Electronic-monetary system
First Claim
1. A method for certifying a device, said method comprising:
- providing a certifying authority with an authority public key known to said device;
generating a device key pair for said device, said device key pair including a device private key and a device public key which are stored in a memory;
exporting said device public key to said certifying authority;
enabling said certifying authority to perform a verification that said device public key emerged from said device, and that said device was not attacked by a tampering phenomenon, and whereupon said verification being successful said certifying authority certifying that said device is in an untampered state;
regenerating a new device key pair in response to a predetermined event; and
digitally signing data comprising a device public key of the new device key pair with the device private key.
1 Assignment
0 Petitions
Accused Products
Abstract
An improved monetary system using electronic media to exchange economic value securely and reliably is disclosed. The system provides a complete monetary system having electronic money that is interchangeable with conventional paper money. Also disclosed is a system for open electronic commerce having a customer trusted agent securely communicating with a first money module, and a merchant trusted agent securely communicating with a second money module. Both trusted agents are capable of establishing a first cryptographically secure session, and both money modules are capable of establishing a second cryptographically secure session. The merchant trusted agent transfers electronic merchandise to the customer trusted agent, and the first money module transfers electronic money to the second money module. The money modules inform their trusted agents of the successful completion of payment, and the customer may use the purchased electronic merchandise.
-
Citations
101 Claims
-
1. A method for certifying a device, said method comprising:
-
providing a certifying authority with an authority public key known to said device;
generating a device key pair for said device, said device key pair including a device private key and a device public key which are stored in a memory;
exporting said device public key to said certifying authority;
enabling said certifying authority to perform a verification that said device public key emerged from said device, and that said device was not attacked by a tampering phenomenon, and whereupon said verification being successful said certifying authority certifying that said device is in an untampered state;
regenerating a new device key pair in response to a predetermined event; and
digitally signing data comprising a device public key of the new device key pair with the device private key.
-
-
2. A device having an input and an output, said device comprising:
-
a memory;
a certifying authority having an authority public key known to said device;
a key pair generator which generates a device key pair for said device, said device key pair includes a device private key and a device public key which are stored in said memory, said device key pair generator is capable of exporting said device public key via said output to said certifying authority such that said certifying authority is enabled to perform a verification that said device public key emerged from said device, and that said device was not attacked by a tampering phenomenon, and whereupon said verification being successful said certifying authority is able to certify that said device is in an untampered state, wherein said device key pair generator regenerates a new key pair in response to a predetermined event; and
a transition certificate which certifies an authenticity of said new key pair. - View Dependent Claims (3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A device comprising:
-
a certifying authority;
a first key pair generator for generating a public key made available to a plurality of third party users, and for generating a private key retained in said memory, a certification circuit for exporting said public key to said certifying authority such as to enable said certifying authority to verify said public key, to certify that said public key emerged from said device, and to certify that said device is untampered; and
a key pair regenerator for forming a new key pair, upon an occurrence of a predetermined event, where said key pair includes a new public key and a new private key.
-
-
14. A method for a certifying authority to certify an untampered state of a device, said method comprising:
-
a certifying authority having an authority public key known to said device;
generating a device key pair for said device, said device key pair including a device private key and a device public key which are stored in said memory;
exporting said device public key to said certifying authority;
enabling said certifying authority to perform a verification that said device public key emerged from said device, and that said device was not attacked by a tampering phenomenon, and whereupon said verification being successful said certifying authority certifying that said device is in an untampered state;
regenerating a new key pair in response to a predetermined event; and
generating a transition certificate certifying authenticity of said new key pair. - View Dependent Claims (15, 16, 17, 18, 19, 20, 21)
-
-
22. A device having an input and an output, said device comprising:
-
a memory;
a tamper circuit coupled to said memory and being responsive to a tampering phenomenon, such that a certifying authority can determine an occurrence of said phenomenon, said certifying authority having an authority public key known to said device;
a key pair generator which generates a device key pair for said device, said device key pair includes a device private key and a device public key which are stored in said memory, said device key pair generator is capable of exporting said device public key via said output to said certifying authority such that said certifying authority is enabled to perform a verification that said device public key emerged from said device, and that said device was not attacked by said tampering phenomenon, and whereupon said verification being successful said certifying authority is able to certify that said device is in an untampered state, wherein said device key pair generator regenerates a new key pair in response to a predetermined event; and
wherein said device digitally signs a public key of the new key pair using the device private key of the device key pair. - View Dependent Claims (23, 24, 25, 26, 27, 28, 29, 30, 31, 32)
-
-
33. A method for a certifying authority to certify an untampered state of a device, said method comprising:
-
providing a tamper circuit being responsive to a tampering phenomenon;
a certifying authority determining an occurrence of said phenomenon, said certifying authority having an authority public key known to said device;
generating a device key pair for said device, said device key pair including a device private key and a device public key which are stored in said memory;
exporting said device public key to said certifying authority;
enabling said certifying authority to perform a verification that said device public key emerged from said device, and that said device was not attacked by said tampering phenomenon, and whereupon said verification being successful said certifying authority certifying that said device is in an untampered state;
regenerating a new key pair in response to a predetermined event; and
digitally signing a public key of the new key pair using the device private key of the device key pair. - View Dependent Claims (34, 35, 36, 37, 38, 39, 40)
-
-
41. A device having an input and an output, said device comprising:
- a memory;
said certifying authority having an authority public key known to said device;
a key pair generator which generates a device key pair for said device, said device key pair includes a device private key and a device public key which are stored in said memory, said device key pair generator is capable of exporting said device public key via said output to said certifying authority such that said certifying authority is enabled to perform a verification that said device public key emerged from said device, wherein said device key pair generator regenerates a new key pair in response to a predetermined event; and
wherein said device digitally signs a public key of the new key pair using the device private key of the device key pair. - View Dependent Claims (42, 43, 44, 45, 46, 47, 48, 49, 50, 51)
- a memory;
-
52. A device comprising:
-
a tamper responsive circuit;
a certifying authority;
a first key pair generator for generating a public key made available to a plurality of third party users, and for generating a private key retained in said memory;
a certification circuit for exporting said public key to said certifying authority such as to enable said certifying authority to verify said public key, to certify that said public key emerged from said device, and to certify that said device is untampered; and
a key pair regenerator for forming a new key pair, upon an occurrence of a predetermined event, where said key pair includes a new public key and a new private key.
-
-
53. A method for a certifying authority to certify an untampered state of a device, said method comprising:
-
a certifying authority having an authority public key known to said device;
generating a device key pair for said device, said device key pair including a device private key and a device public key which are stored in said memory;
exporting said device public key to said certifying authority;
enabling said certifying authority to perform a verification that said device public key emerged from said device, regenerating a new key pair in response to a predetermined event; and
digitally signing a public key of the new key pair using the device private key of the device key pair. - View Dependent Claims (54, 55, 56, 57, 58, 59, 60)
-
-
61. A device having an input and an output, said device comprising:
-
a memory;
a tamper circuit coupled to said memory and being responsive to a tampering phenomenon, such that a certifying authority can determine an occurrence of said phenomenon, said certifying authority having an authority public key known to said device;
a key pair generator which generates a device key pair for said device, said device key pair includes a device private key and a device public key which are stored in said memory, said device key pair generator is capable of exporting said device public key via said output to said certifying authority such that said certifying authority is enabled to perform a verification that said device public key emerged from said device, and that said device was not attacked by said tampering phenomenon, and whereupon said verification being successful said certifying authority is able to certify that said device is in an untampered state, wherein said device key pair generator regenerates a new key pair in response to a predetermined event; and
a transition certificate which certifies an authenticity of said new key pair. - View Dependent Claims (62, 63, 64, 65, 66, 67, 68, 69, 70, 71, 72, 73, 74, 75, 76)
-
-
77. A device having a memory which includes data required to be erased upon a tampering attempt, said device comprising:
-
a tamper responsive circuit having an enabling capability;
a certifying authority;
an initialization circuit wherein said certifying authority enables said tamper responsive circuit using said enabling capability;
a first key pair generator for generating a public key made available to a plurality of third party users, and for generating a private key retained in said memory;
a certification circuit for exporting said public key to said certifying authority such as to enable said certifying authority to verify said public key, to certify that said public key emerged from said device, and to certify that said device is untampered; and
a key pair regenerator for forming a new key pair, upon an occurrence of a predetermined event, where said key pair includes a new public key and a new private key. - View Dependent Claims (78, 79, 80, 81, 82)
-
-
83. A method for a certifying authority to certify an untampered state of a device, said method comprising:
-
providing a tamper circuit being responsive to a tampering phenomenon;
a certifying authority determining an occurrence of said phenomenon, said certifying authority having an authority public key known to said device;
generating a device key pair for said device, said device key pair including a device private key and a device public key which are stored in said memory;
exporting said device public key to said certifying authority;
enabling said certifying authority to perform a verification that said device public key emerged from said device, and that said device was not attacked by said tampering phenomenon, and whereupon said verification being successful said certifying authority certifying that said device is in an untampered state;
regenerating a new key pair in response to a predetermined event; and
generating a transition certificate certifying authenticity of said new key pair. - View Dependent Claims (84, 85, 86, 87, 88, 89, 90)
-
-
91. A method for certifying a device, comprising:
-
generating a first key pair for said device, said first key pair including a first private key and a first public key;
exporting said first public key to a certifying authority;
said certifying authority certifying said device; and
generating a second key pair in response to a predetermined event, the second key pair including a second private key and a second public key.
-
-
92. A method for certifying a device, comprising:
-
generating a first key pair for said device, said first key pair including a first private key and a first public key;
exporting said first public key to a certifying authority;
said certifying authority certifying said device;
generating a second key pair in response to a predetermined event, the second key pair including a second private key and a second public key; and
digitally signing data comprising the second public key with the first private key. - View Dependent Claims (93, 94, 95, 96, 97, 98, 99, 100, 101)
-
Specification