The parallel development of telecommunications and of computers over the last 25 years has allowed an awesome increase in data throughput and data analysis. Much of the business information that was once hand delivered by a known and trusted intermediary is now delivered electronically. For example, the Internal Revenue Service now encourages electronic filing of tax returns and related information and provides facilities for no-cost data transmission in some instances. Financial transactions, such as funds transfer and payment of invoices, are now routinely handled by electronic messaging. Electronic offices, both mobile and stationary, are now commonplace, along with cellular telephones, mobile facsimile machines and other accoutrements of this new age.
Unfortunately, this rise in computer power and data transmission power has brought an increase in the possibility of electronic mischief, unintentional and intentional, benign and injurious. A transmitter of an encrypted message is usually concerned with (1) delivery of the message only to its intended recipient(s) and (2) encryption of the message so that a message received by an unintended recipient cannot be decrypted to become privy to the intelligence contained in the message. However, the recipient of this message has somewhat different concerns, including a means of verifying that the message received was, in fact, transmitted by the putative sender. The message transmitter is concerned with secrecy and selectivity of the message recipients. The intended recipient is concerned with receiving and taking appropriate action only on messages for which the putative message source is the true or authentic source. If the putative source is not the actual source, the message may contain selective disinformation, intended to mislead the recipient or to cause the recipient to take action that the recipient would not otherwise take. For example, the Time magazine issue for Jun. 26, 1995, on page 65, reports some of the problems faced by Internet participants who are receiving fake e-mail messages, transmitted by someone other than the asserted sender of such messages.
Opto-electronic technology now allows a user to form an image using a digital camera, defined here to mean a visually perceptible image that is digitally expressed as an assembly of picture elements or pixels. Once an image is formed by opto-electronic means, the user may wish to include certain accompanying information indicating the circumstances under which the image was formed. If the image is to be used for some legal or related purpose, the user may wish to insure that the image or the accompanying information not be tampered with or corrupted.
Relatively few workers in electronic communications have seriously considered approaches for authenticating the putative source of information in the form of text or an image that is delivered electronically or by some means other than a trusted intermediary. Encryption using destination addresses using a TDMA satellite communications system is disclosed in U.S. Pat. No. 4,418,415, issued to Fennel et al. A common encryption/decryption key is held by all authorized users of a network. This key is EXclusively ORed with the specified destination address, and the output (digital) signal is passed through an encryption engine, on the satellite and at the intended ground-based receiver, using the same key or another key. The encryption engine output signal is then combined with the channel data to be transmitted in another EXclusive OR circuit and transmitted to the network users. Each of the receivers receives the message and reverses the encryption process, using its own destination address as part of the decryption key. However, only the (single) intended receiver produces a cleartext message that is comprehensible.
Hanas et al, in U.S. Pat. No. 4,709,266, disclose use of a satellite scrambling network to provide messages that are scrambled or encrypted differently for different geographical regions. This is useful for distributing scrambled video, voice and data subscriber messages. A master uplink message (ground-to-satellite) is used to control the scrambling or encryption commands that determine the scrambling applied to each geographical area and/or to groups of individual subscribers.
In U.S. Pat. No. 4,860,352, Laurance et al disclose a satellite communication system that provides authentication of a data transmission based upon the location of the data transmitter, as determined by the satellite communication system itself. The message sender transmits a message and the sender's location to a satellite, which retransmits the message and sender location to a ground-based receiver that compares the sender's stated location with the known location for the putative source of the message. Optionally, the message and/or the sender location are encrypted. If the two sets of transmitter location information agree, the message and its source are accepted as valid or authenticated. If the the two sets of such information do not agree, the receiver discards the remainder of this message as originating from an invalid sender. The message originator may be stationary or mobile. In one embodiment, a mobile message originator sends its present location and its location at the time the preceding message was sent, in encrypted text. A receiver receives the preceding location information and compares this with the known preceding location to verify or refute the preceding location of the putative source. In a second embodiment, three spaced apart satellites receive the same message and, based upon differences in time of receipt, determine the present location of the message originator. The message and this present location information are transmitted to a ground-based receiver, which compares the originator's present location with the known preceding location of the message originator, to verify or refute (within certain geographical limits) that the message originator is the putative source of the message. Some of the embodiments appear to require foreknowledge of the location, as a function of time, of the authentic message originator.
The inventors in the Laurance et al patent distinguish between (1) an "active attack," whereby an unauthorized person or the (faulty) transmission channel itself receives and alters the message and subsequently causes the message to be delivered to the recipient, and (2) a "passive attack," whereby an unauthorized person receives but does not alter the message that is delivered to the recipient. A third type of attack may be characterized as origination of a fraudulent message by a non-legitimate source, where the putative message source is not the actual message source. Active and passive attacks have traditionally been combated by message encryption. Once the encryption method is broken and available for use by an unauthorized person, that encryption scheme is less than useless. Successfully combating an active attack and/or fraudulent origination requires more than message encryption: the message source must be authenticated and/or the received message must be verified as unaltered after its transmission by the putative source.
Horne, in U.S. Pat. No. 4,887,296, discloses a three-key cryptographic system for a direct broadcast satellite system, to be used in video broadcasting to a plurality of ground-based receivers, each having a unique address number. A signature key, which is an encryption using the address number for that receiver, is stored in the receiver at the time of manufacturing. At the transmitter, a common key is encrypted, using the unique signature key for a receiver that is targeted for a portion of the message to be transmitted. The data stream contains message portions intended for all receivers and message portions intended for, and decryptable only by, individual receivers. A target receiver decrypts its messages, using the common key and signature key used by the transmitter to encrypt the receiver's portions of the message.
U.S. Pat. No. 4,916,737, issued to Chomet et al, discloses an anti-piracy television program scrambling/descrambling system that allows the encryption/decryption code to be changed periodically (e.g., once per month) by communication from the head end or central station. The receiver's decryption unit has an unalterable ROM portion, containing its unique serial or address number, and an EPROM portion, containing an alterable ROM portion with a look-up table that can be changed by receipt of special signals from the head end.
U.S. Pat. No. 4,993,067, issued to Leopold, discloses a secure satellite-ground communication system that provides over-the-air encryption rekeying. A message transmitted from a proper ground station to the satellite must contain the ground station location. If the location of the ground station is not included in the message, or if this location is included but is not on an approved list maintained by the satellite, the received message is discarded. If the ground station location is acceptable, the satellite accepts the message and rekeys itself according to the rekeying information contained in the remainder of the message. This approach appears to require that the ground stations on the approved list be stationary.
Signal encryption apparatus that uses a common data key component and a specialized data key component, for a plurality of communicating sites, is disclosed in U.S. Pat. No. 5,115,467, issued to Esserman et al. The specialized data include distinct parameter values that are associated with only one communicating site. The encryption generating key depends upon the common data key component and upon the specialized data key component so that the encryption key used for each site may be distinguishable. The invention is useful in receipt and processing of television signals generated at a plurality of fixed sites.
Graziano et al, in U.S. Pat. No. 5,191,613, disclose a knowledge-based system for the electronic equivalent of signature authentication of a document, such as an agreement, transmitted from a sender to a recipient. The document, in electronic form, is temporarily locked into a computer memory so that no modifications can be made to the document or its format. Each of the document signatories then applies its own tests and comparisons to verify electronically that the document is authentic and unaltered. After this authentication process, each signatory affixes its electronically-based signature to the document to activate the terms of the agreement.
In U.S. Pat. No. 5,221,925, Cross discloses a location interrogation system in which a mobile unit, upon receipt of an interrogation signal, transmits its present location in a conventionally encoded format to a central station that has issued the interrogation signal, to assist in tracking the mobile unit.
A verification procedure for mobile stations in a cellular network is disclosed by Raith in U.S. Pat. No. 5,237,612. In response to receipt of a random challenge signal or interrogation, the mobile station transmits to the central station a first response signal, depending only upon an unchanging, commonly-held encryption key, and a second response signal, dependent upon a changeable encryption key. The first and second response signals are analyzed by an authentication algorithm to authenticate, or deny authentication to, the putative mobile station.
U.S. Pat. No. 5,243,652, issued to Teare et al, discloses a communication system for control of access to a location-sensitive remote database. A central station stores and transmits encrypted television material whose encryption key is available only for a viewers in a specified geographical area, as determined by a GPS or Loran location determination system. A secure version of the location history of the mobile user is transmitted to a central facility and compared with the known location history of this user. If the two histories agree, the identity of the user is confirmed, and a decryption key associated with this location history is transmitted to the user, for use in decrypting the encrypted television transmission.
Transmission of encrypted information packages from a central site to a remote site, in response to receipt of a request for specified information from that site, is disclosed in U.S. Pat. No. 5,247,575, issued to Sprague et al. The encryption key is changed periodically (e.g., weekly), but does not depend upon any past information.
Honda et al, in U.S. Pat. No. 5,296,884, discloses a camera that allows recording of location and/or time as a supplement to the frame image, where the location/time information is provided by signals received from a Loran, Decca, Omega or GPS signal source. The location/time information appears to be recorded separately from the camera image, perhaps on an adjacent strip of film. A similar device that uses earlier location-indicating instruments is disclosed by Rick et al in U.S. Pat. No. 4,122,521.
Earlier patents that allow recording of exposure information, exposure time/date, distance to a selected object in view, or local terrain detail, on film or in a viewfinder at the time a camera forms an image on the film, include U.S. Pat. Nos. 3,872,483, issued to Numata et al, No. 3,882,512, issued to Lawrence et al, No. 3,968,505, issued to Kauneckas, No. 4,053,240, issued to Aizawa et al, No. 4,064,515, issued to Mashimo et al, No. 4,149,795, issued to Sakurda et al, No. 4,175,848, issued to Murakami et al, No. 4,361,388, issued to Mlcak et al, No. 4,635,203, issued to Merchant, No. 4,695,959, issued to Lees et al, No. 5,045,937, issued to Myrick, and No. 5,386,117, issued to Piety et al.
A secure communication system for static information is disclosed in U.S. Pat. No. 5,321,753, issued to Gritton. The message transmitted includes a 10-bit static first data field and a 54-bit second data field that changes from one transmission to the next. The 64-bit first and second data fields are encrypted and transmitted to a remote message reader that receives, decrypts and reads the transmitted message.
Goldfine et al disclose a financial or telephone service transaction authentication system, in U.S. Pat. No. 5,343,529, in which any attempt to gain access to a protected system is thereafter answered and controlled by a centralized authentication agency. In response, the agency issues an identification request, requesting information that is unique to that request; a subsequent attempt by that person to gain access would require submission of different information. If the information supplied by the access seeker matches the information on file, the access seeker identity is authenticated and access is granted.
In U.S. Pat. No. 5,347,580, Molva et al disclose an authentication method using a smartcard to encrypt the presently displayed time with a cryptographically strong key. A public work station receives the encrypted time message, generates one or more values from this message, and further encrypts and/or transmits these values to a server station. The server station uses the received values to authenticate the holder of the smartcard and to accept or reject a message or command from the holder.
A remote control transmitter-receiver pair that cooperatively implement a code transmission sequence that minimizes energy use and protects the communication channel from unauthorized access is disclosed in U.S. Pat. No. 5,349,459, issued to Reed. The transmitter issues a specified sequence of start/stop pulses of different lengths, similar to pulse code modulation, which are received by the receiver and compared with a copy of this sequence. If the sequences agree, the receiver authenticates the transmitter and opens the secured channel to receive the remainder of the message.
Generation of each of two pseudorandom numbers, by an independently chosen number of iterations on initial numbers, is the basis for a cryptographic authentication system disclosed by Koopman et al in U.S. Pat. No. 5,363,448. The two pseudorandom numbers are concatenated and encrypted into a single word. This word is transmitted by or on behalf of a person seeking access to a protected system, and the word is decrypted and deconcatenated to produce the two pseudorandom numbers, for comparison and authentication purposes. Immediately after the concatenated and encrypted word is received, the receiving system locks out receipt of any additional signals for a selected time interval, such as 0.5 sec. Thus, breach of the protected system by rapid, exhaustive, numerical trials is made difficult or impossible.
Blume discloses a system to allow a space platform to distinguish between a friendly object and an unfriendly object in U.S. Pat. No. 5,382,957. The platform, which includes a GPS receiver/processor and antenna, transmits an encrypted interrogation signal to the object, which can be positioned tens or hundreds of kilometers from the platform, requesting certain information including the location coordinates of the object. Simultaneously, the platform uses high directivity radar and line of sight measurements to estimate the object range and the object location coordinates, using the platform's GPS-based knowledge of its own location. A friendly object will reply to the encrypted interrogation signal with an authenticating reply, including the GPS-determined location coordinates of the object. A receiver on the platform receives the object location coordinates from the object and compares these coordinates with its own estimate of the object location coordinates. If the object-supplied object location is within a determinable distance of the platform-supplied object location and all other authenticating replies from the object are appropriate, the platform authenticates the object as a "friendly" object.
In U.S. Pat. Nos. 5,384,846 and 5,388,158, Berson et al disclose methods for authentication of an identification card and the holder thereof. Several physical or other characteristics of the bona fide holder of the card are encrypted and recorded on a magnetic strip on the card, using a public key encryption scheme in which the key is changed from time to time. When the card is presented, the magnetic strip information is reproduced and compared with the corresponding characteristics of the card holder, to verify or refute the putative identity of the card holder. In another embodiment, the contents of a document are compressed, encrypted, encoded and placed on a two-dimensional bar code label for the document, for subsequent decryption and authentication of the document by reversing the process for the information on the label.
A GPS tracking system for a mobile station with physical sensors, relying upon receipt of unprocessed GPS signals that are initially received by the mobile station, is disclosed in U.S. Pat. No. 5,379,224, issued to Brown et al. Segments of the GPS signals received and time stamps are interleaved with sensor measurements of physical data and are transmitted to and processed by a central processing station, for estimation of the location of the mobile station at the time value given by the time stamp, and for examination of the physical sensor data. The GPS signals received from the mobile station are used for location determination, not for authentication of the asserted location of the central station.
Dent et al, in U.S. Pat. No. 5,390,245, disclose system for authentication of a base station and a mobile station that communicates with the base station. A first signal and a second signal are formed at each of the base station and the mobile station, and the base station transmits its first signal to the mobile station. The mobile station compares the received first signal with its own first signal to authenticate, or deny authentication to, the base station/transmitter. The mobile station then transmits its second signal to the base station for a similar authentication procedure by the base station.
A system for controlling the number of concurrently operating copies of a licensed software package is disclosed in U.S. Pat. No. 5,390,297, issued to Barber et al. Each node in a computer network is identified, for example, by number. If a given node requests use of, and contains a valid, unexpired license for, the software package, a license manager permits use of that software package at the given node. If an applicable license is not available at the given node, the license manager interrogates other nodes to find a license for the licensed software package that is not presently being used by that node and transfers the available license to the given node.
U.S. Pat. No. 5,406,619, issued to Akhterruzzaman et al, discloses a user authentication device for messages transmitted telephonically. The authenticator device, about the size of a credit card, is held against a telephone receiver and receives a query number as part of the telephone message. The authentication device uses its own key to transform the query number into an individualized response number that is transmitted as part of the same telephone cal to the query number initiator. Each of the query number and the response number is unique to the telephonic device used for that phone call.
A fire/security/control sensor access system that prevents unauthorized access by remote sensors is disclosed by Sanderford in U.S. Pat. No. 5,408,217. A central processor and a sensor unit communicate using one or more pseudorandom number sequences that is unique for that communicating pair, and each incoming and outgoing message must produce a "match" at the central processor and at the sensor before the transmitting sensor will accept reprogramming of its facility.
Evans discloses a sensor communication system with sensor polling in U.S. Pat. No. 5,440,301. Each remote sensor is polled for its present condition by a centrally located processor, using a unique coded signal that is received and analyzed by a receiver connected to the sensor. If the coded signal has a valid format, information stored in the receiver memory is transmitted in response to receipt of a polling signal.
In U.S. Pat. No. 5,442,342, issued to Kung, a distributed user authentication protocol is disclosed that prevents unauthorized access to any computer that is part of a network. Each network user is issued a coded card with a confidential message authentication code, which must be used to gain access to a computer on the network. The user must present the card and answer a sequence of randomly selected questions. At random times during use of a computer on the network, a user is required to again answer a randomly selected sequence of questions, in order to continue to use the computer.
Apparatus for controlling access to a device, such as an automated teller machine, at a secure location is disclosed by Heath in U.S. Pat. No. 5,451,757. A technician or other worker who seeks access to the device presents an access authentication message, including the worker's personal identification number (PIN), an access code presently stored at the device, and an access code of a portable computer terminal carried by the worker for use with the device. If the PIN and the two access codes are confirmed by the device, the worker is allowed access to the device. If access to the device is allowed, the access code presently stored at the device is immediately replaced by a new access code, to be used when requesting subsequent access to the device.
Steganography, which seeks to authenticate a graphical image by concealing a message in the image, is briefly discussed by S. Walton in "Image Authentication for a Slippery New Age," Dr. Dobb's Journal, April 1995, pp. 18-26. One method of concealment expresses each pixel in an electronic representation of the image in digital form and then alters the least significant bit of a chosen number of pixels to contain an authentication message.
These inventions usually rely upon some unchanging characteristic or combination of characteristics of an entity that seeks access to a protected system or a protected communication channel. The protection offered by these approaches might easily be compromised for a communication channel that is continually or periodically transmitting information. What is needed is an approach that relies in part on the constantly changing information associated with signals produced by a location determination system, to authenticate or verify the location and/or angular orientation of the entity that forms an image that is to be authenticated. Preferably, the information relied upon for, and specification of any pattern(s) used for, image authentication should be accurately and fully transmissible to another person or facility in confidence. Preferably, the approach should accept and work with confidential/encrypted signals and/or with signals that are available for use by any user with an appropriate receiver for a location determination system.