Cellular telephone device having authenticating capability
First Claim
1. A cellular telephone, comprising:
- a transceiver for communicating with a cellular telephone service provider;
a telephonic interface for audible communication with a user;
an identity private key and a data descriptor stored in said cellular telephone, said data descriptor comprising attribute data of said cellular telephone, an identity public key, and a digital signature of said attribute data and said identity public key, said identity public key corresponding to said identity private key according to a first public/private key encryption algorithm, said digital signature representing an encryption of data derived from said identity public key and said attribute data, said encryption being according to a second public/private key encryption algorithm using a signature private key;
a digital controller controlling operation of said cellular telephone, wherein said digital controller;
(a) causes said cellular telephone to transmit said data descriptor to a cellular telephone service provider with a request for service;
(b) responsive to a request from said cellular telephone service provider, performs a first data transformation of test data received from said cellular telephone service provider according to said first public/private key encryption algorithm using said identity private key; and
(c) transmits the transformed test data to said cellular telephone service provider for verification as a condition of providing cellular telephone service, said transformed test data being verifiable by said cellular telephone service provider by performing a second data transformation according to said first public/private key encryption algorithm using said identity public key, said identity public key being verifiable by said cellular telephone service provider by decrypting said digital signature according to said second public/private key encryption algorithm using a signature public key.
0 Assignments
0 Petitions
Accused Products
Abstract
A smart chip protection system contains a unique public/private identity key pair and uses a separate public/private signature key pair. The internally stored identity private key can not be read outside the chip. An issuing entity generates a descriptor containing the identity public key, attribute data, and a digital signature of the two, using a signature private key known only to the issuer. The authenticity of the descriptor is verified by decrypting the signature using the signature public key, and comparing the result to source data. An object'"'"'s identity can be verified by requesting the smart chip to perform a data transformation using its identity private key, and performing the complement using the public key. An exemplary embodiment is a cellular telephone, in which a service provider verifies identity of the telephone and correct signature as a condition to providing service.
13 Citations
14 Claims
-
1. A cellular telephone, comprising:
-
a transceiver for communicating with a cellular telephone service provider; a telephonic interface for audible communication with a user; an identity private key and a data descriptor stored in said cellular telephone, said data descriptor comprising attribute data of said cellular telephone, an identity public key, and a digital signature of said attribute data and said identity public key, said identity public key corresponding to said identity private key according to a first public/private key encryption algorithm, said digital signature representing an encryption of data derived from said identity public key and said attribute data, said encryption being according to a second public/private key encryption algorithm using a signature private key; a digital controller controlling operation of said cellular telephone, wherein said digital controller; (a) causes said cellular telephone to transmit said data descriptor to a cellular telephone service provider with a request for service; (b) responsive to a request from said cellular telephone service provider, performs a first data transformation of test data received from said cellular telephone service provider according to said first public/private key encryption algorithm using said identity private key; and (c) transmits the transformed test data to said cellular telephone service provider for verification as a condition of providing cellular telephone service, said transformed test data being verifiable by said cellular telephone service provider by performing a second data transformation according to said first public/private key encryption algorithm using said identity public key, said identity public key being verifiable by said cellular telephone service provider by decrypting said digital signature according to said second public/private key encryption algorithm using a signature public key. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method of operating a cellular telephone, comprising the steps of:
-
receiving a user command to initiate a telephonic communication using said cellular telephone; responsive to receiving said user command, transmitting a request for service to a cellular telephone service provider, said request for service including a data descriptor, said data descriptor comprising attribute data of said cellular telephone, an identity public key, and a digital signature of said attribute data and said identity public key, said identity public key corresponding to an identity private key in said cellular telephone according to a first public/private key encryption algorithm, said digital signature representing an encryption of data derived from said identity public key and said attribute data, said encryption being according to a second public/private key encryption algorithm using a signature private key; receiving a request from said cellular telephone service provider to perform a data transformation of test data, said test data being generated by said cellular telephone service provider using said identity public key; responsive to said request from said cellular telephone service provider, performing a first data transformation of said test data received from said cellular telephone service provider according to said first public/private key encryption algorithm using said identity private key to produce transformed test data; and transmitting said transformed test data to said cellular telephone service provider for verification as a condition of providing cellular telephone service, said transformed test data being verifiable by said cellular telephone service provider by performing a second data transformation according to said first public/private key encryption algorithm using said identity public key, said identity public key being verifiable by said cellular telephone service provider by decrypting said digital signature according to said second public/private key encryption algorithm using a signature public key. - View Dependent Claims (9, 10, 11, 12)
-
-
13. A cellular telephone, comprising:
-
a transceiver for communicating with a service provider; a telephonic interface for audible communication with a user; a digital protection system implemented as a single integrated circuit chip within said cellular telephone, said digital protection system having an external interface for receiving data requests, an internal data storage, and an internal processor coupled to said external interface and said internal data storage, said internal data storage of said digital protection system storing an identity private key which is inaccessible outside said external interface to said digital protection system, said identity private key corresponding to an identity public key according to a first public/private key encryption algorithm, said digital protection system further performing a first data transformation according to said first public/private key encryption algorithm; a digital controller separate from said digital protection system, said digital controller controlling the operation of said cellular telephone, wherein said controller; (a) causes said telephone to transmit a data descriptor to a cellular telephone service provider with a request for service, said data descriptor comprising attribute data of said cellular telephone, said identity public key, and a digital signature of said attribute data and said identity public key, said digital signature representing an encryption of data derived from said identity public key and said attribute data, said encryption being according to a second public/private key encryption algorithm using a signature private key; (b) responsive to a request from said cellular telephone service provider, requests said digital protection system to perform said first data transformation upon test data received from said cellular telephone service provider to produce transformed test data; (c) responsive to requesting said digital protection system to perform said first data transformation, receives the transformed test data from the digital protection system, and transmits the transformed test data to said cellular telephone service provider for verification as a condition of providing cellular telephone service, said transformed test data being verifiable by said cellular telephone service provider by performing a second data transformation according to said first public/private key encryption algorithm using said identity public key, said identity public key being verifiable by said cellular telephone service provider by decrypting said digital signature according to said second public/private key encryption algorithm using a signature public key. - View Dependent Claims (14)
-
Specification