Note: Descriptions are shown in the official language in which they were submitted.
CA 02206937 1997-06-02
E-456
SECURE APPARATUS AND METHOD FOR PRINTING VALUE
WITH A VALUE PRINTER
Field of Invention
This invention relates to an apparatus and method for securely
5 printing indicia, text and variable graphics information which involves
value with a secure printer and more particularly relates to such an
apparatus and method wherein security is provided through
cryptography.
Backqround
U.S. Patents Nos. 4,802,218 and 4,864,~8 issued January 31,
1989 and September 5, 1989, to Christopher B. Wright et al. describe
an automated transaction system, such as a postage transaction
system, in which a postage account is maintained with a
microprocessor card which is used in transactions with postage
15 printing and metering terminals. The patents particularly address
security and provide for a secure handshake recognition procedure to
be mutually executed between the card and the terminal so that they
each recognize the other as authorized to execute a transaction.
Fig. 1 of the Wright et al. patents illustrates a postage metering
20 termir~al wherein a microprocessor card 10 is inserted in a slot 11 of
the automated transaction terminal 20. The card completes multiple
contacts with the terminal and a trip switch indicating full insertion
triggers a start signal. The start signal is sent to an operations
microprocessor or terminal MPU 30. The terminal MPU 30 controls the
25 interface with the card and the operation of the various parts of the
CA 02206937 1997-06-02
terminal, including the printer 40 which is the value dispensing section
of the terminal. A power source Vo is provided by a battery or the like
to power the various parts of the terminal.
The printer 40 contains a microprocessor unit (printer MPU) 41
which controls the operation of the printhead 42. The MPU 41
executes an internal program (FIRMWARE), as does the card
microprocessor, so that it cannot be tampered with from the outside.
The printer MPU's internal program includes unique encryption
algorithms parallel to those stored in the card's microprocessor.
10 These are installed by the manufacturer so that the printer MPU can
execute a secure handshake recognition procedure with the card's
microprocessor to authorize a requested transaction. The MPU 41 is
formed integrally wit~ the printhead 42, such as by embedding in
epoxy or the like, so that it cannot be physically accessed without
15 destroying the printhead. Thus the printhead 42 of the postage
metering terminal 20 can only be operated through the MPU 41, and
will print a postmark only when the handshake recognition procedure
and a postmark print command have been executed between the card
MPU and the printer MPU 41.
The handshake operation of the Wright et al. patents operates
as follows. The card MPU 60 initiates the handshake procedure upon
receipt of the commence signal. Upon verifying that the requested
transaction is authorized, the card MPU encrypts an object number N,
which may be a randomly generated number, with a key number k1
25 (which may be the printer's PIN) stored in the secret zone of its
memory by a first encryption algorithm E1 and sends the resultant
word W1 through the handshake channel 61 of terminal MPU 30 to the
printer MPU 41.
CA 02206937 1997-06-02
Upon receipt of the word W1, the printer MPU 41 decodes the
number using the same number k1 by the inverse algorithm E1'. The
number k1 may be a secret key number stored in the printer MPU's
memory at the time of validation, or in an open system, it may be the
5 PIN e"tere~J by the ~ser on the terminal, or a combination of both. The
printer MPU 41 then encrypts the decoded number with the number k1
by a second encryption algGriL~"" E2 to send a second word W2 back
to the card MPU 60.
Upon receipt of the word W2, the card MPU 60 decodes the
10 number again using the key number k1 by the inverse of the second
algorithm E2', and compares the decoded number with the number it
used in the first transmission. If the numbers match, the handshake
procedure has been successfully completed, and the card and printer
MPUs have recognized each other as a authorized to execute the
15 requested transaction.
While this handshaking protocol provides some added security,
in operation it always produces the same action in response to the
same input signal. Further, the printhead in the Wright et al. patents
does not include hardware for storing data during periods when the
20 power is off. The printer 40 itself is not secure. An indicia printed with
the printhead of the Wright et al. arrangement can be reprinted any
number of times by reproducing the electrical signal used for the first
legitimate print.
It is accordingly a primary object of the present invention to
25 provide an improved postal mailing system which may be recharged
with postal funds in a secure manner so that images cannot be
controlled by unauthorized users.
CA 02206937 1997-06-02
It is also an object of the invention to provide such a postal
mailing system through the use of a secure dot addressable or the like
printer.
Summary of the Invention
The foregoing disadvantages of the postal mailing systems of
the prior art may be overcome and the aforementioned objectives may
be achieved in accordance with the invention by communication with a
dot addressable or the like printhead secured by an encryption
arrangement. The printhead includes a secure non-volatile static
10 random access memory (NOVRAM) in addition to a secure application
specific purpose microprocessor chip. The NOVRAM is sometimes
hereinafter referred to as non-volatile memory or NVM and the specific
purpose microprocessor is sometimes hereinafter referred to as an
ASIC or application specific integrated circuit. According to the
15 invention a key is changed each print cycle and stored in the
NOVRAM or NVM even during times when the power is off. This
access key changes for each print cycle. Thus, an unauthorized user
who learns the key used for the last print cycle is unable to print an
image and cannot reprint an image by reproducing the electrical
20 signals used to print the original image.
According to the invention a printer microprocessor unit and
non-volatile static random access memory are mounted in secure
fashion within the printhead. During each print cycle a number R is
read from the non-volatile static random access memory (NOVRAM) in
25 the printhead. The value of R is changed using a pseudo-random
number generator and the new value is stored in the NOVRAM. The
number R is encrypted using the public key of a public key encryption
scheme to produce a number N. The encrypted number N is sent to
CA 02206937 1997-06-02
the user. An authorized user has the private key for the encryption
scheme and calculates R. The user takes the data that is to be printed
and performs an exclusive-or operation with the binary expansion of
the number R. After the exclusive-or operation the converted data is
sent to the printer. The printhead takes the input converted data and
again applies the exclusive-or operation to reproduce the original print
data and this is printed. A significant improvement in security is
provided by this use of a changing key stored in non-volatile printhead
memory that allows the printhead to be accessed only by authorized
1 0 users.
Brief Description of Drawin~s
Fig. 1 is a simplified block diagram of a mailing system which
may be utilized with the invention.
Fig. 2 presents in tabular form the name, description and source
of symbols, keys and other protocol data referred to in the description
of secure printing according to the invention.
Fig. 3 is a simplified flow diagram illustrating commencement of
initialization of the installation according to the invention.
Fig. 4 is a simplified flow diagram illustrating the graphics
signing at the factory.
Fig. 5 is a simplified flowchart illustrating the initialization of the
printhead gri3pl,ics.
Fig. 6 is a simplified flowchart illustrating the initialization of a
session.
Fig. 7 shows in simplified flowchart form a request indicia
procedure.
CA 02206937 1997-06-02
Fig. 8 is a simplified flowchart illustration of the printing of a
report procedure.
Fig. 9 sets forth in tabular form an explanation of protocol used.
Fig. 10 illustrates in tabular form protocol for signing of the
5 graphics.
Fig. 11 illustrates in tabular form the initialization of a session
according to the invention.
DescriPtion of Invention
The invention is described in further detail in the context of a
10 postage meter, however, other types of meters may be used. Such
meters include parcel service meters, tax stamp meters, check writing
meters, ticket imprinters, and other similar devices.
Fig. 1 shows in a simplified block diagram a form of mailing
system which may be utilized with the invention. The mailing system
15 may comprise a postal meter 10 which is herein referred to as an
electronic vault or as a vault. The vault is in communication with a
host 12 in a conventional fashion. It will be understood that the vault
may take many forms, including the form of a card such as described
in the Wright et al. U.S. Patents Nos. 4,802,218 and 4,864,618,
20 referenced hereinabove. The vault may also constitute a module of
more substantial size coupled to the host, such as described, for
example, in U.S. Patent No. 4,858,138, issued August 15, 1989, to
Paul C. Talmadge and assigned to the assignee of the instant
application. The vault includes a microprocessor (MPU) 14 which is
25 coupled through a non-volatile memory (NVM) 16 through security
logic 18. An indicia read only memory (ROM) 20, in which the
particular printing indicia is stored, is also coupled to the
microprocessor 14 through the security logic 18.
CA 02206937 1997-06-02
The host 12 includes an operations microprocessor (MPU) 22
and the printhead housing 24. The operations microprocessor 22
provides intelligence to allow for communication back and forth to vault
miuoprocessor 14 via interface 26 to initiate printing when the proper
5 i"rorl"alion is exchanged. A keyboard (not shown) in the host 12 may
be provided to send inro""ation representing the postage amount to
the operations miuoprocessor 22. The printhead housing 24 is
manufactured as a secure housing, and includes an operation specific
printer microprocessor 28, NOVRAM 30, and printing mechanism or
10 printhead 32 for printing indicia on a mail piece or the like 34. In a
preferred embodiment the printing mechanism, NOVRAM and
miuoprocessor constitute an integral unit.
A printhead number (Nph) is stored in the printhead NOVRAM
30 to impart a unique character to the specific printhead. Also stored
15 in the NOVRAM 30 is a printhead seed R which is used by the
printhead cryptographic pseudo-random number generator to generate
nonces. The NOVRAM 30 also has stored therein in encrypted form
the printhead key Kph which is the key used by the printhead and vault
to generate the session key. The printhead key Kph is stored in the
NOVRAM encrypted with the printhead security key Ka. The graphics
key Kg, which is the key used by the manufacturer and printhead to
secure graphics and other printhead data, is also stored in the
NOVRAM encrypted with Ka. The printhead security key Ka is itself
stored in the printhead ASIC. The printhead master key Kphm is
stored securely in the vault. This key is used by the vault to calculate
the printhead key from the printhead number. The vault security key
Kv is stored in the vault ASIC. This key is used by the vault ASIC to
encrypt secret information stored in NVM.
CA 02206937 1997-06-02
For convenience of reference the foregoing symbols are
presented in tabular form in Fig. 2 showing the symbol name,
description and source. The abbreviated form NVM is used for
NOVRAM in the Fig. 2 table. Fig. 2 also identifies the session nonce
5 Ns, vault nonce Nv, indicia nonce Ni and session key Ks. The session
nonce Ns is generated by the printhead with the printhead seed R and
the printhead key Kph to assure session freshness. The vault nonce
Nv is a pseudo-random number generated in the vault to assure that
the printhead is present at the beginning of a session. The indicia
10 nonce Ni is a nonce generated with R and Kph by the printhead to
ensure indicia freshness. The session key Ks is the key used by the
printhead and vault to communicate during one session. The session
key is generated from Ns and Kph. The printhead key is good for
initializing sessions with the vault. The graphics key is good for
15 authenticating graphics from the vendor.
In an alternate embodiment, the number R is read from the
NOVRAM 30 and the value of R is changed using a pseudo-random
number generator and the new value is stored in NOVRAM 30. The
number R is encrypted using the public key K_public of a public key
20 encryption scheme to produce a number N=f(R,K_public). The
encrypted number N is sent to the user. An authorized user has the
private key K_private for this encryption scheme. The user calculates
R=f-1(N,K_private). The user takes the data that is to be printed and
performs an exclusive-or operation with the binary expansion of the
25 number R. R may typically contain 1,000 bits and the print data may
require multiple copies of R to convert all of the data. After the
exclusive-or operation the converted data is sent to the printer.
The following is an exemplary illustration of the process:
CA 02206937 1997-06-02
Assume that R is only eight digits long and that 24 bits of print
data are required.
Assume that the original value of R is 01101111. The printhead
microprocessor applies a random number generator and stores a new
5 value 10011101.
The printhead microprocessor encrypts this number to obtain
f(R,K_public)=00011101 and sends this number to the user.
The user calculates f-1(000111101, K_private)= 1001 1 101.
To print the data the user performs an exclusive-or operation
10 with R and sends the data to the printhead:
10011101,10011101,10011101 R repeated enough times to
cover the data.
000001 1 1 ,01 1 10001,1 1 1 10000 Print data.
1001 1010,1 1101 100,01 101 101 Converted print data.
The printhead takes the input converted data and again applies
the exclusive-or operation to reproduce the original print data:
1001 101 1 ,1 1 101 100,01 101 101 Converted print data.
1001 1 101 ,1001 1 101 ,1001 1 101 R repeated enough times to
cover the data.~0 00000111,01110001,11110000 Data used to print is the
same as the original print
data.
It will be apparent to those skilled in the art that other schemes
may be used to encrypt the communication and to convert the print
25 data. The important feature is that the system uses a changing key
stored in non-volatile secure printhead memory that allows the
printhead to be accessed only by authorized users.
CA 02206937 1997-06-02
A typical initialization of the system for a printing operation is
now described in conjunction with a series of flow diagrams
commencing with the simplified flow diagram of Fig. 3. Referring to
that figure the printhead security key Ka is installed in the printhead
ASIC at 36. This universal key secures data external to the printhead
ASIC. The vault security key Kv is installed in the vault ASIC at 38.
This universal key secures data external to the vault ASIC and
requires an update to the ASIC. At 40 the printhead number Nph is
installed in NVM in the printhead. Each printhead should have a
10 unique number to initialize it. This is required in order that the
software random number generators on different printheads produce
different numbers.
The encrypted printhead key {Kph}Ka is installed in NVM at 42.
The printhead key is derived by the vault from the printhead number
15 using the printhead master key. The printhead needs the printhead
key encrypted with the printhead security key. This separation
ensures that an attacker who opens and deciphers everything in one
printhead will not possess sufficient information to use a second or
other printheads.
At 44 the encrypted graphic key {Kg}Ka is installed in NVM.
This is a universal key that secures the graphics. It is not built in the
ASIC in order to provide the option of changing the key in the future.
At 46 the pr~rlU,e~J master key Kphm is installed in the vault.
This is a universal key used by the vault to communicate with
25 printheads. The vault believes that the printhead master key is good
for deriving the printhead key from the printhead number.
The graphics signing at the factory is illustrated in the flowchart
of Fig. 4. Referring to that figure graphics are assigned at the factory
CA 02206937 1997-06-02
11
with the graphics key at 48. The vendor should be able to rely on the
graphics key as a good key for authenticating graphics to the
printhead and have reasonable assurance that the printhead is
protected from producing counterfeit images by the graphics key. Two
5 practical methods are available for signing graphics. In one method a
message authentication code is generated by chaining DES
encryptions. In an alternate method a CRC is generated with a secret
polynomial and the polynomial is encrypted. Chaining DES
encryptions is commonly used in financial applications to assure
~0 message integrity. A label can be attached to the graphics indi~atirlg
the type of image and the label and graphics signed together. The
indicia graphics are assigned at 50. The indicia graphics include
information about the location of fields so that attackers cannot
permute characters in the indicia. The slogan graphics are assigned
15 at 52 and the font graphics assigned at 54. The font graphics label
includes the ASCII character represented. The permit graphics are
assigned at 56.
The initialization of the printhead graphics is illustrated in Fig. 5.
Referring to Fig. 5 the printhead graphics are initialized with the
20 graphics key at 58. The graphics key is decrypted with the printhead
security key at 60 and the indicia graphics are loaded and verified at
62. The graphics are loaded into the printhead NOVRAM. They are
cryptographically verified each time they are loaded and a bit is set
that indicates acceptance of the signature of the graphics. The add
25 slogan graphics are loaded at 64 and a bit set that indicates
acceptance of the signature of those graphics. The font graphics are
loaded and verified at 66 and a bit set that indicates acceptance of the
signature of those graphics. At 68 the permit graphics are loaded and
CA 02206937 1997-06-02
12
verified and a bit set that indicates acceptance of the graphics
signature.
The initialization of a session is illustrated in simplified fiowchart
form in Fig. 6. The printhead believes that the session key is authentic
for communicating with the vault and believes that the vault "meter
number" is also authentic. The vault believes that the session key is
good for communicating with the printhead.
At 70 the printhead key is decrypted with the printhead security
key. The printhead outputs a number and session nonce at 72. The
10 printhead calculates the session key from the printhead key and nonce
at 74 and the vault generates the printhead key from Nph with the
printhead master key at 76. At 78 the vault calculates the session key
from the printhead key and nonce. At 80 the vault sends the meter
number, session nonce (and vault nonce) encrypted with the session
15 key. The vault nonce authenticates the printhead to the vault. This
assures the vault that the data it is sending is in fact going to a
printhead. The printhead verifies the session nonce, saves the meter
number and outputs the vault nonce at 82. The vault verifies the vault
nonce at 84.
Fig. 7 shows in simplified flowchart form a request indicia print
procedure. The printhead believes that the vault believes the "indicia
number, piece count, postage." At 86 the printhead outputs the indicia
nonce. The printhead seed is updated after each nonce. The vault
encrypts the piece count, postage, (date), indicia nonce with the
25 session key at 88. At 90 the printhead decrypts the piece count,
postage, and indicia nonce.
The printing of a report procedure is illustrated in flowchart form
in Fig. 8. The printhead believes that the vault believes the report and
CA 02206937 1997-06-02
13
that the image represents the report. The verifier believes the vault
articulated the report. At 92 the printhead sends the report nonce.
The printhead and vault derive the session key at 94 and the vault
encrypts the numerical data in the report at 96. The printhead verifies
5 the font data in the report at 98 and indicates it needs a signed
'~ormat" for the report at 100.
The protocol is set forth in tabular form in Fig. 9. The principles
in the protocol are V-vault, P-printhead, and M-manufacturer. The
notation for encryption is that {M}K is the message M encrypted with
10 the key K. The notation for signing is that [M]K is the message M
signed with the key K. The printhead key is encrypted in NVM in a
way that the printhead does not know the map from the printhead
number to the printhead key. The steps indicated and described in
Fig. 9 are performed under the security of the manufacturing process.
The protocol for the signing of the graphics is illustrated in
tabular form in Fig. 10. When the printhead graphics are initialized at
the customer site the required messages from 7-11 in Fig. 10 are sent
to the printhead, verified and installed. The channel need not be
particularly secure. An ad slogan could be used, if desired. The
20 images should be reasonably well scrambled, in a way that the
customer cannot easily reverse the scrambling.
As each graphic image is verified a bit is set to indicate that that
image is accepted. This prevents attacks where bogus images are
loaded and the printhead is powered down before it clears the data.
25 The printhead is now initialized. A session is initialized as shown in
tabular form in Fig. 11.
In step 12 the printhead generates a new nonce Ns for the
session. The printhead calculates the session key Ks from the nonce
CA 02206937 1997-06-02
14
by decrypting Kph from NVM and encrypting Ns. The vault calculates
Ks by encrypting Nph with Kphm. At step 13 the vault sends Nv
encrypted to provide assurance that the printhead is present. The
printhead verifies the encrypted Ns to verify that the vault is valid. The
5 indicia serial number is sent at this point to avoid having to send it for
each indicia. The printhead decrypts the message and verifies Ns. At
step 14 the vault verifies the printhead retrieved Nv to authenticate the
printhead. The vault and printhead are now ready to print indicia and
the session is now initialized. At step 15 for each indicia the printhead
10 generates a nonce to assure that the indicia is fresh. At step 16 the
vault prepares a message with the indicia information and the indicia
nonce, encrypts it, and sends it to the printhead. The printhead
verifies the indicia nonce is encrypted, loads the data into the image,
and prints the indicia.
It will be readily seen by one of ordinary skill in the art that the
present invention fulfills all of the objects set forth above. After
reading the foregoing specification, one of ordinary skill will be able to
effect various changes, substitutions of equivalents and various other
aspects of the invention as broadly disclosed herein. It is therefore
intended that the protection granted hereon be limited only by the
definition contained in the appended claims and equivalents thereof.