WO2002011081A1 - Data carrier comprising an optical memory - Google Patents

Abstract

The invention relates to a method for storing and reading out data on a data carrier, as well as a data carrier and a writing and/or reading device, especially for the implementation of said method. Data is encoded by means of a (data) key and a related cryptographic method or algorithm. Encoded data is stored in an optical data memory pertaining to the data carrier which can be embodied, for example, in a CD/DVD/MO format or in the form of a holographic storage element. The data carrier is preferably a chip card which comprises an optical data memory in addition to a conventional chip module. According to the invention, communication with the chip module is carried out via an interface without contact and/or with contact. The complete encoding and decoding of the data in the optical memory is carried out by a microprocessor. This ensures high security against attempts to discover the secret key as said key must not be read out of the microprocessor and indeed cannot be read out at all. The microprocessor represents the interface and the encoding and decoding devices by means of which the encoded data of the optical memory can be read out.

Description

 Media with optical storage

The invention relates to methods for storing and reading out data on a data carrier with optical memory, a corresponding data carrier and a writing and / or reading device for writing or reading data stored on the data carrier, in particular for carrying out the method according to the preamble of the relevant claims.

In particular, the invention relates to data carriers in the form of a conventional chip card which has a chip module implemented in it, such as, for. B. a microprocessor chip module with a non-volatile memory (e.g. EEPROM). Since today's non-volatile memories of such a chip module typically only have a memory capacity of 64 Kbytes, the use of a chip card, in particular the amount of data to be stored, is very limited.

State of the art are also chip cards which have an optical data memory in the manner of a CD-ROM. Amounts of data of a few MByte can be stored on such an optical data storage device. Such a chip card is e.g. described in DE 42 42 247 C2 and WO 99/00765 A1. The CD-ROM data of the data carrier can be read out in the CD drive of a personal computer or a conventional CD player.

A further development of the data carrier card with CD-ROM memory is the use of an optical data memory of the DVD type. This allows the amount of data to be stored to be increased further. Such a data carrier card is known from WO 01/04905 A1 and EP 1 043 684 A1. From WO 99/57719 a data carrier card with a holographic data memory is known, which consists of a polyester film and works in reflection. A reflective film is applied on one side to the data carrier body and, depending on the wavelength of the laser radiation striking it, is either reflective or transmissive or transparent to laser radiation. A holographic data memory in the form of a polarization-sensitive polymer film is arranged above this reflection film. Large amounts of data can also be stored on such a holographic memory.

In a large number of applications, it is necessary to encrypt the data contained on the data carrier, in particular the optical memory, and to make it accessible only to an authorized group of people. For encryption, cryptographic methods are used using at least one key, the

Key is stored on the electronic chip of a chip card. To decrypt the data in the optical memory, the key is first read out by an authorized writing and / or reading device. The encrypted data are then read out of the optical memory and decrypted in the writing and / or reading device using the key. Such a method is described in EP 1 043 684 A1 cited above.

A disadvantage of the method described above is the lack of data security, since the secret key is exchanged between the chip card and the writing and / or reading device and is held there at least for the duration of the decoding of the optical data. The writing and / or reading device is generally not a secure environment, so that the key can possibly be spied on by third parties.

The object of the present invention is, in particular, to provide a secure method for confidential storage or for reading out large amounts of data on a data carrier and in the provision of a data carrier suitable for this purpose and a write and / or read device suitable for this purpose.

This object is achieved by the measures specified in the relevant independent patent claims. Advantageous embodiments of the invention are specified in the associated independent patent claims.

An essential aspect of the invention is to use a (data) key and an associated cryptographic method or algorithm, such as. A known RSA, ECM (elliptic curve method), or other public key method or symmetrical method, such as e.g. DES (data encryption standard) or IDEA (international data encryption algorithm) method to encrypt data and to store this encrypted data in an optical data memory of the data carrier according to the invention. The data carrier is preferably a data carrier card, such as in particular a chip card, which has an optical data memory in addition to a conventional chip module.

In an advantageous embodiment of the invention, the optical data memory is replaced by a data memory according to the CD standard (eg CD-ROM, CD-R, CD-RW) or DVD standard (eg DVD-ROM, DVD-R, DVD-RW, DVR- red, DVR-blue). A CD or DVD data memory has a relatively high storage capacity and allows the storage of large ones

Amounts of data even on a conventional (small) data carrier card, such as a chip card in particular. For example, several tens of MB of data can be stored in a DVD data memory of a data carrier card according to the invention.

In a further advantageous embodiment of the invention, the optical data storage can also be implemented by a magneto-optical (MO) Data storage are formed. The actual MO layer is located between two protective layers and has a uniform magnetization from the day of its manufacture. This storage layer is hard magnetic

However, if you look at the focal spot of the laser beam, the storage layer there briefly heats up to around 200 ° C. This leads to a local loss of magnetization. During the subsequent cooling process, the storage layer now takes on exactly the magnetization that is imparted to it by an external magnetic field.

When reading the MO layer, one uses the Kerr effect known in physics, which has to do with the polarization of a light beam. A light beam that is reflected by a magnetic surface reacts to the direction of magnetization of this surface

In another advantageous embodiment of the invention, the optical data memory is formed by a holographic data memory (HDS) (e.g. HoloDisk Format InPhase Corp.). A holographic data memory has a high storage capacity or a high one

Storage density and allows the storage of large amounts of data even on a conventional (small) data card, such as a chip card in particular. For example, more than two gigabytes of data can be stored in the holographic data memory of a data carrier card according to the invention.

In addition to the high storage capacity of a holographic data memory, such a data memory has the advantage, compared to a CD, DVD or MO in which the data is stored serially, that the data can be written in and read out again much faster by means of a suitable laser device. This is due to the parallel, page-by-page storage of the holographic data memory. In a preferred embodiment of the invention, the optical memory is formed by a photorefractive crystal or a photopolymer. A photopolymer is to be understood in particular as a polymer which is photosensitive to laser radiation. Such a polymer is described in EP-A1-0704513.

In a particularly preferred embodiment of the invention, a polymer is provided which has one or more properties of the polymer or the polymers described in EP-A1-0704513.

In a particularly preferred embodiment of the invention, a rewritable polymer is used (e.g. photoaddressable polymer PAP, azobenzene side chain polyester). In one embodiment of the invention, a polymer is used which is compatible with one or more Polycarbonate (PC), polyvinyl chloride (PVC), acrylonitrile-butadiene-styrene (ABS), polyethylene terephthalate (PET) films can be laminated to a film composite. Such a polymer is particularly advantageous for card applications. In a further embodiment of the invention, a polymer is used which has a high diffraction efficiency and / or a high refractive index. In such a polymer, data can be stored holographically or read from it in a particularly reliable manner.

In a preferred embodiment of the invention, the

Data storage, in particular a holographic data storage, is formed by one or more storage cells which are arranged distributed over the surface or map surface of the data carrier. In a first variant, the memory cells are "islands" in the laminated photopolymer film or plastic film, e.g.

Polycarbonate (PC), polyvinyl chloride (PVC), acrylonitrile butadiene styrene (ABS), polyethylene terephthalate (PET). The memory cells for preferably holographic storage of data are provided, in particular, at locations on the data carrier or the data carrier card that are unprinted on one or both sides in order to largely avoid influencing the laser radiation when writing or reading data into the memory cells.

In a second variant, the data memory according to the invention, such as in particular a holographic data memory, is formed by one or more memory cells, which are memory modules. The memory modules are preferably prefabricated and inserted into one or more recesses of the data carrier or the data carrier card after the completion of the data carrier or the data carrier card, in particular a aforementioned chip card.

According to a preferred embodiment of the invention, it is provided that the one or more holographic memory modules are inserted into a cavity of the data carrier or the data carrier card, the shape and / or dimensions of which are similar to, or even identical to, the known cavity for receiving a known chip module ,

If the holographic memory module is to be operated in transmission, care must be taken to ensure that transparent layers are only provided in the data carrier or in the data carrier card under the memory module for the laser radiation.

If, on the other hand, the holographic memory module is operated in reflection, care must be taken that a layer reflecting the laser radiation is provided under the memory module in the holographic memory module or in the data carrier or in the data carrier card.

In a preferred embodiment of the invention, the optical data storage, which is preferably on a card body is arranged, medical and personal data of a patient is stored. In the optical data memory of such a patient data card, for example, X-ray images and the patient's medical history, which can be several 10 Mbytes in size, can be optically stored. The patient data card makes it easier for the attending doctor to diagnose and further treat the patient to whom the card in question is assigned.

According to a further advantageous embodiment of the invention, in particular data is stored in the optical data memory, which is preferably provided on a card body, the storage of which requires a storage medium with a high storage capacity (memory card). Such data are particularly important when storing multimedia files. Such data can be, for example, so-called MP3 files, such as MP3 music files in particular

MPEG video files that have been downloaded from the Internet, for example. The files of such a memory card can then be played back, for example, by a corresponding, in particular portable, playback device.

In a further preferred embodiment of the invention, a conventional SIM card for the mobile phone, which has a SIM chip module, is provided with an optical data memory. The data stored in the optical data memory of such a SIM card can be, for example, the data of a database and / or a geographical information system and / or (image) data of the cardholder, such as a passport photo of the authorized cardholder. A data carrier according to the invention, such as in particular a data carrier card with a conventional SIM module and an optical data memory according to the invention, could, for example, replace the conventional SIM card of a cell phone. When using a mobile phone with a location detection device, such as a GPS, the user can then Module, a geographic information system can be made available for orientation, such as a car navigation system.

Another essential aspect of the invention is to store the key used to encrypt the data on the data carrier in encrypted or unencrypted form. In a preferred embodiment of the invention, in which the data carrier is a conventional data carrier card with a chip module implemented in it, the key is stored in a non-volatile memory of the chip module. The conventional chip module has a sequence-controlled microprocessor which controls access to the non-volatile memory of the chip module and, according to the invention, to the key stored in the non-volatile memory.

In an alternative or supplementary embodiment of the invention, provision can be made for the key to be stored, inserted or applied in encrypted or unencrypted form and / or in machine-readable form on the data carrier or the optical data memory.

In a preferred embodiment of the invention, the data are read out in the optical memory in that the data stored in encrypted form in the optical memory is read out in whole or in part by an external writing and / or reading device, the writing and / or reading device read data via a contactless or contact interface to a microprocessor or an integrated circuit of the data carrier, on the microprocessor using a cryptographic method and at least one key stored there, the data is decrypted, the decrypted data via the contactless or contact interface are transmitted back to the writing and / or reading device, and the decrypted data in the Writing and / or reading device or another device are available for further use.

The data is written to the optical memory in the reverse order, with the data being encrypted by the microprocessor of the data carrier.

The complete decryption of the data by the microprocessor provides a very high level of security against spying on the secret key, since the key does not have to be read out of the microprocessor or cannot be read out at all. The microprocessor represents the interface and decryption device, via which the encrypted data of the optical memory can be read out.

Another important aspect of the invention is that a

Data is exchanged between the external writing and / or reading device, such as in particular a terminal, and the data carrier, the microprocessor or integrated circuit carries out an authentication check of the external writing and / or reading device, and the integrated circuit after a positive authentication check of the

Writing and / or reading device enables storage and / or reading out of the encrypted data contained in the optical memory by the writing and / or reading device.

In a preferred embodiment of the invention it is provided that the storage and / or reading of the data takes place only after the correct entry of a personal identification number (PIN) of the authorized owner of the data carrier or the like, such as a biometric feature. The basis for a biometric method is to find a physiological or behavior-based characteristic of a person, which has a unique, individual character and can thus clearly identify the person. As physiological biometric methods are known among other things fingerprint, face and iris recognition. Among other things, signature and voice recognition are used as behavior-based methods.

In a particularly preferred embodiment of the invention it is provided that the key with which the data stored on the optical data memory is encrypted varies from data carrier to data carrier. The key can be, for example, a personal key of the authorized owner of the data carrier, such as B. the personal identification number (PIN) or the digital signature of the authorized owner.

If the data of the optical memory are in CD / DVD / MO format, they are stored or read out by a CD / DVD / MO writing and / or reading device. The data in the microprocessor of the data carrier can be stored or read in a known manner by means of a contactless or contact-type chip card reader.

In another preferred embodiment of the invention, contact-based communication between the microprocessor and a chip card reader is provided, the encrypted data in the optical memory being read out by the CD / DVD / MO reader and loaded into a buffer. The rotation of the data carrier card in the CD / DVD / MO reading device is then stopped in a defined manner. A contacting unit of the chip card reader in the CD / DVD / MO reading device moves onto corresponding contact surfaces of the chip card, the encrypted data in the buffer being transferred to the microprocessor via the contact-based interface, which decrypts it. The decrypted data is then transferred to the buffer in the CD / DVD / MO reader via the contact interface and is available there for further use. Another embodiment provides that the encrypted data is read from the optical memory by the CD / DVD / MO reading device and loaded into a buffer. The data card is removed from the CD / DVD / MO reading device and inserted into an external chip card reader, whereupon the cached, encrypted data are transferred from the buffer to the chip card reader and from there to the microprocessor, where they are decrypted and vice versa are transferred to the buffer for further use.

By using a contact-based interface, data stored on the microprocessor, in particular generally accessible, unencrypted data, can be read out by a conventional card reader (downward compatibility).

Data on the optical memory (e.g. CD-ROM, CD-R, CD-RW, DVDROM, DVD-R, DVD-RW, DVR-red, DVR-blue)) can be accessed as far as possible using a conventional CD or DVD player be read out. In the case of encrypted data, the entire communication and decryption of the data takes place via the microprocessor.

The invention is explained in more detail below on the basis of schematic drawings, which are not necessarily to scale, the same reference symbols denoting identical or equivalent parts. It shows:

Figure 1: a data carrier card with an optical storage layer in

DVD format - in top view; FIG. 2: flow diagram for a first method for writing or reading data into / from the data carrier card;

FIG. 3: flow diagram for a further method for writing or

Reading data into / from the data carrier card; Figure 4: a data carrier card with a holographic

Storage layer - in top view; 5 shows the data carrier card of FIG. I in cross section along the line

A - A;

FIG. 1 shows a card-shaped data carrier 1 with a microprocessor chip 2 (chip module) which has contact areas 6 which are arranged in a standardized arrangement with respect to the reference edges of the data carrier 1. On the larger free area next to the chip module 2, an optical storage area 3 is arranged approximately centrally to this area, which is formed from a spiral data track in the manner of a CD or DVD arrangement. In order to achieve the largest possible storage capacity of the optical memory 3, the center of this memory area lies approximately in the middle in the free area of the data carrier and the edge of the optical memory 3 extends up to close to the card edges. The center of the optical storage area 3 is formed by a receiving opening 5, which makes it possible to insert the data carrier into a conventional CD or DVD drive and to read data from the optical storage device. The diameter of the memory area 3 is slightly smaller than the card width and is, for example, 45 mm, so that about 4 mm of free space to the adjacent card edges and to the adjacent circuit contacts 6 as usable space for the arrangement and positioning of a contact-type reading device for reading out the data in the chip module 2 remains.

In addition to the contact-type interface formed by the contacts 6, the chip module 2 also has a contactless interface for communication with the outside world, which interface is formed by a coil or antenna arrangement 4, which allows wireless communication with a corresponding transponder (reading device). Encrypted data are preferably stored in the optical storage area 3 and can only be decrypted using a corresponding cryptographic method using a secret key. The key and the necessary cryptographic method are stored in the chip module 2, the decryption of the data stored in the optical memory only being possible by the chip module 2. The same applies to the encryption of data to be stored in the optical memory 3.

In a further embodiment, the data carrier 1 can also have a second segment, which can preferably be separated manually from the first segment, which has the optical data memory 3. The chip module 2 with the microprocessor can have this second segment and can be inserted into the external card reader for decryption or encryption. In this way it is possible to opt

Data memories remain in the reader or writer during decryption or encryption. Such a data carrier is described in the published patent application DE 199 43 092 A1.

Figure 2 shows the flow diagram for the encryption or

Decryption of the data of the optical data memory 3. In order to encrypt or write encrypted data to the optical data memory 3, the user is authenticated in a first step with respect to the microprocessor 2 (crypto processor) on the card 1. In return, the crypto processor 2 authenticates itself to the user. Such a method can be carried out, for example, using the known challenge-response method. This is done using a verification device 16, which is preferably implemented as software.

After successful authentication, the unencrypted data to be stored, for example from a personal computer 12 into a Transfer buffer 14 of the CD / DVD / MO drive 10. The contactless interface 17 then sends this temporarily stored unencrypted data (or even while reading the unencrypted data) to the crypto processor 2, which then encrypts the data. In general, a symmetrical encryption method, such as DES or IDEA, is used because symmetrical methods allow much higher data throughput rates than asymmetrical methods. However, the invention is not limited to the use of symmetrical methods, rather asymmetrical methods, such as. B. Use RSA and ECM procedures.

The now encrypted data is in turn transmitted through the transponder 17, i.e. the wireless interface, sent to a further buffer 13 in the CD / DVD / MO drive 10. With this encrypted data, the optical data memory 3 of the data carrier 1 can now be written in a known manner.

The reading of the data from the optical data memory 3 takes place, likewise after a previous mutual authentication between the user and the crypto processor, in the reverse order.

The data are read from the CD / DVD / MO drive 10 in encrypted form from the optical memory 3 and stored in the intermediate memory 13. From here, the encrypted data is sent via the contactless interface 17 of the chip card reader 11 to the crypto processor 2, which receives it via the antenna 4, and is decrypted there using the existing key. The decrypted data are transferred back to the buffer memory 14 via the contactless interface 17 and can be read out there by the personal computer 12 for further use. The flowchart of secure data storage with the aid of the crypto processor 2 on the chip card 1 shown in FIG. 2 presupposes that the CD / DVD / MO drive 10 must be expanded by a contactless card interface.

This does not necessarily have to be the case. The transponder 18 can also be located outside the CD / DVD / MO drive 10 and receive the encrypted data from the output of the CD / DVD / MO drive 10. This method is shown in Figure 3.

A buffer 13, 14 is then also required for the external transponder 18 for the temporary storage of the data read, encrypted or decrypted by the CD / DVD / MO drive 10. This buffer 13, 14 can, as shown in FIG. 3, be implemented within a personal computer 12 for further processing of the data. However, it is also conceivable that the buffer is located within the contactless card reader 11 (not shown).

These accessories, i.e. Transponders 18 and buffers 13, 14 make it possible to ensure the secure exchange of data with the data card 1 without further interventions in the CD / DVD / MO player.

In another embodiment of the invention, because of the limited data transfer rate, the contactless interface can also be replaced by a contact-based interface which is based on the

Data carrier 1 contacts existing contact areas 6 (Figure 1). The encryption and decryption of large amounts of data in the crypto processor 2 of a chip card 1 is limited by the contactless interface, for example in accordance with the relevant ISO / IEC series of standards 10536, 14443 and 15693. The data transfer rate can be increased significantly through a contact-based interface. A fast serial interface, for example the well-known USB interface (Universal Serial Bus), is particularly suitable for this. For this purpose, a USB interface can be established via two unoccupied contact areas 6 on the chip module 2, which works, for example, with 40 Mbit / s data transfer. The required hardware and software is contained in the microprocessor 2.

In order to read the optical data memory 3 on the card 1 and to perform the encryption or decryption of the data by the microprocessor 2 via a contact-based interface 6, two different embodiments are possible.

First of all, the encrypted data must be read out from the optical memory 3 of the data carrier 1 and loaded into a buffer. This is done using a CD / DVD / MO drive.

In a first embodiment, an integrated contact-type chip card terminal is provided in the CD / DVD / MO drive. After reading out the data from the optical storage area 3 of the card 1, the rotation of the data carrier card in the CD / DVD / MO drive is stopped in a defined manner.

A contacting unit of the chip card reader drives in the CD / DVD / MO drive on the contact surfaces 6 of the chip card 1. The data is now transferred, for example via USB, to the crypto processor 2 on the card 1, which transfers it at a high data rate, eg 6.4 Mbit s (Hardware DES), decrypted. The decrypted data is in turn transferred via USB to the buffer in the CD / DVD / MO drive and is available there for further use, for example in a personal computer. In a second embodiment, a chip card terminal with USB connection external to the CD / DVD / MO drive is provided.

The encrypted data are read from the optical memory 3 of the card 1 in the CD / DVD / MO drive and e.g. transferred to a personal computer, where they are cached. It is important that no changes to the CD / DVD / MO drive are necessary, but that a commercially available CD / DVD / MO drive can be used.

The data card 1 can now be removed from the CD / DVD / MO drive and inserted into the external chip card terminal. The temporarily stored, encrypted data are transferred from the PC to the chip card terminal and from there to the crypto processor 2 of card 1. There the data is decrypted and transferred back to the PC in the opposite way for further use.

The advantages of the two configurations described above are that the data carrier card 1 does not necessarily require a contactless interface for data transmission between the writing and / or reading device and the microprocessor, which means a cost saving.

Furthermore, there is a time saving in data transfer with both contact-based methods, since the contact-based interface works very quickly.

In all of the above methods, it is necessary to rotate a chip card 1 according to the ISO standard in a CD / DVD / MO drive. Since the axis of rotation is not in the middle of the data carrier card 1, an imbalance inevitably arises when the card rotates, which must be compensated for. To enable error-free data transmission and that

To avoid damaging the drive, the center of gravity of the data card must lie in the axis of rotation. A simple embodiment provides that a counterweight in the form of a clip is attached to the short side of the card in order to increase the weight there.

Another possibility is to position the receiving opening in the card for engaging the spindle of the CD / DVD / MO drive so that the corners of the card opposite the opening with the outer edge of the CD / DVD / MO receiving opening to match. This means that the card always lies on the outer edge of the receiving opening, at least at the corners.

However, appropriate measures can be taken to avoid the imbalance directly during card production. For example, "Balance weights" can already be laminated into card 1.

Furthermore, e.g. an adapter can be used, which in addition to the center of gravity of the card also has a thickness of 0.76 mm to the standard thickness. Adapted 1.2 mm for DVD or CD. Such an adapter is known from WO 01/04905 A1.

FIG. 4 shows a top view of a data carrier card 100 with holographic memory 103. The data carrier card 100 has a card body 101, a chip module 102 and one or more holographic memory cells 103, of which only a single memory cell 103 is shown in FIG. 4 for the sake of clarity. In the case of several holographic memory cells 103, these can be provided, for example, regularly or irregularly over the card surface, preferably in unprinted areas of the card surface.

The chip module 102 can in particular be a conventional chip module that is implemented in a card body. A conventional one is preferred in the data carrier card 100 according to the invention Microprocessor chip module implemented. The microprocessor chip module has, in particular, a sequence-controlled microprocessor and a non-volatile memory, in which the (data) key with which the data stored in encrypted form in the holographic memory cell 103 has been encrypted is stored. The key is preferably accessed under the (sole) control of the sequence-controlled microprocessor. The microprocessor preferably causes the key to be transmitted to a writing and / or reading device after it has been released by the microprocessor during a

Authentication process has been found to be genuine or as authorized to decrypt the data encrypted in the holographic memory cell 103. The writing and / or reading device can be, for example, a terminal. It can further be provided that the microprocessor only initiates the transmission of the key to the writing and / or reading device when the microprocessor has the correct personal identification number (PIN) of the authorized cardholder or the like, e.g. B. after an input via the writing and / or reading device has been transmitted.

FIG. 5 shows the data carrier card 100 in cross section along the line A - A. The data carrier card 100 consists at least along the line A - A of a transparent, largely scratch-resistant film or coating 104, preferably of PMMA, a first transparent film of polycarbonate 105 located above it , a second transparent film made of polycarbonate 105, a plastic film 106 above, which is coated with a photopolymer 107, and a further transparent, largely scratch-resistant film or coating 104, preferably again made of PMMA. The largely scratch-resistant film 104 preferably has a thickness of approximately 100 μm, the transparent films made of polycarbonate 105 each have a thickness of approximately 200 μm and the plastic film 106 coated with a photopolymer 107 has a thickness of approximately 300 to 500 μm. It goes without saying that this is only an example of a possible design.

Data is stored with the aid of a suitable writing device which uses laser radiation to insert data into the photopolymer 107. A major difference to CD, DVD or MO memories is that the data carrier does not have to be rotated to save and read out the data.

The writing device uses a laser beam to store the data, which is divided into a signal beam 108 and a reference beam 109. The data to be stored are impressed on the signal beam 108 in the form of a pattern by a suitable modulator (not shown). If the reference beam and the signal beam strike the holographic storage layer or the photopolymer 107 and are superimposed there, they generate an interference pattern (not shown) representing the data to be stored there. The alignment of the molecular dipoles in the storage layer 107 changes their refractive index, and an optical grating is formed in the storage layer which reproduces the interference pattern and thus ultimately the data to be stored. If such an optical grating is irradiated with the above-mentioned 10 reference steel 108, the bit pattern of the data 110 to be stored and thus the stored data stored in the optical grating can be reconstructed and made available in electronic form.

If the angle and / or the phase position of the laser reference beam is varied (multiplexing), the optical can be in different planes Storage layer 107 store data and read it from it via a corresponding laser reference beam 109.

The holographic storage layers shown in FIGS. 4 and 5 are operated in transmission. It goes without saying that the embodiments of the invention shown in FIGS. 1 to 4 can be modified such that a reflective layer is provided under the holographic memory layer if the holographic memory layers shown are to be operated in reflection.

LIST OF REFERENCE NUMBERS

1 disk card

2 Chip module 3 Optical storage area (CD / DVD / MO format)

4 coil, antenna

5 receiving opening

6 contact surfaces

10 Modified DVD / CD drive

11 chip card readers (contactless, transponder)

12 personal computers

13 buffers

14 buffers 15 software

16 verification device

17 chip card readers (contactless)

18 chip card readers (contactless, additional device)

100 data carrier card with a holographic memory layer

101 card body,

102 chip module

103 holographic memory cell

104 transparent, largely scratch-resistant film or coating 105 transparent film made of plastic, e.g. B.PC, PET, PVC or ABS

106 plastic film coated with a photopolymer 107

107 holographic storage layer or photopolymer

108 signal beam

109 reference beam 110 reconstructed stored data

Claims

 claims 1. A method for storing encrypted data on and / or in a card-shaped data carrier (1; 100), characterized in that the data, such as image, sound or text data, in a first step with at least one cryptographic key and one cryptographic method or algorithm is encrypted and the data encrypted in this way are stored in an optical memory (3; 103) of the data carrier, and that the at least one cryptographic key is in a second step in a non-volatile memory of a microprocessor (2; 102) provided in or on the data carrier ) or integrated circuit is stored in encrypted or unencrypted form. 2. Method for reading out, at least partially encrypted, data stored in an optical memory of a card-shaped data carrier, characterized in that the data stored in encrypted form in the optical memory (3; 103) is wholly or partly by an external writing and / or reading device ( 10; 1 1; 109) that the writing and / or reading device transfers the read data to a via a contactless or contact interface (4; 6) The microprocessor (2; 102) or an integrated circuit of the data carrier transmits that the data is decrypted on the microprocessor using a cryptographic method and at least one key stored there, that the decrypted data is transmitted via the contactless or contact-based interface (4; 6) back to the writing and / or Read device are transmitted, and the decrypted data in the writing and / or reading device or another device are ready for further use. 3. The method according to claim 2, characterized in that a Storage of data in the optical memory (3; 103) takes place in reverse order. 4. The method according to any one of claims 1 to 3, characterized in that the cryptographic method is stored in the non-volatile memory of the microprocessor (2; 102) and is executed in the microprocessor. 5. The method according to any one of claims 1 to 4, characterized in that an IDEA as a cryptographic method Method or DES method is used. 6. The method according to any one of claims 1 to 4, characterized in that a data exchange between the external write and / or Reading device (11, 17), such as in particular a terminal, and the data carrier (1; 100) takes place, the microprocessor or integrated circuit (2; 102) performing an authentication check of the external writing and / or reading device, and the integrated circuit (2 ; 102) after a positive course Authentication check of the writing and / or reading device enables storage and / or reading of the encrypted data contained in the optical memory (3; 103) by the writing and / or reading device (10; 109). Method according to one of claims 1 to 6, characterized in that the storage and / or reading of the data only after the correct entry of a personal identification number, such as the so-called PIN, of the authorized holder of the data carrier or the like, such as, for example, a biometric feature. 8. The method according to any one of claims 1 to 7, characterized in that the data of the optical memory (3) via a CD / DVD / MO writing and / or reading device (10) are stored or read out. 9. The method according to any one of claims 1 to 7, characterized in that the data in the microprocessor (2; 102) of the data carrier is stored or read out by a contactless or contact-type chip card reader (11; 17; 18). 10. The method according to any one of claims 1 to 9, characterized in that the encrypted data in the optical memory (3) by the CD / DVD / MO reading device (10) read out and loaded into a buffer (13) that the rotation of the data carrier card (1) in the CD / DVD Reading device (10) is stopped in a defined manner that a contacting unit of the chip card reader in the CD / DVD / MO reading device (10) moves onto corresponding contact surfaces (6) of the chip card, that the encrypted data is sent to the microprocessor (2) via the contact-based interface. are transferred, which decrypts them, and that the decrypted data is transferred via the contact interface (6) to the buffer (14) in the CD / DVD / MO reader (10) and is available there for further use. 11. The method according to any one of claims 1 to 9, characterized in that the encrypted data from the optical memory (3) by the CD / DVD / MO reading device (10) are read out and loaded into a buffer (13), that the data carrier card (1) is removed from the CD / DVD / MO reading device (10) and inserted into an external chip card reader is that the temporarily stored, encrypted data are transferred from the buffer to the chip card reader and from there to the microprocessor (2), where they are decrypted and transferred back to the buffer (14) in the opposite way for further use. 12. The method according to any one of claims 1 to 11, characterized in that the data stored in the optical memory (3; 103) in encrypted form in unencrypted, visually readable and / or in machine-readable form on and / or in the data carrier (1; 100 ) and / or in the integrated circuit (2; 102). 13. The method according to claim 11, characterized in that a comparison between the unencrypted data and the data read out and decrypted from the optical memory (3; 103) by the control person and / or by a machine control device, eg. B. is carried out by a pattern comparison. 14. Data carrier (1; 100), in particular for carrying out a method according to one of claims 1 to 13, which comprises: an optical data memory (3; 103) inserted on or in the data carrier, a microprocessor provided on or in the data carrier with a integrated non-volatile memory (2; 102) or integrated Circuit for storing and / or processing data, and means (4; 6) provided on or in the data carrier for contactless and contact-based data exchange between the microprocessor (2; 102) and at least one external writing and / or reading device (11; 17). 15. Data carrier according to claim 14, characterized in that encrypted and / or unencrypted data are stored in the optical storage element (3; 103). 16. Data carrier according to one of claims 14 or 15, characterized in that the optical storage element (3; 103) is partially applied to and / or introduced into the data carrier (1; 100). 17. Data carrier according to one of claims 14 to 16, characterized in that the stored in the microprocessor (2; 102) Key largely varies from disk to disk and / or that the key is a personal key of the authorized owner of the disk, such as. B. a digital signature of the authorized owner of the data carrier. 18. Data carrier according to one of claims 14 to 17, characterized in that the data carrier (1; 100) is a sequence-controlled microprocessor chip card, the microprocessor decrypting the encrypted data using the key. 19. Data carrier according to one of claims 14 to 18, characterized in that the microprocessor (2; 102) is preferably provided with a sequence-controlled microprocessor which controls access to a memory of the chip module, and the memory preferably stores the key. 20. Data carrier according to one of claims 14 to 19, characterized in that the optical data memory (3) is a data memory according to the CD (for example CD-ROM, CD-R, CD-RW) or DVD (for example DVD-ROM, DVD -R, DVD-RW, DVR-red, DVR-blue) standard or MO memory. 21. Data carrier according to one of claims 14 to 20, characterized in that the optical data memory is formed by a holographic memory element (103). 22. A data carrier according to claim 21, characterized in that the holographic memory (103) is formed by a photorefractive crystal, a liquid crystal, a laser-sensitive lacquer layer or a photopolymer or a polymer photosensitive to laser radiation. 23. Data carrier according to one of claims 14 to 22, characterized in that the optical data memory (3; 103) is formed by one or more memory cells which are arranged distributed over the surface or card surface of the data carrier (1; 100). 24. Data carrier according to one of claims 14 to 23, characterized in that the one or more optical memory modules (3; 103) are applied to the data carrier (1) and / or are inserted into a recess provided in the data carrier (100). 25. Data carrier according to one of claims 14 to 24, characterized in that the contactless interface (4; 6) is designed in accordance with the relevant ISO / IEC series of standards 10536, 14443 and 15693. 26. Data carrier according to one of claims 14 to 25, characterized in that the contact interface (6) is a fast serial interface, in particular a USB interface. 27. Data carrier according to one of claims 14 to 26, characterized in that the center of gravity of the data carrier (1) lies in the axis of rotation, which is defined by a receiving opening (5) in the data carrier. 28. Data carrier according to one of claims 14 to 26, characterized in that a counterweight in the form of a clip is attached to the short side of the data carrier (1) closest to the receiving opening (5). 29. Data carrier according to one of claims 14 to 26, characterized in that the receiving opening (5) in the data carrier (1) is positioned such that the corners of the data carrier opposite the receiving opening with the outer edge of the receiving opening of a CD / DVD / MO -Player match. 30. Data carrier according to one of claims 14 to 26, characterized in that counterweights are laminated into the data carrier (1). 31. Data carrier according to one of claims 14 to 30, characterized in that the microprocessor (2; 102) and / or an application software stored therein for carrying out the method according to one of the preceding claims has been modified. 32. Writing and / or reading device, in particular a terminal, for carrying out the method according to one of claims 1 to 13, characterized in that that it comprises a first device (10; 109) for writing and / or reading data from an optical memory (3; 103) of a data carrier (1; 100), and a second device (11; 17; 18) for writing and / or reading data from an integrated circuit (2; 102) of the data carrier (1; 100), which has means for communication with the integrated circuit (2; 102) via a contactless and / or contact interface (4; 6). 33. Writing and / or reading device according to claim 32, characterized in that the first and second means are arranged separately from one another. 34. Writing and / or reading device according to claim 32 or 33, characterized in that the first or the second device one Buffer (13; 14) for storing the encrypted or already decrypted data read out from the optical memory (3; 103). 35. Writing and / or reading device according to one of claims 32 to 34, characterized in that the contactless interface (4; 6)) is designed in accordance with the relevant ISO / IEC series of standards 10536, 14443 and 15693. 36. Writing and / or reading device according to one of claims 32 to 34, characterized in that the contact interface (6) is a fast serial interface, in particular a USB interface. 37. Writing and / or reading device according to one of claims 32 to 36, characterized in that the writing and / or reading device (10; 11; 17; 18) and / or an application software stored therein to carry out the method according to any one of the preceding claims. has been modified.