WO2019116398A1 - Configuration of hardware security modules for generation and reading of any code - Google Patents

Configuration of hardware security modules for generation and reading of any code Download PDF

Info

Publication number
WO2019116398A1
WO2019116398A1 PCT/IN2018/050844 IN2018050844W WO2019116398A1 WO 2019116398 A1 WO2019116398 A1 WO 2019116398A1 IN 2018050844 W IN2018050844 W IN 2018050844W WO 2019116398 A1 WO2019116398 A1 WO 2019116398A1
Authority
WO
WIPO (PCT)
Prior art keywords
data
code
module configured
key
user device
Prior art date
Application number
PCT/IN2018/050844
Other languages
French (fr)
Inventor
Pragnyat LALWANI
Original Assignee
Seshaasai Business Forms Pvt. Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Seshaasai Business Forms Pvt. Ltd filed Critical Seshaasai Business Forms Pvt. Ltd
Publication of WO2019116398A1 publication Critical patent/WO2019116398A1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0442Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption

Definitions

  • the field of invention generally relates to a system and method for customized cryptography. More specifically, the invention discloses a system and method for data encryption and decryption through a hardware device embedded with cryptographic functionality and using asymmetric encryption.
  • a barcode is an optical representation of data. Barcodes store information in a form that can be processed by a computer, which is machine-readable. A barcode scanner is configured to read, process and interpret a barcode. The data usually includes information about a product or an article on which the barcode is printed. Initially, barcodes were represented as parallel lines of varying width and spacing between them, which may be referred as linear or one dimensional (1D) barcode. Subsequently, rectangles, dots, hexagons, and other geometric patterns in two dimensions were also used and this led to development of two dimensional (2D) barcodes although no bar (line) is used in these codes.
  • 1D one dimensional
  • the earliest barcode scanner comprised a fixed light and a single photo sensor and was configured to read a barcode by manually scrubbing a scanner across the barcode.
  • barcodes can be read by any authorised party and hence the information encoded in a barcode can be obtained by using any barcode scanner. This may probably lead to a chance of misuse of important document or data, which in turn gives rise to a security issue of confidentiality of data encoded into the barcode.
  • the principle object of the invention is to provide a method and system comprising a hardware module configured to perform customised cryptography.
  • Another object of the invention is to provide a system configured with a hardware module to generate and read any encrypted code.
  • Yet another object of the invention is to provide a method for securing data using asymmetric encryption.
  • Yet another object of the invention is to provide a method for generating an asymmetric key, where the key is used to encrypt a message into a code.
  • Yet another object of the invention is to provide a method for creation of external functions that are compatible with the hardware module of the system for customised cryptography, wherein the external functions enable the hardware module to be integrated with external applications.
  • Yet another object of the invention is to provide a method for embedding external functions into the system for customised cryptography, wherein the embedding is performed by means of available Application Programming Interfaces (API) providing extendibility.
  • API Application Programming Interfaces
  • the present disclosure provides a system for customized cryptography comprising a server, a user device and a hardware module.
  • the server is configured to communicate data with the hardware module to execute instructions required for generating a code and interpreting the code.
  • the user device comprises an application configured to communicate data from a user to the hardware module.
  • the user device is further configured to execute instructions required for interpreting the code.
  • the hardware module is configured for establishing customized encryption and decryption.
  • the hardware module comprises a master machine, a generation machine and a reader machine.
  • the master machine is configured for creation of one or more keys, wherein the one or more keys are asymmetrically encrypted and comprise a public key and a paired private key.
  • the generation machine is configured for generating the code.
  • the code is a machine-readable representation of data and comprises an encrypted data (message to be communicated) and the public key.
  • the reader machine is configured for interpretation of the at least one code, which comprises a verification process.
  • the verification process comprises matching the public key with the paired private key, wherein the server communicates the public key and the user device communicates input of the paired private key for verification process.
  • FIG. 2 depicts/illustrates a system for customized cryptography comprising hardware module and external applications to generate and read any code, in accordance with an embodiment of the invention.
  • Fig. 2 depicts/illustrates a system for customized cryptography comprising hardware module and external applications to generate and read any code, in accordance with an embodiment of the invention.
  • FIG. 3 depicts/illustrates the components and working details of a master machine disposed within the hardware module, which is used in key generation, in accordance with an embodiment of the invention.
  • Fig. 3 depicts/illustrates the components and working details of a master machine disposed within the hardware module, which is used in key generation, in accordance with an embodiment of the invention.
  • FIG. 4 depicts/illustrates the components and working details of a generation machine disposed within the hardware module, which is used for code generation, in accordance with an embodiment of the invention.
  • Fig. 4 depicts/illustrates the components and working details of a generation machine disposed within the hardware module, which is used for code generation, in accordance with an embodiment of the invention.
  • Fig. 4 depicts/illustrates the components and working details of a generation machine disposed within the hardware module, which is used for code generation, in accordance with an embodiment of the invention.
  • FIG. 1 depicts/illustrates the components and working details of a reader machine disposed within the hardware module, which is used for code verification, in accordance with an embodiment of the invention.
  • the embodiments herein below provide a system for customized cryptography using a hardware module.
  • the system for customized cryptography comprises a server, a user device and the hardware module.
  • the server is configured to communicate data with the hardware module.
  • the server is further configured to execute at least one instruction required for generating at least one code and interpreting the at least one code.
  • the execution of the at least one instruction, in coordination with a generation machine comprised within the hardware module, is performed by the server.
  • the user device of the system for customized cryptography comprises an application.
  • the application is configured to communicate data from a user to the hardware module.
  • the application may also be referred to as a computer program designed to perform necessary tasks in coordination with the hardware module.
  • the user device is further configured to execute at least one instruction required for interpreting of the at least one code.
  • the execution of the at least one instruction, in coordination with a reader machine comprised within the hardware module is performed by the user device.
  • the hardware module of the system for customized cryptography is configured for establishing customized encryption and decryption.
  • the hardware module may refer to a custom-built hardware device configured to provide dedicated cryptographic functionality.
  • the hardware module may be a plug-in card or an external device, which is attached to the user device.
  • the hardware module comprises a master machine, the generation machine and the reader machine.
  • the master machine is configured for creation of one or more keys, wherein the one or more keys are asymmetrically encrypted key.
  • the asymmetrically encrypted keys comprise a public key and a paired private key.
  • the generation machine is configured for generating the code.
  • the code comprises the public key and an encrypted data comprising a message to be communicated.
  • the reader machine is configured for interpretation of the code.
  • the interpretation of the code comprises a verification process.
  • the verification process comprises matching the public key with the paired private key, wherein the server communicates the public key and the user device communicates input of the paired private key for verification process.
  • the matching of the public key with the paired private key is carried out in coordination with the user device and the server.
  • the system and method for customized cryptography using a hardware module disclosed in the present invention comprises an asymmetric key encryption scheme based on asymmetric cryptography.
  • Asymmetric cryptography also known as public-key cryptography, is a cryptographic system that uses pairs of keys for encryption and decryption.
  • Asymmetric cryptography comprises at least one public key and at least one paired private key.
  • the public key is dispersed widely and the paired private key is known only to the owner (i.e., the person who encrypts the data or is authorised to encrypt the message or data).
  • a message that is confidential or private in nature can be sent by encrypting the message.
  • the encryption can be carried out either by using a recipient’s public key or a sender’s public key and the decryption requires the recipient’s paired private key and sender’s paired private key respectively.
  • the asymmetric key encryption scheme further comprises two functions, namely authentication and encryption.
  • Authentication is a process in which the public key verifies that a holder of the paired private key, has sent the received message.
  • Encryption is a process in which only the paired private key holder can decrypt the message encrypted with the public key.
  • the security of the encrypted data (message to be communicated) or message depends on the secrecy of the paired private key. Usually, an unpredictable, typically large and random number is used to begin generation of an acceptable pair of keys suitable for use by an asymmetric key algorithm.
  • asymmetric encryption may refer to as an encryption scheme wherein an unpredictable number is used to start generation of an admissible pair of keys.
  • the admissible pair of keys are configured such that a data encrypted by a first key among the pair of keys can be decrypted only a second key among the pair of keys.
  • an asymmetric encryption algorithm is employed for generation of an asymmetric key comprising a public key and a paired private key.
  • Fig.1 depicts or illustrates a system for customized cryptography 100 in accordance with an embodiment of the invention.
  • the system for customized cryptography 100 comprises a hardware module 101, a user device 102, and a server 103.
  • the hardware module 101 further comprises a master machine 111, a generation machine 121, and a reader machine 131.
  • the user device 102 may refer to a computing device that is integrated with the hardware module 101 to execute steps necessary for interpretation of at least one code.
  • the server 103 may refer to a processor that is configured to coordinate with the hardware module 101 to execute steps required for generation of at least one code.
  • the user device 102 of the system for customized cryptography 100 is one or more of a smartphone, a computer system, a tablet and the like.
  • the user device 102 comprises an application (not shown in the figure).
  • the application is configured to communicate data from a user (not shown in the figure) to the hardware module 101.
  • the user device 102 is further configured to execute at least one instruction required for interpreting of the code. The execution of the instruction by the user device 102 is performed in coordination with the reader machine 131.
  • the machine ‘master’ 111 is responsible for generation of the pair of keys to be implemented in asymmetric encryption algorithm. Data exchange occurs between ‘master’ 111 and ‘generation’ 121 or ‘reader’ 131 using asymmetric encryption algorithm in which a pair of matching keys is generated: public key and private key.
  • the public key is dispersed widely and the private key is known only to the user.
  • confidential messages can be sent by encrypting a message using recipient’s public key.
  • recipient only the intended recipient is authorised to decrypt the message as the private key is accessible only to that user.
  • two purposes are achieved, namely, authentication and verification. Authentication is achieved since the public key is utilised to confirm that the message has been transmitted by a user having access to the paired private key. Encryption is achieved since only the user having access to the paired private key can decrypt the message encrypted with the public key.
  • the server 103 is configured to communicate data with the hardware module 101.
  • the server 103 is further configured to execute at least one instruction required for generating at least one code and interpreting the code.
  • the execution of the instruction by the server 103 is performed in coordination with the generation machine 121.
  • the communication of data between the master machine 111, the generation machine 121, and the reader machine 131 is accomplished in offline mode, by building connections between different modules without the need for human intervention to set parameters by using handshaking modules.
  • the master machine 111 comprises a handshaking functions module 114
  • the generation machine 121 comprises a handshaking functions module 123
  • the reader machine 131 comprises a handshaking functions module 133, wherein the handshaking modules 114, 123 and 133 are configured for enabling communication of data with the hardware module 101, the server 103, the user device 102, and one or more external modules.
  • the user device 102, the server 103 and the hardware module 101 are configured to communicate through a network (not shown in the figure).
  • the network can be a wired communication network or a wireless communication network. Such wired or wireless communication can be implemented by using standard protocols known in the art.
  • the wired communication can be carried out by any one of the network configurations such as LAN (Local Area Network), WAN (Wide Area Network) etc.
  • the wireless communication can be done through a Mobile Service Provider (MSP) and/or an Internet Service Provider (ISP) with standard protocols such as but not limited to Bluetooth, Wi-Fi, Zigbee, LORA, RF wireless technology, MODBUS, Profibus, Z Bus, Z- Wave, LTE, TCP/IP, HTTP, FTP, UDP, IPV4, IPV6 etc.
  • MSP Mobile Service Provider
  • ISP Internet Service Provider
  • standard protocols such as but not limited to Bluetooth, Wi-Fi, Zigbee, LORA, RF wireless technology, MODBUS, Profibus, Z Bus, Z- Wave, LTE, TCP/IP, HTTP, FTP, UDP, IPV4, IPV6 etc.
  • the topology of the network may be a bus topology, ring topology, star topology, tree topology or a mesh topology.
  • the communication of data between the components of the hardware module 101 is configured to be performed in offline mode.
  • offline mode of communication is achieved through handshaking. Handshaking may be referred to as the action of exchanging standardized signals between the machines.
  • Fig.2 depicts or illustrates the master machine 111 of the system for customized cryptography 100 in accordance with a preferred embodiment of the invention.
  • the master machine 111 comprises a key generating functions module 112, a key storing module 113, a handshaking functions module 114, a package managing module managing module 115, a backup module 116 and a restore module 117.
  • the key generating functions module 112 is configured to generate an asymmetrically encrypted pair of keys comprising a public key and a paired private key.
  • the key storing module 113 is configured to store the generated asymmetrically encrypted pair of keys comprising the public key and the paired private key.
  • the handshaking functions module 114 is configured for enabling communication of data, by building connections between different modules without the need for human intervention to set parameters.
  • the handshaking functions module 114 is configured for enabling communication of data with the hardware module, the server, the user device and one or more external modules.
  • the package managing module 115 is configured to automate installation, upgradation, configuration and removal of at least one software program from the master machine 111 in a consistent manner.
  • the backup module 116 is configured to backup data in the master machine 111 by copying and preserving the data.
  • the stored backup data is used to replace a current data in case of a data loss event.
  • the restore module 117 is configured to replace the current data in the master machine 11 with the stored backup data, in order to revert the master machine 111 to a previous point in time which comes into effect during system recovery from system malfunctions and the like, whenever there’s a requirement.
  • Fig. 3 depicts or illustrates the generation machine 121 of the system for customized cryptography 100 in accordance with a preferred embodiment of the invention.
  • the generation machine 121 comprises a key storing module 122, a handshaking functions module 123, a package import function module 124, a backup module 125, a restore module 126 and a code generation module 127.
  • the key storing module 122 is configured to store the pair of asymmetrically encrypted keys generated in the master machine 111.
  • the handshaking functions module 123 is configured for communication of data within the hardware module 101 in offline mode.
  • the handshaking functions module 123 is configured for enabling communication of data with the hardware module, the server, the user device and one or more external modules.
  • the package import function module 124 is configured to expose a first software package (not shown in the figure) to other APIs (Application Programming Interfaces) such that the methods and functions comprised within a software package can be inherited.
  • the package import function module 124 is configured to communicate a software program with one or more Application Programming Interface (API), wherein the API inherits one or more data and functions of the communicated software program.
  • APIs referred to in the invention may be referred to as a part of a computer program configured to define a set of subroutine definitions, protocols and tools for establishing communication between various software components.
  • the backup module 125 is configured to backup data in the generation machine 121, wherein the backup data is used to restore data in case of a data loss event.
  • the restore module 126 is configured to replace a currently stored data with the one or more backup data in order to revert the generation machine 121 to a previous point in time.
  • the code generation module 127 is configured for generating the code, wherein the generation of the code is carried out in coordination with the server 103.
  • the code generated by the code generation module 127 of the generation machine 121 is one or more of 1D (one-dimensional) barcode, QR (Quick Response) code, OCR (Optical Character Recognition) fonts, and PDF417 (Portable Data File).
  • Fig. 4 depicts or illustrates the reader machine 131 of the system for customized cryptography 100 in accordance with a preferred embodiment of the invention.
  • the reader machine 131 comprises a key storing module 132, a handshaking functions module 133, a package import function module 134, a backup module 135, a restore module 136 and a code reading module 137.
  • the key storing module 132 is configured to store the generated asymmetrically encrypted key.
  • the handshaking functions module 133 is configured for communication of data within the hardware module 101 in offline mode.
  • the handshaking functions module 133 is configured for enabling communication of data with the hardware module, the server, the user device and one or more external modules.
  • the package import function module 134 is configured to expose a software package to other APIs (Application Programming Interfaces) such that the methods and functions comprised within the second software package can be inherited.
  • the package import function module 134 is configured to communicate a software program with one or more Application Programming Interface (API), wherein the API inherits one or more data and functions of the communicated software program.
  • the backup module 135 is configured to store one or more backup data in the reader machine 131, wherein the backup data is used to restore data in case of a data loss event.
  • the restore module 136 is configured to replace a currently stored data with the one or more backup datain order to revert the reader machine 131 to a previous point in time.
  • the code reading module 137 is configured for interpretation of the code, wherein the interpretation of the code comprises a verification process.
  • the code reading module 137 is configured for communicating with the user device for interpreting the code and extracting a message encoded in the code, wherein the communicating is achieved by attaching the hardware module to the user device
  • the verification process comprises matching the public key with the paired private key, wherein the server communicates the public key and the user device 102 communicates the paired private key for verification process. Further, the interpretation of the code is carried out in coordination with the user device 102 and the server 103.
  • a method for customized cryptography by using a hardware module 101 in accordance with an embodiment of the invention comprises the following steps.
  • the method comprises creating one or more keys by a master machine 111.
  • the created keys comprise a pair of asymmetrically encrypted keys.
  • the pair of keys comprises a public key and a paired private key.
  • the public key verifies that a holder of the paired private key sent the message. Further, only the paired private key holder can decrypt the message encrypted with the public key.
  • the method further comprises communicating the public key to a generation machine 121 by the master machine 111 and communicating the paired private key to a user device 102 by the master machine 111.
  • the method further comprises executing instructions, in coordination/collaboration with a server 103, by the generation machine 121 to generate at least one code.
  • the server 103 is configured to communicate with the generation machine 121.
  • the server 103 is further configured to execute one or more instruction required for generating the code.
  • the method further comprises executing instructions, in coordination/collaboration with a server 103, by the generation machine 121 to generate at least one code.
  • the server 103 is configured to communicate with the generation machine 121.
  • the server 103 is further configured to execute one or more instruction required for generating the code.
  • the method further comprises generating at least one code by the generation machine 121.
  • the code comprises an encrypted data (message to be communicated) and the public key.
  • the code may be machine readable representation of data.
  • the method further comprises reading the code, in coordination/collaboration with a user device 102, by a reader machine 131.
  • the user device 102 is configured to communicate with the reader machine 131.
  • the user device 102 is further configured to execute one or more instruction required for reading the code.
  • the method comprises interpreting the code by the reader machine 131.
  • the interpretation of the code comprises a verification process.
  • the verification process comprises matching the public key with the paired private key, wherein the server 103 communicates the public key and the user device 102 communicates input of the paired private key for verification process.
  • the communication of the private message comprises two parts, namely encryption and decryption. Communication of the private message begins with encryption and is subsequently followed by decryption.
  • the encryption part of the communication of the private message from the first user to the second user is carried out as follows.
  • the hardware module 101 is attached to the user’s user device.
  • the master unit 111 of the hardware module 101 creates an asymmetric pair of keys comprising a public key and a paired private key.
  • the public key is communicated to the generation machine 121 and the paired private key is communicated to the user device 102.
  • the public key communicated to the generation machine 121 is stored in the key storing module 122. Further, at the generation machine 121 a code is generated by the code generation module 127.
  • the code comprises the public key and an encrypted data comprising a private message from the first user.
  • the code is generated in coordination with the server 103.
  • the code is a machine readable representation of data and is configured such that only a user holding access to the paired private key can decrypt data.
  • the encryption part of the invention ends with the code being communicated to the reader machine 131 and the server 103 for storage.
  • the decryption part of the communication of the private message from the first user to the second user is carried out as follows.
  • the second user holds access to the paired private key and desires to decrypt the code in order to read the private message from the first user.
  • the second user holding access to the paired private key communicates the paired private key to the reader machine 131.
  • the communication of the paired private key to the reader machine 131 is through usage of an application in the user device 102.
  • the reader machine 131 subsequent to receiving the paired private key from the second user fetches the relevant public key from the server.
  • the public key and the paired private key are communicated to the code reading module 137 by the handshaking functions module 133.
  • the code reading module 137 now carries out a verification process, wherein the verification process comprises matching the public key with the paired private key.
  • the code reading module 137 will decrypt the data (private message from the first user). Thereafter, the decrypted data (private message from the first user) will be communicated to the user device 102, wherein the user can access the private message from the first user through the application of the user device 102.
  • business functions i.e., encryption and decryption of data can be defined and created in a standard development environment in accordance to a specific business requirement. Subsequently, the created business functions can be embedded into the hardware module 101 for secure operations.
  • software package may be referred to as a software collection comprising individual files or resources that are packed together to perform a particular function as part of a parent system.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computing Systems (AREA)
  • Storage Device Security (AREA)

Abstract

A system for customized cryptography (100) comprising a server (103), a user device (102) and a hardware module (101) is described. The hardware module (101) comprises a master machine (111), a generation machine (121) and a reader machine (131). The master machine (111) is configured for creation of a pair of asymmetrically encrypted keys comprising a public key and a paired private key. The generation machine (121) is configured for generating at least one code. The at least one code comprises an encrypted data and the public key. The reader machine (131) is configured for interpretation of the at least one code. The interpretation of the at least one code comprises a verification process. The verification process comprises matching the public key with the paired private key, wherein the server (103) communicates the public key and the user device (102) communicates input of the paired private key for verification process.

Description

Configuration of Hardware Security Modules for Generation and Reading of any Code
The field of invention generally relates to a system and method for customized cryptography. More specifically, the invention discloses a system and method for data encryption and decryption through a hardware device embedded with cryptographic functionality and using asymmetric encryption.
A barcode is an optical representation of data. Barcodes store information in a form that can be processed by a computer, which is machine-readable. A barcode scanner is configured to read, process and interpret a barcode. The data usually includes information about a product or an article on which the barcode is printed. Initially, barcodes were represented as parallel lines of varying width and spacing between them, which may be referred as linear or one dimensional (1D) barcode. Subsequently, rectangles, dots, hexagons, and other geometric patterns in two dimensions were also used and this led to development of two dimensional (2D) barcodes although no bar (line) is used in these codes.
The earliest barcode scanner comprised a fixed light and a single photo sensor and was configured to read a barcode by manually scrubbing a scanner across the barcode. Referring to the prior art, barcodes can be read by any authorised party and hence the information encoded in a barcode can be obtained by using any barcode scanner. This may probably lead to a chance of misuse of important document or data, which in turn gives rise to a security issue of confidentiality of data encoded into the barcode. However, no system or device exists in the prior art that is capable to generate and read any code and can be used universally.
In light of the above discussion, it can be concluded that there is a need for a system which addresses the above mentioned problem by providing a system and method for securing data with a customised cryptographic process and can be universally implemented for codes configured with any font.
Object of Invention
The principle object of the invention is to provide a method and system comprising a hardware module configured to perform customised cryptography.
Another object of the invention is to provide a system configured with a hardware module to generate and read any encrypted code.
Yet another object of the invention is to provide a method for securing data using asymmetric encryption.
Yet another object of the invention is to provide a method for generating an asymmetric key, where the key is used to encrypt a message into a code.
Yet another object of the invention is to provide a method for creation of external functions that are compatible with the hardware module of the system for customised cryptography, wherein the external functions enable the hardware module to be integrated with external applications.
Yet another object of the invention is to provide a method for embedding external functions into the system for customised cryptography, wherein the embedding is performed by means of available Application Programming Interfaces (API) providing extendibility.
The present disclosure provides a system for customized cryptography comprising a server, a user device and a hardware module. The server is configured to communicate data with the hardware module to execute instructions required for generating a code and interpreting the code. The user device comprises an application configured to communicate data from a user to the hardware module. The user device is further configured to execute instructions required for interpreting the code. The hardware module is configured for establishing customized encryption and decryption. The hardware module comprises a master machine, a generation machine and a reader machine. The master machine is configured for creation of one or more keys, wherein the one or more keys are asymmetrically encrypted and comprise a public key and a paired private key. The generation machine is configured for generating the code. The code is a machine-readable representation of data and comprises an encrypted data (message to be communicated) and the public key. The reader machine is configured for interpretation of the at least one code, which comprises a verification process. The verification process comprises matching the public key with the paired private key, wherein the server communicates the public key and the user device communicates input of the paired private key for verification process.
This invention is illustrated in the accompanying drawings, throughout which, like reference letters indicate corresponding parts in the various figures.
The embodiments herein will be better understood from the following description with reference to the drawings, in which:
Fig. 1
depicts/illustrates a system for customized cryptography comprising hardware module and external applications to generate and read any code, in accordance with an embodiment of the invention.
Fig. 2
depicts/illustrates the components and working details of a master machine disposed within the hardware module, which is used in key generation, in accordance with an embodiment of the invention.
Fig. 3
depicts/illustrates the components and working details of a generation machine disposed within the hardware module, which is used for code generation, in accordance with an embodiment of the invention.
Fig. 4
depicts/illustrates the components and working details of a reader machine disposed within the hardware module, which is used for code verification, in accordance with an embodiment of the invention.
The embodiments herein and the various features and advantageous details thereof are explained more fully with reference to the non-limiting embodiments that are illustrated in the accompanying drawings and/or detailed in the following description. Descriptions of well-known components and processing techniques are omitted so as to not unnecessarily obscure the embodiments herein. The examples used herein are intended merely to facilitate an understanding of ways in which the embodiments herein may be practiced and to further enable those of skill in the art to practice the embodiments herein. Accordingly, the examples should not be construed as limiting the scope of the embodiments herein.
The embodiments herein below provide a system for customized cryptography using a hardware module. The system for customized cryptography comprises a server, a user device and the hardware module. The server is configured to communicate data with the hardware module. The server is further configured to execute at least one instruction required for generating at least one code and interpreting the at least one code. The execution of the at least one instruction, in coordination with a generation machine comprised within the hardware module, is performed by the server. The user device of the system for customized cryptography comprises an application. The application is configured to communicate data from a user to the hardware module. The application may also be referred to as a computer program designed to perform necessary tasks in coordination with the hardware module. The user device is further configured to execute at least one instruction required for interpreting of the at least one code. The execution of the at least one instruction, in coordination with a reader machine comprised within the hardware module, is performed by the user device.
The hardware module of the system for customized cryptography is configured for establishing customized encryption and decryption. In the present disclosure, the hardware module may refer to a custom-built hardware device configured to provide dedicated cryptographic functionality. The hardware module may be a plug-in card or an external device, which is attached to the user device.
The hardware module comprises a master machine, the generation machine and the reader machine. The master machine is configured for creation of one or more keys, wherein the one or more keys are asymmetrically encrypted key. The asymmetrically encrypted keys comprise a public key and a paired private key. The generation machine is configured for generating the code. The code comprises the public key and an encrypted data comprising a message to be communicated. The reader machine is configured for interpretation of the code. The interpretation of the code comprises a verification process. The verification process comprises matching the public key with the paired private key, wherein the server communicates the public key and the user device communicates input of the paired private key for verification process. The matching of the public key with the paired private key is carried out in coordination with the user device and the server.
The system and method for customized cryptography using a hardware module disclosed in the present invention comprises an asymmetric key encryption scheme based on asymmetric cryptography. Asymmetric cryptography, also known as public-key cryptography, is a cryptographic system that uses pairs of keys for encryption and decryption. Asymmetric cryptography comprises at least one public key and at least one paired private key. The public key is dispersed widely and the paired private key is known only to the owner (i.e., the person who encrypts the data or is authorised to encrypt the message or data). A message that is confidential or private in nature can be sent by encrypting the message. The encryption can be carried out either by using a recipient’s public key or a sender’s public key and the decryption requires the recipient’s paired private key and sender’s paired private key respectively.
The asymmetric key encryption scheme further comprises two functions, namely authentication and encryption. Authentication is a process in which the public key verifies that a holder of the paired private key, has sent the received message. Encryption is a process in which only the paired private key holder can decrypt the message encrypted with the public key. In the asymmetric key encryption scheme, anyone can encrypt messages using the public key, but only the holder of the paired private key can decrypt the messages. The security of the encrypted data (message to be communicated) or message depends on the secrecy of the paired private key. Usually, an unpredictable, typically large and random number is used to begin generation of an acceptable pair of keys suitable for use by an asymmetric key algorithm.
In the present disclosure, asymmetric encryption may refer to as an encryption scheme wherein an unpredictable number is used to start generation of an admissible pair of keys. The admissible pair of keys are configured such that a data encrypted by a first key among the pair of keys can be decrypted only a second key among the pair of keys. In the present disclosure an asymmetric encryption algorithm is employed for generation of an asymmetric key comprising a public key and a paired private key.
Referring now to the drawings, where similar reference characters denote corresponding features consistently throughout the figures, preferred embodiments are shown.
Fig.1 depicts or illustrates a system for customized cryptography 100 in accordance with an embodiment of the invention. The system for customized cryptography 100 comprises a hardware module 101, a user device 102, and a server 103. The hardware module 101 further comprises a master machine 111, a generation machine 121, and a reader machine 131.
In an embodiment of the invention, the user device 102 may refer to a computing device that is integrated with the hardware module 101 to execute steps necessary for interpretation of at least one code. The server 103 may refer to a processor that is configured to coordinate with the hardware module 101 to execute steps required for generation of at least one code.
In an embodiment, the user device 102 of the system for customized cryptography 100 is one or more of a smartphone, a computer system, a tablet and the like. The user device 102 comprises an application (not shown in the figure). The application is configured to communicate data from a user (not shown in the figure) to the hardware module 101. The user device 102 is further configured to execute at least one instruction required for interpreting of the code. The execution of the instruction by the user device 102 is performed in coordination with the reader machine 131.
The machine ‘master’ 111 is responsible for generation of the pair of keys to be implemented in asymmetric encryption algorithm. Data exchange occurs between ‘master’ 111 and ‘generation’ 121 or ‘reader’ 131 using asymmetric encryption algorithm in which a pair of matching keys is generated: public key and private key.
Further, the public key is dispersed widely and the private key is known only to the user. Thus, confidential messages can be sent by encrypting a message using recipient’s public key. Thus, only the intended recipient is authorised to decrypt the message as the private key is accessible only to that user. With this algorithm, two purposes are achieved, namely, authentication and verification. Authentication is achieved since the public key is utilised to confirm that the message has been transmitted by a user having access to the paired private key. Encryption is achieved since only the user having access to the paired private key can decrypt the message encrypted with the public key.
In an embodiment, the server 103 is configured to communicate data with the hardware module 101. The server 103 is further configured to execute at least one instruction required for generating at least one code and interpreting the code. The execution of the instruction by the server 103 is performed in coordination with the generation machine 121.
The communication of data between the master machine 111, the generation machine 121, and the reader machine 131 is accomplished in offline mode, by building connections between different modules without the need for human intervention to set parameters by using handshaking modules. Subsequently, the master machine 111 comprises a handshaking functions module 114, the generation machine 121 comprises a handshaking functions module 123, and the reader machine 131 comprises a handshaking functions module 133, wherein the handshaking modules 114, 123 and 133 are configured for enabling communication of data with the hardware module 101, the server 103, the user device 102, and one or more external modules.
The user device 102, the server 103 and the hardware module 101 are configured to communicate through a network (not shown in the figure). The network can be a wired communication network or a wireless communication network. Such wired or wireless communication can be implemented by using standard protocols known in the art. The wired communication can be carried out by any one of the network configurations such as LAN (Local Area Network), WAN (Wide Area Network) etc. The wireless communication can be done through a Mobile Service Provider (MSP) and/or an Internet Service Provider (ISP) with standard protocols such as but not limited to Bluetooth, Wi-Fi, Zigbee, LORA, RF wireless technology, MODBUS, Profibus, Z Bus, Z- Wave, LTE, TCP/IP, HTTP, FTP, UDP, IPV4, IPV6 etc. The topology of the network may be a bus topology, ring topology, star topology, tree topology or a mesh topology.
In an embodiment, the communication of data between the components of the hardware module 101 is configured to be performed in offline mode. In the present disclosure, offline mode of communication is achieved through handshaking. Handshaking may be referred to as the action of exchanging standardized signals between the machines.
Fig.2 depicts or illustrates the master machine 111 of the system for customized cryptography 100 in accordance with a preferred embodiment of the invention. The master machine 111 comprises a key generating functions module 112, a key storing module 113, a handshaking functions module 114, a package managing module managing module 115, a backup module 116 and a restore module 117. The key generating functions module 112 is configured to generate an asymmetrically encrypted pair of keys comprising a public key and a paired private key. The key storing module 113 is configured to store the generated asymmetrically encrypted pair of keys comprising the public key and the paired private key. The handshaking functions module 114 is configured for enabling communication of data, by building connections between different modules without the need for human intervention to set parameters. The handshaking functions module 114 is configured for enabling communication of data with the hardware module, the server, the user device and one or more external modules.
The package managing module 115 is configured to automate installation, upgradation, configuration and removal of at least one software program from the master machine 111 in a consistent manner. The backup module 116 is configured to backup data in the master machine 111 by copying and preserving the data. The stored backup data is used to replace a current data in case of a data loss event. The restore module 117 is configured to replace the current data in the master machine 11 with the stored backup data, in order to revert the master machine 111 to a previous point in time which comes into effect during system recovery from system malfunctions and the like, whenever there’s a requirement.
Fig. 3 depicts or illustrates the generation machine 121 of the system for customized cryptography 100 in accordance with a preferred embodiment of the invention. The generation machine 121 comprises a key storing module 122, a handshaking functions module 123, a package import function module 124, a backup module 125, a restore module 126 and a code generation module 127. The key storing module 122 is configured to store the pair of asymmetrically encrypted keys generated in the master machine 111. The handshaking functions module 123 is configured for communication of data within the hardware module 101 in offline mode. The handshaking functions module 123 is configured for enabling communication of data with the hardware module, the server, the user device and one or more external modules. The package import function module 124 is configured to expose a first software package (not shown in the figure) to other APIs (Application Programming Interfaces) such that the methods and functions comprised within a software package can be inherited. In particular, the package import function module 124 is configured to communicate a software program with one or more Application Programming Interface (API), wherein the API inherits one or more data and functions of the communicated software program. The APIs referred to in the invention may be referred to as a part of a computer program configured to define a set of subroutine definitions, protocols and tools for establishing communication between various software components. The backup module 125 is configured to backup data in the generation machine 121, wherein the backup data is used to restore data in case of a data loss event. The restore module 126 is configured to replace a currently stored data with the one or more backup data in order to revert the generation machine 121 to a previous point in time. And, the code generation module 127 is configured for generating the code, wherein the generation of the code is carried out in coordination with the server 103.
The code generated by the code generation module 127 of the generation machine 121 is one or more of 1D (one-dimensional) barcode, QR (Quick Response) code, OCR (Optical Character Recognition) fonts, and PDF417 (Portable Data File).
Fig. 4 depicts or illustrates the reader machine 131 of the system for customized cryptography 100 in accordance with a preferred embodiment of the invention. The reader machine 131 comprises a key storing module 132, a handshaking functions module 133, a package import function module 134, a backup module 135, a restore module 136 and a code reading module 137. The key storing module 132 is configured to store the generated asymmetrically encrypted key. The handshaking functions module 133 is configured for communication of data within the hardware module 101 in offline mode. The handshaking functions module 133 is configured for enabling communication of data with the hardware module, the server, the user device and one or more external modules. The package import function module 134 is configured to expose a software package to other APIs (Application Programming Interfaces) such that the methods and functions comprised within the second software package can be inherited. The package import function module 134 is configured to communicate a software program with one or more Application Programming Interface (API), wherein the API inherits one or more data and functions of the communicated software program. The backup module 135 is configured to store one or more backup data in the reader machine 131, wherein the backup data is used to restore data in case of a data loss event. The restore module 136 is configured to replace a currently stored data with the one or more backup datain order to revert the reader machine 131 to a previous point in time. The code reading module 137 is configured for interpretation of the code, wherein the interpretation of the code comprises a verification process. The code reading module 137 is configured for communicating with the user device for interpreting the code and extracting a message encoded in the code, wherein the communicating is achieved by attaching the hardware module to the user device The verification process comprises matching the public key with the paired private key, wherein the server communicates the public key and the user device 102 communicates the paired private key for verification process. Further, the interpretation of the code is carried out in coordination with the user device 102 and the server 103.
A method for customized cryptography by using a hardware module 101 in accordance with an embodiment of the invention comprises the following steps. At first, the method comprises creating one or more keys by a master machine 111. The created keys comprise a pair of asymmetrically encrypted keys. The pair of keys comprises a public key and a paired private key. The public key verifies that a holder of the paired private key sent the message. Further, only the paired private key holder can decrypt the message encrypted with the public key. The method further comprises communicating the public key to a generation machine 121 by the master machine 111 and communicating the paired private key to a user device 102 by the master machine 111. The method further comprises executing instructions, in coordination/collaboration with a server 103, by the generation machine 121 to generate at least one code. The server 103 is configured to communicate with the generation machine 121. The server 103 is further configured to execute one or more instruction required for generating the code. The method further comprises executing instructions, in coordination/collaboration with a server 103, by the generation machine 121 to generate at least one code. The server 103 is configured to communicate with the generation machine 121. The server 103 is further configured to execute one or more instruction required for generating the code. The method further comprises generating at least one code by the generation machine 121. The code comprises an encrypted data (message to be communicated) and the public key. The code may be machine readable representation of data. The method further comprises reading the code, in coordination/collaboration with a user device 102, by a reader machine 131. The user device 102 is configured to communicate with the reader machine 131. The user device 102 is further configured to execute one or more instruction required for reading the code. Furthermore, the method comprises interpreting the code by the reader machine 131. The interpretation of the code comprises a verification process. The verification process comprises matching the public key with the paired private key, wherein the server 103 communicates the public key and the user device 102 communicates input of the paired private key for verification process.
To demonstrate one of the many applications of a preferred embodiment of the invention, let us consider a scenario wherein a first user wants to communicate aprivate message to a second user. The communication of the private message comprises two parts, namely encryption and decryption. Communication of the private message begins with encryption and is subsequently followed by decryption. Referring to Fig.1, the encryption part of the communication of the private message from the first user to the second user is carried out as follows. The hardware module 101 is attached to the user’s user device. The master unit 111 of the hardware module 101 creates an asymmetric pair of keys comprising a public key and a paired private key. The public key is communicated to the generation machine 121 and the paired private key is communicated to the user device 102. The public key communicated to the generation machine 121 is stored in the key storing module 122. Further, at the generation machine 121 a code is generated by the code generation module 127. The code comprises the public key and an encrypted data comprising a private message from the first user. The code is generated in coordination with the server 103. The code is a machine readable representation of data and is configured such that only a user holding access to the paired private key can decrypt data. The encryption part of the invention ends with the code being communicated to the reader machine 131 and the server 103 for storage. The decryption part of the communication of the private message from the first user to the second user is carried out as follows. Let us assume that the second user holds access to the paired private key and desires to decrypt the code in order to read the private message from the first user. The second user holding access to the paired private key communicates the paired private key to the reader machine 131. The communication of the paired private key to the reader machine 131 is through usage of an application in the user device 102. The reader machine 131 subsequent to receiving the paired private key from the second user fetches the relevant public key from the server. Further, the public key and the paired private key are communicated to the code reading module 137 by the handshaking functions module 133. The code reading module 137 now carries out a verification process, wherein the verification process comprises matching the public key with the paired private key. If the verification process is successful i.e., the public key matches with the paired private key, the code reading module 137 will decrypt the data (private message from the first user). Thereafter, the decrypted data (private message from the first user) will be communicated to the user device 102, wherein the user can access the private message from the first user through the application of the user device 102.
In another embodiment of the invention, business functions i.e., encryption and decryption of data can be defined and created in a standard development environment in accordance to a specific business requirement. Subsequently, the created business functions can be embedded into the hardware module 101 for secure operations.
In yet another embodiment of the invention, software package may be referred to as a software collection comprising individual files or resources that are packed together to perform a particular function as part of a parent system.
The foregoing description of the specific embodiments will so fully reveal the general nature of the embodiments herein that others can, by applying current knowledge, readily modify and/or adapt for various applications such specific embodiments without departing from the generic concept, and, therefore, such adaptations and modifications should and are intended to be comprehended within the meaning and range of equivalents of the disclosed embodiments. It is to be understood that the phraseology or terminology employed herein is for the purpose of description and not of limitation. Therefore, while the embodiments herein have been described in terms of preferred embodiments, those skilled in the art will recognize that the embodiments herein can be practiced with modification within the spirit and scope of the embodiments as described herein.

Claims (12)

  1. A system for customized cryptography using a hardware module, wherein the system comprises:
    a server configured to communicate data with the hardware module, wherein the server is configured to generate at least one code and interpret the at least one code;
    a user device comprising an application, wherein the application is configured to communicate data from the user device to the hardware module, and wherein the user device is configured to interpret the at least one code; and
    the hardware module configured for establishing customized encryption and decryption, wherein the hardware module comprises:
    a master machine configured for creation of one or more keys;
    a generation machine configured for generating the at least one code; and
    a reader machine configured for interpretation of the at least one code.
  2. The system of claim 1, wherein the one or more keys are asymmetrically encrypted, wherein the one or more keys comprise a public key and a paired private key, wherein the at least one code comprises an encrypted data and the public key, wherein the at least one code comprising the encrypted data and the public key is decrypted by matching the public key with the paired private wherein key, wherein the interpretation of the at least one code comprises a verification process, wherein the verification process comprises matching the public key with the paired private key, and wherein the server communicates the public key and the user device communicates the paired private key for the verification process.
  3. The system of claim 1, wherein the at least one code is one or more of a one-dimensional (1D) barcode, Quick Response (QR) code, Optical Character Recognition (OCR) fonts, and PDF417 (Portable Data File).
  4. The system of claim 2, wherein the public key is configured to enable a holder of the paired private key to encrypt data, and wherein the paired private key is configured to enable the holder of the paired private key to decrypt data.
  5. The system of claim 2, wherein the master machine comprises:
    a key generating functions module, wherein the key generating functions module is configured to generate the asymmetrically encrypted key comprising the public key and the paired private key;
    a key storing module configured to store the generated asymmetrically encrypted key;
    a handshaking functions module configured for enabling communication of data from the master machine with the hardware module, the server, the user device and one or more external modules;
    a package import functions module configured to communicate a software program with one or more Application Programming Interface (API), wherein the API inherits one or more data and functions of the communicated software program;
    a backup module configured to store one or more backup data, wherein the backup data is restored in case of a data loss event; and
    a restore module configured to replace a currently stored data with the one or more backup data.
  6. The system of claim 1, wherein the generation machine comprises:
    a key storing module configured to store one or more generated asymmetrically encrypted keys;
    a handshaking functions module configured for enabling communication of data from the generation machine with the hardware module, the server, the user device and one or more external modules;
    a package import function module configured to communicate a software program with one or more Application Programming Interface (API), wherein the API inherits one or more data and functions of the communicated software program;
    a backup module configured to store one or more backup data, wherein the backup data is restored in case of a data loss event; and
    a restore module configured to replace a currently stored data with the one or more backup data; and
    a code generation module configured for generating the at least one code, wherein the generation of the at least one code is carried out in coordination with the server.
  7. The system of claim 2, wherein the reader machine comprises:
    a key storing module configured to store one or more generated asymmetrically encrypted keys;
    a handshaking functions module configured for enabling communication of data from the master machine with the hardware module, the server, the user device and one or more external modules;
    a package import functions module configured to communicate a software program with one or more Application Programming Interface (API), wherein the API inherits one or more data and functions of the communicated software program;
    a backup module configured to store one or more backup data in the reader machine, wherein the backup data is used to restore data in case of a data loss event;
    a restore module configured to replace a currently stored data with the one or more backup data; and
    a code reading module configured for communicating with the user device for interpreting the code and extracting a message encoded in the code, wherein the communicating is achieved by attaching the hardware module to the user device.
  8. A method for customized cryptography by using a hardware module, wherein the method comprises:
    creating one or more keys by a master machine, wherein the one or more keys are asymmetrically encrypted, wherein the one or more keys comprises a public key and a paired private key;
    communicating the paired private key to a user device by the master machine;
    generating at least one code by a generation machine, wherein the at least one code comprises an encrypted data and the public key;
    reading the at least one code by a reader machine, wherein the user device is configured to execute one or more instructions required for reading the at least one code; and
    interpreting the at least one code by the reader machine, wherein interpretation of the at least one code comprises a verification process, wherein the verification process comprises matching the public key with the paired private key, and wherein the server communicates the public key and the user device communicates the paired private key for the verification process.
  9. The method of claim 8, wherein the master machine comprises:
    a key generating functions module, wherein the key generating functions module is configured to generate the asymmetrically encrypted key comprising the public key and the paired private key;
    a key storing module configured to store the generated asymmetrically encrypted key;
    a handshaking functions module configured for enabling communication of data from the master machine with the hardware module, the server, the user device and one or more external modules;
    a package import functions module configured to communicate a software program with one or more Application Programming Interface (API), wherein the API inherits one or more data and functions of the communicated software program;
    a backup module configured to store one or more backup data, wherein the backup data is restored in case of a data loss event; and
    a restore module configured to replace a currently stored data with the one or more backup data.
  10. The method of claim 8, wherein the generation machine comprises:
    a key storing module configured to store one or more generated asymmetrically encrypted keys;
    a handshaking functions module configured for enabling communication of data from the generation machine with the hardware module, the server, the user device and one or more external modules;
    a package import function module configured to communicate a software program with one or more Application Programming Interface (API), wherein the API inherits one or more data and functions of the communicated software program;
    a backup module configured to store one or more backup data, wherein the backup data is restored in case of a data loss event; and
    a restore module configured to replace a currently stored data with the one or more backup data; and
    a code generation module configured for generating the at least one code, wherein the generation of the at least one code is carried out in coordination with the server.
  11. The method of claim 8, wherein the reader machine comprises:
    a key storing module configured to store one or more generated asymmetrically encrypted keys;
    a handshaking functions module configured for enabling communication of data from the master machine with the hardware module, the server, the user device and one or more external modules;
    a package import functions module configured to communicate a software program with one or more Application Programming Interface (API), wherein the API inherits one or more data and functions of the communicated software program;
    a backup module configured to backup data in the reader machine, wherein the backup data is used to restore data in case of a data loss event;
    a restore module configured to replace a currently stored data with the one or more backup data; and
    a code reading module configured for communicating with the user device for interpreting the code and extracting a message encoded in the code, wherein the communicating is achieved by attaching the hardware module to the user device.
  12. The system of claim 8, wherein the at least one code is one or more of a one-dimensional (1D) barcode, Quick Response (QR) code, Optical Character Recognition (OCR) fonts, and PDF417 (Portable Data File).
PCT/IN2018/050844 2017-12-16 2018-12-15 Configuration of hardware security modules for generation and reading of any code WO2019116398A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
IN201721045282 2017-12-16
IN201721045282 2017-12-16

Publications (1)

Publication Number Publication Date
WO2019116398A1 true WO2019116398A1 (en) 2019-06-20

Family

ID=66820832

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IN2018/050844 WO2019116398A1 (en) 2017-12-16 2018-12-15 Configuration of hardware security modules for generation and reading of any code

Country Status (1)

Country Link
WO (1) WO2019116398A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113242121A (en) * 2021-04-15 2021-08-10 哈尔滨工业大学 Safety communication method based on combined encryption
CN113347625A (en) * 2021-06-04 2021-09-03 广州瀚信通信科技股份有限公司 Data transmission method and system for smart campus construction based on 5G edge calculation

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP5342649B2 (en) * 2008-11-24 2013-11-13 サーティコム コーポレーション System and method for hardware-based security
US8769784B2 (en) * 2009-11-02 2014-07-08 Authentify, Inc. Secure and efficient authentication using plug-in hardware compatible with desktops, laptops and/or smart mobile communication devices such as iPhones
AU2013243768A1 (en) * 2012-04-01 2014-09-11 Payfone, Inc. Secure authentication in a multi-party system

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP5342649B2 (en) * 2008-11-24 2013-11-13 サーティコム コーポレーション System and method for hardware-based security
US8769784B2 (en) * 2009-11-02 2014-07-08 Authentify, Inc. Secure and efficient authentication using plug-in hardware compatible with desktops, laptops and/or smart mobile communication devices such as iPhones
AU2013243768A1 (en) * 2012-04-01 2014-09-11 Payfone, Inc. Secure authentication in a multi-party system

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113242121A (en) * 2021-04-15 2021-08-10 哈尔滨工业大学 Safety communication method based on combined encryption
CN113347625A (en) * 2021-06-04 2021-09-03 广州瀚信通信科技股份有限公司 Data transmission method and system for smart campus construction based on 5G edge calculation

Similar Documents

Publication Publication Date Title
US10972908B2 (en) Wireless network connection method, apparatus, and system
CN105007155B (en) Quick Response Code mask encryption and decryption approaches and system
US11210658B2 (en) Constructing a distributed ledger transaction on a cold hardware wallet
US10643204B2 (en) Cryptography method and system for securing data via electronic transmission
CN110100422A (en) Data writing method and device based on block chain intelligent contract and storage medium
CN101425894A (en) Service implementing system and method
US20140289129A1 (en) Method for secure contactless communication of a smart card and a point of sale terminal
EP2937806A1 (en) Method and system for securing electronic data exchange between an industrial programmable device and a portable programmable device
CN111131282B (en) Request encryption method and device, electronic equipment and storage medium
CA3178180A1 (en) Constructing a distributed ledger transaction on a cold hardware wallet
CN102833244A (en) Communication method for authentication by fingerprint information
CN103020682A (en) Two-dimension code identification generating device, two-dimension code identification recognition device and two-dimension code identification system of book
WO2019116398A1 (en) Configuration of hardware security modules for generation and reading of any code
US11177959B2 (en) Cryptography method and system for securing data via electronic transmission
KR100968494B1 (en) Tag security processing method using One Time Password
KR102414910B1 (en) Apparatus and method for securing document information
EP2910042B1 (en) Secure information transfer via bar codes
WO2019019153A1 (en) Scheme for generating, storing and using private key
CA3020734A1 (en) Systems and methods for virtualization in distributed computing environment including a mobile monitor
CN110266641A (en) Information-reading method and device
JP6149749B2 (en) Information processing apparatus, information processing system, and program
CN105678542B (en) payment service interaction method, payment terminal and payment cloud terminal
CN103997730A (en) Method for decrypting, copying and pasting encrypted data
KR102432106B1 (en) Method for transmitting and receiving information using 2d barcode
CN110505203B (en) Message data processing method, device and storage medium

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 18888240

Country of ref document: EP

Kind code of ref document: A1

DPE1 Request for preliminary examination filed after expiration of 19th month from priority date (pct application filed from 20040101)
NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 18888240

Country of ref document: EP

Kind code of ref document: A1