The assignee for this patent, patent number 8645735, is
Reporters obtained the following quote from the background information supplied by the inventors: "A. Technical Field
"The present invention relates to a secure device, and more particularly, to systems, devices and methods of reducing power consumption of the secure device by limiting the amount of secure volatile memory that needs to be supplied by a battery. This secure device is used in high security applications such as financial terminals.
"B. Background of the Invention
"Nowadays, nearly all financial transactions are implemented based on cash exchanges at bank or sales counters, automatic teller machine (ATM) transaction, credit card payments via a specialized card reader, or internet transactions based on a generic computer or mobile device. Secure devices have been applied in the ATMs and the specialized card readers to provide an enhanced security level to the financial transactions. As the mobile devices become widely accepted and used as convenient financial terminals, secure device technologies start to be adopted and will gradually become a must for mobile devices as well.
"Secure devices in these financial terminals must use batteries in their idle state when an external power source is not available. Battery power is used to secure memory storage, monitor any tamper attempt, and sometimes, to maintain a real-time clock (RTC). FIG. 1 illustrates a battery-backed sub-system 100 in an existing secure device. Cryptographic keys and sensitive data are loaded to a secure memory 104 at the manufacturer's site, and part of the secure memory 104 has to be powered to avoid data loss. While it is powered by the external power source 110 under normal operation conditions, the part of the secure memory 104 has to switch to the battery 102 for power in the idle state via the switch 109. At the same time, a tamper detection circuit 106 has to be enabled to detect any tamper attempt to read or compromise the secure memory 104. Therefore, even when the secure device 100 does not actively process any transaction in the idle state, battery power must be sustained to drive the secure memory 104 and the corresponding tamper detection circuit 106.
"A long battery life is required to accommodate storage, shipping and potentially harsh storage/shipping conditions. These financial terminals could spend a long period of time sitting on warehouse shelves prior to being deployed to an end customer. Some terminals are mainly provided in lease arrangements where the terminals have to be disconnected for an unspecified period of time and transferred among customers and warehouses at different locations. During the course of storage or transportation, the secure volatile memory 104 and the tamper detection circuit 106 actively drain the battery 102. Sometimes, storage conditions may be harsh at a high temperature, accelerating battery consumption even more. The battery may be depleted before the financial terminals are delivered to their customers and plugged in to an external power source (for example, mains or a larger rechargeable battery). To address these concerns, battery life has to be extended by increasing the battery capacity to accommodate the unpredictable shelf time and conditions.
"In the idle state, the battery-backed secure memory 104 consumes much more power than the tamper detection circuit 106 or the RTC 108. The tamper detection circuit 106 is controlled to sample intermittently, reducing overall power consumption. Despite its large consumption, the RTC 108 may be disabled during storage or shipment. However, the battery-backed secure memory 104 has to be constantly sustained by the battery power. As the silicon process feature size shrinks and the processing speed increases, significant increases are overseen in dynamic power consumption and leakage current of the secure memory 104. The limited capacity of the battery may quickly be depleted by this secure memory 104.
"Batteries used in financial terminals are typically coin cells, such as CR2450. Unfortunately, a rechargeable battery is not desirable for this application, because it cannot support a shelf life of several years. Once the battery is completely drained, a financial terminal has to be returned to the manufacturer to be reworked or scrapped. Therefore, a need exists to extend the battery life."
In addition to obtaining background information on this patent, VerticalNews editors also obtained the inventors' summary information for this patent: "Various embodiments of the present invention relate to a secure device, and more particularly, to systems, devices and methods of reducing power consumption of the secure device by limiting the amount of secure volatile memory that needs to be constantly supplied by a battery. In a transport power mode, sensitive data in a volatile memory is backed up in an encrypted format within a non-volatile memory, such that none or only a small area of the secure volatile memory has to be retained and powered by the battery for preserving cryptographic keys that are used to recover the sensitive data.
"One aspect of the invention is a secure device that comprises a key generator, an encryption engine, a volatile memory and a non-volatile memory. The volatile memory is segmented to a non-retained volatile memory and a retained volatile memory, both requiring power for data storage. When the secure device relies on the battery to provide power in a transport power mode, a sensitive data stored in the non-retained volatile memory is encrypted using an encryption key stored in the retained volatile memory. The encrypted sensitive data is backed up in the non-volatile memory, and only the retained volatile memory has to be supplied by a battery in this transport power mode.
"One aspect of the invention is a method of securely preserving sensitive data in a transport power mode. An external power source is decoupled and replaced with a battery. An encryption key is stored in a retained volatile memory and used to encrypt the sensitive data based on the encryption key. The sensitive data is originally stored in a non-retained volatile memory that also requires power for data storage, and further backed up in an encrypted format within a non-volatile memory. Hence, the battery may be decoupled from the non-retained volatile memory, and battery life is increased by not supplying both non-retained and retained volatile memory.
"One aspect of the invention is another method of securely preserving a sensitive data in a transport power mode. As a power supply is decoupled and replaced with a battery, an encryption key is generated based on inherent differences among a plurality of physically uncloneable elements. This encryption key is used to encrypt the sensitive data for backup in a non-volatile memory. The battery may be decoupled from the volatile memory, and power is preserved in this transport power mode.
"Certain features and advantages of the present invention have been generally described in this summary section; however, additional features, advantages, and embodiments are presented herein or will be apparent to one of ordinary skill in the art in view of the drawings, specification, and claims hereof. Accordingly, it should be understood that the scope of the invention shall not be limited by the particular embodiments disclosed in this summary section."
For more information, see this patent: Ardis,
Keywords for this news article include: Information Technology, Information and Cryptography, Information and
Our reports deliver fact-based news of research and discoveries from around the world. Copyright 2014, NewsRx LLC
Most Popular Stories
- Chobani Counters Competition With Expanded Lineup
- Reid: Bundy Backers Are 'Domestic Terrorists'
- Ex-BP Employee Settles Insider Trading Charges
- Venture Investments in U.S. Highest Since 2001
- Colo. Cleantech Program Calls for Entrepreneurs
- Unemployment Rates Down, Job Gains Up in March
- Hiring Fair for Veterans, Job Seekers
- Recordings Reveal a Not-So-Nice Martinez: Editorial
- VW Beetle Marks 65th Year in U.S.
- The Biebs Crashes Drake's Release Party