1. Field of the Invention
The present invention is directed to a security module with protection of the postal registers against tampering and to a method for securing postal registers against tampering particularly suited for use in a postage meter machine or a mail processing machine or a computer with mail-processing capability.
2. Description of the Prior Art and Related Subject Matter
A large variety of protection measures are known for protecting against outages or disturbances of intelligent electronic systems.
European Application 417 447 discloses the use of special modules in electronic data processing systems which are equipped with means for protecting against an invasion into their electronics. Such modules are referred to as security modules below.
Modern postage meter machines or other devices for franking postal matter are equipped with a printer for printing the postal value stamp onto the postal matter, a controller for controlling the printing and the peripheral components of the postage meter machine, an accounting unit for debiting postage fees that are maintained in non-volatile memories, and a unit for the cryptographic protection of the postage fee data. A security module (European Application 789 333) can include a hardware accounting unit and/or a unit for securing the printing of the postage fee data. For example, the former can be realized as application specific integrated circuit (ASIC) and the latter can be realized as an OTP (one-time programmable) processor. The internal OTP-ROM stores sensitive data (cryptographic keys) secured against read out that are required, for example, for reloading a credit. An encapsulation with a security housing offers further protection.
Further measures for protecting a security module against an attack on the data stored therein are described in German Applications 198 16 572.2, and 198 16 571.4, as well as co-pending U.S. application Ser. No. 09/522,619 (filed Mar. 10, 2000) and Ser. No. 09/522,620 (filed Mar. 10, 2000) and Ser. No. 09/522,621 (filed Mar. 9, 2000), and German Utility Model application 299 05 219.2. A pluggable security module can assume various states in its life cycle. A distinction can be made as to whether the security module is functioning or malfunctioning. It is assumed that the hardware circuitry of this module is adequately protected against tampering, so this is not separately monitored. Any software-controlled operation is only considered error-free only as long as the original programs, remain intact which must therefore be protected against manipulation.
As is known, a MAC (Message Authentification Code) is utilized for protecting the postal register data in postage meter machines, for example in the Model T1000 sold by Francotyp-Postalia AG and Co. (described in European Application 762 338, and U.S. Pat. No. 5,805,711). In this way, the microprocessor of the security module also can check the validity (freedom from tampering) of the postal registers before an accounting operation. The microprocessor calculates a MAC over the data in the postal registers and compares this MAC to a comparison MAC that was already stored earlier for these postal registers. An accounting subsequently ensues. After this, the microprocessor must re-calculate the comparison MAC for the postal registers that have been modified by the ASIC in order to update it. During the time from the start of the accounting until the write-in of the new comparison MAC, however, the postal registers can be manipulated by a person with memory access without this being recognized by the microprocessor.
An object of the present invention is to enhance the security o a security module in the accounting procedure.
Such a method and module should, with minimum outlay, enable a maximum protection against a manipulation of the stored data. The method and module should be employable, for example, in postage meter machines for which there are special security demands with respect to the postal register data since, in particular, the monetary accounting data must be incapable of being manipulated.
The inventive method and security module achieve this object by implementing two time-offset accounting operations with different data processing units or computers.
A pre-condition for an advance calculation of a postal register setting is a code that is already present at the beginning, for example an authorization code (MACold) that allows the validity of a previous postal register setting and thus of the preceding accounting data (postal register data), to be checked in a way that is known. Given validity thereof, the first computer undertakes an advance calculation of a postal register setting with the standard postal register data and, if warranted, calculation of an appertaining checksum in a known manner, but without storing the postal register setting in the non-volatile memory for the accounting data. A code is then formed based on the postal register setting calculated in advance. Preferably, a microprocessor of a security module, referred to below as a module processor, is used for this purpose. For example, the code can be a standard message authorization code (MACnew) or can exist in some other embodiment such as, for example, Cipher Block Changing (CBC) or Electronic Code Block (ECB) authorization code or a digital signature. Symmetrical as well as asymmetrical encryption algorithms can be utilized. When the module processor, for example before the beginning the advance calculation, has checked the validity of the old postal register setting by calculating a code (MAC) and by comparing this code (MAC) to the stored code (MACold), it calculates the new authorization code (MACnew) appertaining to the next accounting operation in advance in the secure memory area before the main accounting, which a second computer implements, is initiated. An application-specific processing unit (ASIC) of the security module is preferably used for this purpose, this including a hardware accounting module and writing the accounting data into the non-volatile memories for the postal register data. Before or at the end of the main accounting, the module processor now also stores the code (MACnew) calculated in advance as the current valid code (MAC) in at least one of the non-volatile memories and allocated to the postal register data. Differences compound to known procedures thus are the point in time of the MAC calculation preceding the main accounting, and the source of the MAC calculation, i.e. the module processor, which also calculates the postal register accounting data for the MACnew in advance.
The aforementioned method is repeated when the next accounting ensues. Tampering which occurs during the accounting can be detected with the inventive method due to the checking of both codes (MACs). Since the sources for the respective MAC calculation of the two comparison values are different, the two codes (MACs) to be compared must be identical. Given the assumption that no error occurs in the accounting by the application-specific processing unit (ASIC), it can only be as a result of the tampering if the two codes (MACs) do not coincide.
Another advantage of this method is that two codes (MACs) exist upon turn-on (power on), i.e., one that is valid for the postal registers in case the accounting was not completely ended, and one that is valid for the postal registers if the accounting was ended but the new code (MAC) was not yet capable of being written.
At least one postal register setting thus must exist whose code coincides with one of these two. The latter is the valid, non-manipulated register setting and can be used as a reference. Otherwise, tampering has occurred. The method secures the postal register data with a code at every point in time. Tampering on the basis of a manipulation of the register data at an arbitrary point in time can no longer remain undetected.
These advantages also apply when an asymmetrical encryption algorithm is employed for generating a digital signature. A hash function is first applied to the postal register data, and the data generated in this way are encrypted with a private key to form a digital signature. The advantage of the signature is that public keys, without being kept secret, can be employed for deciphering the signature for the purpose of verifying the postal register data. This allows recovery possibilities given a malfunctioning security module from which the register data are read out via an interface.
The inventive security module, for example for a postage meter machine, performs the function of an accounting, particularly of postage fees, with cryptographic protection and/or additional security functions.
The security module is inventively characterized by having its own indicator that, given direct drive by the module processor of the security module, allows an identification of the current condition of the security module. The module processor implements monitoring and signaling of the module condition and is activated only when the security module is supplied with system voltage, in order to preserve the battery. The module processor monitors the hardware accounting unit, memories and assemblies with respect to further functions. Thus the availability of the system is not the primary consideration but rather the dependable recognition of malfunctions or outages as well as a suitable reaction thereto, as is the case particularly for events which are security-sensitive but somewhat non-critical as to time.