EP1714203A1 - System with at least one computer and at least one portable data support - Google Patents
System with at least one computer and at least one portable data supportInfo
- Publication number
- EP1714203A1 EP1714203A1 EP05701220A EP05701220A EP1714203A1 EP 1714203 A1 EP1714203 A1 EP 1714203A1 EP 05701220 A EP05701220 A EP 05701220A EP 05701220 A EP05701220 A EP 05701220A EP 1714203 A1 EP1714203 A1 EP 1714203A1
- Authority
- EP
- European Patent Office
- Prior art keywords
- computer
- security module
- portable data
- data carrier
- secret information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Ceased
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/34—User authentication involving the use of external additional devices, e.g. dongles or smart cards
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
Definitions
- the invention relates to a system with at least one computer and at least one portable data carrier.
- the invention further relates to a method for operating such a system.
- DE 41 2 964 AI discloses a data exchange system with a device which is designed in particular as a terminal for carrying out transactions in cashless payment transactions, a data carrier which is assigned to a user, and a display unit.
- the authorization of the user is determined by checking a personal characteristic entered by the user.
- the data of the data carrier contain a data word known only to the user, which is transmitted to the device in coded form before the request for the input of the personal feature and, after decoding, is displayed to the user for comparison by a cryptographic unit contained in the device and characterizing the authenticity of the device becomes. This gives the user the opportunity to check the authenticity of the device in a simple manner before revealing his personal feature.
- the invention has for its object to ensure the highest possible security standard when using a computer for an application in connection with a portable data carrier.
- the system according to the invention has at least one computer which has a security module, protected against unauthorized access, for storing secret data and for carrying out cryptographic operations. Furthermore, the system according to the invention has at least one portable data carrier which is assigned to a user.
- the peculiarity of the system according to the invention is that a functionality for displaying a stored in the portable data carrier and only Secret information known to the user in plain text is provided by means of a display device of the computer, according to which the plain text of the secret information is only displayed correctly if a predetermined condition is met.
- the invention has the advantage that the user can easily conclude whether the specified condition is fulfilled by comparing the plain text of the secret information displayed with the content known to him. As long as the confidentiality of the secret information is guaranteed, even by manipulating the system, it is not possible to pretend that the condition has been met.
- the predetermined condition is met if the security module is authentic and / or a secure communication channel is present between the security module and the portable data carrier.
- a secure communication channel is present between the security module and the portable data carrier.
- the secret information is preferably transmitted in a cryptographically secured form from the portable data carrier to the security module.
- the security module has a decryption function for decrypting the cryptographically secured secret information.
- the secret information tion via the secured communication channel from the portable data carrier to the security module. As a result, the secured communication channel can be included in the test without any significant additional effort.
- cryptographic keys used to secure the communication channel can be provided in connection with mutual authentication between the security module and the portable data carrier. This has the advantage that it is difficult to spy out the keys.
- the secured communication channel is accessible to at least one application executed with the system. This enables the application to use both the security module and the portable data carrier. This is advantageous, for example, in the case of a signature application which transmits the data to be signed to the portable data carrier via the secured communication channel.
- the specified condition is met if the integrity of one or more software components of the computer is proven.
- This has the advantage that the user is able to assure himself of the integrity of the software components of the computer. This can, for example, prevent the user from entering confidential data into a compromised computer.
- Manipulation can be caused, for example, by a computer virus or the like.
- the computer can have test software for determining a test value for at least one software component of the computer.
- the test software can preferably be executed when the computer is restarted. This has the advantage that the integrity of the software components can be determined immediately after the restart.
- the safety module can be provided for storing the test value. This can prevent any manipulation of the test value.
- At least one value for a comparison with the determined test value is preferably stored in the portable data carrier. Since the portable data carrier is assigned to the user, these measures strengthen the user's confidence in the test.
- the computer includes the function of a mobile radio telephone or is designed as a mobile radio telephone.
- the invention further relates to a method for operating a system with at least one computer which has a security module protected against unauthorized access for storing secret data and for performing cryptographic operations, and with at least one portable data carrier which is assigned to a user.
- the method according to the invention is characterized in that Show device of the computer, the plain text of a secret information stored in the portable data carrier, which is only known to the user, is correctly displayed when a predetermined condition is met.
- the portable data carrier is designed as a chip card.
- Fig. 3 is a flowchart for a functionality with which the user can check the authenticity of the security module of the computer and
- Fig. 4 is a highly simplified block diagram to illustrate the processes after a restart of the computer.
- FIG. 1 shows a basic illustration of an exemplary embodiment of the system according to the invention.
- the system has a computer 1 and one
- Chip card 2 that communicate with each other.
- the computer 1 which can be designed, for example, as a personal computer, laptop, cell phone, PDA (personal digital assistant), etc., has electronics 3, a keyboard 4, a screen 5, a chip card reader 6 and a security device. module 7, which are each connected to the electronics 3.
- the electronics 3 are used in particular to carry out applications which are implemented in the computer 1 and accordingly controls the keyboard 4, the screen 5, the chip card reader 6 and also the security module 7. This control enables, for example, the input of data using the keyboard 4 and the display of data on the screen 5.
- the security module 7 is used in particular to store secret data and to carry out cryptographic operations.
- the security module 7 is protected against unauthorized access and can in particular be designed in accordance with the chip card 2, which will be described in more detail below. This eliminates the need to protect the computer 1 as a whole.
- the chip card 2 has an integrated circuit 8 which is electrically conductively connected to a contact field 9 of the chip card 2.
- an operating voltage and further signals which are required for the operation of the chip card 2 are fed to the integrated circuit 8 via the contact field 9.
- the communication between the computer 1 and the chip card 2 takes place via the contact field 9.
- the communication is carried out with the aid of a standardized transmission protocol, with which commands are transmitted from the computer 1 to the chip card 2.
- the chip card 2 executes the commands and transmits responses dependent on the result of the execution to the computer 1.
- the commands and the responses are each sent to the transmission in the form of standardized data units.
- the data units which the commands represent are usually referred to as application protocol data units or APDUs for short.
- the communication is carried out confidentially, authentically and with integrity. This can be realized with the help of cryptographic methods and cryptographic keys, which are present in the security module 7 of the computer 1 and in the chip card 2. Cryptographic keys, which are required for securing the communication, can be used, for example.
- B. in connection with a mutual authentication of the security module 7 and the chip card 2 are provided.
- the communication channel secured in this way between the security module 7 of the computer 1 and the chip card 2 can be used by an application executed by the computer 1.
- a signature application can send the data to be signed to the chip card 2 via the secured communication channel. More information on the secured communication channel is explained with reference to FIG. 2.
- Fig. 2 shows a schematic representation of the flow of communication between the computer 1 and the chip card 2 via the secured communication channel.
- This communication via the secured communication channel is also referred to below with the commonly used term Secure Messaging.
- the electronics 3 of the computer 1 transmits a command to the security module 7, for example as part of the execution of an application.
- Step S1 is followed by a step S2 in which the security module 7 commands the forwarding to the chip card 2 secured by cryptography.
- Cryptographically secured command which is in the form of a secured APDU, is transmitted to the smart card 2 with the aid of the smart card reader 6.
- step S4 the data of the received command that is relevant in connection with secure messaging is checked by a secure messaging layer of chip card 2.
- the received command is also decrypted.
- step S5 the command from the chip card 2 is executed.
- the result of the execution of the command is noted in a response that is generated in a step S6 in a standard format.
- step S6 is followed by a step S7 in which a secure messaging data structure is generated from the response.
- the response secured in this way is transmitted to the computer 1 in a step S8.
- step S9 the answer is checked and decrypted in a step S9 by the security module 7 and then forwarded to the electronics 3 of the computer 1.
- Step S9 is followed by a step S10 in which the response is evaluated by the electronics 3 of the computer 1, for example by continuing the application using the response. Then the sequence described above can be started again by means of a further command, which in turn can be created by the application, and the communication can thus be continued.
- FIG. 3 shows a flowchart for a functionality with which the user can check the authenticity of the security module 7 of the computer 1.
- the flowchart is greatly simplified and represents only the functional principle, but not every detail of the actual process.
- the flow of the flowchart begins with a step S11 in which the user of the chip card 2 initiates the check by selecting the routine provided for this. This selection can be made, for example, by an appropriate input on the keyboard 4 of the computer 1.
- Step S11 is followed by step S12, in which secret information stored on the chip card 2, the plain text of which is only known to the user, is provided in a cryptographically secured form.
- the cryptographically secured secret information is transmitted to the computer 1 via the secured communication channel.
- Step S13 is followed by step S14, in which the secret information is decrypted by the security module 7 of the computer 1.
- the clear text of the secret information determined in this way is displayed in a subsequent step S15 on the screen 5 of the computer 1 and can thus be compared by the user with the reference value of the secret information known to him. Since only an authentic security module 7 is able to correctly determine the plain text, the user can use the plain text displayed to assess whether the security module 7 present in the computer 1 is authentic.
- the correct plain text is also an indication of a properly secured communication channel, since otherwise the secret information is not correctly sent to the computer 1 would transfer.
- the flow of the flowchart is ended with step S15.
- the display of the plain text of the secret information is associated with the display of further information, such as status information, information about the configuration, about the security module 7, about the computer 1, about active applications, etc.
- the sequence shown in FIG. 3 can be implemented in that a command in the form of an APDU is transmitted from the computer 1 to the chip card 2 and the cryptographically secured secret information is then sent back to the computer 1 as a response.
- the invention is not limited to checking the authenticity of the security module 7, but there is additionally or alternatively the possibility of verifying the integrity of the software used by the computer 1.
- the integrity of the software can be impaired, for example, by the computer 1 being infected with a computer virus or the like. Since this can lead to malfunctions, loss of data and possibly even the disclosure of confidential data, there is a strong interest on the part of the user to be able to verify the integrity of the software. How this is possible within the scope of the invention is explained with reference to FIG. 4.
- FIG. 4 shows a highly simplified block diagram to illustrate the processes after a restart of the computer 1. Only actions that are of interest in the context of the invention are shown.
- the illustration in FIG. 4 contains some software components of the computer 1. In detail, this is a test software 10, a BIOS 11, a loading routine 12, an operating system 13 and an application software 14.
- test software 10 When the computer 1 is restarted, the test software 10 is activated first.
- the test software 10 is also referred to as the Core Root of Trust for Measurment, abbreviated CRTM, and can also be integrated in the BIOS 11.
- the test program is activated first before other BIOS routines are executed.
- the activation of the test software 10 has the result that it checks the BIOS 11 in a step S21.
- the test value determined in this way is transmitted to the security module 7 in a subsequent step S22 and stored there in a register PCR # 0.
- Step S22 is followed by step S23, in which the test software 10 starts executing the BIOS 11.
- the BIOS 11 checks the loading routine 12 in a step S24.
- the test value determined in this way is transmitted to the security module 7 in a step S25 and stored there in a register PCR # 1.
- the BIOS 11 then starts the execution of the loading routine 12 in a step S26, which serves to load the operating system 13.
- the operating routine 13 is checked by the loading routine 12 in a step S27.
- the test value determined as the result is then transmitted to the safety module 7 in a step S28 and stored there in a register PCR # 2.
- Step S28 is followed by step S29, in which the execution of the operating system 13 is started by the loading routine 12.
- the operating system 13 checks the application software 14 in a step S30.
- the test value determined in the process is then shaken to the security module 7 in a step S31 and stored there in a register PCR # 8.
- Step S31 is followed by step S32, in which the operating system 13 starts executing the application software 14.
- a step S33 is carried out, in which the chip card 2 requests the stored test values from the security module 7.
- the security module 7 signs the test values with a private key and transmits them to the chip card 2 in a step S34.
- the chip card 2 verifies the signature to determine whether the security module 7 is authentic. For this purpose, the associated public key was previously transferred to the chip card 2 in a trustworthy way.
- the chip card 2 compares the test values with stored expected values. If there is a complete match, the integrity of the software components for which the test values have been determined is assumed. If both the authenticity of the security module 7 and the integrity of the software components are ascertained, the chip card 2 transmits the secret information known only to the user in plain text to the operating system 13 in a step S35.
- the operating system 13 then initiates the secret information in a step S36 appears on the screen 5. From the correct display of the secret information, the user can conclude that both the authenticity check and the integrity check were successful.
- the user thus knows that the computer 1 has an authentic security module 7 and is trustworthy at least with regard to the tested software components and can then carry out trustworthy operations on the computer 1.
- the user can use the computer 1 to sign a document.
- the invention can in particular also be used with a computer 1 which contains the function of a mobile radio telephone or is designed as a mobile radio telephone, which is also referred to as a mobile phone.
- the security module 7 is preferably designed as a device area protected against unauthorized access or as a security module of the mobile radio telephone.
- the chip card 2 serves as a subscriber identity module (SIM), with the aid of which the mobile radio telephone proves, among other things, its access authorization to a mobile radio network.
- SIM subscriber identity module
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
Abstract
Description
Claims
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
DE200410004552 DE102004004552A1 (en) | 2004-01-29 | 2004-01-29 | System with at least one computer and at least one portable data carrier |
PCT/EP2005/000811 WO2005073826A1 (en) | 2004-01-29 | 2005-01-27 | System with at least one computer and at least one portable data support |
Publications (1)
Publication Number | Publication Date |
---|---|
EP1714203A1 true EP1714203A1 (en) | 2006-10-25 |
Family
ID=34801211
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
EP05701220A Ceased EP1714203A1 (en) | 2004-01-29 | 2005-01-27 | System with at least one computer and at least one portable data support |
Country Status (3)
Country | Link |
---|---|
EP (1) | EP1714203A1 (en) |
DE (1) | DE102004004552A1 (en) |
WO (1) | WO2005073826A1 (en) |
Families Citing this family (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
DE102009052389A1 (en) * | 2009-11-09 | 2011-05-12 | Giesecke & Devrient Gmbh | Method for secure interaction with a security element |
Family Cites Families (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
DE4142964C2 (en) * | 1991-12-24 | 2003-05-08 | Gao Ges Automation Org | Data exchange system with verification of the device for authentication status |
DE59205856D1 (en) * | 1992-01-22 | 1996-05-02 | Siemens Nixdorf Inf Syst | Procedure for mutual authentication of a chip card and a terminal |
IL135475A (en) * | 1999-04-20 | 2004-09-27 | Sun Mycrosystems Inc | Method and apparatus for enabling a user to authenticate a system prior to providing any user-privileged information |
-
2004
- 2004-01-29 DE DE200410004552 patent/DE102004004552A1/en not_active Withdrawn
-
2005
- 2005-01-27 EP EP05701220A patent/EP1714203A1/en not_active Ceased
- 2005-01-27 WO PCT/EP2005/000811 patent/WO2005073826A1/en not_active Application Discontinuation
Non-Patent Citations (1)
Title |
---|
See references of WO2005073826A1 * |
Also Published As
Publication number | Publication date |
---|---|
WO2005073826A1 (en) | 2005-08-11 |
DE102004004552A1 (en) | 2005-08-18 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
EP3574625B1 (en) | Method for carrying out an authentication | |
DE60129967T2 (en) | BIOMETRY BASED CERTIFICATION IN A NON-VOLATILE MEMORY DEVICE | |
DE102004062203B4 (en) | Data processing device, telecommunication terminal and method for data processing by means of a data processing device | |
EP3748521B1 (en) | Method for reading attributes from an id token | |
DE102011115135A1 (en) | Microprocessor system with secure runtime environment | |
EP1697820B1 (en) | Method for activation of an access to a computer system or to a programme | |
EP2389644B1 (en) | Method for unlocking a chip card function and reader for a chip card | |
EP3206151B1 (en) | Method and system for authenticating a mobile telecommunication terminal on a service computer system and mobile telecommunication terminal | |
EP3271855B1 (en) | Method for generating a certificate for a security token | |
DE602004011965T2 (en) | PROCEDURE AND CIRCUIT FOR IDENTIFYING AND / OR VERIFYING HARDWARE AND / OR SOFTWARE OF A DEVICE AND A DEVICE WORKING WITH THE DEVICE | |
EP1915718B1 (en) | Method for protecting the authentication of a portable data carrier relative to a reading device via an unsecure communications path | |
EP1912184A2 (en) | Data generating device and method | |
WO2005073826A1 (en) | System with at least one computer and at least one portable data support | |
EP2169579A1 (en) | Method and device for accessing a machine readable document | |
EP3361436B1 (en) | Method for releasing a transaction | |
DE19818998B4 (en) | Method for protecting against attacks on the authentication algorithm or the secret key of a chip card | |
WO2014023802A1 (en) | Device assembly for carrying out or releasing an electronic service and method for securely entering authorization data | |
EP1063862A2 (en) | System and method for setting up a communication between an enduser device and a network | |
EP1993054B1 (en) | Method for extracting software from a terminal | |
DE102021005350A1 (en) | Authorize an application on a security element | |
EP2819077A1 (en) | Method for activating at least one service in an e-wallet | |
DE102019109343A1 (en) | Method and device for transmitting digital data | |
EP1987466B1 (en) | Method for securing authority over activation of applications within a security module | |
WO2019162082A1 (en) | Method for providing secure access to hardware components within a user terminal, and user terminal of this type | |
DE102017104916A1 (en) | Method for providing a passphrase and biometric device |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PUAI | Public reference made under article 153(3) epc to a published international application that has entered the european phase |
Free format text: ORIGINAL CODE: 0009012 |
|
17P | Request for examination filed |
Effective date: 20060829 |
|
AK | Designated contracting states |
Kind code of ref document: A1 Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IS IT LI LT LU MC NL PL PT RO SE SI SK TR |
|
RIN1 | Information on inventor provided before grant (corrected) |
Inventor name: WACKER, DIRK Inventor name: GAWLAS, FLORIAN Inventor name: MEISTER, GISELA Inventor name: URIAN, RAINER Inventor name: NESS, WERNER |
|
17Q | First examination report despatched |
Effective date: 20061229 |
|
DAX | Request for extension of the european patent (deleted) | ||
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: THE APPLICATION HAS BEEN REFUSED |
|
18R | Application refused |
Effective date: 20091214 |