Method and apparatus for providing cellular telephone service using an authenticating cellular telephone device
First Claim
1. A method for providing telephone service in a telephone service provider, comprising the steps of:
- receiving an identity public key transmitted from a telephone to said service provider;
providing source test data, said step of providing source test data being performed by said service provider;
performing a pair of complementary data transformations of said source test data to produce resultant test data, by;
(a) performing a first data transformation of said pair of complementary data transformations according to a first public/private key encryption algorithm using said identity public key, said performing a first data transformation step being performed by said service provider, and (b) requesting said telephone to perform a second data transformation of said pair of complementary data transformations according to said first public/private key encryption algorithm using an identity private key stored in said telephone, and receiving the results of said second data transformation;
comparing said source test data to said resultant test data, said comparing step being performed by said service provider;
providing service to said telephone depending on whether said source test data matches said resultant test data.
0 Assignments
0 Petitions
Accused Products
Abstract
A smart chip protection system contains a unique public/private identity key pair and uses a separate public/private signature key pair. The internally stored identity private key can not be read outside the chip. An issuing entity generates a descriptor containing the identity public key, attribute data, and a digital signature of the two, using a signature private key known only to the issuer. The authenticity of the descriptor is verified by decrypting the signature using the signature public key, and comparing the result to source data. An object'"'"'s identity can be verified by requesting the smart chip to perform a data transformation using its identity private key, and performing the complement using the public key. An exemplary embodiment is a cellular telephone, in which a service provider verifies identity of the telephone and correct signature as a condition to providing service.
-
Citations
20 Claims
-
1. A method for providing telephone service in a telephone service provider, comprising the steps of:
-
receiving an identity public key transmitted from a telephone to said service provider;
providing source test data, said step of providing source test data being performed by said service provider;
performing a pair of complementary data transformations of said source test data to produce resultant test data, by;
(a) performing a first data transformation of said pair of complementary data transformations according to a first public/private key encryption algorithm using said identity public key, said performing a first data transformation step being performed by said service provider, and (b) requesting said telephone to perform a second data transformation of said pair of complementary data transformations according to said first public/private key encryption algorithm using an identity private key stored in said telephone, and receiving the results of said second data transformation;
comparing said source test data to said resultant test data, said comparing step being performed by said service provider;
providing service to said telephone depending on whether said source test data matches said resultant test data. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A method in a telephone service provider for updating attribute data contained in a telephone, comprising the steps of:
-
obtaining a descriptor associated with said telephone, said descriptor including an identity public key for transforming data according to a first public/private key encryption algorithm, attribute data, and a digital signature;
verifying that said digital signature matches said attribute data and said identity public key;
performing a pair of complementary data transformations of source test data to produce resultant test data, a first of said pair of complementary data transformations being performed by said service provider according to said first public/private key encryption algorithm using said identity public key, and a second of said pair of complementary data transformations being performed by requesting said telephone to perform said second data transformation according to said first public/private key encryption algorithm using an identity private key in said telephone and receiving data from said telephone responsive to said request, said identity private key corresponding to said identity public key according to said first public/private key encryption algorithm;
comparing said source test data with said resultant test data;
depending on the results of said step of comparing said source test data with said resultant test data, generating an updated descriptor, said updated descriptor comprising said identity public key, updated attribute data, and a digital signature of said identity public key and said updated attribute data; and
transmitting said updated descriptor to said telephone. - View Dependent Claims (13, 14, 15, 16, 17)
-
-
18. A computer program product for operating a communication station of a telephone service in a telephone service provider, comprising:
-
a plurality of computer-executable instructions, wherein said instructions, when executed on at least one digital data processing system of a telephone service provider, cause the at least one digital data processing system to perform the steps of;
receiving an identity public key transmitted from a telephone to said service provider;
providing source test data;
causing a pair of complementary data transformations of said source test data to be performed to produce resultant test data, by;
(a) performing a first data transformation of said pair of complementary data transformations according to a first public/private key encryption algorithm using said identity public key, and (b) requesting said telephone to perform a second data transformation of said pair of complementary data transformations according to said first public/private key encryption algorithm using an identity private key stored in said telephone, and receiving the results of said second data transformation;
comparing said source test data to said resultant test data; and
providing service to said telephone depending on whether said source test data matches said resultant test data. - View Dependent Claims (19, 20)
-
Specification