Skip to main content

Development of a Dedicated Microprocessor with a Universal Crypto Coprocessor and its Integration into High-Security IC Cards

Objective

The demand for secure data systems is increasing, and hardware and software protection is needed to improve current password solutions. The most modern protection for end-to-end data or message encryption uses public key methods, as represented by the RSA or Fiat Shamir Algorithms. State-of-the-art products use large-area silicon chips, which have the disadvantage of high cost at low speed; their integration into chipcards is impossible.

The CRYPTOCARD project aims to find new semiconductor-based solutions and to demonstrate the effectiveness of employing a secure chipcard with a dedicated coprocessor for fast asymmetric encryption procedures. This solution will strengthen the use of open system architectures as proposed in the ITHACA projects (2121 and 2705).
For electronic data processing (EDP) the confidentiality and integrity of private messages has to be ensured by authentication means. Symmetric methods are not appropriate for key distribution over large communication networks. However, public key crypto (PKC) systems enable key management. With these asymmetric algorithms only one of two keys is kept secret. Use of a microcontroller and an electrically erasable programmable read only memory (EEPROM) embedded into a smart card is the most secure method of preserving this key. Because of the high computational complexity of asymmetric algorithms, a dedicated crypto-coprocessor was developed. It serves as a high speed arithmetic unit for modular multiplications. The Siemens component SLE44C200 is based on an advanced coprocessor architecture. With 4 cycles of a 140 bit-parallel arithmetic unit (AU) it executes one 540 bit RSA-decryption in about 0.4 s at 3.57 MHz. In 1 um complementary metal oxide semiconductor (CMOS) technology the Coprocessor's chip area is less than 5 square millimetres. For very large scale integration (VLSI) implmentations it is integrated together with a microprocessor (including 256 byte RAM), 8 kilobyte ROM, and 2 kilobyte EEPROM into one single chip. With application specific software the SLE 44C200 becomes a multifunctional processor chip card suitable for a broad range of applications, eg banking card, access control, and Fax. Further flexibility is attributed to a highly regular and modular design. With this property different security levels can be satisfied by an increased key length. A hybrid concept was chosen in order to combine higher baud rates with improved security.

The demand for secure data systems is increasing, and hardware and software protection is needed to improve current passwork solutions. The most modern protection for end to end data or message encryption uses public key methods, as represented by the Rivest-Shamir-Adleman (RSA) or Fiat Shamir algorithms. State of the art products use large area silicon chips, which have the disadvantage of high cost at low speed; their integration into chipcards is impossible. The project aims to find new semiconductor based solutions and to demonstrate the effectiveness or employing a secure chipcard with a dedicated coprocessor for fast asymmetric encryption procedures. Beside the generic information technology, special applications of the chipcard integrated circuit (IC) will be in computer cards and bank cards. One important goal is to achieve high flexibility in that a variety of algorithms (such as public key methods, symmetric methods and zero knowledge algorithms) can be handled by the new chip.

The first silicon of the crypto coprocessor has been successfully tested. The results are: RSA encryption/decryption of 540 bit word length is done in less than 0.3 ms at % MHz internal clock rate. The active area is small enough to use the chip in a chip card. The chips of the coprocessor are available in dual in line (DIL) packages. Crypto IC chips (SLE 44C20) and the emulator and demonstrator hardware and software are available as is a basic application program.
The two main partners (Siemens for the semiconductor work and Bull for the application) will share their experience with all interested partners in the ITHACA team.

The results will be open to the European information industry to set standards for the encryption and for user-friendly software to be implemented on the microprocessor chips. Beside the generic information technology, special applications of the chipcard IC will be in:

- computer cards (access, identification, authentication, electronic signature)
- bank cards (point-of-sale, ATM, home banking)

One important goal is to achieve high flexibility in that a variety of algorithms (such as public key methods, symmetric methods and zero knowledge algorithms) can be handled by the new chip.

Coordinator

Siemens AG
Address
Balanstraße 73
81541 München
Germany

Participants (1)

Bull SA
France
Address
Tour Bull 1 Place Carpeaux Puteaux
92039 Paris La Défense