Cryptography – Electric signal modification – Having magnetic record carrier
Reexamination Certificate
1998-07-10
2004-02-10
Sheikh, Ayaz (Department: 2131)
Cryptography
Electric signal modification
Having magnetic record carrier
C380S051000, C713S185000, C713S194000, C235S375000
Reexamination Certificate
active
06690794
ABSTRACT:
BACKGROUND OF THE PRESENT INVENTION
1. Field of the Present Invention
The present invention relates to techniques for creating, issuing, and using tickets and cards electronically.
2. Description of the Related Art
Tickets come in diverse kinds: boarding pass, transit pass, admission tickets, reserved seat tickets, reservation tickets, coupon tickets, commuter passes, gift voucher, prepaid cards, point-accumulating cards, membership cards, transit passes, permits, and others. They are generically called tickets and proves that those who possess them (called users hereunder) are entitled to specific rights represented by each ticket. Tickets are generally issued either by those wishing to grant definite rights to users for a consideration or by their agents (called the issuing party hereunder). The users acquire and manage the tickets thus issued. Conventionally, tickets are implemented in physical form by printing and/or embossing markings on paper or plastic.
Physically implemented tickets are called paper tickets hereunder. In recent years, efforts have been made to implement electronic tickets that allow the issuing party to check the rights granted to ticket users and to verify tickets. Electronic information is easy to create and transmit over communication lines. But it is also easy to make perfect copies of such information. Thus to implement electronic tickets requires taking measures against forgery and unauthorized duplication. Forgery may be prevented by resorting to digital signatures, but they are not sufficient to forestall copying. How to prevent unauthorized duplication is, therefore, the biggest challenge facing the implementation of electronic tickets.
Conventionally, three kinds of techniques have been used to implement electronic tickets. The first technique is one which verifies whether a user bearing a ticket is the legitimate holder of the ticket when the ticket is about to be used. The second technique involves depriving anyone other than the issuing party of any chance of copying tickets. The third technique, a variation of the second technique, is to let communications be made public at the time of verification.
Each of these conventional techniques will be described below.
The first conventional technique involves checking to see whether a ticket holder is the legitimate user of the ticket when the ticket is on the point of being used. According to this technique, each issued ticket is given information for matching its specific rights with information necessary for verifying the identity of its user (i.e., user identification information). The matching information is recorded and managed by the user. The issuing party puts a digital signature on each ticket so that no other party can forge the ticket. Any ticket not bearing the electronic signature is considered a forged ticket.
In order to prevent the use of illegally duplicated tickets, the user needs to prove that he or she is a legitimate ticket holder complying with the user identification information borne by the ticket in question at the time of ticket use. When the user identification information is complied with, the rights specified by the ticket are allowed to be exercised; without the compliance, the use of the ticket is rejected. The user identification information may comprise illustratively the user's identity, his/her physical features such as a face photo, and possession of a specific knowledge such as a password. The user's identity may be proved by the user submitting his/her identification card or the like. Similarly, a face photo showing physical features of the user may be presented for user identification. Where passwords are utilized for identification, each user is asked to input the assigned password.
The second conventional technique involves depriving any other entity than the issuing party of any chance for making unauthorized copies of tickets. Because this technique has no need for user identification information, tickets may be issued and used while their users may remain anonymous. However, if a ticket is copied illegitimately, there is no means to prevent unauthorized use of the copied ticket. This requires forestalling duplication of tickets. It requires two schemes described below: a first scheme involves suitably preventing user-held tickets from getting copied, and a second scheme entails halting any leak of ticket data at the time of ticket issuance or during communication for ticket verification. The first scheme is implemented by having each user furnished with a device to which a ticket is recorded, the device being so designed that its contents may be modified only by the issuing party. The second scheme is realized by taking necessary communication measures against wiretapping.
An example of the second conventional technique is disclosed illustratively in Japanese Published Unexamined Patent Application No. Hei 8-147500. The disclosed method implements an electronic ticket system using a ticket storage device carried by each user. A ticket bearing an electronic signature is confined by the issuing party to each device. The electronic signature makes forgery difficult. Attempts to make an unauthorized copy of the ticket are countered by resorting to special instructions for retrieving the ticket from each ticket storage device. With the disclosed method in use, different issuing parties utilize different signature keys. This makes it possible for a single storage device to accommodate a plurality of tickets issued by a plurality of issuing parties. Because no information is needed about user identity, the legitimacy of tickets is proved by simply verifying the signature on each ticket.
The third conventional technique, a modified version of the second technique, is intended to let communications be made public at the time of ticket verification.
The third technique is functionally the same as the second technique in that each ticket is recorded as secret information to a device (proving device) carried by a user. The difference lies in how verification is carried out. A ticket verification device sends an unreproducible value such as a random number (called a challenge) to the proving device. The proving device performs on the challenge an arithmetic operation utilizing the secret information constituting the ticket, and sends the obtained value (called a response) back to the verification device. The verification device ascertains the legitimacy of the user by checking the response acquired by use of the secret information and challenge. It is difficult to complete within a reasonable time frame as the huge amount of calculations for acquiring the secret information from the challenge and the response. That difficulty makes it unnecessary to conceal communications between the verification device and the proving device.
A method functionally similar to the third conventional technique is disclosed in Japanese Published Examined Patent Application No. Hei 6-52518, although the purpose of the method is limited to the verification of controls for access to secured facilities. The disclosed method supplements the third technique with a feature relieving the verifier of the need to manage the secret information destined for each user and contained in his/her proving device. Specifically, the user carries a portable device equivalent to the proving device of the third conventional technique. During communication for verification, verification facility (i.e., verification device) receives an identification number from the user or from his/her portable device and calculates, based on the received number, secret information called a secret code unique to the portable device in question. The secret code thus acquired is used to carry out challenge-response protocols for user verification. This eliminates the need for the verification device to hold and manage secret information.
If electronic tickets are to take over the role currently assumed by paper tickets, it is necessary but not sufficient for the issuing party to verify the rights granted by each ti
Kamei Mitsuhisa
Nakatsuyama Hisashi
Terao Taro
Fuji 'Xerox Co., Ltd.
Sheikh Ayaz
Song Hosuk
LandOfFree
Electronic ticket system does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Electronic ticket system, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Electronic ticket system will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3280713