Cyptography Research asks chip or card manufacturers to pay for use of its patented security measures
In the late 1990s, a scare tore through the smart card community when the media began running articles attacking the security of the cards and calling into question the vulnerability of chip card-enabled systems. The threat had a very serious sounding name, differential power analysis (DPA), and the concern spread quickly.
The Australian Financial Review broke the story on June 6, 1998 leading with the ominous statement, “A ruinous security problem has jeopardized the viability of millions of smartcards in GSM mobile phones as well as the recently introduced Telstra Phonecard.” A series of doom and gloom articles followed in technology publications and major newspapers and periodicals.
According to the accounts, a group of young cryptographers in San Francisco had discovered a way to extract the encryption keys protecting data in a chip, thus opening its contents for unintended use. The ramifications for the burgeoning GSM market and highly touted stored value programs such as Mondex, Proton, and VisaCash seemed significant.
The smart card industry attempted to brush off the significance of the threat pointing to the fact that the attack was confined to laboratory environments and that no actual issued cards had been compromised. But the damage was done … it was another public relations hit to an industry trying to define itself in the eyes of the average consumer.
Thankfully, the average consumer is fickle. Within months, DPA was forgotten about by all but the most security-focused in the chip and related industries. The media was on to the next story and the crisis disappeared as quickly as it had materialized.
Fast forward to November 2004
San Francisco-based Cryptography Research, which specializes in developing and licensing technology to solve complex data security problems, officially announced that it had established a licensing program for its patented DPA countermeasures … and, according to Kit Rodgers, VP of Licensing for Cryptography Research, virtually every chip card issued in the market uses the patented countermeasures. But wait a minute. To the casual observer of the smart card industry, it seemed that DPA’s “15 minutes of fame” had passed before the millennium. What happened?
It turns out that DPA really was a credible threat to chip security, and it turns out that Paul Kocher, one of the young cryptographers that discovered DPA, is the founder of Cryptography Research. At first blush, this might seem odd – the same guy that discovered the threat is selling countermeasures to defend against it.
In reality, this is not uncommon in data security circles. It stands to reason that the people discovering the weakness are often in the best position to fix it. If the threat is deemed real following scrutiny by the industry, the protection against the threat is necessary and has inherent value to the industry. That is exactly what happened in this case, says to Mr. Rodgers.
So what happened during the 6-plus years that passed between the Australian Financial Review article and the announcement of the licensing program?
It turns out that Mr. Kocher and Cryptography Research had shown the vulnerabilities they discovered to Mondex, Visa, and others prior to the 1998 media storm. These card issuers then brought the silicon and card suppliers to see the DPA demonstration. According to Mr. Rodgers, “Under NDA we showed them how to mask and minimize the vulnerabilities. We told them we would be coming back for licensing once the patents were issued.”
In April 2004, the company announced that it had been granted a series of patents broadly covering countermeasures to DPA attacks. These include:
- U.S. Patent #6,654,884: Hardware-level mitigation and DPA countermeasures for cryptographic devices;
- U.S. Patent #6,539,092: Leak-resistant cryptographic indexed key update;
- U.S. Patent #6,510,518: Balanced cryptographic computational method and apparatus for leak minimization in smartcards and other cryptosystems;
- U.S. Patent #6,381,699: Leak-resistant cryptographic method and apparatus;
- U.S. Patent #6,327,661: Using unpredictable information to minimize leakage from smartcards and other cryptosystems;
- U.S. Patent #6,304,658: Leak-resistant cryptographic method and apparatus;
- U.S. Patent #6,298,442: Secure modular exponentiation with leak minimization for smartcards and other cryptosystems; and
- U.S. Patent #6,278,783: DES and other cryptographic, processes with leak minimization for smartcards and other cryptosystems.
So, it seemed, the time had come for Cryptography Research to go back to the manufacturers with a licensing program. “We began talking to the chip and card suppliers in the spring (2004),” said Mr. Rodgers. “They all knew us so we were not coming from out of the blue.”
Their message is clear. “You need a secure smart card and for a smart card to be secure it needs to be secure against DPA attacks,” says Mr. Rodgers. “We want to be viewed as helping the industry against a major vulnerability.”
What does the licensing program really mean?
Cryptography Research expects companies utilizing the patented countermeasures in their products to pay for its use. But with card products, this could include several companies in the supply chain. The chip manufacturer can employ the countermeasures, the card manufacturer as well, and the card issuer certainly benefits as the end supplier of the finished product. So who pays?
According to Mr. Rodgers, “we want (the licensing) to be cost appropriate so only one party in the chain will pay. We don’t care which phase (pays the license) so it could be silicon or card manufacturers.”
In reality, a large smart card manufacturer would likely want the flexibility to choose from a variety of silicon manufacturers–both large and small. Such a manufacturer says Mr. Rodgers, “may want to lock in the price at a great rate. If they get it from a licensed silicon manufacturer, they wouldn’t pay again.” In short, both chip and card suppliers may be licensed but if a card manufacturer bought chips that had already been licensed, they would not pay a second fee for the cards created with those chips.
While it might seem difficult to manage such a process, the pool of potential licensees is not large. According to Mr. Rodgers, “six manufacturers account for about 96% of the chips and five smart card manufacturers supply most of the cards.”
The question of price
How much will the license fees cost? The company is being purposefully vague as they are currently in the discussion phases with industry. Hinting at the cost, Mr. Rodgers says, “we are trying to price this in a way that gives us the appropriate amount of money for the value the technology provides. We think smart cards are an excellent solution for certain security applications and want to succeed along with the market.”
He mentions that early adopters will receive favorable pricing to give them a competitive advantage. As well, he suggested that they have discussed amnesty for past cards issued without license fees, suggesting the potential that they might seek reparations for products issued in the past.
Mr. Rodgers mentions that the company has “allocated $20 million to launch and sustain the licensing program.” As with any such program, some portion of those dollars is certain to be earmarked for legal pursuits, either reactive or proactive.
In summary, he says, “pricing terms will be appropriate for their (chip and card manufacturers) business. We don’t want this to have a negative impact on the industry as that will ultimately hurt our business over the long term.”
About Cryptography Research:
According to Kit Rodgers, Cryptography Research develops and licenses technology solutions, provides services, and conducts applied research to solve some of the world’s most complex data security problems. Founded in 1995, they help evaluate and design secure products in the financial security sector and other industries, and are currently focused on helping movie studios secure the forthcoming HD DVD and Blu-ray formats. The company licenses technology in three main areas: DPA countermeasures, CryptoFirewall™ for set-top pay TV, and content protection mechanisms for next-generation HD discs. To learn more visit them on the web at www.cryptography.com.
To read an article on the DPA threat that appeared on CNET on June 10, 1998, click here.
To access a primer on Differential Power Analysis produced by Cryptography Research, click here.