(19) United States
(12) Patent Application Publication (io) Pub. No.: US 2003/0188158 Al
Kocher (43) Pub. Date: Oct. 2,2003
(54) PAYMENT SMART CARDS WITH
HIERARCHICAL SESSION KEY
DERIVATION PROVIDING SECURITY
AGAINST DIFFERENTIAL POWER
ANALYSIS AND OTHER ATTACKS
(76) Inventor: Paul C. Kocher, San Francisco, CA
SKADDEN, ARPS, SLATE, MEAGHER &
ATTN: JAN STEELE
525 UNIVERSITY AVENUE
PALO ALTO, CA 94301 (US)
(21) Appl. No.: 10/396,975
(22) Filed: Mar. 24, 2003
Related U.S. Application Data
(63) Continuation of application No. 09/347,493, filed on Jul. 2, 1999, now Pat. No. 6,539,092.
(60) Provisional application No. 60/091,644, filed on Jul. 2, 1998.
(51) Int. CI.7 11041. 9/00
(52) U.S. C I 713/161
Chip cards are used to secure credit and debit payment transactions. To prevent fraudulent transactions, the card must protect cryptographic keys used to authenticate transactions. In particular, cards should resist differential power analysis and/or other attacks. To address security risks posed by leakage of partial information about keys during cryptographic transactions, cards may be configured to perform periodic cryptographic key update operations. The key update transformation prevents adversaries from exploiting partial information that may have been leaked about the card's keys. Update operations based on a hierarchical structure can enable efficient transaction verification by allowing a verifying party (e.g., an issuer) to derive a card's current state from a transaction counter and its initial state by performing one operation per level in the hierarchy, instead of progressing through all update operations performed by the card.