[go: up one dir, main page]

DE9216798U1 - Kit for checking the legitimacy of electronic access and / or information media - Google Patents

Kit for checking the legitimacy of electronic access and / or information media

Info

Publication number
DE9216798U1
DE9216798U1 DE9216798U DE9216798U DE9216798U1 DE 9216798 U1 DE9216798 U1 DE 9216798U1 DE 9216798 U DE9216798 U DE 9216798U DE 9216798 U DE9216798 U DE 9216798U DE 9216798 U1 DE9216798 U1 DE 9216798U1
Authority
DE
Germany
Prior art keywords
kit according
access
microprocessor chip
chip
application
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Lifetime
Application number
DE9216798U
Other languages
German (de)
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Individual
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Priority to DE9216798U priority Critical patent/DE9216798U1/en
Publication of DE9216798U1 publication Critical patent/DE9216798U1/en
Anticipated expiration legal-status Critical
Expired - Lifetime legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00309Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with bidirectional data transmission between data carrier and locks
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • G06F21/35User authentication involving the use of external additional devices, e.g. dongles or smart cards communicating wirelessly
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2211/00Indexing scheme relating to details of data-processing equipment not covered by groups G06F3/00 - G06F13/00
    • G06F2211/007Encryption, En-/decode, En-/decipher, En-/decypher, Scramble, (De-)compress
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00309Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with bidirectional data transmission between data carrier and locks
    • G07C2009/00388Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with bidirectional data transmission between data carrier and locks code verification carried out according to the challenge/response method
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C9/00309Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with bidirectional data transmission between data carrier and locks
    • G07C2009/0042Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with bidirectional data transmission between data carrier and locks the transmitted data signal containing a code which is changed
    • G07C2009/00476Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with bidirectional data transmission between data carrier and locks the transmitted data signal containing a code which is changed dynamically
    • G07C2009/005Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated with bidirectional data transmission between data carrier and locks the transmitted data signal containing a code which is changed dynamically whereby the code is a random code
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/00174Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys
    • G07C2009/00753Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated by active electrical keys
    • G07C2009/00769Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated by active electrical keys with data transmission performed by wireless means
    • G07C2009/00785Electronically operated locks; Circuits therefor; Nonmechanical keys therefor, e.g. passive or active electrical keys or other data carriers without mechanical keys operated by active electrical keys with data transmission performed by wireless means by light

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computer Security & Cryptography (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Storage Device Security (AREA)

Description

Elektronische Zugangs- und/oder Informationsmedien gewinnen in der Gestalt von Chipkarten und elektronischen Schlüsseln neben vielen anderen Anwendungsbereichen zunehmende Bedeutung.Electronic access and/or information media in the form of chip cards and electronic keys are becoming increasingly important, among many other areas of application.

Dabei spielt insbesondere bei Schließanlagen der Schlüssel insofern eine verletzbare Stelle, als er bei simplifizierter Gestaltung auslesbar und damit z. B. über einen PC "kopierbar" ist.The key is a particularly vulnerable point in locking systems, as it can be read out in a simplified design and thus "copied" via a PC, for example.

Aus diesem Grunde entstand z. B. bei Chipkarten die sog« PIN, die einen gewissen Schutz dahingehend darstellt, als der Benutzer sich zunächst durch diese PIN identifizieren muß. Mißbrauch ist dabei dadurch gegeben, daß &zgr;. B. fremde Personen die Eingabe der PIN verfolgen können und anschließend nach Entwendung der Chipkarte diese in strafbarer Handlungweise verwenden.For this reason, the so-called PIN was developed for chip cards, for example, which provides a certain level of protection in that the user must first identify himself using this PIN. Misuse occurs because strangers can, for example, see the PIN being entered and then, after stealing the chip card, use it to commit a criminal offense.

Auch bei Schlüsseln ist es natürlich möglich, eine PIN zu benutzen, was jedoch fast zwangsläufig die Entwicklung eines Einlesegerätes erfordert, das allein durch die Größe der Tastatur die Möglichkeit gewährleistet, daß auch weniger geschickte Personen die PIN eingeben können.It is of course also possible to use a PIN for keys, but this almost inevitably requires the development of a reader device that, through the size of the keyboard alone, ensures that even less skilled people can enter the PIN.

In der Verwendung der Chipkarte als Schlüssel besteht natürlich wiederum die Möglichkeit, die Chipkarte als sog. "Super/Smart/Card" zu konzipieren, die gleichzeitig z. B. neben ihrem Chip eine alphanumerische Tastatur aufweist. When using the chip card as a key, it is of course possible to design the chip card as a so-called "Super/Smart/Card", which also has an alphanumeric keyboard in addition to its chip.

Soll der Schlüssel dennoch einen gewissen Sicherheitsgrad ohne PIN besitzen, ist es erforderlich, daß er nicht von unlegitimierten Personen auslesbar ist. Dies bedeutet, daß bei der Schlüsselaktivierung dessen Code nicht auslesbar sein darf.If the key is to have a certain level of security without a PIN, it is necessary that it cannot be read by unauthorized persons. This means that when the key is activated, its code must not be readable.

Unter dieser Voraussetzung wurde in der Anwendung der Zugangs- und/oder Informationsmedien als Schlüssel mit der Kommunikation eines elektronischen Schlosses davon Gebrauch gemacht, daß sowohl der Schlüssel, als auch das Schloß einen Algorithmus, entsprechend aufeinander abgestimmt, durchführen.Under this premise, in the application of access and/or information media as a key with the communication of an electronic lock, use was made of the fact that both the key and the lock execute an algorithm that is appropriately coordinated with each other.

In bevorzugter Ausführungsform wird mit dieser Erfindung ein Verfahren und ein Bausatz vorgestellt, der es gestattet, den Schlüsselcode nicht auslesbar zu machen, so daß z. 8. in Sicherheitsbereichen nicht einmal der Schlüsselbenutzer seinen eigenen Legitimationscode kennen muß.In a preferred embodiment, this invention presents a method and a kit that makes it possible to make the key code unreadable, so that, for example, in security areas, the key user does not even have to know his own authentication code.

In der Vorgehensweise wird dabei der Schlüssel mit seinem Mikroprozessor-Chip mit einem Schloßcode programmiert, der bevorzugt in einem umprogrammierbaren Festspeicher über z. B. EEPROMs abgelegt wird. Dabei besitzt der Mikroprozessor des Schlüssels ein bevorzugt integriertes Rechenwerk, das in seiner Funktion ausreicht, die Grundrechenarten durchzuführen.In the procedure, the key with its microprocessor chip is programmed with a lock code, which is preferably stored in a reprogrammable read-only memory, e.g. via EEPROMs. The microprocessor of the key preferably has an integrated arithmetic unit, which is sufficient in its function to carry out basic arithmetic.

Es ist vorgesehen, daß der Schloß-Mikroprozessor zunächst durch einen "Weckimpuls" des Schlüssels in Aktionsbereitschaft geschaltet wird und anschließend z. 8. über eine LED dem Schlüssel eine Zufallszahl überspielt, die diese über Photodiode empfängt und seinem Mikroprozessor weiterleitet, über das Rechenwerk des Schlüssels wird nun eine einfache Rechenoperation durchgeführt, die z. B. in einer einfachen Multiplikation bestehen kann und von der das Schloß "weiß", welche Rechenoperation im Schlüssel durchgeführt wird, damit diese bei der Legitimationsprüfung durch das Schloß rückgerechnet werden kann.It is intended that the lock microprocessor is first switched to readiness for action by a "wake-up pulse" from the key and then, for example, a random number is sent to the key via an LED, which receives it via a photodiode and forwards it to its microprocessor. A simple calculation is then carried out via the key's arithmetic unit, which can, for example, consist of a simple multiplication and from which the lock "knows" which calculation is carried out in the key so that it can be calculated back during the legitimacy check by the lock.

Die ermittelete Zahl des Schlüssels wiederum wird im Ausführungsbeispiel durch eine Schlüssel-LED der Photodiode des Schlosses und damit dessen Mikroprozessors zugespielt, der in einem Schreib-Lesespeicher die vorgenannte Zufallszahl gespeichert beinhaltet. Die übermittelte Zahl wird mit Hilfe dieser Zufallszahl und mit Hilfe der bekannten Rückrechenoperation, d. h. hier Division anstelle von Multiplikation, verarbeitet, womit für das Schloß der Legitimationscode des Schlüssels erkennbar wird, der anschließend mit einer Festspeicher-Codeliste auf Legitimation geprüft wird.In the example, the determined number of the key is in turn fed through a key LED to the photodiode of the lock and thus to its microprocessor, which contains the aforementioned random number stored in a read-write memory. The transmitted number is processed using this random number and the known back calculation operation, ie here division instead of multiplication, which allows the lock to recognize the legitimation code of the key, which is then checked for legitimacy using a read-only memory code list.

Ist diese Legitimationsprüfung positiv ausgefallen, wird von Schloßseite die notwendige Mechanik betätigt, um das Schloß zu öffnen bzw. offen zu halten oder schließbar zu machen.If this legitimacy check is positive, the necessary mechanism is activated on the lock side to open the lock or to keep it open or to make it lockable.

Die Erfindung wird nun anhand der Bausatzansprüche 1-10 sowie der Figur 1 näher erläutert, die als reines Blockschaltbild dargestellt ist.The invention will now be explained in more detail with reference to the kit claims 1-10 and Figure 1, which is shown as a pure block diagram.

Dabei erkennen wir linksseitig schematisiert den Schlüssel (1) mit seinem Logik-Speicherchip (2) und seinem Rechenwerk (3). Der Anwendungsbereich als Schloß wurde rechts mit (6) symbolisiert dargestellt, wobei dessen Logik-Speicherchip (8) zunächst über Zufallsgenerator (9) eine, z. B. hier nicht dargestellte LED, Zufallszahl an das Rechenwerk (3) über den Chip (2) zu übersenden.On the left side we can see the key (1) with its logic memory chip (2) and its arithmetic unit (3). The application area as a lock is symbolized on the right with (6), whereby its logic memory chip (8) first sends a random number (e.g. LED not shown here) to the arithmetic unit (3) via the chip (2) via the random generator (9).

Rechenwerk (3) führt dann die oben beschriebene Rechenoperation durch, die dem Logik-Speicherchip (8) des hier symbolisierten Schlosses übermittelt (12) wird, wobei eine nicht dargestellte Photodiode die Aufnahme übernimmt.The arithmetic unit (3) then carries out the arithmetic operation described above, which is transmitted to the logic memory chip (8) of the lock symbolized here (12), with a photodiode (not shown) taking over the recording.

Chip (8) übermittelt die vom Chip (2) transferierte Zahl ins Rechenwerk (10), das mit der im Schreib-Lesespeicher von Chip (8) abgelegten Zufallszahl die Gegen-Rechenoperation durchführt und den Schlüsselcode errechnet. Dieser wird in der Codeliste (11) von Schlüssel (6) gesucht, wobei bei positivem Suchvorgang Schlüssel (6) die Legitimation zur Betätigung bestätigt.Chip (8) transmits the number transferred from chip (2) to the arithmetic unit (10), which carries out the counter arithmetic operation with the random number stored in the read-write memory of chip (8) and calculates the key code. This is searched for in the code list (11) by key (6), and if the search is positive, key (6) confirms the legitimacy for operation.

Claims (10)

I · * i • · ANSPRÜCHEI · * i • · CLAIMS 1. Bausatz zur Legitimationsprüfung elektronischer Zugangs- und/oder Informationsmedien, dadurch gekennzeichnet,1. Kit for verifying the legitimacy of electronic access and/or information media, characterized in that daß dieser aus einem Zugangs- und/oder Informationsmedium (1) mit mindestens einem Mikroprozessor-Chip (2) mit integriertem Rechenwerk (3) und der Möglichkeit besteht, bevorzugt digitale Informationen von einem Anwendungsbereich (6) aufzunehmen (5) und über einen Rechenprozeß modifiziert abzugeben (4), wobei sein spezifischer Code abgespeichert ist und wobei der Anwendungsbereich (6) für den Algorithmus des Zugangs- und/oder Informationsmediums durch mindestens einen MIkroprozessoi—Chip (8) mit Rechenwerk (10) in der Lage ist, eine Zufallszahl (9) digital abzugeben (7) und das Empfangssignal des Zugangs- und/oder Informationsmediums umzurechnen, um dessen Code zu errechnen, der bei Legitimation geeignet ist, in der Anwendungseinheit (6) einen bestimmten Vorgang durchzuführen, wobei der in mindestens einer Speichereinheit (11) mindestens eines Anwendungs-Mikroprozessor-Chips (8) abgelegte Benutzercode durch Chip (8) löschbar und/oder einlesbar ist.that it consists of an access and/or information medium (1) with at least one microprocessor chip (2) with integrated arithmetic unit (3) and the possibility of receiving (5) preferably digital information from an application area (6) and outputting it in a modified form via a computing process (4), its specific code being stored and the application area (6) for the algorithm of the access and/or information medium being able to output a random number (9) digitally (7) by means of at least one microprocessor chip (8) with arithmetic unit (10) and to convert the received signal of the access and/or information medium in order to calculate its code which , when authenticated, is suitable for carrying out a specific process in the application unit (6), the user code stored in at least one memory unit (11) of at least one application microprocessor chip (8) being erasable and/or readable by the chip (8). 2. Bausatz nach Anspruch 1,
dadurch gekennzeichnet,2. Kit according to claim 1,
characterized, daß die Mikroprozessoren (2,8) geeignet sind, miteinander zu kommunizieren.that the microprocessors (2,8) are suitable for communicating with each other. 3. Bausatz nach Anspruch 1,2,
dadurch gekennzeichnet,3. Kit according to claim 1,2,
characterized, daß die Mikroprozessoren (2,8) eine gemeinsame Schnittstelle aufweisen.that the microprocessors (2,8) have a common interface. 4. Bausatz nach mindestens einem der Ansprüche 1-3, dadurch gekennzeichnet,4. Kit according to at least one of claims 1-3, characterized in daß die Mikroprozessoren (2,8) bevorzugt Logik-Speicherchips darstellen.that the microprocessors (2,8) preferably represent logic memory chips. 5. Bausatz nach mindestens einem der Ansprüche 1-4, dadurch gekennzeichnet,5. Kit according to at least one of claims 1-4, characterized in daß insbesondere der Anwendungs-Mikroprozessor (8) als Hyprid mit Speichereinheiten kombiniert ist.that in particular the application microprocessor (8) is combined as a hybrid with memory units. 6. Bausatz nach mindestens einem der Ansprüche 1-5, dadurch gekennzeichnet,6. Kit according to at least one of claims 1-5, characterized in daß die Festspeicheranteile der Chips (2,8) bevorzugt mit EEPROMs arbeiten.that the read-only memory parts of the chips (2,8) preferably work with EEPROMs. 7. Bausatz nach mindestens einem der Ansprüche 1-6, dadurch gekennzeichnet,7. Kit according to at least one of claims 1-6, characterized in daß der Mikroprozessor-Chip (2) in der Lage ist, einen "Weckimpuls" für den Mikroprozessoi—Chip (8) abzugeben.that the microprocessor chip (2) is able to emit a "wake-up pulse" for the microprocessor chip (8). 8. Bausatz nach mindestens einem der Ansprüche 1-7, dadurch gekennzeichnet,8. Kit according to at least one of claims 1-7, characterized in daß der Mikroprozessoi—Chip (8) bevorzugt über einen Generator frequenzmoduliert ansteuerbar und mit Strom versorgbar ist.that the microprocessor chip (8) can be controlled and supplied with power in a frequency-modulated manner, preferably via a generator. 9. Bausatz nach mindestens einem der Ansprüche 1-8, dadurch gekennzeichnet,9. Kit according to at least one of claims 1-8, characterized in daß die Kommunikation der Chips (2,8) über Licht bzw. Infrarot erfolgt und daß beide (2,8) mit separaten Stromquellen versorgt sind. that the communication between the chips (2,8) takes place via light or infrared and that both (2,8) are supplied with separate power sources. 10. Bausatz nach mindestens einem der Ansprüche 1-9, dadurch gekennzeichnet,10. Kit according to at least one of claims 1-9, characterized in daß in der Anwendungseinheit (6) und in dessen Mikroprozessoi—Chip/s (8) definierbare Zugangscodes löschbar sind und damit ihre Zugangsberechtigung verlieren und/oder daß neue Codes aufnehmbar (11) sind.that access codes definable in the application unit (6) and in its microprocessor chip/s (8) can be deleted and thus lose their access authorization and/or that new codes can be recorded (11).
DE9216798U 1992-12-10 1992-12-10 Kit for checking the legitimacy of electronic access and / or information media Expired - Lifetime DE9216798U1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
DE9216798U DE9216798U1 (en) 1992-12-10 1992-12-10 Kit for checking the legitimacy of electronic access and / or information media

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
DE9216798U DE9216798U1 (en) 1992-12-10 1992-12-10 Kit for checking the legitimacy of electronic access and / or information media

Publications (1)

Publication Number Publication Date
DE9216798U1 true DE9216798U1 (en) 1994-04-07

Family

ID=6886958

Family Applications (1)

Application Number Title Priority Date Filing Date
DE9216798U Expired - Lifetime DE9216798U1 (en) 1992-12-10 1992-12-10 Kit for checking the legitimacy of electronic access and / or information media

Country Status (1)

Country Link
DE (1) DE9216798U1 (en)

Similar Documents

Publication Publication Date Title
DE69815272T2 (en) Access to doors and machines controlled by fingerprint comparison
DE69932643T2 (en) IDENTIFICATION DEVICE WITH SECURED PHOTO, AND METHOD AND METHOD FOR AUTHENTICATING THIS IDENTIFICATION DEVICE
DE10047967B4 (en) Vehicle key system
DE69029921T2 (en) Method of protection against fraudulent use of a microprocessor card and device for carrying it out
DE60306277T2 (en) Electronic vehicle key system
DE60101045T2 (en) SYSTEM FOR DATA BACKUP ON A DATA CARRIER
DE2949351C2 (en) Method and device for generating and checking documents and the document used therewith
DE19622720C2 (en) Authentication facility with key number memory
DE3327720A1 (en) METHOD AND DEVICE FOR OPERATING AN ELECTRONIC SAFETY DEVICE
DE29613136U1 (en) Lock or access authorization system
DE2738113A1 (en) Processing device for banking operations
DE3809170A1 (en) SYSTEM FOR THE ISSUING OF SECURE IC CARDS
DE2627981C3 (en) Identification system using fingerprints
EP0663650A2 (en) Method for allocating a mobile record carrier to a fixed data station
DE69133047T2 (en) METHOD AND DEVICE FOR PERSONAL IDENTIFICATION
DE69405811T2 (en) Device for monitoring and controlling differential access with at least two compartments in an interior
DE19648042A1 (en) Road vehicle with key having memory
EP0724343B1 (en) Method for indicating manipulation in data that is to be transmitted
DE4433499A1 (en) Electronic theft prevention system for vehicle
EP0950217B1 (en) System for protecting a data processing device from unauthorised access
EP0846821B1 (en) Device for checking the user authorization of an access control system
DE9216798U1 (en) Kit for checking the legitimacy of electronic access and / or information media
DE4439593C2 (en) Device and method for access and access control
DE19526320A1 (en) Mechanical and electronic blocking device
DE3342651A1 (en) Method for protecting access to terminals