Claims
- 1. A method for performing a plurality of secure payment transactions using a smartcard, where said smartcard and a verifier of said payment transaction share an initial secret starting key value, comprising:
(a) initializing said smartcard, where said initializing includes:
(i) storing said starting key value in a nonvolatile key storage memory location; and (ii) storing an initial value in a nonvolatile transaction counter memory location; (b) for each of a plurality of payment transactions:
(i) computing an updated key value:
(x) by cryptographically transforming at least said stored key value and said transaction counter; (y) where said transforming at least obscures partial information about said stored key, thereby deterring attacks that combine partial information leaked in said plurality of transactions; (ii) updating said nonvolatile memory locations including:
(x) updating said key storage location with said updated key value; and (y) incrementing said value of said transaction counter location; (iii) using said updated key value to compute a message authentication code authenticating said transaction; and (iv) sending said computed message authentication code and said transaction counter to a third party for use in verifying said payment transaction.
- 2. A computer readable memory containing a program for performing a plurality of secure payment transactions between a tamper-resistant device and a verifier that share an initial secret starting key value, comprising:
(a) logic instructions for computing an updated key value for a subsequent transaction:
(i) by cryptographically transforming at least a key value and a transaction counter value stored in nonvolatile memory locations in said tamper-resistant device; (ii) where said transforming at least obscures partial information about said stored key, thereby deterring attacks that combine partial information leaked in said plurality of transactions; (b) logic instructions for updating said nonvolatile memory locations including:
(i) replacing said key value with said updated key value; and (ii) incrementing said transaction counter value; (c) logic instructions for using said updated key value to compute a message authentication code authenticating said transaction; and (d) logic instructions for sending said computed message authentication code and said transaction counter to a third party for use in verifying said payment transaction.
- 3. A smartcard for performing a secure payment transaction, comprising:
(a) a microprocessor; (b) a nonvolatile memory area initially configured to store a secret parameter; (c) a nonvolatile memory area initially configured to store an indexing indicia; (d) a memory storing logic instructions capable of being executed using said processor to:
(i) compute an updated secret parameter for a subsequent transaction by cryptographically transforming at least said stored secret parameter and said indexing indicia, where said transforming at least obscures partial information about said stored secret parameter; (ii) replace said stored secret parameter with said updated value thereof; (iii) compute a value authenticating transaction information by cryptographically transforming at least said updated secret parameter and said transaction information; and (e) an output interface configured to transmit representations of said value and said indexing indicia to a payment transaction verifier.
Parent Case Info
[0001] This application is a divisional of U.S. patent application Ser. No. 09/737,182 filed on Dec. 13, 2000, which is a continuation of U.S. patent application Ser. No. 09/224,682 (now U.S. Pat. No. 6,304,658) filed on Dec. 31, 1998, which claimed the benefit of U.S. provisional patent application serial No. 60/070,344 filed on Jan. 2, 1998, and U.S. provisional patent application serial No. 60/089,529 filed on Jun. 15, 1998.
Provisional Applications (2)
|
Number |
Date |
Country |
|
60070344 |
Jan 1998 |
US |
|
60089529 |
Jun 1998 |
US |
Divisions (2)
|
Number |
Date |
Country |
Parent |
09737182 |
Dec 2000 |
US |
Child |
10136012 |
Apr 2002 |
US |
Parent |
09224682 |
Dec 1998 |
US |
Child |
09737182 |
Dec 2000 |
US |