Hitachi Unveils Digital Signatures on Stand-Alone Memory Chips

Tag : memory

Anti-counterfeiting functionalities made available on memory chipswithout microprocessor such as memory cards, tickets or cartridges-

Tokyo.- Hitachi, Ltd. ( NYSE: HIT / TSE: 6501) announced today the development of a mechanism forattesting the authenticity of memory chips using highly securedigital signatures in a worldwide breakthrough. Since the mechanismrequires neither a CPU nor a computational unit, high security canbe attained at a very low cost. As a result, counterfeited oraltered memory devices can be recognized as such, with a wide rangeof applications, including memory cards for digital cameras orhandheld video game consoles, cartridges for consumer products,admission tickets or gift coupons.

On the one hand, barcodes, seals or signatures are useful forestablishing the authenticity and the integrity of physical goodsor paper documents; on the other hand, digital signatures canachieve similar results in the electronic world, for example forcomputer software or electronic documents. In order to establishthat digital contents are authentic and have not been tamperedwith, digital signatures usually involve cost-intensivecomputations and require an important processing power. Forinstance, in some schemes, large integers with hundreds of digitsare multiplied hundreds of times using a powerful CPU. As aconsequence, conventional memory chips without CPU cannot handledigital signatures and are confined to the use of basicidentification(A) techniques based for example on serial numbers.Moreover, adding a CPU with sufficient processing power for digitalsignatures to such chips would considerably raise their cost.However, although the market of removable storage devices such asmemory cards for digital cameras and game cartridges for handheldconsoles has enjoyed a sustained growth, in the same time, theimpact of counterfeits and piracy on this market is larger andlarger, and this issue has attracted the attention of the industry.

This is the original motivation behind Hitachis effort to developa digital signature technique which, for the first time in theworld, does not require any CPU and can be readily integrated in amemory chip. In this new scheme, data required for digitalsignatures is pre-calculated and stored in memory. Later, this datais re-combined appropriately in order to assemble a digitalsignature. Unlike conventional digital signatures which require animportant processing power, the new digital signature system can berealized in simple memory chip. Now, with Hitachis technology,CHAP(B) systems may be used in applications where highly secureauthentication is required, at a low cost. In particular, thedigital signature scheme can serve as building blocks for anti-copyand anti-tampering mechanisms for a wide range of products,including memory cards for digital cameras or handheld video gameconsoles, authentication tokens, replacement parts for consumerelectronics, admission tickets or gift coupons.

(A) Identification is a mechanism that allows distinguishingsubjects in a group. Usually, it is realized with unique attributesof subjects such as passwords or serial numbers. Identificationmechanisms do not provide protection against malicious thirdparties able to intercept passwords or serial numbers.
(B) Challenge Handshake Authentication Protocol (CHAP) is anauthentication method where a verifier sends a random challenge toa prover who replies with a digital signature of the challenge.

In addition, part of this work was realized in a joint researcheffort with the Technical University of Darmstadt, Germany(President: Hans Juergen Proemel). Moreover, the result will beannounced at the 9th International Workshop on Information SecurityApplications (WISA 2008) which will be held in Jeju Island, Korea,from September 23 to 25, and in the Second Workshop on Post-QuantumCryptography (PQCrypto 2008), which will be held in Cincinnati,Ohio, USA, from October 17 to 19.
Technical details

Anti-counterfeiting mechanism
In order to check the authenticity of a removable memory device,when the memory device is paired with a contained device, a randomnumerical sequence called "challenge" is sent from the container tothe memory device. Next, the memory device replies with a numericalsequence corresponding to the challenge. This response sequenceconsists of pieces of enciphered data initially loaded to thememory device, and is a digital signature of the challenge. Thecontainer verifies the digital signature, and if it is correct,accepts the memory device, following the principles of CHAP.However, a counterfeit will fail to deliver a proper digitalsignature and will be rejected by the container.
Interception of correct digital signatures
Counterfeits may include correct digital signatures gathered fromauthentic memory devices, but even in this case, will fail toauthenticate. The reason is that a new challenge is sent for everynew authentication. Since signatures gathered in the past cannot bethe correct response to a new challenge, they are not of any helpfor successfully authenticating. In that sense, the securityoffered by the technique is much higher than that of identificationsystems based on passwords or serial numbers. Related Links Source
This news content was configured by WebWire® editorial staff.Linking is permitted.