Payment smart cards with hierarchical session key derivation providing security against differential power analysis and other attacks
First Claim
1. A cryptographic device comprising:
- (a) at least one memory containing a value of a secret parameter; and
(b) a processor configured to perform a plurality of cryptographic transactions with a receiving cryptographic processing device, each said transaction involving a cryptographically processed datum, where;
(i) each of said cryptographic transactions is secured using a secret parameter;
(ii) the usefulness of partial information related to said secret parameter that could have been previously gathered through external monitoring of said cryptographic device is reduced by cryptographically updating the value of said secret parameter within a hierarchy of secret parameters using an invertible function; and
(iii) after said updating, the updated value of said secret parameter is stored in said at least one memory for use in at least one subsequent transaction; and
(c) an interface configured to transmit said datum to said receiving device in which the updated value of said secret parameter after said processor has performed a plurality of update operations can be derived from the value of said secret parameter before said plurality of update operations.
1 Assignment
0 Petitions
Accused Products
Abstract
Chip cards are used to secure credit and debit payment transactions. To prevent fraudulent transactions, the card must protect cryptographic keys used to authenticate transactions. In particular, cards should resist differential power analysis and/or other attacks. To address security risks posed by leakage of partial information about keys during cryptographic transactions, cards may be configured to perform periodic cryptographic key update operations. The key update transformation prevents adversaries from exploiting partial information that may have been leaked about the card'"'"'s keys. Update operations based on a hierarchical structure can enable efficient transaction verification by allowing a verifying party (e.g., an issuer) to derive a card'"'"'s current state from a transaction counter and its initial state by performing one operation per level in the hierarchy, instead of progressing through all update operations performed by the card.
-
Citations
22 Claims
-
1. A cryptographic device comprising:
-
(a) at least one memory containing a value of a secret parameter; and
(b) a processor configured to perform a plurality of cryptographic transactions with a receiving cryptographic processing device, each said transaction involving a cryptographically processed datum, where;
(i) each of said cryptographic transactions is secured using a secret parameter;
(ii) the usefulness of partial information related to said secret parameter that could have been previously gathered through external monitoring of said cryptographic device is reduced by cryptographically updating the value of said secret parameter within a hierarchy of secret parameters using an invertible function; and
(iii) after said updating, the updated value of said secret parameter is stored in said at least one memory for use in at least one subsequent transaction; and
(c) an interface configured to transmit said datum to said receiving device in which the updated value of said secret parameter after said processor has performed a plurality of update operations can be derived from the value of said secret parameter before said plurality of update operations. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A method of performing a cryptographic transaction with a receiving party, using a secret parameter stored in a memory, comprising:
-
(a) performing a cryptographic transaction secured using said secret parameter;
(b) applying a cryptographic update operation to said secret parameter;
(i) to reduce the usefulness of information about the value of said secret parameter that could have been previously gathered through external monitoring attacks;
(ii) said cryptographic update operation including updating the value of said secret parameter using an invertible function;
(iii) such that after n update operations have been performed, said receiving party knowing the value of a secret parameter prior to said n update operations can derive the value of said updated secret parameter in substantially less than n operations;
(iv) where all of said secret parameters from said n update operations are within a hierarchy of secret parameters; and
(c) replacing said secret parameter with said updated secret parameter in said memory. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21, 22)
-
Specification