System and method for restoring a secured terminal to default status

US 6,983,364 B2
Filed: 06/29/2001
Issued: 01/03/2006
Est. Priority Date: 06/29/2001
Status: Expired due to Fees

First Claim

Patent Images

1. A system for restoring a terminal having a display to a default condition when a clear file is downloaded to the terminal, comprising:

a random number generator included in the terminal; and

a file authentication arrangement for authenticating a clear file that is downloaded to the terminal from outside the terminal.wherein said terminal is arranged to execute a clear instruction in said clear file upon authentication of said clear file.wherein said clear file includes a random number generated by said random number generator and displayed on said display so that the random number can be placed into the clear file before being downloaded to the terminal, andwherein said random number is changed each time said terminal is restored to a default condition so as to prevent replay attacks resulting from copying of the clear file.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Upon receiving a request to clear or reset a terminal, the terminal displays a random number, the random number is placed in a regular file and signed by a private key to created a signed clear file, the clear file is authenticated, and the original random number is replaced by a new random number, thereby ensuring the authenticity of the clear or reset request while protecting the terminal from replay attacks.

21 Citations

View as Search Results

16 Claims

1. A system for restoring a terminal having a display to a default condition when a clear file is downloaded to the terminal, comprising:
- a random number generator included in the terminal; and
  
  a file authentication arrangement for authenticating a clear file that is downloaded to the terminal from outside the terminal.wherein said terminal is arranged to execute a clear instruction in said clear file upon authentication of said clear file.wherein said clear file includes a random number generated by said random number generator and displayed on said display so that the random number can be placed into the clear file before being downloaded to the terminal, andwherein said random number is changed each time said terminal is restored to a default condition so as to prevent replay attacks resulting from copying of the clear file.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. A system as claimed in claim 1, wherein said file authentication arrangement includes a private key for digitally signing said clear file, and a corresponding public key clear certificate containing information necessary to authenticate the digitally signed clear file.
  - 3. A system as claimed in claim 2, wherein said clear certificate is a sponsor public key certificate stored in the terminal and corresponding to a signer certificate downloaded with the digitally signed clear file, said signer certificate corresponding to said private key used to digitally sign said clear file.
  - 4. A system as claimed in claim 2, wherein said private key is stored on a smartcard and is only accessible by a secure processor embedded in the smartcard.
  - 5. A system as claimed in claim 4, wherein said sponsor public key certificate is stored in a read only memory in said terminal.
  - 6. A system as claimed in claim 2, further comprising a file signing tool for digitally signing said clear file, said file signing tool including a smartcard reader, and wherein all digital signing operations requiring access to said private key are carried out by a secure processor embedded in a smartcard inserted into said smartcard reader.
  - 7. A system as claimed in claim 6, wherein said smartcard further has stored thereon a signer certificate for authenticating said digitally signed clear file, and wherein said clear certificate authenticates said signer certificate.
  - 8. A system as claimed in claim 7, wherein said signer certificate includes a file type field containing a clear string that controls clearing of the terminal in order to restore the terminal to its default status.

9. A method of restoring a terminal to a default condition, comprising the steps of:
- generating a random number and storing the random number in a terminal;
  
  displaying the random number on a display of the terminal;
  
  placing the random number in a regular file following display of the random number;
  
  digitally signing the regular file after placement of the random number to create a digitally signed clear file;
  
  downloading the digitally signed clear file to the terminal;
  
  authenticating the digitally signed clear file by comparing the digital signature with a corresponding value based on the stored random number;
  
  restoring the terminal to a default condition;
  
  generating a new random number and replacing the stored random number with the new random number after restoring the terminal to a default condition so as to prevent replay attacks resulting from copying of the digitally signed clear file.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
- - 10. A method as claimed in claim 9, wherein said step of placing the random number in a regular file comprises the steps of displaying the random number and inputting the random number to a filing signing tool.
  - 11. A method as claimed in claim 9, wherein said step of restoring said terminal to a default condition comprises the step of deleting a certificate tree from said terminal.
  - 12. A method as claimed in claim 9, wherein the step of digitally signing the regular file comprises the steps of inserting a smartcard having an embedded secure processor in a smartcard reader connected to the file signing tool, causing the secure processor to access the private key in order to generate the digital signature.
  - 13. A method as claimed in claim 12, wherein the step of authenticating the digital signature comprises the step of authenticating the digital signature based on a signer public key certificate downloaded into the terminal together with the signed clear file.
  - 14. A method as claimed in claim 13, wherein the step of authenticating the digital signature further comprises the step of retrieving a sponsor public key certificate from a read only memory in said terminal and authenticating the signer certificate using the sponsor public key certificate.
  - 15. A method as claimed in claim 13, wherein the step of authenticating the digital signature based on the signer public key certificate comprises the steps of comparing a value derived from the digital signature using the signer public key certificate with a value derived from the stored random number to authenticate said clear file.
  - 16. A method as claimed in claim 13, wherein the step of restoring said terminal to a default condition comprises the step of reading a clear string in a file type field of said signer public key certificate.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Hewlett-Packard Development Company, L.P. (HP Inc.)
Original Assignee
Hewlett-Packard Development Company, L.P. (HP Inc.)
Inventors
Gougeon, Dominique
Primary Examiner(s)
Morse, Gregory
Assistant Examiner(s)
Lipman, Jacob

Application Number

US09/893,479
Publication Number

US 20030005294A1
Time in Patent Office

1,649 Days
Field of Search

713/1, 713/2, 713/100, 713/185, 713/165
US Class Current

713/2
CPC Class Codes

G06Q 20/341   Active cards, i.e. cards in...

G06Q 20/40975   using encryption therefor

G07F 7/1008   Active credit-cards provide...

H04L 9/3247   involving digital signatures

H04L 9/3263   involving certificates, e.g...

System and method for restoring a secured terminal to default status

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

21 Citations

16 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for restoring a secured terminal to default status

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

21 Citations

16 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links