US20110078451A1 - Encrypted Communication System with Restricted Rate of Stored Encryption Key Retrievals - Google Patents
Encrypted Communication System with Restricted Rate of Stored Encryption Key Retrievals Download PDFInfo
- Publication number
- US20110078451A1 US20110078451A1 US12/885,578 US88557810A US2011078451A1 US 20110078451 A1 US20110078451 A1 US 20110078451A1 US 88557810 A US88557810 A US 88557810A US 2011078451 A1 US2011078451 A1 US 2011078451A1
- Authority
- US
- United States
- Prior art keywords
- key
- variant
- memory
- chip
- keys
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Abandoned
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/14—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms
- H04L9/16—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms the keys or algorithms being changed during operation
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/002—Countermeasures against attacks on cryptographic mechanisms
- H04L9/003—Countermeasures against attacks on cryptographic mechanisms for power analysis, e.g. differential power analysis [DPA] or simple power analysis [SPA]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0894—Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
- H04L9/0897—Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage involving additional devices, e.g. trusted platform module [TPM], smartcard or USB
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
Definitions
- the present invention relates to the field of secure communication.
- the invention has been developed primarily to enable communication between various integrated circuits in a printer, including cartridges for use with the printer, and will be described with reference to this application. However, it will be appreciated that the invention has broad application in the general field, including use in software, hardware and combinations of the two.
- the first variant key is retrieved and used to generate a digital signature for every communication with the first external entity.
- a DPA attack can acquire a sufficient number of power traces to analyse the first variant key, but as this key will only authenticate communication with the first external entity, it is of little value to the attacker. Clone cartridges using this key will work with one printer only.
- a user may legitimately want to share an ink cartridge between two or three printers.
- the cartridge will need to retrieve the base key from non-volatile memory at least three times to generate the variant keys for the respective printers.
- the cache memory can store three variant keys
- the QA chip will not reach the base key retrieval limit if the cartridge is swapped between the user's printers numerous times.
- a DPA attacker can potentially determine all three variant keys, but this still only limits any clone cartridge to use with three printers which is not commercially worthwhile.
- the device further comprises a set of masking numbers, wherein during use, the generation of each of the variant keys using the one-way function is a calculation that has several separate terms and at least one of the masking numbers of added as an additional term, and subsequently subtracted from the result of the calculation.
- a set of masking numbers is unpredictable to the attacker and it will change the power consumption waveform but not affect the final cryptographic result.
- the one way function is SHA1.
- the present invention provides a device for encrypted communication with external entities, the device comprising:
- the second memory is a rewritable memory for storing a predetermined number of the variant keys, the predetermined number of variant keys being less than the threshold number of times that the base key can be retrieved from the non-volatile memory.
- the write operation is decrementing the resource data as an indication of consumption of the physical resource.
- the device is incorporated into an ink cartridge.
- FIG. 3 is a system diagram of a typical use scenario of an ink cartridge with a QA chip according to the invention
- FIG. 5 is a flowchart of the method steps involved in the system shown in FIG. 2 ;
- the communication between the second printer 14 and the QA chip 4 is authenticated by retrieving the second variant key (step 140 ) to digitally sign transmitted data (step 142 ).
- ALU CMOS arithmetic logic unit
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Theoretical Computer Science (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Bioethics (AREA)
- Accessory Devices And Overall Control Thereof (AREA)
- Storage Device Security (AREA)
- Mobile Radio Communication Systems (AREA)
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US12/885,578 US20110078451A1 (en) | 2009-09-29 | 2010-09-20 | Encrypted Communication System with Restricted Rate of Stored Encryption Key Retrievals |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US24653109P | 2009-09-29 | 2009-09-29 | |
US12/885,578 US20110078451A1 (en) | 2009-09-29 | 2010-09-20 | Encrypted Communication System with Restricted Rate of Stored Encryption Key Retrievals |
Publications (1)
Publication Number | Publication Date |
---|---|
US20110078451A1 true US20110078451A1 (en) | 2011-03-31 |
Family
ID=43781616
Family Applications (6)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US12/885,576 Active 2031-04-15 US8533451B2 (en) | 2009-09-29 | 2010-09-20 | Method of encrypted communication with limited number of stored encryption key retrievals |
US12/885,580 Abandoned US20110078457A1 (en) | 2009-09-29 | 2010-09-20 | Method of Encrypted Communication with Restricted Rate of Stored Encryption Key Retrievals |
US12/885,574 Active 2031-07-15 US8504848B2 (en) | 2009-09-29 | 2010-09-20 | Encrypted communication device with limited number of encryption key retrievals from memory |
US12/885,575 Active 2031-06-11 US8615085B2 (en) | 2009-09-29 | 2010-09-20 | Encrypted communication system with limited number of stored encryption key retrievals |
US12/885,578 Abandoned US20110078451A1 (en) | 2009-09-29 | 2010-09-20 | Encrypted Communication System with Restricted Rate of Stored Encryption Key Retrievals |
US12/885,577 Active 2031-03-26 US8635455B2 (en) | 2009-09-29 | 2010-09-20 | Encrypted communication device with restricted rate of encryption key retrievals from memory |
Family Applications Before (4)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US12/885,576 Active 2031-04-15 US8533451B2 (en) | 2009-09-29 | 2010-09-20 | Method of encrypted communication with limited number of stored encryption key retrievals |
US12/885,580 Abandoned US20110078457A1 (en) | 2009-09-29 | 2010-09-20 | Method of Encrypted Communication with Restricted Rate of Stored Encryption Key Retrievals |
US12/885,574 Active 2031-07-15 US8504848B2 (en) | 2009-09-29 | 2010-09-20 | Encrypted communication device with limited number of encryption key retrievals from memory |
US12/885,575 Active 2031-06-11 US8615085B2 (en) | 2009-09-29 | 2010-09-20 | Encrypted communication system with limited number of stored encryption key retrievals |
Family Applications After (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US12/885,577 Active 2031-03-26 US8635455B2 (en) | 2009-09-29 | 2010-09-20 | Encrypted communication device with restricted rate of encryption key retrievals from memory |
Country Status (10)
Country | Link |
---|---|
US (6) | US8533451B2 (ja) |
EP (1) | EP2520044B1 (ja) |
JP (1) | JP5483777B2 (ja) |
KR (1) | KR101347001B1 (ja) |
AU (1) | AU2010302937C1 (ja) |
CA (1) | CA2767189C (ja) |
IL (1) | IL217639A (ja) |
SG (1) | SG178847A1 (ja) |
TW (1) | TWI505686B (ja) |
WO (1) | WO2011038443A1 (ja) |
Families Citing this family (17)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8386800B2 (en) * | 2009-12-04 | 2013-02-26 | Cryptography Research, Inc. | Verifiable, leak-resistant encryption and decryption |
JP5737101B2 (ja) * | 2011-09-15 | 2015-06-17 | ブラザー工業株式会社 | 印刷装置および印刷装置の制御方法 |
US10797864B2 (en) * | 2011-11-21 | 2020-10-06 | Combined Conditional Access Development And Support, Llc | System and method for authenticating data while minimizing bandwidth |
US9239920B2 (en) | 2013-04-23 | 2016-01-19 | Qualcomm Incorporated | Generation of working security key based on security parameters |
CN105683843B (zh) | 2013-08-30 | 2019-05-31 | 惠普发展公司,有限责任合伙企业 | 经由定时质询响应的供给认证 |
BR112016004405B1 (pt) * | 2013-08-30 | 2022-08-16 | Hewlett-Packard Development Company, L.P | Cartucho de suprimento de impressora e dispositivo de suprimento substituível |
FR3015726B1 (fr) * | 2013-12-24 | 2016-01-08 | Morpho | Procede de traitement comparatif securise |
CN103879157B (zh) * | 2014-01-20 | 2016-10-05 | 珠海艾派克微电子有限公司 | 成像盒存储芯片的参数发送方法、存储芯片及成像盒 |
EP3147830B1 (en) * | 2015-09-23 | 2020-11-18 | Nxp B.V. | Protecting an integrated circuit |
EP3698976B1 (en) | 2016-06-17 | 2021-08-04 | Hewlett-Packard Development Company, L.P. | Replaceable item authentication |
US10313117B1 (en) * | 2016-06-30 | 2019-06-04 | Amazon Technologies, Inc. | Cryptographic key management to prevent data exfiltration |
AU2016325189A1 (en) | 2016-10-27 | 2018-05-17 | Hewlett-Packard Development Company, L.P. | Replaceable item authentication |
KR101934221B1 (ko) * | 2016-10-27 | 2018-12-31 | 휴렛-팩커드 디벨롭먼트 컴퍼니, 엘.피. | 교체가능 물품 인증 |
US10990300B2 (en) * | 2018-04-16 | 2021-04-27 | Lexmark International, Inc. | Methods for restricting read access to supply chips |
WO2019204327A1 (en) | 2018-04-16 | 2019-10-24 | Lexmark International, Inc. | Methods for restricting read access to supply chips |
CN113518988A (zh) * | 2019-03-05 | 2021-10-19 | 密码研究公司 | 嵌入式中央处理单元上的抗侧通道攻击存储器访问 |
EP4350545A3 (en) * | 2021-07-16 | 2024-06-05 | Hewlett-Packard Development Company, L.P. | Logic circuitry packages for replaceable print apparatus components |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20030194086A1 (en) * | 1999-01-11 | 2003-10-16 | Lambert Robert J. | Method for strengthening the implementation of ECDSA against power analysis |
GB2421407A (en) * | 2004-12-18 | 2006-06-21 | Hewlett Packard Development Co | Generating a shared symmetric key using identifier based cryptography |
US20070242123A1 (en) * | 2004-01-21 | 2007-10-18 | Silverbrook Research Pty Ltd | Media web cartridge removably mountable to printing system |
US20090300735A1 (en) * | 2008-05-28 | 2009-12-03 | Sony Dadc Austria Ag | Method for controlling access to content on data carrier |
Family Cites Families (13)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6298336B1 (en) * | 1997-12-19 | 2001-10-02 | Visa International Service Association | Card activation at point of distribution |
EP1090480B1 (en) | 1998-06-03 | 2019-01-09 | Cryptography Research, Inc. | Improved des and other cryptographic processes with leak minimization for smartcards and other cryptosystems |
CA2334597C (en) * | 1998-07-02 | 2007-09-04 | Cryptography Research, Inc. | Leak-resistant cryptographic indexed key update |
CN1422399A (zh) | 2000-04-11 | 2003-06-04 | 汤姆森许可贸易公司 | 用于安全地存储保密信息的系统和方法,在这种系统中使用的设备与服务器和有关数字内容分布的方法 |
IL161652A0 (en) | 2001-11-14 | 2004-09-27 | Ibm | Device and method with reduced information leakage |
JP4522098B2 (ja) * | 2004-01-13 | 2010-08-11 | 株式会社エヌ・ティ・ティ・データ | アプリケーションパーソナライズシステム |
US7557941B2 (en) | 2004-05-27 | 2009-07-07 | Silverbrook Research Pty Ltd | Use of variant and base keys with three or more entities |
JP4717398B2 (ja) * | 2004-09-10 | 2011-07-06 | キヤノン株式会社 | データ処理装置の制御方法 |
JP4544538B2 (ja) * | 2005-01-24 | 2010-09-15 | パナソニック株式会社 | 署名生成装置、鍵生成装置及び署名生成方法 |
JP4969106B2 (ja) | 2006-01-05 | 2012-07-04 | ルネサスエレクトロニクス株式会社 | マイクロコントローラ |
US8001383B2 (en) * | 2007-02-01 | 2011-08-16 | Microsoft Corporation | Secure serial number |
JP4962165B2 (ja) * | 2007-06-22 | 2012-06-27 | 大日本印刷株式会社 | 暗号処理装置,暗号処理プログラム及び暗号処理方法 |
US7945792B2 (en) * | 2007-10-17 | 2011-05-17 | Spansion Llc | Tamper reactive memory device to secure data from tamper attacks |
-
2010
- 2010-09-20 TW TW099131869A patent/TWI505686B/zh active
- 2010-09-20 AU AU2010302937A patent/AU2010302937C1/en active Active
- 2010-09-20 US US12/885,576 patent/US8533451B2/en active Active
- 2010-09-20 SG SG2012012175A patent/SG178847A1/en unknown
- 2010-09-20 EP EP10819728.6A patent/EP2520044B1/en active Active
- 2010-09-20 KR KR1020127003705A patent/KR101347001B1/ko active IP Right Grant
- 2010-09-20 WO PCT/AU2010/001222 patent/WO2011038443A1/en active Application Filing
- 2010-09-20 CA CA2767189A patent/CA2767189C/en active Active
- 2010-09-20 US US12/885,580 patent/US20110078457A1/en not_active Abandoned
- 2010-09-20 US US12/885,574 patent/US8504848B2/en active Active
- 2010-09-20 US US12/885,575 patent/US8615085B2/en active Active
- 2010-09-20 US US12/885,578 patent/US20110078451A1/en not_active Abandoned
- 2010-09-20 US US12/885,577 patent/US8635455B2/en active Active
- 2010-09-20 JP JP2012524060A patent/JP5483777B2/ja active Active
-
2012
- 2012-01-19 IL IL217639A patent/IL217639A/en active IP Right Grant
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20030194086A1 (en) * | 1999-01-11 | 2003-10-16 | Lambert Robert J. | Method for strengthening the implementation of ECDSA against power analysis |
US20070242123A1 (en) * | 2004-01-21 | 2007-10-18 | Silverbrook Research Pty Ltd | Media web cartridge removably mountable to printing system |
GB2421407A (en) * | 2004-12-18 | 2006-06-21 | Hewlett Packard Development Co | Generating a shared symmetric key using identifier based cryptography |
US20090300735A1 (en) * | 2008-05-28 | 2009-12-03 | Sony Dadc Austria Ag | Method for controlling access to content on data carrier |
Also Published As
Publication number | Publication date |
---|---|
KR101347001B1 (ko) | 2014-01-02 |
TW201134175A (en) | 2011-10-01 |
US20110078449A1 (en) | 2011-03-31 |
EP2520044A4 (en) | 2014-10-08 |
IL217639A (en) | 2015-05-31 |
US20110078450A1 (en) | 2011-03-31 |
US8635455B2 (en) | 2014-01-21 |
EP2520044B1 (en) | 2016-11-09 |
WO2011038443A1 (en) | 2011-04-07 |
AU2010302937C1 (en) | 2014-11-06 |
EP2520044A1 (en) | 2012-11-07 |
AU2010302937B2 (en) | 2014-08-07 |
CA2767189A1 (en) | 2011-04-07 |
JP2013502098A (ja) | 2013-01-17 |
AU2010302937A1 (en) | 2013-03-21 |
US8504848B2 (en) | 2013-08-06 |
US8615085B2 (en) | 2013-12-24 |
US20110078457A1 (en) | 2011-03-31 |
TWI505686B (zh) | 2015-10-21 |
SG178847A1 (en) | 2012-04-27 |
US20110078454A1 (en) | 2011-03-31 |
US20110078456A1 (en) | 2011-03-31 |
US8533451B2 (en) | 2013-09-10 |
KR20120049261A (ko) | 2012-05-16 |
JP5483777B2 (ja) | 2014-05-07 |
CA2767189C (en) | 2015-02-10 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US8533451B2 (en) | Method of encrypted communication with limited number of stored encryption key retrievals | |
US7986439B2 (en) | Resource entity using resource request entity for verification | |
US7953982B2 (en) | Method of authenticating digital signature | |
US20060004829A1 (en) | Rolling keys | |
US20070211292A1 (en) | Method Of Storing Code Segements In Plural Printer Cartridges | |
US20070211291A1 (en) | Method Of Storing Bit-Pattern In Plural Printer Cartridges | |
US20100250942A1 (en) | System for enabling authenticated communication between entities | |
EP1736889A1 (en) | Use authentication method, use authentication program, information processing device, and recording medium | |
US20060224889A1 (en) | Methods for authenticating an identity of an article in electrical communication with a verifier system | |
JP2010527219A (ja) | 物理的に複製不可能な機能を用いて電子機器のセキュリティを電子的に確保する方法およびシステム | |
US20060259965A1 (en) | Method and system for using shared secrets to protect access to testing keys for set-top box | |
EP3513976B1 (en) | Methods and apparatuses for authorized use and refill of a printer cartridge | |
EP3214567B1 (en) | Secure external update of memory content for a certain system on chip | |
WO2011061263A1 (en) | Countermeasures against power attacks for the randomization of the exponent | |
CN101465726B (zh) | 用于秘钥的反破解方法及执行此方法的控制器与储存装置 | |
US9015476B1 (en) | Cryptographic device operable in a challenge-response mode | |
EP3881214B1 (en) | Change-tolerant method of generating an identifier for a collection of assets in a computing environment |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AS | Assignment |
Owner name: SILVERBROOK RESEARCH PTY LTD, AUSTRALIA Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:STARR, MATTHEW RAYMOND;PRICE-WHITE, STEPHEN CAMERON;REEL/FRAME:025009/0981 Effective date: 20100830 |
|
AS | Assignment |
Owner name: ZAMTEC LIMITED, IRELAND Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:SILVERBROOK RESEARCH PTY. LIMITED;REEL/FRAME:029918/0791 Effective date: 20120503 |
|
AS | Assignment |
Owner name: ZAMTEC LIMITED, IRELAND Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:SILVERBROOK RESEARCH PTY. LIMITED;REEL/FRAME:030169/0193 Effective date: 20120503 |
|
STCB | Information on status: application discontinuation |
Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION |