Electrical computers and digital processing systems: support – Data processing protection using cryptography – Tamper resistant
Reexamination Certificate
1999-04-23
2003-02-04
Barron, Gilberto (Department: 2132)
Electrical computers and digital processing systems: support
Data processing protection using cryptography
Tamper resistant
C713S193000, C380S028000, C380S278000
Reexamination Certificate
active
06516415
ABSTRACT:
BACKGROUND OF THE INVENTION
1. Field of the Invention
The present invention relates in general to a security technology, more specifically, to a device and a method of maintaining a secret code within an integrated circuit (IC) package. The secret code is fragmented into several smaller pieces. These pieces are maintained in different storage media, which prevent anyone from acquiring complete information of the secret code.
2. Description of the Related Art
In modern cryptosystems, data that require high security are encrypted by specific encryption algorithms and corresponding keys and the encrypted data are deciphered by corresponding decryption algorithms and keys. In the security theory, it assumes that encryption/decryption algorithms are open to the public but decryption keys are kept by users. In other words, a good cryptosystem must guarantee that no one can accurately decipher the encrypted data within a reasonable period, even if the discipline of encryption/decryption algorithms and other useful information, such as some plaintext-ciphertext pairs, are well known.
FIG. 1
(Prior Art) illustrates a schematic diagram of a conventional asymmetric cryptosystem, or called the public-key cryptosystem, that uses different keys for encryption and decryption. The most popular public-key cryptosystem is RSA, which stands for Rivest, Shamir, Adleman, the inventors of the RSA system. As shown in
FIG. 1
, the illustrated communication session includes communication station A and communication station B. Communication stations A and B contain encryption/decryption software packages
1
a
and
1
b
, respectively. In addition, a pair of public/private keys are dedicated to each of the communication stations. The public key and the private key of communication station A are called PCK
A
and PRK
A
, respectively. The public key and the private key of communication station B are called PCK
B
and PRK
B
, respectively. It is noticed that public keys are used for encryption and known by the public; private keys are confidential and used for decryption.
When communication station A attempts to transmit a document to communication station B, software package
1
a
first encrypts this document by using public key PCK
B
of communication station B, and transmits the encrypted document to communication station B. After receiving the encrypted document, communication station B activates software package
1
b
to decipher the encrypted document by using its private key PRK
B
, thereby acquiring the original document. On the contrary, when communication station B attempts to transmit a document to communication station A, software package
1
b
encrypts this document by using public key PCK
A
of communication station A, and transmits the encrypted document to communication station A. After receiving the encrypted document, communication station A can activate software package
1
a
to decrypt the encrypted document by using its private key PRK
A
, thereby acquiring the original document. It is noticed that algorithms used in software packages
1
a
and
1
b
and public keys PCK
A
and PCK
B
are open resources and known by the public. Accordingly, a cryptosystem must guarantee that it is almost impossible to draw the hidden information out of an encrypted document according to these open resources. In other words, if the corresponding private key is safe, the security level of such a cryptosystem could be maintained.
According to the above description, it appears that a poor maintenance of the private key (or the decryption keys in other systems) might be a weakness in security systems. A safe but inefficient approach to maintain the private key is to keep in mind. Users can retype the memorized private key while decrypting an encrypted data. However, it has become almost impossible to memorize these private keys correctly since they are getting longer and longer in modern cryptosystems. Accordingly, some visible forms, such as files or printed matters, are required to maintain these kinds of secret information. Therefore, there is a way to leak information due to the intrinsic features of these storage forms, such as portability and reproducibility.
In addition to being recorded in the files or printed matters, key information can also be mounted in a hardware module, which can be further mounted in the computer or data-processing machine.
FIG. 2
(Prior Art) illustrates an example of such hardware module containing the key information. As shown in
FIG. 2
, hardware module
3
, which includes key generator
3
a
and non-volatile memory
3
b,
provides a decryption key for cipher
4
to decipher ciphertext
5
b
into plaintext
5
a
. Key generator
3
a
is used to generate a pair of public/private keys, where the public key is released to the public and the private key is sent to non-volatile memory
3
b.
Non-volatile memory
3
b
maintains the private key in secret, either permanently or for a considerable lasting period. Placing key generator
3
a
within hardware module
3
can keep the private key in secret during private key transmission. Furthermore, cipher
4
can be merged into the hardware module
3
to increase the security level of the private key.
However, it is still possible to steal the private key from hardware module
3
even if key generator
3
a
and cipher
4
are completely merged into hardware module
3
and the private key is not revealed during any processing steps. The hardware module is usually sealed by an IC package. For example, an intended intruder can take a brute attack to the IC package, which means to open the sealed IC package, thereby accessing the non-volatile memory component and thus ferreting out the private key. Strictly speaking, such a situation is not regarded as a security hole in security systems. However, it is also true that the security wall of such systems is fragile by this attack.
SUMMARY OF THE INVENTION
Therefore, the objective of the present invention is to provide a method and a system that maintain a secret code within an integrated circuit package. Such a package can prevent an outside brute attack and can keep necessary key information in secret safely.
The present invention achieves the above objective by providing a device for maintaining a secret code, which is enclosed in an integrated circuit package and is connected to an external power supply located at the outside of the integrated circuit device. The device embracing the secret code comprises a non-volatile memory for holding the first part of the secret code, a volatile memory that is powered by an external power supply and used for dynamically holding the second part of the secret code, and a coding component that is coupled to the non-volatile memory and the volatile memory and used for transforming a first text fed into the integrated circuit package into a second text by using both the first and the second part of the secret code. For example, the non-volatile memory can be a flash memory; the volatile memory can be a register powered by the external power supply. Since the second part of the secret code is stored in the volatile memory and powered by the external power supply, it will disappear when disconnecting the external power supply. Accordingly, the complete secret code cannot be acquired by brute attacking.
In addition, the device for maintaining the secret code can comprise a secret code generator, a non-volatile memory, a code processor and a volatile memory. The non-volatile memory and the volatile memory have the same characteristics as those in the last case. In addition, the secret code generator is used for producing the first part of the secret code; the code processor is used for generating the second part of the secret code according to external visa data received from the outside of the integrated circuit package. Moreover, the device embracing the secret code can further comprise a coding component for encoding and decoding from one document to another document, by using both the first and the second part of secret code. The secret code generat
Barron Gilberto
Geneticware Co., LTD
Zand Kambiz
LandOfFree
Device and method of maintaining a secret code within an... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Device and method of maintaining a secret code within an..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Device and method of maintaining a secret code within an... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3157701