Method of executing a cryptographic protocol between two electronic entities
First Claim
1. A method of executing and validating a cryptographic protocol between a server entity and a microcircuit card in order to resist a Differential Power Analysis attack against the microcircuit card during execution of said cryptographic protocol, said method comprising the steps of:
- storing a first set of instructions for a first chain of operations and a key in both the server entity and the microcircuit card, said first chain of operations implementing a Data Encryption Standard algorithm,storing, at the microcircuit card, a second set of instructions for a second chain of operations based on the first chain of operations stored in said microcircuit card, said second chain of operations comprising a succession of operations each corresponding to a complement of a respective one of the operations in the first chain of operations,sending a request from said server entity to said microcircuit card for generating a message and sending said message to the server entity,executing, at the server entity, when said message from the microcircuit card is received by said server entity, said first set of instructions for the first chain of operations stored therein using said key and said message to obtain a server result,identifying, in the microcircuit card, after reception of the request from the server entity, a selected chain of operations, said step of identifying comprising randomly choosing one of the following groups as said selected chain;
1) all of the operations in said first chain of operations stored in the microcircuit card;
or
2) all of the operations in said second chain of operations stored in the microcircuit card as well as an additional complementation instruction;
executing, in the microcircuit card, with said key and said message which has been sent by said microcircuit card to said server entity, instructions for the identified and selected chain of operations,outputting a result of a last operation of the identified and selected chain of operations as a resultant message,comparing the resultant message to the server result, andvalidating the cryptographic protocol between the server entity and the microcircuit card when the server result and the resultant message are identical.
1 Assignment
0 Petitions
Accused Products
Abstract
Perfected cryptographic protocol making it possible to counter attacks based on the analysis of the current consumption during the execution of a DES or similar.
According to the invention, a message (M) is processed by two entities (A and B) and the entity (B) subject to attack executes a chain of operations known as DES in which it is chosen to carry out a given operation (O1, O2, O3 . . . On) or the same operation complemented (Ō1, Ō2, Ō3 . . . Ōn), the choice being random.
-
Citations
17 Claims
-
1. A method of executing and validating a cryptographic protocol between a server entity and a microcircuit card in order to resist a Differential Power Analysis attack against the microcircuit card during execution of said cryptographic protocol, said method comprising the steps of:
-
storing a first set of instructions for a first chain of operations and a key in both the server entity and the microcircuit card, said first chain of operations implementing a Data Encryption Standard algorithm, storing, at the microcircuit card, a second set of instructions for a second chain of operations based on the first chain of operations stored in said microcircuit card, said second chain of operations comprising a succession of operations each corresponding to a complement of a respective one of the operations in the first chain of operations, sending a request from said server entity to said microcircuit card for generating a message and sending said message to the server entity, executing, at the server entity, when said message from the microcircuit card is received by said server entity, said first set of instructions for the first chain of operations stored therein using said key and said message to obtain a server result, identifying, in the microcircuit card, after reception of the request from the server entity, a selected chain of operations, said step of identifying comprising randomly choosing one of the following groups as said selected chain;
1) all of the operations in said first chain of operations stored in the microcircuit card;
or
2) all of the operations in said second chain of operations stored in the microcircuit card as well as an additional complementation instruction;executing, in the microcircuit card, with said key and said message which has been sent by said microcircuit card to said server entity, instructions for the identified and selected chain of operations, outputting a result of a last operation of the identified and selected chain of operations as a resultant message, comparing the resultant message to the server result, and validating the cryptographic protocol between the server entity and the microcircuit card when the server result and the resultant message are identical. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A method of executing and validating a cryptographic protocol between a server entity and a microcircuit card in order to resist a Differential Power Analysis attack against the microcircuit card during execution of said cryptographic protocol, said method comprising the steps of:
-
storing a first set of instructions for a first chain of operations and a key in both the server entity and the microcircuit card, said first chain of operations implementing a Data Encryption Standard algorithm, storing, at the microcircuit card, a second set of instructions for a second chain of operations based on the first chain of operations stored in said microcircuit card, said second chain of operations comprising a succession of operations each corresponding to a complement of a respective one of the operations in the first chain of operations, sending a message from said server entity to said microcircuit card, executing, at the server entity, when said message from the microcircuit card is received by said server entity, said first set of instructions for the first chain of operations stored therein using said key and said message to obtain a server result, identifying, in the microcircuit card upon reception by said microcircuit card of said message received from the server entity, a selected chain of operations, said step of identifying comprising randomly selecting, for each operation of the first chain of operations in said microcircuit card, either said each operation or the corresponding operation in the second chain of operations in said microcircuit card; executing, in the microcircuit card, instructions for the identified and selected chain of operations using said key and said message, outputting a result of a last operation executed in said identified and selected chain of operations either in an uncomplemented state or a complemented state as a resultant message, depending on a number representative of successive random selections, comparing the resultant message to the server result, and validating the cryptographic protocol between the server entity and the microcircuit card when the server result and the resultant message are identical. - View Dependent Claims (14, 15, 16, 17)
-
Specification