ELECTRONIC LOCK BOX WITH TIME-RELATED DATA ENCRYPTION BASED ON USER-SELECTED PIN
First Claim
1. An electronic lock box apparatus, comprising:
- an electrical power source, a controller circuit, a secure compartment having an access member actuated by a prime mover apparatus, a manual data entry apparatus, and a device reader port; and
a portable memory device that communicates with said device reader port, said portable memory device containing a plurality of memory elements that store a first data value, in which said first data value comprises a diversified numeric value that is;
(A) partially based on a previously-selected first user-determined code, (B) partially based on a predetermined encryption key, and (C) partially based on an epoch time value that was determined at an earlier real time, but (D) is not based upon an identification number of any electronic lock box apparatus;
wherein, said controller circuit is configured;
(a) to determine a present epoch time value, to determine a predetermined epoch time expiration period, to determine a cryptographic seed value for use with a data encryption algorithm;
(b) to read said first data value that is stored on said portable memory device;
(c) to decrypt said first data value using;
(i) said data encryption algorithm, based upon said cryptographic seed value, and (ii) said present epoch time value, but (iii) not using an identification number of any electronic lock box apparatus, to thereby determine a second data value;
(d) to receive a second user-determined code that is entered at said manual entry apparatus;
(e) to compare said second user-determined code to said second data value; and
(f) to allow access to said secure compartment, if said second user-determined code is exactly equal, digit by digit, to said second data value, by actuating said prime mover apparatus to open said access member.
2 Assignments
0 Petitions
Accused Products
Abstract
An electronic lock box contains a secure compartment for storing keys to a structure. A linear actuator moves in one direction opening the door to the secure compartment, and moves in the opposite direction releasing a shackle that holds the lock box to the structure. A lock box system uses an encryption algorithm to diversify user PIN data at a central computer, and stores that diversified information on a memory card for later use when the user attempts to access a lock box. The central computer and electronic lock box both keep track of system “epoch time,” and the memory card must be presented to the electronic lock box within a correct epoch time window for the diversified PIN data to be successfully decrypted and compared to the user'"'"'s PIN data that is entered on a keypad of the electronic lock box.
19 Citations
23 Claims
-
1. An electronic lock box apparatus, comprising:
-
an electrical power source, a controller circuit, a secure compartment having an access member actuated by a prime mover apparatus, a manual data entry apparatus, and a device reader port; and a portable memory device that communicates with said device reader port, said portable memory device containing a plurality of memory elements that store a first data value, in which said first data value comprises a diversified numeric value that is;
(A) partially based on a previously-selected first user-determined code, (B) partially based on a predetermined encryption key, and (C) partially based on an epoch time value that was determined at an earlier real time, but (D) is not based upon an identification number of any electronic lock box apparatus;wherein, said controller circuit is configured; (a) to determine a present epoch time value, to determine a predetermined epoch time expiration period, to determine a cryptographic seed value for use with a data encryption algorithm; (b) to read said first data value that is stored on said portable memory device; (c) to decrypt said first data value using;
(i) said data encryption algorithm, based upon said cryptographic seed value, and (ii) said present epoch time value, but (iii) not using an identification number of any electronic lock box apparatus, to thereby determine a second data value;(d) to receive a second user-determined code that is entered at said manual entry apparatus; (e) to compare said second user-determined code to said second data value; and (f) to allow access to said secure compartment, if said second user-determined code is exactly equal, digit by digit, to said second data value, by actuating said prime mover apparatus to open said access member. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. A method of operating an electronic lock box system, said method comprising:
-
(a) providing at least one electronic lock box having a secure compartment therein, a first computer circuit, a first memory circuit, a first device reader port, and a first data entry apparatus; (b) providing a processing apparatus having a second computer circuit, a second memory circuit, a communications port for exchanging data with a second device reader port, and a second data entry apparatus; (c) providing a portable memory device having a third memory circuit, and at least one data circuit pathway for communicating with a device reader port; (d) at said second computer circuit; (i) determining;
(A) a first present epoch time value, (B) a predetermined epoch time expiration period, (C) a first cryptographic seed value for use with a data encryption function, and (D) a user'"'"'s first identification code;(ii) using said data encryption function, calculating a diversified value based upon both said first cryptographic seed value and said user'"'"'s first identification code; (iii) coupling said portable memory device to said second device reader port, and communicating said diversified value to said portable memory device; (e) at said at least one electronic lock box; (i) coupling said portable memory device to said first device reader port, and communicating said diversified value from said portable memory device to at least one of said first computer circuit and said first memory circuit; (ii) determining;
(A) a second present epoch time value, (B) a second cryptographic seed value; and
(C) determining a user'"'"'s second identification code from a manual entry at said first data entry apparatus;(iii) using said data encryption function, decrypting said first diversified value based upon said second cryptographic seed value, resulting in a third identification code; and (iv) comparing said user'"'"'s second identification code and said third identification code, and if they exactly match, permitting access to said secure compartment. wherein; (f) said user'"'"'s first identification code is a value that has been determined solely by a human user, and which was provided to said second computer circuit by said human user; and (g) said diversified value is not based upon an identification number of any of said at least one electronic lock box. - View Dependent Claims (16, 17, 18, 19, 20, 21, 22, 23)
-
Specification