Authentication systems are used for security purposes to verify the authenticity of one or more parties or entities during a transaction. Traditionally, authentication systems have been manual, involving personal recognition or quick verification of a party via some form of additional identification. One very familiar authentication process occurs when purchasing an item with a personal check. The sales clerk will process the check only if he/she recognizes the person writing the check or if the person presents another piece of identification (e.g., a credit card or driver's license) to verify their authenticity as the specific person who is tendering the check.
Today, many authentication systems are electronic. A familiar electronic authentication system is a common credit card purchase. A card issuer issues a credit card to a consumer to enable the consumer to purchase items on credit. Credit cards that are primarily in use today consist of magnetic-stripe memory cards that have a single magnetic stripe (“mag-stripe”) on one side. The magnetic stripe contains information about the card issuer, the consumer, and his/her account.
During a purchase transaction, the consumer presents the credit card to a sales clerk, who authenticates the card before finalizing the transaction. The credit card authentication process is typically performed “online”. The sales clerk swipes the card through a reader, which extracts the card data from the magnetic stripe and transmits the data over a network to the card issuer (or a third party contracted to handle authentication requests). The card issuer checks to ensure that the card is still valid (i.e., has not expired), has not been revoked as being lost or stolen, and the corresponding account is below the authorized credit limit. If the authentication is successful, the card issuer returns an approval and the sales clerk completes the transaction. With conventional telecommunications and computerized processes, the entire credit card authentication process is typically handled in an acceptable length of time, such as a few seconds.
Today, there is increasing use of “smart cards” in place of, or in addition to, conventional magnetic stripe cards. A “smart card” is a thin card about the size of a credit card, with a built-in processor that enables the card to modify, or even create, data in response to external stimuli. The processor is a single-wafer integrated circuit (IC) which is mounted on an otherwise plastic card. For this reason, smart cards are often referred to as one class of “integrated circuit cards” or “IC cards”.
As smart card technology becomes more pervasive, it paves the way for conducting a variety of new transactions, such as electronic money, which are not available with conventional mag-stripe cards. Smart cards also open up the arena for conducting certain new “offline” transactions, which do not involve validating a card with a central authority. These offline electronic transactions are typically performed without the human intervention, such as from a sales clerk.
Smart cards are equipped with authentication capabilities used to establish the identity of an entity with which it is communicating. An identity can be an individual human being, a business, a piece of computing hardware, software code, a network node, an organizational role, or an accreditation agent. Smart cards also have authorization capabilities to control access to resources stored on the cards or elsewhere. Authentication capabilities are typically in the form of a secret password or cryptographic keys. For a basic introduction of cryptography, the reader is directed to a text written by Bruce Schneier and entitled “Applied Cryptography: Protocols, Algorithms, and Source Code in C,” published by John Wiley & Sons with copyright 1994 (second edition 1996).
Smart cards have programs and data that are specifically dedicated to performing these authentication capabilities. These special programs and data define a natural point to attack on the authentication subsystem of a network. Many of the various physical and environmental attacks that are detected are based on identifying and carefully observing the special steps, calculations and hardware that are dedicated to performing the authentication capabilities.
One type of attack is the so-called differential power attack. This attack is directed to observing the power consumption of the smart card and ascertaining the type of processing that takes place through changes in the power that is consumed by the card. For example, when a binary multiplication operation is performed, more power is drawn from the external power supply when the multiplier is “1” than when the multiplier is “0”. Thus, by monitoring the power consumption during a time that a card is handling cryptographic material, one can ascertain what mathematical operations are taking place.
Another kind of attack is a so-called timing attack. A timing attack monitors the time that it takes to perform certain operations, e.g. it takes longer to multiply by 1 than it does to multiply by 0. Thus, if authentication times take longer, that may be an indication that there are more 1s in an authentication key than 0s.
In order to counter these types of attacks, authentication keys and protocols have become more complex. This has had an impact on the amount of special purpose software and hardware that must be used to manipulate authentication keys. Ironically, the increase in complexity may actually make a system easier to attack.
Because of the need for special processing and calculations, secret key authentication procedures typically decouple the authentication process from other normal data processing. As a result, the authentication process can be more easily identified, isolated, and subjected to an attack. Attacks such as the “man in the middle” attack and the replay attack are attacks on the authentication procedure and not necessarily on the authentication data. In fact, many of the weaknesses in the authentication systems are in the increasingly complex protocols that are used to conduct the authentication process and not in the explicit revealing of the key material being used.
Accordingly, this invention arose out of concerns associated with providing improved methods and systems for authenticating identities.