WO2005062243A1 - Support de donnees portatif - Google Patents

Support de donnees portatif Download PDF

Info

Publication number
WO2005062243A1
WO2005062243A1 PCT/EP2004/014448 EP2004014448W WO2005062243A1 WO 2005062243 A1 WO2005062243 A1 WO 2005062243A1 EP 2004014448 W EP2004014448 W EP 2004014448W WO 2005062243 A1 WO2005062243 A1 WO 2005062243A1
Authority
WO
WIPO (PCT)
Prior art keywords
data carrier
portable data
clock signal
control unit
clki
Prior art date
Application number
PCT/EP2004/014448
Other languages
German (de)
English (en)
Inventor
Manfred Nosswitz
Original Assignee
Giesecke & Devrient Gmbh
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Giesecke & Devrient Gmbh filed Critical Giesecke & Devrient Gmbh
Publication of WO2005062243A1 publication Critical patent/WO2005062243A1/fr

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06KGRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
    • G06K19/00Record carriers for use with machines and with at least a part designed to carry digital markings
    • G06K19/06Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code
    • G06K19/067Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards also with resonating or responding marks without active components
    • G06K19/07Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards also with resonating or responding marks without active components with integrated circuit chips
    • G06K19/073Special arrangements for circuits, e.g. for protecting identification code in memory
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06KGRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
    • G06K19/00Record carriers for use with machines and with at least a part designed to carry digital markings
    • G06K19/06Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code
    • G06K19/067Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards also with resonating or responding marks without active components
    • G06K19/07Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards also with resonating or responding marks without active components with integrated circuit chips
    • G06K19/073Special arrangements for circuits, e.g. for protecting identification code in memory
    • G06K19/07309Means for preventing undesired reading or writing from or onto record carriers
    • G06K19/07363Means for preventing undesired reading or writing from or onto record carriers by preventing analysis of the circuit, e.g. dynamic or static power analysis or current analysis

Definitions

  • the invention relates to a portable data carrier according to the preamble of claim 1. Furthermore, the invention relates to a method for operating a portable data carrier.
  • Portable data carriers in particular chip cards
  • Security aspects play a major role in many applications Role, so that the chip card is to be protected against potential attacks.
  • an attack could attempt to manipulate or spy on internal processes or secret data on the chip card. Since it cannot be prevented that the chip card gets into the physical sphere of influence of an attacker, it is necessary to make the chip card itself as secure as possible.
  • One way to increase the security of the chip card is to use cryptographic measures. However, high computing power is generally required to carry out cryptographic operations. There is also a risk that an attacker would attempt to spy out the secret data used during the execution of a cryptographic operation.
  • the invention has for its object to enable the safest possible operation of a portable data carrier.
  • the portable data carrier according to the invention has a clock generator for generating an internal clock signal for a component of the portable data carrier.
  • the peculiarity of the portable data carrier according to the invention consists in the fact that the temporal course of the internal clock signal contains random variations. In particular, the chronological sequence of a predetermined signal amplitude of the internal clock signal can vary randomly.
  • the invention has the advantage that spying out internal processes of the portable data carrier, for example by analyzing the radio radiation or the supply current, is made considerably more difficult, since the chronological sequence of these processes depends on the internal clock signal and is therefore unpredictable.
  • secret data such as for example, keys can be secured against spying out with reasonable effort.
  • Manipulation of internal processes is also made considerably more difficult, since precise timing of an attack is hardly possible.
  • the clock generator can be designed such that a pseudo-random signal is generated as an internal clock signal.
  • the clock generator can have, for example, at least one feedback shift register.
  • Such a design of the clock generator can be implemented with very little effort and can hardly be influenced by external influences.
  • the clock generator can have an oscillator which is modulated with a correlation-free noise signal.
  • the clock generator can generate a band-limited correlation-free noise signal as an internal clock signal. This has the advantage that the internal clock signal not only corresponds to an unknown but determined sequence, but is actually random.
  • the portable data carrier according to the invention can be a control unit for
  • this control unit is supplied with the internal clock signal.
  • an input / output module can also be provided, which is in data connection with the control unit and is supplied with an external clock signal.
  • the external clock signal enables problem-free communication of the input / output module with an external device.
  • a cryptographic control unit is provided for performing cryptographic operations, which is supplied with the internal clock signal. This enables a particularly fast execution of the cryptographic operations, which is also very secure due to the use of the internal clock signal.
  • the control unit can have a data connection to the cryptographic control unit and can be supplied with the external clock signal.
  • the control unit can have an interface for external data transmission.
  • the clock generator can be influenced by the control unit. In this way, optimal boundary conditions for the generation of the internal clock signal can be set in each case.
  • the portable data carrier according to the invention can in particular be designed as a chip card.
  • an internal clock signal is generated within the portable data carrier and supplied to a component of the portable data carrier.
  • the special feature of the method according to the invention is that the time course of the internal clock signal is varied randomly.
  • Another component of the portable data carrier is preferably supplied with an external clock signal.
  • the component which receives the internal clock signal and the further component can communicate with one another about and on the data flow during data transmission Way to overcome the difficulties caused by the different clock signals in data transmission.
  • the invention is explained below with reference to the exemplary embodiments shown in the drawing.
  • the explanations relate in each case to a realization of the portable data carrier according to the invention as a chip card.
  • the invention is not limited to chip cards, but also relates in the same way to portable data carriers of different types.
  • FIG. 1 is a greatly simplified block diagram of a first embodiment of the chip card according to the invention
  • FIG. 3 shows a schematic illustration of a first exemplary embodiment for the clock generator
  • FIG. 4 shows a schematic illustration of a second exemplary embodiment for the clock generator
  • Fig. 5 is a schematic representation of a third embodiment for the clock generator.
  • Fig. 6 is a greatly simplified block diagram of a second embodiment of the chip card according to the invention.
  • 1 shows a highly simplified block diagram of a first exemplary embodiment of a chip card 1 designed according to the invention.
  • the chip card 1 has a control unit 2, a first memory 3, a cryptographic control unit 4, a second memory 5 and a clock generator 6, which are preferably combined into one Semiconductor device are integrated.
  • the cryptographic control unit 4, the second memory 5 and the clock generator 6 can be embedded in the semiconductor module in a particularly protected manner.
  • the control unit 2 controls the operation of the chip card 1 and can be reset by a signal RST, which is supplied to the control unit 2 by an external device (not shown). Furthermore, the control unit 2 is supplied with an external clock signal CLK from the outside and an external data exchange takes place via an interface of the control unit 2, which is not shown in the figure, in the form of a signal I / O. Data required for the operation of the control unit 2 are stored in the first memory 3, which the control unit 2 can access. The control unit 2 exchanges data with the cryptographic control unit 4 via a signal DAT. The control unit 2 and the cryptographic control unit 4 communicate by means of one or more handshake signals HS about the data flow.
  • the cryptographic control unit 4 handles the cryptographic processes that are required for the operation of the chip card 1. For example, the cryptographic control unit 4 carries out encryption operations. For this purpose, the cryptographic control unit 4 can access the second memory 5, in which keys and other secret data are stored in particular. Just as with the control unit 2, it is also necessary to specify a clock for the operation of the cryptographic control unit 4. However, the cryptographic control unit 4 is not supplied with the external clock signal CLK, but rather with an internal clock signal CLKI that is generated by the clock generator 6. The clock generator 6 can be controlled by the control unit 2 via one or more optional control signals S.
  • the internal clock signal CLKI differs from a periodic signal of a fixed frequency that is normally used in chip cards 1 or a frequency that is fixed for the respective operating situation.
  • the internal clock signal CLKI has a pseudorandom or an actually random temporal profile.
  • the signal shape and / or the amplitude are usually predetermined and the signal curve is designed such that the chronological sequence of a predetermined signal of the internal clock signal CLKI varies randomly.
  • a predetermined signal curve is continuously stretched or compressed in time at random.
  • the internal clock signal CLKI can consist of rectangular pulses, each with a randomly selected pulse duration and a randomly selected interval between successive pulses.
  • a sequence is understood to be pseudo-coincidental, which is predefined but cannot be predicted by an outsider who is unaware of the underlying mechanism and / or the parameters used.
  • An actually random sequence is generated with the help of events that are actually random due to their physical nature and are therefore fundamentally unpredictable.
  • a potential attacker does not know the timing of the internal clock signal CLKI. Since the operations of the cryptographic control unit 4 are executed synchronously with the internal clock signal CLKI, this leads to a concealment of the operation of the cryptographic control unit 4, by which manipulation or spying on the operations carried out by the cryptographic control unit 4 is made considerably more difficult.
  • the internal clock signal CLKI is therefore based on as many security-relevant operations of the chip card 1 as possible.
  • the chip card 1 also partially requires a uniform and predictable execution of operations, for example when exchanging data with an external device.
  • the control unit 2 in the first exemplary embodiment of the chip card 1 is not operated with the internal clock signal CLKI, but with the external clock signal CLK, so that external data exchange is possible without any problems.
  • the use of the different clock signals CLK and CLKI makes the data exchange between the control unit 2 and the cryptographic control unit 4 difficult.
  • the data flow can be controlled via the handshake signal HS in such a way that communication between the control unit 2 and that of the cryptographic control unit 4 is possible.
  • the properties and the generation of the internal clock signal CLKI are explained in more detail below.
  • the frequency f is plotted on the abscissa and the power density P of the internal clock signal CLKI is plotted on the ordinate.
  • the pseudo-random or actually random course of the internal clock signal CLKI corresponds to a large number of signals of different frequencies. If the proportions of the individual frequencies in a predetermined range are the same around a mean frequency fn, the result is the curve shown in FIG. 2, in which the power density P is constant in a certain frequency range. This course can be seen in the Practice not exactly, but at least approximately.
  • the average clock frequency fo of the internal clock signal CLKI can be tracked by the control unit 2 depending on the external clock signal CLK.
  • the clock generator 6, which generates the internal clock signal CLKI can be designed, for example, in accordance with the exemplary embodiments in FIGS. 3, 4 or 5.
  • the clock generator 6 is designed as a pseudo-random sequence generator, so that an internal clock signal CLKI with a pseudo-random profile is generated.
  • the clock generator 6 has a constant oscillator 7 for generating a clock signal CLKO of constant frequency.
  • the clock signal CLKO is applied to a binary shift register 8 with a plurality of cells 9.
  • Each cell 9 can be connected to a connection point 11 via a coupling element 10 assigned to the cell 9.
  • a fixed specification is made as to whether or not it forms a connection between the associated cell 9 of the shift register 8 and the node 11.
  • the node 11 is designed such that it carries out a modulo-2 addition of all input signals and thus supplies either a low level corresponding to a logic zero or a high level corresponding to a logic one at its output.
  • the output of the node 11 is connected to the input of the shift register 8, so that a feedback is formed via the coupling elements 10 and the node 11.
  • the pseudo-random course of the internal clock signal CLKI is generated, which is tapped at the output of the shift register 8 can be.
  • the period length of the internal clock signal CLKI thus generated depends on the number of cells 9 and the specifications for the coupling elements 10 and can be maximized by suitable specifications. Of course, other techniques for generating pseudo-random numbers are also conceivable.
  • FIG. 4 shows a schematic illustration of a second exemplary embodiment for the clock generator 6.
  • the clock generator 6 generates an internal clock signal CLKI with an actually random course.
  • the clock generator 6 has a noise generator 12 which supplies a correlation-free noise signal which is generated, for example, with the aid of a semiconductor.
  • the clock generator 6 has a variable oscillator 13, the oscillation frequency of which depends on the voltage applied to its input. This input is connected to the output of the noise generator 12, so that the frequency of the internal clock signal CLKI generated with the variable oscillator 13 changes randomly in accordance with the amplitude of the voltage output by the noise generator 12. Consequently, with this arrangement an internal clock signal CLKI with an actually random course is generated.
  • FIG. 5 shows a schematic illustration of a third exemplary embodiment for the clock generator 6.
  • the clock generator 6 also generates an internal clock signal CLKI with an actually random profile in this exemplary embodiment.
  • the noise generator 12 again serves as the signal source. The output of the
  • Noise generator 12 is connected to the input of an amplifier 14, which amplifies the signal present at its input and limits it to a predetermined bandwidth and a maximum amplitude. In this way, a signal with an actually random course is generated, which on Output of the amplifier 14 tapped and can be used by the chip card 1 as an internal clock signal CLKI.
  • the internal clock signal CLKI generated with the three exemplary embodiments described above for the clock generator 6 can also be used with a different design of the chip card 1 than shown in FIG. 1.
  • the chip card 1 can also be designed in accordance with a second exemplary embodiment shown in FIG. 6.
  • FIG. 6 shows a highly simplified block diagram of a second exemplary embodiment of the chip card 1.
  • This exemplary embodiment has the control unit 2, the first memory 3, the clock generator 6 and an input / output module 15, for example a UART (Universal Asynchronous Receiver Transmitter).
  • a separate cryptographic control unit 4 is not provided in the second exemplary embodiment of the chip card 1, so that cryptographic operations are also carried out by the control unit 2. Accordingly, the keys and other secret data required for this are stored in this exemplary embodiment in addition to other data in the first memory 3, which the control unit 2 can access.
  • the control unit 2 is not supplied with the external clock signal CLK, but rather with the internal clock signal CLKI generated by the clock generator 6.
  • the control unit 2 can in turn specify the average frequency fo of the internal clock signal CLKI via the signal S.
  • the control unit 2 is connected to the input / output module 15 via a bus, via which data is transmitted in each case by means of the signal DAT.
  • the external clock signal CLK is fed into the input / output module 15.
  • the input / output module 15, like the control unit 2 can be reset by the reset signal RST.
  • a reset signal can also be carried out by a software command.
  • control unit 2 and the input / output module 15 are operated with different clock signals CLKI and CLK, communication takes place with one another by means of the handshake signal or signals HS. Otherwise, the statements relating to the first exemplary embodiment also apply in a corresponding manner to the second exemplary embodiment of the chip card 1, insofar as these are transferable with regard to the different structure.
  • the processing speed of the control unit 2 or of the cryptographic control unit 4 can be varied, for example, by means of corresponding specifications for the average frequency fo of the internal clock signal CLKI.
  • measures can be taken in both exemplary embodiments of the chip card 1 in order to prevent impermissibly low frequencies in the internal clock signal CLK I. This is to further reduce the risk of spying on secret data.

Abstract

L'invention concerne un support de données portatif (1) qui comprend un générateur d'horloge (6) servant à générer un signal d'horloge interne (CLKI) pour un composant (2, 4) du support de données portatif (1). L'invention est caractérisée en ce que la courbe temporelle du signal d'horloge interne (CLKI) présente des variations aléatoires.
PCT/EP2004/014448 2003-12-22 2004-12-17 Support de donnees portatif WO2005062243A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
DE10360343.3 2003-12-22
DE10360343A DE10360343A1 (de) 2003-12-22 2003-12-22 Tragbarer Datenträger

Publications (1)

Publication Number Publication Date
WO2005062243A1 true WO2005062243A1 (fr) 2005-07-07

Family

ID=34706402

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/EP2004/014448 WO2005062243A1 (fr) 2003-12-22 2004-12-17 Support de donnees portatif

Country Status (2)

Country Link
DE (1) DE10360343A1 (fr)
WO (1) WO2005062243A1 (fr)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE102014013318A1 (de) 2014-09-08 2016-03-10 Giesecke & Devrient Gmbh Verfahren zum Betrieb eines kontaktlosen Datenträgers

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5994917A (en) * 1996-02-19 1999-11-30 Sgs-Thomson Microelectronics S.A. Method and apparatus for sequencing an integrated circuit
WO1999063696A1 (fr) * 1998-06-03 1999-12-09 Cryptography Research, Inc. Utilisation d'informations non previsibles pour reduire au maximum les fuites provenant des cartes a puces et autres systemes cryptographiques
DE19936938A1 (de) * 1998-09-30 2000-04-06 Philips Corp Intellectual Pty Datenverarbeitungseinrichtung und Verfahren zu dessen Betrieb zum Verhindern einer differentiellen Stromverbrauchanalyse
EP1085393A2 (fr) * 1999-09-17 2001-03-21 Kabushiki Kaisha Toshiba Dispositif de traitement de signaux
US20020131596A1 (en) * 1999-11-03 2002-09-19 Gregor Boeckeler Coding device
EP1293856A1 (fr) * 2001-09-18 2003-03-19 EM Microelectronic-Marin SA Circuit Intégré sécurisé comprenant des parties à caractère confidentiel, et procédé pour sa mise en action

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
FR2638869B1 (fr) * 1988-11-10 1990-12-21 Sgs Thomson Microelectronics Dispositif de securite contre la detection non autorisee de donnees protegees
DE19828936A1 (de) * 1998-05-29 1999-12-02 Siemens Ag Verfahren und Vorrichtung zum Verarbeiten von Daten
DE10133855A1 (de) * 2001-07-12 2003-01-30 Giesecke & Devrient Gmbh Tragbare Datenträgeranordnung mit Sicherheitseinrichtung

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5994917A (en) * 1996-02-19 1999-11-30 Sgs-Thomson Microelectronics S.A. Method and apparatus for sequencing an integrated circuit
WO1999063696A1 (fr) * 1998-06-03 1999-12-09 Cryptography Research, Inc. Utilisation d'informations non previsibles pour reduire au maximum les fuites provenant des cartes a puces et autres systemes cryptographiques
DE19936938A1 (de) * 1998-09-30 2000-04-06 Philips Corp Intellectual Pty Datenverarbeitungseinrichtung und Verfahren zu dessen Betrieb zum Verhindern einer differentiellen Stromverbrauchanalyse
EP1085393A2 (fr) * 1999-09-17 2001-03-21 Kabushiki Kaisha Toshiba Dispositif de traitement de signaux
US20020131596A1 (en) * 1999-11-03 2002-09-19 Gregor Boeckeler Coding device
EP1293856A1 (fr) * 2001-09-18 2003-03-19 EM Microelectronic-Marin SA Circuit Intégré sécurisé comprenant des parties à caractère confidentiel, et procédé pour sa mise en action

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE102014013318A1 (de) 2014-09-08 2016-03-10 Giesecke & Devrient Gmbh Verfahren zum Betrieb eines kontaktlosen Datenträgers

Also Published As

Publication number Publication date
DE10360343A1 (de) 2005-07-28

Similar Documents

Publication Publication Date Title
DE69938045T2 (de) Verwendung von unvorhersagbarer Information zur Leckminimierung von Chipkarten und anderen Kryptosystemen
EP2742643B1 (fr) Dispositif et procédé de décryptage de données
DE69635868T2 (de) Verfahren und vorrichtung zum kryptographisch gesteuerten betrieb eines zusatzgeräts
EP2727277B1 (fr) Système de transmission sécurisée de données et procédé
EP2494485B1 (fr) Authentification d'un jeton et protection d'intégrité de ses données
EP1098469B1 (fr) Dispositiv de codage
EP1354264B1 (fr) Generateur de nombres aleatoires et procede pour generer un nombre aleatoire
WO2000017826A1 (fr) Dispositif pour fournir des donnees de sortie en reaction a des donnees d'entree, procede de verification d'authenticite, et procede de transfert code d'informations
DE102012209404A1 (de) Vorrichtung zur Ausführung eines kryptographischen Verfahrens und Betriebsverfahren hierfür
EP0981115B1 (fr) Méthode d'exécution d'un programme de chiffrage pour chiffrer des données dans un support de données portable avec microprocesseur
DE112008000057B4 (de) Vorrichtung und Verfahren zur Erzeugung einer Zufallszahl
EP2102720B1 (fr) Procédé de réception d'une information temporelle digne de confiance
DE102004042826B4 (de) Verfahren und Vorrichtung zur Datenverschlüsselung
EP0616429B1 (fr) Procédé et circuit pour générer d'une séquence pseudo-aléatoire et leur utilisation
DE10162309A1 (de) Verfahren und Anordnung zur Erhöhung der Sicherheit von Schaltkreisen gegen unbefugten Zugriff
WO2002099664A1 (fr) Circuit electronique avec unites peripheriques a mode d'impulsions asynchrone
WO2005062243A1 (fr) Support de donnees portatif
DE69827908T2 (de) Transponder für berührungslose induktive kommunikation
EP0624839B1 (fr) Procédé et dispositif pour obtenir une séquence pseudo-aléatoire ainsi que son utilisation
WO2014060266A1 (fr) Procédé de création d'un mot de passe à usage unique
DE10162310A1 (de) Verfahren und Anordnung zur Übertragung von Signalen von erzeugenden Funktionseinheiten an verarbeitende Funktionseinheiten elektrischer Schaltungen
WO2002073382A1 (fr) Dispositif et procede de mise en oeuvre d'operations a une vitesse reglable
EP1397886B1 (fr) Authentification selon un procede challenge-response
DE19960047A1 (de) Verfahren und Einheit zur sicheren Informationsbehandlung in einem kryptographischen Informationsverarbeitungssystem
DE10164174A1 (de) Datenverarbeidungsvorrichtung

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BW BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE EG ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NA NI NO NZ OM PG PH PL PT RO RU SC SD SE SG SK SL SY TJ TM TN TR TT TZ UA UG US UZ VC VN YU ZA ZM ZW

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): BW GH GM KE LS MW MZ NA SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IS IT LT LU MC NL PL PT RO SE SI SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
NENP Non-entry into the national phase

Ref country code: DE

WWW Wipo information: withdrawn in national office

Country of ref document: DE

122 Ep: pct application non-entry in european phase