Transaction system security method and apparatus
First Claim
1. The method of communicating a secure boolean response comprising the steps of:
- a) generating a random number in a security device;
b) encrypting said random number under a key;
c) sending said encrypted random number to another security device;
d) decrypting said encrypted random number in said another security device;
e) modifying said random number by a first function if said response is true;
f) modifying said random number by a second function if said response is false;
g) encrypting said modified random number;
h) sending said encrypted modified random number to said first security device;
i) decrypting said encrypted modified random number at said first security device; and
j) comparing said modified random number with said random number to determine said response.
3 Assignments
0 Petitions
Accused Products
Abstract
An improved security system is disclosed which uses an IC card to enhance the security functions involving component authentication, user verification, user authorization and access control, protection of message secrecy and integrity, management of cryptographic keys, and auditability. Both the security method and the apparatus for embodying these functions across a total system or network using a common cryptographic architecture are disclosed. Authorization to perform these functions in the various security component device nodes in the network can be distributed to the various nodes at which they will be executed in order to personalize the use of the components.
-
Citations
2 Claims
-
1. The method of communicating a secure boolean response comprising the steps of:
-
a) generating a random number in a security device; b) encrypting said random number under a key; c) sending said encrypted random number to another security device; d) decrypting said encrypted random number in said another security device; e) modifying said random number by a first function if said response is true; f) modifying said random number by a second function if said response is false; g) encrypting said modified random number; h) sending said encrypted modified random number to said first security device; i) decrypting said encrypted modified random number at said first security device; and j) comparing said modified random number with said random number to determine said response.
-
-
2. The method of changing a value used in the generation of a random number in a security device of the type having a value storage means which can be written a limited number of times before becoming unreliable, comprising the steps of:
-
generating a random number by encryption using said value; using a portion of said random number to select a random part of said value for change; changing only said random part of said value in said storage means; leaving unchanged a remainder of said value in said storage means; whereby said value in said storage means may be changed substantially more than said limited number of times before said storage means becomes unreliable.
-
Specification