公开(公告)号：GB2270446B

公开(公告)日：1996-01-24

申请号：GB9218816

申请日：1992-09-04

Applicant: IBM UK

Inventor： HOLLOWAY CHRISTOPHER J

IPC: H04L9/08 ,  H04L9/32 ,  H04L9/30

公开(公告)号：GB2288476A

公开(公告)日：1995-10-18

申请号：GB9406615

申请日：1994-04-05

Applicant: IBM

Inventor： HOLLOWAY CHRISTOPHER J ,  MATYAS JR STEPHEN MICHAEL

IPC: H04L9/32 ,  H04N1/32 ,  G07D7/00 ,  G06T9/00

公开(公告)号：GB2283349A

公开(公告)日：1995-05-03

申请号：GB9322360

申请日：1993-10-29

Applicant: IBM

Inventor： HOLLOWAY CHRISTOPHER J

IPC: G06F21/20 ,  G06Q20/34 ,  G06K17/00 ,  G06Q20/36 ,  G06Q20/40 ,  G07C9/00 ,  G07F7/10 ,  G09C1/00 ,  H04L9/00 ,  H04L9/32 ,  G07F19/00

Abstract: A transaction processing system comprises at least one transaction terminal (10, 11, 12) having means to receive characteristic data from a user, which characteristic data is required to generate a characteristic image associated with the user, such as an image of the user's signature, from data stored in a data processing system (14); and logic for generating a transaction message by combining transaction data with the characteristic data in such a way that the transaction data is required to recover the characteristic data from the message. The data processing system (14) comprises means to store the user data, to receive and store the message, to recover the characteristic data from the message using the transaction data, and to reconstruct the characteristic image from the user data using the characteristic data to establish that the transaction was valid by associating the characteristic image with the transaction data.

公开(公告)号：CA2100234A1

公开(公告)日：1994-04-17

申请号：CA2100234

申请日：1993-07-09

Applicant: IBM

Inventor： ELANDER ROBERT C ,  HOLLOWAY CHRISTOPHER J ,  JOHNSON DONALD B ,  KELLY MICHAEL J ,  LE AN V ,  LUBOLD PAUL G ,  MATYAS STEPHEN M ,  RANDALL JAMES D ,  WILKINS JOHN D

IPC: G09C1/00 ,  H04L9/06 ,  H04L9/08 ,  H04L9/30 ,  G09C5/00

Abstract: A method and system are disclosed for the implementation of a weakened privacy channel. This is achieved through use of a weakened symmetric cryptographic algorithm called commercial data masking. The masked text is created from clear text at one system and may to transported electronically to another system where the masked text may be unmasked to produce the clear text. The reason to use the commercial data masking algorithm for data privacy is that it is exportable to organizations to which products which contain the Data Encryption Algorithm when used for data privacy are not exportable. In addition, a method and system is disclosed by which the key when used for commercial data masking may be transformed into a key that may be used with the Data Encryption Algorithm.

公开(公告)号：GB2270446A

公开(公告)日：1994-03-09

申请号：GB9218816

申请日：1992-09-04

Applicant: IBM UK

Inventor： HOLLOWAY CHRISTOPHER J

IPC: H04L9/08 ,  H04L9/32 ,  H04L9/30

Abstract: The method includes preparing a portable data processing device ("smart card") at each site having a first data record which can only be read at that site but which can be written to at any site, and a second data record which can only be written at that site but which can be read at any site, the device also containing a testable key particular to that device. Each site also creates and publishes a set of test patterns against which the authenticity of the card can be verified. Each site then creates one part of the key to be agreed upon, and a test pattern for that key part. The test pattern is written to the site's own smart card in the second data record. The cards are exchanged, and the received cards are tested for authenticity using the published test patterns. Once accepted as genuine, the test pattern for the key part of the other site is read and stored. The key part previously generated is written onto the first data record of the received card. The cards are exchanged again. The key part is read at the home site of the card. The key part is verified for authenticity against the stored test pattern which was received earlier. Each site then combines the received key part with the locally created key part and they now share a common key.

公开(公告)号：DE3481739D1

公开(公告)日：1990-04-26

申请号：DE3481739

申请日：1984-08-29

Applicant: IBM DEUTSCHLAND

Inventor： BRACHTL BRUNO ,  HOLLOWAY CHRISTOPHER J ,  LENNON RICHARD EDWARD ,  MATYAS STEPHEN MICHAEL ,  MEYER CARL HEINZ-WILHELM ,  OSEAS JONATHAN

IPC: G07F7/12 ,  G06Q20/10 ,  G06Q20/34 ,  G06Q20/40 ,  G07D9/00 ,  G07F7/10 ,  H04L9/32

Abstract: An electronic funds transfer system (EFT) is described in which retail terminals located in stores are connected through a public switched telecommunication system to card issuing agencies data processing centres. Users of the system are issued with intelligent secure bank cards, which include a microprocessor, ROS and RAM stores. The ROS includes a personal key (KP) and an account number (PAN) stored on the card when the issuer issues it to the user. Users also have a personal identity number (PIN) which is stored or remembered separately.A transaction is initiated at a retail terminal when a card is inserted in an EFT module connected to the terminal. A request message including the PAN and a session key (KS) is transmitted to the issuers data processing centre. The issuer generates an authentication parameter (TAP) based upon its stored version of KP and PIN and a time variant parameter received from the terminal. The TAP is then returned to the terminal in a response message, and based upon an imputed PIN, partial processing of the input PIN and KP on the card a derived TAP is compared with the received TAP in the terminal. A correct comparison indicating that the entered PIN is valid.The request message includes the PAN encoded under the KS and KS encoded under a cross-domain key. Message authentication codes (MAC) are attached to message and the correct reception and regeneration of a MAC on a message including a term encoded under KS indicates that the received KS is valid and that the message originated at a valid terminal or card.