DE102009018725A1 - Method for encoding preset start-up sequence from e.g. numbers, utilized for user identification in automated teller machine, involves replacing character of start-up sequence by alphanumeric substitute character based on allocation rule - Google Patents

Abstract

The method involves providing a mixing table by allocation of random alphanumeric characters of a start-up sequence to each element of a basic group for forming two mixing groups with a number of multiple elements. An allocation rule is provided, and the table is stored in a memory element. The character of the start-up sequence is replaced by an alphanumeric substitute character according to the allocation rule. The substitute character is associated with the random alphanumeric characters within one mixing group in a preset linking rule. Independent claims are also included for the following: (1) a method for retrieval of a preset access code from preset alphanumeric characters (2) a device for executing an encoding method and/or a retrieval method (3) a computer program product stored on a computer-readable medium to execute an encoding method and/or a retrieval method.

Description

The The present invention relates to a method of encryption of alphanumeric characters according to the preambles of claim 1, a method for requesting an access code according to the preamble of Claim 16, a device for retrieving an access code after the preamble of claim 24 and a computer program product.

Under Alphanumeric characters are hereafter both the decimal Numbers 0, 1, 2, 3, 4, 5, 6, 7, 8 and 9 as well as composed thereof and possibly with a sign "+" or "-" provided Understood numbers as well as letters and other graphic signs.

Very common are, for example, multi-digit number combinations, as a personal identification number (PIN) for user identification can be used very effectively as it is due to the many possible combinations for an unauthorized person An attacker is hard to find the combination, which is the PIN maps, that is identical to the PIN, especially since almost all input devices after three wrong PIN entries block further attempts (Error counter).

Indeed is such a PIN is only as long effective protection until one Unauthorized knowledge of her attained. A popular example for such an attack is PIN espionage at ATMs. Attackers are now able to use this pin espionage to refine technical aids so far that even the most suspicious Customer is unable to discover the planned fraud. On the one hand, the attacker needs the card data and on the other hand the PIN assigned to the ec card.

to Obtaining the map data is for example the card slot of the ATM provided with a header, which copy the record on the magnetic stripe of the cash card to later make a duplicate of the ec card. The attachment It is very difficult to recognize because it is color-matched and also the card does not get stuck, but is spent again to the customer becomes. In some cases, the building entrance to the ATM at the door opener a header Installed. The attacker can use both of these methods to the record of the ec card and can make a duplicate, He therefore has a nearly identical ec card in his hand, to the only the PIN is missing.

to For example, attackers use the ec card's PIN Miniature cameras, either directly at the vending machine attached to the keyboard, or even more efficient before discovery protected, housed in enclosures in the room (eg smoke detector). Another very efficient method is manipulation of the input field. This is above the keyboard a Plate attached, which also contains a keyboard. Visually, no difference is noticeable. The additional keyboard registers the input of the customer, ie which number in which order was typed, stores them or sends the data directly to the culprit. The entry of the PIN is still forwarded to the ATM, so that the user can perform his action without that He notes that a fraud is taking place. The PIN system stops So, in its entirety, it is a relatively safe system, but with enough effort, it can still be overcome. Even if the ec cards are now better secured and card copies of ATMs in Germany can be recognized as such and rejected, so you can still with withdraw a copy of the card and a spied PIN abroad, because the forgery-proof feature of ec-card originals not checked here.

One The starting point for increasing security is the PIN itself, because the PIN is the real weak point of every PIN-secured System because the PIN consists of static digits. You succeed Unauthorized to spy even one digit of the PIN, so His chances of guessing the PIN increase many times over.

A PIN consists of a fixed (static) arrangement of numbers, each digit representing ten different values (0 to 9) can. This results in a four-digit PIN 10,000 different Combinations (0000 to 9999). The number of combinations is arithmetically about the number of possible Values of a number multiplied by the number of digits possible values of each additional digit. Thus receives one with a four-digit PIN 10,000 combinations (10 · 10 · 10 · 10 = 10,000). An attacker tries to guess the PIN by trying he must therefore in the worst case with a four-digit PIN Try 10,000 combinations. Each digit of the PIN, the one Attackers are known by espionage, reduces the number of Combinations by a factor of 10.

In order to avoid unrestrained guessing by attackers, the so-called Fehlbedie exists voltage meter. This is used to evaluate inputs at the terminal and to prevent an unauthorized person can enter multiple times a code to test whether this code corresponds to the original PIN.

The Number of incorrect entries on the terminal is in a counter (Misoperation counter) stored. Will be the maximum level reached in the counter, access is blocked because the multiple input yes finally not to success (activation by agreement with original PIN) Has. General standard for the count maximum in the counter are three attempts. So after the third Entering no activation will be achieved, so will the access blocked. At ATMs, the card from the Automatically fed.

By Rate attempts are therefore rarely carried out attacks on bank accounts are, as it is extremely unlikely, through a maximum of three tries the right PIN in a pool of 10,000 possible PIN variants.

One Way of preventing a PIN espionage is the privacy screen Keep others from watching the keyboard so that Spy on PIN. When attackers use modern technology (eg miniature radio cameras, manipulated keyboards) try the To spy on PIN, you have almost no chance to discover it and protect yourself from espionage. These are already known privacy filter, the viewing angle of a Restrict display to a specific angle range.

One Another approach is to encrypt the input of the PIN itself. So already while the user enters the PIN, this must Be entered so that an observer does not go directly to the correct PIN can close. To accomplish this, exist already many solutions, some of which are below be listed.

A Solution based on a variable keypad. in this connection is the user on the numeric keypad z. B. by means of smaller Segment displays in or next to the buttons the current assignment displayed. For example, on a static keypad in the Middle of the keypad, the number five deposited. At the variable keypad appears on the corresponding key (middle keypad) on the Segmentan display a pseudo-random number displayed, this The key is therefore stored with the displayed value. Just like that is moved with the other keys. Each button on the variable Keypad is assigned a different value each time it is used. The user must therefore always press other keys, to enter his PIN. The disadvantage is that a technical change must be made on existing devices and visually impaired users can not operate the device.

A Another solution from Mr. Kilian Böll provides that the user on a visible display a Pseudo-random number is displayed. This number is just as long as the PIN to be entered. The user must now for each one Make the difference to the original PIN and enter this value. The disadvantage is that here performed by the user computing operations must be (time required, high error rate by mathematical unskilled users) and also here visually impaired users the device can not serve. Besides, an attacker can by spying out the displayed pseudo-random number and the entered differences directly on the PIN.

Another approach according to EP 0 848 362 A2 provides that the user can be notified of the possible values for each digit of the PIN by means of a telephone line that is protected against eavesdropping (numbers from 0 to 9). The user must signal to the system that it matches, in accordance with its corresponding PIN number. This is done either via a voice command or via a key press. The process is repeated for each individual location. Disadvantages are the high expenditure of time on the part of the user, the technical outlay (retrofitting), the possibility of manipulating the listener and the inability to use hearing-impaired people.

About that In addition, there are many other solutions. In summary, however, it can be stated that all previous ones Solution approaches not universal or in practice can only be used at great financial expense. What with many Solutions is also neglected, is the unlimited usability for physically or mentally disadvantaged people. A universally usable PIN encryption system should the user as an aid and the user the opportunity to be able to give up the assistance when needed, so that the input can also be made as if that were System does not exist. Furthermore, the financial and technical effort to operate such a system or retrofit not too high.

Of the The present invention is therefore based on the object, a method and to provide a device for requesting an access code, which make it difficult to spy on the access code and, in particular, to a large extent to make impossible. The input should also be for Sensually or mentally disadvantaged people be possible. In particular, the method and the device should be simple and inexpensive to build and existing systems should be retrofitted cost. At the same time an encryption method for encryption alphanumeric characters are provided, which is the aforementioned Method and the aforementioned device allows.

These The object is achieved by methods according to the claims 1 and 16 and a device according to claim 24. Advantageous Further developments of these objects are in the respective specified dependent claims. additionally A computer program product according to claim 29 is also provided.

The inventive method for encryption a predetermined starting sequence of at least one predetermined alphanumeric Character, the element of a given alphanumeric primitive is, in the form of a replacement sequence, consists of the steps of deployment a blending table, providing an assignment rule, storing the blending table in a memory element and the replacement each predetermined character of the start sequence by an alphanumeric Replacement characters, where as replacement characters according to the assignment rule with the help of the mixing table one character of the mixing table is selected is chosen or as replacement character the given character itself becomes.

A Mixture table in this context is any arrangement of characters, this is not necessarily in a two-dimensional linkage (eg linking of at least two columns with at least two lines), but also, for example, one-dimensionally can be done as a row or a column.

On This way, on the one hand, the starting sequence as either different or encrypted as an identical replacement sequence. Therefore is always uncertain whether the starting order has been changed or not, which increases security. Besides that is even with every single sign uncertain if it changes or maintained, which additionally increases security.

In a first alternative embodiment of the invention The method is the mixing table by assigning at least one random alphanumeric character to each element of the Basic group for the formation of at least two mixing groups with one each number of elements provided equal, wherein the mixing groups are assigned to each other element by element, wherein the Elements of the basic group are contained in a first mixing group and every other mixing group for each element of the basic group each contains an associated random character, where each element of a mixing group is different from the other elements This mixing group is different. When replacing each predetermined character of the starting sequence by an alphanumeric Replacement character, then the assignment rule is used that as substitute character a character from a mixing group is selected is assigned to a character in another mixing group, that is identical to the given character.

Thereby a particularly secure encryption is achieved.

Especially preferred are the random characters as elements of alphanumeric basic group selected. This will be the Safety additionally increased, since now the mixing table consists of mixed groups with the same characters and so on with knowledge of the mixing table many different encryptions of one predetermined starting sequence can be assigned.

The Safety can be additionally increased if before and / or after the replacement sign, d. H. also between two Replacement characters, a number of additional alphanumeric Character is inserted and the replacement order by the number corresponding posts is expanded, with the positions of the additional Characters are stored in the replacement sequence. It can the number and / or the additional characters random be determined. However, it is preferably provided that the Number and / or position of additional characters are, for example, from the system itself or an operator.

In a particularly advantageous embodiment of the method is the blending table is created so that no character of a blending group assigned an identical character in another mixing group is. Then there are no redundancies and the process is special for sure.

In a further particularly advantageous embodiment, the mixing table is generated so that the egg the second character in another mixing group associated with the first character in a mixing group is not, in turn, assigned as a character that is assigned to one mixing group to another character of the other mixing group, if that other character is identical to the first character. This increases the encryption depth even further, as cross redundancies are prevented.

In a second alternative embodiment of the invention Method is the mixing table with at least a first mixing group provided, wherein in the first mixing group at least the alphanumeric Characters of the basic group are included. Then see the assignment rule that any given character of the start sequence by an alphanumeric Replacement character is replaced, where as a replacement character is a character from one of the first mixing groups according to a predetermined and for all replacements preferably constant Joining rule within this first mixing group is selected.

there So is for the replacement of a character within a certain mixing group containing all elements of the basic group, the character according to a specific linking rule replaced. The mixing table according to this alternative embodiment can either contain only a single mixing group or several mixed groups containing the elements of the basic group. Of course there may be other mixed groups be present, but then not for a replacement can be used within a particular mixing group because it contains no or not all elements of the basic group are.

Also in this second alternative embodiment is a very secure Encryption possible.

expedient Forms the first character of the first mixed group with the last one Sign of a first mixed group a neighborly relationship and the signs of a first mixing group thus have an endless one Sequence up. Then there are very diverse and also simple linking instructions usable.

Especially Preferably, the linking rule specifies that as Replacement character a character selected from the one first mixing group becomes, in this first mixing group the given character in adjacent to a certain distance, preferably immediately adjacent is arranged. This linking rule is special easy to use and quick to implement for human users.

Especially it is possible the two alternative process designs common in the case of replacement each predetermined character of the start sequence by an alphanumeric Replacement character as replacement character a character from one of the first Mixed groups according to a given and for all substitutions constant linking rule within this first mixing group is chosen or as a replacement a character from a mixing group is chosen, which in another character group is assigned a character that matches the given character is identical, or as a surrogate the default Character itself is chosen. So there is one more here greater choice.

expedient becomes the first mixing group containing the elements of the basic group so that it generates the elements in random order contains. Then a spying on the mixing table is difficult, because an attacker focuses on the entire blending table because the first mixing group does not have a static composition having.

Especially for entering the PIN, it makes sense if the basic group Numbers, in particular the numbers 0, 1, 2, 3, 4, 5, 6, 7, 8 and 9 contains and the random characters as pseudo-random numbers these numbers are provided. That is, the random ones Pseudo-random characters consisting of the numbers of the basic group, So their order changed pseudo-randomly to the basic group is. Alternatively, physical random numbers may also be used but this is usually more expensive and therefore more expensive would.

expedient The mixing table can be created so that the mixing groups more Have bodies as the basic group has elements. Thereby It is even more difficult for attackers to determine the starting order.

Prefers the replacement sequence is saved. Then it can easily be reused for example, to check if they are was generated from a polled access code.

In addition, protection is claimed for a method for requesting a predetermined access code of at least one predetermined alphanumeric character which is a member of a given alphanumeric primitive by comparing a start sequence with the access code to enable access to a secure system such as a bank or the like, wherein a blending table is provided based on the cryptographic method of the invention is based on this mixed table a replacement sequence is encoded using the encryption method according to the invention using the start sequence and then checked whether this replacement sequence is coded with this mixing table and the access code using the method according to the invention. In other words, it is a method for operating access to a secure system, preferably a PIN-secured system, such as a bank terminal, a secure door, a safe and the like .. With this method, a particularly secure input of access codes is possible Attackers are prevented from successfully spying on the access code.

at Alternatively, this query method can also be provided that the characters of the starting sequence always necessarily with each unequal Replacement characters are to be encrypted, so the possibility the choice of the given character as spare time is eliminated and always according to the assignment rule, however, the possibility also the given character is preferred, since this more encryption variants exist.

expedient become a display element for the display of the mixing table and for input the replacement character provided an operating element and preferred becomes the display of the mixing table after entering the replacement characters finished, because then the time for the spying of the Mixing table is shortened.

Farther be useful on the display element number and position of the additional characters displayed and preferred will display the number and position of the additional Characters are terminated after entering the replacement characters, which in turn the time for spying out the blending table is shortened. Then be aware of the known positions of the additional Characters when querying the access code first, these additional Removed characters from the replacement sequence. The can Positions are either saved when they enter each time a replacement sequence should be redefined, or they are in the Fixed system, which, however, slightly reduces safety since an attacker can then also determine these positions. The advantage of these additional signs is that the Users show them with completely arbitrary signs can, they are automatically removed. After that will be for Each digit of the replacement string is compared to whether the replacement character is on this location matches the character at this point in the access code or if the replacement character at this point is a character in the blending table associated with the character at this point in the access code.

In this regard, It is advantageous if when displaying number and position the additional character does not observe the display element by unauthorized persons can be. May be an unauthorized viewing of the display element be excluded (optimal privacy), the display is a Specification of position and number of additional characters on the display element possible. Then you could even use the additional character directly pretend so that the user is forced to direct Selection on the keyboard. This is for example prevents by observing or recording the input behavior Conclusions on the entry position of additional characters be enabled.

If an unauthorized observation of the display element is not excluded can be (insufficient privacy), must Position and number of additional characters from the system operator in advance (internally) specified (comparable to TAN list in online banking), so that no information is displayed on the display element have to. Every time the user identifies themselves to the system If he wants, he has to comply with these fixed requirements. Is for example required that always before the actual code three arbitrary Additional characters and after the actual code always two arbitrary Additional characters should be entered, so he gives each new Identification first three additional characters, then the PIN (partially encrypted, encrypted or unencrypted) and then two additional characters.

Indeed could also with insufficient privacy Display of the number and position of the additional characters is done and makes sense because an attacker could see this as well, However, he would require expensive recording technology and a purely visual detection due to the large amount of information not possible.

to Increasing security is particularly appropriate provided that, if necessary, after the removal of the additional Character is checked, whether the replacement sequence and the access codes have an equal number of digits, and preferred If the number of digits is unequal, it becomes a misoperation counter increased by one.

alternative or in addition may be appropriate be that in case of mismatch of the starting order and of the access code, an error counter by the value of one is increased.

Around to correct the user in the event of operating errors is preferably provided that in case of disagreement the starting order and the access code and / or unequal number of digits the replacement sequence adjusted for additional characters, and the access code is provided with a new blending table to enter a new replacement sequence, in particular after reaching a certain value for the erroneous operation counter the query procedure is aborted.

Of the Comfort can be substantially increased if the Access code an initialization means, such as smart card, magnetic card, Transponder and the like. And / or taken from a database of the secure system is, in particular identification information for querying various Access codes are provided. This will allow that separately accessed different areas of a system can be, for example, by multiple users. identification data For example, they can be bank accounts with a PIN assigned to them is. These identification details can also without the initialization means may be provided, for example during Online banking, where the user has his account number and branch directly in a mask.

Essential is that the above-described invention Method not only for use by a human user can be provided, but they can also be used by automatically running systems, at which protect a given string from attack should. The necessary replacement of certain replacement characters is then, for example, worried with the help of a random number generator. The present invention thus generally allows for all human, machine and software based users protection certain strings from attacks and building on them stronger and more comfortable against attacks Access to secured systems.

Farther Protection is claimed for a device for implementation the encryption method according to the invention and / or the query method according to the invention, the one processing unit with in particular a random number generator , wherein the processing unit is set up based on a basic group a mixing table according to the invention To generate encryption methods.

Advantageous it is provided that a display unit is provided, the means to increase the privacy, said means preferably one increases relative to the display element attached aperture and / or a privacy sheet, wherein the privacy film is particularly adapted to the display of Display unit at viewing angles greater than or equal to 30 ° to the normal unrecognizable. This will do that Spying out the mixing table is made even more difficult.

Especially Preferably, the diaphragm has an opaque enclosure and is designed in particular as a slot or pinhole. expedient is thereby the enclosure tapering towards the aperture educated. Then a user can very easily see if inside serving foreign objects such as miniature radio cameras or the like are installed.

One Spying is especially difficult when the aperture is designed so that a viewer through the aperture is not the can see complete display of the display element, but this at least a one-time changing the line of sight is necessary, wherein the diaphragm preferably the display of the display element so obscured that the blending table is not complete without change the viewing direction can be detected.

The Invention may take the form of a complete hardware embodiment, a complete software embodiment or an embodiment, which contains both hardware and software elements, be realized. In a preferred embodiment, the Invention implemented in software, the firmware, native Software, microcode, and the like includes but is not limited to is.

Furthermore, the invention may be embodied in the form of a computer program product accessible from a computer usable or computer readable medium and provided with program code for use by or for use in connection with a computer or any instruction execution system. Therefore, self-contained protection is also claimed for a computer program product stored on a computer readable medium and computer readable Comprises program means which cause the computer to execute the inventive methods when the program means are executed on the computer.

For The purposes of this description may be computer usable or computer-readable media, all devices or devices be the program for use by or the Use in conjunction with the instruction execution system, the device or device contain, store, communicate, spread or transport.

The Medium can be an electronic, magnetic, optical, electromagnetic, Infrared or semiconductor system (or device or device) or a propagation medium. Examples of a computer readable Medium includes a semiconductor or solid storage, magnetic tape, a removable computer diskette, Random Access Memory (RAM), a read-only memory (ROM), a fixed magnetic disk and a optical disk. Examples of optical disks are the Compact Disc (CD) and the Digital Versatile Disc (DVD).

One Data processing system that is capable of coding the program store and / or execute comprises at least one Processor that goes directly or indirectly through at least one memory element a system bus is connected. The storage element can be local Include memory during the current execution program code, mass storage and buffer memory, a temporary storage of at least some program codes provides the number of fetches of the code from the mass storage reduce during execution.

Input / Output or I / O devices, the keyboards, displays, pointing devices etc., but are not limited to can be connected to the system either directly or through intermediary I / O controller connected to the system.

Network Adapters may also be connected to the system to enable that the data processing system with other data processing systems or remote printers or storage devices through intermediary private or public networks. modems, Cable modems or Ethernet cards are only in this context some examples of currently available types from network adapters. The features and other advantages of the present Invention will now be described with reference to the description of a preferred embodiment become clear in connection with the drawing. Show

1 the flowchart for creating a mixing table with two mixing groups,

2 the schedule for requesting a PIN and

3 a data processing system for carrying out the query method according to the invention.

In In the preferred embodiment, the encrypted Input and query a PIN at an ATM described.

Of the ATM has a numeric entry keyboard more common Type for the numbers 0 to 9 on. Besides that is a display unit provided, the column or line by line, at least two groups of numbers 0 to 9 is able to represent. In the ATM is further provided with a processing unit, for example, can read out an ec card. Based on The data of the ec card is used to identify a user, for example to withdraw money from an account of the user, a PIN requested. This PIN is usually four digits, but it can be have a different length. The encryption the original PIN during input is pseudo-random which are shown in a mixing table.

From the processing unit will now query the user PIN provided a mixing table having two mixing groups. The blending table is designed as a two-row table with ten columns (Fewer columns would suffice, if not all basic numbers from 0 to 9 are to be used). In every The two lines now show the ten basic digits (0 to 9). The arrangement of the numbers is quasi random in each column, wherein the first mixing group (in the upper line) one over Pseudo-random numbers generated the random order of the Numbers 0 to 9 has.

For the creation of the second mixing group of the mixing table, boundary conditions are considered These boundary conditions consist in the fact that in the second mixing group, as in the first mixing group, the digits must not repeat, that the digits of a common column are not the same, that is, each other no identical numbers may be assigned and that the digits of the second line with the digits of the first line must not form a numeric cross.

The following are two examples of numeric crosses:

It it can be seen that in each case the first character (eg 2) in a mixing group (upper line) associated second character (here 6) in another mixing group (lower line) turn as Characters of one mixed group (upper row) of another character (here the 2) is assigned to the other mixing group (lower line), where this other character is identical to the first character. This is not optimal, because then the encryption options be reduced.

by virtue of These boundary conditions always exist exactly three possibilities to enter a PIN-number, in that for each original PIN-digit two spare digits are available and additionally the Original PIN number can be entered.

In 1 is shown purely schematically the flowchart of a program control of the processing unit for generating the mixing table for the basic group consisting of the elements 0, 1, 2, 3, 4, 5, 6, 7, 8 and 9. Thereby, a mixing table of two lines of ten digits each can be created under the given boundary conditions, where A random numbers of the first row, B random numbers of the second row, s the column index and x and i check indices with the value ranges s, x, i = 1 ... 10 are.

To recognize that to generate the first mixing group with the Elements A1 to A10 first a random number A1 by pseudorandom Choice is generated from the elements of the basic group. Then be incremental random numbers by pseudorandom choice the elements of the basic group for the places A2 to A10 which prevents two numbers from being identical. If this case occurs, the one generated in the current step will be generated Number discarded and a new random number generated until no match with the previous numbers (A1 to As - 1). After that in the same way, the second mixing group B1 to B10 generated by random numbers and it will conclude first checked if two numbers in a column are identical are and whether a number cross is present. Should one of the two Case, a new second mixing group B1 to B10 is generated.

Table 1 below shows an example of a mixing table produced in this way: TABLE 1 Column index s 1 2 3 4 5 6 7 8th 9 10 Mixing group 1 1 3 6 4 2 0 9 8th 5 7 Mixing group 2 0 4 1 2 6 9 3 5 7 8th

The fundamental principle of the procedure can of course serve to create blending tables that have more characters in them individual rows have (eg also symbols and letters) and with more than two rows are executed. Thus, for example also an alphanumeric encryption (PIN from numbers and Letters) possible.

With the aid of this mixing table, the user can now encrypt his PIN at the ATM. For example, if its PIN is 4937 then it has the following entry possibilities shown in Table 2, which is 3 ^ 4 = 81 different possibilities: Table 2: 81 input options PIN digit original 1st mixing group 2nd mixing group 4 4 3 2 9 9 0 3 3 3 4 9 7 7 5 8th

This Query method allows the user while entering a PIN to encrypt it with pseudo-random numbers so a third party observing or recording this input, The information obtained is not directly for unauthorized acquisition the PIN and thus can use identification. The system generated pseudo-random numbers are transferred to the user the mixing table is shown on a display over the the user the individual digits of his PIN with pseudo-random numbers can replace. The user needs encryption his PIN except the mix table no further aids and does not need to perform any arithmetic operations. The encryption is not done according to a static pattern but by the user intuitively made.

The replaced components of the PIN are always to the pseudo-random numbers bound, d. H. the PIN generated by the user (replacement PIN) is only valid in connection with the current mixing table. at Each new identification attempt becomes a new blending table generated, so that always different replacement PIN arise.

Of the But users also have the option of the original PIN enter unencrypted, here is the mix table of course without meaning. However, an attacker can Do not recognize if the user is currently the original or a replacement PIN entered. Thus, the security of the PIN entry is also then increases if the user does not use the replacement PIN power. By entering the original PIN are z. Belly Visually impaired able with the help of furnished for it Keyboards enter PIN.

to The user searches for the replacement sequence in the mixing table (does not matter in which line) the digit to be encrypted. He has Having found these, he reads the other digit in the same column and enter them at the terminal. The process repeats the user at will with the other digits of its original PIN. The user can of course also the numbers of the original PIN directly enter.

For the above example of PIN 4937 and the above mixed table For example, in Table 1, the user may substitute 2045 as one of 81 possible replacement sequences generate.

To Completion of the input of the replacement sequence by the user is the Blend table disappears from display to record the mixing table from third parties through a minimal time window difficult.

After this the user has entered a replacement sequence, the replacement sequence, Mixture table and possibly empty entries and their positions in the replacement sequence encrypted in particular, transmitted to the evaluation unit, wherein the evaluation unit also be part of the processing unit may or is for example provided in a bank center. The evaluation unit checks whether the content of the Replacement sequence matches the stored PIN.

there At the beginning, the actual PIN input is extracted, possibly eliminates existing empty entries from the replacement sequence and compares them, whether the length of the entered PIN with the length matches the original PIN. After that is digit by digit compared whether the individual digits of the replacement sequence directly with the deposited original PIN match. Is not this In the case, with the help of the mixing table possible replacement digits determined and these vergli Chen with the original PIN. If this no match can be found is the Substitute sequence wrong and the misoperation counter will be reversed increased the value one.

In 2 is shown purely schematically the flowchart of a program control of the evaluation to match between replacement sequence and original PIN, with possible blanks have already been removed (not shown). This procedure is for a two-line mixing table with 10 columns according to Table 1 adapted, but can be easily adapted by the skilled person to mixing tables with more than two mixing groups and a different number of columns. In 2 E is an input digit, P is an original PIN digit, t and q are scores with values from 1 to 10, and x is the number of digits in the original PIN.

It can be seen how first the number of digits t _max between replacement sequence E and original PIN P is checked for equality. If this equality is present, it is compared whether the digit E _t corresponds to the replacement sequence of the digit P _{t of} the original PIN. If this is not the case, it is determined whether this replacement digit E _t in the mixing table in one of the two mixing groups A, B, the digit P _{t of} the original PIN P is assigned. This is repeated for all digits E of the replacement sequence until an error is detected or the result is correct for all digits E.

optional the possibility can be provided, so-called blank entries using additional characters. Here can the system operator determine whether before and / or after the actual PIN entry and / or between digits of PIN entry arbitrary Entries have to be made, which are natural in number are precisely defined. This has the advantage of being for a Observers do not see how many digits the PIN has and where the actual input begins or ends. This is how the PIN search works makes an attacker very difficult.

in the The apron must either be determined by the system operator. how many blank entries the user has and to make which positions while entering the replacement sequence he has to do this. On the other hand, every time you query the replacement sequence a new scheme for the blank input will be generated. The important thing is that the number and position of the blank entries the evaluation unit of the system are known, so the blank entries can be eliminated during the input check.

Such Blank entries can only with the invention Be used as the use only makes sense if the input faces several variants, the Input does not have static but dynamic character.

By Although blank input is the effort in the input for the Users a little higher, but the difficulty increases extremely strong for a PIN search by an attacker at.

Also if the attacker knows how many digits the PIN has, then so Nevertheless, he can not know which parts of the replacement sequence to Belong to PIN and which not. In a fraud attempt would therefore always according to the assumed PIN length at the respective assumed positions the corresponding numbers extracted from the replacement sequence to be extracted with them Numbers in conjunction with the blending table to create a codetable. This code table then includes all (depending on the extracted Numbers) according to possible PIN variants tried out Need to become. However, when using empty entries several code tables possible.

If Requested by the system operator blank entries, the user should the system when entering make sure that it does so like he's using the mix table. Otherwise, can an observer of the behavior of the user when entering it conclude that the numbers entered are not is the PIN and thus extract the digits of the actual PIN.

Farther can with a corresponding adaptation (generation and test algorithms) the method can also be used to not only encrypt digits, but also symbols and letters.

The Query method according to the invention can be used for Any PIN protected system should be used where the Entering a PIN via an input terminal (keyboard), a display is available and the processing of PIN runs programmatically.

If specified by the system, the user must register at the beginning. This is done, for example, by entering an ID number (identification number), an access card (eg ec card at the ATM), transponder technology (RFID) or other suitable methods. When registering, however, it is not checked whether the applicant really is the authorized person, this is done only by entering the PIN. It is useful to log on to the system as this can be used to implement a double-fusing. If a key is lost (eg ec card), the system is still secured by the second key (PIN). Furthermore, manipulation attempts are hereby severely limited, since access attempts always require both keys. In addition, the system operator can change or deactivate the PIN for users without having to collect the logon keys have to. For example, if a user loses or steals his login key (eg, transponder card), the old login key is disabled and a new login key is created for the user, and a new PIN is assigned to him at the same time.

The Security of the method is very high. Because even if through the use of spy technology spied on both the entered replacement sequence and the blending table An attacker can not immediately retrieve the information continue to use. The attacker must first the mixing table and the Analyze replacement sequence and a code table according to table 2 create in which all remaining possible PIN variants be listed. Afterwards, only remains here the way of tasting.

at the evaluation of the replacement sequence by the system, every job the replacement sequence compared with the corresponding location of the original PIN. If no match is found, the mix table becomes used according to Table 1. This will be first in a row (mixing group) of the mixing table those to be examined Number of the replacement sequence searched, this was found, then the other digit of the same column compared with the original PIN. If no match is found here, then the next row of the mixing table those to be examined Number of the replacement sequence searched and the other digit of the same Column compared with the original PIN. When all rows are tested and no match occurs, the Exam ended because the input was definitely wrong have to be.

at a four-digit PIN will always result in exactly 3 ^ 4 = 81 replacement sequence variants, because there are three different digits for each digit of the replacement sequence available (original PIN number, replacement digit from the first line or substitute digit from the second line of the Mixing table).

Becomes An attacker entered a randomly generated code (Guessing), the probability of a hit is 1: 10,000. If the entered code should lead to the original PIN, In four columns of the blending table, the code number must be and meet the original PIN number directly, unless the corresponding code number is already coincidentally the Original PIN number. The probability of the appropriate clash of code digit and PIN digit is 1:10 for each digit, because the blending table is filled with ten pseudorandom numbers from 0 to 9 is, so the probability for the appropriate Meeting of all 4 digits of the code number and the original PIN in the current mixing table 1: 10,000, since the individual Probabilities for this are multiplied. Of the The attacker has 10,000 in the worst case, too Try to guess the PIN.

For A successful PIN espionage must be the attacker both to spy on the PIN entry as well as the blending table. Either he watches the input directly or spies on technical aids such as manipulated PIN keyboard or mini camera. Of course, direct observation should not be so easy In general, PIN entry always gives you enough Look out for privacy.

Around An attacker becomes an interspersed one Camera need to use as both typing on the keyboard as well as the mixing table shown on the display Need to become. Since the mixing table in its basic form twenty pseudo-random numbers is constructed and also the input must be observed at the same time is a mere observation by a human alone almost impossible. Even if a human should record only the mixing table alone, this will far exceed its cognitive abilities, since the mixing table only during the PIN input to the display should be displayed.

can the blending table can not be evaluated, you definitely can not close the right PIN. Continue to increase the use of technical aids, although the chance of the PIN, but also the chance to be discovered, because technical Tools must be installed. Only if the attacker spied on the PIN input and the blending table, he can get one Codetable create all possible PIN variants contains.

is the input (and thus the PIN), for example, four digits, the blending table in two lines and no blank entries were entered, the code table contains exactly 81 PIN variants (3 ^ 4 = 81). This can be tried by the attacker manually until the misoperation counter locks the access.

If the entry has more than four digits, blank entries have been inserted. The actual replacement PIN numbers can therefore be separated from each other in the input. Due to the blank entries, the input can not lead the attacker to the original PIN, as he can not know where the individual replacement PIN digits are located to assemble them to the replacement PIN.

requires the attacker's original PIN, he must from entering four digits select and from these selected digits create a code table with the blending table. However, you can Here now several code tables exist. At a six-digit Input for a four-digit PIN results in up to fifteen different ones Code tables. For a ten-digit entry for a four-digit PIN already result in up to two hundred and ten different Code tables.

Around overcome the security hurdle by replacing the PIN method At least twice the same user must be observed when entering are evaluated and each of the mixing table and the input can be.

Around further aggravating a spying of the mixing table or complete To prevent, on the one hand, can be used on the screen be, with the viewing content from a viewing angle of 30 degrees can not be recognized, or on the other hand can be increased attached aperture, which is closed at the side, are used. To prevent installing mini-cameras inside the bezel, should the aperture be tapered towards the aperture, opaque enclosure, for example with trapezoidal side surfaces, exhibit. Preferably, the aperture is designed as a slit.

The Aperture is placed over the display and allows through the aperture only a limited field of view on the shown mixing table. In this field of vision can only a small section of the mixing table will be recognized. Too too To see the remaining components of the mixing table, the user must move his head to move his field of vision.

There Spying cameras generally can not understand this and thus they become ineffective, the blending table can not be spied out become. If the blending table can not be spied out Attacks on the protected system only rate attempts and thus largely ineffective.

above was the encryption method in the first alternative Embodiment described. Below is the second alternative Embodiment will be explained in more detail. It will provided a mixing table with at least a first mixing group, containing at least all the alphanumeric characters of the basic group, however, other characters may be included. These characters are preferably random, such as pseudo-random, arranged. It makes sense if there is no sign within one repeated first mixing group. For the replacement is a Specify linking rule for all Substitutions within the mixing groups should preferably be constant, where, of course, other linking rules possible are. With the help of this linking rule Now substitute characters for each character of the start sequence selected.

A such first mixing group for a basic group of natural For example, numbers 0 through 9 could be the string 4 9 2 6 1 0 5 3 8 7 and as a linking rule it is envisaged that the directly adjacent to the sign to be replaced To select characters as substitute characters.

Around For example, to encrypt a PIN, one looks for the digit to be replaced in the mixing group. Was this found, You can either use the left or right of the original PIN digit use existing digits in the blending group as a substitute character. For a given PIN 5926, one would be off Replacement characters formed replacement sequence, for example 0491.

It but could also be specified that the next but one Digit (based on the position of the original PIN digit) must become. Then would be at the same given PIN 5926 would be a possible replacement sequence 8649.

Suitably, the first and last characters of the mixing group are linked together in their sequence, so that an equal number of replacement characters can be selected for each character. In the present case, therefore, the 7 and the 4 would be linked together. This link can be illustrated by a human user, for example, by displaying the mixing group in ring or rectangular form, so for example:

Consequently is always visible to the user which numbers are adjacent and what distance they have between them.

additionally Of course, it can also be for a single or all given characters as replacement characters without consideration the assignment rule selected the default character itself become.

The possibility described above (choice of replacement digits in only one mixing group) is also applicable, of course, if multiple mixing groups are used. Then could on the one hand, the user selects each given character, which mixing group he uses to place within that mixed group Select replacement characters. Or it would be possible to combine both alternative methods. The user could then, for example, be replaced for each Select characters to replace within a mixing group or selects the replacement character between mixed groups. Indeed here is likely that the multitude of encryption options overwhelmed the human user and the variety of possible combinations leads to a reduction in security, that is vulnerability against guessing something is increased again with respect to the exclusive use of either alternative Method.

In 3 is purely exemplary of a data processing system 1 for carrying out the inventive encryption and the inventive query method shown that, for example, as a bank terminal can be realized. This system 1 includes a processor 2 , a store 3 , a display unit 4 , an input unit 5 and a network adapter 6 with which the data processing system 1 via a communication connection 7 can communicate with a not shown system, such as a bank. Storage 3 , Display unit 4 , Input unit 5 and network adapters 6 each stand with the processor 2 in communicative connection.

Out From the above, it has become clear that with the present The invention relates to a method and a device for interrogating a Access codes are provided which spy on the access code make it difficult and, in particular, largely impossible. The input is also for the sensually or mentally disadvantaged People possible. In particular, the method and the Device easy and inexpensive to build and existing Systems can be retrofitted cost-effectively become. At the same time becomes an encryption process provided for the encryption of alphanumeric characters, which is the aforesaid method and apparatus allows, but of course also for other applications, for example, applicable in cryptography is.

QUOTES INCLUDE IN THE DESCRIPTION

This list The documents listed by the applicant have been automated generated and is solely for better information recorded by the reader. The list is not part of the German Patent or utility model application. The DPMA takes over no liability for any errors or omissions.

Cited patent literature

• - EP 0848362 A2 [0016]

Claims (29)

Method for encrypting a predetermined starting sequence of at least one predetermined alphanumeric Character, the element of a given alphanumeric primitive is, in the form of a replacement sequence, characterized by - Provision a mixing table, - provision of an assignment rule, - storage the blending table in a storage element and - replacement each predetermined character of the start sequence by an alphanumeric Replacement characters, where as replacement characters according to the assignment rule with the help of the mixing table one character of the mixing table is selected is chosen or as replacement character the given character itself becomes. Method according to claim 1, characterized by - Provision the blending table by assigning at least one random one alphanumeric character to each element of the basic education group of at least two mixing groups with a respective number of the same number of elements, the mixing groups being element-wise are assigned, the elements of the basic group in a first Mixed group are included and each additional mixing groups for each element of the base group has an associated random one at a time Contains characters, each element of a mixing group is different from the other elements of this mixing group, - and where the assignment rule provides that as a replacement a character from a mixing group is chosen, which in another character group is assigned a character that matches the given character is identical. Method according to claim 2, characterized in that that the random characters are considered elements of alphanumeric Basic group can be selected. Method according to claim 2 or 3, characterized that the blending table is generated so that no character of a Mixed group an identical character in another mixed group assigned. Method according to one of claims 2 to 4, characterized in that the mixing table is generated that second one associated with a first character in a mixing group Characters in another mixing group do not turn as characters one mixing group another character of the other mixing group is assigned if this other character is identical to the first one Sign is. Method according to claim 1, characterized by - Provision the mixing table with at least one first mixing group, wherein in the first mixing group at least the alphanumeric characters of Basic group are included, - and where the assignment rule provides that as a substitute character a character from one of the first Mixed groups is chosen, with the given character within this first mixing group in a given and for all substitutions preferably constant linking rule is linked. Method according to Claim 6, characterized that the first character of a first mixing group with the last Sign of a first mixed group a neighborly relationship forms and so the signs of a first mixing group an endless Sequence. Method according to claim 6 or 7, characterized that the join rule specifies that as a replacement a character from which a first mixing group is selected, in this first mixing group the given character in one adjacent certain distance, preferably immediately adjacent is arranged. Method according to one of claims 2 to 5 in combination with one of claims 6 to 8, characterized that when replacing any given character of the starting order by an alphanumeric replacement character as a replacement character, a character from one of the first mixing groups according to a predetermined and for all substitutions constant linking rule is selected within this first mixing group or as Replacement character a character selected from a mixed group is assigned to a character in another mixing group, which is identical to the given character, or as a replacement character the default character itself is selected. Method according to one of the preceding claims, characterized in that before and / or after the replacement character, a number of additional alphanumeric characters is inserted and the replacement order to the number of corresponding digits is extended, wherein the positions of the additional characters are stored in the replacement sequence. Method according to claim 10, characterized in that that the position, the number and / or the additional Characters are randomly determined or predetermined. Method according to one of the preceding claims, characterized in that containing the elements of the basic group first mixing group is generated so as to randomize the elements Contains sequence. Method according to one of the preceding claims, characterized in that the basic group numbers, in particular contains the numbers 0, 1, 2, 3, 4, 5, 6, 7, 8 and 9 and the random characters as pseudorandom numbers of these numbers to be provided. Method according to one of the preceding claims, characterized in that the mixing table is generated such that the mixing groups have more sites than the elementary group elements having. Method according to one of the preceding claims, characterized in that the replacement sequence is stored. Method for requesting a given access code from at least one predetermined alphanumeric character, the item a given alphanumeric primitive is, by comparing a Start sequence with the access code to release access to a secured system, such as a bank or the like, characterized in that that a blending table according to one of the previous Claims provided based on the basic group becomes a replacement after one based on this blending table the previous claims using the starting order is encoded and then checked whether this replacement sequence with this mixed table and the access code using the method according to one of the preceding claims can be coded, in particular, can be provided that as a replacement not the respective given character may be selected. Method according to claim 16, characterized in that that for displaying the mixing table, a display element and for input the replacement character is provided an operating element and preferred the display of the mixing table ends after the replacement characters have been entered becomes. The method of claim 17 in conjunction with claim 10, characterized in that on the display element number and Position of the additional characters to be displayed and prefers the display of the number and position of the additional Sign after entering the replacement characters is terminated. Method according to claim 18, characterized that if necessary first using the stored positions of the additional Characters these extra characters from the replacement sequence be removed and next for each post the replacement sequence is compared, whether the replacement character at this Place matches the character at this point in the access code or if the replacement character at this point is a character in the blending table associated with the character at this point in the access code. Method according to one of claims 16 to 19, characterized in that optionally after the removal of the additional Character is checked, whether the replacement sequence and the access code have an equal number of digits and preferred If the number of digits is unequal, a misoperation counter is reversed the value one is increased. Method according to one of claims 16 to 20, characterized in that in case of mismatch the start sequence and the access code an erroneous operation counter is increased by the value one. Method according to one of claims 16 to 21, characterized in that in case of disagreement the starting order and the access code and / or unequal number of digits the replacement sequence adjusted for additional characters, and the access code is provided with a new blending table to enter a new replacement sequence, in particular after reaching a certain value for the erroneous operation counter the query procedure is aborted. Method according to one of claims 16 to 22, characterized in that the access code is an initialization means such as chip card, magnetic card, transponder and the like and / or a database of the secured system is taken, in particular identification numbers are provided to query different access codes. Contraption ( 1 ) for carrying out the coding method according to one of claims 1 to 15 and / or the interrogation method according to one of claims 16 to 23, having a processing unit ( 2 in particular a random number generator, wherein the processing unit ( 2 ) is arranged to generate a mixing table according to one of claims 1 to 15 based on a basic group. Device according to claim 24, characterized in that a display unit ( 4 ), which comprises means for increasing the privacy, said means preferably comprising a visor attached to the display element increased and / or a privacy film, the privacy film is particularly adapted to the display of the display unit ( 4 ) at angles greater than or equal to 30 ° to the normal. Device according to claim 25, characterized in that the panel has an opaque enclosure and is preferred designed as a slot or pinhole. Device according to claim 26, characterized in that that the enclosure formed tapering towards the opening is and in particular has side surfaces in trapezoidal shape. Device according to one of claims 25 to 27, characterized in that the aperture is formed so that a viewer through the aperture is not the full Display of the display element can see, but this at least a single change of the viewing direction is necessary wherein the aperture preferably conceals the display of the display element, that the blending table is not complete without change the viewing direction can be detected. Computer program product running on a computer ( 1 ) readable medium ( 3 ) is included for the computer ( 1 ) readable program means that the computer ( 1 ) to execute a method according to one of claims 1 to 15 or one of claims 16 to 23, when the program means on the computer ( 1 ).