Portable tamper-resistant devices are small devices comprising a memory, a microprocessor and an operating system for computing treatments. Such secure elements may comprise a plurality of memories of different types, like non-volatile memory and volatile memory. They are tamper-resistant (or “secure”) because they are able to control the access to the data they contain and to authorize or not the use of data by other machines. A portable tamper-resistant device may also provide computation services based on cryptographic components. In general, portable tamper-resistant devices have limited computing resources and limited memory resources and they are intended to be connected to a host machine which provides them with electric power. For example, smart cards are a kind of portable tamper-resistant devices.
A portable tamper-resistant device may contain applications and their associated applicative data which encompass user data, file systems and secret key.
A portable tamper-resistant device may contain a real-time clock—also named RTC—which may be used to compute data based on a time reference. For example, such RTC may be used to generate time-based One Time Password (OTP) that are valid during a preset duration.
The RTC is powered by a power source embedded in the portable tamper-resistant device. Thus the RTC is continuously running even if no power is provided by another device (such as a reader intended to communicate with the portable tamper-resistant device).
Due to physical RTC characteristics, the time value provided by a RTC generally deviate from a fully reliable clock reference. The difference between them is known as the drift. The drift increases over time and can depend on the temperature for example. The drift can become unacceptable (out of tolerance range) for some applications. For instance, the drift may grow by two seconds each day leading to a huge gap.
It is known to send a synchronization command from a server to a portable device for updating the current time of the RTC in order to remove the drift. In this case, the server has to take care of the synchronization need for the device since it must regularly send specific synchronization commands. Moreover, this burden can be very big for a server intended to manage a large fleet of portable devices.
There is a need for allowing an automatic synchronization of the RTC of a portable device irrespective of sending of commands dedicated to synchronization by a server.