WO1995012852A1 - A method and a device for storing information, in particular pin codes - Google Patents
A method and a device for storing information, in particular pin codes Download PDFInfo
- Publication number
- WO1995012852A1 WO1995012852A1 PCT/EP1994/003593 EP9403593W WO9512852A1 WO 1995012852 A1 WO1995012852 A1 WO 1995012852A1 EP 9403593 W EP9403593 W EP 9403593W WO 9512852 A1 WO9512852 A1 WO 9512852A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- code word
- input
- memory
- stored
- encoded
- Prior art date
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/88—Detecting or preventing theft or loss
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F12/00—Accessing, addressing or allocating within memory systems or architectures
- G06F12/14—Protection against unauthorised use of memory or access to memory
- G06F12/1408—Protection against unauthorised use of memory or access to memory by using cryptography
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2107—File encryption
Definitions
- the invention relates to a method for storing information, wherein at least one code word is input and stored in a memory.
- the invention furthermore relates to a device for carrying out said method, said device including a memory and data input means connected to said memory.
- Electronic pocket memory databooks of this type which are usually hand-held, are generally known.
- these devices can be used for storing a certain amount of information, for example comprising names and addresses, in a memory.
- information for example comprising names and addresses
- this is done by displaying the information on a display unit of the device, or by means of a printing unit, which can usually be connected to the device.
- the inputting of a correct password is necessary in order to gain access to the device, so as to be able to operate the device.
- the disadvantage of this is that when the known device gets into the wrong hands, the thief in question can input a password he has made up himself and keep on doing so until he has found the correct password to gain access to the device and the information which will be available then. The thief will know at any moment whether the password he has input is correct or not.
- the object of the present invention is to provide a method and a device for storing in particular confidential information, whereby it is made more difficult for unauthorized persons to gain access to said confidential information.
- the method is according to the invention characterized in that after being input a first code word is encoded and stored in a first memory in encoded form.
- the advantage of the method according to the invention is that the first code word, which is for example a password, is only present in the memory in question in its protected, encoded form when this method is being used, irrespective of the design of the device for carrying out this method.
- the use of the present method has thus made it impossible to retrieve the first code word from the memory after the device has been opened, even if the device gets into the wrong hands.
- a greater degree of protection of the data is obtained by using one embodiment of the method according to the invention, wherein the first code word must be input before at least one second code word stored in a second memory associated with the first memory can be read.
- said second code word is stored in said second memory in encoded form after being input.
- the decoding of said first code word does not take place until said second code word has been retrieved from said second memory, so that the decoded, unprotected second word is available as late as possible and thus, dependent on the operator, as briefly as possible.
- the first code word that is input is compared, after being encoded, with the encoded first code word stored in said first memory, whereby said second code word is not read from said second memory until the two code words are found to be identical.
- the advantage of this embodiment of the method according to the invention is that, also when an invalid first code word is input, a second, albeit a pseudo-code word is generated as a result of the method being used, and because a second code word is generated, irrespective of the fact whether the first code word is valid or not, the person having possession of the device will not be able to ascertain if indeed the correct second code word is being provided in a deterministic manner.
- Yet another improvement of the protected storage of the information is achieved with one embodiment of the method according to the invention, in that the processing of additional first code words is made impossible for some time after the input of a number of first code words, which upon being encoded all appear to be different from the encoded first code word stored in said first memory, or that also the valid first code word is invalidated for some time.
- the input second code word is encoded by means of the input first code word.
- the advantage of this method is that encoding or decoding of encoded code words or pseudo-code words will take place at all times, irrespective of the fact whether the input first code word is valid or not. Only then will the encoded second code word be stored in the second memory in encoded form, whereby said second code word is retrievable from the memory in decoded form after the first (valid or invalid) code word has been input, as is the other, previously input information.
- Another embodiment of the method according to the invention provides for the input of text parts, which are stored in a third memory associated with said second memory.
- the advantage of the text parts in question is that they constitute a source of information for the operator of the device with regard to the significance of the second code words.
- the text parts are for example indications such as "Giro", "VISA” and the like, whereby the second code words associated therewith are in particular the PIN codes for a Giro cheque card and a VISA card respectively.
- said text parts are stored in non-encoded form.
- the input, storage, processing and output of data only takes place when enabling means are kept in active condition, preferably by manual operation.
- the enabling means thus function as a dead man's button, whereby in particular the display unit of the device for carrying out the method is cleared of all information when the dead man's button is released. The effect of this is that when a thief takes away the device from its rightful holder, the dead man's button is no longer operated, as a consequence of which the device will not provide the thief with any information whatsoever with regard to the valid first code word/password to be input and the correct second code words/PIN codes associated therewith.
- a symmetrical encoding/decoding method is used, so that the same first code word or password can be used for coding/decoding.
- the device for carrying out the method comprises a memory and data input means connected to said memory, as well as encoding means connected to said data input means and to said memory, decoding means connected to at least the data output means and the memory, latch means coupled to said memory and said data output means, and a comparing unit connected to said encoding means and to said memory, said comparing unit being connected to said latch means for channelling (valid or invalid) code words read from said memory exclusively at the command of said comparing unit.
- Figure 1 shows a possible embodiment of the device according to the invention
- Figures 2, 3, 4 and 5 show flow diagrams, with reference to which the method according to the invention will be further explained.
- Figure 1 shows a device 11, by means of which a secure storage of data is ensured.
- the device 11 comprises data input means 12, encoding means 13 connected to said data input means 12, a memory 16, which is inter alia provided with a read-in gate 14 and a read-out gate 15 and which is connected to said encoding means 13, a comparing unit 17 connected to both gates 14 and 15, latch means 18 connected to said memory 16, decoding means 19 connected to said latch means 18, as well as data output means 20 connected to said decoding means 19.
- the device 11 comprises a central processing unit (CPU) 21, which is inter alia connected (in a manner not shown) to the data input means 12, the data output means 20 and to memory 16.
- CPU central processing unit
- the CPU 21 will furthermore be connected (in a manner not shown) to each of the aforesaid circuits of the device 11, in order to be able to supply the required control and check signals thereto.
- the device 11 includes enabling means 22, which are connected to the CPU 21. Said enabling means 22 are usually connected to the reset input and/or to the test input and/or to the interrupt pin of the CPU 21.
- the data input means 12 for example comprise a keyboard.
- the data output means 20 for example include a display unit, such as an LCD display.
- the device 11 is turned on or activated by activating the enabling means 22, hereinafter called the dead man's button.
- the dead man's button is thereby the fact that the energy consumption of the device 11 is minimal, since a slightly greater amount of power is only taken off from the power supply means (not shown) present within the device 11, in the form of one or more batteries, as long as the dead man's button 22 is being depressed.
- the device 11 will automatically return to a so-called "deep power down" condition after any exit procedures that may be necessary have been carried out in order to store data in an orderly manner and leave the device 11 in a well-defined condition.
- Part of the memory 16 will be reserved as a program memory for the CPU 21. The main loop of the programme present within said program memory only tests intermittently whether the dead man's button 22 is still activated and whether one or more keys of the keyboard are being depressed.
- the programme When the dead man's button 22 is depressed for the first time the programme will start at 1 and the input of a first code word or password is requested at 2. At the first start of the device 11 the password input by means of the data input means 12 will automatically be valid, as a consequence of which the Boolean variable PW will be valid in block 3.1. When the device 11 is subsequently activated. the validity of the password will be verified at 3. If the password is not valid, the programme will pass through block 3.2 and PW will be invalid. When the dead man's button 22 is released the system will stop at 4.2, after having executed the aforesaid exit procedures. When the dead man's button is depressed the system will proceed to 4.1, that is "select f nction".
- memory 16 When the device 11 is turned on for the first time memory 16 will still be empty and consequently it will be possible to select options 5, 6 or 7. Let us assume that option 7 is selected first.
- the table below shows the text corresponding with the numbered blocks in Figure 5.
- the program will start at 7.1, followed by 7.2, in which a request is made to select data item n. Because more than one second code words may be stored under one first code word or password, the number of the stored second code word is expressed by means of the variable n.
- a respective associated text part for example comprising the words "Giro", "VISA”, may be input at 7.3.
- the input text part is associated with the respective index number n at 7.4.
- the second code word is input, which may consist of alphanumeric symbols, if desired, but which will usually be constructed purely numerically.
- the respective second code word is encoded in the encoding means 13 by means of the input first code word/password.
- the value of the Boolean variable PW is retrieved from a reserved part of the memory 16, after which the respective encoded code word will be stored at 7.7.1 and 7.7.2. If PW is valid it concerns a "real data item" at 7.7.1, whilst the stored encoded code word at 7.7.2 is a "fake data item”.
- the programme returns to the test shown at 4 in Figure 2, in order to verify whether the dead man's button is still being depressed. The first time that function 7 is selected PW will be valid at 7.7.
- the data to be displayed are selected in memory 16 at 5.2, after which the Boolean variable PW is consulted at 5.3. If PW is valid, it will be obvious that the input password corresponds with the previously input password, whereupon the aforesaid "real data item" that has been selected is decoded in the decoding means 19 at 5.3.1. Then the decoded "real data item” is displayed on the LCD-screen at 5.4, together with the associated text part.
- the index n By depressing an appropriate key on the keyboard of the data input means 12 it becomes possible to glance through the index n, so that for example the text part "Giro” and the text part "VISA" are successively displayed on the screen, together with the "real data items” associated therewith, which contain the second code words originally input with that password.
- the second code words contain for example the PIN codes associated with the respective passes referred to above. If it is determined at 5.3 that PW is not valid, then the aforesaid "fake data item" that has been selected is decoded by means of the obviously incorrect password then input. Also in that case the respective second code words input under said password will be displayed on the LCD- screen at 5.4.
- the second code words however, in particular the PIN codes which had been stored by means of the originally input password, cannot be retrieved in this manner.
- the new password is input at 6.2.
- all "real data items” will be decoded by means of the correct original password previously input at 2 in Figure 2.
- said decoded "real data items” are encoded by means of the newly input password.
- the newly input password is encoded with a constant string stored in the memory 16 at 6.4, with a view to a password validation to be carried out at 3 in Figure 2, after which the programme returns to block 4 in Figure 2 at 6.6. If an incorrect password was initially input at 3, in other words, if PW is invalid, all "fake data items" will be decoded by means of the originally input password at 6.3.2 and subsequently encoded by means of the newly input password.
Abstract
Description
Claims
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
EP95900104A EP0729614A1 (en) | 1993-11-02 | 1994-10-31 | A method and a device for storing information, in particular pin codes |
AU81056/94A AU8105694A (en) | 1993-11-02 | 1994-10-31 | A method and a device for storing information, in particular pin codes |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
NL9301880 | 1993-11-02 | ||
NL9301880A NL9301880A (en) | 1993-11-02 | 1993-11-02 | Method and device for storing data, in particular pin codes. |
Publications (1)
Publication Number | Publication Date |
---|---|
WO1995012852A1 true WO1995012852A1 (en) | 1995-05-11 |
Family
ID=19863071
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/EP1994/003593 WO1995012852A1 (en) | 1993-11-02 | 1994-10-31 | A method and a device for storing information, in particular pin codes |
Country Status (4)
Country | Link |
---|---|
EP (1) | EP0729614A1 (en) |
AU (1) | AU8105694A (en) |
NL (1) | NL9301880A (en) |
WO (1) | WO1995012852A1 (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2005122071A2 (en) * | 2004-06-09 | 2005-12-22 | Koninklijke Philips Electronics N. V. | One-time authentication system |
Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
SU1136142A1 (en) * | 1983-09-19 | 1985-01-23 | Предприятие П/Я А-3327 | Information input device |
EP0154252A2 (en) * | 1984-02-23 | 1985-09-11 | Fujitsu Limited | Programmable read only memory device and memory system employing the same |
US4819204A (en) * | 1985-07-08 | 1989-04-04 | Siemens Aktiengesellschaft | Method for controlling memory access on a chip card and apparatus for carrying out the method |
EP0334503A2 (en) * | 1988-03-24 | 1989-09-27 | Racal-Guardata Financial Systems Limited | Data-processing apparatus and method |
EP0402961A2 (en) * | 1985-05-31 | 1990-12-19 | Casio Computer Company Limited | Portable electronic memorandum device |
US5224166A (en) * | 1992-08-11 | 1993-06-29 | International Business Machines Corporation | System for seamless processing of encrypted and non-encrypted data and instructions |
EP0558222A1 (en) * | 1992-02-26 | 1993-09-01 | International Business Machines Corporation | Personal computer system with security features and method |
-
1993
- 1993-11-02 NL NL9301880A patent/NL9301880A/en not_active Application Discontinuation
-
1994
- 1994-10-31 AU AU81056/94A patent/AU8105694A/en not_active Abandoned
- 1994-10-31 EP EP95900104A patent/EP0729614A1/en not_active Withdrawn
- 1994-10-31 WO PCT/EP1994/003593 patent/WO1995012852A1/en not_active Application Discontinuation
Patent Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
SU1136142A1 (en) * | 1983-09-19 | 1985-01-23 | Предприятие П/Я А-3327 | Information input device |
EP0154252A2 (en) * | 1984-02-23 | 1985-09-11 | Fujitsu Limited | Programmable read only memory device and memory system employing the same |
EP0402961A2 (en) * | 1985-05-31 | 1990-12-19 | Casio Computer Company Limited | Portable electronic memorandum device |
US4819204A (en) * | 1985-07-08 | 1989-04-04 | Siemens Aktiengesellschaft | Method for controlling memory access on a chip card and apparatus for carrying out the method |
EP0334503A2 (en) * | 1988-03-24 | 1989-09-27 | Racal-Guardata Financial Systems Limited | Data-processing apparatus and method |
EP0558222A1 (en) * | 1992-02-26 | 1993-09-01 | International Business Machines Corporation | Personal computer system with security features and method |
US5224166A (en) * | 1992-08-11 | 1993-06-29 | International Business Machines Corporation | System for seamless processing of encrypted and non-encrypted data and instructions |
Non-Patent Citations (1)
Title |
---|
SOVIET PATENTS ABSTRACTS Week 8531, Derwent World Patents Index; AN 85-189154 * |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2005122071A2 (en) * | 2004-06-09 | 2005-12-22 | Koninklijke Philips Electronics N. V. | One-time authentication system |
WO2005122071A3 (en) * | 2004-06-09 | 2006-03-16 | Koninkl Philips Electronics Nv | One-time authentication system |
US8621602B2 (en) | 2004-06-09 | 2013-12-31 | Nxp B.V. | One-time authentication system |
Also Published As
Publication number | Publication date |
---|---|
NL9301880A (en) | 1995-06-01 |
EP0729614A1 (en) | 1996-09-04 |
AU8105694A (en) | 1995-05-23 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US6130621A (en) | Method and apparatus for inhibiting unauthorized access to or utilization of a protected device | |
US4856062A (en) | Computing and indicating device | |
US4972182A (en) | Electronic security lock | |
JPS60138645A (en) | Safety device and method for disabling microprocessor control type electronic equipment after occurrence of use forbidding event | |
US4720860A (en) | Method and apparatus for positively identifying an individual | |
TW323359B (en) | ||
US5237616A (en) | Secure computer system having privileged and unprivileged memories | |
RU2188447C2 (en) | Electronic data processing device and system | |
US20070136593A1 (en) | Secure information storage apparatus | |
US6957338B1 (en) | Individual authentication system performing authentication in multiple steps | |
CN101057225B (en) | Selective protection of files on portable memory devices | |
CA2133743A1 (en) | Electronic Security System | |
CA2162644A1 (en) | Computer resource regulation | |
JPH03503220A (en) | Method and mobile device for checking message integrity | |
ATE78616T1 (en) | PORTABLE MEDIA DATA SECURITY SYSTEM. | |
EP0758109B1 (en) | Method of processing and comparing a password | |
RU2002127119A (en) | LOCKING DEVICE WITH KEY | |
JPH05334253A (en) | Method for utilizing information processing workstation with password and information processing workstation utilizing the method | |
US5651067A (en) | Storage and selective information transmission system for personal data | |
US5811885A (en) | Process for controlling the use of a motor vehicle using a two part code signal | |
WO2002021433A3 (en) | Method and device for providing secure use of an electronic authorization/credit card | |
EP0729614A1 (en) | A method and a device for storing information, in particular pin codes | |
JPH0466141B2 (en) | ||
US5163141A (en) | RAM lock device and method for a text entry system | |
CN110119802A (en) | Multi-use card system and implementation method |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AK | Designated states |
Kind code of ref document: A1 Designated state(s): AM AT AU BB BG BR BY CA CH CN CZ DE DK ES FI GB GE HU JP KE KG KP KR KZ LK LT LU LV MD MG MN MW NL NO NZ PL PT RO RU SD SE SI SK TJ TT UA US UZ VN |
|
AL | Designated countries for regional patents |
Kind code of ref document: A1 Designated state(s): KE MW SD SZ AT BE CH DE DK ES FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI CM GA GN ML MR NE SN TD TG |
|
DFPE | Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101) | ||
121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
WWE | Wipo information: entry into national phase |
Ref document number: 1995900104 Country of ref document: EP |
|
ENP | Entry into the national phase |
Ref country code: US Ref document number: 1996 666541 Date of ref document: 19960628 Kind code of ref document: A Format of ref document f/p: F |
|
REG | Reference to national code |
Ref country code: DE Ref legal event code: 8642 |
|
WWP | Wipo information: published in national office |
Ref document number: 1995900104 Country of ref document: EP |
|
NENP | Non-entry into the national phase |
Ref country code: CA |
|
WWW | Wipo information: withdrawn in national office |
Ref document number: 1995900104 Country of ref document: EP |