Abstract: A countermeasure method in a first electronic component communicating with a second electronic component uses a secret key K[0] cryptographic algorithm A of size k. The countermeasure implementation employs a systematic and regular evolution of K[i] by a function K[i]=f(k[i?1]), and transmission of i to the second component. A computational shortcut enables the second component to compute K[i] from K[0] without having to generate the i?1 keys K[1] to K[i?1] separating K[0] and K[i].
Abstract: A method for producing contact-free chip card includes embedding metallized bumps of the chip into an antenna as the chip is mounted on the antenna.
Abstract: The invention relates to cards with a microprocessor and contacts. The invention lies in the fact that a communication device of the asynchronous type is disposed between the contacts and the microprocessor so as to relieve the microprocessor of the communication tasks and thus allow better use of the central unit of the microprocessor and the associated memories. This device includes an analysis circuit, a circuit for checking the integrity of the series of pulses, a circuit for determining the characters in the series of pulses and pluralities of registers which are connected with the microprocessor.
Abstract: The ability to utilize smart card based Internet applications is facilitated by enhancing the functionality of smart cards dedicated to other applications, to enable them to connect to and interoperate with Internet application servers. The functionality of subscriber identification module (SIM) card is enhanced to incorporate the information necessary to interact with an Internet-based application service provider. The user can also employ a conventional smart card to access an Internet application from a personal computer or other terminal equipped with a conventional smart card reader, and use the SIM card to interact with application when access to a conventional smart card reader is not available. The application server recognizes the distinction between access with the two different types of cards, and ensures that both cards are synchronized with one another.
Type:
Grant
Filed:
October 15, 2001
Date of Patent:
March 13, 2007
Assignee:
Gemplus
Inventors:
Augustin J. Farrugia, Frederic C. Laporte
Abstract: An adapter for a portable integrated circuit device of the chip card variety has a reduced format in comparison with the standard mini-card format. The device with a reduced format includes a body on which a microcircuit defining contact pads is disposed. A support which has a standard mini-card format is provided with a cavity having the dimensions of the device with a reduced format. The device is detachably fixed in the cavity. The cavity is located in the support in such a way that the location of the contact pads of the microcircuit of the device with a reduced format coincides with the standardization location of the contact pads of a microcircuit having a standard format mini-card.
Type:
Grant
Filed:
May 11, 2000
Date of Patent:
February 27, 2007
Assignee:
Gemplus
Inventors:
Henri Boccia, Olivier Brunet, Philippe Patrice, Isabelle Limousin
Abstract: The invention relates to a cryptographic method wherein a random number generator producing random numbers Si whose size N is fixed between 0 and W-1 is used to produce a random number R between 0 and a predefined limiter K. According to the invention: E31: a random variable Si is produced, ranging from 0-W-1, E32: if the random variable Si is strictly lower than a coefficient Ki of the limiter K in base W, the coefficient Ri of order i of the random number R is equal to the random number Si then, for all orders j which are lower than i, a random variable Sj of 0-W-1 is produced and Rj=Sj. E33: unless, if said random variable is greater than coefficient Ki of position i of the limiter K is base W, whereupon said coefficient Ri is determined on the basis of the random variable Si of order i according to a predetermined function, then a coefficient Ri-1 is determined for the random number R of order i-1 which is immediately lower by repeating stages E31-E33.
Abstract: The present invention concerns an anti-SPA modular exponentiation algorithm in an electronic component using a public key ciphering algorithm. A pair of registers and an indicator are used to provide symmetrical processing of bits in the algorithm, so that the values of individual bits cannot be determined from power consumption.
Abstract: The invention concerns a method for differentiating between data and instructions thereby providing against certain attacks in a data processing device such as a smart card, whereby a generator associates a random number with an applicative component of a downloaded application, and a transformer in a virtual machine applies each of the instruction words in the component and the associated random number to a transformation function so as to store the transformed instruction words when downloading the component. A second transformer applies each of the transformed words of part of the component and the associated random number to the reciprocal function of the transformation function so as to retrieve the instruction words constituting the component part, to execute the same.
Abstract: In a method for monitoring the flow of execution of a series of instructions of a computer program, a sequence of instructions are transmitted to the processor to execute the monitored program. These instructions are analyzed, and the result of the analysis are verified by referring to reference data recorded with the program. The reference data can include a value predetermined in such a way as to correspond to the result of the analysis produced during the monitoring process only if all the instructions have been actually analyzed during the program flow. The invention also concerns a device for monitoring the program execution, a program device, and a programming device operating according to the monitoring principles.
Type:
Grant
Filed:
January 24, 2000
Date of Patent:
January 23, 2007
Assignee:
Gemplus
Inventors:
David Naccache, Ludovic Rousseau, Pierre Girard
Abstract: Elliptical curve based cryptographic algorithms are public key algorithms offering a shorter calculation time and smaller key sizes in comparison with RSA. In a smart card type environment, these algorithms are vulnerable to differential power analysis (DPA) attacks. The disclosed invention provides a countermeasure procedure enabling positive action to be taken against DPA-type attacks. The countermeasure does not reduce performance and is easy to use in a smartcard type component.
Abstract: The invention relates to a method for countermeasuring in an electronic component while using a public key cryptographic algorithm. The invention is characterized in that the method comprises an exponentiation calculation with a left-to-right exponentiation algorithm y=gˆd, in which g and y are elements of the specified group G noted in a multiplicative manner and d is a predetermined number. The inventive method is also characterized by comprising a random selection step at the beginning of or during the execution of said exponentiation algorithm in a deterministic or probabilistic manner for masking the accumulator A.
Abstract: A random prime number is generated within a predetermined interval by precalculating and storing a single value that functions as a universal parameter for generating prime numbers of any desired size. The value, ?, is chosen as a product of k prime numbers. A number a is also chosen such that is co-prime with ?. Once the values for ? and a have been determined they can be stored and used for all subsequent iterations of the prime number generating algorithm. To generate a prime number, a random number x is chosen with uniform distribution, and a candidate prime number within the predetermined interval is calculated on the basis of the random number. This candidate is tested for primality, and returned as the result if it is prime. If the candidate is not prime, the random number x is multiplied by a, and used to generate a new candidate. This procedure is repeated, until the candidate is prime. Since a single value, namely ?, needs to be precalculated, economies of storage are achieved.
Abstract: Two methods for random number generation are modified to make them more resistant to attacks by current measurements. The methods are particularly designed to be implemented in electronic devices such as smart cards, PCMCIA, badges, contactless cards or any other portable device. The DES algorithm is encrypted using a key K having a value D representing date information, to generate an integer variable I. For j ranging from 1 to m, the following steps are carried out: substituting s with s XOR I; introducing in the integer variable y the result of the encryption of s with the DES algorithm using the key K; introducing in xj the result of y or s; substituting s with y XOR I; and introducing in s the result of the encryption of s with the DES algorithm using the key K. The sequence (x1, x2, xm) is then restored in the output.
Abstract: A countermeasure method in an electronic component which uses an RSA-type public key cryptographic algorithm. A first countermeasure method uses a random calculation for each new execution of the decryption algorithm with CRT. The calculations are made modulo p*r and q*t, r and t being random numbers. A second countermeasure makes the recombination random using the CRT theorem.
Abstract: A random number that is co-prime with a set of prime numbers is generated, without having to calculate the greatest common denominator of the numbers. The value of 1?x?(mod ?), where x is a randomly generated value and ? is the Carmichael function, is tested to determine whether it is non-zero. If it equals zero, x is chosen as the random number of interest. Otherwise the value for x is updated, and the procedure is repeated. Due to the minimal amount of computation resources required to select x, the process is particularly well suited for generating cryptographic keys in portable electronic devices, such as smart cards.
Abstract: A method for the secure application of a cryptographic algorithm of the RSA type in an electronic component obtains the value of a public exponent e from a given set of probable values, without a priori knowledge of that value. Having determined the value for the public exponent e, the application of countermeasures using the value of e, to block error attacks and side channel attacks, particularly of the DPA and SPA type, are carried out on the application of a private operation of the cryptographic algorithm.
Type:
Application
Filed:
July 8, 2004
Publication date:
September 21, 2006
Applicant:
Gemplus
Inventors:
Karine Villegas, Marc Joye, Bewnoit Chevallier-Mames
Abstract: The invention relates to a method for detection of saturation of files or applications in a mobile communication device (10) connected to a remote control center (12) and a message server SMS-SC (14), characterised in comprising the following principal steps: (a) detection of a data file (38) or data application contained in a SIM card (16), the free space of which is below a certain threshold and (b) generation of an alarm signal after said threshold is reached.
Abstract: The invention concerns a chip card receiving fields of compressed data encapsulated in frames including an indication of the expected length of decompressed data and a length of compressed data. The frames are received in a storage unit and the processor of the card decompresses each data field according to a decompression algorithm over a length based on the indication of the expected length and writes the decompressed data in another buffer storage unit. Several algorithms and optionally several decompression models are installed in the card storage unit, and a couple thereof is selected by the number read in the heading of each frame received.
Abstract: A smart card includes a rectangular flat support having two longitudinal edges and two transverse edges. One portion of the front of the card receives at least one electrical contact pad. The support is provided with a rectangular slit which surrounds this portion in such a say as to define a mini-card. The mini-card can be detached from the support and is connected by means of at least two connecting links which extend respectively from one longitudinal edge of the mini-card towards the adjacent longitudinal edge of the card. Each of the connecting links has two grooves which can resist bending stresses and which are disposed opposite one another on each face of the support. The upper grooves of each link, which are disposed on the front face of the support, are different from one another such that the upper link which is disposed closest to one of the longitudinal edges of the support is less resistant to bending stresses than the other lower link.
Type:
Grant
Filed:
September 5, 2002
Date of Patent:
August 8, 2006
Assignee:
Gemplus
Inventors:
Gilles Dhers, Frédéric Durano, Guillaume Limousin, Nicolas Housse
Abstract: The invention concerns a countermeasure method in an electronic component using a secret key K cryptographic algorithm with sixteen computing cycles to supply an encrypted message (C) from an input message (M), each cycle using first means TC0 to supply an output information from an input information, Said method consists in applying by selection a sequence with the first means or another sequence with other means TC1, TC2 to a group G1 comprising the first three cycles at least and another group G4 comprising the last three cycles at least. Whatever the sequence, the output result of the last cycle of each group is the same for the same input message (M).