Method of securely storing and retrieving monetary data

US 6,003,764 A
Filed: 02/12/1997
Issued: 12/21/1999
Est. Priority Date: 02/12/1996
Status: Expired due to Fees

First Claim

Patent Images

1. A method of securely storing and retrieving data, the method comprising the steps of:

(a) generating a commitment (A) in a terminal;

(b) sending the commitment (A) from the terminal to an integrated circuit card and an electronic wallet;

(c) storing the commitment (A) in the electronic wallet;

(d) receiving the commitment (A) in the integrated circuit card;

(e) generating, in the integrated circuit card, an identification value (C) and a fingerprint (E) of the identification value (C) which identifies the identification value (C) but from which the identification value (C) cannot be derived;

(f) sending the fingerprint (E) from the integrated circuit card to the terminal;

(g) producing, in the terminal, an authenticating value (B) using the received fingerprint (E);

(h) storing the authenticating value (B) in the electronic wallet;

(i) retrieving, by the integrated circuit card, the commitment (A) from the electronic wallet;

(j) regenerating, in the integrated circuit card, the identification value (C) and the fingerprint (E) of the identification value (C);

(k) resending the fingerprint (E) from the integrated circuit card to the electronic wallet;

(l) verifying the fingerprint (E) in the electronic wallet; and

(m) retrieving, by the integrated circuit card, the authenticating value (B) from the electronic wallet.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method of securely storing and retrieving monetary values, such as electronic checks and electronic coins. In an interactive protocol between an issuer (e.g., a bank terminal) and a recipient (e.g., a smart card) of electronic money, authentication values (A, B, . . .) are produced by the issuer and are stored in an external storage device (e.g., an electronic wallet). At a later stage, the protocol is repeated between the recipient and the storage to securely retrieve the stored authentication values.

Citations

13 Claims

1. A method of securely storing and retrieving data, the method comprising the steps of:
- (a) generating a commitment (A) in a terminal;
  
  (b) sending the commitment (A) from the terminal to an integrated circuit card and an electronic wallet;
  
  (c) storing the commitment (A) in the electronic wallet;
  
  (d) receiving the commitment (A) in the integrated circuit card;
  
  (e) generating, in the integrated circuit card, an identification value (C) and a fingerprint (E) of the identification value (C) which identifies the identification value (C) but from which the identification value (C) cannot be derived;
  
  (f) sending the fingerprint (E) from the integrated circuit card to the terminal;
  
  (g) producing, in the terminal, an authenticating value (B) using the received fingerprint (E);
  
  (h) storing the authenticating value (B) in the electronic wallet;
  
  (i) retrieving, by the integrated circuit card, the commitment (A) from the electronic wallet;
  
  (j) regenerating, in the integrated circuit card, the identification value (C) and the fingerprint (E) of the identification value (C);
  
  (k) resending the fingerprint (E) from the integrated circuit card to the electronic wallet;
  
  (l) verifying the fingerprint (E) in the electronic wallet; and
  
  (m) retrieving, by the integrated circuit card, the authenticating value (B) from the electronic wallet.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- - 2. The method according to claim 1, wherein the identification value (C) is stored in the integrated circuit card.
  - 3. The method according to claim 1, wherein the steps of generating and regenerating comprise generating and regenerating the identification value from a seed (X) stored in the integrated circuit card.
  - 4. The method according to claim 3, further comprising the step of generating the seed (X) by combining a fixed base seed (X₀) and an index (Y), wherein the index (Y) indicates how many times a function is to be applied to the base seed (X₀).
  - 5. The method according to claim 4, further comprising the step of discarding the identification value (C) in the integrated circuit card after the step (e) of generating.
  - 6. The method according to claim 3, further comprising the step of discarding the identification value (C) in the integrated circuit card after the step (e) of generating.
  - 7. The method according to claim 1, further comprising the step of discarding the commitment (A) and the authenticating value (B) in the integrated circuit card after the step of generating.
  - 8. The method according to claim 1, wherein the step of generating comprises the step of producing the fingerprint (E) by subjecting both (1) the identification value (C) and (2) the commitment (A) to a function (H).
  - 9. The method according to claim 1, wherein the step (g) of producing comprises the step of producing the authenticating value (B) using the fingerprint (E) and a secret key (K_s).
  - 10. The method according to claim 1, wherein the steps (i) and (m) of retrieving comprise retrieving the commitment (A) and the authenticating value (B) to regenerate monetary data (D).
  - 11. The method according to claim 10, wherein the step (1) of verifying comprises verifying the regenerated monetary data (D) using a public key (K_p) of the terminal.
  - 12. The method according to claim 1, wherein the step of generating comprises the step of producing the fingerprint (E) by subjecting both (1) the identification value (C) and (2) the commitment (A) to a hash function (H).
  - 13. The method as claimed in claim 1, wherein the steps (a)-(h) are performed in a first phase, and wherein steps (i)-(m) are performed in a second phase.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Koninklijke KPN NV
Original Assignee
Koninklijke KPN NV
Inventors
Bosselaers, Antoon Wilfried Jan, De Rooij, Peter Jacobus Nicolaas
Primary Examiner(s)
Lee, Michael G
Assistant Examiner(s)
FUREMAN, JARED

Application Number

US08/799,627
Time in Patent Office

1,042 Days
Field of Search

235/375, 235/379, 235/380, 902/3, 902/5, 902/26, 380/24, 380/25
US Class Current

235/379
CPC Class Codes

G06Q 20/341   Active cards, i.e. cards in...

G06Q 20/3674   involving authentication

G06Q 20/3678   e-cash details, e.g. blinde...

G07F 7/082   Features insuring the integ...

G07F 7/0886   the card reader being porta...

G07F 7/1008   Active credit-cards provide...

Method of securely storing and retrieving monetary data

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

Citations

13 Claims

Specification

Solutions

Use Cases

Quick Links

Method of securely storing and retrieving monetary data

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

13 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links