WO1999041715A1 - Portable object such as a card with microcircuit comprising means for monitoring commands applied thereto - Google Patents
Portable object such as a card with microcircuit comprising means for monitoring commands applied thereto Download PDFInfo
- Publication number
- WO1999041715A1 WO1999041715A1 PCT/FR1999/000310 FR9900310W WO9941715A1 WO 1999041715 A1 WO1999041715 A1 WO 1999041715A1 FR 9900310 W FR9900310 W FR 9900310W WO 9941715 A1 WO9941715 A1 WO 9941715A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- microcircuit
- portable object
- outside
- commands
- clk
- Prior art date
Links
Classifications
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F7/00—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
- G07F7/08—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
- G07F7/10—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
- G07F7/1008—Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/34—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
- G06Q20/341—Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F7/00—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
- G07F7/08—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
- G07F7/0806—Details of the card
- G07F7/0813—Specific details related to card security
- G07F7/082—Features insuring the integrity of the data on or in the card
Definitions
- Portable object of the microcircuit card type comprising means for supervising the commands applied to it
- the invention relates to securing portable objects of the microcircuit card type.
- the invention relates to certain attacks aimed at defeating the protection conferred by card inhibitor circuits, for example circuits preventing the reading of a confidential code, an encryption key, etc. or any other sensitive information stored in the memory of the microcircuit and normally inaccessible to reading from the outside.
- the invention proposes to equip the portable object, which comprises an interface receiving signals representing commands from the outside. applied to the microcircuit, on the one hand, and signals representative of information to be processed by the microcircuit, on the other hand, means for supervising during a given period of time the application from the outside of at least one of the commands, these means being capable of detecting an abnormally repeated application of this command or of these commands with respect to a predefined criterion and of selectively inhibiting, as a function of this detection, the processing by the microcircuit of the information received .
- the supervised command includes the reset signal and / or the clock signal
- - Said given period of time is the period of time between a power-up and a subsequent power-down of the portable object
- the supervision means include means for counting successive applications of the command, said predefined criterion being the exceeding of a given account value;
- the supervision means comprise, for selectively inhibiting the processing by the microcircuit of the information received, means forming a gate controlling the transmission to the microcircuit of at least one of the commands and / or information received from the outside;
- the door means control the transmission to the microcir cooked clock signal received from outside;
- the supervision means also include means for evaluating the level of the supply voltage applied from the outside to the portable object and for inhibiting the processing by the microcircuit of the information received when this level goes out of a range of predetermined nominal voltage;
- the supervision means are supplied from the outside by means of own regulating means, ensuring the functioning of these supervision means even when the level of the supply voltage applied from the outside leaves a voltage range nominal predetermined.
- the reference 10 designates a microcircuit card, which is here of the type with galvanic contacts, that is to say comprising a series of contacts 12 making it possible to apply various commands and information to the microcircuit 14 incorporated in this card. to be processed, and to receive information from it after processing.
- the various contacts can in particular be the VCC power supply, GND ground, I / O data input / output, CLK clock, and RST reset contacts according to ISO 7816-3, to which reference may be made for further details concerning the function of each of these contacts.
- the starting point of the invention is the observation that, in most attacks comprising large quantities of cryptographic type tests, these sequences are separated by reset commands from the microcircuit 14, and that too many high of reset orders during the same session is abnormal wrong, presumably indicative of an attempted intrusion into protected areas of the microcircuit's memory.
- the card typically comprises circuits for supervising the application of commands during a given session. These circuits can be either distinct from the microcircuit 14 and therefore interposed between the latter and the series of contacts 12, as illustrated in the figure, or incorporated into the microcircuit 14 proper, preferably in the form of hardware dedicated circuits.
- the circuits of the invention comprise a first counter 16 receiving on its input 18 the signals applied to the reset RST input of the chip.
- the output 20 of this counter commands the closing of a door 22 when a given setpoint is exceeded, for example 10 RST reset pulses during the same session, situation revealing a priori dialogue aberrant and probably indicative of an attempt to violate memory inhibitor circuits.
- Gate 22 is for example interposed on the clock conductor
- the counter 16 is initially reset to zero by a circuit 24 generating, by detection of the application of a voltage on the supply input VCC, a signal 'TRUE' once and only once during the same session .
- the circuits which have just been described are supplied by an own regulator circuit 32.
- This regulator produces and distributes a local supply voltage V CCL0C substantially constant for a very wide range of supply voltages applied to the contact VCC , even and above all when the applied voltage leaves the predetermined nominal range for VCC, typically 4.5 to 5.5 V for cards operating at 5 V, and 2.1 to 3.3 V for cards operating at 3 V , values corresponding to "normal operating conditions" according to ISO 7816-3.
- the regulator circuit 32 produces two voltage references V M and V m (for example 5.5 V and 2.5 V) applied to two respective comparators 34, 36, the other input of which receives the supply voltage applied from the outside to the VCC terminal. If the voltage on VCC leaves the range [V m , V M ], the comparators 34, 36 force the output of a door 38 to 'TRUE' allowing the general entry door 22 to be closed via an additional inverting input. mentary of the latter.
- the counting of critical events is carried out with recording in a permanent memory (of the EEPROM or flash type).
- counting the clock cycles requires counting only the significant submultiples of the frequency, for example 10 or 10 ⁇ 8 .
- counting will take place by firmware ("firmware"), according to a model such as the following, expressed in metalanguage: 1 °) Sequence to be inserted in the Vector Reset of the microprocessor (this vector indicates where the ordinal counter must point in the event of a "reset” on hardware interruption, ie an unconditional reset corresponding to the lowest level of masking): 6 inc EEPROM (O); Reset counter if EEPROM (O)> 1000 then END
- TIM real time (in seconds, from Power On);
Landscapes
- Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- Business, Economics & Management (AREA)
- Computer Security & Cryptography (AREA)
- Microelectronics & Electronic Packaging (AREA)
- Computer Networks & Wireless Communication (AREA)
- Accounting & Taxation (AREA)
- Strategic Management (AREA)
- General Business, Economics & Management (AREA)
- Theoretical Computer Science (AREA)
- Storage Device Security (AREA)
- Lock And Its Accessories (AREA)
Abstract
Description
Claims
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
JP2000531817A JP2002503857A (en) | 1998-02-13 | 1999-02-11 | A portable object such as a card with a microcircuit for monitoring applied commands |
EP99903737A EP1055206A1 (en) | 1998-02-13 | 1999-02-11 | Portable object such as a card with microcircuit comprising means for monitoring commands applied thereto |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
FR9801789A FR2775090B1 (en) | 1998-02-13 | 1998-02-13 | PORTABLE OBJECT OF THE MICROCIRCUIT CARD TYPE COMPRISING MEANS OF SUPERVISING THE ORDERS THAT ARE APPLIED TO IT |
FR98/01789 | 1998-02-13 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO1999041715A1 true WO1999041715A1 (en) | 1999-08-19 |
Family
ID=9522973
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/FR1999/000310 WO1999041715A1 (en) | 1998-02-13 | 1999-02-11 | Portable object such as a card with microcircuit comprising means for monitoring commands applied thereto |
Country Status (4)
Country | Link |
---|---|
EP (1) | EP1055206A1 (en) |
JP (1) | JP2002503857A (en) |
FR (1) | FR2775090B1 (en) |
WO (1) | WO1999041715A1 (en) |
Families Citing this family (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP4439711B2 (en) * | 2000-10-19 | 2010-03-24 | Necエレクトロニクス株式会社 | Data processing apparatus and system |
FR2833737B1 (en) * | 2001-12-13 | 2004-04-02 | Canal Plus Technologies | COMBATING THE FRAUDULENT REPRODUCTION OF CHIP CARDS AND THE READING TERMINALS OF THESE CARDS |
EP1862952A1 (en) * | 2006-05-30 | 2007-12-05 | Axalto SA | Secure electronic device |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP0321728A1 (en) * | 1987-12-17 | 1989-06-28 | Siemens Aktiengesellschaft | Method and data carrier assembly for validating memory chips |
US4916333A (en) * | 1987-07-10 | 1990-04-10 | Sgs Thomson Microelectronics Sa | Binary logic level electrical detector namely to prevent the detection of secret codes contained in a memory card |
US4985921A (en) * | 1988-04-11 | 1991-01-15 | Spa Syspatronic Ag | Portable data carrying device |
US5097146A (en) * | 1987-04-03 | 1992-03-17 | Sgs Thomson-Microelectronics Sa | Circuit for detecting high voltage level in mos technology |
US5131091A (en) * | 1988-05-25 | 1992-07-14 | Mitsubishi Denki Kabushiki Kaisha | Memory card including copy protection |
US5550919A (en) * | 1993-05-26 | 1996-08-27 | Gemplus Card International | Method and device for limiting the number of authentication operations of a chip card chip |
-
1998
- 1998-02-13 FR FR9801789A patent/FR2775090B1/en not_active Expired - Fee Related
-
1999
- 1999-02-11 JP JP2000531817A patent/JP2002503857A/en active Pending
- 1999-02-11 EP EP99903737A patent/EP1055206A1/en not_active Withdrawn
- 1999-02-11 WO PCT/FR1999/000310 patent/WO1999041715A1/en not_active Application Discontinuation
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5097146A (en) * | 1987-04-03 | 1992-03-17 | Sgs Thomson-Microelectronics Sa | Circuit for detecting high voltage level in mos technology |
US4916333A (en) * | 1987-07-10 | 1990-04-10 | Sgs Thomson Microelectronics Sa | Binary logic level electrical detector namely to prevent the detection of secret codes contained in a memory card |
EP0321728A1 (en) * | 1987-12-17 | 1989-06-28 | Siemens Aktiengesellschaft | Method and data carrier assembly for validating memory chips |
US4985921A (en) * | 1988-04-11 | 1991-01-15 | Spa Syspatronic Ag | Portable data carrying device |
US5131091A (en) * | 1988-05-25 | 1992-07-14 | Mitsubishi Denki Kabushiki Kaisha | Memory card including copy protection |
US5550919A (en) * | 1993-05-26 | 1996-08-27 | Gemplus Card International | Method and device for limiting the number of authentication operations of a chip card chip |
Also Published As
Publication number | Publication date |
---|---|
FR2775090A1 (en) | 1999-08-20 |
JP2002503857A (en) | 2002-02-05 |
FR2775090B1 (en) | 2000-12-29 |
EP1055206A1 (en) | 2000-11-29 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US8577034B2 (en) | Method and device for protecting a reading device for card-shaped data carriers from unauthorized evaluation or copying of magnetically encoded data of an inserted card-shaped data carrier | |
US5351303A (en) | Infra-red imaging and pattern recognition system | |
EP0481881A1 (en) | Integrated circuit with improved security access | |
WO2004057519A1 (en) | Securing device for a security module connector | |
FR2776410A1 (en) | Device to protect microprocessor card against fraudulent analysis of operations performed by measuring current consumed | |
FR2916560A1 (en) | CRYPTOPROCESSOR WITH ENHANCED DATA PROTECTION | |
US4901057A (en) | Device for securing a combination dial lock | |
FR2606530A1 (en) | INTEGRATED CIRCUIT FOR MEMORIZING AND PROCESSING CONFIDENTIALLY INFORMATION WITH AN ANTI-FRAUD DEVICE | |
EP0426544B1 (en) | Method of protection against inhibition of non-authorised writing over specific memory zone of a microprocessor card and device for application | |
EP3422260A1 (en) | Detection of manipulation with chip cards | |
EP1459250A1 (en) | Non-contact portable object comprising at least a peripheral device connected to the same antenna as the chip | |
FR2843466A1 (en) | METHOD FOR PREVENTING FALSIFICATION OF A DATA PROCESSING SYSTEM, AND SYSTEM | |
JP2006229667A (en) | Tamper-resistant device, and tamper-resistant method | |
WO1999041715A1 (en) | Portable object such as a card with microcircuit comprising means for monitoring commands applied thereto | |
US6489890B1 (en) | Security device | |
FR2819070A1 (en) | METHOD AND DEVICE FOR PROTECTING THE HACKING OF INTEGRATED CIRCUITS | |
FR2728369A1 (en) | METHOD AND DEVICE FOR INCREASING THE SECURITY OF AN INTEGRATED CIRCUIT | |
EP1793322A1 (en) | Adaptable security module | |
US6388574B1 (en) | Optical chassis intrusion detection with power on or off | |
US7461246B2 (en) | First-time startup device warranty user interface notification | |
GB2277183A (en) | Security device | |
EP1227329A1 (en) | Poor powersupply connection detector circuit | |
US20220108591A1 (en) | ATM Frauds Detection by Machine Learning System: SentryWare and SentryManager | |
FR2664724A1 (en) | ELECTRICAL CONNECTOR FOR A CARD CONTAINING AN ELECTRONIC CIRCUIT AND FRAUD DETECTION DEVICE USING THE SAME. | |
US6513639B1 (en) | Coin acceptor security apparatus |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AK | Designated states |
Kind code of ref document: A1 Designated state(s): JP US |
|
AL | Designated countries for regional patents |
Kind code of ref document: A1 Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE |
|
121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
DFPE | Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101) | ||
WWE | Wipo information: entry into national phase |
Ref document number: 1999903737 Country of ref document: EP |
|
WWE | Wipo information: entry into national phase |
Ref document number: 09622011 Country of ref document: US |
|
WWP | Wipo information: published in national office |
Ref document number: 1999903737 Country of ref document: EP |
|
WWW | Wipo information: withdrawn in national office |
Ref document number: 1999903737 Country of ref document: EP |