FR2787221A1 - Secure access processing using IC card by calculating second authentication code and comparing first and second authentication codes and ceasing command execution if codes are different - Google Patents

Abstract

A first authentication code (ACs) is obtained using a cryptography function. The built-in circuit receives such an order to calculate a second code of authentication (AC) using a cryptography device (37) to compare the first (ACs) and second authentication codes (AC) and a command will not be executed if the first and second codes are different.

Description

INTEGRATED CIRCUIT WITH SECURE ACCESS

  The present invention relates to integrated circuits for smart cards, electronic labels, and

  other portable electronic objects.

  The present invention relates more particularly to a method for securing access to an integrated circuit comprising a memory, a communication interface for receiving digital commands, a central unit for interpreting and executing commands

  received, and means of cryptography.

  In application WO 97/14119, the applicant proposed an authentication method making it possible to protect access to an integrated circuit of smart card. This method, although offering an excellent degree of security, may prove to be insufficient when applied to integrated circuits operating without contact, for

  reasons which will be explained below.

  As a reminder, FIG. 1 schematically represents the conventional architecture of an integrated circuit 10 of a contactless smart card, comprising a communication interface 11 provided with an antenna coil L1, a central unit 12, a memory 13, a cryptographic circuit 14 with secret key Ks and a generator 15 of random codes ALINT. Next to the integrated circuit 10 is a contactless smart card reader 20, comprising a communication interface 21 provided with an antenna coil L2, a microprocessor 22 and a program memory 23. When the coil L1 of the integrated circuit is located near the reader coil L2, both devices can tUT -T1I

2 2787221

  exchange data by inductive coupling and carry out a transaction. During a transaction, the reader sends digital commands to the integrated circuit 10, for example commands to read or write from the memory 13, and the integrated circuit 10 sends confirmation messages, accompanied where appropriate by data

read from memory 13.

  According to application WO 97/14119, and very schematically, a transaction cannot be carried out until the integrated circuit 10 has not verified that the reader knows the secret key Ks and the cryptographic function FKS performed by the circuit 14. A To this end, the integrated circuit 10 sends to the reader 20 a random code ALINT, supplied by the generator 15, and the reader 20 returns to the integrated circuit 10 an authentication code AC1 of the type:

AC1 = FKS (ALINT),

  calculated by transformation of the random code ALINT at

  using the FKS cryptography function.

  For its part, the integrated circuit 10 calculates, by means of the cryptography circuit 14, an authentication code AC2:

AC2 = FKS (ALINT)

  and compares the code AC1 with the code AC2 which he calculated himself. If the two codes are different, the integrated circuit blocks or locks its output. Thus, the integrated circuit 10 responds to subsequent commands only on condition of having previously authenticated the

reader 20.

  Despite this precaution, the risk remains that a fraudster will replace the reader 20 with a fraudulent device NE71 T11Uw

3,2787221

  after the authentication procedure of reader 20 is carried out. This risk, well known in the field of conventional contact cards, has been eliminated in the prior art by the provision of mechanisms with total card insertion, making inaccessible the

  electrical connection with the integrated circuit of a card.

  However, this solution does not apply to contactless smart cards, which work without insertion at a distance of a few centimeters from a reader. Thus, it is technically possible for a fraudster to gradually move a contactless smart card away from the magnetic field emitted by an authentic reader, while bringing it closer to the magnetic field emitted by a simulator equipped with an antenna coil. The integrated circuit of the card, during communication, would not notice the substitution and would execute the commands issued by the fraudulent device. In this way, it would be possible to send fraudulent commands to an integrated circuit, in particular commands to write to the memory of falsified data. For example, a fraudster could reload a unit counter

  representing a monetary value.

  On the other hand, some low cost integrated circuits of simple design are not equipped with a random code generator. The authentication procedure for reader 20 is therefore not

  feasible and these circuits remain unprotected.

  The present invention aims to overcome these drawbacks. More particularly, an objective of the present invention is that commands addressed to an integrated circuit be executed only on the condition of being

  issued by an authorized device.

  This objective is achieved by providing a method for securing access to an integrated circuit

4,2787221

  comprising a memory, a communication interface for receiving digital commands, a central unit for executing received commands, and cryptography means, in which at least one command of a certain type is sent to the integrated circuit accompanied by a first authentication code calculated by coding all or part of the command by means of a cryptography function, and in that the integrated circuit is arranged for, on receipt of such a command: calculating a second authentication code by coding of all or part of the order, by means of cryptography; compare the first and second authentication codes, and do not execute the command if the

  first and second codes are different.

  According to one embodiment, the command comprises

a random binary word.

  According to one embodiment, the command is a

  write command in the memory of the integrated circuit.

  According to one embodiment, any command sent to the integrated circuit is accompanied by an authentication code, the authenticity of which is verified by

the integrated circuit.

  The present invention also relates to an integrated circuit comprising a memory, a communication interface for receiving digital commands, a central unit for interpreting and executing received commands, cryptography means arranged to calculate an authentication code from all or part of an order received, means for comparing the authentication code with a signature accompanying the order, and not executing the order if the signature

  is not the same as the authentication code.

  According to one embodiment, the cryptography means comprise a cryptography circuit with

  wired logic with serial input and output.

2787221

  According to one embodiment, the integrated circuit comprises a contactless communication interface and means for converting a command received in the form

  series in one or more binary words.

  According to one embodiment, the integrated circuit is arranged to send an error message when the signature accompanying an order does not conform to the authentication code calculated by the cryptography means. The present invention also relates to an electronic portable object, in particular a smart card,

  comprising an integrated circuit according to the invention.

  These and other features of the present invention will be discussed in more detail in

  the following description of the process of the invention and of a

  exemplary embodiment of an integrated circuit implementing this method, in relation to the appended figures in which: FIG. 1 previously described schematically represents the architecture of an integrated circuit of contactless smart card and of a reader of contactless card, - Figure 2 shows in the form of blocks the electrical diagram of a contactless integrated circuit according to the invention, and - Figure 3 is the logic diagram of a

  comparator shown as a block in Figure 2.

  FIG. 2 represents the electrical diagram of an integrated circuit 30 according to the invention, intended for example to be arranged in a plastic card to form a smart card. The integrated circuit conventionally comprises a contactless communication interface 31 provided with an antenna coil Ll, an input buffer 32, an output buffer 33, an internal bus 34, here eight MW TïI Iun

6 2787221

  bits, as well as a central unit 35 and a memory 36

connected to bus 34.

  The interface 31 is provided for receiving or transmitting binary data by inductive coupling, in the presence of an alternating magnetic field emitted by the antenna coil L2 of a terminal 40 comprising a contactless communication interface 41. The reception of data is provided by demodulation of an induced voltage Vac,

  of frequency Fo, appearing at the terminals of the coil L1.

  The data transmission is made by modulating the load of the coil L1. To fix the ideas, one will find in the applications WO 98/02840 and WO 98/02980 a

  detailed description of the operation of such

  interface 31. The interface 31 also includes frequency dividers (not shown) for delivering a

  clock signal H whose frequency FH is a sub-

  multiple of the frequency Fo, as well as a binary clock signal Hb whose frequency Fb is a sub-multiple of

the frequency FH.

  The buffer 32 is a shift register comprising a serial input connected to the interface 31 via a switch SW1, and a parallel output connected to the bus 34. The buffer 33 is a shift register comprising a connected parallel input to bus 34 and a serial output connected to

  the interface 31 by means of a switch SW2.

  The central unit 35, here a wired logic sequencer of a type known per se, is arranged to decode and execute high-level commands sent by the terminal 40. These data are received in serial form by the interface 31 and are injected into the input buffer 32. The content of the buffer 32 is downloaded in parallel to the bus 34 every eight bits received, in the form of binary BWini words forming CMD commands executed by the central processing unit 35. D ' on the other hand, the responses of Ad r

7 2787221

  the central unit 35 are delivered in the form of binary BWouti words transformed into serial data by the output buffer 33, then sent to the terminal 40 by the interface 31. Still conventionally, the integrated circuit 30 comprises a cryptography circuit 37 with wired logic, for example the circuit described in application WO 97/14120, provided with a secret memory in which a secret key Ks is recorded. The circuit 37 includes a serial input IN connected to the interface 31 by a switch SW3 , a serial output OUT connected to the interface 31 by a switch SW4, and is controlled by signals RD and WR. When a CE code is applied to the input IN and the signal RD is at 1, the bits of the CE code are absorbed by the circuit 37 at the rate of the binary clock Hb. When the signal WR is at 1, the output OUT delivers an authentication code AC synchronized with the binary clock Hb, of the type AC = FKs (CE) According to the method of the invention, a command CMD sent to the integrated circuit 30 is accompanied by an authentication code ACs, calculated by coding the CMD command by means of an alleged cryptography function

  identical to the FKS function performed by circuit 37.

  A command according to the invention is thus presented in the following format: CMD ACs and comprises a command field formed by the CMD command itself, and a signature field comprising the authentication code ACs. On receipt of the CMD command, the central unit 35 checks the code ACs in nffI 1i O

8 2787221

  injecting the CMD command bits at the input of the cryptography circuit 37. The circuit 37 delivers an AC code which is compared to the ACs code. If the two codes are not identical, the command is considered not to have been issued by an authorized device and is not

  executed by the central unit 35.

  More particularly, according to the embodiment shown in Figure 2, the output of circuit 37 is connected, via a switch SW5, to an input IN1 of a logic comparator 38 whose other input IN2 is connected at the interface 31 via a switch SW6. The comparator 38 is controlled by signals SET, COMP delivered by the central unit 35, and delivers on its output OUT a signal VAL

sent to central unit 35.

  FIG. 3 schematically represents an embodiment of the comparator 38. The inputs IN1, IN2 are applied to an EXCLUSIVE OR gate 50. The output of the gate 50 is applied to a first input of a NAND gate 60, the other input receives COMP signal. The output of gate 60 is applied to a first input of a NAND gate 61. The signal SET is applied to an input of a NAND gate 62. The gates 61, 62 have their outputs reciprocally brought back to

  their second entries and form a memory seesaw.

  The output of gate 62 forms the output OUT of the comparator. Before comparing two codes, the SET signal is set to 0 for a short time and the output OUT goes to 1. During the comparison of two codes, the

COMP signal is kept at 1.

  As it appears in FIG. 2, the method of the invention is here under the control of the central unit which delivers signals S1 to S6 for controlling the switches SW1 to SW6. When the significant part of an order, i.e. the CMD field, is received by t'uE 1

9 2787221

  the interface 31, the switches SW1 and SW3 are closed and the signal RD is set to 1. The CMD field is conventionally sent to buffer 32 and is delivered to

  the central processing unit 35 in the form of binary BWini words.

  Simultaneously, the CMD field is injected into the circuit 37. When all the bits of the CMD field are received, the central unit 35 opens the switches SW1, SW3,

  closes switches SW5, SW6 and sets signal WR to 1.

  The circuit 37 delivers an authentication code AC as a function of the CMD field:

AC = FKS (CMD),

  which is applied bit by bit to the input IN1 of the comparator 38. Simultaneously, the input IN2 of the comparator receives the bits of the code ACs forming the signature field of the command. The bits of the ACs code and the bits of the AC code are compared one after the other, at the rate of the clock Hb. If a bit of the AC code is different from a bit of the same rank of the ACs code, the OUT output of the comparator goes to 0 and the central unit 35

does not execute the command.

  Thus, the signature ACs according to the invention makes it possible to verify in real time the authenticity of the device sending the commands. During a transaction, the replacement of the terminal 40 by a fraudulent device not knowing the FKs function will inevitably lead to a signature error ACs, and the

  orders received will not be executed.

  As another advantage, the signature ACs according to the invention makes it possible to detect transmission errors and replaces the conventional signatures of the CRC (Cyclic Redundant Check) type. Thus, preferably, the central unit 35 is programmed to send an error message when the signature ACs is incorrect. He niV -You

2787221

  it is not necessary for the central unit to be able to distinguish between signature errors due to a transmission error and signature errors due to

an attempted fraud.

  To fix the ideas, we will briefly describe examples of commands used by the applicant for the implementation of the invention. The general format of these commands is as follows: | CODEop I ADD I DT | AC, I AC2 1 A command is thus divided into eight-bit fields found in the integrated circuit in the form of BWini binary words. The CODEop field contains the code of the operation to be executed and a coded indication of the number of bytes present in the command. The second field, optional, contains an ADD address for reading or writing to memory 36. The third field, optional, contains data DT to be written to memory 36. The last two fields contain two signature bytes AC1, AC2 together forming the authentication code ACs according to the invention This general format makes it possible to provide various types of commands, in particular: READ command (reading from memory) CODEREAD ADD | AC, 1 | AC2 l This command includes the CODEREAD operation code, an ADD read address, and two signature bytes

AC1, AC2.

  WRITE command (write to memory): t l

WRITE:

CODEWRTE ADD W | W2 W W4 W AC1 AC2

  This command includes the code of the CODEwRITE operation, a write address ADD, a binary data item to be written in the memory, comprising here several bytes W1 to W4,

  and two signature bytes AC1, AC2.

  AUTHENTICATE command (authentication request)

AUTHENTICATE

CODEAUTH I ALEA1 ALEA2 ALEA3 ALEA4

  This authentication command of the integrated circuit 30, in itself conventional, comprises the code of the operation CODEAUTH and a random datum comprising four bytes ALEA, at ALEA4. In response to this command, the central processing unit 35 applies the ALEAi bytes to the input of the circuit 37, and

  returns the authentication code obtained to terminal 40.

  INIT command (initialization of a communication) INIT CODEiNIT In response to this command, if the integrated circuit 30 is equipped with a generator 39 of random words ALINT as shown in FIG. 2, the central unit 35 returns a message of the type :

INF ALINT1 ALINT2

1lm

12 2787221

  comprising an information field INF and a random word ALINT of 16 bits. The central unit 35 also sends the random word ALINT to the input of the circuit 37, waits for the terminal 40 to return an authentication code based on the random word ALINT, and compares the authentication code received and the code calculated by the circuit 37. So here we find the authentication process

  described in application WO 97/14119, cited in the preamble.

  Thus, the present invention can be combined with the conventional authentication methods of the

  integrated circuit 30 or terminal 40 authentication.

  Since integrated circuits for smart cards are generally equipped with a cryptography circuit, the implementation of the invention requires few hardware means and a modification of the central unit 35 to the

scope of the skilled person.

  According to an alternative embodiment of the method of the invention, the terminal 40 inserts into the command field CMD a random datum ALEA, for example a byte. An order according to the invention is then presented, for example, in the following format:

CODEO ADD DT ALEA AC1 AC2

  In this case, and advantageously, two commands having strictly identical CODEop, ADD and DT fields do not

  do not have the same authentication code AC1, AC2.

  It will be clear to those skilled in the art that the present invention is susceptible of numerous other variants and embodiments. On the one hand, instead of being applied to all commands, the invention can be used for the authentication of certain commands requiring a high degree of security, in particular commands for writing to memory. In this case, the central unit 35 analyzes the operation code of the f-T YlVU

13 2787221

  commands received before implementing the method of the invention. On the other hand, the authentication code AC can be elaborated by using only part of the bits of the control field CMD as input code of the cryptography function FKs. Furthermore, certain characteristics of the integrated circuit described above, such as the serial / parallel transformation of the binary data received by the communication interface, are not imperative to the implementation of the invention. In general, the present invention applies to various architectures of integrated circuits known to those skilled in the art, with parallel bus or with serial bus, with wired logic or with microprocessor. Thus, the FKS cryptography function can be performed by a wired logic circuit, as described above, or by a program loaded in the

memory of a microprocessor.

  Finally, although the objective mentioned in the preamble is to improve the security offered by contactless integrated circuits, it is obvious that the invention is applicable to integrated circuits with contacts. The invention can in particular be applied to integrated circuits with two operating modes, with or without contact, described in applications WO 98/06057 and

FR 9715836.

14 2787221

Claims (10)

  1. Method for securing access to an integrated circuit (30) comprising a memory (36), a communication interface (31, L1) for receiving digital commands (CMD), a central unit (35) for executing commands received, and cryptography means (37), characterized in that at least one command of a certain type is sent to the integrated circuit accompanied by a first authentication code (ACs) calculated by coding all or part of the command by means of a cryptography function (FKS), and in that the integrated circuit is arranged for, on receipt of such a command: - calculate a second authentication code (AC) by coding all or part of the command, thanks to the cryptography means (37), - compare the first (ACs) and the second (AC) authentication codes, and - do not execute the command if the first and the second codes are different.   2. The method of claim 1, wherein   said command includes a random binary word (ALEA).   3. Method according to one of claims 1 and 2   wherein said command is a write command   in the memory (36) of the integrated circuit.   4. Method according to one of claims 1 to 3,   in which any command sent to the integrated circuit is accompanied by an authentication code (ACs) of which   authenticity is verified by the integrated circuit.   5. Integrated circuit (30) comprising a memory (36), a communication interface (31, L1) for receiving digital commands (CMD), a unit UIWT T lm - 2787221   central (35) for interpreting and executing received commands, characterized in that it comprises: - cryptography means (37) arranged to calculate an authentication code (AC) from all or part of a received command , - means (35, 38, SW5, SW6) for comparing the authentication code (AC) with a signature (ACs) accompanying the order, and not executing the order if the signature (ACs) is not identical to code authentication (AC).   6. The integrated circuit as claimed in claim 5, in which the cryptography means comprise a cryptography circuit (37) with wired logic with serial input and output.   7. Integrated circuit according to one of claims 5   and 6, comprising a contactless communication interface (31) and means (32) for converting a command received in serial form into one or more words binaries (BWini).   8. Integrated circuit according to one of claims 5   to 7, arranged to send an error message when the signature accompanying an order does not conform to the authentication code calculated by the cryptography means. 9. Portable electronic object, including a   integrated circuit according to one of claims 5 to 8.   10. Smart card, comprising an integrated circuit   according to one of claims 5 to 8. a -, i iRI