Secure elements, computer programs, IC cards, and vulnerability analysis and management methods

The secure element's vulnerability analysis management unit allows rapid attack logging and information collection without disrupting certified applications, addressing the challenge of fault attacks in IC cards.

JP2026110986APending Publication Date: 2026-07-03DAI NIPPON PRINTING CO LTD

Patent Information

Authority / Receiving Office
JP · JP
Patent Type
Applications
Current Assignee / Owner
DAI NIPPON PRINTING CO LTD
Filing Date
2024-12-23
Publication Date
2026-07-03

Smart Images

  • Figure 2026110986000001_ABST
    Figure 2026110986000001_ABST
Patent Text Reader

Abstract

This provides a secure element that can quickly collect information related to attacks without changing the configuration of certified applications. [Solution] The secure element 1 includes a vulnerability analysis application 12 having a log reading command 120 for reading an attack detection log 112, and a vulnerability analysis management unit 11 that, when it detects an attack, sets an attack detection flag 111 to ON, saves the attack detection log 112, and when it receives a selection command 100 to select the vulnerability analysis application 12 when the attack detection flag 111 is set to ON, passes the selection command 100 to the vulnerability analysis application 12, and when it receives a command other than the selection command 100 when the attack detection flag 111 is set to ON, sets the attack detection flag 111 to OFF and passes the command other than the selection command 100 to the certified application 13.
Need to check novelty before this filing date? Find Prior Art

Description

Technical Field

[0003]

[0001] This application relates to a secure element implemented in an IC card or the like that handles personal information and financial information.

Background Art

[0002] In an IC card that handles personal information and financial information, protection of data stored in the IC card is extremely important. For this reason, an application implemented in an IC card that handles personal information and financial information may require certification by a service institution. In the certification of an application, criteria for security measures and criteria for reducing the risk of unauthorized use are defined.

[0003] On the other hand, a secure element implemented in an IC card that handles personal information and financial information is required to be able to perform vulnerability analysis as a countermeasure against an attack to illegally read data. An attack on a secure element includes, for example, a fault attack. A fault attack is a method of leaking data by using external perturbations such as a laser or electromagnetic wave to interfere with the normal operation of a secure element and causing a malfunction in the secure element. <00000​​​​​​​​​​​​​​​​​​ [Problems that the invention aims to solve]

[0006] When a secure element is attacked, a rapid response is necessary, but applications requiring certification cannot contain unnecessary commands or data. Unnecessary commands and data refer to commands and data that do not directly relate to the application's functionality. Therefore, applications requiring certification cannot contain commands used for vulnerability analysis, and if a secure element is attacked while such an application is running, a rapid response to the attack cannot be achieved.

[0007] Therefore, this application provides a secure element that can quickly collect information related to attacks without changing the configuration of the application requiring certification. [Means for solving the problem]

[0008] The first invention disclosed in this application is a secure element comprising: a vulnerability analysis management unit that detects an attack and stores an attack detection log describing the details of the attack in a rewritable memory; and a vulnerability analysis application that has a command to read the attack detection log stored in the rewritable memory, wherein the vulnerability analysis management unit sets an attack detection flag to ON when it detects an attack, stores the attack detection log describing the detected attack in a rewritable memory, and if the first command after setting the attack detection flag to ON is a selection command to select the vulnerability analysis application, it passes the selection command to the vulnerability analysis application to change the vulnerability analysis application from an unselected state to a selected state, and if the first command is not a selection command to select the vulnerability analysis application, the vulnerability analysis management unit sets the attack detection flag to OFF.

[0009] The second invention is characterized in that, in the secure element described in the first invention, when the vulnerability analysis management unit selects the vulnerability analysis application and then receives a selection command to select an application other than the vulnerability analysis application, it sets the attack detection flag to off.

[0010] The third invention is a computer program that operates the CPU as a vulnerability analysis management unit provided in the secure element described in the first or second invention.

[0011] The fourth invention is an IC card that incorporates the secure element described in the first or second invention.

[0012] The fifth invention is a vulnerability analysis management method characterized by including the following steps: a) when a secure element detects an attack occurring on the secure element, sets an attack detection flag to ON and saves an attack detection log describing the details of the detected attack to a rewritable memory; b) when the secure element receives the first command after setting the attack detection flag to ON; c) when the first command is a selection command that selects a vulnerability analysis application having the function of reading the attack detection log saved in the rewritable memory, the secure element passes the selection command to the vulnerability analysis application to change the vulnerability analysis application from an unselected state to a selected state, and when the first command is not a selection command that selects the vulnerability analysis application, the secure element sets the attack detection flag to OFF.

[0013] The sixth invention is a vulnerability analysis management method refined from the fifth invention, characterized in that, after the secure element has selected the vulnerability analysis application, it receives a selection command to select an application other than the vulnerability analysis application, and then sets the attack detection flag to off. [Effects of the Invention]

[0014] The secure element disclosed in this application includes a vulnerability analysis application that has a command to read attack detection logs stored in rewritable memory, so that attack detection logs can be read without changing the configuration of the application that requires certification. With the secure element disclosed in this application, if the vulnerability analysis application is selected in the first command after an attack is detected, it becomes possible to read the attack detection logs, and information about the time of the attack can be collected quickly. Also, if the vulnerability analysis application is not selected in the first command after an attack is detected, it becomes impossible to select the vulnerability analysis application, but the operation of an application other than the vulnerability analysis application (for example, an application that requires certification) can continue. [Brief explanation of the drawing]

[0015] [Figure 1] A diagram illustrating an IC card with a secure element implemented. [Figure 2] Block diagram of the secure element. [Figure 3] A diagram illustrating the operation of the secure element when detecting an attack. [Figure 4] Figure 1 illustrates the operation of the secure element after an attack is detected. [Figure 5] Figure 2 illustrates the operation of the secure element after an attack is detected. [Modes for carrying out the invention]

[0016] The embodiments of the present invention will now be described. These embodiments are provided to facilitate understanding of the present invention, and the present invention is not limited to these embodiments. Unless otherwise specified, the drawings are schematic diagrams drawn to facilitate understanding of the present invention.

[0017] FIG. 1 is a diagram for explaining the secure element 1 according to the present embodiment. The secure element 1 according to the present embodiment is a highly secure IC chip that protects confidential information and performs cryptographic operations and the like. The secure element 1 according to the present embodiment is configured to be able to quickly collect information related to an attack without changing the configuration of an application that requires authentication.

[0018] In FIG. 1, an IC card 2 on which the secure element1 according to the present embodiment is implemented is illustrated. The IC card 2 shown in FIG. 1 is a contact type that reads and writes data through metal contacts visible on the card surface, and the secure element 1 is implemented on the back surface of the contact terminal substrate 20. The IC card 2 on which the secure element 1 is implemented may be a non-contact type that reads and writes data using wireless communication, or a dual interface type having both contact type and non-contact type characteristics.

[0019] In FIG. 1, the reason for implementing the secure element 1 on the IC card 2 is that an application that requires authentication is implemented on the IC card 2. For example, an IC card 2 used as a credit card has a credit card application that requires authentication implemented thereon. The use of the secure element 1 is not limited to the IC card 2. The secure element 1 can also be applied to a SIM card (Subscriber Identity Module Card) or an eSIM (embedded SIM) used in a mobile communication terminal such as a smartphone. Further, the secure element 1 can be implemented in an IoT device.

[0020] As shown in FIG. 1, the secure element 1 according to the present embodiment includes a CPU 140 (Central Processing Unit), a RAM 141 (Random Access Memory), a ROM 142 (Read Only Memory), an NVM 143 (Non-volatile memory), and a UART 144 (Universal Asynchronous Receiver-Transmitter). Note that the secure element 1 includes circuits that are not shown in the figure, such as a circuit that generates a clock, a reset circuit that performs reset processing, and a coprocessor specialized for cryptographic operations, but are necessary for the secure element 1 to operate.

[0021] The CPU 140 is an arithmetic circuit that executes a computer program to perform predetermined processing. The ROM 142, the RAM 141, and the NVM 143 are memories. The ROM 142 is a non-rewritable memory that can permanently store data. The RAM 141 is a volatile memory that cannot permanently store data but can be rewritten at high speed. The NVM 143 is a rewritable non-volatile memory that can permanently store data.

[0022] The UART 144 is a circuit for communicating with an external device 3. In the case of the contact-type IC card 2, the UART 144 complies with ISO / IEC 7816 part3. The UART 144 receives a command from the external device 3 and transmits a response to the external device 3. Note that in the case of the IC card 2, the basic unit related to communication with the external device 3 is an APDU (Application Protocol Data Unit).

[0023] FIG. 2 is a block diagram of the secure element 1 according to the present embodiment. The secure element 1 according to the present embodiment includes hardware 14, an operating system 10, an authenticated application 13, and a vulnerability analysis application 12.

[0024] The hardware 14 of the secure element 1 consists of the hardware 14 shown in Figure 1 (CPU 140, RAM 141, ROM 142, NVM 143, etc.). The rewritable memory of the hardware 14 contains an attack detection flag 111 used by the vulnerability analysis application 12. The rewritable memory of the hardware 14 is also used to store an attack detection log 112 that records the details of the attack.

[0025] The operating system 10 of the secure element 1 is software that provides the basic functions of the secure element 1, such as communication control functions, memory management functions, and file management functions. The operating system 10 includes a selection command 100 used for selecting applications and a vulnerability analysis management unit 11 that manages the applications implemented in the secure element 1.

[0026] The selection command 100 is a command used to select an application. The selection command 100 transmitted from the external device 3 includes a command identifier used to identify the command and an application identifier used to identify the application. The command identifier of the selection command 100 becomes data that identifies the selection command 100. The application corresponding to the application identifier included in the selection command 100 is selected by the selection command 100.

[0027] In this embodiment, the vulnerability analysis management unit 11 is a function implemented by a computer program that operates the CPU 140. The vulnerability analysis management unit 11 has the function of managing applications. When the vulnerability analysis management unit 11 receives a selection command 100 from the external device 3, it passes the selection command 100 to the application specified by the selection command 100. If the application is successfully selected, the vulnerability analysis management unit 11 changes this application from an unselected state to a selected state. The selected application becomes the application to be operated on. Also, if an application that was previously unselected becomes selected, the previously selected application reverts to an unselected state. The vulnerability analysis management unit 11, which targets applications for operation, passes the commands received from the external device 3 (excluding the selection command 100) to the selected application. The application that receives a command from the vulnerability analysis management unit 11 executes processing corresponding to the command and passes a response including the processing result to the vulnerability analysis management unit 11, which then outputs this response to the external device 3.

[0028] Furthermore, the vulnerability analysis management unit 11 according to this embodiment has an attack detection means 110 that detects attacks occurring on the secure element 1 as a function for detecting attacks. Attacks detected by the attack detection means 110 of the vulnerability analysis management unit 11 are attacks that can be detected by monitoring the hardware 14 of the secure element 1. An example of an attack that can be detected by monitoring the hardware 14 of the secure element 1 is a voltage glitch attack. A voltage glitch attack is an attack that induces malfunction of the secure element 1 by causing a sudden fluctuation in the supply voltage supplied to the secure element 1. Voltage glitch attacks can be detected by monitoring the fluctuation in the supply voltage supplied to the secure element 1.

[0029] When the vulnerability analysis management unit 11's attack detection means 110 detects an attack, it sets an attack detection flag 111 located in the rewritable memory of the secure element 1's hardware 14 to ON, and then writes an attack detection log 112, which describes the details of the detected attack, to the rewritable memory of the hardware 14. The attack detection log 112 includes information indicating the details of the attack (or the details of the anomaly). Information indicating the process that was being executed when the attack was detected (for example, commands executed by the certified application 13) can be included in the attack detection log 112. In this embodiment, the memory that stores the attack detection flag 111 is RAM 141. This is because resetting the secure element 1 allows the attack detection flag 111 to be initialized (turned off). The memory that stores the attack detection log 112 may also be RAM 141, but the memory that stores the attack detection log 112 may also be NVM 143.

[0030] The vulnerability analysis management unit 11 passes the selection command 100 to the vulnerability analysis application 12 and puts the vulnerability analysis application 12 into a selected state only if the first command after setting the attack detection flag 111 to ON is a selection command 100 to select the vulnerability analysis application 12. If the first command after setting the attack detection flag 111 to ON is not a selection command to select the vulnerability analysis application 12, the vulnerability analysis management unit 11 sets the attack detection flag 111 to OFF. This ensures that the vulnerability analysis application 12 can only be selected by the first command after an attack is detected.

[0031] Certified application 13 is an application that requires certification and is used by users to perform specific tasks. For example, certified application 13 is a credit application used to perform credit card payments as a specific task. Certified application 13 has the commands necessary for users to perform specific tasks.

[0032] The vulnerability analysis application 12 is an application for reading the attack detection log 112. The vulnerability analysis application 12 is equipped with a log reading command 120 that has the function of reading the attack detection log 112. In the secure element 1 according to this embodiment, the attack detection log 112 is associated only with the vulnerability analysis application 12. Therefore, in the secure element 1 according to this embodiment, the application that can read the attack detection log 112 is limited to the vulnerability analysis application 12.

[0033] In a secure element 1 configured in this way, a vulnerability analysis application 12 having a log reading command 120 for reading the attack detection log 112 is provided separately from the certified application 13. Therefore, the attack detection log 112 can be read without changing the configuration of the certified application 13. If the vulnerability analysis application 12 is selected in the first command after detecting an attack, the attack detection log 112 can be read, and information about the attack (attack detection log 112) can be quickly collected. If the vulnerability analysis application 12 is not selected in the first command after detecting an attack, the attack detection log 112 cannot be read, but the operation of the certified application 13, which is not the vulnerability analysis application 12, will be prioritized.

[0034] The operation of the secure element 1 according to this embodiment will now be described. The description of the operation of the secure element 1 according to this embodiment also serves as a description of the vulnerability analysis management method, which is the invention related to the method of this application. Figure 3 is a diagram illustrating the operation of the secure element 1 when an attack is detected. Figure 4 is the first diagram illustrating the operation of the secure element 1 after an attack has been detected. In Figure 4, the first command after an attack has been detected is a selection command 100 that selects the vulnerability analysis application 12. Figure 5 is the second diagram illustrating the operation of the secure element 1 after an attack has been detected. In Figure 5, the first command after an attack has been detected is a command other than the selection command 100 that selects the vulnerability analysis application 12.

[0035] First, referring to Figure 3, the operation of Secure Element 1 when detecting an attack will be explained. When a command (in this case, a command for certified application 13) is sent from external device 3 (step S1), the vulnerability analysis management unit 11 passes this command to the application that is currently selected (in this case, certified application 13) (step S2). Certified application 13 performs processing corresponding to the command sent from external device 3 (step S3) and passes a response including the command processing result to the vulnerability analysis management unit 11 (step S4). The vulnerability analysis management unit 11 sends this response to external device 3 (step S5). Steps S1 to S5 represent the operation of Secure Element 1 when no attack occurs while certified application 13 is processing the command.

[0036] When a command (in this case, a command for certified application 13) is sent from external device 3 (step S6), the vulnerability analysis management unit 11 passes this command to the application that is currently selected (in this case, certified application 13) (step S7). If an attack such as a voltage attack occurs while certified application 13 is processing the command sent from external device 3 (step S8), the attack detection means 110 of the vulnerability analysis management unit 11 detects the attack (step S9). When the attack detection means 110 of the vulnerability analysis management unit 11 detects the occurrence of an attack, it sets the attack detection flag 111 to ON (step S10) and then saves the attack detection log 112 (step S11). When the attack detection means 110 of the vulnerability analysis management unit 11 saves the attack detection log 112, the vulnerability analysis management unit 11 sends a response indicating that an anomaly has occurred, such as by generating an interrupt (step S12), and the procedure in Figure 3 ends. Steps S6 through S12 describe the behavior of the secure element 1 in the event of an attack while the certified application 13 is processing the command.

[0037] Next, referring to Figure 4, we will explain the case where the first command after setting the attack detection flag 111 to ON is a selection command 100 for selecting the vulnerability analysis application 12. In step S12 of Figure 3, after sending a response indicating that an anomaly has occurred, when the first command is received from the external device 3 (step S20), the vulnerability analysis management unit 11 determines whether this command is a selection command 100 for selecting the vulnerability analysis application 12 (step S21). Whether a command is a selection command 100 can be determined by the command identifier contained in the command. Also, if the command is a selection command 100, whether the application selected by the selection command 100 is the vulnerability analysis application 12 can be determined from the application identifier contained in the selection command 100.

[0038] In step S20 of Figure 4, it is assumed that a selection command 100 for selecting the vulnerability analysis application 12 has been received. In step S21 of Figure 4, if it is determined that a selection command 100 for selecting the vulnerability analysis application 12 has been received, the vulnerability analysis management unit 11 determines whether or not the attack detection flag 111 is set to ON (step S22).

[0039] Here, in step S10 of Figure 3, the attack detection flag 111 is set to ON. When the attack detection flag 111 is set to ON, the vulnerability analysis management unit 11 passes the selection command 100 received in step S20 of Figure 4 to the vulnerability analysis application 12 (step S23). The vulnerability analysis application 12 processes the selection command 100 (step S24), and the vulnerability analysis application 12 changes from an unselected state to a selected state. The vulnerability analysis application 12 passes a response, including the processing result of the selection command 100, to the vulnerability analysis management unit 11 (step S25), and the vulnerability analysis management unit 11 sends this response to the external device 3 (step S26).

[0040] After selecting the vulnerability analysis application 12, when a log read command 120 to read the attack detection log 112 is sent from the external device 3 (step 27), the vulnerability analysis management unit 11 passes the log read command 120 to the vulnerability analysis application 12 (step S28). After the log read command 120 reads the attack detection log 112 stored in the rewritable memory of the hardware 14 (step S29), it passes a response containing the attack detection log 112 to the vulnerability analysis management unit 11 (step S30). The vulnerability analysis management unit 11 sends this response to the external device 3 (step S31).

[0041] After sending a response containing the attack detection log 112 to the external device 3, when the external device 3 sends a selection command 100 for selecting the certified application 13 (step S32), the vulnerability analysis management unit 11 sets the attack detection flag 111 to off (step S33). By setting the attack detection flag 111 to off, the vulnerability analysis application 12 becomes unselectable. Next, the vulnerability analysis management unit 11 passes the selection command 100 for selecting the certified application 13 to the certified application 13, making the certified application 13 selected (step S34). When the certified application 13 is selected, the vulnerability analysis application 12 becomes unselected. After processing the selection command 100 (step S35), the certified application 13 passes a response containing the processing result of the selection command 100 to the vulnerability analysis management unit 11 (step S36), and the vulnerability analysis management unit 11 sends this response to the external device 3 (step S37), ending the procedure in Figure 4.

[0042] Next, referring to Figure 5, we will explain the case where the first command after setting the attack detection flag 111 to ON is not the selection command 100 for selecting the vulnerability analysis application 12. In step S12 of Figure 3, after sending a response indicating that an anomaly has occurred, when the first command is received from the external device 3 (step S40), the vulnerability analysis management unit 11 determines whether or not this command is the selection command 100 for selecting the vulnerability analysis application 12 (step S41). In Figure 5, assume that in step S40, a command other than the selection command 100 for selecting the vulnerability analysis application 12 was received. In step S41 of Figure 5, when it is determined that a command other than the selection command 100 for selecting the vulnerability analysis application 12 was received, the vulnerability analysis management unit 11 determines whether or not the attack detection flag 111 is set to ON (step S42). Here, in step S10 of Figure 3, the attack detection flag 111 is set to ON. Therefore, the vulnerability analysis management unit 11 sets the attack detection flag 111 stored in the rewritable memory of the hardware 14 to OFF (step S43). By setting the attack detection flag 111 to off, the vulnerability analysis application 12 becomes unavailable for selection.

[0043] At the end of step S43 in Figure 5, the application selected by secure element 1 becomes certified application 13. Therefore, the vulnerability analysis management unit 11 passes the command received in step S40 in Figure 5 to certified application 13 (step S44), and certified application 13 executes the processing corresponding to the command (step S45). Certified application 13 passes a response including the processing result of the command to the vulnerability analysis management unit 11 (step S46), and the vulnerability analysis management unit 11 sends this response to external device 3 (step S47), and the procedure in Figure 5 ends. [Explanation of Symbols]

[0044] 1 Secure Element 10 Operating Systems 100 Selection Commands 11 Vulnerability Analysis Management Department 110 Attack detection means 111 Attack detection flag 112 Attack Detection Log 12 Vulnerability Analysis Applications 120 Log reading command 13 Certified Applications 14 Hardware 140 CPU 141 RAM 142 ROM 143 NVM 144 UART 2 IC cards 20 Contact terminal board 3 External device

Claims

1. The system includes a vulnerability analysis management unit that detects attacks and stores an attack detection log containing details of the attack in a rewritable memory, and a vulnerability analysis application that has a command to read the attack detection log stored in the rewritable memory. The vulnerability analysis management unit, upon detecting an attack, sets the attack detection flag to ON and saves the attack detection log to a rewritable memory. If the first command after setting the attack detection flag to ON is a selection command to select the vulnerability analysis application, the unit passes the selection command to the vulnerability analysis application, changing the vulnerability analysis application from an unselected state to a selected state. If the first command is not a selection command to select the vulnerability analysis application, the unit sets the attack detection flag to OFF. A secure element characterized by the following features.

2. The secure element according to claim 1, characterized in that the vulnerability analysis management unit, after selecting the vulnerability analysis application, receives a selection command to select an application other than the vulnerability analysis application, and then sets the attack detection flag to off.

3. A computer program that operates the CPU as a vulnerability analysis management unit of the secure element described in claim 1 or claim 2.

4. An IC card having the secure element described in claim 1 or claim 2 implemented.

5. Step a: When the secure element detects an attack occurring on the secure element, it sets the attack detection flag to ON and saves an attack detection log containing the details of the detected attack to a rewritable memory. Step b, the secure element receives the first command after setting the attack detection flag to ON. If the first command is a selection command that selects a vulnerability analysis application that has a command to read an attack detection log stored in writable memory, the secure element passes the selection command to the vulnerability analysis application to change the vulnerability analysis application from an unselected state to a selected state, and if the first command is not a selection command that selects the vulnerability analysis application, step c sets the attack detection flag to off. A vulnerability analysis and management method characterized by including the following.

6. The vulnerability analysis management method according to claim 5, characterized in that when the secure element has selected the vulnerability analysis application and then receives a selection command to select an application other than the vulnerability analysis application, it sets the attack detection flag to off.