Method for cryptographic authentication

US 8,195,955 B2
Filed: 05/16/2007
Issued: 06/05/2012
Est. Priority Date: 05/30/2006
Status: Active Grant

First Claim

Patent Images

1. A method for cryptographic authentication in an access security system, the method comprising:

incrementing consecutive counts in segments of an Electrically Erasable Programmable Read-Only Memory (EEPROM) by;

retrieving an invalid count in one of three EEPROM segments;

detecting a maximum valid count from two remaining valid counts if an invalid count exists;

overwriting the invalid count with the maximum valid count;

when no invalid count exists, detecting a smallest valid count from three valid counts, wherein detecting the smallest valid count follows the retrieving step;

detecting a largest valid count from the three valid counts; and

overwriting the smallest valid count with the largest valid count, wherein the cryptographic authentication occurs after each successful execution of the incrementing step; and

after each incrementation, updating a current count in not more than one EEPROM segment to produce an updated counter value; and

using each updated counter value as a changing initialization value in subsequent cryptographic authentications.

View all claims

10 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The invention relates to a method for cryptographic authentication in access security systems. The aim of the invention is to provide a software solution. To this end, the method for secured storage of counter states in a non-volatile memory (EEPROM) (10) involves an incrementing (11) process, and the current counter state is updated in only one EEPROM segment following each incrementing process (11), a subsequent access to the EEPROM (10) only being enabled in the event of a successful incrementing (11) of an EEPROM-based counter.

8 Citations

11 Claims

1. A method for cryptographic authentication in an access security system, the method comprising:
- incrementing consecutive counts in segments of an Electrically Erasable Programmable Read-Only Memory (EEPROM) by;
  
  retrieving an invalid count in one of three EEPROM segments;
  
  detecting a maximum valid count from two remaining valid counts if an invalid count exists;
  
  overwriting the invalid count with the maximum valid count;
  
  when no invalid count exists, detecting a smallest valid count from three valid counts, wherein detecting the smallest valid count follows the retrieving step;
  
  detecting a largest valid count from the three valid counts; and
  
  overwriting the smallest valid count with the largest valid count, wherein the cryptographic authentication occurs after each successful execution of the incrementing step; and
  
  after each incrementation, updating a current count in not more than one EEPROM segment to produce an updated counter value; and
  
  using each updated counter value as a changing initialization value in subsequent cryptographic authentications.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The method as claimed in claim 1, wherein the access security system is a transponder.
  - 3. The method as claimed in claim 1, further comprising:
    - determining the invalid count via a calculation of differences from the two remaining valid counts, where the invalid count has the largest difference from the two remaining valid counts.
  - 4. The method as claimed in claim 1, further comprising:
    - forming, with the EEPROM-based count, a changing initialization value for a suitable cryptoalgorithm which serves to authenticate communication with the transponder.
  - 5. The method as claimed in claim 1, further comprising:
    - producing the consecutive counts in the event of each incrementation by an up-counter or a down-counter.
  - 6. The method of claim 1, further comprising:
    - storing each new count in only one EEPROM segment.
  - 7. The method of claim 1, further comprising:
    - recording each authentication sequence with ensuing EEPROM access only once.
  - 8. The method as claimed in claim 1, further comprising:
    - using a known counting rate to detect the invalid count.
  - 9. The method of claim 1, further comprising:
    - calculating two cryptographic signatures based upon both a changing value from a base station and a changing value from the access security system.
  - 10. The method as claimed in claim 3, further comprising:
    - defining threshold values for the differences from which a count is detected to be invalid.
  - 11. The method of claim 5, wherein the up-counter is a stepsize up-counter.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
NXP B.V. (NXP Semiconductors NV)
Original Assignee
NXP B.V. (NXP Semiconductors NV)
Inventors
Nowottnick, Juergen, Boeh, Frank
Primary Examiner(s)
Srivastava, Vivek
Assistant Examiner(s)
Salehi, Helai

Application Number

US12/302,610
Publication Number

US 20090158055A1
Time in Patent Office

1,847 Days
Field of Search

713/189, 726 1- 36
US Class Current

713/189
CPC Class Codes

G06F 21/34 involving the use of extern...

G06F 2221/2103 Challenge-response

Method for cryptographic authentication

First Claim

10 Assignments

0 Petitions

Accused Products

Abstract

8 Citations

11 Claims

Specification

Solutions

Use Cases

Quick Links

Method for cryptographic authentication

First Claim

10 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

8 Citations

11 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links