Key management technique for establishing a secure channel

US 7,512,800 B2
Filed: 02/03/2004
Issued: 03/31/2009
Est. Priority Date: 02/03/2004
Status: Expired due to Fees

First Claim

Patent Images

1. A method for establishing a secure channel through an indeterminate number of nodes in a network comprising:

enrolling a smart card with a unique key per smart card, the unique key derived from a private key that is assigned and distinctive to systems and a card base of a card issuer, an enrolled smart card containing a stored public entity-identifier and the unique key;

transacting at a point of entry to the network, the transaction creating a PIN encryption key by hashing a keying code that is derived from the smart card unique key and a transaction identifier that uniquely identifies the point of entry and a transaction sequence number;

communicating a PIN point-to-point in encrypted form through a plurality of nodes in the network; and

recovering the PIN at a card issuer server using the PIN encryption key and the card issuer private key.

View all claims

10 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A key management technique establishes a secure channel through an indeterminate number of nodes in a network. The technique comprises enrolling a smart card with a unique key per smart card. The unique key is derived from a private key that is assigned and distinctive to systems and a card base of a card issuer. An enrolled smart card contains a stored public entity-identifier and the secret unique key. The technique further comprises transacting at a point of entry to the network. The transaction creates a PIN encryption key derived from the smart card unique key and a transaction identifier that uniquely identifies the point of entry and transaction sequence number. The technique also comprises communicating the PIN encryption key point-to-point in encrypted form through a plurality of nodes in the network, and recovering the PIN at a card issuer server from the PIN encryption key using the card issuer private key.

27 Citations

View as Search Results

28 Claims

1. A method for establishing a secure channel through an indeterminate number of nodes in a network comprising:
- enrolling a smart card with a unique key per smart card, the unique key derived from a private key that is assigned and distinctive to systems and a card base of a card issuer, an enrolled smart card containing a stored public entity-identifier and the unique key;
  
  transacting at a point of entry to the network, the transaction creating a PIN encryption key by hashing a keying code that is derived from the smart card unique key and a transaction identifier that uniquely identifies the point of entry and a transaction sequence number;
  
  communicating a PIN point-to-point in encrypted form through a plurality of nodes in the network; and
  
  recovering the PIN at a card issuer server using the PIN encryption key and the card issuer private key.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. The method according to claim 1 further comprising:
    - defining public key values (e, N) that are exclusive to a card issuer system and card base, the key value e being a public exponent and the key value N being a modulus in an RSA (Rivest, Shamir, and Adelman Public Key Cryptosystem) system;
      
      defining a private key value d that is exclusive to the card issuer system and card base, the private key value d being a secret RSA private key;
      
      computing a secret key u that is unique to the smart card using an equation of the form;
      
      u=x^d(mod N),where x is an entity-identifier that identifies the smart card and the entity; and
      
      storing the secret key u on the smart card with public key values x, e, and N.
  - 3. The method according to claim 1 further comprising:
    - receiving at an entity-activated terminal an entity-entered Personal Identification Number (PIN) and an entity-inserted smart card;
      
      passing the PIN to the smart card;
      
      computing at the smart card an equation of the form;
      
      K=u·
      
      TSN^H(mod N),where K is a keying code, u is a secret key, TSN is a transaction sequence identifier that identifies the terminal and a sequence number for a transaction originating at the terminal, H is a hash of transaction data elements, and N is a modulus in an RSA (Rivest, Shamir, and Adelman Public Key Cryptosystem) system; and
      
      hashing at the smart card the keying code K to form the PIN encryption key KPE according to an equation of the form;
      
      KPE=h(K),where h( ) is a hashing algorithm.
  - 4. The method according to claim 3 further comprising:
    - hashing at the smart card the keying code K to form an encryption key according to an encryption definition selected from a triple Data Encryption Standard (3-DES) and an Advanced Encryption Standard (AES).
  - 5. The method according to claim 3 further comprising:
    - padding the keying code K with transaction-related data prior to the hash operation h(K).
  - 6. The method according to claim 3 further comprising:
    - deriving the PIN encryption key KPE uniquely as a function of the secret key u for each transaction.
  - 7. The method according to claim 6 further comprising:
    - maintaining the private key value d as a secret known only to the card issuer as the only entity capable of decrypting a cryptogram C.
  - 8. The method according to claim 1 further comprising:
    - receiving an encrypted PIN at a card issuer server;
      
      computing a hash H of transaction data;
      
      computing an RSA (Rivest, Shamir, and Adelman Public Key Cryptosystem) system encryption t of a transaction sequence identifier TSN that identifies a transaction terminal and a sequence number for a transaction originating at the terminal according to an equation of the form;
      
      TSN^e(mod N),where N is a modulus in an RSA system;
      
      computing a cryptogram quantity C using public data according to an equation of the form;
      
      C=x·
      
      t^H(mod N),where x is an entity-identifier that identifies the smart card and the entity;
      
      decrypting the cryptogram quantity C using the private key value d that is exclusive to the card issuer system and card base, the private key value d being a secret RSA private key, the decryption according to an equation of the form;
      
      K=C^d(mod N); and
      
      decrypting the PIN using a PIN encryption key KPE=h(K) where h( ) is a hashing algorithm.
  - 9. The method according to claim 1 further comprising:
    - encrypting the PIN at the smart card.
  - 10. The method according to claim 1 further comprising:
    - receiving at an entity-activated terminal an entity-entered Personal Identification Number (PIN) and an entity-inserted smart card;
      
      passing the PIN to the smart card;
      
      generating a random number r at the smart card that is unique to a transaction;
      
      computing at the smart card an RSA (Rivest, Shamir, and Adelman Public Key Cryptosystem) system encryption t according to an equation of the form
      t=r^e(mod N),where e is the public exponent and N the modulus of the RSA system;
      
      computing at the smart card a hash H of common public transaction data;
      
      computing at the smart card a keying code K and a PIN encryption key KPE according to equations of the form;
      
      K=u·
      
      r^H(mod N), and
      KPE=h(K),where u is a secret key and H is a hash of transaction data elements;
      
      sending the PIN encryption key KPE and RSA system encryption t through the network; and
      
      erasing the random number r.
  - 11. The method according to claim 10 further comprising:
    - receiving a PIN encryption key KPE and encryption t at a card issuer server;
      
      computing a hash H of transaction data;
      
      computing a cryptogram quantity C using public data according to an equation of the form;
      
      C=x·
      
      t^H(mod N),where x is an entity-identifier that identifies the smart card and the entity;
      
      decrypting the cryptogram quantity C using the private key value d that is exclusive to the card issuer system and card base, the private key value d being a secret RSA private key, the decryption according to an equation of the form;
      
      K=C^d(mod N); and
      
      decrypting the PIN using the PIN encryption key KPE=h(K) where h( )is a hashing algorithm.
  - 12. The method according to claim 1 further comprising:
    - computing at the smart card a hash H of transaction data;
      
      communicating the transaction data hash to a card issuer server;
      
      computing at the card issuer server a hash of transaction data; and
      
      verifying the communicated hash with the server-computed hash for authentication and integrity checking.

13. A data security apparatus comprising:
- a smart card that establishes a secure channel through an indeterminate number of nodes in a network comprising;
  
  an interface for communicating with a card reader and/or writer;
  
  a processor coupled to the interface; and
  
  a memory coupled to the processor that stores a public entity-identifier and a secret unique key derived from a private key that is assigned and distinctive to systems and a card base of a card issuer, the memory further comprising;
  
  a computable readable program code embodied therein that creates a PIN encryption key derived from the smart card unique key and a transaction identifier that uniquely identifies a point of entry and transaction sequence number;
  
  a computable readable program code causing the processor to receive an entity-entered Personal Identification Number (PIN);
  
  a computable readable program code causing the processor to compute an equation of the form;
  
  K=u·
  
  TSN^H(mod N),where K is a keying code, u is a secret key, TSN is a transaction sequence identifier that identifies the point of entry and a sequence number for a transaction originating at the terminal, H is a hash of transaction data elements, and N is a modulus in an RSA (Rivest, Shamir, and Adelman Public Key Cryptosystem) system; and
  
  a computable readable program code causing the processor to hash the keying code K to form the PIN encryption key KPE according to an equation of the form;
  
  KPE=h(k),where h( ) is a hashing algorithm.
- View Dependent Claims (14, 15, 16, 17)
- - 14. The apparatus according to claim 13 further comprising:
    - a secret unique key u stored in the memory with public key values x, e, and N where x is an entity-identifier that identifies the smart card and the entity, key value e is a public exponent and key value N is a modulus in an RSA (Rivest, Shamir, and Adelman Public Key Cryptosystem) system, the public key values (e, N) being exclusive to a card issuer system and card base;
      
      wherein the secret key u is unique to the smart card and computed using an equation of the form;
      
      u=x^d(mod N),where a private key value d is exclusive to the card issuer system and card base, the private key value d being a secret RSA private key.
  - 15. The apparatus according to claim 13 wherein the memory further comprises:
    - a computable readable program code causing the processor to hash the keying code K to form an encryption key according to an encryption definition selected from a triple Data Encryption Standard (3-DES) and an Advanced Encryption Standard (AES).
  - 16. The apparatus according to claim 13 wherein the memory further comprises:
    - a computable readable program code causing the processor to pad the keying code K with transaction-related data prior to the hash operation h(K).
  - 17. The apparatus according to claim 13 wherein the memory further comprises:
    - a computable readable program code causing the processor to hash transaction data elements and communicate the hash point-to-point to a card issuer enabling simultaneous key management and integrity checking.

18. A data security apparatus comprising:
- an enrollment system that establishes a secure channel through an indeterminate number of nodes in a network, the enrollment system comprising;
  
  a communication interface for communicating with a writer configured to accept a smart card;
  
  a processor coupled to the communication interface; and
  
  a memory coupled to the processor and having a computable readable program code embodied therein causing the processor to initialize and personalize the smart card with a unique key per smart card, the unique key derived from a private key that is assigned and distinctive to systems and a card base of a card issuer, the unique key for usage by the smart card to create a PIN encryption key computed by an equation of the form
  K=u·
  
  TSN^H(mod N),where K is a keying code, u is a secret key, TSN is a transaction sequence identifier that identifies a terminal and a sequence number for a transaction originating at the terminal, H is a hash of transaction data elements, and N is a modulus in an RSA (Rivest, Shamir, and Adelman Public Key Cryptosystem) system; and
  
  the smart card hashes the keying code K to form the PIN encryption key KPE according to an equation of the form;
  
  KPE=h(k),where h( ) is a hashing algorithm.
- View Dependent Claims (19, 20)
- - 19. The apparatus according to claim 18 wherein the memory further comprises:
    - a computable readable program code causing the processor to write to an enrolled smart card a stored public entity-identifier and the secret unique key.
  - 20. The apparatus according to claim 18 wherein the memory further comprises:
    - a computable readable program code causing the processor to define public key values (e, N) that are exclusive to the card issuer system and card base, the key value e being a public exponent and the key value N being a modulus in an RSA (Rivest, Shamir, and Adelman Public Key Cryptosystem) system;
      
      a computable readable program code causing the processor to define a private key value d that is exclusive to the card issuer system and card base, the private key value d being a secret RSA private key;
      
      a computable readable program code causing the processor to compute a secret key u that is unique to the smart card using an equation of the form;
      
      u=x^d(mod N),where x is an entity-identifier that identifies the smart card and the entity; and
      
      a computable readable program code causing the processor to store the secret key u on the smart card with public key values x, e, and N.

21. A data security apparatus comprising:
- a card issuer server that establishes a secure channel through an indeterminate number of nodes in a network, the card issuer server comprising;
  
  a communication interface for communicating with the network;
  
  a processor coupled to the communication interface; and
  
  a memory coupled to the processor and having a computable readable program code embodied therein causing the processor to recover a Personal Identification Number (PIN) from an encrypted PIN received via the network using a card issuer private key and a transaction PIN encryption key, the transaction PIN encryption key created by hashing a keying code that is derived from a smart card unique key initialized and personalized to the smart card and derived from the card issuer private key, and a transaction identifier that uniquely identifies a point of entry and a transaction sequence number.
- View Dependent Claims (22, 23, 24, 25)
- - 22. The apparatus according to claim 21 wherein:
    - the smart card unique key is a secret key u that is unique to the smart card and is computed by a card enrollment system using an equation of the form;
      
      u=x^d(mod N),where x is an entity-identifier that identifies the smart card and the entity;
      
      a private key value d is a secret RSA private key, and key value N is a modulus in an RSA (Rivest, Shamir, and Adelman Public Key Cryptosystem) system, the key values d and N being exclusive to a card issuer system and card base.
  - 23. The apparatus according to claim 21 wherein the memory further comprises:
    - a computable readable program code causing the processor to receive a PIN encryption key KPE at a card enrollment server;
      
      a computable readable program code causing the processor to compute a hash H of transaction data;
      
      a computable readable program code causing the processor to compute an RSA (Rivest, Shamir, and Adelman Public Key Cryptosystem) system encryption t of a transaction sequence identifier TSN that identifies a transaction terminal and a sequence number for a transaction originating at the terminal according to an equation of the form;
      
      t=TSN^e(mod N),where N is a modulus in an RSA system;
      
      a computable readable program code causing the processor to compute a cryptogram quantity C using public data according to an equation of the form;
      
      C=x·
      
      t^H(mod N),where x is an entity-identifier that identifies the smart card and the entity;
      
      a computable readable program code causing the processor to decrypt the cryptogram quantity C using the private key value d that is exclusive to the card issuer system and card base, the private key value d being a secret RSA private key, the decryption according to an equation of the form;
      
      K=C^d(mod N); and
      
      a computable readable program code causing the processor to decrypt the PIN using the PIN encryption key KPE=h(K) where h( )is a hashing algorithm.
  - 24. The apparatus according to claim 21 wherein the memory further comprises:
    - a computable readable program code causing the processor to receive a PIN encryption key KPE and encryption t;
      
      a computable readable program code causing the processor to compute a hash H of transaction data;
      
      a computable readable program code causing the processor to compute a cryptogram quantity C using public data according to an equation of the form;
      
      C=x·
      
      t^H(mod N),where x is an entity-identifier that identifies the smart card and the entity;
      
      a computable readable program code causing the processor to decrypt the cryptogram quantity C using the private key value d that is exclusive to the card issuer system and card base, the private key value d being a secret RSA private key, the decryption according to an equation of the form;
      
      K=C^d(mod N); and
      
      a computable readable program code causing the processor to decrypt the PIN using the PIN encryption key KPE=h(K) where h( )is a hashing algorithm.
  - 25. The apparatus according to claim 21 wherein the memory further comprises:
    - a computable readable program code causing the processor to hash transaction data elements and compare the hash to a hash received point-to-point from a smart card enabling simultaneous key management and integrity checking.

26. A transaction system comprising:
- a network;
  
  a plurality of servers and/or hosts mutually coupling to the network;
  
  a plurality of terminals coupled to the servers and/or hosts via the network and available for transacting;
  
  a plurality of smart cards enrolled in the transaction system and adapted for insertion into the terminals and transacting via the servers and/or hosts; and
  
  a plurality of processors distributed among the smart cards, the servers and/or hosts, and/or the terminals, at least one of the processors establishing a secure channel through an indeterminate number of nodes in the network by communicating, and decrypting a PIN encrypted using a PIN encryption key created by hashing a keying code that is derived from a smart card unique key and a transaction identifier that uniquely identifies a point of entry terminal and a transaction sequence number, the smart card unique key being derived from a private key that is assigned and distinctive to systems and a card base of a card issuer.

27. A transaction system comprising:
- a network;
  
  a plurality of servers and/or hosts mutually coupling to the network;
  
  a plurality of terminals coupled to the servers and/or hosts via the network and available for transacting;
  
  a plurality of smart cards enrolled in the transaction system and adapted for insertion into the terminals and transacting via the servers and/or hosts; and
  
  a plurality of processors distributed among the smart cards, the servers and/or hosts, and/or the terminals, at least one of the processors establishing a secure channel through an indeterminate number of nodes in the network by communicating, and decrypting a PIN encrypted using a PIN encryption key creating by hashing a keying code that is derived from a smart card unique key and a hash of transaction data elements.

28. A transaction system establishing a secure channel through an indeterminate number of nodes in a network comprising:
- means for enrolling a smart card with a unique key per smart card, the unique key being derived from a private key that is assigned and distinctive to systems and a card base of a card issuer, an enrolled smart card containing a stored public entity-identifier and the unique key;
  
  means for transacting at a point of entry to the network, the transaction creating a PIN encryption key by hashing a keying code that is derived from the smart card unique key and a transaction identifier that uniquely identifies the point of entry and a transaction sequence number;
  
  means for communicating a PIN point-to-point in encrypted form through a plurality of nodes in the network; and
  
  means for recovering the PIN at a card issuer server using the PIN encryption key and the card issuer private key.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Micro Focus LLC (Open Text Corporation)
Original Assignee
Hewlett-Packard Development Company, L.P. (HP Inc.)
Inventors
Hopkins, W. Dale
Primary Examiner(s)
Simitoski; Michael J

Application Number

US10/772,065
Publication Number

US 20050172137A1
Time in Patent Office

1,883 Days
Field of Search

713/159, 713/172, 713/184, 713/185, 726/9, 726/20, 726/28, 380/30, 705/65, 705/66, 705/67, 705/72
US Class Current

713/172
CPC Class Codes

G06Q 20/02   involving a neutral party, ...

G06Q 20/341   Active cards, i.e. cards in...

G06Q 20/367   involving electronic purses...

G06Q 20/3672   initialising or reloading t...

G06Q 20/3674   involving authentication

G06Q 20/3829   involving key management

G06Q 20/385   using an alias or single-us...

G06Q 20/4012   Verifying personal identifi...

G06Q 20/40975   using encryption therefor

G07F 7/1008   Active credit-cards provide...

G07F 7/1016   Devices or methods for secu...

H04L 2209/56   Financial cryptography, e.g...

H04L 9/0825   using asymmetric-key encryp...

H04L 9/0866   involving user or device id...

H04L 9/0877   using additional device, e....

H04L 9/302   involving the integer facto...

Key management technique for establishing a secure channel

First Claim

10 Assignments

0 Petitions

Accused Products

Abstract

27 Citations

28 Claims

Specification

Solutions

Use Cases

Quick Links

Key management technique for establishing a secure channel

First Claim

10 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

27 Citations

28 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links