This invention concerns the field of smart cards.
These cards are presented in the form of a compact module comprising a great number of electronic elements such as memories, microprocessors, modem. As technology progresses rapidly, performances reserved yesterday for big systems are from now on available in smart cards.
The standard ISO 7816 defines the interfacing of such a card that is carried out by the mean of a rosette of 8 contacts whose functions are defined by the standard.
The idea of such a card has been dictated by the need to have portable data supports that offer great security as to the protection of these data. Apart from their structures, they are used for storage and processing applications that need few inputs-outputs. In fact, according to standard ISO 7816, only one connection is used for this function in a bi-directional mode in half-duplex mode.
In this way, the evolution of these cards is limited by this structure limiting their use to control applications while the fast data processing is carried out in other units.
This is particularly the case in pay television, where the signals are coded by a key that varies with the time. In the flow of audio-video data arriving at the decoder are added management messages (EMM) that contain the keys in encrypted forms. When such a message is recognised it is directed to the smart card serving as security module.
In this embodiment, the smart card contains the different keys that allow to decrypt these messages and to verify if the subscriber has enough rights to view these data. If it is so, the card sends again information allowing the decoder to decode the coded data.
This method has several drawbacks. The first one is that it must supply the keys in clear to a decoder that is not considered as a secure element. This is also the reason why the keys are changed at regular intervals, typically every second. Although this structure is satisfactory in many respects it has a real problem in other applications, for example in the case of data storage. In this type of application, the notion of duration of the validity of a key disappears and is associated to the coded data, a key that only the smart card can decode.
It is well understood that the fact of supplying the key to the decoder, a computer in this example, implies a risk that said key be intercepted by a third person and disclosed without control.
In order to solve this problem, a possible solution is to decode the data directly in the smart card. In this way the coding key does not exit the card, because this key is used directly inside the card to process the coded data.
This type of use rapidly comes up against the physical constraints of the card ISO 7816 whose port I/O has a transfer rate of about 10 to 100 Kbits/sec.
The same type of problem arises when using a non-contact card of the type ISO 14443. The transfer rates being about 106 to 425 Kbits/sec.
Any structural modification of the card is confronted with a problem of compatibility with the readers ISO 7816 and ISO 14443 that will not understand this new specification.
The aim of the invention is to have a smart card that respects the compatibility with the existing readers and that proposes other services, particularly the possibility of decoding the coded data inside the card at the speed required by the data rate.
This aim is achieved by a smart card comprising a rosette of eight contacts ISO 7816 and at least one standard bi-directional channel, characterised in that it comprises a high speed channel linked to non used connections.
By non used connections we mean connections that do not have particular functions by the standard or connections that are no longer used in the present generations of cards.
In this category we find well understood the two connections RFU (Reserved for Future Use) as well as the connection Vpp that allowed to supply the non volatile memories with a voltage higher than 5V (normally from 12V to 21V). With the coming of new technologies of non volatile memories such as NVRAM, EEPROM or FLASH, this voltage is generated by the card itself, and this connection is no longer used nowadays.
Thanks to the use of these supplementary lines it is possible to define a protocol that is different to those used in the standard ISO 7816 and thus opens the field to other applications.
The available of three connections allow a high speed link thanks to a clock line (CLK), an input line (IN), and an output line (OUT). It is possible to use together the different access channels of the card, for example by the standard channel functioning bidirectionally by an I/O line. This high speed channel adds functions to those already existing, for example a high speed coding-decoding module.
The use of this high speed channel has consequences on the architecture of the card. From now on it is possible to propose a decoding (or coding) module that is totally carried out in inside the card. For this purpose the data arriving through the fast channel are directed towards a specialized decoding module. In fact, these data do not have to necessarily travel through the microprocessor, they can go directly to the specialized decoding module by an internal fast bus.
To this end, the smart card according to the invention comprises multiplexing means that allow a direct access between the fast channel and one or several specialized modules. These means also allow to direct the fast channel stream towards the microprocessor if necessary. If certain microprocessors cannot process data at speeds of several Mb/s, other more developed versions make this processing possible and can substitute certain specialized modules. Thus, the microprocessor, by software (programmable), will be able to be substituted in the specialized modules carrying out mathematical operations thanks to electronic circuits (non programmable).
According to the invention, the multiplexing means allow to serialize several specialized modules. The card according to the invention can comprise a first data compression module whose output is directed towards a coding module.
During the processing of data by the bias of the fast channel the other communication means remain available, particularly the I/O link described in the standard ISO 7816 or the non contact link of the type ISO 14443. It is thus possible to transfer the control information by these means, said information being used for the transmission of management information of the card, such as for example the parameters of the decoding modules or the rights attached to these parameters.
According to the invention, the multiplexing means comprise extraction and injection means in order to separate certain types of data from the data stream. A digital data stream for pay television comprises useful data such as audio or video and control data. When this flow is directed to the fast channel it is necessary to extract the control data that contain the information on the decoding keys as well as various management information.
This extraction and injection module is customized by the microprocessor and when a message corresponds to the recognition criteria, this message is directed towards the microprocessor.
The data processed by such a card are generally organised in blocks. Each block begins by a block identifier and describes the type of information contained in said block.
In the reverse function, that is the coding of data, this module can insert control data in the stream arriving from the fast bus. These control data are generated by the central unit for example to qualify the data flow, transmit the control words in coded form, or transmit routing information. To this respect, this module comprises a buffer memory that receives the blocks of data coming from the fast bus and the blocks of data coming from the central unit. If the buffer memory contains a block of control data, it is inserted in the stream at the end of a block of data coming from the fast bus. This flow is then transmitted towards the shaping module to be directed towards the fast output port.
Thanks to this structure it is possible to process all the stream inside the smart card, in this way greatly increasing the security of the data. It is also possible to create a complete stream of coded or decoded data inside the card including the management information such as the control words.
According to an embodiment, the fast channel follows the USB standards (Universal Serial Bus). The particularity of this interface is that the signals use two connections, one for the incoming data (IN) and the other for the outgoing data (OUT).
The smart card according to the invention comprises a module of protocol detection that enables it to adapt itself to the USB protocol and that converts it in the internal protocol of the smart card, for example by regenerating the clock.