WO2007015204A3 - A secure terminal, a routine and a method of protecting a secret key - Google Patents

A secure terminal, a routine and a method of protecting a secret key Download PDF

Info

Publication number
WO2007015204A3
WO2007015204A3 PCT/IB2006/052616 IB2006052616W WO2007015204A3 WO 2007015204 A3 WO2007015204 A3 WO 2007015204A3 IB 2006052616 W IB2006052616 W IB 2006052616W WO 2007015204 A3 WO2007015204 A3 WO 2007015204A3
Authority
WO
WIPO (PCT)
Prior art keywords
routine
secret key
software application
protecting
secure
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/IB2006/052616
Other languages
French (fr)
Other versions
WO2007015204A2 (en
Inventor
Jean-Philippe Perrin
Harald Bauer
Patrick Fulcheri
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
NXP BV
Original Assignee
NXP BV
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by NXP BV filed Critical NXP BV
Priority to JP2008524653A priority Critical patent/JP5114617B2/en
Priority to AT06780255T priority patent/ATE499658T1/en
Priority to EP06780255A priority patent/EP1913511B1/en
Priority to CN2006800286731A priority patent/CN101238473B/en
Priority to DE602006020288T priority patent/DE602006020288D1/en
Priority to US11/997,214 priority patent/US8689338B2/en
Publication of WO2007015204A2 publication Critical patent/WO2007015204A2/en
Publication of WO2007015204A3 publication Critical patent/WO2007015204A3/en
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • G06F21/73Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information by creating or determining hardware identification, e.g. serial numbers
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6209Protecting access to data via a platform, e.g. using keys or access control rules to a single file or object, e.g. in a secure envelope, encrypted and accessed using a key, or with access control rules appended to the object itself
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2143Clearing memory, e.g. to prevent the data from being stolen
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2149Restricted operating environment

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • Software Systems (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Mathematical Physics (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Storage Device Security (AREA)
  • Burglar Alarm Systems (AREA)
  • Fittings On The Vehicle Exterior For Carrying Loads, And Devices For Holding Or Mounting Articles (AREA)

Abstract

The method of protecting a secret key from being read by a non-secure software application, comprises a step (94) of recording the secret key as a routine stored in an executable-only memory. The routine having: load instructions to load the secret key into a memory readable by a secure and a non-secure software application, if the routine is called by the secure software application, and control instructions to leave only dummy data instead of the secret key in the readable memory if the software application calling the executable-only routine is the non-secure software application.
PCT/IB2006/052616 2005-08-03 2006-08-01 A secure terminal, a routine and a method of protecting a secret key Ceased WO2007015204A2 (en)

Priority Applications (6)

Application Number Priority Date Filing Date Title
JP2008524653A JP5114617B2 (en) 2005-08-03 2006-08-01 Secure terminal, program, and method for protecting private key
AT06780255T ATE499658T1 (en) 2005-08-03 2006-08-01 SECURE TERMINAL, ROUTINE AND METHOD FOR PROTECTING A SECRET KEY
EP06780255A EP1913511B1 (en) 2005-08-03 2006-08-01 A secure terminal, a routine and a method of protecting a secret key
CN2006800286731A CN101238473B (en) 2005-08-03 2006-08-01 A secure terminal and a method of protecting a secret key
DE602006020288T DE602006020288D1 (en) 2005-08-03 2006-08-01 SAFE DEVICE, ROUTINE AND METHOD FOR PROTECTING A SECRET KEY
US11/997,214 US8689338B2 (en) 2005-08-03 2006-08-01 Secure terminal, a routine and a method of protecting a secret key

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
EP05300649.0 2005-08-03
EP05300649 2005-08-03

Publications (2)

Publication Number Publication Date
WO2007015204A2 WO2007015204A2 (en) 2007-02-08
WO2007015204A3 true WO2007015204A3 (en) 2007-07-05

Family

ID=37708991

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IB2006/052616 Ceased WO2007015204A2 (en) 2005-08-03 2006-08-01 A secure terminal, a routine and a method of protecting a secret key

Country Status (8)

Country Link
US (1) US8689338B2 (en)
EP (1) EP1913511B1 (en)
JP (1) JP5114617B2 (en)
KR (1) KR100970040B1 (en)
CN (1) CN101238473B (en)
AT (1) ATE499658T1 (en)
DE (1) DE602006020288D1 (en)
WO (1) WO2007015204A2 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104978597A (en) * 2014-04-11 2015-10-14 恩智浦有限公司 Electronic circuit chip for RFID tag with read-only-once functionality

Families Citing this family (25)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7886162B2 (en) * 2007-05-29 2011-02-08 International Business Machines Corporation Cryptographic secure program overlays
US8433927B2 (en) * 2007-05-29 2013-04-30 International Business Machines Corporation Cryptographically-enabled privileged mode execution
US8422674B2 (en) * 2007-05-29 2013-04-16 International Business Machines Corporation Application-specific secret generation
US8332635B2 (en) * 2007-05-29 2012-12-11 International Business Machines Corporation Updateable secure kernel extensions
US8332636B2 (en) * 2007-10-02 2012-12-11 International Business Machines Corporation Secure policy differentiation by secure kernel design
US8826006B2 (en) * 2008-10-31 2014-09-02 Motorola Solutions, Inc. Method and device for enabling a trust relationship using an unexpired public key infrastructure (PKI) certificate
US8812959B2 (en) * 2009-06-30 2014-08-19 International Business Machines Corporation Method and system for delivering digital content
CN102056339B (en) * 2009-11-02 2015-06-03 中兴通讯股份有限公司 Mobile terminal and system data anti-cloning method thereof
US9047263B2 (en) * 2013-01-24 2015-06-02 Dell Products L.P. System and method for secure SMI memory services
KR20160039922A (en) * 2014-10-02 2016-04-12 삼성전자주식회사 Image processing apparatus and control method thereof
US9753863B2 (en) * 2014-12-27 2017-09-05 Intel Corporation Memory protection with non-readable pages
WO2016109558A1 (en) * 2014-12-29 2016-07-07 Rubicon Labs, Inc. System and method for secure code entry point control
GB201511385D0 (en) * 2015-06-29 2015-08-12 Nagravision Sa Secure programming of secret data
US10193872B2 (en) * 2015-08-12 2019-01-29 Cyphyx, Llc System and methods for dynamically and randomly encrypting and decrypting data
US10235303B2 (en) * 2015-09-10 2019-03-19 Qualcomm Incorporated Secure entry and exit for software modules protected by controlled encryption key management
US20180004946A1 (en) * 2016-07-01 2018-01-04 Intel Corporation Regulating control transfers for execute-only code execution
KR102432451B1 (en) * 2018-01-10 2022-08-12 삼성전자주식회사 Semiconductor device and method for operating semiconductor device
US10785028B2 (en) * 2018-06-29 2020-09-22 Intel Corporation Protection of keys and sensitive data from attack within microprocessor architecture
US12277234B2 (en) 2020-02-13 2025-04-15 Intel Corporation Cryptographic computing in multitenant environments
US11216366B2 (en) 2020-02-13 2022-01-04 Intel Corporation Security check systems and methods for memory allocations
WO2022139850A1 (en) 2020-12-26 2022-06-30 Intel Corporation Cryptographic computing including enhanced cryptographic addresses
US11972126B2 (en) 2021-03-26 2024-04-30 Intel Corporation Data relocation for inline metadata
US11954045B2 (en) 2021-09-24 2024-04-09 Intel Corporation Object and cacheline granularity cryptographic memory integrity
US12306998B2 (en) 2022-06-30 2025-05-20 Intel Corporation Stateless and low-overhead domain isolation using cryptographic computing
US12321467B2 (en) 2022-06-30 2025-06-03 Intel Corporation Cryptographic computing isolation for multi-tenancy and secure software components

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2003027815A2 (en) * 2001-09-21 2003-04-03 Infineon Technologies Ag Programme-controlled unit
US6704871B1 (en) * 1997-09-16 2004-03-09 Safenet, Inc. Cryptographic co-processor

Family Cites Families (28)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5778070A (en) * 1996-06-28 1998-07-07 Intel Corporation Method and apparatus for protecting flash memory
US6317742B1 (en) * 1997-01-09 2001-11-13 Sun Microsystems, Inc. Method and apparatus for controlling software access to system resources
US6609199B1 (en) * 1998-10-26 2003-08-19 Microsoft Corporation Method and apparatus for authenticating an open system application to a portable IC device
US6651171B1 (en) * 1999-04-06 2003-11-18 Microsoft Corporation Secure execution of program code
FR2792141B1 (en) * 1999-04-09 2001-06-15 Bull Cp8 METHOD FOR SECURING ONE OR MORE ELECTRONIC ASSEMBLIES IMPLEMENTING THE SAME CRYPTOGRAPHIC ALGORITHM WITH SECRET KEY, A USE OF THE METHOD AND THE ELECTRONIC ASSEMBLY
JP2002014871A (en) * 2000-06-29 2002-01-18 Fujitsu Ltd Content checking method, content updating method, and processing device
JP2002082909A (en) * 2000-09-07 2002-03-22 Fujitsu Ltd Information management device and information management system
JP3666400B2 (en) * 2001-03-07 2005-06-29 オムロン株式会社 Monitoring device and method, recording medium, and security system
JP2002351563A (en) * 2001-05-30 2002-12-06 Canon Inc Information processing apparatus, information processing method and program
JP3773431B2 (en) * 2001-09-20 2006-05-10 松下電器産業株式会社 Key mounting system, LSI for realizing the same, and key mounting method
JP4145118B2 (en) 2001-11-26 2008-09-03 松下電器産業株式会社 Application authentication system
JP3904921B2 (en) * 2001-12-27 2007-04-11 株式会社 エヌティーアイ Information processing apparatus and access control method
US7313705B2 (en) * 2002-01-22 2007-12-25 Texas Instrument Incorporated Implementation of a secure computing environment by using a secure bootloader, shadow memory, and protected memory
US20030154355A1 (en) * 2002-01-24 2003-08-14 Xtec, Incorporated Methods and apparatus for providing a memory challenge and response
JP3863447B2 (en) * 2002-03-08 2006-12-27 インターナショナル・ビジネス・マシーンズ・コーポレーション Authentication system, firmware device, electrical device, and authentication method
US7162644B1 (en) * 2002-03-29 2007-01-09 Xilinx, Inc. Methods and circuits for protecting proprietary configuration data for programmable logic devices
JP3950010B2 (en) * 2002-05-17 2007-07-25 株式会社エヌ・ティ・ティ・ドコモ Data processing apparatus, program, and recording medium
JP3979194B2 (en) * 2002-06-25 2007-09-19 ソニー株式会社 Information storage device, memory access control method, and computer program
JP2004046532A (en) * 2002-07-11 2004-02-12 Ricoh Co Ltd Information processing apparatus, information processing method and recording medium
US7826613B2 (en) * 2002-08-19 2010-11-02 Qualcomm Incorporated Stream cipher cryptographic system and method
FR2845493A1 (en) * 2002-10-04 2004-04-09 Canal Plus Technologies ON-BOARD SOFTWARE AND AUTHENTICATION METHOD THEREOF
ITTO20020939A1 (en) * 2002-10-30 2004-04-30 Tecnost Sistemi S P A DISTRIBUTED SYSTEM FOR ISSUE OF VALUES AND SECURITIES
DE10251839A1 (en) * 2002-11-07 2004-05-19 Robert Bosch Gmbh Motor vehicle microcontroller control method, involves checking re-writable area with check program and triggering RESET if checked area is manipulated or counter overflows
FR2849311B1 (en) * 2002-12-18 2005-04-15 France Telecom METHOD FOR COMMUNICATION BETWEEN TWO UNITS, AND TERMINAL USING THE METHOD
US7051251B2 (en) * 2002-12-20 2006-05-23 Matrix Semiconductor, Inc. Method for storing data in a write-once memory array using a write-many file system
JP4067985B2 (en) * 2003-02-28 2008-03-26 松下電器産業株式会社 Application authentication system and device
US7107388B2 (en) * 2003-04-25 2006-09-12 Intel Corporation Method for read once memory
US20060004829A1 (en) * 2004-05-27 2006-01-05 Silverbrook Research Pty Ltd Rolling keys

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6704871B1 (en) * 1997-09-16 2004-03-09 Safenet, Inc. Cryptographic co-processor
WO2003027815A2 (en) * 2001-09-21 2003-04-03 Infineon Technologies Ag Programme-controlled unit

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104978597A (en) * 2014-04-11 2015-10-14 恩智浦有限公司 Electronic circuit chip for RFID tag with read-only-once functionality

Also Published As

Publication number Publication date
JP2009504061A (en) 2009-01-29
ATE499658T1 (en) 2011-03-15
US8689338B2 (en) 2014-04-01
EP1913511B1 (en) 2011-02-23
CN101238473B (en) 2011-10-26
JP5114617B2 (en) 2013-01-09
WO2007015204A2 (en) 2007-02-08
DE602006020288D1 (en) 2011-04-07
KR20080031998A (en) 2008-04-11
KR100970040B1 (en) 2010-07-16
US20080229425A1 (en) 2008-09-18
EP1913511A2 (en) 2008-04-23
CN101238473A (en) 2008-08-06

Similar Documents

Publication Publication Date Title
WO2007015204A3 (en) A secure terminal, a routine and a method of protecting a secret key
WO2005086802A3 (en) Linked account system using personal digital key (pdk-las)
MXPA05007150A (en) Policy engine and methods and systems for protecting data.
WO2003090402A8 (en) Initializing, maintaining, updating and recovering secure operation within an integrated system employing a data access control function
TW200636461A (en) Non-volatile memory and method with improved indexing for scratch pad and update blocks
WO2005078651A3 (en) Use of a digital signature obtained from at least one structural characteristic of a hardware element in order to protect direct reading of sensitive information and method for reading protected sensitive information
WO2003005208A1 (en) Recording device, recording method, storage medium, program, and communication device
WO2006034399A3 (en) Secure software execution such as for use with a cell phone or mobile device
WO2008061652A3 (en) Coding method, decoding method, codec and data storage medium for holographic storage
WO2007142615A3 (en) System and method for intelligence based security
WO2008038242A3 (en) A secure non-volatile memory device and a method of protecting data therein
WO2007019303A3 (en) Business intelligence system and methods
EP1560120A4 (en) ACCESS METHOD
WO2007041501A3 (en) Secure execution environment by preventing execution of unauthorized boot loaders
WO2006008116A3 (en) Method for providing protected audio/video content
PL2060117T3 (en) Security processor and recording method and medium for configuring the behaviour of this processor
WO2008081801A1 (en) Information terminal, security device, data protection method, and data protection program
EP1696359A3 (en) Portable information terminal and data protecting method
WO2008092167A3 (en) Protecting secrets in an untrusted recipient
WO2006012070A3 (en) Conditional instruction for a single instruction, multiple data execution engine
WO2004010300A3 (en) Method to secure the execution of a program against attacks
WO2005074565A3 (en) Simplified control system for electronic media
TW200615797A (en) Computer-working-environment apparatus
TW200636467A (en) System for restricted cache access during data transfers and method thereof
BRPI0606404A2 (en) method and apparatus for protecting shared data, method and apparatus for reproducing recording medium using local storage

Legal Events

Date Code Title Description
WWE Wipo information: entry into national phase

Ref document number: 2006780255

Country of ref document: EP

121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 06780255

Country of ref document: EP

Kind code of ref document: A2

WWE Wipo information: entry into national phase

Ref document number: 2008524653

Country of ref document: JP

WWE Wipo information: entry into national phase

Ref document number: 200680028673.1

Country of ref document: CN

NENP Non-entry into the national phase

Ref country code: DE

WWE Wipo information: entry into national phase

Ref document number: 11997214

Country of ref document: US

WWE Wipo information: entry into national phase

Ref document number: 1854/DELNP/2008

Country of ref document: IN

WWP Wipo information: published in national office

Ref document number: 2006780255

Country of ref document: EP