Digital Signatures without CPUs
VuillaumeThe basic scheme is essentially the same as authentication using a public key infrastructure (PKI). First, the public key and certificate stored on the memory chip are read by the verification device. After verifying that the public key is legitimate, the verification device sends a randomly generated challenge code consisting of 0's and 1's to the memory controller. For the response code sent back by the memory controller, half the secret data is transmitted while the remaining half is deleted. This response is the digital signature, and if it matches the public key, then the authentication succeeds. Note that the secret data used in the digital signature is deleted with each use, so different secret data is used for the next authentication and every subsequent authentication. In other words, the digital signature is a nonce; it changes with every use.
Figure 5: Generating digital signatures with a stand-alone memory chip without a CPU
VuillaumeIn this scheme, the data used for authentication—the public key and secret data—is calculated in advance and copied to the memory chip (the originator) to be used for authentication. Because the data is pre-calculated, it doesn't have to be calculated at the time of authentication. This obviates the need for a CPU, so costs can be significantly reduced. Note too that, at the time of authentication, only half of the secret data is transmitted while the remaining half is deleted. This means that, even if an eavesdropper intercepts and seeks to replay the secret data that was sent, he still wouldn't know the remaining 50% of the secret data, so authentication would fail. We are thus able to offer memory devices that are securely protected and extremely difficult to counterfeit.
Figure 6: Authentication by memory device
Related Links
Conference presentation reports written by researchers at SDL.
Technical terms related to research themes at SDL are explained.
