CA1156761A - System for authenticating users and devices in on- line transaction networks - Google Patents
System for authenticating users and devices in on- line transaction networksInfo
- Publication number
- CA1156761A CA1156761A CA000371323A CA371323A CA1156761A CA 1156761 A CA1156761 A CA 1156761A CA 000371323 A CA000371323 A CA 000371323A CA 371323 A CA371323 A CA 371323A CA 1156761 A CA1156761 A CA 1156761A
- Authority
- CA
- Canada
- Prior art keywords
- key
- transaction
- terminal
- data
- working key
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3829—Payment protocols; Details thereof insuring higher security of transaction involving key management
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/02—Payment architectures, schemes or protocols involving a neutral party, e.g. certification authority, notary or trusted third party [TTP]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/08—Payment architectures
- G06Q20/10—Payment architectures specially adapted for electronic funds transfer [EFT] systems; specially adapted for home banking systems
- G06Q20/108—Remote banking, e.g. home banking
- G06Q20/1085—Remote banking, e.g. home banking involving automatic teller machines [ATMs]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/385—Payment protocols; Details thereof using an alias or single-use codes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/401—Transaction verification
- G06Q20/4012—Verifying personal identification numbers [PIN]
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F7/00—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
- G07F7/08—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
- G07F7/10—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
- G07F7/1016—Devices or methods for securing the PIN and other transaction-data, e.g. by encryption
Abstract
A System for Authenticating Users and Devices in On-Line Transaction Networks Abstract A method for efficiently protecting transactions and providing authentication of users and devices in on-line systems that transfer funds electronically, dispense cash, or provide a good or permit a service to be utilized is provided. The transaction may be initiated by a magnetic-striped plastic card at an attended or unattended terminal (10, 11, 12) and requires the entry of a preassigned Personal Identification Number through a keyboard (20). The Personal Identifi-cation Number is encrypted (23) more than once at the terminal and other means are used in order to prevent the utilization of certain tapped-line data. The data required to validate and authorize the transaction is transmitted securely to a centralized computer (14) which accesses from its stored data base (15) the data that is required to decrypt and validate the trans-action, including the encrypted Personal Identification Number corresponding to the received transaction data.
A secret Terminal Master Key must be maintained securely at each terminal and may differ at each terminal. A list of such Terminal Master Keys and other secret data must be securely maintained at the-centralized computer. Means for multiple-encryptions and decryptions in a predetermined way must also be maintained at each terminal and at the centralized computer. Means (34) are provided for securely returning a response to the terminal at which the trans-action was initiated to authorize or reject the requested transaction. These functions are accomplished in a way that permits efficient utilization of data communications lines and reduces or eliminate perpe-tration of fraud by any of various means.
A secret Terminal Master Key must be maintained securely at each terminal and may differ at each terminal. A list of such Terminal Master Keys and other secret data must be securely maintained at the-centralized computer. Means for multiple-encryptions and decryptions in a predetermined way must also be maintained at each terminal and at the centralized computer. Means (34) are provided for securely returning a response to the terminal at which the trans-action was initiated to authorize or reject the requested transaction. These functions are accomplished in a way that permits efficient utilization of data communications lines and reduces or eliminate perpe-tration of fraud by any of various means.
Description
~1567~
A ~X~stem IC"- Authentica ~ sers and Devices in On-Line Transaction Networks _ _ , Backyround of Invention 1. Field of the Inv--ltion This invention r-~lates to the secure generation and transmission of 'Lransaction Request Messages and Responses in on-line Electronic Funds Transfer and other types of networhs consisting of remote terminals in communication with a central data base containing encrypted data used in the validation or authentication process or similar networks used to transfer funds and that provide for, in addition to transferring funds, dispensing cash, paying bills, making deposits, dispensing a good or permitting utilization of a service.
A ~X~stem IC"- Authentica ~ sers and Devices in On-Line Transaction Networks _ _ , Backyround of Invention 1. Field of the Inv--ltion This invention r-~lates to the secure generation and transmission of 'Lransaction Request Messages and Responses in on-line Electronic Funds Transfer and other types of networhs consisting of remote terminals in communication with a central data base containing encrypted data used in the validation or authentication process or similar networks used to transfer funds and that provide for, in addition to transferring funds, dispensing cash, paying bills, making deposits, dispensing a good or permitting utilization of a service.
2. History of the Prior Art Both on-line and off-line computer networks and systems have been developed for executing user initiated or requested financial transactions for reasons of public convenience and economy. One example is a cash dispensing machine. Such a machine may be activated by use of an appropriately coded check or other negotiable instrument, or a plastic credit, debit or identification card, and dispenses the requested amount of cash if the request seems valid to the authenticating means in the cash dispensing device.
One type of on-line system stores account information in a central data base to which the remote terminals are connected by data communication lines. In response lo submission of specified informa-tion from a remote te^minal, such as account number, ~ "
1 1S67~1 amount of sale or amount requested, merchant identifi- ;
cation if a sale, and secret information related to the cardholder, the system searches the account files to obtain data that may indicate that the transaction should be approved or denied. Such information may 5 include date of last use, amount of credit if a credit transaction, balance in account, whether a card has been lost, stolen or has expired. If the transaction is approved, the system adjusts the account information appropriately after the transaction is completed. As the art prosressed, terminals with increased functions were provided that permitted more functions to be performed than dispensing cash or effecting a purchase.
For instance, financial institutions, to reduce peak loads and to extend their services during times of business closure, permit the transfer of funds between accounts, accept payments for utilities or for loan balances, accept deposits, and provide for advances to be charged to valid credit cards. These devices typically include a plastic card reading mechanism, a keyboard, a display, document entry and exit apertures and may be connected to a data base or operate as a stand-alone device. Due to the increased functions permitted, the exposure to fraud increased, so that secret numbers (Personal Identification Numbers) were issued to cardholders to reduce the exposure. The Personal Identification Number entered on the keyboard by the cardholder must either compare directly with the number encoded on the magnetic stripe of the plastic card or some correspondence, that may depend on encryption, must exist between the Personal Identifica-tion Number and the number encoded on the magnetic stripe. Otherwise, the transaction is not enabled on the presumption that the card was either lost or stolen.
This method may be used by stand-alone devices or devjces connected to a central d3,a base.
The use of a Personal Identification Number improved the security of such systems but still left some means available for fraud and had other dis-advantages. ~he problem of secure issue of PersonalIdentification Numbers arose. The use of on-line files with lists of Personal Identification Numbers may g~ c~ y~s permit unauthorized access to the files by e~ yes for purpose of obtaining what is supposed to be secret information. With such information, duplicate or counterfeit cards can easily be manufactured to perpetrate fraud. Several different approaches were taken to overcome the disadvantages. One approach, to avoid the use of on-line files and to overcome the supposed cost and complexity of on-line systems, was to try to ïmprove the security of stand-alone use. As a result, special plastic cards with material laminated into the card, pasted onto the card, holes punched into or onto the card as a security measure, were devised, none of which was effective by itself.
Another approach was to encrypt the Personal Identification Number stored in the account records, which is effective, provided appropriate additional security measures are instituted. Encryption may not be effective with stand-alone devices because of access required by maintenance personnel and for replenishing the cash supply or other servicing, thereby exposing the encryption key to simple means of compromise. Encrypting only the secret information in the central account records is not effective since the secret information must also be entered at a remote terminal to initiate a transaction and be transmitted, usually by means of utility communication lines, to the centralized computer, thereby becoming ~ ~67~
subject to monitoring by person or persons unknown.
The transmission therefore must also be encrypted, which is effective but may still p--rmit someone who can break the code access to the list of correspond-ence between account information and Personal Indenti-fication Numbers by monitoring these transmissions.
An additional shortcoming is the generation, by a sophisticated penetrator, of spùrious transactions to fraudulently transfer funds within data base accounts.
As a result, the previous methods of validating the secret number at a centrallzed data processor provide protection against casual fraud but may not provide adequate protection against a penetrator having knowledge of, and perhaps, access to, current data processing equipment or systems. Alternatively, those methods that seem to provide an adequate level of security also seem quite costly due to the need for utilizing high-cost data communication lines for multiple transmissions for validation of each trans-action and for transmission in a secure way of the required enciphering keys, rather than relying on a single Transaction Request Message, a single Response and an acknowledgement or some minimum number of transmissions per transactions.
There has evolved within the same time frame networ~ks other than the proprietary networks that a single financial institution may deploy to service its customers. Financial Institutions may decide to share networks or to interchange transactions in order to provide better service. There are national networksdeveloped by Bank Cards to service many financial institutions that may aggregate millions of accounts and millions of transactions per dav. Although each transaction may be small, the aggregate dollar volume 1 15S7~l transferred per day is substantial. In addition, there ,~
are the semi-official clearing house systems an~ the networks used by Federal Financial Agencies to ~ransfer billions of dollars of funds daily and that imp~ct the financial structure of the country. The methods used by some of the large financial institution networks to provide security are so simplistic, they may easily be defeated by a knowledgeable person, as occasional news-paper headlines attest.
10What has been lacking until now is a procedure, method or system that integrates the validation and authentication of the plastic card, cardholder, terminal or other device used to initiate transactions, render ineffective wiretap data, that does not require unencrypted Personal Identification Numbers to be processed, that efficiently uses costly data communica-tion lines by minimizing transmissions and is adaptable to the requirements of different types of on-line networks.
Summary of Invention A syst-em in àccordance with the present invention consists of a means for multiply-enciphering secret and other data in a predetermined way at a remote terminal or a computer connected by communication lines to a computer, said enciphering to provide authentication of the card, cardholder, terminal or other device, and to provide security against intrusion by wiretapping in a way that maximizes utilization of communication lines.
The secret data may be entered on a keyboard by an authorized cardholder together with other data that may be required to complete the transaction. The secret and other data, and data internal to the remote terminal or computer,are multiply-enciphered in a ~ ~5B761 -6- !
predetermined way using a secret Terminal Master Key stored in the terminal or computer, initially to generate a Working Key that is used only to encipher the Transaction Request Message that is generated within the 5 terminal or computer by suitable means. The Working Key is then additionally multiply-enciphered in a predetermined way using the secret Terminal Master Key to generate a Transmitted Key that is appended to the Transaction Request Message and transmitted by 10 suitable means to the computer at the centralized account data base in a way that prevents intrusion by wire tapping. At the centralized computer, the account data base is searched to find enciphered and other data corresponding to the account of the authorized 15 cardholder and the device from which the message was received, which data is used two ways. Part of the data is used to facilitate the multiple decipherments of the Transmitted Key in order to obtain the Working Key. Other parts of the data are used to validate and 20 authenticate the transaction after it has been deciphered using the Working Key and the Working Key itself has been further multiply-deciphered and in a way that provides that the enciphered data is protected from access by employees of the financial institution such 25 as programmers, systems analysts, operators and also protected from other sophisticated penetrators who may gain unauthorized access to the computer network or system. After the transaction has been validated, additional tests of an accounting nature may be performed 30 by the central computer to determine whether the Transaction Request should be approved, tests depending upon data such as balance in account, date of last use, amount withdrawn and other data. An appropriate response is generated at the centralized computer by . ~ 87S l suitable means, which response is enciphered in the same Working Key used to encipher the Transaction Request Message. This Transaction Request Response is transmitted by suitable means to the terminal or computer from which the Transaction Re~uest Mess~ge was received, where it is deciphered by suitable means using the Working Key that has been securely stored and the requested transaction is completed if approved, or an indication displayed that the transaction is not approved. After completion of the transaction, the terminal or computer may send an acknowledgement to the centralized computer indicating the type of transaction completed, as an added security measure, which acknow-ledgement may be enciphered using the same Working Key.
After the-centralized computer receives the acknowledge-ment, it updates the accounting data base and then the remote terminal or computer and the centralized computer destroy the Working Key securely by resetting the register or location in which the Working Key has been stored to prevent reuse or compromise.
Because the secret data and other data are used to generate the working key required to encipher each Transaction Request Message, each such Message will be enciphered using a different Working Key before being transmitted to the centralized computer, substantially enhancing the strength of the enciphering means andprotecting the Terminal Master Key from compromise by statistical cryptanalysis. In the preferred embodiment, there is only 1 chance in 2 to the 56th power that the same Working Key would be generated twice.
Therefore, in accordance with the present invention there is provided a system for authenticating users and devices in on-line transaction networks comprising a plurality of remote terminals in communication with a central processing unit including a data base containing encrypted data used in the authentication of the users and devices, the data being encrypted with a master key and including terminal master keys for each of the remote terminals and identification numbers for each of the users all of which are secret, the data further including -terminal identification numbers for each of the remote terminals and account numbers for each of the users, wherein each of the remote terminals is provided with means for entering an account number and an identification number of a user initiating a transaction as well as the nature of the transaction, the improvement in a method for protecting the transaction comprising the steps of: generating at a terminal a transaction request message based on the information entered at the terminal by a user initiating a transaction, using the identification number and the account number entered by the user and the terminal identification number and the terminal master key, and employing such variants as to generate a working key unique to each transaction, encrypting the transaction request message using the working key, transmitting the encrypted transaction request message, deriving the working key at the central processing unit using information derived from the transmitted message and the data base including the account number, the terminal master key and the terminal identification number, decrypting the message received at the central processing unit using the working key, - 7a -,~ ~
~J` csm/~
1 iS6761 comparing the user identification number and account number obtained by decrypting corresponding data in the data base with the data in the transaction request message to validate the transaction request message, generating a transaction request response and encrypting the transaction request response with the working key, transmitting the encrypted transaction request response to the terminal where the transaction was initiated, and decrypting the message received at the terminal using the working key and, if the transaction is approved, providing the requested service.
Brief Description of Drawings A better understanding of the invention may be had from a consideration of the following detailed - 7b -. ~
csm//,`
description considered in conjunctic~n with the accompanying drawings in which:
Figure 1 is a functional block diagram representa-tion of a typical on-line financial network in which the present invention may be implemented.
Figure 2is an operational block diagram that provides an overview of the system description of the present invention.
Figure 3 is a representation of one method of form-ing Security Parameter 1 at a terminal or computer to initiate the process of the present invention.
Figures 9j 5, 6 a~e alternative methods of forming Security Parameter 1 to suit the needs or character-istics of different types of financial, on-line networks.
Figures 7A, 7B and 7C are a detailed, operational block diagram of the overall method or process of the present invention.
Detailed Description of the Invention 1. Definitions Terminal: A device such as a Cash Dispenser, Automatic Teller Machine, Point-of-Sale device, or any of various types of computers that may be used to initiate a financial transaction.
Terminal Identification (TID): A designation of 8-8 binary digit numbers, letters or a mixture of numbers and letters that identifies a specific terminal and is embodied as an integral characteristic of the terminal.
Primary Account Number (PAN): A designation that identifies an account holder in an accounting data base.
Personal Identification Number (PIN): A variable number of digits, letters or a mixture of digits and 11~6761 g letters known only to an authorized account holder and used in the initiation and validation of on-line financial transactions. In the preferred embodiment, at least 4 characters are used as the Personal Identification ~umber. The binary designation chosen for these and other parameters may be any of those commonly used in computer processing or data communications without affecting the scope of the invention.
Card anti-counterfeiting features (CS): A
designation or identification for a magnetic-striped, plastic, size "A" card that cannot be changed without destroying the card.
Encryption or Decryption Keys: Some embodiments of the Data Encryption Standard require a secret 56 binary digit key to particularize or control the operation of the algorithm, some embodiments require that 64 secret binary digits be entered into the key register even though only 56 enter into the operation of the algorithm and the remaining 8 are odd parity binary digits, one for each 7 binary digits of the key and each parity binary digit located to the right of each 7 binary key digits. Either~of these is within the scope of the invention, as are other cryptographic systems which require or permit a secret encryption key to control or particularize the operation of the crypto-graphic algorithm.
Master Key (KMO if at a centralized computer, KMT
if at a terminal): A key used primarily or solely to encrypt and decrypt other keys.
Master Key Variants (KMl and KM2 if at a centralized computer, KMTl and KMT2 if at a terminal): A Master Key with certain specified binary digits inverted to provide a defense against specific types of penetration by an intruder. In the 56 binary digit representation, 1~S6761 KMl and KMTl, called the first variants, are equal tothe respective Master Keys with binary digits 2, 9, 16, 23, 30, 37, ~4, 51, counting left to right, inverted. Then, KM2 and I~MT2, called the second variants, are formed from the respective Master Keys by having binary digits 5, 12, 19, 26, 33, 40, 47, 54 inverted.
Working Key (WK): A key used to encrypt or decrypt a Transaction Request Message. In this invention, it differs for each transaction to provide an enhanced degree of security.
Transmitted Key: A key transmitted with a trans-action and used to provide a defense against wire tap and used to facilitate decryption.
Encrypt data Y using key X: E[X](Y) Decrypt data Y using key X: D[X](y) Encrypt under Master Key:
E[KMO] (Key) at centralized computer;
E[KMT] (Key) at terminal.
Decrypt under Master Key:
D[KMO] (Key) at a centralized computer;
D[KMT] (Key) at a terminal.
Reencrypt from Master Key (RFMK(X,Y)): Defined as;
E[D[KMl](X)]~D[KMO](Y)).
Reencrypt to Master Key (RTMK(X,Y)): Defined as:
E[KMO](D[D[KM2](X)](Y)).
Inverse Reencr~pt from Master Key (RFMK 1(X,Z)):
Defined as; E[KMO](D[D[KMl](X)](Z)).
Inverse Reencrypt to Master Key (RTMK (X,W)):
Defined as; E[D[KM2](X)](D[KMO](W)).
Concatenation, specified by ¦¦ (Double Bar):
Joining of subfields together to form a field by juxtaposing the subfields, for instanct AB ¦¦ CD = ABCD.
~ 15157Bl 2. Description of the Preferred Embodiment Referring now to the drawings, and more particularly to Figures 1 and 2, the invention will be described in terms of a preferred embodiment. This embodiment comprises a network having cash dispensing machines, automatic teller machines or the like such as would be used by a bank or similar financial institution. It is to be expressly understood, however, that the invention has broad and general applications including, but not limited to, transferring funds, dispensing a good or permitting the utilization of a service.
A cardholder enters his magnetic striped size "A"
plastic card into an attended or unattended financial terminal 10, 11, 12, enters his Personal Identification Number and amount requested or amount of transaction on a keyboard at 20. The terminal reads the magnetic stripe and extracts the Bank Identification Number, the Primary Account Number and adds the Terminal Identifica-tion at 21. The terminal generates the Transaction Request Message at 22 and uses the Primary Account Number, the Personal Identification Number, the card anti-counterfeiting feature number and the Time field to generate Security Parameter 1, which is used with the Terminal Identification and the Terminal Master Key within the encryption means to generate the Working Key at 23 in a manner to be explained with reference to Figures 7A to 7C. The Working Key is used to encrypt the Transaction Request Message at 24 already generated. The Working Key, the terminal Identification and the Terminal Master Key are used to generate the Transmitted Key at 25 in a manner to be explained with reference to Figures 7A to 7C. The Transmitted Key is appended to the Transaction Request Message in addition to transit, routing and other control information that may be required such as an Initialization Vector 1 ~67B~
required to initialize the DES in some usages, and the complete message is transmitted to the centralized computer 14 at 26 by transmission means.
The centralized computer 14 obtains data, some of it encrypted, from the accounting data base 15 using the control information in the message header and other information and sends it all to the Security Module 13 at 27. The Security ModuIe 13 uses the Terminal Identification, the Terminal Master Key and Transmitted Key within the encryption means to obtain the Working Key at 28-in a manner to be described with reference to Figures 7A to 7C. The Working Key is used within the Security Module 13 to decrypt the Transaction Request Message at 29. The Security Module 13 uses the Working Key, the Terminal Master Key and the Terminal Identification within the encryption means to obtain Security Parameter 1 in a manner to be explained with reference to Figures 7A to 7C in order to obtain access to the Personal Identification Number and card anti-counterfeiting feature number at 30. The Security Module 13 verifies that the Personal Identification Number and card anti-counterfeiting feature number that was generated from the data in the message is the same as those values contained in the accounting data base transferred from the centralized computer by any one of several means at 31, and notifies the centralized computer 14.
The centralized computer 14 executes the remainder of the approval process at 32, generates and transmits to the Security Module 13 the appropriate response at 33. The Security Module 13 encrypts the response using the Working Key at 34, after which the response is transmitted to the terminal 10, 11 or 12 by transmission means. The terminal decrypts the response using the . t~5~76~
Working Key at 35, provides the service requested at 36, generates an acknowledgement at 37, encrypts the acknowledgement using the Working Key at 38 and transmits it to the centralized computer 14. The centralized computer 14 sends the acknowledgement to the Security Module 13 at 39. The Security Module 13 decrypts the acknowledgement using the Working Key, notifies the centralized computer 14 and destroys the Working Key at 40. The centralized computer 14 upda*es the account base 15 at 41, the terminal 10, 11 or 12 updates and writes the magnetic stripe on the plastic card if required, destroys the.Working Key at 42, completing the transaction at 43. With reference now to Figures 7A to 7C, the present invention may be implemented on a financial transaction or transfer network such as that represented in Figure 1 that contains attended or unattended terminals 10, 11, 12 or a computer 16 with transmission and encryption means and associated Security Module 17 and data base 18 connected by data communication lines to a central-ized computer with transmission means 14, encryption means 13, and with access to a centralized accounting data base 15, which may be any one of several media for storing, retrieving and changing data usually by magnetic or electromagnetic means. The accounting data stores information related to each account assigned to authorized account holders of the Financial Institu-tion. The terminals or computer may be connected to the centralized computer by any of various means familiar to those skilled in the art. In order to initiate a transaction on such a network, an authorized cardholder enters his magnetic striped, size "A"
plastic card into a card entry means at the terminal 50 as shown in Figure 7A, the texminal determines 11~6761 whether the cardholder has been requested to enter his Personal Identification Number mol-e than a fixed number of times at 51, in the pre~erred embodiment three times. If the cardholder h~.s entered his Personal Identification Number three times, the terminal retains the card at 52, indicates that the carholder must visit his Financial Institution at 53 and terminates the transaction at 54.
If the cardholder has not entered his Personal Identification Number three times, the terminal requests the cardholder to enter his Personal Identification Number on the keyboard at 55, which the cardholder does at 56, the terminal reads the magnetic stripe at 57, the terminal forms Security Parameter 1 at 58 by using part of the Primary Account Number, part of the Personal Identification Number, part of the card anti-counterfeiting number and part of the Time field as shown in Figure 6 or alternatively as shown in Figures 3, 4, 5. The terminal requests the cardholder to enter the type of transaction and the amount at 59, which the cardholder does at 60, the terminal generates the Transaction Request Message at 61. The terminal generates a Secondary Key by e.~c~ ~;~q ~eei~n ~ng~the terminal identification using the Terminal Master Key at 62:
SK.= ~[KMT](TID). (1 The terminal generates Security Parameter 2 using function Reencrypt from Master Key and operands Secondary Key and Security Parameter 1 at 63 as specified below: .
RFMK (SK,SPl) = ~[D[KMTl](SK)](D[KMT]
(SPl)) = SP2, (2) one implementation of which is shown in Table 1.
-- 1 15~76l , _ , _ _ _ __.. _ ~ _ ^ _ X~ ?~ X o~
~ _ _ _ ::C H ~ ~ X
_ ~
~ '~Z _ __ _ _ ; ^X _ _ _ E~ ~~ ~ ~0 a o .
~ _ __ _ _ _ _ _ _ _ _ _ o . ~: ~;
a E~ .
æ o P.
~Z ~ o ~ .~ 'x ~; o ~; ~
_ _ _ _ _ _ _ _ _ O 1; ~ ~ H
OH E~ E-~ E~ E~ P~ ~Ll E~
HE~ ~ ~ P~ ~ ~;
c~ ~ a a P~ ~! ~ a ~; ~ z a ~; , c æ P~ ~: ~: c~ o z ~: ~ z ~ ~; ~: ~ w ~ P. O O ~:1 E~ ~ O ~ ~1 ~ P~ O Z
. 14 O ~1 ~:1 _ _ _ ~ ~ ~0 E~ ~1 ~ C~
1~S~761 The terminal generates Working Key using function Reencrypt from Master Key and operands Secondary Key and Security Parameter 2 at 64 as specified below:
RFMK (SK,SP2) = E[D[~MTl](SK)](D[KMT]
(SP2,) = WK. (3) The terminal~ encrypts the Transaction Request Message using the Working Key at 65, as specified below:
E[WK](Transaction~ Request Message). (4) The terminal generates Security Parameter 3 using function Reencrypt to Master Key and operands Secondary Key and Working Key at 66 as specified below:
RTMK(SK, WK) = E[KMT](D[D[KMT2](SK)]
(WK)) - SP3, (5) one implementation of which is shown in Table 2 below:
1 15~;761 ~ - ~
~ H K K a H ~ a n . ~:
~ eX X ~ _ _ X _ _ ~ _ O
1::1 ~ ~K .
~; . ~ . a ~ P _ ~ _ _ ~ _ ~; ~; _ E~ Z O ~ E~ ~; E~ O E~
E~ O 0 .~ O O O 0 O
W Z ~ ~ X _ E~ E-~- r _ ~ E~ r~
ZO 1~1 1:~ H ~; P;
OH E~ E~ E~ ~:; E'3 E~ 1:~ E-~
HE~ ~¢ ~ ~ I¢ E4 ~ h E~~: ~r; ~ p: ~ u~ ~ c c~~ ~ ~ ~ ~; r~ z ~ IY; ~ Z P~ ~
Z h ~:1; Z ~ C) Z ~ ~ ~ S O ~ ,¢ O ~1 :~Pl o h o r~ h a K O ~ O K Z
o _ ~ ~ a ~ o ~ ~ ~ ~ E~ ~ c~
1 ~S67~1 The terminal generates Transmitted Key using function Reencrypt to Master Key and operands Secondary Key and Security Parameter 3 at 67 as specified below:
RTMK(SK, SP3) = E[KMT](D[D[KM~2]ISK)]
(SP3)) = TK
The terminal appends the Transmitted Key to the Transaction Request Message in addition to other routing, transit and control information required in the message header at 68.
The terminal encrypts the complete message including the header using a link encryption key at 69 and transmi-ts it to the centralized computer at 70. The centralized computer sends the message to the Security Module at 71, the Security Module decrypts the message using the link encryption key at 72, the Security Module sends the routing, transit and control information to the centralized computer at 73, the centralized computer determines whether this is an "on-us" transaction or an interchange transaction at 80. If it is an interchange transaction, additional processing is required which will be described later.
If this is not an interchange transaction, the centralized compùter obtains various data from the accounting data base for which it may use the Terminal Identification to obtain the Terminal Master Key (encrypted) as may be stored similar to Table 3 and sends all the data to the Security Module at 74.
~Y~ csm/~a 1 ~5676a ,--19--TA~LE 3 TERMINAL IDENTIFICATION ¦TERMINAL MASTER
l KEY (ENCRYPTED) .
. ..
.
. O . O ' _ ~_ TID n KMT n ._ O
O ' - O
` 1 1~676~
Security Module generates Security Parameter 3 using function Inverse Reencrypt to Master Key and operands Secondary Key and Transmitted Key at 75 as specified below:
RTMK (SK, TK) = SP3 = E[D[KMT2](SK)]
(D[KMT](TK)), (7) one implementation of which is shown in Table 4.
1 15676t ~ ~ _ _ _ _ _ _ _ __ _ 'X ~1 : _ _ H H . ~ X . ~ .
~ ~i K _ _ __ _ _ a _ _ ~ ~ P~ . . . X
:- ~ K _ ~ _ æ _ a : . O
z a K 0~ ~: K P~ _ _ X _ _ _ ~ O E~ ~ O E~ O E~ ~
~ ~ ,1 ~ ~ ,~ ~ C~ ~ ~ ~
~ O K 3 _ U X _ 1~ H U _ _ _ H E~ E~ E~
H E~ P~ ~ ~ ~ f:C 14 E~ ~ a a ~ ~ ~; a ~; K P~ U~ a Z ~ O O ~ E~ Z 0 ~ Z a ~ ~o z ~ o ~ _ a _ _ ~ a ~ o 115676~
The Security Module generates the Working Key using ,~
function Inverse Reencrypt to Master Key and operands Secondary Key and Security Paramter 3 at 76 as specified below:
RTMK (SK, SP3) = WK = E[D[KMT2](SK)]
(D[KMT](SP3)). (8) The Security Module decrypts the Transaction Request Message using the Working Key at 77, as specified below:
D~WK] (Transaction Request Message). (9) The Security Module generates Security Paramter 2 using function Inverse Reencrypt from Master Key and operands Secondary Key and Working Key at 78, as specified below:
RFMK l(SK, WK) = SP2 = E[KMT](D[D[KMTl]
(SK)](WK)), (10) one lmplementation of which is shown in Table 5.
1~S~;7~1 ~T ~ ~ -;
z a ~ ~; E~ P; P; ~ ~
~ ~ ~ ~ P~ ~; ~ P~ ~ ~
O E~ O O ~ O ~
.,, .,~ ~ ~ ~ ~ ,, ~ ~; ., ~ o ~o ~ 'x ~ .,, . ~ ~:i H _ _ _ _ _ _ _ _ _ .. Z ~ .
Z O ~ ~ H ~; . ~
H H ~ ~ 1~3 E~ ~4 ~ P;
o ~ ~ a x ~ ~ Q ~; C~ ~: P~ ~
~ 1~ O ~ O ~ ~ZL~ ~ O ~ 0 ~ Z ~
14 O ~ ~ ~ ~ ~ O E~ ~ Cl :1 E~ I:c~ C~
!
i~S67~1 The Security Module generates Security Parameter 1 using function Inverse Reencry~t from Master Key and operands Secondary Key and Sc~curity Parameter 2 at 79 as specified below:
RFMK 1 (SK, SP2) = S~l = E[KMT](D[D[KMTl]
' (Si;)](SP2)) (11) The Security Module recovers part of the Primary Account Number, part of the P~rsonal Identification Number, part of the card anti-counterfeiting number from Security Parameter 1 if Figure 6 was originally used,at the terminal 81 or whatever was used if alternative Figure 3, 4 or 5 were used. The Security Module recovers the remainder of the Primary Account Number from the decrypted Transaction Request Message and sends the complete number to the centralized computer at 82, the centralized computer retrieves the encrypted Personal Identilication Number and the card anti-counterfeiting feature number from the accounting data base using the Primary Account Number at 83 as may be stored similar to Table 6.
11567dl -~5-PRIMARY PERSONAL _ ACCOUNT IDENTIFICATION CARD
NUMBER NUMBER (ENCRYPTED) SIGNATURE
__ . _~
PAN n- PIN nCS n ~ ~ O l . / 11S6761 The centralized computer sends the data to the Security Module to validate the transaction at 84, the Security Module compares the Personal Identifica-tion Number obtained from the Accounting Data saSe S a~ter appropriate decryption with that generated from the Transaction Request Message and compares the two anti-counterfeiting numbers to validate the transaction at 85, 86. If the transaction does not appear valid, the Security Module indicates that the centralized computer should specify to the terminal a request that,the cardholder re-enter his Personal Identifica-tion Number at 87 shown in Figure 7B which the central-ized computer does at 88, returning to processing at 51 shown in Figure 7A.
If the transaction appears valid, the Security Module notifies the centralized computer at 89, the centralized computer executes ,the remainder of the approval procedure at 90, generates an approval or disapproval response and sends it to the Security Module at 91. The Security Module encrypts the response using the Working Key and returns it to the centralized computer at 92, the centralized computer transmits the response to the terminal at 93. The terminal decrypts the response using the Working Key at 94, the terminal provides the service if approved or displays a message if disapproved at. 95, the terminal generates an acknowledgement at 96, the terminal encrypts the acknowledgement using the Working Key and transmits it to the centralized computer at 97. The centralized computer sends the acknowledgement t O the Security Module at 98, the Security Module decrypts the acknowledgement and notifies the centralized computer at 99, the ~1S~76~
.
centralized computer updates the account data ~ase and notifies the Security Module and the Term-nal at 100, the Security Module destroys the Workina l;ey at lOl, the Terminal updates the magnetic stripe if required and returns the card to the cardholder at 103, the Terminal destroys the Working Key at 104, and the transaction is complete at 102.
If the transaction is an interchange transaction, the centralized computer (acquirer) uses the ~ank Identification Number or similar designation to obtain the encrypted Site Master Interchange Key, the encrypted Password, the Computer Identification . (acquirer) as may be stored similar to Table 7 in addition to the data normally retrieved and sends it all to the Security Module at 105. The Security Module uses the Site Master Interchange Key in place of the Terminal Master Key, uses the Password in place of the Personal Identification Number, uses the Computer Identification in place of the Terminal Identification, uses the Bank Identification Number in place of the Primary Account Number and uses part of the Time field to generate an Interchange Working Key as was done at 62 to 64 in Figure 7A, at 106. The Security Module encrypts the Terminal Identification and the Terminal Master Key (after it has first been decrypted), using the Interchange Working Key, generates an Interchange Transmitted Key as was done at 66, 67 in Figure 7A, appends the Inter-change Transmitted Key, the header and control information to the Transaction Request Message and encr~pts it using a link encryption key at 107, the Security Module sends the transaction to the acquirer centralized computer at 108. The acquirer 11~67gl centralized computer transmits the transaction to the issuer centralized computer at 109, the issuer centralized computer sends the message to the issuer Security Module at 110 shown in Figure 7C.
.
. SITE MASTER
BANK INTERCHANGE
IDENTIFICATION KEYPASSWORD COMPUTER
NUMBER (ENCRYPTED) (ENCRYPTED) IDENTIFICATION
.
.
O- .' . ' O O
O . o O O
O O O O
BIN n SMIK n PW n CID n O ' . O I
O O O O
. ,0 O O O
11567~1 The Security Module decrypts the transaction using the Link Encryption Key, sends the header and control information to the issuer Centralized Computer at 111, the issuer Centralized Computer uses the information to retrieve the encrypted Site Master Interchange Key, the encrypted Password and the Computer Identification and sends it to the Security Module at 112, the Security Module uses the same procedure as was used at 75, 76 in Figure 7A, to recover the Interchange Working Key at 113 and uses the same procedure as was used at 78, 79, 81 in Figure 7A, to recover the Password which is validated at 113. The Security Module uses . the Interchange Working Key to recover the Terminal - Identification and Terminal Master Key by decryption lS at 114. The remainder of the procedure to recover the Personal Identification Number, to.validate and approve the transaction and generate a response is the same as was used at 75 to 79, 81 to 91 in Figures 7A and 7B at 115. The issuer Security Module encrypts the response that will go to the terminal using the Working Key at 116, encrypts the response or acknow-ledgement to go to the acquirer centralized computer using the Interchange Working Key and sends it to the issuer Centralized Computer at 117. The issuer Centralized Computer transmits the response to the acquirer centralized computer at 118, the acquirer Centralized.Computer sends the response to the Security Module at 119, the Security Module decrypts the response using the Interchange Working Key and sends to the acquirer Centralized Computer the part of the response that is to be transmitted to the terminal and the Centralized Computer updates its in-process file at 121. The terminal follows the same procedures - `` 11~67~1 as in 94 to 97 in Figure 7B, at 122. The acquirer Centralized Computer relays the acknowledgement to the issuer Centralized Computer at 123, the issuer Central-izedComputer Lollows the same procedure as in 98 to 101 in Figure 7B, at 124. The acquirer Centralized Computer updates the in-process file, relays notifica-tion to terminal at 128, the acquirer Security Module destroys the Working Key at 125, the terminal updates the magnetic stripe if required,-returns the card to the cardholder at 129, destroys the Working Key at 126, and the transaction is complete at 127.
Considering Figure 1, "Computer with transmission means," 14, may consist of an IBM 370/148 Central Processing Unit (CPU), 3410 Tape units, 1403 Printer, 3705 Communications Controller, Bell 201C Data Sets.
The Data Base may be accommodated on one or more IBM
3330 Disks, 15. The Cash Dispenser, 10, or ATM, 11, may consist of IBM 3614's that may include an Intel 8080 microprocessor and Motorola MGD8080DSM Data Security Module. The Security Module, 13, or 17, may consist of an Intel 8080 rnicroprocessor and a Motorola MGD8080DSM Data Security Module. The other computer shown in Figure 1, 16, may consist of a Burroughs 7766 CPU, 9495 Tape units, 9373 Disk units (18), Documation 1500 printer, Burroughs 7350 Communications Controiler, TA1201 Data Sets, and RT
4000 Cash Dispensers or ATM's deployed similar to those shown comrnunicating with the computer system, 14. In either case, the terminals indicated in 12 may be IBM 3604, 3612, or 3610 or Burroughs TU700, TC700. The communication lines may be 300 to 1200 baud, synchronous or asynchronous.
It will be recognized by those skilled in the art that the particular devices indicated are for illustrative purposes only and do not change or limit the scope of the invention. For instance, CPU's manufactured by NCR, or Univac can be used, other ATM's,peripheral or communication devices manufactured 5 by Varian, Memore~, DEC, NCR, Docutel, FDSI, Diebold, Tandem, Mosler, Bunker Ramo or others could have been substituted for the system components indicated.
Similarly, microprocessors such as the Intel 8048 or 8085, Motorola 6800, PDP11 could have been specified 10 rather than the Intel 8080 and would suffice with appropriate changes to the program that follows. Also, LSI devices tha~ implement the DES manufactured by Fairchild, Western Digital, Collins-Rockwell, IBM or others could have been substituted for the Motorola 15 device without changing or limiting the scope of the nvention .
The set of programs which follow implements the procèdure previously described using an Intel 8080 Microprocessor with an attached Motorola MGD8080DSM
20 Data Security Module. These devices are one possible implementation of the "Security Module" 13, Figure 1.
The programs are "stand-alone" for test purposes.
That is, there has been no attempt to integrate these programs into the programs required for an operating, 25 on-line network. However, any of several operating network progXams~ can easily be modified to use the programs shown here by placing the proper set of "CALL's" at appropriate points of the operating program since the programs included here are comprehensive in 30 that they implement all the functions required to mechanize the security procedure described in earlier sections of this application. Although this test program uses the DES in Electronic Code Book Mode exclusively, the D~S may be used in Cipher Feedback or lfS676~
Block Chaining mode at appropriate places without limiting or changing the scope of the invention.
The programs are divided into:
1. A main routine to generate either WK and TK
given SPl, TID and KMT or generate WK and SPl given TK, TID and KMT. The same program may be used at a terminal or at a HPC, with the proper parameter supplied to the program. The difference is that at the HPC, the terminal Master Key, KMT, is encrypted using the Host Master Key, KMO, while at the terminal, KMT is not encr~pted. In addition, SP1 is a starting parameter at the terminal and TK is a starting parameter at the HPC. These differences are accommodated within the programs.
2. A set of subroutines that perform smaller, "building block" functions that the main routine sequences in an order thatprovides for implementing the security procedure previously described.
One type of on-line system stores account information in a central data base to which the remote terminals are connected by data communication lines. In response lo submission of specified informa-tion from a remote te^minal, such as account number, ~ "
1 1S67~1 amount of sale or amount requested, merchant identifi- ;
cation if a sale, and secret information related to the cardholder, the system searches the account files to obtain data that may indicate that the transaction should be approved or denied. Such information may 5 include date of last use, amount of credit if a credit transaction, balance in account, whether a card has been lost, stolen or has expired. If the transaction is approved, the system adjusts the account information appropriately after the transaction is completed. As the art prosressed, terminals with increased functions were provided that permitted more functions to be performed than dispensing cash or effecting a purchase.
For instance, financial institutions, to reduce peak loads and to extend their services during times of business closure, permit the transfer of funds between accounts, accept payments for utilities or for loan balances, accept deposits, and provide for advances to be charged to valid credit cards. These devices typically include a plastic card reading mechanism, a keyboard, a display, document entry and exit apertures and may be connected to a data base or operate as a stand-alone device. Due to the increased functions permitted, the exposure to fraud increased, so that secret numbers (Personal Identification Numbers) were issued to cardholders to reduce the exposure. The Personal Identification Number entered on the keyboard by the cardholder must either compare directly with the number encoded on the magnetic stripe of the plastic card or some correspondence, that may depend on encryption, must exist between the Personal Identifica-tion Number and the number encoded on the magnetic stripe. Otherwise, the transaction is not enabled on the presumption that the card was either lost or stolen.
This method may be used by stand-alone devices or devjces connected to a central d3,a base.
The use of a Personal Identification Number improved the security of such systems but still left some means available for fraud and had other dis-advantages. ~he problem of secure issue of PersonalIdentification Numbers arose. The use of on-line files with lists of Personal Identification Numbers may g~ c~ y~s permit unauthorized access to the files by e~ yes for purpose of obtaining what is supposed to be secret information. With such information, duplicate or counterfeit cards can easily be manufactured to perpetrate fraud. Several different approaches were taken to overcome the disadvantages. One approach, to avoid the use of on-line files and to overcome the supposed cost and complexity of on-line systems, was to try to ïmprove the security of stand-alone use. As a result, special plastic cards with material laminated into the card, pasted onto the card, holes punched into or onto the card as a security measure, were devised, none of which was effective by itself.
Another approach was to encrypt the Personal Identification Number stored in the account records, which is effective, provided appropriate additional security measures are instituted. Encryption may not be effective with stand-alone devices because of access required by maintenance personnel and for replenishing the cash supply or other servicing, thereby exposing the encryption key to simple means of compromise. Encrypting only the secret information in the central account records is not effective since the secret information must also be entered at a remote terminal to initiate a transaction and be transmitted, usually by means of utility communication lines, to the centralized computer, thereby becoming ~ ~67~
subject to monitoring by person or persons unknown.
The transmission therefore must also be encrypted, which is effective but may still p--rmit someone who can break the code access to the list of correspond-ence between account information and Personal Indenti-fication Numbers by monitoring these transmissions.
An additional shortcoming is the generation, by a sophisticated penetrator, of spùrious transactions to fraudulently transfer funds within data base accounts.
As a result, the previous methods of validating the secret number at a centrallzed data processor provide protection against casual fraud but may not provide adequate protection against a penetrator having knowledge of, and perhaps, access to, current data processing equipment or systems. Alternatively, those methods that seem to provide an adequate level of security also seem quite costly due to the need for utilizing high-cost data communication lines for multiple transmissions for validation of each trans-action and for transmission in a secure way of the required enciphering keys, rather than relying on a single Transaction Request Message, a single Response and an acknowledgement or some minimum number of transmissions per transactions.
There has evolved within the same time frame networ~ks other than the proprietary networks that a single financial institution may deploy to service its customers. Financial Institutions may decide to share networks or to interchange transactions in order to provide better service. There are national networksdeveloped by Bank Cards to service many financial institutions that may aggregate millions of accounts and millions of transactions per dav. Although each transaction may be small, the aggregate dollar volume 1 15S7~l transferred per day is substantial. In addition, there ,~
are the semi-official clearing house systems an~ the networks used by Federal Financial Agencies to ~ransfer billions of dollars of funds daily and that imp~ct the financial structure of the country. The methods used by some of the large financial institution networks to provide security are so simplistic, they may easily be defeated by a knowledgeable person, as occasional news-paper headlines attest.
10What has been lacking until now is a procedure, method or system that integrates the validation and authentication of the plastic card, cardholder, terminal or other device used to initiate transactions, render ineffective wiretap data, that does not require unencrypted Personal Identification Numbers to be processed, that efficiently uses costly data communica-tion lines by minimizing transmissions and is adaptable to the requirements of different types of on-line networks.
Summary of Invention A syst-em in àccordance with the present invention consists of a means for multiply-enciphering secret and other data in a predetermined way at a remote terminal or a computer connected by communication lines to a computer, said enciphering to provide authentication of the card, cardholder, terminal or other device, and to provide security against intrusion by wiretapping in a way that maximizes utilization of communication lines.
The secret data may be entered on a keyboard by an authorized cardholder together with other data that may be required to complete the transaction. The secret and other data, and data internal to the remote terminal or computer,are multiply-enciphered in a ~ ~5B761 -6- !
predetermined way using a secret Terminal Master Key stored in the terminal or computer, initially to generate a Working Key that is used only to encipher the Transaction Request Message that is generated within the 5 terminal or computer by suitable means. The Working Key is then additionally multiply-enciphered in a predetermined way using the secret Terminal Master Key to generate a Transmitted Key that is appended to the Transaction Request Message and transmitted by 10 suitable means to the computer at the centralized account data base in a way that prevents intrusion by wire tapping. At the centralized computer, the account data base is searched to find enciphered and other data corresponding to the account of the authorized 15 cardholder and the device from which the message was received, which data is used two ways. Part of the data is used to facilitate the multiple decipherments of the Transmitted Key in order to obtain the Working Key. Other parts of the data are used to validate and 20 authenticate the transaction after it has been deciphered using the Working Key and the Working Key itself has been further multiply-deciphered and in a way that provides that the enciphered data is protected from access by employees of the financial institution such 25 as programmers, systems analysts, operators and also protected from other sophisticated penetrators who may gain unauthorized access to the computer network or system. After the transaction has been validated, additional tests of an accounting nature may be performed 30 by the central computer to determine whether the Transaction Request should be approved, tests depending upon data such as balance in account, date of last use, amount withdrawn and other data. An appropriate response is generated at the centralized computer by . ~ 87S l suitable means, which response is enciphered in the same Working Key used to encipher the Transaction Request Message. This Transaction Request Response is transmitted by suitable means to the terminal or computer from which the Transaction Re~uest Mess~ge was received, where it is deciphered by suitable means using the Working Key that has been securely stored and the requested transaction is completed if approved, or an indication displayed that the transaction is not approved. After completion of the transaction, the terminal or computer may send an acknowledgement to the centralized computer indicating the type of transaction completed, as an added security measure, which acknow-ledgement may be enciphered using the same Working Key.
After the-centralized computer receives the acknowledge-ment, it updates the accounting data base and then the remote terminal or computer and the centralized computer destroy the Working Key securely by resetting the register or location in which the Working Key has been stored to prevent reuse or compromise.
Because the secret data and other data are used to generate the working key required to encipher each Transaction Request Message, each such Message will be enciphered using a different Working Key before being transmitted to the centralized computer, substantially enhancing the strength of the enciphering means andprotecting the Terminal Master Key from compromise by statistical cryptanalysis. In the preferred embodiment, there is only 1 chance in 2 to the 56th power that the same Working Key would be generated twice.
Therefore, in accordance with the present invention there is provided a system for authenticating users and devices in on-line transaction networks comprising a plurality of remote terminals in communication with a central processing unit including a data base containing encrypted data used in the authentication of the users and devices, the data being encrypted with a master key and including terminal master keys for each of the remote terminals and identification numbers for each of the users all of which are secret, the data further including -terminal identification numbers for each of the remote terminals and account numbers for each of the users, wherein each of the remote terminals is provided with means for entering an account number and an identification number of a user initiating a transaction as well as the nature of the transaction, the improvement in a method for protecting the transaction comprising the steps of: generating at a terminal a transaction request message based on the information entered at the terminal by a user initiating a transaction, using the identification number and the account number entered by the user and the terminal identification number and the terminal master key, and employing such variants as to generate a working key unique to each transaction, encrypting the transaction request message using the working key, transmitting the encrypted transaction request message, deriving the working key at the central processing unit using information derived from the transmitted message and the data base including the account number, the terminal master key and the terminal identification number, decrypting the message received at the central processing unit using the working key, - 7a -,~ ~
~J` csm/~
1 iS6761 comparing the user identification number and account number obtained by decrypting corresponding data in the data base with the data in the transaction request message to validate the transaction request message, generating a transaction request response and encrypting the transaction request response with the working key, transmitting the encrypted transaction request response to the terminal where the transaction was initiated, and decrypting the message received at the terminal using the working key and, if the transaction is approved, providing the requested service.
Brief Description of Drawings A better understanding of the invention may be had from a consideration of the following detailed - 7b -. ~
csm//,`
description considered in conjunctic~n with the accompanying drawings in which:
Figure 1 is a functional block diagram representa-tion of a typical on-line financial network in which the present invention may be implemented.
Figure 2is an operational block diagram that provides an overview of the system description of the present invention.
Figure 3 is a representation of one method of form-ing Security Parameter 1 at a terminal or computer to initiate the process of the present invention.
Figures 9j 5, 6 a~e alternative methods of forming Security Parameter 1 to suit the needs or character-istics of different types of financial, on-line networks.
Figures 7A, 7B and 7C are a detailed, operational block diagram of the overall method or process of the present invention.
Detailed Description of the Invention 1. Definitions Terminal: A device such as a Cash Dispenser, Automatic Teller Machine, Point-of-Sale device, or any of various types of computers that may be used to initiate a financial transaction.
Terminal Identification (TID): A designation of 8-8 binary digit numbers, letters or a mixture of numbers and letters that identifies a specific terminal and is embodied as an integral characteristic of the terminal.
Primary Account Number (PAN): A designation that identifies an account holder in an accounting data base.
Personal Identification Number (PIN): A variable number of digits, letters or a mixture of digits and 11~6761 g letters known only to an authorized account holder and used in the initiation and validation of on-line financial transactions. In the preferred embodiment, at least 4 characters are used as the Personal Identification ~umber. The binary designation chosen for these and other parameters may be any of those commonly used in computer processing or data communications without affecting the scope of the invention.
Card anti-counterfeiting features (CS): A
designation or identification for a magnetic-striped, plastic, size "A" card that cannot be changed without destroying the card.
Encryption or Decryption Keys: Some embodiments of the Data Encryption Standard require a secret 56 binary digit key to particularize or control the operation of the algorithm, some embodiments require that 64 secret binary digits be entered into the key register even though only 56 enter into the operation of the algorithm and the remaining 8 are odd parity binary digits, one for each 7 binary digits of the key and each parity binary digit located to the right of each 7 binary key digits. Either~of these is within the scope of the invention, as are other cryptographic systems which require or permit a secret encryption key to control or particularize the operation of the crypto-graphic algorithm.
Master Key (KMO if at a centralized computer, KMT
if at a terminal): A key used primarily or solely to encrypt and decrypt other keys.
Master Key Variants (KMl and KM2 if at a centralized computer, KMTl and KMT2 if at a terminal): A Master Key with certain specified binary digits inverted to provide a defense against specific types of penetration by an intruder. In the 56 binary digit representation, 1~S6761 KMl and KMTl, called the first variants, are equal tothe respective Master Keys with binary digits 2, 9, 16, 23, 30, 37, ~4, 51, counting left to right, inverted. Then, KM2 and I~MT2, called the second variants, are formed from the respective Master Keys by having binary digits 5, 12, 19, 26, 33, 40, 47, 54 inverted.
Working Key (WK): A key used to encrypt or decrypt a Transaction Request Message. In this invention, it differs for each transaction to provide an enhanced degree of security.
Transmitted Key: A key transmitted with a trans-action and used to provide a defense against wire tap and used to facilitate decryption.
Encrypt data Y using key X: E[X](Y) Decrypt data Y using key X: D[X](y) Encrypt under Master Key:
E[KMO] (Key) at centralized computer;
E[KMT] (Key) at terminal.
Decrypt under Master Key:
D[KMO] (Key) at a centralized computer;
D[KMT] (Key) at a terminal.
Reencrypt from Master Key (RFMK(X,Y)): Defined as;
E[D[KMl](X)]~D[KMO](Y)).
Reencrypt to Master Key (RTMK(X,Y)): Defined as:
E[KMO](D[D[KM2](X)](Y)).
Inverse Reencr~pt from Master Key (RFMK 1(X,Z)):
Defined as; E[KMO](D[D[KMl](X)](Z)).
Inverse Reencrypt to Master Key (RTMK (X,W)):
Defined as; E[D[KM2](X)](D[KMO](W)).
Concatenation, specified by ¦¦ (Double Bar):
Joining of subfields together to form a field by juxtaposing the subfields, for instanct AB ¦¦ CD = ABCD.
~ 15157Bl 2. Description of the Preferred Embodiment Referring now to the drawings, and more particularly to Figures 1 and 2, the invention will be described in terms of a preferred embodiment. This embodiment comprises a network having cash dispensing machines, automatic teller machines or the like such as would be used by a bank or similar financial institution. It is to be expressly understood, however, that the invention has broad and general applications including, but not limited to, transferring funds, dispensing a good or permitting the utilization of a service.
A cardholder enters his magnetic striped size "A"
plastic card into an attended or unattended financial terminal 10, 11, 12, enters his Personal Identification Number and amount requested or amount of transaction on a keyboard at 20. The terminal reads the magnetic stripe and extracts the Bank Identification Number, the Primary Account Number and adds the Terminal Identifica-tion at 21. The terminal generates the Transaction Request Message at 22 and uses the Primary Account Number, the Personal Identification Number, the card anti-counterfeiting feature number and the Time field to generate Security Parameter 1, which is used with the Terminal Identification and the Terminal Master Key within the encryption means to generate the Working Key at 23 in a manner to be explained with reference to Figures 7A to 7C. The Working Key is used to encrypt the Transaction Request Message at 24 already generated. The Working Key, the terminal Identification and the Terminal Master Key are used to generate the Transmitted Key at 25 in a manner to be explained with reference to Figures 7A to 7C. The Transmitted Key is appended to the Transaction Request Message in addition to transit, routing and other control information that may be required such as an Initialization Vector 1 ~67B~
required to initialize the DES in some usages, and the complete message is transmitted to the centralized computer 14 at 26 by transmission means.
The centralized computer 14 obtains data, some of it encrypted, from the accounting data base 15 using the control information in the message header and other information and sends it all to the Security Module 13 at 27. The Security ModuIe 13 uses the Terminal Identification, the Terminal Master Key and Transmitted Key within the encryption means to obtain the Working Key at 28-in a manner to be described with reference to Figures 7A to 7C. The Working Key is used within the Security Module 13 to decrypt the Transaction Request Message at 29. The Security Module 13 uses the Working Key, the Terminal Master Key and the Terminal Identification within the encryption means to obtain Security Parameter 1 in a manner to be explained with reference to Figures 7A to 7C in order to obtain access to the Personal Identification Number and card anti-counterfeiting feature number at 30. The Security Module 13 verifies that the Personal Identification Number and card anti-counterfeiting feature number that was generated from the data in the message is the same as those values contained in the accounting data base transferred from the centralized computer by any one of several means at 31, and notifies the centralized computer 14.
The centralized computer 14 executes the remainder of the approval process at 32, generates and transmits to the Security Module 13 the appropriate response at 33. The Security Module 13 encrypts the response using the Working Key at 34, after which the response is transmitted to the terminal 10, 11 or 12 by transmission means. The terminal decrypts the response using the . t~5~76~
Working Key at 35, provides the service requested at 36, generates an acknowledgement at 37, encrypts the acknowledgement using the Working Key at 38 and transmits it to the centralized computer 14. The centralized computer 14 sends the acknowledgement to the Security Module 13 at 39. The Security Module 13 decrypts the acknowledgement using the Working Key, notifies the centralized computer 14 and destroys the Working Key at 40. The centralized computer 14 upda*es the account base 15 at 41, the terminal 10, 11 or 12 updates and writes the magnetic stripe on the plastic card if required, destroys the.Working Key at 42, completing the transaction at 43. With reference now to Figures 7A to 7C, the present invention may be implemented on a financial transaction or transfer network such as that represented in Figure 1 that contains attended or unattended terminals 10, 11, 12 or a computer 16 with transmission and encryption means and associated Security Module 17 and data base 18 connected by data communication lines to a central-ized computer with transmission means 14, encryption means 13, and with access to a centralized accounting data base 15, which may be any one of several media for storing, retrieving and changing data usually by magnetic or electromagnetic means. The accounting data stores information related to each account assigned to authorized account holders of the Financial Institu-tion. The terminals or computer may be connected to the centralized computer by any of various means familiar to those skilled in the art. In order to initiate a transaction on such a network, an authorized cardholder enters his magnetic striped, size "A"
plastic card into a card entry means at the terminal 50 as shown in Figure 7A, the texminal determines 11~6761 whether the cardholder has been requested to enter his Personal Identification Number mol-e than a fixed number of times at 51, in the pre~erred embodiment three times. If the cardholder h~.s entered his Personal Identification Number three times, the terminal retains the card at 52, indicates that the carholder must visit his Financial Institution at 53 and terminates the transaction at 54.
If the cardholder has not entered his Personal Identification Number three times, the terminal requests the cardholder to enter his Personal Identification Number on the keyboard at 55, which the cardholder does at 56, the terminal reads the magnetic stripe at 57, the terminal forms Security Parameter 1 at 58 by using part of the Primary Account Number, part of the Personal Identification Number, part of the card anti-counterfeiting number and part of the Time field as shown in Figure 6 or alternatively as shown in Figures 3, 4, 5. The terminal requests the cardholder to enter the type of transaction and the amount at 59, which the cardholder does at 60, the terminal generates the Transaction Request Message at 61. The terminal generates a Secondary Key by e.~c~ ~;~q ~eei~n ~ng~the terminal identification using the Terminal Master Key at 62:
SK.= ~[KMT](TID). (1 The terminal generates Security Parameter 2 using function Reencrypt from Master Key and operands Secondary Key and Security Parameter 1 at 63 as specified below: .
RFMK (SK,SPl) = ~[D[KMTl](SK)](D[KMT]
(SPl)) = SP2, (2) one implementation of which is shown in Table 1.
-- 1 15~76l , _ , _ _ _ __.. _ ~ _ ^ _ X~ ?~ X o~
~ _ _ _ ::C H ~ ~ X
_ ~
~ '~Z _ __ _ _ ; ^X _ _ _ E~ ~~ ~ ~0 a o .
~ _ __ _ _ _ _ _ _ _ _ _ o . ~: ~;
a E~ .
æ o P.
~Z ~ o ~ .~ 'x ~; o ~; ~
_ _ _ _ _ _ _ _ _ O 1; ~ ~ H
OH E~ E-~ E~ E~ P~ ~Ll E~
HE~ ~ ~ P~ ~ ~;
c~ ~ a a P~ ~! ~ a ~; ~ z a ~; , c æ P~ ~: ~: c~ o z ~: ~ z ~ ~; ~: ~ w ~ P. O O ~:1 E~ ~ O ~ ~1 ~ P~ O Z
. 14 O ~1 ~:1 _ _ _ ~ ~ ~0 E~ ~1 ~ C~
1~S~761 The terminal generates Working Key using function Reencrypt from Master Key and operands Secondary Key and Security Parameter 2 at 64 as specified below:
RFMK (SK,SP2) = E[D[~MTl](SK)](D[KMT]
(SP2,) = WK. (3) The terminal~ encrypts the Transaction Request Message using the Working Key at 65, as specified below:
E[WK](Transaction~ Request Message). (4) The terminal generates Security Parameter 3 using function Reencrypt to Master Key and operands Secondary Key and Working Key at 66 as specified below:
RTMK(SK, WK) = E[KMT](D[D[KMT2](SK)]
(WK)) - SP3, (5) one implementation of which is shown in Table 2 below:
1 15~;761 ~ - ~
~ H K K a H ~ a n . ~:
~ eX X ~ _ _ X _ _ ~ _ O
1::1 ~ ~K .
~; . ~ . a ~ P _ ~ _ _ ~ _ ~; ~; _ E~ Z O ~ E~ ~; E~ O E~
E~ O 0 .~ O O O 0 O
W Z ~ ~ X _ E~ E-~- r _ ~ E~ r~
ZO 1~1 1:~ H ~; P;
OH E~ E~ E~ ~:; E'3 E~ 1:~ E-~
HE~ ~¢ ~ ~ I¢ E4 ~ h E~~: ~r; ~ p: ~ u~ ~ c c~~ ~ ~ ~ ~; r~ z ~ IY; ~ Z P~ ~
Z h ~:1; Z ~ C) Z ~ ~ ~ S O ~ ,¢ O ~1 :~Pl o h o r~ h a K O ~ O K Z
o _ ~ ~ a ~ o ~ ~ ~ ~ E~ ~ c~
1 ~S67~1 The terminal generates Transmitted Key using function Reencrypt to Master Key and operands Secondary Key and Security Parameter 3 at 67 as specified below:
RTMK(SK, SP3) = E[KMT](D[D[KM~2]ISK)]
(SP3)) = TK
The terminal appends the Transmitted Key to the Transaction Request Message in addition to other routing, transit and control information required in the message header at 68.
The terminal encrypts the complete message including the header using a link encryption key at 69 and transmi-ts it to the centralized computer at 70. The centralized computer sends the message to the Security Module at 71, the Security Module decrypts the message using the link encryption key at 72, the Security Module sends the routing, transit and control information to the centralized computer at 73, the centralized computer determines whether this is an "on-us" transaction or an interchange transaction at 80. If it is an interchange transaction, additional processing is required which will be described later.
If this is not an interchange transaction, the centralized compùter obtains various data from the accounting data base for which it may use the Terminal Identification to obtain the Terminal Master Key (encrypted) as may be stored similar to Table 3 and sends all the data to the Security Module at 74.
~Y~ csm/~a 1 ~5676a ,--19--TA~LE 3 TERMINAL IDENTIFICATION ¦TERMINAL MASTER
l KEY (ENCRYPTED) .
. ..
.
. O . O ' _ ~_ TID n KMT n ._ O
O ' - O
` 1 1~676~
Security Module generates Security Parameter 3 using function Inverse Reencrypt to Master Key and operands Secondary Key and Transmitted Key at 75 as specified below:
RTMK (SK, TK) = SP3 = E[D[KMT2](SK)]
(D[KMT](TK)), (7) one implementation of which is shown in Table 4.
1 15676t ~ ~ _ _ _ _ _ _ _ __ _ 'X ~1 : _ _ H H . ~ X . ~ .
~ ~i K _ _ __ _ _ a _ _ ~ ~ P~ . . . X
:- ~ K _ ~ _ æ _ a : . O
z a K 0~ ~: K P~ _ _ X _ _ _ ~ O E~ ~ O E~ O E~ ~
~ ~ ,1 ~ ~ ,~ ~ C~ ~ ~ ~
~ O K 3 _ U X _ 1~ H U _ _ _ H E~ E~ E~
H E~ P~ ~ ~ ~ f:C 14 E~ ~ a a ~ ~ ~; a ~; K P~ U~ a Z ~ O O ~ E~ Z 0 ~ Z a ~ ~o z ~ o ~ _ a _ _ ~ a ~ o 115676~
The Security Module generates the Working Key using ,~
function Inverse Reencrypt to Master Key and operands Secondary Key and Security Paramter 3 at 76 as specified below:
RTMK (SK, SP3) = WK = E[D[KMT2](SK)]
(D[KMT](SP3)). (8) The Security Module decrypts the Transaction Request Message using the Working Key at 77, as specified below:
D~WK] (Transaction Request Message). (9) The Security Module generates Security Paramter 2 using function Inverse Reencrypt from Master Key and operands Secondary Key and Working Key at 78, as specified below:
RFMK l(SK, WK) = SP2 = E[KMT](D[D[KMTl]
(SK)](WK)), (10) one lmplementation of which is shown in Table 5.
1~S~;7~1 ~T ~ ~ -;
z a ~ ~; E~ P; P; ~ ~
~ ~ ~ ~ P~ ~; ~ P~ ~ ~
O E~ O O ~ O ~
.,, .,~ ~ ~ ~ ~ ,, ~ ~; ., ~ o ~o ~ 'x ~ .,, . ~ ~:i H _ _ _ _ _ _ _ _ _ .. Z ~ .
Z O ~ ~ H ~; . ~
H H ~ ~ 1~3 E~ ~4 ~ P;
o ~ ~ a x ~ ~ Q ~; C~ ~: P~ ~
~ 1~ O ~ O ~ ~ZL~ ~ O ~ 0 ~ Z ~
14 O ~ ~ ~ ~ ~ O E~ ~ Cl :1 E~ I:c~ C~
!
i~S67~1 The Security Module generates Security Parameter 1 using function Inverse Reencry~t from Master Key and operands Secondary Key and Sc~curity Parameter 2 at 79 as specified below:
RFMK 1 (SK, SP2) = S~l = E[KMT](D[D[KMTl]
' (Si;)](SP2)) (11) The Security Module recovers part of the Primary Account Number, part of the P~rsonal Identification Number, part of the card anti-counterfeiting number from Security Parameter 1 if Figure 6 was originally used,at the terminal 81 or whatever was used if alternative Figure 3, 4 or 5 were used. The Security Module recovers the remainder of the Primary Account Number from the decrypted Transaction Request Message and sends the complete number to the centralized computer at 82, the centralized computer retrieves the encrypted Personal Identilication Number and the card anti-counterfeiting feature number from the accounting data base using the Primary Account Number at 83 as may be stored similar to Table 6.
11567dl -~5-PRIMARY PERSONAL _ ACCOUNT IDENTIFICATION CARD
NUMBER NUMBER (ENCRYPTED) SIGNATURE
__ . _~
PAN n- PIN nCS n ~ ~ O l . / 11S6761 The centralized computer sends the data to the Security Module to validate the transaction at 84, the Security Module compares the Personal Identifica-tion Number obtained from the Accounting Data saSe S a~ter appropriate decryption with that generated from the Transaction Request Message and compares the two anti-counterfeiting numbers to validate the transaction at 85, 86. If the transaction does not appear valid, the Security Module indicates that the centralized computer should specify to the terminal a request that,the cardholder re-enter his Personal Identifica-tion Number at 87 shown in Figure 7B which the central-ized computer does at 88, returning to processing at 51 shown in Figure 7A.
If the transaction appears valid, the Security Module notifies the centralized computer at 89, the centralized computer executes ,the remainder of the approval procedure at 90, generates an approval or disapproval response and sends it to the Security Module at 91. The Security Module encrypts the response using the Working Key and returns it to the centralized computer at 92, the centralized computer transmits the response to the terminal at 93. The terminal decrypts the response using the Working Key at 94, the terminal provides the service if approved or displays a message if disapproved at. 95, the terminal generates an acknowledgement at 96, the terminal encrypts the acknowledgement using the Working Key and transmits it to the centralized computer at 97. The centralized computer sends the acknowledgement t O the Security Module at 98, the Security Module decrypts the acknowledgement and notifies the centralized computer at 99, the ~1S~76~
.
centralized computer updates the account data ~ase and notifies the Security Module and the Term-nal at 100, the Security Module destroys the Workina l;ey at lOl, the Terminal updates the magnetic stripe if required and returns the card to the cardholder at 103, the Terminal destroys the Working Key at 104, and the transaction is complete at 102.
If the transaction is an interchange transaction, the centralized computer (acquirer) uses the ~ank Identification Number or similar designation to obtain the encrypted Site Master Interchange Key, the encrypted Password, the Computer Identification . (acquirer) as may be stored similar to Table 7 in addition to the data normally retrieved and sends it all to the Security Module at 105. The Security Module uses the Site Master Interchange Key in place of the Terminal Master Key, uses the Password in place of the Personal Identification Number, uses the Computer Identification in place of the Terminal Identification, uses the Bank Identification Number in place of the Primary Account Number and uses part of the Time field to generate an Interchange Working Key as was done at 62 to 64 in Figure 7A, at 106. The Security Module encrypts the Terminal Identification and the Terminal Master Key (after it has first been decrypted), using the Interchange Working Key, generates an Interchange Transmitted Key as was done at 66, 67 in Figure 7A, appends the Inter-change Transmitted Key, the header and control information to the Transaction Request Message and encr~pts it using a link encryption key at 107, the Security Module sends the transaction to the acquirer centralized computer at 108. The acquirer 11~67gl centralized computer transmits the transaction to the issuer centralized computer at 109, the issuer centralized computer sends the message to the issuer Security Module at 110 shown in Figure 7C.
.
. SITE MASTER
BANK INTERCHANGE
IDENTIFICATION KEYPASSWORD COMPUTER
NUMBER (ENCRYPTED) (ENCRYPTED) IDENTIFICATION
.
.
O- .' . ' O O
O . o O O
O O O O
BIN n SMIK n PW n CID n O ' . O I
O O O O
. ,0 O O O
11567~1 The Security Module decrypts the transaction using the Link Encryption Key, sends the header and control information to the issuer Centralized Computer at 111, the issuer Centralized Computer uses the information to retrieve the encrypted Site Master Interchange Key, the encrypted Password and the Computer Identification and sends it to the Security Module at 112, the Security Module uses the same procedure as was used at 75, 76 in Figure 7A, to recover the Interchange Working Key at 113 and uses the same procedure as was used at 78, 79, 81 in Figure 7A, to recover the Password which is validated at 113. The Security Module uses . the Interchange Working Key to recover the Terminal - Identification and Terminal Master Key by decryption lS at 114. The remainder of the procedure to recover the Personal Identification Number, to.validate and approve the transaction and generate a response is the same as was used at 75 to 79, 81 to 91 in Figures 7A and 7B at 115. The issuer Security Module encrypts the response that will go to the terminal using the Working Key at 116, encrypts the response or acknow-ledgement to go to the acquirer centralized computer using the Interchange Working Key and sends it to the issuer Centralized Computer at 117. The issuer Centralized Computer transmits the response to the acquirer centralized computer at 118, the acquirer Centralized.Computer sends the response to the Security Module at 119, the Security Module decrypts the response using the Interchange Working Key and sends to the acquirer Centralized Computer the part of the response that is to be transmitted to the terminal and the Centralized Computer updates its in-process file at 121. The terminal follows the same procedures - `` 11~67~1 as in 94 to 97 in Figure 7B, at 122. The acquirer Centralized Computer relays the acknowledgement to the issuer Centralized Computer at 123, the issuer Central-izedComputer Lollows the same procedure as in 98 to 101 in Figure 7B, at 124. The acquirer Centralized Computer updates the in-process file, relays notifica-tion to terminal at 128, the acquirer Security Module destroys the Working Key at 125, the terminal updates the magnetic stripe if required,-returns the card to the cardholder at 129, destroys the Working Key at 126, and the transaction is complete at 127.
Considering Figure 1, "Computer with transmission means," 14, may consist of an IBM 370/148 Central Processing Unit (CPU), 3410 Tape units, 1403 Printer, 3705 Communications Controller, Bell 201C Data Sets.
The Data Base may be accommodated on one or more IBM
3330 Disks, 15. The Cash Dispenser, 10, or ATM, 11, may consist of IBM 3614's that may include an Intel 8080 microprocessor and Motorola MGD8080DSM Data Security Module. The Security Module, 13, or 17, may consist of an Intel 8080 rnicroprocessor and a Motorola MGD8080DSM Data Security Module. The other computer shown in Figure 1, 16, may consist of a Burroughs 7766 CPU, 9495 Tape units, 9373 Disk units (18), Documation 1500 printer, Burroughs 7350 Communications Controiler, TA1201 Data Sets, and RT
4000 Cash Dispensers or ATM's deployed similar to those shown comrnunicating with the computer system, 14. In either case, the terminals indicated in 12 may be IBM 3604, 3612, or 3610 or Burroughs TU700, TC700. The communication lines may be 300 to 1200 baud, synchronous or asynchronous.
It will be recognized by those skilled in the art that the particular devices indicated are for illustrative purposes only and do not change or limit the scope of the invention. For instance, CPU's manufactured by NCR, or Univac can be used, other ATM's,peripheral or communication devices manufactured 5 by Varian, Memore~, DEC, NCR, Docutel, FDSI, Diebold, Tandem, Mosler, Bunker Ramo or others could have been substituted for the system components indicated.
Similarly, microprocessors such as the Intel 8048 or 8085, Motorola 6800, PDP11 could have been specified 10 rather than the Intel 8080 and would suffice with appropriate changes to the program that follows. Also, LSI devices tha~ implement the DES manufactured by Fairchild, Western Digital, Collins-Rockwell, IBM or others could have been substituted for the Motorola 15 device without changing or limiting the scope of the nvention .
The set of programs which follow implements the procèdure previously described using an Intel 8080 Microprocessor with an attached Motorola MGD8080DSM
20 Data Security Module. These devices are one possible implementation of the "Security Module" 13, Figure 1.
The programs are "stand-alone" for test purposes.
That is, there has been no attempt to integrate these programs into the programs required for an operating, 25 on-line network. However, any of several operating network progXams~ can easily be modified to use the programs shown here by placing the proper set of "CALL's" at appropriate points of the operating program since the programs included here are comprehensive in 30 that they implement all the functions required to mechanize the security procedure described in earlier sections of this application. Although this test program uses the DES in Electronic Code Book Mode exclusively, the D~S may be used in Cipher Feedback or lfS676~
Block Chaining mode at appropriate places without limiting or changing the scope of the invention.
The programs are divided into:
1. A main routine to generate either WK and TK
given SPl, TID and KMT or generate WK and SPl given TK, TID and KMT. The same program may be used at a terminal or at a HPC, with the proper parameter supplied to the program. The difference is that at the HPC, the terminal Master Key, KMT, is encrypted using the Host Master Key, KMO, while at the terminal, KMT is not encr~pted. In addition, SP1 is a starting parameter at the terminal and TK is a starting parameter at the HPC. These differences are accommodated within the programs.
2. A set of subroutines that perform smaller, "building block" functions that the main routine sequences in an order thatprovides for implementing the security procedure previously described.
3 A testing program that simulates the opera-tions that would normally take place at a terminal andthose that would normally take place at a HPC. The procedure at the terminal is to use the remainder of the programs to generate TK and WK after SPl, RMT and TID are supp-lied. Then, a Transaction Request test message is enciphered using WK, and transmission of the message and TK to the HPC is simulated.
At the HPC, generation of WK and SPl is accom-plished given TK, KMT, TID, using the same set of programs, and the test message is deciphered using WK. Both versions of the test message, and both versions of SPl and WK are compared for equality. If they are equal, the HPC program initiates the encipherment of a response message and simulates transmission to the terminal.
The terminal program initiates decipherment of the response message using WK and compares it to the original message. If the fields compared are equal, the test program halts at a normal stop. If any fields compared are not equal, the program stops at an error halt.
At the HPC, generation of WK and SPl is accom-plished given TK, KMT, TID, using the same set of programs, and the test message is deciphered using WK. Both versions of the test message, and both versions of SPl and WK are compared for equality. If they are equal, the HPC program initiates the encipherment of a response message and simulates transmission to the terminal.
The terminal program initiates decipherment of the response message using WK and compares it to the original message. If the fields compared are equal, the test program halts at a normal stop. If any fields compared are not equal, the program stops at an error halt.
4. All constants, parameters, space for inter-mediate results and working storage are included within the set of programs given so that an operating program can easily be developed by deleting those portions included only for testing purposes. Once initiated, the testing program performs all functions and tests, and runs to completion if there are no errors. A summary description of each of the routines and subroutines follows.
5. MROUT, Main Routine.
Given SP1, TID, ~, generates all the intermediate values required and produces WK and TK
by sequencing the remainder of the routines as required. Alternatively, given TK, TID, KMT, then WK and SPl are generated. The proper parameter is required.
Given SP1, TID, ~, generates all the intermediate values required and produces WK and TK
by sequencing the remainder of the routines as required. Alternatively, given TK, TID, KMT, then WK and SPl are generated. The proper parameter is required.
6. MWKLD, Load Master Key into Master Key Register and Active Register or load a Working Key into the Active Register, depending on the parameter supplied. The key is not deciphered in either case.
7. NGEDR, Encipher or Decipher N Groups of 8 Bytes, no more than 254 groups or 2032 bytes. Since the devices that implement the DES require integral multiples of 8 bytes, this routine has been so organized. The routine requires a parameter to distinguish between encipherment and decipherment.
8. EDCPR, Encipher or Decipher 8 Bytes. This routine is one of the smallest building blocks and ~15~61 interfaces directly to the Data Security Module.
A para~eter distinguishes between encipherment ai3d decipherment.
A para~eter distinguishes between encipherment ai3d decipherment.
9. MO~E7, Move 7 Bytes.
This subroutine is included because of tne characteristics of the specific hardware device chosen to illustrate the implementation of the S e. c~ '~
~`~ see#~t~/procedure described in this application. It transfers the first 7 of the 8 required bytes to the Data Security Module.
This subroutine is included because of tne characteristics of the specific hardware device chosen to illustrate the implementation of the S e. c~ '~
~`~ see#~t~/procedure described in this application. It transfers the first 7 of the 8 required bytes to the Data Security Module.
10. MKODD, Make 8 Bytes Odd Parity.
Since the DES requires that each 8 bit-byte that is part of an 8 byte group used as a key, have an odd parity bit as the rightmost bit, and since the security procedure described in this application requires that in some cases, the cipher text output be used as an encipher or decipher key, this routine insures that the proper parity is generated in all those 8 byte groups used as a key.
Since the DES requires that each 8 bit-byte that is part of an 8 byte group used as a key, have an odd parity bit as the rightmost bit, and since the security procedure described in this application requires that in some cases, the cipher text output be used as an encipher or decipher key, this routine insures that the proper parity is generated in all those 8 byte groups used as a key.
11. GNMKV, Routine to Generate Master Key Variants Vl or V2.
This routine modifies the Master Key as required to generate the 2 variants required. As a result, with current devices, the Master Key must be stored within the microprocessor in addition to being stored in the Master Key Register. However, the "chips"
or LSI devices that implement the DES can be redesigned so that in the future, the additional storage is not required and the Variants could be generated within the LSI device.
This routine modifies the Master Key as required to generate the 2 variants required. As a result, with current devices, the Master Key must be stored within the microprocessor in addition to being stored in the Master Key Register. However, the "chips"
or LSI devices that implement the DES can be redesigned so that in the future, the additional storage is not required and the Variants could be generated within the LSI device.
12. WKLOD, Working Key Load Routine.
This routine first deciphers the Working Key using the Master Key and immediately loads the deciphered key into the Active Key Register where it I 15~7~ 1 can be used for enciphering or deciphering data.
Ahtough not used by the testing program, this routine will be required in any operational network and, so, is included.
This routine first deciphers the Working Key using the Master Key and immediately loads the deciphered key into the Active Key Register where it I 15~7~ 1 can be used for enciphering or deciphering data.
Ahtough not used by the testing program, this routine will be required in any operational network and, so, is included.
13. DELAY, Routine for Programmed Delays of more than 255 Instruction Execution Times.
In order to simplify these programs to facilitate testing, the "interrupt" system was not used in the interface between the 8080 microprocessor and the MGD8080DSM Data Security Module. Instead, delays were programmed to accommodate the 320 micro-seconds required for encipherment or decipherment by the Data Security Module. This routine permits variable delays to a maximum of 60,000 Instruction E~ecution Times depending on the parameter supplied.
In order to simplify these programs to facilitate testing, the "interrupt" system was not used in the interface between the 8080 microprocessor and the MGD8080DSM Data Security Module. Instead, delays were programmed to accommodate the 320 micro-seconds required for encipherment or decipherment by the Data Security Module. This routine permits variable delays to a maximum of 60,000 Instruction E~ecution Times depending on the parameter supplied.
14 MOVEN, Move N Bytes.
Because of the limited functionality of current microprocessors, this routine was included to facilitate transfers of fields and thereby reduce the size of the other routines. Depending on the parameter supplied, up to 256 bytes can be moved.
Because of the limited functionality of current microprocessors, this routine was included to facilitate transfers of fields and thereby reduce the size of the other routines. Depending on the parameter supplied, up to 256 bytes can be moved.
15. COMPR, Compare 2 Fields Routine.
This routine is used during the debugging of the remainder of the routines to compare the two versions of SPl, WK, and the two test messages. This routine may be removed after testing is completed.
This routine is used during the debugging of the remainder of the routines to compare the two versions of SPl, WK, and the two test messages. This routine may be removed after testing is completed.
16. START, Routine to Debug, Simulates the Terminal and HPC.
This routine is used only for testing the remainder of the set of programs by simulating calls to the Main Routine as if from a Terminal and a HPC, and comparing the results. It uses a set of constants and parameters which may also be deleted ~1S~61 after testing is complete. Once initiated at START, it runs to completion at FINIS. If there are errors, various error halts are included within each of the routines.
This routine is used only for testing the remainder of the set of programs by simulating calls to the Main Routine as if from a Terminal and a HPC, and comparing the results. It uses a set of constants and parameters which may also be deleted ~1S~61 after testing is complete. Once initiated at START, it runs to completion at FINIS. If there are errors, various error halts are included within each of the routines.
17. Before assembling the program, a starting location must be selected for storage of the program and storage of the working storage, which requires that at least an ORG and a DSEG be added to the beginning of the Main Routine. An additional DSEG
may be required at the beginning of the constants just preceding BPARAM.
may be required at the beginning of the constants just preceding BPARAM.
18. A Master Key, KMO, must be generated or selected and entered into 8 successive locations starting at KMO.
19. A KMT must be selected or generated and entered starting at KMT. Then, KMT must be encrypted by KMO and entered starting at EKMT (E[KMO](KMT) =
EKMT).
EKMT).
20. A TID must be chosen and entered starting at DTID.
21. An SPl must be chosen and entered starting at DSPl.
22. The interface between the 8080 and the DSM
must be set by using the parameter specified in BPARAM to set the I/0 ports on tne 8080 or changing what is in BPARWM to correspond to settings already implemented. In addition, the parameters specified in the list starting at MKEYL and ending at WRTDAT must correspond to the interface settings.
must be set by using the parameter specified in BPARAM to set the I/0 ports on tne 8080 or changing what is in BPARWM to correspond to settings already implemented. In addition, the parameters specified in the list starting at MKEYL and ending at WRTDAT must correspond to the interface settings.
23. The program is initiated at START and runs to FINIS if there are no errors.
11S~761 LIST OF ERROR HALTS
Label Comes at Routine From Halt Name (Label) Reason MHLTl MROUT MERRl Parameter supplied neither 4 or 5 MHLT2 MROUT MERR2 Parameter supplied neither 4 or 5 MHLT3 MROUT MERR3 Parameter supplied neither 4 or 5 MWKHTl MWKLD MWERl DSM Status = Busy MWKHT2 MWKLD MWER2 DSM Parity Error MWKHT3 MWKLD MWER3 DSM Timed Out EDCP4 EDCPR EDERl DSM Status = Busy EDCP5 EDCPR EDER2 DSM Parity Error EDCP6 EDCPR EDER3 DSM Timed Out MVE3 MOVE7 MVERl DSM Parity Error MVE4 MOVE7 MVER2 DSM Timed Out WKL2 WKLOD WKER2 DSM Parity Error WLK3 WKLOD WKER3 DSM Timed Out WKL4 WKLOD WKERl DSM Status = Busy CMPR3 COMPR CMPR2 The 2 fields being compared ` are not equal DBUG4 START DBERl DSM Parity Error DBUG5 START DBER2 DSM timed out or not ready S6~16 1 NAME/LABEL ~ OP CODE OPERAND ~ MMENTS
; MAIN ROUTINE, CAN BE USED AT
; TERMINAL OR AT HOST PRO-; CESSING CENTER (HPC). IF
; USED AT TERMINAL, WK & TK
; ARE GENERATED GIVEN SPl, TID, ; AND KMT. ALL INTERMEDIATE
; VALUES ARE GENERATED. WK
; HAS ODD PARITY AFTER COMPLE-; TION OF THE RQUTINE. AFTER
; COMPLETION, THE OPERATING
; PROGRAM MUST REQUEST ENCI-; PHERMENT OF THE TRANSAC-; TION REQUEST MESSAGE USING
; WK BY MAKING 2 CALLS, ONE
; TO LOAD WK INTO ACTIVE REG.
; & ONE TO ENCIPHER N-8 BYTE
; GROUPS, APPEND TK AND TRANS
; MIT THE TRANSACTION RE-; QUEST MESSAGE (TRM) TO THE
HPC. WK IS SAVED IN ORDER
, TO DECIPHER RESONSE MESSAGE
; RECEIVED FROM THE HPC.
; REQUIRES MVI A, 5H (ENCIPH.) IF USED AT HOST PROCÉSSING
; CENTER (HPC), WK & SPl ARE
; GENERATED GIVEN TK, TID &
; KMT, ALL REQUIRED INTER
; MEDIATE VALUES ARE GENER--; ATED. WK HAS ODD RARITY.
; AFTER COMPLETION OF ROUTINE
; THE OPERATING PROGRAM MUST
; REQUEST DECIPHERMENT OF THE
; TRM USING WK BY MAKING 2 ; CALLS, ONE TO LOAD WK INTO
; ACTIVE REGISTER & ONE TO
_ _ NAME/LABEL OP CODE OPERAND COMMENTS
___ ; DECIPHER N-8 BYTE GROUPS
; VALIDATE THE PIN, ETC. IN
; SPl TO AUTHENTICATE THE
; TRANSACTION, PREPARE A RE-_ _ ; SPONSE, USE CALLS TO ENCI-; PHER RESPONSE USING WK, AND
; TRANSMIT RESPONSE TO THE
; TERMINAL. REQUIRES
_ ; MVI A, 4H (DECIPHER).
; IN ADDITION, IN H & L REG., , MUST BE THE ADDRESS OF THE
; FIRST OF A LIST OF 5 , ADDRESSES AS FOLLOWS-; 1. ADDR. OF SPl LOCATION. IF
; AT TERMINAL OR INTO
; WHICH SPl PLACED IF AT
; HPC
; 2. ADDR. OF TID LOCATION
; 3. ADDR. OF KMT LOCATION
; (KMT ENCIPHERED USING
. , KMO IF AT HPCJ
; 4. ADDR~ OF 8-BYTE AREA
; INTO WHICH WK WILL BE
; PLACED
; 5. ADDR. bF 8-BYTE AREA
; INTO WHICH TK WILL BE
; PLACED IF AT TERMINAL
; OR ADDR. OF TK LOC.
, IF AT HPC.
, MYI A,5H IF TERMINAL OR
; MYI A,4H IF HPC
; LXI H, ADDRESS
; CALL MROUT
;
NAME SENDRO
. _ _ . . . _ .
1 ~6761 _ __ _ NAME/LABEL OP CODE OPERAND COMMENTS
_ __. _ _ MROUT: PUSH PSW
PUSH B
PUSH D
STA MRPAR ; STORE EN/DE PAR
_ _ _ _ _ ___ ; AMETER
LXI B, 2H ; CONSTANT TO B
; FOR ADDR. MODIF-; ICATION
_ SHLD IADSPl ; STORE INDIR. SPl DAD B ; INCR. ADDR.
SHLD IADTID ; STORE INDIR. TID
DAD B ; INCR. ADDR.
SHLD IADKMT , STORE INDIR. KMT
DAD B ; INCR. ADDR.
SHLD IADWK ; STORE INDIR. WK
DAD B ; INCR. ADDR.
SHLD ` IADTK ; STORE INDIR. TK
LDA MRPAR ; LOAD EN/DE PARAM.
CPI 5H ; COMPARE- IF TERM.
JZ MRTl ; IF TERMINAL, SKIP
; DECIPHERING KMT
. . CPI 4H ; COMPARE IF HPC
MERRl: JNZ MHLTl ; JUMP TO ERROR
; HALT-NOT HPC
MVI A, 3H ; PARAMETER TO A
LXI H, KMO ; LOAD MASTER KEY
. ; AS ACTIVE KEY
CALL MWKLD ; CALL ROUTINE
LHLD IADKMT ; INDIR. KMT ADDR
; TO H REG.
SHLD $ ~ 1 ; STORE IN INSTR.
LHLD OOH ; KMT ADDR TO H
MYI A, 4H , PARAM. TO A
LXI D, KMT ; LOCATION INTO
; WHICH KMT WILL
; BE _UT AFTER IT
, . . _ .
llS~i761 ___ . _ _.__ NAME/LABEL OP CODE OPERAND COMMENTS
_ _ _ _ _ _ _ ; ~S DECIPHERED
; USING KMO
~ CALL EDCPR ; DECIPHER KMT
_ LXI H,KMT _ ; KMT (DECIPHERED) ; ADDRESS TO H
CALL MKODD ; MAKE ODD PARITY
MRTl: MVI A,O100000~ ; VARIANT 1 PARAM
; TO A REG.
LXI D, KMTl , KMTl ADDR TO D
LXI H, KMT ; KMT ADDR TO H
CALL GNMKV ; MAKE VARIANT
MVI A, OOOOlOOlB , VARIANT 2 PARAM
_ _ LXI D, KMT2 , KMT2 ADDR TO D
LXI H, KMT ; KMT ADDR TO H
CALL GNMKV ; MAKE VARIANT 2 ` LHLD IADKMT ; I~DIR KMT ADDR
; TO H REG
SHLD $ + 1 ; STORE IN INSTR.
LHLD OOH ; KMT ADDR TO H
MVI A, 3H ; PARAM. TO A
_ CALL MWKLD ; LOAD KMT AS
. ; ACTIVE KEY
LHLD IADTID ; INDIR TID ADDR
TO H REG
SHLD $ + 1 , STORE IN INSTR.
LHLD OOH ; TID ADDR TO H
LXI , D, SK ; ADDR SK TO H
MVI A, 4H ; DECIPHER PARAM
; TO A REG.
CALL EDCPR ; GENERATE SK =
; D/KMT/(TID) LXI H, KMTl KMTl ADDR TO A
MVI A, 3H , PARAM TO H
CALL MWKLD ; LOAD KMTl AS
; ACTIVE KEY
MVI A, 4H ; DECIPH. PAR. A
NAME/LABEL OP CODE OPERAND COMMENTS
_ _ ___~__ LXI H, SK ; SK ADDR TO H
LXI D, DTlSK ; ADDR TO D
CALL EDCPR , GENERATE
_ ,_ D/KMTl/(SK) _ _ _ _ _ LXI - H,DTlSK ; ADDR TO H
CALL MKODD ; MAKE ODD PARITY
MVI A, 3H ; PARAM TO A
LXI _ H, KMT2 _ ; KMT2 ADDR TO H
_ CALL MllKLD ; LOAD KMT2 AS
j ACTIVE KEY
MVI A, 4H ; DECIPHER PARAM
TO A REG
LXI H, SK , ADDR SK TO H
LXI D, DT2SK ; ADDR TO D
- . CALL EDCPR ; GENERATE
; D/KMT2/(SK) LXI H,DT2SK ; ADDR TO H
CALL MKODD ; MAKE ODD PARITY
LDA MRPAR ; LOAD EN/DE PAR.
_ CPI 4H ; COMPARE IF HPC
JZ MRT2 ; IF HPC, JUMP TO
. . ; OTHER ROUTINE
CPI 5H ; COMPARE IF
. ; TERMINAL
MERR2: JNZ MHLT2 - ; JUMP TO ERROR
; HALT-NOT TERM.
MVI ~ B, 8H ; COUNT TO B
LXI D, TEMPl ; TO ADDR TO D
.LXI H, DTlSK ; FROM ADDR TO H
CALL MOVEN - ; MOVE 8 BYTES, . ; DTlSK TO TEMP1 MYI B, 8H ; COUNT TO B
LXI D, TEMP2 ; TO ADDR TO D
LXI H, DT2SK ; FROM ADDR TO H
CALL MOVEN ; DT2SK TO TEMP2 LHLD IADSPl ; INDIR SPl ADDR
1 15~7B 1 _ __ NAME/LABEL OP CODE OPERAND COMMENTS
_~ _ _ _ _ _ _ ; TO H REG
SHLD $ + 1 ; STORE IN INSTR.
LHLD OOH ; SPl ADD TO H
_ MVI B, 8H ___ ; COUNT TO B
_____ LXI D, TEMP3 ; TO ADDR TO D
CALL MOVEN ; SPl TO TEMP3 JMP MRT3 ; JUMP TO CONTINUE
; ROUTINE
__ .
; SUBROUTINE- IF HPC, SIMILAR
; TO PREVIOUS ROUTINE
. _ ; _ MTR2: MVI B, 8H ; COUNT TO B
LXI D, TEMPl ; TO ADDR TO D
LXI H, DT2SK ; FROM ADDR TO H
CALL _ MOVEN ; DT2SK TO TEMPl MVI B, 8H ; COUNT TO B
LXI, D, TEMP2 ; TO ADDR TO D
LXI H, DTlSK ; FROM ADDR TO H
CALL: MOVEN ; DTlSK TO TEMP2 _ LHLD IADTK ; INDIR TK ADDR
; TO H REG.
SHLD $ ~ 1 ; STORE IN INSTR.
LHLD OOH ; TK ADDR TO H
___ _ MVI B, 8H ; COUNT TO B
LXI D, TEMP3 ; TO ADDR TO D
CALL MOVEN ; TK TO TEMP3 ; END OF SUBROUT.
_ ; CONTINUE REST OF PROGAM
MRT3: MVI A, 3H ; SET KMT ACTIVE
; PARAMETER
_ LXI H, KMT ; ADDR TO H
CALL MWKLD ; CALL ROUTINE
MVI A, 4H ; DECIPH. PAR. TO A
LXI H, TEMP3 ; DATA TO BE
j DECIPHERED
--~4--_ _ _ _ _ NAME/LABEL ~ OP CODE OPERAND COMMENT';
____ _ _ __ __ -- LXI t D, TEMP4 , i`~ D. OF RESULT
CALL EDCPR ; G~NERATE
; ~ `lT/(SPl) (E) , ~!R D/KMT/(TK) (D) MVI A, 3H , S.T KEY ACTIVE
; PARAMEIER
LXI H, TEMP 1 ; hDDR TO H REG
; D/KMTl/(SK) (E) _ ; OR D/KMTZ/(SK)-T~T
CALL MWKLD j LOAD INTO ACTIVE
; REGISTER
MVI A, 5H ; ENCIPHER PARAM.
_ ; TO A REG.
LXI H, TEMP4 ; DhTA TO BE ENC-~ ; IPHERED
LXI D, SP2 , SP3 IF HPC
CALL EDCPR ; GENERATE SP2 OR
; SP3 (D) MVI A, 3H SET KEY ACTIVE
. LXI H, KMT ; KMT ADDR TO H
CALL MWKLD ; SET KMT AS
: ; ACTIVE KEY
MVI A, 4H ; DECIPHER PARAM.
; TO A REG.
LXI ` H, SP2 ; hDDR OF SP2 (E) ; OR SP3 (D) TO H
LXI D, TEMP4 ; ADDR. OF RESULT
CALL EDCPR ; GENERATE EITHER
; D/KMT/(SP2) (E) - D/KMT/(SP3) (D) MVI A, 3H , SET KEY ACTiVE
; PARAMETER
LXI H, TEMPl ; SET EITHER
_ ; D/KMTl/(SK) (E) OR
.
1 ~S6761 -~5-NAME/LABEL OP CODE OPERAND COMMENTS
. ,~
_ _ _ _ _ _ _ _ ; D/K MT2/(SK) (D~
; ACTIYE
CALL MWKLD ; SET KEY ACTIVE
MVI A, 5H _ ; ENCIPH. PARAM TD A
LXI H, TEMP4 ; ADDR. OF EITHER
; D/KMT/(SP2) OR
; D/KMT/(SP3) LXI D, TWK _ ; RESULT ADDR TO V
_ _ CALL - EDCPR ; GENERATE WK
LXI H, TWK ; WK ADDR TO H
CALL MKODD ; MAKE WK ODD PARITY
MVI _ A, 3H ; SET KEY ACTIVE
_ _ _ _ _ ; PARAMETER
LXI H, TEMP2 ; SET ACTIVE EITHER
; D/KMT2/(SK) (E) ; D/KMTl/(SK) (D) CALL MWKLD ; SET KEY ACTIVE
MVI A, 4H ; DECIPH PAR. TO A
LXI H, TWK ; WK ADDR TO H
LXI _ D, TEMP4 ; RESULT ADDR TO D _ CALL EDCPR ; GENERATE EITHER
j D/D/KMT2/(SK)/
; (WK) OR
; D/D/KMTl/(SK)/
; (WK) LXI H, KMT ; KMT ADDRESS TO H
MVI . A, 3H ; SET KEY ACTIVE
; PARAMETER
CALL MWKLD ; SET KMT ACTIVE
MVI A, 5H ; ENCIPH PAR. TO A
LXI H, TEMP4 ; ADDR. OF EITHER
_ ; D/D/KMT2/(SK)/
; (WK) OR
; D/D/KMTl/(SK) ; (WK) LXI D, SP3 , RESULT ADDR TO D
i7~1 NAME/LABEL OP CODE OPCRAND COMMENTS
_ CALL EDCPR ; GENERATE SP3 rE-r ; OR SP2 (D) MYI A, 3H ; SET ACTIVE PAR TO A
LXI H, IEMP2 ; ADDR OR EITHER
._ _ _ _ _ _ __ _ ; D/KMT2T~) (E) OR
; D/KMTl/(SK) (D) CALL MWKLD ; SET KEY ACTIVE
MVI _ _ A, 4H ; DECIPH PARAM TO A
LXI H, SP3 ; ADDRESS OF EITHER
. ; SP3 (E) OR SP2 (D) LXI D, TEMP4 ; RESULT ADDR TO D
CALL EDCPR , GENERATE EITHER
; D/D/KMT2/(SK)/~SP3) ; D/D/KMTl/(SK)/(SP2) MVI A, 3H ; SET KEY ACTIVE PAR.
LXI H, KMT ; KMT ADDR TO H
5~1r~ MWKLD ; SET KMT ACTIVE
MVI A, 5H ; ENCIPH PAR TO A
LXl H, TEMP4 ; ADDR OF EITHER
; D/D/KMT2/(SK)/(SP3) ._ _ ; D/D/KMTl/(SK)/(SP2) . LXI D, TTK ; RESULT ADDR TO D
CALL EDCPR ; GENERATE EITHER
_ _ ; TK OR~SPl LHLD IADWK ; INDIR WK ADDR H
SHLD $ t 1 ; STORE IN INSTR.
LHLD OOH ; DIRECT WK ADDR H
XCHG MOVE H TO D
. LXI H, TWK ; WK ADDR TO H
MYI P, 8H ; COUNT TO B
CALL MOVEN ; MOVE WK
LDA MRPAR ; EN/DE PARAM TO A
CPI 4H ; COMPARE IF HPC
JZ MRT4 ; lF HPC, JUMP TO
; OTHER ROUTINE
CPI 5H . ; COMPARE IF TERM
NAME/LABEL --- r ----- COllMENTS
. ~
MERR3: JNZ MHLT3 ; JUMP TO ERROR
; HALT NOT TERM.
LHLD IADTK ; INDIR Tl' ADDR H
SHLD _ _ $ + 1 ; STORE IN INSTR
_ - LHLD OOH ; DIR. TK ADDR H
XCHG ; MOVE H TO D
LXI H, TTK ; ADD OF TK TO H
MVI _ B, 8H COUNT TO B
CALL MOVEN , MOVE TK TO DTK
~MP MRT5 ; JUMP TO CONT.
, IF HPC, TRANS FER SPl MRT4: LHLD IADSPl ; INDIR SPl ADDR
; TO H
- SHLD $ + 1 ; STORE IN INSTR.
LHLD _ OOH ; DIR. SPl ADR. H
XCHG ; MOVE H TO D
LXI H, TTK ; ADDR OF SPl TO
; H REG.
MVI B, 8H ; COUNT TO B
CALL MOVEN - ; MOVE SPl - MRT5: . POP D
POP B
POP PSW
RET ; RETURN
MHLTl: HLT ; FROM MERRl, NOT
; 4 OR 5, NOT
; TERMINAL OR HPC
MHLT2: HLT ~ ;~ FROM MERR2 NOT
j 4 OR 5, NOT HPC
; OR TERMINAL
MHLT3 HLT - FROM MERR3, NOT
, -HPC OR TERM, ; NOT 4 OR 5 .. . .. , _ .
i7~ ~
--48-- .
_ __ __ ~
NAME/LABEL OP CODE OPERAND COMMENTS
__ ~
; MASTER OR WORI :ING KEY LOAD
; ROUTINE NO DECIPHER
; CALLING SEQUENCE
; MVI A, PARAMETER
; LXI H, MASKAD MASTER KEY
; CALL MW~LD ADDRESS OR
; WORKING KEY
; ADDRESS
; PARAM = 2H FOR MASTER KEY
; = 3H FOR WORKING KEY
, TO BE ACTIVE KEY
.
MWKLD: PUSH PSW
PUSH B
- PUSH D
MVI B, OH , CLEAR B REG
MOV C, A ; MOVE PARAM TO C
XCHG ; EXCHANGE D, H
LHLD BPARAM ; LOAD BPARAM IN H
DAD B ; ADD PARAM TO H
SHLD MWK2 + 1 ; STORE RESULT IN
; INSTRUCTION
XCHG , RESTORE H & L
IN BPARAM + REDST ; READ STATUS
ORA A ; SET FLAGS
MWERl: JNZ MWKHTl ; GO TO HALT
MVI B, 8 ; COUNT TO B REG
MWKl: MOV A, M ; LOAD NTH CHAR
MWK2: OUT OH , OUTPUT NTH CHAR
INX H ; INCR. FROM ADDR
DCR B , DECR. COUNT
JNZ MWKl , LOOP
MVI A, SO ; COUNT SO TO A
MWK3: DCR A ; DECR. A REG
JNZ MWK3 , LOOP-PROG DELAY
IN BPARAM + REDST ; CHECK STATUS
.. ... . ..
~g N~ME/LABEL OP CODE ~ OPERAND COMMENTS
ORA A ; SET FLAGS
MWER2: JM M~JKHT2 ; PARITY ERROR HLT
MWER3: JNZ MWKHT3 ; TIME OUT HALT
_ _ POP D ; END ROUTINE
_ POP _ ; HOUSEKEEPING
POP PSW ;
RET ; RETURN
MWKHTl: HLT ; BUSY HALT
MWKHT2: HLT _ ; PARITY ERROR HLT
MWKHT3: HLT ; TIME OUT HALT
; ROUTINE TO EN IPHER OR
; DECIPHER N GROUPS OF 8 ; BYTES, N NO MORE THAN Z54D.
; ANY NUMBER OF BYTES THAT
; ARE AN INTEGRAL MULTIPLE OF
; 8 BYTES MAY BE PROCESSED
; TO A MAXIMUM OF 2032D.
; PARAMETER IN A REG
_ ; = 5H FOR ENCIPHER
. ; = 4H FOR DECIPHER
; B REG = NUMBER OF 8 BYTE GROUPS
; D & E REG. CONTAINS ADDRESS
; OF RESULTS
, H & L REG. CONTAINS ADDRESS
; OF DATA TO BE ENCIPHERED
; OR DECIPHERED
- ; IF ENCIPHER, H = PLAIN TEXT
; IF DECIPHER, H = CIPHER TEXT
; MVI A, PARAMETER
; MVI B, N
; LXI H, FROM
; LXI D, TO
, CALL NGEDR
l 156761 NAME/LABEL OP CODE OPERAND COI~MENTS
__ _ ~ .___ NGEDR: PUSH PSW
STA NGPAR ; STORE PARAM
MOY A, B ; N TRAllsF~ TO A
STA NGRPS ; STORE N
_ _ _ ___ SHLD NFROM ; STORE FROM ADD.
XCHG ;
SHLD NTOAD ; STORE TO ADD.
XCHG ; RESTORE
__ ADI OOH ; SET FLhGS
JZ NGOUT , N = O, COMPLETE
LDA NGPAR ; LOAD PARAM, A
NGDl: CALL EDCPR ; CALL 8 BYTE EN/
; DE/ClPHER ROUT.
LDA NGRPS ; N TO A REG
DCR A ; DECR. N
STA NGRPS ; STORE N - 1 ~Z' NGOUT ; IF ZERO, DONE' LHLD NTOAD ; TO ADR. TO H
LXI ' B, 0008H ; LOAD NO. 8, B & C
DAD B , ADD 8 TO 'TO' ; ADDRESS
SHLD NTOAD ; STORE MODIFIED
; ADDRESS
XCHG ; SWITCH 'TO' , ADDRESS TO D RG
LHLD NFROM ; FROM ADR. TO H
DAD B ; ADD 8 TO 'FROM' SHLD ' NFROM , ADDRESS
LDA NGPAR , PARAM. TO A RG
JMP NGDl ; JUMP TO CALL
NGOUT: POP PSW
RET , RETURN
_ _ NAME/LABEL OP CODE OPERAND COMMENTS
_ _ _ _ ___ ; ROUTINE TO EN( IPHER OR
; DECIPHER 8 BYTES, THE
; WORKING KEY MUST HAVE
; PREVIOUSLY BEEN LOADED INTO
_ _ ; THE ~CTIVE KEY REGISTER.
; ADDRESS OF BYTES TO BE
; EN- OR DECIPHERED IN H&L
; REGISTER, ADDRESS IN WHICH
; TO PLACE RESULT IN D & E REG.
; PARAMETER IN A REG, ; ENCIPHER = 5H
; DECIPHER = 4H
; HAS PRGRAMMED DELAY > 320 - ; MlCROSEC. USES MOVE7 ; MVI A, PARAMETER
; LXI H, ADDR, DATA TO BE EN-; OR DECIPHERED
; LXI D, ADDR, RESULTING 8 BYTE
; CALL EDCPR
EDCPR: PUSH PSW _ . PUSH B
MVI B, OOH ; CLEAR B REG
MOV C, A ; MOVE PARAM TO C
SHLD TEMP2 ; STORE H TEMPO-; RARILY
LHLD` BPARAM ; LOAD BPARAM IN
; H REG.
DAD B ; ADD PARAM = 4H OR
; 5H TO BPARAM
SHLD EDCP1 + 1 ; STORE RESULT IN
; OUT INSTRUCT.
LHLD TEMP2 ; RESTORE H REG.
IN BPARAM ~ REDST ; READ STATUS
ORA A ; SET FLAGS
EDERl: JNZ EDCP4 ; GO TO HALT
.
_ . _ . .
NAME/LABEL OP CODE OPERAND COMMENTS
CALL -- MOVE 7 , FIRST 7 BYTES
; TRANSMITTED OUT
EDCPl: OUT OOH ; 8th BYTE OUT
LXI __ B, 500 ; COUNT TO B REG.
EDCP2: CALL DELAY ; PROGRAMMED DELAY
NOP ; > 320 M]CROSEC
IN BPARM + REDST ; READ STATUS
ORA A _ __ ; SET FLAGS
EDER2: JM EDCP5 ; GO TO PARITY HLT
EDER3: JNZ EDCP6 ; GO TO TIME OUT
MVI B, 8H ; COUNTER TO B
EDCP3: IN BPARAM + RDDAT ; READ NTH BYTE
STAX ; STORE NTH BYTE
INX D ; INCR. ADDR
DCR B ; DECR. COUNT
JNZ EDCP3 ; LOOP
POP B
POP, PSW
RET ; RETURN
EDCP4 HLT ; BUSY HALT
EDCP5: HLT ; PARITY HALT
EDCP6: HLT ; TIME OUT HALT
_ _ ; MOVE7 SUBROUT NE TO MOVE
; FIRST 7 BYTES, USED BY LOAD
; WORKING KEY ROUTINE AND OTHER
; REQUIRES LEFT MOST ADDRESS
; IN H&L REGISTER, LXI H, ADR
- j CALL MOVE 7 MOVE7: PUSH PSW -PUSH B
MVI B, 7 ; COUNT TO B REG - - -MVEl- MOV A, M ; NTH BYTE TO A - --., .
~ r-NAl-lE/LABEL OP CODE .OPERAND ¦ COMMENTS
__ _ _ _ OUT BPARAM + ~JRlDATJ, ~'P~ITE NTH BYTE
INX H ¦, lNCR FROM ADDR
DCR B ¦; DECP~. COUNT
JNZ MVE1 1, LOOP
_ __ ___ MVI A, 50 1 , PROGRAMMED
MVE2: DCR A ;
JNZ MVE2 ; DELAY
_ oNRA BPARAM + REDST , CHECK STATUS
MVER1: JM MVE3 ; PARITY ERROR HL
MVER2: JNZ MVE4 ; TIME OUT HALT
MOV A, M ; MOVE 8TH CHAR TO
_ ; A REG FOR FINAL
. ; WRITE
POP B
_ RET PWS ; RETURN
MVE3: HLT - ; PARITY HALT
MYE4: HLT ; TIME OUT HALT
. ;
. ; MAKE ODD PARITY, 8 BYTES, , . ; ADDRESS IN H & L
; LXI H, ADDR
; CALL MKODD
MKODD: PUSH PSW
PUSH B
MVI B, 8H ; COUNT B
MKD2: - ADVI AOOHM ; LOAD NTH BYTE
JPO MKDl ; IF PARITY IS
; ODD, SKIP 2 INST-; RUCTIONS
, .
~ 1567Sl -54- .
NAME/LABEL OP CODEOPERAND ¦ COMMENTS
_ _ _ ARICiOOOOOO~B ; MAKE RITE MOST
; BIT ODD PARITY
MOV M, A ; STORE NTH BYTE
MKD1: INX ___ _ H ; INCR ADDRESS
_ _ __ DCR -B -- ------ , DECR. COUNT
JNZ MKD2 ; IOOP
` POP B
_ POP _ PSW
_ _ RET . _ ; RETURN
; RQUTINE -iO GE1 IERATE MASTER
; KEY VARIANTS V1 OR V2 FROM
; MASTER l'EY
; A REG CONTAINS PARAMETER TO
; SPECIFY l~HICH VARIANT
; V1 = 01000001B
; V2 = 00001001B
; D&E CONTAINS ADDR OF VARIANT
; H&L ADDRESS OF MASTER KEY
` ; MVI A, PARAMETER
; LXI D, VARIANT (LOCATION) ; LXI H, MASTER KEY (LOCATION~
_ ; CALL GNM~V
. ' .
GNMKV: PUSH PSW
. PUSH . B
STA GKV2 + 1 ; STORE PARAMETER
; IN INSTRUCTION
MVI B, 8H ; COUNT TO B REG
GKV1: MOV A, M , LOAD NTH BYTE
GKV2: XRI OOH ; MAKE VARIANT X, ; X = 1 OR 2 .___ NAME/LABEL OP CODE OPERAND ` COMMENTS
___ STAX --D - - -- , STORE NTH ~`I'TE
INX H ; INCR. FROIM ADR.
INX D ; INCR. TO ,iLi~R.
DCR B , _ECR. COUN !
_ _ _ _ _ _J__ _ _ _ GKVl , LOOP
POP B ;
POP PSW ;
RET ; RETURN
_ _ ; WORKING KEY L( )AD ROUTINE
; KEY DECIPHERED USING MASTER
; KEY WHICH MUST BE PREVIOUSLY
, LOADED IN MASTER KEY REG.
; WORKING KEY LOADED INTO ACT.
; REGISTER AFTER DECIPHERING
; USES MOVE7 ; LXI H, ADDR ADDRESS OF KEY
; CALL WKLOD
WKLOD: PUSH PSW
. IN BPARAM + REDST ; CHECK STATUS
ORA A ; SET FLAGS
WKERl-- JNZ WKL4 ; GO TO HALT`
CALL - MOVE7 ; MOVE FIRST 7 BTE
OUT BPARAM + DECWK ; 8TH BYTE OUT
LXI B, 500 ; PROGRAMMED
WKLl: CALL DELAY ; DELAY
NOP ; > 320 MlCROSEC.
IN BPARAM + REDST ; CHECK STATUS
ORA A ; SET FLAGS
WKER2: JM WKL2 , PARITY ERR. HALT
WKER3: JNZ WKL3 ; TIME OUT HALT
POP PSW ;
RET ` ; RETURN
WKL2: ` HLT ; PARITY ERR. HLT` ~ i .
~ 1S6761 __ _ _ __ _ NAME/LABEL OP CODE OPERAND COMMENTS "
WKL3: HLT _ _ _ , Tl~fF OUT HALT
WKL4: HLT ; BUSY HALT
__ __ _ _ _ , ROUTlNE FOR FjF 'OGRAMMED
; DELAYS OF MORE THAN 255D
; INSTRUCTlON EXECUTION
; TIMES SlNCE_A REG IS
; ONLY 8 B1TS
; LXI B, COUNT > 255D
; CALL DELAY
DELAY: PUSH PSW
MOV A, C ; TRANSFER THE
ADI OOH ; PART OF COUNT
JZ DLY2 ; LESS THAN
_ ; 255D TO A RG
DLYl: DCR A ; DECR. A REG
JNZ DLYl ; < 255D LOOP
DLY2: MVI A, 254D ; SET UP 255 LOOP
DLY3: DCR A : DECR. A
. JNZ DLY3 ; 255D LOOP
DCR B ; DECR. 255 LOOP
; COUNT
JNZ DLY2 ; LOOP ANOTHER
; 255 TIMES
POP ' PSW
RET ; RETURN
, ROUTINE TO MO~ 'E N BYTES
, B REG = NO. OF BYTES
; D&E = TO ADDRESS
; H&L = FROM ADDRESS _ ; MAXIMUM 256 BYrES
; MVI B, NO.
; LXI D, TO
; LXI H, FROM
1 1~6761 . .
NAME/LABEL OP CODE OPERAND COMMENTS
, CALL MO~iEN _ _ _ _ ______ MOVEN: PUSH p-sw -- _ _ _ _ _ _ ____ MVNl: MOV A, M ; LOAD NTH BYTE
STAX D ; STORE NTH BYTE
INX D ; INCR. TO ADDR.
INX ____ _ _ _ _ , INCR. FROM ADDR.
DCR B ; DECR. COUNT
JNZ MVNl ; LOOP
POP PSW ;
RET ; RETURN
- - .
'. .
; COMPARE 2 FIEI DS SUBROUTINE
; USED ONLY FOR DEBUGGING
; NO. OF BYTES IN B REG., ; ADDRESS OF ONE FIELD IN H, , OTHER ADDRESS IN D
. ; MVI B, N
; LXI H, ADDRl ; LXI D, ADDR2 ; CALL COMPR
; IF FIELDS ARE NOT EQUAL, , ; ERROR HALT
COMPR: PUSH PSW
CMPRl: LDAX D ; ONE BYTE TO A
CMP M ; COMPARE ONE BYTE
CMPR2: JNZ CMPR3 ; IF NOT ZERO, HLT
INX ; INCR. D REG.
INX H ;- INCR. H REG.
DCR ;B ; DECR. COUNT ~-JNZ CMPRl ; LOOP ' _ _ . _ . _ .. . .
: ` 1 156~1 _ ~ r -~
NAME/LABEL OP CODE OPERAND COMMENTS
_ POP ---PSW ~ __ _ _ RET ; RETURN
CMPR3: HLT ; FROM CMPR2, HALT, . _ _ i~ E D5 NOT __ ~ _ _ ; ROUTINE TO DE UG ALL OF
; OTHER ROUTINES, SIMULATES
; TERMINAL AND HPC. SENDS
_ ; AND RECEIVES ONE MESSAGE.
; AFTER GENERATING WK AND
. ; EITHER TK OR SP1. FINAL
; HALT AFTER TEST IS AT FINIS
. ; ERROR HALTS OTHERWISE.
; ROUTINE IS INITIATED AT
. ; 'START' AND RUNS TO END.
; USES SUBROUTINE COMPR TO
. ; COMPARE RESULTS. ON NOT
_ _ _ ; COMPARE, ERROR HALT AT CMPR30 - START: STKLN 200D ; SET STACK = 200 LXI SP, STACK ; INITIALIZE STACK
NOP
.NOP
NOP
NOP -. OUT BPARAM + RESET ; INITIALIZE DSM
MVI A, 50 ; COUNT TO A REG
DBUGl:~ DCR ; DECR. A
JNZ DBUG1 ; LOOP - PROGRAMMED
. ; DELAY
IN BPARAM + REDST ; READ STATUS.
~", _ .. . . .
1 ~5B761 .
NAME/IABE ~ OP CODE OPERAND COMMEN~5 _ _ ____ _ __ __ . _ __ __ _ _ _ _ _ _~
ORA A ; SET FLhGS
DBERl: JM DBUG4 ; PARITY ERR(j,R
DBER2: JNZ DBUG5 ; TIME OUT OR NOT
_ ~____ ; READY ERRGR
_ _ MVI A, 5H - ; PARAM -- TEP~INAL
LXI H, ADRSPl ; ADDR. OF F~RST OF
; 5 ADDRESS LIST
; TO H
_ CALL MROUT , DEBUG MAIN ROUT
; GENERATE W~ &
; TK USING SPl ; KMT, & TID
MVI A, 3H , PARAM = I~OR,i~ KEY
; ACTIVE
LXI H, DWK , ADDR GENERATED
CALL M~KLD ; SET WK ACTIVE
MVI A, 5H ; PARAM = ENCIPH.
MVI B, 4H ; ENCIPH. 4 EIGHT
; BYTE GROUPS
______ LXI H, TMMSG ; ADDR. PLAII-~ TEXT
; TRANS. REQ. MSG.
. LXI D, TMEMSG ; SPACE FOR ENCIPH
~ , TRANS. REQ. MSG.
CALL NGEDR ~ ; ENCIPH TRM
; USING WK
. ; FIRST PART OF ROUTINE AS IF
; FROM TERMINAL COMPLETE, ; CONTINUE TO HPC ROUTINE
_ JMP DEBUG2 ; CONTINUE
DBUG2-~ MVI A, 4H ; PARAM = HPC
LXI - H, HADSPl ; ADDR. OF FIRST
; OF 5 ADDRESS
; LIST TO H
, ._ .~ _ _ _ NAME/LABEL OP CODE OPERAND COMMENTS
CALL MROUT , D~P,UG REST OF
; i`'~lN ROUTINE
; GF,iER. WK & SP1 i,~NG TK, KMT, TID
MVI B, 8H "`J'~RAM = LENGTH OF
LXI H, HPCWK ; hDDR FIELD1 LXI D, DWK !`DDR FIELD2 CALL COMPR , COI'PARE BOTH
; W~'S. HALT IF
; lJNEQUAL.
MVI B, 8H ; LENGTH OF SP1 LXI H, DSPl ; ADDR FIELD 1 LXI D, HPSPl ; ADDR FIELD 2 CALL COMPR ; COMPARE BOTH
; SP1'S.
MVI A, 3H ; PARAM = ~ORK-KEY
; ACTIVE
LXI H, HPCWK ; ADDR WK TO H
CALL MWKLD ; SET WK ACTIVE
MVI A, 4H - ; PAP~AM = DECIPH.
MVI B, 4H ; DECIPH. 4 EIGHT
; BYTE GROUPS
LXI H, TMEMSG ; CIPHER TRANS.
; REQ. MSG.
LXI D, HPTRM ; SPACE FOR -PLAIN
; TEXT TRANS. REQ
; I`lSG.
CALL NGEDR ; DECIPHER TRM
MVI B, 32 ; COUNT
LXI H, HPTRM ; ADDR. FIELD 1 LXI _ D, TMMSG ; hDDR FIELD 2 CALL COMPR ; CO,`lPARE TRM
; FROM TERMINAL
_ ¦; AND FROM HPC.
¦; HALT ON ERROR -. . .
_ ____ _ NAME/LABEL OP CODE OPERAND ~ C()MMENTS
_ ___ _ MVI A, 5H 3; PARAM - E3`3CIPH.
MVI B, 3H ; ENCIPH. 3 EIGHT
; BYTE GROUPS
LXI H, HRESP ; ADDR PLAIN TEXT
_ _ _ _ _ _ , RESPONSE MSG.
LXI D, HENCR ; ADDR. LOCATION
; OF CIPHER
; RESPONSE MSG.
CALL - NGEDR ; ENCIPH. RESPONSE
; MSG.
, END OF HPC DFBUG, CONTINUE
TO FINAL TERMINAL DEBUG.
JMP DBUG3 ; CONTINUE
DBUG3: MVI ` A, 3H ; PARAM = WORK KEY
_ 1, ACTIVE
LXI H, DWK l; ADDR WK
CALL MWKLD ; SET WK ACTIVE
MVI A, 4H ; PARAM = DECIPH
MVI B, 3H ; DECIPH. 3 EIGHT
. ; BYTE GROUPS
LXI H, HENCR ; CIPHER RESPONSE
LXI D, DTMMS ; SPACE FOR PLAIN
; TEXT RESPONSE
CALL NGEDR ; DECIPHER RESP.
MVI B, 24 ; PARAM = RESPONSE
; MSG. LENGTH
LXI - H, DTMMS ; ADDR. FIELD~l LXI D, HRESP ; ADDR. FIELD 2 CALL COMPR ; COMPARE 2 RES-; PONSE MSGS.
FINIS: HLT ; END OF ROUTINE
; DEBUG COMPLETE
DBUG4: ~ HLT ; PARITY ERROR ~:3:
; HALT, FROM DBERl -~1567~1 NAME/LABEL OP CODE 1 OPERANC r COMMENTS
DBUGS: HLT r--~ ; TlME OUT OR NOT
; READY HALT
; FROM DBER2.
END SThRT _ ; END TO START.
__ _ , 5ARAME iERS L STS CONSTANTS
BPARAM EQU i DOH I; DSM BEGIN PARAM.
MKEYL EQU 2H ; MASTER KEY LOAD
WKEYL I EQU 3H ; WORKING KEY LOAD
DECDT EQU 4! __ _ CIPHER DATA
ENCDT EQU 5H ; ENCIPHER DATA
DECWK EQU 6H ; DECIPHER WORK. KEY
ENCWK EQU 7H ; ENCIPHER WORK. KEY
RESET EQU lH l; RESET DSM
REDST EQU 2H l; READ STATUS
TRMAK EQU lH ; TRANSFER MAJOR KEY
RDDAT EQU 4H ; READ DATA
I~RTDAT EQU OH . ; WRITE DATA
WSl: DS lO ; WORK STORE ADDR. LIST
I~ADSP~ EQU IISl ; INDIR. ADDR. SPl IADTID EQU WSl + 2 ; INDIR. ADDR TID
IADKMT EQU WSl + 4 ; INDIR ADDR KMT
IADWK EQU hlSl + 6 ; INDIR ADDR WK
IADTK EQU ISl + 8 ; INDIR ADDR TK
WS2: DS 120 ; WORK STORE
SPARE EQU WS2 _; SPARE LOCATION
KMTl EQU WS2 + 8 KMTl LOCATION
KMT2 EQU WS2 + 16 1; KMT2 LOCATION
TWK EQU WS2 + 24 ; TEMP WK
TTK EQU WS2 + 32 ; TEMP TK
SK EQU IS2 + 40 ; SK LOCATION
DTlSK EQU WS2 + 48 l; D/KMTl/(SK) DT25K EQU WS2 + 56 ¦; D/KMT2/(SK) SP2 EQU WS2 + 64 1; SP2 LOCATION
NAME/LABEL OP CODE ¦ OPERAND COMMENTS
_5p3 _EQU WS2 + 72 , SP3 LOCATION
TEMPl EQU WS2 + 80 ; rEMP LOCATION
TEMP2 EQU WS2 + 8B ; TEMP LOCATION
TEMP3 -__ EQU _ WS2 + 96 _ ; TEMP LOC.
TEMP4 EQU WS2 + 1b9 , TEMP LOC.
MRPAR EQU WS2 + 112 ; TEMP EN/DE PAR
KMT: DB 1301H ; DUMMY KMT, BEFORE
DB 1301H ; DEBUGGING, MUST
_DB --- lr301H ; BE MADE EQUAL TO
DB 1301H ; D/KMO/(EKMT) ; THIS YALUE IS
; USED FOR DEBUG.
___ . _ _ _ . _ _ .
; AS 1F FROM TERM.
WS3 DS ; WORK STORE
NGPAR EQU WS3 ; STORE EN/DE/
; CIPHER PARAMET.
NGRPS_ EQU WS3 + 1 , STORE N GROUPS
NFROM EQU WS3 + 2 ; STORE FROM ADR.
NTOAD. EQU WS3 + 4 ; STORE TO ADDR.
_ ;,FOR DEBUGGING ONLY
;
.
_ KMO: DB EFEFH ; DUMMY
DB EFEFH ; MASTER
DB EFEFH ; KEY
DB EFEFH .
EKMF: DB EOEOH , DUMMY
DB EOEOH ; ENCRYPTED
DB EOEOH ; TERMINAL
DB EOEOH _ ; KEY
11~6~61 NAME/LABEL OP CODE ¦ OPERAND COMMENTS
DTID- DB ---~- Oli _ , DUMMY
DB OlOlli DB O~OlL, ; TID
_ DB __ ___ O1O1H ;
DWS: DS _ __ __ ~ _ , DEBUG LOCATIONS
DWK I EQU Dl!S ; DUMMY W:K LOC
DTK EQU DIIS + 8 ; DUMMY TK EOC
DSPl: DB lOlOH _ ; DUMMY
DB -- lOlOH ; SPl DB lOlOH , PARAMETER
DB lOlOH ;
ADRSPl: DW _ DSPl _ _ ; ADDR OF SPl ADRTID: DW - DTID ; ADDR OF TID
ADRKMT: DW KMT ; ADDR OF KMT
ADRWK: DW DWK ; ADDR OF WK
ADRTK: DW _ DTK ; ADDR OF TK
; THE ABOVE LIST IS
; USED FOR TERMIN.
; DEBUGGING
TMMSG: - DB 'IMPORTAN' ; TRANSACTION REQ.
DB 'T MESSAG' - ; MSG. USED AT
. DB 'E TO FOL' ; TERM., WILL BE
DB 'LOW SOON' ; ENCIPH. BY WK
DTMMS: DB 24 ; AREA FOR ENCIPH.
_ _ ; TRANS. REQ. MSG.
; RESPONSE FROM
; HPC AFTER DECIPH.
HPCWK: DS _ 8 ; AREA IN WHICH TO
; STORE WK GENERATED
; AT DUMMY HPC, ; CHECK AGAINST DWK
HPSPl: DS 8 ; AREA FOR SPl __ _ _ _ ; FROM DUMMY HPC
l ; CHECK AGAINST DSPl HPTRM: I DS 32 ; AREA FOR DECIPH
I _ __ ;,TRANS. REQ. MSG.
.
~ _ __ _ _ .
_ _ -,-Fi~M HPC, CHECK
; AGAINST TMMSG
HRESP: DB 'DlSREGAR' , RESPONSE MSG., DB 'D FIRST ' _ _ ; WILL BE ENCIPH.
_ _ _ DB IMLSSAGEX' , BY HPC USING WK
HENCR: DS 24 ; AREA FOR ENCIPH
; RESPONSE MSG., ___ ; USED AT HPC
HADSPl: DW --- HPSPl i SPl LOCATION
HADTID: DW DTID ; TID LOC.
HADKMT: DW EKMT ; ENCIPH. KMT LOC.
HADWK: DW HPCllK ; HPC-WK LOC.
HADTK: DW DTK ; TK LOC.
TMEMSG: DS 32 ; AREA FOR ENCRYP-; TED TRANS. REQ.
__ ; MSG. FROM TERM.
__._ ___ . _ _ _ 3. Summary In the preferred example, an authorized holder of a si~e "A"
magnetic-striped plastic card, which may be a Debit, Credit or Identification Card, would enter the card in a cash dispensing machine or automatic teller machine, enter his secret Personal Identification Number on a keyboard, and indicate the type and amount of transaction by pushing appropriate buttons provided for that purpose. The device would read the data on the magnetic stripe, such as account number and other data, and would also have available internally by electronic means a suitable Terminal Identification Code, a time clock and a secret Terminal Master Key. The device would generate, by appropriate means, a Transaction Request Message whose content would be determined by the type of transaction, amount requested and other data.
In addition, the device would use part of the secret Personal Identification Number, part of the account number, part of the "Time" field, and part of a card anti-counterfeiting field if there is one, to generate a parameter that would be one input into a suitable encryption means. Additional inputs in a specified order or sequence would be the Terminal Master Key and the Terminal Identification. Mult ple encryptions in a predetermined way would result in the generation of a Working Key, which would temporarily replace the Terminal Master Key within the encryption means and be used to encipher the Transaction Request Message and other data that may be required. The Working Key is then multiply-enciphered in a predetermined way using the Terminal.Master Key and Terminal Identification to generate the Transmitted Key which is appended to the enciphered Transaction Request Message together with any additional data required to process the transaction such as routing, transit and other control ,~
csm~,~
information, and/or an Initiali~ation Vector that may be required to initialize or synchronize the deciphering means. A link encryption key may then be used to encipher all of the data to be transmitted to protect the network against "traffic analysis"
intrusion by wire tap. The Transaction Request Message and header and control data are transmitted to the centralized computer, which may require intermediate receivers and transmitters (nodes) in a large network. At some nodes, decipherment using the link encryption key may be required, with subsequent encipherment using a different link encryption key appropriate for the next segment of the transmission. At the centralized computer, the message is first deciphered using the last-used link encryption key. Then the other data in the header or control part of the message and data available in the centralized data base, some of which may be enciphered, are used to multiply-decipher the Transmitted Key, preferably in a physically and electronically separate and secure device sometimes called a Network Security Controller (NSC) or a Security Module (SM), which process of decipherment results in generation of the Working Key that was used to encipher the Transaction Request Message at the terminal. The Working Key is used to decipher the Transaction Request Message and is then additionally multiply-decrypted to obtain the parameter that was used at the terminal to initiate the process.
Since that parameter contains part of the secret Personal Identification Number, part of the account number and part of the card anti-counterfeiting features, if there is one, the validity of the transaction can be determined by comparison of the l 156761 fields in the message with the corresponding fields of data obtained from the centralized data base, for which comparison additional encipherments and/or decipherJrlents may be required. Specifically, the account n~mber in the message may be used to obtain the corresponding secret Personal Identification Number and the card anti-counterfeiting number if there is one from the centralized data base which are compared with the corresponding partial fields that were, by implication, included in the message at the terminal. In the preferred embodiment, the secret Personal Identification Number is not otherwise directly included in the Transaction Request Message, it is independently generated at the centralized computer by decipherments in a predetermined way, so that a penetrator somehow obtaining a deciphered ~- message still does not have access to any data that will permit compromise of that account or any other account or aspect of system operation. The card anti-counterfeiting number, if there is one, also need not be included in the Transaction Request Message provided it is used at the terminal to generate the parameter that enters into thé first encipherment. Since the multiple encipherments at the terminal also include the Terminal Identification and the secret Terminal Master Key, it is not possible for a penetrator to substitute a spurious terminal in the network for the purpose of initiating fraudulent transactions to transfer funds. In the preferred embodiment, part of the "Time" field is included in the parameter that is enciphered at the terminal, to insure that each Transaction Réquest Message is enciphered using a different Working Key.
At the centralized computer, after the Transaction Request Message is validated, as described, additional processing may be required to determine if the transaction should be approved by determining the account balance is adequate, if the transaction lequested is valid for the specific account, if the plastic card used to initiate the transaction is not out-of-date, lost or stolen and by other processing that may be required~ In the present example, the transaction is approved, the centralized computer generates an appropriate response which is enciphered within the NSC or SM using the same Working Key and transmitted to the terminal that initiated the transaction, from node to node, as may be required, and with link encryption as may be required. The terminal deciphers the response and provides the requested service by dispensing the amount of cash requested. The terminal generates an acknowledgement that may include the type of service provided and amount, encrypts it using the same Working Key that was used for the Transaction Request Message, and transmits it to the centralized computer. After the centralized computer receives the acknowledgement, it changes the accounting data base to reflect the results of the transaction, then the terminal and the central-ized computer destroy the Working Key securely by resetting the register or location in which the Working Key was stored, and the transaction is complete. The transaction need not be to dispense cash, it may be to transfer funds, accept a deposit, make an advance to a valid credit card or against a reserve account or may be other types of transactions that may be provided by the Financial Institution for its depositors.
A secret Terminal Master Key is required to be securely stored at each terminal, computer or other .
I i56~61 device that may initiate a message. In the preferred embodiment, the Terminal Master Key is never trans-mitted in any form but distributed by armed guard and entered under dual control into the encipherment means at each terminal, computer or other device, or other simi]ar means are used that provides a similar level of security. Other systems that use encipher-ment also require manual entry of at least one secret key for proper operation. However, all other systems require more than 1 additional key be also entered or received at each terminal, some of which may be transmitted enciphered and are then deciphered in the terminal before use. In at least one system, the enciphering key that was used at the centralized computer to encipher all the secret Personal Identifi-cation Numbers, Key A, must be entered into each terminal in the network, which may number hundreds br more, thereby increasing the possibility of compromise.
The Key A is distributed as Key Al and manipulated internally in the terminal to form Key A, to reduce the possibility of compromise; nonetheless, such wide distribution still represents an exposure. In addition, a communications key is required at each terminal. In my invention, only one encryption key is required at each terminal,the Terminal Master Key or equivalent, thereby eliminating the exposure of the enciphering key that was used to encipher all the secret Personal Identification Numbers in the account data base. Furthermore, instead of only one key, Key A, being used to encipher all the secret Personal Identification Numbers in an account data base, multiple keys may be so used, reducing the intrinsic value of each such key considering bribery, coercion or blackmail, and facilitating plastic card reissue 1 1S~;761 due to a change of equipment, change of technology, compromise of one or more enciphering keys, due to elapsed time, or for other reasons. In addition, using one key, Key A, may be adequate in a proprietary network, but does not facilitate sharing, or inter-change of transactions between Financial Institutions.
My invention provides for sharing and interchange.
In some networks, computer-to-computer messages are required for administrative purposes. My invention provides for such messages provided there is an analogue for the secret Personal Identification Number, such as a "Password," and analogues for the Terminal Master Key and for the Terminal Identification, as al~eady described.
Yet other systems require that a terminal that is to communicate with a centralized computer must first send a message to a Network Security Controller (NSC) validating itself an~d requesting a Working Key or Communications Key. The NSC generates 2 copies of one key and transmits one enciphered copy to the terminal and one enciphered copy to the centralized computer.
The terminal deciphers the Working Key, uses it to encipher the message and transmits it to the central-ized computer, where it may be deciphered. Multiple transmissions are required for each transaction in that system, decreasing effective utilization of costly data communications lines. My invention does not require the additional transmissions since authentica-tion of the terminal and generation of the Working Key are integral to the operation of the system.
Because the method of using the Terminal Master Key in my invention protects it from exposure or compromise by cryptanalysis, it may be used for an extended period if not otherwise compromised. As a I lS6'?61 result, it is possible to use this invention in networks in which it would be difficult or impossible to permit changing a set of Master Keys on a frequent basis due to inaccessibility. One such network is one in which a communications satellite is used as a switching center. For example, a small number of transmitters may each have a need to transmit data to a large number of receivers in a way that does not permit other transmitters or some of the receivers to obtain access to the data transmitted. It would be an inefficient use of communications to require each trans-mitter or the satellite to maintain a separate encipher-ing key for each receiver and to separately encipher and process multiple copies of the same message, each originally enciphered using a different key. It is more efficient to permit the transmitter to encipher only one copy of a message and supply a list of recipients to the satellite, thereby permitting the satellite to decipher the message, and then to separately generate a Working Key to encipher one copy for each receiver using a different Master Key or set of Master Keys for each Working Key. The Master Keys could be combined 2, 3, 4 ... (n-l) at a time by "exclusive or" to minimize the storage requirements, especially if there are a large number of receivers. The same methods as already described can be used provided each transmitter and receiver has a secret password, an Identification and a secret Master Key, and a means for encryption and decryption.
In the preferred embodiment described, the National Bureau of Standards Data Encryption Standard was used to clarify the description and explanation of the invention, which standard may be used in Electronic Code Book Mode, Cipher Feed Back Mode or Block ~73~
Chaining Mode. Those skilled in the art will recognize that other cryptographic means or systems which require or permit a secret encryption key are as suitable, and that the use of 56 binary digit or 64 binary digit enciphering keys, and 64 binary digit blocks of plain text and cipher text are for illustrative purposes only and do not limit the scope of the invention. The method described can as well be implemented in software using a large scale computer, a minicomputer or a microcomputer, or in hardware using a large scale integrated çircuit device designed and manufactured for the purpose or by other electronic devices. Instead of a "Time"
field indicated previously, a currcn~ c~ounter, a transaction serial number or any other parameter that changes with each transaction can be used without changing or limiting the scope of the invention.
Although not a preferred embodiment, another variation in operation is feasible in some networks.
In some networks it may be possible to include the PAN and TID as a header in the link encrypted part of the message. The PAN can be used at the centralized computer to retrieve the encrypted PIN from the data base after the Security Module decrypts the header using the last-used link encryption key. The Security Module decrypts the PIN and uses the PAN and the PIN
to form SPl and, by the method already described, generates the WK using the TID, KMT and its variants.
The Security Module then decrypts the Transaction Request Message and may verify the PIN if it was encrypted with the Transaction Request Message.
Alternatively, if the message decrypts properly using the WK, the correct PIN was used to initiate the transaction at the terminal by implication. If all this is done, it is not necessary to generate or transmit TK.
1 1S6'~6 1 Although a particular embodiment of a system for authenticating users and devices in on-line trans-action networks in accordance with the invention has been described for the purpose of illustrating the manner in which the invention may be used to advantage, it will be appreciated that the invention is not limited thereto. Accordingly, any modification, variation or equivalent arrangement within the scope of the accompanying claims should be considered to be within the scope of the invention.
11S~761 LIST OF ERROR HALTS
Label Comes at Routine From Halt Name (Label) Reason MHLTl MROUT MERRl Parameter supplied neither 4 or 5 MHLT2 MROUT MERR2 Parameter supplied neither 4 or 5 MHLT3 MROUT MERR3 Parameter supplied neither 4 or 5 MWKHTl MWKLD MWERl DSM Status = Busy MWKHT2 MWKLD MWER2 DSM Parity Error MWKHT3 MWKLD MWER3 DSM Timed Out EDCP4 EDCPR EDERl DSM Status = Busy EDCP5 EDCPR EDER2 DSM Parity Error EDCP6 EDCPR EDER3 DSM Timed Out MVE3 MOVE7 MVERl DSM Parity Error MVE4 MOVE7 MVER2 DSM Timed Out WKL2 WKLOD WKER2 DSM Parity Error WLK3 WKLOD WKER3 DSM Timed Out WKL4 WKLOD WKERl DSM Status = Busy CMPR3 COMPR CMPR2 The 2 fields being compared ` are not equal DBUG4 START DBERl DSM Parity Error DBUG5 START DBER2 DSM timed out or not ready S6~16 1 NAME/LABEL ~ OP CODE OPERAND ~ MMENTS
; MAIN ROUTINE, CAN BE USED AT
; TERMINAL OR AT HOST PRO-; CESSING CENTER (HPC). IF
; USED AT TERMINAL, WK & TK
; ARE GENERATED GIVEN SPl, TID, ; AND KMT. ALL INTERMEDIATE
; VALUES ARE GENERATED. WK
; HAS ODD PARITY AFTER COMPLE-; TION OF THE RQUTINE. AFTER
; COMPLETION, THE OPERATING
; PROGRAM MUST REQUEST ENCI-; PHERMENT OF THE TRANSAC-; TION REQUEST MESSAGE USING
; WK BY MAKING 2 CALLS, ONE
; TO LOAD WK INTO ACTIVE REG.
; & ONE TO ENCIPHER N-8 BYTE
; GROUPS, APPEND TK AND TRANS
; MIT THE TRANSACTION RE-; QUEST MESSAGE (TRM) TO THE
HPC. WK IS SAVED IN ORDER
, TO DECIPHER RESONSE MESSAGE
; RECEIVED FROM THE HPC.
; REQUIRES MVI A, 5H (ENCIPH.) IF USED AT HOST PROCÉSSING
; CENTER (HPC), WK & SPl ARE
; GENERATED GIVEN TK, TID &
; KMT, ALL REQUIRED INTER
; MEDIATE VALUES ARE GENER--; ATED. WK HAS ODD RARITY.
; AFTER COMPLETION OF ROUTINE
; THE OPERATING PROGRAM MUST
; REQUEST DECIPHERMENT OF THE
; TRM USING WK BY MAKING 2 ; CALLS, ONE TO LOAD WK INTO
; ACTIVE REGISTER & ONE TO
_ _ NAME/LABEL OP CODE OPERAND COMMENTS
___ ; DECIPHER N-8 BYTE GROUPS
; VALIDATE THE PIN, ETC. IN
; SPl TO AUTHENTICATE THE
; TRANSACTION, PREPARE A RE-_ _ ; SPONSE, USE CALLS TO ENCI-; PHER RESPONSE USING WK, AND
; TRANSMIT RESPONSE TO THE
; TERMINAL. REQUIRES
_ ; MVI A, 4H (DECIPHER).
; IN ADDITION, IN H & L REG., , MUST BE THE ADDRESS OF THE
; FIRST OF A LIST OF 5 , ADDRESSES AS FOLLOWS-; 1. ADDR. OF SPl LOCATION. IF
; AT TERMINAL OR INTO
; WHICH SPl PLACED IF AT
; HPC
; 2. ADDR. OF TID LOCATION
; 3. ADDR. OF KMT LOCATION
; (KMT ENCIPHERED USING
. , KMO IF AT HPCJ
; 4. ADDR~ OF 8-BYTE AREA
; INTO WHICH WK WILL BE
; PLACED
; 5. ADDR. bF 8-BYTE AREA
; INTO WHICH TK WILL BE
; PLACED IF AT TERMINAL
; OR ADDR. OF TK LOC.
, IF AT HPC.
, MYI A,5H IF TERMINAL OR
; MYI A,4H IF HPC
; LXI H, ADDRESS
; CALL MROUT
;
NAME SENDRO
. _ _ . . . _ .
1 ~6761 _ __ _ NAME/LABEL OP CODE OPERAND COMMENTS
_ __. _ _ MROUT: PUSH PSW
PUSH B
PUSH D
STA MRPAR ; STORE EN/DE PAR
_ _ _ _ _ ___ ; AMETER
LXI B, 2H ; CONSTANT TO B
; FOR ADDR. MODIF-; ICATION
_ SHLD IADSPl ; STORE INDIR. SPl DAD B ; INCR. ADDR.
SHLD IADTID ; STORE INDIR. TID
DAD B ; INCR. ADDR.
SHLD IADKMT , STORE INDIR. KMT
DAD B ; INCR. ADDR.
SHLD IADWK ; STORE INDIR. WK
DAD B ; INCR. ADDR.
SHLD ` IADTK ; STORE INDIR. TK
LDA MRPAR ; LOAD EN/DE PARAM.
CPI 5H ; COMPARE- IF TERM.
JZ MRTl ; IF TERMINAL, SKIP
; DECIPHERING KMT
. . CPI 4H ; COMPARE IF HPC
MERRl: JNZ MHLTl ; JUMP TO ERROR
; HALT-NOT HPC
MVI A, 3H ; PARAMETER TO A
LXI H, KMO ; LOAD MASTER KEY
. ; AS ACTIVE KEY
CALL MWKLD ; CALL ROUTINE
LHLD IADKMT ; INDIR. KMT ADDR
; TO H REG.
SHLD $ ~ 1 ; STORE IN INSTR.
LHLD OOH ; KMT ADDR TO H
MYI A, 4H , PARAM. TO A
LXI D, KMT ; LOCATION INTO
; WHICH KMT WILL
; BE _UT AFTER IT
, . . _ .
llS~i761 ___ . _ _.__ NAME/LABEL OP CODE OPERAND COMMENTS
_ _ _ _ _ _ _ ; ~S DECIPHERED
; USING KMO
~ CALL EDCPR ; DECIPHER KMT
_ LXI H,KMT _ ; KMT (DECIPHERED) ; ADDRESS TO H
CALL MKODD ; MAKE ODD PARITY
MRTl: MVI A,O100000~ ; VARIANT 1 PARAM
; TO A REG.
LXI D, KMTl , KMTl ADDR TO D
LXI H, KMT ; KMT ADDR TO H
CALL GNMKV ; MAKE VARIANT
MVI A, OOOOlOOlB , VARIANT 2 PARAM
_ _ LXI D, KMT2 , KMT2 ADDR TO D
LXI H, KMT ; KMT ADDR TO H
CALL GNMKV ; MAKE VARIANT 2 ` LHLD IADKMT ; I~DIR KMT ADDR
; TO H REG
SHLD $ + 1 ; STORE IN INSTR.
LHLD OOH ; KMT ADDR TO H
MVI A, 3H ; PARAM. TO A
_ CALL MWKLD ; LOAD KMT AS
. ; ACTIVE KEY
LHLD IADTID ; INDIR TID ADDR
TO H REG
SHLD $ + 1 , STORE IN INSTR.
LHLD OOH ; TID ADDR TO H
LXI , D, SK ; ADDR SK TO H
MVI A, 4H ; DECIPHER PARAM
; TO A REG.
CALL EDCPR ; GENERATE SK =
; D/KMT/(TID) LXI H, KMTl KMTl ADDR TO A
MVI A, 3H , PARAM TO H
CALL MWKLD ; LOAD KMTl AS
; ACTIVE KEY
MVI A, 4H ; DECIPH. PAR. A
NAME/LABEL OP CODE OPERAND COMMENTS
_ _ ___~__ LXI H, SK ; SK ADDR TO H
LXI D, DTlSK ; ADDR TO D
CALL EDCPR , GENERATE
_ ,_ D/KMTl/(SK) _ _ _ _ _ LXI - H,DTlSK ; ADDR TO H
CALL MKODD ; MAKE ODD PARITY
MVI A, 3H ; PARAM TO A
LXI _ H, KMT2 _ ; KMT2 ADDR TO H
_ CALL MllKLD ; LOAD KMT2 AS
j ACTIVE KEY
MVI A, 4H ; DECIPHER PARAM
TO A REG
LXI H, SK , ADDR SK TO H
LXI D, DT2SK ; ADDR TO D
- . CALL EDCPR ; GENERATE
; D/KMT2/(SK) LXI H,DT2SK ; ADDR TO H
CALL MKODD ; MAKE ODD PARITY
LDA MRPAR ; LOAD EN/DE PAR.
_ CPI 4H ; COMPARE IF HPC
JZ MRT2 ; IF HPC, JUMP TO
. . ; OTHER ROUTINE
CPI 5H ; COMPARE IF
. ; TERMINAL
MERR2: JNZ MHLT2 - ; JUMP TO ERROR
; HALT-NOT TERM.
MVI ~ B, 8H ; COUNT TO B
LXI D, TEMPl ; TO ADDR TO D
.LXI H, DTlSK ; FROM ADDR TO H
CALL MOVEN - ; MOVE 8 BYTES, . ; DTlSK TO TEMP1 MYI B, 8H ; COUNT TO B
LXI D, TEMP2 ; TO ADDR TO D
LXI H, DT2SK ; FROM ADDR TO H
CALL MOVEN ; DT2SK TO TEMP2 LHLD IADSPl ; INDIR SPl ADDR
1 15~7B 1 _ __ NAME/LABEL OP CODE OPERAND COMMENTS
_~ _ _ _ _ _ _ ; TO H REG
SHLD $ + 1 ; STORE IN INSTR.
LHLD OOH ; SPl ADD TO H
_ MVI B, 8H ___ ; COUNT TO B
_____ LXI D, TEMP3 ; TO ADDR TO D
CALL MOVEN ; SPl TO TEMP3 JMP MRT3 ; JUMP TO CONTINUE
; ROUTINE
__ .
; SUBROUTINE- IF HPC, SIMILAR
; TO PREVIOUS ROUTINE
. _ ; _ MTR2: MVI B, 8H ; COUNT TO B
LXI D, TEMPl ; TO ADDR TO D
LXI H, DT2SK ; FROM ADDR TO H
CALL _ MOVEN ; DT2SK TO TEMPl MVI B, 8H ; COUNT TO B
LXI, D, TEMP2 ; TO ADDR TO D
LXI H, DTlSK ; FROM ADDR TO H
CALL: MOVEN ; DTlSK TO TEMP2 _ LHLD IADTK ; INDIR TK ADDR
; TO H REG.
SHLD $ ~ 1 ; STORE IN INSTR.
LHLD OOH ; TK ADDR TO H
___ _ MVI B, 8H ; COUNT TO B
LXI D, TEMP3 ; TO ADDR TO D
CALL MOVEN ; TK TO TEMP3 ; END OF SUBROUT.
_ ; CONTINUE REST OF PROGAM
MRT3: MVI A, 3H ; SET KMT ACTIVE
; PARAMETER
_ LXI H, KMT ; ADDR TO H
CALL MWKLD ; CALL ROUTINE
MVI A, 4H ; DECIPH. PAR. TO A
LXI H, TEMP3 ; DATA TO BE
j DECIPHERED
--~4--_ _ _ _ _ NAME/LABEL ~ OP CODE OPERAND COMMENT';
____ _ _ __ __ -- LXI t D, TEMP4 , i`~ D. OF RESULT
CALL EDCPR ; G~NERATE
; ~ `lT/(SPl) (E) , ~!R D/KMT/(TK) (D) MVI A, 3H , S.T KEY ACTIVE
; PARAMEIER
LXI H, TEMP 1 ; hDDR TO H REG
; D/KMTl/(SK) (E) _ ; OR D/KMTZ/(SK)-T~T
CALL MWKLD j LOAD INTO ACTIVE
; REGISTER
MVI A, 5H ; ENCIPHER PARAM.
_ ; TO A REG.
LXI H, TEMP4 ; DhTA TO BE ENC-~ ; IPHERED
LXI D, SP2 , SP3 IF HPC
CALL EDCPR ; GENERATE SP2 OR
; SP3 (D) MVI A, 3H SET KEY ACTIVE
. LXI H, KMT ; KMT ADDR TO H
CALL MWKLD ; SET KMT AS
: ; ACTIVE KEY
MVI A, 4H ; DECIPHER PARAM.
; TO A REG.
LXI ` H, SP2 ; hDDR OF SP2 (E) ; OR SP3 (D) TO H
LXI D, TEMP4 ; ADDR. OF RESULT
CALL EDCPR ; GENERATE EITHER
; D/KMT/(SP2) (E) - D/KMT/(SP3) (D) MVI A, 3H , SET KEY ACTiVE
; PARAMETER
LXI H, TEMPl ; SET EITHER
_ ; D/KMTl/(SK) (E) OR
.
1 ~S6761 -~5-NAME/LABEL OP CODE OPERAND COMMENTS
. ,~
_ _ _ _ _ _ _ _ ; D/K MT2/(SK) (D~
; ACTIYE
CALL MWKLD ; SET KEY ACTIVE
MVI A, 5H _ ; ENCIPH. PARAM TD A
LXI H, TEMP4 ; ADDR. OF EITHER
; D/KMT/(SP2) OR
; D/KMT/(SP3) LXI D, TWK _ ; RESULT ADDR TO V
_ _ CALL - EDCPR ; GENERATE WK
LXI H, TWK ; WK ADDR TO H
CALL MKODD ; MAKE WK ODD PARITY
MVI _ A, 3H ; SET KEY ACTIVE
_ _ _ _ _ ; PARAMETER
LXI H, TEMP2 ; SET ACTIVE EITHER
; D/KMT2/(SK) (E) ; D/KMTl/(SK) (D) CALL MWKLD ; SET KEY ACTIVE
MVI A, 4H ; DECIPH PAR. TO A
LXI H, TWK ; WK ADDR TO H
LXI _ D, TEMP4 ; RESULT ADDR TO D _ CALL EDCPR ; GENERATE EITHER
j D/D/KMT2/(SK)/
; (WK) OR
; D/D/KMTl/(SK)/
; (WK) LXI H, KMT ; KMT ADDRESS TO H
MVI . A, 3H ; SET KEY ACTIVE
; PARAMETER
CALL MWKLD ; SET KMT ACTIVE
MVI A, 5H ; ENCIPH PAR. TO A
LXI H, TEMP4 ; ADDR. OF EITHER
_ ; D/D/KMT2/(SK)/
; (WK) OR
; D/D/KMTl/(SK) ; (WK) LXI D, SP3 , RESULT ADDR TO D
i7~1 NAME/LABEL OP CODE OPCRAND COMMENTS
_ CALL EDCPR ; GENERATE SP3 rE-r ; OR SP2 (D) MYI A, 3H ; SET ACTIVE PAR TO A
LXI H, IEMP2 ; ADDR OR EITHER
._ _ _ _ _ _ __ _ ; D/KMT2T~) (E) OR
; D/KMTl/(SK) (D) CALL MWKLD ; SET KEY ACTIVE
MVI _ _ A, 4H ; DECIPH PARAM TO A
LXI H, SP3 ; ADDRESS OF EITHER
. ; SP3 (E) OR SP2 (D) LXI D, TEMP4 ; RESULT ADDR TO D
CALL EDCPR , GENERATE EITHER
; D/D/KMT2/(SK)/~SP3) ; D/D/KMTl/(SK)/(SP2) MVI A, 3H ; SET KEY ACTIVE PAR.
LXI H, KMT ; KMT ADDR TO H
5~1r~ MWKLD ; SET KMT ACTIVE
MVI A, 5H ; ENCIPH PAR TO A
LXl H, TEMP4 ; ADDR OF EITHER
; D/D/KMT2/(SK)/(SP3) ._ _ ; D/D/KMTl/(SK)/(SP2) . LXI D, TTK ; RESULT ADDR TO D
CALL EDCPR ; GENERATE EITHER
_ _ ; TK OR~SPl LHLD IADWK ; INDIR WK ADDR H
SHLD $ t 1 ; STORE IN INSTR.
LHLD OOH ; DIRECT WK ADDR H
XCHG MOVE H TO D
. LXI H, TWK ; WK ADDR TO H
MYI P, 8H ; COUNT TO B
CALL MOVEN ; MOVE WK
LDA MRPAR ; EN/DE PARAM TO A
CPI 4H ; COMPARE IF HPC
JZ MRT4 ; lF HPC, JUMP TO
; OTHER ROUTINE
CPI 5H . ; COMPARE IF TERM
NAME/LABEL --- r ----- COllMENTS
. ~
MERR3: JNZ MHLT3 ; JUMP TO ERROR
; HALT NOT TERM.
LHLD IADTK ; INDIR Tl' ADDR H
SHLD _ _ $ + 1 ; STORE IN INSTR
_ - LHLD OOH ; DIR. TK ADDR H
XCHG ; MOVE H TO D
LXI H, TTK ; ADD OF TK TO H
MVI _ B, 8H COUNT TO B
CALL MOVEN , MOVE TK TO DTK
~MP MRT5 ; JUMP TO CONT.
, IF HPC, TRANS FER SPl MRT4: LHLD IADSPl ; INDIR SPl ADDR
; TO H
- SHLD $ + 1 ; STORE IN INSTR.
LHLD _ OOH ; DIR. SPl ADR. H
XCHG ; MOVE H TO D
LXI H, TTK ; ADDR OF SPl TO
; H REG.
MVI B, 8H ; COUNT TO B
CALL MOVEN - ; MOVE SPl - MRT5: . POP D
POP B
POP PSW
RET ; RETURN
MHLTl: HLT ; FROM MERRl, NOT
; 4 OR 5, NOT
; TERMINAL OR HPC
MHLT2: HLT ~ ;~ FROM MERR2 NOT
j 4 OR 5, NOT HPC
; OR TERMINAL
MHLT3 HLT - FROM MERR3, NOT
, -HPC OR TERM, ; NOT 4 OR 5 .. . .. , _ .
i7~ ~
--48-- .
_ __ __ ~
NAME/LABEL OP CODE OPERAND COMMENTS
__ ~
; MASTER OR WORI :ING KEY LOAD
; ROUTINE NO DECIPHER
; CALLING SEQUENCE
; MVI A, PARAMETER
; LXI H, MASKAD MASTER KEY
; CALL MW~LD ADDRESS OR
; WORKING KEY
; ADDRESS
; PARAM = 2H FOR MASTER KEY
; = 3H FOR WORKING KEY
, TO BE ACTIVE KEY
.
MWKLD: PUSH PSW
PUSH B
- PUSH D
MVI B, OH , CLEAR B REG
MOV C, A ; MOVE PARAM TO C
XCHG ; EXCHANGE D, H
LHLD BPARAM ; LOAD BPARAM IN H
DAD B ; ADD PARAM TO H
SHLD MWK2 + 1 ; STORE RESULT IN
; INSTRUCTION
XCHG , RESTORE H & L
IN BPARAM + REDST ; READ STATUS
ORA A ; SET FLAGS
MWERl: JNZ MWKHTl ; GO TO HALT
MVI B, 8 ; COUNT TO B REG
MWKl: MOV A, M ; LOAD NTH CHAR
MWK2: OUT OH , OUTPUT NTH CHAR
INX H ; INCR. FROM ADDR
DCR B , DECR. COUNT
JNZ MWKl , LOOP
MVI A, SO ; COUNT SO TO A
MWK3: DCR A ; DECR. A REG
JNZ MWK3 , LOOP-PROG DELAY
IN BPARAM + REDST ; CHECK STATUS
.. ... . ..
~g N~ME/LABEL OP CODE ~ OPERAND COMMENTS
ORA A ; SET FLAGS
MWER2: JM M~JKHT2 ; PARITY ERROR HLT
MWER3: JNZ MWKHT3 ; TIME OUT HALT
_ _ POP D ; END ROUTINE
_ POP _ ; HOUSEKEEPING
POP PSW ;
RET ; RETURN
MWKHTl: HLT ; BUSY HALT
MWKHT2: HLT _ ; PARITY ERROR HLT
MWKHT3: HLT ; TIME OUT HALT
; ROUTINE TO EN IPHER OR
; DECIPHER N GROUPS OF 8 ; BYTES, N NO MORE THAN Z54D.
; ANY NUMBER OF BYTES THAT
; ARE AN INTEGRAL MULTIPLE OF
; 8 BYTES MAY BE PROCESSED
; TO A MAXIMUM OF 2032D.
; PARAMETER IN A REG
_ ; = 5H FOR ENCIPHER
. ; = 4H FOR DECIPHER
; B REG = NUMBER OF 8 BYTE GROUPS
; D & E REG. CONTAINS ADDRESS
; OF RESULTS
, H & L REG. CONTAINS ADDRESS
; OF DATA TO BE ENCIPHERED
; OR DECIPHERED
- ; IF ENCIPHER, H = PLAIN TEXT
; IF DECIPHER, H = CIPHER TEXT
; MVI A, PARAMETER
; MVI B, N
; LXI H, FROM
; LXI D, TO
, CALL NGEDR
l 156761 NAME/LABEL OP CODE OPERAND COI~MENTS
__ _ ~ .___ NGEDR: PUSH PSW
STA NGPAR ; STORE PARAM
MOY A, B ; N TRAllsF~ TO A
STA NGRPS ; STORE N
_ _ _ ___ SHLD NFROM ; STORE FROM ADD.
XCHG ;
SHLD NTOAD ; STORE TO ADD.
XCHG ; RESTORE
__ ADI OOH ; SET FLhGS
JZ NGOUT , N = O, COMPLETE
LDA NGPAR ; LOAD PARAM, A
NGDl: CALL EDCPR ; CALL 8 BYTE EN/
; DE/ClPHER ROUT.
LDA NGRPS ; N TO A REG
DCR A ; DECR. N
STA NGRPS ; STORE N - 1 ~Z' NGOUT ; IF ZERO, DONE' LHLD NTOAD ; TO ADR. TO H
LXI ' B, 0008H ; LOAD NO. 8, B & C
DAD B , ADD 8 TO 'TO' ; ADDRESS
SHLD NTOAD ; STORE MODIFIED
; ADDRESS
XCHG ; SWITCH 'TO' , ADDRESS TO D RG
LHLD NFROM ; FROM ADR. TO H
DAD B ; ADD 8 TO 'FROM' SHLD ' NFROM , ADDRESS
LDA NGPAR , PARAM. TO A RG
JMP NGDl ; JUMP TO CALL
NGOUT: POP PSW
RET , RETURN
_ _ NAME/LABEL OP CODE OPERAND COMMENTS
_ _ _ _ ___ ; ROUTINE TO EN( IPHER OR
; DECIPHER 8 BYTES, THE
; WORKING KEY MUST HAVE
; PREVIOUSLY BEEN LOADED INTO
_ _ ; THE ~CTIVE KEY REGISTER.
; ADDRESS OF BYTES TO BE
; EN- OR DECIPHERED IN H&L
; REGISTER, ADDRESS IN WHICH
; TO PLACE RESULT IN D & E REG.
; PARAMETER IN A REG, ; ENCIPHER = 5H
; DECIPHER = 4H
; HAS PRGRAMMED DELAY > 320 - ; MlCROSEC. USES MOVE7 ; MVI A, PARAMETER
; LXI H, ADDR, DATA TO BE EN-; OR DECIPHERED
; LXI D, ADDR, RESULTING 8 BYTE
; CALL EDCPR
EDCPR: PUSH PSW _ . PUSH B
MVI B, OOH ; CLEAR B REG
MOV C, A ; MOVE PARAM TO C
SHLD TEMP2 ; STORE H TEMPO-; RARILY
LHLD` BPARAM ; LOAD BPARAM IN
; H REG.
DAD B ; ADD PARAM = 4H OR
; 5H TO BPARAM
SHLD EDCP1 + 1 ; STORE RESULT IN
; OUT INSTRUCT.
LHLD TEMP2 ; RESTORE H REG.
IN BPARAM ~ REDST ; READ STATUS
ORA A ; SET FLAGS
EDERl: JNZ EDCP4 ; GO TO HALT
.
_ . _ . .
NAME/LABEL OP CODE OPERAND COMMENTS
CALL -- MOVE 7 , FIRST 7 BYTES
; TRANSMITTED OUT
EDCPl: OUT OOH ; 8th BYTE OUT
LXI __ B, 500 ; COUNT TO B REG.
EDCP2: CALL DELAY ; PROGRAMMED DELAY
NOP ; > 320 M]CROSEC
IN BPARM + REDST ; READ STATUS
ORA A _ __ ; SET FLAGS
EDER2: JM EDCP5 ; GO TO PARITY HLT
EDER3: JNZ EDCP6 ; GO TO TIME OUT
MVI B, 8H ; COUNTER TO B
EDCP3: IN BPARAM + RDDAT ; READ NTH BYTE
STAX ; STORE NTH BYTE
INX D ; INCR. ADDR
DCR B ; DECR. COUNT
JNZ EDCP3 ; LOOP
POP B
POP, PSW
RET ; RETURN
EDCP4 HLT ; BUSY HALT
EDCP5: HLT ; PARITY HALT
EDCP6: HLT ; TIME OUT HALT
_ _ ; MOVE7 SUBROUT NE TO MOVE
; FIRST 7 BYTES, USED BY LOAD
; WORKING KEY ROUTINE AND OTHER
; REQUIRES LEFT MOST ADDRESS
; IN H&L REGISTER, LXI H, ADR
- j CALL MOVE 7 MOVE7: PUSH PSW -PUSH B
MVI B, 7 ; COUNT TO B REG - - -MVEl- MOV A, M ; NTH BYTE TO A - --., .
~ r-NAl-lE/LABEL OP CODE .OPERAND ¦ COMMENTS
__ _ _ _ OUT BPARAM + ~JRlDATJ, ~'P~ITE NTH BYTE
INX H ¦, lNCR FROM ADDR
DCR B ¦; DECP~. COUNT
JNZ MVE1 1, LOOP
_ __ ___ MVI A, 50 1 , PROGRAMMED
MVE2: DCR A ;
JNZ MVE2 ; DELAY
_ oNRA BPARAM + REDST , CHECK STATUS
MVER1: JM MVE3 ; PARITY ERROR HL
MVER2: JNZ MVE4 ; TIME OUT HALT
MOV A, M ; MOVE 8TH CHAR TO
_ ; A REG FOR FINAL
. ; WRITE
POP B
_ RET PWS ; RETURN
MVE3: HLT - ; PARITY HALT
MYE4: HLT ; TIME OUT HALT
. ;
. ; MAKE ODD PARITY, 8 BYTES, , . ; ADDRESS IN H & L
; LXI H, ADDR
; CALL MKODD
MKODD: PUSH PSW
PUSH B
MVI B, 8H ; COUNT B
MKD2: - ADVI AOOHM ; LOAD NTH BYTE
JPO MKDl ; IF PARITY IS
; ODD, SKIP 2 INST-; RUCTIONS
, .
~ 1567Sl -54- .
NAME/LABEL OP CODEOPERAND ¦ COMMENTS
_ _ _ ARICiOOOOOO~B ; MAKE RITE MOST
; BIT ODD PARITY
MOV M, A ; STORE NTH BYTE
MKD1: INX ___ _ H ; INCR ADDRESS
_ _ __ DCR -B -- ------ , DECR. COUNT
JNZ MKD2 ; IOOP
` POP B
_ POP _ PSW
_ _ RET . _ ; RETURN
; RQUTINE -iO GE1 IERATE MASTER
; KEY VARIANTS V1 OR V2 FROM
; MASTER l'EY
; A REG CONTAINS PARAMETER TO
; SPECIFY l~HICH VARIANT
; V1 = 01000001B
; V2 = 00001001B
; D&E CONTAINS ADDR OF VARIANT
; H&L ADDRESS OF MASTER KEY
` ; MVI A, PARAMETER
; LXI D, VARIANT (LOCATION) ; LXI H, MASTER KEY (LOCATION~
_ ; CALL GNM~V
. ' .
GNMKV: PUSH PSW
. PUSH . B
STA GKV2 + 1 ; STORE PARAMETER
; IN INSTRUCTION
MVI B, 8H ; COUNT TO B REG
GKV1: MOV A, M , LOAD NTH BYTE
GKV2: XRI OOH ; MAKE VARIANT X, ; X = 1 OR 2 .___ NAME/LABEL OP CODE OPERAND ` COMMENTS
___ STAX --D - - -- , STORE NTH ~`I'TE
INX H ; INCR. FROIM ADR.
INX D ; INCR. TO ,iLi~R.
DCR B , _ECR. COUN !
_ _ _ _ _ _J__ _ _ _ GKVl , LOOP
POP B ;
POP PSW ;
RET ; RETURN
_ _ ; WORKING KEY L( )AD ROUTINE
; KEY DECIPHERED USING MASTER
; KEY WHICH MUST BE PREVIOUSLY
, LOADED IN MASTER KEY REG.
; WORKING KEY LOADED INTO ACT.
; REGISTER AFTER DECIPHERING
; USES MOVE7 ; LXI H, ADDR ADDRESS OF KEY
; CALL WKLOD
WKLOD: PUSH PSW
. IN BPARAM + REDST ; CHECK STATUS
ORA A ; SET FLAGS
WKERl-- JNZ WKL4 ; GO TO HALT`
CALL - MOVE7 ; MOVE FIRST 7 BTE
OUT BPARAM + DECWK ; 8TH BYTE OUT
LXI B, 500 ; PROGRAMMED
WKLl: CALL DELAY ; DELAY
NOP ; > 320 MlCROSEC.
IN BPARAM + REDST ; CHECK STATUS
ORA A ; SET FLAGS
WKER2: JM WKL2 , PARITY ERR. HALT
WKER3: JNZ WKL3 ; TIME OUT HALT
POP PSW ;
RET ` ; RETURN
WKL2: ` HLT ; PARITY ERR. HLT` ~ i .
~ 1S6761 __ _ _ __ _ NAME/LABEL OP CODE OPERAND COMMENTS "
WKL3: HLT _ _ _ , Tl~fF OUT HALT
WKL4: HLT ; BUSY HALT
__ __ _ _ _ , ROUTlNE FOR FjF 'OGRAMMED
; DELAYS OF MORE THAN 255D
; INSTRUCTlON EXECUTION
; TIMES SlNCE_A REG IS
; ONLY 8 B1TS
; LXI B, COUNT > 255D
; CALL DELAY
DELAY: PUSH PSW
MOV A, C ; TRANSFER THE
ADI OOH ; PART OF COUNT
JZ DLY2 ; LESS THAN
_ ; 255D TO A RG
DLYl: DCR A ; DECR. A REG
JNZ DLYl ; < 255D LOOP
DLY2: MVI A, 254D ; SET UP 255 LOOP
DLY3: DCR A : DECR. A
. JNZ DLY3 ; 255D LOOP
DCR B ; DECR. 255 LOOP
; COUNT
JNZ DLY2 ; LOOP ANOTHER
; 255 TIMES
POP ' PSW
RET ; RETURN
, ROUTINE TO MO~ 'E N BYTES
, B REG = NO. OF BYTES
; D&E = TO ADDRESS
; H&L = FROM ADDRESS _ ; MAXIMUM 256 BYrES
; MVI B, NO.
; LXI D, TO
; LXI H, FROM
1 1~6761 . .
NAME/LABEL OP CODE OPERAND COMMENTS
, CALL MO~iEN _ _ _ _ ______ MOVEN: PUSH p-sw -- _ _ _ _ _ _ ____ MVNl: MOV A, M ; LOAD NTH BYTE
STAX D ; STORE NTH BYTE
INX D ; INCR. TO ADDR.
INX ____ _ _ _ _ , INCR. FROM ADDR.
DCR B ; DECR. COUNT
JNZ MVNl ; LOOP
POP PSW ;
RET ; RETURN
- - .
'. .
; COMPARE 2 FIEI DS SUBROUTINE
; USED ONLY FOR DEBUGGING
; NO. OF BYTES IN B REG., ; ADDRESS OF ONE FIELD IN H, , OTHER ADDRESS IN D
. ; MVI B, N
; LXI H, ADDRl ; LXI D, ADDR2 ; CALL COMPR
; IF FIELDS ARE NOT EQUAL, , ; ERROR HALT
COMPR: PUSH PSW
CMPRl: LDAX D ; ONE BYTE TO A
CMP M ; COMPARE ONE BYTE
CMPR2: JNZ CMPR3 ; IF NOT ZERO, HLT
INX ; INCR. D REG.
INX H ;- INCR. H REG.
DCR ;B ; DECR. COUNT ~-JNZ CMPRl ; LOOP ' _ _ . _ . _ .. . .
: ` 1 156~1 _ ~ r -~
NAME/LABEL OP CODE OPERAND COMMENTS
_ POP ---PSW ~ __ _ _ RET ; RETURN
CMPR3: HLT ; FROM CMPR2, HALT, . _ _ i~ E D5 NOT __ ~ _ _ ; ROUTINE TO DE UG ALL OF
; OTHER ROUTINES, SIMULATES
; TERMINAL AND HPC. SENDS
_ ; AND RECEIVES ONE MESSAGE.
; AFTER GENERATING WK AND
. ; EITHER TK OR SP1. FINAL
; HALT AFTER TEST IS AT FINIS
. ; ERROR HALTS OTHERWISE.
; ROUTINE IS INITIATED AT
. ; 'START' AND RUNS TO END.
; USES SUBROUTINE COMPR TO
. ; COMPARE RESULTS. ON NOT
_ _ _ ; COMPARE, ERROR HALT AT CMPR30 - START: STKLN 200D ; SET STACK = 200 LXI SP, STACK ; INITIALIZE STACK
NOP
.NOP
NOP
NOP -. OUT BPARAM + RESET ; INITIALIZE DSM
MVI A, 50 ; COUNT TO A REG
DBUGl:~ DCR ; DECR. A
JNZ DBUG1 ; LOOP - PROGRAMMED
. ; DELAY
IN BPARAM + REDST ; READ STATUS.
~", _ .. . . .
1 ~5B761 .
NAME/IABE ~ OP CODE OPERAND COMMEN~5 _ _ ____ _ __ __ . _ __ __ _ _ _ _ _ _~
ORA A ; SET FLhGS
DBERl: JM DBUG4 ; PARITY ERR(j,R
DBER2: JNZ DBUG5 ; TIME OUT OR NOT
_ ~____ ; READY ERRGR
_ _ MVI A, 5H - ; PARAM -- TEP~INAL
LXI H, ADRSPl ; ADDR. OF F~RST OF
; 5 ADDRESS LIST
; TO H
_ CALL MROUT , DEBUG MAIN ROUT
; GENERATE W~ &
; TK USING SPl ; KMT, & TID
MVI A, 3H , PARAM = I~OR,i~ KEY
; ACTIVE
LXI H, DWK , ADDR GENERATED
CALL M~KLD ; SET WK ACTIVE
MVI A, 5H ; PARAM = ENCIPH.
MVI B, 4H ; ENCIPH. 4 EIGHT
; BYTE GROUPS
______ LXI H, TMMSG ; ADDR. PLAII-~ TEXT
; TRANS. REQ. MSG.
. LXI D, TMEMSG ; SPACE FOR ENCIPH
~ , TRANS. REQ. MSG.
CALL NGEDR ~ ; ENCIPH TRM
; USING WK
. ; FIRST PART OF ROUTINE AS IF
; FROM TERMINAL COMPLETE, ; CONTINUE TO HPC ROUTINE
_ JMP DEBUG2 ; CONTINUE
DBUG2-~ MVI A, 4H ; PARAM = HPC
LXI - H, HADSPl ; ADDR. OF FIRST
; OF 5 ADDRESS
; LIST TO H
, ._ .~ _ _ _ NAME/LABEL OP CODE OPERAND COMMENTS
CALL MROUT , D~P,UG REST OF
; i`'~lN ROUTINE
; GF,iER. WK & SP1 i,~NG TK, KMT, TID
MVI B, 8H "`J'~RAM = LENGTH OF
LXI H, HPCWK ; hDDR FIELD1 LXI D, DWK !`DDR FIELD2 CALL COMPR , COI'PARE BOTH
; W~'S. HALT IF
; lJNEQUAL.
MVI B, 8H ; LENGTH OF SP1 LXI H, DSPl ; ADDR FIELD 1 LXI D, HPSPl ; ADDR FIELD 2 CALL COMPR ; COMPARE BOTH
; SP1'S.
MVI A, 3H ; PARAM = ~ORK-KEY
; ACTIVE
LXI H, HPCWK ; ADDR WK TO H
CALL MWKLD ; SET WK ACTIVE
MVI A, 4H - ; PAP~AM = DECIPH.
MVI B, 4H ; DECIPH. 4 EIGHT
; BYTE GROUPS
LXI H, TMEMSG ; CIPHER TRANS.
; REQ. MSG.
LXI D, HPTRM ; SPACE FOR -PLAIN
; TEXT TRANS. REQ
; I`lSG.
CALL NGEDR ; DECIPHER TRM
MVI B, 32 ; COUNT
LXI H, HPTRM ; ADDR. FIELD 1 LXI _ D, TMMSG ; hDDR FIELD 2 CALL COMPR ; CO,`lPARE TRM
; FROM TERMINAL
_ ¦; AND FROM HPC.
¦; HALT ON ERROR -. . .
_ ____ _ NAME/LABEL OP CODE OPERAND ~ C()MMENTS
_ ___ _ MVI A, 5H 3; PARAM - E3`3CIPH.
MVI B, 3H ; ENCIPH. 3 EIGHT
; BYTE GROUPS
LXI H, HRESP ; ADDR PLAIN TEXT
_ _ _ _ _ _ , RESPONSE MSG.
LXI D, HENCR ; ADDR. LOCATION
; OF CIPHER
; RESPONSE MSG.
CALL - NGEDR ; ENCIPH. RESPONSE
; MSG.
, END OF HPC DFBUG, CONTINUE
TO FINAL TERMINAL DEBUG.
JMP DBUG3 ; CONTINUE
DBUG3: MVI ` A, 3H ; PARAM = WORK KEY
_ 1, ACTIVE
LXI H, DWK l; ADDR WK
CALL MWKLD ; SET WK ACTIVE
MVI A, 4H ; PARAM = DECIPH
MVI B, 3H ; DECIPH. 3 EIGHT
. ; BYTE GROUPS
LXI H, HENCR ; CIPHER RESPONSE
LXI D, DTMMS ; SPACE FOR PLAIN
; TEXT RESPONSE
CALL NGEDR ; DECIPHER RESP.
MVI B, 24 ; PARAM = RESPONSE
; MSG. LENGTH
LXI - H, DTMMS ; ADDR. FIELD~l LXI D, HRESP ; ADDR. FIELD 2 CALL COMPR ; COMPARE 2 RES-; PONSE MSGS.
FINIS: HLT ; END OF ROUTINE
; DEBUG COMPLETE
DBUG4: ~ HLT ; PARITY ERROR ~:3:
; HALT, FROM DBERl -~1567~1 NAME/LABEL OP CODE 1 OPERANC r COMMENTS
DBUGS: HLT r--~ ; TlME OUT OR NOT
; READY HALT
; FROM DBER2.
END SThRT _ ; END TO START.
__ _ , 5ARAME iERS L STS CONSTANTS
BPARAM EQU i DOH I; DSM BEGIN PARAM.
MKEYL EQU 2H ; MASTER KEY LOAD
WKEYL I EQU 3H ; WORKING KEY LOAD
DECDT EQU 4! __ _ CIPHER DATA
ENCDT EQU 5H ; ENCIPHER DATA
DECWK EQU 6H ; DECIPHER WORK. KEY
ENCWK EQU 7H ; ENCIPHER WORK. KEY
RESET EQU lH l; RESET DSM
REDST EQU 2H l; READ STATUS
TRMAK EQU lH ; TRANSFER MAJOR KEY
RDDAT EQU 4H ; READ DATA
I~RTDAT EQU OH . ; WRITE DATA
WSl: DS lO ; WORK STORE ADDR. LIST
I~ADSP~ EQU IISl ; INDIR. ADDR. SPl IADTID EQU WSl + 2 ; INDIR. ADDR TID
IADKMT EQU WSl + 4 ; INDIR ADDR KMT
IADWK EQU hlSl + 6 ; INDIR ADDR WK
IADTK EQU ISl + 8 ; INDIR ADDR TK
WS2: DS 120 ; WORK STORE
SPARE EQU WS2 _; SPARE LOCATION
KMTl EQU WS2 + 8 KMTl LOCATION
KMT2 EQU WS2 + 16 1; KMT2 LOCATION
TWK EQU WS2 + 24 ; TEMP WK
TTK EQU WS2 + 32 ; TEMP TK
SK EQU IS2 + 40 ; SK LOCATION
DTlSK EQU WS2 + 48 l; D/KMTl/(SK) DT25K EQU WS2 + 56 ¦; D/KMT2/(SK) SP2 EQU WS2 + 64 1; SP2 LOCATION
NAME/LABEL OP CODE ¦ OPERAND COMMENTS
_5p3 _EQU WS2 + 72 , SP3 LOCATION
TEMPl EQU WS2 + 80 ; rEMP LOCATION
TEMP2 EQU WS2 + 8B ; TEMP LOCATION
TEMP3 -__ EQU _ WS2 + 96 _ ; TEMP LOC.
TEMP4 EQU WS2 + 1b9 , TEMP LOC.
MRPAR EQU WS2 + 112 ; TEMP EN/DE PAR
KMT: DB 1301H ; DUMMY KMT, BEFORE
DB 1301H ; DEBUGGING, MUST
_DB --- lr301H ; BE MADE EQUAL TO
DB 1301H ; D/KMO/(EKMT) ; THIS YALUE IS
; USED FOR DEBUG.
___ . _ _ _ . _ _ .
; AS 1F FROM TERM.
WS3 DS ; WORK STORE
NGPAR EQU WS3 ; STORE EN/DE/
; CIPHER PARAMET.
NGRPS_ EQU WS3 + 1 , STORE N GROUPS
NFROM EQU WS3 + 2 ; STORE FROM ADR.
NTOAD. EQU WS3 + 4 ; STORE TO ADDR.
_ ;,FOR DEBUGGING ONLY
;
.
_ KMO: DB EFEFH ; DUMMY
DB EFEFH ; MASTER
DB EFEFH ; KEY
DB EFEFH .
EKMF: DB EOEOH , DUMMY
DB EOEOH ; ENCRYPTED
DB EOEOH ; TERMINAL
DB EOEOH _ ; KEY
11~6~61 NAME/LABEL OP CODE ¦ OPERAND COMMENTS
DTID- DB ---~- Oli _ , DUMMY
DB OlOlli DB O~OlL, ; TID
_ DB __ ___ O1O1H ;
DWS: DS _ __ __ ~ _ , DEBUG LOCATIONS
DWK I EQU Dl!S ; DUMMY W:K LOC
DTK EQU DIIS + 8 ; DUMMY TK EOC
DSPl: DB lOlOH _ ; DUMMY
DB -- lOlOH ; SPl DB lOlOH , PARAMETER
DB lOlOH ;
ADRSPl: DW _ DSPl _ _ ; ADDR OF SPl ADRTID: DW - DTID ; ADDR OF TID
ADRKMT: DW KMT ; ADDR OF KMT
ADRWK: DW DWK ; ADDR OF WK
ADRTK: DW _ DTK ; ADDR OF TK
; THE ABOVE LIST IS
; USED FOR TERMIN.
; DEBUGGING
TMMSG: - DB 'IMPORTAN' ; TRANSACTION REQ.
DB 'T MESSAG' - ; MSG. USED AT
. DB 'E TO FOL' ; TERM., WILL BE
DB 'LOW SOON' ; ENCIPH. BY WK
DTMMS: DB 24 ; AREA FOR ENCIPH.
_ _ ; TRANS. REQ. MSG.
; RESPONSE FROM
; HPC AFTER DECIPH.
HPCWK: DS _ 8 ; AREA IN WHICH TO
; STORE WK GENERATED
; AT DUMMY HPC, ; CHECK AGAINST DWK
HPSPl: DS 8 ; AREA FOR SPl __ _ _ _ ; FROM DUMMY HPC
l ; CHECK AGAINST DSPl HPTRM: I DS 32 ; AREA FOR DECIPH
I _ __ ;,TRANS. REQ. MSG.
.
~ _ __ _ _ .
_ _ -,-Fi~M HPC, CHECK
; AGAINST TMMSG
HRESP: DB 'DlSREGAR' , RESPONSE MSG., DB 'D FIRST ' _ _ ; WILL BE ENCIPH.
_ _ _ DB IMLSSAGEX' , BY HPC USING WK
HENCR: DS 24 ; AREA FOR ENCIPH
; RESPONSE MSG., ___ ; USED AT HPC
HADSPl: DW --- HPSPl i SPl LOCATION
HADTID: DW DTID ; TID LOC.
HADKMT: DW EKMT ; ENCIPH. KMT LOC.
HADWK: DW HPCllK ; HPC-WK LOC.
HADTK: DW DTK ; TK LOC.
TMEMSG: DS 32 ; AREA FOR ENCRYP-; TED TRANS. REQ.
__ ; MSG. FROM TERM.
__._ ___ . _ _ _ 3. Summary In the preferred example, an authorized holder of a si~e "A"
magnetic-striped plastic card, which may be a Debit, Credit or Identification Card, would enter the card in a cash dispensing machine or automatic teller machine, enter his secret Personal Identification Number on a keyboard, and indicate the type and amount of transaction by pushing appropriate buttons provided for that purpose. The device would read the data on the magnetic stripe, such as account number and other data, and would also have available internally by electronic means a suitable Terminal Identification Code, a time clock and a secret Terminal Master Key. The device would generate, by appropriate means, a Transaction Request Message whose content would be determined by the type of transaction, amount requested and other data.
In addition, the device would use part of the secret Personal Identification Number, part of the account number, part of the "Time" field, and part of a card anti-counterfeiting field if there is one, to generate a parameter that would be one input into a suitable encryption means. Additional inputs in a specified order or sequence would be the Terminal Master Key and the Terminal Identification. Mult ple encryptions in a predetermined way would result in the generation of a Working Key, which would temporarily replace the Terminal Master Key within the encryption means and be used to encipher the Transaction Request Message and other data that may be required. The Working Key is then multiply-enciphered in a predetermined way using the Terminal.Master Key and Terminal Identification to generate the Transmitted Key which is appended to the enciphered Transaction Request Message together with any additional data required to process the transaction such as routing, transit and other control ,~
csm~,~
information, and/or an Initiali~ation Vector that may be required to initialize or synchronize the deciphering means. A link encryption key may then be used to encipher all of the data to be transmitted to protect the network against "traffic analysis"
intrusion by wire tap. The Transaction Request Message and header and control data are transmitted to the centralized computer, which may require intermediate receivers and transmitters (nodes) in a large network. At some nodes, decipherment using the link encryption key may be required, with subsequent encipherment using a different link encryption key appropriate for the next segment of the transmission. At the centralized computer, the message is first deciphered using the last-used link encryption key. Then the other data in the header or control part of the message and data available in the centralized data base, some of which may be enciphered, are used to multiply-decipher the Transmitted Key, preferably in a physically and electronically separate and secure device sometimes called a Network Security Controller (NSC) or a Security Module (SM), which process of decipherment results in generation of the Working Key that was used to encipher the Transaction Request Message at the terminal. The Working Key is used to decipher the Transaction Request Message and is then additionally multiply-decrypted to obtain the parameter that was used at the terminal to initiate the process.
Since that parameter contains part of the secret Personal Identification Number, part of the account number and part of the card anti-counterfeiting features, if there is one, the validity of the transaction can be determined by comparison of the l 156761 fields in the message with the corresponding fields of data obtained from the centralized data base, for which comparison additional encipherments and/or decipherJrlents may be required. Specifically, the account n~mber in the message may be used to obtain the corresponding secret Personal Identification Number and the card anti-counterfeiting number if there is one from the centralized data base which are compared with the corresponding partial fields that were, by implication, included in the message at the terminal. In the preferred embodiment, the secret Personal Identification Number is not otherwise directly included in the Transaction Request Message, it is independently generated at the centralized computer by decipherments in a predetermined way, so that a penetrator somehow obtaining a deciphered ~- message still does not have access to any data that will permit compromise of that account or any other account or aspect of system operation. The card anti-counterfeiting number, if there is one, also need not be included in the Transaction Request Message provided it is used at the terminal to generate the parameter that enters into thé first encipherment. Since the multiple encipherments at the terminal also include the Terminal Identification and the secret Terminal Master Key, it is not possible for a penetrator to substitute a spurious terminal in the network for the purpose of initiating fraudulent transactions to transfer funds. In the preferred embodiment, part of the "Time" field is included in the parameter that is enciphered at the terminal, to insure that each Transaction Réquest Message is enciphered using a different Working Key.
At the centralized computer, after the Transaction Request Message is validated, as described, additional processing may be required to determine if the transaction should be approved by determining the account balance is adequate, if the transaction lequested is valid for the specific account, if the plastic card used to initiate the transaction is not out-of-date, lost or stolen and by other processing that may be required~ In the present example, the transaction is approved, the centralized computer generates an appropriate response which is enciphered within the NSC or SM using the same Working Key and transmitted to the terminal that initiated the transaction, from node to node, as may be required, and with link encryption as may be required. The terminal deciphers the response and provides the requested service by dispensing the amount of cash requested. The terminal generates an acknowledgement that may include the type of service provided and amount, encrypts it using the same Working Key that was used for the Transaction Request Message, and transmits it to the centralized computer. After the centralized computer receives the acknowledgement, it changes the accounting data base to reflect the results of the transaction, then the terminal and the central-ized computer destroy the Working Key securely by resetting the register or location in which the Working Key was stored, and the transaction is complete. The transaction need not be to dispense cash, it may be to transfer funds, accept a deposit, make an advance to a valid credit card or against a reserve account or may be other types of transactions that may be provided by the Financial Institution for its depositors.
A secret Terminal Master Key is required to be securely stored at each terminal, computer or other .
I i56~61 device that may initiate a message. In the preferred embodiment, the Terminal Master Key is never trans-mitted in any form but distributed by armed guard and entered under dual control into the encipherment means at each terminal, computer or other device, or other simi]ar means are used that provides a similar level of security. Other systems that use encipher-ment also require manual entry of at least one secret key for proper operation. However, all other systems require more than 1 additional key be also entered or received at each terminal, some of which may be transmitted enciphered and are then deciphered in the terminal before use. In at least one system, the enciphering key that was used at the centralized computer to encipher all the secret Personal Identifi-cation Numbers, Key A, must be entered into each terminal in the network, which may number hundreds br more, thereby increasing the possibility of compromise.
The Key A is distributed as Key Al and manipulated internally in the terminal to form Key A, to reduce the possibility of compromise; nonetheless, such wide distribution still represents an exposure. In addition, a communications key is required at each terminal. In my invention, only one encryption key is required at each terminal,the Terminal Master Key or equivalent, thereby eliminating the exposure of the enciphering key that was used to encipher all the secret Personal Identification Numbers in the account data base. Furthermore, instead of only one key, Key A, being used to encipher all the secret Personal Identification Numbers in an account data base, multiple keys may be so used, reducing the intrinsic value of each such key considering bribery, coercion or blackmail, and facilitating plastic card reissue 1 1S~;761 due to a change of equipment, change of technology, compromise of one or more enciphering keys, due to elapsed time, or for other reasons. In addition, using one key, Key A, may be adequate in a proprietary network, but does not facilitate sharing, or inter-change of transactions between Financial Institutions.
My invention provides for sharing and interchange.
In some networks, computer-to-computer messages are required for administrative purposes. My invention provides for such messages provided there is an analogue for the secret Personal Identification Number, such as a "Password," and analogues for the Terminal Master Key and for the Terminal Identification, as al~eady described.
Yet other systems require that a terminal that is to communicate with a centralized computer must first send a message to a Network Security Controller (NSC) validating itself an~d requesting a Working Key or Communications Key. The NSC generates 2 copies of one key and transmits one enciphered copy to the terminal and one enciphered copy to the centralized computer.
The terminal deciphers the Working Key, uses it to encipher the message and transmits it to the central-ized computer, where it may be deciphered. Multiple transmissions are required for each transaction in that system, decreasing effective utilization of costly data communications lines. My invention does not require the additional transmissions since authentica-tion of the terminal and generation of the Working Key are integral to the operation of the system.
Because the method of using the Terminal Master Key in my invention protects it from exposure or compromise by cryptanalysis, it may be used for an extended period if not otherwise compromised. As a I lS6'?61 result, it is possible to use this invention in networks in which it would be difficult or impossible to permit changing a set of Master Keys on a frequent basis due to inaccessibility. One such network is one in which a communications satellite is used as a switching center. For example, a small number of transmitters may each have a need to transmit data to a large number of receivers in a way that does not permit other transmitters or some of the receivers to obtain access to the data transmitted. It would be an inefficient use of communications to require each trans-mitter or the satellite to maintain a separate encipher-ing key for each receiver and to separately encipher and process multiple copies of the same message, each originally enciphered using a different key. It is more efficient to permit the transmitter to encipher only one copy of a message and supply a list of recipients to the satellite, thereby permitting the satellite to decipher the message, and then to separately generate a Working Key to encipher one copy for each receiver using a different Master Key or set of Master Keys for each Working Key. The Master Keys could be combined 2, 3, 4 ... (n-l) at a time by "exclusive or" to minimize the storage requirements, especially if there are a large number of receivers. The same methods as already described can be used provided each transmitter and receiver has a secret password, an Identification and a secret Master Key, and a means for encryption and decryption.
In the preferred embodiment described, the National Bureau of Standards Data Encryption Standard was used to clarify the description and explanation of the invention, which standard may be used in Electronic Code Book Mode, Cipher Feed Back Mode or Block ~73~
Chaining Mode. Those skilled in the art will recognize that other cryptographic means or systems which require or permit a secret encryption key are as suitable, and that the use of 56 binary digit or 64 binary digit enciphering keys, and 64 binary digit blocks of plain text and cipher text are for illustrative purposes only and do not limit the scope of the invention. The method described can as well be implemented in software using a large scale computer, a minicomputer or a microcomputer, or in hardware using a large scale integrated çircuit device designed and manufactured for the purpose or by other electronic devices. Instead of a "Time"
field indicated previously, a currcn~ c~ounter, a transaction serial number or any other parameter that changes with each transaction can be used without changing or limiting the scope of the invention.
Although not a preferred embodiment, another variation in operation is feasible in some networks.
In some networks it may be possible to include the PAN and TID as a header in the link encrypted part of the message. The PAN can be used at the centralized computer to retrieve the encrypted PIN from the data base after the Security Module decrypts the header using the last-used link encryption key. The Security Module decrypts the PIN and uses the PAN and the PIN
to form SPl and, by the method already described, generates the WK using the TID, KMT and its variants.
The Security Module then decrypts the Transaction Request Message and may verify the PIN if it was encrypted with the Transaction Request Message.
Alternatively, if the message decrypts properly using the WK, the correct PIN was used to initiate the transaction at the terminal by implication. If all this is done, it is not necessary to generate or transmit TK.
1 1S6'~6 1 Although a particular embodiment of a system for authenticating users and devices in on-line trans-action networks in accordance with the invention has been described for the purpose of illustrating the manner in which the invention may be used to advantage, it will be appreciated that the invention is not limited thereto. Accordingly, any modification, variation or equivalent arrangement within the scope of the accompanying claims should be considered to be within the scope of the invention.
Claims (17)
PROPERTY OR PRIVILEGE IS CLAIMED ARE DEFINED AS FOLLOWS:
1. In a system for authenticating users and devices in on-line transaction networks comprising a plurality of remote terminals in communication with a central processing unit including a data base containing encrypted data used in the authentication of the users and devices, said data being encrypted with a master key and including terminal master keys for each of said remote terminals and identification numbers for each of said users all of which are secret, said data further including terminal identification numbers for each of said remote terminals and account numbers for each of said users, wherein each of said remote terminals is provided with means for entering an account number and an identification number of a user initiating a transaction as well as the nature of the transaction, the improvement in a method for protecting the transaction comprising the steps of:
generating at a terminal a transaction request message based on the information entered at the terminal by a user initiating a transaction, using the identification number and the account number entered by the user and the terminal identification number and the terminal master key, and employing such variants as to generate a working key unique to each transaction, encrypting the transaction request message using the working key, transmitting the encrypted transaction request message, deriving the working key at the central processing unit using information derived from the transmitted message and the data base including the account number, the terminal master key and the terminal identification number, decrypting the message received at the central processing unit using the working key, comparing the user identification number and account number obtained by decrypting corresponding data in the data base with the data in the transaction request message to validate the transaction request message, generating a transaction request response and encrypting the transaction request response with the working key, transmitting the encrypted transaction request response to the terminal where the transaction was initiated, and decrypting the message received at the terminal using the working key and, if the transaction is approved, providing the requested service.
generating at a terminal a transaction request message based on the information entered at the terminal by a user initiating a transaction, using the identification number and the account number entered by the user and the terminal identification number and the terminal master key, and employing such variants as to generate a working key unique to each transaction, encrypting the transaction request message using the working key, transmitting the encrypted transaction request message, deriving the working key at the central processing unit using information derived from the transmitted message and the data base including the account number, the terminal master key and the terminal identification number, decrypting the message received at the central processing unit using the working key, comparing the user identification number and account number obtained by decrypting corresponding data in the data base with the data in the transaction request message to validate the transaction request message, generating a transaction request response and encrypting the transaction request response with the working key, transmitting the encrypted transaction request response to the terminal where the transaction was initiated, and decrypting the message received at the terminal using the working key and, if the transaction is approved, providing the requested service.
2. The method of protecting a transaction as recited in Claim 1, further comprising the step of appending the account number to the encrypted transaction request message prior to transmitting and wherein the step of deriving the working key is performed by generating the working key using the appended account number, the user identification number, the terminal identification number and the terminal master key.
3. The method of protecting a transaction as recited in Claim 1, further comprising the steps of generating a transmitted key using the working key and appending the transmitted key to the encrypted transaction request message prior to transmitting and wherein the step of decrypting the message is performed using the appended transmitted key to obtain the working key, the working key then being decrypted to obtain the user identification number.
76a
76a
4. The method of protecting a transaction as recited in Claim 3, further comprising the steps of:
after decrypting the message received at the terminal, generating and transmitting an acknowledge-ment to the central processing unit, and destroying the working key at the terminal and the central processing unit after acknowledgement.
after decrypting the message received at the terminal, generating and transmitting an acknowledge-ment to the central processing unit, and destroying the working key at the terminal and the central processing unit after acknowledgement.
5. The method of protecting a transaction as recited in Claim 4, wherein said acknowledgement is encrypted using the working key.
6. The method of protecting a transaction as recited in Claim 3, wherein the step of generating the working key comprises the steps of:
using the user identification number and account number entered at the terminal, generating a first security parameter, generating a secondary key by encoding the terminal identification number using the terminal master key, and using the first security parameter and the secondary key to generate the working key.
using the user identification number and account number entered at the terminal, generating a first security parameter, generating a secondary key by encoding the terminal identification number using the terminal master key, and using the first security parameter and the secondary key to generate the working key.
7. The method of protecting a transaction as recited in Claims 3 or 6, wherein the time of day is also used to generate the working key.
8. The method of protecting a transaction as recited in Claim 6, wherein the time of day is used to generate the first security parameter and at the central processing unit, further comprising the step of decrypting the first security parameter using the working key to obtain the time of day, the transaction not being approved if the decrypted time of day varies by more than a predetermined time period from the time of day at the central processing unit.
9. The method of protecting a transaction recited in Claim 4, further comprising the step of updating the data base at the central processing unit after acknowledgement.
10. The method of protecting a transaction as recited in Claim 3, wherein each of said terminals includes a card reader for reading a user card encoded with the user account number, the card being inserted in the card reader in order to initiate a transaction and the user then entering a user identification number.
11. The method of protecting a transaction as recited in Claim 10, wherein the card encoded with the user account number also has an anti-counterfeiting feature, and the step of generating a working key comprises the steps of:
using the user account number and identifica-tion number, the anti-counterfeiting feature and the time of day, generating a first security parameter, generating a secondary key by encoding the terminal identification number using the terminal master key, and using the first security parameter and the secondary key to generate the working key.
using the user account number and identifica-tion number, the anti-counterfeiting feature and the time of day, generating a first security parameter, generating a secondary key by encoding the terminal identification number using the terminal master key, and using the first security parameter and the secondary key to generate the working key.
12. The method of protecting a transaction as recited in Claim 6, wherein the step of generating the working key further comprises the steps of:
using the first security parameter and the secondary key, generating a second security parameter, and using the second security parameter and the secondary key to generate the working key.
using the first security parameter and the secondary key, generating a second security parameter, and using the second security parameter and the secondary key to generate the working key.
13. The method of protecting a transaction as recited in Claim 12, wherein the step of generating the transmitted key comprises the steps of:
generating a third security parameter using the working key and the secondary key, and generating the transmitted key using the third security parameter and the secondary key.
generating a third security parameter using the working key and the secondary key, and generating the transmitted key using the third security parameter and the secondary key.
14. The method of protecting a transaction as recited in Claim 13, wherein the step of decrypting the message received at the central processing unit comprises the steps of:
multiply decrypting the transmitted key to first obtain the third security parameter and then the work-ing key, and decrypting the transaction request message using the decrypted working key.
multiply decrypting the transmitted key to first obtain the third security parameter and then the work-ing key, and decrypting the transaction request message using the decrypted working key.
15. The method of protecting a transaction as recited in Claim 10, wherein after the step of compar-ing the user identification number and account number, if the transaction is not validated, comprising the further step of requesting that the user identification number be re-entered to re-initiate the transaction.
16. The method of protecting a transaction as recited in Claim 15, wherein the card is retained in the card reader and not returned to the user if the step of requesting the user identification to be re-entered is repeated a predetermined number of times.
17. The method of protecting a transaction as recited in Claim 3, wherein the on-line transaction networks comprises a plurality of central processing units each in communication with other central processing units, each of said central processing units having an identification number which is used to obtain a secret interchange master key and a secret password, further comprising the steps in an interchange transaction between central processing units of:
using the interchange master key and the password to generate an interchange working key, encrypting the terminal identification number and the terminal master key using the interchange working key to generate an interchange transmitted key and appending the interchange transmitted key to the encrypted transaction request message, and transmitting the encrypted transaction request message with the appended interchange transmitted key to a second central processing unit.
using the interchange master key and the password to generate an interchange working key, encrypting the terminal identification number and the terminal master key using the interchange working key to generate an interchange transmitted key and appending the interchange transmitted key to the encrypted transaction request message, and transmitting the encrypted transaction request message with the appended interchange transmitted key to a second central processing unit.
Applications Claiming Priority (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| US129,110 | 1980-03-10 | ||
| US06/129,110 US4317957A (en) | 1980-03-10 | 1980-03-10 | System for authenticating users and devices in on-line transaction networks |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CA1156761A true CA1156761A (en) | 1983-11-08 |
Family
ID=22438497
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CA000371323A Expired CA1156761A (en) | 1980-03-10 | 1981-02-20 | System for authenticating users and devices in on- line transaction networks |
Country Status (6)
| Country | Link |
|---|---|
| US (1) | US4317957A (en) |
| EP (1) | EP0047285B1 (en) |
| JP (1) | JPS645783B2 (en) |
| CA (1) | CA1156761A (en) |
| DE (1) | DE3176872D1 (en) |
| WO (1) | WO1981002655A1 (en) |
Families Citing this family (235)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US4529870A (en) * | 1980-03-10 | 1985-07-16 | David Chaum | Cryptographic identification, financial transaction, and credential device |
| US4438824A (en) * | 1981-04-22 | 1984-03-27 | Siemens Corporation | Apparatus and method for cryptographic identity verification |
| JPS57176475A (en) * | 1981-04-24 | 1982-10-29 | Hitachi Ltd | Transaction processing system |
| CA1176335A (en) * | 1981-06-05 | 1984-10-16 | Exide Electronics Corporation | Computer communications control |
| US4423287A (en) * | 1981-06-26 | 1983-12-27 | Visa U.S.A., Inc. | End-to-end encryption system and method of operation |
| JPS6014385B2 (en) * | 1981-09-18 | 1985-04-12 | 株式会社日立製作所 | Transaction processing method |
| USRE33189E (en) * | 1981-11-19 | 1990-03-27 | Communications Satellite Corporation | Security system for SSTV encryption |
| IL64675A0 (en) * | 1981-12-30 | 1982-03-31 | Greenberg Avigdor | Data verification system |
| US4500750A (en) * | 1981-12-30 | 1985-02-19 | International Business Machines Corporation | Cryptographic application for interbank verification |
| NL8201077A (en) * | 1982-03-16 | 1983-10-17 | Philips Nv | A COMMUNICATION SYSTEM, CONTAINING A CENTRAL DATA PROCESSING DEVICE, ACCESS STATIONS AND EXTERNAL STATIONS, WHICH A CRYPTOGRAPHIC CHECK IS FORDICULARIZING AN EXTERNAL STATION, AND EXTERNAL STATIONS FOR USE IN SUCH A COMMUNITY. |
| US4484306A (en) * | 1982-03-22 | 1984-11-20 | Exide Electronics Corporation | Method and apparatus for controlling access in a data transmission system |
| US4533948A (en) * | 1982-04-30 | 1985-08-06 | General Instrument Corporation | CATV Communication system |
| US4549308A (en) * | 1982-07-12 | 1985-10-22 | At&T Bell Laboratories | Secure mobile radio telephony |
| JPS59501388A (en) * | 1982-07-15 | 1984-08-02 | ライト・シグネイチヤ−ズ,インコ−ポ−レテツド | safety system |
| US4558175A (en) * | 1982-08-02 | 1985-12-10 | Leonard J. Genest | Security system and method for securely communicating therein |
| GB2131586B (en) * | 1982-12-03 | 1985-11-20 | Burroughs Corp | Autoteller systems |
| US4532416A (en) * | 1983-01-03 | 1985-07-30 | Patrick Berstein | Transaction terminal with simplified data entry |
| AT388472B (en) * | 1983-02-07 | 1989-06-26 | Gabe Geldausgabeautomaten Serv | SYSTEM FOR THE IDENTIFICATION OF TERMINAL USERS AND FOR THE REVIEW OF ELECTRONICALLY TRANSMITTED DATA |
| US4723284A (en) * | 1983-02-14 | 1988-02-02 | Prime Computer, Inc. | Authentication system |
| JPS59153261A (en) * | 1983-02-18 | 1984-09-01 | Omron Tateisi Electronics Co | Transaction processor |
| JPS6061863A (en) * | 1983-09-02 | 1985-04-09 | ビザ・ユー・エス・エイ・インコーポレーテツド | Method and system for managing code key |
| GB2146815A (en) * | 1983-09-17 | 1985-04-24 | Ibm | Electronic fund transfer systems |
| GB2146814A (en) * | 1983-09-17 | 1985-04-24 | Ibm | Electronic fund transfer systems |
| US4652990A (en) * | 1983-10-27 | 1987-03-24 | Remote Systems, Inc. | Protected software access control apparatus and method |
| EP0140388B1 (en) * | 1983-10-31 | 1991-05-08 | Atalla Corporation | Pocket terminal, method and system for secured banking transactions |
| US4522456A (en) * | 1984-01-25 | 1985-06-11 | Datakey, Inc. | Electronic tag receptacle and reader |
| US4672572A (en) * | 1984-05-21 | 1987-06-09 | Gould Inc. | Protector system for computer access and use |
| JPS60263299A (en) * | 1984-06-11 | 1985-12-26 | オムロン株式会社 | Transaction processor |
| US4652698A (en) * | 1984-08-13 | 1987-03-24 | Ncr Corporation | Method and system for providing system security in a remote terminal environment |
| GB2168514A (en) * | 1984-12-12 | 1986-06-18 | Ibm | Security module |
| JP2553033B2 (en) * | 1985-03-20 | 1996-11-13 | 株式会社日立製作所 | Voucher acceptance terminal system |
| US4802217A (en) * | 1985-06-07 | 1989-01-31 | Siemens Corporate Research & Support, Inc. | Method and apparatus for securing access to a computer facility |
| EP0205095B1 (en) | 1985-06-07 | 1993-02-03 | Siemens Aktiengesellschaft | Method and arrangement for protecting the access to a computer |
| US4871085A (en) * | 1985-06-27 | 1989-10-03 | Diebold Incorporated | Apparatus for identifying and indicating the content of document canisters |
| DE3650595T2 (en) * | 1985-06-27 | 1997-05-22 | Interbold | Document delivery device |
| US4774664A (en) * | 1985-07-01 | 1988-09-27 | Chrysler First Information Technologies Inc. | Financial data processing system and method |
| JPH0762862B2 (en) * | 1985-09-17 | 1995-07-05 | カシオ計算機株式会社 | Authentication method in IC card system |
| GB8524020D0 (en) * | 1985-09-30 | 1985-11-06 | British Telecomm | Electronic funds transfer |
| USRE38419E1 (en) | 1986-05-13 | 2004-02-10 | Ncr Corporation | Computer interface device |
| US5056141A (en) * | 1986-06-18 | 1991-10-08 | Dyke David W | Method and apparatus for the identification of personnel |
| US4882752A (en) * | 1986-06-25 | 1989-11-21 | Lindman Richard S | Computer security system |
| US5319710A (en) * | 1986-08-22 | 1994-06-07 | Tandem Computers Incorporated | Method and means for combining and managing personal verification and message authentication encrytions for network transmission |
| EP0287720B1 (en) * | 1987-04-22 | 1992-01-08 | International Business Machines Corporation | Management of cryptographic keys |
| US4797920A (en) * | 1987-05-01 | 1989-01-10 | Mastercard International, Inc. | Electronic funds transfer system with means for verifying a personal identification number without pre-established secret keys |
| GB2204975B (en) * | 1987-05-19 | 1990-11-21 | Gen Electric Co Plc | Authenticator |
| US4850017A (en) * | 1987-05-29 | 1989-07-18 | International Business Machines Corp. | Controlled use of cryptographic keys via generating station established control values |
| US4975647A (en) * | 1987-06-01 | 1990-12-04 | Nova Biomedical Corporation | Controlling machine operation with respect to consumable accessory units |
| US4984270A (en) * | 1987-06-19 | 1991-01-08 | The Exchange System | Method and system for transmission of financial data |
| US4807224A (en) * | 1987-08-21 | 1989-02-21 | Naron Steven E | Multicast data distribution system and method |
| US5025373A (en) * | 1988-06-30 | 1991-06-18 | Jml Communications, Inc. | Portable personal-banking system |
| US5013897A (en) * | 1988-08-03 | 1991-05-07 | Thru-The-Wall Corporation | Automated videocassette dispensing terminal coupled to store's computerized rental system |
| US5007084A (en) * | 1988-08-29 | 1991-04-09 | Richard H. Materna | Payment Authorization and Information Device |
| US5109384A (en) * | 1988-11-02 | 1992-04-28 | Tseung Lawrence C N | Guaranteed reliable broadcast network |
| EP0377763A1 (en) * | 1989-01-12 | 1990-07-18 | Scheidt & Bachmann Gmbh | Device for checking the authorization of the user of a product vending or service vending and accounting apparatus, using a machine-readable authorization permit |
| US4933971A (en) * | 1989-03-14 | 1990-06-12 | Tandem Computers Incorporated | Method for encrypting transmitted data using a unique key |
| US5560008A (en) * | 1989-05-15 | 1996-09-24 | International Business Machines Corporation | Remote authentication and authorization in a distributed data processing system |
| DE69029759T2 (en) * | 1989-05-15 | 1997-07-17 | Ibm | Flexible interface for authentication services in a distributed data processing system |
| FR2652216B1 (en) * | 1989-09-20 | 1991-12-13 | Rockwell Cim | METHOD AND DEVICE FOR GENERATING AND VALIDATING A DIGITAL MESSAGE AND APPLICATION OF SUCH A DEVICE. |
| US5301280A (en) * | 1989-10-02 | 1994-04-05 | Data General Corporation | Capability based communication protocol |
| US5157717A (en) * | 1989-11-03 | 1992-10-20 | National Transaction Network, Inc. | Portable automated teller machine |
| US5050207A (en) * | 1989-11-03 | 1991-09-17 | National Transaction Network, Inc. | Portable automated teller machine |
| US5237610A (en) * | 1990-02-01 | 1993-08-17 | Scientific-Atlanta, Inc. | Independent external security module for a digitally upgradeable television signal decoder |
| US5029207A (en) * | 1990-02-01 | 1991-07-02 | Scientific-Atlanta, Inc. | External security module for a television signal decoder |
| US5036461A (en) * | 1990-05-16 | 1991-07-30 | Elliott John C | Two-way authentication system between user's smart card and issuer-specific plug-in application modules in multi-issued transaction device |
| DK0504364T3 (en) * | 1990-08-29 | 1998-03-16 | Hughes Aircraft Co | Distributed User Authentication Protocol |
| FR2674050B1 (en) * | 1991-03-12 | 1993-05-28 | Dassault Electronique | INSTALLATION FOR SECURING TRANSPORTATION TITLES, PARTICULARLY ON MAGNETIC TRACK. |
| US5490251A (en) * | 1991-08-09 | 1996-02-06 | First Data Resources Inc. | Method and apparatus for transmitting data over a signalling channel in a digital telecommunications network |
| US5283829A (en) * | 1992-10-01 | 1994-02-01 | Bell Communications Research, Inc. | System and method for paying bills electronically |
| US5267314A (en) * | 1992-11-17 | 1993-11-30 | Leon Stambler | Secure transaction system and method utilized therein |
| US5592377A (en) * | 1993-12-18 | 1997-01-07 | Lipkin; Edward B. | Check cashing system |
| US5488649A (en) * | 1994-05-06 | 1996-01-30 | Motorola, Inc. | Method for validating a communication link |
| DE4437277A1 (en) * | 1994-03-11 | 1995-09-14 | Walker Asset Management Ltd | Improved remote gaming system |
| RU95103479A (en) * | 1994-03-11 | 1996-12-27 | Уолкер Эссет Мэнеджмент Лимитед Партнершип (US) | Game system, game computer, method for playing or drawing lottery when player participates in it |
| US5544322A (en) * | 1994-05-09 | 1996-08-06 | International Business Machines Corporation | System and method for policy-based inter-realm authentication within a distributed processing system |
| AUPM616994A0 (en) * | 1994-06-09 | 1994-07-07 | Reilly, Chris | Security system for eft using magnetic strip cards |
| US5590038A (en) * | 1994-06-20 | 1996-12-31 | Pitroda; Satyan G. | Universal electronic transaction card including receipt storage and system and methods of conducting electronic transactions |
| IL114359A0 (en) * | 1994-06-30 | 1995-10-31 | Walker Asset Management Ltd | System and method for remote gaming |
| JP3853387B2 (en) * | 1994-11-15 | 2006-12-06 | 富士通株式会社 | Data access right management method in data independent computer system |
| US7152045B2 (en) * | 1994-11-28 | 2006-12-19 | Indivos Corporation | Tokenless identification system for authorization of electronic transactions and electronic transmissions |
| US6293469B1 (en) | 1994-12-20 | 2001-09-25 | Dh Technology Inc. | Transaction printer |
| US5692049A (en) * | 1995-02-13 | 1997-11-25 | Eta Technologies Corporation | Personal access management system |
| US5619574A (en) * | 1995-02-13 | 1997-04-08 | Eta Technologies Corporation | Personal access management system |
| US5682428A (en) * | 1995-02-13 | 1997-10-28 | Eta Technologies Corporation | Personal access management system |
| US5696825A (en) * | 1995-02-13 | 1997-12-09 | Eta Technologies Corporation | Personal access management system |
| US5694472A (en) * | 1995-02-13 | 1997-12-02 | Eta Technologies Corporation | Personal access management system |
| US5689564A (en) * | 1995-02-13 | 1997-11-18 | Eta Technologies Corporation | Personal access management system |
| US5610980A (en) * | 1995-02-13 | 1997-03-11 | Eta Technologies Corporation | Method and apparatus for re-initializing a processing device and a storage device |
| US5778068A (en) * | 1995-02-13 | 1998-07-07 | Eta Technologies Corporation | Personal access management system |
| US5588059A (en) * | 1995-03-02 | 1996-12-24 | Motorola, Inc. | Computer system and method for secure remote communication sessions |
| US5659542A (en) | 1995-03-03 | 1997-08-19 | Intecom, Inc. | System and method for signalling and call processing for private and hybrid communications systems including multimedia systems |
| US6748101B1 (en) | 1995-05-02 | 2004-06-08 | Cummins-Allison Corp. | Automatic currency processing system |
| US6363164B1 (en) * | 1996-05-13 | 2002-03-26 | Cummins-Allison Corp. | Automated document processing system using full image scanning |
| JPH08320847A (en) * | 1995-05-26 | 1996-12-03 | Hitachi Ltd | Password management system |
| US7272639B1 (en) | 1995-06-07 | 2007-09-18 | Soverain Software Llc | Internet server access control and monitoring systems |
| US7179168B1 (en) * | 1995-06-30 | 2007-02-20 | Walker Digital, Llc | Systems and methods for allocating an outcome amount among a total number of events |
| US6402614B1 (en) * | 1995-06-30 | 2002-06-11 | Walker Digital, Llc | Off-line remote system for lotteries and games of skill |
| USRE41543E1 (en) * | 1995-08-17 | 2010-08-17 | Vendonet, Inc. | Vending machine and computer assembly |
| JP3764961B2 (en) * | 1995-11-30 | 2006-04-12 | カシオ計算機株式会社 | Secret data storage device and secret data read method |
| US5706442A (en) * | 1995-12-20 | 1998-01-06 | Block Financial Corporation | System for on-line financial services using distributed objects |
| WO1997024831A1 (en) * | 1995-12-29 | 1997-07-10 | Mci Communications Corporation | Multiple cryptographic key distribution |
| US5790665A (en) * | 1996-01-17 | 1998-08-04 | Micali; Silvio | Anonymous information retrieval system (ARS) |
| US8443958B2 (en) * | 1996-05-13 | 2013-05-21 | Cummins-Allison Corp. | Apparatus, system and method for coin exchange |
| US6661910B2 (en) * | 1997-04-14 | 2003-12-09 | Cummins-Allison Corp. | Network for transporting and processing images in real time |
| US5745576A (en) * | 1996-05-17 | 1998-04-28 | Visa International Service Association | Method and apparatus for initialization of cryptographic terminal |
| EP0842502B1 (en) * | 1996-05-23 | 1998-12-16 | Ulrich Seng | Cashless payment method |
| US5878143A (en) * | 1996-08-16 | 1999-03-02 | Net 1, Inc. | Secure transmission of sensitive information over a public/insecure communications medium |
| GB9619189D0 (en) * | 1996-09-13 | 1996-10-23 | Ncr Int Inc | Methods and apparatus for sending electronic data signals |
| KR100213188B1 (en) * | 1996-10-05 | 1999-08-02 | 윤종용 | Apparatus and method for user authentication |
| US5952638A (en) * | 1996-11-25 | 1999-09-14 | Xerox Corporation | Space efficient method of electronic payments |
| US7266526B1 (en) | 1996-11-27 | 2007-09-04 | Diebold, Incorporated | Automated banking machine system with multiple browsers |
| US8042733B2 (en) | 1996-11-27 | 2011-10-25 | Diebold, Incorporated | Automated banking machine that operates responsive to data bearing records |
| US20050038747A1 (en) * | 1996-11-27 | 2005-02-17 | Diebold, Incorporated | Automated banking machine configuration system |
| US6970846B1 (en) | 1996-11-27 | 2005-11-29 | Diebold, Incorporated | Automated banking machine configuration method |
| US7603302B1 (en) | 1996-11-27 | 2009-10-13 | Diebold, Incorporated | Automated banking machine system with multiple entity interface |
| US7080036B1 (en) | 1996-11-27 | 2006-07-18 | Diebold, Incorporated | Automated banking machine development method |
| US7716096B2 (en) * | 1996-11-27 | 2010-05-11 | Diebold Self-Service Systems A Division Of Diebold, Incorporated | Application service provider and automated transaction machine system and method |
| US8121914B1 (en) | 1996-11-27 | 2012-02-21 | Diebold, Incorporated | Automated banking machine customer profile method |
| US6768975B1 (en) * | 1996-11-29 | 2004-07-27 | Diebold, Incorporated | Method for simulating operation of an automated banking machine system |
| US6279826B1 (en) | 1996-11-29 | 2001-08-28 | Diebold, Incorporated | Fault monitoring and notification system for automated banking |
| US7607981B2 (en) * | 1996-12-30 | 2009-10-27 | Walker Digital, Llc | System and method for remote automated play of a gaming device |
| US6634942B2 (en) * | 1996-12-30 | 2003-10-21 | Jay S. Walker | System and method for automated play of multiple gaming devices |
| US20060035697A1 (en) * | 1996-12-30 | 2006-02-16 | Packes John M | Systems and methods for facilitating play of lottery games |
| US7806763B2 (en) * | 1996-12-30 | 2010-10-05 | Igt | System and method for remote automated play of a gaming device |
| US6964611B2 (en) | 1996-12-30 | 2005-11-15 | Walker Digital, Llc | System and method for automated play of lottery games |
| US6145738A (en) | 1997-02-06 | 2000-11-14 | Mr. Payroll Corporation | Method and apparatus for automatic check cashing |
| US6149056A (en) * | 1997-02-06 | 2000-11-21 | Mr. Payroll Corporation | Automatic check cashing using biometric identification verification |
| AU6758898A (en) | 1997-03-12 | 1998-09-29 | Visa International | Secure electronic commerce employing integrated circuit cards |
| US5971272A (en) * | 1997-08-19 | 1999-10-26 | At&T Corp. | Secured personal identification number |
| US6038553A (en) * | 1997-09-19 | 2000-03-14 | Affiliated Computer Services, Inc. | Self service method of and system for cashing checks |
| US6095413A (en) * | 1997-11-17 | 2000-08-01 | Automated Transaction Corporation | System and method for enhanced fraud detection in automated electronic credit card processing |
| US9900305B2 (en) * | 1998-01-12 | 2018-02-20 | Soverain Ip, Llc | Internet server access control and monitoring systems |
| US6122624A (en) * | 1998-05-28 | 2000-09-19 | Automated Transaction Corp. | System and method for enhanced fraud detection in automated electronic purchases |
| US20060136595A1 (en) * | 1998-12-08 | 2006-06-22 | Ramakrishna Satyavolu | Network-based verification and fraud-prevention system |
| AU2515800A (en) * | 1999-01-26 | 2000-08-07 | Infolio, Inc. | Universal mobile id system and method for digital rights management |
| EP1163807B1 (en) * | 1999-03-19 | 2005-05-18 | Siemens Aktiengesellschaft | Method for verifying the authentication of a manager application in a telecommunications management network operating system by means of a network element and network element suitable therefor |
| US6985583B1 (en) | 1999-05-04 | 2006-01-10 | Rsa Security Inc. | System and method for authentication seed distribution |
| US20020010769A1 (en) * | 1999-06-23 | 2002-01-24 | Kippenhan Roland Calvin | Autonomous browsing agent |
| AR029173A1 (en) * | 1999-07-20 | 2003-06-18 | Diebold Inc | METHOD FOR THE DEVELOPMENT OF AUTOMATIC POCKETS |
| DE60010894D1 (en) * | 1999-08-03 | 2004-06-24 | Craig Mark Clay-Smith | METHOD AND DEVICE FOR PREVENTING FRAUD IN RELATION TO THE USE OF NEGOTIABLE SECURITIES |
| US8706630B2 (en) | 1999-08-19 | 2014-04-22 | E2Interactive, Inc. | System and method for securely authorizing and distributing stored-value card data |
| AU775065B2 (en) * | 1999-11-05 | 2004-07-15 | Leo R. Schlinkert | Payment method and system for online commerce |
| US7945491B2 (en) * | 2000-01-12 | 2011-05-17 | Metavante Corporation | Integrated systems for electronic bill presentment and payment |
| US20010037295A1 (en) * | 2000-01-31 | 2001-11-01 | Olsen Karl R. | Push model internet bill presentment and payment system and method |
| US7978899B2 (en) | 2005-10-05 | 2011-07-12 | Cummins-Allison Corp. | Currency processing system with fitness detection |
| US8701857B2 (en) | 2000-02-11 | 2014-04-22 | Cummins-Allison Corp. | System and method for processing currency bills and tickets |
| DE10195918T1 (en) * | 2000-03-17 | 2003-04-03 | Ebay Inc | Method and device for facilitating payment transactions in a network-based transaction device using various payment instruments |
| US8706618B2 (en) * | 2005-09-29 | 2014-04-22 | Ebay Inc. | Release of funds based on criteria |
| US7499875B1 (en) | 2000-03-17 | 2009-03-03 | Ebay Inc. | Method and apparatus for facilitating online payment transactions in a network-based transaction facility using multiple payment instruments |
| US7848972B1 (en) | 2000-04-06 | 2010-12-07 | Metavante Corporation | Electronic bill presentment and payment systems and processes |
| AU2001263013B2 (en) * | 2000-05-09 | 2006-06-29 | Metavante Corporation | Electronic bill presentment and payment system |
| US7452270B2 (en) * | 2000-06-29 | 2008-11-18 | Walker Digital, Llc | Systems and methods for presenting an outcome amount via a total number of events |
| FI20001991A (en) * | 2000-09-08 | 2002-03-09 | Tauno Miikkulainen | Procedure and arrangement for teleworking |
| US6720327B2 (en) * | 2000-09-27 | 2004-04-13 | Pharmacia Corporation | Lactone integrin antagonists |
| GB2374446B (en) * | 2000-11-28 | 2004-07-21 | Peter Crabbe | Secure telephone polling |
| US6895414B2 (en) | 2001-02-15 | 2005-05-17 | Usinternet Working, Inc. | Method and apparatus for authorizing and reporting changes to device configurations |
| US6954740B2 (en) | 2001-02-26 | 2005-10-11 | Albert Israel Talker | Action verification system using central verification authority |
| US7159114B1 (en) * | 2001-04-23 | 2007-01-02 | Diebold, Incorporated | System and method of securely installing a terminal master key on an automated banking machine |
| US7328337B2 (en) * | 2001-05-25 | 2008-02-05 | America Online, Incorporated | Trust grant and revocation from a master key to secondary keys |
| US7546274B2 (en) * | 2001-08-09 | 2009-06-09 | Ncr Corporation | System and method for facilitating electronic commerce transactions at an automatic teller machine |
| US8412633B2 (en) * | 2002-03-04 | 2013-04-02 | The Western Union Company | Money transfer evaluation systems and methods |
| US7313545B2 (en) * | 2001-09-07 | 2007-12-25 | First Data Corporation | System and method for detecting fraudulent calls |
| US7373515B2 (en) * | 2001-10-09 | 2008-05-13 | Wireless Key Identification Systems, Inc. | Multi-factor authentication system |
| US7370014B1 (en) | 2001-11-01 | 2008-05-06 | Metavante Corporation | Electronic bill presentment and payment system that obtains user bill information from biller web sites |
| US8209226B2 (en) | 2001-11-15 | 2012-06-26 | Nintendo Of America Inc. | Non-serialized electronic product registration system and method of operating same |
| US7363494B2 (en) * | 2001-12-04 | 2008-04-22 | Rsa Security Inc. | Method and apparatus for performing enhanced time-based authentication |
| US6896118B2 (en) | 2002-01-10 | 2005-05-24 | Cummins-Allison Corp. | Coin redemption system |
| US7472825B2 (en) * | 2002-01-11 | 2009-01-06 | Hand Held Products, Inc. | Transaction terminal |
| US7479946B2 (en) * | 2002-01-11 | 2009-01-20 | Hand Held Products, Inc. | Ergonomically designed multifunctional transaction terminal |
| US7748620B2 (en) | 2002-01-11 | 2010-07-06 | Hand Held Products, Inc. | Transaction terminal including imaging module |
| US7451917B2 (en) | 2002-01-11 | 2008-11-18 | Hand Held Products, Inc. | Transaction terminal comprising imaging module |
| US7743902B2 (en) | 2002-03-11 | 2010-06-29 | Cummins-Allison Corp. | Optical coin discrimination sensor and coin processing system using the same |
| US7158008B2 (en) * | 2002-03-29 | 2007-01-02 | Datakey Electronincs, Inc. | Electronic key system and method |
| US8751384B2 (en) | 2002-05-08 | 2014-06-10 | Metavante Corporation | Integrated bill presentment and payment system and method of operating the same |
| US8799157B1 (en) | 2002-05-08 | 2014-08-05 | Metavante Corporation | Business combined bill management system and method |
| US7171467B2 (en) * | 2002-06-13 | 2007-01-30 | Engedi Technologies, Inc. | Out-of-band remote management station |
| US8171567B1 (en) | 2002-09-04 | 2012-05-01 | Tracer Detection Technology Corp. | Authentication method and system |
| US6715672B1 (en) | 2002-10-23 | 2004-04-06 | Donald Tetro | System and method for enhanced fraud detection in automated electronic credit card processing |
| US8100323B1 (en) * | 2002-12-26 | 2012-01-24 | Diebold Self-Service Systems Division Of Diebold, Incorporated | Apparatus and method for verifying components of an ATM |
| EP1437668B1 (en) * | 2003-01-08 | 2006-11-15 | Rolf Krause | Method for conducting a cashless payment of goods or services using a mobile radio terminal |
| US20040135805A1 (en) * | 2003-01-10 | 2004-07-15 | Gottsacker Neal F. | Document composition system and method |
| US8393455B2 (en) | 2003-03-12 | 2013-03-12 | Cummins-Allison Corp. | Coin processing device having a moveable coin receptacle station |
| US7596703B2 (en) * | 2003-03-21 | 2009-09-29 | Hitachi, Ltd. | Hidden data backup and retrieval for a secure device |
| US20040215560A1 (en) * | 2003-04-25 | 2004-10-28 | Peter Amalraj | Integrated payment system and method |
| JP2004355562A (en) * | 2003-05-30 | 2004-12-16 | Kddi Corp | Apparatus authentication system |
| US7177916B2 (en) * | 2003-06-26 | 2007-02-13 | Fmr Corp. | Methods and systems for selecting and managing network-accessible accounts |
| US7761374B2 (en) | 2003-08-18 | 2010-07-20 | Visa International Service Association | Method and system for generating a dynamic verification value |
| US7740168B2 (en) | 2003-08-18 | 2010-06-22 | Visa U.S.A. Inc. | Method and system for generating a dynamic verification value |
| US8523641B2 (en) | 2004-09-15 | 2013-09-03 | Cummins-Allison Corp. | System, method and apparatus for automatically filling a coin cassette |
| US9934640B2 (en) | 2004-09-15 | 2018-04-03 | Cummins-Allison Corp. | System, method and apparatus for repurposing currency |
| US20060149676A1 (en) * | 2004-12-30 | 2006-07-06 | Sprunk Eric J | Method and apparatus for providing a secure move of a decrpytion content key |
| US8602200B2 (en) * | 2005-02-10 | 2013-12-10 | Cummins-Allison Corp. | Method and apparatus for varying coin-processing machine receptacle limits |
| CN101120351B (en) * | 2005-02-18 | 2010-10-06 | Rsa安全公司 | Derivative seeds distribution method |
| WO2006107777A2 (en) * | 2005-04-01 | 2006-10-12 | Mastercard International Incorporated | Dynamic encryption of payment card numbers in electronic payment transactions |
| US20070088611A1 (en) * | 2005-05-11 | 2007-04-19 | Christiansen Brian D | Effecting ancillary actions on a transaction network |
| US7627125B2 (en) * | 2005-06-23 | 2009-12-01 | Efunds Corporation | Key loading systems and methods |
| US7946406B2 (en) * | 2005-11-12 | 2011-05-24 | Cummins-Allison Corp. | Coin processing device having a moveable coin receptacle station |
| US7885890B2 (en) * | 2006-01-17 | 2011-02-08 | Hsbc Finance Corporation | System for authorizing credit use |
| US7980378B2 (en) * | 2006-03-23 | 2011-07-19 | Cummins-Allison Corporation | Systems, apparatus, and methods for currency processing control and redemption |
| US9065643B2 (en) | 2006-04-05 | 2015-06-23 | Visa U.S.A. Inc. | System and method for account identifier obfuscation |
| US7818264B2 (en) * | 2006-06-19 | 2010-10-19 | Visa U.S.A. Inc. | Track data encryption |
| US7929749B1 (en) | 2006-09-25 | 2011-04-19 | Cummins-Allison Corp. | System and method for saving statistical data of currency bills in a currency processing device |
| WO2008096273A2 (en) * | 2007-02-09 | 2008-08-14 | Business Intelligent Processing Systems, Plc | System and method for performing payment transactions, verifying age, verifying identity, and managing taxes |
| US20080210753A1 (en) * | 2007-03-02 | 2008-09-04 | First Data Corporation | Loyalty reward settlement system and method |
| WO2008144536A1 (en) * | 2007-05-17 | 2008-11-27 | Walker Digital, Llc | Group play of lottery game |
| CN101816010A (en) * | 2007-07-19 | 2010-08-25 | 数据匙电子有限公司 | RF token and receptacle system and method |
| US20090043696A1 (en) * | 2007-08-08 | 2009-02-12 | Electronic Payment Exchange | Payment Processor Hosted Account Information |
| US8838472B2 (en) * | 2007-08-14 | 2014-09-16 | First Data Corporation | Mobile system and method for exchanging point value |
| WO2009029864A1 (en) * | 2007-08-29 | 2009-03-05 | Datakey Electronics, Inc. | Data carrier system and method |
| US10558961B2 (en) | 2007-10-18 | 2020-02-11 | Wayne Fueling Systems Llc | System and method for secure communication in a retail environment |
| US20090239459A1 (en) * | 2008-03-19 | 2009-09-24 | Cummins-Allison Corp. | Self Service Coin Processing Machines With EPOS Terminal And Method For Automated Payout Utilizing Same |
| CA2660418C (en) | 2008-03-25 | 2018-08-07 | Cummins-Allison Corp. | Self service coin redemption card printer-dispenser |
| US8898089B2 (en) * | 2008-06-24 | 2014-11-25 | Visa U.S.A. Inc. | Dynamic verification value system and method |
| USD649894S1 (en) | 2008-12-30 | 2011-12-06 | Atek Products, Llc | Electronic token and data carrier |
| USD649896S1 (en) | 2009-01-30 | 2011-12-06 | Atek Products, Llc | Electronic token and data carrier receptacle |
| US8573500B2 (en) | 2009-01-30 | 2013-11-05 | ATEK Products, LLC. | Data carrier system having a compact footprint and methods of manufacturing the same |
| USD649895S1 (en) | 2009-01-30 | 2011-12-06 | Atek Products, Llc | Electronic token and data carrier |
| USD649486S1 (en) | 2009-07-09 | 2011-11-29 | ATEK Products , LLC | Electronic token and data carrier |
| US10296916B2 (en) | 2009-09-11 | 2019-05-21 | Maridee Joy Maraz | System and/or method for handling recalled product purchases and/or return/warranty requests |
| US8712856B2 (en) | 2010-04-12 | 2014-04-29 | Nintendo Of America Inc. | Systems and/or methods for determining item serial number structure and intelligence |
| US8545295B2 (en) | 2010-12-17 | 2013-10-01 | Cummins-Allison Corp. | Coin processing systems, methods and devices |
| US8799111B2 (en) | 2012-05-04 | 2014-08-05 | Nintendo Of America Inc. | Systems and/or methods for selling non-inventory items at point-of-sale (POS) locations |
| US9092924B1 (en) | 2012-08-31 | 2015-07-28 | Cummins-Allison Corp. | Disk-type coin processing unit with angled sorting head |
| US9735967B2 (en) * | 2014-04-30 | 2017-08-15 | International Business Machines Corporation | Self-validating request message structure and operation |
| US9501885B1 (en) | 2014-07-09 | 2016-11-22 | Cummins-Allison Corp. | Systems, methods and devices for processing coins utilizing near-normal and high-angle of incidence lighting |
| US10685523B1 (en) | 2014-07-09 | 2020-06-16 | Cummins-Allison Corp. | Systems, methods and devices for processing batches of coins utilizing coin imaging sensor assemblies |
| US9916713B1 (en) | 2014-07-09 | 2018-03-13 | Cummins-Allison Corp. | Systems, methods and devices for processing coins utilizing normal or near-normal and/or high-angle of incidence lighting |
| US9508208B1 (en) | 2014-07-25 | 2016-11-29 | Cummins Allison Corp. | Systems, methods and devices for processing coins with linear array of coin imaging sensors |
| US9430893B1 (en) | 2014-08-06 | 2016-08-30 | Cummins-Allison Corp. | Systems, methods and devices for managing rejected coins during coin processing |
| US10089812B1 (en) | 2014-11-11 | 2018-10-02 | Cummins-Allison Corp. | Systems, methods and devices for processing coins utilizing a multi-material coin sorting disk |
| US10050780B2 (en) * | 2015-05-01 | 2018-08-14 | Microsoft Technology Licensing, Llc | Securely storing data in a data storage system |
| US9875593B1 (en) | 2015-08-07 | 2018-01-23 | Cummins-Allison Corp. | Systems, methods and devices for coin processing and coin recycling |
| US10181234B2 (en) | 2016-10-18 | 2019-01-15 | Cummins-Allison Corp. | Coin sorting head and coin processing system using the same |
| US10679449B2 (en) | 2016-10-18 | 2020-06-09 | Cummins-Allison Corp. | Coin sorting head and coin processing system using the same |
| US11030624B2 (en) * | 2018-10-04 | 2021-06-08 | Capital One Services, Llc | Techniques to perform computational analyses on transaction information for automatic teller machines |
| GB2613488B (en) | 2019-01-04 | 2023-08-23 | Cummins Allison Corp | Coin pad for coin processing system |
Family Cites Families (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US3985998A (en) * | 1970-11-18 | 1976-10-12 | Century International Corporation | Personal authority verification system |
| US3956615A (en) * | 1974-06-25 | 1976-05-11 | Ibm Corporation | Transaction execution system with secure data storage and communications |
| US4025760A (en) * | 1975-08-14 | 1977-05-24 | Addressograph Multigraph Corporation | Security means for transaction terminal system |
| US4123747A (en) * | 1977-05-20 | 1978-10-31 | International Business Machines Corporation | Identity verification method and apparatus |
| US4238854A (en) * | 1977-12-05 | 1980-12-09 | International Business Machines Corporation | Cryptographic file security for single domain networks |
| US4259720A (en) * | 1978-01-09 | 1981-03-31 | Interbank Card Association | Security system for electronic funds transfer system |
| US4214230A (en) * | 1978-01-19 | 1980-07-22 | Rolf Blom | Personal identification system |
| US4223403A (en) * | 1978-06-30 | 1980-09-16 | International Business Machines Corporation | Cryptographic architecture for use with a high security personal identification system |
| US4288659A (en) * | 1979-05-21 | 1981-09-08 | Atalla Technovations | Method and means for securing the distribution of encoding keys |
-
1980
- 1980-03-10 US US06/129,110 patent/US4317957A/en not_active Expired - Lifetime
-
1981
- 1981-02-02 EP EP81900708A patent/EP0047285B1/en not_active Expired
- 1981-02-02 DE DE8181900708T patent/DE3176872D1/en not_active Expired
- 1981-02-02 WO PCT/US1981/000135 patent/WO1981002655A1/en active IP Right Grant
- 1981-02-02 JP JP56500958A patent/JPS645783B2/ja not_active Expired
- 1981-02-20 CA CA000371323A patent/CA1156761A/en not_active Expired
Also Published As
| Publication number | Publication date |
|---|---|
| US4317957A (en) | 1982-03-02 |
| EP0047285A4 (en) | 1985-07-30 |
| JPS57500449A (en) | 1982-03-11 |
| DE3176872D1 (en) | 1988-10-13 |
| EP0047285B1 (en) | 1988-09-07 |
| WO1981002655A1 (en) | 1981-09-17 |
| EP0047285A1 (en) | 1982-03-17 |
| JPS645783B2 (en) | 1989-01-31 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CA1156761A (en) | System for authenticating users and devices in on- line transaction networks | |
| EP0033833B1 (en) | Transaction execution system, method of operating such a system and terminal for use in such a system | |
| AU2007319149B2 (en) | Dynamic magnetic stripe | |
| US9424573B2 (en) | Batch settlement transactions system and method | |
| EP0032193B1 (en) | Communication apparatus | |
| EP0068805B1 (en) | End-to-end encryption system and method of operation | |
| US20080040284A1 (en) | Method and system for secured transactions | |
| US20130117138A1 (en) | Metrics systems and methods for token transactions | |
| EP0003756A2 (en) | Transaction execution system | |
| JPH0334641A (en) | Method of encrypting transmission data using special key | |
| WO1997010560A1 (en) | Stored value transaction system and method using anonymous account numbers | |
| JPH06103426A (en) | Ic prepaid card system | |
| WO1998029983A1 (en) | Transaction key generation system | |
| CA1165445A (en) | Method for operating a transaction execution system having improved verification of personal identification |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| MKEX | Expiry |