Secure communications and control in a fueling environment

US 7,636,840 B2
Filed: 03/04/2005
Issued: 12/22/2009
Est. Priority Date: 07/10/2002
Status: Active Grant

First Claim

Patent Images

1. A first node within a fueling environment with secure communication, the first node:

generating a first public key and a first private key associated with the first node;

publishing the first public key within the fueling environment;

authenticating a second node within the fueling environment using, at least in part, a second public key associated with the second node and the first public and the first private keys;

dynamically generating a run-time symmetric key using, at least in part, the first private key and the second public key, the symmetric key comprising a localized key for the first node such that it is not communicated to other nodes; and

communicating data associated with the fueling environment to the authenticated second node, the data encrypted using the symmetric key and operable to be decrypted by the second node using, at least in part, a second symmetric key localized at the second node.

View all claims

12 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and system for secure communication and control in a fueling environment. In one aspect, the fueling environment with secure communication comprises a fuel dispenser and at least one node communicable coupled with the fuel dispenser. The fuel dispenser is operable to generate a first public key and a first private key associated with the fuel dispenser and publish the first public key within the fueling environment. The fuel dispenser is further operable to authenticate a particular one of the nodes using, at least in part, a second public key associated with the particular node and the first public and the first private keys. The fuel dispenser may then dynamically generate a run-time symmetric key using, at least in part, the first private key and the second public key and communicate data associated with the fueling environment to the authenticated node, with the data encrypted using the symmetric key.

Citations

28 Claims

1. A first node within a fueling environment with secure communication, the first node:
- generating a first public key and a first private key associated with the first node;
  
  publishing the first public key within the fueling environment;
  
  authenticating a second node within the fueling environment using, at least in part, a second public key associated with the second node and the first public and the first private keys;
  
  dynamically generating a run-time symmetric key using, at least in part, the first private key and the second public key, the symmetric key comprising a localized key for the first node such that it is not communicated to other nodes; and
  
  communicating data associated with the fueling environment to the authenticated second node, the data encrypted using the symmetric key and operable to be decrypted by the second node using, at least in part, a second symmetric key localized at the second node.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. The first node of claim 1, wherein the first node comprises a customer access terminal (CAT) associated with a fuel dispenser.
  - 3. The first node of claim 1, wherein the first node comprises a point-of-sale (POS) system and the second node comprises a fuel dispenser.
  - 4. The first node of claim 1, wherein the first node comprises a site server and the second node comprises a fuel dispenser.
  - 5. The first node of claim 1, each of the first public key and the second public key associated with a certificate from a certificate authority.
  - 6. The first node of claim 1, wherein authenticating the second node within the fueling environment comprises:
    - generating first pseudo-random data;
      
      encrypting the first pseudo-random data using the second public key;
      
      communicating the encrypted first pseudo-random data to the second node;
      
      receiving an encrypted second pseudo-random data, the second pseudo-random data encrypted using the first public key;
      
      decrypting the encrypted second pseudo-random data using the first private key; and
      
      authenticating the second node by comparing the first pseudo-random data and the second pseudo-random data.
  - 7. The first node of claim 6, the first node:
    - receiving an encrypted third pseudo-random data, the third pseudo-random data encrypted using the first public key;
      
      decrypting the encrypted third pseudo-random data using the first private key;
      
      hashing a user ID/password combination associated with the second node;
      
      adding third pseudo-random data to the hashed combination to generate a request verification message;
      
      encrypting the request verification message using the second public key;
      
      communicating the encrypted request verification message to the second node; and
      
      receiving a verification message indicating that the user ID/password combination is valid.
  - 8. The first node of claim 6, the first node:
    - hashing a user ID/password combination associated with the first node;
      
      generating third pseudo-random data;
      
      encrypting the third pseudo-random data using the second public key;
      
      communicating the encrypted third pseudo-random data to the second node;
      
      receiving an encrypted fourth pseudo-random data, the fourth pseudo-random data encrypted using the first public key;
      
      decrypting the encrypted fourth pseudo-random data using the first private key;
      
      subtracting the third pseudo-random data from the decrypted fourth pseudo-random data to determine the second node'"'"'s verification request; and
      
      verifying that the second node has the valid user ID/password combination by comparing the hashed combination and the verification request.
  - 9. The first node of claim 1, wherein dynamically generating the run-time symmetric key using, at least in part, the first private key and the second public key comprises:
    - identifying a symmetric key algorithm;
      
      generating first pseudo-random data;
      
      encrypting the first pseudo-random data using the second public key;
      
      communicating the encrypted first pseudo-random data to the second node;
      
      receiving an encrypted second pseudo-random data, the second pseudo-random data encrypted using the first public key;
      
      decrypting the encrypted second pseudo-random data using the first private key;
      
      generating a symmetric key using the identified symmetric key algorithm on the first pseudo-random data and the second pseudo-random data;
      
      whereby communicating data associated with the fueling environment to the authenticated node comprises transmitting at least one encrypted communication between the first node and the second node, the communication encrypted using the symmetric key.
  - 10. The first node of claim 9, wherein identifying the symmetric key algorithm comprises the first node:
    - communicating information associated with a plurality of symmetric key algorithms to the second node, the information comprising at least an identifier of each of the symmetric key algorithms; and
      
      receiving a selection of a particular one of the plurality of symmetric key algorithms from the second node.
  - 11. The first node of claim 1, the first node dynamically generating a second run-time symmetric key using, at least in part, the first private key and the second public key for at least one encrypted communication between the first node and the second node after a power reset of the first node or a power reset of the second node.
  - 12. The first node of claim 1, the symmetric key associated with an expiration date and the first node dynamically generating a second run-time symmetric key using, at least in part, the first private key and the second public key for at least one encrypted communication between the first node and the second node after expiration of the first symmetric key.

13. A computer implemented method for secure intranodal communication within a fueling environment comprising the following method steps using one or more processors:
- generating a first public key associated with a first node;
  
  publishing the first public key within the fueling environment;
  
  authenticating a second node within the fueling environment using, at least in part, a second public key associated with the second node and the first public and the first private keys;
  
  dynamically generating a run-time symmetric key using, at least in part, the first private key and the second public key, the symmetric key comprising a localized key for the first node such that it is not communicated to other nodes; and
  
  communicating data associated with the fueling environment to the authenticated second node, the data encrypted using the symmetric key and operable to be decrypted by the second node using, at least in part, a second symmetric key localized at the second node.
- View Dependent Claims (14, 15, 16, 17, 18, 19, 20)
- - 14. The method of claim 13, wherein authenticating the second node within the fueling environment comprises:
    - generating first pseudo-random data;
      
      encrypting the first pseudo-random data using the second public key;
      
      communicating the encrypted first pseudo-random data to the second node;
      
      receiving an encrypted second pseudo-random data, the second pseudo-random data encrypted using the first public key;
      
      decrypting the encrypted second pseudo-random data using the first private key; and
      
      authenticating the second node by comparing the first pseudo-random data and the second pseudo-random data.
  - 15. The method of claim 14, further comprising:
    - receiving an encrypted third pseudo-random data, the third pseudo-random data encrypted using the first public key;
      
      decrypting the encrypted third pseudo-random data using the first private key;
      
      hashing a user ID/password combination associated with the second node;
      
      adding third pseudo-random data to the hashed combination to generate a request verification message;
      
      encrypting the request verification message using the second public key;
      
      communicating the encrypted request verification message to the second node; and
      
      receiving a verification message indicating that the user ID/password combination is valid.
  - 16. The method of claim 14, further comprising:
    - hashing a user ID/password combination associated with the first node;
      
      generating third pseudo-random data;
      
      encrypting the third pseudo-random data using the second public key;
      
      communicating the encrypted third pseudo-random data to the second node;
      
      receiving an encrypted fourth pseudo-random data, the fourth pseudo-random data encrypted using the first public key;
      
      decrypting the encrypted fourth pseudo-random data using the first private key;
      
      subtracting the third pseudo-random data from the decrypted fourth pseudo-random data to determine the second node'"'"'s verification request; and
      
      verifying that the second node has the valid user ID/password combination by comparing the hashed combination and the verification request.
  - 17. The method of claim 13, wherein dynamically generating the run-time symmetric key using, at least in part, the first private key and the second public key comprises:
    - identifying a symmetric key algorithm;
      
      generating first pseudo-random data;
      
      encrypting the first pseudo-random data using the second public key;
      
      communicating the encrypted first pseudo-random data to the second node;
      
      receiving an encrypted second pseudo-random data, the second pseudo-random data encrypted using the first public key;
      
      decrypting the encrypted second pseudo-random data using the first private key;
      
      generating a symmetric key using the identified symmetric key algorithm on the first pseudo-random data and the second pseudo-random data;
      
      whereby communicating data associated with the fueling environment to the authenticated node comprises;
      
      transmitting at least one encrypted communication to the second node, the communication encrypted using the symmetric key; and
      
      expiring the symmetric key after communicating the one or more encrypted communications.
  - 18. The method of claim 17, wherein identifying the symmetric key algorithm comprises:
    - communicating information associated with a plurality of symmetric key algorithms to the second node, the information comprising at least an identifier of each of the symmetric key algorithms; and
      
      receiving a selection of a particular one of the plurality of symmetric key algorithms from the second node.
  - 19. The method of claim 13, further comprising dynamically generating a second run-time symmetric key using, at least in part, the first private key and the second public key for at least one encrypted communication between the first node and the second node after a power reset of the first node or a power reset of the second node.
  - 20. The method of claim 13, the symmetric key associated with an expiration date and the method further comprising dynamically generating a second run-time symmetric key using, at least in part, the first private key and the second public key for at least one encrypted communication between the first node and the second node after expiration of the first symmetric key.

21. A fueling environment with secure communication comprising:
- a fuel dispenser; and
  
  at least one node communicably coupled with the fuel dispenser;
  
  wherein the fuel dispenser is operable to;
  
  generate a first public key and a first private key associated with the fuel dispenser;
  
  publish the first public key within the fueling environment;
  
  authenticate a particular one of the nodes using, at least in part, a second public key associated with the particular node and the first public and the first private keys;
  
  dynamically generate a run-time symmetric key using, at least in part, the first private key and the second public key, the symmetric key comprising a localized key for the first node such that it is not communicated to other nodes; and
  
  communicate data associated with the fueling environment to the authenticated second node, the data encrypted using the symmetric key and operable to be decrypted by the second node using, at least in part, a second symmetric key localized at the second node.
- View Dependent Claims (22, 23, 24, 25, 26, 27, 28)
- - 22. The fueling environment of claim 21, wherein the fuel dispenser authenticating the particular node within the fueling environment comprises the fuel dispenser:
    - generating first pseudo-random data;
      
      encrypting the first pseudo-random data using the second public key;
      
      communicating the encrypted first pseudo-random data to the node;
      
      receiving an encrypted second pseudo-random data, the second pseudo-random data encrypted using the first public key;
      
      decrypting the encrypted second pseudo-random data using the first private key; and
      
      authenticating the node by comparing the first pseudo-random data and the second pseudo-random data.
  - 23. The fueling environment of claim 22, the fuel dispenser further operable to:
    - receive an encrypted third pseudo-random data, the third pseudo-random data encrypted using the first public key;
      
      decrypt the encrypted third pseudo-random data using the first private key;
      
      hash a user ID/password combination associated with the particular node;
      
      add third pseudo-random data to the hashed combination to generate a request verification message;
      
      encrypt the request verification message using the second public key;
      
      communicate the encrypted request verification message to the node; and
      
      receive a verification message indicating that the user ID/password combination is valid.
  - 24. The fueling environment of claim 22, the fuel dispenser further operable to:
    - hash a user ID/password combination associated with the fuel dispenser;
      
      generate third pseudo-random data;
      
      encrypt the third pseudo-random data using the second public key;
      
      communicate the encrypted third pseudo-random data to the particular node;
      
      receive an encrypted fourth pseudo-random data, the fourth pseudo-random data encrypted using the first public key;
      
      decrypt the encrypted fourth pseudo-random data using the first private key;
      
      subtract the third pseudo-random data from the decrypted fourth pseudo-random data to determine the node'"'"'s verification request; and
      
      verify that the node has the valid user ID/password combination by comparing the hashed combination and the verification request.
  - 25. The fueling environment of claim 21, wherein the fuel dispenser dynamically generating the run-time symmetric key using, at least in part, the first private key and the second public key comprises the fuel dispenser:
    - identifying a symmetric key algorithm;
      
      generating first pseudo-random data;
      
      encrypting the first pseudo-random data using the second public key;
      
      communicating the encrypted first pseudo-random data to the particular node;
      
      receiving an encrypted second pseudo-random data, the second pseudo-random data encrypted using the first public key;
      
      decrypting the encrypted second pseudo-random data using the first private key;
      
      generating a symmetric key using the identified symmetric key algorithm on the first pseudo-random data and the second pseudo-random data; and
      
      whereby communicating data associated with the fueling environment to the authenticated node comprises transmitting at least one encrypted communication between the fuel dispenser and the node, the communication encrypted using the symmetric key.
  - 26. The fueling environment of claim 25, wherein the fuel dispenser identifying the symmetric key algorithm comprises the fuel dispenser:
    - communicating information associated with a plurality of symmetric key algorithms to the particular node, the information comprising at least an identifier of each of the symmetric key algorithms; and
      
      receiving a selection of a particular one of the plurality of symmetric key algorithms from the node.
  - 27. The fueling environment of claim 21, the fuel dispenser dynamically generating a second run-time symmetric key using, at least in part, the first private key and the second public key for at least one encrypted communication between the fuel dispenser and the particular node after a power reset of the fuel dispenser or a power reset of the node.
  - 28. The fueling environment of claim 21, the symmetric key associated with an expiration date and the fuel dispenser dynamically generating a second run-time symmetric key using, at least in part, the first private key and the second public key for at least one encrypted communication between the fuel dispenser and the particular node after expiration of the first symmetric key.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Wayne Fueling Systems LLC (Dover Corporation)
Original Assignee
Dresser Incorporated (Nagano Keiki Company Limited)
Inventors
Tang, Weiming
Primary Examiner(s)
LaForgia; Christian
Assistant Examiner(s)
Jackson; Jenise E

Application Number

US11/074,468
Publication Number

US 20050147250A1
Time in Patent Office

1,754 Days
Field of Search

713/150, 380/277
US Class Current

713/150
CPC Class Codes

G06Q 20/02   involving a neutral party, ...

G06Q 20/04   Payment circuits

G06Q 20/20   Point-of-sale [POS] network...

G06Q 20/3823   combining multiple encrypti...

G07F 13/025   wherein the volume is deter...

Secure communications and control in a fueling environment

First Claim

12 Assignments

0 Petitions

Accused Products

Abstract

Citations

28 Claims

Specification

Solutions

Use Cases

Quick Links

Secure communications and control in a fueling environment

First Claim

12 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

28 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links