Authentication method with impersonal token cards

Traditional methods of user authentication in distributed systems suuer from an important weakness which is due to the low degree of randomness in secrets that human beings can use for identiication. Even though weak secrets (passwords and PINs) are typically not exposed in the clear over the communication lines, they can be discovered with oo-line brute force attacks based on exhaustive trials. Since such secrets are chosen from a relatively small key space, a determined adversary can try all possible values until a match is found between the trial value and the message recorded from a genuine authentication session. Authen-tication devices like smartcards and token cards ooer an attractive solution by providing a user with a cryptographically strong key for authentication. In contrast to passwords and PINs, the device's key can be chosen from a much larger key space thus making a brute force attack computationally infeasible or, at least, diicult. In this paper we present a novel authentication method whereby the authentication device (a token card) is used solely to provide a secure channel between a human user and an authentication server (AS). Since the communication channel is secured by the card, the user can still utilize weak secrets for authentication purposes, but, without any risk of exposure. Furthermore, the card's and the user's secrets are mutually independent, i.e., the card is not associated with any particular user. Since the card is impersonal, it can be freely shared by several users. This eliminates the high cost of administration which is typical of existing designs requiring xed user-device relationship. Moreover, our method does not require any coupling between the token card and the workstation (e.g., a gal-vanic connection) which would be diicult to implement on a global scale and retroot onto existing equipment.