Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Particular communication authentication technique
Reexamination Certificate
1999-11-12
2002-03-19
Decady, Albert (Department: 2132)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Particular communication authentication technique
C713S175000, C713S176000, C713S180000, C713S194000, C380S029000, C380S030000, C380S052000, C380S259000
Reexamination Certificate
active
06360321
ABSTRACT:
FILED OF THE INVENTION
The present invention relates to secure computer system in general.
BACKGROUND OF THE INVENTION
The need for a secure computer system is well known. The need for secure computer systems falls into several categories. The need for secure capabilities which enable a computer to work in a secure environment, such as an electronic mail, remote banking, Internet, secure communications, telefax, or smart card environment is well known and falls into a first category of need. In a second category of need, it is well known that expensive computer CPU chips are often subject to theft. Unfortunately, individual expensive CPU chips can not easily be identified, and hence the recovery of stolen CPU chips is difficult. There is therefore a need to protect expensive CPU chips.
Methods and apparatus useful in secure computing are described in the following patent applications, commonly owned with the present application, the disclosures of which are hereby incorporated herein by reference:
Israel patent applications 113375 and 115534; and
U.S. patent applications 08/154220 and 08/437,223.
Methods and apparatus useful in secure computing are described in the following publications:
D. E. Denning and M. Smid, “Key escrowing today”, IEEE Communication Magazine, September 1994, pp. 58-68;
C. Gressel, R. Granot, and I. Dror, “International Cryptographic Communications Without Key Escrow”, International Cryptographic Institute '95, Washington D.C., Sep. 22, 1995;
R. L. Rivest, A. Shamir, and L. Adleman, “A method for obtaining digital signatures and public-key cryptosystems”, Communications of the ACM Vol. 21 #2, February 1978, pp. 120-126;
DES Modes of Operation, FIPS PUB 81, National Bureau of Standards, US Department of Commerce, Washington, D.C., 1981;
MC68HC05SC49, 8-bit microcomputer with EEPROM and N modulo M exponent coprocessor product preview, Motorola semiconductor technical data, Schaumburg Ill., 1993;
MC68HC05SC30, Enhanced 8-bit microcomputer with EEPROM and N modulo M exponent coprocessor product preview, Motorola semiconductor technical data, Schaumburg, Ill., 1993;
ST16×F74 CMOS crypto-computer family ST16×F74, SGS-Thomson Microelectronics, Agrate, Italy, October 1993;
ST16CF54 CMOS MCU based safeguarded smartcard IC with modular arithmetic processor, SGS-Thompson Microelectronics, Agrate, Italy, September 1994; and
Cryptoprocessor chip includes embedded cryptolibrary, SGS-Thompson Microelectronics, Agrate, Italy, press release K491M, October 1994.
The disclosure of the above publications and of the publications cited therein are hereby incorporated by reference. The disclosures of all publications mentioned in this specification and of the publications cited therein are hereby incorporated by reference.
SUMMARY OF THE INVENTION
The present invention seeks to provide an improved secure computer system. In the present invention, an authenticator computer is embedded in the same package with a host CPU. The embedded authenticator computer may provide secure capabilities such as those described above. The embedded authenticator computer may also provide identifying information including proof of identity. The identifying information may aid in preventing theft of the computer system and/or may aid in identification of a stolen computer system. Because the authenticator computer is embedded in the same package with the host CPU, removing the authenticator computer in order to circumvent the anti-theft capabilities thereof will generally be very difficult and/or too expensive to attempt.
There is thus provided in accordance with a preferred embodiment of the present invention a secure computer including a host CPU and an authenticator computer, wherein both the host CPU and the authenticator computer are embedded in a single package. The authenticator computer may have an identity and, and the authenticator computer may provide proof of the identity upon receiving an external signal from a verifying device. The proof of the identity may include origin information and/or an audit trail.
The secure computer may also include a smart card receiver, which may comprise a reader/writer card, including at least one smart card acceptor socket, each smart card acceptor socket being adapted to receive a smart card, wherein the authenticator verifies the smart card. The at least one smart card acceptor socket may include a plurality of smart card acceptor sockets.
The authenticator may control access to a controlled device. The authenticator provides data protection, including data encryption and/or data decryption. The data protection may include providing and/or verifying a digital signature.
The authenticator may protect data transmission between the secure computer and a remote device, optionally using approved protocols for transnational encryption, as well as approved protocols for authentication origin and contents of documents using an electronic signature.
There is also provided in accordance with another preferred embodiment of the present invention a method for securing a host computer, the method including providing a host CPU, providing an authenticator computer, and embedding both the host CPU and the authenticator computer in a single package.
REFERENCES:
patent: 5200999 (1993-04-01), Matyas et al.
patent: 5265164 (1993-11-01), Matyas et al.
patent: 5513133 (1996-04-01), Gressel et al.
patent: 5535276 (1996-07-01), Ganesan
patent: 5546463 (1996-08-01), Caputo et al.
patent: 5655090 (1997-08-01), Weingart
patent: 5664017 (1997-09-01), Gressel et al.
patent: 5787174 (1998-07-01), Tuttle
patent: 5949881 (1999-09-01), Davis
patent: 0 893 751 (1999-01-01), None
patent: 96/00953 (1996-01-01), None
D.E. Denning and M. Smid “Key Escrowing Today”, IEEE Communication Magazine Sep. 1994, pp. 58-68.
C. Gressel, R. Granot and I Dror, “International Cryptrographic Communication UT Key Escrow”, International Cryptographic Institute 95, Washington D.C., Sep. 22, 1995.
R.A. Rivest, A. Shamir, and I. Adelman, “A Method for Obtaining Digital Signatures and Public-Key Cryptosystems”, Communications Of The ACM vol. 21, #2, Feb. 1978, pp. 120-126.
Granot Ran
Gressel Carmi David
Callahan Paul E.
De'cady Albert
M-Systems Flash Disk Pioneers Ltd.
Sidley Austin Brown & Wood LLP
LandOfFree
Secure computer system does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Secure computer system, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Secure computer system will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2863734