System and method for tamper detection

US 5,689,243 A
Filed: 01/11/1996
Issued: 11/18/1997
Est. Priority Date: 03/22/1991
Status: Expired due to Term

First Claim

Patent Images

1. Intrusion detection apparatus for use with a system, said apparatus comprising:

sensing means for sensing a physical intrusion into the system and for generating an intrusion indication signal in response thereto;

a random number generator for generating a random number comprising an audit count value in response to the intrusion indication signal;

computer means coupled to the sensing means and random number generator that comprises a predetermined electronic encryption key for encrypting the audit count value using the predetermined electronic encryption key in combination with a predetermined encryption algorithm to provide an encrypted audit count value;

a sequence counter coupled to the computer means for incrementing a sequence number in response to the intrusion indication signal to provide an incremented sequence number that indicates a total number of physical intrusions into the system;

memory means coupled to the computer means and the sequence counter for storing the predetermined electronic encryption key, the encrypted audit count value, and the incremented sequence number;

a physically removable device that is couplable to the computer means and that comprises a predetermined electronic decryption key that is distinct from the predetermined electronic encryption key and that operates in combination with a predetermined decryption algorithm that runs on the computer to (1) decrypt the encrypted audit count value and cause the display of expected values of the incremented sequence number and decrypted audit count value to an authorized user that should be displayed the next time physical access is gained to the system and to (2) subsequently decrypt the encrypted audit count value and cause the display of the incremented sequence number and decrypted audit count value to an authorized user that is compared with the expected values thereof to determine whether physical access has been gained to the system; and

a display coupled to the computer means and the memory means for displaying the decrypted audit count value and the incremented sequence number each time the electronic decryption key is used.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method that provides an electronic indication that unauthorized access has been gained to a system. The mechanisms used by the present invention cannot be forged, bypassed, or subverted. In fact, even persons authorized to access the environment cannot do so without leaving evidence. When an intrusion is detected, a random number is generated. This random number, referred to as an audit count, is then encrypted and stored, and a sequence number is incremented. To recover this information at a later time, a trusted individual inserts an external device containing a decryption key. The decryption key is extracted, and the encrypted audit count and sequence number are decrypted and displayed. Periodic verification that the audit count and sequence number have not changed provides assurance that access has not been gained to the system.

31 Citations

View as Search Results

5 Claims

1. Intrusion detection apparatus for use with a system, said apparatus comprising:
- sensing means for sensing a physical intrusion into the system and for generating an intrusion indication signal in response thereto;
  
  a random number generator for generating a random number comprising an audit count value in response to the intrusion indication signal;
  
  computer means coupled to the sensing means and random number generator that comprises a predetermined electronic encryption key for encrypting the audit count value using the predetermined electronic encryption key in combination with a predetermined encryption algorithm to provide an encrypted audit count value;
  
  a sequence counter coupled to the computer means for incrementing a sequence number in response to the intrusion indication signal to provide an incremented sequence number that indicates a total number of physical intrusions into the system;
  
  memory means coupled to the computer means and the sequence counter for storing the predetermined electronic encryption key, the encrypted audit count value, and the incremented sequence number;
  
  a physically removable device that is couplable to the computer means and that comprises a predetermined electronic decryption key that is distinct from the predetermined electronic encryption key and that operates in combination with a predetermined decryption algorithm that runs on the computer to (1) decrypt the encrypted audit count value and cause the display of expected values of the incremented sequence number and decrypted audit count value to an authorized user that should be displayed the next time physical access is gained to the system and to (2) subsequently decrypt the encrypted audit count value and cause the display of the incremented sequence number and decrypted audit count value to an authorized user that is compared with the expected values thereof to determine whether physical access has been gained to the system; and
  
  a display coupled to the computer means and the memory means for displaying the decrypted audit count value and the incremented sequence number each time the electronic decryption key is used.
- View Dependent Claims (2)
- - 2. The apparatus of claim 1 wherein the physically removable device comprises the display means, and further comprises computer means for decrypting the encrypted audit count value using the predetermined electronic encryption key in combination with the predetermined encryption algorithm to provide the decrypted audit count value, which decrypted audit count value and incremented sequence number are displayed to the authorized user.

3. A method of determining whether physical access has been gained to a system, said method comprising the steps of:
- sensing a physical intrusion into the system and generating an intrusion indication signal in response thereto;
  
  generating a random number comprising an audit count in response to the intrusion indication signal;
  
  encrypting the random number using a predetermined electronic encryption key in combination with a predetermined encryption algorithm to provide an encrypted audit count;
  
  incrementing a sequence number to provide an incremented sequence number that indicates a total number of physical intrusions into the system;
  
  storing the predetermined electronic encryption key, the encrypted audit count and the incremented sequence number;
  
  decrypting the encrypted audit count using a physically removable electronic decryption key that is distinct from the predetermined electronic encryption key in combination with a predetermined decryption algorithm to provide a decrypted audit count;
  
  displaying the decrypted audit count and the incremented sequence number to an authorized user of the system to provide an indication of an expected sequence number and audit count value that should be displayed the next time physical access is gained to the system;
  
  verifying whether physical access has been gained to the system by decrypting the encrypted audit count using the electronic decryption key in combination with the predetermined decryption algorithm to provide a decrypted audit count, and displaying the decrypted audit count and the incremented sequence number to an authorized user of the system; and
  
  comparing the decrypted audit count and incremented sequence number with the expected audit count and incremented sequence number to determine whether physical access has been gained to the system.
- View Dependent Claims (4, 5)
- - 4. The method of claim 3 which further comprises the steps of:
    - storing an electronic serial number for the system; and
      
      using the electronic serial number to select an electronic decryption key for the system from a predetermined set of electronic decryption keys for a plurality of systems.
  - 5. The method of claim 3 which further comprises the steps of:
    - providing an input port for receiving the electronic encryption key from an external computer;
      
      generating a new audit count in response to receipt of the electronic encryption key from the external computer;
      
      encrypting the new audit count using the electronic encryption key received from the external computer to provide an encrypted audit count;
      
      incrementing the sequence number to provide an incremented sequence number; and
      
      storing the encrypted audit count and incremented sequence number.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Raytheon Company (Rtx Corporation)
Original Assignee
Hughes Aircraft Company (Rtx Corporation)
Inventors
Bianco, Mark E.
Primary Examiner(s)
Hofsass, Jeffery
Assistant Examiner(s)
HILL, ANDREW M

Application Number

US08/585,325
Time in Patent Office

677 Days
Field of Search

340/825.3, 340/825.31, 340/825.32, 340/825.34, 340/534, 340/541, 340/543, 340/568, 340/569, 340/571, 380/4, 380/23, 380/25, 235/382.5
US Class Current

340/5.26
CPC Class Codes

G06F 21/552   involving long-term monitor...

G06F 2211/007   Encryption, En-/decode, En-...

G07C 1/32   Time-recording locks

G09F 3/0394   with violation indication b...

System and method for tamper detection

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

31 Citations

5 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for tamper detection

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

31 Citations

5 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links