1. Field of the Invention
The present invention relates to a data procesing system which protects the secrecy of confidential data.
2. Description of the Prior Art
A first example of systems of this nature is provided by systems which comprise a data processing machine which is connected to a data transmitting device by means of which an operator is able to communicate with the machine. The machine includes an auxiliary device in which is stored a predetermined item of confidential information, termed a key or code key, which governs access to the machine. A dialogue is only permitted between an operator and the machine if the confidential code held by the operator is recognized as identical to the key.
A second example of known systems relates to systems which employ credit and/or debit cards. In this case, the auxiliary device is formed by a personal card held by an operator in which the personal key is stored. Access to the machine is reserved for any user of the card who knows the confidential code identical to the key. It is only if the data transmitting device detects such identity that the user of the card is able to gain access to confidential data contained in the machine.
In these two illustrative cases, when an operator wishes to carry on a confidential dialogue with a machine, he begins by feeding in a confidential code, generally from a keyboard, and this code, once it has been recognized as identical to the key, allows him to transmit other information by means of the same keyboard and the intermediate transmitting device between the operator and the machine. In the case of the first example given above, it is also possible for anyone which has possession of the confidential code to gain access directly to the machine by formulating the code on the keyboard. In the case of the second example which employs credit cards, it is also necessary to have possession of the card in which is recorded the key corresponding to the confidential code which may have been surrepitiously acquired. A dual safequard is required in this latter case. In effect, if a card is stolen, steps must be taken to ensure that the key recorded in it cannot be read. In addition, it is necessary to prevent the discovery of the confidential code held by the legitimate possessor of the card when the latter formulates it on the keyboard (which is a public device) in the course of a preliminary operation to begin a dialogue with the machine.
Whether or not the confidential code formulated by a user is identical with the key stored in the card which he holds is determined by comparing the code with the key. One possibility is to make this comparison by placing a comparator in the data transmitting device to which data is transmitted by a keyboard. This solution has the disadvantage that it makes it possible to intercept the code key when the code is formulated on the keyboard by a user for comparison with the stored code key. Another solution which has been made possible by progress in integrated circuit techniques is to include the comparator means in the same card as the memory containing the key. This prevents any interception while the memory is being read out since the memory is no longer physically separated from the comparator as it was in the previous case.
However, the latter solution does not eliminate the risk of interception during the transfer of the code formulated on the keyboard to the comparator. In effect, the keyboard situated as it normally is in the transmitting device, in a publically accessible location, is thus physically separated from the card in which the comparator is situated and susceptible of having the formulated code intercepted.
Another example of a data processing system which protects the secrecy of confidential data is disclosed in U.S. application Ser. No. 900,503 of Giraud et al, filed Apr. 22, 1979 and corresponding to French application No. 77-12781 and assigned to the assignee of the present invention. In that application, a light pen personal to each operator is used for formulating confidential data in a predetermined code and transmitting coded information by means of a lightwave. Reference may be had to said application for a better understanding of the prior art and the advantages of the present invention.