Databaseless security system

Assignee

• AT&T Bell Laboratories · US

Inventors

• David Michael Claus · Indianapolis, US
• Roy S. Coutinho · Carmel, US
• Kevin D. Murphy · Elko, US
• James D. Snavley · Fishers, US
• Kenneth R. Zempol · Dover, US

Key dates

Classification

• Technology area (CPC G)Physics
• CPC primaryG06F2221/2103
• WIPO fieldIT methods for management
• WIPO sectorElectrical engineering

Abstract

An improved security system, including a protable smart card and a host computer, eliminates the need for the computer to store individual personal identification (ID) numbers for each user seeking access to the computer. Instead, the computer stores a first encryption algorithm E.sub.1 used in converting a particular identification number (ID).sub.n into a secret code S.sub.n for that particular user. S.sub.n also exists within the memory of the smart card having been loaded into its memory at the time of issue. A challenge number C is generated by the computer and transmitted to the smart card. Within the smart card and the computer, microprocessors respond to the challenge number C, the secret code S.sub.n, and a second encryption algorithm E.sub.2 in order to generate response numbers R.sub.n and R.sub.n ' respectively. Thereafter, R.sub.n is transmitted to the computer where it is compared with R.sub.n '. A favorable comparison is necessary for gaining access to the computer.