|
|
|
| United States Patent | 5148534 |
| Link to this page | http://www.wikipatents.com/5148534.html |
| Inventor(s) | Comerford; Laim D. (Carmel, NY) |
| Abstract | A hardware cartridge performs the function of a verifiable, use-once
authorization. The hardware cartridge is provided with physical security
so that its contents are not accessible except via a specific protocol.
The cartridge stores data in two or more segments. The cartridge responds
to a query or challenge by outputting that portion of the data it stores
selected by the query or challenge. Assuming the authorizing device has
access to the complete contents of the hardware cartridge, it can verify
the authenticity by receiving only that portion of the contents selected
by its query. In one embodiment, the two segments comprise a pair of shift
registers which feed data to a multiplexer; the multiplexer is controlled
by the query to output the selected portion of the stored data. In another
embodiment, a plurality of segments are stored in a random access memory
which is addressed by the query. In both embodiments, after the selected
data is output, the hardware cartridge no longer stores at least the
unselected portion of the originally stored data. |
|
|
 |
Title Information  |
|
|
|
|
|
Drawing from US Patent 5148534 |
|
|
Hardware cartridge representing verifiable, use-once authorization |
|
|
|
|
|
| Publication Date |
September 15, 1992 |
|
|
|
|
|
| Filing Date |
April 3, 1991 |
|
|
|
|
|
|
|
|
|
|
|
| Parent Case |
This is a continuation of copending U.S. application Ser. No. 06/927,297
filed on Nov. 5, 1986 now abandoned. |
|
|
|
|
|
|
|
|
|
|
 |
|
 |
Title Information |
|
|
|
References |
|
|
| *references marked with an asterisk below are user-added references |
 |
U.S. References |
|
|
| Add a new US reference: |
| | Reference | Relevancy | Comments | Reference | Relevancy | Comments | 4755815
Savoyet
340/5.28
Jul,1988 |  Your vote accepted
[0 after 0 votes] | | 4734855
Banatre
711/164
Mar,1988 | Your vote accepted
[0 after 0 votes] | | 4727975
Eisermann
194/205
Mar,1988 | Your vote accepted
[0 after 0 votes] | | 4712177
Schrenk
235/380
Dec,1987 | Your vote accepted
[0 after 0 votes] | | 4654792
Thomas
726/20
Mar,1987 | Your vote accepted
[0 after 0 votes] | | 4652990
Pailen
705/56
Mar,1987 | Your vote accepted
[0 after 0 votes] | | 4630201
White
705/44
Dec,1986 | Your vote accepted
[0 after 0 votes] | | 4609777
Cargile
713/184
Sep,1986 | Your vote accepted
[0 after 0 votes] | | 4605820
Campbell, Jr.
705/71
Aug,1986 | Your vote accepted
[0 after 0 votes] | | 4599489
Cargile
705/52
Jul,1986 | Your vote accepted
[0 after 0 votes] | | 4596985
Bongard
340/825.69
Jun,1986 | Your vote accepted
[0 after 0 votes] | | 4575621
Dreifus
235/380
Mar,1986 | Your vote accepted
[0 after 0 votes] | | 4572946
Schrenk
235/380
Feb,1986 | Your vote accepted
[0 after 0 votes] | | 4562306
Chou
726/20
Dec,1985 | Your vote accepted
[0 after 0 votes] | | 4553203
Rau
712/25
Nov,1985 | Your vote accepted
[0 after 0 votes] | | 4532507
Edson
340/5.22
Jul,1985 | Your vote accepted
[0 after 0 votes] | | 4513199
Sidline
235/449
Apr,1985 | Your vote accepted
[0 after 0 votes] | | 4499556
Halpern
726/26
Feb,1985 | Your vote accepted
[0 after 0 votes] | | 4486751
Mole
340/5.65
Dec,1984 | Your vote accepted
[0 after 0 votes] | | 4477852
Ota
369/13.16
Oct,1984 | Your vote accepted
[0 after 0 votes] | | 4471216
Herve
235/380
Sep,1984 | Your vote accepted
[0 after 0 votes] | | 4471163
Donald
705/55
Sep,1984 | Your vote accepted
[0 after 0 votes] | | 4458315
Uchenick
726/30
Jul,1984 | Your vote accepted
[0 after 0 votes] | | 4446519
Thomas
711/164
May,1984 | Your vote accepted
[0 after 0 votes] | | 4439670
Basset
235/382
Mar,1984 | Your vote accepted
[0 after 0 votes] | | 4435781
Stattel
710/71
Mar,1984 | Your vote accepted
[0 after 0 votes] | | 4433387
Dyer
702/159
Feb,1984 | Your vote accepted
[0 after 0 votes] | | 4433207
Best
713/190
Feb,1984 | Your vote accepted
[0 after 0 votes] | | 4430728
Beitel
379/93.02
Feb,1984 | Your vote accepted
[0 after 0 votes] | | 4347582
Frank
713/401
Aug,1982 | Your vote accepted
[0 after 0 votes] | | 4310895
Edstrom
Jan,1982 | Your vote accepted
[0 after 0 votes] | | 4287568
Lester
711/116
Sep,1981 | Your vote accepted
[0 after 0 votes] | | 3906460
Halpern
711/115
Sep,1975 | Your vote accepted
[0 after 0 votes] | | | | | |
|
 |
|
|
|
U.S. References |
|
|
|
Foreign References |
|
|
|
|
|
|
|
|
Foreign References |
|
|
|
Other References |
|
|
|
|
|
|
|
|
Other References |
|
|
|
|
|
|
|
References |
|
|
|
|
|
|
| Market Size |
|
Estimate the gross annual revenues of the relevant market
sector:
|
| | |
| |
|
|
| Market Share |
|
Estimate the percentage of the relevant market sector this invention will capture:
|
| | |
| |
|
|
| Reasonable Royalty |
|
What percentage of gross sales should the inventor or assignee be paid?
|
| | |
| |
|
|
|
Public's "Guesstimation" of Royalty Value
|
| Market Size | N/A | [No votes] | | x | Market Share | N/A | [No votes] | | x | Reasonable Royalty | N/A | [No votes] |
| | N/A | |
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Market Review |
|
|
|
Technical Review |
|
|
|
Claims |
|
|
Having thus described my invention, what I claim as new, and desire to
secure by Letters Patent is:
1. A physically secure forgery-resistant authorization device comprising:
storage means for retaining stored information comprising first and second
data subsets, each of said subsets comprising an equal quantum of data,
a connector with an output terminal and a select terminal,
first means responsive to select information represented at said select
terminal and to said storage means for selecting and coupling to said
output terminal signals representative of only a portion of said first and
second data subsets and for simultaneously destroying that data from said
subsets not coupled to said output terminal,
wherein said first means further includes means for destroying said
selected stored information, said means for destroying operating along
with said first means so that after said selected information is output
from said output terminal said device no longer retains either said
selected or said unselected stored information.
2. A physically secure authorization device as recited in claim 1 in which
said storage means comprises shift registers and in which said first means
comprises:
a clock terminal, means coupling said clock terminal to said shift
registers for shifting information stored therein in response to clock
pulses received at said clock terminal,
a multiplexer with inputs coupled to said shift registers and a control
input coupled to said select terminal, and output means for coupling
signals passed by said multiplexer to said output terminal.
3. A physically secure authorization device as recited in claim 2 in which
said output means includes a latch with a clock input coupled to said
clock terminal, an input coupled to an output of said multiplexer and an
output coupled to said output terminal.
4. A physically secure forgery-resistant authorization device comprising:
an output device,
storage means comprising a random access memory with a plurality of
distinct storage locations, for electronically storing information and for
generating signals representative of stored information, said storage
means storing data in correlated sets, with each set comprising first and
second subsets,
a connector for coupling said output device to an external device, said
connector including a select terminal and an output terminal,
said output device including selection means responsive to signals on said
select terminal for selecting and coupling, to said output terminal of
said connector, signals generated by reading from a selected one of said
storage locations in response to said signals on said select terminal,
said selection means including address decoder means with an input coupled
to said select terminal of said connector for addressing said random
access memory and means responsive to addressing any of said distinct
storage locations for coupling to said connector output terminal signals
representative of information comprising one said subset stored in an
addressed one of said distinct storage locations and for erasing
information stored in at least a different one of said distinct storage
locations comprising a correlated subset, and
wherein said connector further includes at least a data input terminal
coupled to at least one input of said random access memory.
5. A method of logically securing an authorization device, for imitation or
unauthorized use, said authorization device electronically storing
authenticating data for output to an electronic checking device to verify
authorization, said method comprising the steps of:
a) storing a given quantum of authorization data;
b) responding to a selection inquiry by destructively reading a first set
of aid authorization data;
c) selecting a subset of said first set of data for output to said checking
device in response to a selection signal from said checking device which
defines the subset of said first set of data for output, and
d) coupling said subset of said first set of data from said authorization
device to said checking device,
whereby the data passing between said checking device and said
authorization device comprises said selection signal and the subset of
said first set of data which, taken together is inadequate as a basis to
imitate operation of said authorization device at a later time.
6. The method as recited in claim 5 wherein said given quantum of
authorization data is equal to said first set of said authorization data
so that said authorization device is capable of only a single use.
7. The method recited in claim 5 wherein said given quantum of
authorization data is larger than said first set of said authorization
data so that said authorization device is capable of more than a single
use.
8. The method as recited in claim 5 wherein said first set of said
authorization data is stored in first and second distinct storage elements
and wherein said step (c) comprises sequentially selecting from
corresponding pairs of elementary bits of data from said distinct storage
elements, one elementary bit of data for output.
9. The method recited in claim 5 wherein said authorization data is stored
in first and second distinct storage elements and wherein said step of
electing a subset of said first set of data comprises selecting data from
either said first or said second distinct storage element.
10. A physically-secure, forgery-resisting authorization device comprising:
storage means for retaining stored information comprising first and second
data subsets, each of said subset comprising an equal quantum of data,
said storage means including addressable random access memory;
a connector with an output terminal and a select terminal, first means
responsive to select information represented at said select terminal and
to said storage means for selecting and coupling to said output terminal
signals representative of only a portion of said first and second data
subsets and for simultaneously destroying that data from said subsets not
coupled to said output terminal, wherein said first means includes:
an address decoder coupled to said select terminal for selecting a first
RAM segment and a corresponding second RAM segment in response to said
select information;
an output register responsive to said random access memory for copying
information from said first RAM segment; and
means for coupling information from said output register to said output
terminal and for writing said information into said second RAM segment. |
|
|
|
|
|
|
Claims |
|
|
|
Description |
|
|
DESCRIPTION
1. Technical Field
The invention relates to a secure, electronic device capable of use as a
use-once authorization mechanism or token.
2. Background Art
In many fields there are occasions on which there is need for a device
which can be used as evidence of the bearer's authority, identity or
entitlement to some right or privilege, where this evidence is applicable
to one and only one use, relatively inexpensive to manufacture, simple to
verify or authenticate and difficult to forge or simulate. While such a
device has some of the properties associated with a mechanical key (when
used with a mechanical lock), there are vast differences; a key is
relatively easy to copy and it is distinctly not a use-once device.
Actually, the device in accordance with the invention may be likened to a
wax seal used on an envelope to evidence the fact that the contents of the
envelope had not been accessible between the time the seal was put in
place and the time the seal was broken. In order to improve the qualities
of wax seals, users imprinted them with a distinctive pattern so that it
would be more difficult to copy or simulate the wax seal than had the
pattern been omitted.
Uses of such a verifiable, use-once device or token arise in a variety of
fields. For example, copending application Ser. No. 927,629, filed Nov. 5,
1986, now U.S. Pat. No. 4,817,140, issued Mar. 28, 1989, the disclosure of
which is incorporated herein by this reference, assigned to the assignee
of this application, describes a software protection system using a single
key crypto system, a secure coprocessor and a hardware based authorization
system to inhibit copying of protected software. In this mechanism the
token is provided in the form of a hardware cartridge which represents
authorization to the coprocessor to accept the right to execute the
software. When the hardware cartridge is presented to a cooperating
coprocessor, the authenticity of the cartridge is challenged, and if
verified, the right to execute an associated application or piece of
software is accepted by the cooperating coprocessor, leaving the cartridge
in such a condition that it cannot thereafter authorize other cooperating
coprocessors.
In another application, the hardware cartridge could represent the right of
the bearer to passage on some transportation system, as would an airline
ticket. The right represented by an airline ticket may have significant
value, but the carrier issuing the "ticket" finds it necessary to receive
assurance that the "ticket" is used only once. As will be described below,
the hardware cartridge described herein as the properties allowing it to
be used as such a "ticket".
Finally, in another context, the hardware cartridge can represent the right
of entry to some secure location. In this case, the use-once feature
assures the entity granting the right of entry that the cartridge can only
grant access to a single bearer so that even if the bearer passes the
cartridge to another individual at the time access is granted, the
cartridge cannot be thereafter again used to authorize access to another
individual. In the event the bearer leaves the secure premises and is
entitled to subsequent access, he is provided with a different hardware
cartridge, or the original hardware cartridge is recharged, hence
re-enabled.
As has been indicated, in order to be reliable the hardware cartridge
should be difficult, and preferably arbitrarily difficult, to simulate. In
a similar setting, Halpern in U.S. Pat. No. 3,906,460, suggests that a
secret "check" character be employed and the cartridge arranged so that it
rejects information in the absence of the correct "check" character. In
the applications described by Halpern, where the token is employed on the
premises of the party issuing the token (for example, such as the Bay Area
Rapid Transit System, or a bank), this may be a useful technique. On the
other hand, in many applications (such as the software protection
application described in copending application Ser. No. 927,629, now U.S.
Pat. No. 4,817,140, or in gaining access to a secure space) a person bent
on mischief or crime may have not only access to the token or cartridge
itself, but also to the transaction by which a token is validated. Under
these circumstances, the Halpern technique of using a secret "check"
character would immediately fail since by once observing a valid
transaction such person could thereafter simulate or copy the secret
"check" character. Thus it must be recognized that not only will the
hardware cartridge be accessible to a determined pirate, but the
transaction by which the cartridge is validated (including all the
information which flows between the cartridge and any validating device)
may also be accessible to the pirate. Thus, the cartridge should be
arranged so that the information exchanged during a validating
transaction, while sufficient to verify the authenticity of the cartridge,
is inadequate to simulate the cartridge at any later time.
SUMMARY OF THE INVENTION
The invention meets these and other objects by providing a hardware
cartridge which is capable of storing information (token data) which can
be used to authenticate the source of the physical cartridge as well as
the fact that it has not heretofore been employed. In accordance with the
invention, the hardware cartridge is arranged so that this protection is
maintained notwithstanding the fact that a pirate may have access not only
to the hardware cartridge itself but to a transaction in which a specimen
cartridge is validated by some validating mechanism.
In accordance with the invention, the token data is stored electronically;
the apparatus in which it is stored is provided with physical security.
Two suitable techniques for physical security include:
1) the techniques described in applicant's copending application Ser. No.
927,309, filed Nov. 5, 1986, the disclosure of which is incorporated
herein by this reference, and
2) implementing the electronic storage along with peripheral hardware on a
single chip.
In one embodiment of the invention the token data is stored in a device
containing memory elements in the form of shift registers. As will be
described, the token data is divided into at least two, mutually exclusive
portions. More than two portions may also be employed. The token data can
be in the form of a secret "number", typically represented in the storage
device in binary form.
The validating apparatus has access to each and every valid "number". The
means for providing this access will be described below. The hardware
cartridge includes a connector so that it can be electrically connected to
the validating device. If the validating device merely stimulated the
hardware cartridge to generate an electronic representation of the
"secret" number, the pirate having access to the transaction could
simulate the effect of the cartridge to the detriment of the security
system.
Accordingly, in accordance with an embodiment of the invention, the
validation transaction does not expose all of the secret "number"; rather,
a sufficient portion of the secret "number" is exposed, which portion is
sufficient to verify the presence of the secret "number" stored in the
hardware cartridge but simultaneously inadequate to allow a person bent on
mischief or crime to simulate the effect of the hardware cartridge.
The validating transaction takes the form of a challenge implemented by a
query. The validating apparatus may generate the query as a random number;
in the event the token data is divided into two portions, the random
number can be represented in binary notation. For each bit of the query,
one bit from one of the two halves of the token data is output to the
validating mechanism; which bit is selected is determined by both the
position and value of the corresponding bit in the "query". At the
conclusion of the transaction, exactly 50% of the token data has been
exposed; which 50%, however, is determined by the "random" number. While
it is assumed that the pirate will have access to both the random number
and the response, that information is useful only to the extent that he
can somehow force the validating mechanism to again generate the identical
random number in the course of a subsequent challenge.
In accordance with this embodiment of the invention, the shift register
storing the token data has special properties to ensure that at the
completion of the query/response transaction, the hardware cartridge which
initially stored the token data thereafter no longer stores the token
data. This ensures that a hardware cartridge, once used, cannot be used
again, unless it is recharged by the validating mechanism. Clearly, it is
critical that this recharging not be performed in such a manner or
location that it can be observed by a person bent on mischief or crime.
In accordance with the embodiment of the invention being described, the
hardware cartridge includes two shift registers, each storing mutually
exclusive halves of the token data. The shift out terminals of the two
shift registers are coupled to the inputs of a 2/1 multiplexer. The output
of the 2/1 multiplexer is stored in a D type latch, the output of which is
the output of the hardware cartridge, e.g. the response terminal. The
validating mechanism is coupled to a connector or, the hardware cartridge
which includes, in addition to an output terminal, a select terminal, a
clock terminal and power and ground terminals. The clock terminal is used
to couple clock pulses to step the shift registers and clock the latch.
The select terminal is coupled to the control terminal of the 2/1
multiplexer. The validating mechanism's query and clock pulses are input
to the token terminals. The 2/1 multiplexer selects at each clock time the
output of one or the other of the shift registers. The selected contents
of the shift registers are latched depending on the particular select
pulse pattern into the D-latch and are output from there to the validating
mechanism. The shift registers have input terminals which are connected to
data input terminals in the connector. The connector's data input
terminals may or may not be connected to terminals in the validating
mechanism. Regardless of the connection of these data input terminals,
after a number of clock pulses had been received which is equal in | | |
