Integrated circuit devices with steganographic authentication, and steganographic authentication methods
First Claim
1. A smart card authentication method comprising:
- selecting a set of defined commands each of which has an inherent function that is not associated with authentication;
transmitting the selected set of defined commands between a smart card and a receiving/sending unit;
receiving the transmitted commands; and
authenticating at least one of the smart card and the receiving/sending unit using the transmitted set of defined commands.
2 Assignments
0 Petitions
Accused Products
Abstract
This invention concerns an integrated circuit (IC) device, such as smart cards, electronic wallets, PC cards, and the like, and various methods for steganographically authenticating identities and authorizing transactions based on the authenticated identities. The IC device has a memory and a processor. The IC device maintains an identity authentication table in the memory to hold an arbitrary number of identities. The identity authentication table correlates identities with authentication structures. In preferred embodiments, the authentication structures each comprise a collection of commands, such as data processing commands, that are normally associated with data handling capabilities of the IC device. The commands are arranged into unique groupings that serve to identify the identity with which they are associated. Authentication can then take place outside of detectable cryptographic protocols. That is, the authentication structures blend in with other seemingly normal data processing functions thereby reducing the chances of detection.
-
Citations
42 Claims
-
1. A smart card authentication method comprising:
-
selecting a set of defined commands each of which has an inherent function that is not associated with authentication;
transmitting the selected set of defined commands between a smart card and a receiving/sending unit;
receiving the transmitted commands; and
authenticating at least one of the smart card and the receiving/sending unit using the transmitted set of defined commands. - View Dependent Claims (2, 3, 4, 5, 6)
determining which commands are used to define the set of commands; and
determining an order of the set of defined commands that are used, and authenticating based upon which commands are used and their order.
-
-
5. The smart card authentication method of claim 1, wherein the functions are associated with data handling.
-
6. The smart card authentication method of claim 1, wherein said transmitting further comprises transmitting at least one false cryptographic command designed to emulate an actual cryptographic operation.
-
7. An authentication method comprising:
-
transmitting a plurality of data processing commands between a first identity that is to be authenticated and a second identity that is to authenticate the first identity, the data processing commands having an apparent data processing function and a hidden function, the apparent data processing function not being associated with authenticating the first identity, the hidden function being associated with authenticating the first identity;
receiving the data processing commands; and
evaluating the hidden functions of the commands to ascertain whether the first identity can be authenticated. - View Dependent Claims (8, 9, 10, 11, 12, 13)
-
-
14. An authentication method comprising:
-
establishing communication between a pair of authenticatable identities, one of which is to be authenticated by the other;
allocating a portion of the communication to steganographic communication; and
authenticating the one identity using the steganographic portion of the communication. - View Dependent Claims (15, 16, 17, 18, 19, 20, 21)
-
-
22. An authentication method comprising:
-
defining a plurality of unencrypted authentication structures, each authentication structure containing at least one command;
associating each authentication structure with an identity that is to be authenticated;
establishing an unencrypted dialog between a pair of identities;
incorporating an authentication structure into the unencrypted dialog;
evaluating the authentication structure; and
authenticating an identity if the authentication structure corresponds to the identity seeking to be authenticated. - View Dependent Claims (23, 24, 25, 26, 27, 28, 29)
-
-
30. A computer readable media having instructions stored thereon which, when executed by a computer, perform the following steps:
-
transmitting a set of defined commands between a smart card and a receiving/sending unit, the defined commands having data-handling functions that are not associated with authentication, the set of defined commands having an order that is associated with one of the smart card and the receiving/sending unit;
receiving the transmitted commands;
recognizing the order of the set of defined commands; and
authenticating at least one of the smart card and the receiving/sending unit based upon the recognized order of the set of defined commands. - View Dependent Claims (31)
-
-
32. A memory device comprising:
-
a memory; and
an authentication table stored in memory to hold a plurality of identities and to correlate data-processing commands with each identity, the data-processing commands for each identity having a unique identity-specific organization which, when recognized, can be used to authenticate an associated identity. - View Dependent Claims (33, 34)
-
-
35. The memory device of clam 32 embodied as a smart card.
- 36. A computer readable medium configured for use in a smart card system for authenticating a plurality of identities, the medium containing an authentication table to hold the plurality of identities and to correlate data-processing commands with each identity, the data-processing commands for each identity having a unique identity-specific organization which, when recognized, can be used to authenticate an associated identity.
-
40. A smart card comprising:
-
a memory; and
steganographic authentication means stored in the memory and configured for steganographically authenticating one or more authenticatable identities. - View Dependent Claims (41, 42)
-
Specification