Payment smart cards with hierarchical session key derivation providing security against differential power analysis and other attacks
First Claim
1. A cryptographic device comprising:
- (a) at least one memory containing a value of a secret parameter; and
(b) a processor configured to perform a plurality of cryptographic transactions,each said transaction involving a cryptographically processed datum, where;
(i) each of said cryptographic transactions is secured using a secret parameter;
(ii) said processor configured to reduce the usefulness of information gathered through external monitoring of said cryptographic device related to said secret parameter by performing a plurality of cryptographic update operations to derive an updated value of said secret parameter at a different level within a hierarchy of secret parameters, wherein deriving an updated value of said secret parameter comprises applying at least one invertible function to the value of said secret parameter before said plurality of cryptographic operations; and
(iii) said processor configured to store the updated value of said secret parameter in said at least one memory for use in at least one subsequent transaction; and
(c) an interface configured to output said datum to a cryptographic processing device.
1 Assignment
0 Petitions
Accused Products
Abstract
Chip cards are used to secure credit and debit payment transactions. To prevent fraudulent transactions, the card must protect cryptographic keys used to authenticate transactions. In particular, cards should resist differential power analysis and/or other attacks. To address security risks posed by leakage of partial information about keys during cryptographic transactions, cards may be configured to perform periodic cryptographic key update operations. The key update transformation prevents adversaries from exploiting partial information that may have been leaked about the card'"'"'s keys. Update operations based on a hierarchical structure can enable efficient transaction verification by allowing a verifying party (e.g., an issuer) to derive a card'"'"'s current state from a transaction counter and its initial state by performing one operation per level in the hierarchy, instead of progressing through all update operations performed by the card.
-
Citations
22 Claims
-
1. A cryptographic device comprising:
-
(a) at least one memory containing a value of a secret parameter; and (b) a processor configured to perform a plurality of cryptographic transactions, each said transaction involving a cryptographically processed datum, where; (i) each of said cryptographic transactions is secured using a secret parameter; (ii) said processor configured to reduce the usefulness of information gathered through external monitoring of said cryptographic device related to said secret parameter by performing a plurality of cryptographic update operations to derive an updated value of said secret parameter at a different level within a hierarchy of secret parameters, wherein deriving an updated value of said secret parameter comprises applying at least one invertible function to the value of said secret parameter before said plurality of cryptographic operations; and (iii) said processor configured to store the updated value of said secret parameter in said at least one memory for use in at least one subsequent transaction; and (c) an interface configured to output said datum to a cryptographic processing device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A computer-implemented method of performing a cryptographic transaction, using a secret parameter stored in a non-transitory computer readable memory, comprising:
-
(a) performing a cryptographic transaction secured using said secret parameter; (b) applying a cryptographic update operation to said secret parameter by performing n cryptographic update operations using a processor to derive an updated value of said secret parameter within a hierarchy by applying an invertible function, such that after said n cryptographic update operations have been performed, a receiving party knowing the value of the secret parameter prior to said n cryptographic update operations derives the value of said updated secret parameter in less than n operations; where all of said secret parameters from said n cryptographic update operations are within said hierarchy of secret parameters; and (c) replacing said secret parameter with said updated secret parameter in said memory. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21, 22)
-
Specification