Method of generating a unique number for a smart card and its use for the cooperation of the card with a host system

US 5,068,894 A
Filed: 08/22/1990
Issued: 11/26/1991
Est. Priority Date: 08/22/1989
Status: Expired due to Term

First Claim

Patent Images

1. A method of validating access to a smart card via a reader, said card having within it a processor, and being configured with a production key PK and a distributor key MK readable by said processor, said method comprising generating by said processor of a pseudo-random unique number NU by executing the following steps:

modulo-2 adding the keys PK and MK to obtain a key KMP;

KMP=PK ⊕

MK;

generating a unique input message ME which is modified on each specific use; and

generating said number NU by encrypting said input message ME by means of a reversible encryption algorithm ALG utilizing the key KMP;

NU=ALG_KMP (ME);

then;

reading by said reader of the generated number NU; and

determining by said processor whether a response applied to the card by the reader has been correctly calculated in accordance with a predetermined function of the generated number NU.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A smart card (1) which includes a random access memory RAM (10) and a read-only memory PROM (7) incorporating a production key (PK), a distributor key (MK), a bearer code (CP) and a serial number (NS) generates a unique number (NU) which is stored in the memory RAM (10) in the card after execution of the following steps of a program which is specific of the card:

a - modulo-2 addition and storage in the RAM (10) of the result:

PK⊕MK=KMP,

b - the encryption of a unique input message ME, generated by the card, by means of a reversible algorithm (ALG, ALB^-1) using the key KMP:

NU=ALG.sub.KMP (ME).

278 Citations

14 Claims

1. A method of validating access to a smart card via a reader, said card having within it a processor, and being configured with a production key PK and a distributor key MK readable by said processor, said method comprising generating by said processor of a pseudo-random unique number NU by executing the following steps:
- modulo-2 adding the keys PK and MK to obtain a key KMP;
  
  KMP=PK ⊕
  
  MK;
  
  generating a unique input message ME which is modified on each specific use; and
  
  generating said number NU by encrypting said input message ME by means of a reversible encryption algorithm ALG utilizing the key KMP;
  
  NU=ALG_KMP (ME);
  
  then;
  
  reading by said reader of the generated number NU; and
  
  determining by said processor whether a response applied to the card by the reader has been correctly calculated in accordance with a predetermined function of the generated number NU.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. A method as claimed in claim 1, wherein said reversible encryption algorithm is in accordance with the standard known as:
    - Data Encryption Standard (DES).
  - 3. A method as claimed in claim 1, wherein said card also is configured with a bearer code CP readable by said processor, for comparison with a bearer code CP presented by a bearer, and a serial number NS readable by said processor, said card also having first and second counters for containing counts CTRAM and CTROM, respectively, said generating said input message ME being by juxtaposing said serial number NS and said counts CTRAM and CTROM, said counts CTRAM and CTROM of said first and second counters resulting from the following steps:
    - upon a setting or resetting of said card to an active state, initializing the count CTRAM of said first counter to zero;
      
      upon each generation of the number NU, incrementing the count CTRAM of said first counter; and
      
      incrementing the count CTROM of said second counter upon a specific use after each setting or resetting of the card to an active state if the bearer code CP presented by the bearer does not correspond to the bearer code CP with which said card is configured or if the first counter overflows.
  - 4. A method as claimed in claim 3, wherein said reversible encryption algorithm is in accordance with the standard known as:
    - Data Encryption Standard (DES).
  - 5. A method as claimed in claim 1, wherein said generating of said unique number NU is in response to application by the reader of an instruction for the smart card to generate the unique number NU, and said response applied by the reader is of an authentication value VAE obtained in accordance with said predetermined function by encrypting said number NU by means of said encryption algorithm ALG, utilizing a master key KAC:
    - space="preserve" listing-type="equation">VAE=ALG.sub.KAC (NU).
  - 6. A method as claimed in claim 5, wherein said reversible encryption algorithm is in accordance with the standard known as:
    - Data Encryption Standard (DES).
  - 7. A method as claimed in claim 5, wherein said card also is configured with a bearer code CP readable by said processor, for comparison with a bearer code CP presented by a bearer, and a serial number NS readable by said processor, said card also having first and second counters for containing counts CTRAM and CTROM, respectively, said generating said input message ME being by juxtaposing said serial number NS and said counts CTRAM and CTROM, said counts CTRAM and CTROM of said first and second counters resulting from the following steps:
    - upon a setting or resetting of said card to an active state, initializing the count CTRAM of said first counter to zero;
      
      upon each generation of the number NU, incrementing the count CTRAM of said first counter; and
      
      incrementing the count CTROM of said second counter upon a specific use after each setting or resetting of the card to an active state if the bearer code CP presented by the bearer does not correspond to the bearer code CP with which said card is configured or if the first counter overflows.
  - 8. A method as claimed in claim 1 wherein said card also is configured with a bearer code CP readable by said processor, for comparison with a bearer code CP presented to the reader by a bearer, said access to the card is for rehabilitating it by enabling cancellation of an error parameter PE stored in the card after a predetermined standard length series of consecutive flase presentations of said bearer code CP, said generating of said unique number NU is in response to application by the reader of an instruction for the smart card to generate the unique number NU, said method further comprising the following steps:
    - reading by the reader of the error parameter PE from the card;
      
      seizing by the reader of a bearer code CP presented by the bearer;
      calculating by the reader of a rehabilitation message MR by juxtaposing said presented bearer code CP and two instances of said error parameter PE and by modulo-2 addition;
      
      space="preserve" listing-type="equation">MR=(CP, PE, PE)⊕
      
      NU;
      dispatching by the reader of the rehabilitation message MR to a host system coupled to the reader, accompanied by an instruction requesting authentication of the message MR,in accordance with said predetermined function, encrypting by the host system of the message MR by way of the encryption algorithm ALG utilizing a master key KEC to form the cryptogram RES;
      
      RES=ALG_KEC (MR); and
      
      dispatching by the host system of the cryptogram RES to the reader;
      
      wherein said response is the cryptogram RES, and in response to said determining, cancelling the error parameter PE.
  - 9. A method as claimed in claim 8, wherein said reversible encryption algorithm is in accordance with the standard known as:
    - Data Encryption Standard (DES).
  - 10. A method as claimed in claim 8, wherein said card also is configured with a bearer code CP readable by said processor, for comparison with a bearer code CP presented by a bearer, and a serial number NS readable by said processor, said card also having first and second counters for containing counts CTRAM and CTROM, respectively, said generating said input message ME being by juxtaposing said serial number NS and said counts CTRAM and CTROM, said counts CTRAM and CTROM of said first and second counters resulting from the following steps:
    - upon a setting or resetting of said card to an active state, initializing the count CTRAM of said first counter to zero;
      
      upon each generation of the number NU, first incrementing the count CTRAM of said first counter; and
      
      second incrementing the count CTROM of said second counter upon a specific use after each setting or resetting of the card to an active state if the bearer code CP presented by the bearer does not correspond to the bearer code CP with which said card is configured or if the first counter overflows.

11. A generator for generating a pseudo-random unique number NU for individualizing a particular access via a reader to a smart card housing said generator, said generator comprising:
- storage means for storing a production key PK, a distributor key MK, a serial number NS, and a bearer code CP, for comparison with a bearer code CP presented by a bearer;
  
  first and second counters for containing respective counts CTRAM and CTROM;
  
  input message generating means responsive to said storage means and said first and second counters for therefrom juxtaposing said serial number NS and said counts CTRAM and CTROM to generate an input message ME;
  
  key generating means fed by said storage means for modulo-2 adding said production key PK and said distributor key MK to form a key KAC;
  
  encryption means responsive to said input message generating means and said key generating means for forming said number NU by encrypting said input message ME utilizing said key KAC;
  
  reset means for resetting said first counter to upon a setting or resetting of said card to an active state;
  
  first incrementing means for, upon each generation of the number NU, incrementing the count CTRAM of said first counter; and
  
  second incrementing means for incrementing the count CTROM of said second counter upon a specific use after each setting or resetting of the card to an active state if the bearer code CP presented by the bearer does not correspond to the bearer code CP with which said card is configured or if the first counter overflows.

12. A system for validating access to a smart card via a reader, comprising within said card:
- storage means for storing a production key PK, a distributor key MK, a serial number NS, and a bearer code CP, for comparison with a bearer code CP presented by a bearer;
  
  a counter for containing a count CTRAM;
  
  input message generating means responsive to said storage means and said counter for therefrom juxtaposing said serial number NS and said count CTRAM to generate an input message ME;
  
  key generating means fed by said storage means for modulo-2 adding said production key PK and said distributor key MK to form a key KAC;
  
  encryption means responsive to said input message generating means and said key generating means for forming a pseudo-random unique number NU by encrypting said input message ME utilizing said key KAC; and
  
  incrementing means for, upon each formation of the number NU, incrementing the count CTRAM of said counter;
  
  means for enabling said reader to read the unique number NU formed; and
  
  means for determining whether a response applied to the card by the reader has been correctly calculated in accordance with a predetermined function of the unique number NU.
- View Dependent Claims (13, 14)
- - 13. A system as claimed in claim 12, wherein said system further comprises a host system coupled to the card via a reader, wherein said reader comprises:
    - means for generating an instruction for the card to generate the unique number NU; and
      means for generating, as said response, an authentication value VAE obtained in accordance with said predetermined function by encrypting said number NU by means of said encryption alogorithm ALG, utilizing a master key KAC;
      
      space="preserve" listing-type="equation">VAE=ALG.sub.KAC (NU).
  - 14. A system as claimed in claim 12 wherein said access to the smart card is for rehabilitating it by enabling cancellation of an error parameter PE stored in said storage means of the card after a predetermined standard length series of consecutive false presentations of said bearer code CP, said system further comprising said reader and a host system coupled to the reader,wherein said reader comprises:
    - means for generating and applying to the card an instruction for the card to generate the unique number NU;
      
      means for reading the error parameter PE from the card;
      
      means for seizing a bearer code CP presented by the bearer;
      means for calculating a rehabilitation message MR by juxtaposing said presented bearer code CP and two instances of said error parameter PE and by modulo-2 addition;
      
      space="preserve" listing-type="equation">MR=(CP, PE, PE)⊕
      
      NU;
      means for dispatching the calculated rehabilitation message MR to said host system, accompanied by an instruction requesting authentication of the message MR; and
      
      means for applying to said card as said response a cryptogram RES received from host system in response to the calculated rehabilitation message MR, when authenticated;
      
      wherein said host system comprises;
      
      means for, in accordance with said predetermined function, encrypting the message MR by way of the encryption algorithm ALG utilizing a master key KEC to form the cryptogram RES;
      
      RES=ALG_KEC (MR); and
      
      means for dispatching the cryptogram RES to the reader; and
      
      wherein said card further comprises means for cancelling the error parameter PE, in response to a determination by said determining means that said response was correctly calculated.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
De La Rue Cartes et Systemes
Original Assignee
US Philips Corporation (Koninklijke Philips N.V.)
Inventors
Hoppe, Joseph
Primary Examiner(s)
Gregory, Bernarr E.

Application Number

US07/571,051
Time in Patent Office

461 Days
Field of Search

380/22-25, 380/28, 380/29, 380/46, 380/21, 380/43, 235/379, 235/380, 235/382, 364/717, 364/200, 364/900, 331/78, 902/26, 340/825.31, 340/825.34
US Class Current

713/172
CPC Class Codes

G06Q 20/341   Active cards, i.e. cards in...

G06Q 20/3674   involving authentication

G06Q 20/4093   Monitoring of device authen...

G06Q 20/40975   using encryption therefor

G07F 7/1008   Active credit-cards provide...

G07F 7/1083   Counting of PIN attempts

H04L 9/0877   using additional device, e....

H04L 9/3234   involving additional secure...

H04L 9/3271   using challenge-response

Method of generating a unique number for a smart card and its use for the cooperation of the card with a host system

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

278 Citations

14 Claims

Specification

Use Cases

Quick Links

Others

Method of generating a unique number for a smart card and its use for the cooperation of the card with a host system

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

278 Citations

14 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others