Filter
Top Products
CCA Release 2.54
3. The client workstation generates a random number, RN (64 bits).
Note: Note: The random-number RN is not used inside the Cryptographic
Coprocessor. It is only included in the protocol to guarantee that the cleartext
of the logon request is different every time.
4. The client workstation sends a logon request to the Cryptographic Coprocessor,
including the following information:
{ UID, eK
L
(RN, UID, timestamp) }
Encryption uses DES EDE3
3
mode, performed in software in the client
workstation. The timestamp includes both the time and the date, in GMT. It is
used to prevent replay of the logon request. The timestamp is formed from the
concatenation of binary encoded values of the year, month, day, hour, minute,
and second. Each value is held in one byte except for the year which is held in
a two-byte value.
5. The Cryptographic Coprocessor retrieves the user profile, which it has in secure
Coprocessor memory. It uses the received user-ID value, UID, to locate the
corresponding profile. If the user's profile is not found, the logon request is
rejected.
6. The Coprocessor reads the hash of the user's passphrase from the profile, thus
obtaining K
L
.
7. The Coprocessor uses K
L
to decrypt the user's logon data, thus recovering the
UID, timestamp, and RN. It compares the recovered UID with the cleartext UID
it received, and aborts if the two are not equal. Inequality is an indication that
the passphrase was incorrect, or that someone tried to splice another user's
captured logon data into their own request.
8. The Coprocessor verifies that the recovered timestamp is within 5 minutes of
the current time, according to the Coprocessor's secure clock. If the timestamp
falls outside this window, it indicates a probable replay attack, and the logon
request is rejected.
9. If everything in the preceding steps was acceptable, the user is logged on to
the Coprocessor. The Coprocessor generates a 192-bit session key, K
S
, and
returns this key to the client in the form of eK
L
(K
S
).
10. In a secure internal table, the Coprocessor stores the user-ID (UID), the value
of K
S
, and the user's role identifier, which is extracted from the profile. This
information is used on later requests to verify that the user is logged on, and to
find the role defining the user's privileges. The table entry is destroyed when
the user logs off.
11. The client workstation software (SAPI) saves K
S
for use in validating
subsequent verb calls. The SAPI code in the client and the Coprocessor
compute the industry-standard HMAC keyed-hash algorithm over sensitive
portions of subsequent verb calls and responses. An HMAC is computed using
K
S
as the key.
3
For a description of the EDE3 encryption process, see Figure D-9 on page D-12.
Appendix D. Algorithms and Processes
D-17