System and method for alternative encryption techniques

US 6,848,050 B1
Filed: 04/15/1999
Issued: 01/25/2005
Est. Priority Date: 04/16/1998
Status: Expired due to Term

First Claim

Patent Images

1. A method of verifying identification of a user and securely establishing an encryption key for a communication between a verifying entity having knowledge of a first secret and the user having knowledge of a second secret, comprising;

generating a first output which is a function of the first secret and a first random number;

generating a second output which is a function of the second secret and a second random number;

generating a first key which is a transform of the first output that is infeasible to invert without the first secret and the second secret;

generating a second key which is a transform of the second output that is infeasible to invert without the first secret and the second secret;

generating a first encrypted output which is a function of the first secret and the first key;

generating a first verification value by decrypting the first encrypted output with the second key that indicates the equivalence of the first secret to the second secret;

generating a second encrypted output which is a function of the second key and one of either the first decrypted number, if the first decrypted number is equal to both of the first and second secrets, and a random number; and

generating a second verification value which is the second encrypted output decrypted using the first key that indicates an equivalence of the first secret to the second secret and the first key to the second key.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method for verifying the identification of a user and securely establishing an encryption key for a communication between the user and a verifying entity, such as a bank, which makes use of the numeric value of the user'"'"'s personal identification number (PIN) known only to the user and the bank and resolves the man-in-the-middle problem. The system and method replaces a public parameter with the customer'"'"'s PIN to provide an encryption mechanism that is less complex than existing protocols. Use of the protocol enables new products and improvement of existing products using a service access device and service access device interface, including, for example, self-service terminals.

Citations

46 Claims

1. A method of verifying identification of a user and securely establishing an encryption key for a communication between a verifying entity having knowledge of a first secret and the user having knowledge of a second secret, comprising;
- generating a first output which is a function of the first secret and a first random number;
  
  generating a second output which is a function of the second secret and a second random number;
  
  generating a first key which is a transform of the first output that is infeasible to invert without the first secret and the second secret;
  
  generating a second key which is a transform of the second output that is infeasible to invert without the first secret and the second secret;
  
  generating a first encrypted output which is a function of the first secret and the first key;
  
  generating a first verification value by decrypting the first encrypted output with the second key that indicates the equivalence of the first secret to the second secret;
  
  generating a second encrypted output which is a function of the second key and one of either the first decrypted number, if the first decrypted number is equal to both of the first and second secrets, and a random number; and
  
  generating a second verification value which is the second encrypted output decrypted using the first key that indicates an equivalence of the first secret to the second secret and the first key to the second key.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36)
- - 2. The method of claim 1, wherein generating the first output further comprises sending an account number for the user.
  - 3. The method of claim 2, wherein generating the first output further comprises receiving the account number by the verifying entity.
  - 4. The method of claim 3, wherein the first secret comprises a pre-assigned personal identification number for the user related to the account number for the user and identified by the verifying entity.
  - 5. The method of claim 4, wherein generating the first output further comprises identifying a pre-assigned prime for the user related to the account number for the user by the verifying entity.
  - 6. The method of claim 5, wherein generating the first output further comprises generating the first random number by the verifying entity.
  - 7. The method of claim 6, wherein generating the first output further comprises calculating the first output by the verifying entity by the equation
    A=PIN^Xmod p where A is the first output, PIN is the first secret, X is the first random number, and p is the prime.
  - 8. The method of claim 1, wherein generating the second output further comprises generating the second random number.
  - 9. The method of claim 8, wherein generating the second output further comprises calculating the second output for the user by the equation
    B=PIN^Ymod p where B is the second output, PIN is the second secret, Y is the second random number, and p is the prime.
  - 10. The method of claim 1, wherein generating the first key further comprises computing the first key for the user by the equation
    K=A^Ymod p where K is the first key, A is the first output, Y is the second random number, and p is the prime.
  - 11. The method of claim 1, wherein generating the second key further comprises computing the second key by the verifying entity by the equation
    K=B^Xmod p where K is the second key, B is the second output, X is the first random number, and p is the prime.
  - 12. The method of claim 1, wherein generating the first encrypted output further comprises generating the first encrypted output for the user by the equation
    pad PIN with a random number R:
    - C=PIN, R
      encrypt C with K as the key;
      
      F=E_K(C)\where PIN is the first secret, R is a random number, K is the first key, and F is the first encrypted output.
  - 13. The method of claim 1, wherein generating the first encrypted output further comprises sending the second output and the first encrypted output to the verifying entity for the user.
  - 14. The method of claim 1, wherein the first verification value further comprises a first decrypted number that is equal to both the first secret and the second secret only if the first secret is equal to the second secret.
  - 15. The method of claim 14, wherein generating the first verification value further comprises generating the first verification value by the verifying entity by the equation
    decrypt F with K:
    - C=D^K(F) where F is the first encrypted output, K is the second key, and C is the first verification value.
  - 16. The method of claim 15, wherein generating the second encrypted output further comprises generating the second encrypted output by the verifying entity by the equation
    if PIN not recognized in C
    generate random number M else
    pad PIN with a random number r:
    - M=PIN, r
      encrypt M with K as the key and N=E_K(M) where PIN is the second secret, C is the first verification value, K is the second key, and N is the second encrypted output.
  - 17. The method of claim 16, wherein generating the second encrypted output further comprises sending the second encrypted output to the user.
  - 18. The method of claim 17, wherein the second verification value further comprises a second decrypted number that is equal to both the first secret and the second secret only if the first secret is equal to the second secret.
  - 19. The method of claim 18, wherein generating the second verification value further comprises generating the second verification value for the user by the equation
    decrypt N with K:
    - M=D_K(N)
      if PIN is recognized in M
      verification true else
      verification false where N is the second encrypted output, K is the first key, and PIN is the first secret.
  - 20. The method of claim 19, further comprising communicating with K as the secure encryption key between the user and the verifying entity.
  - 21. The method of claim 1, wherein the verifying entity further comprises a financial institution.
  - 22. The method of claim 21, wherein the financial institution further comprises a bank.
  - 23. The method of claim 1, wherein the user further comprises a user at a terminal.
  - 24. The method of claim 23, wherein the terminal further comprises a service access device.
  - 25. The method of claim 24, wherein the service access device further comprises a service access device interface.
  - 26. The method of claim 25, wherein the service access device further comprises a combined smart-automated teller machine card.
  - 27. The method of claim 25, wherein the service access device further comprises an automated teller machine.
  - 28. The method of claim 25, wherein the service access device further comprises a self-service terminal.
  - 29. The method of claim 28, wherein the self-service terminal further comprises a self-service cash terminal.
  - 30. The method of claim 28, wherein the self-service terminal further comprises a self-services gas pump terminal.
  - 31. The method of claim 25, wherein the service access device further comprises a home banking terminal.
  - 32. The method of claim 25, wherein the service access device further comprises an electronic commerce terminal.
  - 33. The method of claim 25, wherein the service access device further comprises a smart card terminal.
  - 34. The method of claim 25, wherein the service access device further comprises a merchant terminal.
  - 35. The method of claim 25, wherein the service access device further comprises an infrared compatible terminal.
  - 36. The method of claim 1, further comprising sending a communication encrypted with an encryption key established by the equivalence of the first key to the second key.

37. A system for verifying the identification of a user and securely establishing an encryption key for a communication between a verifying entity having knowledge of a first secret and the user having knowledge of a second secret, comprising:
- means for generating a first output with is a function of the first secret and a first random number;
  
  means for generating a second output which is a function of the second secret and a second random number;
  
  means for generating a first key which is a transform of the first output that is infeasible to invert without the first secret and the second secret;
  
  means for generating a second key which is a transform of the second output that is infeasible to invert without the first secret and the second secret;
  
  means for generating a first encrypted output which is a function of the first secret and the first key;
  
  means for generating a first verification value by decrypting the first encrypted output with the second key that indicates the equivalence of the first secret to the second secret;
  
  means for generating a second encrypted output which is a function of the second key and one of either the first decrypted number, if the first decrypted number is equal to both of the first and second secrets, and a random number; and
  
  means for generating a second verification value which is the second encrypted output decrypted using the first key that indicates an equivalence of the first secret to the second secret and the first key to the second key.
- View Dependent Claims (38, 39, 40, 41, 42, 43, 44, 45)
- - 38. The system of claim 37, wherein the means for generating the first output further comprises the equation
    A=PIN^Xmod p where A is the first output, PIN is the first secret, X is the first random number, and p is the prime.
  - 39. The system of claim 37, wherein the means for generating the second output further comprises the equation
    B=PIN^Ymod p where B is the second output, PEN is the second secret, Y is the second random number, and p is the prime.
  - 40. The system of claim 37, wherein the means for generating the first key further comprises the equation
    K=A^Ymod p where K is the first key, A is the first output, Y is the second random number, and p is the prime.
  - 41. The system of claim 37, wherein the means for generating the second key further comprises the equation
    K=B^Xmod p where K is the second key, B is the second output, X is the first random number, and p is the prime.
  - 42. The system of claim 37, wherein the means for generating the first encrypted output further comprises the equation
    pad PIN with a random number R:
    - C=PIN, R
      encrypt C with K as the key;
      
      F=E_K(C)\where PIN is the first secret, R is a random number, K is the first key, and F is the first encrypted output.
  - 43. The system of claim 37, wherein the means for generating the first verification value further comprises the equation
    decrypt F with K:
    - C=D_K(F) where F is the first encrypted output, K is the second key, and C is the first verification value.
  - 44. The system of claim 43, wherein the means for generating the second encrypted output further comprises the equation
    if PIN not recognized in C
    generate random number M else
    pad PIN with a random number r:
    - M=PIN, r
      encrypt M with K as the key and N=E_K(M) where PIN is the second secret, C is the first verification value, K is the second key, and N is the second encrypted output.
  - 45. The system of claim 44, wherein the means for generating the second verification value further comprises the equation
    - decrypt N with K;
      
      M=D_K(N)
      if PIN is recognized in M
      verification true else
      verification false where N is the second encrypted output, K is the first key, and PIN is the first secret.

46. A method of verifying identification of a user and securely establishing an encryption key for a communication between a verifying entity having knowledge of a first secret and the user having knowledge of a second secret, comprising:
- generating a first output by the verifying entity which is a function of the first secret and a first random number, the first secret comprising a pre-assigned personal identification number for the user related to an account number for the user, and the first output being calculated by the equation
  A=PIN^Xmod p where A is the first output, PIN is the pre-assigned personal identification number, X is the first random number, and p is a pre-assigned prime related to the account number;
  
  generating a second output by the user which is a function of the second secret and a second random number, the second secret comprising the pre-assigned personal identification number for the user, and the second output being calculated by the equation
  B=PIN^Ymod p where B is the second output, PIN is the second secret, Y is the second random number, and p is the pre-assigned prime;
  
  generating a first key by the user which is a transform of the first output that is infeasible to invert without the first secret and the second secret;
  
  generating a second key by the verifying entity which is a transform of the second output that is infeasible to invert without the first secret and the second secret;
  
  generating a first encrypted output by the user which is a function of the first secret and the first key;
  
  generating a first verification value by the verifying entity by decrypting the first encrypted output with the second key that indicates the equivalence of the first secret to the second secret;
  
  generating a second encrypted output by the verifying entity which is a function of the second key and one of either the first decrypted number, if the first decrypted number is equal to both of the first and second secrets, and a random number; and
  
  generating a second verification value by the user which is the second encrypted output decrypted using the first key that indicates an equivalence of the first secret to the second secret and the first key to the second key.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Citicorp Credit Services Incorporated (Citigroup Incorporated)
Original Assignee
Citicorp Development Center Incorporated (Citigroup Incorporated)
Inventors
Merman, Michael, Smushkovich, Yosif
Primary Examiner(s)
Morse, Gregory
Assistant Examiner(s)
CALLAHAN, PAUL E

Application Number

US09/292,718
Time in Patent Office

2,112 Days
Field of Search

380/259, 380/262, 380/268, 380/283, 380/44, 380/28, 705/66, 705/67, 705/72, 713/171, 713/184
US Class Current

713/171
CPC Class Codes

G06F 21/31   User authentication

G06F 2221/2107   File encryption

G06Q 20/341   Active cards, i.e. cards in...

G06Q 20/3672   initialising or reloading t...

G06Q 20/3674   involving authentication

G06Q 20/4012   Verifying personal identifi...

G06Q 20/40975   using encryption therefor

G07F 7/1008   Active credit-cards provide...

G07F 7/1016   Devices or methods for secu...

System and method for alternative encryption techniques

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

46 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for alternative encryption techniques

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

46 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links