Digital networks, such as Ethernet networks or the Internet, are more and more used as channels for multiple type of messages, either pure data, fax or voice, video in order to provide various services.
Typically, computers, faxes, printers communicate through packet switching devices and routers by using the IP protocol for routing data packets. Today, even special phones (knows as ‘IP Phones’) are capable of digitizing voice and communicate with other such phones or computers, through LANs or WANs.
However, even if data is encrypted by an algorithm running on the platform, that platform is generally accessed with a password. As this password is typed manually on a keyboard, access to the device is granted to anyone knowing the password. This seriously threatens people or companies wanting to restrict the access to their equipment or the information stored on that equipment to authorized people only.
The news constantly report hackers intruding or destroying companies and government databases. One of their method is simply by using the right password, obtained in various ways (guessing, spying, Trojan horses . . . ).
On the other side, there are on the market various types of electronic cards, such as smart cards, containing memory capable of storing personal data and processors (credit cards). These processors are capable of encrypting data using a secret key stored on the card memory before sending the encrypted data out of the card. By using algorithms based on public or secret keys, such as DES, the data can be decoded without having to know the key used for encryption. As the cards are physical devices and they all contain different keys, it is no longer possible to impersonate someone by generating the same string of data as he would. Bank terminals use this system to protect money transactions. Such electronic cards are also very safe because their memory cannot be directly accessed from the outside, some part being even totally inaccessible. Therefore, they are safe from viruses for instance.
Thus, it is very desirable to use this technology to grant access to sensitive devices, information or services. Smart card readers linked to a PC by a serial line are used today in that purpose.
As electronics system invade every aspect of our lives, such as web-enabled refrigerators, there is a need for securing all transactions or communications made with embedded systems, especially the ones connected to easily accessible networks such as a corporate computer network or the internet.
The IP phone, in particular, has all the ingredients to become a secure and universal service-providing and communication platform because it is, by definition, linked to a computer network, and also because it is stand alone, reliable, and, in a near future, cheap, therefore potentially ubiquitous. Its stand alone and reliable nature is a standard requirement in telephony; it must work without a PC, and cannot be based on standard unstable operating systems usually found in offices.
However, as the IP phone usually has no alphanumeric keyboard (for cost and aesthetic reasons), other means must be found to assign it with a private encryption key. And, as it is connected to other devices through a digital network such as Ethernet, any frame sent or received by it can be easily monitored from any machine on the network. As a result, extreme precautions must be taken to practically implement user authentication on the platform and to secure all transactions involving the device.
An electronic card, such as a smart card, can be used to restrict access to the device to authorized people, encrypt, or participate in the encryption of, data flowing in and out of the device, and also store all personal data of the user (public key, certificates, passwords, phone numbers, URLs, health information, fiscal information . . . ). It can be used as a universal and unique mean for using all electronic devices and services.
Patent WO 00/33522 describes the architecture of a network telephony system which is basically an IP phone. It is mainly focused on describing such architecture which even contains an encryption module. However, it is not suitable to implement an open architecture security in network transactions and communications, and does not use a card reader.
Patent FR 2783383 describes a phone with a smart card reader. However, it is described as a ‘public’ phone, and the reader is for reading prepaid cards. Its architecture renders it unable to connect directly to a high speed network such as Ethernet, and it does not offer secure communications, secure key distribution and it is not an open and secure communication platform that corporations can build applications upon.
Patent EP 0989529A1 (FR 9811745) describes a system using a smart card in order to read sets of parameter enabling the device to access applications on a remote server, without the user having to memorize access codes, URLs . . . It is not related to security or digital telephony, but rather on ease of use.
Patent WO 00/10139 describes a sophisticated smart card capable of running on board applications. It uses a standard general purpose terminal to interface to the network, but the card requires specific software. It does mention the possibility of encryption by the card engine, but that requires that all sensitive data flow through the card engine, even before they reach terminal layer 3 protocols (such as IP).
Patent WO 00/04476 describes a system capable of connecting to the Internet for doing e-commerce, e-business and voice communications. The system can be a phone and use any type of card for authenticating the user, but this is where security ends. It does not relate to securing transactions and communications.