Registers – Records – Conductive
Reexamination Certificate
2001-01-24
2003-06-24
Frech, Karl D. (Department: 2876)
Registers
Records
Conductive
C235S380000
Reexamination Certificate
active
06581841
ABSTRACT:
The present invention relates to secure processing of information, and especially a method and an apparatus for providing secure encryption of information to be kept safe from access by e.g. fraudulent persons.
In a number of applications, encryption is used prior to transmitting sensitive information over “open” communication channels. This information often relates to money transactions but may be any type of more or less security critical information relating to money transactions or other types of transactions. In some of these transactions, not even all of the circuitry at which this information is entered or generated may be assumed secure or safe from third parties. In this situation, the often very sensitive keys on which the encryption is based may be accidentally divulged. In order to prevent that, so-called security or safety modules are provided wherein the encryption takes place and wherein the encryption keys are stored in a secure manner. This “secure manner” often incorporates enclosing the encryption means and the means holding the keys within an enclosure together with means for detecting attempts to divulge the keys or encryption procedure. These detecting means could upon such detection delete the keys and encryption procedure or otherwise render these unreadable. In this manner, once the information has been entered into the holding means, it only re-exits in encrypted form.
Another similar process to be performed securely is the authentication of a message. An authentication may be performed by performing an operation on the message—which may have been sent in clear text—the result of which operation is encrypted and transmitted to the receiver who decrypts the result and compares it to a similar operation performed at the receiver. If the results match, the message has not been altered during transmission.
Naturally, encryption and decryption as well as generating the authentication information and the authentication step at the receiver should be performed securely, as all these operations involve the sensitive methods and keys.
However, it has recently been observed that the processing of information within a microprocessor can be monitored via monitoring its power consumption—as well as by monitoring the microprocessors I/O ports. In this manner, the methods by which the information is encrypted, i.e. encryption algorithms and possibly the encryption keys may be determined by fraudulent persons or other unauthorised third parties and, accordingly, seriously reduce the overall security of the system.
It was recently published that monitoring the power consumption of the processor may reveal such security sensitive information. It has also been found that there exist at least two other mechanisms that may reveal information pertaining to me processing of the microprocessor. The I/O ports of the processor are capacitively coupled to many other parts of the microprocessor whereby signals relating to e.g. encryption processing of the processor may be accidentally transferred to the I/O ports. Another mechanism that also may transfer these'signals to the I/O ports of the processor is a typical common voltage supply line between the CPU part of the microprocessor and the I/O ports of the processor. Ripple voltages on this common supply line, originating from current pulses that supplies power to logic circuitry of the CPU, will also modulate the voltage supplies of the I/O ports so that measuring fluctuations of I/O port output voltages may accidentally reveal information as to the processing of the processor.
The present invention provides simple and innovative solutions to these above-mentioned problems. Different solutions have prior been proposed relating to different manners of altering the actual encryption method, in order for the divulged information to be less clear. However, to rapidly modify existing apparatuses and methods, the present invention enables the use of existing and fully verified encryption methods.
Another object of the invention is to provide a method of modifying the existing apparatus so as to utilise a relatively small amount of additional hardware which can be integrated within the relatively small volume of the shielding means.
Consequently, in a first aspect, the invention relates to an apparatus for secure processing of information according to claim
1
.
In the context of money transaction machines, ATMs, vending machines etc., the means for providing the information to be processed may be a keyboard from which a PIN code to be encrypted is provided—or circuitry external to the holding means providing other information to be encrypted, such as information that is used in a money transaction. The means for providing the information may also comprise a bi-directional serial data bus that transfers the information between a chip-card reader or station and the processing means in the form of a chip-card processor arranged on a chip card.
Accordingly, an apparatus according to the present invention may also be a chip-card. A chip-card comprises a chip-card processor arranged on or buried within the card, typically in a dent or indentation moulded or drilled in the plastic carrier of the card. The chip card processor is often encapsulated by a lump of protective material such as a lump of epoxy coating to keep moisture and other contamination away from processor and functioning as the holding means of the chip-card processor in the present context. A chip card processor typically comprises a CPU part or CPU circuit block to perform encryption/decryption algorithms as well as performing various “house holding” tasks such as reading from and writing to a volatile and/or non-volatile memory, communication over I/O parts etc. required to make the chip-card provide a specified functionality. Optionally, the chip card processor may additionally comprise an encryption processor which may relieve a part of the CPU workload by calculating the often complex encryption/decryption algorithms such as algorithms based on private key-public key coding forms. These algorithm calculations as well as their associated key clearly comprise processing of security critical information that should be hidden from unauthorised third parties. The calculation of the algorithms may be entirely performed by the encryption processor, if one is available within the processing means, or alternatively only partly, depending on the calculation workload associated with a particular algorithm with respect to the processing power of the CPU and the encryption processor.
According to a preferred embodiment of the invention, the encryption processor performs substantially all of the required security critical or secret processing while being supplied with power from the second power supplying means during these security critical operations. In this embodiment, the CPU may be provided with power from the first power supply means since it is not performing any security critical operation. By supplying power to the CPU from the first supply, the power stored in the second power supply may allow more processing steps to be performed in the encryption processor before the power storing capability of that supply is exhausted. Accordingly, in this embodiment, the encryption processor may advantageously perform substantially all of the required secret processing so that monitoring the power consumption of the first power supply does not reveal any information as to the security critical processing steps, encryption keys and algorithms utilised by the chip-card processor.
The second power supplying means may comprise one or several capacitors integrated on the chip-card processor. This makes monitoring of the power consumption of such integrated capacitor(s) very difficult, due to the extremely small size of integrated circuit blocks and capacitors and their associated power wiring. Furthermore, the surface of the chip-card processor may be covered with a highly resistant coating that even makes micro-probing of the chip difficult or impossible. According to an alternativ
Frech Karl D.
Hess Daniel A
SAGEM Denmark A/S
LandOfFree
Apparatus and method for secure information processing does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Apparatus and method for secure information processing, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Apparatus and method for secure information processing will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3089769