Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Protection at a particular protocol layer
Reexamination Certificate
1999-05-03
2002-03-12
Heckler, Thomas M. (Department: 2182)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Protection at a particular protocol layer
Reexamination Certificate
active
06357009
ABSTRACT:
FIELD OF THE INVENTION
The present invention relates to the secure enablement of a processing entity and in particular, but not exclusively, to the enablement of a cryptographic unit only whilst an enabling entity is present.
In the present context, the term “secure” is used in a relative sense to indicate that the security features provided are sufficiently hard to circumvent as to make it unattractive to try to do so. Of course, this judgement will depend on the benefits to be obtained by circumventing the security features and some embodiments of the present invention are only suitable for low value applications whilst other embodiments are suitable for higher valued applications.
BACKGROUND OF THE INVENTION
FIG. 1
illustrates a known arrangement in which a processing entity
10
is enabled/disabled by a signal passed to it over line
16
from a control entity
11
. The signal is used, for example to control a hardware gate placed in a clock signal line of the processing entity such that if this gate is disabled, the processing entity is unable to function at all. To cause the control entity to output an enabling signal on line
16
, the latter must be supplied with the correct password from an enabling entity
12
(which may be, for example, a smartcard or a security server. The supplied password is temporarily stored in a register
14
of the control entity
11
and then compared in comparison block
15
with a reference copy of the correct password held in register
13
. If the supplied password matches the reference word, the comparison block outputs an enabling signal on line
16
. The control entity
11
and processing entity
10
are, for example, fabricated in the same chip. In a more sophisticated version of this general arrangement, rather than storing a copy of the correct password in register
13
, a signature of this word is stored, this signature being that produced by passing the password through a one-way function; when a password is supplied to the control entity it is first subject to the same one-way function before being compared with the signature stored in register
13
. This latter arrangement is more secure as the correct password is not stored in clear in register
13
.
Examples of this general type of arrangement may be found in EP-A-0,566,512 (Innovatron) and in our co-pending European Patent Application No. 95410047.5.
The
FIG. 1
arrangement is vunerable to a number of attacks. For example, it is possible for a sophisticated attacker to force all bits in registers
13
and
14
to a common state so that the comparison block always outputs an enabling signal. Alternatively, the state of the line
16
could be forced to its enable state. These attacks can be effected by persons only having access to the control entity
11
. Where an attacker also has access to the enabling entity
12
, then other attacks are also possible. For example, the correct password could simply be copied whilst being passed from the enabling entity to the control entity, the copied version of the password then being replayed to enable subsequent operation of the processing entity (it may be desired to do this if use of the enabling entity is somehow restricted, for example, by date expiry or by units of usage).
It is an object of the present invention to provide an arrangement for enabling a processing entity in a manner that is more secure at least in certain respects.
SUMMARY OF THE INVENTION
According to the present invention, there is provided a system comprising processing means needing the input of a set of control values for its proper working, a control entity for providing said set of control values to said processing means, and an enabling entity that can be placed in communication with said control entity to enable the latter to produce said control values; said enabling entity comprising:
first TP-word generation means for providing a first set of touch-point words,
means for providing command indicators associated with touch-point words of said first set,
build-word generation means for producing build words each having a value dependent on the value of a corresponding one of the touch-point words of said first set and its associated said command indicator, and
means for passing said build words to the control entity,
and said control entity comprising:
second TP-word generation means for providing a second set of touch-point words corresponding to those of the said first set,
receive means for receiving said build words from the enabling entity,
command-word generation means for generating command words each with a value dependent both on (a) the value of a respective one of said build words, and (b) the value of the touch-point word in said second set corresponding to the touch point word of said first set used in producing the build word referred to in (a), whereby the command word has a value dependent on the command indicator used in producing the related build word, and
means for using the value of at least one said command word in producing said set of control values for input to said processing means;
said system further comprising coordination means for coordinating operation of said entities.
The command indicators may directly indicate the command-word values to be produced or may indirectly indicate these values (for example, each command indicator may reference a respective command-word storage location conceptually holding a corresponding command word the value of which can be set independently of the command indicator concerned). Where a sequence of command words is to be generated in which at least some of the words have the same value, then having the command indicator directly indicating command-word value means that the same command indicator must be used each time the corresponding command value is to be produced; however,if the command indicator is only an indirect indication of command-word value, then different command indicators can be translated by the command word generation means to the same command word value.
The command indicators can be provided either independently of the ordering of the touch-point words of the first set or, preferably, by the positions of the associated touch point words in the first set (in this case, then the command indicator will generally only be an indirect indication of command-word value).
In many cases the processing entity will operate cyclically and will need said set of control values to be supplied thereto each processing cycle by the control means. This may be achieved in a number of ways, including by generating the same (or different) sets of touch point words each cycle or by storing the first and second sets and reusing them multiple times. In a preferred embodiment, a said second set of touch point words and the corresponding set of build words are stored in the control entity and used for multiple processing cycles.
Preferably, the build-word generation means comprises a memory holding a lookup table containing build-word values, the lookup table being logically organised as columns referenced by command indicator and rows referenced by touch-point-word value. It will be appreciated that in the present context, the terms “rows” and “columns” have no special individual significance and are interchangable.
As regards the command-word generation means, this advantageously comprises:
function-evaluation means for evaluating any selected one of a plurality of predetermined functions each taking build words as arguments,
selection means for selecting one of said plurality of functions as the said selected one in dependence on the value of a current touch point word of the second succession, and
means for applying a current build word to the function evaluation means,
the result of the evaluation of the selected function by the function-evaluation means serving as a command word. Preferably, the function evaluation means takes the form of a memory holding a lookup table containing command word values, this lookup table being logically organised as columns associated with respective ones of said
Beccari Danièle
Giles Vincent
Heckler Thomas M.
Hewlett--Packard Company
LandOfFree
Secure enablement of a processing entity does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Secure enablement of a processing entity, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Secure enablement of a processing entity will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2835881