The present invention relates generally to a system and method for postage metering security and, more particularly, to systems and methods for verifying authorized postage security devices.
The Information-Based Indicia Program (IBIP) is a distributed trusted system proposed by the United States Postal Service (USPS). The IBIP is expected to support new methods of applying postage in addition to, and eventually in lieu of, the current approach, which typically relies on a postage meter to mechanically print indicia on mailpieces. The IBIP requires printing large, high density, two dimensional (2-D) bar codes on mailpieces. The Postal Service expects the IBIP to provide cost-effective assurance of postage payment for each mailpiece processed.
The USPS has published draft specifications for the IBIP. The INFORMATION BASED INDICIA PROGRAM (IBIP) INDICIUM SPECIFICATION, dated Jun. 13, 1996, defines the proposed requirements for a new indicium that will be applied to mail being processed using the IBIP. The INFORMATION BASED INDICIA PROGRAM POSTAL SECURITY DEVICE SPECIFICATION, dated Jun. 13, 1996, defines the proposed requirements for a Postal Security Device (PSD) that will provide security services to support the creation of a new xe2x80x9cinformation basedxe2x80x9d postage postmark or indicium that will be applied to mail being processed using the IBIP. The INFORMATION BASED INDICIA PROGRAM HOST SYSTEM SPECIFICATION, dated Oct. 9, 1996, defines the proposed requirements for a host system element of the IBIP. The specifications are collectively referred to herein as the xe2x80x9cIBIP Specificationsxe2x80x9d. The IBIP includes interfacing user (customer), postal and vendor infrastructures which are the system elements of the program.
The user infrastructure, which resides at the user""s site, comprises a postage security device (PSD) coupled to a host system. The PSD is a secure processor-based accounting device that dispenses and accounts for postal value stored therein. The host system may be a personal computer (PC) or a meter-based host processor. Among the various requirements set forth in the Host System Specification is that the host system verifies that the coupled PSD is xe2x80x9cthe expected PSDxe2x80x9d. Conventional postage metering devices and recent digital metering devices, such as PostPerfect and Personal Post Office, both manufactured by the assignee of the present invention, do not include such verification. Thus, a method for achieving such verification is desired.
U.S. Pat. No. 5,510,992 discloses a method whereby the host PC verifies that a storage means that is coupled to the host PC and has postal value stored therein, is authorized for use with the host PC. The method comprises the steps of storing a unique identifier, such as a serial number, in the storage means when the storage means is filled with postal value, and sending the unique identifier to the host PC when postage value is requested for dispensing. The host PC then verifies that the storage means is authorized for use with the host PC by confirming that the unique identifier retrieved from the storage device is the same as one stored in the host PC. Although such method verifies that the storage means is the expected storage device, the storage means is not a PSD because it is not a processor-based accounting device that dispenses and accounts for postal value stored therein. Furthermore, the verification of the serial number in the host PC is subject to fraud.
U.S. Pat. No. 4,802,218 discloses a card automated transaction system in which a terminal and a smart card complete a predetermined handshake procedure to initiate each transaction. The card automated transaction system employs a card having a secure, resident microprocessor which operates to confirm that a requested transaction is authorized and to then initiate an interactive handshake recognition procedure with a resident microprocessor in a value dispensing section of an automated terminal. The handshake recognition procedure includes the card microprocessor generating a number which is encrypted in the card and then sent to the dispensing section microprocessor. The dispensing section microprocessor decrypts this number, re-encrypts it and transmits it back to the card microprocessor where it is further processed. Upon completion of the handshake procedure, the card microprocessor and the dispensing section microprocessor simultaneously actuate the dispensing of the requested item of value and the debiting of such value from a balance stored on the card.
It has been found that the present invention provides a more secure and reliable system and method for verifying the expected PSD is coupled to the host PC. It has further been found that the present invention provides a secure and reliable system and method for verifying the expected host PC is coupled to the PSD.
The present invention provides a method for verifying that a host system is the expected host system once the PSD has been verified as the expected PSD. In accordance with the present invention, a first message is encrypted in the PSD using a first cryptographic key to obtain a first encrypted message. The first encrypted message is sent to the host system which decrypts the first encrypted message using a second cryptographic key. The host system then encrypts a second message derived from the decrypted first encrypted message using the second cryptographic key. The host system then sends the encrypted second message to the PSD which decrypts the second encrypted message in the PSD using the first cryptographic key. The PSD compares the decrypted second encrypted message with the first message, and activates the PSD for processing transactions requested by the host system when the decrypted second encrypted message corresponds to the first message.
The present invention further provides alternate embodiments secure and reliable methods for verifying in the host system that the expected PSD is coupled to the host system. In one embodiment, a message, such as a random number, is generated in the Host system and sent to the PSD. In one embodiment, the PSD encrypts the number and transmits it to the Host system. The Host system decrypts the encrypted number and ensures it corresponds with the number originally generated and transmitted to the PSD. In an alternate embodiment, the random number is signed in the PSD. The signed number is transmitted to the Host where the signature is verified. The generated message may include data indicating status of the PSD based, for example a checksum of PSD transaction records stored in the host system.
In yet another embodiment, the PSD has a private key which is associated with a specific public key that is stored in the host PC. The host PC sends the PSD public key to the PSD. If the PSD determines that the received PSD public key corresponds to its private key, the system has determined that the expected PSD is connected to the Host system and the PSD is activated to accept postal value requests from the host PC. Additionally, a PSD state identification, such as a checksum of a PSD transaction log file stored in the host may be verified by the PSD, which also has stored therein a PSD transaction log file. In this manner the PSD verifies that the PSD has performed all transactions with the host PC sending the checksum.
In another embodiment, a random number is generated in the host system and encrypted with a PSD state identification number. The encrypted random number is then sent to the PSD. The PSD decrypts the encrypted random number received using the PSD state identification number and sends the decrypted random number to the host system. The host system compares the decrypted random number received from the PSD to the random number generated in the host system. If they are the same, the host system has verified the expected PSD and has also verified that the PSD has not completed any transactions apart from the host system.