Registers – Systems controlled by data bearing records
Patent
1998-10-29
2000-08-22
Frech, Karl D.
Registers
Systems controlled by data bearing records
380 24, 380 25, 705 39, G06F 1700
Patent
active
061058629
DESCRIPTION:
BRIEF SUMMARY
FIELD OF THE INVENTION
The present invention relates to a procedure for performing a dual-signature electronic transaction.
The invention can be applied to all sectors in which terminals are required to perform secure transactions with users holding chip cards, said terminals not being permanently connected to centralized processing systems, but only periodically, during collection of transactions performed since the last collection.
BACKGROUND ART
In order to clarify the following explanation, the situation of transactions of the type known as "electronic wallet" will be used. This technology was the subject of a special issue (No. 158) of the magazine "L'Echo des Recherches" published in the 4th quarter of 1994. Of particular interest is an article by Marc Girault and Luc Vallee entitled "Signature electronique et application au paiement electronique" (Electronic Signatures and their Application to Electronic Payment).
Although electronic wallet technology has developed considerably over recent years, the security of this type of application still poses problems into which research is continuing. Various solutions to these problems are possible and may be examined on a security/cost basis.
In this type of system an electronic wallet (EW) card carries a balance, i.e. a certain quantity of values (currency, tokens, consumption units, etc.). On payment of a sum m, this balance is reduced by m units, the card producing proof that m units have been debited; this constitutes the guarantee of payment for a trader equipped with a terminal or server on which the user performs the transaction. This proof is the condition on which the trader receives payment in normal currency from the authority who issued the electronic wallet; this authority may be referred to as the "bank".
The proof must be verified to avoid the use of forged cards: it should not be possible to construct out of nothing i.e. without a card, proof capable of being accepted as authentic. The proof should also prevent manipulations such as converting a sum m into a sum m' that is greater than m, or reusing the same proof to pay the sum due to a trader twice or, again, paying sums not due to other traders.
In the following description the various participants in these systems will be described as the "user", "service provider" and "bank". The user has an EW card to pay a service provide while the bank is the body issuing the cards.
The techniques in current use may be broken down into three broad categories according to whether the signatures they use have a secret key, a public key or interactive keys.
In the first type, a terminal may be disconnected from the bank (said to be offline) or connected directly to the bank. The first configuration (offline) is the commonest in the various existing electronic wallet systems. It consists in calculating the proof z using a secret key algorithm f applied to parameter i representing the number of the EW card, and to parameter M which stands for all the following parameters: Application Module or SAM,
This gives z=f(k,m,j,r) where k is the secret key of the EW card whose identity is i. This key is dependent on i due to a mechanism of diversifying the keys according to the number i of the card. The SAM is a chip card located in the terminal whose physical properties enable it to act as a secure, protected cash register. The SAM therefore checks the certificate z and accumulates the sums received. It is regularly emptied so that the service provider's profits are credited by the bank; this is done using a secure procedure between the SAM and the bank. There are no particular difficulties involved in this procedure, so it will not be described here.
In order to check certificate z the SAM needs to know the keys of all EW cards. In practice this is done by calculating the keys k of the EW cards using the diversification formula k=g (KM,i), where KM is a master key that is valid for the entire system and present in all SAMs.
This method is shown in FIG. 1 attached where the user's EW card is numbered 10, the
REFERENCES:
patent: 5224162 (1993-06-01), Okamoto et al.
patent: 5511121 (1996-04-01), Yacobi
patent: 5805702 (1998-09-01), Curry et al.
patent: 5832089 (1998-11-01), Kravitz et al.
Girault Marc
Pailles Jean-Claude
Remery Patrick
France Telecom
Franklin Jamara A
Frech Karl D.
La Poste
LandOfFree
Method for performing a double-signature secure electronic trans does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method for performing a double-signature secure electronic trans, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method for performing a double-signature secure electronic trans will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-570975