Title of Invention	A METHOD OF VERIFYING THE INTEGRITY OF AN ENCRYPTION KEY OBTAINED BY COMBINING KEY PORTIONS
Abstract	ABSTRACT A METHOD OF VERIFYING THE INTEGRITY OF AN ENCRYPTION KEY OBTAINED BY COMBINING KEY PORTIONS The method of verifying the integrity of an encryption key (K) obtained by combining at least two key portions (KM, M) in a protected zone (3) by using a commutative operator, comprises the steps of: using the commutative operator to perform a first combination between a key portion (KM) and a verification encryption key (Kv); using the commutative operator to perform in succession a combination between a key portion that has not yet been combined and a result obtained by an immediately preceding combination, until a last combination (Mv) is performed that includes all of the key portions; performing a combination in the protected zone (3) between the encryption key (K) to be verified and the last combination (Mv) of the verification encryption key (Kv) and the key portions (KM, M) in order to obtain a final verification key (Kf); encrypting verification data (Dv) by means of a symmetrical encryption algorithm (DES) using the final verification key (Kf); and making a comparison with a verification encryption (Cv) obtained by direct encryption of the verification data (Dv) by means of the verification encryption key (Kv).

Title of Invention

A METHOD OF VERIFYING THE INTEGRITY OF AN ENCRYPTION KEY OBTAINED BY COMBINING KEY PORTIONS

Abstract

ABSTRACT A METHOD OF VERIFYING THE INTEGRITY OF AN ENCRYPTION KEY OBTAINED BY COMBINING KEY PORTIONS The method of verifying the integrity of an encryption key (K) obtained by combining at least two key portions (KM, M) in a protected zone (3) by using a commutative operator, comprises the steps of: using the commutative operator to perform a first combination between a key portion (KM) and a verification encryption key (Kv); using the commutative operator to perform in succession a combination between a key portion that has not yet been combined and a result obtained by an immediately preceding combination, until a last combination (Mv) is performed that includes all of the key portions; performing a combination in the protected zone (3) between the encryption key (K) to be verified and the last combination (Mv) of the verification encryption key (Kv) and the key portions (KM, M) in order to obtain a final verification key (Kf); encrypting verification data (Dv) by means of a symmetrical encryption algorithm (DES) using the final verification key (Kf); and making a comparison with a verification encryption (Cv) obtained by direct encryption of the verification data (Dv) by means of the verification encryption key (Kv).

Full Text	A METHOD OF VERIFYING THE INTEGRITY OF AN ENCRYPTION KEY OBTAINED BY COMBINING KEY PORTIONS The present invention relates to a method of verifying the integrity of an encryption key obtained by combining key portions and used in association with a symmetrical encryption algorithm. It is known that an encryption algorithm operates by means of a key, which constitutes an element that is essential for ensuring that the encryption is secure. Various means are known for attempting fraudulently to obtain the key associated with an encryption algorithm. One such means comprises analyzing electrical or electromagnetic phenomena that occur when the key is transferred from storage in a read-only memory to a read/write memory or from the read/write memory to a register. In order to combat that method of attack, it is known to subdivide the key into a plurality of portions, generally two portions, that are combined by means of an operator, e.g. the commutative EXCLUSIVE OR operator, in a read-protected zone in which the algorithm is implemented. Another means for reconstituting the key consists in provoking disturbances in the key and in analyzing the consequences on the encryption of a data item that is used repetitively which provoking successive disturbances to the encryption key. To prevent an attacker from performing successive disturbances to the key, it would be desirable to be able to verify the integrity of the key when implementing the encryption algorithm. Unfortunately, combining key portions in a protected zone that is not accessible for reading prevents any reading back of the key in order to verify its integrity. An object of the invention is to propose a method of verifying the integrity of an encryption key obtained by combining a plurality of key portions in a protected zone by using a commutative operator in association with a symmetrical encryption algorithm. SUMMARY OF THE INVENTION In order to achieve this object, the invention provides a method comprising the steps of: using the commutative operator to perform a first combination between a key portion and a verification encryption key; using the commutative operator to perform in succession a combination between a key portion that has not yet been combined and a result obtained by an immediately preceding combination, until a last combination is performed that includes all of the key portions; performing a combination in the protected zone between the encryption key to be verified and the last combination of the verification encryption key and the key portions in order to obtain a final verification key; encrypting verification data by means of a symmetrical encryption algorithm using the final verification key; and making a comparison with a verification encryption obtained by direct encryption of the verification data by means of the verification encryption key. Thus, when the key to be verified has not been disturbed, the final verification key is equivalent to the verification encryption key, and the encryption of the verification data is then identical to the verification encryption. Otherwise, if the encryption key has been disturbed, then the final verification key is not equivalent to the verification encryption key and a difference is detected between the encryption of the verification data and the verification encryption. It is then possible to draw the conclusions there from, for example blocking the encryption algorithm so as to prevent an attacker from continuing the succession of tests that would enable the attacker to reconstitute the encryption key. Preferably, at least one of the combinations preceding the last combination between the key portions and the verification key is performed outside the protected zone. This minimizes the means that need to be implemented in the protected zone. BRIEF DESCRIPTION OF THE DRAWING Other characteristics and advantages of the invention appear on reading the following description of a preferred, non-limiting implementation of the invention with reference to the accompanying figure that illustrates the method of the invention diagrammatically. DETAILED DESCRIPTION OF THE INVENTION With reference to the figure, the method of the invention is implemented by using means that are themselves known, comprising a static memory 1 such as an EEPROM, a read/write memory 2, and a register 3 forming a read-protected zone configured to implement a symmetrical encryption algorithm (DES, TDES, AES, ...) using an encryption key K. In known manner, the encryption key K is obtained by combining two key portions KM and M using a commutative operator such as the EXCLUSIVE OR operator which, in the equations below, is written (+). For this purpose, the key values KM and K are read from the static memory into the read/write memory, and they are then transferred into the protected zone 3 where they are combined using the equation: K = KM(+)M It is recalled that the key K cannot be read in the protected zone 3. In the invention, the static memory 1 also contains a verification encryption key Kv, verification data Dv, and a verification encryption Cv, the verification encryption Cv being previously obtained by direct encryption of the verification data by the encryption algorithm using the verification encryption key. When using a DES algorithm, this gives: Cv = DES(Kv,Dv) In order to cause a disturbance in the key K, it is possible for an attacker to act on the key portions KM and/or M while they are in the static memory or in the read/write memory. In order to verify the integrity of the encryption key K contained in the register 3, the method of the invention comprises the steps of: • in the read/write memory 2, combining the verification encryption key Kv and a first key portion KM. This gives: T = KM( + )Kv • making a second combination between the result obtained from the preceding combination and the second key portion M. In the implementation described, this produces a last combination Mv given by the equation: Mv = T(+)M • combining the verification combination Mv in the protected zone 3 with the encryption key K to obtain a final verification key Kf given by the equation: Kf = K( + )Mv • encrypting the verification data Dv by means of the symmetrical DES encryption algorithm, using the final verification key Kf to obtain an encryption of the verification data CDv such that: CDv = DES(Kf,Dv) • comparing the resulting encryption CDv of the verification data with the verification encryption Cv extracted from the static memory 1. It should be observed that if the formula for the final verification key is written out in full, the fowling is obtained: Kf = K( + )KM( + )Kv( + )M which taking account of the commutativity of the EXCLUSIVE OR operator can be written: If the initial data has not been subjected to an attack, then: and the expression for Kf becomes: On the contrary, if one of the data items has been disturbed, then there is no longer identity between K and KM(+)M, such that the final verification key is then different from the verification encryption key Kv. The encryption of the verification data Dv with the final verification encryption key Kf then gives a result CDv that is different from the verification encryption Cv. Comparing CDv and Cv thus makes it possible to detect an attack and to trigger defensive action, e.g. blocking the algorithm. It should be observed that the method of the invention makes it possible not only to verify the integrity of the encryption key K, but also, when an attack has been made on the verification encryption key Kv, to verify the verification data Dv or the verification encryption Cv. Although the primary object of the invention is not detecting an attack on this data, the invention nevertheless makes it possible to respond so as to avoid the attack bearing subsequently on the data relating to the key portions KM or M. Naturally, the invention is not limited to the implementation described and variant implementations can be applied thereto without going beyond the ambit of the invention as defined by the claims. In particular, although the invention is described with a key in two portions only, the method of the invention can be applied to a key that is recombined from an arbitrary number of key portions by using a commutative operator and a symmetrical encryption algorithm. Although the steps of combining encryption key portions KM and M with the verification key Kv are described as being performed in the read/write memory 2, it is also possible to perform them in the protected zone 3, however that pointlessly monopolizes the computation resources of the protected zone 3. I CLAIMS 1. A method of verifying the integrity of an encryption key (K) obtained by combining at least two key portions (KM, M) in a protected zone (3) by using a commutative operator, the method being characterized in that it comprises the steps of: using the commutative operator to perform a first combination between a key portion (KM) and a verification encryption key (Kv), using the commutative operator to perform in succession a combination between a key portion that has not yet been combined and a result obtained by an immediately preceding combination, until a last combination (Mv) is performed that includes all of the key portions; performing a combination in the protected zone (3) between the encryption key (K) to be verified and the last combination (Mv) of the verification encryption key (Kv) and the key portions (KM, M) in order to obtain a final verification key (Kf); encrypting verification data (Dv) by means of a symmetrical encryption algorithm (DES) using the final verification key (Kf); and making a comparison with a verification encryption (Cv) obtained by direct encryption of the verification data (Dv) by means of the verification encryption key (Kv). 2. A method according to claim 1, characterized in that at least one of the combinations preceding the last combination (Mv) between the key portions (KM, M) and the verification key (Kv) is performed outside the protected zone (3).

Full Text

A METHOD OF VERIFYING THE INTEGRITY OF AN ENCRYPTION KEY OBTAINED BY COMBINING KEY PORTIONS
The present invention relates to a method of verifying the integrity of an encryption key obtained by combining key portions and used in association with a symmetrical encryption algorithm.

It is known that an encryption algorithm operates by means of a key, which constitutes an element that is essential for ensuring that the encryption is secure.
Various means are known for attempting fraudulently to obtain the key associated with an encryption algorithm. One such means comprises analyzing electrical or electromagnetic phenomena that occur when the key is transferred from storage in a read-only memory to a read/write memory or from the read/write memory to a register. In order to combat that method of attack, it is known to subdivide the key into a plurality of portions, generally two portions, that are combined by means of an operator, e.g. the commutative EXCLUSIVE OR operator, in a read-protected zone in which the algorithm is implemented.
Another means for reconstituting the key consists in provoking disturbances in the key and in analyzing the consequences on the encryption of a data item that is used repetitively which provoking successive disturbances to the encryption key. To prevent an attacker from performing successive disturbances to the key, it would be desirable to be able to verify the integrity of the key when implementing the encryption algorithm. Unfortunately, combining key portions in a protected zone that is not accessible for reading prevents any reading back of the key in order to verify its integrity.

An object of the invention is to propose a method of

verifying the integrity of an encryption key obtained by combining a plurality of key portions in a protected zone by using a commutative operator in association with a symmetrical encryption algorithm.
SUMMARY OF THE INVENTION
In order to achieve this object, the invention provides a method comprising the steps of: using the commutative operator to perform a first combination between a key portion and a verification encryption key; using the commutative operator to perform in succession a combination between a key portion that has not yet been combined and a result obtained by an immediately preceding combination, until a last combination is performed that includes all of the key portions; performing a combination in the protected zone between the encryption key to be verified and the last combination of the verification encryption key and the key portions in order to obtain a final verification key; encrypting verification data by means of a symmetrical encryption algorithm using the final verification key; and making a comparison with a verification encryption obtained by direct encryption of the verification data by means of the verification encryption key.
Thus, when the key to be verified has not been disturbed, the final verification key is equivalent to the verification encryption key, and the encryption of the verification data is then identical to the verification encryption. Otherwise, if the encryption key has been disturbed, then the final verification key is not equivalent to the verification encryption key and a difference is detected between the encryption of the verification data and the verification encryption. It is then possible to draw the conclusions there from, for example blocking the encryption algorithm so as to prevent an attacker from continuing the succession of

tests that would enable the attacker to reconstitute the encryption key.
Preferably, at least one of the combinations preceding the last combination between the key portions and the verification key is performed outside the protected zone. This minimizes the means that need to be implemented in the protected zone.
BRIEF DESCRIPTION OF THE DRAWING
Other characteristics and advantages of the invention appear on reading the following description of a preferred, non-limiting implementation of the invention with reference to the accompanying figure that illustrates the method of the invention diagrammatically.
DETAILED DESCRIPTION OF THE INVENTION
With reference to the figure, the method of the invention is implemented by using means that are themselves known, comprising a static memory 1 such as an EEPROM, a read/write memory 2, and a register 3 forming a read-protected zone configured to implement a symmetrical encryption algorithm (DES, TDES, AES, ...) using an encryption key K. In known manner, the encryption key K is obtained by combining two key portions KM and M using a commutative operator such as the EXCLUSIVE OR operator which, in the equations below, is written (+).
For this purpose, the key values KM and K are read from the static memory into the read/write memory, and they are then transferred into the protected zone 3 where they are combined using the equation:
K = KM(+)M It is recalled that the key K cannot be read in the protected zone 3.
In the invention, the static memory 1 also contains a verification encryption key Kv, verification data Dv, and a verification encryption Cv, the verification encryption Cv being previously obtained by direct

encryption of the verification data by the encryption algorithm using the verification encryption key. When using a DES algorithm, this gives:
Cv = DES(Kv,Dv)
In order to cause a disturbance in the key K, it is possible for an attacker to act on the key portions KM and/or M while they are in the static memory or in the read/write memory.
In order to verify the integrity of the encryption key K contained in the register 3, the method of the invention comprises the steps of:
• in the read/write memory 2, combining the
verification encryption key Kv and a first key portion
KM. This gives:
T = KM( + )Kv
• making a second combination between the result
obtained from the preceding combination and the second
key portion M. In the implementation described, this
produces a last combination Mv given by the equation:
Mv = T(+)M
• combining the verification combination Mv in the
protected zone 3 with the encryption key K to obtain a
final verification key Kf given by the equation:
Kf = K( + )Mv
• encrypting the verification data Dv by means of
the symmetrical DES encryption algorithm, using the final
verification key Kf to obtain an encryption of the
verification data CDv such that:
CDv = DES(Kf,Dv)
• comparing the resulting encryption CDv of the
verification data with the verification encryption Cv
extracted from the static memory 1.
It should be observed that if the formula for the final verification key is written out in full, the fowling is obtained:
Kf = K( + )KM( + )Kv( + )M

which taking account of the commutativity of the EXCLUSIVE OR operator can be written:

If the initial data has not been subjected to an attack, then:
and the expression for Kf becomes:

On the contrary, if one of the data items has been disturbed, then there is no longer identity between K and KM(+)M, such that the final verification key is then different from the verification encryption key Kv. The encryption of the verification data Dv with the final verification encryption key Kf then gives a result CDv that is different from the verification encryption Cv.
Comparing CDv and Cv thus makes it possible to detect an attack and to trigger defensive action, e.g. blocking the algorithm.
It should be observed that the method of the invention makes it possible not only to verify the integrity of the encryption key K, but also, when an attack has been made on the verification encryption key Kv, to verify the verification data Dv or the verification encryption Cv.
Although the primary object of the invention is not detecting an attack on this data, the invention nevertheless makes it possible to respond so as to avoid the attack bearing subsequently on the data relating to the key portions KM or M.
Naturally, the invention is not limited to the implementation described and variant implementations can be applied thereto without going beyond the ambit of the invention as defined by the claims.
In particular, although the invention is described with a key in two portions only, the method of the invention can be applied to a key that is recombined from an arbitrary number of key portions by using a

commutative operator and a symmetrical encryption algorithm.
Although the steps of combining encryption key portions KM and M with the verification key Kv are described as being performed in the read/write memory 2, it is also possible to perform them in the protected zone 3, however that pointlessly monopolizes the computation resources of the protected zone 3.

I
CLAIMS
1. A method of verifying the integrity of an encryption
key (K) obtained by combining at least two key portions
(KM, M) in a protected zone (3) by using a commutative
operator, the method being characterized in that it
comprises the steps of: using the commutative operator to
perform a first combination between a key portion (KM)
and a verification encryption key (Kv), using the
commutative operator to perform in succession a
combination between a key portion that has not yet been
combined and a result obtained by an immediately
preceding combination, until a last combination (Mv) is
performed that includes all of the key portions;
performing a combination in the protected zone (3)
between the encryption key (K) to be verified and the
last combination (Mv) of the verification encryption key
(Kv) and the key portions (KM, M) in order to obtain a
final verification key (Kf); encrypting verification data
(Dv) by means of a symmetrical encryption algorithm (DES)
using the final verification key (Kf); and making a
comparison with a verification encryption (Cv) obtained
by direct encryption of the verification data (Dv) by
means of the verification encryption key (Kv).
2. A method according to claim 1, characterized in that
at least one of the combinations preceding the last
combination (Mv) between the key portions (KM, M) and the
verification key (Kv) is performed outside the protected
zone (3).

Documents:

0713-chenp-2009 abstract.pdf

0713-chenp-2009 claims.pdf

0713-chenp-2009 correspondence-others.pdf

0713-chenp-2009 description(complete).pdf

0713-chenp-2009 drawings.pdf

0713-chenp-2009 form-1.pdf

0713-chenp-2009 form-18.pdf

0713-chenp-2009 form-26.pdf

0713-chenp-2009 form-3.pdf

0713-chenp-2009 form-5.pdf

0713-chenp-2009 pct.pdf

713-CHENP-2009 AMENDED CLAIMS 03-12-2014.pdf

713-CHENP-2009 AMENDED PAGES OF SPECIFICATION 03-12-2014.pdf

713-CHENP-2009 CORRESPONDENCE OTHERS 03-02-2014.pdf

713-CHENP-2009 EXAMINATION REPORT REPLY RECIEVED 03-12-2014.pdf

713-CHENP-2009 FORM-1 03-12-2014.pdf

713-CHENP-2009 FORM-13 26-10-2010.pdf

713-CHENP-2009 FORM-3 03-12-2014.pdf

713-chenp-2009 assignment.pdf

713-chenp-2009 correspondence-others.pdf

713-chenp-2009 form-26.pdf

« Previous Patent

Next Patent »

Patent Number

265808

Indian Patent Application Number

713/CHENP/2009

PG Journal Number

12/2015

Publication Date

20-Mar-2015

Grant Date

18-Mar-2015

Date of Filing

06-Feb-2009

Name of Patentee

MORPHO

Applicant Address

27 RUE LEBLANC, 75015 PARIS,

Inventors:

#	Inventor's Name	Inventor's Address
1	PELLETIER, HERVE,	14 RUE CHARLES GOUNOD, 95280 JOUY LE MOUTIER,

PCT International Classification Number

H04L9/06

PCT International Application Number

PCT/FR07/01348

PCT International Filing date

2007-08-07

PCT Conventions:

#	PCT Application Number	Date of Convention	Priority Country
1	06 07232	2006-08-09	France