Importance

Loading Importance Indicators...

Abstract

A procedure is disclosed for initializing with security and integrity a large number of terminals in an EFT/POS network with cryptographic variables. Each terminal in the network is provided with a cryptographic facility which performs the necessary cryptographic functions. A key distribution center is established, and a public and secret key pair is generated for the key distribution center. Each terminal in the network is provided with a terminal identification known to the key distribution center, the public key of the key distribution center is stored in the cryptographic facility of each terminal. A terminal initializer is designated for each terminal, and the terminal initializer for each terminal is notified of two expiration times for the purposes of registering the terminal's cryptovariable with the key distribution center. The cryptovariable is generated by the terminal using its cryptographic facility. Prior to the first expiration time, a registration request is prepared and transmitted to the key distribution center. The registration request includes the terminal identification and the cryptovariable. When the key distribution center receives this request, the cryptovariable is temporarily registered and that fact is acknowledged to the requesting terminal. After the expiration of the second time, the registration is complete. Provisions are also made for invalidating a terminal identification in the event that more than one registration is attempted for a given terminal identification or that the registration was not made in time. The same procedure can be used to initialize cryptovariables of users of a network. The protocol is basically the same except that a user identification is used instead of a terminal identification, and the users may be provided with a transportable media, such as a magnetic stripe card or the like, which stores the user cryptovariable and can be read by terminals in the network.

Loading the Abstract Image...

First Claim