iPass Secure End-to-end Encrypted Login (iSEEL) technology, a proven way to protect user authentication credentials. iSEEL is a valuable add-on option to the iPass® Corporate Access™ service that provides an additional layer of password protection. This unique technology protects passwords from the client device all the way to the enterprise by combing public-key cryptography and unidirectional SSL tunneling to encrypt passwords traveling over, both risky "first mile" connections and the public Internet.
iSEEL technology begins on the client device. The iPassConnect™ service interface uses a public key and 131-bit elliptical-curve cryptography to create an encrypted one-time ASCII password based on username, a unique service interface ID and a session counter.
This technology protects against credential theft over dial-up, wireless and shared wired broadband links. Even if the one-time password is sniffed, it's useless to a would-be attacker since it can't be decrypted without the private key stored at the iPass Transaction Center. And any attacks based on reusing the encrypted password will be mitigated since the password changes with each user session.
CIO Research Library
