WO2001084767A1 - Methods and apparatus for mediametric data cryptoprocessing - Google Patents

Methods and apparatus for mediametric data cryptoprocessing Download PDF

Info

Publication number
WO2001084767A1
WO2001084767A1 PCT/US2001/013504 US0113504W WO0184767A1 WO 2001084767 A1 WO2001084767 A1 WO 2001084767A1 US 0113504 W US0113504 W US 0113504W WO 0184767 A1 WO0184767 A1 WO 0184767A1
Authority
WO
WIPO (PCT)
Prior art keywords
data
mediametric
memory
key
memory array
Prior art date
Application number
PCT/US2001/013504
Other languages
French (fr)
Inventor
Alberto J. Fernandez
Carlos D. Bormey
Ismael E. Negrin
Original Assignee
Xtec, Incorporated
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from US09/562,336 external-priority patent/US6993130B1/en
Application filed by Xtec, Incorporated filed Critical Xtec, Incorporated
Priority to AU2001255712A priority Critical patent/AU2001255712A1/en
Publication of WO2001084767A1 publication Critical patent/WO2001084767A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0866Generation of secret information including derivation or calculation of cryptographic keys or passwords involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics

Definitions

  • the present invention relates generally to improvements to cryptoprocessing of information. More particularly, the invention relates to using physical properties of the media used to record the information as a source of data for use in the generation of encryption keys.
  • Background of the Invention Storage of financial and other information in solid-state devices such as smart cards is growing more and more prevalent. Large quantities of data representing customer or merchant information, transaction histories, or stored value may be placed on a card and given to the customer. The information may be completely self-contained on the card, allowing the information to be read directly from the card. This approach is different from the use of magnetic cards, which typically contain only an account number or other identifying information, which is used as an index to retrieve the customer information from a database.
  • a smart card typically stores data in solid-state memory such as an EPROM or EEPROM.
  • the card is placed in a card writer which provides information to the card in a numerical format and transfers the information through ports provided on the card.
  • the card includes a microcomputer, which receives the information from the reader, processes the information, and stores the information in the memory. Similarly, whenever it is desired to use the information stored on the card, the microcomputer retrieves the information from memory, processes the information, and transfers the information through the ports to an external device such as a card reader. Because high-capacity memory devices are widely available, it is possible to store large quantities of data on such a card, making it versatile and convenient.
  • a cash card may be loaded with information representing cash credits.
  • the card is given to the customer and presented to a merchant or bank whenever a debit is to be made.
  • the merchant or bank places the card in a reader/writer, reads the balance on the card, makes an appropriate subtraction, and writes the new balance to the card.
  • the debit can be made without a need to retrieve any information other than the information on the card itself. If a smart card is to be given to a customer, security is vital.
  • a customer in possession of a smart card has long-term, unsupervised access to the card, and has the opportunity to attack the card at leisure in order to attempt to store unauthorized information on the card or to recover secret information from the card. It is possible for a skilled attacker to retrieve numerical information from a smart card through probing of the internal components of the device, or through other unauthorized means. If card security is provided only through numerical means, such as numerical authenticators or cryptoprocessing keys, it is possible to retrieve the information from the card and to obtain information intended to be secret, or to create a counterfeit card which contains information duplicated from a legitimate card.
  • Mediametric techniques offer considerable advantages in providing data security. These mediametric techniques provide security through the use of data related to physical characteristics of the storage media. Solid state media possess characteristics which are impossible to duplicate precisely, but which can be precisely measured. These include, for example, variations in the remnant charge of EEPROM 's, or variations in Row/Column addressing circuits. These and other characteristics have been used for authentication. A numerical representation, or fingerprint, of authenticating characteristics is created and stored. When the card is presented, the authenticating characteristics are measured, and a fingerprint is created and compared against the original fingerprint. Such techniques are described in detail in Fernandez U.S. Patent No. 5,644,636, which is assigned to the assignee of the present invention and incorporated in its entirety herein by reference.
  • a prior-art mediametric card can be made secure against counterfeiting. For example, after a card is to be programmed with data, a "fingerprint" is generated, consisting of numerical representations of levels of trapped charges in selected memory cells. The fingerprint is then provided to an external device and stored. When the card is to be used again, the fingerprint is read from the card and compared against the stored fingerprint before the card is accepted as authentic.
  • a data storage device may suitably be embodied as a smart card.
  • the smart card includes a memory array such as that of an EPROM or EEPROM, which can be read by a microcontroller residing on the card.
  • the memory array comprises a plurality of memory cells, each of which is characterized by a charge level. Each cell contains a representation of a binary digit in the form of a level of charge, which may be a "high" level of charge for a binary "1" and a "low” level of charge for a binary zero.
  • the "high” and “low” levels of charge differ widely, making it easy to distinguish between a "1” and a "0".
  • Programming a cell involves placing a high or low level of charge in the cell, depending on whether a "1” or a "0" is desired. It is not possible to set the level of charge precisely, but once the level of charge has been established it may be precisely measured.
  • the microcontroller can read the levels of charge, but in order for this information to be accessible outside the smart card, the microcontroller must pass it outside the card. Therefore, if the microcontroller is designed or programmed to protect this information, it can be used inside the smart card, but cannot be obtained or known outside the internal workings of the smart card. This is because any attempt to open the memory array and read the memory contents will disrupt the levels of charge within the memory cells.
  • the binary representations of data can be read in this way, but the act of reading will disrupt the charge levels.
  • the microcontroller can generate an internal encryption key, or alternatively a seed for an encryption key, using data representing charge levels of selected cells of the EEPROM.
  • the encryption key generated from this data can be held within the microcontroller, without ever being released outside the microcontroller. Alternatively, the key may simply be generated when needed and erased after each use. The key provides very good security against compromise, because any attempt to obtain the charge levels will fail.
  • the data is encrypted using any of a number of standard encryption techniques. The particular technique employed is a matter of design choice, and does not affect the operation of the present invention.
  • the encrypted data is written to the smart card.
  • the encryption key used to encrypt the data is also provided to the smart card, preferably by providing the key to the microcontroller. After being provided to the smart card, the external key is itself encrypted, using an internal key generated according to the techniques of the present invention.
  • the internal key is generated using charge level data from the EEPROM.
  • the microcontroller retrieves charge level data from selected cells within the EEPROM. This charge level data is converted from analog to digital form in order to be operated on by the microcontroller.
  • the charge level data need not be stored in numerical form, but can simply be retrieved from the EEPROM whenever it is needed. This secures the charge level data from being discovered, and therefore prevents discovery of the internal key.
  • the microcontroller uses it to encrypt or decrypt the external key. This may be done by using the charge level data to generate an internal key, or alternatively to generate a seed for an internal key. Once the internal key has been generated, it is then used for cryptoprocessing of the external key. After the external key has been provided to the microcontroller and encrypted, it can then be stored in the EEPROM. When data is to be stored on the smart card, the external key can be retrieved, decrypted using the internal key, and used to encrypt the data for storage on the card. Once the data is stored, it is secure. It is encrypted using the external key, but the external key is stored on the card in encrypted format.
  • the internal key cannot be retrieved in order to encrypt the external key, because the internal key is not stored in numerical form. Instead, it is simply obtained whenever needed by examining the physical properties of the EEPROM cells, and these properties cannot be known outside the card.
  • Fig. 1 illustrates an exemplary memory cell used in a data storage device according to the present invention
  • Fig. 2 is a graphical representation of differing charge levels prevailing in a memory array employed in a data storage device according to the present invention
  • Fig. 3 illustrates a first data storage device according to the present invention including an EEPROM array, where parallel access is provided to the array
  • Fig. 4 illustrates a second data storage device according to the present invention including an EEPROM array, where parallel access is provided to the array
  • Fig. 5 illustrates a method of initialization in preparation for generation of a mediametric cryptoprocessing key according to the present invention
  • Fig. 6 illustrates a method of mediametric key generation according to the present invention
  • Fig. 7 illustrates a method of mediametric key cryptoprocessing according to the present invention.
  • Fig. 8 illustrates a method of generating a random number using mediametric properties of a device.
  • Fig. 1 illustrates a memory cell 100 which may be advantageously employed according to the teachings of the present invention.
  • the memory cell 100 may comprise a transistor integrated on a p-type substrate 102.
  • the transistor comprises a source (S) 104 and a drain (D) 106 which are fabricated using well known techniques by the diffusion of N+ impurities on the substrate 102.
  • the transistor includes a field oxide layer 108 that overlays the source 104 and the drain 106, and a floating gate 110 fabricated from a first layer of polysilicon that overlays the oxide layer 108.
  • the transistor further comprises a gate 112 fabricated from a second layer of polysilicon that overlays the floating gate 110.
  • Data may be programmed in the memory cell 100 for purposes of data storage according to the well known technique of floating-gate charge injection. For example, a potential which is typically greater than 12 volts is applied to the drain 106 to create a strong electric field that energizes electrons to jump from the drain 106 region to the floating gate 110 region. The electrons attracted to the floating gate 110 become trapped in the floating gate 110 when the potential is removed from the drain 106. When charges are trapped in the floating gate 110, the threshold of the memory cell 100 changes from a relatively low value, which is associated with the memory cell 100 when no charge or a small charge is present and is called an erased condition, to a higher value, which indicates that programming of the memory cell 100 has occurred.
  • the level of charges which will be trapped in a memory cell also depends on environmental conditions, such as temperature and the presence of stray static charges, existing at the time that the memory cell is programmed.
  • the previous level of trapped charges for the memory cell and the total number of write cycles applied to the memory cell known as the history of the memory cell, contribute to the level of charges trapped in the memory cell. Therefore, with each programming event the pattern of the trapped charges in memory cells of a memory array will vary in a manner which cannot be reproduced, even when the same memory cell is programmed with the identical data.
  • an array of memory cells such as the memory cell 100 into the card, and design the array with one or more ports by which the charge levels of the memory cells may be read by a device such as a microcontroller or microprocessor which is also embedded in the card. If the array and the card are designed such that no external access is allowed to the memory array, the charge level data will be very difficult or almost impossible to intercept.
  • the binary contents of the memory cells such as the cell 100 can be intercepted from outside, because the digital representations of binary data have relatively wide tolerances. However, an attack which attempts to obtain the precise charge levels other than through the port will disrupt the charge levels, such that the attacker will be unable to recover the correct data.
  • the present invention utilizes the inherent, unique and irreproducible variations in the level of trapped charges of each programmed memory cell such as the cell 100 to provide a substantial amount of unpredictable data, which remains stable between write cycles of each of the cells, but which is nearly immune from unauthorized access.
  • This data can be used to generate encryption keys which are used exclusively by the smart card and which are not known outside the smart card.
  • Fig. 2 is a graphical representation of differing charge levels prevailing in a memory array 200 which may be suitably employed in a data storage device according to the present invention.
  • Charges are at either high or low states, but the high states are not identical to one another, and the low states are not identical to one another.
  • Charge levels 202 and 204 are both in a high state, but they are not identical.
  • charge levels 206 and 206 are both in a high state, but they are not identical.
  • each memory cell 208 are both in a low state, but are not identical. In writing data to the array 200, it is a simple matter to set each memory cell at a charge level corresponding to a high or a low state, but it is not possible to specify the exact charge level of the memory cell. However, it is easy to read the charge level of each memory cell with great precision, provided that suitable connections are provided for this purpose.
  • Fig. 3 illustrates a data storage device 300 providing data security according to the principles of the present invention.
  • the device 300 includes a memory array 302, which is here shown as an EEPROM comprising an array of memory cells similar to the cell 100 of Fig. 1.
  • the array 302 is embodied here as an EEPROM because such devices typically include additional mechanisms, such as analog input and output lines for erasing or rewriting data to memory cells of memory arrays, that are useful for explaining the techniques and advantages of the present invention.
  • EEPROM cell technology has been developed by Information Storage Devices TM, and such a device may be used to practice the invention.
  • the memory array 302 may be any suitable device which comprises memory cells which are structurally and operationally similar to that of the memory cell 100 of FIG. 1, described above, and that most semiconductor memory devices may be adapted for use with this invention.
  • the storage device 300 also includes a microcontroller 304, which includes a microprocessor 306, RAM 308 and ROM 310.
  • the microcontroller 304 also includes a data port 311 to allow transfer of data between the data storage device 300 and an external device.
  • the data port 31 1 is connected to the microprocessor 306 and may suitably be a data bus.
  • first and second analog outputs 316 and 318 of the array 302 are used to provide access to charge level data of memory cells in the memory array 302, for use by the microcontroller 304.
  • the storage device 300 employs the charge level data describing charge levels of selected memory cells in the array 302.
  • the first and second analog outputs 316 and 318 are used as inputs to first and second operational amplifiers 320 and 322.
  • the outputs of the operational amplifiers 320 and 322 are provided as inputs of a differential amplifier 324.
  • the output of the differential amplifier 324 is provided to an analog to digital (A/D) converter 326, which converts the analog data to digital data which can be processed by the microcontroller 304.
  • the A/D converter 326 provides data to the microcontroller 304 by means of a data line 328.
  • the microcontroller 302 is controlled so that it accepts data from the A/D converter by means of the application of a control signal or signals on a strobe line 330.
  • the microcontroller 304 Whenever an internal key is needed for use by the microcontroller 304, the microcontroller 304 directs the memory array 302 to provide charge level data from selected cells. This data is provided through the analog outputs 316 and 318, conditioned by the operational amplifiers 320 and 322 and the differential amplifier 324, and converted to digital form by the A/D converter 326. The digital data representing the charge level data is then processed by the microcontroller 304. The microcontroller 304 uses this data to generate the internal key, which may then be used to encrypt an external key provided from outside the data storage device 300. The microcontroller 304 can then store the encrypted external key in the array 302.
  • the external key or any other data which is desired to be stored after retrieval of the charge data from which the internal key is generated, must be stored in memory cells other than the memory cells whose charge level data is used to generate the internal key. This is because the charge level in a cell changes whenever data is written to the cell. If data is written to the cell, therefore, the charge level of the cell will not be usable for reconstruction of the internal key. It is possible to implement the various components of the storage device 300 on a single integrated circuit. This helps to provide security, as all connections except for the data port 31 1 would then be inside the integrated circuit.
  • Fig. 4 illustrates an alternative data storage device 400 according to the present invention, illustrating the use of mediametric data security techniques with serial memories.
  • the device 400 employs a serial memory array 402.
  • the memory array 402 may suitably be a serial EPROM or EEPROM.
  • the memory array 402 is connected to a microcontroller 404, which includes a microprocessor 406, RAM 408 and ROM 410.
  • the microcontroller 404 also includes a data port 41 1 to allow transfer of data between the data storage device 400 and an external device.
  • the data port 411 is connected to the microprocessor 406 and may suitably be a data bus.
  • the memory array 402 communicates with the microcontroller 404 using a clock line 412 and a data line 414.
  • Each of the array 402 and the microcontroller 404 passes data to the other by placing data on the data line 414 one bit at a time and sending a clock input along the clock line for each bit.
  • the memory array 402 also provides an analog output 416, which is used to provide charge level data to the microcontroller 404.
  • the analog output is connected to an operational amplifier 418, which receives and processes mediametric data from the array 402, the mediametric data being charge level readings for levels of trapped charge in cells of the array 402.
  • the operational amplifier 418 produces an output which is then used as an input to a sample and hold circuit 420 and a differential amplifier 422.
  • the sample and hold circuit 420 passes its input to the differential amplifier 422 upon receiving a latch signal produced by the microcontroller 404.
  • the output of the differential amplifier 422 is received by an analog to digital (A/D) converter 424, which converts the analog data representing charge levels of cells of array 402 into digital representations.
  • the analog to digital converter 424 passes each digital representation to the microcontroller 404 upon receiving a strobe signal produced by the microcontroller 404.
  • the data storage device 400 allows the microcontroller 404 to receive mediametric data relating to charge levels of memory cells in the memory array 402 and to use this data to generate cryptographic keys in a similar fashion to that discussed above for the microcontroller 304.
  • Fig. 5 illustrates a method 500 of mediametric initialization in preparation for encryption, according to the present invention.
  • data is stored in a memory array having mediametric characteristics.
  • the memory array possesses physical characteristics which are difficult or impossible to duplicate, but which can be precisely measured.
  • the memory array may be an array such as the array 302 of Fig. 3, the array 402 of Fig. 4, or any other suitable memory array, wherein the mediametric characteristics are levels of charges trapped in the memory cells.
  • Storage and retrieval of data to and from the memory array, and processing of data is preferably accomplished by a data processing device such as the microcontroller 304 of Fig. 3, the microcontroller 404 of Fig. 4, or any other suitable data processing device.
  • Storing the data establishes a set of mediametric data in the memory array, by setting a new charge level in each cell.
  • initial values are acquired.
  • a data set is collected.
  • an initial index is generated. This is an index pointing to a memory cell from which mediametric data, such as the level of trapped charges in the memory cell, is to be obtained.
  • the mediametric value of the memory cell specified in the index is acquired.
  • the charge level or similar data is read and the mediametric data is suitably converted to a digital representation for easy storage and processing by a digital processor.
  • the mediametric value is accumulated. That is, it is stored, either individually or through summing or other processing with other mediametric values that have previously been recovered.
  • a determination is made as to whether the desired data set is complete. If the data set is not complete, the process continues to step 514, and a new index is generated in order to acquire data from an additional memory cell.
  • the process proceeds to step 516, and the set of index parameters, comprising all indices which have been generated, is updated.
  • the set of index parameters is stored, and the process returns to step 508.
  • Fig. 6 illustrates a method 600 of mediametric key generation according to the present invention.
  • initial values are acquired.
  • the initial values are mediametric data obtained from a device.
  • the device may suitably be a storage device such as the serial memory array 402 of Fig. 4 or the parallel memory array 302 of Fig.
  • the mediametric data may suitably be definitions of levels of trapped charges within the memory array.
  • Storage and retrieval of data to and from the memory array, and processing of data is preferably accomplished by a data processing device such as the microcontroller 304 of Fig. 3, the microcontroller 404 of Fig. 4, or any other suitable data processing device.
  • a data processing device such as the microcontroller 304 of Fig. 3, the microcontroller 404 of Fig. 4, or any other suitable data processing device.
  • an initial index is generated. This is a location within the array from which mediametric data is to be retrieved.
  • the mediametric value at the array location indicated by the index is retrieved.
  • the retrieved value is accumulated with all other previously retrieved values.
  • a determination is made as to whether the data set is complete.
  • step 61 1 the previously stored index parameters are retrieved.
  • step 612 the next index is generated.
  • step 612 the next index is generated.
  • step 616 the process proceeds to step 616 and a key is generated using the accumulated mediametric parameters.
  • step 618 the cyclic redundancy code associated with the key is retrieved. This is the cyclic redundancy code generated for the key during the process 500 of Fig. 5.
  • step 620 the key is verified using the cyclic redundancy code.
  • step 622 the key is stored in a volatile memory, preferably within the data processing device. If the key does not pass verification, the process proceeds to step 624 and an error counter is incremented. Next, at step 626, the error counter is compared to a predetermined limit. If the limit is exceeded, the process proceeds to step 628 and an error is reported. If the error limit is not exceeded, the process returns to step 602 and a new attempt is made to generate a key.
  • Fig. 7 illustrates a method 700 of data encryption using a mediametric key such as the key generated by the method 600 of Fig. 6.
  • a mediametric key is generated. This may be done by performing the initialization method 500 of Fig. 5 and the key generation method 600 of Fig. 6.
  • the mediametric key is stored in a volatile memory, preferably within the data processing device.
  • data is retrieved from an outside source.
  • the data is cryptoprocessed using the mediametric key generated at step 702.
  • the cryptoprocessed data is output. For example, if the data has been encrypted, it may be output to a memory array for storage.
  • An optional step 712 may follow of erasing the mediametric key from the volatile memory.
  • mediametric properties In addition to generating a mediametric key for use in cryptoprocessing, it is possible to use mediametric properties to generate useful data. For example, it may be very useful to be able to produce a truly random number. Genuinely random numbers are difficult to generate, especially with limited processing resources such as may be used in a smart card.
  • the use of mediametric properties simplifies random number generation. Charge levels in a memory array are randomly distributed, providing a conveniently accessible source of random data. If charge level data is obtained from a sequence of cells, the charge level data can be used to construct a random number.
  • Fig. 8 illustrates a method 800 of random number generation according to the present invention.
  • data is written to a memory array.
  • the memory array may suitably be an EPROM or EEPROM such as the memory array 302 of Fig. 3, or the memory array 402 of Fig. 4.
  • Writing the data to the array establishes a random pattern of charge levels in the cells of the memory array.
  • a desired length of a random number is established.
  • a sequence of cells is established from which charge level data is to be obtained. The number of cells in the sequence is sufficient to yield a number of the desired length.
  • memory charge level data is retrieved from each cell in the sequence.
  • the charge level data is converted to digital representations for processing.
  • the representations of the charge level data are processed to produce a random number.

Abstract

A data storage device having mediametric properties used as a source of data for keys used in cryptoprocessing. The device may suitably include a memory array such as an EPROM or EEPROM comprising a plurality of memory cells, each cell containing a level of trapped charges. The levels of trapped charges are difficult or impossible to set to a predefined value, but may be read precisely once they are established. Moreover, the levels of cells are difficult or impossible to read unless provisions are made to allow them to be read. These factors establish the levels of trapped charges as secure and unpredictable sources of data. When it is desired to generate cryptoprocessing keys, the levels of trapped charges are read from selected cells (510), and may suitably be converted to numerical data for convenience in processing. The data thus retrieved is used to produce cryptoprocessing keys (520), which are then used for cryptoprocessing of data. The exact levels of charges in a memory array such as an EPROM or EEPROM is random, making this data suitable for easy and convenient generation of random numbers. When a random number is desired, data is written to selected cells of the memory array in order to establish random charge levels in the cells. The data is then retrieved from the selected cells and processed in order to yield a random number.

Description

METHODS AND APPARATUS FOR MEDIAMETRIC
DATA CRYPTOPROCESSING
Field of the Invention The present invention relates generally to improvements to cryptoprocessing of information. More particularly, the invention relates to using physical properties of the media used to record the information as a source of data for use in the generation of encryption keys. Background of the Invention Storage of financial and other information in solid-state devices such as smart cards is growing more and more prevalent. Large quantities of data representing customer or merchant information, transaction histories, or stored value may be placed on a card and given to the customer. The information may be completely self-contained on the card, allowing the information to be read directly from the card. This approach is different from the use of magnetic cards, which typically contain only an account number or other identifying information, which is used as an index to retrieve the customer information from a database. A smart card typically stores data in solid-state memory such as an EPROM or EEPROM. The card is placed in a card writer which provides information to the card in a numerical format and transfers the information through ports provided on the card. The card includes a microcomputer, which receives the information from the reader, processes the information, and stores the information in the memory. Similarly, whenever it is desired to use the information stored on the card, the microcomputer retrieves the information from memory, processes the information, and transfers the information through the ports to an external device such as a card reader. Because high-capacity memory devices are widely available, it is possible to store large quantities of data on such a card, making it versatile and convenient.
After information is written to the smart card, it can be given to a customer so that the customer can present the card for reading and writing of data as needed. For example, a cash card may be loaded with information representing cash credits. The card is given to the customer and presented to a merchant or bank whenever a debit is to be made. Upon presentation of the card, the merchant or bank places the card in a reader/writer, reads the balance on the card, makes an appropriate subtraction, and writes the new balance to the card. The debit can be made without a need to retrieve any information other than the information on the card itself. If a smart card is to be given to a customer, security is vital. A customer in possession of a smart card has long-term, unsupervised access to the card, and has the opportunity to attack the card at leisure in order to attempt to store unauthorized information on the card or to recover secret information from the card. It is possible for a skilled attacker to retrieve numerical information from a smart card through probing of the internal components of the device, or through other unauthorized means. If card security is provided only through numerical means, such as numerical authenticators or cryptoprocessing keys, it is possible to retrieve the information from the card and to obtain information intended to be secret, or to create a counterfeit card which contains information duplicated from a legitimate card.
Mediametric techniques offer considerable advantages in providing data security. These mediametric techniques provide security through the use of data related to physical characteristics of the storage media. Solid state media possess characteristics which are impossible to duplicate precisely, but which can be precisely measured. These include, for example, variations in the remnant charge of EEPROM 's, or variations in Row/Column addressing circuits. These and other characteristics have been used for authentication. A numerical representation, or fingerprint, of authenticating characteristics is created and stored. When the card is presented, the authenticating characteristics are measured, and a fingerprint is created and compared against the original fingerprint. Such techniques are described in detail in Fernandez U.S. Patent No. 5,644,636, which is assigned to the assignee of the present invention and incorporated in its entirety herein by reference.
One advantage of such mediametric techniques is that some solid-state devices possess characteristics which will be altered by any tampering with the device. This may be true even when tampering with the device will succeed in revealing the numerical data stored in the device.
For example, it is possible to disassemble an EPROM or EEPROM memory and determine the numerical contents of memory cells through the use of a probe. However, it is not possible to read the precise levels of charges through such probing, as the use of the probe will alter the levels of the charges. It is possible for a memory to supply charge level data if suitable ports are supplied for the purpose, but if no external access to the ports is given, determination of the charge levels is difficult or impossible.
In systems of the prior art, mediametric techniques have been used for authentication and not to secure secret data. A prior-art mediametric card can be made secure against counterfeiting. For example, after a card is to be programmed with data, a "fingerprint" is generated, consisting of numerical representations of levels of trapped charges in selected memory cells. The fingerprint is then provided to an external device and stored. When the card is to be used again, the fingerprint is read from the card and compared against the stored fingerprint before the card is accepted as authentic.
Such techniques do not provide for security of secret data stored on the card. In techniques of the prior art, data to be securely stored may be encrypted using numerical encryption techniques. If the encryption keys are stored in the memory in numerical form, they are vulnerable to unauthorized recovery. An attacker may simply probe the memory to extract numerical information from any desired location within the memory, in a search for the keys. Once the keys are identified, the attacker can simply decrypt the data. There exists, therefore, a need in the art for techniques for securing of secret data which provide enhanced resistance to attack. Summary of the Invention
To this end, as discussed in greater detail below, a mediametric technique is provided to advantageously enhance resistance to attack of smart card data. In one respect, a data storage device according to the present invention may suitably be embodied as a smart card. The smart card includes a memory array such as that of an EPROM or EEPROM, which can be read by a microcontroller residing on the card. The memory array comprises a plurality of memory cells, each of which is characterized by a charge level. Each cell contains a representation of a binary digit in the form of a level of charge, which may be a "high" level of charge for a binary "1" and a "low" level of charge for a binary zero. The "high" and "low" levels of charge differ widely, making it easy to distinguish between a "1" and a "0". Programming a cell involves placing a high or low level of charge in the cell, depending on whether a "1" or a "0" is desired. It is not possible to set the level of charge precisely, but once the level of charge has been established it may be precisely measured. The microcontroller can read the levels of charge, but in order for this information to be accessible outside the smart card, the microcontroller must pass it outside the card. Therefore, if the microcontroller is designed or programmed to protect this information, it can be used inside the smart card, but cannot be obtained or known outside the internal workings of the smart card. This is because any attempt to open the memory array and read the memory contents will disrupt the levels of charge within the memory cells. The binary representations of data can be read in this way, but the act of reading will disrupt the charge levels.
It is therefore possible for the microcontroller to generate an internal encryption key, or alternatively a seed for an encryption key, using data representing charge levels of selected cells of the EEPROM. The encryption key generated from this data can be held within the microcontroller, without ever being released outside the microcontroller. Alternatively, the key may simply be generated when needed and erased after each use. The key provides very good security against compromise, because any attempt to obtain the charge levels will fail. In order to secure data for storage on a smart card according to the present invention, the data is encrypted using any of a number of standard encryption techniques. The particular technique employed is a matter of design choice, and does not affect the operation of the present invention. The encrypted data is written to the smart card. The encryption key used to encrypt the data, referred to here as the external key, is also provided to the smart card, preferably by providing the key to the microcontroller. After being provided to the smart card, the external key is itself encrypted, using an internal key generated according to the techniques of the present invention.
The internal key is generated using charge level data from the EEPROM. The microcontroller retrieves charge level data from selected cells within the EEPROM. This charge level data is converted from analog to digital form in order to be operated on by the microcontroller. The charge level data need not be stored in numerical form, but can simply be retrieved from the EEPROM whenever it is needed. This secures the charge level data from being discovered, and therefore prevents discovery of the internal key.
Once the charge level data has been retrieved, the microcontroller uses it to encrypt or decrypt the external key. This may be done by using the charge level data to generate an internal key, or alternatively to generate a seed for an internal key. Once the internal key has been generated, it is then used for cryptoprocessing of the external key. After the external key has been provided to the microcontroller and encrypted, it can then be stored in the EEPROM. When data is to be stored on the smart card, the external key can be retrieved, decrypted using the internal key, and used to encrypt the data for storage on the card. Once the data is stored, it is secure. It is encrypted using the external key, but the external key is stored on the card in encrypted format. The internal key cannot be retrieved in order to encrypt the external key, because the internal key is not stored in numerical form. Instead, it is simply obtained whenever needed by examining the physical properties of the EEPROM cells, and these properties cannot be known outside the card. A more complete understanding of the present invention, as well as further features and advantages of the invention, will be apparent from the following Detailed Description and the accompanying drawings. Brief Description of the Drawings
Fig. 1 illustrates an exemplary memory cell used in a data storage device according to the present invention; b
Fig. 2 is a graphical representation of differing charge levels prevailing in a memory array employed in a data storage device according to the present invention;
Fig. 3 illustrates a first data storage device according to the present invention including an EEPROM array, where parallel access is provided to the array; Fig. 4 illustrates a second data storage device according to the present invention including an EEPROM array, where parallel access is provided to the array;
Fig. 5 illustrates a method of initialization in preparation for generation of a mediametric cryptoprocessing key according to the present invention;
Fig. 6 illustrates a method of mediametric key generation according to the present invention;
Fig. 7 illustrates a method of mediametric key cryptoprocessing according to the present invention; and
Fig. 8 illustrates a method of generating a random number using mediametric properties of a device. Detailed Description
Fig. 1 illustrates a memory cell 100 which may be advantageously employed according to the teachings of the present invention. The memory cell 100 may comprise a transistor integrated on a p-type substrate 102. The transistor comprises a source (S) 104 and a drain (D) 106 which are fabricated using well known techniques by the diffusion of N+ impurities on the substrate 102. The transistor includes a field oxide layer 108 that overlays the source 104 and the drain 106, and a floating gate 110 fabricated from a first layer of polysilicon that overlays the oxide layer 108. The transistor further comprises a gate 112 fabricated from a second layer of polysilicon that overlays the floating gate 110. Data may be programmed in the memory cell 100 for purposes of data storage according to the well known technique of floating-gate charge injection. For example, a potential which is typically greater than 12 volts is applied to the drain 106 to create a strong electric field that energizes electrons to jump from the drain 106 region to the floating gate 110 region. The electrons attracted to the floating gate 110 become trapped in the floating gate 110 when the potential is removed from the drain 106. When charges are trapped in the floating gate 110, the threshold of the memory cell 100 changes from a relatively low value, which is associated with the memory cell 100 when no charge or a small charge is present and is called an erased condition, to a higher value, which indicates that programming of the memory cell 100 has occurred. If a low voltage potential for programming a logic level low or "0" in the memory cell 100 is applied to the gate 112, then electrons are not attracted to the floating gate 110, and thus the floating gate 110 remains uncharged. On the other hand, if a high voltage potential for programming a logic level high or "1" is applied to the gate 112, then a large number of electrons will be attracted to the floating gate 18, thereby charging the floating gate 110.
It is well known to one of skill in the art that typical voltages for programming high and low logic levels depend upon the type and design of the semiconductor memory device being used. The level of charges that will be trapped in the memory cell 100 as a result of programming depends upon the characteristics of the semiconductor material and the geometry of the structures in the memory cell 100. For instance, variations in doping levels and dopant purities and the thickness of doped regions of a semiconductor substrate will cause inherent random variations in the level of charges that are trapped in a memory cell when a specific voltage level is applied for a specified amount of time during programming. These inherent random variations make reproduction or duplication of the same relative level of trapped charges in a second memory cell for purposes of obtaining an identical level of trapped charge in the second memory cell very difficult, if not impossible. The level of charges which will be trapped in a memory cell also depends on environmental conditions, such as temperature and the presence of stray static charges, existing at the time that the memory cell is programmed. In addition, the previous level of trapped charges for the memory cell and the total number of write cycles applied to the memory cell, known as the history of the memory cell, contribute to the level of charges trapped in the memory cell. Therefore, with each programming event the pattern of the trapped charges in memory cells of a memory array will vary in a manner which cannot be reproduced, even when the same memory cell is programmed with the identical data.
In an application such as a smart card, it is possible to embed an array of memory cells such as the memory cell 100 into the card, and design the array with one or more ports by which the charge levels of the memory cells may be read by a device such as a microcontroller or microprocessor which is also embedded in the card. If the array and the card are designed such that no external access is allowed to the memory array, the charge level data will be very difficult or almost impossible to intercept. The binary contents of the memory cells such as the cell 100 can be intercepted from outside, because the digital representations of binary data have relatively wide tolerances. However, an attack which attempts to obtain the precise charge levels other than through the port will disrupt the charge levels, such that the attacker will be unable to recover the correct data. The present invention utilizes the inherent, unique and irreproducible variations in the level of trapped charges of each programmed memory cell such as the cell 100 to provide a substantial amount of unpredictable data, which remains stable between write cycles of each of the cells, but which is nearly immune from unauthorized access. This data can be used to generate encryption keys which are used exclusively by the smart card and which are not known outside the smart card.
Fig. 2 is a graphical representation of differing charge levels prevailing in a memory array 200 which may be suitably employed in a data storage device according to the present invention. Charges are at either high or low states, but the high states are not identical to one another, and the low states are not identical to one another. Charge levels 202 and 204, for example, are both in a high state, but they are not identical. Similarly, charge levels 206 and
208 are both in a low state, but are not identical. In writing data to the array 200, it is a simple matter to set each memory cell at a charge level corresponding to a high or a low state, but it is not possible to specify the exact charge level of the memory cell. However, it is easy to read the charge level of each memory cell with great precision, provided that suitable connections are provided for this purpose.
Fig. 3 illustrates a data storage device 300 providing data security according to the principles of the present invention. The device 300 includes a memory array 302, which is here shown as an EEPROM comprising an array of memory cells similar to the cell 100 of Fig. 1. The array 302 is embodied here as an EEPROM because such devices typically include additional mechanisms, such as analog input and output lines for erasing or rewriting data to memory cells of memory arrays, that are useful for explaining the techniques and advantages of the present invention. A memory chip utilizing non-volatile floating-gate
EEPROM cell technology has been developed by Information Storage Devices ™, and such a device may be used to practice the invention. However, it is to be understood that the memory array 302 may be any suitable device which comprises memory cells which are structurally and operationally similar to that of the memory cell 100 of FIG. 1, described above, and that most semiconductor memory devices may be adapted for use with this invention.
The storage device 300 also includes a microcontroller 304, which includes a microprocessor 306, RAM 308 and ROM 310. The microcontroller 304 also includes a data port 311 to allow transfer of data between the data storage device 300 and an external device. The data port 31 1 is connected to the microprocessor 306 and may suitably be a data bus.
It is also necessary to allow the microcontroller 304 to communicate with the memory array 302. An address bus 312 and data bus 314 enable transfer of numerical data between the microcontroller 304 and the array 302. In addition, first and second analog outputs 316 and 318 of the array 302 are used to provide access to charge level data of memory cells in the memory array 302, for use by the microcontroller 304. In order to provide data security, the storage device 300 employs the charge level data describing charge levels of selected memory cells in the array 302. The first and second analog outputs 316 and 318 are used as inputs to first and second operational amplifiers 320 and 322. The outputs of the operational amplifiers 320 and 322 are provided as inputs of a differential amplifier 324. The output of the differential amplifier 324 is provided to an analog to digital (A/D) converter 326, which converts the analog data to digital data which can be processed by the microcontroller 304. The A/D converter 326 provides data to the microcontroller 304 by means of a data line 328. The microcontroller 302 is controlled so that it accepts data from the A/D converter by means of the application of a control signal or signals on a strobe line 330.
Whenever an internal key is needed for use by the microcontroller 304, the microcontroller 304 directs the memory array 302 to provide charge level data from selected cells. This data is provided through the analog outputs 316 and 318, conditioned by the operational amplifiers 320 and 322 and the differential amplifier 324, and converted to digital form by the A/D converter 326. The digital data representing the charge level data is then processed by the microcontroller 304. The microcontroller 304 uses this data to generate the internal key, which may then be used to encrypt an external key provided from outside the data storage device 300. The microcontroller 304 can then store the encrypted external key in the array 302. The external key, or any other data which is desired to be stored after retrieval of the charge data from which the internal key is generated, must be stored in memory cells other than the memory cells whose charge level data is used to generate the internal key. This is because the charge level in a cell changes whenever data is written to the cell. If data is written to the cell, therefore, the charge level of the cell will not be usable for reconstruction of the internal key. It is possible to implement the various components of the storage device 300 on a single integrated circuit. This helps to provide security, as all connections except for the data port 31 1 would then be inside the integrated circuit.
Fig. 4 illustrates an alternative data storage device 400 according to the present invention, illustrating the use of mediametric data security techniques with serial memories. The device 400 employs a serial memory array 402. The memory array 402 may suitably be a serial EPROM or EEPROM. The memory array 402 is connected to a microcontroller 404, which includes a microprocessor 406, RAM 408 and ROM 410. The microcontroller 404 also includes a data port 41 1 to allow transfer of data between the data storage device 400 and an external device. The data port 411 is connected to the microprocessor 406 and may suitably be a data bus. The memory array 402 communicates with the microcontroller 404 using a clock line 412 and a data line 414. Each of the array 402 and the microcontroller 404 passes data to the other by placing data on the data line 414 one bit at a time and sending a clock input along the clock line for each bit. The memory array 402 also provides an analog output 416, which is used to provide charge level data to the microcontroller 404. The analog output is connected to an operational amplifier 418, which receives and processes mediametric data from the array 402, the mediametric data being charge level readings for levels of trapped charge in cells of the array 402. The operational amplifier 418 produces an output which is then used as an input to a sample and hold circuit 420 and a differential amplifier 422. The sample and hold circuit 420 passes its input to the differential amplifier 422 upon receiving a latch signal produced by the microcontroller 404. The output of the differential amplifier 422 is received by an analog to digital (A/D) converter 424, which converts the analog data representing charge levels of cells of array 402 into digital representations. The analog to digital converter 424 passes each digital representation to the microcontroller 404 upon receiving a strobe signal produced by the microcontroller 404. The data storage device 400 allows the microcontroller 404 to receive mediametric data relating to charge levels of memory cells in the memory array 402 and to use this data to generate cryptographic keys in a similar fashion to that discussed above for the microcontroller 304.
It is possible to implement the various components of the storage device 400 on a single integrated circuit. This single circuit implementation helps to provide security, as all connections except for the data port 411 would then be inside the integrated circuit. Fig. 5 illustrates a method 500 of mediametric initialization in preparation for encryption, according to the present invention. At step 502, data is stored in a memory array having mediametric characteristics. The memory array possesses physical characteristics which are difficult or impossible to duplicate, but which can be precisely measured. The memory array may be an array such as the array 302 of Fig. 3, the array 402 of Fig. 4, or any other suitable memory array, wherein the mediametric characteristics are levels of charges trapped in the memory cells. Storage and retrieval of data to and from the memory array, and processing of data, is preferably accomplished by a data processing device such as the microcontroller 304 of Fig. 3, the microcontroller 404 of Fig. 4, or any other suitable data processing device. Storing the data establishes a set of mediametric data in the memory array, by setting a new charge level in each cell. At step 504, initial values are acquired. Next, a data set is collected. At step 506, an initial index is generated. This is an index pointing to a memory cell from which mediametric data, such as the level of trapped charges in the memory cell, is to be obtained. Next, at step 508, the mediametric value of the memory cell specified in the index is acquired. That is, the charge level or similar data is read and the mediametric data is suitably converted to a digital representation for easy storage and processing by a digital processor. At step 510, the mediametric value is accumulated. That is, it is stored, either individually or through summing or other processing with other mediametric values that have previously been recovered. Next at step 512, a determination is made as to whether the desired data set is complete. If the data set is not complete, the process continues to step 514, and a new index is generated in order to acquire data from an additional memory cell. Next, the process proceeds to step 516, and the set of index parameters, comprising all indices which have been generated, is updated. Next, at step 518, the set of index parameters is stored, and the process returns to step 508. If the data set is complete, the process continues to step 520 and an optimum mediametric key is generated. Next, at step 522, a mediametric parameter set is generated. Next, at step 524, the mediametric parameter set is stored. Next, at step 526, a cyclic redundancy code (CRC) for the mediametric key is generated. Next, at step 528, the mediametric key CRC is stored. Fig. 6 illustrates a method 600 of mediametric key generation according to the present invention. At step 602, initial values are acquired. The initial values are mediametric data obtained from a device. The device may suitably be a storage device such as the serial memory array 402 of Fig. 4 or the parallel memory array 302 of Fig. 3, and the mediametric data may suitably be definitions of levels of trapped charges within the memory array. Storage and retrieval of data to and from the memory array, and processing of data, is preferably accomplished by a data processing device such as the microcontroller 304 of Fig. 3, the microcontroller 404 of Fig. 4, or any other suitable data processing device. At step 604, an initial index is generated. This is a location within the array from which mediametric data is to be retrieved. Next, at step 606, the mediametric value at the array location indicated by the index is retrieved. Next, at step 608, the retrieved value is accumulated with all other previously retrieved values. Next, at step 610, a determination is made as to whether the data set is complete. If the data set is not complete, the process proceeds to step 61 1 and the previously stored index parameters are retrieved. Next, at step 612, the next index is generated. The process then returns to step 606. If the data set is complete, the process continues to step 614 and the accumulated mediametric parameters are retrieved. Next, the process proceeds to step 616 and a key is generated using the accumulated mediametric parameters. Next, at step 618, the cyclic redundancy code associated with the key is retrieved. This is the cyclic redundancy code generated for the key during the process 500 of Fig. 5. Next, at step 620, the key is verified using the cyclic redundancy code. If the key passes the verification, the process proceeds to step 622 and the key is stored in a volatile memory, preferably within the data processing device. If the key does not pass verification, the process proceeds to step 624 and an error counter is incremented. Next, at step 626, the error counter is compared to a predetermined limit. If the limit is exceeded, the process proceeds to step 628 and an error is reported. If the error limit is not exceeded, the process returns to step 602 and a new attempt is made to generate a key.
Fig. 7 illustrates a method 700 of data encryption using a mediametric key such as the key generated by the method 600 of Fig. 6. At step 702, a mediametric key is generated. This may be done by performing the initialization method 500 of Fig. 5 and the key generation method 600 of Fig. 6. Next, at step 704, the mediametric key is stored in a volatile memory, preferably within the data processing device. Next, at step 706, data is retrieved from an outside source. Next, at step 708, the data is cryptoprocessed using the mediametric key generated at step 702. Next, at step 710, the cryptoprocessed data is output. For example, if the data has been encrypted, it may be output to a memory array for storage. An optional step 712 may follow of erasing the mediametric key from the volatile memory. In addition to generating a mediametric key for use in cryptoprocessing, it is possible to use mediametric properties to generate useful data. For example, it may be very useful to be able to produce a truly random number. Genuinely random numbers are difficult to generate, especially with limited processing resources such as may be used in a smart card. The use of mediametric properties simplifies random number generation. Charge levels in a memory array are randomly distributed, providing a conveniently accessible source of random data. If charge level data is obtained from a sequence of cells, the charge level data can be used to construct a random number.
Fig. 8 illustrates a method 800 of random number generation according to the present invention. At step 802, data is written to a memory array. The memory array may suitably be an EPROM or EEPROM such as the memory array 302 of Fig. 3, or the memory array 402 of Fig. 4. Writing the data to the array establishes a random pattern of charge levels in the cells of the memory array. At step 804, a desired length of a random number is established. At step 806, a sequence of cells is established from which charge level data is to be obtained. The number of cells in the sequence is sufficient to yield a number of the desired length. At step 808, memory charge level data is retrieved from each cell in the sequence. At step 810, the charge level data is converted to digital representations for processing. At step 812, the representations of the charge level data are processed to produce a random number.
While the present invention is disclosed in the context of a presently preferred embodiment, it will be recognized that a wide variety of implementations may be employed by persons of ordinary skill in the art consistent with the above discussion and the claims which follow below.

Claims

We claim:
1. A secure data storage system, comprising: a memory possessing mediametric properties; and a processor adapted to receive data relating to mediametric properties of the memory and use the mediametric properties as data to generate an encryption key to encrypt data for storage in the memory.
2. The data storage system of claim 1 and further including a conversion circuit to provide a numerical representation of the mediametric properties of the memory for easy use by the processor.
3. The data storage system wherein the memory comprises a memory array including a plurality of memory cells, each of the memory cells being programmable through the application of a voltage which serves to trap charges within the memory cell, the mediametric properties of the memory being the level of trapped charges within each cell.
4. The data storage system of claim 3 wherein the memory array includes an analog output to enable reading the levels of trapped charges, and wherein the conversion circuit includes an analog to digital converter to convert the levels of trapped charges to a digital representation.
5. The data storage system of claim 4 wherein the memory array is a parallel memory array.
6. The data storage system of claim 4 wherein the memory array is a serial memory array.
7. The data storage system of claim 4 wherein the memory array, the conversion circuit and the processor are contained in a single integrated circuit.
8. The data storage system of claim 7 wherein the integrated circuit includes a data port to provide external access to the processor.
9. The data storage system of claim 8 wherein the integrated circuit is embedded within a smart card.
9. The data storage system of claim 8 wherein the mediametric properties are used to generate an internal key used for cryptoprocessing solely within the data storage system, and wherein the data cryptoprocessed by the internal key includes an external key to be used for cryptoprocessing of data supplied to the data storage system.
10. A method of secure data storage, comprising the steps of: retrieving mediametric data relating to the mediametric properties from the device; processing the mediametric data to create a mediametric cryptoprocessing key for cryptoprocessing of data stored in the device; and cryptoprocessing data for storage in the device using the mediametric key.
11. The method of claim 10 wherein the device is a memory array comprising a plurality of memory cells and the mediametric data comprises levels of trapped charges in each of the memory cells.
12. The method of claim 11 wherein the mediametric data is converted to digital form for processing.
13. The method of claim 12 wherein the step of retrieving the mediametric data is preceded by the steps of establishing a desired key length and selecting cells from which mediametric data is to be retrieved and the step of retrieving the data comprises sequentially retrieving that data from each of the selected cells and accumulating the data until data has been retrieved from each of the selected cells.
14. The method of claim 13 wherein the key is verified using a cyclic redundancy code.
15. The method of claim 14 wherein the step of selecting cells from which the mediametric data is to be retrieved is followed by the step of writing numerical data to the selected cells in order to establish new random mediametric data for key generation.
16. A method of random number generation comprising: retrieving mediametric data from selected cells of a memory array; converting the mediametric data to numerical representations; and processing the numerical representations to produce the random number.
PCT/US2001/013504 2000-05-01 2001-04-26 Methods and apparatus for mediametric data cryptoprocessing WO2001084767A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
AU2001255712A AU2001255712A1 (en) 2000-05-01 2001-04-26 Methods and apparatus for mediametric data cryptoprocessing

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US09/562,336 US6993130B1 (en) 2000-02-04 2000-05-01 Methods and apparatus for mediametric data cryptoprocessing
US09/562,336 2000-05-01

Publications (1)

Publication Number Publication Date
WO2001084767A1 true WO2001084767A1 (en) 2001-11-08

Family

ID=24245863

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2001/013504 WO2001084767A1 (en) 2000-05-01 2001-04-26 Methods and apparatus for mediametric data cryptoprocessing

Country Status (2)

Country Link
AU (1) AU2001255712A1 (en)
WO (1) WO2001084767A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE102005024379A1 (en) * 2005-05-27 2006-11-30 Universität Mannheim A method for generating and / or embossing a recoverable cryptographic key in the production of a topographical structure

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5412718A (en) * 1993-09-13 1995-05-02 Institute Of Systems Science Method for utilizing medium nonuniformities to minimize unauthorized duplication of digital information
US5434917A (en) * 1993-10-13 1995-07-18 Thomson Consumer Electronics S.A. Unforgeable identification device, identification device reader and method of identification
US6233339B1 (en) * 1996-10-25 2001-05-15 Fuji Xerox Co., Ltd. Physical property based cryptographics

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5412718A (en) * 1993-09-13 1995-05-02 Institute Of Systems Science Method for utilizing medium nonuniformities to minimize unauthorized duplication of digital information
US5434917A (en) * 1993-10-13 1995-07-18 Thomson Consumer Electronics S.A. Unforgeable identification device, identification device reader and method of identification
US6233339B1 (en) * 1996-10-25 2001-05-15 Fuji Xerox Co., Ltd. Physical property based cryptographics

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
MENEZES A.J. ET AL.: "The handbook of applied cryptography", 1996, XP002943587 *
SCHNEIER B.: "Applied cryptography", 1996, pages 44-46 - 589, XP002943586 *

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE102005024379A1 (en) * 2005-05-27 2006-11-30 Universität Mannheim A method for generating and / or embossing a recoverable cryptographic key in the production of a topographical structure

Also Published As

Publication number Publication date
AU2001255712A1 (en) 2001-11-12

Similar Documents

Publication Publication Date Title
US6993130B1 (en) Methods and apparatus for mediametric data cryptoprocessing
US5644636A (en) Method and apparatus for securing data stored in semiconductor memory cells
US5818738A (en) Method for testing the authenticity of a data carrier having an integrated circuit
JP6617924B2 (en) Non-volatile memory device and integrated circuit card having tamper resistance, non-volatile memory device authentication method, and individual identification information generation method
JP6587188B2 (en) Random number processing apparatus, integrated circuit card, and random number processing method
US6678823B1 (en) Methods and apparatus for authenticating data stored in semiconductor memory cells
AU615832B2 (en) Multilevel security apparatus and method with personal key
US6615351B1 (en) Method for checking the authenticity of a data medium
Kasper et al. All You Can Eat or Breaking a Real-World Contactless Payment System: (Short Paper)
US10740476B2 (en) Tamper-proof storage using signatures based on threshold voltage distributions
JPH06501324A (en) Smart card validation device and method
US20050005156A1 (en) Cryptographic-key management device
US7877712B2 (en) System for and method of verifying IC authenticity
US20170010981A1 (en) Memory circuit using resistive random access memory arrays in a secure element
Jia et al. Extracting robust keys from NAND flash physical unclonable functions
US20050005108A1 (en) Cryptographically secure transactions with optical cards
US7941672B2 (en) Regeneration of a secret quantity from an intergrated circuit identifier
CA2286851C (en) System for the secure reading and editing of data on intelligent data carriers
US20040267847A1 (en) Hardware random-number generator
WO2001084767A1 (en) Methods and apparatus for mediametric data cryptoprocessing
JP4647446B2 (en) Semiconductor memory device
JP2005524915A (en) System and authentication method
JP3878970B2 (en) Prepaid card and counterfeit identification device
WO2004102860A2 (en) Cryptographically secure transactions with optical cards
JPS636659A (en) Person in question confirming system

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): AU CA JP KR

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR

121 Ep: the epo has been informed by wipo that ep was designated in this application
DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
122 Ep: pct application non-entry in european phase
NENP Non-entry into the national phase

Ref country code: JP