Enhanced security for a secure token code

US 5,485,519 A
Filed: 05/25/1993
Issued: 01/16/1996
Est. Priority Date: 06/07/1991
Status: Expired due to Term

First Claim

Patent Images

1. Apparatus for providing enhanced security for a multibit secure token code which is obtained from a token, the apparatus comprising:

means included as part of said token for storing a multibit token secret which is related to the secure token code in a predetermined way;

a character input device on said token for inputting a multicharacter secret code known to an authorized user of the token; and

a processor in said token for generating the corresponding secure token code from the stored token secret and the inputted secret code and for storing the generated secure token code in the token.

View all claims

7 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and apparatus are provided for enhancing security for a private key or other multibit secure token code stored in a token by (a) assuring that the secure token code is not stored in the token except for short intervals when the token is actually in use by an authorized user and (b) by assuring that the secure token code cannot be obtained from the token except by an authorized user. This is accomplished by algorithmically combining a PIN or other secret code memorized by the user with the secure token code, either in the token or at a suitable terminal, to generate a meaningless multibit sequence/token secret which is stored in the token. The multibit sequence stored in the token is selected such that when it is algorithmically combined with the secret memorized code known only to the user, either in the token or at a terminal, it produces the private key or other secure token code.

Citations

38 Claims

1. Apparatus for providing enhanced security for a multibit secure token code which is obtained from a token, the apparatus comprising:
- means included as part of said token for storing a multibit token secret which is related to the secure token code in a predetermined way;
  
  a character input device on said token for inputting a multicharacter secret code known to an authorized user of the token; and
  
  a processor in said token for generating the corresponding secure token code from the stored token secret and the inputted secret code and for storing the generated secure token code in the token.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. Apparatus as claimed in claim 1 wherein said processor includes means for modifying the stored multibit token secret to a new multibit token secret which will generate the secure token code with a new secret code in the means for generating when the secure code is stored in the token and a predetermined character is received followed by the new secret code.
  - 3. Apparatus as claimed in claim 1 including means for removing the secure token code from the token when selected conditions occur, leaving said multibit token secret with the token.
  - 4. Apparatus as claimed in claim 3 wherein said means for removing includes timer means for removing the secure token code a selected period of time after the secure token code is obtained.
  - 5. Apparatus as claimed in claim 3 including means for reading the secure token code from the token, and wherein said means for removing includes means for removing the secure token code when the reading of the secure token code by said means for reading is completed.
  - 6. Apparatus as claimed in claim 3 including means for reading and using the secure token code, and wherein the means for removing includes means for removal of the secure token code when use thereof is completed.

7. Apparatus for providing enhanced security for a multibit secure token code which is obtained from a token, the apparatus comprising:
- means included as part of said token for storing a predetermined multibit token secret which is related to the secure token code in a predetermined way;
  
  means for inputting a multicharacter secret code known to an authorized user of the token; and
  
  means for generating and storing the secure token code when the predetermined multibit token secret stored with the token and the inputted secret code are received.
- View Dependent Claims (8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32)
- - 8. Apparatus as claimed in claim 7 including means for generating said multibit token secret, said means including means for utilizing a combining algorithm to combine said secure token code with said secret code.
  - 9. Apparatus as claimed in claim 8 wherein said means for utilizing includes means for exclusive ORing bits of said secret code with at least selected bits of said secure token code.
  - 10. Apparatus as claimed in claim 9 wherein said means for generating and storing the secure code includes means for exclusive ORing bits of said secret code with bits of the multibit token secret corresponding to said at least selected bits.
  - 11. Apparatus as claimed in claim 8 wherein said token includes means for inputting a selected plurality of characters, wherein said token initially has stored therein said secure token code, and wherein the means for utilizing a combining algorithm includes processor means within said token and responsive to a predetermined input from said means for inputting followed by the inputting of said secret code for modifying the secure token code with the secret code to obtain the multibit token secret.
  - 12. Apparatus as claimed in claim 11 wherein said processor means modifies the stored multibit token secret with the secret code to obtain the secure token code when said secret code is subsequently inputted.
  - 13. Apparatus as claimed in claim 12 wherein said processor means modifies the secure token code with a new secret code to obtain a new multibit token secret when the token contains the secure token code and a predetermined input is received followed by the new secret code, the processor being responsive to subsequent inputting of the new secret code for generating the secure token code.
  - 14. Apparatus as claimed in claim 12 including means for removing the secure token code from the token when selected conditions occur, leaving said multibit token secret with the token.
  - 15. Apparatus as claimed in claim 14 wherein said means for removing includes timer means for removing the secure token code a selected period of time after the secure token code is generated.
  - 16. Apparatus as claimed in claim 14 including means for reading the secure token code from the token, and wherein said means for removing includes means for removing the secure token code after reading of the secure token code by said means for reading is complete.
  - 17. Apparatus as claimed in claim 12 wherein said secure token code is an encryption key for an encryption system;
    - including input/output means for data to be applied to the token for encryption or decryption; and
      
      wherein said processor means includes means for utilizing said encryption key to operate on inputted data to perform encryption/decryption thereon.
  - 18. Apparatus as claimed in claim 8 wherein said means for generating the multibit token secret includes a terminal having a processor, a character input device for said processor and a token reader/writer, the processor receiving the secure token code from reading of the token by the token reader/writer, receiving the secret code inputted at the input device by the authorized user, utilizing a combining algorithm to combine the secure token code and the secret code to produce the multibit token secret, and outputting the multibit token secret to the reader/writer to be written in the token.
  - 19. Apparatus as claimed in claim 8 wherein said means for generating the multibit token secret includes a processor having a token reader/writer, said processor generating the multibit token secret in accordance with a predetermined combining algorithm from the secure token code and the secret code for the authorized user and outputting the generated multibit token secret to the token reader/writer, the token reader/write writing and storing the generated multibit token secret in the token.
  - 20. Apparatus as claimed in claim 7 wherein said means for generating and storing the secure token code includes a processor, a token reader and a character input device, the token reader reading the multibit token secret from the token and providing read multibit token to the processor, the input device receiving the secret code from the authorized user and providing it to the processor and the processor utilizing the received multibit token secret and secret code to generate and store the secure token code.
  - 21. Apparatus as claimed in claim 20 wherein said means for generating and storing the secure code includes means for utilizing a combining algorithm to combine bits of said secret code with bits of the multibit token secret corresponding to said at least selected bits.
  - 22. Apparatus as claimed in claim 21 wherein said means for generating and storing the secure code includes means for exclusive ORing bits of said secret code with bits of the multibit token secret corresponding to said at least selected bits.
  - 23. Apparatus as claimed in claim 7 wherein said means for generating and storing the secure token code includes a processor, and at least one token reader, and wherein said processor generates and stores the secure token code in response to the receipt of multibit token secrets from at least two tokens, said token secrets being received through said at least one token reader.
  - 24. Apparatus as claimed in claim 23 wherein there is a single token reader, multibit token secrets from said token being received serially at said processor.
  - 25. Apparatus as claimed in claim 23 wherein there is a token reader for each token utilized to generate the secure token code, multibit token secrets from the tokens being received in parallel at said processor.
  - 26. Apparatus as claimed in claim 23 including an input device for inputting a corresponding secret code for each token.
  - 27. Apparatus as claimed in claim 26 wherein said input device is part of each token, each token also including a processor, the code read by the token reader into the processor being an intermediate code generated in the token processor from the multibit token secret stored therein and the corresponding secret code.
  - 28. Apparatus as claimed in claim 7 wherein said means for generating and storing the secure token code includes a processor having a multibit device code stored therein, said processor having means for utilizing a combining algorithm to combine the multibit token secret, the corresponding secret code and the device code to generate the secure token code.
  - 29. Apparatus as claimed in claim 28 wherein the processor includes a token reader and an input device, the token reader reading the multibit token secret from the token and providing the read multibit token secret to the processor, the input device receiving the secret code from the authorized user and providing the received secret code to the processor.
  - 30. Apparatus as claimed in claim 29 wherein said means for utilizing a combining algorithm includes means for exclusive Oring bits of said secret code with selected bits of said multibit sequence, said selected bits being determined by the device code.
  - 31. Apparatus as claimed in claim 7 wherein the secure token code is the private key in a public/private key encryption system.
  - 32. Apparatus as claimed in claim 7 wherein the secure token code is an encryption/decryption key.

33. Apparatus for providing enhanced security for a multibit secure token code which is obtained from a machine readable token, the apparatus comprising:
- means included as part of said token for storing a multibit token secret which is related to the secure token code in a predetermined way; and
  
  a terminal having a processor, a character input device for said processor and a token reader, an authorized user utilizing said input device to input a multicharacter secret code known to such user into the processor, said token reader reading the stored multibit token secret from a token applied thereto, and said processor utilizing a combining algorithm to combine the secret code and multibit sequence applied thereto to obtain a corresponding secure token code.

34. A token having a memory element for storing a selected multibit sequence which is used under selected conditions to generate a desired multibit secure token code unique to a token user, which token is formed by the process of:
- initially storing said multibit secure token code;
  
  inputting a secret code known to the token user;
  
  utilizing a combining algorithm to combine the secure token code and the secret code to generate the a multibit token secret, the multibit token secret when algorithmically combined with the secret code producing the secure token code; and
  
  storing the multibit token secret as the selected multibit sequence in the token memory element.

35. A method for storing in a token memory element a selected multibit token secret which is mused under selected conditions to generate a desired multibit secure token code unique to the token user, the method comprising the steps of:
- initially storing said multibit secure token code;
  
  inputting a secret code known to the token user;
  
  utilizing a combining algorithm to combine the secure token code and the secret code to generate the multibit token secret, the multibit token secret when algorithmically combined with the secret code producing the secure token code; and
  
  storing the multibit sequence in the token memory element.

36. Apparatus for storing in a token memory element a selected multibit token secret which is used under selected conditions to generate a desired multibit secure token code unique to a token user, the apparatus comprising:
- means for storing said multibit secure token code;
  
  means for inputting a secret code known to the token user;
  
  means for utilizing a combining algorithm to combine the secure token code and the secret code to generate the multibit token secret, the multibit token secret when algorithmically combined with the secret code producing the secure token code; and
  
  means for storing the multibit token secret in the token memory element.

37. A method for utilizing a token storing a selected multibit token secret to generate a desired multibit secure token code unique to a token user, the method comprising the steps of:
- reading out the multibit token secret;
  
  inputting a secret code known to the token user, andutilizing a combining algorithm to combine the read-out multibit token secret and the inputted secret code to generate the multibit secure token code.

38. Apparatus for utilizing a token storing a selected multibit token secret to generate a desired multibit secure token code unique to a token user, the apparatus comprising:
- means for reading out the multibit token secret;
  
  means for inputting a secret code known to the token user; and
  
  means for utilizing a combining algorithm to combine the read-out multibit token secret and the inputted secret code to generate the multibit secure token code.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
EMC Corporation (Dell Technologies Inc.)
Original Assignee
Security Dynamics Technologies, Inc. (Symphony Technology Group LLC)
Inventors
Weiss, Kenneth P.
Primary Examiner(s)
Gregory, Bernarr E.

Application Number

US08/067,517
Time in Patent Office

966 Days
Field of Search

235/379, 235/380, 235/382, 380/4, 380/30, 380/23-25, 380/49, 380/50, 340/825.31, 340/825.34
US Class Current

713/185
CPC Class Codes

G06F 21/31   User authentication

G06F 21/34   involving the use of extern...

G06F 2211/007   Encryption, En-/decode, En-...

G06Q 20/341   Active cards, i.e. cards in...

G06Q 20/4093   Monitoring of device authen...

G07C 9/215   the system having a variabl...

G07F 7/1008   Active credit-cards provide...

G07F 7/1016   Devices or methods for secu...

H04L 2209/56   Financial cryptography, e.g...

H04L 9/0877   using additional device, e....

H04L 9/0897   involving additional device...

H04L 9/3226   using a predetermined code,...

H04L 9/3234   involving additional secure...

Enhanced security for a secure token code

First Claim

7 Assignments

0 Petitions

Accused Products

Abstract

Citations

38 Claims

Specification

Solutions

Use Cases

Quick Links

Enhanced security for a secure token code

First Claim

7 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

38 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links