公开(公告)号：JPS61145642A

公开(公告)日：1986-07-03

申请号：JP25301285

申请日：1985-11-13

Applicant: IBM

Inventor： MATYAS STEPHEN MICHAEL ,  OSEAS JONATHAN

IPC: H04L9/00 ,  G06F1/00 ,  G06F12/14 ,  G06F21/00 ,  G06F21/22 ,  G06F21/24 ,  G07F7/00 ,  G07F7/10 ,  H04L9/32

公开(公告)号：DE3479065D1

公开(公告)日：1989-08-24

申请号：DE3479065

申请日：1984-08-29

Applicant: IBM ,  IBM UK ,  IBM DEUTSCHLAND

Inventor： BRACHTL BRUNO ,  HOLLOWAY CHRISTOPHER J ,  LENNON RICHARD EDWARD ,  MATYAS STEPHEN MICHAEL ,  MEYER CARL HEINZ-WILHELM ,  OSEAS JONATHAN

IPC: G07F7/12 ,  G06Q20/08 ,  G06Q20/20 ,  G06Q20/34 ,  G06Q20/38 ,  G06Q20/40 ,  G07D9/00 ,  G07F7/10 ,  G07F19/00 ,  H04L9/02

Abstract: @ An electronic funds transfer system (EFT) is described in which retail terminals located in stores are connected through a public switched telecommunication system to card issuing agencies data processing centres. Users of the system are issued with intelligent secure bank cards, which include a microprocessor, ROS and RAM stores. The ROS includes a personal key (KP) and an account number (PAN) stored on the card when the issuer issues it to the user. Users also have a personal identity number (PIN) which is stored or remembered separately. A transaction is initiated at a retail terminal when a card is inserted in an EFT module connected to the terminal. A request message including the PAN and a session key (KS) is transmitted to the issuers data processing centre. The issuer generates an authentication parameter (TAP) based upon its stored version of KP and PIN and a time variant parameter received from the terminal. The TAP is then returned to the terminal in a response message, and based upon an inputed ./... PIN, partial processing of the input PIN and KP on the card a derived TAP is compared with the received TAP in the terminal. A correct comparison indicating that the entered PIN is valid.The request message includes the PAN encoded under the KS and KS encoded under a cross-domain key. Message authentication codes (MAC) are attached to each message and the correct reception and regeneration of a MAC on a message including a term encoded under KS indicates that the received KS is valid and that the message originated at a valid terminal or card.

公开(公告)号：DE2861957D1

公开(公告)日：1982-09-02

申请号：DE2861957

申请日：1978-12-05

Applicant: IBM

Inventor： EHRSAM WILLIAM FRIEDRICH ,  ELANDER ROBERT CARL ,  HOLLIS LLOYD LEE ,  LENNON RICHARD EDWARD ,  MATYAS STEPHEN MICHAEL ,  MEYER CARL HEINZ WILHELM ,  OSEAS JONATHAN ,  TUCHMAN WALTER LEONARD

IPC: H04L9/06 ,  G09C1/00 ,  H04L9/08 ,  H04L9/14 ,  H04L9/18 ,  H04L11/26 ,  H04L9/02

Abstract: This invention concerns a multiple domain data communication method and network. An embodiment of the invention provides communication security for data transmissions between different domains of a multiple domain communication network where each domain includes a host system i, j, k and its associated resources of programs and communication terminals T. The host systems and communication terminals include data security devices 11, X each having a master key 13 which permits a variety of cryptographic operations to be performed. When a host system in one domain wishes to communicate with a host system in another domain, a common session key is established at both host systems to permit cryptographic operations to be performed. This is accomplished by using a mutually agreed upon cross-domain key known by both host systems and does not require each host system to reveal its master key to the other host system. The cross domain key is enciphered under a key encrypting key designated as the sending cross domain key at the sending host system and under a different key encrypting key designated as the receiving cross domain key at the receiving host system. The sending host system creates an enciphered session key and together with the sending cross-domain key performs a transformation function to reencipher the session key under the sending cross domain key for transmission to the receiving host system. At the receiving host system, the receiving host system using the receiving cross-domain key and the received session key, performs a transformation function to reencipher the receives session key from encipherment under the sending cross domain key to encipherment under the receiving host system master key. With the common session key now available in usable form at both host systems, a communication session may be established and cryptographic operations can proceed between the domains of the two host systems.

公开(公告)号：DE2861905D1

公开(公告)日：1982-08-05

申请号：DE2861905

申请日：1978-12-05

Applicant: IBM

Inventor： LENNON RICHARD EDWARD ,  MATYAS STEPHEN MICHAEL ,  MEYER CARL HEINZ WILHELM ,  OSEAS JONATHAN ,  PRENTICE PAUL NORMAN ,  TUCHMAN WALTER LEONARD

IPC: H04K1/00 ,  G07F7/10 ,  H04L9/18 ,  H04L9/32 ,  H04L9/02

Abstract: This invention concerns a process and apparatus for the verification of cryptographic operational keys used in data communication networks. In a data communication network providing communication security for communication sessions between a first station and a second station where each station has cryptographic apparatus provided with an operational key which should be common to both stations for cryptographic operations, an operational key verification arrangement is provided in which a first number provided at the first station is operated upon in accordance with the first station operational key to obtain cryptographic data for transmission to the second station, requiring the second station to perform an operation on the first station cryptographic data in accordance with the second station operational key to obtain cryptographic data for transmission back to the first station, and in which an operation is performed at the first station in accordance with the first number and the second station cryptographic data to verify that the second station is the source of second station cryptographic data only if the operational keys are identical.

公开(公告)号：DE3587072T2

公开(公告)日：1993-08-12

申请号：DE3587072

申请日：1985-11-29

Applicant: IBM

Inventor： MATYAS STEPHEN MICHAEL ,  OSEAS JONATHAN

IPC: H04L9/00 ,  G06F1/00 ,  G06F12/14 ,  G06F21/00 ,  G06F21/22 ,  G06F21/24 ,  G07F7/00 ,  G07F7/10 ,  H04L9/32

Abstract: A cryptographic method for discouraging the copying and sharing of purchased software programs allows an encrypted program to be run on only a designated computer or, alternatively, to be run on any computer but only by the user possessing a designated smart card. Each program offering sold by the software vendor is encrypted with a unique file key and then written on a diskette. A user who purchases a diskette having written thereon an encrypted program must first obtain a secret password from the software vendor. This password will allow the encrypted program to be recovered at a prescribed, designated computer having a properly implemented and initialised encryption feature. The encryption feature decrypts the file key of the program from the password, and when the encrypted program is loaded at the proper computer, the program or a portion of it is automatically decrypted and written into a protected memory from which it can only be executed and not accessed for non-execution purposes. In alternative embodiments, the user is not confined to a prescribed, designated computer but may use the program on other, different computers with a smart card provided the computers have a properly implemented and initialised encryption feature that accepts the smart card. As a further modification, the cryptographic facility may support operations that enable the user to encrypt and decrypt user generated files and/or user generated programs.

公开(公告)号：GB2146815A

公开(公告)日：1985-04-24

申请号：GB8324917

申请日：1983-09-17

Applicant: IBM

Inventor： OSEAS JONATHAN ,  BRACHTL BRUNO ,  HOLLOWAY CHRISTOPHER J ,  LENNON RICHARD EDWARD ,  MATYAS STEPHEN MICHAEL ,  MEYER CARL HEINZ-WILHELM

IPC: G06Q20/08 ,  G07F7/12 ,  G06Q20/20 ,  G06Q20/34 ,  G06Q20/38 ,  G06Q20/40 ,  G07D9/00 ,  G07F7/10 ,  G07F19/00 ,  H04L9/00

Abstract: @ An electronic funds transfer system (EFT) is described in which retail terminals located in stores are connected through a public switched telecommunication system to card issuing agencies data processing centres. Users of the system are issued with intelligent secure bank cards, which include a microprocessor, ROS and RAM stores. The ROS includes a personal key (KP) and an account number (PAN) stored on the card when the issuer issues it to the user. Users also have a personal identity number (PIN) which is stored or remembered separately. A transaction is initiated at a retail terminal when a card is inserted in an EFT module connected to the terminal. A request message including the PAN and a session key (KS) is transmitted to the issuers data processing centre. The issuer generates an authentication parameter (TAP) based upon its stored version of KP and PIN and a time variant parameter received from the terminal. The TAP is then returned to the terminal in a response message, and based upon an inputed ./... PIN, partial processing of the input PIN and KP on the card a derived TAP is compared with the received TAP in the terminal. A correct comparison indicating that the entered PIN is valid.The request message includes the PAN encoded under the KS and KS encoded under a cross-domain key. Message authentication codes (MAC) are attached to each message and the correct reception and regeneration of a MAC on a message including a term encoded under KS indicates that the received KS is valid and that the message originated at a valid terminal or card.

公开(公告)号：DE3587072D1

公开(公告)日：1993-03-18

申请号：DE3587072

申请日：1985-11-29

Applicant: IBM

Inventor： MATYAS STEPHEN MICHAEL ,  OSEAS JONATHAN

IPC: H04L9/00 ,  G06F1/00 ,  G06F12/14 ,  G06F21/00 ,  G06F21/22 ,  G06F21/24 ,  G07F7/00 ,  G07F7/10 ,  H04L9/32

Abstract: A cryptographic method for discouraging the copying and sharing of purchased software programs allows an encrypted program to be run on only a designated computer or, alternatively, to be run on any computer but only by the user possessing a designated smart card. Each program offering sold by the software vendor is encrypted with a unique file key and then written on a diskette. A user who purchases a diskette having written thereon an encrypted program must first obtain a secret password from the software vendor. This password will allow the encrypted program to be recovered at a prescribed, designated computer having a properly implemented and initialised encryption feature. The encryption feature decrypts the file key of the program from the password, and when the encrypted program is loaded at the proper computer, the program or a portion of it is automatically decrypted and written into a protected memory from which it can only be executed and not accessed for non-execution purposes. In alternative embodiments, the user is not confined to a prescribed, designated computer but may use the program on other, different computers with a smart card provided the computers have a properly implemented and initialised encryption feature that accepts the smart card. As a further modification, the cryptographic facility may support operations that enable the user to encrypt and decrypt user generated files and/or user generated programs.

公开(公告)号：CA1249865A

公开(公告)日：1989-02-07

申请号：CA504803

申请日：1986-03-24

Applicant: IBM

Inventor： BASS WALTER E ,  MATYAS STEPHEN M ,  OSEAS JONATHAN

IPC: H04L9/06 ,  H04L9/08 ,  H04L9/14 ,  H04L9/32 ,  H04L9/00

Abstract: A METHOD FOR ESTABLISHING USER AUTHENTICATION WITH COMPOSITE SESSION KEYS AMONG CRYPTOGRAPHICALLY COMMUNICATING NODES of the Invention A method for authenticating nodes/users and in protecting data flow between nodes. This is facilitated by creating a dialogue involving authenticated encryption among the nodes. During each session, a key for use in cryptographic conversion is constructed among the node participants in order to permit symmetric authentication. The key is unique to the session. A different key is generated for each and every session. The building of the session key involves sharing of a minimal amount of information among the participants in the form of combining both a random number and authentication indicia.

公开(公告)号：CA1328129C

公开(公告)日：1994-03-29

申请号：CA572708

申请日：1988-07-21

Applicant: IBM

Inventor： BRACHTL BRUNO ,  COPPERSMITH DON ,  HYDEN MYRNA ,  MATYAS STEPHEN JR ,  MEYER CARL ,  OSEAS JONATHAN ,  PILPEL SHAIY ,  SCHILLING MICHAEL

IPC: H04L9/32 ,  H04L9/06

Abstract: DATA AUTHENTICATION USING MODIFICATION DETECTION CODES BASED ON A PUBLIC ONE WAY ENCRYPTION FUNCTION A cryptographic method and apparatus are disclosed which transform a message of arbitrary length into a block of fixed length (128 bits) defined modification detection code (MDC). Although there are a large number of messages which result in the same MDC, because the MDC is a many to-one function of the input, it is required that it is practically not feasible for an opponent to find them. In analyzing the methods, a distinction is made between two types of attacks, i.e., insiders (who have access to the system) and outsiders (who do not). The first method employs four encryption steps per DEA block and provides the higher degree of security. Coupling between the different DEA operations is provided by using the input keys also as data in two of the four encryption steps. In addition, there is cross coupling by interchanging half of the internal keys. Although this second coupling operation does not add to security in this scheme, it is mandatory in the second method, which employs only two encryption steps per DEA block to trade off security for performance. By providing key cross-coupling in both schemes, an identical kernel is established for both methods. This has an implementation advantage since the first method can be achieved by applying the second method twice. The MDC, when loaded into a secure device, authorizes one and only one data set to be authenticated by the MDC, whereas methods based on message authentication codes or digital signatures involving a public key algorithm authorize a plurality of data sets to be authenticated. The MDC therefore provides for greater security control.

公开(公告)号：CA1238427A

公开(公告)日：1988-06-21

申请号：CA492225

申请日：1985-10-03

Applicant: IBM

Inventor： MATYAS STEPHEN M ,  OSEAS JONATHAN

IPC: H04L9/00 ,  G06F1/00 ,  G06F12/14 ,  G06F21/00 ,  G06F21/22 ,  G06F21/24 ,  G07F7/00 ,  G07F7/10 ,  H04L9/32 ,  G06F9/06

Abstract: A cryptographic method for discouraging the copying and sharing of purchased software programs allows an encrypted program to be run on only a designated computer or, alternatively, to be run on any computer but only by the user possessing a designated smart card. Each program offering sold by the software vendor is encrypted with a unique file key and then written on a diskette. A user who purchases a diskette having written thereon an encrypted program must first obtain a secret password from the software vendor. This password will allow the encrypted program to be recovered at a prescribed, designated computer having a properly implemented and initialized encryption feature. The encryption feature decrypts the file key of the program from the password, and when the encrypted program is loaded at the proper computer, the program or a portion of it is automatically decrypted and written into a protected memory from which it can only be executed and not accessed for non-execution purposes. In alternative embodiments, the user is not confined to a prescribed, designated computer but may use the program on other, different computers with a smart card provided the computers have a properly implemented and initialized encryption feature that accepts the smart card. As a further modification, the cryptographic facility may support operations that enable the user to encrypt and decrypt user generated files and/or user generated programs.