METHOD FOR KEY DIVERSIFICATION ON AN IC CARD
First Claim
1. Method for generating a key diversification during a mutual authentication between a master IC Card (1), storing a master key (KM), and a User IC Card (2) associated to an identification number (ICC.SN), said User IC Card (2) being connected to said master IC Card (1) through a communication interface (ITF), the method comprising the steps of:
- deriving at least a couple of sub keys (KMa, KMb) from said master key (KM);
computing at least a couple of ciphered strings (A, B) through corresponding cryptographic computations on a string (T) with said sub keys (KMa, KMb), said string (T) obtained by an elaboration on said identification number (ICC.SN);
building a diversification key (KICC) concatenating a combination of bytes of said ciphered strings (A, B).
3 Assignments
0 Petitions
Accused Products
Abstract
Key diversification is performed during a mutual authentication between a SAM integrated circuit (IC) card storing a master key, and a user IC card storing an identification number. The user IC card is connected to the SAM IC card through a communications interface. The key diversification includes deriving sub keys from the master key, and computing ciphered strings through corresponding cryptographic computations on a string obtained by an elaboration on the identification number with the sub keys. A diversification key is generated by linking together a combination of bytes of the ciphered strings.
-
Citations
8 Claims
-
1. Method for generating a key diversification during a mutual authentication between a master IC Card (1), storing a master key (KM), and a User IC Card (2) associated to an identification number (ICC.SN), said User IC Card (2) being connected to said master IC Card (1) through a communication interface (ITF), the method comprising the steps of:
-
deriving at least a couple of sub keys (KMa, KMb) from said master key (KM);
computing at least a couple of ciphered strings (A, B) through corresponding cryptographic computations on a string (T) with said sub keys (KMa, KMb), said string (T) obtained by an elaboration on said identification number (ICC.SN);
building a diversification key (KICC) concatenating a combination of bytes of said ciphered strings (A, B). - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. IC Card, storing an identification number (ICC.SN), intended to be used in a communication session with a master IC Card, storing a master key (KM), said IC Card being connectable to said master IC Card through an interface of communication, characterized by comprising means for:
-
deriving at least a couple of sub keys (KMa, KMb) from said master key (KM);
computing a couple of ciphered strings (A, B) through a corresponding cryptographic computations on a string (T) with said sub keys (KMa, KMb) said string (T) obtained by an elaboration on said identification number (ICC.SN);
building a diversification key (KICC) concatenating a combination of bytes of said ciphered strings (A, B).
-
Specification
-
- Resources
-
Current AssigneeSTMicroelectronics NV
-
Original AssigneeIncard S.A. (STMicroelectronics NV)
-
InventorsDonatiello, Saverio, Fontana, Giovanni
-
Granted Patent
-
Time in Patent OfficeDays
-
Field of Search
-
US Class Current380/044
-
CPC Class CodesG06Q 20/341 Active cards, i.e. cards in...G06Q 20/355 Personalisation of cards fo...G07F 7/1008 Active credit-cards provide...H04L 2209/34 Encoding or coding, e.g. Hu...H04L 2209/56 Financial cryptography, e.g...H04L 9/0625 with splitting of the data ...H04L 9/0866 involving user or device id...H04L 9/3273 for mutual authentication n...
