Systems and methods for cryptographic authentication of contactless cards
First Claim
Patent Images
1. A data transmission system comprising:
- a transmitting device having a transmitting device processor and a transmitting device memory, the transmitting device memory containing a first master key, transmission data and a counter value;
a receiving device having a receiving device processor and a receiving device memory, the receiving device memory containing a second master key;
wherein the transmitting device is configured to;
generate a first diversified key using the first master key and at least one first cryptographic algorithm and store the first diversified key in the transmitting device memory, wherein the first master key is a secret key,protect the counter value using at least one second cryptographic algorithm and the first diversified key to yield a cryptographic result including the counter value,encrypt the transmission data using at least one third cryptographic algorithm and the first diversified key to yield encrypted transmission data, andtransmit the protected counter value and the encrypted transmission data to the receiving device; and
wherein the receiving device is configured to;
generate a second diversified key based on the second master key and the counter value, and store the second diversified key in the receiving device memory, wherein the second master key is a public key; and
decrypt the encrypted transmission data and validate the protected counter value using at least one fourth cryptographic algorithm and the second diversified key.
1 Assignment
0 Petitions
Accused Products
Abstract
Example embodiments of systems and methods for data transmission between transmitting and receiving devices are provided. In an embodiment, each of the transmitting and receiving devices can contain a master key. The transmitting device can generate a diversified key using the master key, protect a counter value and encrypt data prior to transmitting to the receiving device. The receiving device can generate the diversified key based on the master key and can decrypt the data and validate the protected counter value using the diversified key.
573 Citations
19 Claims
-
1. A data transmission system comprising:
-
a transmitting device having a transmitting device processor and a transmitting device memory, the transmitting device memory containing a first master key, transmission data and a counter value; a receiving device having a receiving device processor and a receiving device memory, the receiving device memory containing a second master key; wherein the transmitting device is configured to; generate a first diversified key using the first master key and at least one first cryptographic algorithm and store the first diversified key in the transmitting device memory, wherein the first master key is a secret key, protect the counter value using at least one second cryptographic algorithm and the first diversified key to yield a cryptographic result including the counter value, encrypt the transmission data using at least one third cryptographic algorithm and the first diversified key to yield encrypted transmission data, and transmit the protected counter value and the encrypted transmission data to the receiving device; and wherein the receiving device is configured to; generate a second diversified key based on the second master key and the counter value, and store the second diversified key in the receiving device memory, wherein the second master key is a public key; and decrypt the encrypted transmission data and validate the protected counter value using at least one fourth cryptographic algorithm and the second diversified key. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method for transmitting encrypted data by a contactless card having a processor and a memory containing two master keys, an identification number, a sequence number, and a counter, the method comprising:
-
generating a first diversified key using a secret encryption key and at least one first cryptographic algorithm; encrypting a counter value using at least one second cryptographic algorithm and the secret encryption key; encrypting transmission data using at least one third cryptographic algorithm and the first diversified key; transmitting the encrypted counter value and the encrypted transmission data to a receiving device; generating a second diversified key based on a public encryption key and the counter value; and decrypting the encrypted transmission data and validating the encrypted counter value using at least one fourth cryptographic algorithm and the public encryption key. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18)
-
-
19. A data transmission system comprising:
-
a transmitting device having a transmitting device processor and a transmitting device memory, the transmitting device memory containing a first private key and a first public key, transmission data and a counter value; a receiving device having a receiving device processor and a receiving device memory, the receiving device memory containing a second private key and a second public key; wherein the transmitting device is configured to; protect the counter value using at least one first cryptographic algorithm and the first private key to yield a cryptographic result including the counter value, encrypt the transmission data and the protected counter value using at least one second cryptographic algorithm and the first public key to yield encrypted transmission data, and transmit the encrypted transmission data to the receiving device; and wherein the receiving device is configured to; decrypt the encrypted transmission data using a second private key; and decrypt and validate the protected counter value using a second public key.
-
Specification