Data processing system comprising authentification means viz a viz a smart card, an electronic circuit for use in such system, and a procedure for implementing such authentification

US 5,146,499 A
Filed: 10/22/1990
Issued: 09/08/1992
Est. Priority Date: 10/27/1989
Status: Expired due to Fees

First Claim

Patent Images

1. A data processing system comprisinga) microprocessor means (MP) interfaced to an internal smart card reader (RD) and to a security microcircuit (PSMC);

b) a main bus (2);

c) further data processing means connnected via said main bus to said microprocessor means, for cooperatively under control of a random number (RN) and a reversible algorithm (ALG) from said system authentifying a smart card (CAM) presented to said reader, by means of a first key (SK21) generated from first identity quantities (NI, NOP) from said card and an associated second key (SK21'"'"') generated from a second identity quantity (NI'"'"') from the security microcircuit, an authentification represented by correspondence among said first and second keys resulting in a correspondence signal;

d) a start-up detection circuit (MCD) for detecting an initiation of said authentifying and thereupon generating a first control signal to said microprocessor means;

e) a main bus blocking circuit (BBC) fed by said microprocessor means and further connected to said bus for under control of said first control signal generating a bus-unblocking signal of predetermined duration; and

f) wherein absence of said correspondence signal before end of said duration drives said blocking circuit to generating and maintaining a continuous bus blocking signal.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Authentication of a smart card is accomplished utilizing a microcomputer (PC) provided with an internal reader (RD) and an electronic circuit (3) linked to the PC. The circuit (3) includes a microprocessor (MP) capable of generating a random factor (RN). The circuit (3) also includes a startup circuit (MCD) generating a time delay period T, a security microcircuit (PSMC) and a blocking circuit (BBC). Between these elements, a cryptographic procedure, of the DES or DEA type, is effected which aims at establishing the consistency between a key (SK2I) associated with dedicated identity numbers (IN, OPN) of the smart card (CAM) and a key (SK2I'"'"') associated with a corresponding dedicated identity number (IN'"'"') of the PC in the PSMC. The system is automatically blocked in the case of inconsistency.

Citations

15 Claims

1. A data processing system comprisinga) microprocessor means (MP) interfaced to an internal smart card reader (RD) and to a security microcircuit (PSMC);
- b) a main bus (2);
  
  c) further data processing means connnected via said main bus to said microprocessor means, for cooperatively under control of a random number (RN) and a reversible algorithm (ALG) from said system authentifying a smart card (CAM) presented to said reader, by means of a first key (SK21) generated from first identity quantities (NI, NOP) from said card and an associated second key (SK21'"'"') generated from a second identity quantity (NI'"'"') from the security microcircuit, an authentification represented by correspondence among said first and second keys resulting in a correspondence signal;
  
  d) a start-up detection circuit (MCD) for detecting an initiation of said authentifying and thereupon generating a first control signal to said microprocessor means;
  
  e) a main bus blocking circuit (BBC) fed by said microprocessor means and further connected to said bus for under control of said first control signal generating a bus-unblocking signal of predetermined duration; and
  
  f) wherein absence of said correspondence signal before end of said duration drives said blocking circuit to generating and maintaining a continuous bus blocking signal.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. A system as claimed in claim 1, wherein said duration is in the order of seconds.
  - 3. A system as claimed in claim 1, wherein said bus blocking signal is common to a plurality of bit wires of said main bus.
  - 4. A system as claimed in claim 1, wherein said bus blocking signal is a low impedance clamping signal to a particular bit value on any bus wire.
  - 5. A system as claimed in claim 1, provided with a UART means interconnecting said microprocessor to said main bus.
  - 6. A system as claimed in claim 5, wherein said UART interfaces to a second smart card reader unit.
  - 7. A system as claimed in claim 1, characterized in that said further data processing means also comprises a read-only memory constituting part of the EPROM BIOS memory of the system and being bidirectionally linked to the main bus.
  - 8. A system as claimed in claim 1, characterized in that said microprocessor comprises said pseudo random number generator means.

9. A method for authentifying a smart card using a security microcircuit (PSMC) characterized in that a pseudo random number RN is generated and stored in RAM memory in said PSMC after successful execution of the following steps in a specific program by the PSMC:
- a performing an addition modulo 2 of a production key MK and of an issuer'"'"'s key IK of the PSMC and storing in RAM memory of the PSMC a result of the addition, KIM;
  
  MK+IK=KIMb encoding by means of the pseudo random number RN, generated by the PSMC, of a unique input message IM, which message is modified on each particular use of the PSMC, by means of a reversible algorithm (ALG, ALG^-
  
  1) under a key KIM;
  
  RN=ALG_KIM (IM).

10. A cryptographic procedure for authentifying a memory card using a security microcircuit (PSMC) and a microprocessor, characterized in that the procedure comprises a successive execution of the following steps by means of a specific program:
- a generating a pseudo random number RN and transmitting the random number to the memory card,b encoding under a key SK2I, associated with an identity number IN of the memory card, the pseudo random number RN, in the memory card creating crytogram M1;
  
  M1=ALG_SK2I (RN),c transmitting the cryptogram M1 from the memory card to the PSMC,d decoding, in the PSMC, under a key SK2I'"'"', associated with an identity number IN'"'"' of the PSMC, the cryptogram M1 creating number RN'"'"';
  
  RN'"'"'=ALG^- 1_SK2I'"'"' (M1),e comparing the numbers RN and RN'"'"' of above steps a and d, an equality of these numbers implying the equality between the keys SK2I and SK2I'"'"' associated with the identity numbers IN and IN'"'"' respectively.
- View Dependent Claims (12, 14)
- - 12. The procedure of claim 10 wherein step "a" comprises generating the random number by the PSMC.
  - 14. The procedure of claim 10 wherein step "a" comprises generating the random number by the microprocessor.

11. A cryptographic procedure for authentifying a memory card using a security microcircuit (PSMC) and a microprocessor, characterized in that the procedure comprises a successive execution of the following steps by means of a specific program:
- a generating a pseudo random number RN and transmitting the random number to the memory card,b encoding, in the memory card, under a key SK2I associated with an identity number OPN and with an identity number IN of the memory card, the pseudo random number RN, resulting in a cryptogram M1;
  
  M1=ALG_SK2I (RN),c transmitting the resulting cryptogram M1 and the identity number OPN from the memory card to the PSMC,d calculating, in the PSMC, a key SKOP deduced from the identity number OPN of the memory card;
  
  SKOP=ALG^- 1_SK2I'"'"' (OPN),e decoding under the key SKOP, in the PSMC, the cryptogram M1, resulting in number RN'"'"';
  
  RN'"'"'-ALG⁼ 1_SKOP (M1),f comparing the numbers RN and RN'"'"', an equality of these numbers implying consistency between the key SK2I associated with the identity numbers OPN and IN of the memory card and the key SK2I'"'"' associated with the identity number IN'"'"' of the PSMC.
- View Dependent Claims (13, 15)
- - 13. The procedure of claim 11 wherein step "a" comprises generating the random number by the PSMC.
  - 15. The procedure of claim 11 wherein step "a" comprises generating the random number by the microprocessor.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
De La Rue Cartes et Systemes
Original Assignee
US Philips Corporation (Koninklijke Philips N.V.)
Inventors
Geffrotin, Bernard
Primary Examiner(s)
Tarcza, Thomas H.
Assistant Examiner(s)
CAIN, DAVID C

Application Number

US07/604,711
Time in Patent Office

687 Days
Field of Search

380/23, 380/25, 235/380-382.5
US Class Current

713/172
CPC Class Codes

G06F 21/34   involving the use of extern...

G06F 21/445   by mutual authentication, e...

G06F 21/575   Secure boot

G06F 2221/2103   Challenge-response

G06F 2221/2129   Authenticate client device ...

G06Q 20/341   Active cards, i.e. cards in...

G06Q 20/40975   using encryption therefor

G07F 7/1008   Active credit-cards provide...

Data processing system comprising authentification means viz a viz a smart card, an electronic circuit for use in such system, and a procedure for implementing such authentification

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

15 Claims

Specification

Solutions

Use Cases

Quick Links

Data processing system comprising authentification means viz a viz a smart card, an electronic circuit for use in such system, and a procedure for implementing such authentification

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

15 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links