The present invention relates to a method and apparatus for assuring the integrity of a smart card by using holographic technologies.

Background Art Traditional smart card technologies and holographic technologies will be described with referring to the figures.

In the 1990's, the IC card technologies used for various fields such as communication, finance, traffic or"E-business"rapidly grew in conjunction with an increase of internet use and change in the communication environment. In particular, applications of the IC card have greatly expanded because high capacity memory and high reliance security can now be assured based on the development of semiconductor and software technologies, in contrast with existing magnetic stripes. The IC card may be categorized as a memory card and a smart card based on the function of a chip. The memory card only stores data. Also, the smart card stores data and has a CPU. Furthermore, the IC card may be categorized as a touch-type card and a non-touch-type card based on interfacing between a card and a card reader. The non-touch-type is indicated as an RF card.

The smart card may be defined as a plastic card including a microprocessor, an OS, a secure module, a memory, I/O device, and IC chip for managing some transactions.

The smart card has a battery. The card reader may provide energy to the smart card. The memory may be an EPROM because the EPROM maintains stored data when no power is generated. The life cycle of the smart card may be segmented into a manufacturing step, an initial setting up step, an individualization step, and an application step. Namely, the smart card may be established with a serial number and engaged for permanent applications when it is manufactured. Accordingly, the smart card may store data relevant to the card user, and be used for remainder applications. Even to the present, demands of the smart card have been applied to satisfy various needs in the various fields such as communication, finance, medical care, home electronic device, or security.

Also, the smart card technologies may have ridiculous potential energy in the environment of providing general infra, regardless of initial investment cost.

FIG 1 is a block diagram for illustrating schematically the configuration of a smart card.

Referring to FIG 1, the smart card 101 comprises a processor 103, a ROM 105, a RAM 107, an EPROM 109 and an I/O device 111. The ROM 105, the RAM 107 and the EPROM 109 are coupled with the processor 103 via a bus. Description of each device may be follow.

The bus is used for coupling the ROM 105, the RAM 107, and the EPROM 109 with the processor 103. The bus comprises an address bus for tracing the location of data,

and a data bus for transmitting the data. Through the address bus, a control signal 113 may be transmitted. Also, through the data bus, a data 115 may be transmitted.

The processor 103 controls the ROM 105, the RAM 107, the EPROM 109 and the I/O device by OS (Operating System) stored in the ROM 105. Also, the processor 103 processes application programs by using application programs stored in the ROM 105, various variables stored in the RAM for the application programs, and data stored in the EPROM 109. Also, the processor 103 extracts data stored in the EPROM 109, and transmits the data to a card reader, according to the request of the card reader. Also, the processor 103 performs the encryption and the decryption procedure by using secret algorithms such as DES (Data Encryption Standard), public key algorithm such as RSA (Rivest, Shamir, Adleman), and various hash algorithms.

The ROM 105 stores the OS and the application programs. The RAM 107 is a non-volatility memory, and stores various variables for the application programs. Also, the EPROM 109 stores user information, or various data. The typical OS of the smart card is MULTOS. Also, the typical application is java card API. The MULTOS is development by the Mondex, and is operated by the MAOSCO (Multi-Application Operating System for Smart Card). The MULTOS includes a key management authentication, an MEL programming language, a tool, and an individualization procedure. Recently, the MULTOS is applied to the PKI (Public Key Infrastructure) applications, and the e-businesses. The recent MULTOS Version 5 is awarded high quality security grade, and is interchangeable with GSM SIM/3GPP USIM technologies. Also, the MULTOS Version 5 supports

encryption algorithms using for protecting GSM calls. Also, the MULTOS Version 5 is applied to the dual slot telephones and USIM telephones. The MULTOS may be interchangeable with international formal standard such as ISO 7816, and industrial exclusive use standard such as Europay/Master Card/Visa (EMV). The MULTOS follows the ISO 7816-1, 7816-2, and 7816-3, and is interchangeable with the ISO/EMV. The memory size for performing the MULTOS is needed at least 1KB RAM, 16KB EPROM.

The java card is a tool for card applet developers. The java card is designated by hardware platform and individual one language. The java API designates card application codes. An individual platform layer based on the ISO/IEC 7816-4, is located between java applications. Also, the java API provides an interface such as PS/SC, original code, java drive. The applet, java application, is translated by the java VM (Virtual Machine) whenever the application is processed. The VM is relevant to a java interpreter and basic operating system. The java application is stored in the memory area of the micro processor of the smart card processed by the VM. Any card coupled with the java card interpreter processes same applications, because the processing code has no concerned with the platform. So, the application is located in the single card parallel. The java card must not compete with WFSC or MULTOS, may be located as API, and may be processed by the OS. A global platform initialed by the VISA is based on the java card platform. An open- type platform is defined as applet section mechanism for operating application with java card in the existing terminal besides card domain for managing. The delivery of the applet is controlled by the card issuer. The delivery mechanism of the applet is designed in

importance in the internet, for performing by the applet provider. The java card API is changeable with the international formal standard such as ISO 7816 and the industrial exclusive use standard such as EMV. The java card 2.1. 1 technology may provide an individual platform, store and update multiple applications. Also, the java card 2.1. 1 is changeable with existing smart card standard. The environment of smart card is needed at least 300 KIP CPU, 12KB ROM, 4KB EPROM and 513 Byte RAM, for processing the java card API.

The I/O device 111 transmits data to the card reader, and receives data from the card reader.

When light is bumped against an object, the reflected light is input human eyes.

A picture is stored the object's image by a lens. However, the picture does not generate the object in a three dimension. Namely, the picture stores darkness and color of the object on a two dimensional film, and does not stores the distances from the human eyes to the objects.

The amplitude means the degree of darkness of the object. Also, the phase means the position of the object. A three dimensional image may be regenerated when the amplitude and the phase is stored.

The holography technologies may regenerate three dimensional images. The hologram technologies stores reflected light and irradiated light at another side. When the two lights have crossed, an interference pattern is generated at each side of the object according to the phase difference of the reflected lights. In the interference pattern, the amplitude and the phase of the object are stored. These interference patterns may be

generated by only a laser with single wave length. The picture film stored as the interference patterns corresponding with the object is named a hologram, and the technology for storing the hologram is named holography. Recently, PVC stores images of the objects. The light stored with the object wave is standard wave. The regeneration procedure regenerates the object wave by irradiating the standard wave to the hologram.

The hologram has specific characteristic, besides storing and regenerating the three dimensional image. The hologram has high redundancy. Using the hologram, original data is regenerated by its redundancy. Also, exact data may be regenerated by its redundancy.

The hologram may store and regenerate various data multiply. There are three multiple storing method in the hologram. The first method is to change special location stored in the hologram when the hologram is stored in a film. The second method is to change special frequency of the interference pattern changing the direction of the standard wave. Also, the third method is to change the storing condition of the standard wave, by coding the standard wave.

The holographic technologies may be used for encryption and decryption data.

FIGS. 2a-5b illustrate schematically the holographic technologies and encryption and decryption procedure by using digital process devices.

FIG. 2a illustrates an example of an optical assembly for use in an encryption technique with a one-dimensional function. Referring to FIG. 2a, the data image f (x) to be encrypted is placed at an input plane 201 and a random phase mask having a one- dimensional function, (i. e., expU2xn (x)]), is attached to it. A Fourier transform of the

product of the image and the random phase function is obtained at a Fourier Plane 203 by a Fourier transform lens 205, (i. e. , a beam 207). The Fourier transform of this product (beam 207) is multiplied by another random phase mask having a one-dimensional function, (i. e., expjjb (v)]), which is placed at a plane 203, thus resulting in a beam 80. Taking another Fourier transform of beam 209 by a Fourier Transform lens 211, the encrypted image data q) (x) is obtained at a plane 213. An optical recording media is placed at the plane 213, whereby a holographic optical memory is obtained.

FIG. 2b illustrates schematically an example of an optical assembly for use in a decryption technique having a one-dimensional function. Referring to FIG. 2b, to decrypt the memory b (x), a key, which is a complex conjugate of the white random sequence for the encryption, is needed. The encrypted memory is placed at an input plane 215, and is within the path of a generally coherent light beam. A Fourier transform of the encrypted image 4) (x) is obtained at a plane 217 by a Fourier transform lens 219, (i. e. , a beam 231), where it is multiplied by a decoding phase mask having a one-dimensional function, (i. e., exp [-jb (v) ] ), that is one complex conjugate of the function of a random coding phase mask,<BR> (i. e., exp [jb (v) ] ), resulting in a beam 233. Taking another Fourier transform of the beam 233 by a Fourier transform lens 235, the original (decrypted) image data (beam 237) is obtained at an output plane 241 by a detector (e. g. , a one-dimensional CCD camera or<BR> array), whereby the first random phase modulation, (i. e., exp [jn (x) ] ), is removed, as previously described. It is generally known that without this key, the encrypted image cannot be recovered. With a plurality of images to be encrypted and stored, (e. g., fi (x), f2 (x),

..., fm (x)), m pairs of ni (x) and bi (v) (i = 1,2,..., m) can be created to encrypt each image by each key bi (v). In this case, the encrypt memory 4) (x) is where a, (x) is the Fourier transform of exp [jbi (v)]. With b (x) at the input plane 215 of the decrypt system, exp [-jbi (v)] is used as the key. At the Fourier plane 217, the Fourier transform of the output is where Ni (v) is the Fourier transform of ni (x). Since bk (v) is independent of b, (v) for all i k, each term in the summation in the above equation becomes a stationary white noise at the output of the decrypt system. Only tk (x) is decrypted from 4) (x). The non-decrypted terms in the above equation contribute stationary white noises at the output plane as background noise. This problem can be solved with the use of volume holograms with different multiplexing techniques. Using different keys to decrypt different memory data allows the memory to be distributed through public channels. Only the keys must be distributed securely. This allows many users to share the same encrypted memory without sacrificing security.

FIG. 3 illustrates schematically a digital process device for the encryption and decryption of image data. FIG. 4a illustrates the encryption procedure for image data. Also, FIG. 4b illustrates the decryption procedure for image data. Referring to FIG. 3, FIG. 4a

and FIG. 4b, an image f (x, y) to be encrypted is digitized. The digitized image signals are processed by a processor 301 having memory 303. More specifically, the image is multiplied by a first random function, (e. g. , exp [jn (x, y) ] ), by the processor 301. A Fourier transform of the product of the image and the first random phase function are obtained by the processor 301. This Fourier transform is then multiplied by a second random function, (e. g., exp [jb (a, ß)]), by the processor 301. A Fourier transform of this second product is obtained by the processor 301, resulting in an encrypted digitized image signal ¢ (x, y).

To decrypt an encrypted image, the encrypted image is digitized. The encrypted digitized image signals are processed by a processor 301. More specifically, a Fourier transform of the encrypted image is obtained. This Fourier transform is multiplied by a third function, (i. e. , exp [jb (ex, ß)]), which is the complex conjugate of the second function, by the processor 301. Another Fourier transform is taken from which the original (decrypted) digitized image f (x, y) is obtained by the processor 301, as previously described.

FIG. Sa illustrates an encryption procedure for image data. Also, FIG. 5b illustrates a decryption procedure for image data. Referring to FIGS. 5a and 5b, the image f (x, y) is phase encoded (optically or digitally) prior to the encryption process, (e. g., exp [jf (x, y) ] ). This phase encoded image is then multiplied by a first random function,<BR> (e. g., exp [jn (x, y) ], by the processor 301. A Fourier transform of the product of the image and the first random phase function is obtained by the processor 301. This Fourier transform is then multiplied by a second random function, (e. g. , exp [jb (, ß)]), by the

processor 301. A Fourier transform of this second product is obtained by the processor 301, resulting in an encrypted digitized image signal < (x, y).

To decrypt an encrypted image, the encrypted image is digitized. The encrypted digitized image signals are processed by the processor 301. More specifically, a Fourier transform of the encrypted image is obtained. This Fourier transform is multiplied by a <BR> third function, (i. e. , exp [-jb (x, ß)]), which is the complex conjugate of the second function, by the processor 301. Another Fourier transform is taken to obtain <BR> (exp off (x, y)] exp [jyz (x, y) ]) which is multiplied by a fourth function, i. e. , (exp [- jn (x, y)]), which is the complex conjugate of the first function, resulting in the original phase encode digitized image exp if (x, y)]. The original decrypted image f (x, y) is readily obtained using any well known phase reading techniques.

However, existing holograms are not used for storing or encrypting data, but rather are used to determine whether or not it has been damaged according to the naked eye. In this situation, the user data in the hologram may be easily damaged or used surreptitiously.

Also, the existing hologram is easily copied or damaged.

Disclosure of the Invention The present invention is intended to overcome the above-mentioned disadvantages.

Therefore, it is an object of the present invention to provide a method and system for assuring the integrity of a smart card by attaching a hologram upon it.

It is another object of the present invention to provide a method and system for assuring the integrity of smart card by coupling a hologram with a smart card.

It is still another object of the present invention to provide a method and system for assuring the integrity of smart card for decrypting and encrypting data in accordance with an asymmetric decryption algorithm while being offline with the authentication center.

It is still another object of the present invention to provide a method and system for assuring the integrity of a smart card for extracting data stored in the hologram, after assuring the integrity of the smart card.

It is still another object of the present invention to provide a method and system for assuring the integrity of smart card for authenticating the actual user.

To achieve these objects, one aspect of the present invention is a method for assuring integrity of information stored in a smart card by attaching a hologram using holographic technologies in a card reader. The method comprises the steps of extracting a decryption key stored in the hologram, transmitting the decryption key to the smart card, receiving first original data decrypted by using the decryption key from the smart card, extracting second original data stored in the hologram, and determining whether or not the first original data corresponds with the second original data.

Moreover, the decryption key is a public key. The smart card decrypts the first original data by executing an asymmetric decryption algorithm and using a prepared secret key corresponding with the public key. The method further comprises the step of receiving a first challenge value from the smart card, wherein the decryption key is extracted from the

hologram using the first challenge value. The first challenge value is a random phase function. At least one selected from the group consisting of the first original data and the second original data is data relevant to a user of the smart card. The method further comprises the step of concluding that the integrity of the smart card is confirmed when the first original data corresponds with the second original data, wherein the smart card is used for executing a specific transaction. The method further comprises the steps of concluding that the integrity of the smart card fails to be confirmed when the first original data does not correspond with the second original data, and displaying an integrity confirmation failure message on a display device. The method further comprises the steps of receiving a second challenge value from the smart card and extracting the second original data from the hologram using the second challenge value. The second challenge value is a random phase function. The method further comprises the steps of requesting a specific challenge value to the smart card (for extracting specific data stored in the hologram), receiving the specific challenge value from the smart card, and extracting the specific data from the hologram using the specific challenge value.

Another aspect of the present invention is a method for assuring integrity of information stored in a smart card attaching a hologram by using holographic technologies in the smart card coupled with a card reader. The method comprises the steps of receiving a decryption key from the card reader, extracting encrypted first original data stored in advance, decrypting the first original data using the decryption key and transmitting the first original data to the card reader, wherein the card reader extracts second original data

stored in the hologram, and determines whether or not the first original data corresponds with the second original data.

Moreover, the decryption key is a public key. The method further comprises the steps of extracting a first challenge value and transmitting the first challenge value to the card reader, wherein the decryption key is extracted from the hologram using the first challenge value. The first challenge value is a random phase function. At least one selected from the group consisting of the first original data and the second original data is data relevant to a user of the smart card. The method further comprises the steps of extracting a second challenge value and transmitting the second challenge value to the card reader, wherein the card reader extracts the second original data from the hologram using the second challenge value. The second challenge value is a random phase function. The method further comprises the steps of requesting a specific challenge value from the card reader (for extracting specific data stored in the hologram), extracting the specific challenge value, and transmitting the specific challenge value to the card reader, wherein the card reader extracts specific data from the hologram using the specific challenge value.

Still another aspect of the present invention is a method for assuring integrity of information stored in a smart card attaching a hologram by using holographic technologies in a card reader, comprising the steps of receiving a first decryption key that is stored corresponding to the smart card from an authentication center, transmitting the first decryption key to the smart card, receiving a first challenge value decrypted by using the first decryption key from the smart card, extracting a second decryption key stored in the

hologram using the first challenge value, transmitting the second decryption key to the smart card, receiving first original data decrypted by using the second decryption key from the smart card, extracting second original data stored in the hologram and determining whether or not the first original data corresponds with the second original data.

Furthermore, at least one selected from the group consisting of the first decryption key and the second decryption key is a public key. The smart card decrypts the first challenge value by executing an asymmetric decryption algorithm, using a prepared secret key corresponding with the first public key. The smart card decrypts the first original data by executing an asymmetric decryption algorithm, using a prepared secret key corresponding with the second public key. The first challenge value is a random phase function. At least one selected from the group consisting of the first original data and the second original data is data relevant to a user of the smart card. The method further comprises the step of concluding that the integrity of the smart card is confirmed when the first original data correspond with the second original data, wherein the smart card is used for executing a specific transaction. The method further comprises the steps of concluding that the integrity of the smart card will fail to be confirmed when the first original data does not correspond with the second original data, and displaying an integrity confirmation failure message on a display device. The method further comprises the steps of receiving a second challenge value from the smart card and extracting the second original data from the hologram using the second challenge value. The second challenge value is a random phase function. The method further comprises the steps of requesting a specific challenge value to

the smart card (for extracting specific data stored in the hologram), receiving the specific challenge value from the smart card, and extracting the specific data from the hologram using the specific challenge value.

Still another aspect of the present invention is a method for assuring integrity of information stored in a smart card attaching a hologram by using holographic technologies in the smart card coupled with a card reader and an authentication center, comprising the steps of receiving a first decryption key from the card reader; decrypting an encrypted first challenge value using the first decryption key; transmitting the first challenge value to the card reader, receiving a second decryption key decrypted using the first challenge value, stored in the hologram, from the card reader; extracting first original data; decrypting the first original data using the second decryption key; and transmitting the first original data to the card reader, wherein the card reader extracts second original data stored in the hologram, and determines whether or not the first original data corresponds with the second original data.

Moreover, the card reader receives the first decryption key from the authentication center. At least one selected from the group consisting of the first decryption key and the second decryption key is a public key. The first challenge value is a random phase function.

At least one selected from the group consisting of the first original data and the second original data is data relevant to a user of the smart card. The method further comprises the steps of extracting a second challenge value and transmitting the second challenge value to the card reader, wherein the card reader extracts the second original data from the hologram

using the second challenge value. The second challenge value is a random phase function.

The method further comprises the steps of requesting a specific challenge value from the card reader (for extracting specific data stored in the hologram), extracting the specific challenge value, and transmitting the specific challenge value to the card reader, wherein the card reader extracts the specific data from the hologram using the specific challenge value.

Still another aspect of the present invention is a method for authenticating a user of a smart card attaching a hologram in a card reader, comprising the steps of extracting a public key stored in the hologram, inputting a secret key corresponding with the public key by the user, and authenticating the user who is using the public key and the secret key.

Moreover, the method further comprises the step of receiving a challenge value from the smart card, wherein the public key is extracted using the challenge value.

Still another aspect of the present invention is a method for authenticating a user of a smart card attaching a hologram in a card reader coupled with an authentication center via network, comprising the steps of receiving a public key corresponding with the smart card from the authentication center, inputting a secret key corresponding with the public key by the user, and authenticating the user who is using the public key and the secret key.

Still another aspect of the present invention is an apparatus for assuring integrity of information stored in a smart card attaching a hologram by using holographic technologies comprising a means for extracting a decryption key stored in the hologram, means for transmitting the decryption key to the smart card, means for receiving first original data

decrypted by using the decryption key from the smart card, means for extracting second original data stored in the hologram, and means for determining whether or not the first original data corresponds with the second original data.

Still another aspect of the present invention is a smart card for assuring integrity of information that is stored using holographic technologies, coupled with a card reader, comprising a means for receiving a decryption key from the card reader, means for extracting encrypted first original data stored in advance, means for decrypting the first original data using the decryption key, and means for transmitting the first original data to the card reader, wherein the card reader extracts second original data stored in the hologram, and determines whether or not the first original data corresponds with the second original data.

Still another aspect of the present invention is an apparatus for assuring integrity of information stored in a smart card attaching a hologram using holographic technologies, coupled with an authentication center via a network, comprising a means for receiving a first decryption key that is stored corresponding to the smart card from an authentication center, means for transmitting the first decryption key to the smart card, means for receiving a first challenge value decrypted by using the first decryption key from the smart card, means for extracting a second decryption key stored in the hologram using the first challenge value, means for transmitting the second decryption key to the smart card, means for receiving first original data decrypted by using the second decryption key from the

smart card, means for extracting second original data stored in the hologram, and means for determining whether or not the first original data corresponds with the second original data.

Still another aspect of the present invention is a smart card for assuring integrity of information stored using holographic technologies, coupled with a card reader and an authentication center via a network, comprising a means for receiving a first decryption key from the card reader, means for decrypting an encrypted first challenge value using the first decryption key, means for transmitting the first challenge value to the card reader, means for receiving a second decryption key that is decrypted using the first challenge value, stored in the hologram, from the card reader, means for extracting first original data, means for decrypting the first original data using the second decryption key and means for transmitting the first original data to the card reader, wherein the card reader extracts second original data stored in the hologram, and determines whether or not the first original data corresponds with the second original data.

Still another aspect of the present invention is an apparatus for authenticating a user of a smart card attaching a hologram, comprising a means for extracting a public key stored in the hologram, means for inputting a secret key corresponding with the public key by the user, and means for authenticating the user using the public key and the secret key.

Still another aspect of the present invention is an apparatus for authenticating a user of a smart card attaching a hologram, coupled with an authentication center via a network, comprising a means for receiving a public key corresponding with the smart card from the authentication center, means for inputting a secret key corresponding with the

public key by the user, and means for authenticating the user that is using the public key and the secret key.

Still another aspect of the present invention is a computer-readable program product of a card reader coupled with a smart card attaching a hologram, having stored thereon a computer-executable instruction for performing several steps comprising extracting a decryption key stored in the hologram, transmitting the decryption key to the smart card, receiving first original data that are decrypted by using the decryption key from the smart card, extracting second original data stored in the hologram, and determining whether or not the first original data corresponds with the second original data.

Still another aspect of the present invention is a computer-readable program product of a smart card attaching a hologram, having stored thereon computer-executable instruction for performing the steps comprising receiving a decryption key from the card reader, extracting an encrypted first original data stored in advance, decrypting the first original data using the decryption key and transmitting the first original data to the card reader, wherein the card reader extracts second original data stored in the hologram, and determines whether or not the first original data corresponds with the second original data.

Still another aspect of the present invention is a computer-readable program product of a card reader coupled with an authentication center via a network and a smart card attaching a hologram, having stored thereon computer-executable instruction for performing the steps comprising receiving a first decryption key that is stored corresponding to the smart card from an authentication center, transmitting the first

decryption key to the smart card, receiving a first challenge value that is decrypted by using the first decryption key from the smart card, extracting a second decryption key stored in the hologram using the first challenge value, transmitting the second decryption key to the smart card, receiving first original data decrypted by using the second decryption key from the smart card, extracting second original data stored in the hologram, and determining whether or not the first original data corresponds with the second original data.

Still another aspect of the present invention is a computer-readable program product of a smart card attaching a hologram coupled with a card reader and an authentication center via a network, having stored thereon a computer-executable instruction for performing the steps comprising receiving a first decryption key from the card reader, decrypting an encrypted first challenge value using the first decryption key, transmitting the first challenge value to the card reader, receiving a second decryption key that is decrypted using the first challenge value, stored in the hologram, from the card reader, extracting first original data, decrypting the first original data using the second decryption key and transmitting the first original data to the card reader, wherein the card reader extracts second original data stored in the hologram, and determines whether or not the first original data corresponds with the second original data.

Still another aspect of the present invention is a computer-readable program product of a card reader coupled with a smart card attaching a hologram, having stored thereon a computer-executable instruction for performing the steps comprising extracting a

public key stored in the hologram, inputting a secret key corresponding with the public key by the user, and authenticating the user who is using the public key and the secret key.

Still another aspect of the present invention is a computer-readable program product of a card reader coupled with a smart card attaching a hologram and an authentication center via a network, having stored thereon a computer-executable instruction for performing the steps comprising receiving a public key corresponding with the smart card from the authentication center, inputting a secret key corresponding with the public key by the user, and authenticating the user who is using the public key and the secret key.

Brief Description of the Drawings The above objects and other advantages of the present invention will become more apparent by detailed descriptions of the preferred embodiments thereof with reference to the attached drawings, in which: FIG 1 is a block diagram for illustrating schematically the configuration of a smart card; FIG 2a is an illustration for illustrating an example of an optical assembly for use in the encryption technique with one dimensional function; FIG 2b is an illustration for illustrating schematically an example of an optical assembly for use in decryption technique with one dimensional function;

FIG 3 is an illustration for illustrating schematically a digital process device for encryption and decryption image data; FIG 4a is an illustration for illustrating the encryption procedure image data; FIG 4b is an illustration for illustrating the decryption procedure image data; FIG 5a is an illustration for illustrating an encryption procedure for image data; FIG 5b is an illustration for illustrating a decryption procedure for image data; FIG. 6 is an illustration of a smart card attaching hologram in accordance with one preferred embodiment of the present invention; FIG. 7 is a block diagram for illustrating schematically the configuration of a card reader for reading the information of the smart card in accordance with one preferred embodiment of the present invention; FIG 8a is a flowchart for illustrating the procedure of assuring the integrity of the smart card by using the holography technologies in accordance with one preferred embodiment of the present invention; FIG 8b is a flowchart for illustrating the procedure of assuring the integrity of the smart card by using the holography technologies in accordance with another preferred embodiment of the present invention; FIG 8c is a flowchart for illustrating the procedure of assuring the integrity of the smart card by using the holography technologies in accordance with still another preferred embodiment of the present invention;

FIGs 8d and 8e are flowcharts for illustrating the procedure of assuring the integrity of the smart card by using the holography technologies in accordance with still another preferred embodiment of the present invention; FIGs 8f and 8g are flowcharts for illustrating the procedure of assuring the integrity of the smart card by using the holography technologies in accordance with still another preferred embodiment of the present invention; FIG 9a is a flowchart for illustrating the extraction procedure from a hologram, after assuring the integrity in accordance with one preferred embodiment of the present invention; FIG 9b is a flowchart for illustrating the extraction procedure from a hologram, after assuring the integrity in accordance with another preferred embodiment of the present invention; FIG 10a is a flowchart for illustrates the user-authentication procedure of the smart card by using the holography technologies in accordance with one preferred embodiment of the present invention; and FIG 10b is a flowchart for illustrates the user-authentication procedure of the smart card by using the holography technologies in accordance with another preferred embodiment of the present invention.

Best Modes for Carrying Out the Invention Hereinafter, preferred embodiments of the present invention will be described in more detail with reference to the accompanying drawings, but it is understood that the present invention should not be limited to the following embodiments.

FIG. 6 is an illustration of a smart card attaching a hologram in accordance with one preferred embodiment of the present invention. Referring to FIG. 6, the smart card 601 is a plastic plate having typical dimensions of an existing credit card, along with a processor, ROM, RAM, EPROM, and interface, and is able to store some information and operate. The capacity and security of the smart card memory is excellent. Hereinafter the internal configuration of the smart card 601 is the same as the internal configuration of a smart card illustrated upon referring to FIG. 1. However, in contrast the smart card 601 in accordance with the present invention has a hologram 605 on its surface.

A schematic description about a method for assuring integrity of a smart card using holographic technologies in accordance with the present invention is as follows. Firstly, data stored in the hologram and the IC chip 603 of the smart card 601 are read by a card reader, when the smart card 601 is used for some transactions upon the request of a user.

Regarding an existing smart card, the facts of damage, alteration or surreptitious use are not disclosed when the internal information of the IC chip is damaged, altered or surreptitiously used by another person who has not been authorized but rather has the expertise to proceed.

However, regarding the smart card 601 in accordance with the present invention, the data stored in the hologram 605 and the data stored in the IC chip 603 are extracted through

encryption and decryption procedures. Thereafter both data are compared. Based on the result of the comparison, the facts of damage, alteration or surreptitious use are disclosed.

Namely, the integrity of information stored in the smart card 601 may be confirmed.

FIG. 7 is a block diagram for illustrating schematically the configuration of a card reader for reading the information of the smart card in accordance with one preferred embodiment of the present invention. Referring to FIG. 7, the card reader 701 comprises a hologram reader 705, an interface 707, a storage device 709, and a MICOM 703. The card reader 701 may be alternatively called a card terminal. Also, the card reader 701 further comprises another interface for receiving and transmitting data via a network in order to receive a public key from an authentication center that authenticates the public key.

The hologram reader 705 reads the hologram attached on the smart card in accordance with the present invention. The hologram reader 705 may be embodied via optical devices or digital process devices.

The interface 707 receives and transmits data with IC chip of the smart card. The interface 707 may be designed to communicate with any internal OS of the smart card just like MULTOS, or JAVA CARD API.

The storage device 709 stores OS, an application, various kinds of variables, or other data operated by the MICOM 703. The storage device 707 comprises ROM, RAM, EPROM, etc. Because the configuration of the storage device 709 is typical, a detailed description of the storage device 709 will be omitted.

The MICOM 703 controls the hologram reader 705, the interface 707, and the storage device 707 generally. Also, the MICOM 703 performs the method of assuring the integrity of the smart card using holographic technologies in accordance with the present invention. The description of the method of assuring the integrity of the smart card using holographic technologies performed by the MICOM 703 may be disclosed hereinafter. By controlling the MICOM 703, the interface 707 reads the first challenge value as an encryption key from the IC chip of the smart card. The hologram reader 705 extracts a public key stored in the hologram by using the first challenge value. Then, the MICOM 703 transmits the extracted public key to the IC chip. The IC chip performs an asymmetric decryption algorithm by using a secret key table stored in advance, using the received public key, and extracts the first original data merely as user data. The MICOM 703 receives the second challenge value as a secret key from the IC chip, and extracts the second original data stored in advance by using the second challenge value. Finally, the MICOM 703 determines whether or not the first original data transmitted from the IC chip corresponds with the second original data extracted from the hologram. When the first original data correspond with the second original data, the integrity of the data stored in the smart card may be assured. Each step may be illustrated in more detail upon referring to others figures.

FIG. 8a is a flowchart for illustrating the procedure of assuring the integrity of the smart card by using the holographic technologies in accordance with one preferred embodiment of the present invention. Referring to FIG. 8a, a processor of the IC chip of the

smart card extracts the first challenge value as secret key from the EPROM 109 of the IC chip (Step 801). As such, preferably the first challenge value may be a random phase function, in order to read encrypted image data as a hologram, and may have a conjugate relationship with another random phase function used for encrypting the image data.

Besides the random phase function, the first challenge value may be any secret key for decrypting an encrypted image data in accordance with a predetermined method as hash function illustrated by a hologram. For simplicity of illustrations, the image data illustrated as a hologram are encrypted data by the random phase function in accordance with the present invention, and the first challenge value is the random phase function of a conjugate relationship with the random phase function of the encryption. Then, the processor transmits the extracted first challenge value to the card reader (Step 803).

The card reader receives the first challenge value from the processor of the IC chip, and extracts a public key stored in the hologram by using the first challenge value (Step 805). The public key may be used for asymmetric key decrypting original data such as user data stored in the IC chip. In accordance with another preferred embodiment of the present invention, any decryption key may be used for decrypting encrypted original data stored in the IC chip in accordance with predetermined method such as a secret method, or the hash function. For simplicity of illustrations, the data stored in the hologram may be the public key, and the original data may be encrypted by using the asymmetric algorithm. Because the public key stored in the hologram may be extracted, the card reader may execute the asymmetric encryption and decryption algorithm while off-line with the authentication

center. Then, the card reader transmits the extracted public key to the processor of the IC chip (Step 807).

The processor of the IC chip extracts the first original data such as user data that are encrypted by using the asymmetric algorithm, stored in the EPROM 109 (Step 809).

The user data may comprise a name, an address, a resident registration number, a call number, or a card number. The processor receives the public key from the card reader, and asymmetric decrypting of the encrypted original data by using the public key (Step 811). A secret key corresponding with the public key may be extracted from the secret key table stored in the EPROM 109. Because the procedure of the asymmetric encryption and decryption is typical, further detailed description of the procedure of the asymmetric encryption and decryption will be omitted . Thereafter, the processor transmits the decrypted first original data to the card reader (Step 813). The card reader extracts the second original data such as user data from the image data stored in the hologram 605 attached on the smart card (Step 815). Then, the card reader determines whether or not the first original data received from the processor of the IC chip corresponds with the second original data extracted from the hologram 605 (Step 817). It is determined whether or not the first original data correspond with the second original data. Also, it is determined whether or not the first original data modified in accordance with a predetermined method such as hash function corresponds with the second original data modified in accordance with predetermined method such as a hash function. According to the result of the determination, the card reader performs step 819

when the first original data corresponds with the second original data. The card reader performs step 821 when the first original data does not correspond with the second original data. In step 821, the card reader concludes that the integrity of the smart card has failed to be confirmed, and displays a fail message on a display device. In step 819, the card reader concludes that the integrity of the smart card is confirmed, and performs the next step for specific transaction.

FIG. 8b is a flowchart for illustrating the procedure of assuring the integrity of the smart card by using the holographic technologies in accordance with another preferred embodiment of the present invention Referring to FIG. 8b, the processor of the IC chip of the smart card extracts the first challenge value as a secret key from the EPROM 109 of the IC chip. Because description of the first challenge value is the same as above, a detailed description of it will be omitted. Then, the processor transmits the extracted first challenge value to the card reader.

The card reader receives the first challenge value from the processor of the IC chip, and extracts the public key from the hologram using the first challenge value with the hologram reader. Because a description of the public key is the same as above, a detailed 1 description of it will be omitted. Then, the card reader transmits the extracted public key to the processor of the IC chip.

The processor of the IC chip extracts the first original data such as user data encrypted in accordance with an asymmetric algorithm, stored in the EPROM 109. The processor receives the public key from the card reader, and decrypts the first original data

encrypted in accordance with asymmetric algorithm by using the public key. A secret key corresponding with the public key may be extracted from the secret key table stored in the EPROM 109. Then, the processor transmits the decrypted first original data to the card reader. Also, the processor extracts the second challenge value stored in the EPROM 109 (Step 823). The second challenge value may be used as a key for extracting encrypted second original data in accordance with predetermined method stored in the hologram.

Because the second challenge value is similar to the first challenge value, a detailed description of the second challenge value will be omitted. Then, the processor transmits the extracted second challenge value to the card reader (Step 825).

The card reader receives the second challenge value from the processor of the IC chip, and extracts the second original data such as user data from the image data encrypted in accordance with a predetermined method, and stored in the hologram 605 attached on the smart card, by using the second challenge value (Step 827). Then, the card reader determines whether or not the first original data received from the processor of the IC chip correspond with the second original data extracted from the hologram 605. According to the result of the determination, the card reader concludes that the integrity of the smart card is confirmed, and performs the next step for a specific transaction when the first original data corresponds with the second original data. The card reader concludes that the integrity of the smart card has failed to be confirmed, and displays a failure message on a display device, when the first original data does not correspond with the second original data.

FIG. 8c is a flowchart for illustrating the procedure of assuring the integrity of the smart card by using the holographic technologies in accordance with still another preferred embodiment of the present invention. Referring to FIG. 8c, the card reader extracts the public key stored in the hologram directly, without receiving a specific challenge value from the processor of the IC chip (Step 829). Namely, the card reader extracts the public key by using the first challenge value stored in advance through the hologram reader, or not needing the challenge value (i. e. , not performing the encryption algorithm). The public key may be used as a key for decrypting the original data such as user data stored in the IC chip in accordance with asymmetric decryption algorithm. Then the card reader transmits the extracted public key to the processor of the IC chip.

The processor of the IC chip extracts the first original data such as user data encrypted in accordance with the asymmetric encryption algorithm, stored in the EPROM 109. The processor receives the public key from the card reader, and decrypts the encrypted first original data in accordance with the asymmetric decryption algorithm by using the public key. Then, the processor transmits the decrypted first original data to the card reader.

Also, the processor extracts the second challenge value stored in the EPROM 109. Because the second challenge value is similar to the first challenge value, a detailed description of the second challenge value will be omitted. Then, the processor transmits the extracted second challenge value to the card reader.

The card reader extracts the second original data such as user data from the image data stored in the hologram 605 attached on the smart card. Then, the card reader

determines whether or not the first original data received from the processor of the IC chip corresponds with the second original data extracted from the hologram 605. According to the result of the determination, the card reader concludes that the integrity of the smart card is confirmed, and performs the next step for a specific transaction, when the first original data correspond with the second original data. The card reader concludes that the integrity of the smart card has failed to be confirmed, and displays a failure message on a display device, when the first original data does not correspond with the second original data.

FIGS. 8d and 8e are flowcharts illustrating the procedure of assuring the integrity of the smart card by using the holographic technologies in accordance with still another preferred embodiment of the present invention. Referring to FIGS. 8d and 8e, the card reader receives the first public key from an authentication center by using the network interface of the card reader (Step 831). The first public key may be used as a key for decrypting the third original data encrypted in accordance with the asymmetric encryption algorithm, stored in the IC chip. The third original data may be used for extracting the first challenge value as an encryption key for decrypting the image data stored in the hologram attached on the smart card. Then, the card reader transmits the first public key to the IC chip (Step 833).

The processor of the IC chip extracts the third original data encrypted in accordance with the asymmetric algorithm, and stored in the EPROM 109 (Step 835). The third original data may be used for extracting the first challenge value as a decryption key for decrypting the image data stored in the hologram attached on the smart card. Then, the

processor decrypts the third original data by performing the asymmetric decryption algorithm by using the first public key received from the card reader (Step 837). Then, the processor extracts the first challenge value as a decryption key for decrypting the image data from the hologram, stored in the EPROM 109, by using the third original data (Step 839). The processor transmits the extracted first challenge value to the card reader (Step 841).

The card reader receives the first challenge value from the processor of the IC chip, and extracts the second public key stored in the hologram by using the first challenge value through the hologram reader (Step 843). The second public key may be used as decryption key for decrypting the original data such as user data stored in the IC chip in accordance with the asymmetric decryption algorithm. Because the second public key is similar to the public key, a detailed description of the second public key will be omitted. Then, the card reader transmits the extracted second public key to the processor of the IC chip (Step 845).

The processor extracts the fourth original data such as user data stored in the EPROM 109, encrypted in accordance with the asymmetric encryption algorithm, and decrypts the encrypted fourth original data in accordance with the asymmetric decryption algorithm by using the second public key (Step 847). A secret key corresponding with the public key may be extracted from the secret key table stored in the EPROM 109. Then, the processor transmits the decrypted fourth original data to the card reader. Also, the processor extracts the second challenge value stored in the EPROM 109, and transmits it to the card

reader.. Because description of the second challenge value is the same as above, a detailed description of it will be omitted.

The card reader extracts the second original data such as user data from the image data stored in the hologram 605 attached on the smart card. Then, the card reader determines whether or not the fourth original data received from the processor of the IC chip corresponds with the second original data extracted from the hologram 605. According to the result of the determination, the card reader concludes that the integrity of the smart card is confirmed, and performs the next step for a specific transaction when the fourth original data correspond with the second original data. The card reader concludes that the integrity of the smart card has failed to be confirmed, and displays a failure message on a display device when the fourth original data does not correspond with the second original data.

FIGS. 8f and 8g are flowcharts for illustrating the procedure of assuring the integrity of the smart card by using the holographic technologies in accordance with still another preferred embodiment of the present invention. Referring to FIGS. 8f and 8g, the processor of the IC chip extracts the third challenge value as an encryption key, stored in the EPROM 109 (Step 853). The third challenge value may be the random phase function as an encryption key for reading the encrypted first public key stored in the hologram. Then, the processor transmits the third challenge value to the card reader (Step 855).

The card reader receives the third challenge value from the processor of the IC chip, and extracts the first public key stored in the hologram by using the third challenge value

through the hologram reader (Step 857). The first public key may be used for decrypting the third original data stored in the IC chip in accordance with the asymmetric decryption algorithm. Then, the card reader transmits the extracted first public key to the processor of the IC chip.

The processor of the IC chip extracts the third original data stored in the EPROM 109, and encrypted in accordance with the asymmetric encryption algorithm. The third original data may be used for extracting the fourth challenge value as an encryption key for decrypting the image data stored in the hologram attached on the smart card. Then, the processor decrypts the third original data by performing the asymmetric decryption algorithm by using the first public key received from the card reader. Then, the processor extracts the fourth challenge value as an encryption key from the EPROM 109, for decrypting the image data stored in the hologram by using the third original data, and transmits it to the card reader (Step 861).

The card reader receives the fourth challenge value from the processor of the IC chip, and extracts the second public key stored in the hologram by using the fourth challenge value through the hologram reader (Step 863). The second public key may be used for decrypting the original data such as user data stored in the IC chip in accordance with the asymmetric decryption algorithm. Then, the card reader transmits the extracted second public to the processor of the IC chip.

The processor of the IC chip extracts the fourth original data such as user data stored in the EPROM, and encrypted in accordance with the asymmetric encryption

algorithm, and then decrypts the encrypted fourth original data in accordance with the asymmetric decryption algorithm by using the second public key. A secret key corresponding with the second public key may be extracted from the secret key table stored in the EPROM 109. Then, the processor transmits the decrypted fourth original data to the card reader. Also, the processor extracts the fifth challenge value stored in the EPROM 109, and transmits it to the card reader.

The card reader extracts the second original data such as user data from the image data stored in the hologram 605 attached on the smart card by using the fifth challenge value. Then, the card reader determines whether or not the fourth original data received from the processor of the IC chip corresponds with the second original data extracted from the hologram 605. According to the result of the determination, the card reader concludes that the integrity of the smart card is confirmed, and performs the next step for a specific transaction when the fourth original data corresponds with the second original data. The card reader concludes that the integrity of the smart card has failed to be confirmed, and displays a failure message on a display device when the fourth original data does not correspond with the second original data. The above procedure uses two public keys. Some type of procedure using at least three public keys may be preferable.

FIG. 9a is a flowchart for illustrating the extraction procedure from a hologram, after assuring the integrity in accordance with one preferred embodiment of the present invention. Referring to FIG. 9a, the card reader requests the challenge value from the processor of the IC chip for extracting encrypted specific data from the hologram (Step

901). The processor of the IC chip confirms a data identifier corresponding with the specific data, thereby replying to the request of the card reader (Step 903). Then, the processor extracts the sixth challenge value stored in the EPROM 109 by using the data identifier (Step 905). The sixth challenge value may be used as an encryption key for extracting the encrypted specific data from the hologram. Then, the processor transmits the extracted sixth challenge value to the card reader (Step 907).

The card reader extracts the specific data from the hologram attached on the smart card in accordance with predetermined method, by using the sixth challenge value received from the processor of the IC chip (Step 909).

FIG. 9b is a flowchart for illustrating the extraction procedure from a hologram, after assuring the integrity in accordance with another preferred embodiment of the present invention. Referring to FIG. 9b, the card reader requests the challenge value from the processor for extracting an encrypted specific data from the hologram. The processor of the IC chip confirms a data identifier corresponding with the specific data, thereby replying to the request of the card reader. Then, the processor extracts the sixth challenge value stored in the EPROM 109 by using the data identifier. The sixth challenge value may be used as an encryption key for extracting the encrypted specific data from the hologram. Then, the processor transmits the extracted sixth challenge value to the card reader.

The card reader extracts temporary data relevant to the specific data from the hologram attached on the smart card in accordance with predetermined method by using the sixth challenge value received from the processor of the IC chip (Step 911). The card reader

requests the seventh challenge value used as an encryption key from the processor of the IC chip, for extracting the specific data, with the extracted temporary data (Step 913).

The processor of the IC chip extracts the seventh challenge value stored in the EPROM 109, thereby replying to the request of the card reader (Step 915). The seventh challenge value may be used as an encryption key for extracting the specific encrypted data from the hologram. Then, the processor transmits the extracted seventh challenge value to the card reader (Step 917).

The card reader extracts the specific data from the hologram attached on the smart card in accordance with predetermined method by using the seventh challenge value received from the processor of the IC chip (Step 919). The above procedure uses two challenge values. Some type of procedure using at least three challenge values or encryption keys may be preferable.

FIG. 10a is a flowchart for illustrating the user-authentication procedure of the smart card by using the holographic technologies in accordance with one preferred embodiment of the present invention. Referring to FIG. 10a, the processor of the IC chip extracting the first challenge value is stored in the EPROM 109 (Step 1001). The first challenge value may be used for extracting an encrypted public key from the hologram attached on the smart card. Then, the processor transmits the extracted first challenge value to the card reader (Step 1003).

The card reader receives the first challenge value, and extracts the encrypted public key from the hologram attached on the smart card (Step 1005). Then, the card reader inputs

a user's password (a secret key) through a touch screen or key pad from the user (Step 1007). Of course, the secret key will preferably be known only by the user. Then, the card reader authenticates the user by confirming whether or not the user is the authorized user, by performing the asymmetric decryption algorithm (Step 1009).

FIG. 10b is a flowchart that illustrates the user-authentication procedure of the smart card by using the holographic technologies in accordance with another preferred embodiment of the present invention. Referring to FIG. 10b, the card reader? ?? ? receives the public key from the authentication center via the network (Step 1011). Then, the card reader inputs the user's pass word (a secret key) from the user through the touch screen or key pad. Then, the card reader authenticates the user by confirming whether or not the user is the authorized user, by performing the asymmetric decryption algorithm. Regarding the above procedure, a plurality of public keys may be used.

Although the present invention has been described in terms of various embodiments, it is not intended that the invention be limited to these embodiments.

Modification within the spirit of the invention will be apparent to those skilled in the art.

Industrial Applicability According to the present invention, the integrity of the smart card may be assured by comparing original data extracted from the hologram with other original data extracted from the smart card, all within the smart card attaching the hologram.

Also, according to the present invention, the hologram may be coupled with the smart card, by extracting the public key from the hologram and decrypting encrypted data of the smart card, with use of the extracted public key.

Also, according to the present invention, encrypted data may be decrypted in accordance with the asymmetric decryption algorithm by the card reader, while in the status of off-line with the authentication center.

Also, according to the present invention, the card reader may obtain the challenge value from the smart card, and extract various data encrypted and stored in the hologram.

Also, according to the present invention, data stored in the hologram may be extracted, after assuring the integrity of the smart card.

Also, according to the present invention, the card reader may authenticate the user by using the public key received from the authentication center or stored in the hologram, and the secret key inputted by the user.