Leak-resistant cryptographic payment smartcard
First Claim
1. A method for performing a plurality of secure payment transactions using a smartcard, where said smartcard and a verifier of said payment transaction share an initial secret starting key value, comprising:
- (a) initializing said smartcard, where said initializing includes;
(i) storing said starting key value in a nonvolatile key storage memory location; and
(ii) storing an initial value in a nonvolatile transaction counter memory location;
(b) for each of a plurality of payment transactions;
(i) computing an updated key value;
(x) by cryptographically transforming at least said stored key value and said transaction counter;
(y) where said transforming at least obscures partial information about said stored key, thereby deterring attacks that combine partial information leaked in said plurality of transactions;
(ii) updating said nonvolatile memory locations including;
(x) updating said key storage location with said updated key value; and
(y) incrementing said value of said transaction counter location;
(iii) using said updated key value to compute a message authentication code authenticating said transaction; and
(iv) sending said computed message authentication code and said transaction counter to a third party for use in verifying said payment transaction.
1 Assignment
0 Petitions
Accused Products
Abstract
We disclose methods and apparatuses for securing cryptographic devices against attacks involving external monitoring and analysis. A “self-healing” property is introduced, enabling security to be continually re-established following partial compromises. In addition to producing useful cryptographic results, a typical leak-resistant cryptographic operation modifies or updates secret key material in a manner designed to render useless any information about the secrets that may have previously leaked from the system. Exemplary leak-proof and leak-resistant implementations are shown for symmetric authentication, certified Diffie-Hellman (when either one or both users have certificates), RSA, ElGamal public key decryption.
222 Citations
6 Claims
-
1. A method for performing a plurality of secure payment transactions using a smartcard, where said smartcard and a verifier of said payment transaction share an initial secret starting key value, comprising:
-
(a) initializing said smartcard, where said initializing includes; (i) storing said starting key value in a nonvolatile key storage memory location; and (ii) storing an initial value in a nonvolatile transaction counter memory location; (b) for each of a plurality of payment transactions; (i) computing an updated key value; (x) by cryptographically transforming at least said stored key value and said transaction counter; (y) where said transforming at least obscures partial information about said stored key, thereby deterring attacks that combine partial information leaked in said plurality of transactions; (ii) updating said nonvolatile memory locations including; (x) updating said key storage location with said updated key value; and (y) incrementing said value of said transaction counter location; (iii) using said updated key value to compute a message authentication code authenticating said transaction; and (iv) sending said computed message authentication code and said transaction counter to a third party for use in verifying said payment transaction. - View Dependent Claims (2)
-
-
3. A computer readable memory containing a program for performing a plurality of secure payment transactions between a tamper-resistant device and a verifier that share an initial secret starting key value, comprising:
-
(a) logic instructions for computing an updated key value for a subsequent transaction; (i) by cryptographically transforming at least a key value and a transaction counter value stored in nonvolatile memory locations in said tamper-resistant device; (ii) where said transforming at least obscures partial information about said stored key, thereby deterring attacks that combine partial information leaked in said plurality of transactions; (b) logic instructions for updating said nonvolatile memory locations including; (i) replacing said key value with said updated key value; and (ii) incrementing said transaction counter value; (c) logic instructions for using said updated key value to compute a message authentication code authenticating said transaction; and (d) logic instructions for sending said computed message authentication code and said transaction counter to a third party for use in verifying said payment transaction. - View Dependent Claims (4)
-
-
5. A smartcard for performing a secure payment transaction, comprising:
-
(a) a microprocessor; (b) a nonvolatile memory area initially configured to store a secret parameter; (c) a nonvolatile memory area initially configured to store an indexing indicia; (d) a memory storing logic instructions capable of being executed using said processor to; (i) compute an updated secret parameter for a subsequent transaction by cryptographically transforming at least said stored secret parameter and said indexing indicia, where said transforming at least obscures partial information about said stored secret parameter; (ii) replace said stored secret parameter with said updated value thereof; (iii) compute a value authenticating transaction information by cryptographically transforming at least said updated secret parameter and said transaction information; and (e) an output interface configured to transmit representations of said value and said indexing indicia to a payment transaction verifier. - View Dependent Claims (6)
-
Specification