Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Particular communication authentication technique
Reexamination Certificate
1998-04-14
2001-01-09
Laufer, Pinchus M. (Department: 2766)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Particular communication authentication technique
C713S187000, C705S067000
Reexamination Certificate
active
06173401
ABSTRACT:
BACKGROUND OF THE INVENTION
1. Field of the Invention
The invention relates to the importing of information, especially application information, onto a chip card, which has a memory with a directory.
2. Description of Related Art
Since the mid-1980s, chip cards have been used in an increasing number of spheres of daily life. The success of chip cards is based essentially on their high manipulation security and reliability. Furthermore, great flexibility for a large number of chip card applications is guaranteed by the programmability of the chips on the chip card. Chip cards are discussed generally in Smart Cards by Jerome Svigals (MacMillan Pub. Co., 1985), which is specifically incorporated by reference herein.
The manufacture of a chip card up to the point at which it can be issued to a user is described in RankliEffing: Handbuch der Chipkarten, Karl Hanser Verlag, 1996, which is specifically incorporated by reference herein. After a module with the semiconductor chip has been embedded into the chip card, global data and personal data of the future card user is then imported onto the chip card. In this regard the issuer of the chip card is increasingly importing several applications simultaneously onto the chip card.
The internal structure of the chip card basically conforms to the ISO 7816/4 standard, which is specifically incorporated by reference herein. The data and/or the code belonging to an application are normally deposited in files. The files are located in a directory in the chip card memory. The files and the directory are imported by the card issuer onto the chip card. If a new application is to be placed by an application supplier on a chip card which has already been issued, particular attention should be paid to the chip card security system. This is especially true if applications which are not under the control of the card issuer are involved. If an application supplier places data and/or code independently on the chip card, the danger exists that the data and/or code deposited will undermine the security of the chip card. This may be the intention if it is insinuated that the application supplier has an interest in spying out applications of the card issuer or other application suppliers. However, unintentional impairment of the security system of the chip card may also be caused in particular by the erroneous placing of new applications.
A method is known from DE 38 07 997 of placing data on a chip card. The chip card has a memory, which is divided into several sub-areas. One of these sub-areas is formed as a protected sub-area, in which address information and error-checking codes for other sub-areas are stored. The protected sub-area is protected by programming the microprocessor of the chip card in such a way that it prevents access of a terminal to the protected sub-area. Information which is disposed in the protected sub-area can hereby be protected against the access of an unauthorized application supplier.
The German patent application with the file reference 196 26 339 discloses a method of loading applications and data securely onto chip cards. In this method, an identification character is allocated. The identification character is ascertained before execution of a command, by means of which the data are to be imported into a sub-area of the chip card. In ascertaining the identification character, it is established whether execution of the command in the sub-area is permitted. Execution of the command is prevented if it is established when ascertaining the identification character that execution of the command is not permitted in the sub-area. The execution of certain commands, in particular commands for importing applications onto the chip card, can hereby be limited to certain sub-areas.
In the case of a further known method for importing application information onto a chip card, the information is provided with an electronic signature. The electronic signature is calculated in this process by means of a cryptographic key from an electronic fingerprint of the information. The information and the electronic signature are transferred to the chip card. On the chip card, another electronic signature of the information transferred to the chip card is calculated with the aid of a further cryptographic key. It can then be verified hereby whether the electronic signature transferred to the chip card and the electronic signature calculated on the chip card match. If this is the case, the information has been transferred without error to the chip card. Manipulation is prevented in this known method by the fact that the further cryptographic key is certified by a trustworthy authority.
It is not possible with the aid of the known method described in the last section to verify whether the information has been placed in the location allocated to it in the memory of the chip card. If an application which is to be placed onto the chip card comprises data and code, it may be necessary to distribute these data and the code to different files in the directory. Using the known method, it can then be verified whether the data and the code have been transferred without manipulation of the same to the chip card. However, it is not possible to establish by means of the known method whether the data and the code have been placed properly in the various files.
SUMMARY OF THE INVENTION
It is the object of the present invention to create an improved possibility of importing information onto a chip card.
This object is achieved according to the independent claims
1
and
10
.
The basic advantage achieved by the invention compared with the state of the art consists in the fact that in addition to checking that the information has been transferred without error to the chip card, it is also checked that the information has been integrated into the chip card according to additional information. only if the additional information has been properly heeded when changing the contents of the memory can the information imported be used to execute an application.
The importing of information into an area of the chip card memory which is not permitted for this is thus prevented. This increases the security standard of the chip card.
In a suitable embodiment of the invention, at least one further electronic fingerprint is stored on the chip card. The electronic fingerprint which is used to verify the information transferred to the chip card can hereby be disposed on the chip card at any time in order to be used later when information is imported. Several electronic fingerprints can be disposed on the chip card at one time, the information belonging to each fingerprint being imported onto the chip card at different times.
Provision can be made advantageously for at least one further electronic fingerprint to be ascertained by means of a cryptographic key from an electronic signature. This permits the inclusion of a further security measure, encoding and decoding, when importing the information, due to which the security standard is further improved.
In a suitable development of the invention, data and/or a code are disposed in a file in the memory directory when changing the contents of the memory, the additional information comprising a path indication for the file. The arrangement of data and/or code in a particular file of the memory is hereby guaranteed by means of the additional information.
An advantageous configuration of the invention provides for the file to be generated before the data and/or code are disposed in the same, due to which the file required for importing the information is generated directly in connection with the importing, and a step for the advance creation of files for importing information is saved.
Provision can be made advantageously for the directory to be created prior to the disposal of data and/or the code in the file, due to which the creation of additional directories in the memory of the chip card is facilitated on importing the information.
The additional information can expediently comprise information regarding a specification of the file, in
Deindl Michael
H{umlaut over (a)}nel Walter
Schaal Albert
Hesse Karl O.
International Business Machine Corp.
Latham Bryan
Laufer Pinchus M.
LandOfFree
Importing information onto a chip card does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Importing information onto a chip card, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Importing information onto a chip card will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2498947