Secure token integrated circuit and method of performing a secure authentication function or transaction
First Claim
1. A method of operating a circuit which includes the steps of accepting a challenge and a command, generating a first response to the challenge using a first algorithm which operates on at least the challenge and a secret key derived from information relating to the circuit and generating the first response only if the command is successfully carried out.
4 Assignments
0 Petitions
Accused Products
Abstract
A method of operating a circuit such as an integrated circuit carried on a plastic card which includes the steps of accepting a challenge, and generating a first response to the challenge using a first algorithm which operates on at least the challenge and a secret key derived from information relating to the circuit. The challenge may be generated, and accepted, by the circuit, with a corresponding challenge being generated externally of the circuit. Alternatively, the challenge is generated externally of the circuit and is then accepted by the circuit. A token count may be stored in the circuit and the first response is generated if a decrement command is successfully carried out on the token count.
-
Citations
50 Claims
- 1. A method of operating a circuit which includes the steps of accepting a challenge and a command, generating a first response to the challenge using a first algorithm which operates on at least the challenge and a secret key derived from information relating to the circuit and generating the first response only if the command is successfully carried out.
-
17. A method of programming a circuit which includes the steps of:
-
storing in the circuit a secret transport code which is not readable from outside the circuit; presenting a transport code to the circuit; comparing the presented transport code to the secret transport code and, if the presented transport code is acceptable, carrying out at least one of the following; storing application specific information in the circuit; storing a token counter value in the circuit; storing in the circuit a secret derived key which is derived using information specific to the circuit and a user defined function; and replacing the secret transport code with a derived validation key. - View Dependent Claims (18)
-
-
19. A method of operating a circuit which includes the steps of:
presenting the circuit to a terminal, accepting a challenge and a command, generating a first response to the challenge using a first algorithm which operates on at least the challenge and a secret key derived from information relating to the circuit, and generating the first response only if the command is successfully carried out. - View Dependent Claims (20, 21, 22, 23, 24, 25)
-
26. A method of operating a token card which includes the steps of:
-
(a) on the card, storing a card serial number, a token count and a first secret key derived from at least the card serial number; (b) at a terminal, storing a card issuer'"'"'s key; (c) presenting the card to the terminal; (d) at the terminal, reading the card serial number, and issuing to the card a challenge and a token count decrement command; (e) on the card, if the token count decrement command is successfully carried out, operating a first algorithm on the first secret key and the challenge to produce a first response; (f) transferring the first response to the terminal; (g) at the terminal, operating the first algorithm on the challenge and on a second key derived from at least the card issuer'"'"'s key and information obtained from the transferred first response, to produce a second response; and (h) at the terminal, comparing the transferred first response to the second response. - View Dependent Claims (27, 28)
-
- 29. A circuit which includes means for accepting a challenge and a command, means for generating a first response to the challenge using a first algorithm which operates on at least the challenge and a secret key derived from information relating to the circuit, and means for generating the first response only if the command is successfully carried out.
-
40. A method of operating a circuit, the method including the steps of:
-
programming a token counter; programming a serial number; deriving a secret key from the serial number and storing the secret key; submitting a challenge and a command to the circuit; the circuit responding to the challenge in a secret manner using at least one of the following; the token counter; the secret key; an encoding algorithm; and information relating to the circuit; executing the command; and producing a response that is evaluated to present an indication of validity. - View Dependent Claims (41, 42, 43, 44)
-
-
45. A circuit which includes:
-
means for programming a token counter with a value; means for programming a serial number; means for deriving a secret key from the serial number; means for storing the secret key; means for accepting a challenge and a command; means for responding to the challenge in a secret manner using at least one of the following; the token counter; the secret key; an encoding algorithm; and information relating to the circuit; means for executing the command; and means for producing a response that is evaluated to present an indication of validity. - View Dependent Claims (46, 47, 48)
-
-
49. A method of performing a transaction on a circuit which includes the steps of:
-
(a) presenting the circuit to a terminal; (b) transferring a challenge and a decrement command from the terminal to the circuit; (c) implementing the decrement command on the circuit; (d) if the decrement command has been successfully implemented, transferring a response from the circuit to the terminal; (e) validating the response; and (f) if the response is valid, accepting the transaction.
-
-
50. A circuit which includes:
-
first storage means for storing a serial number; second storage means for storing a secret derived key derived from the serial number, an issuer'"'"'s key and a first encoding function; token counter means; interface means for receiving a challenge and a decrement command; means for decrementing a count in the token counter means in response to the decrement command; means, in response to a successful count decrement, for producing an encoded value, from the secret derived key, the challenge and a second encoding function; means for providing an encoded response based on the challenge, a key, an algorithm and information on the circuit; and means for presenting the encoded value to the interface means.
-
Specification