WO1995012852A1 - A method and a device for storing information, in particular pin codes - Google Patents

A method and a device for storing information, in particular pin codes Download PDF

Info

Publication number
WO1995012852A1
WO1995012852A1 PCT/EP1994/003593 EP9403593W WO9512852A1 WO 1995012852 A1 WO1995012852 A1 WO 1995012852A1 EP 9403593 W EP9403593 W EP 9403593W WO 9512852 A1 WO9512852 A1 WO 9512852A1
Authority
WO
WIPO (PCT)
Prior art keywords
code word
input
memory
stored
encoded
Prior art date
Application number
PCT/EP1994/003593
Other languages
French (fr)
Inventor
Robert Eric Hertzberger
David Otto KRÖNER
Original Assignee
Robert Eric Hertzberger
Kroener David Otto
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Robert Eric Hertzberger, Kroener David Otto filed Critical Robert Eric Hertzberger
Priority to EP95900104A priority Critical patent/EP0729614A1/en
Priority to AU81056/94A priority patent/AU8105694A/en
Publication of WO1995012852A1 publication Critical patent/WO1995012852A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/88Detecting or preventing theft or loss
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/14Protection against unauthorised use of memory or access to memory
    • G06F12/1408Protection against unauthorised use of memory or access to memory by using cryptography
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2107File encryption

Definitions

  • the invention relates to a method for storing information, wherein at least one code word is input and stored in a memory.
  • the invention furthermore relates to a device for carrying out said method, said device including a memory and data input means connected to said memory.
  • Electronic pocket memory databooks of this type which are usually hand-held, are generally known.
  • these devices can be used for storing a certain amount of information, for example comprising names and addresses, in a memory.
  • information for example comprising names and addresses
  • this is done by displaying the information on a display unit of the device, or by means of a printing unit, which can usually be connected to the device.
  • the inputting of a correct password is necessary in order to gain access to the device, so as to be able to operate the device.
  • the disadvantage of this is that when the known device gets into the wrong hands, the thief in question can input a password he has made up himself and keep on doing so until he has found the correct password to gain access to the device and the information which will be available then. The thief will know at any moment whether the password he has input is correct or not.
  • the object of the present invention is to provide a method and a device for storing in particular confidential information, whereby it is made more difficult for unauthorized persons to gain access to said confidential information.
  • the method is according to the invention characterized in that after being input a first code word is encoded and stored in a first memory in encoded form.
  • the advantage of the method according to the invention is that the first code word, which is for example a password, is only present in the memory in question in its protected, encoded form when this method is being used, irrespective of the design of the device for carrying out this method.
  • the use of the present method has thus made it impossible to retrieve the first code word from the memory after the device has been opened, even if the device gets into the wrong hands.
  • a greater degree of protection of the data is obtained by using one embodiment of the method according to the invention, wherein the first code word must be input before at least one second code word stored in a second memory associated with the first memory can be read.
  • said second code word is stored in said second memory in encoded form after being input.
  • the decoding of said first code word does not take place until said second code word has been retrieved from said second memory, so that the decoded, unprotected second word is available as late as possible and thus, dependent on the operator, as briefly as possible.
  • the first code word that is input is compared, after being encoded, with the encoded first code word stored in said first memory, whereby said second code word is not read from said second memory until the two code words are found to be identical.
  • the advantage of this embodiment of the method according to the invention is that, also when an invalid first code word is input, a second, albeit a pseudo-code word is generated as a result of the method being used, and because a second code word is generated, irrespective of the fact whether the first code word is valid or not, the person having possession of the device will not be able to ascertain if indeed the correct second code word is being provided in a deterministic manner.
  • Yet another improvement of the protected storage of the information is achieved with one embodiment of the method according to the invention, in that the processing of additional first code words is made impossible for some time after the input of a number of first code words, which upon being encoded all appear to be different from the encoded first code word stored in said first memory, or that also the valid first code word is invalidated for some time.
  • the input second code word is encoded by means of the input first code word.
  • the advantage of this method is that encoding or decoding of encoded code words or pseudo-code words will take place at all times, irrespective of the fact whether the input first code word is valid or not. Only then will the encoded second code word be stored in the second memory in encoded form, whereby said second code word is retrievable from the memory in decoded form after the first (valid or invalid) code word has been input, as is the other, previously input information.
  • Another embodiment of the method according to the invention provides for the input of text parts, which are stored in a third memory associated with said second memory.
  • the advantage of the text parts in question is that they constitute a source of information for the operator of the device with regard to the significance of the second code words.
  • the text parts are for example indications such as "Giro", "VISA” and the like, whereby the second code words associated therewith are in particular the PIN codes for a Giro cheque card and a VISA card respectively.
  • said text parts are stored in non-encoded form.
  • the input, storage, processing and output of data only takes place when enabling means are kept in active condition, preferably by manual operation.
  • the enabling means thus function as a dead man's button, whereby in particular the display unit of the device for carrying out the method is cleared of all information when the dead man's button is released. The effect of this is that when a thief takes away the device from its rightful holder, the dead man's button is no longer operated, as a consequence of which the device will not provide the thief with any information whatsoever with regard to the valid first code word/password to be input and the correct second code words/PIN codes associated therewith.
  • a symmetrical encoding/decoding method is used, so that the same first code word or password can be used for coding/decoding.
  • the device for carrying out the method comprises a memory and data input means connected to said memory, as well as encoding means connected to said data input means and to said memory, decoding means connected to at least the data output means and the memory, latch means coupled to said memory and said data output means, and a comparing unit connected to said encoding means and to said memory, said comparing unit being connected to said latch means for channelling (valid or invalid) code words read from said memory exclusively at the command of said comparing unit.
  • Figure 1 shows a possible embodiment of the device according to the invention
  • Figures 2, 3, 4 and 5 show flow diagrams, with reference to which the method according to the invention will be further explained.
  • Figure 1 shows a device 11, by means of which a secure storage of data is ensured.
  • the device 11 comprises data input means 12, encoding means 13 connected to said data input means 12, a memory 16, which is inter alia provided with a read-in gate 14 and a read-out gate 15 and which is connected to said encoding means 13, a comparing unit 17 connected to both gates 14 and 15, latch means 18 connected to said memory 16, decoding means 19 connected to said latch means 18, as well as data output means 20 connected to said decoding means 19.
  • the device 11 comprises a central processing unit (CPU) 21, which is inter alia connected (in a manner not shown) to the data input means 12, the data output means 20 and to memory 16.
  • CPU central processing unit
  • the CPU 21 will furthermore be connected (in a manner not shown) to each of the aforesaid circuits of the device 11, in order to be able to supply the required control and check signals thereto.
  • the device 11 includes enabling means 22, which are connected to the CPU 21. Said enabling means 22 are usually connected to the reset input and/or to the test input and/or to the interrupt pin of the CPU 21.
  • the data input means 12 for example comprise a keyboard.
  • the data output means 20 for example include a display unit, such as an LCD display.
  • the device 11 is turned on or activated by activating the enabling means 22, hereinafter called the dead man's button.
  • the dead man's button is thereby the fact that the energy consumption of the device 11 is minimal, since a slightly greater amount of power is only taken off from the power supply means (not shown) present within the device 11, in the form of one or more batteries, as long as the dead man's button 22 is being depressed.
  • the device 11 will automatically return to a so-called "deep power down" condition after any exit procedures that may be necessary have been carried out in order to store data in an orderly manner and leave the device 11 in a well-defined condition.
  • Part of the memory 16 will be reserved as a program memory for the CPU 21. The main loop of the programme present within said program memory only tests intermittently whether the dead man's button 22 is still activated and whether one or more keys of the keyboard are being depressed.
  • the programme When the dead man's button 22 is depressed for the first time the programme will start at 1 and the input of a first code word or password is requested at 2. At the first start of the device 11 the password input by means of the data input means 12 will automatically be valid, as a consequence of which the Boolean variable PW will be valid in block 3.1. When the device 11 is subsequently activated. the validity of the password will be verified at 3. If the password is not valid, the programme will pass through block 3.2 and PW will be invalid. When the dead man's button 22 is released the system will stop at 4.2, after having executed the aforesaid exit procedures. When the dead man's button is depressed the system will proceed to 4.1, that is "select f nction".
  • memory 16 When the device 11 is turned on for the first time memory 16 will still be empty and consequently it will be possible to select options 5, 6 or 7. Let us assume that option 7 is selected first.
  • the table below shows the text corresponding with the numbered blocks in Figure 5.
  • the program will start at 7.1, followed by 7.2, in which a request is made to select data item n. Because more than one second code words may be stored under one first code word or password, the number of the stored second code word is expressed by means of the variable n.
  • a respective associated text part for example comprising the words "Giro", "VISA”, may be input at 7.3.
  • the input text part is associated with the respective index number n at 7.4.
  • the second code word is input, which may consist of alphanumeric symbols, if desired, but which will usually be constructed purely numerically.
  • the respective second code word is encoded in the encoding means 13 by means of the input first code word/password.
  • the value of the Boolean variable PW is retrieved from a reserved part of the memory 16, after which the respective encoded code word will be stored at 7.7.1 and 7.7.2. If PW is valid it concerns a "real data item" at 7.7.1, whilst the stored encoded code word at 7.7.2 is a "fake data item”.
  • the programme returns to the test shown at 4 in Figure 2, in order to verify whether the dead man's button is still being depressed. The first time that function 7 is selected PW will be valid at 7.7.
  • the data to be displayed are selected in memory 16 at 5.2, after which the Boolean variable PW is consulted at 5.3. If PW is valid, it will be obvious that the input password corresponds with the previously input password, whereupon the aforesaid "real data item" that has been selected is decoded in the decoding means 19 at 5.3.1. Then the decoded "real data item” is displayed on the LCD-screen at 5.4, together with the associated text part.
  • the index n By depressing an appropriate key on the keyboard of the data input means 12 it becomes possible to glance through the index n, so that for example the text part "Giro” and the text part "VISA" are successively displayed on the screen, together with the "real data items” associated therewith, which contain the second code words originally input with that password.
  • the second code words contain for example the PIN codes associated with the respective passes referred to above. If it is determined at 5.3 that PW is not valid, then the aforesaid "fake data item" that has been selected is decoded by means of the obviously incorrect password then input. Also in that case the respective second code words input under said password will be displayed on the LCD- screen at 5.4.
  • the second code words however, in particular the PIN codes which had been stored by means of the originally input password, cannot be retrieved in this manner.
  • the new password is input at 6.2.
  • all "real data items” will be decoded by means of the correct original password previously input at 2 in Figure 2.
  • said decoded "real data items” are encoded by means of the newly input password.
  • the newly input password is encoded with a constant string stored in the memory 16 at 6.4, with a view to a password validation to be carried out at 3 in Figure 2, after which the programme returns to block 4 in Figure 2 at 6.6. If an incorrect password was initially input at 3, in other words, if PW is invalid, all "fake data items" will be decoded by means of the originally input password at 6.3.2 and subsequently encoded by means of the newly input password.

Abstract

According to a method for safely storing information a first code word is stored in encoded form in a first memory (16) after being input. A second memory (16) is associated with the first memory, in which second memory at least one second code word, for example a PIN code, can be stored, preferably in encoded form. The device (11) for safely storing information is arranged in such a manner that, irrespective of the first code word or password that is input, a corresponding second code word is provided. Only in case the first code word stored in the device is identical to the first input code word will no random second code word be provided by the device (11). The holder of the device will not be able to ascertain in any manner whether or not he has input the correct password. PIN codes are thus safely stored.

Description

A METHOD AND A DEVICE FOR STORING INFORMATION, IN PARTICULAR PIN CODES
The invention relates to a method for storing information, wherein at least one code word is input and stored in a memory.
The invention furthermore relates to a device for carrying out said method, said device including a memory and data input means connected to said memory.
Electronic pocket memory databooks of this type, which are usually hand-held, are generally known. Generally these devices can be used for storing a certain amount of information, for example comprising names and addresses, in a memory. In order to provide some form of protection of the contents of the memory it is necessary to input a password after the information to be protected has been input, whereupon the information in question is made available to the person requesting the information. Usually this is done by displaying the information on a display unit of the device, or by means of a printing unit, which can usually be connected to the device.
With the known devices the inputting of a correct password is necessary in order to gain access to the device, so as to be able to operate the device. The disadvantage of this is that when the known device gets into the wrong hands, the thief in question can input a password he has made up himself and keep on doing so until he has found the correct password to gain access to the device and the information which will be available then. The thief will know at any moment whether the password he has input is correct or not.
The object of the present invention is to provide a method and a device for storing in particular confidential information, whereby it is made more difficult for unauthorized persons to gain access to said confidential information.
In order to achieve this the method is according to the invention characterized in that after being input a first code word is encoded and stored in a first memory in encoded form.
The advantage of the method according to the invention is that the first code word, which is for example a password, is only present in the memory in question in its protected, encoded form when this method is being used, irrespective of the design of the device for carrying out this method. The use of the present method has thus made it impossible to retrieve the first code word from the memory after the device has been opened, even if the device gets into the wrong hands.
A greater degree of protection of the data is obtained by using one embodiment of the method according to the invention, wherein the first code word must be input before at least one second code word stored in a second memory associated with the first memory can be read.
Preferably said second code word is stored in said second memory in encoded form after being input.
In order to optimize said protection as much as possible the decoding of said first code word does not take place until said second code word has been retrieved from said second memory, so that the decoded, unprotected second word is available as late as possible and thus, dependent on the operator, as briefly as possible.
According to one embodiment of the method according to the invention the first code word that is input is compared, after being encoded, with the encoded first code word stored in said first memory, whereby said second code word is not read from said second memory until the two code words are found to be identical.
An even better protection is obtained by means of a further embodiment, in that a second (pseudo) code word is decoded by means of the input first (invalid) code word when a dissimilarity is detected. Consequently, when an invalid first code word is input a similar second (pseudo) code word associated therewith is always available for output.
The advantage of this embodiment of the method according to the invention is that, also when an invalid first code word is input, a second, albeit a pseudo-code word is generated as a result of the method being used, and because a second code word is generated, irrespective of the fact whether the first code word is valid or not, the person having possession of the device will not be able to ascertain if indeed the correct second code word is being provided in a deterministic manner.
Yet another improvement of the protected storage of the information is achieved with one embodiment of the method according to the invention, in that the processing of additional first code words is made impossible for some time after the input of a number of first code words, which upon being encoded all appear to be different from the encoded first code word stored in said first memory, or that also the valid first code word is invalidated for some time.
In yet another embodiment of the method according to the invention the input second code word is encoded by means of the input first code word.
The advantage of this method is that encoding or decoding of encoded code words or pseudo-code words will take place at all times, irrespective of the fact whether the input first code word is valid or not. Only then will the encoded second code word be stored in the second memory in encoded form, whereby said second code word is retrievable from the memory in decoded form after the first (valid or invalid) code word has been input, as is the other, previously input information.
Another embodiment of the method according to the invention provides for the input of text parts, which are stored in a third memory associated with said second memory.
The advantage of the text parts in question is that they constitute a source of information for the operator of the device with regard to the significance of the second code words. The text parts are for example indications such as "Giro", "VISA" and the like, whereby the second code words associated therewith are in particular the PIN codes for a Giro cheque card and a VISA card respectively.
Preferably said text parts are stored in non-encoded form.
The fact of the matter is that if the text parts were to be stored in encoded form, the encoded text parts would be displayed on the display unit of the device in encoded and consequently irrecognizable form in case the input first code word is invalid, from which it might be concluded that the input first code word/password in question is invalid. Consequently it is to be preferred to store the text parts in non-encoded form, in order to further ensure in this manner that a thief will never know with certainty whether he has input the correct first code word or password.
In yet another variant of the method according to the invention the input, storage, processing and output of data only takes place when enabling means are kept in active condition, preferably by manual operation. Advantageous is the fact that the enabling means thus function as a dead man's button, whereby in particular the display unit of the device for carrying out the method is cleared of all information when the dead man's button is released. The effect of this is that when a thief takes away the device from its rightful holder, the dead man's button is no longer operated, as a consequence of which the device will not provide the thief with any information whatsoever with regard to the valid first code word/password to be input and the correct second code words/PIN codes associated therewith.
Preferably a symmetrical encoding/decoding method is used, so that the same first code word or password can be used for coding/decoding.
Accordingly the device for carrying out the method comprises a memory and data input means connected to said memory, as well as encoding means connected to said data input means and to said memory, decoding means connected to at least the data output means and the memory, latch means coupled to said memory and said data output means, and a comparing unit connected to said encoding means and to said memory, said comparing unit being connected to said latch means for channelling (valid or invalid) code words read from said memory exclusively at the command of said comparing unit.
For safety reasons it is to be preferred to integrate the various components and parts of the device in a housing.
The invention will be explained in more detail hereafter with reference to a drawing.
Figure 1 shows a possible embodiment of the device according to the invention; and Figures 2, 3, 4 and 5 show flow diagrams, with reference to which the method according to the invention will be further explained.
Figure 1 shows a device 11, by means of which a secure storage of data is ensured. In the schematic illustration of Figure 1 the device 11 comprises data input means 12, encoding means 13 connected to said data input means 12, a memory 16, which is inter alia provided with a read-in gate 14 and a read-out gate 15 and which is connected to said encoding means 13, a comparing unit 17 connected to both gates 14 and 15, latch means 18 connected to said memory 16, decoding means 19 connected to said latch means 18, as well as data output means 20 connected to said decoding means 19. In addition to that the device 11 comprises a central processing unit (CPU) 21, which is inter alia connected (in a manner not shown) to the data input means 12, the data output means 20 and to memory 16. The CPU 21 will furthermore be connected (in a manner not shown) to each of the aforesaid circuits of the device 11, in order to be able to supply the required control and check signals thereto. The device 11 includes enabling means 22, which are connected to the CPU 21. Said enabling means 22 are usually connected to the reset input and/or to the test input and/or to the interrupt pin of the CPU 21. The data input means 12 for example comprise a keyboard. The data output means 20 for example include a display unit, such as an LCD display.
Below a possible manner of operation of the device 11 will be discussed with reference to Figures 2, 3, 4 and 5.
The device 11 is turned on or activated by activating the enabling means 22, hereinafter called the dead man's button. Advantageous is thereby the fact that the energy consumption of the device 11 is minimal, since a slightly greater amount of power is only taken off from the power supply means (not shown) present within the device 11, in the form of one or more batteries, as long as the dead man's button 22 is being depressed. When the dead man's button 22 is not being depressed the device 11 will automatically return to a so-called "deep power down" condition after any exit procedures that may be necessary have been carried out in order to store data in an orderly manner and leave the device 11 in a well-defined condition. Part of the memory 16 will be reserved as a program memory for the CPU 21. The main loop of the programme present within said program memory only tests intermittently whether the dead man's button 22 is still activated and whether one or more keys of the keyboard are being depressed.
The table below shows the text corresponding with the various numbered blocks in Figure 2.
1 start 2 input password
3 password valid? 3.1 PW valid is "yes"
3.1 PW valid is "no"
4 dead man's button depressed? 4.1 select function
4.2 stop
5 display stored data
6 programme password
7 programme code words
When the dead man's button 22 is depressed for the first time the programme will start at 1 and the input of a first code word or password is requested at 2. At the first start of the device 11 the password input by means of the data input means 12 will automatically be valid, as a consequence of which the Boolean variable PW will be valid in block 3.1. When the device 11 is subsequently activated. the validity of the password will be verified at 3. If the password is not valid, the programme will pass through block 3.2 and PW will be invalid. When the dead man's button 22 is released the system will stop at 4.2, after having executed the aforesaid exit procedures. When the dead man's button is depressed the system will proceed to 4.1, that is "select f nction". Now one of the functions can be selected by depressing the appropriate function keys associated with functions 5, 6 and 7. When function 5 is selected the stored data will be displayed. Function 5 is further elaborated in Figure 3. The respective f nctions 6 and 7 are likewise elaborated in Figures 4 and 5.
When the device 11 is turned on for the first time memory 16 will still be empty and consequently it will be possible to select options 5, 6 or 7. Let us assume that option 7 is selected first. The table below shows the text corresponding with the numbered blocks in Figure 5.
7.1 start
7.2 selected data item n
7.3 input text part
7.4 store text part under index n
7.5 input second code word 7.6 encode second code word by means of the input first code word or password 7.7 PW valid?
7.7.1 store encoded second code word as "real data item"
7.7.2 store encoded second code word as "fake data item" 7.8 return
After function 7 has been selected the program will start at 7.1, followed by 7.2, in which a request is made to select data item n. Because more than one second code words may be stored under one first code word or password, the number of the stored second code word is expressed by means of the variable n. A respective associated text part, for example comprising the words "Giro", "VISA", may be input at 7.3. The input text part is associated with the respective index number n at 7.4. In block 7.5 the second code word is input, which may consist of alphanumeric symbols, if desired, but which will usually be constructed purely numerically. In block 7.6 the respective second code word is encoded in the encoding means 13 by means of the input first code word/password. Then the value of the Boolean variable PW is retrieved from a reserved part of the memory 16, after which the respective encoded code word will be stored at 7.7.1 and 7.7.2. If PW is valid it concerns a "real data item" at 7.7.1, whilst the stored encoded code word at 7.7.2 is a "fake data item". In block 7.8 the programme returns to the test shown at 4 in Figure 2, in order to verify whether the dead man's button is still being depressed. The first time that function 7 is selected PW will be valid at 7.7. However, if a deviating, new password is input together with a new second code word by an unauthorized person, in particular a thief, PW will be invalid, but the new second code word encoded with the deviating password will still be stored in memory 16 at 7.7.2.
When subsequently function 5 is selected, the programme will begin with "start" at 5.1 (see Figure 3). The table below shows the text corresponding with the numbered blocks of Figure 3.
5.1 start 5.2 select data item
5.3 PW valid?
5.3.1 decode selected "real data item" by means of input password 5.3.1 decode selected "fake data item" by means of input password
5.4 display text part plus decoded "data item" on LCD display 5.5 return
The data to be displayed are selected in memory 16 at 5.2, after which the Boolean variable PW is consulted at 5.3. If PW is valid, it will be obvious that the input password corresponds with the previously input password, whereupon the aforesaid "real data item" that has been selected is decoded in the decoding means 19 at 5.3.1. Then the decoded "real data item" is displayed on the LCD-screen at 5.4, together with the associated text part. By depressing an appropriate key on the keyboard of the data input means 12 it becomes possible to glance through the index n, so that for example the text part "Giro" and the text part "VISA" are successively displayed on the screen, together with the "real data items" associated therewith, which contain the second code words originally input with that password. The second code words contain for example the PIN codes associated with the respective passes referred to above. If it is determined at 5.3 that PW is not valid, then the aforesaid "fake data item" that has been selected is decoded by means of the obviously incorrect password then input. Also in that case the respective second code words input under said password will be displayed on the LCD- screen at 5.4. The second code words, however, in particular the PIN codes which had been stored by means of the originally input password, cannot be retrieved in this manner.
Function 6 of Figure 2 provides for the programming of a password. This possibility is elucidated in Figure 4. The table below shows the text corresponding with the numbered blocks in Figure 4.
6.1 start
6.2 input new password
6.3 PW valid? 6.3.1 decode all "real data items" by means of the old password, then encode with the new password
6.3.2 decode all "fake data items" by means of the old password, then encode with the new password 6.4 encode new password with a constant string 6.5 new PW valid? 6.5.1 overwrite "real data items" with "fake data items"
Starting at 6.1, the new password is input at 6.2. When the first input password is valid, all "real data items" will be decoded by means of the correct original password previously input at 2 in Figure 2. Then said decoded "real data items" are encoded by means of the newly input password. Then the newly input password is encoded with a constant string stored in the memory 16 at 6.4, with a view to a password validation to be carried out at 3 in Figure 2, after which the programme returns to block 4 in Figure 2 at 6.6. If an incorrect password was initially input at 3, in other words, if PW is invalid, all "fake data items" will be decoded by means of the originally input password at 6.3.2 and subsequently encoded by means of the newly input password. At 6.5 a check is made whether the newly input password happens to correspond with the originally input password. In that case PW will be valid. The fact of the matter is that it is possible that the new password is identical to the originally input password. If that is not the case, the programme will proceed to 6.6, if it is the case indeed the original password and the original code words associated therewith will be overwritten with the "fake data items" at 6.5.1. Also in this highly unlikely case the original password and the PIN codes associated therewith will not be made available to the thief, therefore.

Claims

1. A method for storing information, wherein at least one code word is input and stored in a memory, characterized in that after being input a first code word is encoded and stored in a first memory in encoded form.
2. A method according to claim l, wherein said first code word must be input before at least one second code word stored in a second memory associated with the first memory can be read.
3. A method according to claim 2, wherein said second code word is stored in said second memory in encoded form after being input.
4. A method according to claim 2, wherein the decoding of said first code word does not take place until said second code word has been retrieved from said second memory.
5. A method according to any one of the claims 2 - 4, wherein the first code word that is input is compared, after being encoded, with the encoded first code word stored in said first memory, and wherein said second code word is not read from said second memory until the two code words are found to be identical.
6. A method according to any one of the claims 2 - 4, wherein the first code word that is input is compared, after being decoded, with the first code word stored in said first memory, and wherein a second (pseudo) code word is decoded by means of the input first (invalid) code word when an inequality is detected.
7. A method according to any one of the preceding claims, wherein the processing of additional first code words is made impossible for some time after the input of a number of first code words, which upon being encoded all appear to be different from the encoded first code word stored in said first memory, or wherein also the valid first code word is invalidated for some time.
8. A method according to any one of the preceding claims, wherein the input second code word is encoded or decoded by means of the input first code word.
9. A method according to any one of the preceding claims, wherein the input first code word is encoded by means of a constant string.
10. A method according to any one of the preceding claims, wherein text parts are input, which text parts are stored in a third memory associated with said second memory.
11. A method according to any one of the claims 3 - 10, wherein said text parts are stored in non-encoded form.
12. A method according to any one of the preceding claims, wherein an originally input and stored first code word can only be substituted after said original code word has been input.
13. A method according to claim 12, wherein said substitution takes place in such a manner that it is not necessary to input and store the associated second code words and/or the text parts associated therewith anew.
14. A method according to any one of the preceding claims, wherein the input, storage, processing and/or output of the information respectively takes place only when said enabling means are active.
15. A method according to claim 14, wherein said enabling means are kept in their active state by manual operation.
16. A method according to any one of the preceding claims, wherein the method used for encoding or decoding is a symmetrical method.
17. A method according to any one of the preceding claims, wherein the aforesaid code words contain alphanumeric symbols.
18. A device for carrying out the method according to any one of the preceding claims, said device including a memory and data input means connected to said memory, characterized in that said device includes encoding means connected to said data input means and to said memory.
19. A device according to claim 18, said device comprising data output means and decoding means connected to at least said data output means and said memory.
20. A device according to claim 18 or 19, wherein said encoding means and/or decoding means are implemented in the form of software.
21. A device according to any one of the preceding claims 18 - 20, said device comprising latch means coupled to said memory and to said data output means, and a compa¬ ring unit connected to said encoding means and to said memory, said comparing unit being connected to said latch means for channelling (valid or invalid) code words read from said memory exclusively at the command of said comparing unit.
22. A device according to any one of the claims 18 - 21, said device including a central processing unit and enabling means connected to said central processing unit for processing data only when said enabling means are in their active state.
23. A device according to claim 22, wherein said enabling means are arranged in such a manner that only manual activation will keep the device from returning to its quiescent state.
24. A device according to any one of the claims 18 - 23, wherein the various components and parts of the device, such as a central processing unit, the information required, the encoding and decoding means, the comparing unit, the latch means and the enabling means are integrated in a housing.
25. A method for protecting information, wherein the method according to any one of the claims 1 - 17 is used.
26. A method according to claim 25, wherein said method is used in conjunction with the device according to any one of the claims 18 - 24.
27. A computer system operating according to the method of any one of the claims 1 - 17.
PCT/EP1994/003593 1993-11-02 1994-10-31 A method and a device for storing information, in particular pin codes WO1995012852A1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
EP95900104A EP0729614A1 (en) 1993-11-02 1994-10-31 A method and a device for storing information, in particular pin codes
AU81056/94A AU8105694A (en) 1993-11-02 1994-10-31 A method and a device for storing information, in particular pin codes

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
NL9301880 1993-11-02
NL9301880A NL9301880A (en) 1993-11-02 1993-11-02 Method and device for storing data, in particular pin codes.

Publications (1)

Publication Number Publication Date
WO1995012852A1 true WO1995012852A1 (en) 1995-05-11

Family

ID=19863071

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/EP1994/003593 WO1995012852A1 (en) 1993-11-02 1994-10-31 A method and a device for storing information, in particular pin codes

Country Status (4)

Country Link
EP (1) EP0729614A1 (en)
AU (1) AU8105694A (en)
NL (1) NL9301880A (en)
WO (1) WO1995012852A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2005122071A2 (en) * 2004-06-09 2005-12-22 Koninklijke Philips Electronics N. V. One-time authentication system

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
SU1136142A1 (en) * 1983-09-19 1985-01-23 Предприятие П/Я А-3327 Information input device
EP0154252A2 (en) * 1984-02-23 1985-09-11 Fujitsu Limited Programmable read only memory device and memory system employing the same
US4819204A (en) * 1985-07-08 1989-04-04 Siemens Aktiengesellschaft Method for controlling memory access on a chip card and apparatus for carrying out the method
EP0334503A2 (en) * 1988-03-24 1989-09-27 Racal-Guardata Financial Systems Limited Data-processing apparatus and method
EP0402961A2 (en) * 1985-05-31 1990-12-19 Casio Computer Company Limited Portable electronic memorandum device
US5224166A (en) * 1992-08-11 1993-06-29 International Business Machines Corporation System for seamless processing of encrypted and non-encrypted data and instructions
EP0558222A1 (en) * 1992-02-26 1993-09-01 International Business Machines Corporation Personal computer system with security features and method

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
SU1136142A1 (en) * 1983-09-19 1985-01-23 Предприятие П/Я А-3327 Information input device
EP0154252A2 (en) * 1984-02-23 1985-09-11 Fujitsu Limited Programmable read only memory device and memory system employing the same
EP0402961A2 (en) * 1985-05-31 1990-12-19 Casio Computer Company Limited Portable electronic memorandum device
US4819204A (en) * 1985-07-08 1989-04-04 Siemens Aktiengesellschaft Method for controlling memory access on a chip card and apparatus for carrying out the method
EP0334503A2 (en) * 1988-03-24 1989-09-27 Racal-Guardata Financial Systems Limited Data-processing apparatus and method
EP0558222A1 (en) * 1992-02-26 1993-09-01 International Business Machines Corporation Personal computer system with security features and method
US5224166A (en) * 1992-08-11 1993-06-29 International Business Machines Corporation System for seamless processing of encrypted and non-encrypted data and instructions

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
SOVIET PATENTS ABSTRACTS Week 8531, Derwent World Patents Index; AN 85-189154 *

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2005122071A2 (en) * 2004-06-09 2005-12-22 Koninklijke Philips Electronics N. V. One-time authentication system
WO2005122071A3 (en) * 2004-06-09 2006-03-16 Koninkl Philips Electronics Nv One-time authentication system
US8621602B2 (en) 2004-06-09 2013-12-31 Nxp B.V. One-time authentication system

Also Published As

Publication number Publication date
NL9301880A (en) 1995-06-01
EP0729614A1 (en) 1996-09-04
AU8105694A (en) 1995-05-23

Similar Documents

Publication Publication Date Title
US6130621A (en) Method and apparatus for inhibiting unauthorized access to or utilization of a protected device
US4856062A (en) Computing and indicating device
US4972182A (en) Electronic security lock
JPS60138645A (en) Safety device and method for disabling microprocessor control type electronic equipment after occurrence of use forbidding event
US4720860A (en) Method and apparatus for positively identifying an individual
TW323359B (en)
US5237616A (en) Secure computer system having privileged and unprivileged memories
RU2188447C2 (en) Electronic data processing device and system
US20070136593A1 (en) Secure information storage apparatus
US6957338B1 (en) Individual authentication system performing authentication in multiple steps
CN101057225B (en) Selective protection of files on portable memory devices
CA2133743A1 (en) Electronic Security System
CA2162644A1 (en) Computer resource regulation
JPH03503220A (en) Method and mobile device for checking message integrity
ATE78616T1 (en) PORTABLE MEDIA DATA SECURITY SYSTEM.
EP0758109B1 (en) Method of processing and comparing a password
RU2002127119A (en) LOCKING DEVICE WITH KEY
JPH05334253A (en) Method for utilizing information processing workstation with password and information processing workstation utilizing the method
US5651067A (en) Storage and selective information transmission system for personal data
US5811885A (en) Process for controlling the use of a motor vehicle using a two part code signal
WO2002021433A3 (en) Method and device for providing secure use of an electronic authorization/credit card
EP0729614A1 (en) A method and a device for storing information, in particular pin codes
JPH0466141B2 (en)
US5163141A (en) RAM lock device and method for a text entry system
CN110119802A (en) Multi-use card system and implementation method

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): AM AT AU BB BG BR BY CA CH CN CZ DE DK ES FI GB GE HU JP KE KG KP KR KZ LK LT LU LV MD MG MN MW NL NO NZ PL PT RO RU SD SE SI SK TJ TT UA US UZ VN

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): KE MW SD SZ AT BE CH DE DK ES FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI CM GA GN ML MR NE SN TD TG

DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
121 Ep: the epo has been informed by wipo that ep was designated in this application
WWE Wipo information: entry into national phase

Ref document number: 1995900104

Country of ref document: EP

ENP Entry into the national phase

Ref country code: US

Ref document number: 1996 666541

Date of ref document: 19960628

Kind code of ref document: A

Format of ref document f/p: F

REG Reference to national code

Ref country code: DE

Ref legal event code: 8642

WWP Wipo information: published in national office

Ref document number: 1995900104

Country of ref document: EP

NENP Non-entry into the national phase

Ref country code: CA

WWW Wipo information: withdrawn in national office

Ref document number: 1995900104

Country of ref document: EP