Method and apparatus for access control and/or identification

US 5,452,357 A
Filed: 03/06/1995
Issued: 09/19/1995
Est. Priority Date: 01/18/1991
Status: Expired due to Term

First Claim

Patent Images

1. A method for access control for authorizing a user device, comprising the steps of:

generating in an authorizing device an identification data signal representative of identification data unique to the user device;

generating in the authorizing device an encrypted data signal includingdata encrypted depending on the identification data and having been calculated mod n, where n is a product of at least two prime numbers;

providing the encrypted data signal to the user device from the authorizing device;

exchanging between the user device and a verifier device at least a portion of the encrypted data;

checking by the verifier device the validity of the data exchanged on a mod n basis; and

further comprising authorizing steps performed in an initial user set-up interval including;

a) combining by the authorizing device the identification data with public key data PK_j and data representative of a number c to produce data representative of a combined number G having a d-th root g mod n such that G=g^d mod n, and such that each PK_j has ε

roots rood n, designated SK_j^-1 ;

b) storing data representative of g and n in a memory included in the user device; and

further comprising verifying steps including;

c) sending data representative of g from the user device to the verifier device;

d) computing, in the verifier device, G=g² mod n; and

separating, in the verifier device, the identification data and the public key data PK_j from G;

e) selecting, in the user device, a random number δ

in the range ##EQU12## and computing in the user device, a value E where E=δ

.sup.ε

mod n; and

sending E to the verifier device;

f) selecting in the verifier device a random binary vector v where v=(v₁ v₂ . . . v_k); and

sending v to the user deviceg) computing in the user device;

##EQU13## sending z to the verifier device;

h) checking in the verifier device to determine if;

##EQU14## wherein ε

=2 or ε

=3 and a and b are a constant, especially a=b=1.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system providing access control, including encryption and decryption capability, replaces a public key directory by a transmission between an authority, or a sender S, and a receiver R of a "seed" value. The seed is processed to provide both identity information for R and public keys, i.e. a "virtual public key directory", or VPKD. The VPKD is generated prior to execution of the algorithm requiring the public directory, i.e. the host algorithm.

Citations

28 Claims

1. A method for access control for authorizing a user device, comprising the steps of:
- generating in an authorizing device an identification data signal representative of identification data unique to the user device;
  
  generating in the authorizing device an encrypted data signal includingdata encrypted depending on the identification data and having been calculated mod n, where n is a product of at least two prime numbers;
  
  providing the encrypted data signal to the user device from the authorizing device;
  
  exchanging between the user device and a verifier device at least a portion of the encrypted data;
  
  checking by the verifier device the validity of the data exchanged on a mod n basis; and
  
  further comprising authorizing steps performed in an initial user set-up interval including;
  
  a) combining by the authorizing device the identification data with public key data PK_j and data representative of a number c to produce data representative of a combined number G having a d-th root g mod n such that G=g^d mod n, and such that each PK_j has ε
  
  roots rood n, designated SK_j^-1 ;
  
  b) storing data representative of g and n in a memory included in the user device; and
  
  further comprising verifying steps including;
  
  c) sending data representative of g from the user device to the verifier device;
  
  d) computing, in the verifier device, G=g² mod n; and
  
  separating, in the verifier device, the identification data and the public key data PK_j from G;
  
  e) selecting, in the user device, a random number δ
  
  in the range ##EQU12## and computing in the user device, a value E where E=δ
  
  .sup.ε
  
  mod n; and
  
  sending E to the verifier device;
  
  f) selecting in the verifier device a random binary vector v where v=(v₁ v₂ . . . v_k); and
  
  sending v to the user deviceg) computing in the user device;
  
  ##EQU13## sending z to the verifier device;
  
  h) checking in the verifier device to determine if;
  
  ##EQU14## wherein ε
  
  =2 or ε
  
  =3 and a and b are a constant, especially a=b=1.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 13, 14, 15, 26)
- - 2. The method of claim 1, wherein ε
    - >
      
      2 and further comprising the step of receiving in the verifier device data representative of the values SK_j^-2, especially via the user device, the values SK_j^-2 being stored in the memory included in the user device.
  - 3. The method of claim 1, wherein in step a) the number c is omitted and the combination of ID and PK is permuted until G is a d-th power mod n.
  - 4. The method of claim 1, wherein d has a value of d=2 or d=3.
  - 5. The method of claim 1, wherein in step a) for forming G, ID and PK and/or c are combined according to ID&
    - PK&
      
      c in which the symbol &
      
      indicates concatenation.
  - 6. The method of claim 1, wherein the identification data ID is a constant.
  - 7. The method of claim 1, wherein the exponentiation of g is replaced by a polynomial computation such that the authority uses a sequence of public numbers Ω
    - _i and computes g such that ##EQU15##
  - 8. The method of claim 1 wherein a and b are algebraic or electronic functions.
  - 9. The method of claim 1 wherein the number n is a binary number having a number of bits in the range 450 to 570.
  - 10. The method of claim 1, wherein the user device and the verifier device generate a value Ω
    - from the random binary vector v and/or from the random number δ and
      
      /or from data and/or numbers resulting from previous calculations, and wherein steps g) and h) are modified to;
      
      g) computing in the user device ##EQU16## sending z to the verifier device;
      
      h) checking in the verifier device to determine if;
      
      ##EQU17##
  - 11. The method of claim 1, wherein steps e) to h) are repeated t times with different random binary vectors v and/or random numbers δ
    - , t greater than or equal to 1.
  - 13. The method of claim 1, wherein a set of at least k=18 key values PKj is used.
  - 14. The method of claim 11, wherein the product k*t has a value in the range of 64 to 80.
  - 15. The method according to claim 1 wherein steps e) to h) are carried out using binary or trinary logic signals.
  - 26. The method of claim 1 wherein the user device comprises a smart card and the verifier device comprises a smart card reader.

12. The method of 11, wherein t has a value of at least t=4.

16. In an access control system or identification system, a user device which has been authorized by an authorizing device having calculated identification data ID unique to the user device and having provided the user device with encrypted data depending on the identification data ID which are calculated mod n, wherein for verifying the identity of the user device, the user device exchanges at least a part of the encrypted data with a verifier device which checks the validity of the data exchanged on a mod n basis, n being a product of at least two prime numbers, and wherein the identification data ID are combined with a public key data PK_j and data representative of a number c to provide data representative of a combined number G having a d-th root g mod n according to G=g^d mod n, and wherein each data value PK_j has ε
- -roots mod n designated SK_j^-1, the user device comprising;
  
  memory means for storing data representative of g and n;
  
  means for calculating; and
  
  interface means for exchanging data between the verifier device and the user device;
  
  wherein for verifying;
  
  i) the user device sends, via the interface means, data representative of g to the verifier device;
  
  j) the user device selects a random number δ
  
  in the range ##EQU18## and computes in the calculating means a value E=δ
  
  .sup.ε
  
  mod n, and sends via the interface means data representative of value E to the verifier device;
  
  k) the user device receives from the verifier device via the interface means data representative of a random binary vector v=(v₁ v₂ . . . v_k);
  
  l) the user device computes in the calculating means ##EQU19## sends data representative of z via the interface means to the verifier device, wherein ε
  
  =2 or ε
  
  =3 and a and b are a constant, especially a=b=1.
- View Dependent Claims (17, 18, 19, 20, 27)
- - 17. Apparatus according to claim 16, wherein the number n is a binary number and the number of bits in n is in the range 450 to 570.
  - 18. Apparatus according to claim 16, wherein steps j) to l) are repeated t times with different random binary vectors v and/or random numbers δ
    - , t greater than or equal to 1.
  - 19. Apparatus according to claim 18, wherein t has a value of at least t=4.
  - 20. Apparatus according to claim 16, wherein steps j) to l) are carried out using binary or trinary logic signals.
  - 27. The user device of claim 16 wherein the user device comprises a smart card, the smart card includes the interface means for coupling the smart card to the verifier device, and the verifier device comprises a smart card reader.

21. In a system for access control or identification, a verifier device which verifies the identity of a user device which has been authorized by an authorizing device, the authorizing device having calculated identification data ID unique to the user device, and having provided the user device with encrypted data depending on the identification data ID which are calculated mod n, wherein the verifier device and the user device exchange at least a part of the encrypted data and check the validity of the data exchanged on a mod n basis, wherein n is a product of at least two prime numbers, and wherein the identification data ID are combined with data representative of a public key PK_j and data representative of a number c to provide data representative of a combined number G having a d-th root g mod n such that G=g^d mod n, and wherein each PK_j has ε
- -roots mod n designated SK_j^-1, the verifier device comprising;
  
  memory means for storing data representative of the value n;
  
  means for calculating; and
  
  interface means for exchanging data between the verifier device and the user device;
  
  wherein for verifying;
  
  m) the verifier device receives data representative of g via the interface means from the user device and, in the calculating means, computes G=g² mod n and separates from G the identification data ID and the public key data values PK_j ;
  
  n) the verifier device receives data representative of a value E=δ
  
  .sup.ε
  
  mod n from the user device via the interface means, and selects a random binary vector v=(v₁ v₂ . . . v_k) and sends data representative of v to the user device via the interface means;
  
  o) the verifier device receives data representative of the value z from the user device via the interface means where ##EQU20## and p) the verifier device checks to determine if ##EQU21## wherein ε
  
  =2 or ε
  
  =3 and a and b are a constant, especially a=b=1.
- View Dependent Claims (22, 23, 24, 25, 28)
- - 22. Apparatus according to claim 21, wherein the number n is a binary number and the number of bits in n is in the range 450 to 570.
  - 23. Apparatus according to claim 21, wherein steps n) to o) are repeated t times with different random binary vectors v and/or random numbers δ
    - , t greater than or equal to 1.
  - 24. Apparatus according to claim 23, wherein t has a value of at least t=4.
  - 25. Apparatus according to claim 21, wherein steps n) to o) are carried out using binary or trinary logic signals.
  - 28. The verifier device of claim 21 wherein the verifier device comprises a smart card reader, the smart card reader includes the interface means for coupling the smart card reader to the user device, and the user device comprises a smart card.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Thomson Consumer Electronics SA (Vantiva SA)
Original Assignee
Thomson Consumer Electronics SA (Vantiva SA)
Inventors
Naccache, David
Primary Examiner(s)
CANGIALOSI, SALVATORE A

Application Number

US08/400,310
Time in Patent Office

197 Days
Field of Search

380/23, 380/25, 380/28, 380/30
US Class Current

713/172
CPC Class Codes

G06Q 20/341   Active cards, i.e. cards in...

G06Q 20/40975   using encryption therefor

G07F 7/1008   Active credit-cards provide...

H04L 9/3218   using proof of knowledge, e...

H04L 9/3234   involving additional secure...

Method and apparatus for access control and/or identification

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

Citations

28 Claims

Specification

Solutions

Use Cases

Quick Links

Method and apparatus for access control and/or identification

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

28 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links