1. Field of the Invention
The present invention concerns a method to obtain a secure counter on an embedded computer system having a chip card.
Its object is more particularly to provide an embedded environment (notably a mobile phone) with access to a monotonic counter that cannot be forged, residing on a chip card.
2. Description of the Prior Art
Generally, it is known that a monotonic counter is a counter which guarantees that its values changes with each call, i.e., it never gives the same value twice. Said counters are highly useful in computer systems to generate unique identifiers for example, and to combat so-called “replay” security attacks (an attacker who identifies an authorized value at a time t can, at a time t+ delta, “replay,” i.e., give the previously detected value, in the hope that it is still authorized by the system).
Monotonic counters are also mostly incremental, since this does not give rise to any particular implementation difficulty. In this case, the counter also provides the guarantee that at each call it gives a higher value than for the preceding call. Time for example is a universal incremental source. Incremental monotonic counters are of particular interest to order events in relation to each other. For example, in some time-dating systems it is simply desired to know that document A was archived before document B. Rather than using an internal clock (which is generally costly, imprecise and non-secure, in that an attacker could change the time at will), computer systems frequently use an incremental monotonic counter.
Incremental monotonic counters are also highly desirable in the area of Digital Rights Management (DRM) notably to control that music previously played can no longer be played once related rights have expired.
In the remainder of this description, an incremental monotonic counter will be called a “monotonic counter”.
While a monotonic counter on a personal computer (PC) does not give rise to any real difficulty, its integration in embedded environments (e.g. mobile telephone) is a much more complicated matter however. To produce a monotonic counter, a persistent memory zone is required with several re-write possibilities (to save the value of the counter when it is not powered up). Integration of a re-writable persistent memory into an embedded environment entails a non-negligible financial cost that is higher the more the equipment concerned is intended to be deployed on a large scale (e.g. a surcharge for millions of mobile phones). And yet embedded environments—like other computer systems—need monotonic counters, and market demand is no doubt higher in terms of DRM (games for portable video consoles, listening to music on mobile phones, iPod (trademark), etc).