1. Field of the Invention
The present invention relates to a method for identifying subscribers and for generating and verifying electronic signatures in a data exchange system working with processor chip cards, using identification data coded in a center with respective subscriber-related known ciphers and stored in the respective chip card and with secret ciphers having a logical relationship to the known ciphers, whereby random number-dependent check data are mutually exchanged between the subscribers.
2. Description of the Prior Art
Important prerequisites for data security in modern communication systems are:
(a) the mutual identification of the communicating partners participating in the system;
(b) the authentication of the transmitted and stored data;
(c) the coding of the transmitted and stored data; and
(d) checking the authorship of the transmitted data.
As is known, a high degree of data security can only be achieved by utilizing cryptographic methods that enable an identification and authenticity check of messages, subscribers and equipment beyond all doubt. What is generally understood by cryptography is a coding of the data for secrecy purposes. In addition to this doubtlessly-important crypto function, however, other functions, particularly checking the authenticity and authorship or generating electronic signatures are gaining increasing significance.
Symmetrical or asymmetrical coding algorithms can be employed for realizing cryptographic functions. Given a symmetrical algorithm, for example the DES algorithm (data incryption standard), identical keys are employed for coding and decoding. Symmetrical cryptosystems are particularly suitable when larger data sets have to be transmitted at a high rate. By contrast, disadvantages derive due to a relatively difficult cryptomanagement because the transmitter and the receiver must have the same key and a reliable channel is required for the transmission of the key respectively employed.
In asymmetrical cryptosystems, different ciphers are employed for coding and decoding, such that, for example, the key for coding is known and the key for decoding is secret. The latter is only known to the receiver. On asymmetrical cryptosystems, for example, the RSA algorithm named after the inventors Rivest Shamir and Adlemann that requires a comparatively high technological outlay and correspondingly long run times dependent on the length of the cipher employed but that satisfies high security requirements on the basis of the special cryptosystem. The asymmetrical cryptosystem is ideally suited for assigning a message to be transmitted. The message to be signed is thereby coded with the secret key of the signee and can be decoded by anyone that knows the public key. This "electronic signature" not only contains the personal feature (possession of private or secret key of the signee but also involves the signed text, with the consequence that the receiver recognizes any change in the text. Message and signature are therefore invariably linked via the key algorithm.
The utilization of modern cryptographic equipment is intimately connected to the introduction as what are referred to as multi-functional processor chip cards. The processor chip card not only enables versatile applications but is also employed for accepting the necessary security components (secret key and cryptoalgorithm) in order to guarantee an identification of the user and a reliable authentication of the card and of the message exchanged.
Presently known algorithms for electronic signatures, particularly the RSA algorithm (in this connection see U.S. Pat. No. 4,405,829), fully incorporated herein by this reference or the algorithm developed by A. Fiat and A. Shamir (European patent application Ser. No. 0,252,499) require either a high memory outlay or, insofar as they can be accommodated at all in the chip because of extensive and complicated arithmetic operations, particularly, multiplications, require a great deal of time, so that they are only conditionally suitable for utilization in chip cards.