US 6,763,399 B2
`(10) Patent No.:
`a2) United States Patent
`Margalitet al.
`(45) Date of Patent:
`Jul. 13, 2004
`
`
`US006763399B2
`
`(54) USB KEY APPARATUS FOR INTERACTING
`WITH A USB HOST VIA A USB PORT
`
`6,168,077 B1 *
`6,216,230 B1 *
`
`
`1/2001 Gray et al. wo 235/375
`4/2001 Rallis et al. ow. 713/185
`
`FOREIGN PATENT DOCUMENTS
`Inventors: Yanki Margalit, Ramat Gan (IL); Dany
`0554164 AL
`8/1993
`aeseesseee G06K/7/00
`EP
`Margalit, Ramat Gan (IL); Rami
`
`
`Kastershtien, Tcl Aviv (IL) 0848315 A2=6/1998. eee GO06F/1/00EP
`WO
`WO 94/10773
`S/1994
`acess HO04K/1/00
`
`(75)
`
`(73) Assignee: Aladdin Knowledge Systems, Ltd., Tel
`Aviv (IL)
`Subjectto anydisclaimer, the term ofthis
`patent is extended or adjusted under 35
`U.S.C. 154(b) by 21 days.
`
`(*) Notice:
`
`(21) Appl. No.: 10/126,520
`(22) Tiled:
`Apr. 22, 2002
`:
`.
`o.
`(65)
`Prior Publication Data
`US 2004/0073726 Al Apr. 15, 2004
`Related U.S. Application Data
`/
`oo
`.
`(63) Continuation of appfication No. 09/189,960, filed on Nov.
`10, 1998, now abandoned.
`(51) Wnt. CW? oe GO06F 1/00; GO6F 13/00;
`HO4L 9/10
`52) US. Che ccccccccccscccscscsesesssessees 710/13; 710/8; 710/63;
`TOs
`fOD,
`¢
`)
`13;
`710/103; 713/200; 713/202; 713/185
`(58) Field of Search 0000. 710/8, 13, 63,
`710/103; 713/200, 202, 185
`
`(56)
`:
`
`References Cited
`U.S. PATENT DOCUMENTS
`6,151,647 A * 11/2000 Sarat oo... eeeeeeeeee 710/301
`
`OTHER PUBLICATIONS
`Pp. Guelle, “Un Dongle A PuceDe Telecarte” Electronique
`Radio Plans, Nov. 1991, No. 528, pp 75—78.
`Wibu-Key, Users guide version 2.50, Jul. 1998, WIBU-—Sys-
`tems AG pp. 12-16; 25-28; 153-154 & 163-164.
`* gited by
`:
`y examiner
`
`
`
`
`
`Primary Examiner—leffrey Gaffin
`Assistant Examiner—Tammara Payton
`(74) Attorney, Agent, or Firm—Mark M. Fricdman
`67
`ABSTRACT
`A smart card—host system that operates without the inter-
`mediation of a smart card reader. The smart card—host
`system comprises a host, which has a USB interface, and a
`portable device, which provides smart card function(s). The
`portable device has a smart card chip for performing the
`smart card function(s); a USB interface for connecting the
`portable device with the host via USB protocol; and a
`microprocessor for controlling the transfer of data between
`the USBinterface and the smart card chip, for converting
`data from a USB formatto the formatof the smart card chip
`and for converting data from the format of the smart card
`chip
`to a USB format.
`P
`
`27 Claims, 2 Drawing Sheets
`
`125
`
`USB Host Me
`
`USB Protocol
`
`Protocol
`
`SO 7816-3
`
`PayPal Inc. v. IOENGINE, LLC
`IPR2019-00884 (US 8,539,047)
`Exhibit 2077
`
`Page 1 of 6
`
`PayPal Inc. v. IOENGINE, LLC
`IPR2019-00884 (US 8,539,047)
`Exhibit 2077
`Page 1 of 6
`
`

`

`U.S. Patent
`
`Jul. 13, 2004
`
`Sheet 1 of 2
`
`US 6,763,399 B2
`
`FIG.
`
`1
`
`\
`
`::
`
`USB Protocol
`
`Hou
`
`FIRMWARE
`MEMORY
`
`7 USER'S DA=
`
`MEMORY ‘~
`
`CPU
`
`PayPal Inc. v. IOENGINE, LLC
`IPR2019-00884 (US 8,539,047)
`Exhibit 2077
`
`Page 2 of 6
`
`PayPal Inc. v. IOENGINE, LLC
`IPR2019-00884 (US 8,539,047)
`Exhibit 2077
`Page 2 of 6
`
`

`

`U.S. Patent
`
`Jul. 13, 2004
`
`Sheet 2 of 2
`
`US 6,763,399 B2
`
`FIG. 2
`
`425
`
`USB Protocol
`
`(ICC)
`
`[SO 7816-3
`Protocol
`
`ISO 7816-3
`Smart Card Chip
`
`PayPal Inc. v. IOENGINE, LLC
`IPR2019-00884 (US 8,539,047)
`Exhibit 2077
`
`Page 3 of 6
`
`PayPal Inc. v. IOENGINE, LLC
`IPR2019-00884 (US 8,539,047)
`Exhibit 2077
`Page 3 of 6
`
`

`

`US 6,763,399 B2
`
`1
`USB KEY APPARATUS FOR INTERACTING
`WITH A USB HOSTVIA A USB PORT
`
`2
`standard as described in USB specifications available over
`the Internet at www.usb.org.
`‘The term “USB key”or “USB token”refers to a hardware
`device whose circuitry interfaces with a USB port to per-
`form various functions.
`The term “smart card” refers to a typically plastic card in
`which is embedded a chip which interacts with a reader,
`thereby allowing a mobile bearcr of the smart card to interact
`FIELD OF THE INVENTION
`‘The present invention relates to USB (Universal serial 40 wilh a machine in which is installed a smart card reader,
`bus) apparatus and methods for using USB hosts.
`typically with any of a network of machines ofthis type.
`
`The present application is a Continuation application
`based onthe parent patent application 09/189/960 filed Nov.
`10, 1998 now abandoned,
`
`5
`
`BACKGROUND OF THE INVENTION
`The USB interface is described in specifications available
`over the Internet at www.usb.org.
`Conventional devices for providing computerized servic-
`ing to a mobile or stationary population of users typically
`include a smart card reader. The members of the mobile
`population bear smart cards which are used to interact with
`the computerized servicing device via the smart card reader.
`A particular disadvantage of smart cards is that
`they
`require a smart card rcader which is a rclativcly costly
`device. Computer hosts which are equipped with a smart
`card reader are a small subset of the universe of computer
`hosts because addition of a smart card reader makes the
`computer considerably more expensive.
`German Patent document DE 19631050 describes an
`interface converter for a universal scrial bus having a
`module with processor that changes format and protocol into
`that of a different bus system.
`The disclosures of all publications mentioned in the
`specification and of the publications cited therein are hereby
`incorporated byreference.
`
`45
`
`20
`
`BRIEF DESCRIPTION OF THE DRAWINGS
`The present invention will be understood and appreciated
`from the following detailed description, taken in conjunction
`with the drawings in which:
`FIG. 1 is a simplified block diagram of a USB key device
`including a CPU and a non-ISO7816 memory,
`the USB
`device being constructed and operative in accordance with a
`preferred embodiment of the present invention; and
`TIG. 2 is a simplified block diagram of a USB key device
`including a CPU and a ISO7816 memory, the USB device
`constructed and operative in accordance with a preferred
`embodiment of the present invention.
`DETAILED DESCRIPTION OF PREFERRED
`EMBODIMENTS
`
`30
`
`35
`
`Reference is now made to FIG. 1 which is a simplified
`block diagram of a USB key device including a CPU and a
`non-ISO7816 memory, the USB device being constructed
`and operative in accordance with a preferred embodiment of
`the present invention.
`A particular feature of the USB key device of FIG. 1 is
`that it has data storage capabilities and is thus analogous to
`a memorycard.
`SUMMARYOF TIE INVENTION
`_ The USB key device 10 comprises a PCB 25 which
`The present invention seeks to provide improved USB
`includes a microprocessor or CPU 30 such as a Motorola
`apparatus and improved methods for using the same.
`6805, Cypress chip or Intel 8051; a USBinterface device 40;
`There is thus provided,
`in accordance with a preferred
`embodimentofthe presentinvention USBkeyapparatus for 40 firmware memory 50 serving the firmware of the micropro-
`interacting with a USB host via a USB port, the USB key
`cessor »? mM memory 60 or size sutlicient to enable
`apparatus including a portable device configured to fit the
`contemplated computations on the part of the microproces-
`USB port,
`the portable device including a USB interface
`sor 30; and uscr data memory 70 which storcs a uscr’s data.
`.
`as
`Some or all of the USB interlace device 40, firmware
`conveying USB communications to and from a USB host, a 4s memory 50 and RAM memory60 may be within the CPU
`protocol translator operative to translate the USB commu-
`30.
`nications from USBprotocol, into smart card protocol such
`as an ISO7816 protocol, and from smart card protocol into
`USBprotocol and a smart card chip operative ta perform at
`least one smart card function such as authentication,
`cneryption, acccss control and secure memory.
`Also provided,
`in accordance with another preferred
`embodimentof the present invention, is USB key apparatus
`with data storage capabilities,
`the USB key apparatus
`including a portable device such as a PCB, configuredto fit
`the USB port, the portable device including a USBinterlace
`conveying USB communications to and from a USB host
`and a data storage unit storing information derived from the
`USB communications.
`
`Preferably the apparatus also includes a microprocessor
`operative to receive said USB communications from the
`USBinterface, to perform computations thereupon and to
`provide results of the computations to the data storage unit
`for storage and/or for encryption and/or for authentication
`and/or for acecss control.
`The term “USB port” refers to a port for connecting
`peripherals to a computer whichis built according to a USB
`
`60
`
`65
`
`The USBinterface devicc 40 and/orthe firmware memory
`50 may be integrated inside the microprocessor 30.
`The firmware mcmory may be any suitable type of
`memory such as but not
`limited to ROM, EPROM,
`EEPROM or FLASH.
`
`include
`The user data memory 70 typically does not
`1SO7816-3 memoryand may, for example, comprise any of
`the following types of memory: I?C, XI?C, %4 wire bus,
`FLASH.
`
`As shown, the USB key device 10 is configured to interact
`with any USBhost 20 such as but not limited to a personal
`computer or Macintosh having a USB port. Key-host inter-
`action is governed by a USB protocol such as the USB
`protocol described in the USB specifications available over
`the Internet at www.usb.org. USB packets pass between the
`USB host 20 and the USB interface chip 40. Each packet
`typically includes the following components:
`a. USB header;
`b. Data to be stored/read on the user’s data memory 70,
`plus additional information required byprotocols ofthe
`
`PayPal Inc. v. IOENGINE, LLC
`IPR2019-00884 (US 8,539,047)
`Exhibit 2077
`
`Page 4 of 6
`
`PayPal Inc. v. IOENGINE, LLC
`IPR2019-00884 (US 8,539,047)
`Exhibit 2077
`Page 4 of 6
`
`

`

`US 6,763,399 B2
`
`4
`
`5
`
`,,
`
`45
`
`25
`
`45
`
`60
`
`65
`
`3
`What is claimed is:
`memory chip 70, such as but not limited to the address
`1. Asmart card—host system, wherein a portable device
`to store/read the data, the length of data to store/read,
`and CRC checksum information.
`communicates directly with a USB interface of a host, said
`c. USB footer.
`smart card—host system comprising:
`a host, having thereon a USB interface;
`The flow of data typically comprises the following flow:
`a portable device, for providing smart card function(s),
`‘The USB interface chip 40 receives USB packets fromthe
`said portable device having thereon a smartcart chip,
`USBhost 20,parses the data, and feeds the parsed data to the
`for performing said smart card function(s), a USB
`microprocessor 30. The microprocessor 30 writes the data
`interface, for connecting said portable device with said
`to, or reads the data from, the firmware memory 50, the
`host via USB protocol; and a microprocessor,
`for
`RAM 60 or the user’s data memory 70, using each memo-
`enabling, at least one function selected from the group
`ry’s protocol.
`consisting of controlling the transfer of data betwecn
`In read operation, the microprocessor 30 passes the data
`said USB interface and said smart card chip, for con-
`to the USBinterface chip 40 which wraps the data in USB
`verting data from a USB format to the format of said
`packet format and passesit to the host 20.
`.
`smartcard chip and for converting data from the format
`FIG.2 is a simplified block diagram of a USB key device,
`constructed and operative in accordance with a preferred
`of said smart card chip to a USB format.
`embodiment of the present invention, which is a one-piece
`2. Asystem according to claim 1, wherein said portable
`smart card reader and smart card chip preferably providing
`device consists of at least one substrate having thereon said
`both secured storage and cryptographic capabilities. The
`smart chip, said USB interface, and said microprocessor.
`USB keydevice of FIG. 2 includes both a CPU and a smart
`3. A system according to claim 1, wherein said portable
`card chip (ICC) memory 170, typically a ISO7816 (T=0/1) 2
`device is a USB key operative as a component into which
`protocol-based chip communicating with the CPU 130 using
`said smart card chip, said USB interface, and said micro-
`an ISO7816-3 protocol. The apparatus of FIG. 2 is similar to
`processor are placed.
`the apparatus of FIG. 1 execpt that no scparate uscr’s data
`4. Asystem according to claim 1, wherein said portable
`memory 70 is provided. The size of the RAM 160 is
`device further comprises data storage meansfor at least one
`typically at least 262 bytes in order to support the ISO
`function selected from the group consisting of storing data
`7816_3 T=0 or T=1 protocols.
`required for the opcration of said microprocessor and storing
`Each packet typically includes the following components:
`dala required for the operation of said smart card chip.
`a. USB header;
`5. A system according to claim 1, wherein said portable
`b. ISO7816-3 T=0/1 protocol packet;
`39 device further comprises secured memory.
`c. USB footer.
`6. A system according to claim 1, wherein said system is
`The flow of data in the apparatus of FIG. 2 typically
`operative to perform at least one function selected from the
`comprises the following flow:
`group consisting of cryptography, authentication,
`The USB interlace chip 140 gets USB packets {rom the
`encryption, public key infrastructure, digital signature, RSA
`USBhost 120. The USB interface chip 140 parses the data
`and passes it to the microprocessor 130. The data, which 35 ad access control.
`.
`oo,
`typically comprises a IS07816-3 T=0/1 formatted packet, is
`J. A system according to claim 1, wherein said supports
`passed by the microprocessorto the smart-card 170 in a
`1807816 standard.
`-
`1SO7816-3 protocol. The microprocessor 130 gets the
`8. A portable smart card apparatus for providing smart
`response from the smart card 160 and passes the data to the
`card function(s) to a host system, by communicating directly
`USBinterface chip 140. The USB interface chip 140 wraps 40 With a USB interface of the host system, said smart card
`apparatus comprising:
`the data in USB packet format and passes it to the host 120.
`a smart card chip, for performing said smart card function
`Aparticular advantage of the embodiment of FIG.2 is that
`(s);
`smart card functionality is provided but there is no necd for
`a USBinterface, for connecting the portable device appa-
`a dedicated reader because the key 110 is connected directly
`to a USB socketin the host 120.
`ratus with the host system, via USB protocol; and
`The invention shown and described herein is particularly
`a microprocessor,
`for enabling at
`least one function
`useful for computerized systems serving organizations
`selected from the group consisting of controlling the
`which process sensitive information such as banks, insur-
`transfer of data between said USB interface and said
`ance companies, accountants and other commercial
`smart card chip, converting data from a USB formatto
`organizations, and professional organizations such as medi- 50
`the format of said a smart card chip and converting data
`cal or legal organizations.
`from the format of said smart card chip to a USB
`format.
`Tt is appreciated that the software components of the
`present invention may,if desired, be implemented in ROM
`9. An apparatus according to claim 8, wherein said
`portable device consists of at
`least one substrate having
`(read-only memory) form. The software components may,
`generally, be implemented in hardware, if desired, using
`thereon said smart chip, said USB interface, and said micro-
`processor.
`conventional techniques.
`It is appreciated that various features of the invention
`10. An apparatus according to claim 8, wherein said
`which are, for clarity, described in the contexts of scparate
`portable device is a USB keyopcrative as a component into
`embodiments may also be provided in combination in a
`which said smart card chip, said USB interface, and said
`single embodiment. Conversely, various features of the
`microprocessor are placed.
`invention which are, for brevily, described in the context of
`11. An apparatus according to claim 8, wherein said
`a single embodiment may also be provided separately or in
`portable device further comprises data storage means, for
`any suitable subcombination.
`storing data required for the operationof at least one elemen
`It will be appreciated by personsskilled in the art that the
`selected from the group consisting of said microprocessor
`present invention is not limited to what has been particularly
`and said smart card chip.
`shown and described hereinabove. Rather, the scope of the
`12. An apparatus according to claim 8, wherein said
`present invention is defined only by the claims that follow.
`portable device further comprises secured memory.
`
`
`
`PayPal Inc. v. IOENGINE, LLC
`IPR2019-00884 (US 8,539,047)
`Exhibit 2077
`
`Page 5 of 6
`
`PayPal Inc. v. IOENGINE, LLC
`IPR2019-00884 (US 8,539,047)
`Exhibit 2077
`Page 5 of 6
`
`

`

`US 6,763,399 B2
`
`5
`13. An apparatus according to claim 8, wherein said
`apparatus is operative to perform at
`least one function
`selected from the group consisting of cryptography,
`authentication, encryption, public key infrastructure, digital
`signature, RSA and access control.
`14. An apparatus according to claim 8,wherein said appa-
`ratus supports ISO7816 standard.
`15. Amethod forinteracting directly between a smart card
`chip and a host via a USB interface of the host, comprising
`the stepsof:
`coupling the host with a USB interface, for interacting
`with an external device via USB protocol;
`providing a portable external device, for being used as a
`platform for said smart card chip, said portable device
`having thereon a USBinterface, for interacting with the
`host via USB protocol; and a microprocessor,
`for
`executing at least one function selected from the group
`consisting of controlling the transfer of data between
`said USB interface and said smart card chip, converting
`data from a USB formatto the format of said smart card
`chip and converting data from the format of said smar
`card chip to a USB format;
`upon receiving data in the USB interface of said portable
`device, converting said data from a USB formatof said
`smart card by said microprocessor, and conveying the
`converted data to said smart card chip; and
`upon sending data from said smart card chip to the host,
`converting said data from the format of said smart card
`chip to said USB format by said microprocessor, con-
`veying the converted data to said USBinterface of said
`portable device, and there from to the host, via the
`host’s USB interface.
`16. Amethod according to claim 15, wherein said portable
`device consists of at least one substrate having thereon said
`smart chip, said USB interface, and said microprocessor.
`17. Amethod according to claim 15, wherein said portable
`device is a USB key operative as a component into which
`
`
`
`10
`
`30
`
`
`
`25. A system according to claim 24, wherein said smar
`chip is operationally connected directly to said micropro-
`cessor On a common substrate.
`26. A method according to c
`chip is operationally conncctcd
`cessor.
`
`27. Asyslem according to claim 26, wherein said smar
`chip is operationally connected directly to said micropro-
`cessor on a common substrate.
`
`6
`said smart card chip, said USB interface, and said micro-
`processor are placed.
`18. Amethod according to claim 15, wherein said portable
`device further comprises data storage means, for storing data
`required for operating at least onc componcntselected from
`the group consisting of microprocessors and smart card
`chips.
`19. Amethod according to claim 15, wherein said portable
`device further comprises sccurcd memory.
`20. A method according to claim 15, wherein said method
`is operative to perform at least one function selected from
`the group consisting of cryptography, authentication,
`encryption, public key infrastructure, digital signature, RSA
`and access control.
`21. Amethod according to claim 15, wherein said portable
`device supports ISO7816 standard.
`22. A system according to claim 1, wherein said smar
`chip is operationally connected directly to said micropro-
`cessor.
`
`23. A system according to claim 22, wherein said smar
`chip is operationally connected directly to said micropro-
`cessor on a common substrate.
`24. An apparatus according to claim 8, wherein said smar
`Ga
`hip is operationally connected directly to said micropro-
`cessor.
`
`
`
`
`
`dircetly to said micropro-
`
`
`aim 15, wherein said smar
`
`PayPal Inc. v. IOENGINE, LLC
`IPR2019-00884 (US 8,539,047)
`Exhibit 2077
`
`Page 6 of 6
`
`PayPal Inc. v. IOENGINE, LLC
`IPR2019-00884 (US 8,539,047)
`Exhibit 2077
`Page 6 of 6
`
`