CA2206937A1 - Secure apparatus and method for printing value with a value printer - Google Patents
Secure apparatus and method for printing value with a value printerInfo
- Publication number
- CA2206937A1 CA2206937A1 CA 2206937 CA2206937A CA2206937A1 CA 2206937 A1 CA2206937 A1 CA 2206937A1 CA 2206937 CA2206937 CA 2206937 CA 2206937 A CA2206937 A CA 2206937A CA 2206937 A1 CA2206937 A1 CA 2206937A1
- Authority
- CA
- Canada
- Prior art keywords
- key
- printing
- data
- value
- module
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Abandoned
Links
- 238000000034 method Methods 0.000 title claims abstract description 30
- 230000007246 mechanism Effects 0.000 claims description 8
- 238000004891 communication Methods 0.000 claims description 7
- 230000004044 response Effects 0.000 claims description 4
- 238000004519 manufacturing process Methods 0.000 claims description 2
- 230000000977 initiatory effect Effects 0.000 claims 3
- 238000010586 diagram Methods 0.000 description 6
- 230000003068 static effect Effects 0.000 description 3
- 239000004593 Epoxy Substances 0.000 description 1
- YFONKFDEZLYQDH-OPQQBVKSSA-N N-[(1R,2S)-2,6-dimethyindan-1-yl]-6-[(1R)-1-fluoroethyl]-1,3,5-triazine-2,4-diamine Chemical compound C[C@@H](F)C1=NC(N)=NC(N[C@H]2C3=CC(C)=CC=C3C[C@@H]2C)=N1 YFONKFDEZLYQDH-OPQQBVKSSA-N 0.000 description 1
- 230000009471 action Effects 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 238000003780 insertion Methods 0.000 description 1
- 230000037431 insertion Effects 0.000 description 1
- 238000009434 installation Methods 0.000 description 1
- 230000008569 process Effects 0.000 description 1
- 238000000926 separation method Methods 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 238000010200 validation analysis Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07B—TICKET-ISSUING APPARATUS; FARE-REGISTERING APPARATUS; FRANKING APPARATUS
- G07B17/00—Franking apparatus
- G07B17/00733—Cryptography or similar special procedures in a franking system
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07B—TICKET-ISSUING APPARATUS; FARE-REGISTERING APPARATUS; FRANKING APPARATUS
- G07B17/00—Franking apparatus
- G07B17/00185—Details internally of apparatus in a franking system, e.g. franking machine at customer or apparatus at post office
- G07B17/00314—Communication within apparatus, personal computer [PC] system, or server, e.g. between printhead and central unit in a franking machine
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07B—TICKET-ISSUING APPARATUS; FARE-REGISTERING APPARATUS; FRANKING APPARATUS
- G07B17/00—Franking apparatus
- G07B17/00459—Details relating to mailpieces in a franking system
- G07B17/00508—Printing or attaching on mailpieces
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07B—TICKET-ISSUING APPARATUS; FARE-REGISTERING APPARATUS; FRANKING APPARATUS
- G07B17/00—Franking apparatus
- G07B17/00185—Details internally of apparatus in a franking system, e.g. franking machine at customer or apparatus at post office
- G07B17/00314—Communication within apparatus, personal computer [PC] system, or server, e.g. between printhead and central unit in a franking machine
- G07B2017/00322—Communication between components/modules/parts, e.g. printer, printhead, keyboard, conveyor or central unit
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07B—TICKET-ISSUING APPARATUS; FARE-REGISTERING APPARATUS; FRANKING APPARATUS
- G07B17/00—Franking apparatus
- G07B17/00733—Cryptography or similar special procedures in a franking system
- G07B2017/0079—Time-dependency
- G07B2017/00806—Limited validity time
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07B—TICKET-ISSUING APPARATUS; FARE-REGISTERING APPARATUS; FRANKING APPARATUS
- G07B17/00—Franking apparatus
- G07B17/00733—Cryptography or similar special procedures in a franking system
- G07B2017/00846—Key management
- G07B2017/00854—Key generation
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07B—TICKET-ISSUING APPARATUS; FARE-REGISTERING APPARATUS; FRANKING APPARATUS
- G07B17/00—Franking apparatus
- G07B17/00733—Cryptography or similar special procedures in a franking system
- G07B2017/00846—Key management
- G07B2017/0087—Key distribution
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07B—TICKET-ISSUING APPARATUS; FARE-REGISTERING APPARATUS; FRANKING APPARATUS
- G07B17/00—Franking apparatus
- G07B17/00733—Cryptography or similar special procedures in a franking system
- G07B2017/00919—Random number generator
Landscapes
- Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Devices For Checking Fares Or Tickets At Control Points (AREA)
- Accessory Devices And Overall Control Thereof (AREA)
Abstract
A system and method of printing value such as postage using a value meter connectable to communicate with a host terminal which includes a printer. The postage meter, sometimes referred to as a vault, includes a processor and storage and the host terminal includes a processor and storage. The printer is provided with a secure non-volatile random access storage and a processor and a key is stored in the non-volatile random Access storage. The key is changed for every print cycle so that it is impossible to print unauthorized postage on the basis of possession of the key used to print the last postage. A
change of key is effected by reading the key from the non-volatile random access storage in the printer and changing the key, such as by a pseudo-random number generator, to provide a second key. The second key is stored in the non-volatile random access storage and then encrypted by an encryption scheme known to an authorized postage meter. The encrypted second key is transmitted to an authorized postage meter wherein it is decrypted pursuant to the decryption scheme known to the authorized postage meter. Print data may be securely transmitted to the host and printer by using the decrypted second key to convert the data to be printed. This is then sent to the printer where it is deconverted using the second key to recover the data to be printed.
change of key is effected by reading the key from the non-volatile random access storage in the printer and changing the key, such as by a pseudo-random number generator, to provide a second key. The second key is stored in the non-volatile random access storage and then encrypted by an encryption scheme known to an authorized postage meter. The encrypted second key is transmitted to an authorized postage meter wherein it is decrypted pursuant to the decryption scheme known to the authorized postage meter. Print data may be securely transmitted to the host and printer by using the decrypted second key to convert the data to be printed. This is then sent to the printer where it is deconverted using the second key to recover the data to be printed.
Description
SECURE APPARATUS AND METHOD FOR PRINTING VALUE
WITH A VALUE PRINTER
Field of Invention This invention relates to an apparatus and method for securely 5 printing indicia, text and variable graphics information which involves value with a secure printer and more particularly relates to such an apparatus and method wherein security is provided through cryptography.
Backqround U.S. Patents Nos. 4,802,218 and 4,864,~8 issued January 31, 1989 and September 5, 1989, to Christopher B. Wright et al. describe an automated transaction system, such as a postage transaction system, in which a postage account is maintained with a microprocessor card which is used in transactions with postage 15 printing and metering terminals. The patents particularly address security and provide for a secure handshake recognition procedure to be mutually executed between the card and the terminal so that they each recognize the other as authorized to execute a transaction.
Fig. 1 of the Wright et al. patents illustrates a postage metering 20 termir~al wherein a microprocessor card 10 is inserted in a slot 11 of the automated transaction terminal 20. The card completes multiple contacts with the terminal and a trip switch indicating full insertion triggers a start signal. The start signal is sent to an operations microprocessor or terminal MPU 30. The terminal MPU 30 controls the 25 interface with the card and the operation of the various parts of the terminal, including the printer 40 which is the value dispensing section of the terminal. A power source Vo is provided by a battery or the like to power the various parts of the terminal.
The printer 40 contains a microprocessor unit (printer MPU) 41 which controls the operation of the printhead 42. The MPU 41 executes an internal program (FIRMWARE), as does the card microprocessor, so that it cannot be tampered with from the outside.
The printer MPU's internal program includes unique encryption algorithms parallel to those stored in the card's microprocessor.
10 These are installed by the manufacturer so that the printer MPU can execute a secure handshake recognition procedure with the card's microprocessor to authorize a requested transaction. The MPU 41 is formed integrally wit~ the printhead 42, such as by embedding in epoxy or the like, so that it cannot be physically accessed without 15 destroying the printhead. Thus the printhead 42 of the postage metering terminal 20 can only be operated through the MPU 41, and will print a postmark only when the handshake recognition procedure and a postmark print command have been executed between the card MPU and the printer MPU 41.
The handshake operation of the Wright et al. patents operates as follows. The card MPU 60 initiates the handshake procedure upon receipt of the commence signal. Upon verifying that the requested transaction is authorized, the card MPU encrypts an object number N, which may be a randomly generated number, with a key number k1 25 (which may be the printer's PIN) stored in the secret zone of its memory by a first encryption algorithm E1 and sends the resultant word W1 through the handshake channel 61 of terminal MPU 30 to the printer MPU 41.
Upon receipt of the word W1, the printer MPU 41 decodes the number using the same number k1 by the inverse algorithm E1'. The number k1 may be a secret key number stored in the printer MPU's memory at the time of validation, or in an open system, it may be the 5 PIN e"tere~J by the ~ser on the terminal, or a combination of both. The printer MPU 41 then encrypts the decoded number with the number k1 by a second encryption algGriL~"" E2 to send a second word W2 back to the card MPU 60.
Upon receipt of the word W2, the card MPU 60 decodes the 10 number again using the key number k1 by the inverse of the second algorithm E2', and compares the decoded number with the number it used in the first transmission. If the numbers match, the handshake procedure has been successfully completed, and the card and printer MPUs have recognized each other as a authorized to execute the 15 requested transaction.
While this handshaking protocol provides some added security, in operation it always produces the same action in response to the same input signal. Further, the printhead in the Wright et al. patents does not include hardware for storing data during periods when the 20 power is off. The printer 40 itself is not secure. An indicia printed with the printhead of the Wright et al. arrangement can be reprinted any number of times by reproducing the electrical signal used for the first legitimate print.
It is accordingly a primary object of the present invention to 25 provide an improved postal mailing system which may be recharged with postal funds in a secure manner so that images cannot be controlled by unauthorized users.
It is also an object of the invention to provide such a postal mailing system through the use of a secure dot addressable or the like printer.
Summary of the Invention The foregoing disadvantages of the postal mailing systems of the prior art may be overcome and the aforementioned objectives may be achieved in accordance with the invention by communication with a dot addressable or the like printhead secured by an encryption arrangement. The printhead includes a secure non-volatile static 10 random access memory (NOVRAM) in addition to a secure application specific purpose microprocessor chip. The NOVRAM is sometimes hereinafter referred to as non-volatile memory or NVM and the specific purpose microprocessor is sometimes hereinafter referred to as an ASIC or application specific integrated circuit. According to the 15 invention a key is changed each print cycle and stored in the NOVRAM or NVM even during times when the power is off. This access key changes for each print cycle. Thus, an unauthorized user who learns the key used for the last print cycle is unable to print an image and cannot reprint an image by reproducing the electrical 20 signals used to print the original image.
According to the invention a printer microprocessor unit and non-volatile static random access memory are mounted in secure fashion within the printhead. During each print cycle a number R is read from the non-volatile static random access memory (NOVRAM) in 25 the printhead. The value of R is changed using a pseudo-random number generator and the new value is stored in the NOVRAM. The number R is encrypted using the public key of a public key encryption scheme to produce a number N. The encrypted number N is sent to the user. An authorized user has the private key for the encryption scheme and calculates R. The user takes the data that is to be printed and performs an exclusive-or operation with the binary expansion of the number R. After the exclusive-or operation the converted data is sent to the printer. The printhead takes the input converted data and again applies the exclusive-or operation to reproduce the original print data and this is printed. A significant improvement in security is provided by this use of a changing key stored in non-volatile printhead memory that allows the printhead to be accessed only by authorized 1 0 users.
Brief Description of Drawin~s Fig. 1 is a simplified block diagram of a mailing system which may be utilized with the invention.
Fig. 2 presents in tabular form the name, description and source of symbols, keys and other protocol data referred to in the description of secure printing according to the invention.
Fig. 3 is a simplified flow diagram illustrating commencement of initialization of the installation according to the invention.
Fig. 4 is a simplified flow diagram illustrating the graphics signing at the factory.
Fig. 5 is a simplified flowchart illustrating the initialization of the printhead gri3pl,ics.
Fig. 6 is a simplified flowchart illustrating the initialization of a session.
Fig. 7 shows in simplified flowchart form a request indicia procedure.
Fig. 8 is a simplified flowchart illustration of the printing of a report procedure.
Fig. 9 sets forth in tabular form an explanation of protocol used.
Fig. 10 illustrates in tabular form protocol for signing of the 5 graphics.
Fig. 11 illustrates in tabular form the initialization of a session according to the invention.
DescriPtion of Invention The invention is described in further detail in the context of a 10 postage meter, however, other types of meters may be used. Such meters include parcel service meters, tax stamp meters, check writing meters, ticket imprinters, and other similar devices.
Fig. 1 shows in a simplified block diagram a form of mailing system which may be utilized with the invention. The mailing system 15 may comprise a postal meter 10 which is herein referred to as an electronic vault or as a vault. The vault is in communication with a host 12 in a conventional fashion. It will be understood that the vault may take many forms, including the form of a card such as described in the Wright et al. U.S. Patents Nos. 4,802,218 and 4,864,618, 20 referenced hereinabove. The vault may also constitute a module of more substantial size coupled to the host, such as described, for example, in U.S. Patent No. 4,858,138, issued August 15, 1989, to Paul C. Talmadge and assigned to the assignee of the instant application. The vault includes a microprocessor (MPU) 14 which is 25 coupled through a non-volatile memory (NVM) 16 through security logic 18. An indicia read only memory (ROM) 20, in which the particular printing indicia is stored, is also coupled to the microprocessor 14 through the security logic 18.
The host 12 includes an operations microprocessor (MPU) 22 and the printhead housing 24. The operations microprocessor 22 provides intelligence to allow for communication back and forth to vault miuoprocessor 14 via interface 26 to initiate printing when the proper 5 i"rorl"alion is exchanged. A keyboard (not shown) in the host 12 may be provided to send inro""ation representing the postage amount to the operations miuoprocessor 22. The printhead housing 24 is manufactured as a secure housing, and includes an operation specific printer microprocessor 28, NOVRAM 30, and printing mechanism or 10 printhead 32 for printing indicia on a mail piece or the like 34. In a preferred embodiment the printing mechanism, NOVRAM and miuoprocessor constitute an integral unit.
A printhead number (Nph) is stored in the printhead NOVRAM
30 to impart a unique character to the specific printhead. Also stored 15 in the NOVRAM 30 is a printhead seed R which is used by the printhead cryptographic pseudo-random number generator to generate nonces. The NOVRAM 30 also has stored therein in encrypted form the printhead key Kph which is the key used by the printhead and vault to generate the session key. The printhead key Kph is stored in the NOVRAM encrypted with the printhead security key Ka. The graphics key Kg, which is the key used by the manufacturer and printhead to secure graphics and other printhead data, is also stored in the NOVRAM encrypted with Ka. The printhead security key Ka is itself stored in the printhead ASIC. The printhead master key Kphm is stored securely in the vault. This key is used by the vault to calculate the printhead key from the printhead number. The vault security key Kv is stored in the vault ASIC. This key is used by the vault ASIC to encrypt secret information stored in NVM.
For convenience of reference the foregoing symbols are presented in tabular form in Fig. 2 showing the symbol name, description and source. The abbreviated form NVM is used for NOVRAM in the Fig. 2 table. Fig. 2 also identifies the session nonce 5 Ns, vault nonce Nv, indicia nonce Ni and session key Ks. The session nonce Ns is generated by the printhead with the printhead seed R and the printhead key Kph to assure session freshness. The vault nonce Nv is a pseudo-random number generated in the vault to assure that the printhead is present at the beginning of a session. The indicia 10 nonce Ni is a nonce generated with R and Kph by the printhead to ensure indicia freshness. The session key Ks is the key used by the printhead and vault to communicate during one session. The session key is generated from Ns and Kph. The printhead key is good for initializing sessions with the vault. The graphics key is good for 15 authenticating graphics from the vendor.
In an alternate embodiment, the number R is read from the NOVRAM 30 and the value of R is changed using a pseudo-random number generator and the new value is stored in NOVRAM 30. The number R is encrypted using the public key K_public of a public key 20 encryption scheme to produce a number N=f(R,K_public). The encrypted number N is sent to the user. An authorized user has the private key K_private for this encryption scheme. The user calculates R=f-1(N,K_private). The user takes the data that is to be printed and performs an exclusive-or operation with the binary expansion of the 25 number R. R may typically contain 1,000 bits and the print data may require multiple copies of R to convert all of the data. After the exclusive-or operation the converted data is sent to the printer.
The following is an exemplary illustration of the process:
Assume that R is only eight digits long and that 24 bits of print data are required.
Assume that the original value of R is 01101111. The printhead microprocessor applies a random number generator and stores a new 5 value 10011101.
The printhead microprocessor encrypts this number to obtain f(R,K_public)=00011101 and sends this number to the user.
The user calculates f-1(000111101, K_private)= 1001 1 101.
To print the data the user performs an exclusive-or operation 10 with R and sends the data to the printhead:
10011101,10011101,10011101 R repeated enough times to cover the data.
000001 1 1 ,01 1 10001,1 1 1 10000 Print data.
1001 1010,1 1101 100,01 101 101 Converted print data.
The printhead takes the input converted data and again applies the exclusive-or operation to reproduce the original print data:
1001 101 1 ,1 1 101 100,01 101 101 Converted print data.
1001 1 101 ,1001 1 101 ,1001 1 101 R repeated enough times to cover the data.~0 00000111,01110001,11110000 Data used to print is the same as the original print data.
It will be apparent to those skilled in the art that other schemes may be used to encrypt the communication and to convert the print 25 data. The important feature is that the system uses a changing key stored in non-volatile secure printhead memory that allows the printhead to be accessed only by authorized users.
A typical initialization of the system for a printing operation is now described in conjunction with a series of flow diagrams commencing with the simplified flow diagram of Fig. 3. Referring to that figure the printhead security key Ka is installed in the printhead ASIC at 36. This universal key secures data external to the printhead ASIC. The vault security key Kv is installed in the vault ASIC at 38.
This universal key secures data external to the vault ASIC and requires an update to the ASIC. At 40 the printhead number Nph is installed in NVM in the printhead. Each printhead should have a 10 unique number to initialize it. This is required in order that the software random number generators on different printheads produce different numbers.
The encrypted printhead key {Kph}Ka is installed in NVM at 42.
The printhead key is derived by the vault from the printhead number 15 using the printhead master key. The printhead needs the printhead key encrypted with the printhead security key. This separation ensures that an attacker who opens and deciphers everything in one printhead will not possess sufficient information to use a second or other printheads.
At 44 the encrypted graphic key {Kg}Ka is installed in NVM.
This is a universal key that secures the graphics. It is not built in the ASIC in order to provide the option of changing the key in the future.
At 46 the pr~rlU,e~J master key Kphm is installed in the vault.
This is a universal key used by the vault to communicate with 25 printheads. The vault believes that the printhead master key is good for deriving the printhead key from the printhead number.
The graphics signing at the factory is illustrated in the flowchart of Fig. 4. Referring to that figure graphics are assigned at the factory with the graphics key at 48. The vendor should be able to rely on the graphics key as a good key for authenticating graphics to the printhead and have reasonable assurance that the printhead is protected from producing counterfeit images by the graphics key. Two 5 practical methods are available for signing graphics. In one method a message authentication code is generated by chaining DES
encryptions. In an alternate method a CRC is generated with a secret polynomial and the polynomial is encrypted. Chaining DES
encryptions is commonly used in financial applications to assure ~0 message integrity. A label can be attached to the graphics indi~atirlg the type of image and the label and graphics signed together. The indicia graphics are assigned at 50. The indicia graphics include information about the location of fields so that attackers cannot permute characters in the indicia. The slogan graphics are assigned 15 at 52 and the font graphics assigned at 54. The font graphics label includes the ASCII character represented. The permit graphics are assigned at 56.
The initialization of the printhead graphics is illustrated in Fig. 5.
Referring to Fig. 5 the printhead graphics are initialized with the 20 graphics key at 58. The graphics key is decrypted with the printhead security key at 60 and the indicia graphics are loaded and verified at 62. The graphics are loaded into the printhead NOVRAM. They are cryptographically verified each time they are loaded and a bit is set that indicates acceptance of the signature of the graphics. The add 25 slogan graphics are loaded at 64 and a bit set that indicates acceptance of the signature of those graphics. The font graphics are loaded and verified at 66 and a bit set that indicates acceptance of the signature of those graphics. At 68 the permit graphics are loaded and verified and a bit set that indicates acceptance of the graphics signature.
The initialization of a session is illustrated in simplified fiowchart form in Fig. 6. The printhead believes that the session key is authentic for communicating with the vault and believes that the vault "meter number" is also authentic. The vault believes that the session key is good for communicating with the printhead.
At 70 the printhead key is decrypted with the printhead security key. The printhead outputs a number and session nonce at 72. The 10 printhead calculates the session key from the printhead key and nonce at 74 and the vault generates the printhead key from Nph with the printhead master key at 76. At 78 the vault calculates the session key from the printhead key and nonce. At 80 the vault sends the meter number, session nonce (and vault nonce) encrypted with the session 15 key. The vault nonce authenticates the printhead to the vault. This assures the vault that the data it is sending is in fact going to a printhead. The printhead verifies the session nonce, saves the meter number and outputs the vault nonce at 82. The vault verifies the vault nonce at 84.
Fig. 7 shows in simplified flowchart form a request indicia print procedure. The printhead believes that the vault believes the "indicia number, piece count, postage." At 86 the printhead outputs the indicia nonce. The printhead seed is updated after each nonce. The vault encrypts the piece count, postage, (date), indicia nonce with the 25 session key at 88. At 90 the printhead decrypts the piece count, postage, and indicia nonce.
The printing of a report procedure is illustrated in flowchart form in Fig. 8. The printhead believes that the vault believes the report and that the image represents the report. The verifier believes the vault articulated the report. At 92 the printhead sends the report nonce.
The printhead and vault derive the session key at 94 and the vault encrypts the numerical data in the report at 96. The printhead verifies 5 the font data in the report at 98 and indicates it needs a signed '~ormat" for the report at 100.
The protocol is set forth in tabular form in Fig. 9. The principles in the protocol are V-vault, P-printhead, and M-manufacturer. The notation for encryption is that {M}K is the message M encrypted with 10 the key K. The notation for signing is that [M]K is the message M
signed with the key K. The printhead key is encrypted in NVM in a way that the printhead does not know the map from the printhead number to the printhead key. The steps indicated and described in Fig. 9 are performed under the security of the manufacturing process.
The protocol for the signing of the graphics is illustrated in tabular form in Fig. 10. When the printhead graphics are initialized at the customer site the required messages from 7-11 in Fig. 10 are sent to the printhead, verified and installed. The channel need not be particularly secure. An ad slogan could be used, if desired. The 20 images should be reasonably well scrambled, in a way that the customer cannot easily reverse the scrambling.
As each graphic image is verified a bit is set to indicate that that image is accepted. This prevents attacks where bogus images are loaded and the printhead is powered down before it clears the data.
25 The printhead is now initialized. A session is initialized as shown in tabular form in Fig. 11.
In step 12 the printhead generates a new nonce Ns for the session. The printhead calculates the session key Ks from the nonce by decrypting Kph from NVM and encrypting Ns. The vault calculates Ks by encrypting Nph with Kphm. At step 13 the vault sends Nv encrypted to provide assurance that the printhead is present. The printhead verifies the encrypted Ns to verify that the vault is valid. The 5 indicia serial number is sent at this point to avoid having to send it for each indicia. The printhead decrypts the message and verifies Ns. At step 14 the vault verifies the printhead retrieved Nv to authenticate the printhead. The vault and printhead are now ready to print indicia and the session is now initialized. At step 15 for each indicia the printhead 10 generates a nonce to assure that the indicia is fresh. At step 16 the vault prepares a message with the indicia information and the indicia nonce, encrypts it, and sends it to the printhead. The printhead verifies the indicia nonce is encrypted, loads the data into the image, and prints the indicia.
It will be readily seen by one of ordinary skill in the art that the present invention fulfills all of the objects set forth above. After reading the foregoing specification, one of ordinary skill will be able to effect various changes, substitutions of equivalents and various other aspects of the invention as broadly disclosed herein. It is therefore intended that the protection granted hereon be limited only by the definition contained in the appended claims and equivalents thereof.
WITH A VALUE PRINTER
Field of Invention This invention relates to an apparatus and method for securely 5 printing indicia, text and variable graphics information which involves value with a secure printer and more particularly relates to such an apparatus and method wherein security is provided through cryptography.
Backqround U.S. Patents Nos. 4,802,218 and 4,864,~8 issued January 31, 1989 and September 5, 1989, to Christopher B. Wright et al. describe an automated transaction system, such as a postage transaction system, in which a postage account is maintained with a microprocessor card which is used in transactions with postage 15 printing and metering terminals. The patents particularly address security and provide for a secure handshake recognition procedure to be mutually executed between the card and the terminal so that they each recognize the other as authorized to execute a transaction.
Fig. 1 of the Wright et al. patents illustrates a postage metering 20 termir~al wherein a microprocessor card 10 is inserted in a slot 11 of the automated transaction terminal 20. The card completes multiple contacts with the terminal and a trip switch indicating full insertion triggers a start signal. The start signal is sent to an operations microprocessor or terminal MPU 30. The terminal MPU 30 controls the 25 interface with the card and the operation of the various parts of the terminal, including the printer 40 which is the value dispensing section of the terminal. A power source Vo is provided by a battery or the like to power the various parts of the terminal.
The printer 40 contains a microprocessor unit (printer MPU) 41 which controls the operation of the printhead 42. The MPU 41 executes an internal program (FIRMWARE), as does the card microprocessor, so that it cannot be tampered with from the outside.
The printer MPU's internal program includes unique encryption algorithms parallel to those stored in the card's microprocessor.
10 These are installed by the manufacturer so that the printer MPU can execute a secure handshake recognition procedure with the card's microprocessor to authorize a requested transaction. The MPU 41 is formed integrally wit~ the printhead 42, such as by embedding in epoxy or the like, so that it cannot be physically accessed without 15 destroying the printhead. Thus the printhead 42 of the postage metering terminal 20 can only be operated through the MPU 41, and will print a postmark only when the handshake recognition procedure and a postmark print command have been executed between the card MPU and the printer MPU 41.
The handshake operation of the Wright et al. patents operates as follows. The card MPU 60 initiates the handshake procedure upon receipt of the commence signal. Upon verifying that the requested transaction is authorized, the card MPU encrypts an object number N, which may be a randomly generated number, with a key number k1 25 (which may be the printer's PIN) stored in the secret zone of its memory by a first encryption algorithm E1 and sends the resultant word W1 through the handshake channel 61 of terminal MPU 30 to the printer MPU 41.
Upon receipt of the word W1, the printer MPU 41 decodes the number using the same number k1 by the inverse algorithm E1'. The number k1 may be a secret key number stored in the printer MPU's memory at the time of validation, or in an open system, it may be the 5 PIN e"tere~J by the ~ser on the terminal, or a combination of both. The printer MPU 41 then encrypts the decoded number with the number k1 by a second encryption algGriL~"" E2 to send a second word W2 back to the card MPU 60.
Upon receipt of the word W2, the card MPU 60 decodes the 10 number again using the key number k1 by the inverse of the second algorithm E2', and compares the decoded number with the number it used in the first transmission. If the numbers match, the handshake procedure has been successfully completed, and the card and printer MPUs have recognized each other as a authorized to execute the 15 requested transaction.
While this handshaking protocol provides some added security, in operation it always produces the same action in response to the same input signal. Further, the printhead in the Wright et al. patents does not include hardware for storing data during periods when the 20 power is off. The printer 40 itself is not secure. An indicia printed with the printhead of the Wright et al. arrangement can be reprinted any number of times by reproducing the electrical signal used for the first legitimate print.
It is accordingly a primary object of the present invention to 25 provide an improved postal mailing system which may be recharged with postal funds in a secure manner so that images cannot be controlled by unauthorized users.
It is also an object of the invention to provide such a postal mailing system through the use of a secure dot addressable or the like printer.
Summary of the Invention The foregoing disadvantages of the postal mailing systems of the prior art may be overcome and the aforementioned objectives may be achieved in accordance with the invention by communication with a dot addressable or the like printhead secured by an encryption arrangement. The printhead includes a secure non-volatile static 10 random access memory (NOVRAM) in addition to a secure application specific purpose microprocessor chip. The NOVRAM is sometimes hereinafter referred to as non-volatile memory or NVM and the specific purpose microprocessor is sometimes hereinafter referred to as an ASIC or application specific integrated circuit. According to the 15 invention a key is changed each print cycle and stored in the NOVRAM or NVM even during times when the power is off. This access key changes for each print cycle. Thus, an unauthorized user who learns the key used for the last print cycle is unable to print an image and cannot reprint an image by reproducing the electrical 20 signals used to print the original image.
According to the invention a printer microprocessor unit and non-volatile static random access memory are mounted in secure fashion within the printhead. During each print cycle a number R is read from the non-volatile static random access memory (NOVRAM) in 25 the printhead. The value of R is changed using a pseudo-random number generator and the new value is stored in the NOVRAM. The number R is encrypted using the public key of a public key encryption scheme to produce a number N. The encrypted number N is sent to the user. An authorized user has the private key for the encryption scheme and calculates R. The user takes the data that is to be printed and performs an exclusive-or operation with the binary expansion of the number R. After the exclusive-or operation the converted data is sent to the printer. The printhead takes the input converted data and again applies the exclusive-or operation to reproduce the original print data and this is printed. A significant improvement in security is provided by this use of a changing key stored in non-volatile printhead memory that allows the printhead to be accessed only by authorized 1 0 users.
Brief Description of Drawin~s Fig. 1 is a simplified block diagram of a mailing system which may be utilized with the invention.
Fig. 2 presents in tabular form the name, description and source of symbols, keys and other protocol data referred to in the description of secure printing according to the invention.
Fig. 3 is a simplified flow diagram illustrating commencement of initialization of the installation according to the invention.
Fig. 4 is a simplified flow diagram illustrating the graphics signing at the factory.
Fig. 5 is a simplified flowchart illustrating the initialization of the printhead gri3pl,ics.
Fig. 6 is a simplified flowchart illustrating the initialization of a session.
Fig. 7 shows in simplified flowchart form a request indicia procedure.
Fig. 8 is a simplified flowchart illustration of the printing of a report procedure.
Fig. 9 sets forth in tabular form an explanation of protocol used.
Fig. 10 illustrates in tabular form protocol for signing of the 5 graphics.
Fig. 11 illustrates in tabular form the initialization of a session according to the invention.
DescriPtion of Invention The invention is described in further detail in the context of a 10 postage meter, however, other types of meters may be used. Such meters include parcel service meters, tax stamp meters, check writing meters, ticket imprinters, and other similar devices.
Fig. 1 shows in a simplified block diagram a form of mailing system which may be utilized with the invention. The mailing system 15 may comprise a postal meter 10 which is herein referred to as an electronic vault or as a vault. The vault is in communication with a host 12 in a conventional fashion. It will be understood that the vault may take many forms, including the form of a card such as described in the Wright et al. U.S. Patents Nos. 4,802,218 and 4,864,618, 20 referenced hereinabove. The vault may also constitute a module of more substantial size coupled to the host, such as described, for example, in U.S. Patent No. 4,858,138, issued August 15, 1989, to Paul C. Talmadge and assigned to the assignee of the instant application. The vault includes a microprocessor (MPU) 14 which is 25 coupled through a non-volatile memory (NVM) 16 through security logic 18. An indicia read only memory (ROM) 20, in which the particular printing indicia is stored, is also coupled to the microprocessor 14 through the security logic 18.
The host 12 includes an operations microprocessor (MPU) 22 and the printhead housing 24. The operations microprocessor 22 provides intelligence to allow for communication back and forth to vault miuoprocessor 14 via interface 26 to initiate printing when the proper 5 i"rorl"alion is exchanged. A keyboard (not shown) in the host 12 may be provided to send inro""ation representing the postage amount to the operations miuoprocessor 22. The printhead housing 24 is manufactured as a secure housing, and includes an operation specific printer microprocessor 28, NOVRAM 30, and printing mechanism or 10 printhead 32 for printing indicia on a mail piece or the like 34. In a preferred embodiment the printing mechanism, NOVRAM and miuoprocessor constitute an integral unit.
A printhead number (Nph) is stored in the printhead NOVRAM
30 to impart a unique character to the specific printhead. Also stored 15 in the NOVRAM 30 is a printhead seed R which is used by the printhead cryptographic pseudo-random number generator to generate nonces. The NOVRAM 30 also has stored therein in encrypted form the printhead key Kph which is the key used by the printhead and vault to generate the session key. The printhead key Kph is stored in the NOVRAM encrypted with the printhead security key Ka. The graphics key Kg, which is the key used by the manufacturer and printhead to secure graphics and other printhead data, is also stored in the NOVRAM encrypted with Ka. The printhead security key Ka is itself stored in the printhead ASIC. The printhead master key Kphm is stored securely in the vault. This key is used by the vault to calculate the printhead key from the printhead number. The vault security key Kv is stored in the vault ASIC. This key is used by the vault ASIC to encrypt secret information stored in NVM.
For convenience of reference the foregoing symbols are presented in tabular form in Fig. 2 showing the symbol name, description and source. The abbreviated form NVM is used for NOVRAM in the Fig. 2 table. Fig. 2 also identifies the session nonce 5 Ns, vault nonce Nv, indicia nonce Ni and session key Ks. The session nonce Ns is generated by the printhead with the printhead seed R and the printhead key Kph to assure session freshness. The vault nonce Nv is a pseudo-random number generated in the vault to assure that the printhead is present at the beginning of a session. The indicia 10 nonce Ni is a nonce generated with R and Kph by the printhead to ensure indicia freshness. The session key Ks is the key used by the printhead and vault to communicate during one session. The session key is generated from Ns and Kph. The printhead key is good for initializing sessions with the vault. The graphics key is good for 15 authenticating graphics from the vendor.
In an alternate embodiment, the number R is read from the NOVRAM 30 and the value of R is changed using a pseudo-random number generator and the new value is stored in NOVRAM 30. The number R is encrypted using the public key K_public of a public key 20 encryption scheme to produce a number N=f(R,K_public). The encrypted number N is sent to the user. An authorized user has the private key K_private for this encryption scheme. The user calculates R=f-1(N,K_private). The user takes the data that is to be printed and performs an exclusive-or operation with the binary expansion of the 25 number R. R may typically contain 1,000 bits and the print data may require multiple copies of R to convert all of the data. After the exclusive-or operation the converted data is sent to the printer.
The following is an exemplary illustration of the process:
Assume that R is only eight digits long and that 24 bits of print data are required.
Assume that the original value of R is 01101111. The printhead microprocessor applies a random number generator and stores a new 5 value 10011101.
The printhead microprocessor encrypts this number to obtain f(R,K_public)=00011101 and sends this number to the user.
The user calculates f-1(000111101, K_private)= 1001 1 101.
To print the data the user performs an exclusive-or operation 10 with R and sends the data to the printhead:
10011101,10011101,10011101 R repeated enough times to cover the data.
000001 1 1 ,01 1 10001,1 1 1 10000 Print data.
1001 1010,1 1101 100,01 101 101 Converted print data.
The printhead takes the input converted data and again applies the exclusive-or operation to reproduce the original print data:
1001 101 1 ,1 1 101 100,01 101 101 Converted print data.
1001 1 101 ,1001 1 101 ,1001 1 101 R repeated enough times to cover the data.~0 00000111,01110001,11110000 Data used to print is the same as the original print data.
It will be apparent to those skilled in the art that other schemes may be used to encrypt the communication and to convert the print 25 data. The important feature is that the system uses a changing key stored in non-volatile secure printhead memory that allows the printhead to be accessed only by authorized users.
A typical initialization of the system for a printing operation is now described in conjunction with a series of flow diagrams commencing with the simplified flow diagram of Fig. 3. Referring to that figure the printhead security key Ka is installed in the printhead ASIC at 36. This universal key secures data external to the printhead ASIC. The vault security key Kv is installed in the vault ASIC at 38.
This universal key secures data external to the vault ASIC and requires an update to the ASIC. At 40 the printhead number Nph is installed in NVM in the printhead. Each printhead should have a 10 unique number to initialize it. This is required in order that the software random number generators on different printheads produce different numbers.
The encrypted printhead key {Kph}Ka is installed in NVM at 42.
The printhead key is derived by the vault from the printhead number 15 using the printhead master key. The printhead needs the printhead key encrypted with the printhead security key. This separation ensures that an attacker who opens and deciphers everything in one printhead will not possess sufficient information to use a second or other printheads.
At 44 the encrypted graphic key {Kg}Ka is installed in NVM.
This is a universal key that secures the graphics. It is not built in the ASIC in order to provide the option of changing the key in the future.
At 46 the pr~rlU,e~J master key Kphm is installed in the vault.
This is a universal key used by the vault to communicate with 25 printheads. The vault believes that the printhead master key is good for deriving the printhead key from the printhead number.
The graphics signing at the factory is illustrated in the flowchart of Fig. 4. Referring to that figure graphics are assigned at the factory with the graphics key at 48. The vendor should be able to rely on the graphics key as a good key for authenticating graphics to the printhead and have reasonable assurance that the printhead is protected from producing counterfeit images by the graphics key. Two 5 practical methods are available for signing graphics. In one method a message authentication code is generated by chaining DES
encryptions. In an alternate method a CRC is generated with a secret polynomial and the polynomial is encrypted. Chaining DES
encryptions is commonly used in financial applications to assure ~0 message integrity. A label can be attached to the graphics indi~atirlg the type of image and the label and graphics signed together. The indicia graphics are assigned at 50. The indicia graphics include information about the location of fields so that attackers cannot permute characters in the indicia. The slogan graphics are assigned 15 at 52 and the font graphics assigned at 54. The font graphics label includes the ASCII character represented. The permit graphics are assigned at 56.
The initialization of the printhead graphics is illustrated in Fig. 5.
Referring to Fig. 5 the printhead graphics are initialized with the 20 graphics key at 58. The graphics key is decrypted with the printhead security key at 60 and the indicia graphics are loaded and verified at 62. The graphics are loaded into the printhead NOVRAM. They are cryptographically verified each time they are loaded and a bit is set that indicates acceptance of the signature of the graphics. The add 25 slogan graphics are loaded at 64 and a bit set that indicates acceptance of the signature of those graphics. The font graphics are loaded and verified at 66 and a bit set that indicates acceptance of the signature of those graphics. At 68 the permit graphics are loaded and verified and a bit set that indicates acceptance of the graphics signature.
The initialization of a session is illustrated in simplified fiowchart form in Fig. 6. The printhead believes that the session key is authentic for communicating with the vault and believes that the vault "meter number" is also authentic. The vault believes that the session key is good for communicating with the printhead.
At 70 the printhead key is decrypted with the printhead security key. The printhead outputs a number and session nonce at 72. The 10 printhead calculates the session key from the printhead key and nonce at 74 and the vault generates the printhead key from Nph with the printhead master key at 76. At 78 the vault calculates the session key from the printhead key and nonce. At 80 the vault sends the meter number, session nonce (and vault nonce) encrypted with the session 15 key. The vault nonce authenticates the printhead to the vault. This assures the vault that the data it is sending is in fact going to a printhead. The printhead verifies the session nonce, saves the meter number and outputs the vault nonce at 82. The vault verifies the vault nonce at 84.
Fig. 7 shows in simplified flowchart form a request indicia print procedure. The printhead believes that the vault believes the "indicia number, piece count, postage." At 86 the printhead outputs the indicia nonce. The printhead seed is updated after each nonce. The vault encrypts the piece count, postage, (date), indicia nonce with the 25 session key at 88. At 90 the printhead decrypts the piece count, postage, and indicia nonce.
The printing of a report procedure is illustrated in flowchart form in Fig. 8. The printhead believes that the vault believes the report and that the image represents the report. The verifier believes the vault articulated the report. At 92 the printhead sends the report nonce.
The printhead and vault derive the session key at 94 and the vault encrypts the numerical data in the report at 96. The printhead verifies 5 the font data in the report at 98 and indicates it needs a signed '~ormat" for the report at 100.
The protocol is set forth in tabular form in Fig. 9. The principles in the protocol are V-vault, P-printhead, and M-manufacturer. The notation for encryption is that {M}K is the message M encrypted with 10 the key K. The notation for signing is that [M]K is the message M
signed with the key K. The printhead key is encrypted in NVM in a way that the printhead does not know the map from the printhead number to the printhead key. The steps indicated and described in Fig. 9 are performed under the security of the manufacturing process.
The protocol for the signing of the graphics is illustrated in tabular form in Fig. 10. When the printhead graphics are initialized at the customer site the required messages from 7-11 in Fig. 10 are sent to the printhead, verified and installed. The channel need not be particularly secure. An ad slogan could be used, if desired. The 20 images should be reasonably well scrambled, in a way that the customer cannot easily reverse the scrambling.
As each graphic image is verified a bit is set to indicate that that image is accepted. This prevents attacks where bogus images are loaded and the printhead is powered down before it clears the data.
25 The printhead is now initialized. A session is initialized as shown in tabular form in Fig. 11.
In step 12 the printhead generates a new nonce Ns for the session. The printhead calculates the session key Ks from the nonce by decrypting Kph from NVM and encrypting Ns. The vault calculates Ks by encrypting Nph with Kphm. At step 13 the vault sends Nv encrypted to provide assurance that the printhead is present. The printhead verifies the encrypted Ns to verify that the vault is valid. The 5 indicia serial number is sent at this point to avoid having to send it for each indicia. The printhead decrypts the message and verifies Ns. At step 14 the vault verifies the printhead retrieved Nv to authenticate the printhead. The vault and printhead are now ready to print indicia and the session is now initialized. At step 15 for each indicia the printhead 10 generates a nonce to assure that the indicia is fresh. At step 16 the vault prepares a message with the indicia information and the indicia nonce, encrypts it, and sends it to the printhead. The printhead verifies the indicia nonce is encrypted, loads the data into the image, and prints the indicia.
It will be readily seen by one of ordinary skill in the art that the present invention fulfills all of the objects set forth above. After reading the foregoing specification, one of ordinary skill will be able to effect various changes, substitutions of equivalents and various other aspects of the invention as broadly disclosed herein. It is therefore intended that the protection granted hereon be limited only by the definition contained in the appended claims and equivalents thereof.
Claims (20)
1. In a value printing system comprising a value meter device connectable to communicate with a host device which includes a printer device for printing value indicia pursuant to signals from said value meter device, said value meter device including a processor and storage, and said host device including a processor and storage, a method comprising the steps of:
providing in said printer device a secure non-volatile random access storage connected to a processor;
storing in said printer device non-volatile random access storage a key;
initiating a print cycle of said printer device to print value indicia including print data transmitted by said value metering device to said printing device following mutual authentication of said key by said value meter device and said printer device and authentication of said print data by said printing device;
printing said indicia including said print data and terminating said print cycle; and changing said key in said printer non-volatile random access storage before initiating another print cycle.
providing in said printer device a secure non-volatile random access storage connected to a processor;
storing in said printer device non-volatile random access storage a key;
initiating a print cycle of said printer device to print value indicia including print data transmitted by said value metering device to said printing device following mutual authentication of said key by said value meter device and said printer device and authentication of said print data by said printing device;
printing said indicia including said print data and terminating said print cycle; and changing said key in said printer non-volatile random access storage before initiating another print cycle.
2. A method according to Claim 1 wherein said changing of said key and said authentication includes the steps of:
reading said key from said non-volatile random access storage in said printer device;
changing said key to provide a second key;
storing said second key in said non-volatile random access storage in said printer device;
encrypting said second key by an encryption protocol known to an authorized value metering device;
sending the encrypted second key to an authorized value metering device; and decrypting said second key in said authorized value metering device.
reading said key from said non-volatile random access storage in said printer device;
changing said key to provide a second key;
storing said second key in said non-volatile random access storage in said printer device;
encrypting said second key by an encryption protocol known to an authorized value metering device;
sending the encrypted second key to an authorized value metering device; and decrypting said second key in said authorized value metering device.
3. A method according to Claim 2 including the steps of:
using the decrypted second key to convert data to be printed;
sending said data to be printed converted with said second key to said printer device;
deconverting said converted data to be printed in said printer device with said second key to recover the data to be printed; and printing said data.
using the decrypted second key to convert data to be printed;
sending said data to be printed converted with said second key to said printer device;
deconverting said converted data to be printed in said printer device with said second key to recover the data to be printed; and printing said data.
4. A method according to Claim 1 wherein said processor connected to said non-volatile random access storage is provided in said printing device.
5. A method according to Claim 2 wherein said key is changed to said second key by a pseudo-random number generator in said printer device.
6. A method according to Claim 1 wherein said value printing system comprises a mailing system and said value meter device comprises a postage meter and said printer device comprises a postage printer.
7. A printing module for use in a value printing system for controlling the printing of value indicia wherein said system includes a value metering device having a data processor and storage, and a terminal associated with said printing module, and means for removably connecting said terminal to said value metering device for data communication between said value metering device and said terminal and said printing module, said printing module comprising a data controlled printing mechanism having securely mounted therewith a data processor and a non-volatile random access storage having a key stored therein.
8. A printing module according to Claim 7 wherein said data processor and non-volatile random access storage are integral with said printing mechanism.
9. A printing module according to Claim 7 wherein said data processor and non-volatile storage of said printing module have stored therein a number generating protocol which operates on said key to produce a second key and an encryption protocol which operates on said second key to encrypt said key, said printing module responding to transfer of data thereto by said terminal when said terminal is connected to a metering device having a second key to said encryption protocol to conduct a print cycle, said data processor and non-volatile storage of said printing module having also stored therein a protocol which changes said second key before another print cycle can be conducted.
10. A printing module according to Claim 9 wherein said printing module is incapable of executing two successive print cycles in response to the input thereto of identical data to initiate said print cycles.
11. A value printing system for controlling the printing of value indicia including a value metering module having a data processor and storage, a host terminal having processing and storage capability, a connecting mechanism for removable connecting said value metering module to said host terminal for data transfer therebetween, and a printing module secured to said host terminal for data communication therewith, said printing module having a data controlled printing mechanism including integrally therewith a data processor and a non-volatile random access storage having stored therein a key for initiating a print cycle and a protocol for changing said key before another print cycle can be conducted.
12. A value printing system according to Claim 11 wherein said data processor and non-volatile storage of said printing module have stored therein a number generating protocol which operates on a prime key stored in said non-volatile storage to produce said changed key and an encryption protocol which operates on said changed key to encrypt said changed key, said printing module responding to transfer of data thereto by said terminal when said terminal is connected to a metering device having a key to said encryption protocol to authenticate said changed key, said encryption protocol changing said changed key before yet another print cycle can be conducted.
13. A value printing system according to Claim 12 wherein said printing module is incapable of executing two successive print cycles in response to the input thereto of identical data to initiate said print cycles.
14. A value printing system according to Claim 13 wherein said value printing system comprises a mailing system and said value meter module comprises a postage meter and said printer module comprises a postage printer.
15. In a value printing system for controlling the printing of value indicia including a value metering module having a data processor and storage, a host terminal having processing and storage capability, a connecting mechanism for removably connecting said value metering module to said host terminal for data transfer therebetweeen, and a printing module secured to said host terminal for data communication therewith, said printing module having a data controlled printing mechanism, a method comprising the steps of:
mounting integrally with said printing module a data processor and a non-volatile random access storage;
storing in said non-volatile random access storage a key;
performing a predetermined protocol on said key to obtain a different second key;
encrypting said second key;
communicating said encrypted second key to an authorized metering module;
decrypting said second key in said metering module;
authenticating said decryption in said metering module to said printing module;
conducting a printing cycle by said printing module wherein data transferred to said printing module from said host terminal is printed;
and performing a predetermined protocol on said key to obtain a different third key before conducting another printing cycle.
mounting integrally with said printing module a data processor and a non-volatile random access storage;
storing in said non-volatile random access storage a key;
performing a predetermined protocol on said key to obtain a different second key;
encrypting said second key;
communicating said encrypted second key to an authorized metering module;
decrypting said second key in said metering module;
authenticating said decryption in said metering module to said printing module;
conducting a printing cycle by said printing module wherein data transferred to said printing module from said host terminal is printed;
and performing a predetermined protocol on said key to obtain a different third key before conducting another printing cycle.
16. A method according to Claim 15 wherein said printing module is incapable of conducting two print cycles in response to input thereto of identical data to initiate said print cycles.
17. A method according to Claim 15 wherein said protocol for obtaining said second key comprises pseudo-random generation of a number.
18. A method according to Claim 17 including the steps of:
installing a number unique to each printing module in said module at manufacture; and using said unique number in said pseudo-random number generation protocol so that such number generation is unique to each printing module.
installing a number unique to each printing module in said module at manufacture; and using said unique number in said pseudo-random number generation protocol so that such number generation is unique to each printing module.
19. A method according to Claim 15 including the steps of:
using said second key to encrypt data to be printed; transmitting said encrypted print data to said printing module; decrypting said print data in said printing module; and printing said data.
using said second key to encrypt data to be printed; transmitting said encrypted print data to said printing module; decrypting said print data in said printing module; and printing said data.
20. A method according to Claim 15 including the steps of:
retrieving said key from said non-volatile random access storage and performing said protocol on said retrieved key to obtain said second key;
storing said second key in said non-volatile random access storage; and retrieving said second key from said non-volatile random access storage to encrypt said second key.
retrieving said key from said non-volatile random access storage and performing said protocol on said retrieved key to obtain said second key;
storing said second key in said non-volatile random access storage; and retrieving said second key from said non-volatile random access storage to encrypt said second key.
Applications Claiming Priority (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| US66002796A | 1996-06-06 | 1996-06-06 | |
| US08/660,027 | 1996-06-06 |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CA2206937A1 true CA2206937A1 (en) | 1997-12-06 |
Family
ID=24647823
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CA 2206937 Abandoned CA2206937A1 (en) | 1996-06-06 | 1997-06-02 | Secure apparatus and method for printing value with a value printer |
Country Status (2)
| Country | Link |
|---|---|
| EP (1) | EP0811955A2 (en) |
| CA (1) | CA2206937A1 (en) |
Families Citing this family (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6233565B1 (en) | 1998-02-13 | 2001-05-15 | Saranac Software, Inc. | Methods and apparatus for internet based financial transactions with evidence of payment |
| US6144950A (en) * | 1998-02-27 | 2000-11-07 | Pitney Bowes Inc. | Postage printing system including prevention of tampering with print data sent from a postage meter to a printer |
| US6938023B1 (en) * | 1998-12-24 | 2005-08-30 | Pitney Bowes Inc. | Method of limiting key usage in a postage metering system that produces cryptographically secured indicium |
| US6847951B1 (en) * | 1999-03-30 | 2005-01-25 | Pitney Bowes Inc. | Method for certifying public keys used to sign postal indicia and indicia so signed |
| US6188997B1 (en) * | 1999-04-19 | 2001-02-13 | Pitney Bowes Inc. | Postage metering system having currency synchronization |
| US20010037462A1 (en) * | 2000-05-01 | 2001-11-01 | Bengtson Michael B. | Method and apparatus for obtaining a printed copy of a document via the internet |
| US20030014640A1 (en) * | 2001-07-13 | 2003-01-16 | Loyd Travis W. | Printer regulation through verification of a user |
| DE10255053A1 (en) * | 2002-09-10 | 2004-03-18 | Wincor Nixdorf International Gmbh | Printer, especially a voucher printer for secure printing of transactions arising from a payment till or automatic cash dispenser, has a cryptographic unit for processing a cryptographic signature received with the print data |
| FR2865830B1 (en) * | 2004-01-30 | 2006-05-19 | Neopost Ind | SECURED EXTERNAL PRINT MODE MAIL POSTAGE SYSTEM |
-
1997
- 1997-06-02 CA CA 2206937 patent/CA2206937A1/en not_active Abandoned
- 1997-06-06 EP EP19970109204 patent/EP0811955A2/en not_active Withdrawn
Also Published As
| Publication number | Publication date |
|---|---|
| EP0811955A2 (en) | 1997-12-10 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US5142577A (en) | Method and apparatus for authenticating messages | |
| CN1097902C (en) | Method for identifying metering accounting vault to digital printer | |
| EP0678836B1 (en) | Method and means for combining and managing personal verification and message authentication encryptions for network transmission | |
| US5812664A (en) | Key distribution system | |
| US6724894B1 (en) | Cryptographic device having reduced vulnerability to side-channel attack and method of operating same | |
| US5949879A (en) | Auditable security system for the generation of cryptographically protected digital data | |
| US6158003A (en) | Method and system for electronic document certification | |
| JP2746352B2 (en) | Secure security communication system and method for communication by a remotely located computer | |
| US6064989A (en) | Synchronization of cryptographic keys between two modules of a distributed system | |
| CN1148704C (en) | Postage printing system of preventing distortion of printed data sent to printer from postage charger | |
| US20040230799A1 (en) | Circuit and method for providing secure communications between devices | |
| US20080031460A1 (en) | Technique for split knowledge backup and recovery of a cryptographic key | |
| JPH09238132A (en) | Portable terminal communication system and communication method thereof | |
| JPH087805B2 (en) | Postage meter for remote variable recharge | |
| CA2677458C (en) | Method and system for securing communications in a metering device | |
| US6029137A (en) | Updating domains in a postage evidencing system | |
| JPH11289324A (en) | Transmission / reception device and transmission / reception method | |
| EP0811955A2 (en) | Secure apparatus and method for printing value with a value printer | |
| US8438115B2 (en) | Method of securing postage data records in a postage printing device | |
| JP2788296B2 (en) | Card usage system | |
| JPS60171583A (en) | Information processor |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| EEER | Examination request | ||
| FZDE | Dead |