End-to-end encryption system and method of operation

US 4,578,530 A
Filed: 12/07/1983
Issued: 03/25/1986
Est. Priority Date: 06/26/1981
Status: Expired due to Term

First Claim

Patent Images

1. A method of operating a network/interchange transaction execution system of the type comprising a plurality of transaction terminals, a plurality of acquirer stations, each being associated with one or more separate transaction terminals, a plurality of issuer stations, each of which includes a data processor which stores account information for a plurality of accounts, and a network switch which communicatively interconnects the acquirer stations with the issuer stations, the method comprising the steps of:

(a) generating, encrypting and storing at each said acquirer station, a plurality of encrypted pairs of session keys for each terminal, each key being encrypted once in a first master key and once in a second master key, and, in addition, computing a session key authentication code (SKAC) unique to each encrypted pair of session keys;

(b) receiving and identifying network/interchange transaction information and a personal identification number, PINc, from a user at one of said transaction terminals, encrypting the PINc with a first session key, KS_n, transmitting to the acquirer station associated with said transaction terminal a network/interchange request message comprised of the encrypted PINc and the transaction data;

(c) at the associated acquirer station, receiving the network/interchange request message from said transaction terminal and retransmitting the network/interchange request message to the network switch along with the session key encrypted in a second master key, e[KM₂ ](KS_n);

(d) at the network switch, receiving the network/interchange request message and the encrypted session key, reencrypting the session key in a third master key, e[KM₃ ](KS_n), and retransmitting the network/interchange request message along with the third master key encrypted session key to a particular issuer station specified by data in the network/interchange request message;

(e) at the issuer station, receiving the request message and the encrypted session key, e[KM₃ ](KS_n), decrypting the session key, decrypting the encrypted PINc, accessing the data base for the account specified in the transaction data, comparing and verifying the PINc with a corresponding PIN stored in the data base for that account, specifying an authorization code, to the acquirer station through the network switch;

(f) at the acquirer station, appending a new first master key encrypted session key e[KM₁ ](KS_n+1) along with the corresponding SKAC_n+1 to the reply message and relaying the reply message to said transaction terminal; and

(g) at the terminal, recomputing and verifying the SKAC_n+1 and acting on the authorization code to respond to the transaction terminal user.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An efficient end-to-end encryption system including key management procedures for providing secure, financial data communication between a system user at one of a plurality of transaction terminals of one of a plurality of acquirer institutions and one of a plurality of issuer institutions, with selected elements of the data being encrypted, decrypted, and processed using a onetime session key which is similarly encrypted with master keys and efficiently sent along with the specific segments of the request and response messages. A session key authentication code is utilized to prevent the replay of a previously used session key, thereby precluding undetected message replay or undetected message or data element substitution or insertion.

594 Citations

12 Claims

1. A method of operating a network/interchange transaction execution system of the type comprising a plurality of transaction terminals, a plurality of acquirer stations, each being associated with one or more separate transaction terminals, a plurality of issuer stations, each of which includes a data processor which stores account information for a plurality of accounts, and a network switch which communicatively interconnects the acquirer stations with the issuer stations, the method comprising the steps of:
- (a) generating, encrypting and storing at each said acquirer station, a plurality of encrypted pairs of session keys for each terminal, each key being encrypted once in a first master key and once in a second master key, and, in addition, computing a session key authentication code (SKAC) unique to each encrypted pair of session keys;
  
  (b) receiving and identifying network/interchange transaction information and a personal identification number, PINc, from a user at one of said transaction terminals, encrypting the PINc with a first session key, KS_n, transmitting to the acquirer station associated with said transaction terminal a network/interchange request message comprised of the encrypted PINc and the transaction data;
  
  (c) at the associated acquirer station, receiving the network/interchange request message from said transaction terminal and retransmitting the network/interchange request message to the network switch along with the session key encrypted in a second master key, e[KM₂ ](KS_n);
  
  (d) at the network switch, receiving the network/interchange request message and the encrypted session key, reencrypting the session key in a third master key, e[KM₃ ](KS_n), and retransmitting the network/interchange request message along with the third master key encrypted session key to a particular issuer station specified by data in the network/interchange request message;
  
  (e) at the issuer station, receiving the request message and the encrypted session key, e[KM₃ ](KS_n), decrypting the session key, decrypting the encrypted PINc, accessing the data base for the account specified in the transaction data, comparing and verifying the PINc with a corresponding PIN stored in the data base for that account, specifying an authorization code, to the acquirer station through the network switch;
  
  (f) at the acquirer station, appending a new first master key encrypted session key e[KM₁ ](KS_n+1) along with the corresponding SKAC_n+1 to the reply message and relaying the reply message to said transaction terminal; and
  
  (g) at the terminal, recomputing and verifying the SKAC_n+1 and acting on the authorization code to respond to the transaction terminal user.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. A method of operating a network/interchange transaction execution system as recited in claim 1 wherein the computation of said SKAC at the acquirer station is performed by concatenating a terminal identifier with the value in a session key counter associated with that terminal and encrypting the result.
  - 3. A method of operating a network/interchange transaction execution system as recited in claim 1 further comprising the step at said terminal of storing the new encrypted session key KS_n+1 and discarding the previous session key at the conclusion of the then pending transaction.
  - 4. A method of operating a network/interchange transaction as recited in claim 1 further comprising the step of, at the terminal, requesting a new session key from the acquirer station if the SKAC is not properly verified.
  - 5. A method of operating a network/interchange transaction execution system as recited in claim 1 further comprising the steps of, at said acquirer station, receiving the network/interchange request message from the transaction terminal, locating in storage the second master key encrypted session key, corresponding to the session key used by said transaction terminal to encrypt the PINc, and transmitting said second master key encrypted session key to the network switch.
  - 6. A method of operating a network/interchange transaction execution system as recited in claim 1 further comprising the steps of(a) at said transaction terminal, concatenating the PINc and selected elements of the transaction data, computing a first message authentication code, MAC1, using the concatenated data and the session key KS_n, and transmitting the MAC1 as part of the network/interchange request message to the acquirer station to be relayed through the network switch to the issuer station;
    - (b) at said issuer station, recomputing and verifying the MAC1 using the same PINc, the selected data elements, and the decrypted session key KS_n, then computing a second message authentication code, MAC2, for the reply message using the session key, KS_n, and transmitting the MAC2 to said acquirer station and said transaction terminal through the network switch; and
      
      (c) at said transaction terminal, recomputing and verifying the MAC2 using the session key KS_n.

7. Improved network/interchange transaction execution apparatus of the type comprising a plurality of issuer stations, each having a host data processor which stores account information for a plurality of accounts, a plurality of transaction terminals, a plurality of acquirer stations, each being connected to at least one, separate transaction terminal, and a network switch station communicatively interconnected between the acquirer stations and the issuer stations, and further comprising:
- (a) means at each transaction terminal for receiving the transaction data and a personal identification number, PINc, from a user, for encrypting the PINc with a first session key, KS_n, and for transmitting to the acquirer station connected to said transaction terminal, a network/interchange request message comprised of the encrypted PINc and the transaction data;
  
  (b) means at said acquirer station for receiving the network/interchange request message from said transaction terminal and for retransmitting the network/interchange request message, including the session key encrypted in a second master key, e[KM₂ ](KS_n), to the network switch;
  
  (c) means at the network switch for retransmitting the network/interchange request message to a particular issuer station as specified in transaction data of the network/interchange request and for reencrypting the session key from second master key encryption to encryption in a third master key, e[KM₃ ](KS_n);
  
  (d) means at said issuer station for receiving the network/interchange request message, including the encrypted session key, e[KM₃ ](KS_n), for decrypting the session key, for encrypting the encrypted PINc, for accessing the data base for the account specified in the transaction data, for comparing and verifying the PINc with the corresponding PIN stored in the data base for that account for specifying the authorization code in response to the transaction data, and for transmitting the authorization code to the network switch for relay to said acquirer station;
  
  (e) means at said acquirer station for generating, encrypting and storing a plurality of encrypted pairs of session keys for each terminal, each key being encrypted once in a first master key and once in a second master key and, in addition, computing a session key authentication code SKAC unique to each encrypted pair of session keys, and means at said acquirer station for appending a new first master key encrypted session key e[KM₁ ](KS_n+1) along with the corresponding SKAC_n+1 to the authorization code and relaying the authorization code to the transaction terminal; and
  
  (f) means at said transaction terminal for recomputing and verifying the SKAC_n+1 and acting on the authorization code to respond to the transaction terminal user.
- View Dependent Claims (8, 9, 10, 11, 12)
- - 8. Transaction execution apparatus as recited in claim 7 wherein said means at said acquirer station for computing said SKAC includes a session key counter and operates by concatenating the terminal identifier and the value in said session key counter, and encrypting the result under the session key.
  - 9. Transaction execution apparatus as recited in claim 7 further comprising means at said transaction terminal for replacing the new session key received by the acquirer station and discarding the previously received key at the conclusion of the then pending transaction if the SKAC has been verified.
  - 10. Transaction execution apparatus as recited in claim 7 wherein the verification means at said will generate at least one request for a new session key from the acquirer station if the SKAC is not properly verified.
  - 11. Transaction execution apparatus as recited in claim 7 further comprising:
    - (a) means at said transaction terminal for concatenating the PIN and selected elements of the transaction data, for computing a first message authentication code, MAC1, using the concatenated data and the session key KS_n, and for transmitting the MAC1 as part of the network/interchange request message to said acquirer station;
      
      (b) means at said issuer station for recomputing and verifying the MAC1 using the same PINc and selected elements, for computing a second message authentication code, MAC2, using the session key KS_n, and for transmitting a response message including the MAC2 to said transaction terminal via the network switch and said acquirer station; and
      
      (c) means at said transaction terminal, for recomputing and verifying the MAC2 using the session key KS_n.
  - 12. Transaction execution apparatus as recited in claim 7 further comprising means at said acquirer station for receiving the network/interchange request message from said transaction terminal, for locating in storage the corresponding second master key encrypted session key which is the same session key used to encrypt the PINc at the transaction terminal, and for transmitting the second master key encrypted session key to the network switch.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Visa USA, Inc. (Visa, Inc.)
Original Assignee
Visa USA, Inc. (Visa, Inc.)
Inventors
Zeidler, Howard M.
Primary Examiner(s)
Cangialosi, Salvatore
Assistant Examiner(s)
Lewis, Aaron J.

Application Number

US06/558,916
Time in Patent Office

839 Days
Field of Search

178/22.08, 178/22.09, 178/22.01, 340/825.34
US Class Current

705/71
CPC Class Codes

G06Q 20/02   involving a neutral party, ...

G06Q 20/027   involving a payment switch ...

G06Q 20/3829   involving key management

G06Q 20/401   Transaction verification

G06Q 40/02   Banking, e.g. interest calc...

G07F 7/1016   Devices or methods for secu...

End-to-end encryption system and method of operation

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

594 Citations

12 Claims

Specification

Solutions

Use Cases

Quick Links

End-to-end encryption system and method of operation

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

594 Citations

12 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links