Smart token system for secure electronic transactions and identification

US 5,943,423 A
Filed: 12/15/1995
Issued: 08/24/1999
Est. Priority Date: 12/15/1995
Status: Expired due to Term

First Claim

Patent Images

1. A method of obtaining access to computer or network resources using a smart token, comprising:

a. opening an application domain of a smart token used for access to a computer or a network;

b. encrypting a password read from the application domain, so as to obtain an electronic password;

c. sending a logon identification and the encrypted password to the computer or network for which access is desired; and

d. verifying and validating as to whether the logon identification and the encrypted password are such that the access to the computer or network is permitted,wherein the step of sending a logon identification to the computer or network for which access is desired comprises;

a. sending a user public key certificate stored on the smart token together with a user identification and a user random number to the computer or network;

b. receiving from the computer or network the identity of the computer or network, a public key certificate of a target resource, a signed copy of the user random number and a second random number generated by the computer or network;

c. verifying the signed copy of the user random number; and

d. signing the second random number using the public key of the computer or network obtained from a certificate and returning the second random number with signature to the computer or network.

View all claims

8 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Smart token technology, using a smart card, PCMCIA card or any other medium containing storage or processing capability is used to facilitate a variety of secure business transactions, including those which might occur over an unsecured network such as the Internet. Application programs can obtain a variety of smart token services using a common application programming interface. Applications of the smart token technology to electronic cash, banking, credit, computer and network access, software distribution, medical handling and issuance of credentials are presented.

741 Citations

4 Claims

1. A method of obtaining access to computer or network resources using a smart token, comprising:
- a. opening an application domain of a smart token used for access to a computer or a network;
  
  b. encrypting a password read from the application domain, so as to obtain an electronic password;
  
  c. sending a logon identification and the encrypted password to the computer or network for which access is desired; and
  
  d. verifying and validating as to whether the logon identification and the encrypted password are such that the access to the computer or network is permitted,wherein the step of sending a logon identification to the computer or network for which access is desired comprises;
  
  a. sending a user public key certificate stored on the smart token together with a user identification and a user random number to the computer or network;
  
  b. receiving from the computer or network the identity of the computer or network, a public key certificate of a target resource, a signed copy of the user random number and a second random number generated by the computer or network;
  
  c. verifying the signed copy of the user random number; and
  
  d. signing the second random number using the public key of the computer or network obtained from a certificate and returning the second random number with signature to the computer or network.

2. A method of preventing use of software modified without authorization and unauthorized access to software without possession of a smart token, the method performed by software manufacture, author or owner, comprising:
- a. generating a pair of digital signature keys for each authorized user;
  
  b. personalizing a smart token for each authorized user of the software and storing the digital signature keys on said smart token;
  
  c. including a start-up routine within the software;
  
  d. producing a hash value for the software and encrypting the hash value to create an encrypted hash value using a user'"'"'s public key to thereby create a digital seal; and
  
  e. appending the digital seal to the software before distribution;
  
  such that when the software is loaded and executed, the start-up routine calculates a hash value to create a calculated hash value from the loaded software, compares the calculated hash value with a hash value decrypted from the digital seal using a private key on the smart token, and when they are identical, permitting execution of the software.
- View Dependent Claims (3)
- - 3. The method of claim 2 in which the steps of generating a pair of digital signature keys for each authorized user and personalizing a smart token for each authorized user and particular software to be protected, performed by software manufacturer, author or owner, comprise:
    - a. generating for each authorized software distributor a pair of digital signature keys and a distribution credential containing a counter holding a value indicating the maximum number of authorized copies of software to be distributed;
      
      b. using said distribution credential to generate user authorization credentials in a quantity no greater than said value by decrementing said counter each time an user authorization credential is generated until the counter reaches zero and thereafter preventing further generation of said user authorization credentials;
      
      c. distributing one user authorization credential with each authorized copy of said software;
      
      d. preventing the possibility to activate the copy of the software without using a valid user authorization credential.

4. A method of displaying a copyright notice on software or a digital document, comprising:
- a. applying a digital signature of a manufacturer, author or owner to the software or to the digital document at the time it is prepared for distribution;
  
  b. permitting execution of the software or access to the the digital document only after successful verification of the digital signature of the manufacturer, author or owner using a public key of the manufacturer, the author, or the owner of the software, respectively; and
  
  c. not permitting access to the public key without display of a copyright notice.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Intellectual Ventures II LLC (Intellectual Ventures LLC)
Original Assignee
Entegrity Solutions
Inventors
Muftic, Sead
Primary Examiner(s)
Patel, Harshad
Assistant Examiner(s)
Clark, Robin C.

Application Number

US08/573,033
Time in Patent Office

1,348 Days
Field of Search

380/4, 380/23, 380/24, 380/25, 380/21, 235/380
US Class Current

705/67
CPC Class Codes

G06F 21/33   using certificates

G06F 21/34   involving the use of extern...

G06F 21/41   where a single sign-on prov...

G06F 2211/008   Public Key, Asymmetric Key,...

G06Q 20/341   Active cards, i.e. cards in...

G06Q 20/3674   involving authentication

G06Q 20/3821   Electronic credentials

G06Q 20/40975   using encryption therefor

G07F 7/082   Features insuring the integ...

G07F 7/1008   Active credit-cards provide...

Smart token system for secure electronic transactions and identification

First Claim

8 Assignments

0 Petitions

Accused Products

Abstract

741 Citations

4 Claims

Specification

Solutions

Use Cases

Quick Links

Smart token system for secure electronic transactions and identification

First Claim

8 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

741 Citations

4 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links