The present invention relates generally to improved techniques for data authentication. More particularly, the invention relates to the use of physical properties of the media used to record the information in generating a reference fingerprint for authenticating the data.
Storage of financial and other information in solid-state devices such as semiconductor memory cards is growing more and more prevalent. Large quantities of data representing customer or merchant information, transaction histories, or stored value may be placed on a card and given to the customer. The information may be completely self-contained on the card, allowing the information to be read directly from the card. This approach is different from the use of magnetic cards, which typically contain only an account number or other identifying information, which is used as an index to retrieve the customer information from a database. A semiconductor memory card typically stores data in solid-state memory such as an EPROM or EEPROM. The card is placed in a card writer which provides information to the card in a numerical format and transfers the information through ports provided on the card. The card includes a microcomputer, which receives the information from the reader, processes the information, and stores the information in the memory. Similarly, whenever it is desired to use the information stored on the card, the microcomputer retrieves the information from memory, processes the information, and transfers the information through the ports to an external device such as a card reader. Because high-capacity memory devices are widely available, it is possible to store large quantities of data on such a card, making it versatile and convenient.
After information is written to the semiconductor memory card, it can be given to a customer so that the customer can present the card for reading and writing of data as needed. For example, a cash card may be loaded with information representing cash credits. The card is given to the customer and presented to a merchant or bank whenever a debit is to be made. Upon presentation of the card, the merchant or bank places the card in a reader/writer, reads the balance on the card, makes an appropriate subtraction, and writes the new balance to the card. The debit can be made without a need to retrieve any information other than the information on the card itself.
If a semiconductor memory card is to be given to a customer, security is vital. A customer in possession of a semiconductor memory card has long-term, unsupervised access to the card, and has the opportunity to attack the card at leisure in order to attempt to store unauthorized information on the card. It is possible for a skilled attacker to retrieve numerical information from a semiconductor memory card through probing of the internal components of the device, or through other unauthorized means. If card security is provided only through numerical means, such as numerical authenticators, or cryptoprocessing keys, it is possible to create a counterfeit card which contains information duplicated from a legitimate card.
Mediametric techniques offer considerable advantages in providing reliable data authentication. These mediametric techniques provide security through the use of data related to physical characteristics of the storage media. Solid state media possess characteristics which are impossible to duplicate precisely, but which can be precisely measured. These include, for example, variations in the remnant charge of EEPROM""s, or variations in row/column addressing circuits. These and other characteristics have been used for authentication. A numerical representation, or fingerprint, of authenticating characteristics is created and stored. When the card is presented, the authenticating characteristics are measured, and a fingerprint is created and compared against the original fingerprint. Such techniques are described in detail in Fernandez U.S. Pat. No. 5,644,636, which is assigned to the assignee of the present invention and incorporated in its entirety herein by reference.
One advantage of such mediametric techniques is that some solid-state devices possess characteristics which will be altered by any tampering with the device. An EPROM or EEPROM, for example, includes memory cells in which data is represented by levels of trapped charges. The level of charge in a memory cell is established when data is written to the cell, but it is impossible to set a desired level of charge in a cell. However, once the data is written to the cell, the level of charge within the cell remains stable until data is again written to the cell. Moreover, the level of charge trapped within the cell can be measured precisely if appropriate access is given to the cell. It is therefore possible to determine the levels of charges within a cell after data has been written to the cell, and then store a representation of the level of charges for comparison with the actual level of charges present, in order to determine whether the data cell is authentic.
In the Fernandez patent cited above, the advantages of mediametric techniques are claimed and broadly addressed. In a preferred embodiment of that patent, those techniques have been implemented utilizing an analog port built into the memory to retrieve charge levels, and an analog to digital converter to convert the analog charge data to digital form for creation of a numerical fingerprint. Improved techniques for creating and evaluating a reference fingerprint based on charge levels in memory cells, wherein the levels of charges can be established without analog measurements or additional analog circuitry will be highly advantageous.
Levels of trapped charges in a memory cell may be determined by identifying a voltage of the cell. Identifying the voltage of a memory cell is accomplished by establishing a threshold required to represent a xe2x80x9c1xe2x80x9d and reading the voltage at the cell. If the voltage meets the threshold, the data in the cell is read as a xe2x80x9c1xe2x80x9d. If the voltage does not meet the threshold, the cell voltage is read as a xe2x80x9c0xe2x80x9d. This fact is employed in order to determine charge levels within memory cells without a need to use an analog port to allow measurements of charge levels within the cells. Instead, the voltage appearing at the data output of the memory array is read using differing thresholds in order to determine the voltage. In order to create a reference fingerprint for a memory array, data is written to selected cells within the array. After the data is written, it is read again. However, repeated read operations are performed, with the threshold used to establish a xe2x80x9c1xe2x80x9d being set low and then increased a small amount at each successive read. In this way, over a succession of read operations with changing thresholds, the charge level in each cell which is read can be established. For example, if a voltage representing data can range between 0 and 5.0 volts and the threshold is set at first to 0.1 volts, and then raised by 0.1 volts per iteration over 50 iterations of read operations, the voltage level of a cell can be established within 0.1 volts. Alternatively, depending on whether the cell contains a xe2x80x9c1xe2x80x9d or a xe2x80x9c0xe2x80x9d, the threshold can be set to the maximum possible value for a xe2x80x9c0xe2x80x9d and then adjusted downward through repeated iterations, or set to the minimum possible value for a xe2x80x9c1xe2x80x9d and then adjusted upward through repeated iterations. If it is not known initially whether the cell contains a xe2x80x9c1xe2x80x9d or a xe2x80x9c0xe2x80x9d, a conventional read operation can be performed in order to identify the data stored in the cell. This makes it possible to identify the voltage in the cell in fewer read operations than if the initial threshold were simply set at 0.0 volts and adjusted upward until it reached 5.9 volts.
Once the voltage level of the selected cells are established in this way, a reference fingerprint for the selected cells can be established and stored. Later, when the memory array is to be authenticated, the voltage levels of the selected cells are established using a similar succession of read operations. The voltage levels, once determined are then compared against the previously stored reference fingerprint.