passkey, an encrypted password, a password-authenticated key, a balanced password- authenticated key, an augmented password-authenticated key, and the like. For example, the authentication sequence and subsequences of the authentication sequence are encrypted before being transmitted between the system 100 and client terminal 110.
For example, the authentication sequence is a passcode of numeric character such as "12345678". For example, the password protect and encryption key, such as password-authenticated key, a balanced password-authenticated key, an augmented password-authenticated key, and the like.
Optionally, the authentication sequence comprises a set of sequence elements such as letters, numbers, alphanumeric characters, symbol characters, computer printable character codes, graphic elements, user gestures, angled lines, graphic characters, hand signals, hand gestures, audible tones, and the like. For example, an authentication sequence is a character string of "qlw2e3r4", "! @#$%A&*", "asdfghj",
"¾εύϊΤ3+αΐΨ", "Φ©Η ^ Ρ", and the like. For example, an authentication sequence is a sequence of graphic elements, such as swipes on a smartphone screen, and the second subsequence is a presentation of the next swipe in the sequence. For example, an authentication sequence is a sequence of graphic elements, such as angled lines. For example, an authentication sequence is a sequence of graphic elements, such as graphic shapes. For example, an authentication sequence is a sequence of hand gestures, such as used in sign language. For example, an authentication sequence is a sequence of user gestures, such as hand signals acquired using an image capturing device, and the second subsequence of the authentication sequence is a presentation of the next image in the sequence. For example, an authentication sequence of the authentication sequence is a sequence of audible tones and/or musical notes, and the second subsequence of the authentication sequence is a presentation of the next tone and/or note in the sequence using the audio output of the system 100.
Adopting embodiments of the present invention for anti-phishing login may develop, such as after a few logins, a habit of the user 120 to pause after entering the first part of the password to received the reverse authentication, as the second subsequence of the authentication sequence may be identical for a given authentication sequence. For example, the user 120 may positively identify the system 100 as legitimate by verification of the first character of the second subsequence of an alphanumeric password, which is also the next character that the user is about to input.
A phishing system may fail the reverse authentication and may be able to steal the two or three first characters of the user's alphanumeric password. That failure of the phishing system may alert the user to replace the current password on the legitimate system 100.
The methods as described above are used in the fabrication of integrated circuit chips.
The flowchart and block diagrams in the Figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present invention.
In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems that perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
The descriptions of the various embodiments of the present invention have been presented for purposes of illustration, but are not intended to be exhaustive or limited to the embodiments disclosed. Many modifications and variations will be apparent to those of ordinary skill in the art without departing from the scope and spirit of the described embodiments. The terminology used herein was chosen to best explain the principles of the embodiments, the practical application or technical improvement over technologies found in the marketplace, or to enable others of ordinary skill in the art to understand the embodiments disclosed herein.
It is expected that during the life of a patent maturing from this application many relevant authentication sequences will be developed and the scope of the term authentication sequence is intended to include all such new technologies a priori.
As used herein the term "about" refers to ± 10 %.
The terms "comprises", "comprising", "includes", "including", "having" and their conjugates mean "including but not limited to". This term encompasses the terms "consisting of" and "consisting essentially of".
The phrase "consisting essentially of" means that the composition or method may include additional ingredients and/or steps, but only if the additional ingredients and/or steps do not materially alter the basic and novel characteristics of the claimed composition or method.
As used herein, the singular form "a", "an" and "the" include plural references unless the context clearly dictates otherwise. For example, the term "a compound" or "at least one compound" may include a plurality of compounds, including mixtures thereof.
The word "exemplary" is used herein to mean "serving as an example, instance or illustration". Any embodiment described as "exemplary" is not necessarily to be construed as preferred or advantageous over other embodiments and/or to exclude the incorporation of features from other embodiments.
The word "optionally" is used herein to mean "is provided in some embodiments and not provided in other embodiments". Any particular embodiment of the invention may include a plurality of "optional" features unless such features conflict.
Throughout this application, various embodiments of this invention may be presented in a range format. It should be understood that the description in range format is merely for convenience and brevity and should not be construed as an inflexible limitation on the scope of the invention. Accordingly, the description of a range should be considered to have specifically disclosed all the possible subranges as well as individual numerical values within that range. For example, description of a range such as from 1 to 6 should be considered to have specifically disclosed subranges such as from 1 to 3, from 1 to 4, from 1 to 5, from 2 to 4, from 2 to 6, from 3 to 6 etc., as well as individual numbers within that range, for example, 1, 2, 3, 4, 5, and 6. This applies regardless of the breadth of the range.
Whenever a numerical range is indicated herein, it is meant to include any cited numeral (fractional or integral) within the indicated range. The phrases "ranging/ranges between" a first indicate number and a second indicate number and "ranging/ranges from" a first indicate number "to" a second indicate number are used herein interchangeably and are meant to include the first and second indicated numbers and all the fractional and integral numerals therebetween.
It is appreciated that certain features of the invention, which are, for clarity, described in the context of separate embodiments, may also be provided in combination in a single embodiment. Conversely, various features of the invention, which are, for brevity, described in the context of a single embodiment, may also be provided separately or in any suitable subcombination or as suitable in any other described embodiment of the invention. Certain features described in the context of various embodiments are not to be considered essential features of those embodiments, unless the embodiment is inoperative without those elements.
Although the invention has been described in conjunction with specific embodiments thereof, it is evident that many alternatives, modifications and variations will be apparent to those skilled in the art. Accordingly, it is intended to embrace all such alternatives, modifications and variations that fall within the spirit and broad scope of the appended claims. All publications, patents and patent applications mentioned in this specification are herein incorporated in their entirety by reference into the specification, to the same extent as if each individual publication, patent or patent application was specifically and individually indicated to be incorporated herein by reference. In addition, citation or identification of any reference in this application shall not be construed as an admission that such reference is available as prior art to the present invention. To the extent that section headings are used, they should not be construed as necessarily limiting.

Claims

WHAT IS CLAIMED IS:
1. A method for bidirectional authentication between a user and a system, comprising:
identifying, by a system, an authentication sequence associated with a user of a client terminal, wherein said authentication sequence comprises a plurality of sequence elements;
receiving a first input from a user interface of said client terminal;
when a first match between said first input and a first subsequence of said authentication sequence is identified, forwarding for presentation by said client terminal a second subsequence of said authentication sequence, wherein said second subsequence is consecutive to said first subsequence in said authentication sequence and wherein said presentation authenticates the legitimacy of said system to said user; and authenticating said user when a second match between a second input from said user interface and a third subsequence of said authentication sequence is identified, wherein said presentation and said authentication are a bidirectional authentication between said user and said system.
2. The method of claim 1, wherein said first input is entered, said second subsequence is presented, and said second input is entered in a single field of said user interface.
3. The method of claim 1, wherein when said first match is not found, said second subsequence is a fake second subsequence.
4. The method of claim 1, wherein said authentication sequence is a member from a group consisting of a password, a passcode, a passkey, an encrypted password, a password-authenticated key, a balanced password-authenticated key, and an augmented password-authenticated key.
5. The method of claim 1, wherein said authentication sequence comprises a plurality of data elements, and said plurality of data elements are members of a group consisting of letters, numbers, alphanumeric characters, symbol characters, computer printable character codes, digital images, graphic characters, angled lines, graphic shapes, user gestures, hand signals, hand gestures, and audible tones.
6. The method of claim 1, wherein said second subsequence is at least one sequence element of said authentication sequence.
7. The method of claim 1, wherein said authentication sequence is partitioned by a combinatorial analysis of said plurality of sequence elements to generate said first, second and third subsequences.
8. The method of claim 7, wherein said combinatorial analysis determines that said first subsequence is a plurality of sequence elements of said authentication sequence.
9. The method of claim 7, wherein said combinatorial analysis determines that said first subsequence comprises between two and four elements of said plurality of sequence elements of said authentication sequence.
10. The method of claim 1, further comprising receiving a user awareness indicator from a client terminal after said forwarding, wherein said user awareness indicator is generated from a user awareness input in response to said presentation and a user perceiving said presentation.
11. The method of claim 10, wherein any of said second subsequence is presented in a multiple-choice field of said user interface, said multiple-choice field comprises a plurality of alternative sequences and a graphical element indicating a direction to one of said plurality of alternative sequences, and a user selection is received from said client terminal identifying one of said plurality of alternative sequences in said multiple- choice field, and matching between said user selection and said one of said plurality of alternative sequences is said user awareness indicator.
12. The method of claim 11, wherein a mismatching between said user selection and said one of said plurality of alternative sequences is a phishing system indicator.
13. The method of claim 10, wherein said second subsequence is presented by said client terminal comprising a visual modification on said user interface, wherein a user visual correction is received from said client terminal, and matching between said user visual correction and said visual modification is said user awareness indicator.
14. The method of claim 13, wherein a mismatching between said user visual correction and said visual modification is a phishing system indicator.
15. The method of claim 1, wherein said second subsequence is contained in said second input.
16. The method of claim 1, wherein said third subsequence is consecutive to said second subsequence in said authentication sequence.
17. The method of claim 1, wherein said second subsequence is encrypted prior to forwarding for presentation by said client terminal and decrypted by said client terminal before presentation.
18. The method of claim 1, further comprising at least one intermediate input prior to said second input, wherein each of said at least one intermediate inputs is matched to respective at least one intermediate subsequence and a respective at least one second intermediate subsequence is forwarded to said client terminal for presentation to said user, wherein each of said at least one intermediate subsequences and at least one second intermediate subsequence are consecutive in said authentication sequence according to a temporal ordering of user inputs.
19. A method for bidirectional authentication between a user and a system, comprising: identifying, by a system, an authentication sequence associated with a user of a client terminal;
forwarding for presentation by said client terminal a first subsequence of said authentication sequence, wherein said presentation authenticates the identity of said system to said user;
receiving a first input from a user interface of said client terminal;
authenticating said user when a match between said first input from said user interface and a second subsequence of said authentication sequence is identified, wherein said presentation and said authentication are a bidirectional authentication between said user and said system.
20. The method of claim 19, further comprising forwarding for presentation by said client terminal a third subsequence, receiving a second input from a user interface of said client terminal, and confirming an authentication of said user when a match between said second input and a fourth subsequence of said authentication sequence is identified.
21. A non-transitory computer readable medium with an executable program stored thereon for bidirectional authentication between a user and a system, wherein said executable program instructs a processing device of said system to perform the steps comprising:
identifying an authentication sequence associated with a user of a client terminal;
receiving a first input from a user interface of said client terminal;
when a first match between said first input and a first subsequence of said authentication sequence is identified, forwarding for presentation by said client terminal a second subsequence of said authentication sequence, wherein said second subsequence is consecutive to said first subsequence in said authentication sequence and wherein said presentation authenticates the identity of said system to said user; and
authenticating said user when a second match between a second input from said user interface and a third subsequence of said authentication sequence is identified, wherein said presentation and said authentication are a bidirectional authentication between said user and said system.
22. A system for bidirectional authentication between a user and said system, comprising:
a network interface for receiving input from a client terminal and forwarding output to a client terminal for presentation to a user;
a processor adapted to perform the actions comprising:
identifying an authentication sequence associated with said user of said client terminal;
receiving a first input from a user interface of said client terminal;
when a first match between said first input and a first subsequence of said authentication sequence is identified, forwarding for presentation by said client terminal a second subsequence of said authentication sequence, wherein said second subsequence is consecutive to said first subsequence in said authentication sequence and wherein said presentation authenticates the identity of said system to said user; and
authenticating said user when a second match between a second input from said user interface and a third subsequence of said authentication sequence is identified, wherein said presenting and said authenticating are a bidirectional authentication between said user and said system.
23. A method of generating a plurality of subsequences from a single authentication sequence for bidirectional authentication between a user and a system, comprising: receiving a single authentication sequence;
partitioning said single authentication sequence into a plurality of subsequence sets, each of said plurality of subsequence sets comprising a plurality of consecutive subsequences of said single authentication sequence;
computing a predictability value for each of said plurality of subsequence sets; selecting one of said plurality of subsequence sets, wherein said selected set has a predictability value matches a required threshold criterion, and wherein said selected set is used for bidirectional authentication between a user and a system.
24. The method of claim 23, wherein said single authentication sequence comprises a plurality of sequence elements, wherein each sequence element comprising an element type, and wherein said predictability value is a combinatorial analysis of respective said plurality of consecutive subsequences in each set computed using respective said element types.
25. The method of claim 23, wherein said predictability value is a linguistic analysis of respective said plurality of consecutive subsequences in each set.
26. The method of claim 23, wherein said single authentication sequence comprises a plurality of sequence elements, and wherein said predictability value is a personal data analysis of respective said user.
PCT/IL2015/050709 2014-08-25 2015-07-08 Bidirectional password verification WO2016030874A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US201462041576P 2014-08-25 2014-08-25
US62/041,576 2014-08-25

Publications (1)

Publication Number Publication Date
WO2016030874A1 true WO2016030874A1 (en) 2016-03-03

Family

ID=55398844

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IL2015/050709 WO2016030874A1 (en) 2014-08-25 2015-07-08 Bidirectional password verification

Country Status (1)

Country Link
WO (1) WO2016030874A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107645506A (en) * 2017-09-28 2018-01-30 世纪龙信息网络有限责任公司 The verification method and device of information

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7266693B1 (en) * 2007-02-13 2007-09-04 U.S. Bancorp Licensing, Inc. Validated mutual authentication
US20090063850A1 (en) * 2007-08-29 2009-03-05 Sharwan Kumar Joram Multiple factor user authentication system
US20100043062A1 (en) * 2007-09-17 2010-02-18 Samuel Wayne Alexander Methods and Systems for Management of Image-Based Password Accounts

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7266693B1 (en) * 2007-02-13 2007-09-04 U.S. Bancorp Licensing, Inc. Validated mutual authentication
US20090063850A1 (en) * 2007-08-29 2009-03-05 Sharwan Kumar Joram Multiple factor user authentication system
US20100043062A1 (en) * 2007-09-17 2010-02-18 Samuel Wayne Alexander Methods and Systems for Management of Image-Based Password Accounts

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
SRIRAM, P. V. S. ET AL.: "A NOVEL 2 STEP RANDOM COLORED GRID GRAPHICAL PASSWORD AUTHENTICATION SYSTEM.", II.PROPOSED SYSTEM, 4 April 2013 (2013-04-04) *

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107645506A (en) * 2017-09-28 2018-01-30 世纪龙信息网络有限责任公司 The verification method and device of information

Similar Documents

Publication Publication Date Title
Lang et al. Security keys: Practical cryptographic second factors for the modern web
US9716699B2 (en) Password management system
US10313881B2 (en) System and method of authentication by leveraging mobile devices for expediting user login and registration processes online
US9613206B2 (en) Authentication mechanism
US10574692B2 (en) Mutual authentication security system with detection and mitigation of active man-in-the-middle browser attacks, phishing, and malware and other security improvements
US9407632B2 (en) Transformation rules for one-time passwords
US10395065B2 (en) Password protection under close input observation based on dynamic multi-value keyboard mapping
USRE46158E1 (en) Methods and systems to detect attacks on internet transactions
US9378352B2 (en) Barcode authentication for resource requests
CN109922035B (en) Password resetting method, request terminal and verification terminal
Chaudhary et al. Usability, security and trust in password managers: A quest for user-centric properties and features
EP3138265A1 (en) Enhanced security for registration of authentication devices
US11853411B2 (en) User specific error detection for accepting authentication credential errors
EP2875606A1 (en) Method and system of login authentication
US20160164681A1 (en) Obfuscated passwords
US10554641B2 (en) Second factor authorization via a hardware token device
US20170091441A1 (en) Password interposer
Ulqinaku et al. Is real-time phishing eliminated with {FIDO}? social engineering downgrade attacks against {FIDO} protocols
US9384343B2 (en) Methods, devices and computer program supports for password generation and verification
US9378358B2 (en) Password management system
US9876789B1 (en) Systems and methods for secure logon
Subsorn et al. An investigation of internet banking security of selected licensed banks in Vietnam
WO2016030874A1 (en) Bidirectional password verification
US11711353B2 (en) Authenticated service application sessions using visual authentication indicia
Saini Comparative Analysis of Top 5, 2-Factor Authentication Solutions

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 15835420

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205A DATED 20.06.17)

122 Ep: pct application non-entry in european phase

Ref document number: 15835420

Country of ref document: EP

Kind code of ref document: A1