Device and method to render secure the transfer of data between a videotex terminal and a server

US 4,941,173 A
Filed: 11/10/1988
Issued: 07/10/1990
Est. Priority Date: 11/13/1987
Status: Expired due to Term

First Claim

Patent Images

1. Exchanging data device comprising:

(a) a videotex terminal having a switching control device, a line interface, a keyboard, a screen, a downstream video adapter connector and a power supply,(b) a package connected to said video adapter connector of said videotex terminal, said package comprising first encryption/decryption means and first dialogue means constituted by;

(i) a central processing unit acting as a microcontroller and having a transmission terminal and a receiving terminal connected to said switching control device of said videotex terminal,(ii) first storage means storing at least one encryption/decryption algorithm, at least one part of a basic key, a confidential code, and an authentication package code,(iii) voltage supplying means connected to said power supply of said videotex terminal,(c) a server comprising second encryption/decryption means and second dialogue means, constituted by second storage means storing said at least one encryption/decryption algorithm, at least one part of said basic key, and a server authentication code.(d) a telematic line connecting said videotex terminal and said server through said line interface of said videotex terminal,(e) said first and second encryption/decryption means of said package and said server and said first and second dialogue means of said package and said server operative in a first presession mode and in a second session mode subsequent to said presession mode,(f) wherein said presession mode includes;

(i) carrying out a predetermined sequence of operations including inputting of said confidential code by a user via said keyboard of said videotex terminal, checking said confidential code in said package for validity, carrying out mutual authentication validity checks between said package and said server using said package and server authentication codes,(ii) sending from said server to said package a session key ciphered according to said basic key, said session key being then stored in said first storage means of said package, said central processing unit of said package acting on said switching control device of said videotex terminal to inhibit a linking between said keyboard and said line interface of said videotex terminal and monitoring any action on said switching control device having an origin external to said package, any such action leading to the presession mode being aborted,(g) said session mode including exchanging messages ciphered/deciphered according to said session key.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The protection of the transfer of data between a videotex terminal (TVX) and a server (SE) is carried out by means of an additional package (BA) connected to a video adaptor connector (PPI) of the terminal (TVX). In a presession embodiment, the package acts on the switching device (AIG) of the terminal by monitoring any other action on said switching equipment. The switching cabinet and the server conduct dialogue according to a predetermined sequence of operations comprising the definition of a transmitted session key encrypted in accordance with a basic key. Any anomaly occuring during this dialogue aborts the presession mode.

Citations

15 Claims

1. Exchanging data device comprising:
- (a) a videotex terminal having a switching control device, a line interface, a keyboard, a screen, a downstream video adapter connector and a power supply,(b) a package connected to said video adapter connector of said videotex terminal, said package comprising first encryption/decryption means and first dialogue means constituted by;
  
  (i) a central processing unit acting as a microcontroller and having a transmission terminal and a receiving terminal connected to said switching control device of said videotex terminal,(ii) first storage means storing at least one encryption/decryption algorithm, at least one part of a basic key, a confidential code, and an authentication package code,(iii) voltage supplying means connected to said power supply of said videotex terminal,(c) a server comprising second encryption/decryption means and second dialogue means, constituted by second storage means storing said at least one encryption/decryption algorithm, at least one part of said basic key, and a server authentication code.(d) a telematic line connecting said videotex terminal and said server through said line interface of said videotex terminal,(e) said first and second encryption/decryption means of said package and said server and said first and second dialogue means of said package and said server operative in a first presession mode and in a second session mode subsequent to said presession mode,(f) wherein said presession mode includes;
  
  (i) carrying out a predetermined sequence of operations including inputting of said confidential code by a user via said keyboard of said videotex terminal, checking said confidential code in said package for validity, carrying out mutual authentication validity checks between said package and said server using said package and server authentication codes,(ii) sending from said server to said package a session key ciphered according to said basic key, said session key being then stored in said first storage means of said package, said central processing unit of said package acting on said switching control device of said videotex terminal to inhibit a linking between said keyboard and said line interface of said videotex terminal and monitoring any action on said switching control device having an origin external to said package, any such action leading to the presession mode being aborted,(g) said session mode including exchanging messages ciphered/deciphered according to said session key.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- - 2. The device according to claim 1, wherein said package further comprises first display means indicating inhibition of a linking between said line interface and said keyboard of said videotex terminal and second display means indicating a setting up of said session key.
  - 3. The device according to claim 1, wherein said session key is generated using at least one first random number.
  - 4. The device according to claim 1, wherein said session key includes a first primary key generated by said server, the said predetermined sequence of operations including the sending of said primary key from said server to said package.
  - 5. The device according to claim 1, wherein said first storage means include ROM and EPROM means, said EPROM means including special information ciphered by said first encryption/decryption means by means of a storage key.
  - 6. The device according to claim 5, wherein said storage key is a combination of at least one initial key and one intermediate key, said initial key being stored in said ROM means, whereas said intermediate key is stored in said EPROM means, and is ciphered by said first encryption/decryption means by using said initial key.
  - 7. The device according to claim 1, wherein said basic key is a single key stored both in said first storage means of said package and in said second storage means of said server.
  - 8. The device according to claim 1, wherein said session key is a combination of a first primary key generated by said server and a second primary key generated by said package, said predetermined sequence of operations including the sending of said first primary key by the server to said package and the sending of the second primary key by the package to the server.
  - 9. The device according to claim 8, wherein said first primary key is generated from a first random number and said secondary key is generated from a second random number.
  - 10. The device according to claim 9, wherein said second random number depends on the time elapsing between the request for inputting said confidential code and the actual input onto the keyboard.
  - 11. The device according to claim 1, wherein said basic key includes a public key stored in said second storage means of said server and a secret key stored in said first storage means of said package, the public and secret keys being complementary to each other.
  - 12. The device according to claim 1, wherein the session key is a first primary key generated by said server.
  - 13. The device according to claim 1, wherein said package also includes a special mode activated at least when first applying power to said videotex terminal, enabling personalized information to be stored in said package.

14. A method for exchanging data between videotex terminal having a switching control device, a keyboard, a screen and a downstream video adapter connector, anda server by means of a package connected to said video adapter connector of said videotex terminal,wherein said package and said server are provided respectively with first encryption/decryption means and second encryption/decryption means,and wherein said package operates firstly in a presession mode for controlling access to the server and subsequently in a session mode for the transmission of messages between the videotex terminal and said server once the session mode is established,wherein in said presession mode said package acts on said switching control device of said videotex terminal to establish a session mode by first authenticating the identity of the user, the package and the server,wherein the server and the package communicate using said first and second encryption/decryption means, which operate using a predetermined basic key, andwherein the server and the package communicate by a predetermined sequence of operations in accordance with a session key ciphered according to said basic key, andwherein the package monitors said switching control device for any other action on the switching control device having an origin external to the package or any other anomaly in the order of said sequence or the results of said sequence, said presession mode being aborted upon occurrence of any of the monitored conditions.

15. A method for exchanging data between a videotex terminal and a server by way of a package whereinsaid videotex terminal includes a switching control device, an interface line, an input device, a display device and a connector,said package connected to said connector and said server is connected to said interface line, andsaid package includes a first means for encrypting/decrypting using a predetermined basic key, andsaid server includes a second means for encrypting/decrypting using said predetermined basic key,said package and said server communicating by a predetermined sequence of operations in accordance with a session key ciphered using said basic key and said package operates in a presession mode and subsequently in a session mode, said method comprising the steps of:
- operating in a presession mode by obtaining a user confidential code from said input device of said videotex terminal and checking said code for validity,carrying out mutual authentication validity checks between said package and said server using authentication codes furnished by said package and said servercausing a session key to be sent from said server to said package ciphered according to said basic key,inhibiting a connection between said input device and said interface line in the presession mode, andaborting said presession mode upon detecting a failed validity check or any action on said switching control device having an origin external to said package, andwherein said session mode includes exchanging messages ciphered/deciphered according to said session key.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Dominique Hamel, Jean-Pierre Boule, Martial Menconi
Original Assignee
Dominique Hamel, Jean-Pierre Boule, Martial Menconi
Inventors
Boule, Jean-Pierre, Menconi, Martial, Hamel, Dominique
Primary Examiner(s)
Tarcza, Thomas H.
Assistant Examiner(s)
Cain, David

Application Number

US07/269,592
Time in Patent Office

607 Days
Field of Search

380/25, 380/23, 380/9, 380/48, 380/49, 380/20
US Class Current

713/155
CPC Class Codes

H04L 9/0827   involving distinctive inter...

H04L 9/0844   with user authentication or...

H04M 11/085   using a television receiver...

Device and method to render secure the transfer of data between a videotex terminal and a server

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

Citations

15 Claims

Specification

Solutions

Use Cases

Quick Links

Device and method to render secure the transfer of data between a videotex terminal and a server

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

15 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links