Cryptography – Key management – Having particular key generator
Patent
1997-03-05
2000-02-29
Cangialosi, Salvatore
Cryptography
Key management
Having particular key generator
H04L 900
Patent
active
060319127
DESCRIPTION:
BRIEF SUMMARY
TECHNICAL FIELD
This invention relates to selective access to a security system, and in particular to a payment system using debit cards, credit cards, or for the withdrawal of funds contained on a so-called smart card, and in particular for chip cards.
BACKGROUND OF THE INVENTION
The system with which the present invention is concerned, comprises at least one initial device and at least one second device that must be brought into a correct configuration with the initial device in order to obtain access. Access is obtained by verifying that a coded key associated with the second device is recognized as valid by the first device, after comparison with a key found in the first device.
By way of example, in the case of payment systems with which it is possible to withdraw funds recorded on a credit card, which are referred to as an "electronic purse" and which contains the second device described above, the first device has payment terminals, each of which has one or more so-called "global" coded keys that are common to various payment terminals. Each electronic purse, in addition to any security codes, contains a memory for the monetary funds which may be withdrawn a little at a time or all in one sum, and then reloaded, e.g. by means of a bank computer terminal, as well as a memory for one or more coded keys. The description of a coded key below is given by way of clarification. One or more other keys may be used, or some other appropriate procedure may be employed.
When a payment is to be made, the electronic purse or card must communicate with a payment terminal. The payment terminal, before permitting the withdrawal of funds from the electronic purse, and possibly also for the purpose of double-checking the security codes, calculates the supposed key of the card on the basis of the global key in the terminal and on the basis of a code that identifies the individual card (for instance its serial number). The terminal then checks that this supposed key corresponds to that stored in the electronic purse card and check that it has been loaded at the time of production or issue. This calculation is carried out on the basis of a chosen algorithm that cannot be reversed. That is, if one knows the card's key and its code, it is not be possible to discover the global key.
Although this irreversible calculation does not make it possible for a third party to decipher the key and the card code in order to identify the global key, that third party could attempt to obtain the global key found in various terminals by some fraudulent means, and on the basis of that key to calculate the keys of all the cards in the system, thus obtaining or inventing their identifying codes, and then to issue false electronic purse cards which would be indistinguishable from genuine cards. Such actions would be prejudicial to the company and very costly to monitor and combat. Under extreme circumstances, these fraudulent actions could result in the need to stop using the aforesaid system.
SUMMARY OF THE INVENTION
This invention is aimed at limiting the falsification of electronic purse cards of the type described above and thus at eliminating the serious disadvantages that would result. To limit this, and thus to increase the security system, it is necessary to be able, in a programmed fashion, to change the global key used by the payment terminals, and this is easily effected since these terminals are regularly linked to a management center. However it is also necessary to update the key stored in the electronic purse cards in use in the system; but these are not all presented with sufficient regularity to a payment or bank terminal for their coded keys to be changed in a "synchronized" fashion with those of the payment terminals.
To resolve this problem of synchronized changing, the process contemplated by this invention involves: new key is linked to the previous one by an irreversible function whereby, from a given key, it is only possible, in each instance, to obtain the preceding key in the renewal sequence and, by repeating
REFERENCES:
patent: 4074066 (1978-02-01), Ehrsam et al.
patent: 4847614 (1989-07-01), Keller
patent: 4944008 (1990-07-01), Piosenka et al.
Dawirs Michel
Moulart Yves
Banksys
Cangialosi Salvatore
LandOfFree
Process and device for permitting selective access to a security does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Process and device for permitting selective access to a security, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Process and device for permitting selective access to a security will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-690051