WO1998029813A1 - Method for ensuring the safety of a security module, and related security module - Google Patents
Method for ensuring the safety of a security module, and related security module Download PDFInfo
- Publication number
- WO1998029813A1 WO1998029813A1 PCT/FR1997/002389 FR9702389W WO9829813A1 WO 1998029813 A1 WO1998029813 A1 WO 1998029813A1 FR 9702389 W FR9702389 W FR 9702389W WO 9829813 A1 WO9829813 A1 WO 9829813A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- sensitive operation
- interrupted
- execution
- tests
- sensitive
- Prior art date
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F12/00—Accessing, addressing or allocating within memory systems or architectures
- G06F12/14—Protection against unauthorised use of memory or access to memory
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F7/00—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
- G07F7/08—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
- G07F7/10—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
- G07F7/1008—Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F12/00—Accessing, addressing or allocating within memory systems or architectures
- G06F12/14—Protection against unauthorised use of memory or access to memory
- G06F12/1458—Protection against unauthorised use of memory or access to memory by checking the subject access rights
- G06F12/1466—Key-lock mechanism
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/52—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
- G06F21/54—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by adding security routines or objects to programs
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/34—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
- G06Q20/341—Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F7/00—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
- G07F7/08—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
- G07F7/0806—Details of the card
- G07F7/0813—Specific details related to card security
- G07F7/082—Features insuring the integrity of the data on or in the card
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F7/00—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
- G07F7/08—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
- G07F7/0806—Details of the card
- G07F7/0813—Specific details related to card security
- G07F7/0826—Embedded security module
Definitions
- the invention relates to a method for securing a security module arranged to cooperate with an information processing device, the module comprising information processing means and information storage means and being arranged to execute a set of operations including at least one sensitive operation.
- sensitive operation is understood to mean any operation the execution of which has significant repercussions on: - security in general: with regard in particular to any operation aimed at verifying the clearance of a person vis-à-vis regarding access to certain information, services or functions;
- the application concerned in particular with regard in particular to any operation aimed at defining or modifying certain parameters characterizing the fundamental rights and obligations of a user vis-à-vis this application (for example, for a banking application, a operation to update an account balance).
- the term "security module” must be taken, either in its classic sense in which it designates a device intended, in a communication or information network, to be owned by an organization supervising the network and to be stored in a protected manner secret and fundamental parameters of the network such as cryptographic keys, that is to say more simply designating a device assigned to various users of the network and allowing each of them to have access to it, this latter device also being capable of hold secret parameters.
- the security module may take the form of a portable object of the smart card type.
- the problem which the invention aims to solve is to prevent an interruption of the sensitive operation in progress from occurring, or at least to control the number of interruptions likely to occur.
- the invention relates in particular to fraudulent interruptions, without however excluding accidental interruptions.
- the risk is that operations aimed at securing the execution of said set of operations, do not execute.
- operations aimed at securing the execution of said set of operations do not execute.
- it is the operation of writing the result of the comparison, which aims to limit the number of authorized tests.
- the fraudster manages to stop the program after comparison but before writing his result, he can repeat a large number of times the operation of presentation of a new confidential code, and possibly take advantage of the observation of electrical signals present at the terminals of the safety module, signals which are in practice always influenced by the nature of the calculation or result.
- the fraudster's storage of a large number of such observations and a statistical analysis the latter may possibly be able to identify the correct confidential code of the user.
- This problem is solved according to the invention by providing measures allowing the security module to check whether the sensitive operation or the sensitive operations previously triggered have been executed in full or not and, if not, to prohibit the execution of the sensitive operation to come.
- the method according to the invention comprises the steps consisting in: executing, on the occasion of each execution of the sensitive operation and upstream of it, a first additional sequence of operations intended to activate means signaling and, downstream of said sensitive operation, a second additional sequence of operations intended to deactivate said signaling means; -accounting for each interrupted test for which the sensitive operation was triggered but not executed, so that the signaling means were first activated but were not subsequently deactivated, so as to define a number of tests interrupted found N RS ;
- the invention also relates to a security module designed to implement this method.
- FIG. 1 is the diagram of a security module to which is intended for the invention, cooperating with an information processing device;
- FIG. 2 is a flowchart of execution of a sensitive operation
- FIGS. 3a to 3c and 4a, 4b represent the state of a counter for breaks in the C RS sequence at different times, during the execution of one or more sensitive operations.
- the information processing device 1 shown in FIG. 1 comprises in a manner known per se a microprocessor 2 to which are connected a ROM memory 3, and a RAM memory 4, means 5 for cooperating with a security module 8, and a transmission interface 7 allowing the information processing device to communicate with another similar device, either directly or through a communication network.
- the device 1 can also be equipped with storage means such as floppy disks or removable or non-removable discs, input means (such as a keyboard and / or a pointing device of the mouse type) and display means, these different means not being shown in FIG. 1.
- storage means such as floppy disks or removable or non-removable discs
- input means such as a keyboard and / or a pointing device of the mouse type
- display means these different means not being shown in FIG. 1.
- the information processing device can be constituted by any computer device installed on a private or public site and capable of providing means of information management or delivery of various goods or services, this device being permanently installed or portable. It can in particular also be a telecommunications device.
- the security module 8 includes information processing means 9, an associated non-volatile memory 10, and means 13 for cooperating with the information processing device. This module is arranged to define, in the memory 10, a secret zone 11 in which information once recorded, is inaccessible from outside the module but only accessible to the processing means 9, and a free zone 12 which is accessible from outside the module for reading and / or writing information.
- Each memory zone can include a non-erasable part ROM and an erasable part EPROM, EEPROM, or made up of RAM memory of the "flash" type, that is to say having the characteristics of an EEPROM memory with further times identical to those of a conventional RAM.
- a volatile memory RAM not shown, is also provided.
- a security module 8 it is possible in particular to use a microprocessor with self-programmable non-volatile memory, as described in American patent n ° 4,382,279 in the name of the Applicant.
- the self-programmable nature of the memory corresponds to the possibility for a program fi located in this memory, to modify another program fj also located in this memory into a program gj.
- the means to be used to carry out this self-programming can vary according to the technique used to design the information processing means 9, it is recalled that, in the case where these processing means are constituted by a microprocessor associated with a non-volatile memory and according to the aforementioned patent, these means can include:
- this writing program can however be replaced by a writing automaton with logic circuits.
- the microprocessor of the security module 8 is replaced - or at least supplemented - by logic circuits implanted in a semiconductor chip.
- such circuits are capable of carrying out calculations, in particular of authentication and signature, thanks to wired, and not microprogrammed, electronics. They can in particular be of the ASIC type (from the English “Application Specifies Integrated Circuit”).
- the security module 8 will be designed in monolithic form on a single chip.
- the security nature of the security module may result from its location in a tamper-proof enclosure.
- the aforementioned signaling means comprise at least one C RS sequence break counter arranged to count sequence breaks occurring during the execution of the sensitive operation, that is to say interruptions occurring in the execution, step by step, of this operation.
- This counter is incorporated into the information processing means 9 of the security module 8.
- there are two reference numbers namely a number of observed sequence breaks N RS and a number of breaks authorized sequence N RS A, the first corresponding to the number of sequence breaks which have occurred in the execution of a sensitive operation determined since a determined time, and the second corresponding to the maximum number of sequence breaks which can occur without causing a blockage of the security module.
- the instant from which the number of N RS sequence breaks is calculated corresponds to a first commissioning of the security module by a user for whom it is intended, the number N RS counting any break of sequence intervened from this moment until a determined day.
- N RSA it is determined by an authority so as to take into account sequence breaks resulting, not from a fraudulent act, but from operating anomalies of the security module likely to intervene spontaneously over its entire lifetime.
- N RS A should be chosen small, otherwise a fraudster would benefit from a comfortable number of attempts to try to violate the security module.
- N RSA will be less than twenty, in particular less than ten.
- a first step 21 consists in checking whether the number of sequence breaks N RS is much less than or equal to the number of sequence breaks authorized N RSA - If not , a sequence break is brought about to prohibit the execution of the sensitive operation: this interruption may be either final in that it will prevent any subsequent execution of this sensitive operation, or even in that it will block any subsequent operation of the security module, whatever the operation envisaged, is provisional if it is foreseen that the sensitive operation may be executed again in the future after a reset of the number of N RS sequence breaks by an authorized authority.
- a second step 22 consists in incrementing the sequence break counter C RS by one unit.
- the next step is to perform the sensitive operation itself. If this operation has taken place in full, that is to say without an accidental or fraudulent break in the sequence having occurred, the sequence break counter C RS is then decremented by one unit in step 24 , so as to recover the value it had before the start of the sensitive operation.
- the operation 21 for testing the value of the number of sequence breaks N RS may be performed after that 22 of incrementing the sequence break counter C RS by one unit.
- FIGS. 3a to 3c show successive states taken by the C RS sequence break counter, prior to the execution of a sensitive operation to be protected. This counter consists of a cyclic file with several positions
- each position being materialized by at least one memory cell.
- the number of positions is equal to eight, numbered from 1 to 8.
- a value of the number of breaks in sequence N RS is stored, except in one position (here position 5) which is blank because containing no value. Any blank position is marked with the symbol 0.
- FIG. 3a represents the state of the counter upstream of step 22 of the flow diagram of FIG. 2.
- the position located above the blank position (here position 4) stores a current value N RS corresponding to a current value of the counter, while the six positions 3 to 1 then 8 to 6 respectively store different values, taken successively by going back in time, namely N RS +1 for position 3, N RS for position 2 .. etc..up to N RS -2 for the oldest position 6, these positions corresponding to a certain number of successive sensitive operations.
- -position 4 state of the counter just after step 24 (removal of a unit), which shows that no sequence interruption, voluntary or accidental, occurred during this execution of the sensitive operation.
- positions 7 and 8 correspond to the following events, relating to a previous execution of sensitive operation: -position 7: state of the counter before step 22 of FIG. 2;
- position 6 it corresponds to the state of the counter just before step 24, during an execution of an even older sensitive operation. Indeed, the value it contains corresponds to that of position 7, increased by one.
- FIG. 3b shows the state of the sequence break counter in a preliminary execution phase of step 22 of the flow diagram of FIG. 2.
- the processing means information 9 from the security module erased the position 6 located below the blank position 5, thus defining a new blank position.
- the information processing means 9 have executed step 22 of FIG. 2 by adding a unit to the current value N RS of position 4 and by storing the result N RS +1 in the position next 5.
- FIGS. 4a and 4b show successive states taken by the sequence break counter C RS , downstream of the execution of the sensitive operation 23 of FIG. 2.
- FIG. 4a shows the state of the sequence break counter in a preliminary phase of execution of step 24 of FIG. 2.
- the information processing means 9 of the security module have erased the position 7 located below the new blank position 6.
- the information processing means 9 executed step 24 of FIG. 2 by subtracting a unit from the current value N RS +1 from position 5 and by storing the result N RS in position next 6.
- the signaling function is advantageously nested with that of counting the sequence breaks using a single device: the C RS sequence break counter.
- the steps 21, 22 and 24 of incrementation and decrementation of the counter can be conceived as subroutines of a main program constituted by the sensitive operation itself.
- a reference or address of the counter is entered as a parameter when the subroutine is called. This mode of operation adds flexibility in the implementation of sequences of operations.
- C RS sequence break counters In the case where one wishes to secure several distinct sensitive operations and intended to be executed independently of one another, one can define as many C RS sequence break counters as there are operations, each one verifying the correct execution of an operation sensitive determined. However, according to a preferred mode, only one common counter is defined, which will be incremented, and in principle decremented, during the execution of any of these sensitive operations. This observation also applies to the case where the counter is replaced by a flag.
- An important concern of the invention is that the security procedure described does not result in slowing down, or even blocking the operation of the security module, due to the inevitable accidental interruptions which are observed throughout the operating period of this, relating not only to sensitive operations but also to ordinary operations, such as those relating to the application concerned (financial application, service provision, etc.), the non-execution of which does not affect security in general, nor the fundamental rights and obligations of the user in the application concerned.
- the large number of operations thus secured would risk increasing consequently the number of accidental interruptions noted: the number of authorized sequence breaks N RSA would then be reached more quickly, so that a partial or total blocking of the security module would also intervene more quickly.
- An improvement of the invention consists in that the authorized number of interrupted tests N RSA includes a random number varying each time that a determined number of sensitive operations have been triggered.
- the number N RSA varies at a determined frequency, but it takes successive values which are not foreseeable, which contributes to disturb any fraudulent observation of the behavior of the security module.
- This random number can advantageously be generated in the security module according to one of the software methods described in American patents N ° 5,177,790 or 5,365,466.
- the authorized number of interrupted trials N RSA is composed of a fixed number to which is added a random number.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Business, Economics & Management (AREA)
- Computer Hardware Design (AREA)
- Microelectronics & Electronic Packaging (AREA)
- Computer Networks & Wireless Communication (AREA)
- Accounting & Taxation (AREA)
- Strategic Management (AREA)
- General Business, Economics & Management (AREA)
- Storage Device Security (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
Description
Claims
Priority Applications (5)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
JP10529680A JPH11505055A (en) | 1996-12-31 | 1997-12-23 | Security protection method for security module and related security module |
BR9707881A BR9707881A (en) | 1996-12-31 | 1997-12-23 | Process for securing a security module and associated security module |
EP97952982A EP0891587A1 (en) | 1996-12-31 | 1997-12-23 | Method for ensuring the safety of a security module, and related security module |
AU56683/98A AU5668398A (en) | 1996-12-31 | 1997-12-23 | Method for ensuring the safety of a security module, and related security mo dule |
NO983960A NO983960L (en) | 1996-12-31 | 1998-08-28 | Procedure for establishing the security of a security module, as well as its associated security module |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
FR96/16257 | 1996-12-31 | ||
FR9616257A FR2757972B1 (en) | 1996-12-31 | 1996-12-31 | METHOD FOR SECURING A SECURITY MODULE, AND RELATED SECURITY MODULE |
Related Child Applications (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US09125616 A-371-Of-International | 1998-08-21 | ||
US09/794,038 Continuation US20010010331A1 (en) | 1996-12-31 | 2001-02-28 | Process for protecting a security module, and associated security module |
Publications (1)
Publication Number | Publication Date |
---|---|
WO1998029813A1 true WO1998029813A1 (en) | 1998-07-09 |
Family
ID=9499336
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/FR1997/002389 WO1998029813A1 (en) | 1996-12-31 | 1997-12-23 | Method for ensuring the safety of a security module, and related security module |
Country Status (12)
Country | Link |
---|---|
EP (1) | EP0891587A1 (en) |
JP (1) | JPH11505055A (en) |
KR (1) | KR19990087418A (en) |
CN (1) | CN1212770A (en) |
AR (1) | AR009852A1 (en) |
AU (1) | AU5668398A (en) |
BR (1) | BR9707881A (en) |
CA (1) | CA2247475A1 (en) |
FR (1) | FR2757972B1 (en) |
NO (1) | NO983960L (en) |
TW (1) | TW405098B (en) |
WO (1) | WO1998029813A1 (en) |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
FR2891654A1 (en) * | 2005-10-05 | 2007-04-06 | Proton World Int Nv | Event counting method for e.g. kilometric counter of motor vehicle, involves arithmetically adding values contained in different words of memory cells to obtain counting result, and incrementing/decrementing one word |
WO2008084016A1 (en) * | 2007-01-05 | 2008-07-17 | Proton World International N.V. | Protection of information contained in an electronic circuit |
US8411504B2 (en) | 2007-01-05 | 2013-04-02 | Proton World International N.V. | Limitation of the access to a resource of an electronic circuit |
US9036414B2 (en) | 2007-01-05 | 2015-05-19 | Proton World International N.V. | Temporary locking of an electronic circuit to protect data contained in the electronic circuit |
Families Citing this family (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6289457B1 (en) * | 1998-07-17 | 2001-09-11 | Amdahl Corporation | Value data system having containers for theft deterrent repositories |
FR2793904B1 (en) * | 1999-05-21 | 2001-07-27 | St Microelectronics Sa | METHOD AND DEVICE FOR MANAGING AN ELECTRONIC CIRCUIT |
JP2003316263A (en) | 2002-04-19 | 2003-11-07 | Sony Corp | Arithmetic unit and operation method |
FR2857473B1 (en) | 2003-07-11 | 2005-09-16 | Oberthur Card Syst Sa | METHOD FOR SECURING THE EXECUTION OF A COMPUTER PROGRAM, IN PARTICULAR IN A MICROCIRCUIT BOARD |
EP1605333B1 (en) * | 2004-06-07 | 2008-12-10 | Proton World International N.V. | Program execution control |
EP1698958A1 (en) * | 2005-02-25 | 2006-09-06 | Axalto SA | Method for securing the writing in memory against radiation attacks or other attacks |
DE102010044687A1 (en) * | 2010-09-08 | 2012-03-08 | Giesecke & Devrient Gmbh | Portable data carrier with misoperation counter |
DE102010054446A1 (en) * | 2010-12-14 | 2012-06-14 | Giesecke & Devrient Gmbh | Portable data carrier with misoperation counter |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP0157303A2 (en) * | 1984-03-31 | 1985-10-09 | Kabushiki Kaisha Toshiba | Data processing device |
US4614861A (en) * | 1984-11-15 | 1986-09-30 | Intellicard International, Inc. | Unitary, self-contained card verification and validation system and method |
FR2674647A1 (en) * | 1991-03-29 | 1992-10-02 | Widmer Michel | Apparatus forming an electronic cheque-book for financial transactions and process for using such an apparatus |
US5282247A (en) * | 1992-11-12 | 1994-01-25 | Maxtor Corporation | Apparatus and method for providing data security in a computer system having removable memory |
EP0602867A1 (en) * | 1992-12-17 | 1994-06-22 | NCR International, Inc. | An apparatus for securing a system platform |
EP0657820A1 (en) * | 1993-12-08 | 1995-06-14 | Siemens Aktiengesellschaft | Method for preventing unauthorised data modification in an apparatus with a non-volatile memory |
-
1996
- 1996-12-31 FR FR9616257A patent/FR2757972B1/en not_active Expired - Fee Related
-
1997
- 1997-12-23 WO PCT/FR1997/002389 patent/WO1998029813A1/en not_active Application Discontinuation
- 1997-12-23 EP EP97952982A patent/EP0891587A1/en not_active Withdrawn
- 1997-12-23 JP JP10529680A patent/JPH11505055A/en active Pending
- 1997-12-23 KR KR1019980706836A patent/KR19990087418A/en not_active Application Discontinuation
- 1997-12-23 AU AU56683/98A patent/AU5668398A/en not_active Abandoned
- 1997-12-23 CN CN97192699A patent/CN1212770A/en active Pending
- 1997-12-23 CA CA002247475A patent/CA2247475A1/en not_active Abandoned
- 1997-12-23 BR BR9707881A patent/BR9707881A/en unknown
- 1997-12-29 TW TW086119900A patent/TW405098B/en not_active IP Right Cessation
- 1997-12-30 AR ARP970106244A patent/AR009852A1/en unknown
-
1998
- 1998-08-28 NO NO983960A patent/NO983960L/en not_active Application Discontinuation
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP0157303A2 (en) * | 1984-03-31 | 1985-10-09 | Kabushiki Kaisha Toshiba | Data processing device |
US4614861A (en) * | 1984-11-15 | 1986-09-30 | Intellicard International, Inc. | Unitary, self-contained card verification and validation system and method |
FR2674647A1 (en) * | 1991-03-29 | 1992-10-02 | Widmer Michel | Apparatus forming an electronic cheque-book for financial transactions and process for using such an apparatus |
US5282247A (en) * | 1992-11-12 | 1994-01-25 | Maxtor Corporation | Apparatus and method for providing data security in a computer system having removable memory |
EP0602867A1 (en) * | 1992-12-17 | 1994-06-22 | NCR International, Inc. | An apparatus for securing a system platform |
EP0657820A1 (en) * | 1993-12-08 | 1995-06-14 | Siemens Aktiengesellschaft | Method for preventing unauthorised data modification in an apparatus with a non-volatile memory |
Cited By (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
FR2891654A1 (en) * | 2005-10-05 | 2007-04-06 | Proton World Int Nv | Event counting method for e.g. kilometric counter of motor vehicle, involves arithmetically adding values contained in different words of memory cells to obtain counting result, and incrementing/decrementing one word |
WO2007039629A1 (en) * | 2005-10-05 | 2007-04-12 | Proton World International N.V. | Event counter |
US8122079B2 (en) | 2005-10-05 | 2012-02-21 | Proton World International N.V. | Event counter |
WO2008084016A1 (en) * | 2007-01-05 | 2008-07-17 | Proton World International N.V. | Protection of information contained in an electronic circuit |
US8411504B2 (en) | 2007-01-05 | 2013-04-02 | Proton World International N.V. | Limitation of the access to a resource of an electronic circuit |
US8566931B2 (en) | 2007-01-05 | 2013-10-22 | Proton World International N.V. | Protection of information contained in an electronic circuit |
US9036414B2 (en) | 2007-01-05 | 2015-05-19 | Proton World International N.V. | Temporary locking of an electronic circuit to protect data contained in the electronic circuit |
Also Published As
Publication number | Publication date |
---|---|
CA2247475A1 (en) | 1998-07-09 |
BR9707881A (en) | 1999-07-27 |
KR19990087418A (en) | 1999-12-27 |
AU5668398A (en) | 1998-07-31 |
TW405098B (en) | 2000-09-11 |
AR009852A1 (en) | 2000-05-03 |
EP0891587A1 (en) | 1999-01-20 |
CN1212770A (en) | 1999-03-31 |
FR2757972A1 (en) | 1998-07-03 |
JPH11505055A (en) | 1999-05-11 |
NO983960D0 (en) | 1998-08-28 |
FR2757972B1 (en) | 1999-02-19 |
NO983960L (en) | 1998-08-28 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
EP0507669B1 (en) | Method for electronic payment with an IC-card provided with numbered tokens; and card to implement this method | |
EP0707290B1 (en) | Method and apparatus for loading a protected memory zone in data processing equipment | |
EP0426541B1 (en) | Method of protection against fraudulent use of a microprocessor card and device for its application | |
CA2144124C (en) | Process and device for authentifying a data medium used to authorize a transaction or to authorize access to a service or a location, and related medium | |
EP1766588B1 (en) | Security module component | |
EP0914640A1 (en) | Method for storing and operating sensitive information in a security module, and associated security module | |
EP0617819B1 (en) | Device for intervention on a terminal delivering goods or services | |
CA2046289C (en) | Method for generating random numbers in a data processing system and system using said method | |
EP0425053A1 (en) | Data processing system having memory card authenticating means, electronic circuit for use in that system and method for using this authentication | |
FR2666671A1 (en) | METHOD FOR MANAGING AN APPLICATION PROGRAM LOADED IN A MICROCIRCUIT MEDIUM. | |
EP1605333B1 (en) | Program execution control | |
WO1998029813A1 (en) | Method for ensuring the safety of a security module, and related security module | |
EP3455812B1 (en) | Method for securing an electronic device, and corresponding electronic device | |
EP1055203B1 (en) | Protocol between an electronic key and a lock | |
EP0670561A1 (en) | Operating method of an IC-card | |
WO1998028719A1 (en) | Method for secure transfer of data by a communication network | |
EP1316874B1 (en) | Freezing of functioning in an integrated circuit | |
EP3234848B1 (en) | Method of dispatching an item of security information and electronic device able to implement such a method | |
US20010010331A1 (en) | Process for protecting a security module, and associated security module | |
EP1609326B1 (en) | Method of protecting a mobile-telephone-type telecommunication terminal | |
WO2002073552A1 (en) | Verification of access compliance of subjects with objects in a data processing system with a security policy | |
EP0910839B1 (en) | Method for safely storing credit units in a smart card and monetary transaction system using same | |
WO2004093019A1 (en) | Electronic entity secured by a modifiable counter for the uses of classified data | |
WO2016097637A1 (en) | Method of securing a pin code with error counters in a chip card | |
FR2789774A1 (en) | Security module for secure comparison of an authentication code with one stored in memory has additional auxiliary registers in which randomly chosen data words are placed for use in authenticating the code in the main registers |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
WWE | Wipo information: entry into national phase |
Ref document number: 97192699.9 Country of ref document: CN |
|
AK | Designated states |
Kind code of ref document: A1 Designated state(s): AU BR CA CN JP KR NO SG US |
|
AL | Designated countries for regional patents |
Kind code of ref document: A1 Designated state(s): AT BE CH DE DK ES FI FR GB GR IE IT LU MC NL PT SE |
|
WWE | Wipo information: entry into national phase |
Ref document number: 1997952982 Country of ref document: EP |
|
ENP | Entry into the national phase |
Ref document number: 2247475 Country of ref document: CA Ref document number: 2247475 Country of ref document: CA Kind code of ref document: A |
|
WWE | Wipo information: entry into national phase |
Ref document number: 09125616 Country of ref document: US |
|
ENP | Entry into the national phase |
Ref document number: 1998 529680 Country of ref document: JP Kind code of ref document: A |
|
WWE | Wipo information: entry into national phase |
Ref document number: 1019980706836 Country of ref document: KR |
|
WWE | Wipo information: entry into national phase |
Ref document number: 56683/98 Country of ref document: AU |
|
121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
WWP | Wipo information: published in national office |
Ref document number: 1997952982 Country of ref document: EP |
|
WWP | Wipo information: published in national office |
Ref document number: 1019980706836 Country of ref document: KR |
|
WWW | Wipo information: withdrawn in national office |
Ref document number: 1997952982 Country of ref document: EP |
|
WWW | Wipo information: withdrawn in national office |
Ref document number: 1019980706836 Country of ref document: KR |