Method and system for proactive password validation

Patent 5394471 Issued on February 28, 1995. Estimated Expiration Date:

September 17, 2013. Estimated Expiration Date is calculated based on simple USPTO term provisions. It does not account for terminal disclaimers, term adjustments, failure to pay maintenance fees, or other factors which might affect the term of a patent.

Abstract Claims Description Full Text

Patent References

Automatic selection of decryption key for multiple-key encryption systems
Patent #: 4440976
Issued on: 04/03/1984
Inventor: Bocci , et al.

Data encryption key failure monitor
Patent #: 4926475
Issued on: 05/15/1990
Inventor: Spiotta, et al.

Adaptive natural language computer interface system
Patent #: 4974191
Issued on: 11/27/1990
Inventor: Amirghodsi, et al.

Automatic encryption selector
Patent #: 5199069
Issued on: 03/30/1993
Inventor: Barrett, et al.

5307409

Inventors

Assignee

Bell Atlantic Network Services, Inc.

Application

No. 121852 filed on 09/17/1993

US Classes:

713/183, Solely password entry (no record or token)380/1CRYPTANALYSIS

Examiners

Primary: Gregory, Bernarr E.

Attorney, Agent or Firm

Lowe, Price, LeBlanc & Becker

International Class

H04L 009/00

Abstract

An improved method for password validation comprising the steps of identifying bad passwords having one or more characters; computing a frequency of occurrence of bad password characters; computing a probability of occurrence T of the bad password characters within the bad passwords based upon the computed frequency of occurrence; identifying a proposed password having one or more characters; and comparing the proposed password characters with the probability of occurrence T of the bad password characters. The method further comprises the steps of establishing a validation threshold and validating the proposed password based upon the correspondence between (i) a value, BAp, reflecting the relationship between the probability of occurrence T of bad password characters within bad passwords and the proposed password characters and (ii) an established validation threshold. A Markov model is use to compute the probability of occurrence. The present invention also includes an improved password validation system.

Other References

Kohl, John et al., "The Kerberos™ Network Authentication Service" (V5), Internet-Draft, Sep. 1, 1992, pp. 1-69
Spafford, Eugene H., "Observing Reusable Password Choices", Jul. 31, 1992, pp. 1-12
Spafford, Eugene H., "OPUS: Preventing Weak Password Choices", Jun. 1991, pp. 1-14
Federal Register, vol. 57, No. 174, Tuesday, Sep. 8, 1992, Notices, pp. 40895-40896
Smid, Miles E. et al., "The DAta Encryption Standard: Past and Future", Proceedings of the IEE, vol. 76, No. 5, May 1988, pp. 550-559
Nagle, John, "Tell if a Password is `Obvious`", vol. 16, Issue 60, Nov. 10, 1988
Bellovin, Steven M. et al., "Encrypted Key Exchange: Password-Based Protocols Secure Against Dictionary Attacks", IEEE, 1992, pp. 72-84
Bishop, Matt, "Proactive Password Checking", pp. 1-9, No date given
Ganesan, Ravi et al, "Statistical Techniques for Language Recognition: An Empirical Study Using Real and Simulated English", Sep. 28, 1993, pp. 1-48
Feldmeier, David C. et al., "UNIX Password Security-Ten Years Later", pp. 44-63, no date given
Ganesan, Ravi et al., "Statistical Techniques for Language Recognition: An Introduction and Guide for Cryptanalysts", Computer Science Technical Report Series, Feb. 1993, pp.1-32. Supplement, Sep. 28, 1993, pp. 49-12