Data processing system comprising authentification means viz a viz a smart card, an electronic circuit for use in such system, and a procedure for implementing such authentification
First Claim
1. A data processing system comprisinga) microprocessor means (MP) interfaced to an internal smart card reader (RD) and to a security microcircuit (PSMC);
- b) a main bus (2);
c) further data processing means connnected via said main bus to said microprocessor means, for cooperatively under control of a random number (RN) and a reversible algorithm (ALG) from said system authentifying a smart card (CAM) presented to said reader, by means of a first key (SK21) generated from first identity quantities (NI, NOP) from said card and an associated second key (SK21'"'"') generated from a second identity quantity (NI'"'"') from the security microcircuit, an authentification represented by correspondence among said first and second keys resulting in a correspondence signal;
d) a start-up detection circuit (MCD) for detecting an initiation of said authentifying and thereupon generating a first control signal to said microprocessor means;
e) a main bus blocking circuit (BBC) fed by said microprocessor means and further connected to said bus for under control of said first control signal generating a bus-unblocking signal of predetermined duration; and
f) wherein absence of said correspondence signal before end of said duration drives said blocking circuit to generating and maintaining a continuous bus blocking signal.
2 Assignments
0 Petitions
Accused Products
Abstract
Authentication of a smart card is accomplished utilizing a microcomputer (PC) provided with an internal reader (RD) and an electronic circuit (3) linked to the PC. The circuit (3) includes a microprocessor (MP) capable of generating a random factor (RN). The circuit (3) also includes a startup circuit (MCD) generating a time delay period T, a security microcircuit (PSMC) and a blocking circuit (BBC). Between these elements, a cryptographic procedure, of the DES or DEA type, is effected which aims at establishing the consistency between a key (SK2I) associated with dedicated identity numbers (IN, OPN) of the smart card (CAM) and a key (SK2I'"'"') associated with a corresponding dedicated identity number (IN'"'"') of the PC in the PSMC. The system is automatically blocked in the case of inconsistency.
-
Citations
15 Claims
-
1. A data processing system comprising
a) microprocessor means (MP) interfaced to an internal smart card reader (RD) and to a security microcircuit (PSMC); -
b) a main bus (2); c) further data processing means connnected via said main bus to said microprocessor means, for cooperatively under control of a random number (RN) and a reversible algorithm (ALG) from said system authentifying a smart card (CAM) presented to said reader, by means of a first key (SK21) generated from first identity quantities (NI, NOP) from said card and an associated second key (SK21'"'"') generated from a second identity quantity (NI'"'"') from the security microcircuit, an authentification represented by correspondence among said first and second keys resulting in a correspondence signal; d) a start-up detection circuit (MCD) for detecting an initiation of said authentifying and thereupon generating a first control signal to said microprocessor means; e) a main bus blocking circuit (BBC) fed by said microprocessor means and further connected to said bus for under control of said first control signal generating a bus-unblocking signal of predetermined duration; and f) wherein absence of said correspondence signal before end of said duration drives said blocking circuit to generating and maintaining a continuous bus blocking signal. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method for authentifying a smart card using a security microcircuit (PSMC) characterized in that a pseudo random number RN is generated and stored in RAM memory in said PSMC after successful execution of the following steps in a specific program by the PSMC:
-
a performing an addition modulo 2 of a production key MK and of an issuer'"'"'s key IK of the PSMC and storing in RAM memory of the PSMC a result of the addition, KIM;
MK+IK=KIMb encoding by means of the pseudo random number RN, generated by the PSMC, of a unique input message IM, which message is modified on each particular use of the PSMC, by means of a reversible algorithm (ALG, ALG-
1) under a key KIM;
RN=ALGKIM (IM).
-
-
10. A cryptographic procedure for authentifying a memory card using a security microcircuit (PSMC) and a microprocessor, characterized in that the procedure comprises a successive execution of the following steps by means of a specific program:
-
a generating a pseudo random number RN and transmitting the random number to the memory card, b encoding under a key SK2I, associated with an identity number IN of the memory card, the pseudo random number RN, in the memory card creating crytogram M1;
M1=ALGSK2I (RN),c transmitting the cryptogram M1 from the memory card to the PSMC, d decoding, in the PSMC, under a key SK2I'"'"', associated with an identity number IN'"'"' of the PSMC, the cryptogram M1 creating number RN'"'"';
RN'"'"'=ALG- 1SK2I'"'"' (M1),e comparing the numbers RN and RN'"'"' of above steps a and d, an equality of these numbers implying the equality between the keys SK2I and SK2I'"'"' associated with the identity numbers IN and IN'"'"' respectively. - View Dependent Claims (12, 14)
-
-
11. A cryptographic procedure for authentifying a memory card using a security microcircuit (PSMC) and a microprocessor, characterized in that the procedure comprises a successive execution of the following steps by means of a specific program:
-
a generating a pseudo random number RN and transmitting the random number to the memory card, b encoding, in the memory card, under a key SK2I associated with an identity number OPN and with an identity number IN of the memory card, the pseudo random number RN, resulting in a cryptogram M1;
M1=ALGSK2I (RN),c transmitting the resulting cryptogram M1 and the identity number OPN from the memory card to the PSMC, d calculating, in the PSMC, a key SKOP deduced from the identity number OPN of the memory card;
SKOP=ALG- 1SK2I'"'"' (OPN),e decoding under the key SKOP, in the PSMC, the cryptogram M1, resulting in number RN'"'"';
RN'"'"'-ALG= 1SKOP (M1),f comparing the numbers RN and RN'"'"', an equality of these numbers implying consistency between the key SK2I associated with the identity numbers OPN and IN of the memory card and the key SK2I'"'"' associated with the identity number IN'"'"' of the PSMC. - View Dependent Claims (13, 15)
-
Specification