(1) Field of the Invention
The present invention relates generally to integrated circuit cards (“ICCs”) or “smart cards”, and more particularly to a pseudo-random number sequence file for an integrated circuit/smart card that has a standard-compliant interface and that is operative to generate pseudo-random numbers within the integrated circuit/smart card for use in a variety of applications external and internal to the integrated circuit/smart card. The hardware and software features of the integrated circuit/smart card ensure the security of the functional characteristics and output of the pseudo-random number generator stored within the pseudo-random number sequence file of the integrated circuit/smart card while the standard-compliant interface facilitates the integration of the output of pseudo-random number sequence file into application programs and other security systems.
(2) Description of Related Art
Smart Cards:
Conventional integrated circuit cards (“ICCs”) or smart cards (the terminology ICC(s) and/or smart card(s) is used interchangeably herein to identify a plastic card with an embedded microchip) are typically credit card-sized, programmable computer devices having operatively coupled logic and memory circuitry. Smart cards can be configured to provide identification and cryptographic capabilities that support secure operation of or access to applications, other devices, files, services, and the like.
The smart card can include electrical interface contacts (“smart card with contacts”), which are exposed on an external surface of the card and configured to enable a smart card reader or other device to interact with the applications, features, files or other contents of the smart card. Alternatively, the smart card can communicate with the smart card reader using radio frequency transmissions (“contactless smart card”). The smart card reader may be further operatively coupled to a computer or other device that is programmed to interact with the smart card in some manner. The smart card reader can be part of a separate peripheral device or integrated into such a peripheral device. For example, a mobile telephone may include an integral smart card interface. In addition, the smart card can be either fixed in place or removable.
Smart cards are increasingly used in financial and commercial transactions in the place of magnetic stripe credit/debit cards. They are also employed in digital rights management applications such as in set top boxes (STBs) to authorize the reception and consumption of digital media. They are also used in identity and authentication applications where they store personal identification numbers (PIN) and biometric templates.
Rather than employing information encoded on a magnetic stripe, smart cards include a microprocessor and a memory element in a tamper-resistant and tamper-evident enclosure typically fabricated from a relatively-rigid plastic material. Using their microprocessor capabilities, smart cards can interact directly with computer applications and are able to securely communicate a broad and detailed range of information regarding cardholder identity, cardholder authorizations, transaction formation, or other information.
FIG. 1 (Prior Art) shows an exemplary smart card 10 with contacts. Substantially the size of a credit card, the smart card 10 includes a microprocessor 12 with an integral memory element and conductive contacts 13. Microprocessor 12 is typically a single wafer integrated circuit (IC) mounted on, or embedded within the body of the plastic card. The integral memory element provides storage capacity for, inter alia, the files and instruction sets (programs) of the smart card 10. Conductive contacts 13 provide an interface mechanism with a terminal (e.g., a card reader) to electrically transfer data between the terminal and the smart card. As noted above, some smart cards do not include conductive contacts 13, but instead transmit and receive information via electromagnetic mechanisms such magnetic or electrical fields or other proximate coupling means, or via radio or infrared transmissions or other remote coupling means.
FIG. 2 (Prior Art) shows an exemplary smart card 10 with contacts 13 that is used in a mobile telephone. The functional components of the smart card, a microprocessor 12 with an integral memory element and the contacts 13, are identical to the functional components shown in FIG. 1 and described above. Most of the plastic of the credit card has been removed to facilitate its placement inside the mobile telephone handset.
FIG. 3 (Prior Art) shows an exemplary “contactless” smart card 10 that might be used in a public transport system to hold tickets or other system use rights that includes a microprocessor 12 with an integral memory element, an embedded antenna 11, and contactless receptors 13 as described above.
Typical smart card operating systems support a modest file system. Because a smart card typically has no storage peripherals (such as the storage peripherals of a personal computer), a smart card file is typically just a contiguous block of smart card memory. Typical smart card operating systems support conventional file operations such as create, delete, read, write, and update on all files. In conventional smart card systems, associated with each file on a smart card is an access control list. This access control list records what operations, if any, each card identity or group of card identities is authorized to perform on any particular file. For example, identity A may be able to read a particular file but not update it, whereas identity B may be able to read, write, and even alter the access control list of the file.
ICCs or smart cards provide low-cost, portable, tamper-resistant and tamper-evident storage devices for data. They also contain a computational means to both control access to this data and to apply this data in information processing algorithms and applications. Given these capabilities, ICCs or smart cards can be used to store and apply electronic cash, cryptographic keys, sensitive personal information and cardholder authorizations. Such applications naturally require that this information cannot be read or altered without proper authorization, in particular by an unauthorized person in possession of the smart card.
Pseudo-Random Number Sequences:
A tamper-resistant source of pseudo-random numbers is of great utility in many data processing and information technology applications, particularly those that involve security, such as digital rights management, user and machine authentication, and cryptography. For example, a pseudo-random number sequence can be used to scramble an audio or video signal (digital rights management), provide unique passwords (authentication), or as a source of one-time encryption keys (cryptography).
A pseudo-random number sequence has the property that it is difficult to determine the nth number in the sequence even when all previous n−1 numbers are known. In other words, the sequence appears to be a random sequence of numbers even though it is actually produced by a formula/algorithm called a pseudo-random number generator. Since the nth number in the sequence can be determined if the generator formula is known, in security applications using pseudo-random number sequences it is important to ensure that the formula cannot be discovered.
It would be desirable to provide, in a smart card, a convenient and efficient method to produce pseudo-random number sequences, to implement pseudo-random number generators within the smart card and to provide a convenient and standard-based interface to pseudo-random number sequences and pseudo-random number generators as stored in a smart card.