US 6,763,399 B2
`(10) Patent No.:
`«2) United States Patent
`Margalit et al.
`(45) Date of Patent:
`Jul. 13, 2004
`
`
`US006763399B2
`
`(54) USB KEY APPARATUS FOR INTERACTING
`WITH A USB HOST VIA A USB PORT
`
`6,168,077 Bl *
`6,216,230 Bl *
`
`1/2001 Gray et ale cece 235/375
`4/2001 Rallis et aloo. 713/185
`
`(75)
`
`Inventors: Yanki Margalit, Ramat Gan (IL); Dany
`Margalit, Ramat Gan (IL); Rami
`Kastershtien, Tel Aviv (IL)
`
`(73) Assignee: Aladdin Knowledge Systems, Ltd., Tel
`Aviv (IL)
`Subject to anydisclaimer, the term ofthis
`patent is extended or adjusted under 35
`US.C. 154(b) by 21 days.
`
`(*) Notice:
`
`EP
`EP
`wo
`
`FOREIGN PATENT DOCUMENTS
`0554164 AL 8/1993 GO6K/7/00
`
`». GU6E/1/00
`0848315 A2
`6/1998
`5/1994 cece HO4K/1/00
`WO 94/1073
`
`OTHER PUBLICATIONS
`P. Guelle, “Un Dongle A SuceDe Telecarte” Electronique
`Radio Plans, Nov. 1991, No. 528, pp 75-78.
`Wibu-Kcy, Uscrs guide version 2.50, Jul. 1998, WIBU-Sys-
`tems AG pp. 12-16; 25-28; 153-154 & 163-164.
`
`(21) Appl. No.: 10/126,520
`
`(22) Filed:
`
`Apr. 22, 2002
`
`(65)
`
`Prior Publication Data
`US 2004/0073726 Al Apr. 15, 2004
`
`Related U.S. Application Data
`
`* cited by examiner
`
`Primary Examiner—eftrey Gaffin
`Assistant Examiner—Vammara Payton
`(74) Attorney, Agent, or Firm—Mark M. Fricdman
`(57)
`ABSTRACT
`
`(63) Continuation of application No. 09/189,960, filed on Nov.
`10, 1998, nowabandoned.
`
`A smart card—host system that operates without the inter-
`mediation of a smart card reader. The smart card—host
`:
`.
`.
`system comprises a host, which has a USB interface, and a
`portable device, which provides smart card function(s). The
`Int. C1? GO6F 1/00; GO6F 13/00;
`portable device has a smart card chip for performing the
`HO4L 9/10
`(52) US. Ch. cceecccccccseeesessnneeen 710/13; 710/8; 710/63;|smart card function(s); a USB interface for connecting the
`710/103; 713/200; 713/202; 713/185
`portable device with the host via USB protocol; and a
`(58) Field of Search ...0...00..cccccccceeee 710/8, 13, 63,
`microprocessor for controlling the transfer of data between
`710/103; 713/200, 202, 185
`the USB interface and the smart card chip, for converting
`data from a USB formatto the format of the smart card chip
`and for converting data from the format of the smart card
`chip to a USB format.
`
`(31)
`
`(56)
`
`References Cited
`U.S. PATENT DOCUMENTS
`
`6,151,647 A * 11/2000 Sarat oo eee eeeeeeeeee 710/301
`
`27 Claims, 2 Drawing Sheets
`
`125
`
`USB Host Me
`
`USB Protocot
`
`Protocol
`
`I80 7816-3
`
`PayPal Inc. v. IOENGINE, LLC
`IPR2019-00885 (US 8,539,047)
`Exhibit 2077
`
`Page 1 of 6
`
`PayPal Inc. v. IOENGINE, LLC
`IPR2019-00885 (US 8,539,047)
`Exhibit 2077
`Page 1 of 6
`
`

`

`U.S. Patent
`
`Jul. 13, 2004
`
`Sheet 1 of 2
`
`US 6,763,399 B2
`
`FIG.
`
`1
`
`{A
`
`::
`
`USB Protocol
`
`CPUa
`
`FIRMWARE
`MEMORY
`
`7 USER'S DA=
`
`MEMORY (|
`
`.
`
`PayPal Inc. v. IOENGINE, LLC
`IPR2019-00885 (US 8,539,047)
`Exhibit 2077
`
`Page 2 of 6
`
`PayPal Inc. v. IOENGINE, LLC
`IPR2019-00885 (US 8,539,047)
`Exhibit 2077
`Page 2 of 6
`
`

`

`U.S. Patent
`
`Jul. 13, 2004
`
`Sheet 2 of 2
`
`US 6,763,399 B2
`
`FIG. 2
`
`125
`
`120
`
`USB Protocol
`
`(ICC)
`
`TSO 7816-3
`Protocol
`
`ISO 7816-3
`Smart Card Chip
`
`PayPal Inc. v. IOENGINE, LLC
`IPR2019-00885 (US 8,539,047)
`Exhibit 2077
`
`Page 3 of 6
`
`PayPal Inc. v. IOENGINE, LLC
`IPR2019-00885 (US 8,539,047)
`Exhibit 2077
`Page 3 of 6
`
`

`

`US 6,763,399 B2
`
`1
`USB KEY APPARATUS FOR INTERACTING
`WITH A USB HOST VIA A USB PORT
`
`The present application is a Continuation application
`based on the parent patent application 09/189/960filed Nov.
`10, 1998 now abandoned.
`
`FIELD OF THE INVENTION
`
`1°
`
`35
`
`The present invention relates to USB (Universalserial
`bus) apparatus and methods for using USB hosts.
`BACKGROUND OE‘THE INVENTION
`The USBinterface is described in specifications available
`over the Internet at www.usb.org.
`Conventional devices for providing computerized servic-
`ing to a mobile or stationary population of users typically
`include a smart card reader. The members of the mobile
`population bear smart cards whichare used to interact with
`the computerized servicing device via the smart card reader.
`A particular disadvantage of smart cards is that
`they
`require a smart card reader which is a relatively costly
`device. Computer hosts which are equipped with a smart
`card reader are a small subset of the universe of computer
`hosts because addition of a smart card reader makes the
`computer considerably more expensive.
`German Patent document DE 19631050 describes an
`interface converter
`for a universal serial bus having a
`30
`module with processor that changes format and protocol into ,
`that of a different bus system.
`The disclosures of all publications mentioned in the
`specification and ofthe publications cited therein are hereby
`incorporated by reference.
`
`SUMMARY OF THE INVENTION
`The present invention seeks to provide improved USB
`apparatus and improved mcthods for using the same.
`There is thus provided,
`in accordance ‘with a preferred
`.
`:
`:
`embadimentof the present invention, USB kcy apparatus for
`interacting with a USB hostvia a USB port, the USB key
`apparatus including a portable device configured to fit the
`USB port, the portable device including a USB interface
`conveying USB communications to and from a USB host,a
`protocol translator operative to translate the USB commu-
`nications from USBprotocol, into smart card protocol such
`as an ISQ7816 protocol, and from smart card protocol into
`USBprotocol and a smart card chip operative to performat
`Icast one smart card function such as authentication,
`encryption, access control and secure memory.
`Also provided,
`in accordance with another preferred
`embodimentof the present invention, is USB key apparatus
`with data storage capabilities,
`the USB key apparatus
`including a portable device such as a PCB, configured to fit
`the USB port, the portable device including a USBinterface
`conveying USB communications to and from a USB host
`and a data storage unit storing information derived from the
`USB communications.
`
`Preferably the apparatus also includes a microprocessor
`operative to receive said USB communications from the
`USBinterface, to perform computations thereupon and to
`provide results of the computations to the data storage unit
`for storage and/or for encryption and/or for authentication
`and/or for access control.
`The term “USB port” refers to a port for connecting
`peripherals to a computer whichis built according to a USB
`
`2
`standard as described in USB specifications available over
`the Internet at www.usb.org.
`The term “USB key”or “USB token”refers to a hardware
`device whose circuitry interfaces with a USB port to per-
`form various functions.
`
`The term “smart card”refers to a typically plastic card in
`which is embedded a chip which interacts with a reader,
`thereby allowing a mobile bearer of the smart card to interact
`with a machine in which is installed a smart card reader,
`typically with any of a network of machinesof this type.
`BRIEF DESCRIPTION OF THE DRAWINGS
`The present invention will be understood and appreciated
`from the following detailed description, taken in conjunction
`with the drawings in which:
`FIG. 1 is a simplified block diagram of a USB key device
`including a CPU and a non-ISO7816 memory,
`the USB
`device being constructed and operative in accordance with a
`preferred embodiment of the present invention; and
`T1G. 2 is a simplified block diagram of a USB key device
`including a CPU and a ISO7816 memory, the USB device
`constructed and operative in accordance with a preferred
`embodiment of the present invention.
`DETAILED DESCRIPTION OF PREFERRED
`EMBODIMENTS
`
`Reference is now made to FIG. 1 which is a simplified
`block diagram of a USB key device including a CPU and a
`non-ISO7816 memory, the USB device being constructed
`and operative in accordance with a preferred embodiment of
`the present invention.
`A particular feature of the USB key device of FIG. 1 is
`35 that it has data storage capabilitics and is thus analogous to
`a memorycard.
`_ The USB key device 10 comprises a PCB 25 which
`includes a microprocessor or CPU 30 such as a Motorola
`6805, Cypress chip or Intel 8051; a USBinterface device 40,
`40 firmware memory 50 serving the firmware of the micropro-
`cessor 30: RAM memory
`60 of size sufficient to enable
`contemplated computations on the part of the microproces-
`.
`:
`:
`5
`sor 30; and user data memory 70 which stores a user’s data.
`_ Some or all of the USB interface device 40, firmware
`45 memory 50 and RAM memory 60 may be within the CPU
`30.
`
`The USBinterface device 40 and/or the firmware memory
`50 may be integrated inside the microprocessor 30.
`The firmware memory may be any suilable type of
`memory such as but not
`limited to ROM, EPROM,
`EEPROM or FLASH.
`
`include
`The user data memory 70 typically does not
`{S07816-3 memory and may, for example, comprise any of
`the following typcs of memory: PC, XC, % wirc bus,
`FLASH.
`
`60
`
`65
`
`As shown, the USB key device 10 is configuredto interact
`with any USB host 20 such as but not limited to a personal
`computer or Macintosh having a USB port. Key-host inter-
`action is governed by a USB protocol such as the USB
`protocol described in the USB specifications available over
`the Internet al www.usb.org. USB packets pass between the
`USB host 20 and the USB interface chip 40. Each packet
`typically includes the following components:
`a. USB header;
`b. Data to be stored/read on the user’s data memory70,
`plus additional information required by protocols ofthe
`
`PayPal Inc. v. IOENGINE, LLC
`IPR2019-00885 (US 8,539,047)
`Exhibit 2077
`
`Page 4 of 6
`
`PayPal Inc. v. IOENGINE, LLC
`IPR2019-00885 (US 8,539,047)
`Exhibit 2077
`Page 4 of 6
`
`

`

`US 6,763,399 B2
`
`4
`
`3
`Whatis claimedis:
`memorychip 70, such as but not limited to the address
`1. Asmart card—host system, wherein a portable device
`to store/read the data, the length of data to store/read,
`and CRC checksum information.
`communicates directly with a USB interface of a host, said
`c. USB footer.
`smart card—host system comprising:
`a host, having thereon a USB interface;
`The flow of data typically comprises the following flow:
`a portable device, for providing smart card function(s),
`The USB intcrfacc chip 40 reccives USB packets from the
`said portable device having thereon a smartcart chip,
`USBhost20, parses the data, and feeds the parsed data to the
`for performing said smart card function(s), a USB
`microprocessor 30. The microprocessor 30 writes the data
`interlace, for connecting said portable device with said
`to, or reads the data from, the firmware memory 50, the
`host via USB protocol; and a microprocessor, for
`RAM 60 or the user’s data memory 70, using each memo- j,
`enabling at least one function selected from the group
`ry’s protocol.
`;
`.
`consisting of controlling the transfer of data between
`In read operation, the microprocessor 30 passcs the data
`said USB interface and said smart card chip, for con-
`to the USB interface chip 40 which wraps the data in USB
`verting data from a USB format to the format of said
`packet format and passesit to the host 20.
`:
`smartcard chip and for converting data from the format
`FIG.2 is a simplified block diagram of a USB key device,
`constructed and operative in accordance with a preferred
`of said smart card chip to a USB format.
`embodiment of the present invention, which is a one-piece
`2. A system according to claim 1, wherein said portable
`smart card reader and smart card chip preferably providing
`device consists of at least one substrate having thereon said
`both secured storage and cryptographic capabilities. The
`smart chip, said USB interface, and said microprocessor.
`USBkeydevice of FIG. 2 includes both a CPU and a smart
`3. A system according to claim 1, wherein said portable
`card chip (ICC) memory 170,typically a ISO7816 (T=0/1)
`device is a USB keyoperative as a component into which
`protocol-based chip communicating with the CPU 130 using
`said smart card chip, said USB interface, and said micro-
`an ISO7816-3 protocol. The apparatus of FIG. 2 is similar to
`processor are placed.
`the apparatus of FIG. 1 cxccpt that no scparate uscr’s data
`4. Asystem according to claim 1, wherein said portable
`memory 70 is provided. The size of the RAM 160 is
`device further compriscs data storage meansfor at cast anc
`typically at least 262 bytes in order to support the ISO
`function selected [rom the group consisting of storing data
`7816_3 T=0 or T=1 protocols.
`required for the operation of said microprocessorand storing
`Each packettypically includes the following components:
`a. USB header;
`data required for the operation of said smart card chip.
`5. A system according to claim 1, wherein said portable
`b. ISO7816-3 T=0/1 protocol packet;
`39 device further comprises secured memory.
`c. USB footer.
`6. Asystem according to claim1, wherein said systemis
`The flow of data in the apparatus of FIG. 2 typically
`operative to perform atleast one function selected from the
`comprises the following flow:
`group consisting of cryptography, authentication,
`The USB interface chip 140 gets USB packets from the
`encryption, public keyinfrastructure, digital signature, RSA
`USB host 120. The USB interface chip 140 parses the data
`and passes it to the microprocessor 130. The data, which 35 and access control.
`:
`.
`.
`.
`typically comprises a ISO7816-3 T=0/1 formatted packet, is
`7. A system according to claim 1, whercin said supports
`passed by the microprocessorto the smart-card 170 in a
`1SO7816 standard.
`1SO7816-3 protocol. The microprocessor 130 gets the
`8.A portable smart card apparatus for providing smart
`response from the smart card 160 and passesthe data to the
`card function(s) to a host system, by communicating directly
`USBinterface chip 140. The USBinterface chip 140 wraps 40 with a USB interface of the host system, said smart card
`apparatus comprising:
`the data in USB packet format and passes it to the host 120.
`a smart card chip, for performing said smart card function
`A particular advantage of the embodiment ofFIG.2 is that
`(s)
`smart card functionality is provided but there is no need for
`a USBinterface, for connecting the portable device appa-
`a dedicated readcr because the key 110 is connected directly
`to a USB socket in the host 120.
`ratus with the host system, via USB protocol; and
`The invention shown and described herein is particularly
`a microprocessor,
`for enabling at
`least one function
`useful
`for computerized systems serving organizations
`selected [rom the group consisting of controlling the
`which process sensitive information such as banks, insur-
`transfer of data between said USB interface and said
`ance companies, accountants and other commercial
`smart card chip, converting data from a USB formatto
`organizations, and professional organizations such as medi- 50
`the format of said a smart card chip and converting data
`cal or legal organizations.
`from the format of said smart card chip ta a USB
`format.
`It
`is appreciated that the software components of the
`present invention may, if desircd, be implemented in ROM
`9. An apparatus according to claim 8, whercin said
`portable device consists of at least one substrate having
`(read-only memory) form. ‘lhe software components may,
`generally, be implemented in hardwarc, if desired, using
`thercon said smart chip, said USB interface, and said micro-
`processor.
`conventional techniques.
`It is appreciated that various features of the invention
`10. An apparatus according to claim 8, wherein said
`which are, for clarity, described in the contexts of separate
`portable device is a USB keyoperative as a component into
`embodiments may also be provided in combination in a
`which said smart card chip, said USB interface, and said
`single embodiment. Conversely, various features of the
`microprocessor are placed.
`invention whichare, for brevity, described in the context of
`11. An apparatus according to claim 8, wherein said
`a single embodiment may also be provided separately or in
`portable device further comprises data storage means, for
`any suitable subcombination.
`storing data required for the operation ofat least one element
`It will be appreciated by persons skilledin the art that the
`selected from the group consisting of said microproccssor
`presentinvention is not limited to what has been particularly
`and said smart card chip.
`shown and described hereinabove. Rather, the scope of the
`12. An apparatus according to claim 8, wherein said
`present invention is defined only by the claims that follow.
`portable device further comprises secured memory.
`
`5
`
`45
`
`iS)S
`
`25
`
`45
`
`55
`
`60
`
`65
`
`PayPal Inc. v. IOENGINE, LLC
`IPR2019-00885 (US 8,539,047)
`Exhibit 2077
`
`Page 5 of 6
`
`PayPal Inc. v. IOENGINE, LLC
`IPR2019-00885 (US 8,539,047)
`Exhibit 2077
`Page 5 of 6
`
`

`

`6
`said smart card chip, said USB intcrfacc, and said micro-
`processor are placed.
`18. Amcthod according to claim 15, whercin said portable
`device further comprises data storage means, for storing data
`required for operating at least one componentselected from
`the group consisting of microprocessors and smart card
`chips.
`19. Amcthod according to claim 15, wherein said portable
`device further comprises secured memory.
`20. A method according to claim 15, wherein said method
`is operative to perform at least one function selected from
`the group consisting of cryptography, authentication,
`encryption, public key infrastructure, digital signature, RSA
`and access control.
`21. A method according to claim 15, wherein said portable
`device supports ISO7816 standard.
`22. A system according to claim 1, wherein said smart
`chip is operationally connected directly to said micropro-
`cessor.
`
`US 6,763,399 B2
`
`5
`13. An apparatus according to claim 8, whercin said
`apparatus is operative to perform at
`least one function
`selected from the group consisting of cryptography,
`authentication, encryption, public keyinfrastructure, digital
`signature, RSA and access control.
`14. An apparatus according to claim 8,wherein said appa-
`ratus supports ISO7816 standard.
`15. Amethod forinteracting directly between a smart card
`chip and a host via a USBinterface of the host, comprising
`the stepsof:
`coupling the host with a USB interface, for interacting
`with an external device via USB protocol;
`providing, a portable external device, for being used as a
`platform for said smart card chip, said portable device
`having thereon a USBinterlace, for interacting with the
`host via USB protocol; and a microprocessor,
`for
`executing at least one function selected from the group
`consisting of controlling the transfer of data between
`said USBinterface and said smart card chip, converting
`data from a USB formatto the format of said smart card
`chip and converting data from the format of said smar
`card chip to a USB format;
`upon receiving data in the USB interface of said portable
`device, converting said data from a USB formatof said
`smart card by said microprocessor, and conveying the
`converted data to said smart card chip; and
`upon sending data from said smart card chip to the host,
`converting said data from the format of said smart card
`chip to said USB format by said microprocessor, con-
`veying the converted data to said USBinterface ofsaid
`portable device, and there from to the host, via the
`hast’s USB interface.
`16. Amethod according to claim 15, wherein said portable
`device consists of at Icast onc substrate having thercon said
`smart chip, said USB interface, and said microprocessor.
`17. Amethodaccording to claim 15, wherein said portable
`device is a USB key operative as a component into which
`
`
`
`10
`
`Wwan
`
`
`
`27. A system according to claim 26, wherein said smart
`chip is operationally connected directly to said micropro-
`cessor on a commonsubstrate.
`
`23. A system according to claim 22, wherein said smart
`chip is operationally connected directly to said micropro-
`cessor on a common substrate.
`24. An apparatus according to claim 8, wherein said smart
`chip is operationally connected directly to said micropro-
`cessor.
`
`
`
`
`
`
`
`
`
`25. A system according to claim 24, whercin said smart
`chip is operationally connected directly to said micropro-
`cessor on a common substrate.
`26. A method according to claim 15, wherein said smart
`chip is operationally connected directly to said micropro-
`cessor.
`
`PayPal Inc. v. IOENGINE, LLC
`IPR2019-00885 (US 8,539,047)
`Exhibit 2077
`
`Page 6 of 6
`
`PayPal Inc. v. IOENGINE, LLC
`IPR2019-00885 (US 8,539,047)
`Exhibit 2077
`Page 6 of 6
`
`