[go: up one dir, main page]

GB2124808A - Security system - Google Patents

Security system Download PDF

Info

Publication number
GB2124808A
GB2124808A GB08319857A GB8319857A GB2124808A GB 2124808 A GB2124808 A GB 2124808A GB 08319857 A GB08319857 A GB 08319857A GB 8319857 A GB8319857 A GB 8319857A GB 2124808 A GB2124808 A GB 2124808A
Authority
GB
United Kingdom
Prior art keywords
signals
key
terminal
key means
interrogation
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
GB08319857A
Other versions
GB2124808B (en
GB8319857D0 (en
Inventor
Donald Atkinson Bell
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
NAT RES DEV
National Research Development Corp UK
Original Assignee
NAT RES DEV
National Research Development Corp UK
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by NAT RES DEV, National Research Development Corp UK filed Critical NAT RES DEV
Priority to GB08319857A priority Critical patent/GB2124808B/en
Publication of GB8319857D0 publication Critical patent/GB8319857D0/en
Publication of GB2124808A publication Critical patent/GB2124808A/en
Application granted granted Critical
Publication of GB2124808B publication Critical patent/GB2124808B/en
Expired legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1008Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/341Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/409Device specific authentication in transaction processing
    • G06Q20/4097Device specific authentication in transaction processing using mutual authentication between devices and transaction partners
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00309Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with bidirectional data transmission between data carrier and locks
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00309Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with bidirectional data transmission between data carrier and locks
    • G07C2009/00412Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with bidirectional data transmission between data carrier and locks the transmitted data signal being encrypted
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C2009/00753Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated by active electrical keys
    • G07C2009/00761Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated by active electrical keys with data transmission performed by connected means, e.g. mechanical contacts, plugs, connectors

Landscapes

  • Engineering & Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Accounting & Taxation (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Finance (AREA)
  • Computer Security & Cryptography (AREA)
  • Microelectronics & Electronic Packaging (AREA)
  • Lock And Its Accessories (AREA)

Abstract

Two problems which arise in electronic lock and key systems are ensuring that the lock responds only to authorised keys and that if one lock is compromised keys may continue to be used with other locks without breach of security. An electronic lock and key system is described in which a key 10 receives signals from a terminal 11 (the lock), modifies the signals, using an encryption circuit 13, for example, and returns the signals to the terminal. A comparison circuit 19 compares the received signals with stored information relating to that particular key and sends further signals to the key. If the signals received in response to these agree with stored information the key is accepted. Since every terminal may send a different initial signal and will therefore receive different responses (all previously stored by a particular terminal) the security of each terminal is independent of the others. <IMAGE>

Description

SPECIFICATION Security system The present invention relates to a security system which employs key devices and means for recognising the key devices. Such a system may be used for example for opening a door, operating a car or gaining access to a computer terminal or a secure area, or it may be used to signify the present of a particular person, who must keep the access device securely, and then the presence of the device may be used for making purchases or other financial transactions.
One of the disadvantages of an ordinary lock and key is that once one lock is compromised the security of all other locks which use the same key is also compromised. Hence the need for one person to carry many different keys for different purposes.
In this specification a security system of the type specified comprises key means which interact with recognition means herein-after called a terminal to provide a predetermined result.
According to a first aspect of the present invention there is provided a security system of the type hereinbefore specified comprising terminal means, and at least one key means which can be readily carried in one hand and is capable of being coupled to the terminal means for the interchange of information signals, the, or each, key means comprising means for receiving first digital signals from the terminal, means for operating upon the first signals according to a systematic process to derive second digital signals, and means for passing the second signals to the terminal, and the terminal comprising a further electrical memory, interrogation means for passing the first signals to the, or one of the key means when coupled to the terminal means, comparison means for comparing the second signals received with information held by the further memory and for providing an indication of the result of the comparison.
the interrogation means being arranged to pass an initial group of the first signals to the, or one of the key means at the start of each interchange between the key means and the terminal means, and to pass further groups of first signals during that interchange to that key means in dependence upon the result of the comparison made by the comparison means on receipt of that group of second signals received in response to the initial group of first signals.
According to a second aspect of the invention there is provided key means for a security system of the first aspect of the invention comprising means for operating upon the first signals in accordance with modifying signals to provide modified signals, and means for transforming the modified signals into at least some of the said modifying signals, the second signals being, or being derived from, the modified signals.
According to a third aspect of the present invention there is provided a terminal for a security system of the first aspect, comprising an electrical memory, interrogation means for passing the first signals to the, or one of the key means when coupled to the terminal means, comparison means for comparing the second signals received with information held by the further memory and for providing an indication of the result of the comparison, the interrogation means being arranged to pass an initial group of the first signals to the, or one of the key means at the start of each interchange between the key means and the terminal means, and to pass further groups of first signals during that interchange to that key means in dependence upon the result of the comparison made by the comparison means on receipt of that group of second signals received in response to the initial group of first signals.
In this specification a digital signal is a signal having a characteristic such as current or voltage level or frequency, which may have predetermined discrete values only.
A complete security system according to the invention comprises at least one key means and at least one terminal but in practice a plurality of key means and terminals is usually provided.
in operation, the electrical memory of each key means contains information which is preferably unique to that key means.
In the terminal, the interrogation means causes a separate set of first signals to be transmitted to each key means, the initial group of signals of each set preferably being a standard signal and the remaining first signals in a set being selected in accordance with one or more second signals received. As a result the response of each key is unique, and if each key causes a different modification of first signals from that of other keys, the possession of one key does not compromise the security of other keys.
The sets of first signals held by each terminal are unique to that terminal although preferably the initial group of signals of each set is a standard signal. One advantage then obtained is that if one terminal is compromised, others are not and it is possible to continue to use the same key means with these other terminals. One personal key means may therefore replace many keys which would otherwise be required. Since it is possible to make it virtually impossible to construct a key which can be used with other terminals, using the information obtainable from a compromised terminal, the security of the other terminals remains unaffected. The construction of a useful key would also require knowledge of the contents of the modification process of a key.As with conventional locks, but not some electronic locks and security systems, possession of a key means and access to the interior and/or circuits of a terminal does not allow construction of key means suitable for use with terminals which cannot be accessed by the key means already possessed.
A number of terminals, for example in different locations, for use with the same key means or a number of such means, may be coupled to the same computer usually at a remote location. The terminals then obtain first signals from the computer to pass to the key means and pass second signals to the computer for recognition.
If, in such an arrangement, the second signals stored by the computer depend on responses obtained from more than one terminal and are frequently changed, the following security advantage is obtained: a record of first and second signals made by tapping a link between one terminal and the computer with a view to unauthorised use is not complete and therefore cannot be successfully used, since the computer will send over the tapped link some first signals and expect to receive corresponding second signals set up by way of a terminal using another link.
The means for operating upon the first signals may comprise means for-transforming each first signal, in the form of a long block of bits, according to a predetermined algorithm, for example the United States Data Encryption Standard where the block length is 64 bits.
As an alternative the Public Key Crypto System (PKCS) may be used and if the algorithm described by Rivest, Shamir and Alderman in "A Method of Obtaining Digital Signatures and Public-key Crypto-systems" Comm. Assoc. Comp. March, Vol. 21, No. 2 (February 1978) is followed each second signal representing a number C fulfills the equation C = MT (Mod R) where M is a number represented by a first signal, T is a secret encryption key held by the memory of the key means and R may be a publicly known number.
In another arrangement where the first signals are strings of bytes or bits of arbitrary length, the means for operating upon the first signals may include means for modifying bytes or bits of first signals as they are received from the terminal means in accordance with the information stored by the memory of the key means and/or bytes previously received as parts of first signals.
Another alternative for the means for operating upon the first signals includes means for modifying bytes of first signals received and means for encrypting the modified bytes in order to provide the second signals.
Instead of modifying bytes, digital first signals may be modified on a single bit basis in accordance with the contents of the key memory. The modified bit stream may be used to address the information storage means to obtain one or more bits for modifying the bit stream, for example by means of one or more exclusive-OR gates. In this specification and claims an OR function includes OR, EXOR and NOR functions.
According to a fourth aspect of the present invention there is provided a security method including using terminal means to pass initial interrogation signals to key means comprising means for operating upon the first signals according to a systematic process to provide initial response signals.
using the terminal means to receive the initial response signals and to pass further interrogation signals particular thereto to the key means, and using the terminal means to receive further response signals from the key means, and to compare the received signals with information stored in the terminal relating to previously obtained initial response signals of the said key means, and indicate the result of the comparison.
Preferably the security method employs a plurality of key means and the input signals applied to each such means form a set unique to that key means. The method then includes selecting at least some input signals for a key means in accordance with output signals from that key means.
Certain embodiments of the invention will now be described, by way of example, with reference to the accompanying drawings, in which: Figure 1 is a block diagram of a terminal and a key according to the invention, and Figures 2 to 6 are block diagrams of other embodiments of keys according to the invention.
In Fig. 1 a key 10 which may be in the form of a slim package for integrated circuits is shown coupled to a terminal 11. The coupling may be by way of plug and socket contacts or, for example, by way of inductive, reactive or optical coupling. Since it is important that the owner should not lose the key it may be made in a form which could be worn on a wrist strap rather like a watch, or eventually on a finger as a signet ring.
The key contains an input register 1 2 and an encryption circuit 1 3 and an output register 1 4. The encryption circuit 1 3 also receives an encryption key from a read only memory (ROM) 1 5. The circuits 12 to 15 are controlled by a control circuit 1 6 which receives a power supply and timing information from a circuit 1 7 in the terminal. The connection between the circuits 1 6 and 1 7 is preferably by plug and socket although any of the means mentioned above may be used. Instead a separate power supply circuit, perhaps in the form of a battery, may be provided for the key.In this case timing information can easily be provided by inductive, reactive or optical coupling.
The terminal 11 comprises an electrical store 1 8 which is conveniently divided into ROM and RAM, a comparison circuit 1 9 and a control circuit 20.
Before the key 10 can be used for normal operation it must first be coupled to the terminal 11 so that interaction can take place and certain signals can be stored in the store 1 8. This operation will first be described.
An authorised person, preferably a security officer, uses a keyboard for example to put the terminal 11 into a mode in which it sends digital signals to a key and records signals received. Access to this mode can be by known secure means not described. The control circuit 20 causes the store 1 8 to transmit a "question" in the form of a long block of bits, typically 32 to 64 bits. This initial question will usually be a universally agreed question amounting to "Who are you?". The "question" passes by way of connections 22 to the input register 12, under control of the circuit 1 6. The contents of this register are passed in parallel to the encryption circuit 1 3 which also receives an encruption key from the ROM 15.For example the US Data Encryption Standard (DES) may be used and the properties of this system render it impossible to specify in advance the response to an input provided the key held in the ROM 1 5 is kept secret. The DES is the subject of FIPS publication 48, US National Bureau of Standards (January 1977). Even if plain-text and ciphertext pairs of messages (enciphered using the DES) are available it is not possible to discover the key held by the ROM and therefore it is impossible to decipher coded numbers When the DES is used the circuit 1 3 may be a commercially available integrated circuit or it may comprise a microprocessor programmed to follow a known algorithm based on the DES.
The encrypted "question", now an "answer", is passed to an output register 1 4 and thence by way of connections 23 to the store 1 8 of the terminal.
Each key 10 has a different response to the universal "Who are you?" question since each key is provided with a unique key held in the ROM 1 5. Thus the response generated by a key to the initial question may be regarded as the serial number of that key.
A further series of unique "questions" is now transmitted to the key from the terminal and these questions are stored in a way which allows them to be called by reference to the initial question. The further questions are individual to the key and result in further respective responses which are stored together with the "questions" by the store 1 8.
Each individual key is also initially coupled to every terminal with which it is to be used, and apart from the initial "question", further "questions" are individual to terminals so that the response of the key depends on the terminal to which it is coupled. In this way even if a single terminal is compromised so that the answers to questions put to keys are available, it is not possible to construct fraudlent keys which could be used successfully with other terminals.
In normal operation a key 10 is coupled to a terminal 11, and when the terminal transmits the "Who are you?" question and the key 10 responds with its individual "answer", this "answer" is checked in a comparison circuit 1 9 against the original response as recorded in the store 1 8 and read into the comparison circuit 1 9. If the "answer" (in effect the serial number of the key 10) is recognised, the comparison circuit 1 9 signals the control circuit 20 to read out further "questions" corresponding to that serial number.As these "questions" are read out the respective answers are checked by the comparison circuit and if all are recognised the comparison circuit further signals the control circuit that the card has been recognised and an indication is given at a terminal 24.
The DES handles 64 bit blocks both as input and output but shorter input blocks may be used if all keys use a standard form of bit duplication or padding. Although output blocks will always be 64 bit, some of these bits can be discarded, for example by the terminal.
An alternative, and probably more economical key is shown at 25 in Fig. 2, and this key may be used with the terminal 11 of Fig. 1.
An incoming 64 bit "question" is passed to a register 26 where a selection of N bits are concatenated and applied in a selected order to form an address for a register 27. The output of the register 27 addresses a ROM 28 to read out a small insert of M bits, which is passed into the input end of the register 26.
The contents of the register 26 are shifted downwards to accommodate the addition of the M bit insert and the output bits from the lower end of the register are, at this time, lost.
This operation is repeated enough times to replace the entire contents of the register 26, for example about 10 times, and then the scrambied question held by the register 26 is read out as an answer and passed back to the terminal 11. The above mentioned operations are carried out under the control of a control circuit 29.
In one implementation the contents of the ROM 28 are about 1 ,000 bits which give convenient values of 10 for N and 1 for M, or alternatively 8 for N and 4 for M. The precise bits chosen from the register 26 to address the ROM 28 are ideally such as to make the difference between all the pairs as different as possible. For example if an 8 bit address register 27 is chosen, a suitable set of bit positions in the register 26 is 1, 2, 4, 8, 13, 21, 31 and 45.
The security of the key 25 depends on keeping secret the selection of the N bits and the order in which they are applied to address the ROM 28. This Fig. 2 relates to a system which is not so highiy secure as, for example, the system of Fig. 5 below. A way in which security can be improved is described in the next paragraph.
In a modified form of the key 25, the shift register 26 has an end-around shift connection and this connection includes an exclusive OR-circuit also receiving the M bit insert. Endaround shift and the exclusive-OR operation are continued until the original contents of the register 26 have been replaced and then the new contents are passed to the terminal. Figs.
5 and 6 use similar end-around shifts and exclusive-OR circuits.
The card of Fig. 2 is initialised and used in the same way as that described for the card 10.
Another form of key is based on transforming strings of bits of bytes or arbitrary length using the cipher text auto key (CTAK). (See L.J. Hoffman, "Modern Methods for Computer Security and Privacy", Prentice-Hall, Englewood Cliffs, 1977.) The key 30 of Fig. 3 comprises an input terminal 31 coupled to one input of an exclusive-OR gate 32 which has another input coupled to one end of a shift register 33. The output of the exclusive-OR gate is connected to a further shift register 34 and also to an output terminal 35. For initialisation purposes a ROM 36 is connected to read in parallel to the shift register 34 and encryption is carried out using a DES circuit 37 which includes storage for a DES encryption key.
The CTAK principle is well known in cryptography and will first be explained with reference to Fig. 3. In normal CTAK operation, but not in the present invention, a transmitter comprises an exclusive-OR gate 32, shift registers 33 and 34 and a DES circuit 37, and a receiver comprises circuits of the same types. The output terminal 35 of the transmitter is connected to the output terminal 35 of the receiver so that the receiver functions in reverse to the key shown in Fig. 3, the deciphered message appearing at the terminal 31 of the receiver. An input message is applied to one input of the exclusive-OR gate 32 in the transmitter and is combined bitwise or bytewise with part of the output of the DES block 37. The resulting bit or byte is now transmitted and also copied into the shift register 34 of the transmitter and used to form part of the input to the DES circuit.At the receiver the reverse operation takes place and barring transmission errors the shift registers 33 of transmitter and receiver have identical contents at all times. The system is selfsynchronising after the initial contents of the shift registers 33 have been cleared. Both DES circuits are in the encryption mode at all times.
For use as a key "questions" are passed to the key of Fig. 3 by way of the input terminals 31 where each byte or bit is compared in the exclusive-OR gate 32 with a byte or bit read out from the shift register 33. The output from the gate 32 passes to the output terminal 35 and also into the shift register 34. The contents of this register are encrypted using the DES circuit 37 and passed to the register 33.
The card 30 may be used with the terminal 11 in the way previously described. However for application as a key, true initialisation of the shift register 34 is required and this is provided by the ROM 36 which contains an initialisation vector unique to each key. The vector from the ROM 36 is copied into the shift register 34 when a reset signal is sent from the terminal to the key, for example from the circuit 1 7 of the terminal to a control circuit 38 of the key. Alternatively reset can follow a known (but unusual) pattern occurring in a question, for example a series of eight all zero bytes.
"Questions" from the terminal 11 may be of arbitrary numbers of bytes or bits and "answers" of the same length are received.
Since the encryption operation need never be reversed the DES system of Fig. 3 may be replaced by a shifting and look-up system similar to that described with reference to Fig.
2. A single shift register is then connected to one input of the exclusive-OR gate 32 and a ROM is addressed by the output of the gate which also serves as an output from the key.
The ROM output is read into the shift register.
Since decipherment is never necessary when using the key an alternative approach, also using the DES may be used. It is similar to, but not identical with, the "block chaining" mode of using the DES already in use for commercial cryptography. A suitable key is shown in Fig. 4 where incoming "questions" from the terminal are applied to an exclusive OR circuit 40 and then passed to a shift register 41.
The contents of the register 41 are encrypted by a DES circuit 54, which stores an encryption key, and passed to an output shift register 43. Shift through the register 43 is from left to right as shown in Fig. 4 so that output bytes are passed to an output terminal 46 and provide "answers" for the terminal.
Each incoming byte applied to the exclusive OR circuit 40 is combined with part of the output of the previous DES operation since one byte at the lower end of the shift register 43 is passed back to form an input to the exclusive-OR circuit 40. Thus the output of the DES circuit 45 is used in two ways:-- the rightmost byte forms the output of the key and the leftmost byte is used to modify the next incoming byte. In this way the output is dependent on all the previous inputs since the key was last reset.
An initialisation vector is used and the lower 56 bits of this vector are held in a ROM 42 and copied into the shift register 41 on reset.
The remaining eight bits of the vector are sent, also on reset, to the leftmost byte of the register 43 from a ROM 44. The ROMs 42 and 44 are preferably part of the same integrated circuit.
The DES is not only the encipherment operation which can be used in this way and more economical operations such as that previously outlined in connection with Fig. 2 may be used.
The key 48 of Fig. 5 is the general form of another type of key and receives bit streams in the form of "questions" from a terminal by way of an input terminal 49. The bit streams are modified in an exclusive-OR gate 50 before being passed to a transformation circuit 57 which transforms the input bit stream into modifying signals some of which are applied to the gate 50 by way of a channel 58. The bit stream from the gate 50 is passed by way of another exclusive-OR gate 53 to an output terminal 54. The gate 53 also receives modifying signals from the circuit 53 and in this way neither examination of the input signals at the terminal 49 nor the output signals at the terminal 54, or both such signals, reveals the signal applied to the circuit 57. Thus the transformation carried out by the circuit 58 is kept secure.
One form of the key 48 is shown in Fig. 6 where the circuit 57 comprises an eight bit shift register 51 used to address a ROM 52.
This ROM contains two sections of 256 bits each of which are addressed in parallel and thus one address from the shift register 51 causes two bits to be read out, one passing as an input to the exclusive-OR gate 50 and one passing as an input to the exclusive-OR gate 53. As each bit reaches the shift register 51, another bit emerges from the lower end of the shift register and passes to the exclusive-OR gate 53, the output from which forms one bit of an "answer" which is then passed to the terminal by way of the output terminal 54.
The key 48 has to be prepared in two ways before use; firstly the two sections of the ROM 52 must be loaded, and secondly an eight or nine bit ROM 55, which on reset loads the shift register 51, has to be provided with a unique initialisation vector. Providing all the required addresses for the ROM 52 presents a problem in that the bit stream entered at the terminal 49 is modified in the exclusive-OR gate 50 before reaching the shift register 51. One way of dealing with this problem is to feed a bit stream to the terminal 49 which forms a pseudo random binary sequence (PBRS). A PBRS has the property that a bit stream of length (2n-1) bits contains every possible sequence of n bits except n zeros. Since a PBRS can be generated by a feedback shift register both sections of the ROM 52 may be simultaneously addressed by a PBRS applied to the terminal 49.In the present example, for ROM sections of 256, n = 8. That section of the ROM 52 which is coupled to the gate 53 is loaded first, with all locations of the other section at zero, so that the PBRS is not modified as it passes through the gate 50. The said other section is then loaded but each location addressed for loading is not addressed again, so avoiding modification of the PBRS.
The contents of the locations in the two sections of the ROM 52 can be selected to give any desired response signal but preferably, with the exception perhaps of a response to the first "question" which may be required in a certain form, the response signals of the ROM 52, and therefore the contents of the two sections, are selected at random and this can be carried out by using a random generator for example one which employs the electrical noise which arises in a circuit. A suitable known circuit uses a noisy diode. Thus this type of key has the advantage that the response to the "Who are you?" question can be set to any devised value since it usually uses only a fraction of the bits in the ROM 52, for example 128 out of 512 or with a larger ROM 1024, and the remaining bits can be set to random values.
In operation, when the key 48 is connected to the terminal 11 a control circuit 56 first passes a signal to the ROM 55 which loads the initialisation vector into the shift register 51. Then a bit stream is applied at the terminal 49 and after modification reaches the shift register 51 where it used to address the ROM 52. As the bit stream emerges from the shift register 51 it is modified again before reaching the terminal 54 where it passes onto the terminal 11 as an "answer". The "answers" received from the key 48 are, in general, unique to that key and depend both on the initialisation vector and also on the random contents of the ROM 52.
It will be apparent from the examples given above that the invention may be put into practice in many different ways other than those specifically described. In particular many ways are available for deriving "answer" signals from "question" signals. Other integrated circuits of different types from those shown specifically may be used and any suitable form of coupling between the terminal and the key may be employed. It is not necessary for this coupling to carry power since the key can be battery or "solar" operated, for example. A single system may use different types of terminals and keys, provided standard interfacing and "question" and "an swer format are employed. Each key may be constructed to respond to short strings of bits in low security applications and long strings in high security applications.

Claims (11)

1. A security system of the type hereinbefore specified comprising terminal means, and at least one key means which can be readily carried in one hand and is capable of being coupled to the terminal means for the interchange of information signals, the, or each, key means comprising means for receiving first digital signals from the terminal, means for operating upon the first signals according to a systematic process to derive second digital signals, and means for passing the second signals to the terminal, and the terminal comprising a further electrical memory, interrogation means for passing the first signals to the, or one of the key means when coupled to the terminal means, comparison means for comparing the second signals received with information held by the further memory and for providing an indication of the result of the comparison, the interrogation means being arranged to pass an initial group of the first signals to the, or one of the key means at the start of each interchange between the key means and the terminal means, and to pass further groups of first signals during that interchange to that key means in dependence upon the result of the comparison made by the comparison means on receipt of that group of second signals received in response to the initial group of first signals.
2. A security system according to Claim 1 including at least one further terminal means, wherein the interrogation means of each terminal means is arranged to pass further groups of first signals following the initial group to a key means coupled to that terminal means which are different from the further groups of first signals passed to key means by the, or other terminal means.
3. Key means for a security system according to Claim 1 or 2 comprising means for operating upon the first signals in accordance with modifying signals to provide modified signals, and means for transforming the modified signals into at least some of the said modifying signals, the second signals being, or being derived from, the modified signals.
4. Key means according to Claim 3 including means for further modifying the modified signals in providing the second signals, the further modification being a transformation carried out in accordance with at least some of the said modifying signals.
5. Key means according to Claim 3 or 4 including an electrical memory wherein the means for operating upon the first signals, at least initially, modifies the first signals in accordance with the contents of the memory of the key means.
6. Key means according to Claims 3, 4 or 5 for use where the first signals are in the form of blocks of bits wherein the means for operating upon the first signals is arranged to transform each block according to the algorithm of the United States Date Encryption Standard or the Public Key Crypto System.
7. Key means according to Claim 3, 4 or 5 for use where the first signals are strings or bytes or bits wherein the means for operating upon the first signals includes means for modifying bytes or bits of the first signals as they are received from the terminal means in accordance with the information stored by the memory of the key means and/or bytes previously received as parts of first signals.
8. Key means according to Claim 7 wherein the means for operating on the first signals include a register for receiving the first signals and providing the second signals, a read only memory having address terminals connected to selected stages of the register and output connected to the input of the register, and control means for controlling the operating means to carry out a process each time a group of first signals is received, the process including performing a cycle of operations in which the said group of first signals are entered into the shift register to address the read only memory, and the output of the read only memory is entered into the shift register displacing some of the first signals, the operations being continued until a predetermined number of cycles has elapsed and then reading out the contents of the shift register to provide a group of second signals.
9. Key means according to Claim 7 wherein the means for operating upon the first signals comprise gate means for carrying out an OR function between bits or bytes of the first signals and gating signals, a register for holding the output from the gate means, means for encrypting the contents of the register and applying bits or bytes of the encrypted signal to the gate means as the gating signals, the output of either the gate means or the register forming the second signals.
10. Key means according to Claim 4 or any of Claims 5 to 9 insofar as dependent on Claim 4 wherein the means for operating upon the first signals and the further modifying means include first and second gating means for carrying out and OR function on the first signals and the modified signals, respectively, and the key means includes a read only memory connected to be addressed by the modified signals and to provide the first and second gating signals on being addressed.
11. Key means according to any of Claims 3 to 10 wherein the means for operating upon the first signals, the means for transforming the modified signals, and the further modifying means (if any) are together formed by a programmed computer.
1 2. A terminal for a security system according to Claim 1 or 2 comprising an electrical memory, interrogation means for passing the first signals to the, or one of the key means when coupled to the terminal means, comparison means for comparing the second signals received with information held by the further memory and for providing an indication of the result of the comparison, the interrogation means being arranged to pass an initial group of the first signals to the, or one of the key means at the start of each interchange between the key means and the terminal means, and to pass further groups of first signals during that interchange to that key means in dependence upon the result of the comparison made by the comparison means on receipt of that group of second signals received in response to the initial group of first signals.
1 3. A security method including using terminal means to pass initial interrogation signals to key means comprising means for operating upon the first signals according to a systematic process to provide initial response signals, using the terminal means to receive the initial response signals and to pass further interrogation signals particular thereto to the key means, and using the terminal means to receive further response signals from the key means, and to compare the received signals with information stored in the terminal relating to previously obtained initial response signals of the said key means, and indicate the result of the comparison.
1 4. A security method according to Claim 1 3 including using at least one further terminal means to pass interrogation signals to key means, wherein, following an initial group of interrogation signals, further such signals passed to key means by each terminal means are different from further groups of interrogation signals passed to key means by other terminal means.
1 5. A security method according to Claim 1 3 or 1 4 including using a plurality of key means, wherein the systematic process carried out by each key means is different from that carried out by other key means.
1 6. A security system, a terminal or a key, as hereinbefore described with reference to the accompanying drawings.
GB08319857A 1982-07-27 1983-07-22 Security system Expired GB2124808B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
GB08319857A GB2124808B (en) 1982-07-27 1983-07-22 Security system

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
GB8221636 1982-07-27
GB08319857A GB2124808B (en) 1982-07-27 1983-07-22 Security system

Publications (3)

Publication Number Publication Date
GB8319857D0 GB8319857D0 (en) 1983-09-14
GB2124808A true GB2124808A (en) 1984-02-22
GB2124808B GB2124808B (en) 1986-06-11

Family

ID=26283438

Family Applications (1)

Application Number Title Priority Date Filing Date
GB08319857A Expired GB2124808B (en) 1982-07-27 1983-07-22 Security system

Country Status (1)

Country Link
GB (1) GB2124808B (en)

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2157467A (en) * 1982-08-02 1985-10-23 Leonard Joseph Genest Security system for securely communicating therein
FR2568040A1 (en) * 1984-07-18 1986-01-24 Lewiner Jacques INSTALLATION FOR CONTROLLING AND CONTROLLING THE DIFFERENT LOCKED LOCKS OF AN ASSEMBLY
FR2597142A1 (en) * 1986-04-08 1987-10-16 Schlage Lock Co CRYPTOGRAPHIC ELECTRONIC LOCK SYSTEM AND METHOD OF OPERATION
DE3602989A1 (en) * 1986-01-31 1987-11-19 Herz Gmbh ELECTROMECHANICAL LOCKING SYSTEM
US4916738A (en) * 1986-11-05 1990-04-10 International Business Machines Corp. Remote access terminal security
US5109413A (en) * 1986-11-05 1992-04-28 International Business Machines Corporation Manipulating rights-to-execute in connection with a software copy protection mechanism
US5148534A (en) * 1986-11-05 1992-09-15 International Business Machines Corp. Hardware cartridge representing verifiable, use-once authorization
EP0533507A1 (en) * 1991-09-20 1993-03-24 Mas-Hamilton Group An electronic bolt lock with enhanced security features
US8528373B2 (en) 1997-06-06 2013-09-10 Richard G. Hyatt, Jr. Electronic cam assembly

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6564601B2 (en) 1995-09-29 2003-05-20 Hyatt Jr Richard G Electromechanical cylinder plug

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB1399020A (en) * 1971-12-23 1975-06-25 Ibm Cryptographic identification system

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB1399020A (en) * 1971-12-23 1975-06-25 Ibm Cryptographic identification system

Cited By (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2157467A (en) * 1982-08-02 1985-10-23 Leonard Joseph Genest Security system for securely communicating therein
GB2159990A (en) * 1982-08-02 1985-12-11 Leonard Joseph Genest Method for securely communicating
GB2159991A (en) * 1982-08-02 1985-12-11 Leonard Joseph Genest A programmer communication link
FR2568040A1 (en) * 1984-07-18 1986-01-24 Lewiner Jacques INSTALLATION FOR CONTROLLING AND CONTROLLING THE DIFFERENT LOCKED LOCKS OF AN ASSEMBLY
EP0171323A1 (en) * 1984-07-18 1986-02-12 Jacques Lewiner Operating and controlling system for a plurality of accesses equipped with coded locks
DE3602989A1 (en) * 1986-01-31 1987-11-19 Herz Gmbh ELECTROMECHANICAL LOCKING SYSTEM
FR2597142A1 (en) * 1986-04-08 1987-10-16 Schlage Lock Co CRYPTOGRAPHIC ELECTRONIC LOCK SYSTEM AND METHOD OF OPERATION
US4916738A (en) * 1986-11-05 1990-04-10 International Business Machines Corp. Remote access terminal security
US5109413A (en) * 1986-11-05 1992-04-28 International Business Machines Corporation Manipulating rights-to-execute in connection with a software copy protection mechanism
US5148534A (en) * 1986-11-05 1992-09-15 International Business Machines Corp. Hardware cartridge representing verifiable, use-once authorization
EP0533507A1 (en) * 1991-09-20 1993-03-24 Mas-Hamilton Group An electronic bolt lock with enhanced security features
US8528373B2 (en) 1997-06-06 2013-09-10 Richard G. Hyatt, Jr. Electronic cam assembly

Also Published As

Publication number Publication date
GB2124808B (en) 1986-06-11
GB8319857D0 (en) 1983-09-14

Similar Documents

Publication Publication Date Title
EP0002389B1 (en) Multiple domain data communication
US5261003A (en) Data communication system and method with data scrambling
US6345101B1 (en) Cryptographic method and apparatus for data communication and storage
US6975730B1 (en) Method and apparatus for contents information
US8254570B2 (en) Method and system for encryption of data
US4206315A (en) Digital signature system and apparatus
US6393564B1 (en) Decrypting device
KR100417657B1 (en) One-way data conversion device and device authentication system
RU2121231C1 (en) Method which provides two-point connection in secure communication systems
RU2077113C1 (en) Method for cryptoprotection of telecommunication know-how systems
US5696823A (en) High-bandwidth encryption system with low-bandwidth cryptographic modules
KR950704733A (en) METHOD AND APPARATUS FOR ENCRYPION HAVING A FEEDBACK REGISTER WITH SELECTABLE TAPS
HK92095A (en) Method for certifying the authenticity of data exchanged between two devices connected locally or remotely by a transmission line
CA2441392A1 (en) Encrypting apparatus
US20030091193A1 (en) Method and device for the encryption and decryption of data
JP3586475B2 (en) Method and circuit device for generating pseudo-random number sequence
EP0719007A2 (en) Small size product cipher apparatus
US4314097A (en) Authenticator device for precluding compensating text modifications in transmitted messages
GB2124808A (en) Security system
US6301361B1 (en) Encoding and decoding information using randomization with an alphabet of high dimensionality
KR100456599B1 (en) Cryptographic apparatus with parallel des structure
US20060265604A1 (en) Method and device for encryption/decryption
KR20040038777A (en) Data encryption method
US5068895A (en) Encryption and decryption methods using bit-length preservation decryptor
JPH10173646A (en) Encryption assisting method, decryption assisting method, and apparatus using those methods

Legal Events

Date Code Title Description
732 Registration of transactions, instruments or events in the register (sect. 32/1977)
PCNP Patent ceased through non-payment of renewal fee

Effective date: 19930722