公开(公告)号：US06058193A

公开(公告)日：2000-05-02

申请号：US340592

申请日：1999-06-28

申请人： Robert A. Cordery ,  David K. Lee ,  Steven J. Pauly ,  Leon A. Pintsov ,  Frederick W. Ryan, Jr. ,  Monroe A. Weiant, Jr.

发明人： Robert A. Cordery ,  David K. Lee ,  Steven J. Pauly ,  Leon A. Pintsov ,  Frederick W. Ryan, Jr. ,  Monroe A. Weiant, Jr.

IPC分类号： G07B17/00 ,  H04L9/00

CPC分类号： G07B17/00733 ,  G07B17/00435 ,  G07B2017/00427 ,  G07B2017/00443 ,  G07B2017/0075 ,  G07B2017/0087 ,  G07B2017/00879 ,  G07B2017/00887 ,  G07B2017/00919

摘要： A method for controlling keys used in the verification of encoded information generated by a transaction evidencing device and printed on a document comprises the steps of generating a plurality of random verifier master keys to obtain a set of verifier master keys consisting of a fixed number of keys; generating at least one pointer by applying a psuedorandom algorithm to data unique to the transaction evidencing device; calculating a plurality of verifier token keys to obtain a verifier token key set corresponding to the set of verifier master keys; encrypting the verifier token key set with a privacy key; and distributing the set verifier token keys and the privacy key to verifiers. The token keys are a function of the verifier master keys and a code valid for a limited time. The pointer algorithm is an appropriate symmetric key cryptographic algorithm and the code is function of a date dependent parameter. The master keys are distributed to postal and vendor data centers.

摘要翻译： 一种用于控制用于验证由交易证明设备产生并被打印在文档上的编码信息的密钥的方法包括以下步骤：生成多个随机验证器主密钥以获得由固定数量的密钥组成的一组验证者主密钥 ; 通过对所述交易证明设备唯一的数据应用伪随机算法来生成至少一个指针; 计算多个验证者令牌密钥以获得与所述验证者主密钥集合相对应的验证者令牌密钥集; 用隐私密钥加密验证者令牌密钥集; 并将设置的验证者令牌密钥和隐私密钥分发给验证者。 令牌密钥是验证者主密钥和有限时间内有效的代码的函数。 指针算法是适当的对称密钥加密算法，代码是日期相关参数的函数。 主密钥分发给邮政和供应商数据中心。

公开(公告)号：US5680456A

公开(公告)日：1997-10-21

申请号：US415824

申请日：1995-03-31

申请人： Walter J. Baker ,  Feliks Bator ,  Robert A. Cordery ,  Frank M. D'Ippolito ,  Kevin D. Hunter ,  Kathryn V. Lawton ,  David K. Lee ,  Louis J. Loglisci ,  Steven J. Pauly ,  Leon A. Pintsov ,  Ian A. Siveyer

发明人： Walter J. Baker ,  Feliks Bator ,  Robert A. Cordery ,  Frank M. D'Ippolito ,  Kevin D. Hunter ,  Kathryn V. Lawton ,  David K. Lee ,  Louis J. Loglisci ,  Steven J. Pauly ,  Leon A. Pintsov ,  Ian A. Siveyer

IPC分类号： B65G61/00 ,  G06F12/00 ,  G06F12/14 ,  G06F21/24 ,  G06Q20/38 ,  G07B17/00 ,  G09C1/00 ,  H04L9/08 ,  G06F17/00 ,  H04L9/00

CPC分类号： G07B17/00733 ,  G06Q20/3829 ,  H04L9/0825 ,  H04L9/083 ,  H04L9/321 ,  G07B17/00024 ,  G07B17/00435 ,  G07B2017/00427 ,  G07B2017/0075 ,  G07B2017/00758 ,  G07B2017/00766 ,  G07B2017/0079 ,  G07B2017/00798 ,  G07B2017/00806 ,  G07B2017/0083 ,  G07B2017/00846 ,  G07B2017/00854 ,  G07B2017/00887 ,  G07B2017/00895 ,  G07B2017/00919 ,  G07B2017/00951 ,  G07B2017/00967

摘要： A method of manufacturing transaction evidencing devices, such as digital postage meters, includes the steps of generating a master key in a logical security domain of a Key Management System; installing the master key into a digital postage meter; verifying the installation of the master key; and registering the master key to a logical security sub-domain in the Key Management System. The step of generating the master key further includes the steps of generating a domain; generating at least one sub-domain; installing the domain in secure boxes of the Key Management System; generating a master key and test token within the domain; and recording the master key in the domain archive. The step of installing the master key further includes the steps of installing the master key into a digital meter; and associating the master key with a unique device identifier. The step of registering the master key to a logical security sub-domain in the Key Management System further includes the steps of assigning a sub-domain to the digital meter; installing a postal identifier into the digital meter; associating the postal identifier to the unique device identifier; generating a registration token in the digital meter based on the postal identifier and the unique device identifier; generating registration tokens using the master key recorded in the archives; verifying that the registration tokens are identical; and recording the master key in the sub-domain. The steps are repeated for each domain assigned to the digital postage meter.

摘要翻译： 制造诸如数字邮资计费器的交易证明设备的方法包括以下步骤：在密钥管理系统的逻辑安全域中生成主密钥; 将主密钥安装到数字邮资计费表中; 验证主密钥的安装; 并将主密钥注册到密钥管理系统中的逻辑安全子域。 产生主密钥的步骤还包括产生域的步骤; 生成至少一个子域; 将域安装在密钥管理系统的安全箱中; 在域内生成主密钥和测试令牌; 并将主密钥记录在域归档中。 安装主密钥的步骤还包括将主密钥安装到数字仪表中的步骤; 并将主密钥与唯一的设备标识符相关联。 将主密钥注册到密钥管理系统中的逻辑安全子域的步骤还包括将子域分配给数字计量器的步骤; 在数字仪表中安装邮政识别码; 将邮政标识符与唯一的设备标识符相关联; 基于邮政标识符和唯一的设备标识符在数字计费器中生成注册令牌; 使用记录在档案中的主密钥生成注册令牌; 验证注册令牌是否相同; 并将主密钥记录在子域中。 为分配给数字邮资计费器的每个域重复这些步骤。

公开(公告)号：US5982896A

公开(公告)日：1999-11-09

申请号：US772739

申请日：1996-12-23

申请人： Robert A. Cordery ,  David K. Lee ,  Steven J. Pauly ,  Leon A. Pintsov ,  Frederick W. Ryan, Jr. ,  Monroe A. Weiant, Jr.

发明人： Robert A. Cordery ,  David K. Lee ,  Steven J. Pauly ,  Leon A. Pintsov ,  Frederick W. Ryan, Jr. ,  Monroe A. Weiant, Jr.

IPC分类号： G07B17/00 ,  H04L9/00

CPC分类号： G07B17/00733 ,  G07B17/00435 ,  G07B2017/00427 ,  G07B2017/00443 ,  G07B2017/0075 ,  G07B2017/0087 ,  G07B2017/00879 ,  G07B2017/00887 ,  G07B2017/00919

摘要： A method for controlling keys used in the verification of encoded information generated by a transaction evidencing device and printed on a document comprises the steps of generating a plurality of random verifier master keys to obtain a set of verifier master keys consisting of a fixed number of keys; generating at least one pointer by applying a psuedorandom algorithm to data unique to the transaction evidencing device; calculating a plurality of verifier token keys to obtain a verifier token key set corresponding to the set of verifier master keys; encrypting the verifier token key set with a privacy key; and distributing the set verifier token keys and the privacy key to verifiers. The token keys are a function of the verifier master keys and a code valid for a limited time. The pointer algorithm is an appropriate symmetric key cryptographic algorithm and the code is function of a date dependent parameter. The master keys are distributed to postal and vendor data centers.

公开(公告)号：US5953427A

公开(公告)日：1999-09-14

申请号：US911969

申请日：1997-08-15

申请人： Robert A. Cordery ,  Steven J. Pauly ,  Leon A. Pintsov

发明人： Robert A. Cordery ,  Steven J. Pauly ,  Leon A. Pintsov

IPC分类号： G07B17/00 ,  H04L9/00

CPC分类号： G07B17/0008 ,  G07B17/00362 ,  G07B17/00435 ,  G07B17/00508 ,  G07B17/00733 ,  G07B17/00024 ,  G07B2017/00161 ,  G07B2017/00169 ,  G07B2017/00306 ,  G07B2017/00338 ,  G07B2017/00379 ,  G07B2017/00443 ,  G07B2017/00451 ,  G07B2017/0058 ,  G07B2017/00596 ,  G07B2017/00725 ,  G07B2017/0075 ,  G07B2017/0083 ,  G07B2017/00846

摘要： Methods and systems for preparing mailpieces involve the creation of mailing lists which includes correct and incorrect recipient address information. The list is transmitted to a data center. Received from the data center is a mailing list including addressed hygiened recipient address information and a digital token for each mailpiece with encrypted data. The encrypted data is based on the corrected address information for mailpieces with correct address information on the transmitted mailing list and on hygiened recipient address information the mailpieces with incorrect recipient address information on the transmitted mailing list. The digital tokens for each mailpiece may also be based on the rating parameter information.Selection is provided for utilizing a given one of the incorrect recipient address information and the correct recipient address information is applied to an encrypter generating the digital tokens. The encrypting means for generating digital tokens may be located remote from the mailer facility or on a mailer facility or other local area network. Various arrangements are employed in generating and printing digital tokens recipient address information and corrected recipient address information.

公开(公告)号：US5781634A

公开(公告)日：1998-07-14

申请号：US713571

申请日：1996-09-12

申请人： Robert A. Cordery ,  Steven J. Pauly ,  Leon A. Pintsov

发明人： Robert A. Cordery ,  Steven J. Pauly ,  Leon A. Pintsov

IPC分类号： G07B17/00 ,  H04L9/32

CPC分类号： G07B17/0008 ,  G07B17/00362 ,  G07B17/00435 ,  G07B17/00508 ,  G07B17/00733 ,  G07B17/00024 ,  G07B2017/00161 ,  G07B2017/00169 ,  G07B2017/00306 ,  G07B2017/00338 ,  G07B2017/00379 ,  G07B2017/00443 ,  G07B2017/00451 ,  G07B2017/0058 ,  G07B2017/00596 ,  G07B2017/00725 ,  G07B2017/0075 ,  G07B2017/0083 ,  G07B2017/00846

摘要： Methods and systems for preparing mailpieces involve the creation of mailing lists which includes correct and incorrect recipient address information. The list is transmitted to a data center. Received from the data center is a mailing list including addressed hygiened recipient address information and a digital token for each mailpiece with encrypted data. The encrypted data is based on the corrected address information for mailpieces with correct address information on the transmitted mailing list and on hygiened recipient address information the mailpieces with incorrect recipient address information on the transmitted mailing list. The digital tokens for each mailpiece may also be based on the rating parameter information. Selection is provided for utilizing a given one of the incorrect recipient address information and the correct recipient address information is applied to an encrypter generating the digital tokens. The encrypting means for generating digital tokens may be located remote from the mailer facility or on a mailer facility or other local area network. Various arrangements are employed in generating and printing digital tokens recipient address information and corrected recipient address information.

公开(公告)号：US5812666A

公开(公告)日：1998-09-22

申请号：US553812

申请日：1995-10-23

申请人： Walter J. Baker ,  Feliks Bator ,  Robert A. Cordery ,  Kevin D. Hunter ,  Kathryn V. Lawton ,  Louis J. Loglisci ,  Steven J. Pauly ,  Leon A. Pintsov ,  Frederick W. Ryan, Jr. ,  Monroe A. Weiant, Jr. ,  Gary M. Heiden

发明人： Walter J. Baker ,  Feliks Bator ,  Robert A. Cordery ,  Kevin D. Hunter ,  Kathryn V. Lawton ,  Louis J. Loglisci ,  Steven J. Pauly ,  Leon A. Pintsov ,  Frederick W. Ryan, Jr. ,  Monroe A. Weiant, Jr. ,  Gary M. Heiden

IPC分类号： G07B17/00 ,  G09C1/00 ,  H04L9/08 ,  H04L9/10 ,  H04L9/06

CPC分类号： H04L9/083 ,  G07B17/00733 ,  H04L9/0825 ,  H04L9/3213 ,  G07B17/0008 ,  G07B2017/00846 ,  G07B2017/00854 ,  G07B2017/00862 ,  G07B2017/0087 ,  G07B2017/00895 ,  G07B2017/00967

摘要： A Key Management System for generating, distributing and managing cryptographic keys used by an information transaction system that employs cryptographic means to produce evidence of information integrity. The system comprises a plurality of functionally distinct secure boxes operatively coupled to each other. Each of the secure boxes performs functions for key generation, key installation, key verification or validation of tokens. Computers, operatively coupled to the secure boxes, provide system control and facilitate communication among the secure boxes. A plurality of separate logical security domains provide domain processes for key generation, key installation, key verification and validation of tokens produced by the transaction evidencing device within the domain using the key management functions. A plurality of domain archives, corresponding respectively to each of the security domains, securely and reliably record key status records and master keys for each domain. The Key Management System installs the master keys in the transaction evidencing device and validates the tokens. The secure boxes include a key generation box for generating, encrypting and signing a master key; a key installation box for receiving, verifying and decrypting the signed master key and for installing the master key into the transaction evidencing device; a key verification box for verifying the installation of the master key in the transaction evidencing device, a token verification box for verifying the tokens, and at least one manufacturing box for generating domain keys and distributing the domain keys among the secure boxes for each of the domains.

摘要翻译： 一种密钥管理系统，用于生成，分发和管理信息交易系统使用的加密密钥，该信息交易系统采用加密手段来产生信息完整性的证据。 该系统包括可操作地彼此耦合的多个功能不同的安全盒。 每个安全盒都执行密钥生成，密钥安装，密钥验证或令牌验证的功能。 可操作地耦合到安全盒的计算机提供系统控制并促进安全盒之间的通信。 多个单独的逻辑安全域提供用于密钥生成，密钥安装，密钥验证和使用密钥管理功能由域内的交易证明设备产生的令牌的验证的域过程。 分别对应于每个安全域的多个域归档安全可靠地记录每个域的密钥状态记录和主密钥。 密钥管理系统将主密钥安装在事务证明设备中，并验证令牌。 安全盒包括用于生成，加密和签名主密钥的密钥生成盒; 用于接收，验证和解密签名的主密钥并将主密钥安装到交易证明设备中的密钥安装箱; 用于验证主密钥在交易证明设备中的安装的关键验证框，用于验证令牌的令牌验证盒，以及用于生成域密钥的至少一个制造盒，以及在每个的安全盒中分配域密钥 域名

公开(公告)号：US5682429A

公开(公告)日：1997-10-28

申请号：US522898

申请日：1995-09-09

申请人： Robert A. Cordery ,  Steven J. Pauly ,  Leon A. Pintsov

发明人： Robert A. Cordery ,  Steven J. Pauly ,  Leon A. Pintsov

IPC分类号： G07B17/00 ,  H04L9/32

CPC分类号： G07B17/0008 ,  G07B17/00362 ,  G07B17/00435 ,  G07B17/00508 ,  G07B17/00733 ,  G07B17/00024 ,  G07B2017/00161 ,  G07B2017/00169 ,  G07B2017/00306 ,  G07B2017/00338 ,  G07B2017/00379 ,  G07B2017/00443 ,  G07B2017/00451 ,  G07B2017/0058 ,  G07B2017/00596 ,  G07B2017/00725 ,  G07B2017/0075 ,  G07B2017/0083 ,  G07B2017/00846

摘要： Methods and systems for preparing mailpieces involve the creation of mailing lists which includes correct and incorrect recipient address information. The list is transmitted to a data center. Received from the data center is a mailing list including addressed hygiened recipient address information and a digital token for each mailpiece with encrypted data. The encrypted data is based on the corrected address information for mailpieces with correct address information on the transmitted mailing list and on hygiened recipient address information the mailpieces with incorrect recipient address information on the transmitted mailing list. The digital tokens for each mailpiece may also be based on the rating parameter information. Selection is provided for utilizing a given one of the incorrect recipient address information and the correct recipient address information is applied to an encrypter generating the digital tokens. The encrypting means for generating digital tokens may be located remote from the mailer facility or on a mailer facility or other local area network. Various arrangements are employed in generating and printing digital tokens recipient address information and corrected recipient address information.

摘要翻译： 用于准备邮件的方法和系统涉及创建包括正确和不正确的收件人地址信息的邮件列表。 该列表被传送到数据中心。 从数据中心接收的邮件列表包括处理的收件人地址信息和每个具有加密数据的邮件的数字令牌。 加密数据基于用于在发送的邮寄列表上具有正确地址信息的邮件的已更正地址信息，以及在发送的邮件列表上具有不正确的收件人地址信息的邮件的收件人地址信息。 每个邮件的数字令牌也可以基于评级参数信息。 提供选择以利用给定的一个不正确的接收者地址信息，并且将正确的接收者地址信息应用于产生数字令牌的加密器。 用于产生数字令牌的加密装置可以位于远离邮件设备或邮寄设备或其他局域网的位置。 在生成和打印数字令牌收件人地址信息和修正的收件人地址信息时采用各种布置。

公开(公告)号：US5661803A

公开(公告)日：1997-08-26

申请号：US414896

申请日：1995-03-31

申请人： Robert A. Cordery ,  John F. Braun ,  Frank M. D'Ippolito ,  Kathyrn V. Lawton ,  Steven J. Pauly ,  Leon A. Pintsov ,  Frederick W. Ryan, Jr. ,  Monroe A. Weiant, Jr.

发明人： Robert A. Cordery ,  John F. Braun ,  Frank M. D'Ippolito ,  Kathyrn V. Lawton ,  Steven J. Pauly ,  Leon A. Pintsov ,  Frederick W. Ryan, Jr. ,  Monroe A. Weiant, Jr.

IPC分类号： G07F7/02 ,  B65G61/00 ,  G06F12/00 ,  G06F15/16 ,  G06F15/177 ,  G06Q10/00 ,  G06Q50/00 ,  G07B17/00 ,  G09C1/00 ,  H04L9/08 ,  H04L9/32 ,  H04L9/00

CPC分类号： H04L9/3213 ,  G07B17/00733 ,  H04L9/0825 ,  H04L9/083 ,  G07B2017/00766 ,  G07B2017/00846 ,  G07B2017/00854 ,  G07B2017/0087 ,  G07B2017/00887 ,  G07B2017/00895 ,  G07B2017/00967

摘要： A method of token verification in a Key Management System provides a logical device identifier and a master key created in a logical security domain to a transaction evidencing device, such as a digital postage meter. The method creates a master key record in a key verification box, securely stores the master key record in a Key Management System archive, and produces in the transaction evidencing device evidence in the logical security domain of transaction information integrity. The method inputs the evidence of the transaction information integrity to a token verification box, and inputs in the token verification box the master key record from the Key Management System archive. The method determines in the token verification box that the master key is valid in logical security domain, uses in the token verification box the master key to verify the evidence of transaction information integrity, and outputs from the token verification box an indication of the result of the verification of the evidence of transaction information integrity. The master key record includes the logical device identifier, the master key and a digital signature associating the logical device identifier and the master key. The method checks the digital signature to verify the association of the logical device identifier and the master key within the logical security domain.

摘要翻译： 密钥管理系统中的令牌验证方法为逻辑安全域中创建的逻辑设备标识符和主密钥提供给诸如数字邮资计费器之类的交易证明设备。 该方法在密钥验证框中创建主密钥记录，将主密钥记录安全地存储在密钥管理系统归档中，并在交易证明装置中产生交易信息完整性的逻辑安全域中的证据。 该方法将交易信息完整性的证据输入令牌验证框，并在令牌验证框中输入密钥管理系统归档中的主密钥记录。 该方法在令牌验证框中确定主密钥在逻辑安全域中有效，在令牌验证框中使用主密钥验证交易信息完整性的证据，并从令牌验证框输出结果的指示 验证交易信息完整性的证据。 主密钥记录包括逻辑设备标识符，主密钥和与逻辑设备标识符和主密钥相关联的数字签名。 该方法检查数字签名以验证逻辑设备标识符与主密钥在逻辑安全域内的关联。

公开(公告)号：US5454038A

公开(公告)日：1995-09-26

申请号：US161560

申请日：1993-12-06

申请人： Robert A. Cordery ,  Steven J. Pauly ,  Leon A. Pintsov

发明人： Robert A. Cordery ,  Steven J. Pauly ,  Leon A. Pintsov

IPC分类号： G07B17/00 ,  H04L9/32

CPC分类号： G07B17/0008 ,  G07B17/00362 ,  G07B17/00435 ,  G07B17/00508 ,  G07B17/00733 ,  G07B17/00024 ,  G07B2017/00161 ,  G07B2017/00169 ,  G07B2017/00306 ,  G07B2017/00338 ,  G07B2017/00379 ,  G07B2017/00443 ,  G07B2017/00451 ,  G07B2017/0058 ,  G07B2017/00596 ,  G07B2017/00725 ,  G07B2017/0075 ,  G07B2017/0083 ,  G07B2017/00846

摘要： Methods and systems for preparing mailpieces involve the creation of mailing lists which includes correct and incorrect recipient address information. The list is transmitted to a data center. Received from the data center is a mailing list including addressed hygiened recipient address information and a digital token for each mailpiece with encrypted data. The encrypted data is based on the corrected address information for mailpieces with correct address information on the transmitted mailing list and on hygiened recipient address information the mailpieces with incorrect recipient address information on the transmitted mailing list. The digital tokens for each mailpiece may also be based on the rating parameter information.Selection is provided for utilizing a given one of the incorrect recipient address information and the correct recipient address information is applied to an encrypter generating the digital tokens. The encrypting means for generating digital tokens may be located remote from the mailer facility or on a mailer facility or other local area network. Various arrangements are employed in generating and printing digital tokens recipient address information and corrected recipient address information.

摘要翻译： 用于准备邮件的方法和系统涉及创建包括正确和不正确的收件人地址信息的邮件列表。 该列表被传送到数据中心。 从数据中心接收的邮件列表包括处理的收件人地址信息和每个具有加密数据的邮件的数字令牌。 加密数据基于用于在发送的邮寄列表上具有正确地址信息的邮件的已更正地址信息，以及在发送的邮件列表上具有不正确的收件人地址信息的邮件的收件人地址信息。 每个邮件的数字令牌也可以基于评级参数信息。 提供选择以利用给定的一个不正确的接收者地址信息，并且将正确的接收者地址信息应用于产生数字令牌的加密器。 用于产生数字令牌的加密装置可以位于远离邮件设备或邮寄设备或其他局域网的位置。 在生成和打印数字令牌收件人地址信息和修正的收件人地址信息时采用各种布置。

公开(公告)号：US07756795B2

公开(公告)日：2010-07-13

申请号：US09748889

申请日：2000-12-27

申请人： Frederick W. Ryan, Jr. ,  Thomas J. Foth ,  Cathy C. Morrissey ,  Steven J. Pauly ,  Leon A. Pintsov

发明人： Frederick W. Ryan, Jr. ,  Thomas J. Foth ,  Cathy C. Morrissey ,  Steven J. Pauly ,  Leon A. Pintsov

IPC分类号： G06F17/00

CPC分类号： G07B17/00435 ,  G06Q30/0283 ,  G07B2017/00443

摘要： A mail piece verification system for processing a mail piece having associated therewith mail piece data includes an incoming mail processing center, an outgoing mail processing center located downstream from the incoming mail processing center and a data center in operative communication with the incoming mail processing center and the outgoing mail processing center. The incoming mail processing center receives the mail piece, obtains the mail piece and uploads the mail piece data to the data center. The data center performs a verification check on the mail piece data and downloads instructions based upon the verification check to the outgoing mail processing center. The outgoing mail processing center uses the instructions to process the mail piece.

摘要翻译： 用于处理具有与其相关联的邮件数据的邮件的邮件验证系统包括进入的邮件处理中心，位于来自邮件处理中心下游的传出邮件处理中心和与所接收邮件处理中心可操作地通信的数据中心，以及 外发邮件处理中心。 接收邮件处理中心接收邮件，获取邮件并将邮件数据上传到数据中心。 数据中心对邮件数据执行验证检查，并根据验证检查向外发邮件处理中心下载指令。 外发邮件处理中心使用说明来处理邮件。