Electronic-monetary system

US 7,269,256 B2
Filed: 05/13/2002
Issued: 09/11/2007
Est. Priority Date: 11/15/1991
Status: Expired due to Fees

First Claim

Patent Images

1. A device having an input and an output, said device comprising:

a memory;

a certifying authority having an authority public key known to said device;

a key pair generator which generates a device key pair for said device, said device key pair includes a device private key and a device public key which are stored in said memory, said device key pair generator is capable of exporting said device public key via said output to said certifying authority such that said certifying authority is enabled to perform a verification that said device public key emerged from said device, and that said device was not attacked by a tampering phenomenon, and whereupon said verification being successful said certifying authority is able to certify that said device is in an untampered state, wherein said device key pair generator regenerates a new key pair in response to a predetermined event; and

a certificate which certifies an authenticity of said new key pair, wherein the secure device is issued a first certificate that has a finite life, and said recertification is performed at predetermined intervals prior to an end of said finite life.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An improved monetary system using electronic media to exchange economic value securely and reliably is disclosed. The system provides a complete monetary system having electronic money that is interchangeable with conventional paper money. Also disclosed is a system for open electronic commerce having a customer trusted agent securely communicating with a first money module, and a merchant trusted agent securely communicating with a second money module. Both trusted agents are capable of establishing a first cryptographically secure session, and both money modules are capable of establishing a second cryptographically secure session. The merchant trusted agent transfers electronic merchandise to the customer trusted agent, and the first money module transfers electronic money to the second money module. The money modules inform their trusted agents of the successful completion of payment, and the customer may use the purchased electronic merchandise.

112 Citations

32 Claims

1. A device having an input and an output, said device comprising:
- a memory;
  
  a certifying authority having an authority public key known to said device;
  
  a key pair generator which generates a device key pair for said device, said device key pair includes a device private key and a device public key which are stored in said memory, said device key pair generator is capable of exporting said device public key via said output to said certifying authority such that said certifying authority is enabled to perform a verification that said device public key emerged from said device, and that said device was not attacked by a tampering phenomenon, and whereupon said verification being successful said certifying authority is able to certify that said device is in an untampered state, wherein said device key pair generator regenerates a new key pair in response to a predetermined event; and
  
  a certificate which certifies an authenticity of said new key pair, wherein the secure device is issued a first certificate that has a finite life, and said recertification is performed at predetermined intervals prior to an end of said finite life.
- View Dependent Claims (2, 3, 4)
- - 2. A device as recited in claim 1, wherein said device uses said device private key to sign said certificate which asserts a change from said public key to a new public key.
  - 3. A device as recited in claim 2, wherein said certificate is shown to be rooted in said first certificate so as to maintain said untampered state.
  - 4. A device as recited in claim 3, further comprising a recertifier for enabling said certifying authority to recertify said device.

5. A method for a certifying authority to certify an untampered state of a device, said method comprising:
- a certifying authority having an authority public key known to said device;
  
  generating a device key pair for said device, said device key pair including a device private key and a device public key which are stored in said memory;
  
  exporting said device public key to said certifying authority;
  
  enabling said certifying authority to perform a verification that said device public key emerged from said device, and that said device was not attacked by a tampering phenomenon, and whereupon said verification being successful said certifying authority certifying that said device is in an untampered state;
  
  regenerating a new key pair in response to a predetermined event;
  
  generating a certificate certifying authenticity of said new key pair;
  
  ensuring that said certificate is available to a user to whom the device wishes to be authenticated by the certifying authority sending said certificate to the device; and
  
  said device authenticating that said certificate came from said certifying authority, wherein authenticating is implemented using a secret key authenticating technique.

6. A device having an input and an output, said device comprising:
- a memory;
  
  a tamper circuit coupled to said memory and being responsive to a tampering phenomenon, such that a certifying authority can determine an occurrence of said phenomenon, said certifying authority having an authority public key known to said device;
  
  a key pair generator which generates a device key pair for said device, said device key pair includes a device private key and a device public key which are stored in said memory, said device key pair generator is capable of exporting said device public key via said output to said certifying authority such that said certifying authority is enabled to perform a verification that said device public key emerged from said device, and that said device was not attacked by said tampering phenomenon, and whereupon said verification being successful said certifying authority is able to certify that said device is in an untampered state, wherein said device key pair generator regenerates a new key pair in response to a predetermined event;
  
  wherein said device digitally signs a public key of the new key pair using the device private key of the device key pair, and wherein the secure device is issued a first certificate that has a finite life, and said recertification is performed at predetermined intervals prior to an end of said finite life.
- View Dependent Claims (7, 8)
- - 7. A device as recited in claim 6, wherein said device uses said device private key to sign said certificate which asserts a change from said public key to a new public key.
  - 8. A device as recited in claim 7, wherein said certificate is shown to be rooted in said first certificate so as to maintain said untampered state.

9. A method for a certifying authority to certify an untampered state of a device, said method comprising:
- providing a tamper circuit being responsive to a tampering phenomenon;
  
  a certifying authority determining an occurrence of said phenomenon, said certifying authority having an authority public key known to said device;
  
  generating a device key pair for said device, said device key pair including a device private key and a device public key which are stored in said memory;
  
  exporting said device public key to said certifying authority;
  
  enabling said certifying authority to perform a verification that said device public key emerged from said device, and that said device was not attacked by said tampering phenomenon, and whereupon said verification being successful said certifying authority certifying that said device is in an untampered state;
  
  regenerating a new key pair in response to a predetermined event;
  
  digitally signing a public key of the new key pair using the device private key of the device key pair;
  
  ensuring that said device certificate is available to a user to whom the device wishes to be authenticated; and
  
  said device authenticating that said certificate came from said certifying authority, wherein said step of authenticating is implemented using a secret key authenticating technique.

10. A device having an input and an output, said device comprising:
- a memory;
  
  said certifying authority having an authority public key known to said device;
  
  a key pair generator which generates a device key pair for said device, said device key pair includes a device private key and a device public key which are stored in said memory, said device key pair generator is capable of exporting said device public key via said output to said certifying authority such that said certifying authority is enabled to perform a verification that said device public key emerged from said device, wherein said device key pair generator regenerates a new key pair in response to a predetermined event;
  
  wherein said device digitally signs a public key of the new key pair using the device private key of the device key pair, wherein the secure device is issued a first certificate that has a finite life, and said recertification is performed at predetermined intervals prior to an end of said finite life.
- View Dependent Claims (11, 12)
- - 11. A device as recited in claim 10, wherein said device uses said device private key to sign said certificate which asserts a change from said public key to a new public key.
  - 12. A device as recited in claim 11, wherein said certificates are shown to be rooted in said first certificate so as to maintain said untampered state.

13. A device having an input and an output, said device comprising:
- a memory;
  
  said certifying authority having an authority public key known to said device;
  
  a key pair generator which generates a device key pair for said device, said device key pair includes a device private key and a device public key which are stored in said memory, said device key pair generator is capable of exporting said device public key via said output to said certifying authority such that said certifying authority is enabled to perform a verification that said device public key emerged from said device, wherein said device key pair generator regenerates a new key pair in response to a predetermined event;
  
  wherein said device digitally signs a public key of the new key pair using the device private key of the device key pair, and a recertifier for enabling said certifying authority to recertify said device.

14. A method for a certifying authority to certify an untampered state of a device, said method comprising:
- a certifying authority having an authority public key known to said device;
  
  generating a device key pair for said device, said device key pair including a device private key and a device public key which are stored in said memory;
  
  exporting said device public key to said certifying authority;
  
  enabling said certifying authority to perform a verification that said device public key emerged from said device, regenerating a new key pair in response to a predetermined event;
  
  digitally signing a public key of the new key pair using the device private key of the device key pair;
  
  ensuring that said device certificate is available to a user to whom the device wishes to be authenticated by the certifying authority sending said certificate to the device; and
  
  said device authenticating that said certificate came from said certifying authority by using a secret key authenticating technique.

15. A device having an input and an output, said device comprising:
- a memory;
  
  a tamper circuit coupled to said memory and being responsive to a tampering phenomenon, such that a certifying authority can determine an occurrence of said phenomenon, said certifying authority having an authority public key known to said device;
  
  a key pair generator which generates a device key pair for said device, said device key pair includes a device private key and a device public key which are stored in said memory, said device key pair generator is capable of exporting said device public key via said output to said certifying authority such that said certifying authority is enabled to perform a verification that said device public key emerged from said device, and that said device was not attacked by said tampering phenomenon, and whereupon said verification being successful said certifying authority is able to certify that said device is in an untampered state, wherein said device key pair generator regenerates a new key pair in response to a predetermined event;
  
  a certificate which certifies an authenticity of said new key pair; and
  
  a zeroizing circuit capable of erasing a portion of said memory upon said tamper circuit detecting an occurrence of said tampering phenomenon.
- View Dependent Claims (16)
- - 16. A device as recited in claim 15, wherein said memory includes all non-volatile memory in said device.

17. A device having an input and an output, said device comprising:
- a memory;
  
  a tamper circuit coupled to said memory and being responsive to a tampering phenomenon, such that a certifying authority can determine an occurrence of said phenomenon, said certifying authority having an authority public key known to said device;
  
  a key pair generator which generates a device key pair for said device, said device key pair includes a device private key and a device public key which are stored in said memory, said device key pair generator is capable of exporting said device public key via said output to said certifying authority such that said certifying authority is enabled to perform a verification that said device public key emerged from said device, and that said device was not attacked by said tampering phenomenon, and whereupon said verification being successful said certifying authority is able to certify that said device is in an untampered state, wherein said device key pair generator regenerates a new key pair in response to a predetermined event;
  
  a certificate which certifies an authenticity of said new key pair; and
  
  a recertifier for enabling said certifying authority to authenticate said untampered state, provide a recertification of said untampered state, and attest to said public key.
- View Dependent Claims (18)
- - 18. A device as recited in claim 17, wherein said first certificate has a finite life, and said recertification is performed at predetermined intervals prior to an end of said finite life.

19. A device having an input and an output, said device comprising:
- a memory;
  
  a tamper circuit coupled to said memory and being responsive to a tampering phenomenon, such that a certifying authority can determine an occurrence of said phenomenon, said certifying authority having an authority public key known to said device;
  
  a key pair generator which generates a device key pair for said device, said device key pair includes a device private key and a device public key which are stored in said memory, said device key pair generator is capable of exporting said device public key via said output to said certifying authority such that said certifying authority is enabled to perform a verification that said device public key emerged from said device, and that said device was not attacked by said tampering phenomenon, and whereupon said verification being successful said certifying authority is able to certify that said device is in an untampered state, wherein said device key pair generator regenerates a new key pair in response to a predetermined event; and
  
  a certificate which certifies an authenticity of said new key pair, wherein said device uses said device private key to sign said certificate which asserts a change from said public key to a new public key.
- View Dependent Claims (20, 21, 22)
- - 20. A apparatus as recited in claim 19, wherein said certificates are shown to be rooted in said first certificate so as to maintain said untampered state.
  - 21. A device as recited in claim 20, further comprising a recertifier for enabling said certifying authority to recertify said device.
  - 22. A device as recited in claim 21, wherein said recertifier authenticates said untampered state, provides a recertification of said untampered state, and attests to said public key.

23. A device having an input and an output, said device comprising:
- a memory;
  
  a tamper circuit coupled to said memory and being responsive to a tampering phenomenon, such that a certifying authority can determine an occurrence of said phenomenon, said certifying authority having an authority public key known to said device;
  
  a key pair generator which generates a device key pair for said device, said device key pair includes a device private key and a device public key which are stored in said memory, said device key pair generator is capable of exporting said device public key via said output to said certifying authority such that said certifying authority is enabled to perform a verification that said device public key emerged from said device, and that said device was not attacked by said tampering phenomenon, and whereupon said verification being successful said certifying authority is able to certify that said device is in an untampered state, wherein said device key pair generator regenerates a new key pair in response to a predetermined event; and
  
  a certificate which certifies an authenticity of said new key pair, wherein said tampering phenomenon is such as to cause the device to undergo an action that triggers tamper-response zeroization.

24. A device having a memory which includes data required to be erased upon a tampering attempt, said device comprising:
- a tamper responsive circuit having an enabling capability;
  
  a certifying authority;
  
  an initialization circuit wherein said certifying authority enables said tamper responsive circuit using said enabling capability;
  
  a first key pair generator for generating a public key made available to a plurality of third party users, and for generating a private key retained in said memory;
  
  a certification circuit for exporting said public key to said certifying authority to enable said certifying authority to verify said public key, to certify that said public key emerged from said device, and to certify that said device is untampered;
  
  a key pair regenerator for forming a new key pair, upon an occurrence of a predetermined event, where said key pair includes a new public key and a new private key; and
  
  a recertifier for exporting said new public key to said certifying authority such as to enable said certifying authority to verify said new public key and certify that said new public key emerged from said device and that said device is untampered.

25. A device having a memory which includes data required to be erased upon a tampering attempt said device comprising:
- a tamper responsive circuit having an enabling capability;
  
  a certifying authority;
  
  an initialization circuit wherein said certifying authority enables said tamper responsive circuit using said enabling capability;
  
  a first key pair generator for generating a public key made available to a plurality of third party users, and for generating a private key retained in said memory;
  
  a certification circuit for exporting said public key to said certifying authority to enable said certifying authority to verify said public key, to certify that said public key emerged from said device, and to certify that said device is untampered; and
  
  a key pair regenerator for forming a new key pair, upon an occurrence of a predetermined event, where said key pair includes a new public key and a new private key, wherein at least a portion of said memory is zeroized upon said tamper responsive circuit detecting a tampering event.
- View Dependent Claims (26, 27, 28)
- - 26. A device as in claim 25, wherein said device further comprises a memory disaster protection circuit for stopping an attacker from impersonating said device.
  - 27. A device as in claim 25, further comprising a re-initialization circuit for reinitializing said device to an operative state following said device being zeroized in response to said tampering event.
  - 28. A device as in claim 25, wherein said reinitialization circuit employs symmetric keys.

29. A method for a certifying authority to certify an untampered state of a device, said method comprising:
- providing a tamper circuit being responsive to a tampering phenomenon;
  
  a certifying authority determining an occurrence of said phenomenon, said certifying authority having an authority public key known to said device;
  
  generating a device key pair for said device, said device key pair including a device private key and a device public key which are stored in said memory;
  
  exporting said device public key to said certifying authority;
  
  enabling said certifying authority to perform a verification that said device public key emerged from said device, and that said device was not attacked by said tampering phenomenon, and whereupon said verification being successful said certifying authority certifying that said device is in an untampered state;
  
  regenerating a new key pair in response to a predetermined event;
  
  generating a certificate certifying authenticity of said new key pair;
  
  ensuring that said device certificate is available to a user to whom the device wishes to be authenticated by the certifying authority sending said certificate to the device; and
  
  said device authenticating that said certificate came from said certifying authority using a secret key authenticating technique.

30. A method for certifying a device, comprising:
- generating a first key pair for said device, said first key pair including a first private key and a first public key;
  
  exporting said first public key to a certifying authority;
  
  said certifying authority certifying said device;
  
  generating a second key pair in response to a predetermined event, the second key pair including a second private key and a second public key; and
  
  digitally signing data comprising the second public key with the first private key, wherein the device is issued a first certificate that has a finite life, and recertification is performed at predetermined intervals prior to an end of said finite life.
- View Dependent Claims (31)
- - 31. The method as recited in claim 30, wherein said device uses said second private key to sign a certificate which asserts a change from said first public key to said second public key.

32. A method for certifying a device, comprising:
- generating a first key pair for said device, said first key pair including a first private key and a first public key;
  
  exporting said first public key to a certifying authority;
  
  said certifying authority certifying said device;
  
  generating a second key pair in response to a predetermined event, the second key pair including a second private key and a second public key;
  
  digitally signing data comprising the second public key with the first private key; and
  
  enabling, with a recertifier, said certifying authority to recertify said device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Citibank (South Dakota) NA (Citigroup Incorporated)
Original Assignee
Citibank (South Dakota) NA (Citigroup Incorporated)
Inventors
Rosen, Sholom S.
Primary Examiner(s)
Song; Hosuk

Application Number

US10/145,545
Publication Number

US 20030070080A1
Time in Patent Office

1,947 Days
Field of Search

380/44, 380 46- 47, 380/277, 380/282, 380/285, 713168-170, 713/157, 713175-176
US Class Current

380/44
CPC Class Codes

G06Q 20/02   involving a neutral party, ...

G06Q 20/04   Payment circuits

G06Q 20/06   Private payment circuits, e...

G06Q 20/10   specially adapted for elect...

G06Q 20/12   specially adapted for elect...

G06Q 20/26   Debit schemes, e.g. "pay now"

G06Q 20/341   Active cards, i.e. cards in...

G06Q 20/381   Currency conversion

G06Q 30/06   Buying, selling or leasing ...

G06Q 40/02   Banking, e.g. interest calc...

G07F 17/16   for devices exhibiting adve...

G07F 19/211   Software architecture withi...

G07F 7/082   Features insuring the integ...

G07F 7/0866   by active credit-cards adap...

G07F 7/1008   Active credit-cards provide...

Electronic-monetary system

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

112 Citations

32 Claims

Specification

Solutions

Use Cases

Quick Links

Electronic-monetary system

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

112 Citations

32 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links