WO2001053915A1 - Security system involving creation and auto-burning of a digital signature in an electronic device and intelligent token device - Google Patents

Security system involving creation and auto-burning of a digital signature in an electronic device and intelligent token device

Info

Publication number
WO2001053915A1
WO2001053915A1 PCT/IB2000/001846 IB0001846W WO0153915A1 WO 2001053915 A1 WO2001053915 A1 WO 2001053915A1 IB 0001846 W IB0001846 W IB 0001846W WO 0153915 A1 WO0153915 A1 WO 0153915A1
Authority
WO
WIPO (PCT)
Prior art keywords
electronic device
memory
digital signature
data
microprocessor
Prior art date
Application number
PCT/IB2000/001846
Other languages
French (fr)
Inventor
Jose Alberto Tello
Original Assignee
Codex Technologies Incorporated
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Codex Technologies Incorporated filed Critical Codex Technologies Incorporated
Priority to AU15455/01A priority Critical patent/AU1545501A/en
Priority to EP00977826A priority patent/EP1214639A1/en
Publication of WO2001053915A1 publication Critical patent/WO2001053915A1/en

Links

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1008Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/341Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/346Cards serving only as information carrier of service
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/355Personalisation of cards for use
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/409Device specific authentication in transaction processing
    • G06Q20/4097Device specific authentication in transaction processing using mutual authentication between devices and transaction partners

Definitions

  • the piesent invention pertains generally to security systems for electronic devices containing a macoprocessor with non-volatile, programmable memory More specifically, the piesent invention pertains to a process and apparatus for automatically creating and burning a digital signature (auto- burning) to the memory means of a microprocessor of an electronic device and the memory means of an intelligent token device such as a smart card This invention can be used to restrict the use of an eiectionic device, and deter its theft
  • a piobiem faced by the users of such electronic devices is that of then use by unauthorized persons 01 their theft As these electronic devices become smaller, increasingl) sophisticated and more customizable, this piobiem is becoming moie of an issue It is now not uncommon to find electronic de ⁇ ices that contain microprocessors w ith integrated flash memoi v At the same time, intelligent token de ⁇ ice technology such as smart cards and IC buttons has advanced to the le ⁇ el where these token de ⁇ ⁇ ces now can contain multiple forms of memory such as RAM and ROM and croprocessois capable of performing advanced algorithms
  • the pi esent invention l elates to a method foi contiolhng access to. and dete ⁇ mg the theft ot electronic devices that contain a microprocessor and non-volatile, electncallv erasable and piogrammable memoiv that utilizes these advances in electronic devices and smart cards thiough the auto-bui ng ot a digital signatuie into said memorv and the memoiy means ot a smart card
  • the p ⁇ marv objective of the piesent invention is to piovide a means bv which the microprocessor oi an electronic device and the cropiocessoi ot an intelligent token de ⁇ ⁇ ce can be automatical l ⁇ burned w ith a unique digital signatui e w ithout usei intervention or special external devices once the "seed data toi the digital signatui e has been inputted bv the usei
  • ect ⁇ e is to pi
  • the p ⁇ oi art contains inventions that hav e been advanced to address the problem of unauthorized usage 01 theft of eiectionic devices
  • none of the known art allow s foi the creation of unique digital signatuies fiom peisonal information inputted by the user and the auto-burning of these digital signatuies to both the intelligent token device and the electronic device 'in the field' as does the present invention
  • This invention employs a smart caid w ith protected and unprotected " EEPROM memory with a certificate and caid serial number stored in said unprotected memory Using a seciet encryption key, this information is encrypted and the resultant user key is used to access the protected ai ea of the EEPROM memory
  • the focus of this invention is on the smart cai d and its validation to pei form ti ansactions l athei than securing the host electronic device
  • the present inv ention ovei comes or at the least ameliorates the limitations of the pnoi art bv providing a means foi contiolhng access to an eiectionic device which contain a micropiocessor with flash memory by embedding or "burning' a digital signatuie in said memoiv and to the memorv means of an intelligent token dev ice
  • the functionality of said electronic dev ice is disabled unless a smart card with a matching digital signatuie is inserted in an intelligent token dev ice reader/writer that is connected to the micropiocessor of said dev ice
  • the digital signature embedded in the eiectionic dev ice provides a means foi secui mg said device from unauthorized use
  • the appaiatus of the piesent invention which constitute modifications to the original" design of an electronic device
  • One such modification includes a means for automatically burning said digital signature to the memory of the eiectionic device and the memory of the intelligent token dev ice
  • Said auto-burning means consists of a progi amming voltage supply means (VPP) that is connected [electrically coupled] to a voltage switching means (analog sw itch) which is connected to the VPP pin of the macopiocessoi of the electronic device and an input/output (10) pin of an intelligent token dev ice reader/writer
  • Said eiecti onic device croprocessoi contains a multiplicity of 10 ports and a leset line that are electrically connected to the intelligent token device leader/writer Said microprocessoi is also connected to a v olatile memory means, such as static RAM, thiough an addi ess and data BUS
  • a smart card power supplv means means foi pi ovidmg the co ⁇ ect timing sequence foi the micropiocessoi v oltage checking means, and a multiplicity of input/output lines Said multiplicity of I/O lines piovides foi an inci ease in the speed of data ti ansfer and also piov ides the capability to enable or disable individual components of an electronic device
  • the first function of the present invention is to create and write said digital signature to the device
  • a bootstrap program is provided by the croprocessoi manufacturei that allows the writing or burning of data to the flash memory
  • This pi ogram can be incoi porated into the application softvvaie of the electronic device by the device s manufacturei
  • the majority of bootstrap progi ams are run from the internal RAM of the microprocessor Consequently said bootstrap progiam can be loaded into the internal RAM of the mac oprocessoi and w ith the intervention of the smart card be used to progi am oi reprogi am the flash memoiv - including the riting of a digital signatui e and othei secui ity l elated data
  • This initial set up of the system first involv es entering unique, personal information through a data input means such as a key pad oi keyboard that is connected to one of the 10 ports of the microprocessor of said electronic device
  • a data output means such as a monitor or LCD screen is used to provide monitoring of the data input procedure
  • This personal identification data is transferred to the smart card inserted in the smart caid reader/ riter and thi ough the use of a multiplicity of algorithms, a digital signatui e array which comprises a hash number, prime numbei , exponent encryption key and check sum is geneiated fiom said personal data
  • This digital signatuie a ⁇ av is encry pted and encoded and sent to the eiectionic device whei e it is decoded, decrypted and stored in the static RAM From heie it is 'auto-burned to the flash memoiy of the electronic device
  • the auto-buining pioceduie fu st loads the bootstrap program to the internal RAM of the electronic device, and then turns on the VPP (piogramm g) line by sending the correct VPP voltage to the analog switch connected to said VPP line
  • This authentication procedure involves the sending of the digital signature stored in the microprocessor of the electronic device to the smart card
  • An electronic device digital signature Test Number (T ) and Witness Numbei (t) are also sent for the operation of the digital signatui e compai ison algorithm
  • FIG 1 is a block diagram of the implementation of this invention in an eiectionic device accoiding to one embodiment of the invention
  • FIG 2 is a simplified memory map for the second me oiy of the electronic dev ice
  • FIG 3 A is a flow chart that sets forth the initiation of the digital signature authentication procedure as it occurs in the electronic device
  • FIG 3B is a portion of a flow chart that shows the first steps of the digital signature creation process as it occurs in the electronic device
  • FIGS 3C and 3D together compnse a portion of a flow chart that show the continuation of the digital signature creation and auto-burning procedure, as it occurs in the smart card
  • FIGS 3E and 3F together compnse a portion of a flow chart that show the continuation of the auto-burning process in both the eiectionic device and smart caid after the creation of the digital signature bv said smart card
  • FIGS 3G 3H and 31 together comprise a portion of a flow chart that show the digital signature authentication proceeduie as it occurs in both the electronic device and smart card
  • the piesent in ention provides a method and apparatus for creating a digital signature from personal identification data inputted by a user and auto-burning said digital signatuie to any electronic device hav ing a cropiocessoi w ith non-volatile repiogrammable (flash) memory and the memorv of an intelligent token dev ice (containing a microprocessoi ) and lequiring that the digital signatures of these two dev ices match befoi e the eiectionic device is allowed to operate, thereby preventing the unauthorized operation of said electronic dev ice
  • Figure 1 is a simplified block diagram that shows one embodiment of the pi esent inv ention as it is applied to an electronic device 101
  • the basic apparatus consists of several components connected to the microprocessor 103 of the electronic device 101 containing said invention and a portable intelligent token device such as a smart caid Said microopiocessor 103 comprises moie than one input/output (10) port 105
  • the first memorv means is volatile internal memory
  • the preferred first memorv means is internal random access memorv (RAM) although one skilled in the art can readily see that other components that perform a similar function may be substituted w ithout materially changing the scope oi spirit of the inv ention
  • the second memory means is non-v olatile and electrically erasable and repiogiammable
  • Figure 2 show s a simplified memoiy map of said second memorv
  • said second memorv means is divided into a multiplicity of data areas
  • a fu st ai ea 201 is piovided foi softwai e that includes the device specific application softw i e 203 dev eloped bv the manufactui ei of the electronic device
  • This software includes a bootstrap program 205 that is provided by the manufacturer of the microprocessor to the electronic device manufactuier Said bootstiap progiam 205 enables the programming or burning of the croprocessor flash memory
  • said first area of said second memoiy contains the interface software foi input/output devices 207 that the eiectionic equipment manufacturer provides for the reading or writing data to the eiectionic device
  • a second area 209 in said second memory contains a lookup table Space is set aside in said second area foi a data an ay which can hold data such as hash numbers or a digital signature 213 input by the intelligent token device in addition to information concerning the array specifications 21 ] such as size and beginning and ending addiesses
  • Said second area in said second memoiy also contains checksum data 217 for the data in the data array
  • Said checksum data consists of two checksum figures - a direct checksum made up of moi e than one bvte of data and an lndnect or complementary checksum also more than one byte in size Space in said second aiea of the second memoiy means is also set aside for an old encryption key and a new encryption key 215
  • the piefe ⁇ ed second memory means is flash memory although one skilled in the ait can readily see that other components that peiform a similai function may be substituted without materiallv changing the scope or spirit of the invention
  • a thud memory means 110 which consists of volatile memory
  • Said third memorv means functions as a static data buffei that can tempoia ⁇ lv store data from said microprocessor s first and second memories for the purpose of reprogramming said first and second memories
  • This reprogramming is controlled bv the previously described bootstrap program 205 that is piovided bv the manufacturei of the electronic dev ice s microprocessor
  • the prefe ⁇ ed third memory means is static RAM although one skilled in the art can readily see that other components that perform a similai function may be substituted without materially changing the scope or spirit of the invention
  • a means for transferring data to and from said electronic device and said intelligent token dev ice This is piovided through the addition of a software interface for data tiansfeis between the electronic dev ice s macopiocessoi and the smart caid
  • the prefeired first encryption algorithm is the IDEA algoi ithm although one skilled in the art can readily see that readily see that other algonthms that pei form a similar function may be substituted without materially changing the scope or spirit of the invention
  • the apparatus of the present invention provides a means for transferring data between the electronic device microprocessoi 103 and the intelligent token device microprocessor
  • said means foi transferring data is an intelligent token dev ice reader/wi itei 111
  • Said intelligent token device readei/w ⁇ tei 111 is electrically connected to a voltage switching means 113, and said voltage switching means is connected to the VPP port 109 of the electronic device microprocessor 103
  • Said intelligent token device l eadei/wntei 111 contains a multiplicity of pins, including pins for Reset 115, VCC 117.
  • VCC powei supply 127 with said pow er supply connected to the intelligent token dev ice l eadei/wnter VCC pin 117 through a VCC line 129
  • This power supply 127 prov ides the appiop ⁇ ate operating power to the VCC pm 117 of the intelligent token device reader/w ⁇ tei 111
  • the preferred voltage checking means is a watch dog integrated circuit although one skilled in the art can readily see that other components that perform a similar function may be substituted without matei iallv changing the scope or spirit of the ⁇ n ⁇ ention
  • This watch dog circuit functions as a security circuit for the VCC of the intelligent token device reader/wi itei If for any reason, the voltage of said VCC line is not prope
  • the prefen ed means foi piov idmg the co ⁇ ect timing sequence is a clock geneiator ith a ci v stal conti oiled oscillatoi although one skilled in the art can readily see that other components that perform a similar function may be substituted without matei iallv changing the scope or spit it of the invention
  • a means in the electronic device for the user to enter personal identification data for use in the creation of the digital signature This is provided bv a line 139 connected to a external dev ice connecting means 141 and an additional 10 port in the microprocessor of the electronic device that allows connection to an external data input/output device 143 such as a keypad keyboard, RS-232, RS- 4XX TCP/IP, LCD monitor or other data entry and data display means
  • the apparatus of the present invention also includes a means for automatically burning (auto-burnmg) a ne lv created digital signature to the memoiy of the electronic device and the memoiy of the intelligent token dev ice
  • This auto-buimng means consists of the following
  • a first VPP line 146 connects the VPP port 109 of the electronic device microprocessor 103 to a voltage switching means 113 that allow s a sw itch between two diffeient opei ating voltages
  • a second VPP line 148 connects said voltage switching means 113 and an 10 pin 145 of the intelligent token device reader/writer 111
  • Electrically connected to the voltage switching means 113 is a programming power supply means 147 that provides the voltage necessary to program the flash memory of the electronic device s micropiocessor
  • Such a voltage switching means is commonly referred to as an analog switch and may be implemented through the use of an integrated circuit (IC) or transistor Said voltage switching means enables the piesent invention to switch between a programming line
  • the pi efe ⁇ ed intelligent token device for the piesent invention typically contains a microprocessor and more than one memory means
  • this plurality of memory means comprises a fourth memoiy means that is internal RAM (random access memory), a fifth memory means - that typically is onboard ROM (read only memory), and a sixth memory means that is typically EEPROM (electrically erasable and programmable read only memory)
  • the preferred intelligent token device is a smart caid that is compatible with ISO standaid 7816 although one skilled in the art would leadily lecog ze that other devices with similar capabilities may be substituted without mateiiallv modifying the scope oi spirit of this invention
  • Pi e-piogi ammed in said fifth memory are the software means that contiol the cieation of the digital signature and the auto-burning procedure Said fifth memoiy also has stored in it a multiplicity of algorithms Said multiplicity of algorithms consists of algorithms for checking for errors aftei the transmission of data a first encryption means foi protecting data during transmission between the smart card and the electronic device, a second encryption means foi ci eating a hash number, as well as algorithms for check sum calculation, prime number cieation key generation, cieation of a prime number exponent, and for determining the authenticity of one digital signature as compared to another
  • the preferred transmission error checking algorithm is Reed-Solomon although one skilled in the art would leadily recognize that othei algorithms with similai capabilities may be substituted without materially modifying the scope or spirit of this invention
  • the pi ef erred first encryption algorithm for piotectmg data during transmission between the smart caid and the electronic device is the IDEA algorithm although one skilled
  • the sixth memory means is divided into a multiplicity of data areas Said data areas include ones for the storage of a hash number created through the application of an encryption algorithm to the personal information inputted by the usei of the present invention, prime number (N) generated from said hash numbei.
  • exponent (v) also generated from said hash number the starting and ending addresses for the lookup table that is stored in the second memoiy means of the electronic device, the check sum value(s) for the digital signature, an 'old and new encryption key foi use by the encryption algoi ithm stored in the fifth memorv means lookup table consisting of all prime numbers between 2 and 256 and all numbers from 10 million to 200 million in increments of 10 million, and a scratch memoiy buffer for the temporaiy storage of data Pi e-pi ogrammed in said sixth memoiy of the smart card, before the digital signature is pioduced foi the fu st time is an "old" enci yption key for the initial set up of the piesent invention
  • the same encryption key is pre-programmed in the second memory means of the electronic device that utilizes the piesent invention
  • Figure 3A shows the initiation of the digital signature authentication proceeduie as it occuis in the electronic device
  • the application softwai e stored in the second memory means of the microprocessor of the electronic dev ice is implemented 303 Wntten into the beginning of said application softwaie by the electronic dev ice s manufacturei is a check to see if thei e is inserted in the smart caid i eader/w ⁇ ter I l i a valid smart caid 305 It there is not a valid smart card inserted in said l eader/w ⁇ ter.
  • the start up procedure is terminated 307 and the electronic device microprocessor 103 leset If a valid smart caid in inserted in the reader/writer, a jump command is issued 309 which causes a lump to the area set aside for the starting address and ending address of a digital signature in the look up table of said second memory to check for the presence of a digital signature This check is performed through the calculation of the check sum 311, both direct and complement, for said digital signature aiea
  • a result that the check sum value is incorrect indicates that eithei the data stoied in said digital signature area contains some enoi . or that said area is empty
  • the digital signatuie area is checked for the presence of any data 315 If it is empty then a procedure is implemented to create a digital signatuie and automatically burn it to the second memorv of the eiectionic dev ice's microprocessoi 103
  • FIG. 3B shows the first steps of the digital signatuie creation process as it occurs in the electronic device
  • the first step in this process is the sending of a command by the application software of the micropiocessor of the electronic device to the smart card to initiate the digital signature creation and auto burning process 317 Once said process is initiated by the smart card micropiocessoi .
  • the next step is the enteung of personal data 319, thiough a data input/output means 143 that is connected to the electronic device ' s microprocessor 103, by the user of said electronic device through the data 10 line 139
  • the prefe ⁇ ed data input device is a keyboard although one skilled in the ait can readily see that othei devices that perform a similar function may be substituted without matei iallv changing the scope or spint of the invention
  • the preferred data output device is a monitor although one skilled in the art can readily see that other devices that perform a similar function may be substituted without materially changing the scope oi spint of the invention
  • the personal data Once the personal data has been entered by the user, it is temporarily stored in the first memory means of the eiectionic device A check sum is then created from this data 321 and the direct and complementaiy values of said check sum are written to the end of the personal data stored in said first memory means 323 Next, in order to protect the data during its transfer to the smart card inserted in the reader/vv ⁇ tei.
  • said personal data is encrypted 325 through the use of a data encryption means
  • the fust time that this procedure is initiated, the kev that is used to encrypt said peisonal data is stored in the digital signatui e aiea of the second memory means of the eiectionic dev ice during the manufacture of the device
  • the prefe ⁇ ed data encryption means is the IDEA algorithm although one skilled in the art can readily see that other algo ⁇ thms that perform a similai function may be substituted without matenally changing the scope oi spirit of the invention
  • an en or checking algorithm is applied to said personal data 327 Using said algorithm, the personal data and check sum v alues aie encoded to allow foi the l ecovery of said data if it is corrupted during data transfei
  • the pieferred error checking algorithm is the Reed-Solomon algorithm although one skilled in the art can readily see that readily see that other algonthms that pei fomi a similai function may be substituted without materially changing the scope or spirit of the inv ention
  • this data is decoded 331 and if there ai e anv transmission errois 333 these errors are co ⁇ ected 335
  • a check sum calculation is pei formed 339 and the l esultant v alue is checked for any errors in the data 341 If there are no errois.
  • this personal data is written as an an ay to the sixth memory means of said smart card 343 If there are errors, the process of ci eating a digital signature is repeated from the point after the personal data had been entered bv the usei and temporaril y stored in the fu st memoiy means of the electronic device If after a predetermined numbei of check sum erroi s have been detected by the smart card 345, the digital signature creation process is terminated 347
  • said encryption algorithm will use an 'old encryption key that has been pre- piogrammed into the sixth memory of the smart card The same key is pre-programmed into the digital signature area of the second memory means of the electronic device during the manufacture of the device If encryption of the hash number is not requned for security purposes, the use of said encryption key is not l equned In this manner, the present inv ention produces a unique digital signature without the need for any preprogrammed data Aftei the auto-bui ng piocedure is complete whether the 'old encivption key has been used or not a new enciyption kev is generated from the hash number using the key generation algorithm stored in the fifth memory of the smart caid Said "new " encryption key is w ritten over the 'old key pieviously stored in the sixth memory means of the smart card and the
  • the pei sonal data enteied by the user may be ot vaiy ing length, depending upon the memorv limitations of the eiectionic device and the responses of the usei
  • the pieferred encryption algorithm (Hav al) can only be applied to said personal data in 16 byte blocks at a time, any portion of the personal data that does not constitute a full 16 byte block must be expanded or inci eased to this full block size
  • the data l equned to pioduce a full 16 bvte block is i ead fiom the timer register of the mac opi ocessoi
  • the lesultant hash number is stoied in the area set aside for the hash array in the sixth memory
  • the first step in the generation of a new encryption key from said hash number is to create a copy of said hash number in the sixth memoiy means of the smart card in the area set aside for use as a sciatch memory buffei
  • the timei l egistei is read to generate a pseudo-i andom number containing more than one bit of data
  • a multiplicity of bitwise operators such as 'Shift Right' "Shift Left', XOR, AND, and 'Complement', that vvei e previously stored in the fifth memory means of the smart card, are applied to the hash numbei Said multiplicity of opei atoi s aie set in an ordered series
  • the pi ev iously generated pseudo-i andom numbei determines whethei a particular bit ise operator is executed or not on said hash numbei For example the v alue ( l oi 0)
  • the next step in the process is the ci eation of a prime number 'N' 355 From the hash number array a segment between 28 and 64 bits is landomly selected The exact length of this segment depends on the speed and powei of the specific microprocessor used in the smart card T his segment is used as the starting place to generate a prime number with a value between 1 million and 500 million
  • a numbei is created fiom said segment through the division of said segment into a multiplicity eight bit bytes and concatenating the numbei s (between the values 0 and 255) represented bv each bv te
  • the resultant number is lefe ⁇ ed to as the 'Guess Number If the Guess Number is an even numbei , it is transformed to an odd value by subtracting the value ' 1 ' from it.
  • the preprogrammed array of numbers in increments of 10 million and falling between 1 million and 500 million stored in the sixth memory of the smart card, is checked against the Guess Number to determine the interval number in the array that is lower than the Guess Number (Xi) and the interval number that is greater in value than the Guess Number (Xj). Then, starting from the lower interval value (Xi) and using the prime number creating algorithm stored in the fifth memory means of the smart card, prime numbers are generated until one that is closest to the Guess Number is found.
  • the resulting Prime Number (N) will be between 32 to 64 bits in length - the actual length depending on the speed and power of the smart card microprocessor.
  • the closest Prime Number (N) to the Guess Number is then stored in the sixth memory means of the smart card in the area set aside for the Prime Number 357.
  • an Exponent (v) is then generated from the hash number 359.
  • Said Exponent number is generated in the same manner as the Prime Number.
  • a segment is first randomly selected from the hash number.
  • the segment for the exponent is between 24 and 32 bits in length.
  • a Guess Number is created.
  • Said Guess Number is then used to determine the upper and lower interval numbers between 1 million and 500 million, and starting from the lower interval, and using the prime number generating algorithm stored in the fifth memory means of the smart card, an exponent prime number is produced.
  • This exponent is then stored in the sixth memoiy means of the smart card in the area set aside for the exponent 361.
  • the Prime Number (N) and its exponent value (v) are used in the digital signature authentication algorithm stored in the fifth memoiy means of the smart card to verify a match between the digital signatures of an electronic device containing the present invention and a smart card inserted in said electronic device's smart card reader/writer.
  • a check sum is produced using the check sum algorithm stored in the fifth memoiy means of the smart card and then written to the sixth memoiy means of said smart card 363.
  • the preferred check sum is 32 bits in length with a direct and inverse value although one skilled in the art can readily see that other check sum modes that perform a similar function may be substituted without materially changing the scope or spirit of the invention.
  • the address start and address end of this data array is read and stored in the area designated for this data in said sixth memory 365. It is to this address that the application software of the electronic device will jump when the authentication procedure is initiated. This will give the application software the size of the entire digital signature array.
  • Figures 3E and 3F show the continuation of the auto-burn g process in both the eiectionic device and smart cai d aftei the creation of the digital signature by said smart card
  • the bootstrap program stored in the fust area of the second memory means of the eiectionic device as part of the application software, is loaded to the first memory means of the electronic device microprocessor 367 Said bootstrap program is activated upon receiving an auto-burn command from the smart caid
  • This auto-burnmg command sent bv the smart card microprocessor causes the electronic device to write or 'bum' the newly generated digital signature information to the second memory means of the electronic device microprocessor using the bootstrap program and the auto-burning means 113 of the present invention
  • the digital signatuie (DS) data ol said smart cai d is lead from the look up table in the sixth memory means 369 Said digital signatui e is then enci y pted 371.
  • the encrypted data is then encoded 373 to protect against transmission errors using the transmission error algorithm stored in the fifth memoiy means which l esults in RS(E(DS))
  • the resultant enciypted and encoded data is then sent in data blocks to the first memoi y means of the electronic device 375 through one of the multiplicity of data 10 lines 135 that connect the electronic device microprocessor 103 and the smart card microprocessor
  • said RS(E(DS)) data packet is decoded 377 using the transmission error checking algorithm stored in the first area of the second memoiy means and then decrypted 379 using the fii st encryption algorithm and the 'old' encryption kev also stored in said second memoiy means As the data blocks of the digital signature aie decoded and decrypted they are written to the third memoiy means of the electronic device
  • the subsequent process of burning the digital signatuie data from the thud memoiy to the second memoiy is affected by w hether or not the electronic device microprocessor supports writing data to its second memory means in segments lather than only as a single block of data 381 If segmental writing to the memory is supported only the digital signature itself is written to the third memory 383 before it is auto-burned to the second memoiy means of the electronic device However, if segmental vvntmg is not supported, the entne contents of the second memoiy means, including the device specific application softwaie. bootstrap program. IO device lnteiface and the array specifications digital signature, encry ption keys and check sum data must be first written to the third memory means 385 befoi e it is auto-burned to the second memory
  • the bootsti ap progiam 205 of the electronic device is activated to provide the exact procedure and parameters for the burning of said digital signatui e data to the second memory means
  • a command 387 is then sent bv the electronic dev ice microprocessoi 103 to the smart caid to activate the programming line (VPP) 148 of the v oltage switching means 113 Said programming line is 'turned on' through the IO pin 145 of the smart card that sets the VPP powei supply 147 voltage to the analog switch 113 to that which causes said voltage switching means to change from "normal operating line 151 (VN) to 'programming line 150 (VPP)
  • Digital signatuie data is read from the thud memory means and is wiitten to the second memoiy 391 If some erroi occurs during this writing process 393 the bootstiap program will try to burn the digital signature data to another sector in the digital signatu
  • the digital signature data can be successfully written to the second memoiy the start and end addi esses of the digital signature data a ⁇ av ai e enciypted 403 using the first encryption algorithm stoi ed in the fust ai ea of the second memory and then encoded 405 using the error checking algoi ithm also stored in the second memory means and the resultant data (RS(E(ADDR_J. ADDR_ F)) is sent to the smart cai d 407 thiough one of the data IO lines 135 connecting the electronic dev ice microprocessor 103 with the smart cai d reader/writer 111
  • the microprocessor of the electronic device 103 is reset by the smart card 421 through pin SCIO_2 134 that is connected to the reset pin 107 of said microprocessor This reset causes the electronic device microprocessor 103 to return to the start of the digital signature authentication routine - as if the power to the electronic device was interrupted or turned on.
  • a software reset function is used to reset the smart card software to the beginning of the smart caid digital signature authentication procedure 423 This initiates the digital signature authentication proceeduie which if the digital signature in the electronic device microprocessor matches the digital signature in the inserted smart caid normal
  • FIGS. 3H and 31 show the digital signature authentication proceeduie as it occurs in both the electronic device and smart caid
  • the first step in this process is the sending of a request 425, to the microprocessoi of the electronic equipment, by the smart card for the digital signature (DS) stored in the area set aside for digital signatures in the second memory means of said electronic device
  • This request is sent through one of the multiplicity of data IO lines 135 that connect the electronic device microprocessor 103 and the smart caid reader/writer 111
  • said digital signatuie (DS) is read from the look up table foi said digital signature set aside in the second memory of the electronic device 427 Said digital signature is then enciypted 429 using an encryption algoi ithm and "new" encryption key stoied in the second memoiy of the electronic dev ice producing E(DS)
  • the preferred data encryption means is the IDEA algorithm although one skilled in the art can readily see that other algorithms that perform a similar function may be substituted w ithout materially changing the scope or spirit of the invention
  • an error checking algoi ithm is applied to the encrypted digital signature E(DS) to produce RS(E(DS))
  • said digital signatuie is encoded 431 to allow for the recovery of said data if it is conupted during data ti ansfei
  • the preferred error checking algorithm is the Reed-Solomon algorithm although one skilled in the art can readily see that readily see that othei algorithms that perform a similar function may be substituted w ithout materially changing the scope or spirit of the inv ention
  • This enciypted and encoded digital signature RS(E(DS)) is then sent to the smart card 433 thiough one of the multiplicity of data IO lines 135 that connect the electronic device microprocessor 103 and the smart card
  • test number (T) 435 to be applied in the digital signature authentication algorithm
  • the exponent (v ) and pi ime number (N) are read from the second memory means of the electronic device microprocessor
  • a pseudo-random number ( l ) is generated from the timing means of the electronic device microprocessor bv reading data from the timing legistei
  • Test number (T) is then encrypted 437 using the encryption algorithm and new' encryption key stored in the second memory of the electronic device
  • This produces E(T) E(T) is then encoded 439 through the application of an error checking algoi ithm that is stored in the first area of the second memory means to produce RS(E(T))
  • This enciypted and encoded test number (T' " ) is then sent to the fourth memory means of the smart card 441 through one of the multiplicity of data IO lines 135 that connect the electronic
  • T is decoded 447 using the en oi checking algorithm stored in the fifth memory means to produce E(T) If thei e ai e transmission errors, then these are corrected before the decryption procedure If there are no transmission errors then E(T) is then deciypted 449 using the first encryption algorithm stored in the fifth memory means This produces the test number T that was stored in the smart card
  • the next step is the generation of a pseudo-random number (d) by the smart cai d microprocessor 451 bv reading data from the timing register created by the timing means connected to the smart card microprocessor
  • the data taken from the timing l egister may be used as the pseudo-random number itself or mav be further manipulated thiough the use of one or more algorithms
  • Said pseudo-i andom number (d) is then encry pted 453 through the use of the first data encryption means stored in the sixth memory means of the smart caid
  • the encryption key that is used to encrypt said personal data is stored in the digital signature area of the sixth memory means of the smart cai d
  • the encr pted pseudo-random number E(d) is then encoded 455 using the error checking algorithm stored in the sixth memory means to produce RS(E(d))
  • This encoded and encry pted pseudo-random number is then sent to the electronic device microprocessor 457 through one of the multiplicity
  • the secret number B is then used to ci eate a Witness Number (t) 465 in which t ⁇ rB**d(mod N) with r equal to the pseudo-random number previously generated by the application software, 'B' the Seciet Number, 'd' the pseudo-random numbei genei ated by the smart card, and 'N' the Prime Number stoied in the second memory of the electronic device 101
  • the Witness Number (t) is then encrypted 467 using the first encryption algorithm stored in the second memory means and encoded 469 using the error checking means also stoi ed in said second memo ⁇ means
  • the encoded and enciypted Witness Numbei RS(E(t)) is then sent to the smart card 471 through one of the multiplicity of data IO lines 135 that connect the electronic device microprocessoi 103 and the smart cai d microprocessoi
  • the electronic device waits for a command from the smart card 473 which w ill indicate if the digital signatuie of the inserted smart card matches that of said electronic device
  • said encoded and enciypted Witness Numbei RS(E(t)) is decoded 475 using the error checking algoi ithm stored in the sixth memory means and if there are any data transmission errors they are coi rected
  • the enciypted Witness Number E(t) is decrypted 477 using the encryption key stoied in the sixth memory means to produce t

Abstract

An apparatus and method for securing the operation of any electronic device (101) that contains a microprocessor (103) and a plurality of memories (110), including flash memory. The basic apparatus includes a smart card reader/writer (111) for a smart card with a microprocessor and a plurality of memories, a means for auto-burning the memories (110) of the electronic device and smart card, and a connection for an external input/output device such as a keyboard and monitor. This system automatically creates and burns a digital signature, that is generated from identification data input by the user through the external input/output device, into the memory of both the electronic device (101) and smart card. Upon start up, reset or interrupt of the electronic device, once the digital signature has been created and auto-burned, control is passed to a software program that authenticates the digital signatures burned in the electronic device (101) and the smart card. If these digital signatures are found to match then normal operation of the electronic device (101) is permitted, otherwise the operation of the electronic device (101) is terminated.

Description

TITLE OF INVENTION
Secunty System Involving Creation and Auto-burning of a Digital Signature in an Electronic Device and Intelligent Token Device
CROSS-REFERENCE TO RELATED APPLICATIONS
Not Applicable
STATEMENT REGARDING FEDERALLY SPONSORED RESEARCH OR DEVELOPMENT
Not Applicable
REFERENCE TO A MICROFICHE APPENDIX
Not Applicable
TECHNICAL FIELD OF THE INVENTION
The piesent invention pertains generally to security systems for electronic devices containing a micioprocessor with non-volatile, programmable memory More specifically, the piesent invention pertains to a process and apparatus for automatically creating and burning a digital signature (auto- burning) to the memory means of a microprocessor of an electronic device and the memory means of an intelligent token device such as a smart card This invention can be used to restrict the use of an eiectionic device, and deter its theft
BACKGROUND OF THE INVENTION
In recent yeais, electronic devices in both the consumer and industrial markets ha\ e become more sophisticated with respect to the level of integiated circuitry embedded in then eiectionic controls This category of electronic devices includes such products as printers, lax machines photocopiers calculators, telephones, test and measurement equipment, video cassette recorders car stereos digital cameras, video cameras among a wide variety of others
A piobiem faced by the users of such electronic devices is that of then use by unauthorized persons 01 their theft As these electronic devices become smaller, increasingl) sophisticated and more customizable, this piobiem is becoming moie of an issue It is now not uncommon to find electronic de\ ices that contain microprocessors w ith integrated flash memoi v At the same time, intelligent token de\ ice technology such as smart cards and IC buttons has advanced to the le\ el where these token de\ ιces now can contain multiple forms of memory such as RAM and ROM and micioprocessois capable of performing advanced algorithms
The pi esent invention l elates to a method foi contiolhng access to. and deteπmg the theft ot electronic devices that contain a microprocessor and non-volatile, electncallv erasable and piogrammable memoiv that utilizes these advances in electronic devices and smart cards thiough the auto-bui ng ot a digital signatuie into said memorv and the memoiy means ot a smart card The pπmarv objective of the piesent invention is to piovide a means bv which the microprocessor oi an electronic device and the miciopiocessoi ot an intelligent token de\ ιce can be automatical l\ burned w ith a unique digital signatui e w ithout usei intervention or special external devices once the "seed data toi the digital signatui e has been inputted bv the usei A second ob|ectι\ e is to pi ov ide tor the contiol ot a w ide v anetv of eiectionic dev ices thiough the use ot an intelligent token device
The pπoi art contains inventions that hav e been advanced to address the problem of unauthorized usage 01 theft of eiectionic devices However none of the known art allow s foi the creation of unique digital signatuies fiom peisonal information inputted by the user and the auto-burning of these digital signatuies to both the intelligent token device and the electronic device 'in the field' as does the present invention
The know n art contains examples of methods that implicitly 01 explicit!) attempt to make electronic devices moi e secuie and less pi one to theft One such prior ait s\ stem follows the appioach of securing the VLSI 01 ULSI dev ice itself United States Patent numbei 5774545 issued on June 30 1998 to P Raghav achan describes a security and theft deteπent system foi VLSI and ULSI devices This inv ention stoics a leprogrammable pass oi d and othei user infoi mation in the flash memorv of these devices T he VLSI or ULSI device containing this invention is disabled unless a random security challenge is met and a passwoi d supplied bv an external souice or medium upon pow er up This patent focuses onlv on the VLSI and ULSI devices' security sy stem and does not describe in detail the apparatus and methods of the "external medium" nor how said exteinal medium is itself programmed with the l equned passwoi d and how it is secuied The method descnbed in this invention is essentially device specific and must be altei ed for each type of VLSI or ULSI device
United States Patent number 5495531 bv L Smiedt dated February 27. 1996 describes an apparatus and method by which a built in chip is used to exercise contiol o ei the use of equipment that can contain eiectionic circuitry It involves the w riting of a unique serial number into the ROM of said chip that cannot be subsequently changed This inv ention does provide a means for disabling equipment that contain eiectionic cncuitiy but lequn ed that a unique "activation code be remembei ed bv the user and destroyed, stolen or forgotten Also of concern, is the fact that software containing algorithms compatible with those contained in the previously mentioned chip are stored in an external computei Unauthorized use or copy ing of. this program, or the outright theft of the computer itself can be used to compromise the security of all equipment containing this in ention
Other methods in the known art approach the problem of increasing the security of smart card based sv stems bv implementing smart caid validation or mutual authentication systems Although these systems ai e not explicitly applied to the security of electronic devices these inventions can be used for this purpose and are therefore rele ant United States Patent number 5379344 issued to S B Larsson et al on January 3, 1995. describes such a smart caid validation device and method This invention employs a smart caid w ith protected and unprotected" EEPROM memory with a certificate and caid serial number stored in said unprotected memory Using a seciet encryption key, this information is encrypted and the resultant user key is used to access the protected ai ea of the EEPROM memory The focus of this invention is on the smart cai d and its validation to pei form ti ansactions l athei than securing the host electronic device
United States Patents numbei 5288978 and 5293029 issued to Y h|ima on February 22 1994 and March 8 1994 lespectivel relate to a security method involving an IC card (smart cai d) and a host oi terminal device (computer) that is based on a mutual authentication system The main ob|ectιv e of these inv entions is to increase the security of the authentication data of a smart card by determining the legitimacv of both the smart cai d and terminal device before authenticating the smart card This is accomplished through the transmission and checking of authentication data Although it is not explicitly noted, it appears that the method described by these patents is CPU specific, particularly a control program that executes lead/write functions In addition neither invention describes an appaiatus or process by which a digital signature can be created fiom data inputted by the dev ice's user and burned in both the smart cai d and terminal device in the field"
United States Patent number 5778070 held by P E Mattison and issued on July 7 1998 describes a method foi pi imanly piotectmg flash memory fiom unauthonzed modification especially of the Basic Input/Output System (BIOS), and secondarily foi secuiely l eprogiamming said flash memory This inv ention is mainly designed foi use in a computer system and uses a digital signature to verify the authenticity of an update program befoie it is allowed to repiogram the device s flash memory While it does pro ide a method for piotectmg and repiogramming the flash memory, this invention is designed to secure only the flash memory and not the device in which said memoiy l esides
BRIEF SUMMARY OF THE INVENTION
The present inv ention ovei comes or at the least ameliorates the limitations of the pnoi art bv providing a means foi contiolhng access to an eiectionic device which contain a micropiocessor with flash memory by embedding or "burning' a digital signatuie in said memoiv and to the memorv means of an intelligent token dev ice The functionality of said electronic dev ice is disabled unless a smart card with a matching digital signatuie is inserted in an intelligent token dev ice reader/writer that is connected to the micropiocessor of said dev ice The digital signature embedded in the eiectionic dev ice provides a means foi secui mg said device from unauthorized use
The appaiatus of the piesent invention which constitute modifications to the original" design of an electronic device One such modification includes a means for automatically burning said digital signature to the memory of the eiectionic device and the memory of the intelligent token dev ice Said auto-burning means consists of a progi amming voltage supply means (VPP) that is connected [electrically coupled] to a voltage switching means (analog sw itch) which is connected to the VPP pin of the miciopiocessoi of the electronic device and an input/output (10) pin of an intelligent token dev ice reader/writer
Said eiecti onic device micioprocessoi contains a multiplicity of 10 ports and a leset line that are electrically connected to the intelligent token device leader/writer Said microprocessoi is also connected to a v olatile memory means, such as static RAM, thiough an addi ess and data BUS
Connected to the smart caid reader/writer ai e a smart card power supplv means means foi pi ovidmg the coπ ect timing sequence foi the micropiocessoi v oltage checking means, and a multiplicity of input/output lines Said multiplicity of I/O lines piovides foi an inci ease in the speed of data ti ansfer and also piov ides the capability to enable or disable individual components of an electronic device
If the electronic device has not ali eady been personalized' through the burning of a digital signatuie in its flash memory, the first function of the present invention is to create and write said digital signature to the device For microprocessoi s that utilize flash memory, a bootstrap program is provided by the micioprocessoi manufacturei that allows the writing or burning of data to the flash memory This pi ogram can be incoi porated into the application softvvaie of the electronic device by the device s manufacturei The majority of bootstrap progi ams are run from the internal RAM of the microprocessor Consequently said bootstrap progiam can be loaded into the internal RAM of the mici oprocessoi and w ith the intervention of the smart card be used to progi am oi reprogi am the flash memoiv - including the riting of a digital signatui e and othei secui ity l elated data
This initial set up of the system first involv es entering unique, personal information through a data input means such as a key pad oi keyboard that is connected to one of the 10 ports of the microprocessor of said electronic device A data output means such as a monitor or LCD screen is used to provide monitoring of the data input procedure This personal identification data is transferred to the smart card inserted in the smart caid reader/ riter and thi ough the use of a multiplicity of algorithms, a digital signatui e array which comprises a hash number, prime numbei , exponent encryption key and check sum is geneiated fiom said personal data
This digital signatuie aπav is encry pted and encoded and sent to the eiectionic device whei e it is decoded, decrypted and stored in the static RAM From heie it is 'auto-burned to the flash memoiy of the electronic device The auto-buining pioceduie fu st loads the bootstrap program to the internal RAM of the electronic device, and then turns on the VPP (piogramm g) line by sending the correct VPP voltage to the analog switch connected to said VPP line This causes the digital signature data stored in the static RAM to be automatically written thiough the data line that connects the static RAM with the electronic dev ice microprocessoi to the digital signatuie aiea of the flash memory of the eiectionic device From this process both the eiectionic device and the smart caid contain the same digital signature that aie checked for a match every time the smart card is inserted in the electronic device and the device is powered on
This authentication procedure involves the sending of the digital signature stored in the microprocessor of the electronic device to the smart card An electronic device digital signature Test Number (T ) and Witness Numbei (t) are also sent for the operation of the digital signatui e compai ison algorithm The Witness Number (t) is used in the genei ation of the smart card's digital signature Test Number (T") II T = T then the digital signatui es of the electronic device and the inserted smart card match and the normal opei ation of the electronic device is allowed to continue
BRIEF DESCRIPTION OF THE DRAWINGS
FIG 1 is a block diagram of the implementation of this invention in an eiectionic device accoiding to one embodiment of the invention
FIG 2 is a simplified memory map for the second me oiy of the electronic dev ice
FIG 3 A is a flow chart that sets forth the initiation of the digital signature authentication procedure as it occurs in the electronic device
FIG 3B is a portion of a flow chart that shows the first steps of the digital signature creation process as it occurs in the electronic device
FIGS 3C and 3D together compnse a portion of a flow chart that show the continuation of the digital signature creation and auto-burning procedure, as it occurs in the smart card
FIGS 3E and 3F together compnse a portion of a flow chart that show the continuation of the auto-burning process in both the eiectionic device and smart caid after the creation of the digital signature bv said smart card
FIGS 3G 3H and 31 together comprise a portion of a flow chart that show the digital signature authentication proceduie as it occurs in both the electronic device and smart card
DETAILED DESCRIPTION OF THE INVENTION
The piesent in ention provides a method and apparatus for creating a digital signature from personal identification data inputted by a user and auto-burning said digital signatuie to any electronic device hav ing a miciopiocessoi w ith non-volatile repiogrammable (flash) memory and the memorv of an intelligent token dev ice (containing a microprocessoi ) and lequiring that the digital signatures of these two dev ices match befoi e the eiectionic device is allowed to operate, thereby preventing the unauthorized operation of said electronic dev ice Figure 1 is a simplified block diagram that shows one embodiment of the pi esent inv ention as it is applied to an electronic device 101 In one embodiment of the present invention the basic apparatus consists of several components connected to the microprocessor 103 of the electronic device 101 containing said invention and a portable intelligent token device such as a smart caid Said miciopiocessor 103 comprises moie than one input/output (10) port 105 a leset port 107 and a VPP port 109 a fust memoiy means, a second memoiy means and a third memory means 110
The first memorv means is volatile internal memory The preferred first memorv means is internal random access memorv (RAM) although one skilled in the art can readily see that other components that perform a similar function may be substituted w ithout materially changing the scope oi spirit of the inv ention
The second memory means is non-v olatile and electrically erasable and repiogiammable Figure 2 show s a simplified memoiy map of said second memorv In the preferred embodiment of the present invention said second memorv means is divided into a multiplicity of data areas
A fu st ai ea 201 is piovided foi softwai e that includes the device specific application softw i e 203 dev eloped bv the manufactui ei of the electronic device This software includes a bootstrap program 205 that is provided by the manufacturer of the microprocessor to the electronic device manufactuier Said bootstiap progiam 205 enables the programming or burning of the micioprocessor flash memory In addition to the bootstrap program said first area of said second memoiy contains the interface software foi input/output devices 207 that the eiectionic equipment manufacturer provides for the reading or writing data to the eiectionic device
A second area 209 in said second memory contains a lookup table Space is set aside in said second area foi a data an ay which can hold data such as hash numbers or a digital signature 213 input by the intelligent token device in addition to information concerning the array specifications 21 ] such as size and beginning and ending addiesses Said second area in said second memoiy also contains checksum data 217 for the data in the data array Said checksum data consists of two checksum figures - a direct checksum made up of moi e than one bvte of data and an lndnect or complementary checksum also more than one byte in size Space in said second aiea of the second memoiy means is also set aside for an old encryption key and a new encryption key 215 The piefeπed second memory means is flash memory although one skilled in the ait can readily see that other components that peiform a similai function may be substituted without materiallv changing the scope or spirit of the invention
Connected to said microprocessoi thiough an address and data BUS line 108 is a thud memory means 110 which consists of volatile memory Said third memorv means functions as a static data buffei that can tempoiaπlv store data from said microprocessor s first and second memories for the purpose of reprogramming said first and second memories This reprogramming is controlled bv the previously described bootstrap program 205 that is piovided bv the manufacturei of the electronic dev ice s microprocessor The prefeπed third memory means is static RAM although one skilled in the art can readily see that other components that perform a similai function may be substituted without materially changing the scope or spirit of the invention
Accoi ding to the piesent invention said application softwaie of the fust area of the second memory means, is modified by the electronic device manufacturei These modifications include
1 A means for transferring control upon power on or reset of said eiectionic device to a check for the presence of a digital signatuie Said transferring means is provided by the insertion of a ' |ump' function in the electronic device's software initialization procedures, to the lookup table in the second area 209 of the second memoiy means, after power on or reset
2 A means for transferring data to and from said electronic device and said intelligent token dev ice This is piovided through the addition of a software interface for data tiansfeis between the electronic dev ice s miciopiocessoi and the smart caid A haidvvaie intei face mv olv mg a l eadei/wntei device foi the intelligent token device will be lequired and. depending on the speed and othei chaiacteπstics lequired by the specific micioprocessoi will utilize at least one data 10 line on the miciopiocessoi
3 Implementation of an error checking algorithm for the flow of data between the smart card and the eiectionic device's microprocessor The preferred error checking algorithm is the Reed-Solomon Algol ithm although one skilled in the art can readily see that readily see that other algorithms that perform a similai function may be substituted without materially changing the scope or spirit of the invention
4 Inclusion of a first encryption algorithm to encode and decode all data that is passed between the micioprocessor and the smart card For the present invention the prefeired first encryption algorithm is the IDEA algoi ithm although one skilled in the art can readily see that readily see that other algonthms that pei form a similar function may be substituted without materially changing the scope or spirit of the invention
5 Writing basic commands such as 'write', 'read', 'hold , and continue' to the lookup table
6 The addition of a means to authenticate a digital signature passed from a smart caid against a digital signature stoi ed in the flash memorv of the electronic dev ice The prefeπ ed digital signature authentication algoi ithm is the Gillou-Quisquater Scheme although one skilled in the art can l eadily see that l eadily see that other algorithms that perform a similar function may be substituted without materially changing the scope oi spn it of the invention
The apparatus of the present invention provides a means for transferring data between the electronic device microprocessoi 103 and the intelligent token device microprocessor In the preferred embodiment of the present invention, said means foi transferring data is an intelligent token dev ice reader/wi itei 111 Said intelligent token device readei/wπtei 111 is electrically connected to a voltage switching means 113, and said voltage switching means is connected to the VPP port 109 of the electronic device microprocessor 103 Said intelligent token device l eadei/wntei 111 contains a multiplicity of pins, including pins for Reset 115, VCC 117. Clock 119, Ground 121 and moie than one pin 123 for transferring data to and fiom the electronic device microprocessor 103 Electrically connected to said Reset pin 115 is a voltage checking means 125 Electi ically connected to said v oltage checking means is a VCC powei supply 127 with said pow er supply connected to the intelligent token dev ice l eadei/wnter VCC pin 117 through a VCC line 129 This power supply 127 prov ides the appiopπate operating power to the VCC pm 117 of the intelligent token device reader/wπtei 111 The preferred voltage checking means is a watch dog integrated circuit although one skilled in the art can readily see that other components that perform a similar function may be substituted without matei iallv changing the scope or spirit of the ιn\ ention This watch dog circuit functions as a security circuit for the VCC of the intelligent token device reader/wi itei If for any reason, the voltage of said VCC line is not propei ly set said watch dog circuit resets the secui ltv procedui es of the portable intelligent token device to the beginning
Electrically connected to said Clock pin 119 is a means for providing the timing sequence 131 lor the miciopiocessoi of the intelligent token device inserted in the intelligent token device l eader/wπtei 111 The prefen ed means foi piov idmg the coπect timing sequence is a clock geneiator ith a ci v stal conti oiled oscillatoi although one skilled in the art can readily see that other components that perform a similar function may be substituted without matei iallv changing the scope or spit it of the invention
Electi ically connected to more than one input/output (10) pins 133 of said intelligent token device reader/writer 111 aie an equivalent number of data 10 lines 135 that are connected to 10 ports 105 on the electronic device microprocessoi 103 Said data 10 lines 135 ai e connected to voltage state defining means 137 Said data lO lines 135 are used foi the transfer of data between the electronic device microprocessoi 103 and the intelligent token device micropiocessor Depending on the specific micioprocessor used in the eiecti onic dev ice one oi more of these data 10 lines may be requued for lead/write functions when the second memoiy of the electronic device microprocessor is programmed The preferred voltage state defining means 137 foi said data 10 lines are VCC lines created thiough the use of a pull up or pull down resistors, although one skilled in the art can readily see that othei components that perform a similar function mav be substituted without matenally changing the scope or spirit of the invention
Also provided in the present invention is a means in the electronic device for the user to enter personal identification data for use in the creation of the digital signature This is provided bv a line 139 connected to a external dev ice connecting means 141 and an additional 10 port in the microprocessor of the electronic device that allows connection to an external data input/output device 143 such as a keypad keyboard, RS-232, RS- 4XX TCP/IP, LCD monitor or other data entry and data display means
The apparatus of the present invention also includes a means for automatically burning (auto-burnmg) a ne lv created digital signature to the memoiy of the electronic device and the memoiy of the intelligent token dev ice This auto-buimng means consists of the following A first VPP line 146 connects the VPP port 109 of the electronic device microprocessor 103 to a voltage switching means 113 that allow s a sw itch between two diffeient opei ating voltages A second VPP line 148 connects said voltage switching means 113 and an 10 pin 145 of the intelligent token device reader/writer 111 Electrically connected to the voltage switching means 113 is a programming power supply means 147 that provides the voltage necessary to program the flash memory of the electronic device s micropiocessor Such a voltage switching means is commonly referred to as an analog switch and may be implemented through the use of an integrated circuit (IC) or transistor Said voltage switching means enables the piesent invention to switch between a programming line 150 (VPP) and normal operating line 151 (VN), that connect the intelligent token device reader/wπtei 111 and the electronic device microprocessor 103, by changing the voltage to the analog switch 113 from the electronic device s VPP powei supply 147 The specific voltage required to activate either the programming line or the normal operating line depends on the microprocessor of the electronic device The preferred voltage s itching means is a dual single pole single throw (SPST) normally open, switch IC although one skilled in the art can readily see that othei components that pei form a similar function may be substituted without materially changing the scope or spint of the inv ention
According to the prefeπed embodiment of the present invention there is also pi ovided a means for terminating the operation of the electronic device if unauthorized access is attempted This is thiough the use of a reset means Said l eset means compi ises a data 10 line 136 connected to the 'Reset port 107 of the electronic dev ice microprocessoi 103 and an IO pin 134 on the intelligent token device leader/vvntei
Intelligent Token Device
The pi efeπed intelligent token device for the piesent invention typically contains a microprocessor and more than one memory means In the preferred embodiment, this plurality of memory means comprises a fourth memoiy means that is internal RAM (random access memory), a fifth memory means - that typically is onboard ROM (read only memory), and a sixth memory means that is typically EEPROM (electrically erasable and programmable read only memory) The preferred intelligent token device is a smart caid that is compatible with ISO standaid 7816 although one skilled in the art would leadily lecog ze that other devices with similar capabilities may be substituted without mateiiallv modifying the scope oi spirit of this invention
Pi e-piogi ammed in said fifth memory are the software means that contiol the cieation of the digital signature and the auto-burning procedure Said fifth memoiy also has stored in it a multiplicity of algorithms Said multiplicity of algorithms consists of algorithms for checking for errors aftei the transmission of data a first encryption means foi protecting data during transmission between the smart card and the electronic device, a second encryption means foi ci eating a hash number, as well as algorithms for check sum calculation, prime number cieation key generation, cieation of a prime number exponent, and for determining the authenticity of one digital signature as compared to another In the preferred embodiment of this invention, the preferred transmission error checking algorithm is Reed-Solomon although one skilled in the art would leadily recognize that othei algorithms with similai capabilities may be substituted without materially modifying the scope or spirit of this invention The pi ef erred first encryption algorithm for piotectmg data during transmission between the smart caid and the electronic device is the IDEA algorithm although one skilled in the ait would leadily recognize that othei algorithms with similar capabilities may be substituted without materially modifying the scope or spint of this invention The preferred second encryption algorithm for creating a hash number is Haval although one skilled in the art would leadily recognize that other algorithms with similar capabilities may be substituted without mateπally modifying the scope or spirit of this invention The preferred authentication algorithm is the Gillou-Quisquater Scheme although one skilled in the ait can readily see that readily see that othei algoi ithms that perfomi a similar function may be substituted without materially changing the scope or spirit of the invention Also stored in said fifth memory means, in order to aid in the creation of a prime number, are a multiplicity of primitives, also known as bitwise operators, such as shift left shift l ight. XOR (exclusive OR) AND OR and complement
The sixth memory means is divided into a multiplicity of data areas Said data areas include ones for the storage of a hash number created through the application of an encryption algorithm to the personal information inputted by the usei of the present invention, prime number (N) generated from said hash numbei. exponent (v) also generated from said hash number the starting and ending addresses for the lookup table that is stored in the second memoiy means of the electronic device, the check sum value(s) for the digital signature, an 'old and new encryption key foi use by the encryption algoi ithm stored in the fifth memorv means lookup table consisting of all prime numbers between 2 and 256 and all numbers from 10 million to 200 million in increments of 10 million, and a scratch memoiy buffer for the temporaiy storage of data Pi e-pi ogrammed in said sixth memoiy of the smart card, before the digital signature is pioduced foi the fu st time is an "old" enci yption key for the initial set up of the piesent invention The same encryption key is pre-programmed in the second memory means of the electronic device that utilizes the piesent invention
The Authentication Process:
Figure 3A shows the initiation of the digital signature authentication proceduie as it occuis in the electronic device Upon power on or reset 301 ot the electronic device containing the present inv ention, the application softwai e stored in the second memory means of the microprocessor of the electronic dev ice is implemented 303 Wntten into the beginning of said application softwaie by the electronic dev ice s manufacturei is a check to see if thei e is inserted in the smart caid i eader/wπter I l i a valid smart caid 305 It there is not a valid smart card inserted in said l eader/wπter. the start up procedure is terminated 307 and the electronic device microprocessor 103 leset If a valid smart caid in inserted in the reader/writer, a jump command is issued 309 which causes a lump to the area set aside for the starting address and ending address of a digital signature in the look up table of said second memory to check for the presence of a digital signature This check is performed through the calculation of the check sum 311, both direct and complement, for said digital signature aiea
A result that the check sum value is incorrect indicates that eithei the data stoied in said digital signature area contains some enoi . or that said area is empty In order to determine which of these two conditions is true, the digital signatuie area is checked for the presence of any data 315 If it is empty then a procedure is implemented to create a digital signatuie and automatically burn it to the second memorv of the eiectionic dev ice's microprocessoi 103
Creation of the Digital Signature:
a Inputting Personal Data to the Electronic Device
As previously noted, if the check sum is incorrect and there is no data in the area set aside for the digital signature in the second memory of the digital device micioprocessor a procedure to cieate and write a digital signatui e to said second memoiy is initiated Figure 3B shows the first steps of the digital signatuie creation process as it occurs in the electronic device The first step in this process is the sending of a command by the application software of the micropiocessor of the electronic device to the smart card to initiate the digital signature creation and auto burning process 317 Once said process is initiated by the smart card micropiocessoi . the next step is the enteung of personal data 319, thiough a data input/output means 143 that is connected to the electronic device's microprocessor 103, by the user of said electronic device through the data 10 line 139 The prefeπ ed data input device is a keyboard although one skilled in the ait can readily see that othei devices that perform a similar function may be substituted without matei iallv changing the scope or spint of the invention The preferred data output device is a monitor although one skilled in the art can readily see that other devices that perform a similar function may be substituted without materially changing the scope oi spint of the invention
Once the personal data has been entered by the user, it is temporarily stored in the first memory means of the eiectionic device A check sum is then created from this data 321 and the direct and complementaiy values of said check sum are written to the end of the personal data stored in said first memory means 323 Next, in order to protect the data during its transfer to the smart card inserted in the reader/vvπtei. said personal data is encrypted 325 through the use of a data encryption means The fust time that this procedure is initiated, the kev that is used to encrypt said peisonal data is stored in the digital signatui e aiea of the second memory means of the eiectionic dev ice during the manufacture of the device The prefeπ ed data encryption means is the IDEA algorithm although one skilled in the art can readily see that other algoπthms that perform a similai function may be substituted without matenally changing the scope oi spirit of the invention
Subsequent proceduies to encrypt data transfeπed between the electronic device and the inserted smart card, utilize a key that is produced by the smart card from the digital signature and written over the original key that was stored in the digital signature area of the second memory means of the electronic device Said encryption key is changed ev eiy time a new digital signature is cieated
Next in oidei to protect the integrity of the personal data as it is transfeired. an en or checking algorithm is applied to said personal data 327 Using said algorithm, the personal data and check sum v alues aie encoded to allow foi the l ecovery of said data if it is corrupted during data transfei The pieferred error checking algorithm is the Reed-Solomon algorithm although one skilled in the art can readily see that readily see that other algonthms that pei fomi a similai function may be substituted without materially changing the scope or spirit of the inv ention
Next said encrypted and encoded data is written to an array in the fourth memoiy means of the inserted smart card 329 through one of the plurality of data 10 lines 135 that connect the lO ports 105 of the electronic device microprocessor and the IO pins 133 of the smart card reader/writer 111
b. Creation of the Digital Signature in the Smart Card:
The continuation of the digital signatuie creation and auto-burning pioceduie. as it occui s in the smart cai d is shown in Figures 3C and 3D
Using the erroi transmission algorithm stored in the fifth memoiy means of the smart caid this data is decoded 331 and if there ai e anv transmission errois 333 these errors are coπected 335 Following this, the first encryption algorithm stored in said fifth memory means and the encryption key stored in the sixth memory means of the smart cai d ai e used to decrypt the encrypted data 337 Next a check sum calculation is pei formed 339 and the l esultant v alue is checked for any errors in the data 341 If there are no errois. this personal data is written as an an ay to the sixth memory means of said smart card 343 If there are errors, the process of ci eating a digital signature is repeated from the point after the personal data had been entered bv the usei and temporarily stored in the fu st memoiy means of the electronic device If after a predetermined numbei of check sum erroi s have been detected by the smart card 345, the digital signature creation process is terminated 347
Aftei the data has been decoded, decrypted and if no check sum errors are present, the procedure to create a digital signatuie is continued This involv es the creation of a hash number using the second encryption algoi ithm stoi ed in the fifth memory means of the smart card 349 Said encryption algoi ithm pioduces a hash numbei with a length between 128 and 256 bits The preferred data encryption means is the Haval algoi ithm although one skilled in the art can readily see that other algorithms that pei form a similai function mav be substituted without matenally changing the scope or spirit of the invention
If the electronic device and smart card are new and have not previously been personalized, and it is desn ed that said hash numbei be encrypted, said encryption algorithm will use an 'old encryption key that has been pre- piogrammed into the sixth memory of the smart card The same key is pre-programmed into the digital signature area of the second memory means of the electronic device during the manufacture of the device If encryption of the hash number is not requned for security purposes, the use of said encryption key is not l equned In this manner, the present inv ention produces a unique digital signature without the need for any preprogrammed data Aftei the auto-bui ng piocedure is complete whether the 'old encivption key has been used or not a new enciyption kev is generated from the hash number using the key generation algorithm stored in the fifth memory of the smart caid Said "new " encryption key is w ritten over the 'old key pieviously stored in the sixth memory means of the smart card and the 'old encryption key stoi ed in the second memory means of the electronic device Howevei . before the ultimate completion of the auto-burmng piocedure the preprogrammed 'old' and new ' encryption keys ai e both stored in the sixth memory of the smart card and the second memory of the eiectionic device in case either are requned befoie the auto-burning process is completed
The following describes the prefeπed mode in which the second encryption algoi ithm is used to generate a hash number As noted, othei modes of applying said second algorithm to create a unique hash number or othei algorithms that requn e a different mode may be substituted without materially changing the scope or spint of the invention
The pei sonal data enteied by the user may be ot vaiy ing length, depending upon the memorv limitations of the eiectionic device and the responses of the usei As the pieferred encryption algorithm (Hav al) can only be applied to said personal data in 16 byte blocks at a time, any portion of the personal data that does not constitute a full 16 byte block must be expanded or inci eased to this full block size This is accomplished bv using the timing lnfoπnation of the micioprocessor timei of the smart card as a pseudo-random number geneiatoi and writing the data required to produce a full 16 byte block from the timei to the partial block of data The data l equned to pioduce a full 16 bvte block is i ead fiom the timer register of the mici opi ocessoi The lesultant hash number is stoied in the area set aside for the hash array in the sixth memory means of the smart card
Once the hash number has been created, a new encryption key is generated from it 351 The first step in the generation of a new encryption key from said hash number is to create a copy of said hash number in the sixth memoiy means of the smart card in the area set aside for use as a sciatch memory buffei Following this, the timei l egistei is read to generate a pseudo-i andom number containing more than one bit of data A multiplicity of bitwise operators such as 'Shift Right' "Shift Left', XOR, AND, and 'Complement', that vvei e previously stored in the fifth memory means of the smart card, are applied to the hash numbei Said multiplicity of opei atoi s aie set in an ordered series The pi ev iously generated pseudo-i andom numbei determines whethei a particular bit ise operator is executed or not on said hash numbei For example the v alue ( l oi 0) of the fu st bit of the pseudo-i andom number determines w hether or not the fust operatoi in the senes pi ev iouslv stored is executed The same follows for the second bit of the pseudo-random number and the second opei ator in the series Once all the bitwise operators hav e been checked against the pseudo random number and applied to the hash number oi not, the result is the 'new encryption key Said 'new encryption key is then stored in the sixth memory of the smart card in the area set aside for the 'new' encryption key 353
The next step in the process is the ci eation of a prime number 'N' 355 From the hash number array a segment between 28 and 64 bits is landomly selected The exact length of this segment depends on the speed and powei of the specific microprocessor used in the smart card T his segment is used as the starting place to generate a prime number with a value between 1 million and 500 million Following the selection of the hash number segment, a numbei is created fiom said segment through the division of said segment into a multiplicity eight bit bytes and concatenating the numbei s (between the values 0 and 255) represented bv each bv te The resultant number is lefeπed to as the 'Guess Number If the Guess Number is an even numbei , it is transformed to an odd value by subtracting the value ' 1 ' from it. Next, the preprogrammed array of numbers, in increments of 10 million and falling between 1 million and 500 million stored in the sixth memory of the smart card, is checked against the Guess Number to determine the interval number in the array that is lower than the Guess Number (Xi) and the interval number that is greater in value than the Guess Number (Xj). Then, starting from the lower interval value (Xi) and using the prime number creating algorithm stored in the fifth memory means of the smart card, prime numbers are generated until one that is closest to the Guess Number is found. The resulting Prime Number (N) will be between 32 to 64 bits in length - the actual length depending on the speed and power of the smart card microprocessor. The closest Prime Number (N) to the Guess Number is then stored in the sixth memory means of the smart card in the area set aside for the Prime Number 357.
Following the creation of the Prime Number, an Exponent (v) is then generated from the hash number 359. Said Exponent number is generated in the same manner as the Prime Number. As with the generation of the prime number, a segment is first randomly selected from the hash number. The segment for the exponent is between 24 and 32 bits in length. From this segment, through the execution of the same procedure applied to the segment used to generate the Prime Number, a Guess Number is created. Said Guess Number is then used to determine the upper and lower interval numbers between 1 million and 500 million, and starting from the lower interval, and using the prime number generating algorithm stored in the fifth memory means of the smart card, an exponent prime number is produced. This exponent is then stored in the sixth memoiy means of the smart card in the area set aside for the exponent 361.
The Prime Number (N) and its exponent value (v) are used in the digital signature authentication algorithm stored in the fifth memoiy means of the smart card to verify a match between the digital signatures of an electronic device containing the present invention and a smart card inserted in said electronic device's smart card reader/writer.
In order to check for errors in the digital signature array, which consists of the hash number, prime number (N). exponent (v), and "new" encryption key. a check sum is produced using the check sum algorithm stored in the fifth memoiy means of the smart card and then written to the sixth memoiy means of said smart card 363. The preferred check sum is 32 bits in length with a direct and inverse value although one skilled in the art can readily see that other check sum modes that perform a similar function may be substituted without materially changing the scope or spirit of the invention.
Once the digital signature, comprised of the hash number, prime number, exponent, encryption key, and check sum have been calculated and stored in the areas set aside for them in the sixth memory means of the smart card, the address start and address end of this data array is read and stored in the area designated for this data in said sixth memory 365. It is to this address that the application software of the electronic device will jump when the authentication procedure is initiated. This will give the application software the size of the entire digital signature array. Auto-burning of the Digital Signature:
Figures 3E and 3F show the continuation of the auto-burn g process in both the eiectionic device and smart cai d aftei the creation of the digital signature by said smart card
With the cieation and storage of the digital signature and start and end addresses to the digital signature array in the sixth memoiy of the smart card, the bootstrap program, stored in the fust area of the second memory means of the eiectionic device as part of the application software, is loaded to the first memory means of the electronic device microprocessor 367 Said bootstrap program is activated upon receiving an auto-burn command from the smart caid This auto-burnmg command sent bv the smart card microprocessor causes the electronic device to write or 'bum' the newly generated digital signature information to the second memory means of the electronic device microprocessor using the bootstrap program and the auto-burning means 113 of the present invention
In the next step of the auto-burning proceduie controlled by the smart caid, the digital signatuie (DS) data ol said smart cai d is lead from the look up table in the sixth memory means 369 Said digital signatui e is then enci y pted 371. using the fust encryption algorithm stored in the fifth memory means and the "old encry ption key stoied in the sixth memory means, to produce E(DS) Following this the encrypted data is then encoded 373 to protect against transmission errors using the transmission error algorithm stored in the fifth memoiy means which l esults in RS(E(DS)) The resultant enciypted and encoded data is then sent in data blocks to the first memoi y means of the electronic device 375 through one of the multiplicity of data 10 lines 135 that connect the electronic device microprocessor 103 and the smart card microprocessor
Once in the fu st memory means of the electronic device, said RS(E(DS)) data packet is decoded 377 using the transmission error checking algorithm stored in the first area of the second memoiy means and then decrypted 379 using the fii st encryption algorithm and the 'old' encryption kev also stored in said second memoiy means As the data blocks of the digital signature aie decoded and decrypted they are written to the third memoiy means of the electronic device
The subsequent process of burning the digital signatuie data from the thud memoiy to the second memoiy, is affected by w hether or not the electronic device microprocessor supports writing data to its second memory means in segments lather than only as a single block of data 381 If segmental writing to the memory is supported only the digital signature itself is written to the third memory 383 before it is auto-burned to the second memoiy means of the electronic device However, if segmental vvntmg is not supported, the entne contents of the second memoiy means, including the device specific application softwaie. bootstrap program. IO device lnteiface and the array specifications digital signature, encry ption keys and check sum data must be first written to the third memory means 385 befoi e it is auto-burned to the second memory
Once the digital signature is written to the third memory means (memoiy buffer) of the electronic device, the bootsti ap progiam 205 of the electronic device is activated to provide the exact procedure and parameters for the burning of said digital signatui e data to the second memory means A command 387 is then sent bv the electronic dev ice microprocessoi 103 to the smart caid to activate the programming line (VPP) 148 of the v oltage switching means 113 Said programming line is 'turned on' through the IO pin 145 of the smart card that sets the VPP powei supply 147 voltage to the analog switch 113 to that which causes said voltage switching means to change from "normal operating line 151 (VN) to 'programming line 150 (VPP) Digital signatuie data is read from the thud memory means and is wiitten to the second memoiy 391 If some erroi occurs during this writing process 393 the bootstiap program will try to burn the digital signature data to another sector in the digital signatuie area of said second memory 395 If, upon performing a check 397 it is indicated that there are no more free sectoi s av ailable or the bootstrap program is unable to write all the digital signature data to said second memory for some reason, a command is sent to the smart caid to stop the auto-burning process 399
If the digital signature data can be successfully written to the second memoiy the start and end addi esses of the digital signature data aπ av ai e enciypted 403 using the first encryption algorithm stoi ed in the fust ai ea of the second memory and then encoded 405 using the error checking algoi ithm also stored in the second memory means and the resultant data (RS(E(ADDR_J. ADDR_ F)) is sent to the smart cai d 407 thiough one of the data IO lines 135 connecting the electronic dev ice microprocessor 103 with the smart cai d reader/writer 111
When the smart caid leceives (RS(E(ADDR_I ADDR_F)) it is it is temporarily stored in the fourth memory means and decoded 409 using the error checking algorithm stored in the fifth memory means which results in E(ADDR_I, ADDR_F) If there are no transmission errors then this data is then decrypted 411 using the first encryption algorithm stored in the fifth memory means to produce (ADDR_I, ADDR_F) If there are transmission eπors, then these are coπected by the error checking algorithm befoi e the decryption procedure The address data is then wi itten to the sixth memoiy means in the area of the lookup table set aside for this data 413 A command is then sent by the electronic device microprocessor to the smart card microprocessor that the auto-burning procedure is complete 415 Following this, the programming line 148 is "turned off if it was activated 417 This is caused by the 10 pin 145 of the smart card setting the voltage of the VPP power supply 147. that is connected to the voltage switching means, to the "normal" (VN) opei ating v alue Follow ing this, the new " encryption key is written to the sixth memory means of the smart cai d ovei the old encryption key 419 Said 'new' key is also written over the 'old encryption key stored in the area set aside for the 'old encryption key in the second memory means of the electronic device Once this is done, the microprocessor of the electronic device 103 is reset by the smart card 421 through pin SCIO_2 134 that is connected to the reset pin 107 of said microprocessor This reset causes the electronic device microprocessor 103 to return to the start of the digital signature authentication routine - as if the power to the electronic device was interrupted or turned on At the same time, a software reset function is used to reset the smart card software to the beginning of the smart caid digital signature authentication procedure 423 This initiates the digital signature authentication proceduie which if the digital signature in the electronic device microprocessor matches the digital signature in the inserted smart caid normal operation of the electronic device is allowed and the electronic dev ice microprocessoi waits for its next instructions Correcting Errors in the Digital Signature:
If theie is data aheady written to the digital signature area and the check sum is incorrect a command is sent to the smart caid 316 thiough one of the data IO lines 135 that connects the smart caid readei /w πter 111 and the electronic device microprocessor 103. to the smart card, indicating that the check sum v alue is incorrect Following this, a procedure to correct any errors in the digital signature is implemented This erroi correcting procedure involves the restarting of the digital signature creation and burning process using the peisonal data originally entered by the user and temporarily stored in the first memory means of the electronic de\ ice If after a preset number of tries 345 a check sum error still occurs, the process is terminated 347
Authenticating the Digital Signature:
If the check sum that is calculated is shown to be correct, a proceduie to check foi a match between the digital signatui e stored in a smart card placed in the smart card l eader/wπter 111 and the digital signature burned to said second memoiy of the electronic device s microprocessor 103 is implemented
Figures 3G. 3H and 31 show the digital signature authentication proceduie as it occurs in both the electronic device and smart caid
The first step in this process is the sending of a request 425, to the microprocessoi of the electronic equipment, by the smart card for the digital signature (DS) stored in the area set aside for digital signatures in the second memory means of said electronic device This request is sent through one of the multiplicity of data IO lines 135 that connect the electronic device microprocessor 103 and the smart caid reader/writer 111
Upon receiving this request, said digital signatuie (DS) is read from the look up table foi said digital signature set aside in the second memory of the electronic device 427 Said digital signature is then enciypted 429 using an encryption algoi ithm and "new" encryption key stoied in the second memoiy of the electronic dev ice producing E(DS) The preferred data encryption means is the IDEA algorithm although one skilled in the art can readily see that other algorithms that perform a similar function may be substituted w ithout materially changing the scope or spirit of the invention
In order to protect the integrity of the personal data as it is transfeπed, in the next step an error checking algoi ithm is applied to the encrypted digital signature E(DS) to produce RS(E(DS)) Using said algorithm, said digital signatuie is encoded 431 to allow for the recovery of said data if it is conupted during data ti ansfei The preferred error checking algorithm is the Reed-Solomon algorithm although one skilled in the art can readily see that readily see that othei algorithms that perform a similar function may be substituted w ithout materially changing the scope or spirit of the inv ention
This enciypted and encoded digital signature RS(E(DS)) is then sent to the smart card 433 thiough one of the multiplicity of data IO lines 135 that connect the electronic device microprocessor 103 and the smart card
Next the electronic device microprocessor generates a test number (T) 435 to be applied in the digital signature authentication algorithm In Ol der to perfoπn this calculation the exponent (v ) and pi ime number (N) are read from the second memory means of the electronic device microprocessor In addition a pseudo-random number ( l ) is generated from the timing means of the electronic device microprocessor bv reading data from the timing legistei The test number (T) is calculated using the formula T = r**v(mod N) Test number (T) is then encrypted 437 using the encryption algorithm and new' encryption key stored in the second memory of the electronic device This produces E(T) E(T) is then encoded 439 through the application of an error checking algoi ithm that is stored in the first area of the second memory means to produce RS(E(T)) This enciypted and encoded test number (T'") is then sent to the fourth memory means of the smart card 441 through one of the multiplicity of data IO lines 135 that connect the electronic device microprocessor 103 and the smart card microprocessor through the reader/writer dev ice 111
Upon l eceivmg the encoded and enciypted digital signature RS(E(DS)) said RS(E(DS)) is decoded 443 using the en or checking algorithm stored in the fifth memory means If there are transmission errors, then these are corrected before the decryption procedure If there are no transmission errors then E(DS ) is then decrypted 445 using the first encryption algorithm stored in the fifth memory means This produces the digital signature that was stored in the smart card
The same procedure is then applied to the encoded and encrypted test number T Said T is decoded 447 using the en oi checking algorithm stored in the fifth memory means to produce E(T) If thei e ai e transmission errors, then these are corrected before the decryption procedure If there are no transmission errors then E(T) is then deciypted 449 using the first encryption algorithm stored in the fifth memory means This produces the test number T that was stored in the smart card
The next step is the generation of a pseudo-random number (d) by the smart cai d microprocessor 451 bv reading data from the timing register created by the timing means connected to the smart card microprocessor The data taken from the timing l egister may be used as the pseudo-random number itself or mav be further manipulated thiough the use of one or more algorithms Said pseudo-i andom number (d) is then encry pted 453 through the use of the first data encryption means stored in the sixth memory means of the smart caid The encryption key that is used to encrypt said personal data is stored in the digital signature area of the sixth memory means of the smart cai d The encr pted pseudo-random number E(d) is then encoded 455 using the error checking algorithm stored in the sixth memory means to produce RS(E(d)) This encoded and encry pted pseudo-random number is then sent to the electronic device microprocessor 457 through one of the multiplicity of data IO lines 135 that connect the smart card and electronic dev ice to the fust memory means of said electronic device
Once RS(E(d)) is received bv the electronic dev ice microprocessor it is decoded 459 using the error checking algorithm stoied in the second memoiy means If theie are transmission errois they aie coπected If there are no errors, the encrypted pseudo-random number E(d) is then decry pted 461 using the encryption key stored in the second memory means of the electronic device
Following this a Seciet Numbei (B) is ci eated by the electronic device miciopiocessoi 463 in which B must satisfy the function (DS)B**v = l(mod N) with DS equal to the digital signature v equal to the exponent, and N equal to the prime number all stored in the second memory of the electronic device The secret number B is then used to ci eate a Witness Number (t) 465 in which t ≡ rB**d(mod N) with r equal to the pseudo-random number previously generated by the application software, 'B' the Seciet Number, 'd' the pseudo-random numbei genei ated by the smart card, and 'N' the Prime Number stoied in the second memory of the electronic device 101
The Witness Number (t) is then encrypted 467 using the first encryption algorithm stored in the second memory means and encoded 469 using the error checking means also stoi ed in said second memoπ means The encoded and enciypted Witness Numbei RS(E(t)) is then sent to the smart card 471 through one of the multiplicity of data IO lines 135 that connect the electronic device microprocessoi 103 and the smart cai d microprocessoi
At this point, the electronic device waits for a command from the smart card 473 which w ill indicate if the digital signatuie of the inserted smart card matches that of said electronic device
Once received by the smart card, said encoded and enciypted Witness Numbei RS(E(t)) is decoded 475 using the error checking algoi ithm stored in the sixth memory means and if there are any data transmission errors they are coi rected Next, the enciypted Witness Number E(t) is decrypted 477 using the encryption key stoied in the sixth memory means to produce t
This value of t is then used in the function (I**d)(t**v)(mod N) to produce the smart card Test Number (T") 479, wheie I is the digital signature stored in the sixth memory , d is the Random Number previously generated in the smart card t is the Witness Number received from the electronic dev ice v the exponent of the Prime Number (N) that is stored in the sixth memory , and N the Prime Number previously created by the smart card and stored in the sixth memoiy Using the digital signature authentication algoi ithm, this smart card Test Number is compared to the Test Number (T") generated by the electronic device to determine if the digital signatures of said electronic device and the inserted smart card are a match 481 If T' = T"' then a match is confirmed and a command is sent by the smart card microprocessor to the application software of the electronic device to continue with normal operations 483 If the two Test Numbers are not equal then a command is sent to the application soft are not to continue 485 and a reset command sent to the electronic dev ice 487
Although leference has been made to a single preferred embodiment those skilled in the art can readily see that the present invention may be embodied in other ways and not affect the scope oi spirit of said invention

Claims

What is claimed is
1 A system (method and apparatus) for securing an electronic dev ice that contains a microprocessor and a plurality of memory means by automatically creating and burning a digital signature into the memory of said electronic device and the memory of an intelligent token device with a plurality of memory means, said system comprising a a means for transferring control of said electronic device microprocessor upon power on or reset to a digital signature authentication procedure, b means for transferring data between said electronic device and said intelligent token device c means tor entering personal identification data by user, d means for creating a digital signatui e fiom said personal identification data, e means for automatically burning said digital signature to memoiy means of said electronic device and memory means of said intelligent token device, f means for authenticating said digital signatures g means responsive to said authentication means for transferring control back to said electronic device foi normal operation upon determination that the digital signature burned into memory of said electronic device is the same as the digital signature burned into memory of said intelligent token device, h means for terminating operation of said electronic device responsive to said authentication procedure upon determination that the digital signature burned into memory of said electronic device is not the same as the digital signature burned into memory of said intelligent token device
2 System as claimed in claim 1 wherein said intelligent token dev ice is a smart card
3 System as claimed in claim 1 wherein said electronic device memory means aie comprised of a fii st memory means for temporarily stoi ing data, b second memory means for storing application software for the operation of said electronic device, bootstrap program for programming said second memory of said electronic device, intei face softwai e foi external input/output devices and a lookup table for storing the digital signature, c third memory means for temporarily storing data from said first and second memories
4 System as claimed in claim 1 wherein said intelligent token device memory means are compnsed of a fourth memory means for temporarily storing data b fifth memory means for storing a plurality of programs including instructions for the geneiation of the digital signature and the auto-burning procedure and a plurality of algorithms including an algorithm for checking for errors after the transmission of data between said electronic dev ice and said intelligent token device, a fust encryption means for protecting transmitted data, a second encryption means for geneiat g a hash numbei from peisonal identification data inputted by the usei , key geneiating algorithm with a plurality of bitwise operators, check sum calculating algorithm algorithm for generating a prime number from said hash number, algorithm for generating a exponent number from said hash number, authentication algorithm for comparing the digital signature stored in the memory of the electronic device with the digital signature stored in the memorv of said intelligent token device, c sixth memory means for storing a plurality of identification and authentication data including said hash number, prime number, exponent check sum value, encryption key for use with the first encryption algorithm, the start address and end address for the digital signature lookup table in the second memory means of the electronic device, and a lookup table of prime numbers for use in the generation of said prime number from said hash number
Memory means as claimed in claim 2 wherein said first memory means is comprised of internal random access memory (RAM), said second memory means is comprised of flash memory and said third memory means is comprised of static random access memory (SRAM)
Memory means as claimed in claim 3 wherein said fourth memory means is comprised of internal random access memory (RAM), said fifth memory means is comprised of read onlv memory (ROM), and said sixth memoiy means is comprised of electrical lv erasable and programmable read only memory (EEPROM)
System as claimed in claim 1 wherein said digital signature is compnsed of a hash number generated from said personal identification data entered by the user, an encryption key prime number and exponent generated from said hash number, and a check sum generated from said hash number prime number, exponent and encryption key
System as claimed in claim 1 wherein said control transfer means is a |ump command to the digital signature address
System as claimed in claim 1 wherein said data transferring means is comprised of a reader/ riter for said intelligent token device and a multiplicity of input/output lines connecting said reader/writer dev ice with the electronic device microprocessor
System as claimed in claim 1 wherein said personal identification data entering means is an external input/output device connected to an IO port of said electronic device microprocessor
System as claimed in claim 1 wherein said means for creating a digital signature from said personal identification data is a plurality of algorithms stored in the fifth memory means comprising a encryption algorithm for generating a hash number from said peisonal identification data b key generation algorithm and plurahtv of bitwise operators foi generating an encryption kev from said hash number, c prime number generating algorithm for generating a prime number and exponent from a segment of said hash number, d check sum algorithm for generating a check sum that is used to check for errors in the digital signature
System as claimed in claim 1 wherein said means for automatically burning said digital signature is to the second memoiy of said electronic device and sixth memory of said intelligent token device
Means foi automatically burning said digital signature to memory means of said electronic device and memoiy means of said intelligent token device as claimed in claim 1 wherein said means comprises a v oltage switching means, connected to a VPP line that connects the VPP pin of said electronic device microprocessor and an IO pin of the intelligent token device reader/writer for switching between a programming voltage and normal operations voltage for said VPP line b progiamming power supply means connected to said VPP line, c thud memory means connected to the microprocessor of said electronic dev ice for tempoi aπly storing data before said data is burned to the second memory means of said electronic device, d auto-burning program stored in fifth memory of said intelligent token device for controlling the procedure of burning of the digital signature to the memory of said electronic dev ice and the memorv of said intelligent token device, e bootsti ap program stored in second memory of said electronic device for programming said second memory
System as claimed in claim 1 wherein said digital signature authenticating means is comprised of a plurality of algorithmic means including a algoi ithm for generating a test number, b algorithm for generating a pseudo-random number, c algorithm for generating a secret number, d algorithm foi generating a witness number, e algorithm for authenticating the digital signature stored in the electronic device and the digital signature in the intelligent token device
System as claimed in claim 1 wherein said means responsive to said authentication means for tiansferπng control back to said electronic device for normal operation is a continue command sent by said intelligent token device microprocessor to said electronic device microprocessor
System as claimed in claim 1 wherein said means for terminating operation of said electronic device if said authentication procedure fails is a reset line, connected to a voltage checking means, that connects said intelligent token device reader/writer and the reset pin of said electronic dev ice microprocessor
System as claimed in claim 1 wherein said creation of a unique digital signature from inputted data with no preprogrammed data required, comprising the steps of a inputting to memory means of the electronic device microprocessor, through an external input device connected to an IO port of said electronic device microprocessor, personal identification data by user, b transferring said identification data to memory means of the intelligent token device c producing a hash number from said identification data in accordance with an encry ption algorithm, d creating a copy of said hash number in the memoiy of said intelligent token device e l eading data from said intelligent token device timer register to generate a pseudo-random numbei
1 applying a multiplicity of bitwise operators, in accordance with said pseudo-random number to said hash number to produce a new encryption key, g creating a prime number from said hash number h creating a prime number exponent from said hash number l producing a check sum from said hash number, prime number exponent and new encryption key
Method for the creation of a prime number from a hash number as claimed in claim 17 comprising the steps of a randomly selecting from said hash number a segment of data b dividing said segment of data into a multiplicity of eight bit bvtes c concatenating the numbei values represented bv said multiplicity of eight bit bv tes to create a Guess numbei d subti acting the v alue 1 from said Guess Number if it is an ev en v alue e checking said Guess Number against an array of numbers between one million and fiv e hundred million in increments of ten million to determine the two closest array interv al v alue to said Guess
Number, f creating prime numbers starting in value from the lowest of said interval values using a prime number generating program stored in memory means of the intelligent token device until the prime number closest to the Guess Number is found
Method foi the ci eation of a prime number exponent from a hash numbei as claimed in claim 17 comprising the steps of a landomly selecting from said hash number a segment of data b dividing said segment of data into a multiplicity of eight bit bvtes c concatenating the number values represented by said multiplicity of eight bit bvtes to create a Guess number, d subti acting the value ' 1 ' from said Guess Number if it is an even value e checking said Guess Number against an array of numbers between one million and fiv e hundred million in increments of ten million to determine the two closest aπ av interv al value to said Guess
Number, f creating prime numbers starting in value from the lowest of said interval values using a prime numbei geneiating program stored in memory means of the intelligent token device, until the prime number closest to the Guess Number is found
A method of auto-burning a digital signature created by an intelligent token device w ith a plui ahtv of memory means with said digital signature stored in the memory of said intelligent token device to the memoiy an electronic device having a microprocessor and a plurality of memory means comprising the steps of a transmitting said digital signature from said intelligent token device to said electronic device, b initiating an auto-burning program by the electronic device, c lesponsive to said auto-burning program, said intelligent token device activating a pi ogiamming line that is connected to a voltage switching means, and that connects a VPP pin of said electronic device microprocessor and an IO pin of a reading/wnting means of said intelligent token device, bv switching from normal operating voltage for said VPP line to a programming voltage through use of said voltage switching means, d lesetting said electronic device microprocessor
Method as claimed in claim 20 whereby the means for transmitting of said digital signature data is compnsed of a reader/writer means for said intelligent token device and a multiplicity of input/output lines connecting said reader/writer means with the electronic device microprocessoi
Method as claimed in claim 20 wherein said auto-burning program furthei compi ises a microprocessor specific bootstiap program
Method as claimed in claim 20 whereby the means for said resetting of said electronic device microprocessor is comprised of a reset line, connected to a voltage checking means, that connects a l eader/wπter means of said intelligent token device to a reset pin of said electronic dev ice microprocessor
A method whereby an intelligent token device having a digital signature in its memory determines whether a second digital signatuie in the memory of an electronic device having a reading/writing means with said intelligent token device inserted in said reading/ riting means is identical to said fu st digital signature, compi ising the steps of a sending of a request by said intelligent token device to said electronic device foi the digital signatuie stoied in memory of said electronic device, b ti ansmittmg of said digital signature through a data IO line that connects the electronic dev ice microprocessor and the intelligent token device microprocessor. c generating a pseudo-random number by reading data from the timing register of said electronic device microprocessor, d generating, by the electronic device microprocessor, a test number utilizing said pseudo-iandom number and a prime number and exponent read form memory of said electronic dev ice, e tiansmittmg of said test number to the intelligent token device through a data IO line that connects the electronic device microprocessor and the intelligent token device microprocessor f generating a pseudo-random number by reading data from the timing register of said intelligent token dev ice microprocessor, g transmitting of said pseudo-random number to the electronic device microprocessor through a data IO line that connects the electronic device microprocessor and the intelligent token device microprocessor, h generating, by the electronic device microprocessor, a secret number, l generating, by the electronic device microprocessor, a witness number, j transmitting, by said electronic device, of said witness number to said intelligent token device microprocessor through a data IO line that connects the electronic device microprocessor and the intelligent token device microprocessor, k generating by the intelligent token device, a test number utilizing said witness number, 1 checking for a match between said electronic device test number and said intelligent token device test number using a digital signature authenticating algorithm stored in memory of said intelligent token device, m sending a continue command to said electronic device microprocessor if the two test numbers are equal, n sending a reset command to said electronic device if the two test numbers are not equal
PCT/IB2000/001846 2000-01-19 2000-12-11 Security system involving creation and auto-burning of a digital signature in an electronic device and intelligent token device WO2001053915A1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
AU15455/01A AU1545501A (en) 2000-01-19 2000-12-11 Security system involving creation and auto-burning of a digital signature in anelectronic device and intelligent token device
EP00977826A EP1214639A1 (en) 2000-01-19 2000-12-11 Security system involving creation and auto-burning of a digital signature in an electronic device and intelligent token device

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US48747600A 2000-01-19 2000-01-19
US09/487,476 2000-01-19

Publications (1)

Publication Number Publication Date
WO2001053915A1 true WO2001053915A1 (en) 2001-07-26

Family

ID=23935871

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IB2000/001846 WO2001053915A1 (en) 2000-01-19 2000-12-11 Security system involving creation and auto-burning of a digital signature in an electronic device and intelligent token device

Country Status (3)

Country Link
EP (1) EP1214639A1 (en)
AU (1) AU1545501A (en)
WO (1) WO2001053915A1 (en)

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2390701A (en) * 2002-04-17 2004-01-14 Walter Paterson Digital certificate Management with smart card storage
EP1645930A1 (en) * 2004-10-11 2006-04-12 Texas Instruments Incorporated Method and system for detecting a security violation using an error correction code
CN100357864C (en) * 2005-01-31 2007-12-26 深圳市证通电子股份有限公司 Keyboard encrypting method
WO2011138009A1 (en) * 2010-05-04 2011-11-10 Giesecke & Devrient Gmbh Method for personalizing a portable data storage medium, in particular a chip card
CN106933603A (en) * 2015-12-29 2017-07-07 深圳市博巨兴实业发展有限公司 A kind of method of burning chip, device and microcontroller
CN113806774A (en) * 2021-09-15 2021-12-17 惠州市德赛电池有限公司 Encryption method, decryption method and system

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5288978A (en) * 1990-10-05 1994-02-22 Kabushiki Kaisha Toshiba Mutual authentication system and method which checks the authenticity of a device before transmitting authentication data to the device
US5293029A (en) * 1989-01-17 1994-03-08 Kabushiki Kaisha Toshiba System for mutually certifying an IC card and an IC card terminal
US5367572A (en) * 1984-11-30 1994-11-22 Weiss Kenneth P Method and apparatus for personal identification
US5964877A (en) * 1997-04-07 1999-10-12 Victor; David William Method and system for programming a security system to protect a protected unit

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5367572A (en) * 1984-11-30 1994-11-22 Weiss Kenneth P Method and apparatus for personal identification
US5293029A (en) * 1989-01-17 1994-03-08 Kabushiki Kaisha Toshiba System for mutually certifying an IC card and an IC card terminal
US5288978A (en) * 1990-10-05 1994-02-22 Kabushiki Kaisha Toshiba Mutual authentication system and method which checks the authenticity of a device before transmitting authentication data to the device
US5964877A (en) * 1997-04-07 1999-10-12 Victor; David William Method and system for programming a security system to protect a protected unit

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2390701A (en) * 2002-04-17 2004-01-14 Walter Paterson Digital certificate Management with smart card storage
EP1645930A1 (en) * 2004-10-11 2006-04-12 Texas Instruments Incorporated Method and system for detecting a security violation using an error correction code
CN100357864C (en) * 2005-01-31 2007-12-26 深圳市证通电子股份有限公司 Keyboard encrypting method
WO2011138009A1 (en) * 2010-05-04 2011-11-10 Giesecke & Devrient Gmbh Method for personalizing a portable data storage medium, in particular a chip card
US8973836B2 (en) 2010-05-04 2015-03-10 Giesecke & Devrient Gmbh Method for personalizing a portable data carrier, in particular a chip card
CN106933603A (en) * 2015-12-29 2017-07-07 深圳市博巨兴实业发展有限公司 A kind of method of burning chip, device and microcontroller
CN106933603B (en) * 2015-12-29 2024-03-05 深圳市博巨兴微电子科技有限公司 Chip burning method, device and microcontroller
CN113806774A (en) * 2021-09-15 2021-12-17 惠州市德赛电池有限公司 Encryption method, decryption method and system
CN113806774B (en) * 2021-09-15 2024-02-13 惠州市德赛电池有限公司 Encryption method, decryption method and system

Also Published As

Publication number Publication date
EP1214639A1 (en) 2002-06-19
AU1545501A (en) 2001-07-31

Similar Documents

Publication Publication Date Title
US6094724A (en) Secure memory having anti-wire tapping
US5610981A (en) Preboot protection for a data security system with anti-intrusion capability
US7461268B2 (en) E-fuses for storing security version data
US5155680A (en) Billing system for computing software
US4959861A (en) Security system for computer software
US4910774A (en) Method and system for suthenticating electronic memory cards
US20070297606A1 (en) Multiple key security and method for electronic devices
US20150331811A1 (en) Secure compact flash
US20030120922A1 (en) Device authentication system and method
US20060184799A1 (en) Security circuit and method to secure information in a device
US20210397441A1 (en) Firmware updating system and method
JPH07182243A (en) Integrated circuit containing protected memory and protectedsystem using said integrated circuit
US5155829A (en) Memory system and method for protecting the contents of a ROM type memory
US5553144A (en) Method and system for selectively altering data processing system functional characteristics without mechanical manipulation
US11328098B2 (en) Electronic circuit
US7216235B1 (en) Drive/host locking system
CN110298951B (en) Encryption method and encryption system for M1 card
EP1214639A1 (en) Security system involving creation and auto-burning of a digital signature in an electronic device and intelligent token device
US7836219B1 (en) System and method for authentication of embedded RAID on a host RAID card
JP4489915B2 (en) Portable information processing device with password verification function
CN112560120A (en) Secure memory bank and starting method thereof
JP3128567B2 (en) IC card system
JP2000047866A (en) Program executing protecting method, ic card and storage medium
JPH1069435A (en) Ic card
TWI750073B (en) Semiconductor device with security function and security method thereof

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CR CU CZ DE DK DM DZ EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG UZ VN YU ZA ZW

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
WWE Wipo information: entry into national phase

Ref document number: 2000977826

Country of ref document: EP

REG Reference to national code

Ref country code: DE

Ref legal event code: 8642

WWP Wipo information: published in national office

Ref document number: 2000977826

Country of ref document: EP

WWW Wipo information: withdrawn in national office

Ref document number: 2000977826

Country of ref document: EP

NENP Non-entry into the national phase

Ref country code: JP