EP1563360A1 - Procede pour proteger un support de donnees portable - Google Patents

Procede pour proteger un support de donnees portable

Info

Publication number
EP1563360A1
EP1563360A1 EP03773695A EP03773695A EP1563360A1 EP 1563360 A1 EP1563360 A1 EP 1563360A1 EP 03773695 A EP03773695 A EP 03773695A EP 03773695 A EP03773695 A EP 03773695A EP 1563360 A1 EP1563360 A1 EP 1563360A1
Authority
EP
European Patent Office
Prior art keywords
action
fbz
data carrier
carried out
operator error
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
EP03773695A
Other languages
German (de)
English (en)
Inventor
Franz Weikmann
Eric Johnson
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Giesecke and Devrient GmbH
Original Assignee
Giesecke and Devrient GmbH
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Giesecke and Devrient GmbH filed Critical Giesecke and Devrient GmbH
Publication of EP1563360A1 publication Critical patent/EP1563360A1/fr
Ceased legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1025Identification of user by a PIN code
    • G07F7/1083Counting of PIN attempts
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/341Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1008Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system

Definitions

  • the invention relates to a method for protecting a portable data carrier according to the preamble of claim 1.
  • Secret data are often stored in portable data carriers and / or secret algorithms are implemented. These can be used, for example, to identify the data carrier as genuine to a terminal, i.e. H. authenticate the disk. Furthermore, the secret data or the secret algorithms are required for authentication of the terminal by the data carrier. Finally, the secret data or algorithms can be used to check a secret number or a biometric feature in order to determine whether a user is authorized to use the data carrier, i. H. the user is authenticated. In order to prevent the secret data or algorithms used in the authentication process from being spied on, it is already known to limit the number of authentication attempts by a misuse payer. The incorrect operator payer is incremented with each authentication attempt and reset when the authentication attempt is successful. If the incorrect operator pays a threshold value, no further authentication attempts are permitted.
  • DE 43 39460 CI discloses a challenge-and-response method for authentication, which is carried out in the context of charging a value memory of a portable data carrier.
  • a lock is set up in the data carrier, which can only be released by changing an error counter status. Then the error counter status is changed and the lock is released.
  • authentication parameters are determined both in the terminal and in the data carrier and in the data carrier ger compared with each other. If there is a match, the blocking device is deactivated, so that the value memory can be recharged and the error counter can be reset.
  • the object of the invention is to further increase the security standard for portable data carriers and, in particular, to restrict the unauthorized access to cryptographic functions.
  • the invention is based on a method for protecting a portable data carrier, wherein an operator error payer is provided, by means of which the number of calls to an action of the data carrier is recorded and an execution of the action is only permitted if the operator error number is below a predefinable threshold value lies.
  • the invention makes use of the knowledge that actions are usually also carried out from a portable data carrier that cannot be secured directly with a misuse payer in the usual way, but that if carried out any number of times, there is still the risk of Disclosure of secret data or algorithms exists.
  • This stems from the fact that, in the conventional sense, the use of an incorrectly operated payer only comes into question when the data are checked for correctness when they are carried out. Depending on the result of the check, the operator error payer incremented each time the action is called is reset or not.
  • the actions secured in the conventional way with a misuse payer are generally particularly critical with regard to potential spying because it depends on them, for example, how to continue using the application or access to data.
  • the operator error payer is assigned to several actions of the data carrier by incrementing the operator error counter when a first action is called and resetting the operator error counter when a second action is successfully carried out. This has the advantage that any actions on the data carrier can be secured with a wrong operator payer against continually repeated calls. It is particularly advantageous that no change in the specification is required for the use of the invention with a data carrier.
  • the first action and the second action can be integrated into a sequence, so that when the data carrier is operated correctly, the second action is always carried out when the first action is carried out. This ensures that if the data carrier is operated correctly after incrementing the operator error payer, there is always the possibility of resetting the operator error counter. At least one further action can be carried out between the first action and the second action. This has the advantage that the further action can also be secured with the incorrect operator payer.
  • the operator error payer is preferably incremented at the beginning of the first action. The incrementation can take place immediately before or immediately after the check.
  • the method according to the invention is used to secure first actions which are designed such that secret data are processed and / or secret algorithms are used when they are carried out.
  • the first action can consist, for example, of generating a random number, encrypting a character string, calculating a checksum or generating a digital signature.
  • the first action is usually designed so that when it is carried out the data carrier does not check whether there is authorized use of the data carrier.
  • the second action is usually designed so that when it is carried out, information transmitted to the data carrier is checked and the operator who pays the operator is reset if the check is successful.
  • the invention is explained below with reference to the embodiments shown in the drawing.
  • the exemplary embodiments each relate to an application situation in which commands are transmitted from a terminal to a portable data carrier.
  • the disk ger which can be designed as a chip card, for example, processes the commands and, if necessary, transmits a result to the terminal.
  • the execution of commands which are critical in this respect is secured by the method according to the invention by a misuse payer. This is illustrated using some typical command sequences.
  • Fig. 2 is a flowchart for a further command sequence, which is also secured with the inventive method and
  • Fig. 3 is a flow chart for yet another command sequence, which in turn is secured with the inventive method.
  • FIG. 1 shows a flowchart which is used to explain the protection of a command which is referred to as INTERNAL AUTHENTICATE.
  • the data carrier encrypts a random number or a character string, which the terminal transmits to it as plain text for this purpose, and outputs the result of the encryption to the terminal.
  • a potential attacker could have this command executed on the data carrier and thereby determine the encrypted text associated with a given plain text.
  • the determined encrypted text may draw conclusions about the encryption method and the key used. The chances of success of such an attack depend, among other things, on the strength of the encryption method, the key length used and the number of calls to the command. With the procedure explained below, the number of calls to the command can be limited to a few, so that the described attack is almost hopeless even with a relatively weak encryption method and a short key.
  • step S1 The flow of the flow chart begins with a step S1, which is executed first when the INTERNAL AUTHENTICATE command is called and in which a query is made as to whether the operator error number FBZ is less than a predeterminable threshold value MAX. If this condition is not met, the flow of the flow chart is finished, i. H. neither the encryption provided by the INTERNAL AUTHENTICATE command nor any other flowchart commands are executed. If the query in step S1 is fulfilled, i. H. if the operator error counter FBZ is less than the threshold MAX, step S1 is followed by a step S2 in which the operator error number FBZ is incremented. Then comes one
  • Step S3 in which the actual processing of the INTERNAL AUTHENTICATE command is carried out, d. H. encryption takes place in particular.
  • the affiliation of steps S1, S2 and S3 to the command INTERNAL AUTHENTICATE is illustrated by a dashed frame.
  • Step S3 is followed by step S4, in which a command labeled INITIALIZE is executed.
  • This command performs initializations, the details of which are for the invention are not relevant.
  • Step S4 is followed by step S5 with the execution of a PURCHASE command, in which a payment transaction is carried out with the data carrier within an exchange application.
  • the execution of the PURCHASE command also includes a step S6 and a step S7.
  • step S6 which immediately follows step S5
  • a query is made as to whether the execution of the PURCHASE command in step S5 was successful. If this is the case, step S7 is carried out next, in which the operator error counter FBZ is reset.
  • the execution of the flowchart ends with the execution of step S7. If the query of step S6 is not fulfilled, the flowchart is ended without resetting the operator error counter FBZ.
  • FIG. 2 shows a flow diagram for a further command sequence, in which the command INTERNAL AUTHENTICATE is again secured.
  • This command sequence is characterized in that the reset of the operator error operator FBZ is carried out as part of a PIN check, in which it is determined whether a secret number has been entered correctly.
  • the statements relating to FIG. 1 apply correspondingly to this command sequence and the process sequence is also designed analogously.
  • Steps S8, S9 and S10 follow one another in this order and are identical to steps S1, S2 and S3 in FIG. 1.
  • Step S10 is followed by a step S11 in which the PIN check is carried out.
  • a query is made as to whether the PIN check was successful.
  • the operating error counter FBZ is then reset in a step S13 and the flow of the flow chart is ended. Otherwise, the flow of the flow chart is ended without resetting the error condition counter FBZ.
  • the affiliation of steps S8, S9 and S10 to the INTERNAL AUTHENTICATE command and steps S11, S12 and S13 for PIN checking are each represented by a dashed frame.
  • step S14 shows a flowchart for yet another command sequence, a GET CHALLENGE command being saved.
  • a random number of data carriers is generated, for example, using a cryptographic algorithm.
  • the generation procedure is to be protected against any number of calls.
  • the statements relating to FIG. 1 also apply in a corresponding manner to the command sequence of FIG. 3.
  • step S16 represents the actual execution of the GET CHALLENGE command, ie the generation of the random number.
  • Step S16 is followed by a step S17 in which a command is executed for which it can be checked by the data carrier whether the execution was authorized. Which command it is in detail is of secondary importance.
  • step S18 it is checked whether the command has been executed successfully, ie whether the required authorization was present. The authorization is generally checked on the basis of information transmitted to the data carrier. If the check is positive, step S19 follows in which the operator error counter FBZ is reset. This completes the flow chart. If the check in step S18 shows that the command was not successfully carried out, the flow of the flow chart is ended without resetting the error counter FBZ.
  • commands can be secured against being called up, but also, for example, a CALCULATE MAC command, in which a checksum is calculated or a SIGN command, in which a digital signature is created, etc.
  • the checking and incrementing the operator error counter FBZ preferably takes place before the actual execution of the command, in order to make possible manipulations as difficult as possible.

Landscapes

  • Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Accounting & Taxation (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Microelectronics & Electronic Packaging (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Storage Device Security (AREA)

Abstract

La présente invention concerne un procédé pour protéger un support de données portable à l'aide d'un compteur d'erreur opératoire (FBZ) qui permet de déterminer le nombre d'appels d'une action du support de données. Une action n'est exécutée que lorsque le compteur d'erreur opératoire (FBZ) se trouve en-dessous d'une valeur seuil prédéfinissable (MAX). Le procédé selon cette invention est caractérisé en ce que plusieurs actions du support de données sont associées au compteur d'erreur opératoire (FBZ) par incrément du compteur d'erreur opératoire (FBZ) lors de l'appel d'une première action et par retour du compteur d'erreur opératoire (FBZ) lors de l'exécution réussie d'une seconde action.
EP03773695A 2002-11-04 2003-11-03 Procede pour proteger un support de donnees portable Ceased EP1563360A1 (fr)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
DE10251265 2002-11-04
DE2002151265 DE10251265A1 (de) 2002-11-04 2002-11-04 Verfahren zum Schutz eines tragbaren Datenträgers
PCT/EP2003/012249 WO2004046897A1 (fr) 2002-11-04 2003-11-03 Procede pour proteger un support de donnees portable

Publications (1)

Publication Number Publication Date
EP1563360A1 true EP1563360A1 (fr) 2005-08-17

Family

ID=32103299

Family Applications (1)

Application Number Title Priority Date Filing Date
EP03773695A Ceased EP1563360A1 (fr) 2002-11-04 2003-11-03 Procede pour proteger un support de donnees portable

Country Status (4)

Country Link
EP (1) EP1563360A1 (fr)
AU (1) AU2003282079A1 (fr)
DE (1) DE10251265A1 (fr)
WO (1) WO2004046897A1 (fr)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE102006061338A1 (de) * 2006-12-22 2008-06-26 Giesecke & Devrient Gmbh Authentisierung portabler Datenträger
DE102008027456A1 (de) 2008-06-09 2009-12-10 Giesecke & Devrient Gmbh Verfahren zum Schutz eines tragbaren Datenträgers

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0570924A3 (en) * 1992-05-20 1994-08-17 Siemens Ag Authentication method of one system-participant by another system-participant in an information transfer system composed of a terminal and of a portable data carrier
DE4339460C1 (de) * 1993-11-19 1995-04-06 Siemens Ag Verfahren zur Authentifizierung eines Systemteils durch ein anderes Systemteil eines Informationsübertragungssystems nach dem Challenge-and Response-Prinzip
DE19831884C2 (de) * 1998-07-17 2001-09-20 Ibm System und Verfahren zum Schutz gegen analytisches Ausspähen von geheimen Informationen
FR2786007B1 (fr) * 1998-11-18 2001-10-12 Gemplus Card Int Procede de controle d'utilisation d'une carte a puce

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See references of WO2004046897A1 *

Also Published As

Publication number Publication date
DE10251265A1 (de) 2004-05-13
AU2003282079A1 (en) 2004-06-15
WO2004046897A1 (fr) 2004-06-03

Similar Documents

Publication Publication Date Title
EP2215609B1 (fr) Procédé de déverrouillage d'une fonction de carte à puce au moyen d'un contrôle à distance
EP1326469B1 (fr) Procédé et dispositif pour vérifier l'authenticité d'un fournisseur de service dans un réseau de communications
DE102012110499B4 (de) Sicherheitszugangsverfahren für elektronische Automobil-Steuergeräte
EP0654919A2 (fr) Procédé d'authentification d'une partie par une autre partie dans un système de transfert d'informations selon le principe Challenge-Response
EP1076887A1 (fr) Procede pour authentifier une carte a puce dans un reseau de transmission de donnees
WO2011054462A1 (fr) Procédé d'interaction sûre avec un élément de sécurité
EP2126858B1 (fr) Carte à puce et procédé de libération d'une fonction de carte à puce
DE102007041370B4 (de) Chipkarte, elektronisches Gerät, Verfahren zur Herstellung einer Chipkarte und Verfahren zur Inbenutzungnahme einer Chipkarte
EP2080144B1 (fr) Procédé pour la libération d'une carte à puce
WO2004046897A1 (fr) Procede pour proteger un support de donnees portable
EP1912184A2 (fr) Dispositif et procédé destinés à la production de données
DE19818998B4 (de) Verfahren zum Schutz vor Angriffen auf den Authentifizierungsalgorithmus bzw. den Geheimschlüssel einer Chipkarte
EP1116358A1 (fr) Procede d'authentification d'au moins un abonne lors d'un echange de donnees
WO2020057938A1 (fr) Procédé permettant une communication sécurisée dans un réseau de communication comportant une pluralité d'unités présentant des niveaux de sécurité différents
DE102009014919A1 (de) Verfahren und Vorrichtung zum Authentifizieren eines Benutzers
EP1054364A2 (fr) Méthode pour améliorer la sécurité de systèmes utilisant des signatures digitales
WO2023072423A1 (fr) Autorisation d'une application sur un élément de sécurité
EP2230648A1 (fr) Masque de mot de passe à usage unique destiné à dévier un mot de passe à usage unique
EP2834767B1 (fr) Système d'ordinateur et procédé pour chargement d'un ordinateur
WO2005073826A1 (fr) Systeme comprenant au moins un ordinateur et au moins un support de donnees portatif
EP2734984B1 (fr) Procédé de protection d'un terminal de cartes à puce contre une utilisation non autorisée
EP3697020A1 (fr) Procédé de fonctionnement de générateurs de flux chiffré fonctionnant en mode compteur destiné à la transmission sécurisée des données, générateur de flux chiffré en mode compteur destiné à la transmission sécurisée des données et produit programme informatique destiné à la génération de flux chiffré
WO2018103791A1 (fr) Puce-implant présentant une authentification à deux facteurs
EP1715617A2 (fr) Procédé destiné à l'exploitation d'un système doté d'un support de données portatif et d'un terminal
WO2002089393A2 (fr) Procede pour securiser une transmission de donnees entre plusieurs unites de transmission de donnees et composants correspondants

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

17P Request for examination filed

Effective date: 20050606

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IT LI LU MC NL PT RO SE SI SK TR

AX Request for extension of the european patent

Extension state: AL LT LV MK

DAX Request for extension of the european patent (deleted)
RIN1 Information on inventor provided before grant (corrected)

Inventor name: JOHNSON, ERIC

Inventor name: WEIKMANN, FRANZ

17Q First examination report despatched

Effective date: 20120808

REG Reference to a national code

Ref country code: DE

Ref legal event code: R003

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION HAS BEEN REFUSED

18R Application refused

Effective date: 20140410