×

Offline PIN validation with DES

  • US 4,661,658 A
  • Filed: 02/12/1985
  • Issued: 04/28/1987
  • Est. Priority Date: 02/12/1985
  • Status: Expired due to Fees
First Claim
Patent Images

1. In a multi-terminal system, a method of offline personal authentication using an authentication tree with an authentication tree function comprising a one-way function, said method employing memory cards issued to users of the system and each user being issued a personal identification number, each of said memory cards having stored thereon a personal key and an index position number representing the tree path for the user to which the card is issued, said method comprising the steps of:

  • calculating an authentication parameter as a function of a personal key read from a user'"'"'s card, a personal identification number entered by a user at a terminal being used, and a global secret key stored in the terminal being used, said global secret key being a common secret key stored at every terminal said calculating an authentication parameter step further comprising the steps of;

    calculating an encrypted personal identification number (PIN), denoted EPIN, by the equation
    
    
    space="preserve" listing-type="equation">EPIN=E.sub.KGb1 (E.sub.PIN (ID)), where KGb1 is a global secret key stored in each terminal and ID is a user identifier, andcalculating an authentication parameter AP by the equation
    
    
    space="preserve" listing-type="equation">AP=RightN[E.sub.KP⊕

    EPIN (ID)⊕

    ID], where the symbol ⊕

    is the Exclusive OR operation and "RightN" is a function that extracts the rightmost N bits in the binary variable denoted by the argument of the function, wherein said binary variable is greater than N bitsmapping the calculated authentication parameter to a verification value using said index position number in said one-way function to the root of said authentication tree,comparing the verification value obtained by mapping the calculated authentication parameter with a global verification value of reference stored at the terminal, said global verification value being a common verification value stored at every terminal andenabling said system if the comparison of the versification value obtained by mapping with the global verification value of reference is favorable.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×