Security method and system for persistent storage and communications on computer network systems and computer network systems employing the same

Assignee

• International Business Machines Corporation · US

Inventors

• Stephen Morgan · San Jose, US
• Lance W. Russell · Rosanky, US
• Benjamin C. Reed · San Jose, US

Key dates

Classification

• Technology area (CPC Y)Emerging Cross-Sectional Technologies
• CPC primaryY10S707/99953
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

A multi-stage login procedure and system involves a first stage in which a login ID and a public key (encrypted) is transmitted from a client computer to a server computer and a key-exchange key (encrypted) is provided from the server computer to the client computer. In a second stage, a first split symmetric key and a server authentication string is generated and encrypted by the client computer and then transmitted to the server computer. In addition, the server computer generates a second split symmetric key and combines the same with the first split symmetric key to obtain a complete symmetric key for encrypting further communications from the server to the client computer. The server also generates a client authentication string, encrypts the same and transmits the encrypted string, the server authentication string (encrypted and incremented) and the second split symmetric key (encrypted) to the client computer. In a third stage, the client computer uses the server authentication string to authenticate the server. In addition, the client computer combines the second split symmetric key with the first split symmetric key to obtain the complete symmetric key for encrypting furth…