CA1340092C - Method and means for combining and managing personal verification and message authentication encryptions for network - Google Patents
Method and means for combining and managing personal verification and message authentication encryptions for networkInfo
- Publication number
- CA1340092C CA1340092C CA 545127 CA545127A CA1340092C CA 1340092 C CA1340092 C CA 1340092C CA 545127 CA545127 CA 545127 CA 545127 A CA545127 A CA 545127A CA 1340092 C CA1340092 C CA 1340092C
- Authority
- CA
- Canada
- Prior art keywords
- location
- message
- authentication code
- message authentication
- user
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Landscapes
- Storage Device Security (AREA)
Abstract
The method and means of transmitting a user's transaction message to a destination node in a computer-secured network operates on the message, and a sequence number that is unique to the transaction message to form a message authentication code in combination with the user's personal identification number. The message authentication code is encrypted with a generated random number and a single session encryption key which also encrypts the user's personal identification number. An intermediate node may receive the encryptions to reproduce the personal identification number that is then used to encrypt the received message and sequence number to produce the random number and a message authentication code for comparison with a decrypted message authentication code. Upon favorable comparison, the random number and the message authentication code are encrypted with a second session encryption key to produce an output code that is transmitted to the destination node along with an encrypted personal identification number. There, the received encryptions are decrypted using the second session key to provide the personal identification number for use in encrypting the message and sequence number to produce a message authentication code for comparison with a decrypted message authentication code. Upon favorable comparison, the transaction is completed and a selected portion of the decrypted random number is returned to the originating node for comparison with the corresponding portion of the random number that was generated there. Upon unfavorable comparison at the destination node or at an intermediate node, a different portion of the decrypted random number is returned to the originating node for comparison with the corresponding portion of the random number that was generated there. The comparisons at the originating node provide an unambiguous indication of the completion or non-completion of the transaction at the destination node.
Description
13400~2 METHOD AND MEANS FOR COMBINING AND MANAGING
PERSONAL VERIFICATION AND MESSAGE AUTHENTICATION
ENCRYPTIONS FOR NETWORK TRANSMISSION
Related Cases The subject matter of this application is related to the sub~ect matter disclosed in U.S. Patents 4,268,715;
4,281,215; 4,283,599; 4,288,659; 4,315,101; 4,357,529; and 4,536,647.
Background of the Invention Conventional data encryption networks commonly encrypt a ~ersonal Identification Number with a particular encryption key for transmission along with data messages, sequence numbers, and the like, from one location node in the data network to the next location or node in the network. There, the encrypted PIN is decrypted using the encryption key, and re-encrypted with another encryption key for transmission to the next node in the network, and so on to the final node destination in the network.
In addition, such conventional data encryption networks also develop a Message Authentication Codes in various A ~
: ways, and then encrypt such MAC for transmission to the next node using a MAC-encryption key that i~ different from the encryption key used to encrypt the PI~. At ~uch next node, the MAC ifi decrypted w ing the MAC en¢ryption key and then re-encrypted u6ing a new MAC-encryption key for transmission to the next node, and so on to the final de~tination node in the network.
Further, such ~ol.v~l.tionai networks operate upon the PIN, MAC, data message, sequence number, and the like, received and decrypted at the final destination node to consummate a transaction, or not, and then communicate an ACKnowledgment or Non-ACKnowledgment me~sage back to the origin-ting node of the network. Such ACR or NACK code~ may be encrypted and decrypted in the course of transmission node by node through the network back to the originating node to provide an indication there of the status of the intended transaction at the final destination node.
Conve.~tional data encryption networks of thi~ type are impe~eA from handling greater volumes of messages from end to end by the requirement for ~eparately encrypting and decrypting the PlN and MAC code~ at each n~de using different encryption/decryption keys for each, and by the r-quirement for encrypting/decryptinq at least-th~ ACK code at each node along the return path in the network.
In addit~on, ~uch conventional data encryption networks are susceptible to unauthorized intru~ion and compromise of the ~ecurity and me~sage authenticity from node ~o node because of the ~eparated PIN and ~AC ~ 2 encryption/decryption technigue~ involved. For example, the encrypted PIN is w lnerable to being "~tripped" away from the a6sociated MAC, mes6age, sequence number, and the like, and to being appe~Aed to a different MAC, message, sequence number, and the like, for faithful tran~mi~sion over the network.
Further, the return acknowledgment code may b- intercepted and readily rG~ L~ed to a non-acknowledgment code or ~imply be altered in transmi~sion after the transaction ~as completed at the destination node. Such a return code condition could, for example, cause the user to 6uffer the debiting of his account and, at the same time, the denial of completion of a credit purchase at point-of-sale terminal or other originating node.
Summary of the Invention Accordingly, the method and means for integrating the encryption keys as~ociated with the PIN and MAC codes according to the pre6ent invention as6ure that these code~ are suffici-ntly interrelated and that alteration of one such code will adversely affect the other such code and inhibit message authentication in the network. In addltion, the return acknowl-dgment or non-ac~nowledgment code may be securely returne~ from node to node in the networ~ without t~e n-ed for encryption and d~cL~y-ion at each node, and w~ll still be 6ecurely available for proper validation a~ received at the originating node. This is accompli~hed according to the present invention by using one ses~ion key to encrypt the PIN
.
.hl~ ~.
along with the MAC, a random number, the message, and the sequence number which are also encrypted with the PIN such that re-encryption thereof in the transmission from location to location, or node to node over a network is greatly facilitated and validatable at each node, if desired. In addition, portions of the random number are selected for use as the Acknowledgment or Non-Acknowledgment return codes which can be securely returned and which can then only be used once to unambiguously validate the returned code only at the originating node in the network.
Various aspects of this invention are as follows:
The method of securing transaction data between two locations in response to a user's message and personal identification number, the method comprising:
forming a sequence number representative of the user's transaction;
encoding in a first logical combination at the first location the user's message and the sequence number in accordance with the personal identification number received from the user to produce a message authentication code having a plural number of digit sectors;
generating a random number;
establishing a first encoding key; encoding in o /~ ~
a second logical combination at the first location the random number and a selected number of sectors of the message authentication code in accordance with the first encryption key to produce a first coded output;
encoding in a third logical combination at the first location the user's personal identification number in accordance with the first encoding key to produce a second coded output;
transmitting to another location the user's message and the sequence number and the first and second coded outputs;
establishing the first encoding key at such other location;
decoding the first coded output received at such other location with the first encoding key according to said second logical combination thereof to provide the random number and message authentication code;
decoding the second coded output received at such other location with the first encoding key according to said third logical combination to provide the user's personal identification number;
encoding in the first logical combination at such other location the user's message and sequence number received thereat in accordance with the decoded 4a personal identification number to produce a message authentication code having a plural number of digit sectors; and comparing selected corresponding digit sectors of the decoded message authentication code and the encoded message authentication code to provide an indication upon favorable comparison of the valid transmission of the user's message between the two locations.
Apparatus for securing transaction data between two locations in response to a user's message and personal identification number, the apparatus comprising:
means for generating a sequence number associated with a user's transaction;
means for generating a random number;
first encryption means at one location for encrypting according to a first logical combination of the user's message and the sequence number applied thereto with the personal identification number received from the user for producing a message authentication code therefrom having a plural number of digit sectors;
means at said one location for producing a first session key;
second encryption means coupled to receive the random number from the user and a selected sector of the A~.
Q ~ 2 message authentication code for encrypting the same with the first session key according to a second logical combination thereof to produce a first encoded output;
third encryption means coupled to receive the personal identification number from the user for encrypting the same with the first session key according to a third logical combination thereof to produce a second encoded output;
means for transmitting the first and second encoded outputs and message and sequence number from the one location to the next location;
means at the next location for producing the first session key;
first decryption means at the next location coupled to receive the transmitted first encoded output and the first session key for decrypting in accordance with said second logical combination to provide the random number and the message authentication code;
second decryption means at the next location coupled to receive the transmitted second encoded output and the first session key for decrypting in accordance with the third logical combination thereof to produce the user's personal identification number;
third encryption means at the next location coupled to receive the transmitted message and sequence number for encoding the same according to said first logical combination with the decrypted personal 4c ~ "~ .., - ~,s~
identification number to produce a message authentication code having a plural number of digit sectors;
comparison means at the next location coupled to receive the corresponding selected sectors of the decrypted message authentication code and of the encrypted message authentication code for producing an output indication of the parity thereof; and means at the next location responsive to said output indication for operating upon the received Description of the Drawings Figure 1 is a graphic representation of a typical conventional encryption scheme which operates with two independent session keys;
Figure 2 is a schematic representation of a second network according to the present invention; and Figure 3 is a graphic representation of the signal processing involved in the operation of the network of Figure 2.
Description of the Preferred Embodi,ment Referring now to Figure 1, there is shown a graphic representation of the encoding scheme commonly used to produce the PIN and MAC codes using two session keys for transmission 4d 6eparately to the next network node As illustrated, one 1~ 0,~7 ses6ion key 5 may be used to encrypt the PIN ent-red 7 by a user (plu6 a block of filler bit~ such a6 the account number, as de6ired) in a col~o~ional encryption module 9 which may operate according to th- Data Encryption ~tandard (DES) e6tablished by the American National 8tandard6 Institute ~ANSI) to produce the encrypted PIN fiignal 11 (commonly referred to a6 the PI~ block" according to AN8I 6tandard 9 3) for transmission to the next network node In addition, the me~sag~ or transaction data which is entered 13 by the user and which is to be transmitted to another node, i6 combined with a ~equence number 15 that may compri6e the date, time, ~tation code, and the like, for encryption by a DE6 encryption module 17 with another ession key 19 to produce a Me6~age Authentication Code (MAC) 21 for that message and sequenc- number The MAC may compri~e only a selected number of ~ignificant bit6 of th-encrypted code The mes~age and MAC ~re separately transmitted to the next node along with the encrypted PIN, and the~e code6 are separately decrypted with the r-spective ~ession key~ and then re-encrypted with new s-parate ses~ion keys for transmission to the next networ~ no~e, and so on, to the destination no~- CG,.~tion-l PIN validation at the destination no~ , and me~age autheaticatlon proceduree may be p-rformed on the rec-ived, encrypte~ PIN and MAC, (not illu6trated) and the message i6 then acted upon to com~lete a transaction if the PIN is valid and the MAC i6 unaltered A
return ACRnowledgment (or Non-~Ç~nowledgment) code may be encrypted and returned to the next node in the network over the ~ . . .
return path to the originating node At each node in the 1 ~ 4~o q,?
return path, the AC~ code is commonly decrypted and re-encrypted for transmis6ion to the next node in the return path, and so on tnot illustrated), to the originating node where receipt of the ACK is an indication that the transaction was completed at the destination node Conventional systems with operating characteristics similar to those dewribed above are more fully described, for exa~ple, in U ~ Patent ~,283,599 One disadvantage associated with such cG ~2ntional systems is the need to encrypt and decrypt at each node using two separate session keys Another disadvantage is that such conventional systems are vulnerable to unauthorized manipulation at a network node by which the message and MAC may be "stripped away" from the encrypt-d PIN associated with such message and replaced with a new mes~age and MAC for transmission with the same encrypte~ PIN to the next network node Further, the acknowledgement code that is to be returned to the originating node not only mu~t be decrypted and re-encrypted at each node along the return path, but the return of an acknowledgment code that is altered along the return path may connot- non-~cknowledgment or non-compl-tion of the intended transaction at the destination nod- Thi6 condition can result in th~ account of the user being deblted (the PIN
and MAC were valid and authentic as received at the destination node), but the u~er being denied co~plet~on of a credit transaction (e g , transfer of goods) at the originating node Referring now to Figur-6 2 and 3, there are ~hown ~ 2 schematic and graphic represent~tions, resp-ctively, of network operations according to the present invention 8pecifically, there is shown a sy6tem for tran6mitting a mes~age over a network 29 from an originating node 31 to a destination node 33 via an intermediate node 35 At the originating node 31, an authorized user enters hi6 PIN 37 of arbitrary bit length with the aid of a key board, or card reader, or the li~e, and the entered PIN i~ then filled or blocked 39 with additional data bits (~uch a6 the user'6 account number in accordunce with ANSI
6tandard 9 3) to configure a PIN of standard bit length In addition, the transaction data or message ~1 enter d through a keyboard, or the li~e, by the u6er i6 combined with a 6eguence number ~3 which is generated to include date, time of day, and the like The combined me6~age and 6equence number i8 encrypted ~5 with the PIN (or blocked PIN) in a conv~ tional DES module to produce a multi-bit encrypted output having selected field~ of bits, one field of which 51 ~erves as the Message Authentication Code (MAC) Other ~chemes may al~o be u~-d to produce a MAC, provided the PIN (or block-d PIN) i~ used a~ the encryption key, and the re~ulting MAC, typically of 6~-bit length, may be segregated into several sectors or field~ Sl A random number (R/N) is generated 52 bq conventional m an~ and i8 ~egreg~ted into several ~ector~ or fields 5~, S6, 58 The first ~ec~or or field 5~ of, 6ay 32-bit~ length, i6 then encrypted with the selected MAC field 53 in a con~entional DE8 encryption module 55 (or in DES module 45 in time ~hare operation~ using the session key K1, as the encryption key 50.
In addition, the PIN (or blocked PIN) 39 is encrypted in DES
encryption module 60 (or in DES module 45 in time share operation) using the session key K1 as the encryption key 50.
5 The session key 50 may be transmitted to successive nodes 35, 33 in secured manner, for example, as disclosed in U.S.
Patent 4,288,659. The resulting encrypted output codes 62, 64 are then transmitted along with sequence number 43 and the message 41 (in clear or cypher text) over the network 29 to the next node 35 in the path toward the destination node 33.
Thus, only a single session key K1 is used to encrypt the requisite data for transmission over the network, and the residual sectors or fields 56, 58 of the random number from generator 52 remain available to ver:ify successful completion 15 of the transaction at the destination node 33, as later described herein.
At the intermediate node 35, the encrypted PIN 64 received from the originating node 31 is decrypted in conventional DE5 module 70 using the session key K1 to produce 20 the blocked PIN 63. In addition, the encrypted MAC and R/N
68 received from the originating node is decrypted in conventional DE5 module 61 (or in DES module 70 operating in timeshare relationship) using session key Kl to produce the MAC and the R/N in segregated fields. An initial validation 25 may be performed by encrypting the received message 41 and sequence number 43 in conventional DES module 67 using the decrypted PIN 63 as the encryption key. Of course, the original PIN as entered by the user may be extracted from the decrypted, - 1 3 ~
blocked PIN 63 to use as the encryption ~ey in module 67 if the corrG~o~ding seheme was used in node 31 (It should be understood th~t the PIN or bloc~ed PIN does not appear in clear text outside of such d6~ Lion or encryption modules 70, 67 (or 69, later described herein), and that these modules may be the ~ame DES ~odule operated in time-shared relationship ) The ~ncrypted output of module 67 includes several sectors, or flelas, similar to tho~e previously describea in ~o~n~ction with the encrypted output of module ~5 The selected sector 53 of signif icant bits that con~titutes the MAC
is selected for comparison with the MAC 65 that i~ decrypted in DES module 61 This decryption also provides the R/N having several selected sectors or fields 72 If the comparison of the decrypted and encrypted MAC's in comparator 74 is favorable, gate 76 is enabled and the decrypted MAC and R/N are encrypted in co~ventional DES module 69 using new session key R2 as the encryption key, and gate 88 is enabled to encrypt the decrypted PIN in DES module 78 (or in DES module 67 or 69 in time share operating) If comparison is unfavorable, the transaction may be aborted and the gate 80 is enabled to transmit back to the originating node 31 the sector or field 58 of the R/N which constitutes the Non ACKnowledge sector of the decrypted R/N output of module 61 The encrypted PIN output 82 of module 78 and the encrypted MAC and R/N output 84 of the module 69 are thus transmitted ~long with the ~essage 41 and sequence number 43 ov~r the networ~ 29 to the destination node 35 upon favorable comparison 7~ of the encrypted and decrypted MACs .
7l At the destination node 33, the encrypted PIN output 86 received from the intermediate node 35 is decrypted in lf~ })~ 7 conventional DES module 71 using the session key R2 to '' '' produce the PIN 73. An initial validatio~ may be performed by S encrypting the received message 41 and seguence number ~3 in conventional DES module 77, using the decrypted PIN 73 as the encryption key. As was described in connection with the intermediate node 35, the original PIN as entered by the user may be ~xtracted from the decrypt~d, blocked PIN 73 to use as the encryption Key in module 77 if the corresponding Fcheme was used in node 31. And, it should be understood that the PIN or blocked PIN does not appear in clear text outside of the decryption or encryption modules 71, 77, which modules may be the same DES module operated in time-shared relationship. In addition, the encrypted MAC and R~N received at the destination node 33 is decrypted in DES module 92 using the session key K2 to produce the MAC 75 and the R/N 94 in segregated sectors or fields. The selected sector 53 of significant bits that constitutes the MAC in the encrypted output of module 77 is compared 79 for parity with the decrypted MAC 75. If comparison is favorable, the tran~action may be completed in response to the message ~1, and gate 81 may be enabled to transmit 29 back to the intermediate node 35 a second selected sector or field 56 which constitutes the ACRnowledge output sector of the R/N decrypted ou~ from module 92. If comparison 79 is unfavorable, the transaction is not completed and gate 83 is enabled to transmit 29 back to the ~3~9~
intermediate node 35 a third selected sector or field 58 which constitutes the Non-ACKnowledge sector of the R/N
decrypted output from module 92.
In accordance with one aspect of the present invention, 5 the returned ACK or NACK codes do not require decryption and re-encryption when transmitted from node to node along the return path in the network back to the originating node 31.
Instead, these codes are already in encoded form and may be transmitted directly from node to node without encumbering a node with additional operational overhead. These codes are therefore secured in transmission over the network and are only cypherable in the originating node 31 which contains the ACK and NACK fields or sectors 56 and 58 of the random number from generator 52. At the originating node 31, the second 15 and third sectors or fields 56 and 58 of the random number are compared 98 with the corresponding sectors of decrypted R/N outputs received from the destination node 33 (or the sector 58 of the decrypted R/N output received from intermediate node 35) to provide an indication at the 20 originating node that the transaction was either completed 89 or aborted 91. Of course, the ACK and NACK may be encrypted as a network option when returned to the originating node 31.
And, it should be understood that the encryption and decryption modules at each node may be the same conventional DES module operated in timeshare relationship.
Therefore, the system and method of combining the management of PIN and MAC codes and the session keys associated ~f~ ?
therewith from node to node along a data communication network obviates the conventional need for 6eparate s-s~ion keys for the PIN and the MAC, and al~o obviates the n-ed for co,.ve..~ional en¢ryption/decryption schemes for an acknowledgment code at each node along the return path back to the originating node. If desired, PIN validation~ may be performed at each node 6ince the PIN i~ available within the DE8 module circuitry. In addition; th- present sy~tem and method al80 reduces the vulnerabilitr of a secure~d tran~mission system to unauthorized ~eparation of a valid PIN co~e from its 1~ associated mess~ge and MAC code for unauthorized attach~ent to a different mes~age and MAC code. Further, the method and means of the pre~ent invention reduc-s the ambiguity as~ociated with the return or not of only an acknowledgment code in conventional sy~tem~ by returning either one of the ACK and NACK codes without additional operational overhead at each node.
PERSONAL VERIFICATION AND MESSAGE AUTHENTICATION
ENCRYPTIONS FOR NETWORK TRANSMISSION
Related Cases The subject matter of this application is related to the sub~ect matter disclosed in U.S. Patents 4,268,715;
4,281,215; 4,283,599; 4,288,659; 4,315,101; 4,357,529; and 4,536,647.
Background of the Invention Conventional data encryption networks commonly encrypt a ~ersonal Identification Number with a particular encryption key for transmission along with data messages, sequence numbers, and the like, from one location node in the data network to the next location or node in the network. There, the encrypted PIN is decrypted using the encryption key, and re-encrypted with another encryption key for transmission to the next node in the network, and so on to the final node destination in the network.
In addition, such conventional data encryption networks also develop a Message Authentication Codes in various A ~
: ways, and then encrypt such MAC for transmission to the next node using a MAC-encryption key that i~ different from the encryption key used to encrypt the PI~. At ~uch next node, the MAC ifi decrypted w ing the MAC en¢ryption key and then re-encrypted u6ing a new MAC-encryption key for transmission to the next node, and so on to the final de~tination node in the network.
Further, such ~ol.v~l.tionai networks operate upon the PIN, MAC, data message, sequence number, and the like, received and decrypted at the final destination node to consummate a transaction, or not, and then communicate an ACKnowledgment or Non-ACKnowledgment me~sage back to the origin-ting node of the network. Such ACR or NACK code~ may be encrypted and decrypted in the course of transmission node by node through the network back to the originating node to provide an indication there of the status of the intended transaction at the final destination node.
Conve.~tional data encryption networks of thi~ type are impe~eA from handling greater volumes of messages from end to end by the requirement for ~eparately encrypting and decrypting the PlN and MAC code~ at each n~de using different encryption/decryption keys for each, and by the r-quirement for encrypting/decryptinq at least-th~ ACK code at each node along the return path in the network.
In addit~on, ~uch conventional data encryption networks are susceptible to unauthorized intru~ion and compromise of the ~ecurity and me~sage authenticity from node ~o node because of the ~eparated PIN and ~AC ~ 2 encryption/decryption technigue~ involved. For example, the encrypted PIN is w lnerable to being "~tripped" away from the a6sociated MAC, mes6age, sequence number, and the like, and to being appe~Aed to a different MAC, message, sequence number, and the like, for faithful tran~mi~sion over the network.
Further, the return acknowledgment code may b- intercepted and readily rG~ L~ed to a non-acknowledgment code or ~imply be altered in transmi~sion after the transaction ~as completed at the destination node. Such a return code condition could, for example, cause the user to 6uffer the debiting of his account and, at the same time, the denial of completion of a credit purchase at point-of-sale terminal or other originating node.
Summary of the Invention Accordingly, the method and means for integrating the encryption keys as~ociated with the PIN and MAC codes according to the pre6ent invention as6ure that these code~ are suffici-ntly interrelated and that alteration of one such code will adversely affect the other such code and inhibit message authentication in the network. In addltion, the return acknowl-dgment or non-ac~nowledgment code may be securely returne~ from node to node in the networ~ without t~e n-ed for encryption and d~cL~y-ion at each node, and w~ll still be 6ecurely available for proper validation a~ received at the originating node. This is accompli~hed according to the present invention by using one ses~ion key to encrypt the PIN
.
.hl~ ~.
along with the MAC, a random number, the message, and the sequence number which are also encrypted with the PIN such that re-encryption thereof in the transmission from location to location, or node to node over a network is greatly facilitated and validatable at each node, if desired. In addition, portions of the random number are selected for use as the Acknowledgment or Non-Acknowledgment return codes which can be securely returned and which can then only be used once to unambiguously validate the returned code only at the originating node in the network.
Various aspects of this invention are as follows:
The method of securing transaction data between two locations in response to a user's message and personal identification number, the method comprising:
forming a sequence number representative of the user's transaction;
encoding in a first logical combination at the first location the user's message and the sequence number in accordance with the personal identification number received from the user to produce a message authentication code having a plural number of digit sectors;
generating a random number;
establishing a first encoding key; encoding in o /~ ~
a second logical combination at the first location the random number and a selected number of sectors of the message authentication code in accordance with the first encryption key to produce a first coded output;
encoding in a third logical combination at the first location the user's personal identification number in accordance with the first encoding key to produce a second coded output;
transmitting to another location the user's message and the sequence number and the first and second coded outputs;
establishing the first encoding key at such other location;
decoding the first coded output received at such other location with the first encoding key according to said second logical combination thereof to provide the random number and message authentication code;
decoding the second coded output received at such other location with the first encoding key according to said third logical combination to provide the user's personal identification number;
encoding in the first logical combination at such other location the user's message and sequence number received thereat in accordance with the decoded 4a personal identification number to produce a message authentication code having a plural number of digit sectors; and comparing selected corresponding digit sectors of the decoded message authentication code and the encoded message authentication code to provide an indication upon favorable comparison of the valid transmission of the user's message between the two locations.
Apparatus for securing transaction data between two locations in response to a user's message and personal identification number, the apparatus comprising:
means for generating a sequence number associated with a user's transaction;
means for generating a random number;
first encryption means at one location for encrypting according to a first logical combination of the user's message and the sequence number applied thereto with the personal identification number received from the user for producing a message authentication code therefrom having a plural number of digit sectors;
means at said one location for producing a first session key;
second encryption means coupled to receive the random number from the user and a selected sector of the A~.
Q ~ 2 message authentication code for encrypting the same with the first session key according to a second logical combination thereof to produce a first encoded output;
third encryption means coupled to receive the personal identification number from the user for encrypting the same with the first session key according to a third logical combination thereof to produce a second encoded output;
means for transmitting the first and second encoded outputs and message and sequence number from the one location to the next location;
means at the next location for producing the first session key;
first decryption means at the next location coupled to receive the transmitted first encoded output and the first session key for decrypting in accordance with said second logical combination to provide the random number and the message authentication code;
second decryption means at the next location coupled to receive the transmitted second encoded output and the first session key for decrypting in accordance with the third logical combination thereof to produce the user's personal identification number;
third encryption means at the next location coupled to receive the transmitted message and sequence number for encoding the same according to said first logical combination with the decrypted personal 4c ~ "~ .., - ~,s~
identification number to produce a message authentication code having a plural number of digit sectors;
comparison means at the next location coupled to receive the corresponding selected sectors of the decrypted message authentication code and of the encrypted message authentication code for producing an output indication of the parity thereof; and means at the next location responsive to said output indication for operating upon the received Description of the Drawings Figure 1 is a graphic representation of a typical conventional encryption scheme which operates with two independent session keys;
Figure 2 is a schematic representation of a second network according to the present invention; and Figure 3 is a graphic representation of the signal processing involved in the operation of the network of Figure 2.
Description of the Preferred Embodi,ment Referring now to Figure 1, there is shown a graphic representation of the encoding scheme commonly used to produce the PIN and MAC codes using two session keys for transmission 4d 6eparately to the next network node As illustrated, one 1~ 0,~7 ses6ion key 5 may be used to encrypt the PIN ent-red 7 by a user (plu6 a block of filler bit~ such a6 the account number, as de6ired) in a col~o~ional encryption module 9 which may operate according to th- Data Encryption ~tandard (DES) e6tablished by the American National 8tandard6 Institute ~ANSI) to produce the encrypted PIN fiignal 11 (commonly referred to a6 the PI~ block" according to AN8I 6tandard 9 3) for transmission to the next network node In addition, the me~sag~ or transaction data which is entered 13 by the user and which is to be transmitted to another node, i6 combined with a ~equence number 15 that may compri6e the date, time, ~tation code, and the like, for encryption by a DE6 encryption module 17 with another ession key 19 to produce a Me6~age Authentication Code (MAC) 21 for that message and sequenc- number The MAC may compri~e only a selected number of ~ignificant bit6 of th-encrypted code The mes~age and MAC ~re separately transmitted to the next node along with the encrypted PIN, and the~e code6 are separately decrypted with the r-spective ~ession key~ and then re-encrypted with new s-parate ses~ion keys for transmission to the next networ~ no~e, and so on, to the destination no~- CG,.~tion-l PIN validation at the destination no~ , and me~age autheaticatlon proceduree may be p-rformed on the rec-ived, encrypte~ PIN and MAC, (not illu6trated) and the message i6 then acted upon to com~lete a transaction if the PIN is valid and the MAC i6 unaltered A
return ACRnowledgment (or Non-~Ç~nowledgment) code may be encrypted and returned to the next node in the network over the ~ . . .
return path to the originating node At each node in the 1 ~ 4~o q,?
return path, the AC~ code is commonly decrypted and re-encrypted for transmis6ion to the next node in the return path, and so on tnot illustrated), to the originating node where receipt of the ACK is an indication that the transaction was completed at the destination node Conventional systems with operating characteristics similar to those dewribed above are more fully described, for exa~ple, in U ~ Patent ~,283,599 One disadvantage associated with such cG ~2ntional systems is the need to encrypt and decrypt at each node using two separate session keys Another disadvantage is that such conventional systems are vulnerable to unauthorized manipulation at a network node by which the message and MAC may be "stripped away" from the encrypt-d PIN associated with such message and replaced with a new mes~age and MAC for transmission with the same encrypte~ PIN to the next network node Further, the acknowledgement code that is to be returned to the originating node not only mu~t be decrypted and re-encrypted at each node along the return path, but the return of an acknowledgment code that is altered along the return path may connot- non-~cknowledgment or non-compl-tion of the intended transaction at the destination nod- Thi6 condition can result in th~ account of the user being deblted (the PIN
and MAC were valid and authentic as received at the destination node), but the u~er being denied co~plet~on of a credit transaction (e g , transfer of goods) at the originating node Referring now to Figur-6 2 and 3, there are ~hown ~ 2 schematic and graphic represent~tions, resp-ctively, of network operations according to the present invention 8pecifically, there is shown a sy6tem for tran6mitting a mes~age over a network 29 from an originating node 31 to a destination node 33 via an intermediate node 35 At the originating node 31, an authorized user enters hi6 PIN 37 of arbitrary bit length with the aid of a key board, or card reader, or the li~e, and the entered PIN i~ then filled or blocked 39 with additional data bits (~uch a6 the user'6 account number in accordunce with ANSI
6tandard 9 3) to configure a PIN of standard bit length In addition, the transaction data or message ~1 enter d through a keyboard, or the li~e, by the u6er i6 combined with a 6eguence number ~3 which is generated to include date, time of day, and the like The combined me6~age and 6equence number i8 encrypted ~5 with the PIN (or blocked PIN) in a conv~ tional DES module to produce a multi-bit encrypted output having selected field~ of bits, one field of which 51 ~erves as the Message Authentication Code (MAC) Other ~chemes may al~o be u~-d to produce a MAC, provided the PIN (or block-d PIN) i~ used a~ the encryption key, and the re~ulting MAC, typically of 6~-bit length, may be segregated into several sectors or field~ Sl A random number (R/N) is generated 52 bq conventional m an~ and i8 ~egreg~ted into several ~ector~ or fields 5~, S6, 58 The first ~ec~or or field 5~ of, 6ay 32-bit~ length, i6 then encrypted with the selected MAC field 53 in a con~entional DE8 encryption module 55 (or in DES module 45 in time ~hare operation~ using the session key K1, as the encryption key 50.
In addition, the PIN (or blocked PIN) 39 is encrypted in DES
encryption module 60 (or in DES module 45 in time share operation) using the session key K1 as the encryption key 50.
5 The session key 50 may be transmitted to successive nodes 35, 33 in secured manner, for example, as disclosed in U.S.
Patent 4,288,659. The resulting encrypted output codes 62, 64 are then transmitted along with sequence number 43 and the message 41 (in clear or cypher text) over the network 29 to the next node 35 in the path toward the destination node 33.
Thus, only a single session key K1 is used to encrypt the requisite data for transmission over the network, and the residual sectors or fields 56, 58 of the random number from generator 52 remain available to ver:ify successful completion 15 of the transaction at the destination node 33, as later described herein.
At the intermediate node 35, the encrypted PIN 64 received from the originating node 31 is decrypted in conventional DE5 module 70 using the session key K1 to produce 20 the blocked PIN 63. In addition, the encrypted MAC and R/N
68 received from the originating node is decrypted in conventional DE5 module 61 (or in DES module 70 operating in timeshare relationship) using session key Kl to produce the MAC and the R/N in segregated fields. An initial validation 25 may be performed by encrypting the received message 41 and sequence number 43 in conventional DES module 67 using the decrypted PIN 63 as the encryption key. Of course, the original PIN as entered by the user may be extracted from the decrypted, - 1 3 ~
blocked PIN 63 to use as the encryption ~ey in module 67 if the corrG~o~ding seheme was used in node 31 (It should be understood th~t the PIN or bloc~ed PIN does not appear in clear text outside of such d6~ Lion or encryption modules 70, 67 (or 69, later described herein), and that these modules may be the ~ame DES ~odule operated in time-shared relationship ) The ~ncrypted output of module 67 includes several sectors, or flelas, similar to tho~e previously describea in ~o~n~ction with the encrypted output of module ~5 The selected sector 53 of signif icant bits that con~titutes the MAC
is selected for comparison with the MAC 65 that i~ decrypted in DES module 61 This decryption also provides the R/N having several selected sectors or fields 72 If the comparison of the decrypted and encrypted MAC's in comparator 74 is favorable, gate 76 is enabled and the decrypted MAC and R/N are encrypted in co~ventional DES module 69 using new session key R2 as the encryption key, and gate 88 is enabled to encrypt the decrypted PIN in DES module 78 (or in DES module 67 or 69 in time share operating) If comparison is unfavorable, the transaction may be aborted and the gate 80 is enabled to transmit back to the originating node 31 the sector or field 58 of the R/N which constitutes the Non ACKnowledge sector of the decrypted R/N output of module 61 The encrypted PIN output 82 of module 78 and the encrypted MAC and R/N output 84 of the module 69 are thus transmitted ~long with the ~essage 41 and sequence number 43 ov~r the networ~ 29 to the destination node 35 upon favorable comparison 7~ of the encrypted and decrypted MACs .
7l At the destination node 33, the encrypted PIN output 86 received from the intermediate node 35 is decrypted in lf~ })~ 7 conventional DES module 71 using the session key R2 to '' '' produce the PIN 73. An initial validatio~ may be performed by S encrypting the received message 41 and seguence number ~3 in conventional DES module 77, using the decrypted PIN 73 as the encryption key. As was described in connection with the intermediate node 35, the original PIN as entered by the user may be ~xtracted from the decrypt~d, blocked PIN 73 to use as the encryption Key in module 77 if the corresponding Fcheme was used in node 31. And, it should be understood that the PIN or blocked PIN does not appear in clear text outside of the decryption or encryption modules 71, 77, which modules may be the same DES module operated in time-shared relationship. In addition, the encrypted MAC and R~N received at the destination node 33 is decrypted in DES module 92 using the session key K2 to produce the MAC 75 and the R/N 94 in segregated sectors or fields. The selected sector 53 of significant bits that constitutes the MAC in the encrypted output of module 77 is compared 79 for parity with the decrypted MAC 75. If comparison is favorable, the tran~action may be completed in response to the message ~1, and gate 81 may be enabled to transmit 29 back to the intermediate node 35 a second selected sector or field 56 which constitutes the ACRnowledge output sector of the R/N decrypted ou~ from module 92. If comparison 79 is unfavorable, the transaction is not completed and gate 83 is enabled to transmit 29 back to the ~3~9~
intermediate node 35 a third selected sector or field 58 which constitutes the Non-ACKnowledge sector of the R/N
decrypted output from module 92.
In accordance with one aspect of the present invention, 5 the returned ACK or NACK codes do not require decryption and re-encryption when transmitted from node to node along the return path in the network back to the originating node 31.
Instead, these codes are already in encoded form and may be transmitted directly from node to node without encumbering a node with additional operational overhead. These codes are therefore secured in transmission over the network and are only cypherable in the originating node 31 which contains the ACK and NACK fields or sectors 56 and 58 of the random number from generator 52. At the originating node 31, the second 15 and third sectors or fields 56 and 58 of the random number are compared 98 with the corresponding sectors of decrypted R/N outputs received from the destination node 33 (or the sector 58 of the decrypted R/N output received from intermediate node 35) to provide an indication at the 20 originating node that the transaction was either completed 89 or aborted 91. Of course, the ACK and NACK may be encrypted as a network option when returned to the originating node 31.
And, it should be understood that the encryption and decryption modules at each node may be the same conventional DES module operated in timeshare relationship.
Therefore, the system and method of combining the management of PIN and MAC codes and the session keys associated ~f~ ?
therewith from node to node along a data communication network obviates the conventional need for 6eparate s-s~ion keys for the PIN and the MAC, and al~o obviates the n-ed for co,.ve..~ional en¢ryption/decryption schemes for an acknowledgment code at each node along the return path back to the originating node. If desired, PIN validation~ may be performed at each node 6ince the PIN i~ available within the DE8 module circuitry. In addition; th- present sy~tem and method al80 reduces the vulnerabilitr of a secure~d tran~mission system to unauthorized ~eparation of a valid PIN co~e from its 1~ associated mess~ge and MAC code for unauthorized attach~ent to a different mes~age and MAC code. Further, the method and means of the pre~ent invention reduc-s the ambiguity as~ociated with the return or not of only an acknowledgment code in conventional sy~tem~ by returning either one of the ACK and NACK codes without additional operational overhead at each node.
Claims (7)
1. The method of securing transaction data between two locations in response to a user's message and personal identification number, the method comprising:
forming a sequence number representative of the user's transaction;
encoding in a first logical combination at the first location the user's message and the sequence number in accordance with the personal identification number received from the user to produce a message authentication code having a plural number of digit sectors;
generating a random number;
establishing a first encoding key;
encoding in a second logical combination at the first location the random number and a selected number of sectors of the message authentication code in accordance with the first encryption key to produce a first coded output;
encoding in a third logical combination at the first location the user's personal identification number in accordance with the first encoding key to produce a second coded output;
transmitting to another location the user's message and the sequence number and the first and second coded outputs;
establishing the first encoding key at such other location;
decoding the first coded output received at such other location with the first encoding key according to said second logical combination thereof to provide the random number and message authentication code;
decoding the second coded output received at such other location with the first encoding key according to said third logical combination to provide the user's personal identification number;
encoding in the first logical combination at such other location the user's message and sequence number received thereat in accordance with the decoded personal identification number to produce a message authentication code having a plural number of digit sectors; and comparing selected corresponding digit sectors of the decoded message authentication code and the encoded message authentication code to provide an indication upon favorable comparison of the valid transmission of the user's message between the two locations.
forming a sequence number representative of the user's transaction;
encoding in a first logical combination at the first location the user's message and the sequence number in accordance with the personal identification number received from the user to produce a message authentication code having a plural number of digit sectors;
generating a random number;
establishing a first encoding key;
encoding in a second logical combination at the first location the random number and a selected number of sectors of the message authentication code in accordance with the first encryption key to produce a first coded output;
encoding in a third logical combination at the first location the user's personal identification number in accordance with the first encoding key to produce a second coded output;
transmitting to another location the user's message and the sequence number and the first and second coded outputs;
establishing the first encoding key at such other location;
decoding the first coded output received at such other location with the first encoding key according to said second logical combination thereof to provide the random number and message authentication code;
decoding the second coded output received at such other location with the first encoding key according to said third logical combination to provide the user's personal identification number;
encoding in the first logical combination at such other location the user's message and sequence number received thereat in accordance with the decoded personal identification number to produce a message authentication code having a plural number of digit sectors; and comparing selected corresponding digit sectors of the decoded message authentication code and the encoded message authentication code to provide an indication upon favorable comparison of the valid transmission of the user's message between the two locations.
2. The method according to claim 1 comprising the steps of:
establishing a second encoding key at the other location;
encoding in a fourth logical combination at such other location the decoded random number and selected sector of the message authentication code in accordance with the second encoding key to produce a third coded output;
encoding in a fifth logical combination at the other location the decoded user's personal identification number in accordance with the second encoding key to produce a fourth coded output;
transmitting to a remote location the user's message and the sequence number and the third and fourth coded outputs;
establishing the second encoding key at the remote location;
decoding the third coded output as received at the remote location according to the fourth logical combination in accordance with the second encoding key to provide the random number and the message authentication code having a plural number of digit sectors;
decoding the fourth coded output received at the remote location according to the fifth logical combination to provide the user's personal identification number;
encoding the message and the sequence number received at the remote location according to the first logical combination in accordance with the decoded personal identification number to produce a message authentication code having a plural number of digit sectors; and comparing corresponding digit sectors of the decoded message authentication code and the encoded message authentication code at the remote location to provide an indication upon favourable comparison of the unaltered transmission of the message, or an indication upon unfavorable comparison of an alteration in the transmission of the message.
establishing a second encoding key at the other location;
encoding in a fourth logical combination at such other location the decoded random number and selected sector of the message authentication code in accordance with the second encoding key to produce a third coded output;
encoding in a fifth logical combination at the other location the decoded user's personal identification number in accordance with the second encoding key to produce a fourth coded output;
transmitting to a remote location the user's message and the sequence number and the third and fourth coded outputs;
establishing the second encoding key at the remote location;
decoding the third coded output as received at the remote location according to the fourth logical combination in accordance with the second encoding key to provide the random number and the message authentication code having a plural number of digit sectors;
decoding the fourth coded output received at the remote location according to the fifth logical combination to provide the user's personal identification number;
encoding the message and the sequence number received at the remote location according to the first logical combination in accordance with the decoded personal identification number to produce a message authentication code having a plural number of digit sectors; and comparing corresponding digit sectors of the decoded message authentication code and the encoded message authentication code at the remote location to provide an indication upon favourable comparison of the unaltered transmission of the message, or an indication upon unfavorable comparison of an alteration in the transmission of the message.
3. The method according to claim 1 comprising the steps of:
transmitting a selected sector of the decoded random number from the other location to the one location in response to unfavorable comparison; and comparing the selected sector of the random number received at the one location from the other location with the corresponding selected sector at the one location to provide an indication of the altered transmission of the message to the other location.
transmitting a selected sector of the decoded random number from the other location to the one location in response to unfavorable comparison; and comparing the selected sector of the random number received at the one location from the other location with the corresponding selected sector at the one location to provide an indication of the altered transmission of the message to the other location.
4. The method according to claim 2 comprising the steps of:
completing the transaction and returning a second selected sector of the decoded random number from the remote location to the one location in response to said favorable comparison, and inhibiting completion of the transaction and returning a third selected sector of the decoded random number from the remote location to the one location in response to said unfavorable comparison; and comparing the selected sector of the random number received at the one location from the remote location with the corresponding selected sector of the number generated at the one location to provide an indication of the completion or non-completion of the transaction at the remote location.
completing the transaction and returning a second selected sector of the decoded random number from the remote location to the one location in response to said favorable comparison, and inhibiting completion of the transaction and returning a third selected sector of the decoded random number from the remote location to the one location in response to said unfavorable comparison; and comparing the selected sector of the random number received at the one location from the remote location with the corresponding selected sector of the number generated at the one location to provide an indication of the completion or non-completion of the transaction at the remote location.
5. Apparatus for securing transaction data between two locations in response to a user's message and personal identification number, the apparatus comprising:
means for generating a sequence number associated with a user's transaction;
means for generating a random number;
first encryption means at one location for encrypting according to a first logical combination of the user's message and the sequence number applied thereto with the personal identification number received from the user for producing a message authentication code therefrom having a plural number of digit sectors;
means at said one location for producing a first session key;
second encryption means coupled to receive the random number from the user and a selected sector of the message authentication code for encrypting the same with the first session key according to a second logical combination thereof to produce a first encoded output;
third encryption means coupled to receive the personal identification number from the user for encrypting the same with the first session key according to a third logical combination thereof to produce a second encoded output;
means for transmitting the first and second encoded outputs and message and sequence number from the one location to the next location;
means at the next location for producing the first session key;
first decryption means at the next location coupled to receive the transmitted first encoded output and the first session key for decrypting in accordance with said second logical combination to provide the random number and the message authentication code;
second decryption means at the next location coupled to receive the transmitted second encoded output and the first session key for decrypting in accordance with the third logical combination thereof to produce the user's personal identification number;
third encryption means at the next location coupled to receive the transmitted message and sequence number for encoding the same according to said first logical combination with the decrypted personal identification number to produce a message authentication code having a plural number of digit sectors;
comparison means at the next location coupled to receive the corresponding selected sectors of the decrypted message authentication code and of the encrypted message authentication code for producing an output indication of the parity thereof; and means at the next location responsive to said output indication for operating upon the received message in response to favorable comparison.
means for generating a sequence number associated with a user's transaction;
means for generating a random number;
first encryption means at one location for encrypting according to a first logical combination of the user's message and the sequence number applied thereto with the personal identification number received from the user for producing a message authentication code therefrom having a plural number of digit sectors;
means at said one location for producing a first session key;
second encryption means coupled to receive the random number from the user and a selected sector of the message authentication code for encrypting the same with the first session key according to a second logical combination thereof to produce a first encoded output;
third encryption means coupled to receive the personal identification number from the user for encrypting the same with the first session key according to a third logical combination thereof to produce a second encoded output;
means for transmitting the first and second encoded outputs and message and sequence number from the one location to the next location;
means at the next location for producing the first session key;
first decryption means at the next location coupled to receive the transmitted first encoded output and the first session key for decrypting in accordance with said second logical combination to provide the random number and the message authentication code;
second decryption means at the next location coupled to receive the transmitted second encoded output and the first session key for decrypting in accordance with the third logical combination thereof to produce the user's personal identification number;
third encryption means at the next location coupled to receive the transmitted message and sequence number for encoding the same according to said first logical combination with the decrypted personal identification number to produce a message authentication code having a plural number of digit sectors;
comparison means at the next location coupled to receive the corresponding selected sectors of the decrypted message authentication code and of the encrypted message authentication code for producing an output indication of the parity thereof; and means at the next location responsive to said output indication for operating upon the received message in response to favorable comparison.
6. Apparatus as in claim 5 comprising:
means at the next location responsive to the unfavorable comparison for transmitting to the one location a selected sector of the random number.
means at the next location responsive to the unfavorable comparison for transmitting to the one location a selected sector of the random number.
7. Apparatus as in claim 5 comprising:
means at the next location for producing a second encoding key;
first encryption means at the next location coupled to receive the decrypted message authentication code and random number for encoding the same with the second encoding key in accordance with a fourth logical combination in response to said favorable comparison for producing a third output code for transmission to a destination location;
second encryption means at the next location coupled to receive the decrypted personal identification number for encoding the same with the second encoding key in accordance with a fifth logical combination in response to said favorable comparison for producing a fourth output code for transmission to a destination location;
means at the destination location for producing the second encoding key;
first decryption means at the destination location for receiving the third output code transmitted from said next location and the second encoding key for decoding the same according to said fourth logical combination to provide the random number and the message authentication code;
second decryption means at the destination location for receiving the fourth output code transmitted from said next location and the second encoding key for decoding the same according to said fifth logical combination to provide the personal identification number;
encryption means at the destination location for receiving the message and the sequence number for encoding the same with the decrypted personal identification number in accordance with the first logical combination to produce a message authentication code having a plural number of digit sectors;
means at the destination location for comparing corresponding selected sectors of the encrypted message authentication code and the decrypted message authentication code to produce output indications of favorable and unfavorable comparisons;
means at the destination location responsive to favorable output indication for operating upon the transmitted message and for transmitting a selected sector of the random number to said one location, and responsive to unfavorable comparison for transmitting another selected sector of the random number to said one location; and comparator means at the one location coupled to receive the corresponding selected sectors of the generated random number for providing an output indication of the status of operation upon the message at the destination location.
means at the next location for producing a second encoding key;
first encryption means at the next location coupled to receive the decrypted message authentication code and random number for encoding the same with the second encoding key in accordance with a fourth logical combination in response to said favorable comparison for producing a third output code for transmission to a destination location;
second encryption means at the next location coupled to receive the decrypted personal identification number for encoding the same with the second encoding key in accordance with a fifth logical combination in response to said favorable comparison for producing a fourth output code for transmission to a destination location;
means at the destination location for producing the second encoding key;
first decryption means at the destination location for receiving the third output code transmitted from said next location and the second encoding key for decoding the same according to said fourth logical combination to provide the random number and the message authentication code;
second decryption means at the destination location for receiving the fourth output code transmitted from said next location and the second encoding key for decoding the same according to said fifth logical combination to provide the personal identification number;
encryption means at the destination location for receiving the message and the sequence number for encoding the same with the decrypted personal identification number in accordance with the first logical combination to produce a message authentication code having a plural number of digit sectors;
means at the destination location for comparing corresponding selected sectors of the encrypted message authentication code and the decrypted message authentication code to produce output indications of favorable and unfavorable comparisons;
means at the destination location responsive to favorable output indication for operating upon the transmitted message and for transmitting a selected sector of the random number to said one location, and responsive to unfavorable comparison for transmitting another selected sector of the random number to said one location; and comparator means at the one location coupled to receive the corresponding selected sectors of the generated random number for providing an output indication of the status of operation upon the message at the destination location.
Applications Claiming Priority (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| US899,329 | 1986-08-22 | ||
| US06/899,329 US5319710A (en) | 1986-08-22 | 1986-08-22 | Method and means for combining and managing personal verification and message authentication encrytions for network transmission |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CA1340092C true CA1340092C (en) | 1998-10-20 |
Family
ID=25410794
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CA 545127 Expired - Fee Related CA1340092C (en) | 1986-08-22 | 1987-08-21 | Method and means for combining and managing personal verification and message authentication encryptions for network |
Country Status (1)
| Country | Link |
|---|---|
| CA (1) | CA1340092C (en) |
-
1987
- 1987-08-21 CA CA 545127 patent/CA1340092C/en not_active Expired - Fee Related
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US5319710A (en) | Method and means for combining and managing personal verification and message authentication encrytions for network transmission | |
| US10007910B2 (en) | System and method for variable length encryption | |
| US4315101A (en) | Method and apparatus for securing data transmissions | |
| US4268715A (en) | Method and apparatus for securing data transmissions | |
| US4326098A (en) | High security system for electronic signature verification | |
| EP0402301B1 (en) | A method of transferring data and a system for transferring data | |
| US4322576A (en) | Message format for secure communication over data links | |
| JP2746352B2 (en) | Secure security communication system and method for communication by a remotely located computer | |
| US4281215A (en) | Method and apparatus for securing data transmissions | |
| CA1149484A (en) | Method and apparatus for securing data transmissions | |
| US4283599A (en) | Method and apparatus for securing data transmissions | |
| US4885777A (en) | Electronic transaction system | |
| US5301247A (en) | Method for ensuring secure communications | |
| US5583940A (en) | Method, apparatus and device for enciphering messages transmitted between interconnected networks | |
| AU2008327506B2 (en) | Method and system for encryption of data | |
| CN1148035C (en) | Apparatus for securing user's information in mobile communication system connected to internet and method thereof | |
| US4926478A (en) | Method and apparatus for continuously acknowledged link encrypting | |
| US7254232B2 (en) | Method and system for selecting encryption keys from a plurality of encryption keys | |
| JP3917679B2 (en) | High bandwidth cryptographic system with low bandwidth cryptographic module | |
| JPS63310239A (en) | Coding key utilization control | |
| CN101216923A (en) | A system and method to enhance the data security of e-bank dealings | |
| USRE36310E (en) | Method of transferring data, between computer systems using electronic cards | |
| JPH11282982A (en) | User card, communication terminal equipment, communication server, communication system and user authentication method for communication system | |
| EP0877509A2 (en) | Data encyrption/decryption method and apparatus | |
| PL168163B1 (en) | Access and/or identification controlling method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| MKLA | Lapsed |