1. Field of the Invention
The present invention generally relates to producing hard-to-imitate “smart cards” (e.g., so-called “wise cards”), and to producing smart cards whose clones would be of limited value, as would be tampering with the card.
2. Description of the Related Art
Smart cards have been proposed as a technology offering the possibility of secure off-line transactions. However, recently, several successful attacks on conventional smart cards have been reported (e.g., see R. Anderson, M. Kuhn; “Tamper Resistance—A Cautionary Note.” The Second USENIX Workshop on Electronic Commerce. November 1996, R. Anderson, M. Kuhn; “Low Cost Attacks on Tamper Resistant Devices.” Preprint. 1997, and P. Kocher, J. Jaffe and B. Jun; “Introduction to Differential Power Analysis and Related Attacks” Manuscript, Cryptography Research, Inc. 1998.).
One such reported attack allows cracking of the digital code which is supposed to warranty the security of the card, by inferring conclusions of the code from observations of electrical currents, power consumption, and other electromagnetic manifestations in the card during use. Other low-cost attacks are similarly known on current smart card technology.
This has generated much publicity and some skepticism on the part of users. For example, the attack mounted by Paul Kocher of Cryptography Research was made very well-known to the public by the publication of a paper by Peter Wayner on this attack on pages D1–D2 of the New York Times of Monday, Jun. 22, 1998.
Given the benefits that banks, credit cards companies, and other users were expecting from a wide acceptance of the security offered by smart cards, it is important to be able to overcome the lack of security (both real and perceived) offered by present smart card technology.
Indeed, several improvements of the original design have been proposed (and this process may continue in the future). However, since the above-described, successfully mounted attack only needs some of the electrical analysis and possibly the physical attacks one could perform on smart cards, the desired level of confidence is not likely to be restored so long as solutions only advance the original (and conventional) idea of enclosing all of the security in the card.
It is noted that by using, for example, some zero-knowledge protocol, a smart card can be authenticated but, reputedly, cannot be duplicated. A general reference to smart card technology and applications can be found in “Smart Cards: A Guide to Building and Managing Smart Card Applications,” by Henry Dreifus and J. Thomas Monk, John Wiley & Sons, 1998. It is noted, that, in the rest of the present disclosure, any electronic component using such technology and which has some memories and/or some processing capabilities, will be called “a smart component” or “a chip” or “a smart card”, even if it does not actually take any form resembling a card.
One of the main virtues attributed to smart cards is that some transactions based on smart cards, such as payments and authentication, can be performed using the smart card, without connection to a database. Of course, this freedom from a link to a database only has value as long as the secrets in the card resist attacks. One can try to modify the smart card technology so as to reach a level of security considered sufficient. Such an approach is taken for example in U.S. patent application Ser. No. 09/397,503 entitled “METHOD AND APPARATUS FOR PRODUCING DUPLICATION- AND IMITATION-RESISTANT IDENTIFYING MARKS ON OBJECTS, AND DUPLICATION- AND IMITATION-RESISTANT OBJECTS” by N. Amer et al, assigned to the present assignee and incorporated herein by reference. That approach requires a smart card reader with quite different characteristics than those of present smart card readers.
Another approach, used in the present invention, sacrifices part of the full off-line usability of smart cards to insure accrued security.
Thus, improvements in the security of smart cards are surely useful, but some radically new approaches must be used. One approach may include ensuring the physical security of the card, but this might not be enough to prevent producing huge amounts of false smart cards once one of them has been successfully attacked.
Hence, in conventional cards, counterfeiting/duplication is not rendered difficult since confidential information is carried on the card and an unscrupulous person may find the information simply by looking at/reading the energy construction inside of the card. That is, with a plurality of readings of the card, the information held within the card can be easily detected.
However, no conventional method (and system) has addressed such problems.