WO2001053915A1 - Security system involving creation and auto-burning of a digital signature in an electronic device and intelligent token device - Google Patents
Security system involving creation and auto-burning of a digital signature in an electronic device and intelligent token deviceInfo
- Publication number
- WO2001053915A1 WO2001053915A1 PCT/IB2000/001846 IB0001846W WO0153915A1 WO 2001053915 A1 WO2001053915 A1 WO 2001053915A1 IB 0001846 W IB0001846 W IB 0001846W WO 0153915 A1 WO0153915 A1 WO 0153915A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- electronic device
- memory
- digital signature
- data
- microprocessor
- Prior art date
Links
Classifications
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F7/00—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
- G07F7/08—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
- G07F7/10—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
- G07F7/1008—Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/34—User authentication involving the use of external additional devices, e.g. dongles or smart cards
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/34—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
- G06Q20/341—Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/34—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
- G06Q20/346—Cards serving only as information carrier of service
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/34—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
- G06Q20/355—Personalisation of cards for use
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/409—Device specific authentication in transaction processing
- G06Q20/4097—Device specific authentication in transaction processing using mutual authentication between devices and transaction partners
Definitions
- the piesent invention pertains generally to security systems for electronic devices containing a macoprocessor with non-volatile, programmable memory More specifically, the piesent invention pertains to a process and apparatus for automatically creating and burning a digital signature (auto- burning) to the memory means of a microprocessor of an electronic device and the memory means of an intelligent token device such as a smart card This invention can be used to restrict the use of an eiectionic device, and deter its theft
- a piobiem faced by the users of such electronic devices is that of then use by unauthorized persons 01 their theft As these electronic devices become smaller, increasingl) sophisticated and more customizable, this piobiem is becoming moie of an issue It is now not uncommon to find electronic de ⁇ ices that contain microprocessors w ith integrated flash memoi v At the same time, intelligent token de ⁇ ice technology such as smart cards and IC buttons has advanced to the le ⁇ el where these token de ⁇ ⁇ ces now can contain multiple forms of memory such as RAM and ROM and croprocessois capable of performing advanced algorithms
- the pi esent invention l elates to a method foi contiolhng access to. and dete ⁇ mg the theft ot electronic devices that contain a microprocessor and non-volatile, electncallv erasable and piogrammable memoiv that utilizes these advances in electronic devices and smart cards thiough the auto-bui ng ot a digital signatuie into said memorv and the memoiy means ot a smart card
- the p ⁇ marv objective of the piesent invention is to piovide a means bv which the microprocessor oi an electronic device and the cropiocessoi ot an intelligent token de ⁇ ⁇ ce can be automatical l ⁇ burned w ith a unique digital signatui e w ithout usei intervention or special external devices once the "seed data toi the digital signatui e has been inputted bv the usei
- ect ⁇ e is to pi
- the p ⁇ oi art contains inventions that hav e been advanced to address the problem of unauthorized usage 01 theft of eiectionic devices
- none of the known art allow s foi the creation of unique digital signatuies fiom peisonal information inputted by the user and the auto-burning of these digital signatuies to both the intelligent token device and the electronic device 'in the field' as does the present invention
- This invention employs a smart caid w ith protected and unprotected " EEPROM memory with a certificate and caid serial number stored in said unprotected memory Using a seciet encryption key, this information is encrypted and the resultant user key is used to access the protected ai ea of the EEPROM memory
- the focus of this invention is on the smart cai d and its validation to pei form ti ansactions l athei than securing the host electronic device
- the present inv ention ovei comes or at the least ameliorates the limitations of the pnoi art bv providing a means foi contiolhng access to an eiectionic device which contain a micropiocessor with flash memory by embedding or "burning' a digital signatuie in said memoiv and to the memorv means of an intelligent token dev ice
- the functionality of said electronic dev ice is disabled unless a smart card with a matching digital signatuie is inserted in an intelligent token dev ice reader/writer that is connected to the micropiocessor of said dev ice
- the digital signature embedded in the eiectionic dev ice provides a means foi secui mg said device from unauthorized use
- the appaiatus of the piesent invention which constitute modifications to the original" design of an electronic device
- One such modification includes a means for automatically burning said digital signature to the memory of the eiectionic device and the memory of the intelligent token dev ice
- Said auto-burning means consists of a progi amming voltage supply means (VPP) that is connected [electrically coupled] to a voltage switching means (analog sw itch) which is connected to the VPP pin of the macopiocessoi of the electronic device and an input/output (10) pin of an intelligent token dev ice reader/writer
- Said eiecti onic device croprocessoi contains a multiplicity of 10 ports and a leset line that are electrically connected to the intelligent token device leader/writer Said microprocessoi is also connected to a v olatile memory means, such as static RAM, thiough an addi ess and data BUS
- a smart card power supplv means means foi pi ovidmg the co ⁇ ect timing sequence foi the micropiocessoi v oltage checking means, and a multiplicity of input/output lines Said multiplicity of I/O lines piovides foi an inci ease in the speed of data ti ansfer and also piov ides the capability to enable or disable individual components of an electronic device
- the first function of the present invention is to create and write said digital signature to the device
- a bootstrap program is provided by the croprocessoi manufacturei that allows the writing or burning of data to the flash memory
- This pi ogram can be incoi porated into the application softvvaie of the electronic device by the device s manufacturei
- the majority of bootstrap progi ams are run from the internal RAM of the microprocessor Consequently said bootstrap progiam can be loaded into the internal RAM of the mac oprocessoi and w ith the intervention of the smart card be used to progi am oi reprogi am the flash memoiv - including the riting of a digital signatui e and othei secui ity l elated data
- This initial set up of the system first involv es entering unique, personal information through a data input means such as a key pad oi keyboard that is connected to one of the 10 ports of the microprocessor of said electronic device
- a data output means such as a monitor or LCD screen is used to provide monitoring of the data input procedure
- This personal identification data is transferred to the smart card inserted in the smart caid reader/ riter and thi ough the use of a multiplicity of algorithms, a digital signatui e array which comprises a hash number, prime numbei , exponent encryption key and check sum is geneiated fiom said personal data
- This digital signatuie a ⁇ av is encry pted and encoded and sent to the eiectionic device whei e it is decoded, decrypted and stored in the static RAM From heie it is 'auto-burned to the flash memoiy of the electronic device
- the auto-buining pioceduie fu st loads the bootstrap program to the internal RAM of the electronic device, and then turns on the VPP (piogramm g) line by sending the correct VPP voltage to the analog switch connected to said VPP line
- This authentication procedure involves the sending of the digital signature stored in the microprocessor of the electronic device to the smart card
- An electronic device digital signature Test Number (T ) and Witness Numbei (t) are also sent for the operation of the digital signatui e compai ison algorithm
- FIG 1 is a block diagram of the implementation of this invention in an eiectionic device accoiding to one embodiment of the invention
- FIG 2 is a simplified memory map for the second me oiy of the electronic dev ice
- FIG 3 A is a flow chart that sets forth the initiation of the digital signature authentication procedure as it occurs in the electronic device
- FIG 3B is a portion of a flow chart that shows the first steps of the digital signature creation process as it occurs in the electronic device
- FIGS 3C and 3D together compnse a portion of a flow chart that show the continuation of the digital signature creation and auto-burning procedure, as it occurs in the smart card
- FIGS 3E and 3F together compnse a portion of a flow chart that show the continuation of the auto-burning process in both the eiectionic device and smart caid after the creation of the digital signature bv said smart card
- FIGS 3G 3H and 31 together comprise a portion of a flow chart that show the digital signature authentication proceeduie as it occurs in both the electronic device and smart card
- the piesent in ention provides a method and apparatus for creating a digital signature from personal identification data inputted by a user and auto-burning said digital signatuie to any electronic device hav ing a cropiocessoi w ith non-volatile repiogrammable (flash) memory and the memorv of an intelligent token dev ice (containing a microprocessoi ) and lequiring that the digital signatures of these two dev ices match befoi e the eiectionic device is allowed to operate, thereby preventing the unauthorized operation of said electronic dev ice
- Figure 1 is a simplified block diagram that shows one embodiment of the pi esent inv ention as it is applied to an electronic device 101
- the basic apparatus consists of several components connected to the microprocessor 103 of the electronic device 101 containing said invention and a portable intelligent token device such as a smart caid Said microopiocessor 103 comprises moie than one input/output (10) port 105
- the first memorv means is volatile internal memory
- the preferred first memorv means is internal random access memorv (RAM) although one skilled in the art can readily see that other components that perform a similar function may be substituted w ithout materially changing the scope oi spirit of the inv ention
- the second memory means is non-v olatile and electrically erasable and repiogiammable
- Figure 2 show s a simplified memoiy map of said second memorv
- said second memorv means is divided into a multiplicity of data areas
- a fu st ai ea 201 is piovided foi softwai e that includes the device specific application softw i e 203 dev eloped bv the manufactui ei of the electronic device
- This software includes a bootstrap program 205 that is provided by the manufacturer of the microprocessor to the electronic device manufactuier Said bootstiap progiam 205 enables the programming or burning of the croprocessor flash memory
- said first area of said second memoiy contains the interface software foi input/output devices 207 that the eiectionic equipment manufacturer provides for the reading or writing data to the eiectionic device
- a second area 209 in said second memory contains a lookup table Space is set aside in said second area foi a data an ay which can hold data such as hash numbers or a digital signature 213 input by the intelligent token device in addition to information concerning the array specifications 21 ] such as size and beginning and ending addiesses
- Said second area in said second memoiy also contains checksum data 217 for the data in the data array
- Said checksum data consists of two checksum figures - a direct checksum made up of moi e than one bvte of data and an lndnect or complementary checksum also more than one byte in size Space in said second aiea of the second memoiy means is also set aside for an old encryption key and a new encryption key 215
- the piefe ⁇ ed second memory means is flash memory although one skilled in the ait can readily see that other components that peiform a similai function may be substituted without materiallv changing the scope or spirit of the invention
- a thud memory means 110 which consists of volatile memory
- Said third memorv means functions as a static data buffei that can tempoia ⁇ lv store data from said microprocessor s first and second memories for the purpose of reprogramming said first and second memories
- This reprogramming is controlled bv the previously described bootstrap program 205 that is piovided bv the manufacturei of the electronic dev ice s microprocessor
- the prefe ⁇ ed third memory means is static RAM although one skilled in the art can readily see that other components that perform a similai function may be substituted without materially changing the scope or spirit of the invention
- a means for transferring data to and from said electronic device and said intelligent token dev ice This is piovided through the addition of a software interface for data tiansfeis between the electronic dev ice s macopiocessoi and the smart caid
- the prefeired first encryption algorithm is the IDEA algoi ithm although one skilled in the art can readily see that readily see that other algonthms that pei form a similar function may be substituted without materially changing the scope or spirit of the invention
- the apparatus of the present invention provides a means for transferring data between the electronic device microprocessoi 103 and the intelligent token device microprocessor
- said means foi transferring data is an intelligent token dev ice reader/wi itei 111
- Said intelligent token device readei/w ⁇ tei 111 is electrically connected to a voltage switching means 113, and said voltage switching means is connected to the VPP port 109 of the electronic device microprocessor 103
- Said intelligent token device l eadei/wntei 111 contains a multiplicity of pins, including pins for Reset 115, VCC 117.
- VCC powei supply 127 with said pow er supply connected to the intelligent token dev ice l eadei/wnter VCC pin 117 through a VCC line 129
- This power supply 127 prov ides the appiop ⁇ ate operating power to the VCC pm 117 of the intelligent token device reader/w ⁇ tei 111
- the preferred voltage checking means is a watch dog integrated circuit although one skilled in the art can readily see that other components that perform a similar function may be substituted without matei iallv changing the scope or spirit of the ⁇ n ⁇ ention
- This watch dog circuit functions as a security circuit for the VCC of the intelligent token device reader/wi itei If for any reason, the voltage of said VCC line is not prope
- the prefen ed means foi piov idmg the co ⁇ ect timing sequence is a clock geneiator ith a ci v stal conti oiled oscillatoi although one skilled in the art can readily see that other components that perform a similar function may be substituted without matei iallv changing the scope or spit it of the invention
- a means in the electronic device for the user to enter personal identification data for use in the creation of the digital signature This is provided bv a line 139 connected to a external dev ice connecting means 141 and an additional 10 port in the microprocessor of the electronic device that allows connection to an external data input/output device 143 such as a keypad keyboard, RS-232, RS- 4XX TCP/IP, LCD monitor or other data entry and data display means
- the apparatus of the present invention also includes a means for automatically burning (auto-burnmg) a ne lv created digital signature to the memoiy of the electronic device and the memoiy of the intelligent token dev ice
- This auto-buimng means consists of the following
- a first VPP line 146 connects the VPP port 109 of the electronic device microprocessor 103 to a voltage switching means 113 that allow s a sw itch between two diffeient opei ating voltages
- a second VPP line 148 connects said voltage switching means 113 and an 10 pin 145 of the intelligent token device reader/writer 111
- Electrically connected to the voltage switching means 113 is a programming power supply means 147 that provides the voltage necessary to program the flash memory of the electronic device s micropiocessor
- Such a voltage switching means is commonly referred to as an analog switch and may be implemented through the use of an integrated circuit (IC) or transistor Said voltage switching means enables the piesent invention to switch between a programming line
- the pi efe ⁇ ed intelligent token device for the piesent invention typically contains a microprocessor and more than one memory means
- this plurality of memory means comprises a fourth memoiy means that is internal RAM (random access memory), a fifth memory means - that typically is onboard ROM (read only memory), and a sixth memory means that is typically EEPROM (electrically erasable and programmable read only memory)
- the preferred intelligent token device is a smart caid that is compatible with ISO standaid 7816 although one skilled in the art would leadily lecog ze that other devices with similar capabilities may be substituted without mateiiallv modifying the scope oi spirit of this invention
- Pi e-piogi ammed in said fifth memory are the software means that contiol the cieation of the digital signature and the auto-burning procedure Said fifth memoiy also has stored in it a multiplicity of algorithms Said multiplicity of algorithms consists of algorithms for checking for errors aftei the transmission of data a first encryption means foi protecting data during transmission between the smart card and the electronic device, a second encryption means foi ci eating a hash number, as well as algorithms for check sum calculation, prime number cieation key generation, cieation of a prime number exponent, and for determining the authenticity of one digital signature as compared to another
- the preferred transmission error checking algorithm is Reed-Solomon although one skilled in the art would leadily recognize that othei algorithms with similai capabilities may be substituted without materially modifying the scope or spirit of this invention
- the pi ef erred first encryption algorithm for piotectmg data during transmission between the smart caid and the electronic device is the IDEA algorithm although one skilled
- the sixth memory means is divided into a multiplicity of data areas Said data areas include ones for the storage of a hash number created through the application of an encryption algorithm to the personal information inputted by the usei of the present invention, prime number (N) generated from said hash numbei.
- exponent (v) also generated from said hash number the starting and ending addresses for the lookup table that is stored in the second memoiy means of the electronic device, the check sum value(s) for the digital signature, an 'old and new encryption key foi use by the encryption algoi ithm stored in the fifth memorv means lookup table consisting of all prime numbers between 2 and 256 and all numbers from 10 million to 200 million in increments of 10 million, and a scratch memoiy buffer for the temporaiy storage of data Pi e-pi ogrammed in said sixth memoiy of the smart card, before the digital signature is pioduced foi the fu st time is an "old" enci yption key for the initial set up of the piesent invention
- the same encryption key is pre-programmed in the second memory means of the electronic device that utilizes the piesent invention
- Figure 3A shows the initiation of the digital signature authentication proceeduie as it occuis in the electronic device
- the application softwai e stored in the second memory means of the microprocessor of the electronic dev ice is implemented 303 Wntten into the beginning of said application softwaie by the electronic dev ice s manufacturei is a check to see if thei e is inserted in the smart caid i eader/w ⁇ ter I l i a valid smart caid 305 It there is not a valid smart card inserted in said l eader/w ⁇ ter.
- the start up procedure is terminated 307 and the electronic device microprocessor 103 leset If a valid smart caid in inserted in the reader/writer, a jump command is issued 309 which causes a lump to the area set aside for the starting address and ending address of a digital signature in the look up table of said second memory to check for the presence of a digital signature This check is performed through the calculation of the check sum 311, both direct and complement, for said digital signature aiea
- a result that the check sum value is incorrect indicates that eithei the data stoied in said digital signature area contains some enoi . or that said area is empty
- the digital signatuie area is checked for the presence of any data 315 If it is empty then a procedure is implemented to create a digital signatuie and automatically burn it to the second memorv of the eiectionic dev ice's microprocessoi 103
- FIG. 3B shows the first steps of the digital signatuie creation process as it occurs in the electronic device
- the first step in this process is the sending of a command by the application software of the micropiocessor of the electronic device to the smart card to initiate the digital signature creation and auto burning process 317 Once said process is initiated by the smart card micropiocessoi .
- the next step is the enteung of personal data 319, thiough a data input/output means 143 that is connected to the electronic device ' s microprocessor 103, by the user of said electronic device through the data 10 line 139
- the prefe ⁇ ed data input device is a keyboard although one skilled in the ait can readily see that othei devices that perform a similar function may be substituted without matei iallv changing the scope or spint of the invention
- the preferred data output device is a monitor although one skilled in the art can readily see that other devices that perform a similar function may be substituted without materially changing the scope oi spint of the invention
- the personal data Once the personal data has been entered by the user, it is temporarily stored in the first memory means of the eiectionic device A check sum is then created from this data 321 and the direct and complementaiy values of said check sum are written to the end of the personal data stored in said first memory means 323 Next, in order to protect the data during its transfer to the smart card inserted in the reader/vv ⁇ tei.
- said personal data is encrypted 325 through the use of a data encryption means
- the fust time that this procedure is initiated, the kev that is used to encrypt said peisonal data is stored in the digital signatui e aiea of the second memory means of the eiectionic dev ice during the manufacture of the device
- the prefe ⁇ ed data encryption means is the IDEA algorithm although one skilled in the art can readily see that other algo ⁇ thms that perform a similai function may be substituted without matenally changing the scope oi spirit of the invention
- an en or checking algorithm is applied to said personal data 327 Using said algorithm, the personal data and check sum v alues aie encoded to allow foi the l ecovery of said data if it is corrupted during data transfei
- the pieferred error checking algorithm is the Reed-Solomon algorithm although one skilled in the art can readily see that readily see that other algonthms that pei fomi a similai function may be substituted without materially changing the scope or spirit of the inv ention
- this data is decoded 331 and if there ai e anv transmission errois 333 these errors are co ⁇ ected 335
- a check sum calculation is pei formed 339 and the l esultant v alue is checked for any errors in the data 341 If there are no errois.
- this personal data is written as an an ay to the sixth memory means of said smart card 343 If there are errors, the process of ci eating a digital signature is repeated from the point after the personal data had been entered bv the usei and temporaril y stored in the fu st memoiy means of the electronic device If after a predetermined numbei of check sum erroi s have been detected by the smart card 345, the digital signature creation process is terminated 347
- said encryption algorithm will use an 'old encryption key that has been pre- piogrammed into the sixth memory of the smart card The same key is pre-programmed into the digital signature area of the second memory means of the electronic device during the manufacture of the device If encryption of the hash number is not requned for security purposes, the use of said encryption key is not l equned In this manner, the present inv ention produces a unique digital signature without the need for any preprogrammed data Aftei the auto-bui ng piocedure is complete whether the 'old encivption key has been used or not a new enciyption kev is generated from the hash number using the key generation algorithm stored in the fifth memory of the smart caid Said "new " encryption key is w ritten over the 'old key pieviously stored in the sixth memory means of the smart card and the
- the pei sonal data enteied by the user may be ot vaiy ing length, depending upon the memorv limitations of the eiectionic device and the responses of the usei
- the pieferred encryption algorithm (Hav al) can only be applied to said personal data in 16 byte blocks at a time, any portion of the personal data that does not constitute a full 16 byte block must be expanded or inci eased to this full block size
- the data l equned to pioduce a full 16 bvte block is i ead fiom the timer register of the mac opi ocessoi
- the lesultant hash number is stoied in the area set aside for the hash array in the sixth memory
- the first step in the generation of a new encryption key from said hash number is to create a copy of said hash number in the sixth memoiy means of the smart card in the area set aside for use as a sciatch memory buffei
- the timei l egistei is read to generate a pseudo-i andom number containing more than one bit of data
- a multiplicity of bitwise operators such as 'Shift Right' "Shift Left', XOR, AND, and 'Complement', that vvei e previously stored in the fifth memory means of the smart card, are applied to the hash numbei Said multiplicity of opei atoi s aie set in an ordered series
- the pi ev iously generated pseudo-i andom numbei determines whethei a particular bit ise operator is executed or not on said hash numbei For example the v alue ( l oi 0)
- the next step in the process is the ci eation of a prime number 'N' 355 From the hash number array a segment between 28 and 64 bits is landomly selected The exact length of this segment depends on the speed and powei of the specific microprocessor used in the smart card T his segment is used as the starting place to generate a prime number with a value between 1 million and 500 million
- a numbei is created fiom said segment through the division of said segment into a multiplicity eight bit bytes and concatenating the numbei s (between the values 0 and 255) represented bv each bv te
- the resultant number is lefe ⁇ ed to as the 'Guess Number If the Guess Number is an even numbei , it is transformed to an odd value by subtracting the value ' 1 ' from it.
- the preprogrammed array of numbers in increments of 10 million and falling between 1 million and 500 million stored in the sixth memory of the smart card, is checked against the Guess Number to determine the interval number in the array that is lower than the Guess Number (Xi) and the interval number that is greater in value than the Guess Number (Xj). Then, starting from the lower interval value (Xi) and using the prime number creating algorithm stored in the fifth memory means of the smart card, prime numbers are generated until one that is closest to the Guess Number is found.
- the resulting Prime Number (N) will be between 32 to 64 bits in length - the actual length depending on the speed and power of the smart card microprocessor.
- the closest Prime Number (N) to the Guess Number is then stored in the sixth memory means of the smart card in the area set aside for the Prime Number 357.
- an Exponent (v) is then generated from the hash number 359.
- Said Exponent number is generated in the same manner as the Prime Number.
- a segment is first randomly selected from the hash number.
- the segment for the exponent is between 24 and 32 bits in length.
- a Guess Number is created.
- Said Guess Number is then used to determine the upper and lower interval numbers between 1 million and 500 million, and starting from the lower interval, and using the prime number generating algorithm stored in the fifth memory means of the smart card, an exponent prime number is produced.
- This exponent is then stored in the sixth memoiy means of the smart card in the area set aside for the exponent 361.
- the Prime Number (N) and its exponent value (v) are used in the digital signature authentication algorithm stored in the fifth memoiy means of the smart card to verify a match between the digital signatures of an electronic device containing the present invention and a smart card inserted in said electronic device's smart card reader/writer.
- a check sum is produced using the check sum algorithm stored in the fifth memoiy means of the smart card and then written to the sixth memoiy means of said smart card 363.
- the preferred check sum is 32 bits in length with a direct and inverse value although one skilled in the art can readily see that other check sum modes that perform a similar function may be substituted without materially changing the scope or spirit of the invention.
- the address start and address end of this data array is read and stored in the area designated for this data in said sixth memory 365. It is to this address that the application software of the electronic device will jump when the authentication procedure is initiated. This will give the application software the size of the entire digital signature array.
- Figures 3E and 3F show the continuation of the auto-burn g process in both the eiectionic device and smart cai d aftei the creation of the digital signature by said smart card
- the bootstrap program stored in the fust area of the second memory means of the eiectionic device as part of the application software, is loaded to the first memory means of the electronic device microprocessor 367 Said bootstrap program is activated upon receiving an auto-burn command from the smart caid
- This auto-burnmg command sent bv the smart card microprocessor causes the electronic device to write or 'bum' the newly generated digital signature information to the second memory means of the electronic device microprocessor using the bootstrap program and the auto-burning means 113 of the present invention
- the digital signatuie (DS) data ol said smart cai d is lead from the look up table in the sixth memory means 369 Said digital signatui e is then enci y pted 371.
- the encrypted data is then encoded 373 to protect against transmission errors using the transmission error algorithm stored in the fifth memoiy means which l esults in RS(E(DS))
- the resultant enciypted and encoded data is then sent in data blocks to the first memoi y means of the electronic device 375 through one of the multiplicity of data 10 lines 135 that connect the electronic device microprocessor 103 and the smart card microprocessor
- said RS(E(DS)) data packet is decoded 377 using the transmission error checking algorithm stored in the first area of the second memoiy means and then decrypted 379 using the fii st encryption algorithm and the 'old' encryption kev also stored in said second memoiy means As the data blocks of the digital signature aie decoded and decrypted they are written to the third memoiy means of the electronic device
- the subsequent process of burning the digital signatuie data from the thud memoiy to the second memoiy is affected by w hether or not the electronic device microprocessor supports writing data to its second memory means in segments lather than only as a single block of data 381 If segmental writing to the memory is supported only the digital signature itself is written to the third memory 383 before it is auto-burned to the second memoiy means of the electronic device However, if segmental vvntmg is not supported, the entne contents of the second memoiy means, including the device specific application softwaie. bootstrap program. IO device lnteiface and the array specifications digital signature, encry ption keys and check sum data must be first written to the third memory means 385 befoi e it is auto-burned to the second memory
- the bootsti ap progiam 205 of the electronic device is activated to provide the exact procedure and parameters for the burning of said digital signatui e data to the second memory means
- a command 387 is then sent bv the electronic dev ice microprocessoi 103 to the smart caid to activate the programming line (VPP) 148 of the v oltage switching means 113 Said programming line is 'turned on' through the IO pin 145 of the smart card that sets the VPP powei supply 147 voltage to the analog switch 113 to that which causes said voltage switching means to change from "normal operating line 151 (VN) to 'programming line 150 (VPP)
- Digital signatuie data is read from the thud memory means and is wiitten to the second memoiy 391 If some erroi occurs during this writing process 393 the bootstiap program will try to burn the digital signature data to another sector in the digital signatu
- the digital signature data can be successfully written to the second memoiy the start and end addi esses of the digital signature data a ⁇ av ai e enciypted 403 using the first encryption algorithm stoi ed in the fust ai ea of the second memory and then encoded 405 using the error checking algoi ithm also stored in the second memory means and the resultant data (RS(E(ADDR_J. ADDR_ F)) is sent to the smart cai d 407 thiough one of the data IO lines 135 connecting the electronic dev ice microprocessor 103 with the smart cai d reader/writer 111
- the microprocessor of the electronic device 103 is reset by the smart card 421 through pin SCIO_2 134 that is connected to the reset pin 107 of said microprocessor This reset causes the electronic device microprocessor 103 to return to the start of the digital signature authentication routine - as if the power to the electronic device was interrupted or turned on.
- a software reset function is used to reset the smart card software to the beginning of the smart caid digital signature authentication procedure 423 This initiates the digital signature authentication proceeduie which if the digital signature in the electronic device microprocessor matches the digital signature in the inserted smart caid normal
- FIGS. 3H and 31 show the digital signature authentication proceeduie as it occurs in both the electronic device and smart caid
- the first step in this process is the sending of a request 425, to the microprocessoi of the electronic equipment, by the smart card for the digital signature (DS) stored in the area set aside for digital signatures in the second memory means of said electronic device
- This request is sent through one of the multiplicity of data IO lines 135 that connect the electronic device microprocessor 103 and the smart caid reader/writer 111
- said digital signatuie (DS) is read from the look up table foi said digital signature set aside in the second memory of the electronic device 427 Said digital signature is then enciypted 429 using an encryption algoi ithm and "new" encryption key stoied in the second memoiy of the electronic dev ice producing E(DS)
- the preferred data encryption means is the IDEA algorithm although one skilled in the art can readily see that other algorithms that perform a similar function may be substituted w ithout materially changing the scope or spirit of the invention
- an error checking algoi ithm is applied to the encrypted digital signature E(DS) to produce RS(E(DS))
- said digital signatuie is encoded 431 to allow for the recovery of said data if it is conupted during data ti ansfei
- the preferred error checking algorithm is the Reed-Solomon algorithm although one skilled in the art can readily see that readily see that othei algorithms that perform a similar function may be substituted w ithout materially changing the scope or spirit of the inv ention
- This enciypted and encoded digital signature RS(E(DS)) is then sent to the smart card 433 thiough one of the multiplicity of data IO lines 135 that connect the electronic device microprocessor 103 and the smart card
- test number (T) 435 to be applied in the digital signature authentication algorithm
- the exponent (v ) and pi ime number (N) are read from the second memory means of the electronic device microprocessor
- a pseudo-random number ( l ) is generated from the timing means of the electronic device microprocessor bv reading data from the timing legistei
- Test number (T) is then encrypted 437 using the encryption algorithm and new' encryption key stored in the second memory of the electronic device
- This produces E(T) E(T) is then encoded 439 through the application of an error checking algoi ithm that is stored in the first area of the second memory means to produce RS(E(T))
- This enciypted and encoded test number (T' " ) is then sent to the fourth memory means of the smart card 441 through one of the multiplicity of data IO lines 135 that connect the electronic
- T is decoded 447 using the en oi checking algorithm stored in the fifth memory means to produce E(T) If thei e ai e transmission errors, then these are corrected before the decryption procedure If there are no transmission errors then E(T) is then deciypted 449 using the first encryption algorithm stored in the fifth memory means This produces the test number T that was stored in the smart card
- the next step is the generation of a pseudo-random number (d) by the smart cai d microprocessor 451 bv reading data from the timing register created by the timing means connected to the smart card microprocessor
- the data taken from the timing l egister may be used as the pseudo-random number itself or mav be further manipulated thiough the use of one or more algorithms
- Said pseudo-i andom number (d) is then encry pted 453 through the use of the first data encryption means stored in the sixth memory means of the smart caid
- the encryption key that is used to encrypt said personal data is stored in the digital signature area of the sixth memory means of the smart cai d
- the encr pted pseudo-random number E(d) is then encoded 455 using the error checking algorithm stored in the sixth memory means to produce RS(E(d))
- This encoded and encry pted pseudo-random number is then sent to the electronic device microprocessor 457 through one of the multiplicity
- the secret number B is then used to ci eate a Witness Number (t) 465 in which t ⁇ rB**d(mod N) with r equal to the pseudo-random number previously generated by the application software, 'B' the Seciet Number, 'd' the pseudo-random numbei genei ated by the smart card, and 'N' the Prime Number stoied in the second memory of the electronic device 101
- the Witness Number (t) is then encrypted 467 using the first encryption algorithm stored in the second memory means and encoded 469 using the error checking means also stoi ed in said second memo ⁇ means
- the encoded and enciypted Witness Numbei RS(E(t)) is then sent to the smart card 471 through one of the multiplicity of data IO lines 135 that connect the electronic device microprocessoi 103 and the smart cai d microprocessoi
- the electronic device waits for a command from the smart card 473 which w ill indicate if the digital signatuie of the inserted smart card matches that of said electronic device
- said encoded and enciypted Witness Numbei RS(E(t)) is decoded 475 using the error checking algoi ithm stored in the sixth memory means and if there are any data transmission errors they are coi rected
- the enciypted Witness Number E(t) is decrypted 477 using the encryption key stoied in the sixth memory means to produce t
Landscapes
- Engineering & Computer Science (AREA)
- Business, Economics & Management (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Accounting & Taxation (AREA)
- Strategic Management (AREA)
- General Business, Economics & Management (AREA)
- Computer Networks & Wireless Communication (AREA)
- Computer Security & Cryptography (AREA)
- Microelectronics & Electronic Packaging (AREA)
- Finance (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- General Engineering & Computer Science (AREA)
- Storage Device Security (AREA)
Abstract
Description
Claims
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
EP00977826A EP1214639A1 (en) | 2000-01-19 | 2000-12-11 | Security system involving creation and auto-burning of a digital signature in an electronic device and intelligent token device |
AU15455/01A AU1545501A (en) | 2000-01-19 | 2000-12-11 | Security system involving creation and auto-burning of a digital signature in anelectronic device and intelligent token device |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US48747600A | 2000-01-19 | 2000-01-19 | |
US09/487,476 | 2000-01-19 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2001053915A1 true WO2001053915A1 (en) | 2001-07-26 |
Family
ID=23935871
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/IB2000/001846 WO2001053915A1 (en) | 2000-01-19 | 2000-12-11 | Security system involving creation and auto-burning of a digital signature in an electronic device and intelligent token device |
Country Status (3)
Country | Link |
---|---|
EP (1) | EP1214639A1 (en) |
AU (1) | AU1545501A (en) |
WO (1) | WO2001053915A1 (en) |
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
GB2390701A (en) * | 2002-04-17 | 2004-01-14 | Walter Paterson | Digital certificate Management with smart card storage |
EP1645930A1 (en) * | 2004-10-11 | 2006-04-12 | Texas Instruments Incorporated | Method and system for detecting a security violation using an error correction code |
CN100357864C (en) * | 2005-01-31 | 2007-12-26 | 深圳市证通电子股份有限公司 | Keyboard encrypting method |
WO2011138009A1 (en) * | 2010-05-04 | 2011-11-10 | Giesecke & Devrient Gmbh | Method for personalizing a portable data storage medium, in particular a chip card |
CN106933603A (en) * | 2015-12-29 | 2017-07-07 | 深圳市博巨兴实业发展有限公司 | A kind of method of burning chip, device and microcontroller |
CN113806774A (en) * | 2021-09-15 | 2021-12-17 | 惠州市德赛电池有限公司 | Encryption method, decryption method and system |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5288978A (en) * | 1990-10-05 | 1994-02-22 | Kabushiki Kaisha Toshiba | Mutual authentication system and method which checks the authenticity of a device before transmitting authentication data to the device |
US5293029A (en) * | 1989-01-17 | 1994-03-08 | Kabushiki Kaisha Toshiba | System for mutually certifying an IC card and an IC card terminal |
US5367572A (en) * | 1984-11-30 | 1994-11-22 | Weiss Kenneth P | Method and apparatus for personal identification |
US5964877A (en) * | 1997-04-07 | 1999-10-12 | Victor; David William | Method and system for programming a security system to protect a protected unit |
-
2000
- 2000-12-11 WO PCT/IB2000/001846 patent/WO2001053915A1/en not_active Application Discontinuation
- 2000-12-11 EP EP00977826A patent/EP1214639A1/en not_active Withdrawn
- 2000-12-11 AU AU15455/01A patent/AU1545501A/en not_active Abandoned
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5367572A (en) * | 1984-11-30 | 1994-11-22 | Weiss Kenneth P | Method and apparatus for personal identification |
US5293029A (en) * | 1989-01-17 | 1994-03-08 | Kabushiki Kaisha Toshiba | System for mutually certifying an IC card and an IC card terminal |
US5288978A (en) * | 1990-10-05 | 1994-02-22 | Kabushiki Kaisha Toshiba | Mutual authentication system and method which checks the authenticity of a device before transmitting authentication data to the device |
US5964877A (en) * | 1997-04-07 | 1999-10-12 | Victor; David William | Method and system for programming a security system to protect a protected unit |
Cited By (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
GB2390701A (en) * | 2002-04-17 | 2004-01-14 | Walter Paterson | Digital certificate Management with smart card storage |
EP1645930A1 (en) * | 2004-10-11 | 2006-04-12 | Texas Instruments Incorporated | Method and system for detecting a security violation using an error correction code |
CN100357864C (en) * | 2005-01-31 | 2007-12-26 | 深圳市证通电子股份有限公司 | Keyboard encrypting method |
WO2011138009A1 (en) * | 2010-05-04 | 2011-11-10 | Giesecke & Devrient Gmbh | Method for personalizing a portable data storage medium, in particular a chip card |
US8973836B2 (en) | 2010-05-04 | 2015-03-10 | Giesecke & Devrient Gmbh | Method for personalizing a portable data carrier, in particular a chip card |
CN106933603A (en) * | 2015-12-29 | 2017-07-07 | 深圳市博巨兴实业发展有限公司 | A kind of method of burning chip, device and microcontroller |
CN106933603B (en) * | 2015-12-29 | 2024-03-05 | 深圳市博巨兴微电子科技有限公司 | Chip burning method, device and microcontroller |
CN113806774A (en) * | 2021-09-15 | 2021-12-17 | 惠州市德赛电池有限公司 | Encryption method, decryption method and system |
CN113806774B (en) * | 2021-09-15 | 2024-02-13 | 惠州市德赛电池有限公司 | Encryption method, decryption method and system |
Also Published As
Publication number | Publication date |
---|---|
EP1214639A1 (en) | 2002-06-19 |
AU1545501A (en) | 2001-07-31 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US5442645A (en) | Method for checking the integrity of a program or data, and apparatus for implementing this method | |
US6094724A (en) | Secure memory having anti-wire tapping | |
US5610981A (en) | Preboot protection for a data security system with anti-intrusion capability | |
US7461268B2 (en) | E-fuses for storing security version data | |
US5841868A (en) | Trusted computer system | |
US5155680A (en) | Billing system for computing software | |
US4959861A (en) | Security system for computer software | |
US4910774A (en) | Method and system for suthenticating electronic memory cards | |
KR101885393B1 (en) | Device for and method of handling sensitive data | |
US20070297606A1 (en) | Multiple key security and method for electronic devices | |
US20030120922A1 (en) | Device authentication system and method | |
US20100043078A1 (en) | Secure compact flash | |
US20210397441A1 (en) | Firmware updating system and method | |
JPH07182243A (en) | Integrated circuit containing protected memory and protectedsystem using said integrated circuit | |
US5155829A (en) | Memory system and method for protecting the contents of a ROM type memory | |
WO1999064996A1 (en) | Preloaded ic-card and method for authenticating the same | |
US5553144A (en) | Method and system for selectively altering data processing system functional characteristics without mechanical manipulation | |
CN112069551B (en) | Electronic circuit | |
US7216235B1 (en) | Drive/host locking system | |
CN110298951B (en) | Encryption method and encryption system for M1 card | |
CN112560120A (en) | Secure memory bank and starting method thereof | |
EP1214639A1 (en) | Security system involving creation and auto-burning of a digital signature in an electronic device and intelligent token device | |
US7836219B1 (en) | System and method for authentication of embedded RAID on a host RAID card | |
JP4489915B2 (en) | Portable information processing device with password verification function | |
JP2004503860A (en) | Data processing method and apparatus for execution of protected instructions |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AK | Designated states |
Kind code of ref document: A1 Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CR CU CZ DE DK DM DZ EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG UZ VN YU ZA ZW |
|
AL | Designated countries for regional patents |
Kind code of ref document: A1 Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG |
|
121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
WWE | Wipo information: entry into national phase |
Ref document number: 2000977826 Country of ref document: EP |
|
REG | Reference to national code |
Ref country code: DE Ref legal event code: 8642 |
|
WWP | Wipo information: published in national office |
Ref document number: 2000977826 Country of ref document: EP |
|
WWW | Wipo information: withdrawn in national office |
Ref document number: 2000977826 Country of ref document: EP |
|
NENP | Non-entry into the national phase |
Ref country code: JP |