Method of securely loading commands in a smart card
First Claim
1. A method of securely loading a command or commands in a smart card by a first party, the smart card being issued by a second party, the method comprising the steps of:
- the second party producing a first authentication code using a first key,a third party producing a second authentication code using a second key,the first party obtaining the first and second authentication codes from the second party and the third party, respectively,the first party transferring command modifications with the obtained first and second authentication codes to the smart card,the smart card validating the command modifications by obtaining a replica of the first and second authentication codes using stored versions of the first and second key, respectively, and comparing the replica of the first and second authentication codes with the obtained first and second authentication codes transferred with the command modifications from the first party to the smart card.
2 Assignments
0 Petitions
Accused Products
Abstract
A method of securely loading and validating commands (COM) in a smart card (SC) is disclosed. Especially in the case where application-specific commands are loaded by an application provider (AP), that is off-line with respect to the card issuer (CI), it must be ensured that the commands are valid. The invention provides a method involving the protection of the commands (COM) by means of authentication codes, these codes (MAC1, MAC2) being produced using two different keys: one key (K1) is stored by the card issuer (CI), the other (K2) by a trusted third party (TTP). A further authentication code (MAC3), produced using a key from a set of keys (K3*), may be utilized to selectively validate commands for individual applications (e.g. AP1, AP2).
-
Citations
12 Claims
-
1. A method of securely loading a command or commands in a smart card by a first party, the smart card being issued by a second party, the method comprising the steps of:
-
the second party producing a first authentication code using a first key, a third party producing a second authentication code using a second key, the first party obtaining the first and second authentication codes from the second party and the third party, respectively, the first party transferring command modifications with the obtained first and second authentication codes to the smart card, the smart card validating the command modifications by obtaining a replica of the first and second authentication codes using stored versions of the first and second key, respectively, and comparing the replica of the first and second authentication codes with the obtained first and second authentication codes transferred with the command modifications from the first party to the smart card. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
- 10. A smart card, comprising a substrate and an integrated circuit having a processor and a memory, the memory containing at least two keys the integrated circuit being arranged to regenerate, using the at least two keys at least two authentication codes relative to a received command modification request including at least two corresponding request authentication codes and to compare the at least two regenerated authentication codes with the received at least two corresponding request authentication codes to verify an approved modification to commands is being received.
Specification