Reliably Identifying Information of Device Generating Digital Signatures

US 20030097569A1
Filed: 02/01/2003
Published: 05/22/2003
Est. Priority Date: 08/04/2000
Status: Active Grant

First Claim

Patent Images

1. A method in which information of a device that generates digital signatures is reliably identified, comprising the steps of,

View all claims

8 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Abstract of Disclosure

Information of a device that generates digital signatures is reliably identified by (a) for each of a plurality of devices manufactured in an environment, (i) creating a public-private key pair within the environment, (ii) linking within the environment in a secure manner the public key with other information associated with the device, and (iii) before release of the device from the environment, storing the private key within the device for generating a digital signature for an electronic message, and (b) thereafter, when a said linked public key successfully authenticates a digitally signed message, identifying the other information associated with said linked public key as pertaining to the device to which belongs the private key utilized in digitally signing the message. Manufacturing the devices includes creating a public-private key pair within the secure environment, and storing the private key within the device against the possibility of divulgement thereof by the device.

Citations

27 Claims

1. A method in which information of a device that generates digital signatures is reliably identified, comprising the steps of,
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
- - 2. The method of claim 1, wherein the secure manner of linking comprises recording the linked public keys and Security Profiles in a database and maintaining the database in an environment having a security rating at least comparable to a security level of each device for which the public key thereof is linked.
  - 3. The method of claim 1, wherein the secure manner of linking comprises,
  - 4. The method of claim 1, wherein the other information is identified by a recipient of the digitally signed message.
  - 5. The method of claim 1, wherein the other information is identified to a recipient of the digitally signed message.
  - 6. The method of claim 1, further comprising gauging a risk that the private key was fraudulently used to digitally sign the message based at least in part on said identified Security Profile.
  - 7. The method of claim 1, wherein the Security Profile of a device comprises security characteristics of the device.
  - 8. The method of claim 7, wherein the security characteristics of a respective manufactured device include an algorithm used by the device in originating digital signatures.
  - 9. The method of claim 1, wherein the Security Profile of a device comprises authentication capabilities of the device.
  - 10. The method of claim 9, wherein the authentication capabilities include whether the device performs Factor A and Factor B Entity Authentication.
  - 11. The method of claim 1, wherein the Security Profile of a device comprises all of the security features of the device.
  - 12. The method of claim 2, wherein the secure environment includes multiple physical locations.
  - 13. The method of claim 3, wherein the secure environment includes multiple physical locations.
  - 14. The method of claim 1, wherein the electronic message represents a financial transaction.
  - 15. The method of claim 1, wherein the electronic message represents a legal action.
  - 16. The method of claim 1, wherein the electronic message represents a request for access to information.
  - 17. The method of claim 1, wherein the electronic message represents a request for access to a physical location.
  - 18. The method of claim 1, wherein each pair of keys of a manufactured device is created in the respective device.
  - 19. The method of claim 18, wherein only the public key of each pair is exportable from the respective device.
  - 20. The method of claim 18, wherein the private key is not exportable from the respective device.

21. A method of manufacturing devices that generate digital signatures such that each device may be reliably and uniquely identified, the devices being manufactured within a secure environment, comprising the steps of,
- View Dependent Claims (22, 23, 24, 25, 26, 27)
- - 22. The method of claim 21, wherein each private-public key pair is created within each device based on a random number produced by a random number generator disposed within each device.
  - 23. The method of claim 22, wherein the random number generator is a high quality random number generator.
  - 24. The method of claim 22, wherein the only the public key is exportable from the device.
  - 25. The method of claim 22, wherein each digital signature generated by each device is a random number.
  - 26. The method of claim 22, wherein the other information comprises respective security features of each device.
  - 27. The method of claim 22, further comprising identifying a particular manufactured device by authenticating a message using one of said linked public keys, a digital signature for the message having been generated by the particular manufactured device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
First Data Corporation (Fiserv Incorporated)
Original Assignee
First Data Corporation (Fiserv Incorporated)
Inventors
Wheeler, Anne M., WHEELER, Lynn Henry

Granted Patent

US 6,915,430 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/176
CPC Class Codes

G06F 21/32   using biometric data, e.g. ...

G06F 2221/2113   Multi-level security, e.g. ...

G06Q 20/00   Payment architectures, sche...

G06Q 20/02   involving a neutral party, ...

G06Q 20/04   Payment circuits

G06Q 20/0855   involving a third party

G06Q 20/12   specially adapted for elect...

G06Q 20/341   Active cards, i.e. cards in...

G06Q 20/3558   Preliminary personalisation...

G06Q 20/3674   involving authentication

G06Q 20/3676   Balancing accounts

G06Q 20/382   insuring higher security of...

G06Q 20/3821   Electronic credentials

G06Q 20/3823   combining multiple encrypti...

G06Q 20/3825   Use of electronic signatures

G06Q 20/3829   involving key management

G06Q 20/385   using an alias or single-us...

G06Q 20/388   using mutual authentication...

G06Q 20/4014   Identity check for transact...

G06Q 20/40145   Biometric identity checks

G06Q 20/403 : Solvency checks

G06Q 20/40975 : using encryption therefor

G06Q 50/188 : Electronic negotiation

G07F 7/0886 : the card reader being porta...

G07F 7/1008 : Active credit-cards provide...

G07F 7/1016 : Devices or methods for secu...

H04L 2209/42 : Anonymization, e.g. involvi...

H04L 2209/56 : Financial cryptography, e.g...

H04L 63/0428 : wherein the data content is...

H04L 63/0442 : wherein the sending and rec...

H04L 63/062 : for key distribution, e.g. ...

H04L 63/0823 : using certificates cryptogr...

H04L 63/083 : using passwords cryptograph...

H04L 63/12 : Applying verification of th...

H04L 9/321 : involving a third party or ...

H04L 9/3247 : involving digital signatures

View All

Reliably Identifying Information of Device Generating Digital Signatures

First Claim

8 Assignments

0 Petitions

Accused Products

Abstract

Citations

27 Claims

Specification

Solutions

Use Cases

Quick Links

Reliably Identifying Information of Device Generating Digital Signatures

First Claim

8 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

27 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links