公开(公告)号：US20060069655A1

公开(公告)日：2006-03-30

申请号：US10953828

申请日：2004-09-29

申请人： G. Athens ,  Michael Shukaitis ,  Robert Sission

发明人： G. Athens ,  Michael Shukaitis ,  Robert Sission

IPC分类号： H04L9/00

CPC分类号： H04L9/3242 ,  G06Q20/3674 ,  G06Q20/382 ,  G06Q20/3829 ,  G07B17/00733 ,  G07B2017/00774 ,  G07B2017/00846 ,  G07B2017/00967 ,  G07C9/00166 ,  H04L9/3247 ,  H04L9/3273

摘要： A method of authenticating a PSD and an initializing infrastructure that uses a secret key, a PSD public/private key pair and a provider public/private key pair. The infrastructure prepares a signed provider key record using the provider public key and the provider private key and a first MAC using the signed provider key record and the secret key. Both are sent to the PSD. The PSD authenticates the signed provider key record using the first MAC and the provider public key using the included digital signature. The PSD prepares a signed PSD key record using the PSD public key and the PSD private key and a second MAC using the signed PSD key record and the secret key. Both are sent to the infrastructure. The infrastructure authenticates the signed PSD key record using the second MAC and the PSD public key using the included digital signature.

摘要翻译： 验证PSD的方法和使用秘密密钥，PSD公钥/私钥对以及提供商公钥/私钥对的初始化基础设施的方法。 基础设施使用提供商公钥和提供者私钥来准备签名的提供商密钥记录，并且使用签名的提供者密钥记录和秘密密钥来准备第一个MAC。 两者都发送到PSD。 PSD使用包含的数字签名，使用第一个MAC和提供者公开密钥对签名的提供商密钥记录进行身份验证。 PSD使用PSD公开密钥和PSD私钥来准备签名的PSD密钥记录，并且使用签名的PSD密钥记录和秘密密钥来准备第二MAC。 两者都被发送到基础设施。 基础设施使用附带的数字签名，使用第二MAC和PSD公开密钥对签名的PSD密钥记录进行认证。

公开(公告)号：US20020065782A1

公开(公告)日：2002-05-30

申请号：US09726744

申请日：2000-11-30

申请人： Pitney Bowes Inc.

发明人： Craig J. DeFilippo ,  Joseph L. Gargiulo

IPC分类号： G06F017/60

CPC分类号： G07B17/00733 ,  G07B2017/00177 ,  G07B2017/00322 ,  G07B2017/00741 ,  G07B2017/00846 ,  G07B2017/00854 ,  G07B2017/00879

摘要： A postage meter includes a vault that accounts for postage dispensed by the postage meter; and a printhead module having a printhead for printing the postage dispensed; a smart card chip having a ROM having software code stored therein; an EEPROM having an encrypted key and executable code stored therein, a CPU; a RAM; and a flash memory having an encrypted pointer data file stored therein. During power-up of the postage meter the encrypted pointer data file is read from the flash memory into the RAM by the CPU, the CPU uses the executable code to decrypt the encrypted pointer data file to obtain from the software code components parts of a decryption key and to assemble in the ram the decryption key from the component parts, the CPU uses the assembled decryption key and the executable code to decrypt the encrypted cryptographic key, and the CPU stores the decrypted cryptographic key in a secure area of the EEPROM, erases the decryption key and the encrypted pointer data file from the RAM, erases the encrypted cryptographic key and executable code from the EEPROM, and erases the pointer data file from the flash memory.

摘要翻译： 邮费计包括一个帐篷，用于计算邮资计费器分发的邮资; 以及打印头模块，其具有用于打印分配的邮资的打印头; 具有存储有软件代码的ROM的智能卡芯片; 具有存储在其中的加密密钥和可执行代码的EEPROM，CPU; 一个RAM 以及存储有加密的指针数据文件的闪速存储器。 在邮资计费器上电期间，CPU将加密指针数据文件从闪存读取到RAM中，CPU使用可执行代码对加密的指针数据文件进行解密，从软件代码中获得解密部分 键，并且从RAM中组装解密密钥，CPU使用组合的解密密钥和可执行代码对加密的加密密钥进行解密，并且CPU将解密的加密密钥存储在EEPROM的安全区域中，擦除 来自RAM的解密密钥和加密指针数据文件从EEPROM中擦除加密的加密密钥和可执行代码，并从闪存中擦除指针数据文件。

公开(公告)号：US06192473B1

公开(公告)日：2001-02-20

申请号：US08773472

申请日：1996-12-24

申请人： Frederick W. Ryan, Jr. ,  Robert W. Sisson

发明人： Frederick W. Ryan, Jr. ,  Robert W. Sisson

IPC分类号： H04L900

CPC分类号： G06F21/445 ,  G06Q20/3674 ,  G06Q20/382 ,  G06Q20/3821 ,  G06Q20/401 ,  G07B17/00024 ,  G07B17/00733 ,  G07B2017/00056 ,  G07B2017/00145 ,  G07B2017/00201 ,  G07B2017/00766 ,  G07B2017/00846 ,  G07B2017/00879 ,  G07B2017/00967

摘要： A method is provided for establishing mutual authentication and secure communications between an microprocessor-based transaction evidencing device and a microprocessor-based server coupled thereto. A session key KS is generated at the transaction evidencing device and encrypted with a first key K1 to form a first message. The first message is sent to the server and decrypted using a second key K2. In response to the first message a second message is generated at the server and encrypted using the session key KS. The encrypted second message is sent to the transaction evidencing device and decrypted using the session key KS. A response to the second message is generated at the transaction evidencing device and is signed using a third key K3. The signed response is encrypted with the session key KS and transmitted to the server. The encrypted signed response is decrypted using the session key KS and the signature is verified using a fourth key k4.

摘要翻译： 提供了一种用于在基于微处理器的交易证明设备和与其耦合的基于微处理器的服务器之间建立相互认证和安全通信的方法。 会话密钥KS在交易证明设备处生成并用第一密钥K1加密以形成第一消息。 第一个消息被发送到服务器并使用第二个密钥K2进行解密。 响应于第一消息，在服务器处生成第二消息并使用会话密钥KS进行加密。 将加密的第二消息发送到交易证明设备并使用会话密钥KS进行解密。 在交易证明设备上产生对第二消息的响应，并使用第三密钥K3进行签名。 签名的响应使用会话密钥KS加密并发送到服务器。 使用会话密钥KS解密加密的签名响应，并使用第四密钥k4来验证签名。

公开(公告)号：US5953427A

公开(公告)日：1999-09-14

申请号：US911969

申请日：1997-08-15

申请人： Robert A. Cordery ,  Steven J. Pauly ,  Leon A. Pintsov

发明人： Robert A. Cordery ,  Steven J. Pauly ,  Leon A. Pintsov

IPC分类号： G07B17/00 ,  H04L9/00

CPC分类号： G07B17/0008 ,  G07B17/00362 ,  G07B17/00435 ,  G07B17/00508 ,  G07B17/00733 ,  G07B17/00024 ,  G07B2017/00161 ,  G07B2017/00169 ,  G07B2017/00306 ,  G07B2017/00338 ,  G07B2017/00379 ,  G07B2017/00443 ,  G07B2017/00451 ,  G07B2017/0058 ,  G07B2017/00596 ,  G07B2017/00725 ,  G07B2017/0075 ,  G07B2017/0083 ,  G07B2017/00846

摘要： Methods and systems for preparing mailpieces involve the creation of mailing lists which includes correct and incorrect recipient address information. The list is transmitted to a data center. Received from the data center is a mailing list including addressed hygiened recipient address information and a digital token for each mailpiece with encrypted data. The encrypted data is based on the corrected address information for mailpieces with correct address information on the transmitted mailing list and on hygiened recipient address information the mailpieces with incorrect recipient address information on the transmitted mailing list. The digital tokens for each mailpiece may also be based on the rating parameter information.Selection is provided for utilizing a given one of the incorrect recipient address information and the correct recipient address information is applied to an encrypter generating the digital tokens. The encrypting means for generating digital tokens may be located remote from the mailer facility or on a mailer facility or other local area network. Various arrangements are employed in generating and printing digital tokens recipient address information and corrected recipient address information.

公开(公告)号：US5781634A

公开(公告)日：1998-07-14

申请号：US713571

申请日：1996-09-12

申请人： Robert A. Cordery ,  Steven J. Pauly ,  Leon A. Pintsov

发明人： Robert A. Cordery ,  Steven J. Pauly ,  Leon A. Pintsov

IPC分类号： G07B17/00 ,  H04L9/32

CPC分类号： G07B17/0008 ,  G07B17/00362 ,  G07B17/00435 ,  G07B17/00508 ,  G07B17/00733 ,  G07B17/00024 ,  G07B2017/00161 ,  G07B2017/00169 ,  G07B2017/00306 ,  G07B2017/00338 ,  G07B2017/00379 ,  G07B2017/00443 ,  G07B2017/00451 ,  G07B2017/0058 ,  G07B2017/00596 ,  G07B2017/00725 ,  G07B2017/0075 ,  G07B2017/0083 ,  G07B2017/00846

摘要： Methods and systems for preparing mailpieces involve the creation of mailing lists which includes correct and incorrect recipient address information. The list is transmitted to a data center. Received from the data center is a mailing list including addressed hygiened recipient address information and a digital token for each mailpiece with encrypted data. The encrypted data is based on the corrected address information for mailpieces with correct address information on the transmitted mailing list and on hygiened recipient address information the mailpieces with incorrect recipient address information on the transmitted mailing list. The digital tokens for each mailpiece may also be based on the rating parameter information. Selection is provided for utilizing a given one of the incorrect recipient address information and the correct recipient address information is applied to an encrypter generating the digital tokens. The encrypting means for generating digital tokens may be located remote from the mailer facility or on a mailer facility or other local area network. Various arrangements are employed in generating and printing digital tokens recipient address information and corrected recipient address information.

公开(公告)号：US08438115B2

公开(公告)日：2013-05-07

申请号：US11234050

申请日：2005-09-23

申请人： Steven J. Pauly ,  Michael J. Shukaitis

发明人： Steven J. Pauly ,  Michael J. Shukaitis

IPC分类号： G06Q20/00

CPC分类号： G07B17/00733 ,  G07B2017/00846

摘要： In a system including a postage printing device and a data center, wherein the postage printing device and the data center have a first set of keys for use in requesting and downloading a plurality of postage data records from the data center for use in printing postal indicia, a method of securely transferring the postage printing device and any postage value stored therein from a first user to a second user. According to the method, a new set of keys for requesting and downloading postage data records is generated, any current postage value stored in the printer device is securely transferred to the second user using the new keys and some of the first set of keys, and the first set of keys is zeroed, thereby protecting the first user from any potential theft or fraud of postage funds on the part of the second user.

摘要翻译： 在包括邮资打印装置和数据中心的系统中，邮资打印装置和数据中心具有用于从数据中心请求和下载多个邮资数据记录的第一组密钥，用于打印邮戳 一种将邮资打印装置和从第一用户存储的任何邮资值安全地传送到第二用户的方法。 根据该方法，生成用于请求和下载邮资数据记录的新的一组密钥，使用新密钥和第一组密钥将存储在打印机设备中的任何当前邮资值安全地传送到第二用户，以及 第一组密钥被归零，从而保护第一用户免受第二用户的邮资的任何潜在盗窃或欺诈。

公开(公告)号：US20100131759A1

公开(公告)日：2010-05-27

申请号：US12579647

申请日：2009-10-15

申请人： Leon A. Pintsov

发明人： Leon A. Pintsov

IPC分类号： H04L9/32 ,  G09C5/00

CPC分类号： G06Q10/08 ,  G07B17/00508 ,  G07B17/00661 ,  G07B17/00733 ,  G07B2017/00443 ,  G07B2017/0058 ,  G07B2017/00709 ,  G07B2017/00846

摘要： Methods and systems for authenticating senders and recipients in a carrier system and providing receipt of specified content by a recipient are provided. A one-time recipient identification code is generated that can be entered into the delivery agent's portable terminal. Data is protected against eavesdropping by encryption and by splitting cipher text and an encryption key into two parts that are not accessible to any single party except at the moment of the mail unit delivery.

摘要翻译： 提供了用于在运营商系统中认证发送者和接收者并且由接收者提供指定内容的接收的方法和系统。 生成可以输入到交付代理的便携式终端的一次性接收者识别码。 保护数据免受加密窃听，并将密文和加密密钥分成两部分，除了邮件单元传送之外，除了任何一方都不可访问。

公开(公告)号：US06941284B2

公开(公告)日：2005-09-06

申请号：US09726744

申请日：2000-11-30

申请人： Craig J. DeFilippo ,  Joseph L. Gargiulo

发明人： Craig J. DeFilippo ,  Joseph L. Gargiulo

IPC分类号： G07B17/00 ,  H04K1/00 ,  G06F17/60

CPC分类号： G07B17/00733 ,  G07B2017/00177 ,  G07B2017/00322 ,  G07B2017/00741 ,  G07B2017/00846 ,  G07B2017/00854 ,  G07B2017/00879

摘要： A postage meter includes a vault that accounts for postage dispensed by the postage meter; and a printhead module having a printhead for printing the postage dispensed; a smart card chip having a ROM having software code stored therein; an EEPROM having an encrypted key and executable code stored therein, a CPU; a RAM; and a flash memory having an encrypted pointer data file stored therein. During power-up of the postage meter the encrypted pointer data file is read from the flash memory into the RAM by the CPU, the CPU uses the executable code to decrypt the encrypted pointer data file to obtain from the software code components parts of a decryption key and to assemble in the ram the decryption key from the component parts, the CPU uses the assembled decryption key and the executable code to decrypt the encrypted cryptographic key, and the CPU stores the decrypted cryptographic key in a secure area of the EEPROM, erases the decryption key and the encrypted pointer data file from the RAM, erases the encrypted cryptographic key and executable code from the EEPROM, and erases the pointer data file from the flash memory.

摘要翻译： 邮费计包括一个帐篷，用于计算邮资计费器分发的邮资; 以及打印头模块，其具有用于打印分配的邮资的打印头; 具有存储有软件代码的ROM的智能卡芯片; 具有存储在其中的加密密钥和可执行代码的EEPROM，CPU; 一个RAM 以及存储有加密的指针数据文件的闪速存储器。 在邮资计费器上电期间，CPU将加密指针数据文件从闪存读取到RAM中，CPU使用可执行代码对加密的指针数据文件进行解密，从软件代码中获得解密部分 键，并且从RAM中组装解密密钥，CPU使用组合的解密密钥和可执行代码对加密的加密密钥进行解密，并且CPU将解密的加密密钥存储在EEPROM的安全区域中，擦除 来自RAM的解密密钥和加密指针数据文件从EEPROM中擦除加密的加密密钥和可执行代码，并从闪存中擦除指针数据文件。

公开(公告)号：US20030097336A1

公开(公告)日：2003-05-22

申请号：US09992851

申请日：2001-11-19

申请人： Pitney Bowes Inc., 1

发明人： Robert A. Cordery

IPC分类号： G06F017/60

CPC分类号： G07B17/00733 ,  G06Q20/367 ,  G06Q30/0283 ,  G06Q50/06 ,  G07B2017/00588 ,  G07B2017/00846 ,  G07B2017/00854

摘要： A method for communicating a re-keying message from a postage meter to a registration authority includes the steps of determining at the postage meter that a current key needs to be replaced with a new key; generating in the postage meter the new key; creating in the postage meter the re-keying message, the re-keying message including at least a device identifier and the new key; using the postage meter for printing the re-keying message in a machine-readable form on a recording medium; and mailing the recording medium to the registration authority.

摘要翻译： 用于将重新键入消息从邮资计费器传送到注册机构的方法包括以下步骤：在邮资计费器上确定当前密钥需要用新的密钥替换; 在邮资中产生新的钥匙; 在所述邮资计费器中创建所述重新键入消息，所述重新键入消息至少包括设备标识符和所述新密钥; 使用邮资计费器以机器可读形式在记录介质上打印重新键入消息; 并将记录媒体邮寄到注册机构。

公开(公告)号：US5812990A

公开(公告)日：1998-09-22

申请号：US773537

申请日：1996-12-23

申请人： Frederick W. Ryan, Jr. ,  Robert W. Sisson

发明人： Frederick W. Ryan, Jr. ,  Robert W. Sisson

IPC分类号： G07B17/00 ,  G07B17/02

CPC分类号： G07B17/0008 ,  G07B17/00733 ,  G07B2017/00056 ,  G07B2017/00161 ,  G07B2017/00169 ,  G07B2017/0075 ,  G07B2017/00766 ,  G07B2017/00846 ,  G07B2017/00967

摘要： A system and method is provided for refilling a postage metering system that includes a host coupled to a postal security device (PSD). A user enters a first request for postage refill which is transmitted to a meter server. The meter server transmits a request for a PSD audit to the postage metering system. PSD audit data is signed with a first secret key stored in the PSD to produce an audit message that includes a first signature and the PSD audit data. The audit message is transmitted to the meter server which transmits the first signature to a key management system which then verifies the first signature using a second secret key stored in the key management system. The PSD audit data is verified at the meter server which then constructs a second request for meter refill and transmits it to a meter recharging data center. The meter recharging data center generates a refill combination and transmits it to the meter server. The refill combination is transmitted from the meter server to the key management system for signature using the second secret key to produce a refill message that is transmitted to the meter server. The refill message includes a second signature and the refill combination. The refill message is transmitted to the PSD which verifies the signature and the refill combination using the first secret key and credits the PSD for the amount.

摘要翻译： 提供了一种系统和方法，用于重新填充包含耦合到邮政安全设备（PSD）的主机的邮资计费系统。 用户输入发送到仪表服务器的邮资再填充的第一请求。 仪表服务器向邮资计费系统发送PSD审核请求。 PSD审核数据使用存储在PSD中的第一秘密密钥进行签名，以产生包含第一签名和PSD审核数据的审核消息。 审计消息被发送到计费服务器，该服务器将第一签名发送到密钥管理系统，密钥管理系统然后使用存储在密钥管理系统中的第二秘密密钥来验证第一签名。 PSD审核数据在仪表服务器上进行验证，然后构建计量器补充的第二个请求，并将其发送到仪表充电数据中心。 仪表充电数据中心生成一个重新填充组合并将其传输到仪表服务器。 重新填充组合从计量服务器发送到密钥管理系统以使用第二密钥进行签名，以产生发送到计费服务器的补充消息。 再填充消息包括第二签名和再填充组合。 将补充消息发送到PSD，PSD使用第一秘密密钥验证签名和再填充组合，并将该PSD记入该金额。