1. Field of the Invention
The invention relates to an apparatus and method for securely establishing a unique cryptographic key in a first cryptographic device. More particularly, the invention relates to an apparatus and method for compliantly establishing unique cryptographic keys in a plurality of cryptographic devices that are geographically widely scattered, such as bank Automated Teller Machines (ATMs), while utilizing only a single key custodian in the field.
2. Description of Related Art
A bank or other financial institution may provide Automated Teller Machines (ATMs), or equivalent field devices, for the convenience of its customers. The ATMs usually communicate electronically with a central computer physically located at the bank so that the customer can manipulate his bank account at any time regardless of the operating hours of the bank without interacting with a human representative. Such bank transactions may include the transfer of money between accounts, the deposit and withdrawal of funds, and the like. Network operating rules and voluntary ANSI Standards require the use of cryptography to protect sensitive information, such as the Personal Identification Number (PIN) usually associated with such bank transactions, from potential compromise by an opponent intent on committing fraud against the network and the cardholder.
As should be expected, it is necessary for the bank to verify that a field device, for example an ATM, is authorized to communicate with the central computer at the branch office. Such measures endeavor to prevent an unauthorized device from imitating the ATM and accessing a customer""s account without proper authorization. There are a number of ways in which to establish secure electronic communications between a network of ATMs and the central computer. One way is via a dedicated arrangement of data transmission lines. The transmission lines connect the ATMs directly to the central computer. Accordingly, only authorized ATMs can communicate with the central computer over the dedicated transmission lines. However, the cost of installing dedicated transmission lines and the associated communications hardware is generally prohibitive, especially in light of the need to secure rights of way to carry the transmission lines between each of the ATMs and the central computer. Furthermore, even dedicated transmission lines may still be vulnerable to access by individuals possessing the ability to physically tap into the transmission lines.
A more economical approach to establish secure electronic communications between a network of field devices and a host device is by means of cryptography. Good cryptographic practice requires that each pair of communicating devices on the network share a unique cryptographic key. The use of a unique cryptographic key for each pair of communicating devices limits the degree to which an unauthorized user can compromise the network to that single pair of devices. Where a plurality of devices are provided with a common cryptographic key, often referred to as a Global key, an unauthorized user can compromise all of the devices by compromising any one of the devices sharing the Global key. For example, an unauthorized user could gain access to a large number of ATMs with the knowledge of only a single cryptographic key. The banking industry actually facilitates this high degree of risk since the present practice is to load many field devices in a network with a Global key for operational convenience.
Two general types of cryptography are presently in use. One type is public key or asymmetric cryptography, for example RSA. The other type is symmetric cryptography, for example the Data Encryption Algorithm (DEA). The DEA is currently the most widely used algorithm in ATM banking devices. Symmetric cryptography requires the same cryptographic key to be established at both cryptographic devices, namely the field device and the host device. In addition, symmetric cryptography requires the cryptographic key to be managed under the principles of split knowledge and dual control usually implemented by utilizing two different individuals, referred to as key custodians, to establish the key. Each key custodian is entrusted with a portion, referred to as a component, of the cryptographic key that they must physically enter into the field device, for example an ATM. Thus, each of the key custodians must personally visit each ATM in the network in turn to establish the appropriate cryptographic key in the ATM. The same, or other key custodians, must then personally visit the host device to establish the same cryptographic key in the host device. Since the ATMs and the host devices are oftentimes geographically widely scattered, it is frequently impractical for the key custodians to accomplish the necessary visits within an acceptable timeframe. As a result of this key management logistics problem, many banks use the same cryptographic key for a large number of ATMs on a single ATM network.
With the above concerns in mind, it is an objective of the present invention to provide an apparatus and method for securely establishing a unique cryptographic key in a first cryptographic device.
It is a further objective of the present invention to provide an apparatus and method for compliantly establishing a unique cryptographic key between a first cryptographic device and a second cryptographic device that are geographically widely scattered.
It is a further, and more particular, objective of the present invention to provide an apparatus and method for compliantly establishing a unique cryptographic key in a first cryptographic device without the custodial overhead normally associated with the distribution and secure management of the individual key components.
It is a further, and still more particular, objective of the present invention to provide an apparatus and method for compliantly establishing unique cryptographic keys in a plurality of cryptographic devices while utilizing only a single key custodian.
These and other objectives and advantages will become more readily apparent to those of skill in the art with reference to the following detailed description and the accompanying drawing figures.
The aforementioned ojectives and advantages are realized by an apparatus and method for securely establishing a unique cryptographic key in a first cryptographic device, for example an ATM of the type commonly provided by a bank or other financial institution. The same unique cryptographic key can then be securely established in a second cryptographic device, such as a central computer at the bank, in any known manner. Preferably, however, the unique cryptographic key is securely established in the second cryptographic device in the manner disclosed in co-pending U.S. patent application Ser. No. 09/273,416 (now U.S. Pat. No. 6,606,387), the disclosure of which is expressly incorporated herein. The unique cryptographic key ensures secure electronic communications between the ATM and the central computer. Most importantly, the apparatus and method of the present invention permit the unique cryptographic key to be compliantly established in the ATM utilizing only a single key custodian in the field.
Preferably, the ATM includes means for entering a key component and an ATM processor board. In a preferred embodiment, the apparatus includes a microprocessor and persistent key component storage means electrically disposed between the key component entry means of the ATM and the ATM processor board. The microprocessor may be any electronic circuit suitable for implementing the persistent key component logic, for example a Motorola 6805 class microprocessor. The persistent key component storage means may be any non-volatile memory device, for example a conventional battery-backed, tamper resistant Random Access Memory (RAM) or an Electrically Erasable Programmable Read Only Memory (EEPROM). The microprocessor includes means for detecting and capturing a key component entered into the ATM, discriminating means for determining whether a persistent key component is present in the persistent key component storage means and means for combining a second key component with the persistent key component to form the unique cryptographic key.
In a preferred embodiment of the method, the microprocessor monitors the key component entry means of the ATM to detect and capture a key component entered by a key custodian. The discriminating means then determines whether a first, or persistent, key component is present in the non-volatile memory device. If not, the key component is stored in the non-volatile memory device as the persistent key component. If a persistent key component is already present in the non-volatile memory device, the key component is stored in a temporary, non-persistent memory device as the second key component. Each byte of the second key component is then combined with the corresponding byte of the persistent, key component to form the unique cryptographic key. The unique cryptographic key is then passed to the ATM processor board so that the ATM may conduct secure electronic communications with the central computer at the bank. The persistent key component is entered into the ATM by a first key custodian at a convenient location and time and the second key component is entered by a second key custodian at a subsequent time in the field. Thus, the unique cryptographic key is established in compliance with network operating rules and voluntary ANSI Standards while utilizing only a single key custodian in the field.