Electrical computers and digital processing systems: support – Data processing protection using cryptography – By stored data protection
Reexamination Certificate
1999-12-10
2003-10-07
Hayes, Gail (Department: 2766)
Electrical computers and digital processing systems: support
Data processing protection using cryptography
By stored data protection
C713S194000, C380S028000, C380S029000, C380S030000, C380S051000, C380S052000, C380S277000, C380S044000, C380S046000, C380S047000
Reexamination Certificate
active
06631471
ABSTRACT:
BACKGROUND OF THE INVENTION
The present invention relates to an information processing equipment, and more particularly to an information processing apparatus suitable for a tamper resistance device such as an IC card providing high security.
An IC card is mainly used for storing information in a manner so as not to be altered by a third party or for enciphering data or deciphering a cipher text by using a cipher key which is kept in secret. Since the IC card is not provided with a power source, it becomes operable only when it is inserted into a reader-writer. The IC card receives a command from the reader-writer to execute data transfer.
As shown in
FIG. 1
, an IC card has the structure that an IC card chip
102
is fabricated on a card
101
. A general IC card has contacts via which a power is supplied from a reader-writer and data is transferred.
The structure of an IC card chip is basically the same as that of a microcomputer. As shown in
FIG. 2
, the IC card chip includes a central processor
201
, a storage memory
204
, an input/output port
207
, and a co-processor
202
. The central processor
201
executes logical and arithmetic calculations, and the storage memory
204
stores programs and data. The input/output port
207
communicates with a reader-writer. The co-processor
202
is a special calculation device for executing modular calculations, and is used for calculations in anti-symmetric RSA or the like. Many of IC card processors have no co-processor. A data bus
203
interconnects components of the IC card.
The storage memory
204
includes a ROM (Read-Only Memory), a RAM (Random Access Memory), an EEPROM (Electrically Erasable Programmable Read Only Memory) and the like. ROM is a memory device whose contents cannot be rewritten freely, and is mainly used for storing programs. RAM is a memory whose contents can be rewritten freely and are erased if a power supply is intercepted. When the IC card is disconnected from the reader-writer, a supply of the power is intercepted so that the contents of RAM cannot be retained. EEPROM is a rewritable memory whose contents can be retained even if a power supply is interrupted. Therefore, EEPROM is used for storing data which may be rewritten and can be retained even if the IC card is disconnected from the reader-writer. For example, the number of prepaid times of a prepaid card is stored in EEPROM because it is updated each time the card is used and the contents thereof are required to be retained even if the card is disconnected from the reader-writer.
An IC card is used for storing programs and important information in the IC card chip to execute a cipher process. It has been long considered that the difficulty in decryption of a cipher process executed in the IC card is the same as that in decryption of a ciphering algorithm. However, it has been suggested recently that there is a possibility of presuming the contents of a cipher process and a cipher key by measuring and analyzing a consumption current while the cipher process is executed, easier than decryption of a cipher algorithm. The consumption current can be monitored by measuring the current supplied from the reader-writer. This possible danger is described in “Smart Card Handbook”, by W. Rankl & W. Effing, John Willey & Sons, paragraph 8.5.1.1 “Passive protective mechanism”, at p. 263.
SUMMARY OF THE INVENTION
CMOSs constituting an IC card chip consume current when an output state changes from “1” to “0” or vice versa. The data bus
203
in particular flows a large current when its state changes from “1” to “0” or vice versa, because the data bus has a large electrical capacitance. This suggests a possibility of presuming the operation state in the IC card chip by monitoring the consumption current.
FIG. 3
shows wave shapes of consumption current during one cycle operation of an IC card chip. Depending upon processed data, the current wave shape-becomes different as indicated at
301
and
302
. This difference is generated depending upon data on the bus
203
and data being processed by the central processor
201
.
Consider now the data transfer on a pre-charge bus of 16 bits. The pre-charge bus is reset prior to data transfer so that all bits on the bus have a value “0”. If the data having the same number of “1” bits and different values, e.g., data of hexadecimal “88” and “11” both having two “1” bits, is transferred to this bus, the current wave shapes are generally the same. This is because the numbers of bits changing from “0” to “1” are the same and the same current is consumed to have similar current wave shapes. If the data having a difference of one “1” bit, e.g., data of hexadecimal “89” and “19” both having three “1” bits, is transferred to this bus, the current wave shape becomes different from that of the data having two “1” bits. This is because the number of bits changing from “0” to “1” changes to three bits and a corresponding current is consumed increasingly. Therefore, as compared to the data having two “1” bits, the consumption current increases in amount corresponding to one bit. There is a regularity that the larger the number of “1” bits, the larger the amplitude of the current wave shape becomes. From this regularity, the transferred data can be presumed.
The current wave shapes shown in
FIG. 3
indicate the total sum of current flowing not only through the bus but also through other components constituting the IC card chip. A microcomputer such as an IC card chip includes a phase during which data is transferred mainly to the bus, a phase during which a CPU operates mainly, a phase during which data is written in a register, and other phases. If the phases are taken into account, it is possible to know by which component a difference between consumption currents was mainly produced, and the data process at the component can be presumed.
A difference between consumption currents will be described by using as an example the following left shift instruction.
shift
1
R
1
(1)
This instruction shifts the contents of the register R
1
to the left, i.e., shifts the bit train in the register to the left, and the value of the most significant bit is entered in a condition code register as a carry. Since the most significant bit in the register R
1
is transferred via the data bus to the condition code register, whether the most significant bit is “0” or “1” can be possibly discriminated by comparing the amplitudes of current wave shapes. If important data is stored in the register R
1
, there is a possibility of discriminating whether this data is “0” or “1” although the data is only one bit. The cryptographic process, particularly DES, frequently uses an operation of shifting a cipher key. During this shift operation, the current wave shape allowing to presume the data of the cipher key is generated so that there is a possibility that the cipher key is presumed.
The above-described case is also applied to the operation of the co-processor
202
. If the operation contents include any unbalance dependent upon a cipher key, this shift can be presumed from the consumption current, and there is a possibility that the cipher key is presumed.
An issue associated with the present invention is to reduce the relation between the data process in an IC card chip and its consumption current. If the relation between the data process in an IC card chip and its consumption current can be reduced, it becomes difficult to presume the data process in the IC card chip and the cipher key, from the observed consumption current shapes. The feature of this invention is to make difficult to presume the data process and the cipher key from the consumption current wave shape, by processing the data in the IC card chip after it is transformed.
The tamper resistance device, typically an IC card chip, is considered as an information processing equipment which comprises: a storage memory including a program storage unit for storing a program and a data storage unit for storing data; and a central processing unit for executing a data process in accordance
Fukuzawa Yasuko
Kaminaga Masahiro
Ohki Masaru
Okuhara Susumu
Arani Taghi T.
Hayes Gail
Hitachi , Ltd.
Mattingly Stanger & Malur, P.C.
LandOfFree
Information processing equipment does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Information processing equipment, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Information processing equipment will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3151849