System for controlling access to a function, using a plurality of dynamic encryption variables
First Claim
1. An access control system for control of access of at least one user to a function, said system including at least one first portable unit personalized for said user and at least one second verification unit controlling access to said function,(a) said first unit comprising:
- first generator means for producing at least two dynamic variables;
first calculation means for producing a first password in accordance with at least one first encryption algorithm using input parameters dependent on said dynamic variables; and
means for transmitting said first password to said second unit;
(b) said second unit comprising;
second generator means for, in response to an access request made by way of a specified one of said at least one first unit, producing at least two dynamic variables assigned to said specified one of said at least one first unit;
second calculation means for producing a second password in accordance with at least one second encryption algorithm using input parameters dependent on said dynamic variables produced in said second unit;
comparator means for comparing said first and second passwords; and
means, responsive to said comparator means determining that a predetermined relationship exists between said passwords, for delivering an authorization of access to said function;
wherein said first and second generator means provided respectively in said first and second units produce said at least two dynamic variables in concert, but independently.
4 Assignments
0 Petitions
Accused Products
Abstract
The system includes a first card-like unit adapted to communicate with a second unit giving only conditionally access to a function. Both units are capable of running software for generating a password by means of encryption of a plurality of dynamic variables produced separately but in concert (so as to have a predetermined relationship, such as identity, with one another) in the units. The encryption is carried out in each unit by a public algorithm using a dynamically varying encryption key. Each time an access request is issued by a card user, the key is modified as a function of the number of access requests previously formulated by the card user. Access to the function is granted when the passwords generated in the units have a predetermined relationship (such as identity) with each other.
-
Citations
22 Claims
-
1. An access control system for control of access of at least one user to a function, said system including at least one first portable unit personalized for said user and at least one second verification unit controlling access to said function,
(a) said first unit comprising: -
first generator means for producing at least two dynamic variables; first calculation means for producing a first password in accordance with at least one first encryption algorithm using input parameters dependent on said dynamic variables; and means for transmitting said first password to said second unit; (b) said second unit comprising; second generator means for, in response to an access request made by way of a specified one of said at least one first unit, producing at least two dynamic variables assigned to said specified one of said at least one first unit; second calculation means for producing a second password in accordance with at least one second encryption algorithm using input parameters dependent on said dynamic variables produced in said second unit; comparator means for comparing said first and second passwords; and means, responsive to said comparator means determining that a predetermined relationship exists between said passwords, for delivering an authorization of access to said function; wherein said first and second generator means provided respectively in said first and second units produce said at least two dynamic variables in concert, but independently. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21)
-
-
22. An access control system for control of access of at least one user to a function, said system including at least one first portable unit personalized for said user and at least one second verification unit controlling access to said function,
(a) said first unit comprising: -
first generator means for producing at least two dynamic variables; first calculation means for producing a password in accordance with at least one first encryption algorithm using input parameters dependent on said dynamic variables; and means for transmitting said password to said second unit; (b) said second unit comprising; second generator means for, in response to an access request made by way of a specified one of said at least one first unit, producing at least two dynamic variables assigned to said specified one of said at least one first unit; second calculation means for decrypting said password in accordance with at least one decryption algorithm using as a decryption key an input parameter dependent on a first one of said dynamic variables produced in said second unit to derive one of said dynamic variables produced in said first unit; comparator means for comparing said dynamic variable derived by said second calculation means with a second one of said dynamic variables produced in said second unit; and means, responsive to said comparator means determining that a predetermined relationship exists between said dynamic variable derived by said second calculation means with said second one of said dynamic variables produced in said second unit, for delivering an authorization of access to said function; wherein said first and second generator means provided respectively in said first and second units produce said at least two dynamic variables in concert, but independently.
-
Specification