FR2738970A1 - Encryption key application technique for use with electronic integrated circuits - Google Patents
Encryption key application technique for use with electronic integrated circuits Download PDFInfo
- Publication number
- FR2738970A1 FR2738970A1 FR9511078A FR9511078A FR2738970A1 FR 2738970 A1 FR2738970 A1 FR 2738970A1 FR 9511078 A FR9511078 A FR 9511078A FR 9511078 A FR9511078 A FR 9511078A FR 2738970 A1 FR2738970 A1 FR 2738970A1
- Authority
- FR
- France
- Prior art keywords
- electrical
- integrated circuit
- contacts
- random
- matrix
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F7/00—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
- G07F7/08—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
- G07F7/10—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
- G07F7/1008—Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06K—GRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
- G06K19/00—Record carriers for use with machines and with at least a part designed to carry digital markings
- G06K19/06—Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code
- G06K19/067—Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards also with resonating or responding marks without active components
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/34—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
- G06Q20/341—Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/409—Device specific authentication in transaction processing
- G06Q20/4097—Device specific authentication in transaction processing using mutual authentication between devices and transaction partners
- G06Q20/40975—Device specific authentication in transaction processing using mutual authentication between devices and transaction partners using encryption therefor
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F7/00—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
- G07F7/08—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
- G07F7/0806—Details of the card
- G07F7/0813—Specific details related to card security
- G07F7/082—Features insuring the integrity of the data on or in the card
-
- G—PHYSICS
- G09—EDUCATION; CRYPTOGRAPHY; DISPLAY; ADVERTISING; SEALS
- G09C—CIPHERING OR DECIPHERING APPARATUS FOR CRYPTOGRAPHIC OR OTHER PURPOSES INVOLVING THE NEED FOR SECRECY
- G09C1/00—Apparatus or methods whereby a given sequence of signs, e.g. an intelligible text, is transformed into an unintelligible sequence of signs by transposing the signs or groups of signs or by replacing them by others according to a predetermined system
-
- H—ELECTRICITY
- H01—ELECTRIC ELEMENTS
- H01L—SEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
- H01L23/00—Details of semiconductor or other solid state devices
- H01L23/57—Protection from inspection, reverse engineering or tampering
- H01L23/576—Protection from inspection, reverse engineering or tampering using active circuits
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0866—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics
-
- H—ELECTRICITY
- H01—ELECTRIC ELEMENTS
- H01L—SEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
- H01L2924/00—Indexing scheme for arrangements or methods for connecting or disconnecting semiconductor or solid-state bodies as covered by H01L24/00
- H01L2924/0001—Technical content checked by a classifier
- H01L2924/0002—Not covered by any one of groups H01L24/00, H01L24/00 and H01L2224/00
Abstract
Description
PROCEDE DE DETERa6WATION D'UNE CLE DIVERSIFIEE
ASSOCIEE A UN CIRCUIT INTèGRE
La présente invention concerne un procédé de détermination d'une clé diversifiée associée à un circuit intégré. Elle concerne également un circuit intégré sécurisé mettant en oeuvre ledit procédé.METHOD FOR DETERERATING A DIVERSIFIED KEY
ASSOCIATED WITH AN INTEGRATED CIRCUIT
The present invention relates to a method for determining a diversified key associated with an integrated circuit. It also relates to a secure integrated circuit implementing said method.
L'invention trouve une application particulièrement avantageuse dans le domaine de la sécurisation des cartes à mémoire, notamment les cartes à mémoire utilisées en télévision cryptée. The invention finds a particularly advantageous application in the field of securing memory cards, including memory cards used in encrypted television.
D'une manière générale, les cartes à mémoire comportent un corps de carte en matériau plastique et un module électronique inséré dans une cavité aménagée dans ledit corps de carte. Le module électronique est constitué d'un circuit intégré, ou puce, placé sur un support lui-même muni de plages métalliques destinées à assurer la liaison électrique entre le module et un lecteur de cartes. Le circuit intégré peut être une mémoire du type
EEPROM, pour l'application aux télécartes par exemple, ou un microprocesseur, pour les applications aux cartes bancaires, à la téléphonie mobile ou encore à la télévision cryptée.In general, the memory cards comprise a card body made of plastic material and an electronic module inserted in a cavity provided in said card body. The electronic module consists of an integrated circuit, or chip, placed on a support itself provided with metal pads for providing the electrical connection between the module and a card reader. The integrated circuit can be a memory of the type
EEPROM, for application to phone cards for example, or a microprocessor, for applications to bank cards, mobile telephony or encrypted television.
La plupart des cartes à mémoire sont donc utilisées pour effectuer des transactions électroniques, ce qui naturellement ne manque de susciter la tentation de frauder les systèmes mettant en oeuvre des cartes à mémoire de manière à pouvoir bénéficier sans contrepartie financière des services fournis par ces systèmes. Most memory cards are thus used to carry out electronic transactions, which of course does not fail to provoke the temptation to defraud the systems implementing memory cards so as to benefit without financial compensation for the services provided by these systems.
Afin d'éviter, ou du mois de limiter la fraude, les informations échangées avec le module électronique des cartes à mémoire sont cryptées selon des procédés variés qui font l'objet d'une abondante littérature. I1 suffit seulement de savoir que les messages reçus par les circuits intégrés des cartes sont chiffrés à l'aide de clés, dites clés diversifiées, stockées dans le plan-mémoire des circuits. Ces clés peuvent elles-même être protégées d'une lecture extérieure en masquant le niveau du plan-mémoire dans lequel elles sont inscrites par plusieurs niveaux de métal faisant office d'écran tout en participant à la dynamique du circuit. In order to avoid or to limit the fraud, the information exchanged with the electronic memory card module is encrypted according to various processes that are the subject of an abundant literature. It suffices to know that the messages received by the integrated circuits of the cards are encrypted by means of keys, called diversified keys, stored in the memory map of the circuits. These keys can themselves be protected from an external reading by masking the level of the memory plane in which they are written by several levels of metal acting screen while participating in the dynamics of the circuit.
Toutefois, le degré de sécurisation obtenu n'est pas absolu car il est toujours possible pour un fraudeur expérimenté d'accéder aux clés secrètes par une analyse fonctionnelle du circuit intégré. However, the degree of security obtained is not absolute because it is always possible for an experienced fraudster to access the secret keys by a functional analysis of the integrated circuit.
Aussi, le problème technique à résoudre par l'objet de la présente invention est de proposer un procédé de détermination d'une clé diversifiée associée à un circuit intégré présentant un plan-mémoire, procédé qui permettrait d'atteindre un niveau de protection des clés diversifiées beaucoup plus élevé du fait notamment d'un stockage statique des clés hors du plan-mémoire et donc inaccessible par analyse fonctionnelle du circuit. Also, the technical problem to be solved by the object of the present invention is to propose a method of determining a diversified key associated with an integrated circuit having a memory map, a method which would make it possible to achieve a level of protection of the keys. diversified much higher especially because of a static storage of the keys out of the memory map and thus inaccessible by functional analysis of the circuit.
La solution au problème technique posé consiste, selon la présente invention, en ce que ledit procédé comporte les étapes suivantes:
(a) réaliser une matrice de N contacts électriques Ci (i = 1, ..., N) à la surface dudit plan-mémoire,
(b) déposer sur ladite matrice une couche d'un matériau à
résistivité électrique inhomogène aléatoire,
(c) déterminer ladite clé diversifiée à partir de la répartition
aléatoire des résistances électriques reliant les différents
contacts électriques Ci de la matrice.The solution to the technical problem posed consists, according to the present invention, in that said method comprises the following steps:
(a) producing a matrix of N electrical contacts Ci (i = 1, ..., N) on the surface of said memory plane,
(b) depositing on said matrix a layer of
random inhomogeneous electrical resistivity,
(c) determining said diversified key from the distribution
random electrical resistors connecting the different
Ci electrical contacts of the matrix.
Ainsi, on utilise la structure résistivement aléatoire de ladite couche comme générateur de la clé diversifiée associée au circuit intégré. Celle-ci n'est donc jamais stockée dans le plan-mémoire du circuit et, de ce fait, est reconstruite à chaque mise sous tension du circuit intégré. De plus, on peut observer que la couche de matériau réalise un écran qui protège le circuit contre toutes lectures frauduleuses. Si cette couche est enlevée ou altérée, la clé est modifiée et les informations demeureront cryptées à jamais. I1 est impossible de lire par un moyen extérieur au circuit intégré les valeurs des résistances prises en compte par le procédé de l'invention pour déterminer la clé diversifiée. Thus, the resistively random structure of said layer is used as a generator of the diversified key associated with the integrated circuit. This is therefore never stored in the memory plane of the circuit and, therefore, is rebuilt every time the integrated circuit is powered up. In addition, it can be observed that the layer of material produces a screen that protects the circuit against any fraudulent readings. If this layer is removed or corrupted, the key is changed and the information will remain encrypted forever. It is impossible to read by means outside the integrated circuit the values of the resistances taken into account by the method of the invention to determine the diversified key.
Afin d'améliorer encore le degré de sécurisation conféré par le procédé conforme à l'invention, il est prévu qu'il comporte à la suite de l'étape (b) une étape consistant à disposer un écran métallique sur ladite couche de matériau à résistivité électronique inhomogène aléatoire. In order to further improve the degree of security conferred by the method according to the invention, it is expected that it comprises, following step (b), a step of disposing a metal screen on said layer of material to be random inhomogeneous electronic resistivity.
Selon un mode de mise en oeuvre particulier du procédé selon l'invention, on réalise ledit matériau à résistivité électrique inhomogène aléatoire en mélangeant une encre à faible résistivité électrique à une encre à forte résistivité électrique. According to a particular embodiment of the process according to the invention, said random inhomogeneous electrical resistivity material is produced by mixing an ink with low electrical resistivity with an ink with a high electrical resistivity.
Enfin, un circuit intégré sécurisé présentant un plan-mémoire est remarquable, selon la présente invention, en ce qu'il comporte une matrice de N contacts électriques Ci (i= 1,..., N) à la surface dudit plan-mémoire, une couche d'un matériau à résistivité électrique inhomogéne aléatoire, déposée sur ladite matrice, et des moyens de détermination de ladite clé diversifiée à partir de la répartition aléatoire des résistances électriques reliant les différents contacts électriques Ci de la matrice. Finally, a secure integrated circuit having a memory plane is remarkable, according to the present invention, in that it comprises a matrix of N electrical contacts Ci (i = 1, ..., N) on the surface of said memory plane a layer of a random inhomogeneous electrical resistivity material deposited on said matrix, and means for determining said diversified key from the random distribution of the electrical resistors connecting the different electrical contacts Ci of the matrix.
La description qui va suivre en regard des dessins annexés, donnés à titre d'exemples non limitatifs, fera bien comprendre en quoi consiste l'invention et comment elle peut être réalisée. The following description with reference to the accompanying drawings, given as non-limiting examples, will make it clear what the invention consists of and how it can be achieved.
La figure 1 est une vue de côté d'un circuit intégré sécurisé par la mise en oeuvre du procédé selon l'invention. Figure 1 is a side view of a secure integrated circuit by the implementation of the method according to the invention.
La figure 2 est une vue de dessus du circuit intégré de la figure 1. FIG. 2 is a view from above of the integrated circuit of FIG.
La figure 3 est un schéma de moyens de détermination d'une clé diversifiée associée au circuit intégré des figures 1 et 2. FIG. 3 is a diagram of means for determining a diversified key associated with the integrated circuit of FIGS. 1 and 2.
La figure 4 est le schéma équivalent des moyens de détermination de la figure 3. FIG. 4 is the equivalent diagram of the determination means of FIG. 3.
Le circuit intégré 10 montré aux figures 1 et 2 présente un plan-mémoire 11, ou face active, sur lequel sont formés des plots métalliques d'entrée/sortie, tels que 12 et 13 sur les figures 1 et 2, destinés à être reliés par des fils conducteurs aux plages métalliques d'un support, non représenté, qui constitue avec le circuit intégré 10 le module électronique d'une carte à mémoire. The integrated circuit 10 shown in FIGS. 1 and 2 has a memory plane 11, or active face, on which are formed metal input / output pads, such as 12 and 13 in FIGS. 1 and 2, intended to be connected. by son son to the metal pads of a support, not shown, which together with the integrated circuit 10 the electronic module of a memory card.
Comme on peut le voir sur les figures 1 et 2, une matrice de
N, ici 9, contacts électriques Ci (i = 1,..., 9) a été réalisée à la surface du plan-mémoire 11 du circuit 10. Cette matrice de contactsiectriques est recouverte, par sérigraphie par exemple, d'une couche 14 d'un matériau à résistivité électrique inhomogène aléatoire, tel qu'un mélange d'une encre à faible résistivité électrique avec une encre à forte résistivité électrique. La couche 14 de matériau a, par exemple, une épaisseur de l'ordre de 10 pm au plus.As can be seen in FIGS. 1 and 2, a matrix of
N, here 9, electrical contacts Ci (i = 1, ..., 9) was made on the surface of the memory plane 11 of the circuit 10. This matrix of electrical contacts is covered, for example by screen printing, with a layer 14 of a random inhomogeneous electrical resistivity material, such as a mixture of an ink with low electrical resistivity with an ink with high electrical resistivity. The layer 14 of material has, for example, a thickness of the order of 10 pm at most.
Ainsi que le montrent les figures 1 et 2, les chemins de courant entre les différents contacts électriques Ci de la matrice peuvent prendre des formes très variées résultant de la structure aléatoire de la résistivité électrique à l'intérieur de la couche 14. As shown in FIGS. 1 and 2, the current paths between the various electrical contacts Ci of the matrix can take a wide variety of forms resulting from the random structure of the electrical resistivity inside the layer 14.
C'est cette répartition aléatoire des résistances électriques entre les contacts Ci qui constitue la base du procédé de détermination d'une clé diversifiée associée au circuit intégré 10, ladite clé étant en quelque sorte une expression numérisée de la répartition des résistances, comme cela sera expliqué en détail plus loin.It is this random distribution of the electrical resistances between the contacts Ci which constitutes the basis of the method for determining a diversified key associated with the integrated circuit 10, said key being in a way a digitized expression of the distribution of the resistors, as will be explained in detail later.
Notons que la clé secrète du circuit étant finalement contenue dans la couche 14 de matériau, il y a avantage à protéger ladite couche en la recouvrant d'un écran métallique 15 qui peut d'ailleurs participer lui-même à l'établissement des chemins de courant comme l'indique la figure 2. Note that the secret key of the circuit being finally contained in the layer 14 of material, it is advantageous to protect said layer by covering it with a metal screen 15 which can also participate itself in the establishment of the paths of as shown in Figure 2.
De même que la couche 14, l'écran métallique 15 peut avoir une épaisseur de 10 Zm (à cet égard le dessin de la figure 2 n'est pas à l'échelle). Like the layer 14, the metal screen 15 may have a thickness of 10 μm (in this respect the drawing of FIG. 2 is not to scale).
On a représenté sur la figure 3 un schéma des moyens utilisés pour la détermination de la clé diversifiée appliquée à la structure de circuit des figures 1 et 2. FIG. 3 shows a diagram of the means used for determining the diversified key applied to the circuit structure of FIGS. 1 and 2.
Ces moyens de détermination comportent un bus comprenant une ligne L1 à une première tension Vcc, une ligne L2 de mesure et une ligne L3 à une deuxième tension Vss. Chaque ligne L1, L2, L3 du bus peut être reliée à un contact électrique de la matrice par l'intermédiaire de trois interrupteurs analogiques commandables
K1, K2, K3 respectivement. En d'autres termes, chaque contact Ci peut être connecté à une et une seule des lignes L1, L2, L3 du bus.These determination means comprise a bus comprising a line L1 at a first voltage Vcc, a measurement line L2 and a line L3 at a second voltage Vss. Each line L1, L2, L3 of the bus can be connected to an electrical contact of the matrix via three controllable analog switches
K1, K2, K3 respectively. In other words, each contact Ci can be connected to one and only one of the lines L1, L2, L3 of the bus.
Le circuit intégré 10 commande les interrupteurs analogiques
K1, K2, K3 de manière à définir un ensemble de triplets de contacts électriques noté (Cj, Ci, Ck)l, au nombre de M (1 = 1,...,
M), les contacts Cj, Ci et Ck étant respectivement reliés aux lignes
L1, L2, L3 du bus. On obtient alors le circuit équivalent de la figure 4 dans laquelle Rij et Rik représentent les résistances électriques reliant le contact Ci aux contacts Cj et Ck respectivement.The integrated circuit 10 controls the analog switches
K1, K2, K3 so as to define a set of triplets of electrical contacts noted (Cj, Ci, Ck) 1, the number of M (1 = 1, ...,
M), the contacts Cj, Ci and Ck being respectively connected to the lines
L1, L2, L3 of the bus. The equivalent circuit of FIG. 4 is then obtained in which Rij and Rik represent the electrical resistances connecting the contact Ci to the contacts Cj and Ck, respectively.
De manière à pouvoir effectuer une comparaison significative des résistances Rij et Rik, il y a avantage à ce que, pour chaque triplet (Cj, Ci, CkXl, les contacts Cj et Ck soient équidistants du contact Ci. Dans ce cas, les résistances Rij et Rik, bien qu'équivalentes, sont en général différentes du fait de l'inhomogénéité aléatoire de la résistivité électrique de la couche 14 de matériau. On utilise alors cette différence pour affecter à chaque triplet (Cj, Ci, Ck)l un bit bl defini par convention par:
bl = 1 Si Rij > Rik
bl = O Si Rij < Rik
On a ainsi un ensemble aléatoire de M bits bl qui, rangés selon une suite ordonnée, détermine la clé diversifiée à attribuer au circuit intégré 10.In order to be able to make a significant comparison of the resistors Rij and Rik, it is advantageous that, for each triplet (Cj, Ci, CkXl, the contacts Cj and Ck are equidistant from the contact Ci. In this case, the resistors Rij and Rik, although equivalent, are generally different because of the random inhomogeneity of the electrical resistivity of the material layer 14. This difference is then used to assign to each triplet (Cj, Ci, Ck) 1 a bit bl defined by agreement by:
bl = 1 If Rij> Rik
bl = O If Rij <Rik
There is thus a random set of M bits b 1, which, arranged in an ordered sequence, determines the diversified key to be allocated to the integrated circuit 10.
En pratique, la tension de la ligne L2 de mesure est comparee à (Vcc + Vus)/2, le signe de cette comparaison permettant d'établir l'information logique bl. Cette technique de mesure de résistance relative a l'avantage de s'affranchir des variations de température et de tension. In practice, the voltage of the measurement line L2 is compared to (Vcc + SU) / 2, the sign of this comparison making it possible to establish the logical information b1. This relative resistance measurement technique has the advantage of being free from temperature and voltage variations.
I1 faut également noter que les résistances additionnelles de mesure doivent être très faibles pour ne pas diminuer l'influence de la dispersion des résistances non homogènes à mesurer. En effet, les canaux de mesure ont eux-même des dispersions qui, si elles devenaient trop importantes, rendraient insuffisantes l'influence et la modification de la couche 14 de matériau, ce qui ouvrirait une possibilité de fraude. It should also be noted that the additional measurement resistances must be very small in order not to diminish the influence of the dispersion of the inhomogeneous resistances to be measured. Indeed, the measurement channels themselves have dispersions which, if they became too large, would make insufficient influence and modification of the layer 14 of material, which would open a possibility of fraud.
Dans l'exemple de la matrice 3 x 3 des figures 1 et 2, les triplets satisfaisant la condition d'équidistance sont:
(C1, C2, C3)1, (C4, Cg, C6)2, (C7, C8 C9)3
(C4, C1, C2)4, (C2, C3, C6)5, (ces, Cg, C6)6, (C4, C7, C8)7
(C1, C4, C7)8, (C2, Cg, Cg)9, (C3, C6, C9}10
(C1, Cg, Cg)ll, (C7, Cg, C3)12, (Ci, C7, C9)13, (C1, C3, C9)14,
(C2, C7, Cg)15, (C1, C8, C3)16,
(C2, C4, C8)17, (C2, C6, C8)18
On obtient alors 18 bits bl associés chacun à un des 18 triplets, d'où une clé diversifiée à 18 bits.In the example of the 3 × 3 matrix of FIGS. 1 and 2, the triplets satisfying the equidistance condition are:
(C1, C2, C3) 1, (C4, C8, C6) 2, (C7, C8 C9) 3
(C4, C1, C2) 4, (C2, C3, C6) 5, (ces, Cg, C6) 6, (C4, C7, C8) 7
(C1, C4, C7) 8, (C2, C8, Cg) 9, (C3, C6, C9)
(C1, C8, Cg) 11, (C7, Cg, C3) 12, (C 1, C7, C9) 13, (C1, C3, C9) 14,
(C2, C7, Cg) 15, (C1, C8, C3) 16,
(C2, C4, C8) 17, (C2, C6, C8) 18
We then obtain 18 bits each associated with one of the 18 triplets, hence a diversified 18-bit key.
Au besoin, la clé obtenue peut être corrigée par un code correcteur d'erreur stocké en mémoire à la personnalisation de la carte. Toutefois, ce code ne permet pas de retrouver la clé si on ne dispose pas de la clé initiale. If necessary, the obtained key can be corrected by an error correction code stored in memory to the personalization of the card. However, this code does not find the key if we do not have the original key.
Claims (11)
Priority Applications (8)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
FR9511078A FR2738970B1 (en) | 1995-09-19 | 1995-09-19 | METHOD FOR DETERMINING A DIVERSIFIED KEY ASSOCIATED WITH AN INTEGRATED CIRCUIT |
FR9604436A FR2738971B1 (en) | 1995-09-19 | 1996-04-05 | METHOD FOR DETERMINING AN ENCRYPTION KEY ASSOCIATED WITH AN INTEGRATED CIRCUIT |
JP51243397A JP3813175B2 (en) | 1995-09-19 | 1996-09-18 | Method for determining an encryption key associated with an integrated circuit |
US09/051,009 US6047068A (en) | 1995-09-19 | 1996-09-18 | Method for determining an encryption key associated with an integrated circuit |
EP96931864A EP0861479B1 (en) | 1995-09-19 | 1996-09-18 | Method for determining an encryption key associated with an integrated circuit |
DE69605445T DE69605445T2 (en) | 1995-09-19 | 1996-09-18 | METHOD FOR GENERATING AN ENCRYPTION KEY PROVIDED WITH AN INTEGRATED CIRCUIT |
AT96931864T ATE187271T1 (en) | 1995-09-19 | 1996-09-18 | METHOD FOR GENERATING AN ENCRYPTION KEY PROVIDED WITH AN INTEGRATED CIRCUIT |
PCT/FR1996/001446 WO1997011442A1 (en) | 1995-09-19 | 1996-09-18 | Method for determining an encryption key associated with an integrated circuit |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
FR9511078A FR2738970B1 (en) | 1995-09-19 | 1995-09-19 | METHOD FOR DETERMINING A DIVERSIFIED KEY ASSOCIATED WITH AN INTEGRATED CIRCUIT |
Publications (2)
Publication Number | Publication Date |
---|---|
FR2738970A1 true FR2738970A1 (en) | 1997-03-21 |
FR2738970B1 FR2738970B1 (en) | 1997-10-10 |
Family
ID=9482786
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
FR9511078A Expired - Fee Related FR2738970B1 (en) | 1995-09-19 | 1995-09-19 | METHOD FOR DETERMINING A DIVERSIFIED KEY ASSOCIATED WITH AN INTEGRATED CIRCUIT |
Country Status (1)
Country | Link |
---|---|
FR (1) | FR2738970B1 (en) |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
FR2848025A1 (en) * | 2002-11-28 | 2004-06-04 | Gemplus Card Int | Protection of an electronic component by a conducting layer with random contact for integrity verification, comprises insulating grid forming micro-channels for access to micro-sensors |
US7587044B2 (en) * | 1998-01-02 | 2009-09-08 | Cryptography Research, Inc. | Differential power analysis method and apparatus |
US7668310B2 (en) | 1998-06-03 | 2010-02-23 | Cryptography Research, Inc. | Cryptographic computation using masking to prevent differential power analysis and other attacks |
US7941666B2 (en) | 1998-07-02 | 2011-05-10 | Cryptography Research, Inc. | Payment smart cards with hierarchical session key derivation providing security against differential power analysis and other attacks |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US3636318A (en) * | 1968-06-24 | 1972-01-18 | Saab Ab | Verifiable identification document |
FR2471083A1 (en) * | 1979-11-30 | 1981-06-12 | Dassault Electronique | Integrated MOSFET code circuit for e.g. bank card - receives cryptic code and has function of transistors determined by doping to prevent analysis |
US4591189A (en) * | 1983-12-27 | 1986-05-27 | Minnesota Mining And Manufacturing Company | Document having light-transmissive, electrically conductive authenticating interior layer |
EP0583709A1 (en) * | 1992-08-17 | 1994-02-23 | THOMSON multimedia | Unforgeable identification device, identification device reader and method of identification |
DE4243888A1 (en) * | 1992-12-23 | 1994-06-30 | Gao Ges Automation Org | Data carrier and method for checking the authenticity of a data carrier |
-
1995
- 1995-09-19 FR FR9511078A patent/FR2738970B1/en not_active Expired - Fee Related
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US3636318A (en) * | 1968-06-24 | 1972-01-18 | Saab Ab | Verifiable identification document |
FR2471083A1 (en) * | 1979-11-30 | 1981-06-12 | Dassault Electronique | Integrated MOSFET code circuit for e.g. bank card - receives cryptic code and has function of transistors determined by doping to prevent analysis |
US4591189A (en) * | 1983-12-27 | 1986-05-27 | Minnesota Mining And Manufacturing Company | Document having light-transmissive, electrically conductive authenticating interior layer |
EP0583709A1 (en) * | 1992-08-17 | 1994-02-23 | THOMSON multimedia | Unforgeable identification device, identification device reader and method of identification |
DE4243888A1 (en) * | 1992-12-23 | 1994-06-30 | Gao Ges Automation Org | Data carrier and method for checking the authenticity of a data carrier |
Cited By (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7587044B2 (en) * | 1998-01-02 | 2009-09-08 | Cryptography Research, Inc. | Differential power analysis method and apparatus |
US8879724B2 (en) | 1998-01-02 | 2014-11-04 | Rambus Inc. | Differential power analysis—resistant cryptographic processing |
US9419790B2 (en) | 1998-01-02 | 2016-08-16 | Cryptography Research, Inc. | Differential power analysis—resistant cryptographic processing |
US7668310B2 (en) | 1998-06-03 | 2010-02-23 | Cryptography Research, Inc. | Cryptographic computation using masking to prevent differential power analysis and other attacks |
US7787620B2 (en) | 1998-06-03 | 2010-08-31 | Cryptography Research, Inc. | Prevention of side channel attacks against block cipher implementations and other cryptographic systems |
US7941666B2 (en) | 1998-07-02 | 2011-05-10 | Cryptography Research, Inc. | Payment smart cards with hierarchical session key derivation providing security against differential power analysis and other attacks |
US9852572B2 (en) | 1998-07-02 | 2017-12-26 | Cryptography Research, Inc. | Cryptographic token with leak-resistant key derivation |
FR2848025A1 (en) * | 2002-11-28 | 2004-06-04 | Gemplus Card Int | Protection of an electronic component by a conducting layer with random contact for integrity verification, comprises insulating grid forming micro-channels for access to micro-sensors |
Also Published As
Publication number | Publication date |
---|---|
FR2738970B1 (en) | 1997-10-10 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
EP0861479B1 (en) | Method for determining an encryption key associated with an integrated circuit | |
CA2041761C (en) | Method for obtaining a secure confirmation in a distributed computer system environment | |
EP1267248B1 (en) | Protected storage of a data in an integrated circuit | |
FR2731536A1 (en) | METHOD FOR SECURE INFORMATION RECORDING ON A PORTABLE MEDIUM | |
WO2001095273A1 (en) | Method for secure storage of sensitive data in a silicon chip integrated system storage, in particular a smart card, and integrated system therefor | |
EP1442557A2 (en) | System and method for creating a secure network using identity credentials of batches of devices | |
WO2003056750A2 (en) | Cryptographic system for group signature | |
FR2746962A1 (en) | DEVICE FOR SECURING A SEMICONDUCTOR PASTILLE | |
EP1055203B1 (en) | Protocol between an electronic key and a lock | |
EP1441313A1 (en) | Public key cryptographical method for protecting an electronic chip against fraud | |
FR2837960A1 (en) | SECURE TRANSACTIONAL ELECTRONIC ENTITY BY MEASURING TIME | |
FR2833119A1 (en) | GENERATION OF SECRET QUANTITIES OF IDENTIFICATION OF AN INTEGRATED CIRCUIT | |
EP1359550A1 (en) | Regeneration of a secret number by using an identifier of an integrated circuit | |
FR2738970A1 (en) | Encryption key application technique for use with electronic integrated circuits | |
WO2019092327A1 (en) | Method for obtaining a digital id with a high level of security | |
EP1567978B1 (en) | Secure electronic entity integrating life span management of an object | |
EP1142193A1 (en) | Method for secure data loading between two security modules | |
FR2627608A1 (en) | PORTABLE DEVICE FOR INTERROGATION, READING AND RECORDING OF AN ELECTRONIC COMPONENT AND / OR MAGNETIC RECORDING TYPE CARD | |
FR2745406A1 (en) | MULTIPLE ACCOUNT MANAGEMENT CARD AND IMPLEMENTATION METHOD | |
EP0900429A1 (en) | Security access control system enabling transfer of authorisation to make keys | |
FR2823341A1 (en) | IDENTIFICATION OF AN INTEGRATED CIRCUIT FROM ITS PHYSICAL MANUFACTURING PARAMETERS | |
EP0824732B1 (en) | Tamper protection and activation method for an electronic gaming device and device therefor | |
FR2772967A1 (en) | PROTECTED EEPROM MEMORY CELL | |
FR2710769A1 (en) | System for processing the data from a microcircuit card, card and reader for this system and method of implementation | |
CA2252001A1 (en) | Security access control system enabling automatic invalidation of stolen or lost electronic keys and/or transfer of authorisation to make keys |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
CA | Change of address | ||
CD | Change of name or company name | ||
TP | Transmission of property | ||
ST | Notification of lapse |
Effective date: 20100531 |