Electronic-monetary system
First Claim
1. A device having an input and an output, said device comprising:
- a memory;
a certifying authority having an authority public key known to said device;
a key pair generator which generates a device key pair for said device, said device key pair includes a device private key and a device public key which are stored in said memory, said device key pair generator is capable of exporting said device public key via said output to said certifying authority such that said certifying authority is enabled to perform a verification that said device public key emerged from said device, and that said device was not attacked by a tampering phenomenon, and whereupon said verification being successful said certifying authority is able to certify that said device is in an untampered state, wherein said device key pair generator regenerates a new key pair in response to a predetermined event; and
a certificate which certifies an authenticity of said new key pair, wherein the secure device is issued a first certificate that has a finite life, and said recertification is performed at predetermined intervals prior to an end of said finite life.
1 Assignment
0 Petitions
Accused Products
Abstract
An improved monetary system using electronic media to exchange economic value securely and reliably is disclosed. The system provides a complete monetary system having electronic money that is interchangeable with conventional paper money. Also disclosed is a system for open electronic commerce having a customer trusted agent securely communicating with a first money module, and a merchant trusted agent securely communicating with a second money module. Both trusted agents are capable of establishing a first cryptographically secure session, and both money modules are capable of establishing a second cryptographically secure session. The merchant trusted agent transfers electronic merchandise to the customer trusted agent, and the first money module transfers electronic money to the second money module. The money modules inform their trusted agents of the successful completion of payment, and the customer may use the purchased electronic merchandise.
112 Citations
32 Claims
-
1. A device having an input and an output, said device comprising:
- a memory;
a certifying authority having an authority public key known to said device;
a key pair generator which generates a device key pair for said device, said device key pair includes a device private key and a device public key which are stored in said memory, said device key pair generator is capable of exporting said device public key via said output to said certifying authority such that said certifying authority is enabled to perform a verification that said device public key emerged from said device, and that said device was not attacked by a tampering phenomenon, and whereupon said verification being successful said certifying authority is able to certify that said device is in an untampered state, wherein said device key pair generator regenerates a new key pair in response to a predetermined event; and
a certificate which certifies an authenticity of said new key pair, wherein the secure device is issued a first certificate that has a finite life, and said recertification is performed at predetermined intervals prior to an end of said finite life. - View Dependent Claims (2, 3, 4)
- a memory;
-
5. A method for a certifying authority to certify an untampered state of a device, said method comprising:
- a certifying authority having an authority public key known to said device;
generating a device key pair for said device, said device key pair including a device private key and a device public key which are stored in said memory;
exporting said device public key to said certifying authority;
enabling said certifying authority to perform a verification that said device public key emerged from said device, and that said device was not attacked by a tampering phenomenon, and whereupon said verification being successful said certifying authority certifying that said device is in an untampered state;
regenerating a new key pair in response to a predetermined event;
generating a certificate certifying authenticity of said new key pair;
ensuring that said certificate is available to a user to whom the device wishes to be authenticated by the certifying authority sending said certificate to the device; and
said device authenticating that said certificate came from said certifying authority, wherein authenticating is implemented using a secret key authenticating technique.
- a certifying authority having an authority public key known to said device;
-
6. A device having an input and an output, said device comprising:
- a memory;
a tamper circuit coupled to said memory and being responsive to a tampering phenomenon, such that a certifying authority can determine an occurrence of said phenomenon, said certifying authority having an authority public key known to said device;
a key pair generator which generates a device key pair for said device, said device key pair includes a device private key and a device public key which are stored in said memory, said device key pair generator is capable of exporting said device public key via said output to said certifying authority such that said certifying authority is enabled to perform a verification that said device public key emerged from said device, and that said device was not attacked by said tampering phenomenon, and whereupon said verification being successful said certifying authority is able to certify that said device is in an untampered state, wherein said device key pair generator regenerates a new key pair in response to a predetermined event;
wherein said device digitally signs a public key of the new key pair using the device private key of the device key pair, and wherein the secure device is issued a first certificate that has a finite life, and said recertification is performed at predetermined intervals prior to an end of said finite life. - View Dependent Claims (7, 8)
- a memory;
-
9. A method for a certifying authority to certify an untampered state of a device, said method comprising:
- providing a tamper circuit being responsive to a tampering phenomenon;
a certifying authority determining an occurrence of said phenomenon, said certifying authority having an authority public key known to said device;
generating a device key pair for said device, said device key pair including a device private key and a device public key which are stored in said memory;
exporting said device public key to said certifying authority;
enabling said certifying authority to perform a verification that said device public key emerged from said device, and that said device was not attacked by said tampering phenomenon, and whereupon said verification being successful said certifying authority certifying that said device is in an untampered state;
regenerating a new key pair in response to a predetermined event;
digitally signing a public key of the new key pair using the device private key of the device key pair;
ensuring that said device certificate is available to a user to whom the device wishes to be authenticated; and
said device authenticating that said certificate came from said certifying authority, wherein said step of authenticating is implemented using a secret key authenticating technique.
- providing a tamper circuit being responsive to a tampering phenomenon;
-
10. A device having an input and an output, said device comprising:
- a memory;
said certifying authority having an authority public key known to said device;
a key pair generator which generates a device key pair for said device, said device key pair includes a device private key and a device public key which are stored in said memory, said device key pair generator is capable of exporting said device public key via said output to said certifying authority such that said certifying authority is enabled to perform a verification that said device public key emerged from said device, wherein said device key pair generator regenerates a new key pair in response to a predetermined event;
wherein said device digitally signs a public key of the new key pair using the device private key of the device key pair, wherein the secure device is issued a first certificate that has a finite life, and said recertification is performed at predetermined intervals prior to an end of said finite life. - View Dependent Claims (11, 12)
- a memory;
-
13. A device having an input and an output, said device comprising:
- a memory;
said certifying authority having an authority public key known to said device;
a key pair generator which generates a device key pair for said device, said device key pair includes a device private key and a device public key which are stored in said memory, said device key pair generator is capable of exporting said device public key via said output to said certifying authority such that said certifying authority is enabled to perform a verification that said device public key emerged from said device, wherein said device key pair generator regenerates a new key pair in response to a predetermined event;
wherein said device digitally signs a public key of the new key pair using the device private key of the device key pair, and a recertifier for enabling said certifying authority to recertify said device.
- a memory;
-
14. A method for a certifying authority to certify an untampered state of a device, said method comprising:
- a certifying authority having an authority public key known to said device;
generating a device key pair for said device, said device key pair including a device private key and a device public key which are stored in said memory;
exporting said device public key to said certifying authority;
enabling said certifying authority to perform a verification that said device public key emerged from said device, regenerating a new key pair in response to a predetermined event;
digitally signing a public key of the new key pair using the device private key of the device key pair;
ensuring that said device certificate is available to a user to whom the device wishes to be authenticated by the certifying authority sending said certificate to the device; and
said device authenticating that said certificate came from said certifying authority by using a secret key authenticating technique.
- a certifying authority having an authority public key known to said device;
-
15. A device having an input and an output, said device comprising:
- a memory;
a tamper circuit coupled to said memory and being responsive to a tampering phenomenon, such that a certifying authority can determine an occurrence of said phenomenon, said certifying authority having an authority public key known to said device;
a key pair generator which generates a device key pair for said device, said device key pair includes a device private key and a device public key which are stored in said memory, said device key pair generator is capable of exporting said device public key via said output to said certifying authority such that said certifying authority is enabled to perform a verification that said device public key emerged from said device, and that said device was not attacked by said tampering phenomenon, and whereupon said verification being successful said certifying authority is able to certify that said device is in an untampered state, wherein said device key pair generator regenerates a new key pair in response to a predetermined event;
a certificate which certifies an authenticity of said new key pair; and
a zeroizing circuit capable of erasing a portion of said memory upon said tamper circuit detecting an occurrence of said tampering phenomenon. - View Dependent Claims (16)
- a memory;
-
17. A device having an input and an output, said device comprising:
- a memory;
a tamper circuit coupled to said memory and being responsive to a tampering phenomenon, such that a certifying authority can determine an occurrence of said phenomenon, said certifying authority having an authority public key known to said device;
a key pair generator which generates a device key pair for said device, said device key pair includes a device private key and a device public key which are stored in said memory, said device key pair generator is capable of exporting said device public key via said output to said certifying authority such that said certifying authority is enabled to perform a verification that said device public key emerged from said device, and that said device was not attacked by said tampering phenomenon, and whereupon said verification being successful said certifying authority is able to certify that said device is in an untampered state, wherein said device key pair generator regenerates a new key pair in response to a predetermined event;
a certificate which certifies an authenticity of said new key pair; and
a recertifier for enabling said certifying authority to authenticate said untampered state, provide a recertification of said untampered state, and attest to said public key. - View Dependent Claims (18)
- a memory;
-
19. A device having an input and an output, said device comprising:
- a memory;
a tamper circuit coupled to said memory and being responsive to a tampering phenomenon, such that a certifying authority can determine an occurrence of said phenomenon, said certifying authority having an authority public key known to said device;
a key pair generator which generates a device key pair for said device, said device key pair includes a device private key and a device public key which are stored in said memory, said device key pair generator is capable of exporting said device public key via said output to said certifying authority such that said certifying authority is enabled to perform a verification that said device public key emerged from said device, and that said device was not attacked by said tampering phenomenon, and whereupon said verification being successful said certifying authority is able to certify that said device is in an untampered state, wherein said device key pair generator regenerates a new key pair in response to a predetermined event; and
a certificate which certifies an authenticity of said new key pair, wherein said device uses said device private key to sign said certificate which asserts a change from said public key to a new public key. - View Dependent Claims (20, 21, 22)
- a memory;
-
23. A device having an input and an output, said device comprising:
- a memory;
a tamper circuit coupled to said memory and being responsive to a tampering phenomenon, such that a certifying authority can determine an occurrence of said phenomenon, said certifying authority having an authority public key known to said device;
a key pair generator which generates a device key pair for said device, said device key pair includes a device private key and a device public key which are stored in said memory, said device key pair generator is capable of exporting said device public key via said output to said certifying authority such that said certifying authority is enabled to perform a verification that said device public key emerged from said device, and that said device was not attacked by said tampering phenomenon, and whereupon said verification being successful said certifying authority is able to certify that said device is in an untampered state, wherein said device key pair generator regenerates a new key pair in response to a predetermined event; and
a certificate which certifies an authenticity of said new key pair, wherein said tampering phenomenon is such as to cause the device to undergo an action that triggers tamper-response zeroization.
- a memory;
-
24. A device having a memory which includes data required to be erased upon a tampering attempt, said device comprising:
- a tamper responsive circuit having an enabling capability;
a certifying authority;
an initialization circuit wherein said certifying authority enables said tamper responsive circuit using said enabling capability;
a first key pair generator for generating a public key made available to a plurality of third party users, and for generating a private key retained in said memory;
a certification circuit for exporting said public key to said certifying authority to enable said certifying authority to verify said public key, to certify that said public key emerged from said device, and to certify that said device is untampered;
a key pair regenerator for forming a new key pair, upon an occurrence of a predetermined event, where said key pair includes a new public key and a new private key; and
a recertifier for exporting said new public key to said certifying authority such as to enable said certifying authority to verify said new public key and certify that said new public key emerged from said device and that said device is untampered.
- a tamper responsive circuit having an enabling capability;
-
25. A device having a memory which includes data required to be erased upon a tampering attempt said device comprising:
- a tamper responsive circuit having an enabling capability;
a certifying authority;
an initialization circuit wherein said certifying authority enables said tamper responsive circuit using said enabling capability;
a first key pair generator for generating a public key made available to a plurality of third party users, and for generating a private key retained in said memory;
a certification circuit for exporting said public key to said certifying authority to enable said certifying authority to verify said public key, to certify that said public key emerged from said device, and to certify that said device is untampered; and
a key pair regenerator for forming a new key pair, upon an occurrence of a predetermined event, where said key pair includes a new public key and a new private key, wherein at least a portion of said memory is zeroized upon said tamper responsive circuit detecting a tampering event. - View Dependent Claims (26, 27, 28)
- a tamper responsive circuit having an enabling capability;
-
29. A method for a certifying authority to certify an untampered state of a device, said method comprising:
- providing a tamper circuit being responsive to a tampering phenomenon;
a certifying authority determining an occurrence of said phenomenon, said certifying authority having an authority public key known to said device;
generating a device key pair for said device, said device key pair including a device private key and a device public key which are stored in said memory;
exporting said device public key to said certifying authority;
enabling said certifying authority to perform a verification that said device public key emerged from said device, and that said device was not attacked by said tampering phenomenon, and whereupon said verification being successful said certifying authority certifying that said device is in an untampered state;
regenerating a new key pair in response to a predetermined event;
generating a certificate certifying authenticity of said new key pair;
ensuring that said device certificate is available to a user to whom the device wishes to be authenticated by the certifying authority sending said certificate to the device; and
said device authenticating that said certificate came from said certifying authority using a secret key authenticating technique.
- providing a tamper circuit being responsive to a tampering phenomenon;
-
30. A method for certifying a device, comprising:
- generating a first key pair for said device, said first key pair including a first private key and a first public key;
exporting said first public key to a certifying authority;
said certifying authority certifying said device;
generating a second key pair in response to a predetermined event, the second key pair including a second private key and a second public key; and
digitally signing data comprising the second public key with the first private key, wherein the device is issued a first certificate that has a finite life, and recertification is performed at predetermined intervals prior to an end of said finite life. - View Dependent Claims (31)
- generating a first key pair for said device, said first key pair including a first private key and a first public key;
-
32. A method for certifying a device, comprising:
- generating a first key pair for said device, said first key pair including a first private key and a first public key;
exporting said first public key to a certifying authority;
said certifying authority certifying said device;
generating a second key pair in response to a predetermined event, the second key pair including a second private key and a second public key;
digitally signing data comprising the second public key with the first private key; and
enabling, with a recertifier, said certifying authority to recertify said device.
- generating a first key pair for said device, said first key pair including a first private key and a first public key;
Specification