Key protection device for smart cards

US 5,533,126 A
Filed: 04/21/1994
Issued: 07/02/1996
Est. Priority Date: 04/22/1993
Status: Expired due to Term

First Claim

Patent Images

1. A user key protection device for a smart card comprising:

at least one user coded key stored within said smart card, said at least one user coded key is coded (CCCi) using a specific key specific to each smart card, a user key, and a user key coding/decoding algorithm (A.S.C.C.) executed by a microprocessor within said smart card;

protection data corresponding to dependent data of each of said at least one user coded key generated and stored in association with a respective at least one user coded key (CCCi) in a memory area of said smart card;

a detection device installed in said smart card allowing the smart card to verify integrity of said at least one user coded key (CCCi) by comparing said protection data to verification data generated using the at least one user coded key (CCCi); and

an interlock device installed in the smart card allowing the smart card to block any further calculation using the at least one user coded key (CCCi) in the event that said verification data is not identical to said protection data.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

This invention concerns a key protection device for smart cards and is characterized by the fact that:

each input user key is coded using a random key and stored;

protection data that corresponds to each coded user key'"'"'s dependant data is generated and associated to each coded user key;

a detection device is installed on the card that allows the user to verify the stored user key'"'"'s integrity by comparing the protection data to verification data that is generated using the card'"'"'s stored user key; and

an interlock device that allows the user to block any further calculation using the stored key in the event that the verification data is not identical to the protection data.

275 Citations

14 Claims

1. A user key protection device for a smart card comprising:
- at least one user coded key stored within said smart card, said at least one user coded key is coded (CCCi) using a specific key specific to each smart card, a user key, and a user key coding/decoding algorithm (A.S.C.C.) executed by a microprocessor within said smart card;
  
  protection data corresponding to dependent data of each of said at least one user coded key generated and stored in association with a respective at least one user coded key (CCCi) in a memory area of said smart card;
  
  a detection device installed in said smart card allowing the smart card to verify integrity of said at least one user coded key (CCCi) by comparing said protection data to verification data generated using the at least one user coded key (CCCi); and
  
  an interlock device installed in the smart card allowing the smart card to block any further calculation using the at least one user coded key (CCCi) in the event that said verification data is not identical to said protection data.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The device according to claim 1, wherein said protection data is stored in a hidden memory area of said smart card.
  - 3. The device according to claim 1 wherein said detection device contains key correction features therein.
  - 4. The device according to claim 1, wherein said protection data is a checksum.
  - 5. The device according to claim 1, wherein said protection data is a cyclic redundancy check (CRC).
  - 6. The device according to claim 1, wherein said protection data is a number of user coded key (CCCi) bits (CBVip), each having a given binary value.
  - 7. The device according to claim 1, wherein said protection data is a signature (Sip) calculated using a secret key (CS).
  - 8. The device according to claim 1, wherein said detection device is an algorithm (A.CA.S.C.) executed by said microprocessor (1) contained within said smart card.
  - 9. The device according to claim 1, wherein a decoded key is generated from said at least one user coded key using said user key coding/decoding algorithm (A.S.C.C.) if said verification data is identical to said protection data, said user key coding/decoding algorithm using said specific key (C.SP.Di) and a key storing operation is executed by said microprocessor for making said decoded key available in said memory area.
  - 10. The device according to claim 1, wherein said user key is sent to the smart card as coded by an input key coding/decoding algorithm (A.C.U.) and said device includes said input key coding/decoding algorithm and is arranged for decoding said coded user key into a decoded user key to be coded by said user key coding/decoding algorithm (A.S.C.C).
  - 11. The device of claim 10, wherein said user key coding algorithm (A.S.C.C.) is different from said input key coding/decoding algorithm and is stored in a hidden memory area of said smart card.

12. A process for storing at least one user coded key in a smart card, comprising the steps of:
- receiving a user key;
  
  coding said user key into a user coded key using a specific key specific to each smart card and a user key coding/decoding algorithm (A.S.C.C.) executed by a microprocessor within said smart card;
  
  calculating protection data using said user coded key and a test algorithm (A.C.A.S.C.) executed by said microprocessor; and
  
  storing said user coded key in association with said protection data in a memory area of said smart card.
- View Dependent Claims (13, 14)
- - 13. The process according to claim 12, wherein said user key (CU) is sent to the smart card as coded by an input key coding/decoding algorithm (A.C.U.), said process further comprising the steps of:
    - decoding said coded user key (CCU) into a decoded user key (CU) by using said coding/decoding algorithm (A.C.U.) executed by said microprocessor; and
      
      coding said decoded user key (CU) into said user coded key (CCCi) by executing said user key coding/decoding algorithm (A.S.C.C.).
  - 14. The process according to claim 12, further comprising the steps of:
    - calculating verification data using said test algorithm on said user coded key in the microprocessor prior to executing a calculation using said user coded key;
      
      comparing said verification data to said protection data to ascertain integrity of said user coded key; and
      
      blocking use of said user coded key if said verification data is not identical to said protection data.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
CP8 Technologies (Thales SA)
Original Assignee
Bull CP8 (Schlumberger NV)
Inventors
Hazard, Michel
Primary Examiner(s)
Cain, David C.

Application Number

US08/230,737
Time in Patent Office

803 Days
Field of Search

380/23, 380/25, 380/46, 380/49, 380/21
US Class Current

713/187
CPC Class Codes

G06Q 20/341   Active cards, i.e. cards in...

G06Q 20/40975   using encryption therefor

G07F 7/082   Features insuring the integ...

G07F 7/1008   Active credit-cards provide...

H04L 2209/34   Encoding or coding, e.g. Hu...

H04L 9/0897   involving additional device...

H04L 9/3234   involving additional secure...

Key protection device for smart cards

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

275 Citations

14 Claims

Specification

Solutions

Use Cases

Quick Links

Key protection device for smart cards

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

275 Citations

14 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links