Cellular telephone device having authenticating capability

US 7,809,948 B2
Filed: 12/29/2005
Issued: 10/05/2010
Est. Priority Date: 06/19/2001
Status: Expired due to Fees

First Claim

Patent Images

1. A cellular telephone, comprising:

a transceiver for communicating with a cellular telephone service provider;

a telephonic interface for audible communication with a user;

an identity private key and a data descriptor stored in said cellular telephone, said data descriptor comprising attribute data of said cellular telephone, an identity public key, and a digital signature of said attribute data and said identity public key, said identity public key corresponding to said identity private key according to a first public/private key encryption algorithm, said digital signature representing an encryption of data derived from said identity public key and said attribute data, said encryption being according to a second public/private key encryption algorithm using a signature private key;

a digital controller controlling operation of said cellular telephone, wherein said digital controller;

(a) causes said cellular telephone to transmit said data descriptor to a cellular telephone service provider with a request for service;

(b) responsive to a request from said cellular telephone service provider, performs a first data transformation of test data received from said cellular telephone service provider according to said first public/private key encryption algorithm using said identity private key; and

(c) transmits the transformed test data to said cellular telephone service provider for verification as a condition of providing cellular telephone service, said transformed test data being verifiable by said cellular telephone service provider by performing a second data transformation according to said first public/private key encryption algorithm using said identity public key, said identity public key being verifiable by said cellular telephone service provider by decrypting said digital signature according to said second public/private key encryption algorithm using a signature public key.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A smart chip protection system contains a unique public/private identity key pair and uses a separate public/private signature key pair. The internally stored identity private key can not be read outside the chip. An issuing entity generates a descriptor containing the identity public key, attribute data, and a digital signature of the two, using a signature private key known only to the issuer. The authenticity of the descriptor is verified by decrypting the signature using the signature public key, and comparing the result to source data. An object'"'"'s identity can be verified by requesting the smart chip to perform a data transformation using its identity private key, and performing the complement using the public key. An exemplary embodiment is a cellular telephone, in which a service provider verifies identity of the telephone and correct signature as a condition to providing service.

13 Citations

View as Search Results

14 Claims

1. A cellular telephone, comprising:
- a transceiver for communicating with a cellular telephone service provider;
  
  a telephonic interface for audible communication with a user;
  
  an identity private key and a data descriptor stored in said cellular telephone, said data descriptor comprising attribute data of said cellular telephone, an identity public key, and a digital signature of said attribute data and said identity public key, said identity public key corresponding to said identity private key according to a first public/private key encryption algorithm, said digital signature representing an encryption of data derived from said identity public key and said attribute data, said encryption being according to a second public/private key encryption algorithm using a signature private key;
  
  a digital controller controlling operation of said cellular telephone, wherein said digital controller;
  
  (a) causes said cellular telephone to transmit said data descriptor to a cellular telephone service provider with a request for service;
  
  (b) responsive to a request from said cellular telephone service provider, performs a first data transformation of test data received from said cellular telephone service provider according to said first public/private key encryption algorithm using said identity private key; and
  
  (c) transmits the transformed test data to said cellular telephone service provider for verification as a condition of providing cellular telephone service, said transformed test data being verifiable by said cellular telephone service provider by performing a second data transformation according to said first public/private key encryption algorithm using said identity public key, said identity public key being verifiable by said cellular telephone service provider by decrypting said digital signature according to said second public/private key encryption algorithm using a signature public key.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The cellular telephone of claim 1, further comprising a digital protection system, said digital protection system comprising:
    - (a) an external interface for receiving data requests;
      
      (b) an internal processor coupled to said external interface, said internal processor capable of performing said data transformation according to said first public/private key encryption algorithm; and
      
      (c) an internal data storage;
      
      wherein said identity private key is stored in said internal data storage within said digital protection system, said identity private key being inaccessible outside said external interface to said digital protection system.
  - 3. The cellular telephone of claim 2, wherein said digital protection system is implemented in digital logic contained on a single integrated circuit substrate.
  - 4. The cellular telephone of claim 1, wherein said attribute data includes an identifier identifying said cellular telephone.
  - 5. The cellular telephone of claim 4, wherein said identifier comprises a telephone number of said cellular telephone.
  - 6. The cellular telephone of claim 1, wherein said first data transformation is an encryption of said test data and said second data transformation is a decryption of said transformed test data encrypted by said first data transformation, said first data transformation being performed before said second data transformation.
  - 7. The cellular telephone of claim 1, wherein said second data transformation is an encryption of source test data generated by said cellular telephone service provider and said first data transformation is a decryption of said source test data encrypted by said second data transformation, said second data transformation being performed before said first data transformation.

8. A method of operating a cellular telephone, comprising the steps of:
- receiving a user command to initiate a telephonic communication using said cellular telephone;
  
  responsive to receiving said user command, transmitting a request for service to a cellular telephone service provider, said request for service including a data descriptor, said data descriptor comprising attribute data of said cellular telephone, an identity public key, and a digital signature of said attribute data and said identity public key, said identity public key corresponding to an identity private key in said cellular telephone according to a first public/private key encryption algorithm, said digital signature representing an encryption of data derived from said identity public key and said attribute data, said encryption being according to a second public/private key encryption algorithm using a signature private key;
  
  receiving a request from said cellular telephone service provider to perform a data transformation of test data, said test data being generated by said cellular telephone service provider using said identity public key;
  
  responsive to said request from said cellular telephone service provider, performing a first data transformation of said test data received from said cellular telephone service provider according to said first public/private key encryption algorithm using said identity private key to produce transformed test data; and
  
  transmitting said transformed test data to said cellular telephone service provider for verification as a condition of providing cellular telephone service, said transformed test data being verifiable by said cellular telephone service provider by performing a second data transformation according to said first public/private key encryption algorithm using said identity public key, said identity public key being verifiable by said cellular telephone service provider by decrypting said digital signature according to said second public/private key encryption algorithm using a signature public key.
- View Dependent Claims (9, 10, 11, 12)
- - 9. The method of operating a cellular telephone of claim 8,wherein said cellular telephone contains a digital protection system comprising an external interface and an internal data storage, said identity private key being stored in said internal data storage and inaccessible outside said external interface to said digital protection system;
    - andwherein said step of performing a data transformation of said test data received from said cellular telephone service provider is performed by said digital protection system.
  - 10. The method of operating a cellular telephone of claim 9, wherein said digital protection system is implemented in digital logic contained on a single integrated circuit substrate.
  - 11. The method of operating a cellular telephone of claim 8, wherein said attribute data includes an identifier identifying said telephone.
  - 12. The method of operating a cellular telephone of claim 11, wherein said identifier comprises a telephone number of said telephone.

13. A cellular telephone, comprising:
- a transceiver for communicating with a service provider;
  
  a telephonic interface for audible communication with a user;
  
  a digital protection system implemented as a single integrated circuit chip within said cellular telephone, said digital protection system having an external interface for receiving data requests, an internal data storage, and an internal processor coupled to said external interface and said internal data storage, said internal data storage of said digital protection system storing an identity private key which is inaccessible outside said external interface to said digital protection system, said identity private key corresponding to an identity public key according to a first public/private key encryption algorithm, said digital protection system further performing a first data transformation according to said first public/private key encryption algorithm;
  
  a digital controller separate from said digital protection system, said digital controller controlling the operation of said cellular telephone, wherein said controller;
  
  (a) causes said telephone to transmit a data descriptor to a cellular telephone service provider with a request for service, said data descriptor comprising attribute data of said cellular telephone, said identity public key, and a digital signature of said attribute data and said identity public key, said digital signature representing an encryption of data derived from said identity public key and said attribute data, said encryption being according to a second public/private key encryption algorithm using a signature private key;
  
  (b) responsive to a request from said cellular telephone service provider, requests said digital protection system to perform said first data transformation upon test data received from said cellular telephone service provider to produce transformed test data;
  
  (c) responsive to requesting said digital protection system to perform said first data transformation, receives the transformed test data from the digital protection system, and transmits the transformed test data to said cellular telephone service provider for verification as a condition of providing cellular telephone service, said transformed test data being verifiable by said cellular telephone service provider by performing a second data transformation according to said first public/private key encryption algorithm using said identity public key, said identity public key being verifiable by said cellular telephone service provider by decrypting said digital signature according to said second public/private key encryption algorithm using a signature public key.
- View Dependent Claims (14)
- - 14. The cellular telephone of claim 13, wherein said attribute data includes at least one identifier identifying said cellular telephone, said at least one identifier comprising a telephone number of said cellular telephone.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Lewis, David Otto, Remfert, Jeffrey Earl
Primary Examiner(s)
Vu; Kimyen
Assistant Examiner(s)
Paliwal; Yogesh

Application Number

US11/321,606
Publication Number

US 20060107060A1
Time in Patent Office

1,741 Days
Field of Search

713/176
US Class Current

713/176
CPC Class Codes

H04L 2209/84   Vehicles

H04L 9/3247   involving digital signatures

H04L 9/3271   using challenge-response

Cellular telephone device having authenticating capability

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

13 Citations

14 Claims

Specification

Solutions

Use Cases

Quick Links

Cellular telephone device having authenticating capability

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

13 Citations

14 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links