Dismiss
The InnovationQ application will be updated on Sunday, May 31st from 10am-noon ET. You may experience brief service interruptions during that time.
Browse Prior Art Database

Strengthening Authentication Patterns

IP.com Disclosure Number: IPCOM000041339D
Original Publication Date: 1984-Jan-01
Included in the Prior Art Database: 2005-Feb-02

Publishing Venue

IBM

Related People

Authors:
Hopkins, WD Lennon, RE Matyas, SM Meyer, CH [+details]

Abstract

This article discloses a method for strengthening authentication patterns (AP) used as part of a personal verification process in an electronic funds transfer (EFT) system. The first step in performing a user verification process is for the user to enter a personal identification number (PIN) into an EFT terminal. Numerous techniques exist for protecting the PIN once it is entered into the system via the EFT terminal, almost all of which begin by combining the PIN with some other, non-secret, static information to eliminate certain dictionary attacks. PINs are then encrypted with secret system keys affording the PIN protection during periods of transmission or storage. However, where access to the encrypt function can be obtained, certain exhaustive attacks may be performed to recover the key.