Cryptography – Particular algorithmic function encoding – Nbs/des algorithm
Patent
1987-07-09
1989-03-07
Buczinski, Stephen C.
Cryptography
Particular algorithmic function encoding
Nbs/des algorithm
235380, 34082534, 380 23, 380 28, 380 48, H04L 900, G07D 700, G06K 500
Patent
active
048113930
DESCRIPTION:
BRIEF SUMMARY
The subject of the invention is a method for diversification of a basic key and for authentication of a thus-diversified key as having been fashioned on the basis of a predetermined basic key, and a system for performing the method.
A method of this kind makes it possible in particular to diversify the secret keys recorded in portable carriers such as memory cards.
The development of applications that use portable objects such as cards is substantially due to the advent of memory cards, one essential feature of which is that they have processing circuits. These circuits generally include a microprocessor, which performs calculations not only on the data input from the outside, but above all on internal data that are inaccessible from outside.
Such cards are distributed to users by authorized entities that offer to furnish services by way of apparatuses or terminals made available to the public, and to which the user couples his card temporarily.
Generally, no apparatus furnishes the service requested until after first being assured that the card has indeed been established initially as capable of giving access to this service.
In fact, it must be avoided at any cost that a card established for access to a service (A) can also be used for access to a service (B), or that a defrauder can design or simulate a counterfeit card giving access to the service (A) and/or (B).
These objects are generally attained by means of preliminary establishment of an exchange of data, in the form of a dialogue between the card and the apparatus.
One type of dialogue, as described in U.S. Pat. No. 4,471,216 of the present applicant, corresponding to its French Pat. No. 2 469 760, takes into account a secret key known only to the authorized entity and recorded both in the card and in the apparatus. By way of example, the card calculates a result which is a function of its secret key, and the apparatus calculates a similar result which is the function of its secret key. The results are compared by the apparatus, which does not authorize access to the service requested except in the case of identity, or agreement, between these results. This condition cannot be satisfied unless the keys on the card and in the apparatus are identical.
Thus any apparatus designed for furnishing a given service is able to recognize all of the cards that will have been issued by an authorized entity for obtaining access to this service.
However, for the same secret key recorded in an apparatus, there are n cards of the same family having this secret key (n may be as many as several million, especially in banking applications). If a defrauder succeeds in gaining access to the secret of this key, then he is in a position to be able to manufacture and distribute cards that are counterfeit, yet will be recognized as valid by the apparatuses. One such event would be catastrophic, and would necessitate changing the secret key and distributing new cards.
To overcome this disadvantage, the invention provides for the diversification of the secret keys of the cards, on the basis of the same basic key, while enabling the apparatus to recognize them as having been fashioned on the basis of the same base key. Thus each card will have its own secret key, different from the keys assigned to other cards.
The invention accordingly proposes a method for diversification of a basic key by an initialization system, each basic key thus diversified being recorded in a memory of a target device, and for effecting recognition by an exploitation system that the diversified key recorded in a target device has indeed been fashioned on the basis of a predetermined basic key, characterized in that it comprises:
for diversifying a basic key (Sb) prerecorded in a memory of the initialization system, causing calculation by the processing circuits of this system of a diversified key (Sd) such that: and (T) is a biunique combinational transformation, and recording this key (Sd) in the memory of the target device,
and for effecting recognition of the diversified key (Sd) of a target dev
REFERENCES:
patent: 4295039 (1981-10-01), Stuckert
patent: 4438824 (1984-03-01), Mueller-Schloer
patent: 4670857 (1987-06-01), Rackman
patent: 4748668 (1988-05-01), Shamir et al.
IBM Tech. Disc. Bulletin, vol. 24, No. 12, May '82, p. 6504.
Buczinski Stephen C.
Bull S.A.
LandOfFree
Method and system for diversification of a basic key and for aut does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method and system for diversification of a basic key and for aut, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method and system for diversification of a basic key and for aut will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-1676518