Security module for an electronic funds transfer system
First Claim
1. A security module, for authenticating messages having a plurality of different formats and cryptographic authenticators, contained in a tamper-resistant housing and including two data input devices, a display unit, at least one input/output port for connecting the module to an external processor and a security controller, characterised in that the security controller includes:
- at least one read only memory which stores a state table and a module master encryption key;
a control logic unit including a microprocessor and a control store which stores a plurality of different control function routines invoked by different entries in the state table;
function key generation means to generate different encryption keys dependent upon a particular control function and a derivative of the module master key; and
means to perform encryption and decryption operations on messages transmitted to and from the module using keys transmitted to the module encrypted under one of a number of derivatives of the module master key to authenticate said messages;
whereby data input to the module at the first of the two data input devices is used to determine the control function routine that the module is to perform and the encryption key used to encode data input at the second data input device.
1 Assignment
0 Petitions
Accused Products
Abstract
A security module for use in an electronic funds transfer terminal is contained in a tamper-resistant housing. The module has a PIN pad and is designed to encrypt secret data, such as users personal identity numbers (PINs), so that other terminal processes cannot gain access to it. The encryption functions are carried out in a security controller which includes its own microprocessor and encryption/decryption unit.
112 Citations
7 Claims
-
1. A security module, for authenticating messages having a plurality of different formats and cryptographic authenticators, contained in a tamper-resistant housing and including two data input devices, a display unit, at least one input/output port for connecting the module to an external processor and a security controller, characterised in that the security controller includes:
-
at least one read only memory which stores a state table and a module master encryption key; a control logic unit including a microprocessor and a control store which stores a plurality of different control function routines invoked by different entries in the state table; function key generation means to generate different encryption keys dependent upon a particular control function and a derivative of the module master key; and means to perform encryption and decryption operations on messages transmitted to and from the module using keys transmitted to the module encrypted under one of a number of derivatives of the module master key to authenticate said messages;
whereby data input to the module at the first of the two data input devices is used to determine the control function routine that the module is to perform and the encryption key used to encode data input at the second data input device. - View Dependent Claims (2, 3, 4)
-
-
5. A method of using a security module in an electronic funds transfer system terminal to secure secret data from other terminal processes, and in which the security module has a data input device for receiving secret data comprising the steps of:
-
storing in the module a set of master keys each encrypted under a respective function key; transmitting to the security module from a terminal process a function request and a function key; decoding the appropriate master key using the function key; and encoding the secret data using the decoded master key in the security module and transmitting the encoded data to the terminal processes. - View Dependent Claims (6, 7)
-
Specification