1. Field of the Invention
The present invention relates to a method and device to increase the protection of a chip or memory card.
It is especially applicable to the making of microcircuit-based cards known as chip cards, used chiefly in fields where access to information or to services is strictly controlled.
These are, in particular, credit cards in the field of banking, electronic badges used for subscriber television and for the distribution of gasoline and fuel, electronic cards providing access to the telephone system or again electronic cards providing access to certain data banks.
2. Description of the Prior Art
In its broadest definition, a memory card has a storage device and a processing element formed by a microprocessor or any equivalent device, coupled to each other by a data and/or address bus that also connects the microcircuit thus formed to writing and reading devices external to the card. The storage device generally includes a ROM or EPROM type non-volatile memory in which microprograms needed for the working of the processing element are recorded and, as the case may be, it includes a RAM type volatile memory for the memorizing of the data and the instructions specific to the application reserved to the memory card. In the non-volatile memory there are also stored, firstly, the secret code identifying the bearer of the card with, if necessary, a ciphering program for the obtaining of a signature computed on the basis of the secret code and, secondly, instructions of the application program itself. This signature is itself loaded into the volatile memory. Since the card has, firstly, the application program and, secondly, a ciphering algorithm identical to the one with which the signature has been prepared, it is enough, at each use, to ascertain that the new computation of the signature, on the basis of the instructions of the program and of the secret code, is truly equal to the signature that has been already recorded.
Although the nature of memory cards made in this way is such that it is difficult for them to be used by a fraudulent individual, the user is generally allowed to make only a limited number of attempts to use his secret code in order to obtain access, with his card, to the services or information that he is seeking. Once this number of attempts is over, the card is generally confiscated. This safety arrangement, which has the effect of protecting bearers of cards and providers of services against ill-intentioned users, proves to be inefficient when these ill-intentioned users possess improved electronic means enabling them to discover the secret codes enclosed in the cards as well as their different functions. For, it is indeed possible, by examining the responses given by the processing unit of the card to the different external demands made on it, to discover not only the secret code enclosed in the cards but also the functions of the application program itself which is stored in the card. After each tabulation of a secret code, permission to have access to a service requested by a card-holder is generally given after the reception of an end-of-control message which is issued by the card after a ratification procedure, within a predetermined time limit following each attempt. However, this end-of-control message is given within a period that varies according to whether the attempt has been successful or not. This operation thus leaves fraudulent persons, having sophisticated means, with the possibility of finding the secret codes by methodically trying out every possible code for example, and noting down the time taken by the card to emit the end-of-control message each time they present the card. At present, the time needed to obtain an end-of-control message is about 200 ms when the secret code is correct, and it is about 180 ms when the code is not correct. Naturally, a solution to this problem can be found by making the time taken for the end-of-control message equal to 200 ms in both cases. However, this is not desirable in the applications themselves as it dictates the writing, in the program memories, of codes that consume more memory space. And, above all, such a condition would be almost impossible to achieve in practice as the durations of the program phases up to the end-of-control stage vary greatly: this is because the number of program steps varies in each case.
The above observations also apply to other functions of the application program stored in the card whenever the execution of one of these functions calls for the sending back of an acknowledgment in the form of an end-of-control signal. In this case, a pirate who knows the specific periods of time taken by a card to respond to control signals relating to an application would have no difficulty in re-creating the corresponding application program.
The aim of the invention is to overcome the above-mentioned drawbacks.