The present invention relates to a process and system for transmission of "signed" messages. The present invention is related to the invention to which commonly-assigned copending application Ser. No. 200,785, filed Oct. 27, 1980, by Robert J. L. HERVE, and entitled "SYSTEM AND PROCESS FOR IDENTIFICATION OF PERSONS REQUESTING ACCESS TO PARTICULAR FACILITIES" is directed, the entire disclosure of which is hereby expressly incorporated by reference.
More particularly, the invention relates to systems in which messages are transmitted in a coded binary form, as well as in other forms. These messages are coded by means of coding keys upon transmission, and then decoded for restoration to their original clear form upon reception. A system of this kind is disclosed in commonly-assigned U.S. patent application Ser. No. 235,505, filed Feb. 18, 1981 by Robert J. L. HERVE, and entitled "METHOD AND SYSTEM FOR TRANSMISSION OF CONFIDENTIAL DATA", the entire disclosure of which is also hereby expressly incorporated by reference.
The system described in the above-identified application Ser. No. 235,505 makes use of two coding keys, as follows:
The first is a standard or common key E transmitted directly in clear from the transmitter to the receiver. The second is an intrinsic key R calculated simultaneously at the transmitter and the receiver locations. The intrinsic key R is a function of the common key E, of an identification code I.sub.n linked with the message which is transmitted, and of a secret code S stored in two devices situated at the transmitter and receiver respectively, or at the transmitter and receiver locations. The intrinsic key R.sub.1 calculated at the transmitter location is used for encoding the message transmitted, and the intrinsic key R.sub.2 calculated at the receiver location is used to decode the coded message transmitted.
If the calculating function employed at the transmitter and receiver locations is the same and if the secret code S stored at these locations is the same, the intrinsic keys R calculated are identical. Under these conditions, all that is needed is to utilize, at the transmitter and receiver locations, an operator which allows of simultaneous encoding of the message by means of the intrinsic key R.sub.1 calculated upon transmission and decoding by means of the intrinsic key R.sub.2 calculated upon reception. These coding and decoding operations may easily be performed by means of logic circuits of the combinatory type, for example EXCLUSIVE-OR circuits.
The system described makes it possible to perform constant modification of the intrinsic keys R calculated at the transmitter and receiver locations by random alteration in the course of time of the value of the common key E.
According to another feature of the system, the calculation of each of the intrinsic keys R at the transmitter and receiver locations is accomplished in each case by a processor situated within a portable object which also comprises a memory wherein is stored a program P for calculation of the function for determining the intrinsic key as a function of the secret code S also stored in the memory, of the common key E, and of the identification code I.sub.n linked with the message. These portable objects are each placed at the disposal of the persons entrusted with transmitting and receiving the messages.
The system may then operate only if both persons have strictly matched portable objects, which amounts to saying, for example, that the processing units must be actuated by the same program P and that the memories must contain the same secret code S. It is obvious that a fraudulent person lacking both the program P and the secret code S will be unable to calculate the intrinsic key R enabling him to decode the message transmitted. His task becomes ever more difficult since the system alters the common key E in a random manner.
According to another feature of the system, and for the purpose of increasing the security of the system in a practically absolute manner, each portable object of the system contains within its memory a table of the identification codes I.sub.n related to the messages which each person will be authorized to transmit and receive.
The identification code related to the message contained in the memories of the portable objects are located or "pointed" to by address generators at the transmitter and receiver locations. These address generators establish correspondence between the identification code I.sub.n linked with the message and the address of the identification code I.sub.n contained in the memory of the portable object. The message transmission may then only occur correctly if the address generator and the portable objects have been able to establish the identity of the identification code I.sub.n related to the message.
The system described in the above-identified patent application Ser. No. 235,505 resolves the problems of transmission of coded messages, but it is incomplete in that it does not render it possible to establish certain authentication of the person who had transmitted the messages, and this may constitute a handicap to the application of this system in particular spheres.
As a matter of fact, in the social structure--be it commercial or private--the agreements concluded between legal or physical entities may form the object of contracts. One of the contracting parties may, if it so wishes, enforce application in indisputable manner of the test specifying the contractual engagement. The contract is in effect liable to be implemented. The contract comprises a text and a particular number of signatures. The material form of the document (i.e., the written document) only resolves a practical problem of being made available for recognition. The legal ambit of the contract resides entirely in the data corresponding to the text and in the validity of the signatures appended. The transposition of a text in binary code, without loss of information, does not raise any difficulties. By contrast, if this transposition is not absolute for the signature, there is a loss of information, and more serious, the absence of a link between the text and the signature offers the possibility of combining a text and signature of different origins.