System and method for secure communication of components inside self-service automats

US 20100310069A1
Filed: 10/22/2009
Published: 12/09/2010
Est. Priority Date: 12/09/2008
Status: Active Grant

First Claim

Patent Images

1. A method for securing communication of components inside self-service automats that are connected to each other by a bus system, with a transmitter and a receiver, comprising exchanging data as tuples (C,A,R,N,Z) on the transport layer of the bus system, whereC are the message data M encrypted with an encryption key,A are the message data M authenticated with an authentication key,R represents the role of a component on the bus system of active or passive participants,N represents a message counter,Z represents a session counter.

View all claims

10 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Method to secure the communication of components within self-service automats that are linked to each other by a bus system, having a transmitter and a receiver, characterized in that data are exchanged as tuples (C,A,R,N,Z) on the transport layer of the bus system where

- C are the message data M encrypted with an encryption key,
- A are the message data M authenticated with an authentication key,
- R represents the role of a component on the bus system of active or passive participants,
- N represents a message counter,
- Z represents a session counter.

Citations

22 Claims

1. A method for securing communication of components inside self-service automats that are connected to each other by a bus system, with a transmitter and a receiver, comprising exchanging data as tuples (C,A,R,N,Z) on the transport layer of the bus system, whereC are the message data M encrypted with an encryption key,A are the message data M authenticated with an authentication key,R represents the role of a component on the bus system of active or passive participants,N represents a message counter,Z represents a session counter.
- View Dependent Claims (2, 3, 6, 8, 10, 11, 12)
- - 2. The method of claim 1, wherein a tuple (C,A,R,N,Z, {circumflex over (N)}, {circumflex over (Z)}) is on the transport layer of the bus system, where {circumflex over (N)} is a message counter for the Δ
    - -last messages N and {circumflex over (Z)} a last session counter for the Δ
      
      -last messages.
  - 3. The method of claim 2, wherein the Δ
    - -last messages are allowed to be lost in the transmission without the application layer above being informed thereof, in which the transmitter for a channel notes the session number {circumflex over (Z)} and message number {circumflex over (N)} for the last Δ
      
      -last messages and also sends in each message, in addition to the pair (N,Z), the pair ({circumflex over (Z)} {circumflex over (N)}) as the current session counter, so that a check is enabled at the receiver.
  - 6. The method of claim 1, wherein A:
    - =Auth[K_auth^R, N, M, |M|], where K_auth^Ris the result of a key generation procedure using a common key K, and/or C;
      
      =ENC└
      
      K_enc^R,Z,N,M┘
      
      , where K_enc^Ris the result of a key generation procedure using a common key K.
  - 8. The method from one or more of the preceding claims, wherein the following steps are performed while transmitting, check whether the message counter N<
    - N_max|_[mn1], if this is given, set N;
      
      =N+1.
  - 10. The method of claim 1, wherein the following steps are carried out while transmitting, taking into account that the last session counter is Z and the last message counter is N,check whether session number Z≦
    - Z_max,check whether message number N≦
      
      N_max,compare tuples ({circumflex over (Z)}, {circumflex over (N)}) and ( Z, N), if more than Δ
      
      messages have been lost, an error is generated, otherwise,carry out decryptioncarry out authentication.
  - 11. The method of claim 10, wherein the decrypted data are calculated as follows, whereM′
    - ;
      
      =DEC└
      
      K_dec^R,C┘ and
      
      authentication is given if A=A′
      
      whereA′
      
      ;
      
      =Auth[K_ver^R,N,M′
      
      ,|C|].
  - 12. The method of claim 1, wherein the self-service automat is an automated banking machine and/or the bus system is a USB.

4. The method from of claim 4, wherein a common key K is used for authentication and/or encryption that was generated at the time of production and assembly of the self-service automat on the basis of certificates from a PKI and that is securely filed in the components.

5. The method of claim 5, wherein the key K is stored in a Trusted Platform Module (TPM).

7. (canceled)

9. (canceled)

13. A self-service automat component that has a connection for a bus system via which it is connected to other self-service automat components, comprising a computing unit that is set up and configured such that data are exchanged as tuples on the transport layer of the bus system, whereC are the message data M encoded using an encryption key,A are the message data M authenticated using an authentication key,R represents the role of a component on the bus system of active (transmitter) or passive (receiver) participants,N represents a message counter,Z represents a session counter.
- View Dependent Claims (14, 15, 16, 17, 18, 19, 20, 21, 22)
- - 14. The self-service automat component of claim 13, wherein means are available to exchange a tuple (C,A,R,N,Z, {circumflex over (N)}, {circumflex over (Z)}) on the transport layer of the bus system, where {circumflex over (N)} is a message counter for the Δ
    - -last messages N, {circumflex over (Z)} a last session counter for the Δ
      
      -last messages.
  - 15. The self-service automat component of claim 14, wherein means are available that allow the Δ
    - -last messages to be lost in transmission without the application layer above being informed thereof, the transmitter for a channel notes the session number {circumflex over (Z)} and message number {circumflex over (N)} for the last Δ
      
      -last messages and also sends in each message, in addition to the pair (N,Z), the pair ({circumflex over (Z)} {circumflex over (N)}) as the current session counter, so that a check is enabled at the receiver.
  - 16. The self-service automat component of claim 15, wherein the calculating unit for authentication and/or encryption uses a common key K, wherein means are available to generate and securely file the code K during the production and assembly of the self-service automat on the basis of certificates from a PKI.
  - 17. The self-service automat component of claim 16, comprising a Trusted Platform Module (TPM) in which the key K is filed.
  - 18. The self-service automat component of claim 16, wherein the calculating unit determines the following values, A:
    - =Auth[K_auth^R,N,M,|M|], where K_auth^Ris the result of a secure authentication procedure using a common key K, and/or C;
      
      =ENC└
      
      K_enc^R,Z,N,M┘
      
      , where K_enc^Ris the result of a secure encryption procedure using a common key K.
  - 19. The self-service automat component of claim 13, wherein the calculating unit at the transmitter is configured such that it performs the following steps:
    - Check whether the message counter N<
      
      N_max, if this is the case, set N;
      
      =N+1.
  - 20. The self-service automat component of claim 13, wherein the calculating unit at the receiver is configured such that the following steps are performed, taking into account that the last session counter is Z and the last message counter is N,check whether session number Z≦
    - Z_maxcheck whether message number N≦
      
      N_maxcompare the tuples ({circumflex over (Z)}, {circumflex over (N)}) and ( Z, N), if more than Δ
      
      messages have been lost, an error is generated, otherwisecarry out decryptioncarry out authentication.
  - 21. The self-service automat component of claim 20, wherein the calculating unit calculates the decrypted data as follows,M′
    - ;
      
      =DEC└
      
      K_dec^R, C,┘ and
      
      /orauthentication is given if A=A′
      
      , where A′
      
      ;
      
      =Auth[K_ver^R,N,M′
      
      ,|C|],
  - 22. The self-service automat component of claim 13, wherein the self-service automat is an automated teller machine and/or the bus system is a USB bus with wired or wireless operation.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Diebold Nixdorf Systems GmbH (Diebold Nixdorf, Incorporated)
Original Assignee
Wincor Nixdorf International GmbH (Diebold Nixdorf, Incorporated)
Inventors
Bloemer, Johannes, Krummel, Volker, Runowski, Matthias, Nolte, Michael

Granted Patent

US 8,787,569 B2
Time in Patent Office

Days
Field of Search
US Class Current

380/44
CPC Class Codes

G06F 21/606   by securing the transmissio...

G06F 21/72   in cryptographic circuits

G06Q 20/3823   combining multiple encrypti...

G06Q 20/3829   involving key management

G07F 19/20   Automatic teller machines [...

H04L 9/0861   Generation of secret inform...

System and method for secure communication of components inside self-service automats

First Claim

10 Assignments

0 Petitions

Accused Products

Abstract

Citations

22 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for secure communication of components inside self-service automats

First Claim

10 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

22 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links