Method and system for producing wise cards

US 7,171,565 B1
Filed: 10/10/2000
Issued: 01/30/2007
Est. Priority Date: 10/10/2000
Status: Expired due to Fees

First Claim

Patent Images

1. A method of preventing counterfeiting of a smart card, comprising:

providing a smart card with a cryptographic structure for authorizing the smart card which cannot be accessed completely by a predetermined small number of readings,wherein said cryptographic structure can be built only by whoever emits the card or an agent thereof;

providing a reader for reading said smart card and including a database holding information related to unauthorized smart cards, said reader being on-line, such that said reader is operatively connected to a network, only when said database of said reader is being updated by said network,wherein said reader includes a random number generator, which, when a card is read, chooses a pair (a, b) of distinct numbers with a<

b between l and N,wherein said smart card carries thereon predetermined N channels as C1, C2, . . . , CN, where N is an integer,wherein each channel Ci, with i equal to 1, 2, . . . , N, carries a pair of numbers (hi, li), andwherein hi is the i^thhigh number and li is the i^thlow number,wherein said reader obtains a content of only two of said channels, and periodically communicating, by said reader of said smart card, with a database where a predetermined characteristic of the card is checked.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method (and system) for preventing counterfeiting and cloning of smart cards, includes providing a smart card with a cryptographic structure for authorizing the smart card which can not be accessed completely by a predetermined small number of readings. The cryptographic structure can be built only by whoever emits the card or an agent thereof.

13 Citations

View as Search Results

25 Claims

1. A method of preventing counterfeiting of a smart card, comprising:
- providing a smart card with a cryptographic structure for authorizing the smart card which cannot be accessed completely by a predetermined small number of readings,wherein said cryptographic structure can be built only by whoever emits the card or an agent thereof;
  
  providing a reader for reading said smart card and including a database holding information related to unauthorized smart cards, said reader being on-line, such that said reader is operatively connected to a network, only when said database of said reader is being updated by said network,wherein said reader includes a random number generator, which, when a card is read, chooses a pair (a, b) of distinct numbers with a<
  
  b between l and N,wherein said smart card carries thereon predetermined N channels as C1, C2, . . . , CN, where N is an integer,wherein each channel Ci, with i equal to 1, 2, . . . , N, carries a pair of numbers (hi, li), andwherein hi is the i^thhigh number and li is the i^thlow number,wherein said reader obtains a content of only two of said channels, and periodically communicating, by said reader of said smart card, with a database where a predetermined characteristic of the card is checked.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21)
- - 2. The method of claim 1, wherein an entire process of said method is performable off-line.
  - 3. The method of claim 1, further comprising:
    - using public key cryptography with associated encoding and decoding functions Vi and Vi^−
      
      1in each channel i,wherein each function Vi^−
      
      1is known publicly, and Vi is known only to a predetermined party representing an owner of the smart card.
  - 4. The method of claim 3, wherein for each i in 1, 2, . . . , N the pair (hi, li) is such that hi=Vi(li), or hi=Vi(K(li)), where K represents a publicly-known cryptographic hash function, andwherein each li contains a plurality of symbols for redundancy.
  - 5. The method of claim 4, further comprising:
    - processing, using an invertible function f which is made public, such that the low numbers in said smart card satisfy l(i+j)=l^j(li), where pⁱrepresents the j^thiteration of the function f.
  - 6. The method of claim 4, wherein before processing the smart card, the reader obtains the pair (ha, la) and hb;
    - using the public keys Va^−
      
      1and Vb^−
      
      1, checking by the reader whether the pairs (ha, la) and (hb, lb) are compatible, and, consequently, that the numbers ha, la, and hb belong to a same legitimate card.
  - 7. The method of claim 6, wherein said pairs (hi, li) to be contained on the smart card are generated by:
    - choosing a prefix of 11 once for all transactions, or changed whenever needed, wherein said prefix is publicly known; and
      
      providing a sequence, such that the sequence is generated so that a same number is not chosen twice, and so that corresponding other li'"'"'s are not chosen as new 11s.
  - 8. The method of claim 7, further comprising:
    - concatenating the prefix and the sequence to form 11; and
      
      choosing a function f which is invertible and is publicly known, to construct 12=f(11), 13=f(12), and so forth.
  - 9. The method of claim 8, wherein the function f is chosen to be the identity map, in which case 11−
    - 12=13=. . . −
      
      IN.
  - 10. The method of claim 9, choosing, for a number N, N public key-private key pairs, such that a first private key V1 is for computing h1=V1(11), a second private key V2 is for computing h2−
    - V2(12), and so on.
  - 11. The method of claim 10, further comprising:
    - verifying whether the smart card is authentic; and
      
      checking whether the smart card is not in a list of cards to be refused.
  - 12. The method of claim 7, wherein said sequence comprises equal to or less than 1024 bits.
  - 13. The method of claim 1, wherein the predetermined characteristic comprises whether a smart card has delivered more than a predetermined amount of money to a user of the smart card.
  - 14. The method of claim 13, wherein if a card is detected as delivering too much money, the data base communicates a corresponding number 11 to all readers in a network, so that smart cards carrying said corresponding number are declined.
  - 15. The method of claim 1, wherein said cryptographic structure is changed periodically.
  - 16. The method of claim 1, wherein said smart card is invalidated after a predetermined time of usage.
  - 17. The method of claim 1, wherein, when the smart card is read by said reader, a random generator is prompted which provides two integer numbers, a and b, which are not between 1 and N, with a<
    - b.
  - 18. The method of claim 17, wherein said numbers a, b are transmitted to the smart card which delivers two high numbers ha, hb, and a low number la in a channel a, andwherein the pair (a, b), together with a function f in a memory in the reader, are used to compute the low number lb=f^(b-a)(la), said memory in said reader delivering public keys Va⁻
    - 1 and Vb^−
      
      1.
  - 19. The method of claim 18, wherein the public keys are used by a comparator together with the pairs (ha, la) and (hb, la), to verify that the pairs are compatible with the corresponding keys, and that the pairs are from a same legitimate card.
  - 20. The method of claim 1, further comprising:
    - performing a final validation of the smart card by at least one of;
      
      contacting a central data base if an entire transaction is made on-line with no penalty; and
      
      checking with a local data base in said reader, said local database being refreshed periodically by contact between said local database and said central database.
  - 21. The method of claim 1, wherein information stored on said smart card is devoid of confidential information.

22. A method of preventing counterfeiting of a smart card, comprising:
- providing a smart card such that none of confidential information and a cryptographic key for authorizing the smart card, is carried on the smart card;
  
  reading said card by a reader such that in each reading, said reader reads only a predetermined small amount of information which makes the card unique,wherein said reader includes a random number generator, which, when a card is read, chooses a pair (a, b) of distinct numbers with a<
  
  b between 1 and N,wherein before processing the smart card, the reader obtains the pair (ha, la) and hb;
  
  using the public keys Va^−
  
  1and Vb^−
  
  1, checking by the reader whether the pairs (ha, la) and (hb, la) are compatible, and, consequently, that the numbers ha, la, and hb belong to a same legitimate card,wherein said pairs (hi, li) to be contained on the smart card are generated by;
  
  choosing a prefix of ll once for all transactions, or changed whenever needed, wherein said prefix is publicly known;
  
  providing a sequence, such that the sequence is generated so that a same number is not chosen twice, and so that corresponding other li'"'"'s are not chosen as new lls;
  
  concatenating the prefix and the sequence to form ll;
  
  choosing a function f which is invertible and is publicly known, to construct 12−
  
  l(11), 13−
  
  l(12), and so forth, wherein the function f is chosen to be the identity map, in which case 11−
  
  12−
  
  13= . . . =lN; and
  
  choosing for a number N, N public key-private key pairs, such that a first private key V1 is for computing h1−
  
  Vl(11), a second private key V2 is for computing h2=V2(12), and so on.
- View Dependent Claims (23)
- - 23. The method of claim 22, wherein a transaction performed under said method comprises substantially an off-line transaction.

24. A system for preventing cloning of a smart card, comprising:
- a smart card such that a cryptographic structure for authorizing the smart card is not carried on the smart card; and
  
  a reader for reading the smart card and including a database for linking to a network and being updated periodically with a list of unauthorized smart cards,wherein said reader includes a random number generator, which, when a card is read, chooses a pair (a, b) of distinct numbers with a<
  
  b between 1 and N,wherein before processing the smart card, the reader obtains the pair (ha, la) and hb;
  
  using the public keys Va^−
  
  1and Vb^−
  
  1, checking by the reader whether the pairs (ha, la) and (hb, lb) are compatible, and, consequently, that the numbers ha, la, and hb belong to a same legitimate card, andwherein said cryptographic structure is kept secret by whoever emits the card or an agent thereof,wherein said pairs (hi, li) to be contained on the smart card are generated by;
  
  choosing a prefix of ll once for all transactions, or changed whenever needed, wherein said prefix is publicly known;
  
  providing a sequence, such that the sequence is generated so that a same number is not chosen twice, and so that corresponding other li'"'"'s are not chosen as new lls;
  
  concatenating the prefix and the sequence to form ll;
  
  choosing a function f which is invertible and is publicly known, to construct 12=f(11), 13=f(12), and so forth, wherein the function f is chosen to be the identity map, in which case 11=12=13= . . . =lN; and
  
  choosing, for a number N, N public key-private key pairs, such that a first private key V1 is for computing h1=V1(11), a second private key V2 is for computing h2=V2(12), and so on.

25. A computer-readable medium tangibly embodying a program of recordable, machine-readable instructions executable by a digital processing apparatus to perform a method for preventing counterfeiting and cloning of smart cards, comprising:
- providing a smart card with a cryptographic structure for authorizing the smart card which cannot be accessed completely by a predetermined number of readings,reading said card by a reader such that in each reading, said reader reads only a predetermined small amount of information which makes the card unique,wherein said reader includes a random number generator, which, when a card is read, chooses a pair (a, b) of distinct numbers with a<
  
  b between 1 and N,wherein before processing the smart card, the reader obtains the pair (ha, la) and hb;
  
  using the public keys Va^−
  
  1and Vb^−
  
  1, checking by the reader whether the pairs (ha, la) and (hb, lb) are compatible, and, consequently, that the numbers ha, la, and hb belong to a same legitimate card, andwherein said cryptographic structure can be built only by whoever emits the card of an agent thereof,wherein said pairs (hi, li) to be contained on the smart card are generated by;
  
  choosing a prefix of ll once for all transactions, or changed whenever needed, wherein said prefix is publicly known;
  
  providing a sequence, such that the sequence is generated so that a same number is not chosen twice, and so that corresponding other li'"'"'s are not chosen as new lls;
  
  concatenating the prefix and the sequence to form ll;
  
  choosing a function f which is invertible and is publicly known, to construct 12=f(11), 13−
  
  f(12), and so forth, wherein the function f is chosen to be the identity map, in which case 11=12=13= . . . =lN; and
  
  choosing, for a number N, N public key-private key pairs, such that a first private key V1 is for computing h1=V1(11), a second private key V2 is for computing h2=V2(12), and so on.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Martens, Marco, Tresser, Charles Philippe
Primary Examiner(s)
Moazzami; Nasser
Assistant Examiner(s)
HOFFMAN, BRANDON S

Application Number

US09/685,026
Time in Patent Office

2,303 Days
Field of Search

713/185
US Class Current

713/185
CPC Class Codes

G06Q 20/341   Active cards, i.e. cards in...

G06Q 20/3552   Downloading or loading of p...

G06Q 20/40975   using encryption therefor

G07F 7/1008   Active credit-cards provide...

G07F 7/1016   Devices or methods for secu...

H04L 2209/127   Trusted platform modules [TPM]

H04L 9/002   Countermeasures against att...

H04L 9/30   Public key, i.e. encryption...

Method and system for producing wise cards

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

13 Citations

25 Claims

Specification

Use Cases

Quick Links

Others

Method and system for producing wise cards

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

13 Citations

25 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others