Signalling scheme for controlling data encryption device in an electronic fund transaction processing system

US 5,175,766 A
Filed: 07/25/1991
Issued: 12/29/1992
Est. Priority Date: 12/09/1988
Status: Expired due to Fees

First Claim

Patent Images

1. A signalling protocol for communicating with a data encryption device, said signalling protocol comprising:

a start-of-message symbol wherein the start-of-message symbol is the "]" character;

a plurality of message fields, each message field havinga token field for indicating a desired function;

a data field following said token field wherein number of data bits in said data field is related to the value of said token; and

a delimiter wherein the delimiter is the ";

" character; and

an end-of-message symbol wherein the end-of-message symbol is the "]" character.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An improved method for communicating with a data encryption device is described. In accordance with this invention, a data encryption device adapted for providing encryption functions such as data encryption and decryption may be controlled with an inventive signalling protocol which provides two-way, symmetrical messaging. Data encryption messages are sent to a data encryption device with a message packet which includes a start of message character, a token field, a token dependent data field, a token delimiter and an end of message character. Once the requested data encryption function is performed, a response message is generated wherein the response message mirrors the request message with the exception that the token dependent data comprises data which was processed in accordance with the requested function. The method of the present invention is also adapted for loading key information in the data encryption device as well as communicating system status information.

Citations

17 Claims

1. A signalling protocol for communicating with a data encryption device, said signalling protocol comprising:
- a start-of-message symbol wherein the start-of-message symbol is the "]" character;
  
  a plurality of message fields, each message field havinga token field for indicating a desired function;
  
  a data field following said token field wherein number of data bits in said data field is related to the value of said token; and
  
  a delimiter wherein the delimiter is the ";
  
  " character; and
  
  an end-of-message symbol wherein the end-of-message symbol is the "]" character.

2. A method of communicating between a data encryption device and a requesting device, the data encryption device having a plurality of data security functions, the method comprising the steps of:
- a) generating a request message in the requesting device to request a data security function from the data encryption device, wherein the step of generating request message comprises the steps of;
  
  generating a start of message character;
  
  concatenating a plurality of token segments to the start of message character to generate message text, each token segment having a token value, token data, and a token delimiter; and
  
  concatenating an end of message character to the message text;
  
  b) sending the request message from the generating device to the data encryption device;
  
  c) receiving the request message in the data encryption device;
  
  d) performing a data security function in the data encryption device in response to receiving the request message;
  
  e) generating a response message in the data encryption device; and
  
  f) sending the response message from the data encryption device to the requesting device.
- View Dependent Claims (3, 4, 5, 6, 7, 8, 9)
- - 3. The method of claim 2 wherein a plurality of previous request messages were sent to the data encryption device, the previous request messages having a previous token segment with a token value that is equal to the token value of a selected one of the plurality of token segments, the method comprising the step of not concatenating the selected token segment to the message text when the token data of the selected token segment is equal to the token data in the previous token segment of the previous request message that was most recently sent to the data encryption device, whereby the data encryption device detects the non-concatenation of the selected token segment and uses the token data in most recently sent previous token segment in place of the token data of the selected token segment.
  - 4. The method of claim 2 wherein the token value comprises two alphanumeric characters.
  - 5. The method of claim 2 wherein the token data comprises a data security function identifier, a parameter required for processing by a data security function, or context information to link response and request messages.
  - 6. The method of claim 5 wherein the data security function identifier comprises four alphanumeric characters.
  - 7. The method of claim 5 wherein the parameter required for processing by a data security function comprises a string of characters representing Data Encryption Standard keys, device configuration parameters, requests for setting or reading device statistics, encrypted data or personal identification numbers, or a count data.
  - 8. The method of claim 2 wherein the start of message character is the "[" character and the end of message character is the "]" character.
  - 9. The method of claim 2 wherein token segments with token values that are not defined in the data encryption device are not processed by the data encryption device.

10. A method of communicating between a data encryption device and a requesting device, the data encryption device having a plurality of data security functions, the method comprising the steps of:
- a) generating a request message in the requesting device to request a data security function from the data encryption device;
  
  b) sending the request message from the requesting device to the data encryption device;
  
  c) receiving the request message in the data encryption device;
  
  d) performing a data security function in the data encryption device in response to receiving the request message;
  
  e) generating a response message in the data encryption deice,, wherein the step of generating the response message comprises the steps of;
  
  generating a start of message character;
  
  concatenating a plurality of token segments to the start of message character to generate message text, each token segment having a token value, token data, and a token delimiter; and
  
  concatenating an end of message character to the message text; and
  
  f) sending the response message from the data encryption device to the requesting device.
- View Dependent Claims (11, 12, 13, 14, 15)
- - 11. The method of claim 10 wherein the token value comprises two alphanumeric characters.
  - 12. The method of claim 10 wherein the token data comprises a data security function that matches the data security function received in the request message, result of performing the data security function, context information to link response and request messages, or an error message.
  - 13. The method of claim 12 wherein the result of performing the data security function comprises a string of characters representing Data Encryption Standard keys, device configuration parameters, requests for setting or reading device statistics, encrypted data or personal identification numbers, or account data.
  - 14. The method of claim 10 wherein the start of message character is the "[" character and end of message character is the "]" character.
  - 15. The method of claim 10, wherein the token segments with token values that are not defined in the requesting device are not processed by the requesting device.

16. A method of communicating between a data encryption device and a requesting device, the data encryption device having a plurality of data security functions, the method comprising the steps of:
- a) generating a request message in the requesting device to request a data security function from the data encryption device, wherein the data security functions comprise functions for encrypting, translating, and verifying personal identification numbers, functions for encrypting, translating, and decrypting data, functions for generating and verifying message authentication codes, functions for loading, deleting, and verifying entries in encryption device key storage tables, functions for generating and translating working keys, and functions for performing administrative tasks;
  
  b) sending the request message from the requesting device to the data encryption device;
  
  c) receiving the request message in the data encryption device;
  
  d) performing a data security function in the data encryption device in response to receiving the request message;
  
  e) generating a response message in the data encryption device; and
  
  f) sending the response message from the data encryption device to the requesting device.
- View Dependent Claims (17)
- - 17. The method of claim 16 wherein the administrative tasks include backing up and restoring device tables, setting and reading device parameters, and generating and loading master file keys.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
The Exchange System Limited Partnership
Original Assignee
The Exchange System Limited Partnership
Inventors
Hamilton, Scott B.
Primary Examiner(s)
Swann, Tod

Application Number

US07/735,694
Time in Patent Office

523 Days
Field of Search

370/94.1, 370/83, 380/9, 380/23, 380/25, 380/49, 380/50, 380/43, 380/44
US Class Current

705/71
CPC Class Codes

G06F 21/6245   Protecting personal data, e...

G06F 21/72   in cryptographic circuits

G06Q 20/382   insuring higher security of...

G06Q 20/3829   involving key management

G07F 7/1016   Devices or methods for secu...

H04L 2209/34   Encoding or coding, e.g. Hu...

H04L 2209/56   Financial cryptography, e.g...

H04L 9/08   Key distribution or managem...

H04L 9/0891   Revocation or update of sec...

H04L 9/14   using a plurality of keys o...

Signalling scheme for controlling data encryption device in an electronic fund transaction processing system

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

Signalling scheme for controlling data encryption device in an electronic fund transaction processing system

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links