Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Particular communication authentication technique
Reexamination Certificate
1996-12-24
2001-02-20
Swann, Tod R (Department: 2767)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Particular communication authentication technique
C713S169000, C713S152000, C380S044000, C380S277000, C380S283000, C705S064000, C705S067000, C705S075000, C705S076000
Reexamination Certificate
active
06192473
ABSTRACT:
FIELD OF THE INVENTION
The present invention relates generally to a system and method for communications within a postage evidencing system and, more particularly, to the security of such communications.
BACKGROUND OF THE INVENTION
The Information-Based Indicia Program (IBIP) is a distributed trusted system proposed by the United States Postal Service (USPS). The IBIP is expected to support new methods of applying postage in addition to, and eventually in lieu of, the current approach, which typically relies on a postage meter to mechanically print indicia on mailpieces. The IBIP requires printing large, high density, two dimensional (2-D) bar codes on mailpieces. The Postal Service expects the IBIP to provide cost-effective assurance of postage payment for each mailpiece processed.
The USPS has published draft specifications for the IBIP. The INFORMATION BASED INDICIA PROGRAM (IBIP) INDICIUM SPECIFICATION, dated Jun. 13, 1996, defines the proposed requirements for a new indicium that will be applied to mail being processed using the IBIP. The INFORMATION BASED INDICIA PROGRAM POSTAL SECURITY DEVICE SPECIFICATION, dated Jun. 13, 1996, defines the proposed requirements for a Postal Security Device (PSD) that will provide security services to support the creation of a new “information based” postage postmark or indicium that will be applied to mail being processed using the IBIP. The INFORMATION BASED INDICIA PROGRAM HOST SYSTEM SPECIFICATION, dated Oct. 9, 1996, defines the proposed requirements for a host system element of the IBIP. The specifications are collectively referred to herein as the “IBIP Specifications”. The IBIP includes interfacing user (customer), postal and vendor infrastructures which are the system elements of the program.
The user infrastructure, which resides at the user's site, comprises a postage security device (PSD) coupled to a host system. The PSD is a secure processor-based accounting device that dispenses and accounts for postal value stored therein. The host system (Host) may be a personal computer (PC) or a meter-based host processor.
It is expected that once the IBIP is launched, the volume of meters will increase significantly when the PC-based meters are introduced. Such volume increase is expected in the small office and home office (SOHO) market.
The IBIP Specifications address and resolve issues which minimize if not eliminate USPS risks regarding security and fraud. However, the IBIP Specifications do not address all of the risks that will be assumed by meter users in the IBIP. There are more risks for meter users in the IBIP than in conventional metering systems because communications between the user infrastructure and the postal and vendor infrastructures contain much more user information than in such conventional metering systems.
Under conventional postage evidencing infrastructure, communications have been point to point, with limited, meter specific information transmitted to and from conventional meters. Under the IBIP, postage metering is evolving in a manner consistent with new communications technology, such as networked computer systems, internet, cellular communications and the like. Under the IBIP, communications between user infrastructure, i.e. the Host and PSD, and the IBIP infrastructure will include user confidential information, such as credit card numbers and addresses. It will be understood that communications over a network, the internet or a cellular system are more susceptible to interception and tampering by an attacker than conventional point to point communications that have heretofore been used with postage metering systems. An attacker could intercept user data as it is transmitted, masquerade as the user or gain sensitive user information. Therefore, the customer is at risk by using such new types of communications.
It is known to perform a mutual authentication of a vendor and user communications for the purpose of protecting vendor and user information. For example, Secure Sockets Layer (SSL), as proposed by Netscape Communications, is a proposed standard for the achieving such authentication. SSL, which is used on the internet and other communication systems, authenticates the vendor/server to the user and optionally the user to the vendor/server. However, SSL requires a trusted third party, such as a certificate authority, to certify the identity of the users and their associated keys.
SUMMARY OF THE INVENTION
The present invention provides a system and method for mutual authentication between the user and vendor which minimizes, if not eliminates, risk to both the vendor and the user, but which does not require a trusted third party. The present invention is suitable for use with non-point-to-point communication systems, such as networked, internet, cellular and the like.
It has been found that the expected volume of new PC-meters will require a new server, referred to herein as a meter server or SOHO server, that will interface with existing postage evidencing infrastructure. The SOHO server will handle all communications between the PC-meters and the infrastructure.
The present invention provides a method to mutually authenticate a meter server, which is also referred to herein as a SOHO server, and a PSD. In addition, through the use of a session key the present invention provides a method of insuring the privacy of data sent between the SOHO server and the PSD. Although such mutual authentication is not required or suggested in the proposed USPS specifications, it has been found that such mutual authentication minimizes the risks of the PC-meter users as well as the USPS.
In accordance with the present invention, the Host creates a unique session key. This session key is encrypted so only the SOHO server, as part of a new IBIP infrastructure, can decrypt it. Once the session key has been established, the PSD will send through the Host a signed audit response to the SOHO server. Once the session key has been established, the session key will be used to encrypt all communications between the two.
The present invention provides a method for establishing mutual authentication and secure communications between an microprocessor-based transaction evidencing device and a microprocessor-based server coupled thereto. A session key K
S
is generated at the transaction evidencing device and encrypted with a first key K
1
to form a first message. The first message is sent to the server and decrypted using a second key K
2
. In response to the first message a second message is generated at the server and encrypted using the session key K
S
. The encrypted second message is sent to the transaction evidencing device and decrypted using the session key K
S
. A response to the second message is generated at the transaction evidencing device and is signed using a third key K
3
. The signed response is encrypted with the session key K
S
and transmitted to the server. The encrypted signed response is decrypted using the session key K
S
and the signature is verified using a fourth key K
4
.
REFERENCES:
patent: 4578530 (1986-03-01), Zeidler
patent: 4649233 (1987-03-01), Bass et al.
patent: 4771461 (1988-09-01), Matyas
patent: 4916738 (1990-04-01), Chandra et al.
patent: 5048085 (1991-09-01), Abraham et al.
patent: 5535276 (1996-07-01), Ganesan
patent: 5602918 (1997-02-01), Chen et al.
patent: 5745574 (1998-04-01), Muftic
patent: 5745576 (1998-04-01), Abraham
patent: 5748735 (1998-05-01), Ganesan
patent: 5784463 (1998-07-01), Chen et al.
patent: 5796834 (1998-08-01), Whitney
patent: 5822739 (1998-10-01), Kara
patent: 5825880 (1998-10-01), Sudia
Bruce Schneier: “Applied Cryptography”, 2nd Ed., pp. 34-55, Oct. 18, 1995, John Wiley & Sons.
Ryan Jr. Frederick W.
Sisson Robert W.
Callahan Paul E.
Capelli Christopher J.
Melton Michael E.
Pitney Bowes Inc.
Swann Tod R
LandOfFree
System and method for mutual authentication and secure... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with System and method for mutual authentication and secure..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and System and method for mutual authentication and secure... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2612299