公开(公告)号：JP2000047945A

公开(公告)日：2000-02-18

申请号：JP16036099

申请日：1999-06-08

Applicant: IBM

Inventor： ALBERT SCHARRE ,  SCHERZER HELMUT ,  SCHILLING MICHAEL

IPC: G06F12/14 ,  G06F11/00 ,  G06F21/60 ,  G06F21/62 ,  G06K19/073 ,  G07F7/10

Abstract: PROBLEM TO BE SOLVED: To guard against the intelligence report of secret information by resetting a counter value to a start value when a prescribed event occurs and preventing the usage of secret information when the value reaches the max. value. SOLUTION: The starting position A of a counter is provided with a prescribed starting value A. The value is increased by a specified value (the state B of the counter) at the time of the respective occurrences of code usage. When the counter value exceeds a specified and prescribed max. value (the final state C of the counter) by the input of the specified event (b), access to the code is prevented. A function protected by the code cannot be executed. A prescribed event (c) for resetting the counter to be the start state A in a prescribed starting value exists concerning the respective codes. When the event (c) occurs, the counter is automatically reset to be in the starting state unless the state reaches the ending state (c).

公开(公告)号：DE19831884A1

公开(公告)日：2000-01-20

申请号：DE19831884

申请日：1998-07-17

Applicant: IBM

Inventor： SCHAAL ALBERT ,  SCHERZER HELMUT ,  SCHILLING MICHAEL

IPC: G06F12/14 ,  G06F11/00 ,  G06F21/60 ,  G06F21/62 ,  G06K19/073 ,  G07F7/10 ,  H04L9/00

Abstract: The invention presented describes a system and procedure for protecting against the espionage of secret information. A counter is allocated to each secret piece of information, in particular codes. The counter counts the number of uses of the secret information. In this, the counter is set to a starting value. Each use of the secret data element increases the counter state by a defined value. If the counter state reaches a maximum value, the use of the secret data element will be blocked. The blocking of the secret information can, however, be avoided if a defined event occurs before the maximum value of the counter is reached which automatically resets the counter state to its starting value. Any technical, economic or organisational condition can be defined as an event. Particular advantages of the invention presented are that each code can have its own counter allocated to it. In this way, different numbers of uses can be established for each code with regard to its function. As a chip card can contain any number of codes for the most widely differing applications, the block is limited solely to the application affected. The use of the chip card is not therefore blocked as a whole. The events can be easily adapted to the widest range of security and user requirements of the respective application area.

公开(公告)号：DE69909379T2

公开(公告)日：2004-04-15

申请号：DE69909379

申请日：1999-05-05

Applicant: IBM

Inventor： SCHAAL ALBERT ,  SCHERZER HELMUT ,  SCHILLING MICHAEL

IPC: G06F12/14 ,  G06F11/00 ,  G06F21/60 ,  G06F21/62 ,  G06K19/073 ,  G07F7/10

Abstract: The invention presented describes a system and procedure for protecting against the espionage of secret information. A counter is allocated to each secret piece of information, in particular codes. The counter counts the number of uses of the secret information. In this, the counter is set to a starting value. Each use of the secret data element increases the counter state by a defined value. If the counter state reaches a maximum value, the use of the secret data element will be blocked. The blocking of the secret information can, however, be avoided if a defined event occurs before the maximum value of the counter is reached which automatically resets the counter state to its starting value. Any technical, economic or organisational condition can be defined as an event. Particular advantages of the invention presented are that each code can have its own counter allocated to it. In this way, different numbers of uses can be established for each code with regard to its function. As a chip card can contain any number of codes for the most widely differing applications, the block is limited solely to the application affected. The use of the chip card is not therefore blocked as a whole. The events can be easily adapted to the widest range of security and user requirements of the respective application area.

公开(公告)号：DE19831884C2

公开(公告)日：2001-09-20

申请号：DE19831884

申请日：1998-07-17

Applicant: IBM

Inventor： SCHAAL ALBERT ,  SCHERZER HELMUT ,  SCHILLING MICHAEL

IPC: G06F12/14 ,  G06F11/00 ,  G06F21/60 ,  G06F21/62 ,  G06K19/073 ,  G07F7/10 ,  H04L9/00

Abstract: The invention presented describes a system and procedure for protecting against the espionage of secret information. A counter is allocated to each secret piece of information, in particular codes. The counter counts the number of uses of the secret information. In this, the counter is set to a starting value. Each use of the secret data element increases the counter state by a defined value. If the counter state reaches a maximum value, the use of the secret data element will be blocked. The blocking of the secret information can, however, be avoided if a defined event occurs before the maximum value of the counter is reached which automatically resets the counter state to its starting value. Any technical, economic or organisational condition can be defined as an event. Particular advantages of the invention presented are that each code can have its own counter allocated to it. In this way, different numbers of uses can be established for each code with regard to its function. As a chip card can contain any number of codes for the most widely differing applications, the block is limited solely to the application affected. The use of the chip card is not therefore blocked as a whole. The events can be easily adapted to the widest range of security and user requirements of the respective application area.

公开(公告)号：CA1328129C

公开(公告)日：1994-03-29

申请号：CA572708

申请日：1988-07-21

Applicant: IBM

Inventor： BRACHTL BRUNO ,  COPPERSMITH DON ,  HYDEN MYRNA ,  MATYAS STEPHEN JR ,  MEYER CARL ,  OSEAS JONATHAN ,  PILPEL SHAIY ,  SCHILLING MICHAEL

IPC: H04L9/32 ,  H04L9/06

Abstract: DATA AUTHENTICATION USING MODIFICATION DETECTION CODES BASED ON A PUBLIC ONE WAY ENCRYPTION FUNCTION A cryptographic method and apparatus are disclosed which transform a message of arbitrary length into a block of fixed length (128 bits) defined modification detection code (MDC). Although there are a large number of messages which result in the same MDC, because the MDC is a many to-one function of the input, it is required that it is practically not feasible for an opponent to find them. In analyzing the methods, a distinction is made between two types of attacks, i.e., insiders (who have access to the system) and outsiders (who do not). The first method employs four encryption steps per DEA block and provides the higher degree of security. Coupling between the different DEA operations is provided by using the input keys also as data in two of the four encryption steps. In addition, there is cross coupling by interchanging half of the internal keys. Although this second coupling operation does not add to security in this scheme, it is mandatory in the second method, which employs only two encryption steps per DEA block to trade off security for performance. By providing key cross-coupling in both schemes, an identical kernel is established for both methods. This has an implementation advantage since the first method can be achieved by applying the second method twice. The MDC, when loaded into a secure device, authorizes one and only one data set to be authenticated by the MDC, whereas methods based on message authentication codes or digital signatures involving a public key algorithm authorize a plurality of data sets to be authenticated. The MDC therefore provides for greater security control.

公开(公告)号：DE69909379D1

公开(公告)日：2003-08-14

申请号：DE69909379

申请日：1999-05-05

Applicant: IBM

Inventor： SCHAAL ALBERT ,  SCHERZER HELMUT ,  SCHILLING MICHAEL

IPC: G06F12/14 ,  G06F11/00 ,  G06F21/60 ,  G06F21/62 ,  G06K19/073 ,  G07F7/10

Abstract: The invention presented describes a system and procedure for protecting against the espionage of secret information. A counter is allocated to each secret piece of information, in particular codes. The counter counts the number of uses of the secret information. In this, the counter is set to a starting value. Each use of the secret data element increases the counter state by a defined value. If the counter state reaches a maximum value, the use of the secret data element will be blocked. The blocking of the secret information can, however, be avoided if a defined event occurs before the maximum value of the counter is reached which automatically resets the counter state to its starting value. Any technical, economic or organisational condition can be defined as an event. Particular advantages of the invention presented are that each code can have its own counter allocated to it. In this way, different numbers of uses can be established for each code with regard to its function. As a chip card can contain any number of codes for the most widely differing applications, the block is limited solely to the application affected. The use of the chip card is not therefore blocked as a whole. The events can be easily adapted to the widest range of security and user requirements of the respective application area.