Payment smart cards with hierarchical session key derivation providing security against differential power analysis and other attacks

US 20080049940A1
Filed: 10/24/2007
Published: 02/28/2008
Est. Priority Date: 07/02/1998
Status: Active Grant

First Claim

Patent Images

1. A cryptographic device comprising:

(a) at least one memory containing a value of a secret parameter; and

(b) a processor configured to perform a plurality of cryptographic transactions with a receiving cryptographic processing device, each said transaction involving a cryptographically processed datum, where;

(i) each of said cryptographic transactions is secured using a secret parameter;

(ii) the usefulness of partial information related to said secret parameter that could have been previously gathered through external monitoring of said cryptographic device is reduced by cryptographically updating the value of said secret parameter within a hierarchy of secret parameters using an invertible function; and

(iii) after said updating, the updated value of said secret parameter is stored in said at least one memory for use in at least one subsequent transaction; and

(c) an interface configured to transmit said datum to said receiving device in which the updated value of said secret parameter after said processor has performed a plurality of update operations can be derived from the value of said secret parameter before said plurality of update operations.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Chip cards are used to secure credit and debit payment transactions. To prevent fraudulent transactions, the card must protect cryptographic keys used to authenticate transactions. In particular, cards should resist differential power analysis and/or other attacks. To address security risks posed by leakage of partial information about keys during cryptographic transactions, cards may be configured to perform periodic cryptographic key update operations. The key update transformation prevents adversaries from exploiting partial information that may have been leaked about the card'"'"'s keys. Update operations based on a hierarchical structure can enable efficient transaction verification by allowing a verifying party (e.g., an issuer) to derive a card'"'"'s current state from a transaction counter and its initial state by performing one operation per level in the hierarchy, instead of progressing through all update operations performed by the card.

Citations

22 Claims

1. A cryptographic device comprising:
- (a) at least one memory containing a value of a secret parameter; and
  
  (b) a processor configured to perform a plurality of cryptographic transactions with a receiving cryptographic processing device, each said transaction involving a cryptographically processed datum, where;
  
  (i) each of said cryptographic transactions is secured using a secret parameter;
  
  (ii) the usefulness of partial information related to said secret parameter that could have been previously gathered through external monitoring of said cryptographic device is reduced by cryptographically updating the value of said secret parameter within a hierarchy of secret parameters using an invertible function; and
  
  (iii) after said updating, the updated value of said secret parameter is stored in said at least one memory for use in at least one subsequent transaction; and
  
  (c) an interface configured to transmit said datum to said receiving device in which the updated value of said secret parameter after said processor has performed a plurality of update operations can be derived from the value of said secret parameter before said plurality of update operations.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The device of claim 1 where said secret parameter is a cryptographic key.
  - 3. The device of claim 1 where said securing using said secret parameter includes deriving a cryptographic key from said secret parameter, and applying said cryptographic key for said transaction.
  - 4. The device of claim 1 where said hierarchy of secret parameters is characterized by:
    - (a) each secret parameter being at least one of a parent secret parameter or a child secret parameter;
      
      (b) each parent secret parameter having multiple child secret parameters, each of which can be derived from a parent secret parameter in a cryptographic update operation from said parent secret parameter; and
      
      (c) each child secret parameter has a parent secret parameter from which said child secret parameter can be derived in a single cryptographic key update operation.
  - 5. The device of claim 4 where:
    - (a) each parent secret parameter has the same number of child secret parameters; and
      
      (b) said receiving device is capable of deriving a particular secret parameter used by said device to secure a particular transaction, by performing substantially less than the total number of possible transactions performable by said device.
  - 6. The device of claim 4 where:
    - (a) elements within said hierarchy are characterizable by corresponding index parameters;
      
      (b) said device is configured to receive a desired index parameter; and
      
      (c) said step (b)(ii) of claim 1 includes performing a plurality of said update operations to transition from a current secret parameter, corresponding to a current index parameter, to a final secret parameter corresponding to said desired index parameter.
  - 7. The device of claim 6 where:
    - (a) said update operation utilizes said current index parameter and said current secret parameter; and
      
      (b) said device replaces the value of the current secret parameter after each cryptographic update operation, so that secret parameter values from multiple transactions are not maintained.
  - 8. The device of claim 1 where said device is a smartcard, and said receiving device includes a smartcard reader.
  - 9. A system comprising the device of claim 1 implemented using a smartcard, and further comprising said receiving device implemented using a smartcard reader.
  - 10. The device of claim 1 where said device is configured to interface with said receiving device in a contactless manner.
  - 11. A system comprising the device of claim 1 implemented using a contactless transaction device, and further comprising said receiving device implemented as a transaction verification device.

12. A method of performing a cryptographic transaction with a receiving party, using a secret parameter stored in a memory, comprising:
- (a) performing a cryptographic transaction secured using said secret parameter;
  
  (b) applying a cryptographic update operation to said secret parameter;
  
  (i) to reduce the usefulness of information about the value of said secret parameter that could have been previously gathered through external monitoring attacks;
  
  (ii) said cryptographic update operation including updating the value of said secret parameter using an invertible function;
  
  (iii) such that after n update operations have been performed, said receiving party knowing the value of a secret parameter prior to said n update operations can derive the value of said updated secret parameter in substantially less than n operations;
  
  (iv) where all of said secret parameters from said n update operations are within a hierarchy of secret parameters; and
  
  (c) replacing said secret parameter with said updated secret parameter in said memory.
- View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21, 22)
- - 13. The method of claim 12 where said secret parameter is a cryptographic key.
  - 14. The method of claim 12 where said securing using said secret parameter includes deriving a cryptographic key from said secret parameter, and applying said cryptographic key for said transaction.
  - 15. The method of claim 12 where said hierarchy of secret parameters is characterized by:
    - (a) each secret parameter being at least one of a parent secret parameter or a child secret parameter;
      
      (b) each parent secret parameter having multiple child secret parameters, each of which can be derived from a parent secret parameter in a single cryptographic update operation from said parent secret parameter; and
      
      (c) each child secret parameter has a parent secret parameter from which said child secret parameter can be derived in a single cryptographic key update operation.
  - 16. The method of claim 15 where:
    - (a) each parent secret parameter has the same number of child secret parameters; and
      
      (b) said receiving party is capable of deriving a particular secret parameter, used to secure a particular transaction by a party performing said method, by performing substantially less than the total number of possible transactions performable by said party performing said method.
  - 17. The method of claim 15:
    - (a) where elements within said hierarchy are characterizable by corresponding index parameters; and
      
      (b) further comprising successively iterating said update operations to transition from a current secret parameter corresponding to a current index parameter, through one or more intermediate secret parameters, to a final secret parameter corresponding to a desired index parameter.
  - 18. The method of claim 17 where:
    - (a) said update operation utilizes said current index parameter and said current secret parameter; and
      
      (b) the value of the current secret parameter is replaced after each cryptographic update operation, so that only current secret parameter values are maintained.
  - 19. The method of claim 12 where said method is performed using a smartcard, and said receiving party uses a smartcard reader.
  - 20. The method of claim 19 where said smartcard is contactless.
  - 21. The method of claim 12 implemented in a device that regulates access to an encrypted television signal.
  - 22. The method of claim 12 implemented in a payment device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Cryptography Research, Inc. (Rambus Inc.)
Original Assignee
Cryptography Research, Inc. (Rambus Inc.)
Inventors
Kocher, Paul

Granted Patent

US 9,940,772 B2
Time in Patent Office

Days
Field of Search
US Class Current

380/277
CPC Class Codes

G06F 2207/7219   Countermeasures against sid...

G06Q 20/341   Active cards, i.e. cards in...

G06Q 20/40975   using encryption therefor

G07F 7/1008   Active credit-cards provide...

H04L 9/003   for power analysis, e.g. di...

H04L 9/0625   with splitting of the data ...

H04L 9/0891   Revocation or update of sec...

Payment smart cards with hierarchical session key derivation providing security against differential power analysis and other attacks

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

22 Claims

Specification

Solutions

Use Cases

Quick Links

Payment smart cards with hierarchical session key derivation providing security against differential power analysis and other attacks

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

22 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links