Data exchange system comprising a plurality of user terminals each containing a chip card reading device
First Claim
1. A data exchange system comprising a plurality of terminals each containing a chip card reading device, a security module for storing a secret key, which key is identical for all terminals, said secret key (Ki) being formed of two sub-components (KTi, KT'"'"'i);
- said security module having an erasable programmable read-only memory (EEPROM) for storing one sub-component (KTi);
a decoder means (DEC) provided in the security module;
said decoder means having an input for receiving an enciphered data block (E(Kt'"'"'i)) for the second sub-component (KT'"'"'i) from outside said security module;
said security module having a write-read memory (RAM), for receiving and storing the decoded output signals from said decoder means as a second subcomponent (KT'"'"'i) in a first sub-area of said write-read memory (RAM); and
said security module having means for operating on said two sub-components (KTi, KT'"'"'i) to form a result which is deposited in a second sub-area of the read-write memory (RAM) as an overall key (Ki).
3 Assignments
0 Petitions
Accused Products
Abstract
A secret cipher (Ki) that is the same for all user terminals is formed of two sub-components (KTi, KT'"'"'i) whereof the one sub-component (KTi) is deposited in an erasable, programmable read-only memory (EEPROM). For the second sub-component (KT'"'"'i), an encoded data block (E(KT'"'"'i)) is transmitted from the outside to a decoder means (DEC) provided in the security module, the decoded output signal thereof being deposited as second sub-component (KT'"'"'i) in a first sub-area of a write-read memory (RAM) present in the security module of the user terminal. An overall cipher (Ki) is calculated from the two sub-components (KTi, KT'"'"'i) and the result is deposited in a second sub-area of the write-read memory (RAM).
-
Citations
5 Claims
-
1. A data exchange system comprising a plurality of terminals each containing a chip card reading device, a security module for storing a secret key, which key is identical for all terminals, said secret key (Ki) being formed of two sub-components (KTi, KT'"'"'i);
-
said security module having an erasable programmable read-only memory (EEPROM) for storing one sub-component (KTi); a decoder means (DEC) provided in the security module; said decoder means having an input for receiving an enciphered data block (E(Kt'"'"'i)) for the second sub-component (KT'"'"'i) from outside said security module; said security module having a write-read memory (RAM), for receiving and storing the decoded output signals from said decoder means as a second subcomponent (KT'"'"'i) in a first sub-area of said write-read memory (RAM); and said security module having means for operating on said two sub-components (KTi, KT'"'"'i) to form a result which is deposited in a second sub-area of the read-write memory (RAM) as an overall key (Ki). - View Dependent Claims (2, 3)
-
-
4. A method of protecting access to a data exchange system for which use of a secret key is necessary, comprising the steps of:
-
dividing said secret key into two components (KTi and KT'"'"'i), storing one of said components in a security module; maintaining the other component outside of said security module; and supplying said other component to logic means in said security module for generating the complete secret key. - View Dependent Claims (5)
-
Specification