Browse Prior Art Database

Personal Verification and Message Authentication Using Personal Keys

IP.com Disclosure Number: IPCOM000049186D
Original Publication Date: 1982-May-01
Included in the Prior Art Database: 2005-Feb-09
Document File: 5 page(s) / 78K

Publishing Venue

IBM

Related People

Lennon, RE: AUTHOR [+3]

Abstract

A protocol method is disclosed that allows user verification of a terminal user at a host system as a function of a user Personal Identification Number (PIN) and a Personal Cryptographic Key (KP) without the need for a master key resident in the terminal. Likewise, the protocol includes a method of authenticating a message transmitted from the terminal to the host system to achieve protection against message alteration, insertion and/or playback.

This text was extracted from a PDF file.
At least one non-text object (such as an image or picture) has been suppressed.
This is the abbreviated version, containing approximately 29% of the total text.

Page 1 of 5

Personal Verification and Message Authentication Using Personal Keys

A protocol method is disclosed that allows user verification of a terminal user at a host system as a function of a user Personal Identification Number (PIN) and a Personal Cryptographic Key (KP) without the need for a master key resident in the terminal. Likewise, the protocol includes a method of authenticating a message transmitted from the terminal to the host system to achieve protection against message alteration, insertion and/or playback.

The method described assumes the terminal is on-line to a host system. Both the terminal and host system are assumed to have a cryptographic facility based upon a Data Encryption Standard (DES) algorithm and to subscribe to a communications protocol which supports end-to-end encryption for local (terminal to attached host system) transactions and remote or interchange (terminal to remote host system) transactions. Fig. 1 illustrates a cryptographic facility as including a physically secure black box containing a cipher device, a non-volatile storage for a master key (KM) and control functions to control the facility and drive the cipher device in either an encipher (E) or decipher (D) mode. Access to the facility is achieved through inviolable interfaces that handle processing requests, input data and transformed outputs. Terminals used in certain applications are relatively inexpensive and do not enjoy any reasonable degree of physical security. SET UP

When a subscriber joins the system at a local institution, i.e. bank or retailer, by making a physical appearance, a secret PIN is either selected or assigned and committed to memory by the subscriber. In addition, a personal cryptographic key (KPi) is randomly generated, assigned to the subscriber and recorded in the clear on an issued magnetic stripe card along with the usual identification parameters including a customer number (IDi), as shown in Fig. 2. A copy of KPi is recorded in the host system key table, in enciphered form, i.e., E(KMl) by a cryptographic operation expressed as EMKl: KPi-->E(KMl)(KPi). In carrying out this operation, the input KPi is enciphered under control of a variant (KM)) of the host master key (KM(see original)) into the enciphered output and recorded in the system key table, as shown in Fig. 3, indexed by the customer ID. In addition, a copy of a function of PINi, KPi and IDi is recorded in a protected system function table associated with the host system, in encrypted form, to prevent inadvertent exposure, i.e., (see original). This is accomplished by the host system when the user joins the system and PIN, KP, and ID are available in clear form. The operations to accomplish this result can be expressed in the following form:

(1) At set-up time, a random number generator (Fig. 4) of the host system generates a random number which is defined as the KPi and is then exclusive- ORed with the issued PINi to provide an input to the cryptographic...