`Curry et al.
`
`111111
`
`1111111111111111111111111111111111111111111111111111111111111
`US005940510A
`[11] Patent Number:
`[45] Date of Patent:
`
`5,940,510
`*Aug.17, 1999
`
`[54] TRANSFER OF VALUABLE INFORMATION
`BETWEEN A SECURE MODULE AND
`ANOTHER MODULE
`
`[56]
`
`References Cited
`
`U.S. PATENT DOCUMENTS
`
`[75]
`
`Inventors: Stephen M. Curry, Dallas; Donald W.
`Loomis, Coppell; Michael L. Bolan,
`Dallas, all of Tex.
`
`[73] Assignee: Dallas Semiconductor Corporation,
`Dallas, Tex.
`
`[ *] Notice:
`
`This patent issued on a continued pros(cid:173)
`ecution application filed under 37 CFR
`1.53( d), and is subject to the twenty year
`patent term provisions of 35 U.S.C.
`154(a)(2).
`
`[21] Appl. No.: 08/594,975
`
`[22] Filed:
`
`Jan.31, 1996
`
`Int. Cl.6
`[51]
`........................................................ H04L 9/00
`[52] U.S. Cl. ................................................. 380/25; 380/49
`[58] Field of Search .................................. 380/49, 24, 23,
`380/25
`
`5,003,594
`5,150,407
`5,189,700
`5,241,599
`5,539,825
`5,539,828
`5,546,463
`5,577,121
`5,621,796
`5,787,174
`
`3/1991 Shinagawa ................................ 380/24
`9/1992 Chan ........................................... 380/4
`2/1993 Blandsord . ... ... ... ... ... .... ... ... ... ... . 380/23
`8/1993 Bellovin et a!. .. .... ... ... ... ... ... ..... 380/21
`7/1996 Akiyama eta!. ......................... 380/24
`7/1996 Davis ........................................ 380/50
`8/1996 Caputo eta!. ............................ 380/25
`11/1996 Davis et a!.
`... ... ... .... ... ... ... ... ..... 380/24
`4/1997 Davis et a!.
`... ... ... .... ... ... ... ... ..... 380/24
`7/1998 Tuttle . ... .... ... ... ... ... ... .... ... ... ... ... . 380/23
`
`Primary Examiner-Salvatore Cangialosi
`Attorney, Agent, or Firm-Jenkens & Gilchrist
`
`[57]
`
`ABSTRACT
`
`The present invention rotates to system, apparatus and
`method for communicating valuable data from a portable
`module to another module via an electronic device. More
`specifically, the disclosed system, apparatus and method are
`useful for enabling a user to fill a portable module with a
`cash equivalent and to spend the cash equivalent at a variety
`of locations. The disclosed system incorporates an
`encryption/decryption method.
`
`6 Claims, 8 Drawing Sheets
`
`I UNIQUE ID NUMBERj
`~
`
`c--1
`4
`~
`
`I CLOCKh
`
`I CONTROLj
`~ c--1 6
`
`f-H
`
`_I
`I
`
`NVRAM
`
`ROM ~ ~r-2 2
`4 J
`
`----~----
`
`20
`
`~r-2
`
`-T
`I ENERGYh
`
`CIRCUITRY
`
`-=
`
`34
`1---.
`
`MODULE
`
`MICRO PROCESSOR
`
`12
`
`-V
`
`t
`
`MATH COPROCESSOR
`/
`
`-I--"
`
`18
`
`I
`•
`
`OUTPUT BUFFER
`
`INPUT BUFFER
`
`ONE-WIRE
`INTERFACE
`
`28
`30
`26
`
`- -
`
`-1----
`
`-
`32
`
`AMEX 1001 - Page 1 of 22
`
`
`
`U.S. Patent
`
`Aug. 17, 1999
`
`Sheet 1 of 8
`
`5,940,510
`
`114
`
`110
`
`112
`
`116
`
`CREDIT CARD
`READER
`
`CASH
`ACCEPTOR
`
`AUTOMATIC
`TELLER
`MACHINE
`
`PHONE
`LINE
`
`PORTABLE t - - - - - i
`MODULE
`
`106
`
`102
`
`.--
`
`I
`1
`
`----------,
`I
`SECURE
`1
`MICROPROCESSOR~~MICROPROCESSOR 1
`I
`BASED DEVICE
`BASED DEVICE
`1
`L __ _
`__ _j
`108
`
`104
`
`FIG. 1
`
`AMEX 1001 - Page 2 of 22
`
`
`
`U.S. Patent
`
`Aug. 17, 1999
`
`Sheet 2 of 8
`
`5,940,510
`
`ID NUMBER\
`
`210
`
`/212
`
`/204
`
`L202
`
`I
`
`I OUTPUT BUFFER'
`I INPUT BUFFER I
`
`INPUT /OUTPUT
`CONTROL
`ONE-WIRE
`INTERFACE \
`
`"'214
`
`I
`
`MEMORY
`CONTROL -
`
`~
`
`MEMORY
`
`I
`
`SCRATCH BAD
`MEMORY
`
`!coUNTER
`
`y TIMER
`
`206
`
`208
`
`PORTABLE MODULE
`
`FIG. 2
`
`AMEX 1001 - Page 3 of 22
`
`
`
`U.S. Patent
`
`Aug. 17, 1999
`
`Sheet 3 of 8
`
`5,940,510
`
`UNIQUE ID NUMBER
`
`r-1 4
`
`/v--
`
`r--
`
`CLOCK
`
`MICRO PROCESSOR
`/ v
`
`12
`
`-
`
`MATH COPROCESSOR
`/
`
`-
`
`18
`
`1----'
`
`OUTPUT BUFFER
`
`INPUT BUFFER
`
`ONE-WIRE
`INTERFACE
`
`v v
`-v
`-
`-
`
`/
`
`FIG. 3
`
`- - - -
`
`28
`30
`
`26
`
`32
`
`CONTROL
`
`ROM
`
`I".
`I'-
`
`"'""'---
`"' r-
`NV RAM "' t-
`+V Tv
`ENERGY/
`CIRCUITRY rJ_
`-
`
`r--1 6
`
`t-2 2
`
`t--
`
`20
`t-2
`4
`
`- 34
`
`MODULE
`
`AMEX 1001 - Page 4 of 22
`
`
`
`U.S. Patent
`
`Aug. 17, 1999
`
`Sheet 4 of 8
`
`5,940,510
`
`PORTABLE MODULE
`
`MICROPROCESSOR
`BASED DEVICE
`
`SECURE MODULE
`
`CONTAINS:
`CD ID NUMBER
`Q) TRANSACTION COUNTER
`COUNT
`
`(j) ENCRYPTED DATA PACKET ----
`AliD NUMBER
`B TRANSACTION COUNT
`C MONETARY VALUE
`
`1
`X
`
`-
`
`READ (SERIAL NUMBER,
`TRANSACTION COUNTER,.__ ____ ____,
`AND ENCRYPTED DATA)
`AS DATA-ONE
`
`READ DATA-ONE AND
`A FIRST AMOUNT OF
`VALUE TO REMOVE FROM
`THE PORTABLE MODULE
`T
`DECRYPT ENCRYPTED
`DATA USING A
`x4 ~~--~P~U~B_LIC~K_EY ____ ~
`
`•
`
`xs~
`
`COMPARE SERIAL NUMBER
`RECEIVED
`IN DATA-ONE
`WITH SERIAL NUMBER
`IN DECRYPTED DATA
`
`IF THEY MATCH, THEN
`COMPARE TRANSACTION
`COUNTER RECEIVED
`IN
`DATA-ONE WITH THE
`TRANSACTION COUNT IN
`DECRYPTED DATA
`t
`IF THEY MATCH SUBTRACT
`THE 1ST AMOUNT FROM
`THE MONETARY VALUE
`FOUND IN THE DECRYPTED
`DATA AND INCREMENT THE
`TRANSACTION COUNTER
`FOUND IN THE DECRYPTED
`DATA
`f
`INCREASE THE VALUE REGISTER
`BY THE SAME AMOUNT THE
`MONEY VALUE FOUND IN THE
`DECRYPTED DATA WAS
`DECREASED
`
`FIG. 4
`
`X7 _____..-
`
`XB _____..-
`
`AMEX 1001 - Page 5 of 22
`
`
`
`U.S. Patent
`
`Aug. 17, 1999
`
`Sheet 5 of 8
`
`5,940,510
`
`PORTABLE MODULE
`
`MICROPROCESSOR
`BASED DEVICE
`
`SECURE MODULE
`
`--
`
`X9
`
`X10
`
`X11
`
`--
`--
`--
`
`FIG. 4
`(CONTINUED)
`
`X12
`
`CREATE DATA-TWO COMPRISING
`(THE PORTABLE MODULE'S
`SERIAL NUMBER, INCREMENTED
`TRANSACTION COUNTER, AND
`REDUCED MONETARY VALUE)
`AND ENCRYPT DATA-TWO
`USING A PRIVATE KEY
`t
`RECEIVE ENCRYPTED
`DATA-TWO
`
`RECEIVE ENCRYPTED
`DATA-TWO AND
`STORE IN MEMORY
`1
`INCREMENT TRANSACTION
`COUNTER
`
`AMEX 1001 - Page 6 of 22
`
`
`
`U.S. Patent
`
`Aug. 17, 1999
`
`Sheet 6 of 8
`
`5,940,510
`
`PORTABLE MODULE
`
`MICROPROCESSOR
`BASED DEVICE
`
`SECURE MODULE
`
`CONTAINS:
`
`(DID NUMBER
`
`<2) TRANSACTION COUNTER
`COUNT
`
`READ (SERIAL NUMBER,
`f---- TRANSACTION COUNTER,
`AND ENCRYPTED DATA)
`AS DATA-ONE
`
`Y2/
`
`Y3 ____.
`
`Y4
`
`Y5____.
`
`Y6-----
`
`Y7-----
`
`Ys-----
`
`YB--
`
`!
`
`READ DATA-ONE AND A FIRST
`AMOUNT OF VALUE TO ADD
`TO THE PORTABLE MODULE
`1
`DECRYPT ENCRYPTED DATA
`USING A PUBLIC KEY
`f
`COMPARE SERIAL NUMBER
`RECEIVED
`IN DATA-ONE WITH
`SERIAL NUMBER IN
`DECRYPTED DATA
`1
`IF THE SERIAL NUMBERS
`MATCH, THEN COMPARE THE
`TRANSACTION COUNTER IN
`DATA-ONE WITH THE
`DECRYPTED TRANSACTION
`COUNT
`T
`IF THE TRANSACTION COUNTS
`MATCH, THEN ADD THE 1ST
`AMOUNT OF VALUE TO THE
`MONETARY VALUE FOUND IN
`THE DECRYPTED DATA
`
`'
`
`INCREMENT THE TRANSACTION
`COUNTER FOUND IN THE
`DECRYPTED DATA
`t
`DECREASE A VALUE REGISTER
`BY THE SAME AMOUNT THE
`MONEY VALUE WAS INCREASED
`
`t
`
`G) ENCRYPTED DATA PACKET
`AliD NUMBER
`B TRANSACTION COUNT
`C MONETARY VALUE
`
`r--- Yl
`
`CREATE DATA-TWO COMPRISING
`(THE PORTABLE MODULE'S
`YlO ____. SERIAL NUMBER, INCREMENTED
`TRANSACTION COUNTER, AND
`INCREASED MONETARY VALUE).
`ENCRYPT DATA-TWO
`USING A PRIVATE KEY.
`1
`RECEIVE ENCRYPTED
`DATA- TWO
`1
`RECEIVE ENCRYPTED
`DATA-TWO AND
`STORE
`IN MEMORY
`
`Y11-----
`
`Y12____......
`
`Y13____......
`
`'
`
`INCREMENT TRANSACTION
`COUNTER
`
`FIG. 5
`
`AMEX 1001 - Page 7 of 22
`
`
`
`U.S. Patent
`
`Aug. 17, 1999
`
`Sheet 7 of 8
`
`5,940,510
`
`READ/WRITE OBJECT COMMANDS
`
`LOCKED
`TRANSACTION
`GROUP
`
`4}
`
`MODULE
`108
`
`PIN
`MATCH
`
`,-
`
`J
`READ-ONLY OBJECT COMMAND
`READ/WRITE OBJECT COMMANDS
`
`1-WIRE
`
`1/0 - r-
`
`DATA
`TRANSPORT
`LAYER
`
`fc::;
`
`COMMAND
`INTERPRETER
`
`PIN
`MATCH
`HsCRIPTsJ
`
`LOCKED
`TRANSACTION
`GROUP
`
`~O~jf~TS (O~
`I PRIVATE (P~
`!OBJECTS
`
`YLOCKED ()I
`OBJECTS L
`
`READ-ONLY OBJECT COMMAND
`
`READ/WRITE OBJECT COMMANDS
`
`LOCKED
`TRANSACTION
`GROUP
`~ O~jf~TS {O)I
`J PRIVATE (P~
`!OBJECTS
`y LOCKED
`
`OBJECTS
`
`{L)J
`
`--jscRIPTSJ
`
`READ ONLY OBJECT COMMAND
`
`PIN
`MATCH
`
`-
`
`FIG. 6
`
`I- 40
`~ o~jf~Ts (ot I- 42
`J PRIVATE (Pt
`!OBJECTS
`
`HscRIPTsj
`
`YLOCKED ( t
`
`OBJECTS L
`
`I- 42
`
`I- 42
`
`r-- 40
`
`- 40
`
`AMEX 1001 - Page 8 of 22
`
`
`
`U.S. Patent
`
`Aug. 17, 1999
`
`Sheet 8 of 8
`
`5,940,510
`
`--
`
`40
`
`40
`
`1/0 DATA BUFFERS
`
`SYSTEM DATA
`COMMON PIN, RANDOM
`NUMBER REGISTER, ETC ...
`
`OUTPUT DATA OBJECT #1
`
`OUTPUT DATA OBJECT #2
`
`WORKING REGISTER
`
`TRANSACTION GROUP 1
`
`TRANSACTION GROUP 2
`
`TRANSACTION GROUP N
`
`AUDIT TRAIL*
`
`CIRCULAR BUFFER OF
`TRANSACTION RECORDS
`
`*THE AUDIT TRAIL DOES
`NOT EXIST UNTIL THE
`MICRO-IN-A-CAN
`HAS BEEN LOCKED
`
`ONCE LOCKED ALL
`UNUSED RAM
`IS
`ALLOCATED FOR
`THE AUDIT TRAIL
`
`FIG. 7
`
`TRANSACTION GROUP
`
`GROUP NAME,
`PASSWORD AND ATTRIBUTES
`
`OBJECT 1
`
`OBJECT 2
`
`r--- 42
`
`OBJECT N
`
`r--- 42
`
`TRANSACTION RECORD
`
`GROUP OBJECT
`ID
`ID
`
`DATE/TIME
`STAMP
`
`AMEX 1001 - Page 9 of 22
`
`
`
`5,940,510
`
`1
`TRANSFER OF VALUABLE INFORMATION
`BETWEEN A SECURE MODULE AND
`ANOTHER MODULE
`
`CROSS REFERENCE TO OTHER
`APPLICATIONS
`
`5
`
`The following applications of common assignee contains
`related subject matter and is hereby incorporated by refer(cid:173)
`ence:
`Ser. No. 08/594,983, filed Jan. 31, 1996, entitled
`METHOD, APPARATUS, SYSTEM AND FIRMWARE
`FOR SECURE TRANSACTIONS; and
`Ser. No. 08/595,014, filed Jan. 31, 1996, entitled
`METHOD, APPARATUS AND SYSTEM FOR TRANS- 15
`FERRING UNITS OF VALUE.
`
`10
`
`BACKGROUND OF THE INVENTION
`
`20
`
`25
`
`1. Technical Field of the Invention
`The present invention relates to a method and system for
`transferring valuable information securely between a secure
`module and another module. More particularly, the present
`invention relates to transferring units of value between a
`microprocessor based secure module and another module
`used for carrying a monetary equivalent.
`2. Description of Related Art
`In the past the preferred means for paying for an item was
`cash. As our society has become more advanced, credit cards
`have become an accepted way to pay for merchandise or 30
`services. The payment is not a payment to the merchant, but
`instead is a credit given by a bank to the user that the
`merchant accepts as payment. The merchant collects money
`from the bank based on the credit. As time goes on, cash is
`used less and less, and money transfers between parties are 35
`becoming purely electronic.
`Present credit cards have magnetic strips to identify the
`owner of the card and the credit provider. Some credit cards
`have electronic circuitry installed that identifies the credit
`card owner and the credit or service provider (the bank).
`The magnetic strips installed in present credit cards do not
`enable the card to be used as cash. That is the modern credit
`card does not allow the consumer to buy something with the
`credit card and the merchant to receive cash at the time of
`the transaction. Instead, when the consumer buys something
`on credit, the merchant must later request that the bank pay
`for the item that the consumer bought. The bank then bills
`the consumer for the item that was bought.
`Thus, there is a need for an electronic system that allows
`a consumer to fill an electronic module with a cash equiva(cid:173)
`lent in the same way a consumer fills his wallet with cash.
`When the consumer buys a product or service from a
`merchant, the consumer's module can be debited and the
`merchant's cash drawer can be credited without any further
`transactions with a bank or service provider.
`
`2
`station, and be debited by a merchant when a product or
`service is purchased by the consumer. As a result of a
`purchase, the merchant's cash drawer will indicate an
`increase in cash value.
`
`BRIEF DESCRIPTION OF THE DRAWINGS
`
`A more complete understanding of the method and appa(cid:173)
`ratus of the present invention may be had by reference to the
`following Detailed Description when taken in conjunction
`with the accompanying Drawings wherein:
`FIG. 1 depicts an exemplary system for transferring
`valuable information between a module and a secure device;
`FIG. 2 is a block diagram of an embodiment of a portable
`module;
`FIG. 3 is a block diagram of an embodiment of a
`microprocessor based module;
`FIG. 4 is an exemplary technique for transferring valuable
`data securely into a portable module;
`FIG. 5 is an exemplary technique for transferring valuable
`data securely out of a portable module;
`FIG. 6 is an exemplary organization of the software and
`firmware within a secure microprocessor based device; and
`FIG. 7 is an exemplary configuration of software and
`firmware within a secure microprocessor based device.
`
`DETAILED DESCRIPTION OF A PRESENTLY
`PREFERRED EXEMPLARY EMBODIMENT
`
`45
`
`FIG. 1 depicts a block diagram of an exemplary system
`100 for transferring valuable information to and from a
`portable module. A portable module 102, which will be
`described in more detail later, communicates to a micropro-
`cessor based device 104. The portable module 102 may
`contain information that represents units of exchange or a
`currency equivalent. The microprocessor based device 104
`can be any of an unlimited number of devices. For example,
`the microprocessor based device 104 could be a personal
`computer, an add-a-fare machine at a train or bus station
`40 (similar to those in today's District of Columbia metro
`stations), a turn style, a toll booth, a bank's terminal, a ride
`at a carnival, a washing machine at a Laundromat, a locking
`device, a mail metering device or any device that controls
`access, or meters a monetary equivalent, etc.
`The means for communication 106 between the portable
`module 102 and the microprocessor based device 104 is
`preferably via a single wire or contact connection. The
`single wire connection 106 preferably incorporates a com-
`50 munication protocol that allows the portable module 102 and
`the microprocessor based device 104 to communicate in a
`bidirectional manner. Preferably the communication proto(cid:173)
`col is a one-wire protocol developed by Dallas Semicon(cid:173)
`ductor. It is understood that the means for communicating
`55 106 is not limited to a single wire connection. The commu(cid:173)
`nication means 106 could be multiple wires, a wireless
`communication system, infrared light, any electromagnetic
`means, a magnetic technique, or any other similar technique.
`The microprocessor based device 104 is electrically con-
`60 nected to another microprocessor based device, which is
`preferably a secure device 108. The term secure device
`means that the device is designed to contain a secret code
`and the secret code is extremely difficult to learn. An
`example of a secure device 108 is explained later in this
`65 document.
`The microprocessor based device 104 can be connected to
`a variety of other devices. Such devices include, but are not
`
`SUMMARY OF THE INVENTION
`
`The present invention is an apparatus, system and method
`for communicating a cash equivalent electronically to and
`from a portable module. The portable module can be used as
`a cash equivalent when buying products and services in the
`market place.
`The present invention comprises a portable module that
`can communicate to a secure module via a microprocessor
`based device. The portable module can be carried by a
`consumer, filled with electronic money at an add-money
`
`AMEX 1001 - Page 10 of 22
`
`
`
`5,940,510
`
`15
`
`25
`
`3
`limited to a cash acceptor 110, an automatic teller machine
`(AIM) 112, a credit card reader 114, and a phone line 116.
`The cash acceptor 110 is adapted to receive cash in the
`form of currency, such as dollar bills or coins. The cash
`acceptor 110, preferably, determines the value of the
`accepted currency. The cash acceptor 110 communicates to
`the microprocessor based device 104 and informs the device
`104 of how much currency has been deposited in the cash
`acceptor 110.
`The cash acceptor 110 can also be a device which pro- 10
`vides currency. That is, the cash accepter 110 in response to
`a communication from the microprocessor based device
`104, may provide a metered amount of currency to a person.
`The credit card reader 114, and ATM 112 can also be
`attached to the microprocessor based device 104. The credit
`card reader 114 could be used to read a user's credit card and
`then, when authorized, either communicate to the micropro(cid:173)
`cessor based device 104 that units of exchange need to be
`added to the portable module or that units of exchange need
`to be extracted from the portable module to pay for a good,
`service or credit card bill.
`The ATM 112 may also be connected to the micropro(cid:173)
`cessor based device. Via communications from the ATM
`112, the microprocessor based device 104 can be informed
`that units of exchange need to be added or subtracted from
`the portable module 102.
`Furthermore, it is also possible that the microprocessor
`based device 104 is connected to a phone line 116. The
`phone line may be used for a variety of things. Most 30
`importantly, the phone line may be used to allow the
`microprocessor based device 104 to communicate with a
`network of devices. Such telephonic communication may be
`for validating transactions or for aiding the accounting of
`transactions that are performed via the microprocessor based 35
`device's 104 aid. It is further understood that the phone line
`may be any of a vast variety of communication lines
`including wireless lines. Video, analog, or digital informa(cid:173)
`tion may be communicated over the phone line 116.
`FIG. 2 depicts a preferred exemplary portable module 40
`102. The portable module 102 is preferably a rugged read/
`write data carrier that can act as a localized data base and be
`easily accessed with minimal hardware. The module can be
`incorporated in a vast variety of portable items which
`includes, but is not limited to a durable micro-can package
`that is highly resistant to environmental hazards such as dirt,
`moisture, and shock. The module can be incorporated into
`any object that can be articulated by a human or thing, such
`as a ring, bracelet, wallet, name tag, necklace, baggage,
`machine, robotic device, etc. Furthermore, the module 102
`could be attached to a stationary item and the microproces(cid:173)
`sor based device 104 may be articulated to the portable
`module 102. For example, the module 102 may be attached
`to a piece of cargo and a module reader may be touched to
`or brought near the module 102. The module reader may be
`part of the microprocessor based device 104.
`The portable module 102 comprises a memory 202 that is
`preferably, at least in part, nonvolatile memory for storing
`and retrieving vital information pertaining to the system to
`which the module 102 may become attached to. The
`memory 202 may contain a scratchpad memory which may
`act as a buffer when writing into memory. Data is first
`written to the scratchpad where it can be read back. After
`data has been verified, the data is transferred into the
`memory.
`The module 102 also comprises a counter 206 for keeping
`track of the number of transactions the module has per-
`
`4
`formed (the number of times certain data in the memory of
`the module has been changed). A timer 102 may be provided
`in the module to provide the ability to time stamp transac(cid:173)
`tions performed by the module. A memory controller 204
`5 controls the reading and writing of data into and out of the
`memory 202.
`The module also may comprise an identification number
`210. The identification number preferably uniquely identi(cid:173)
`fies the portable module from any other portable module.
`An input/output control circuit 212 controls the data flow
`into and out of the portable module 102. The input/output
`control ("110") 212 preferably has an input buffer and an
`output buffer and interface circuitry 214. As stated above,
`the interface circuitry 214 is preferably a one-wire interface.
`Again, it is understood that a variety of technologies can be
`used to interface the portable module 102 to another elec(cid:173)
`tronic device. A single wire or single connection is preferred
`because the mechanics of making a complete connection is
`simplified. It is envisioned that a proximity/wireless com-
`20 munication technique is also a technique for communicating
`between the module 102 and another device. Thus, the
`interface circuit 214 can be a single wire, multiple wire,
`wireless, electromagnetic, magnetic, light, or proximity,
`interface circuit.
`FIG. 3 depicts a block diagram of an exemplary secure
`microprocessor based device ("secure device") 108. The
`secure device circuitry can be a single integrated circuit. It
`is understood that the secure device 108 could also be a
`monolithic or multiple circuits combined together. The
`secure device 108 preferably comprises a microprocessor
`12, a real time clock 14, control circuitry 16, a math
`coprocessor 18, memory circuitry 20, input/output circuitry
`26, and an energy circuit 34.
`The secure device 108 could be made small enough to be
`incorporated into a variety of objects including, but not
`limited to a token, a card, a ring, a computer, a wallet, a key
`fob, a badge, jewelry, a stamp, or practically any object that
`can be grasped and/or articulated by a user of the object. In
`the present system 100, the secure device 108 is preferably
`adapted to be a trusted certifying authority. That is the secure
`device 108 is a trusted computer. The secure device 108
`comprises a numeric coprocessor 18 optimized for math
`intensive encryption. The BIOS is immune to alteration and
`is specifically designed for secure transactions. This secure
`45 device 108 is preferably encased in a durable, dirt, moisture
`and shock resistant stainless steel enclosure, but could be
`encased in wide variety of structures so long as specific
`contents of the secure device 108 are extremely difficult to
`decipher. The secure device 108. The secure device 108 may
`50 have the ability to store or create a private/public key set,
`whereby the private key never leaves the secure device 108
`and is not revealed under almost any circumstance.
`Furthermore, the secure module 108 is preferably designed
`to prevent discovery of the private key by an active self-
`55 destruction of the key upon wrongful entry.
`The microprocessor 12 is preferably an 8-bit
`microprocessor, but could be 16, 32, 64 or any operable
`number of bits. The clock 14 provides timing for the module
`circuitry. There can also be separate clock circuitry 14 that
`60 provides a continuously running real time clock.
`The math coprocessor circuitry 18 is designed and used to
`handle very large numbers. In particular, the coprocessor
`will handle the complex mathematics of RSA encryption and
`decryption or other types of math intensive encryption or
`65 decryption techniques.
`The memory circuitry 20 may contain both read-only(cid:173)
`memory and non-volatile random-access-memory.
`
`AMEX 1001 - Page 11 of 22
`
`
`
`5,940,510
`
`6
`Provider for the benefit of the End User. For this reason, the
`secure module 108 offers functions to support the Service
`Provider in setting up the module for an intended applica(cid:173)
`tion. It also offers functions to allow the End User to invoke
`the services offered by the Service Provider.
`Each Service Provider can reserve a block of NVRAM
`memory to support its services by creating a transaction
`group 40 (refer to FIGS. 6 and 7). A transaction group 40 is
`simply a set of software objects 42 that are defined by the
`Service Provider. These objects 42 include both data objects
`(encryption keys, transaction counts, money amounts, date/
`time stamps, etc.) and transaction scripts 44 which specify
`how to combine the data objects in useful ways. Each
`Service Provider creates his own transaction group 40,
`which is independent of every other transaction group 40.
`Hence, multiple Service Providers can offer different ser(cid:173)
`vices in the same module 108. The number of independent
`Service Providers that can be supported depends on the
`number and complexity of the objects 42 defined in each
`transaction group 40. Examples of some of the objects 42
`that can be defined within a transaction group 40 are the
`following:
`
`RSAModulus
`RSA Exponent
`Transaction Script
`Transaction Counter
`Money Register
`Destructor
`
`Clock Offset
`Random SALT
`Configuration Data
`Input Data
`Output Data
`
`5
`
`5
`Furthermore, one of ordinary skill in the art would under(cid:173)
`stand that volatile memory, EPROM, SRAM and a variety of
`other types of memory circuitry might be used to create an
`equivalent device.
`Control circuitry 16 provides timing, latching and various
`necessary control functions for the entire circuit.
`An input/output circuit 26 enables bidirectional commu(cid:173)
`nication with the secure module 108. The input/output
`circuitry 26 preferably comprises at least an output buffer
`and an input buffer. For communication via a one-wire bus, 10
`one-wire interface circuitry can be included with the input/
`output circuitry 26. It is understood that the input/output
`circuitry 26 of the secure device 108 can be designed to
`operate on a single wire, a plurality of wires or any means
`for communicating information between the secure module 15
`108 and the microprocessor based device 104.
`An energy circuit 34 may be necessary to maintain stored
`information in the memory circuitry 20 and/or aid in pow(cid:173)
`ering the other circuitry in the module 108. The energy
`circuit 34 could consist of a battery, capacitor, RIC circuit, 20
`photo-voltaic cell, or any other equivalent energy producing
`circuit or means.
`The firmware architecture of the secure module 108 and
`how it operates within the exemplary system for transferring
`valuable information, such as units of exchange or currency, 25
`between the secure module 108 and a portable module 102
`will now be discussed. The secure module 108 provides
`encryption and decryption services for confidential data
`transfer through the microprocessor based device 104. The
`following examples are intended to illustrate a preferred 30
`feature set of the secure module 108 and to explain the
`services that the exemplary system 100 can offer. These
`applications and examples by no means limit the capabilities
`of the invention, but instead bring to light a sampling of its
`capabilities.
`I. OVERVIEW OF THE PREFERRED SECURE MODULE
`108 AND ITS FIRMWARE DESIGN
`Referring to FIG. 3 again, the secure module 108 prefer(cid:173)
`ably contains a general-purpose, 8051-compatible micro
`controller 12 or a reasonably similar product, a continuously
`running real-time clock 14, a high-speed modular exponen(cid:173)
`tiation accelerator for large integers (math coprocessor) 18,
`input and output buffers 28, 30 with a one-wire interface 32
`for sending and receiving data, 32 Kbytes of ROM memory
`22 with preprogrammed firmware, 8 Kbytes of NVRAM 45
`(non-volatile RAM) 24 for storage of critical data, and
`control circuitry 16 that enables the micro controller 12 to be
`powered up to interpret and act on the data placed in an input
`data object. The module 108 draws its operating power from
`a single wire, one-wire communication line. The micro 50
`controller 12, clock 14, memory 20, buffers 28, 30, one-wire
`front-end 32, modular exponentiation accelerator 18, and
`control circuitry 16 are preferably integrated on a single
`silicon chip and packaged in a stainless steel micro can using
`packaging techniques which make it virtually impossible to 55
`probe the data in the NVRAM 24 without destroying the
`data. Initially, most of the NVRAM 24 is available for use
`to support applications such as those described below. One
`of ordinary skill will understand that there are many com(cid:173)
`parable variations of the module design. For example, 60
`volatile memory might be used, or an interface other than a
`one-wire interface could be used.
`The secure module 108 is preferably intended to be used
`first by a Service Provider who loads the secure module 108
`with data to enable it to perform useful functions, and 65
`second by an End User who issues commands to the secure
`module 108 to perform operations on behalf of the Service
`
`Within each transaction group 40 the secure module 108
`will initially accept certain commands which have an irre(cid:173)
`versible effect. Once any of these irreversible commands are
`executed in a transaction group 40, they remain in effect
`35 until the end of the module's useful life or until the trans-
`action group 40, to which it applies, is deleted from the
`secure module 108. In addition, there are certain commands
`which have an irreversible effect until the end of the mod-
`ule's life or until a master erase command is issued to erase
`40 the entire contents of the secure module 108. These com-
`mands will be discussed further below. These commands are
`essential to give the Service Provider the necessary control
`over the operations that can be performed by the End User.
`Examples of some of the irreversible commands are:
`
`Privatize Object
`Lock Transaction Group
`
`Lock Object
`Lock Micro-In-A-Can TM
`
`Since much of the module's utility centers on its ability to
`keep a secret, the Privatize command is a very important
`irreversible command.
`Once the secure module 108, as a whole, is locked, the
`remaining NVRAM memory 24 is allocated for a circular
`buffer for holding an audit trail of previous transactions.
`Each of the transactions are identified by the number of the
`transaction group, the number of objects 42 within the
`specified group, and the date/time stamp.
`The fundamental concept implemented by the firmware is
`that the Service Provider can store transaction scripts 44 in
`a transaction group 40 to perform only those operations
`among objects that he wishes the End User to be able to
`perform. The Service Provider can also store and privatize
`RSA key or keys (encryption keys) that allow the secure
`module 108 to "sign" transactions on behalf of the Service
`Provider, thereby guaranteeing their authenticity. By priva(cid:173)
`tizing and/or locking one or more objects 42 in the trans-
`
`AMEX 1001 - Page 12 of 22
`
`
`
`5,940,510
`
`7
`action group 40, the Service Provider maintains control over
`what the secure module 108 is allowed to do on his behalf.
`The End User cannot add new transaction scripts 44 and is
`therefore limited to the operations on objects 42 that can be
`performed with the transaction scripts 44 programmed by 5
`the Service Provider.
`II. USAGE MODELS OF 1HE SECURE MODULE 108
`AND PORTABLE MODULE 102
`This section presents practical applications of the system
`100. Each of these applications is described in enough detail
`to make it clear why the secure module 108 and portable
`module 102 are important to the system application.
`A TRANSFERRING UNITS OF EXCHANGE OUT OF A
`PORTABLE MODULE 102
`This section describes an example of how a portable
`module 102 and a secure module 108 operate in conjunction
`with the microprocessor based device 104 so that units of
`exchange can be securely transferred out of the portable
`module 102 and deposited into the secure module 108 and/or
`potentially communicated to at least one of the cash acceptor
`110, AIM 112, credit card reader 114, or the phone line 116.
`Referring to FIG. 4, initially the portable module 102
`contains its ID number, a count within its transaction counter
`and an encrypted data packet stored in memory. Encrypted
`within the data packet is the portable modules ID number,
`the portable modules transaction count number, and the 25
`amount of value (the monetary value) of the portable module
`at the present time Xl.
`The user of the portable module touches, or somehow puts
`the portable module 102 into communication with the
`microprocessor based device 104. For explanation purposes, 30
`suppose the portable module 102 is being used as a token
`used to pay for a train fare. Thus, the microprocessor based
`device 104 could be, in this case, a turn style that allows the
`user to enter a train platform. The cost of entering the train
`platform is known by the microprocessor based device 104. 35
`The microprocessor based device 104 reads the portable
`module's serial number, transaction count, and the
`encrypted data packet X2. This data could be referred to as
`a first data.
`The microprocessor device 104 then provides the first
`data along with a first value, being the amount of value to be
`debited from the portable token (the train fare), to the secure
`module 108 X3. The secure module 108 decrypts the
`encrypted data found in the first data using a public key X4.
`Next, the secure module 108 makes a few comparisons to
`make sure that the data received is good data and not
`counterfeit. The secure module 108 compares the serial
`number received in the first data with the decrypted serial
`number X5. If the two serial numbers match then the secure
`module 108 compares the transaction count received in the
`first data with the decrypted transaction count X6. If the two
`transaction counts match then the secure module is com(cid:173)
`fortable that the data received is not counterfeit data. It is
`understood that the comparisons can b