In countries throughout the world, a postal customer may obtain postage from the appropriate Postal Authority in several ways, including the purchase of stamps and the use of a postage meter. When a postage meter is used, there is a security concern since the representations of postage available to be dispensed are stored within the meter, and without sufficient security, unscrupulous parties could add postage to a meter for which the Postal Authority has not been compensated.
These security concerns have always been present, even when a postage meter was essentially purely mechanical. With an essentially mechanical meter, security concerns were often addressed, in part, by the physical attributes of the meter. Not only do the attributes of the meter (case material, etc.) provide protection against the unauthorized use of the meter, the attributes also provide a means to detect whether an attempt has been made to make unauthorized use of the meter evidenced by visible deliberate damage to the meter's case.
Postage meters have evolved from essentially mechanical to primarily electronic. In many respects, a primarily electronic meter is preferred by a customer since it greatly facilitates recharging the meter without the inconvenience of having to physically take the meter to the Postal Authority. Such remote resetting, for example, is described in U.S. Pat. No. 4,376,299 for DATA CENTER FOR REMOTE POSTAGE METER RECHARGING SYSTEM HAVING A PHYSICALLY SECURE ENCRYPTING APPARATUS AND EMPLOYING ENCRYPTED SEED NUMBER SIGNALS, the disclosure of which is hereby incorporated by reference.
With evolution of the "meter," however, greater security against fraudulent attacks on the meter is needed. With the increase in the availability of elaborate technologies and sophisticated hacking capabilities, Postal Authorities around the world, including the United States Postal Service, are concerned with the ability to defraud the Postal Authorities by adding postage (or value) to the meter for which they have not been compensated, and also by falsifying postal indicium, particularly when such indicium is digitally printed.
One approach which as been taken to increase the security of evolved meters is to employ cryptographics to the resetting of the meter and the creation and application of the postal indicia. Such cryptographics may include the Digital Signature Algorithm (DSA), the Rivest Shamir Adelman Algorithm (RSA), and the Elliptic Curve Digital Signature Algorithm (ECDSA). Implementation of the RSA Algorithm is described in U.S. Pat. No. 4,405,829, the disclosure of which is hereby incorporated by reference.
There are, however, problems with the use of these cryptographics. For example, these cryptographics rely upon the use of keys, public and/or private. It is possible that the system within which the postage dispensing occurs is so regulated that the keys may be required, from time to time, to be changed based upon parameters as time, number of indicium produced, total monetary value dispensed, or the like. It is also possible for a key to become compromised, which thereby compromises security of the postage meter. In such instances where key changes are dictated or said compromise may have occurred, new keys need to be implemented, preferably as soon as possible. Doing so in a secure fashion, however, can be complicated and time consuming where the postage meter is in a customer's facility.