Browse Prior Art Database

Communication Index of Sequented Security Keys

IP.com Disclosure Number: IPCOM000119082D
Original Publication Date: 1997-Nov-01
Included in the Prior Art Database: 2005-Apr-01
Document File: 2 page(s) / 53K

Publishing Venue

IBM

Related People

Bublitz, H: AUTHOR [+3]

Abstract

Segmentation of keys is an established safeguard against theft of global security keys. For a certain function of keys, both global and derived, is defined: o The unit holding the derived key, for example, a smartcard serving as an electronic purse, contains all derived keys. o The unit holding a global key, for example, a purchase device, gets only one of these keys. o The key number is communicated to the unit holding the derived keys at the beginning of a transaction.

This text was extracted from an ASCII text file.
This is the abbreviated version, containing approximately 56% of the total text.

Communication Index of Sequented Security Keys

      Segmentation of keys is an established safeguard against theft
of global security keys.  For a certain function of keys, both global
and derived, is defined:
  o  The unit holding the derived key, for example, a smartcard
      serving as an electronic purse, contains all derived keys.
  o  The unit holding a global key, for example, a purchase
      device, gets only one of these keys.
  o  The key number is communicated to the unit holding the
      derived keys at the beginning of a transaction.

For stolen keys:
  o  The global keys are withdrawn and replaced in the units
      using them,
  o  Data signed with the keys are rejected/marked during post
      processing, and
  o  Potentially the derived keys are invalidated via
      administration in the units holding them.

Segmented keys are used for:
  o  The transaction keys in the purchase device (global) and
      purse (derived).
  o  The load/unload keys in the load/unload device for off-line
      loading (global) and the purse (derived).
  o  An essential step in the process in the communication of the
      index of the segmented keys from the unit holding the single
      global key to the unit holding the derived keys.

A simple yet secure way of achieving this is described below:

      Let G be the unit holding the single global key and the segment
index of the key, and let D be th...