As it is well known, an IC Card is an electronic device intended to communicate with a reader device via a standard communication channel, generally comprising a contact pad of the IC Card. As schematically represented in FIG. 1, the IC Card comprises electronic components, for example, a CPU and one or more memory portions for storing data, and the IC Card is generally powered by the reader device, for example, through a contact between the contact pad of the IC Card and a respective contact pad on the reader device. More particularly, the reader device is responsible not only to power the CPU and the memory portions of the IC Card, but also to provide a clock signal to the IC Card for the synchronization of the electronic components of the IC Card.
The reader device includes a clock for generating, by an oscillator, a stationary and regular train of clock signals for the electronic components of the IC Card, for example, for synchronizing its instruction decoder, ALU, memory bus, etc.
To measure time, the IC Card generally comprises a timer, including a counter that is incremented at each clock signal received by the reader device. The IC Card also generally stores a threshold value to be compared with the counter. When the counter reaches the threshold value, the timer is aware that specific times have elapsed and sends an interrupt to the other electronic components of the IC Card. For example, a program executing inside the IC Card may be notified by the timer when a specific time is elapsed.
When the reader device is a portable device, for example, a mobile telephone with limited power supply autonomy, some measures are introduced to limit the power consumption, for example, by limiting the power supply to the IC Card when no operations are ongoing between the IC Card and the reader device.
FIG. 2 schematically represents a mobile telephone 2 intended to communicate with an IC card 1 via a reader/device IC Card interface. For example, the measures for limiting the power consumption of the reader device may be intended to suspend the clock signal, and at the same time, maintaining a power supply to other electronic components of the IC Card, for example, to the memory portions, in order to maintain available IC Card data stored therein.
More particularly, in order to save energy, the IC Card may suspend the power supply to one or more components in response to power saving mode entering requested by the reader device, for example, electronic components used for counting time, like the timer or the CPU.
For clarity, in the following description a status in which the IC Card is not able to count time is indicated with the term “clock stop”. Due to a clock stop, the IC Card is not aware of the time. In fact, when a provision of a clock signal is restored by the reader device after a clock stop, the timer of the IC Card may restart to count time, but it is not aware of the time past due to the clock stop. In other words, it is not aware of the time past during the suspension of the clock signal.
An IC Card not aware of time is exposed to potential attacks. For example, an IC Card security policy or algorithm may provide that, after an unsuccessful cryptographic operation with a cryptographic key, such an operation cannot be performed again before a specific time has occurred. In this case, a hacker may emulate a clock stop in order to execute attacks without being blocked, including several executions of cryptographic operations with a range of cryptographic keys.
IC Card standards generally require that the IC Card is in a clock stop status between two consecutive application protocol data units (APDU), as illustrated in FIG. 3. An APDU is a data exchange between the IC Card and the reader device.
When the reader device requests that the IC Card enter a clock stop status, it is impossible for the IC Card to measure the time over such multiple APDUs.
Known IC Cards attempt to measure time over multiple APDUs based on a timer service provided by a host device external to the IC Card. Such IC Cards try to replace the timer calculated internally to the IC Card when the IC Card is not able to process such a timer, due to the absence of a clock signal.
More particularly, such IC Cards provide the timer by executing the following steps: the IC Card sends a timer request for a time “n” to the host device; the host device allocates a time “n” and starts the timer service; the host device turns the clock signal off; the IC Card enters the clock stop status; and after time “n” has elapsed, the host device re-enables the clock signal for the IC Card and sends it a notification. As a result, the IC Card is aware that time “n” is passed.
However, such IC Cards are limited by several drawbacks since the timer service is not guaranteed to be secure. For example, because the host device is busy on a radio interface or on a user operation execution, it does not notify the IC Card as soon as the device timer is expired but only when it has served the radio interface or the user operation.
Moreover, the host device may not be a trusted entity with respect to the IC Card, and it is not guaranteed to be a trusted notification of the time, for example, because the host device is hacked, or the IC Card is inserted in a reader device programmed to emulate a response of the host device with accelerated scale time. Furthermore, even if the host device is trusted, for example, through a ciphered protocol for the communication with the IC Card, such trusted host device could not be available due to lack of a connection with the reader device that powers the IC Card.
Some IC Cards may measure time based on an internal clock, as illustrated in FIG. 1. The internal clock signal is generated inside the IC Card when in the clock stop status, or in other words, when the reader device suspends the clock signal.
Such an internal clock is not programmed based on a maximum power consumption admitted during the clock stop status, and it cannot provide the internal clock signal all the time in which the clock status occurs. The aim of such an internal clock, in fact, is not to be available when the external clock is stopped, but to provide a frequency clock much higher than the external one, also, when not in clock stop, to speed-up all the IC Card operations.
Other IC Cards, known in the GSM/UMTS standard, provides a timer based on the reader device informing the IC Card of the elapsed time by using a TIMER MANAGEMENT proactive command. However, these IC Cards do not provide an approach to the problem underlined above, since a reader device could not be considered a trusted device, and also because a clock signal request from the IC Card to the reader device may fail, for example, because the reader device is busy to perform other operations.
European patent application EP1480174 in the name of Axalto discloses how to securely request a time server current time stamp. The application fails to overcome the problem cited above since a time server is not always available, for example, if a current network coverage is not available, generating long delays in case of unsuccessful cryptographic operations. Also in this case, if the reader device or the server is not available, the time-out cannot be counted.