Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Particular node for directing data and applying cryptography
Reexamination Certificate
1999-03-03
2002-12-10
Peeso, Thomas R. (Department: 2132)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Particular node for directing data and applying cryptography
C713S161000, C713S168000
Reexamination Certificate
active
06493823
ABSTRACT:
The present invention relates to an instrument for making messages secure, each message having a sender, a receiver, and a content, security being obtained by implementing means, on sending, that enable an encoded indication to be associated with the message to guarantee the authentic nature of the message relative to certain sensitive parameters thereof, and to guarantee the identities of its sender and of its addressee, and on reception, that verify or monitor said encoded indication of the message by using decoding means that match the encoding means used for generating the coded indication.
The coded indication may accompany the content of the message which is readable “in the clear”; in which case the indication can be called a “seal” and the encoding involved is referred to below as “sealing”. In other cases, it is the content of the message itself that is encoded, in which case the encoding is called “encrypting”, with the information content not being readable in the clear.
It is recalled that sealing or encrypting are known and that they use an algorithm to encode one or more sensitive data items of the message, or the entire message, by means of an encoding key which is personal to the sender.
The seal is checked or decrypted by using an appropriate algorithm and a key which may differ from the encoding key (in which case the algorithm is said to be “asymmetrical”), or which may be the same (in which case the algorithm is said to be “symmetrical”).
When the key for checking or decrypting is different from the key for sealing or encrypting, security problems are smaller than in the second case. In this context, it is recalled that security in this field means that it is not possible to counterfeit a sealed transaction message or to read an encrypted message. The degree of security depends essentially on the ease of access to the encoding key. An asymmetrical or irreversible encoding algorithm is more reliable than a symmetrical or reversible algorithm since the encoding key is not disclosed to other actors acting to check or receive the message. Nevertheless, such an algorithm is very inconvenient to implement since it requires lengthy keys to be used and it requires lengthy cryptograms, thereby requiring large amounts of computer power. For a seal, it is generally the practice to add the seal to a message at the time the message is sent. When the message is on a paper medium, decoding requires the message to be keyed in for processing purposes and that is a major source of error and of wrong operation, even when using automatic reader devices.
That is why presently-preferred instruments for making data exchanges secure use symmetrical algorithms (e.g. the data encryption standard or “DES”) which require means that are less powerful and therefore less expensive, and which enable relatively short seals and relatively short sealing keys to be used. The drawback of such symmetrical algorithms lies in the same sealing key being possessed by at least two actors, which means that a seal cannot legally be deemed to be a signature since a plurality of actors share the secret and can therefore “seal” or “sign” a message.
There are also risks of fraud when secret keys are transferred or transported, and these risks can be reduced only at the cost of technology that is expensive and complex. This is particularly unsuitable for use when exchanging data that corresponds, for example, to property that is not in material form, and this is a field that is expanding very quickly and where it is necessary to supply an increasing number of users with instruments for making exchanges secure.
The present invention seeks to decrease the risk of fraud as far as possible by proposing an instrument for making secure that is capable of generating encoding/decoding keys that are unknown to the operators who themselves exchange keys that are public, regardless of the role of the operator (sender, receiver, certifier, . . . ).
To this end, the invention thus provides an instrument for making secure by encoding/decoding messages exchanged between each of the actors of a network having a plurality of actors, each being capable of acting as a sender or as an addressee of a message that is encoded or sealed, which instrument comprises, for each actor, a respective device including an integrated circuit with memory zones and a microprocessor capable of executing at least one algorithm and of controlling access to said zones as a function of the nature of the operation requested thereof by the operator holding the device, the operations being selected from the following:
encoding;
calculating a key to be communicated; and
decoding;
the memory zones containing two types of base key that are masked, including a base key of a first type which is specific to each device, and at least one base key of a second type which is common to all of the devices.
The first advantage of the instrument of the invention results from this technological feature (i.e. base key values that are masked, with access thereto being via the microprocessor and being selective as a function of the operation allocated thereto). This disposition makes it possible for each microprocessor to implement algorithms that are symmetrical, and therefore fast, while nevertheless creating an overall encoding/decoding (sealing/checking or encrypting/decrypting) system that is asymmetrical, and therefore provides a very high degree of security.
In order to better understand the fundamental mechanisms for processing the various keys as implemented by the invention, the invention is explained with reference to the following application by way of example. The messages to be processed are messages addressed by a sender to receivers. A certain amount of security concerning the authenticity of the message on sending is usually provided by performing the sealing technique. The sender proceeds by encoding certain characteristic data items of the message using a cryptographic algorithm and a key that is specific to the sender. The result of this operation is known as the “seal”. The receiver of the message (or the checker) proceeds with seal verification by means of the same key which is applied to the same data that is already known. Using the means of the invention, the sender and the addressees proceed with sealing or with seal verification in entirely conventional manner.
The sender has a device of the invention (e.g. an integrated circuit card) in which a microprocessor possesses two operating modes: a first mode known as “calculate public key” mode where the public key is the key to be communicated, and a second mode known as “calculate seal” mode. The integrated circuit also has memory zones which contain two addresses each containing a masked value (known as a “base” key) that is unknown not only to the bearer of the device but also to the manufacturer. These addresses are accessible by the microprocessor but only when performing particular functions that are to be executed. More precisely, one of the values (first base key T) is accessible by the microprocessor only when executing the “calculate seal” function which is an encoding function, while the other value (second base key U) is accessible only when executing the “calculate public key” function which implements a decoding algorithm.
The actors constituting receivers or addressees of the sealed message also have their own copies of the same device (integrated circuit card) with a microprocessor and memory zones. In a version of the invention that is simplified for explanatory purposes, these memory zones contain, at one address to which access is controlled by the microprocessor, a value that is identical to the second base key U included in the card of the sender, and the microprocessor possesses only a “seal verification” function which is a decoding function. The second base key is naturally unknown to the holder of the card and also to its manufacturer.
In conventional manner, the sender must initially send a key to the receivers to enable them to verify the seals that the sender will p
Atos Services
Peeso Thomas R.
LandOfFree
Instrument for making secure data exchanges does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Instrument for making secure data exchanges, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Instrument for making secure data exchanges will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2932719