Information security – Access control or authentication – Stand-alone
Reexamination Certificate
2005-08-04
2010-06-08
Korzuch, William R (Department: 2431)
Information security
Access control or authentication
Stand-alone
C726S009000, C726S028000, C713S185000, C705S072000
Reexamination Certificate
active
07735132
ABSTRACT:
A smart card, system, and method for securely authorizing a user or user device using the smart card is provided. The smart card is configured to provide, upon initialization or a request for authentication, a public key to the user input device such that the PIN or password entered by the user is encrypted before transmission to the smart card via a smart card reader. The smart card then decrypts the PIN or password to authorize the user. Preferably, the smart card is configured to provide both a public key and a nonce to the user input device, which then encrypts a concatenation or other combination of the nonce and the user-input PIN or password before transmission to the smart card. The smart card reader thus never receives a copy of the PIN or password in the clear, allowing the smart card to be used with untrusted smart card readers.
REFERENCES:
patent: 4907272 (1990-03-01), Hazard et al.
patent: 5023908 (1991-06-01), Weiss
patent: 5036461 (1991-07-01), Elliott et al.
patent: 5224163 (1993-06-01), Gasser et al.
patent: 5517569 (1996-05-01), Clark
patent: 5721781 (1998-02-01), Deo et al.
patent: 5757918 (1998-05-01), Hopkins
patent: 5778072 (1998-07-01), Samar
patent: 5815577 (1998-09-01), Clark
patent: 5955717 (1999-09-01), Vanstone et al.
patent: 6178507 (2001-01-01), Vanstone et al.
patent: 6223289 (2001-04-01), Wall et al.
patent: 6460138 (2002-10-01), Morris
patent: 6934855 (2005-08-01), Kipnis et al.
patent: 7039809 (2006-05-01), Wankmueller
patent: 7072869 (2006-07-01), Guthery
patent: 7111324 (2006-09-01), Elteto et al.
patent: 7246375 (2007-07-01), Jean et al.
patent: 7269732 (2007-09-01), Kilian-Kehr
patent: 2001/0014157 (2001-08-01), Hashimoto et al.
patent: 2002/0018570 (2002-02-01), Hansmann et al.
patent: 2002/0023032 (2002-02-01), Pearson et al.
patent: 2003/0041244 (2003-02-01), Buttyan et al.
patent: 2003/0046560 (2003-03-01), Inomata et al.
patent: 2004/0002923 (2004-01-01), Ramaswamy et al.
patent: 2005/0120202 (2005-06-01), Cuellar et al.
patent: 2005/0177522 (2005-08-01), Williams
patent: 2007/0106892 (2007-05-01), Engberg
patent: 2007/0110282 (2007-05-01), Millsapp
patent: 102004045978 (2006-03-01), None
patent: 2 536 928 (1984-06-01), None
patent: WO 0122372 (2001-03-01), None
“The PC Pay™ System”, Innovonics Inc., http://www.innovonics.com/pcpay/pcpayhome.html, publication date unknown, Internet.
“Alphabetical List of Smart Card Products”, Timberline Technologies, http://www.timberlinetechnologies.com/products/smart.html, publication date unknown, Internet.
Konigs, H-P. “Cryptographic Identification Methods for Smart Cards in the Process of Standardization” IEEE Communications Magazine, vol. 29, No. 6, Jun. 1991, pp. 42-48.
Adams Neil P.
Brown Michael K.
Little Herbert A.
Dimock Stratton LLP
Korzuch William R
Research in Motion Limited
Vaughan Michael R
Wilson Jenna L.
LandOfFree
System and method for encrypted smart card PIN entry does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with System and method for encrypted smart card PIN entry, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and System and method for encrypted smart card PIN entry will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-4173934