WO2002009347A1 - Method of processing a secret key and a device - Google Patents

Method of processing a secret key and a device Download PDF

Info

Publication number
WO2002009347A1
WO2002009347A1 PCT/FI2001/000653 FI0100653W WO0209347A1 WO 2002009347 A1 WO2002009347 A1 WO 2002009347A1 FI 0100653 W FI0100653 W FI 0100653W WO 0209347 A1 WO0209347 A1 WO 0209347A1
Authority
WO
WIPO (PCT)
Prior art keywords
secret key
recoding
coded
memory
output
Prior art date
Application number
PCT/FI2001/000653
Other languages
French (fr)
Inventor
Lauri Paatero
Original Assignee
Setec Oy
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Setec Oy filed Critical Setec Oy
Priority to AU2001279831A priority Critical patent/AU2001279831A1/en
Publication of WO2002009347A1 publication Critical patent/WO2002009347A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/002Countermeasures against attacks on cryptographic mechanisms
    • H04L9/003Countermeasures against attacks on cryptographic mechanisms for power analysis, e.g. differential power analysis [DPA] or simple power analysis [SPA]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2207/00Indexing scheme relating to methods or arrangements for processing data by operating upon the order or content of the data handled
    • G06F2207/72Indexing scheme relating to groups G06F7/72 - G06F7/729
    • G06F2207/7219Countermeasures against side channel or fault attacks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/12Details relating to cryptographic hardware or logic circuitry

Definitions

  • the invention relates to processing a secret key in a device, where an output is calculated using said secret key, an input and a predetermined algorithm.
  • a device is a smart card, which can be authenticated using a secret key. In such a case, the smart card produces an output to the input using the secret key and the predetermined algorithm.
  • the invention relates in particular to protecting a secret key so that an outside attacker cannot determine the secret key.
  • the present invention is not restricted to smart cards only, but the solution of the invention can be utilized in other connections too, where a secret key needs to be protected. However, in the following the invention is explained by way of example referring primarily to smart cards.
  • the recoding of the secret key may provide an outside attacker with the kind of information that may enable the outside attacker to determine the se- cret key.
  • the energy consumption during the recoding of the secret key may assist to determine the secret key, especially if the outside attacker is capable of interrupting the recoding in such a manner that the recoding of the secret key is repeatedly initiated using the same values.
  • the outside attacker may explicitly collect statistics over the energy consumption, and on the basis of said statistics and other available information try to determine the secret key in use.
  • the idea of this invention is to solve the above problem and to offer a solution that further improves the protection of a secret key and ensures that an outside attacker is not able to obtain information that may assist to determine the secret key during the recoding of the secret key.
  • This aim is achieved with a method of the invention of processing a secret key comprising the steps of: storing a coded secret key into a memory, retrieving the coded secret key from the memory and producing an output using said secret key, an input and a predetermined calculation algorithm as a response to the reception of the input, and recoding the secret key and storing the new coded secret key into the memory.
  • the method of the invention is characterized by calculating the number of interrupted recoding attempts, and by performing such a locking that prevents the use of the secret key, if the number of interrupted recoding attempts reaches a limit defined thereto.
  • the invention also relates to a device that allows to apply the method of the invention.
  • the device of the invention includes: a memory into which a coded secret key is stored, an input for receiving an input, calculation means arranged to calculate an output using the input and the coded secret key utilizing a predetermined calculation algorithm, an output for feeding said output forward, and coding means for recoding the coded secret key stored into the memory and for storing said secret key into the memory to replace the previously coded secret key.
  • the device of the invention is characterized by comprising counter means for recording the number of interrupted recoding attempts and for performing such a locking that prevents the use of the secret key, if the number of interrupted recoding attempts reaches a limit defined thereto.
  • the invention is based on the idea that as the number of unsuccessful recoding attempts of the secret key is limited in a device, such as a smart card, then such a situation can be avoided in which an outside attacker could collect statistics over the information created during the recoding of the key. Consequently, an outside attacker does not achieve any advantages of the fact that he/she is capable of interrupting the recoding before a new coded key can be stored into the memory of the device, since the number of interrupted recoding attempts can be defined to be so small that an outside attacker cannot collect a sufficient amount of statistics to determine the secret key.
  • the collection of a sufficient amount of statistics can be prevented by locking the use of the secret key, for example in such a manner that the device, a smart card for instance, can no longer read the coded secret key from the memory.
  • the device can be programmed to switch off the current feed always when it detects that the number of recoding attempts exceeds the defined threshold value.
  • the number of recoding attempts is calculated by setting a flag before starting to recode the secret key. Said flag is deleted when the recoding is completed. As it is always checked, when current is switched on, that said flag is set, it can be established whether the recoding of the secret key is interrupted. In a normal situation, or when recoding is successfully accomplished and a new coded key is stored into the memory, the flag is deleted, and consequently it is detected, when the current is switched on, that no flag is set. If, in turn, an outside attacker has for example switched off the current before the recoding is completed, then this is observed after the current is switched on, since the flag indicating recoding is set. In this embodiment an individual memory location, the value of which showing whether the flag is set or not, can be used as the flag.
  • Figure 1 is a flow chart showing a first preferred embodiment of the method according to the invention
  • Figure 2 is a block diagram showing a first preferred embodiment of the device according to the invention.
  • FIG. 1 is a flow chart showing a first preferred embodiment of the method according to the invention.
  • the flow chart in Figure 1 can be utilized for example when authenticating a smart card by means of an indi- vidual secret key in the smart card and a predetermined calculation algorithm.
  • the smart card receives an input INPUT from an external device and thereafter calculates an output using a calculation algorithm, an input and a secret key that it feeds to the external device.
  • the external device performs the same calculation operation using the same calculation algorithm, the same secret key and the same input. If the output of the smart card and the output calculated by the external device correspond with one another, then the smart card is authenticated.
  • block A current is switched on in the device, for instance in a smart card.
  • a flag FLAG indicating the recoding of the secret key is set. If the flag is set, or the value of the variable FLAG is 1 in the example shown in Figure 1 , it signifies that the previous recoding attempt of the secret key is interrupted.
  • the value of a counter C is then changed in block C. The counter C allows to calculate the number of interrupted recoding attempts in the example shown in Figure 1.
  • the process proceeds to block E, where the secret key is locked.
  • the secret key can be locked for example in such a manner that the processor of the device in question, such as the smart card, does no longer try to retrieve the coded secret key from the memory. Alternatively the processor prevents in the future the production of the outputs and/or the recoding of the secret key.
  • block D If, in turn, it is detected in block D that the value of the counter C has not reached the limit Cmax, or alternatively it is observed already in block B that the FLAG is not set, then the process proceeds to block G.
  • block G it is checked if it is time to recode the secret key.
  • the smart card can be programmed to recode the secret key for example when the coded key in use is employed to produce a certain amount of outputs, for instance 1000 outputs. Alternatively the smart card can be programmed to randomly decide upon the recoding of the secret key.
  • a flag FLAG indicating recoding is set in block H (by providing the variable FLAG with value 1).
  • the secret key is recoded in block I.
  • the recoding may include reading the coded key in use from the memory, decoding the coded key read from the memory, and utilizing the decoded secret key in a predetermined calculation algorithm used to calculate a new coded secret key.
  • a new coded key is calculated, it is stored into the memory in block J to replace the previously coded key. Thereafter, the flag indicating recoding is deleted in block K by setting the value of variable FLAG to 0.
  • the smart card waits for an input.
  • the smart card receives the input, it produces an output in block M.
  • the smart card of said output produces the input using the coded key retrieved from the memory and the predetermined calculation algorithm.
  • Figure 1 shows only one example of the order, in which the different stages of the method according to the invention can be implemented. The stages can naturally also be implemented in a different order, for example so that the device is used to produce an output before recoding the secret key.
  • Figure 2 is a block diagram showing a first preferred embodiment of the device according to the invention.
  • the device shown in Figure 2 may for instance be an identification card that allows to electronically confirm the identity of a person, an electronic charge card, in the memory of which a certain currency balance is stored, an authorization card that shows a satellite receiver connected to a television receiver that watching a particular chargeable channel is allowed, or any other device that must be reliably authenticated.
  • the device 1 includes a counter means formed of a proces- sor P that utilizes a certain calculation algorithm f.
  • the device 1 also includes a memory M that may for instance be an EEPROM memory.
  • the secret key of the device 1 is stored into the memory M in a coded mode.
  • a secret key A is formed of a bit sequence, the length of which may be for example 64 bits.
  • a key-specific number RND also formed of the bit sequence is also stored into the memory M, as well as variable FLAG used as the flag indicating the recoding of the secret key and the value of the counter C.
  • the device 1 feeds the output OUTPUT forward through the input 3, and the output is thereby transmitted to an external authentication process, for example.
  • the processor P in Figure 2 can be arranged to initiate the recoding of the secret key after each produced output. Consequently, the decoding of the secret code is made as difficult as possible.
  • an output counter (not shown in the Figures) may be included in the device 1, the output counter keeping record of the number of times the processor P produces an output OUTPUT.
  • the processor P initiates the recoding of the secret key for implementing a new coded key A' and a new key- specific number RND.
  • the processor 3 initiates the recoding of the secret key at random intervals. The use of the counter or random recoding allows to save the resources that would be used to recode the secret key after each usage time.
  • the processor P calculates the secret key A on the basis of the coded key A' stored in the memory M, the key-specific number RND and the calculation algorithm g'.
  • the processor P feeds the secret key A calculated in this way to another processor 4 (deviating from Figure 2 the device 1 may include only one processor, in which case the processor P also performs the functions of the second processor 4 shown in Figure 2).
  • the processor P controls a random number gen- erator 5 to produce a new random number that the random number generator feeds to the second processor 4.
  • the processor 4 stores the new coded key A' into the memory together with the new key-specific num- ber RND formed of a random number to replace the previously coded key and the previously key-specific number.
  • the device 1 may perform other calculation operations too during the recoding of the secret key.
  • the counter C is utilized in the device shown in Figure 2 that records the number of interrupted recoding attempts.
  • the number of interrupted recoding attempts is calculated in the device shown in Figure 2 in such a manner that, when the processor P initiates the recoding of the secret key as explained above, it starts the process by setting a flag to indicate the recoding. This occurs in the device shown in Figure 2 so that the processor stores 1 as the value of the variable FLAG.
  • the processor 4 When the recoding of the secret key A is completed, and the processor 4 has stored the new recoded key A' and the key-specific number RND into the memory M, it deletes the flag indicating the recoding of the secret key. This takes place in such a manner that the processor 4 stores 0 as the value of the variable FLAG into the memory M.
  • the value of the variable FLAG in the memory M shows whether the recoding of the secret key is in process at a particular moment. If the recoding is interrupted, for example, because current feed is switched off in the device 1 before the recoding is completed, then the value of the variable FLAG remains 1 in the memory.
  • the processor P is arranged to check the value of the counter C always before it retrieves the coded key A' from the memory . If the counter has in such a case reached the threshold value, the processor does not read the coded key A' from the memory, and all the operations requiring the use of the secret key therefore remain un-performed.
  • the present invention is described above in Figures 1 and 2 by way of example using a symmetrical cryptographic solution. However, the present invention can also be utilized with an asymmetric cryptographic solution.
  • An example of such an asymmetric cryptographic solution is the electronic signature of the message, in which the writer of the message produces a digital signature to be sent with the message using a first secret key.
  • the receiver of the message may, in turn, employ a public key compatible with the first secret key that can be used to decode the digital signature, and consequently to ensure from the result that the message is actually sent by a correct sender.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)

Abstract

The invention relates to a device including: a memory (M), into which a coded secret key (A') is stored, an input (') for receiving an input (INPUT), calculation means, (P, 4) arranged to calculate an output using the input (INPUT) and the coded secret key (A') utilizing the predetermined calculation calculation algorithm (f, g'), an output (3) for feeding said output (OUTPUT) forward, and coding means (P, 4, 5) for recoding the coded secret key (A') stored into the memory (M) and for storing said key into the memory (M) to replace the previously coded secret key. In order to prevent an outside attacker from utilizing the information created when recoding the secret key for determining the secret key, the device (1) comprises counter means for recording the number of interrupted recoding attempts and for performing such a locking that prevents the use of the secret key, if the number of interrupted recoding attempts reaches a limit defined thereto.

Description

METHOD OF PROCESSING A SECRET KEY AND A DEVICE
[0001] The invention relates to processing a secret key in a device, where an output is calculated using said secret key, an input and a predetermined algorithm. An example of such a device is a smart card, which can be authenticated using a secret key. In such a case, the smart card produces an output to the input using the secret key and the predetermined algorithm.
[0002] The invention relates in particular to protecting a secret key so that an outside attacker cannot determine the secret key. The present invention is not restricted to smart cards only, but the solution of the invention can be utilized in other connections too, where a secret key needs to be protected. However, in the following the invention is explained by way of example referring primarily to smart cards.
[0003] In order to make the determination of the secret key as difficult as possible for an outside attacker it is previously known to store the se- cret key in a coded mode into the memory of the device, such as the smart card. During authentication the coded key is read from the memory, whereafter calculation operations are performed and the key is decoded and the secret key is used to calculate an output to the input fed into the smart card utilizing the predetermined algorithm. In order to make the determination of the se- cret key as difficult as possible for an outside attacker it is previously known to recode the coded secret key. This can be carried out, for example, by maintaining a counter to record the number of times the coded secret key in use is employed to produce an output to an input. When the counter reaches a certain threshold value, the recoding of the secret key is initiated, and the new coded secret key calculated using a predetermined calculation algorithm is stored into the memory of the smart card or the like.
[0004] A significant drawback with the above prior art solution is that the recoding of the secret key may provide an outside attacker with the kind of information that may enable the outside attacker to determine the se- cret key. Particularly the energy consumption during the recoding of the secret key may assist to determine the secret key, especially if the outside attacker is capable of interrupting the recoding in such a manner that the recoding of the secret key is repeatedly initiated using the same values. In such a case the outside attacker may explicitly collect statistics over the energy consumption, and on the basis of said statistics and other available information try to determine the secret key in use. [0005] The idea of this invention is to solve the above problem and to offer a solution that further improves the protection of a secret key and ensures that an outside attacker is not able to obtain information that may assist to determine the secret key during the recoding of the secret key. This aim is achieved with a method of the invention of processing a secret key comprising the steps of: storing a coded secret key into a memory, retrieving the coded secret key from the memory and producing an output using said secret key, an input and a predetermined calculation algorithm as a response to the reception of the input, and recoding the secret key and storing the new coded secret key into the memory. The method of the invention is characterized by calculating the number of interrupted recoding attempts, and by performing such a locking that prevents the use of the secret key, if the number of interrupted recoding attempts reaches a limit defined thereto.
[0006] The invention also relates to a device that allows to apply the method of the invention. The device of the invention includes: a memory into which a coded secret key is stored, an input for receiving an input, calculation means arranged to calculate an output using the input and the coded secret key utilizing a predetermined calculation algorithm, an output for feeding said output forward, and coding means for recoding the coded secret key stored into the memory and for storing said secret key into the memory to replace the previously coded secret key. The device of the invention is characterized by comprising counter means for recording the number of interrupted recoding attempts and for performing such a locking that prevents the use of the secret key, if the number of interrupted recoding attempts reaches a limit defined thereto.
[0007] The invention is based on the idea that as the number of unsuccessful recoding attempts of the secret key is limited in a device, such as a smart card, then such a situation can be avoided in which an outside attacker could collect statistics over the information created during the recoding of the key. Consequently, an outside attacker does not achieve any advantages of the fact that he/she is capable of interrupting the recoding before a new coded key can be stored into the memory of the device, since the number of interrupted recoding attempts can be defined to be so small that an outside attacker cannot collect a sufficient amount of statistics to determine the secret key. [0008] The collection of a sufficient amount of statistics can be prevented by locking the use of the secret key, for example in such a manner that the device, a smart card for instance, can no longer read the coded secret key from the memory. Alternatively the device can be programmed to switch off the current feed always when it detects that the number of recoding attempts exceeds the defined threshold value.
[0009] The most significant advantage of the solution according to the invention is therefore the fact that the processing of the secret key is now better protected than before, and that it is more difficult for an outside attacker to determine the secret key.
[0010] In a preferred embodiment of the method according to the invention the number of recoding attempts is calculated by setting a flag before starting to recode the secret key. Said flag is deleted when the recoding is completed. As it is always checked, when current is switched on, that said flag is set, it can be established whether the recoding of the secret key is interrupted. In a normal situation, or when recoding is successfully accomplished and a new coded key is stored into the memory, the flag is deleted, and consequently it is detected, when the current is switched on, that no flag is set. If, in turn, an outside attacker has for example switched off the current before the recoding is completed, then this is observed after the current is switched on, since the flag indicating recoding is set. In this embodiment an individual memory location, the value of which showing whether the flag is set or not, can be used as the flag.
[0011] The preferred embodiments of the method and the device according to the invention are disclosed in the appended dependent claims 2 and 4 to 6. In the following the invention will be described by way of example in greater detail with reference to the accompanying drawings, in which
Figure 1 is a flow chart showing a first preferred embodiment of the method according to the invention, and Figure 2 is a block diagram showing a first preferred embodiment of the device according to the invention.
[0012] Figure 1 is a flow chart showing a first preferred embodiment of the method according to the invention. The flow chart in Figure 1 can be utilized for example when authenticating a smart card by means of an indi- vidual secret key in the smart card and a predetermined calculation algorithm. Thus, the smart card receives an input INPUT from an external device and thereafter calculates an output using a calculation algorithm, an input and a secret key that it feeds to the external device. The external device performs the same calculation operation using the same calculation algorithm, the same secret key and the same input. If the output of the smart card and the output calculated by the external device correspond with one another, then the smart card is authenticated.
[0013] In block A, current is switched on in the device, for instance in a smart card. Thus, when the current is switched on, or in practice immediately after the current is switched on, it is checked in block B whether a flag FLAG indicating the recoding of the secret key is set. If the flag is set, or the value of the variable FLAG is 1 in the example shown in Figure 1 , it signifies that the previous recoding attempt of the secret key is interrupted. The value of a counter C is then changed in block C. The counter C allows to calculate the number of interrupted recoding attempts in the example shown in Figure 1. [0014] If it is detected in block D that the value of the counter C has reached a limit Cmax used to define the largest allowed number of interrupted recoding attempts, then the process proceeds to block E, where the secret key is locked. The secret key can be locked for example in such a manner that the processor of the device in question, such as the smart card, does no longer try to retrieve the coded secret key from the memory. Alternatively the processor prevents in the future the production of the outputs and/or the recoding of the secret key. Several alternative locking methods exist, but what is important is that such operations associated with the secret key that might provide an outside attacker with information about the secret key end after the secret key has been locked.
[0015] If, in turn, it is detected in block D that the value of the counter C has not reached the limit Cmax, or alternatively it is observed already in block B that the FLAG is not set, then the process proceeds to block G. In block G, it is checked if it is time to recode the secret key. The smart card can be programmed to recode the secret key for example when the coded key in use is employed to produce a certain amount of outputs, for instance 1000 outputs. Alternatively the smart card can be programmed to randomly decide upon the recoding of the secret key.
[0016] If the recoding of the secret key is of immediate importance in block G, then a flag FLAG indicating recoding is set in block H (by providing the variable FLAG with value 1). After this, the secret key is recoded in block I. The recoding may include reading the coded key in use from the memory, decoding the coded key read from the memory, and utilizing the decoded secret key in a predetermined calculation algorithm used to calculate a new coded secret key. [0017] When a new coded key is calculated, it is stored into the memory in block J to replace the previously coded key. Thereafter, the flag indicating recoding is deleted in block K by setting the value of variable FLAG to 0. If the current is, for instance, switched off from the smart card, the value of variable FLAG still remains the same, i.e. FLAG=0. Thus, as current is again switched on in the smart card after such a normally ending recoding operation of the secret key has been carried out, it is detected in block B that the flag indicating recoding is not set.
[0018] In block L the smart card waits for an input. When the smart card receives the input, it produces an output in block M. The smart card of said output produces the input using the coded key retrieved from the memory and the predetermined calculation algorithm.
[0019] Figure 1 shows only one example of the order, in which the different stages of the method according to the invention can be implemented. The stages can naturally also be implemented in a different order, for example so that the device is used to produce an output before recoding the secret key. [0020] Figure 2 is a block diagram showing a first preferred embodiment of the device according to the invention. The device shown in Figure 2 may for instance be an identification card that allows to electronically confirm the identity of a person, an electronic charge card, in the memory of which a certain currency balance is stored, an authorization card that shows a satellite receiver connected to a television receiver that watching a particular chargeable channel is allowed, or any other device that must be reliably authenticated.
[0021] The device 1 includes a counter means formed of a proces- sor P that utilizes a certain calculation algorithm f. The device 1 also includes a memory M that may for instance be an EEPROM memory. The secret key of the device 1 is stored into the memory M in a coded mode. A secret key A is formed of a bit sequence, the length of which may be for example 64 bits. A key-specific number RND also formed of the bit sequence is also stored into the memory M, as well as variable FLAG used as the flag indicating the recoding of the secret key and the value of the counter C. [0022] When a particular input INPUT is fed into an input 2 of the device 1 , the processor P retrieves from the memory M the coded key A' stored therein and the key-specific number RND. After this, the processor decodes the secret key A' using the calculation algorithm A=g'(A\ RND). When the secret key A is determined, the processor P calculates an output OUTPUT by means of the calculation algorithm f, the value of which depends on the secret key A and the input INPUT, i.e. OUTPUT=f(INPUT, A).
[0023] The device 1 feeds the output OUTPUT forward through the input 3, and the output is thereby transmitted to an external authentication process, for example.
[0024] The processor P in Figure 2 can be arranged to initiate the recoding of the secret key after each produced output. Consequently, the decoding of the secret code is made as difficult as possible. Alternatively an output counter (not shown in the Figures) may be included in the device 1, the output counter keeping record of the number of times the processor P produces an output OUTPUT. When the counter concerned reaches a predetermined threshold value, for example 1000, the processor P initiates the recoding of the secret key for implementing a new coded key A' and a new key- specific number RND. A still further alternative is that the processor 3 initiates the recoding of the secret key at random intervals. The use of the counter or random recoding allows to save the resources that would be used to recode the secret key after each usage time.
[0025] In order to recode the secret key the processor P calculates the secret key A on the basis of the coded key A' stored in the memory M, the key-specific number RND and the calculation algorithm g'. The processor P feeds the secret key A calculated in this way to another processor 4 (deviating from Figure 2 the device 1 may include only one processor, in which case the processor P also performs the functions of the second processor 4 shown in Figure 2). At the same time the processor P controls a random number gen- erator 5 to produce a new random number that the random number generator feeds to the second processor 4.
[0026] The second processor 4 is programmed to perform calculations using the second predetermined calculation algorithm g. In this way, it calculates a new coded key A' on the basis of the secret key A and the new random number RND, in which case A'=g(A,RND). The processor 4 stores the new coded key A' into the memory together with the new key-specific num- ber RND formed of a random number to replace the previously coded key and the previously key-specific number. In order to make it more difficult for an outside attacker to obtain useful information when the secret key is recoded, the device 1 may perform other calculation operations too during the recoding of the secret key. What may then be concerned is for example calculation operations based on the random numbers, whose result bear no relevance, but the performance of which causes radiation and increases the current consumption of the device 1. An outside attacker can therefore not know which part of the radiation/current consumption is associated with the processing of the secret key.
[0027] As an outside attacker may benefit from being able to interrupt the recoding of the secret key before it is ended (in which case the recoding of the secret key must be re-started from the same given values), the counter C is utilized in the device shown in Figure 2 that records the number of interrupted recoding attempts.
[0028] The number of interrupted recoding attempts is calculated in the device shown in Figure 2 in such a manner that, when the processor P initiates the recoding of the secret key as explained above, it starts the process by setting a flag to indicate the recoding. This occurs in the device shown in Figure 2 so that the processor stores 1 as the value of the variable FLAG. When the recoding of the secret key A is completed, and the processor 4 has stored the new recoded key A' and the key-specific number RND into the memory M, it deletes the flag indicating the recoding of the secret key. This takes place in such a manner that the processor 4 stores 0 as the value of the variable FLAG into the memory M. Thus, the value of the variable FLAG in the memory M shows whether the recoding of the secret key is in process at a particular moment. If the recoding is interrupted, for example, because current feed is switched off in the device 1 before the recoding is completed, then the value of the variable FLAG remains 1 in the memory. In accordance with the invention, the device 1 checks the value of the variable FLAG at the same time as the current feed is switched on. If FLAG=1 , then the device alters the value of the counter C by increasing it by one. If the counter C indicates that the number of interrupted recoding attempts reaches the upper limit defined thereto (for example C=10), then the device 1 locks the use of the secret key. This may occur, for example, in such a manner that the processor P is arranged to check the value of the counter C always before it retrieves the coded key A' from the memory . If the counter has in such a case reached the threshold value, the processor does not read the coded key A' from the memory, and all the operations requiring the use of the secret key therefore remain un-performed. [0029] The present invention is described above in Figures 1 and 2 by way of example using a symmetrical cryptographic solution. However, the present invention can also be utilized with an asymmetric cryptographic solution. An example of such an asymmetric cryptographic solution is the electronic signature of the message, in which the writer of the message produces a digital signature to be sent with the message using a first secret key. The receiver of the message may, in turn, employ a public key compatible with the first secret key that can be used to decode the digital signature, and consequently to ensure from the result that the message is actually sent by a correct sender. [0030] It is understandable that the above description and the Figures associated therewith are merely intended to illustrate the present invention. It is obvious for those skilled in the art that the invention can be implemented and modified in various ways without deviating from the attached claims within the scope and spirit of the invention.

Claims

1. A method of processing a secret key comprising the steps of: storing a coded secret key into a memory, retrieving the coded secret key from the memory and producing an output using said secret key, an input and a predetermined calculation algorithm as a response to the reception of the input, and recoding the secret key and storing the new coded secret key into the memory, c h a r a c t e r i z e d by calculating the number of interrupted recoding attempts, and by performing such a locking that prevents the use of the secret key, if the number of interrupted recoding attempts reaches a limit defined thereto.
2. A method as claimed in claim 1, c h a r a c t e r i z e d in that in order to calculate the recoding attempts the method comprises the steps of setting a flag indicating the beginning of the recoding before starting to recode the secret key, deleting said flag after the end of the recoding, and checking, when current is switched on, whether said flag is set, and changing the value indicated by a counter used for counting the number of interrupted recoding attempts, if said flag indicates that the recoding of the secret key has started when the current is switched on.
3. A device including: a memory (M), into which a coded secret key (A') is stored, an input (2) for receiving an input (INPUT), calculation means (P, 4) arranged to calculate an output using the input (INPUT) and the coded secret key (A') utilizing a predetermined calculation algorithm (f, g'), an output (3) for feeding said output (OUTPUT) forward, and coding means (P, 4, 5) for recoding the coded secret key (A') stored into the memory ( ) and for storing said key into the memory (M) to replace the previously coded secret key, c h a r a c t e r i z e d by the device (1) comprising counter means (P, ) for recording the number of interrupted recoding attempts and for performing such a locking that prevents the use of the secret key, if the number of interrupted recoding attempts reaches a limit de- fined thereto.
4. A device as claimed in claim 3, c h a r a c t e r i z e d in that the coding means (P, 4, 5) set a flag (FLAG) indicating recoding when the recoding of the secret key is started and delete said flag when the recoding of the secret key (A) is completed, and the counter means (P, M) change the value of a counter (C) indicating the number of interrupted coding attempts, if the flag indicating recoding is set when current is switched on in the device.
5. A device as claimed in claim 3 or 4, c h a r a c t e r i z e d in that the device includes an output counter for calculating the number of outputs (OUTPUT) produced with the coded key (A') in use, and the coding means (P, 4, 5) are responsive to said output counter for recoding the coded secret key (A') stored into the memory (M) and for storing said secret key into the memory (M) to replace the previously coded secret key, when the output counter reaches a predetermined threshold value.
6. A device as claimed in claim 3 or 4, c h a r a c t e r i z e d in that the coding means (P, 4, 5) are arranged to recode the secret key (A) and to store the new coded secret key into the memory (M) to replace the previously stored coded secret key, when the previously coded secret key has been used to produce an output.
PCT/FI2001/000653 2000-07-11 2001-07-09 Method of processing a secret key and a device WO2002009347A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
AU2001279831A AU2001279831A1 (en) 2000-07-11 2001-07-09 Method of processing a secret key and a device

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
FI20001644A FI112013B (en) 2000-07-11 2000-07-11 Procedure for processing a secret key and device
FI20001644 2000-07-11

Publications (1)

Publication Number Publication Date
WO2002009347A1 true WO2002009347A1 (en) 2002-01-31

Family

ID=8558762

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/FI2001/000653 WO2002009347A1 (en) 2000-07-11 2001-07-09 Method of processing a secret key and a device

Country Status (3)

Country Link
AU (1) AU2001279831A1 (en)
FI (1) FI112013B (en)
WO (1) WO2002009347A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
FR2864277A1 (en) * 2003-12-23 2005-06-24 Infineon Technologies Ag Chip for smart card e.g. pay TV card, has monitoring unit signaling to processing unit that operation determined in advance is to be prevented based on overshoot or undershoot of count provided by counter to certain value

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0818762A2 (en) * 1996-07-08 1998-01-14 Kanekichi Corporation Coding device, decoding device and IC circuit
WO1999035782A1 (en) * 1998-01-02 1999-07-15 Cryptography Research, Inc. Leak-resistant cryptographic method and apparatus
WO2001006700A1 (en) * 1999-07-16 2001-01-25 Setec Oy Method of producing a response

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0818762A2 (en) * 1996-07-08 1998-01-14 Kanekichi Corporation Coding device, decoding device and IC circuit
WO1999035782A1 (en) * 1998-01-02 1999-07-15 Cryptography Research, Inc. Leak-resistant cryptographic method and apparatus
WO2001006700A1 (en) * 1999-07-16 2001-01-25 Setec Oy Method of producing a response

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
FR2864277A1 (en) * 2003-12-23 2005-06-24 Infineon Technologies Ag Chip for smart card e.g. pay TV card, has monitoring unit signaling to processing unit that operation determined in advance is to be prevented based on overshoot or undershoot of count provided by counter to certain value
US8918610B2 (en) 2003-12-23 2014-12-23 Infineon Technologies Ag Protection of chips against attacks

Also Published As

Publication number Publication date
FI112013B (en) 2003-10-15
FI20001644A (en) 2002-01-12
FI20001644A0 (en) 2000-07-11
AU2001279831A1 (en) 2002-02-05

Similar Documents

Publication Publication Date Title
CA1306549C (en) Process and apparatus for the protection of secret elements in a network of encrypting devices with open key management
US5426700A (en) Method and apparatus for verification of classes of documents
US5625695A (en) Process for generating DSA signatures with low-cost portable apparatuses
US4816651A (en) Process and apparatus for the simultaneous and remote reading and certifying of an information present in a memory of an electronic medium
US4965827A (en) Authenticator
US5550919A (en) Method and device for limiting the number of authentication operations of a chip card chip
EP0852044B1 (en) Method and apparatus for user authentication
EP1378870B1 (en) Encryption Communication System for Generating Passwords on the Basis of Start Information on both parties of Communication
US6510517B1 (en) Method of cryptological authentification in a scanning identification system
EP0527820A4 (en) Method and means to limit access to computer systems
EP0781427B1 (en) Secure computer network
US7032109B1 (en) Method and system for ensuring the security of service supplies broadcast on a computer network of the internet type
US11805111B2 (en) Secure RFID tag identification
JP2003248578A (en) Generation of secret quantities of integrated circuit identification
US7941672B2 (en) Regeneration of a secret quantity from an intergrated circuit identifier
US20030084301A1 (en) System and method for secure data transmission
JPH10187826A (en) Forged card use preventing method, card reader/writer and forged card use preventing system
JP4737901B2 (en) Method and apparatus for PIN code storage and retrieval
JPH0335708B2 (en)
WO2002009347A1 (en) Method of processing a secret key and a device
US20090037744A1 (en) Biometric pin block
CN214175061U (en) Binding system of terminal equipment and external password keyboard
WO2000019385A1 (en) Data carrier device with data bus means whose power consumption is independent of data transmitted via the data bus means
JPH11282983A (en) Individual identification method by fingerprint data
EP1197033B1 (en) Method of producing a response for use in an authentication process

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): AE AG AL AM AT AT AU AZ BA BB BG BR BY BZ CA CH CN CO CR CU CZ CZ DE DE DK DK DM DZ EC EE EE ES FI FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PL PT RO RU SD SE SG SI SK SK SL TJ TM TR TT TZ UA UG US UZ VN YU ZA ZW

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG

DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
121 Ep: the epo has been informed by wipo that ep was designated in this application
REG Reference to national code

Ref country code: DE

Ref legal event code: 8642

122 Ep: pct application non-entry in european phase
NENP Non-entry into the national phase

Ref country code: JP