Integrated circuit for embedding in smart cards, and method of issuing smart cards
First Claim
1. An integrated circuit embedded in a smart card, providing an authentication function by generating authentication data from random data, comprising:
- an interface circuit that receives and generates commands and data, said data including said random data and authentication data;
an electrically rewritable non-volatile memory that stores at least one instruction file having a list of instructions; and
an authentication data generator, coupled to said interface circuit and said rewritable non-volatile memory, having logic circuits that execute said instructions to thereby convert said random data into said authentication data, in response to a command received by said interface circuit.
5 Assignments
0 Petitions
Accused Products
Abstract
An integrated circuit embedded in a smart card has a rewritable non-volatile memory in which an instruction file is stored. A control logic circuit in the integrated circuit converts random data into authentication data by executing instructions read from the instruction file, preferably by controlling a simplified data processing circuit having a shift register, an exclusive-OR logic circuit, and specialized bit operation circuits. A card issuer issuing smart cards including this integrated circuit writes different instruction files in different smart cards, thereby enhancing the security of the smart cards.
60 Citations
20 Claims
-
1. An integrated circuit embedded in a smart card, providing an authentication function by generating authentication data from random data, comprising:
-
an interface circuit that receives and generates commands and data, said data including said random data and authentication data;
an electrically rewritable non-volatile memory that stores at least one instruction file having a list of instructions; and
an authentication data generator, coupled to said interface circuit and said rewritable non-volatile memory, having logic circuits that execute said instructions to thereby convert said random data into said authentication data, in response to a command received by said interface circuit. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. An integrated circuit, embedded in a smart card, that generates authentication data from random data, comprising:
-
an interface circuit that receives and generates commands and data, said data including said random data and authentication data;
an electrically rewritable non-volatile memory that stores at least one instruction file having a list of instructions; and
an authentication data generator, coupled to said interface circuit and said rewritable non-volatile memory, having logic circuits that execute said instructions, to thereby convert said random data into said authentication data, in response to a command received by said interface circuit, wherein said electrically rewritable non-volatile memory also stores key data used in generating said authentication data from said random data, and wherein said authentication data generator [17] comprises;
a first register, a second register, a start control module that stores said key data in said first register and said random data in said second register, in response to a command received by said interface circuit, a data processing unit that performs operations on the data stored in said second register, using the data stored in said first register, an instruction register that stores an instruction read from said instruction file, and a control logic circuit that reads instructions one by one from said instruction file into said instruction register, executes each instruction thus read by controlling said data processing unit, to thereby generate said authentication data, and store said authentication data in said second register. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18)
a shift register that stores data and performs bit-shift operations on the stored data;
a bit replacement circuit that replaces predetermined bits of the data stored in said shift register with predetermined values;
a bit-inverting circuit that inverts predetermined bits of the data stored in said shift register;
a data selector that selects data from said first register and said second register; and
an exclusive-OR logic circuit that performs a logical exclusive OR operation on the data stored in said shift register and the data selected by said data selector.
-
-
13. The integrated circuit of claim 12, wherein said control logic circuit comprises:
-
a data-transfer control module that transfers data between said second register and said shift register;
a bit-shift control module that causes said shift register to perform said bit shift operations;
a bit-replacement control module that transfers output data from said bit replacement circuit to said shift register;
a bit-inverting control module that transfers output data from said bit-inverting circuit to said shift register;
an exclusive-OR control module that controls said data selector and transfers output data from said exclusive-OR logic circuit to said shift register; and
a termination control module that terminates execution of said instruction file.
-
-
14. The integrated circuit of claim 13, wherein said control logic circuit further comprises:
-
a conditional jump control module that conditionally skips instructions in said instruction file, according to a value of a bit in a specified one of said second register and said shift register; and
an unconditional jump control module that unconditionally skips a following instruction in said instruction file.
-
-
15. The integrated circuit of claim 13, wherein:
-
said data processing unit further comprises a save register; and
said control logic circuit further comprises a save-restore control module that transfers data between said shift register and said save register.
-
-
16. The integrated circuit of claim 13, wherein said control logic circuit further comprises an operation control module that executes certain instructions read from said instruction file by performing an operation, then loads a following instruction from said instruction file into said instruction register.
-
17. The integrated circuit of claim 13, wherein said bit replacement circuit operates according to a plurality of bit replacement tables, as selected by said bit-replace control module according to the instruction stored in said instruction register.
-
18. The integrated circuit of claim 13, wherein said bit-inverting circuit operates according to a plurality of bit inversion tables, as selected by said bit-invert control module according to the instruction stored in said instruction register.
-
19. A semiconductor integrated circuit for an IC card, comprising:
-
an interface circuit that receives random data having a plurality of bits and outputs authentication data having a plurality of bits;
a rewritable non-volatile memory that stores an instruction file including a list of instructions; and
an authentication data generator, coupled to said interface circuit and said non-volatile memory, that changes the bits of the random data received by said interface circuit according to the instructions stored in said rewritable non-volatile memory, to thereby convert the random data into the authentication data. - View Dependent Claims (20)
-
Specification