WO2002050639A1 - Integrated circuit comprising a circuit for encrypting data recorded in a volatile storage area - Google Patents

Integrated circuit comprising a circuit for encrypting data recorded in a volatile storage area Download PDF

Info

Publication number
WO2002050639A1
WO2002050639A1 PCT/FR2001/004073 FR0104073W WO0250639A1 WO 2002050639 A1 WO2002050639 A1 WO 2002050639A1 FR 0104073 W FR0104073 W FR 0104073W WO 0250639 A1 WO0250639 A1 WO 0250639A1
Authority
WO
WIPO (PCT)
Prior art keywords
integrated circuit
circuit
key
data bus
data
Prior art date
Application number
PCT/FR2001/004073
Other languages
French (fr)
Inventor
Sylvie Wuidart
Original Assignee
Stmicroelectronics Sa
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Stmicroelectronics Sa filed Critical Stmicroelectronics Sa
Publication of WO2002050639A1 publication Critical patent/WO2002050639A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/78Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
    • G06F21/79Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data in semiconductor storage media, e.g. directly-addressable memories
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/82Protecting input, output or interconnection devices
    • G06F21/85Protecting input, output or interconnection devices interconnection devices, e.g. bus-connected or in-line devices

Definitions

  • the present invention relates to an integrated circuit comprising a volatile memory area, the content of which has a determined value after resetting the integrated circuit, the volatile memory area being connected to a data bus by means of a scrambling circuit ensuring the coding of the data recorded in the memory zone and the decoding of the data read in the memory zone, the coding of the data being at least a function of a key applied to the scrambling circuit.
  • FIG. 1 schematically represents an integrated circuit of the aforementioned type, here forming an MPI microprocessor (or microcontroller).
  • the integrated circuit comprises a central processing unit CPU, a PMEM program memory, for example an electrically erasable programmable FLASH memory, and a volatile DTMEM memory, generally a RAM type memory, intended to save temporary data during a session. These elements are connected by a common DTB data bus.
  • a JMCT scrambling circuit is arranged between the DTB data bus and the data input / output of the DTMEM memory. This scrambling circuit comprises a WJM part which ensures the coding of data when they are written to the DTMEM memory, and an RJM part which ensures the decoding of the data when they are read from the DTMEM memory and their application on the data bus.
  • the JMCT circuit receives a fixed key Ks as well as, preferably, additional data DTsup taken at various points of the integrated circuit MPI (at the designer 's choice).
  • the fixed key Ks has a determined number of bits, for example 8, 16 or 32 bits.
  • the scrambling circuit is generally a wired logic circuit of a fairly simple structure, comprising for example Exclusive OR gates arranged to mix the bits of the DTin data with the bits of the key Ks and the bits of the DTsup data.
  • Such a scrambling circuit generally offers good security against fraudulent reading of the data stored in the DTMEM memory during a session.
  • a jamming circuit has a weakness in terms of security, which appears when the integrated circuit MPI starts, after a RESET reset signal has been applied to the CPU and to the DTMEM memory. In fact, in this case, the entire content of the DTMEM memory is erased and each memory cell has an identical value, for example the value "0".
  • the RJM part of the scrambling circuit delivers on the data bus DTB decoded data DTout 'which are equal to the transformation of the constant data by the inverse function of the scrambling function . If for example the constant data is equal to "0", the data DTout 'is of the following form:
  • reading the data DTout 'can make it possible to discover the inverse function F "1 of the scrambling function F and therefore make it possible to discover the scrambling function itself and the secret key Ks.
  • a known solution to overcome this drawback consists in modifying the structure of the memory cells of the DTMEM memory so that they have a different content, one relative to the other, after application of the reset signal. Thus, some cells are found at "1" and others at "0".
  • this solution makes the memory architecture more complex due to the differentiation of each memory cell.
  • the content of the memory is always the same after each reset.
  • the present invention aims to overcome this drawback.
  • the present invention relates to a means of protection against hacking of an interference circuit associated with a volatile memory area having a constant content after each reset.
  • an integrated circuit comprising a volatile memory area whose content has a determined value after resetting the integrated circuit, the volatile memory area being connected to a data bus by means of a scrambling circuit ensuring the coding of the data recorded in the memory zone and the decoding of the data read in the memory zone, the coding of the data being at least a function of a key applied to the scrambling circuit, in which the key applied to the circuit jamming is a random key issued by a random signal generator arranged to change the value of the key at least each new reset of the integrated circuit.
  • the random key delivered by the random signal generator is stored in a register via the bus. data, the output of the register being applied to the jamming circuit.
  • the output of the random signal generator is connected directly to the scrambling circuit, so that the random key is applied to the scrambling circuit without passing through the data bus.
  • the volatile memory area is a RAM memory. According to one embodiment, the volatile memory area is a bank of registers.
  • the integrated circuit comprises a RAM memory, a register bank, a first scrambling circuit arranged between the RAM memory and the data bus, and a second scrambling circuit arranged between the register bank and the bus of data .
  • the first random signal generator at its output directly connected to the first scrambling circuit without passing through the data bus
  • the second random signal generator at its output connected directly to the second scrambling circuit without passing through the data bus.
  • the integrated circuit comprises a central processing unit and forms a microprocessor.
  • the integrated circuit is arranged on a potable support to form a smart card or any other equivalent portable electronic object.
  • FIG. 4 shows another embodiment of an integrated circuit according to the invention.
  • FIG. 2 schematically represents an integrated circuit according to the invention, here a microprocessor MP2 comprising a program memory of the ROM or FLASH type and a DTMEM data memory of the RAM type connected to a DTB data bus.
  • MP2 a microprocessor MP2 comprising a program memory of the ROM or FLASH type and a DTMEM data memory of the RAM type connected to a DTB data bus.
  • the volatile memory DTMEM is connected to the data bus via a conventional jamming circuit JMCT, comprising a coder part JM for writing into the memory and a decoder part RJM for reading the memory.
  • the WJM coder part is active when a WRITE write signal is applied to the memory and the RJM decoder part is active when a READ read signal is applied to the memory.
  • the jamming circuit JMCT receives on an input a jamming key Ks.
  • the jamming circuit JMCT also receives additional interference data DTsup taken from various points of the microprocessor.
  • the jamming key Ks is delivered by a random signal generator RGEN, the output of which is connected to the data bus.
  • RGEN random signal generator
  • the CPU unit After each start of the microprocessor, when an internal or external RESET reset signal has been applied to the CPU unit and to the DTMEM memory, the CPU unit applies to the generator RGEN a signal LTCH causing the emission, at the output of the RGEN generator, of a new key Ks.
  • the new key Ks is stored in a KREG register accessible for writing from the data bus, the output is directly connected to the JMCT jamming circuit.
  • FIG. 3 represents an embodiment of an MP3 microprocessor according to the invention offering a higher degree of security.
  • the output of the RGEN generator is connected directly to the JMCT jamming circuit, without passing through the DTB data bus.
  • the signal LTCH applied to the generator RGEN to trigger the emission of a new key Ks is preferably generated in a hardware manner by the CPU unit so that it cannot be inhibited by manipulation of the operating system of the CPU unit .
  • a specific hardware circuit can also be provided to trigger the RGEN circuit after a reset of the microprocessor.
  • a microprocessor MP4 further comprises a bank of registers RBANK connected to the data bus DTB.
  • This register bank is also formed by volatile memory cells and is equipped with its own JMCT 'jamming circuit arranged between the data bus and its input / output.
  • the key Ks' applied to the second jamming circuit JMCT ' is generated by a second random signal generator RGEN', the output of which is connected here directly to the jamming circuit, without going through the data bus. So, each jamming circuit JMCT, JMCT 'has its own secret key Ks, Ks' which changes value with each new session.
  • the present invention is also susceptible of various applications.
  • the main application aimed here consists in the production of a secure microprocessor intended to be incorporated into a portable object such as a plastic card, to form a smart card or any other portable electronic secure object, for example an electronic label, a badge Access control electronics, etc.
  • the present invention is generally applicable to any type of secure integrated circuit provided with a "volatile memory area capable of containing data the confidentiality of which must be preserved.

Abstract

The invention concerns an integrated circuit (MP2) comprising a volatile storage area (DTMEM) whereof the content has a specific value after the integrated circuit has been reset, the volatile storage area being connected to a data bus (DTB) via an encryption circuit (JMCT) coding data recorded in the storage area and decoding data read in the storage area, the data being coded at least in accordance with a key (Ks) applied to the encryption circuit. The invention is characterised in that the key applied to the encryption circuit is a random key delivered by a random signal generator (RGEN) designed to modify the value of the key at least each time the integrated circuit is reset.

Description

CIRCUIT INTEGRE COMPRENANT UN CIRCUIT DE BROUILLAGE DE DONNEES ENREGISTREES DANS UNE ZONE MEMOIRE VOLATILE INTEGRATED CIRCUIT COMPRISING A INTERFERENCE CIRCUIT OF DATA RECORDED IN A VOLATILE MEMORY AREA
La présente invention concerne un circuit intégré comprenant une zone mémoire volatile dont le contenu présente une valeur déterminée après une remise à zéro du circuit intégré, la zone mémoire volatile étant connectée à un bus de données par l'intermédiaire d'un circuit de brouillage assurant le codage des données enregistrées dans la zone mémoire et le décodage des données lues dans la zone mémoire, le codage des données étant au moins fonction d'une clé appliquée au circuit de brouillage. La figure 1 représente schématiquement un circuit intégré du type précité, formant ici un microprocesseur MPI (ou microcontrôleur) . Le circuit intégré comprend une unité centrale CPU, une mémoire programme PMEM, par exemple une mémoire FLASH programmable et effaçable électriquement, et une mémoire volatile DTMEM, généralement une mémoire de type RAM, prévue pour sauvegarder des données temporaires pendant une session. Ces éléments sont connectés par un bus de données commun DTB. Un circuit de brouillage JMCT est agencé entre le bus de données DTB et l'entrée/sortie de données de - la mémoire DTMEM. Ce circuit de brouillage comprend une partie WJM qui assure le codage de données lors de leur écriture dans la mémoire DTMEM, et une partie RJM qui assure le décodage des données lors de leur lecture dans la mémoire DTMEM et leur application sur le bus de données. Pour coder des données DTin à enregistrer dans la mémoire DTMEM, le circuit JMCT reçoit une clé fixe Ks ainsi que, de préférence, des données supplémentaires DTsup prélevées en divers points du circuit intégré MPI (au choix du concepteur) . Les données codées DTout délivrées par le circuit JMCT sont du type : DTout = F (DTin, Ks , DTsup )The present invention relates to an integrated circuit comprising a volatile memory area, the content of which has a determined value after resetting the integrated circuit, the volatile memory area being connected to a data bus by means of a scrambling circuit ensuring the coding of the data recorded in the memory zone and the decoding of the data read in the memory zone, the coding of the data being at least a function of a key applied to the scrambling circuit. FIG. 1 schematically represents an integrated circuit of the aforementioned type, here forming an MPI microprocessor (or microcontroller). The integrated circuit comprises a central processing unit CPU, a PMEM program memory, for example an electrically erasable programmable FLASH memory, and a volatile DTMEM memory, generally a RAM type memory, intended to save temporary data during a session. These elements are connected by a common DTB data bus. A JMCT scrambling circuit is arranged between the DTB data bus and the data input / output of the DTMEM memory. This scrambling circuit comprises a WJM part which ensures the coding of data when they are written to the DTMEM memory, and an RJM part which ensures the decoding of the data when they are read from the DTMEM memory and their application on the data bus. To encode DTin data to be recorded in the DTMEM memory, the JMCT circuit receives a fixed key Ks as well as, preferably, additional data DTsup taken at various points of the integrated circuit MPI (at the designer 's choice). The coded data DTout delivered by the JMCT circuit are of the type: DTout = F (DTin, Ks, DTsup)
F étant la fonction de brouillage réalisée par le circuit JMCT. La clé fixe Ks présente un nombre de bits déterminé, par exemple 8, 16 ou 32 bits. Le circuit de brouillage est généralement un circuit à logique câblée d'une structure assez simple, comprenant par exemple des portes OU Exclusif agencées pour mélanger les bits des données DTin avec les bits de la clé Ks et les bits des données DTsup.F being the scrambling function performed by the JMCT circuit. The fixed key Ks has a determined number of bits, for example 8, 16 or 32 bits. The scrambling circuit is generally a wired logic circuit of a fairly simple structure, comprising for example Exclusive OR gates arranged to mix the bits of the DTin data with the bits of the key Ks and the bits of the DTsup data.
Un tel circuit de brouillage offre généralement une bonne sécurité contre la lecture frauduleuse des données stockées dans la mémoire DTMEM au cours d'une session. Un tel circuit de brouillage présente toutefois une faiblesse au plan de la sécurité, qui apparaît au moment du démarrage du circuit intégré MPI, après qu'un signal de remise à zéro RESET a été appliqué à l'unité CPU et à la mémoire DTMEM. En effet, dans ce cas, tout le contenu de la mémoire DTMEM est effacé et chaque cellule mémoire présente une valeur identique, par exemple la valeur "0".Such a scrambling circuit generally offers good security against fraudulent reading of the data stored in the DTMEM memory during a session. However, such a jamming circuit has a weakness in terms of security, which appears when the integrated circuit MPI starts, after a RESET reset signal has been applied to the CPU and to the DTMEM memory. In fact, in this case, the entire content of the DTMEM memory is erased and each memory cell has an identical value, for example the value "0".
Ainsi, il existe un risque qu'un fraudeur prenne le contrôle de l'unité CPU au commencement d'une cession, après la remise à zéro du microprocesseur, et procède à une lecture complète de tout le contenu de la mémoire . Le contenu de la mémoire étant connu après une remise à zéro, la partie RJM du circuit de brouillage délivre sur le bus de données DTB des données décodées DTout ' qui sont égales à la transformée des données constantes par la fonction inverse de la fonction de brouillage. Si par exemple les données constantes sont égales à "0", les données DTout' sont de la forme suivante:Thus, there is a risk that a fraudster will take control of the CPU unit at the beginning of an assignment, after the reset of the microprocessor, and proceed to a complete reading of all the contents of the memory. The content of the memory being known after a reset, the RJM part of the scrambling circuit delivers on the data bus DTB decoded data DTout 'which are equal to the transformation of the constant data by the inverse function of the scrambling function . If for example the constant data is equal to "0", the data DTout 'is of the following form:
DTout' = F"1 (0, Ks, DTsup)DTout '= F "1 (0, Ks, DTsup)
Dans ce cas, la lecture des données DTout' peut permettre de découvrir la fonction inverse F"1 de la fonction de brouillage F et permettre par conséquent de découvrir la fonction de brouillage elle-même et la clé secrète Ks .In this case, reading the data DTout 'can make it possible to discover the inverse function F "1 of the scrambling function F and therefore make it possible to discover the scrambling function itself and the secret key Ks.
Une solution connue pour pallier cet inconvénient consiste à modifier la structure des cellules mémoire de la mémoire DTMEM de manière que celles-ci présentent un contenu différent, l'une relativement à l'autre, après application du signal de remise à zéro. Ainsi, certaines cellules se retrouvent à "1" et d'autres à "0". Toutefois, cette solution rend l'architecture de la mémoire plus complexe en raison de la différenciation de chaque cellule mémoire. En outre, malgré la différenciation des valeurs par défaut dans les cellules mémoire après remise à zéro, le contenu de la mémoire est toujours identique après chaque remise à zéro. La présente invention vise à pallier cet inconvénient.A known solution to overcome this drawback consists in modifying the structure of the memory cells of the DTMEM memory so that they have a different content, one relative to the other, after application of the reset signal. Thus, some cells are found at "1" and others at "0". However, this solution makes the memory architecture more complex due to the differentiation of each memory cell. In addition, despite the differentiation of the default values in the memory cells after reset, the content of the memory is always the same after each reset. The present invention aims to overcome this drawback.
Plus particulièrement, la présente invention vise un moyen de protection contre le piratage d'un circuit de brouillage associé à une zone mémoire volatile présentant un contenu constant après chaque remise à zéro.More particularly, the present invention relates to a means of protection against hacking of an interference circuit associated with a volatile memory area having a constant content after each reset.
Cet objectif est atteint par la prévision d'un circuit intégré comprenant une zone mémoire volatile dont le contenu présente une valeur déterminée après une remise à zéro du circuit intégré, la zone mémoire volatile étant connectée à un bus de données par l'intermédiaire d'un circuit de brouillage assurant le codage des données enregistrées dans la zone mémoire et le décodage des données lues dans la zone mémoire, le codage des données étant au moins fonction d'une clé appliquée au circuit de brouillage, dans lequel la clé appliquée au circuit de brouillage est une clé aléatoire délivrée par un générateur de signal aléatoire agencé pour changer la valeur de la clé au moins à chaque nouvelle remise à zéro du circuit intégré. Selon un mode de réalisation, la clé aléatoire délivrée par le générateur de signal aléatoire est stockée dans un registre par 1 ' intermédiaire du bus de données, la sortie du registre étant appliquée au circuit de brouillage.This objective is achieved by providing an integrated circuit comprising a volatile memory area whose content has a determined value after resetting the integrated circuit, the volatile memory area being connected to a data bus by means of a scrambling circuit ensuring the coding of the data recorded in the memory zone and the decoding of the data read in the memory zone, the coding of the data being at least a function of a key applied to the scrambling circuit, in which the key applied to the circuit jamming is a random key issued by a random signal generator arranged to change the value of the key at least each new reset of the integrated circuit. According to one embodiment, the random key delivered by the random signal generator is stored in a register via the bus. data, the output of the register being applied to the jamming circuit.
Selon un mode de réalisation, la sortie du générateur de signal aléatoire est reliée directement au circuit de brouillage, de telle manière que la clé aléatoire est appliquée au circuit de brouillage sans passer par le bus de données.According to one embodiment, the output of the random signal generator is connected directly to the scrambling circuit, so that the random key is applied to the scrambling circuit without passing through the data bus.
Selon un mode de réalisation, la zone mémoire volatile est une mémoire RAM. Selon un mode de réalisation, la zone mémoire volatile est une banque de registres.According to one embodiment, the volatile memory area is a RAM memory. According to one embodiment, the volatile memory area is a bank of registers.
Selon un mode de réalisation, le circuit intégré comprend une mémoire RAM, une banque de registres, un premier circuit de brouillage agencé entre la mémoire RAM et le bus de données, et un second circuit de brouillage agencé entre la banque de registres et le bus de données . Selon un mode de réalisation, le premier générateur de signal aléatoire a sa sortie reliée directement au premier circuit de brouillage sans passer par le bus de données, et le second générateur de signal aléatoire a sa sortie reliée directement au second circuit de brouillage sans passer par le bus de données.According to one embodiment, the integrated circuit comprises a RAM memory, a register bank, a first scrambling circuit arranged between the RAM memory and the data bus, and a second scrambling circuit arranged between the register bank and the bus of data . According to one embodiment, the first random signal generator at its output directly connected to the first scrambling circuit without passing through the data bus, and the second random signal generator at its output connected directly to the second scrambling circuit without passing through the data bus.
Selon un mode de réalisation, le circuit intégré comprend une unité centrale de traitement et forme un microprocesseur.According to one embodiment, the integrated circuit comprises a central processing unit and forms a microprocessor.
Selon un mode de réalisation, le circuit intégré est agencé sur un support potable pour former une carte à puce ou tout autre objet portatif électronique équivalent . Ces objets, caractéristiques et avantages ainsi que d'autres de la présente invention seront exposés plus en détail dans la description suivante d'exemples de réalisation d'un circuit intégré selon l'invention, faite en relation avec les figures jointes parmi lesquelles : - la figure 1 précédemment décrite représente un circuit intégré comprenant un circuit de brouillage classique agencé à l'entrée d'une zone mémoire volatile, - la figure 2 représente schématiquement un exemple de réalisation d'un circuit intégré selon l'invention comprenant un circuit de brouillage protégé contre le piratage, - la figure 3 représente un autre exemple de réalisation d'un circuit intégré selon l'invention, etAccording to one embodiment, the integrated circuit is arranged on a potable support to form a smart card or any other equivalent portable electronic object. These objects, characteristics and advantages as well as others of the present invention will be explained in more detail in the following description of exemplary embodiments of an integrated circuit according to the invention, made in relation to the attached figures among which: - FIG. 1 previously described represents an integrated circuit comprising a conventional jamming circuit arranged at the input of a volatile memory area, FIG. 2 schematically represents an exemplary embodiment of an integrated circuit according to the invention comprising a jamming circuit protected against piracy, FIG. 3 represents another exemplary embodiment of an integrated circuit according to the invention, and
- la figure 4 représente un autre exemple de réalisation d'un circuit intégré selon l'invention.- Figure 4 shows another embodiment of an integrated circuit according to the invention.
La figure 2 représente schématiquement un circuit intégré selon l'invention, ici un microprocesseur MP2 comprenant une mémoire programme de type ROM ou FLASH et une mémoire de données DTMEM de type RAM connectée à un bus de données DTB .FIG. 2 schematically represents an integrated circuit according to the invention, here a microprocessor MP2 comprising a program memory of the ROM or FLASH type and a DTMEM data memory of the RAM type connected to a DTB data bus.
La mémoire volatile DTMEM est connectée au bus de données par l'intermédiaire d'un circuit de brouillage classique JMCT, comprenant une partie codeuse JM pour l'écriture dans la mémoire et une partie decodeuse RJM pour la lecture de la mémoire. La partie codeuse WJM est active lorsqu'un signal d'écriture WRITE est appliqué à la mémoire et la partie decodeuse RJM est active lorsqu'un signal de lecture READ est appliqué à la mémoire. Le circuit de brouillage JMCT reçoit sur une entrée une clé de brouillage Ks . Optionnellement mais avantageusement, le circuit de brouillage JMCT reçoit également des données supplémentaires de brouillage DTsup prélevées en divers points du microprocesseur.The volatile memory DTMEM is connected to the data bus via a conventional jamming circuit JMCT, comprising a coder part JM for writing into the memory and a decoder part RJM for reading the memory. The WJM coder part is active when a WRITE write signal is applied to the memory and the RJM decoder part is active when a READ read signal is applied to the memory. The jamming circuit JMCT receives on an input a jamming key Ks. Optionally but advantageously, the jamming circuit JMCT also receives additional interference data DTsup taken from various points of the microprocessor.
Selon l'invention, la clé de brouillage Ks est délivrée par un générateur de signal aléatoire RGEN dont la sortie est connectée au bus de données. Après chaque démarrage du microprocesseur, lorsqu'un signal de remise à zéro RESET interne ou externe a été appliqué à l'unité CPU et à la mémoire DTMEM, l'unité CPU applique au générateur RGEN un signal LTCH provoquant l'émission, à la sortie du générateur RGEN, d'une nouvelle clé Ks . La nouvelle clé Ks est stockée dans un registre KREG accessible en écriture depuis le bus de données, dont la sortie est directement reliée au circuit de brouillage JMCT.According to the invention, the jamming key Ks is delivered by a random signal generator RGEN, the output of which is connected to the data bus. After each start of the microprocessor, when an internal or external RESET reset signal has been applied to the CPU unit and to the DTMEM memory, the CPU unit applies to the generator RGEN a signal LTCH causing the emission, at the output of the RGEN generator, of a new key Ks. The new key Ks is stored in a KREG register accessible for writing from the data bus, the output is directly connected to the JMCT jamming circuit.
Ainsi, si un fraudeur prend le contrôle de l'unité CPU au moyen d'un programme frauduleux après remise à zéro du microprocesseur, lit tout le contenu de la mémoire DTMEM et parvient à décoder la clé Ks, cette clé ne sera pas utilisable par la suite. En effet, lorsque le fraudeur relancera une nouvelle session au moyen d'un programme application prévu dans la mémoire PMEM et cherchera à décoder les données stockées dans la mémoire DTMEM par le programme application, la clé Ks ne sera plus la même .Thus, if a fraudster takes control of the CPU unit by means of a fraudulent program after resetting the microprocessor to zero, reads the entire content of the DTMEM memory and manages to decode the key Ks, this key will not be usable by the following. In fact, when the fraudster will restart a new session by means of an application program provided in the PMEM memory and will seek to decode the data stored in the DTMEM memory by the application program, the key Ks will no longer be the same.
La figure 3 représente un mode de réalisation d'un microprocesseur MP3 selon 1 ' invention offrant un degré de sécurité plus élevé. Ici, la sortie du générateur RGEN est reliée directement au circuit de brouillage JMCT, sans passer par le bus de données DTB. Ainsi, la nouvelle clé Ks délivrée à chaque nouvelle session ne circule pas en clair sur le bus de données DTB. Le signal LTCH appliqué au générateur RGEN pour déclencher l'émission d'une nouvelle clé Ks, est de préférence généré de façon hardware par l'unité CPU afin de ne pouvoir être inhibé par une manipulation du système d'exploitation de l'unité CPU. Un circuit hardware spécifique peut également être prévu pour déclencher le circuit RGEN après une remise à zéro du microprocesseur.FIG. 3 represents an embodiment of an MP3 microprocessor according to the invention offering a higher degree of security. Here, the output of the RGEN generator is connected directly to the JMCT jamming circuit, without passing through the DTB data bus. Thus, the new key Ks issued at each new session does not circulate in clear on the data bus DTB. The signal LTCH applied to the generator RGEN to trigger the emission of a new key Ks, is preferably generated in a hardware manner by the CPU unit so that it cannot be inhibited by manipulation of the operating system of the CPU unit . A specific hardware circuit can also be provided to trigger the RGEN circuit after a reset of the microprocessor.
Dans le mode de réalisation représenté en figure 4, un microprocesseur MP4 selon 1 ' invention comprend en outre une banque de registres RBANK connectée au bus de données DTB. Cette banque de registres est également formée par des cellules mémoire volatiles et est équipée de son propre circuit de brouillage JMCT' agencé entre le bus de données et son entrée/sortie. La clé Ks ' appliquée au second circuit de brouillage JMCT' est générée par un second générateur de signal aléatoire RGEN' dont la sortie est reliée ici directement au circuit de brouillage, sans passer par le bus de données. Ainsi, chaque circuit de brouillage JMCT, JMCT' dispose de sa propre clé secrète Ks, Ks ' qui change de valeur à chaque nouvelle session.In the embodiment represented in FIG. 4, a microprocessor MP4 according to the invention further comprises a bank of registers RBANK connected to the data bus DTB. This register bank is also formed by volatile memory cells and is equipped with its own JMCT 'jamming circuit arranged between the data bus and its input / output. The key Ks' applied to the second jamming circuit JMCT 'is generated by a second random signal generator RGEN', the output of which is connected here directly to the jamming circuit, without going through the data bus. So, each jamming circuit JMCT, JMCT 'has its own secret key Ks, Ks' which changes value with each new session.
Il apparaîtra clairement à l'homme de l'art que la présente invention est susceptible de diverses variantes de réalisation. Notamment, en figure 4, un générateur de signal aléatoire commun aux deux circuits de brouillage pourrait être prévu. Par ailleurs, d'autres circuits de brouillage peuvent être prévus en d'autres points du microprocesseur, par exemple entre le bus de données et la mémoire programme PMEM.It will be clear to those skilled in the art that the present invention is capable of various variant embodiments. In particular, in FIG. 4, a random signal generator common to the two scrambling circuits could be provided. Furthermore, other scrambling circuits can be provided at other points of the microprocessor, for example between the data bus and the PMEM program memory.
La présente invention est également susceptible de diverses applications. L'application principale visée ici consiste dans la réalisation d'un microprocesseur sécurisé destiné à être incorporé dans un objet portable tel une carte plastique, pour former une carte à puce ou tout autre objet portatif électronique sécurisé, par exemple une étiquette électronique, un badge électronique de contrôle d'accès, etc.. Toutefois, la présente invention est applicable de façon générale à tout type de circuit intégré sécurisé pourvu d'une" zone mémoire volatile susceptible de contenir des données dont la confidentialité doit être préservée. The present invention is also susceptible of various applications. The main application aimed here consists in the production of a secure microprocessor intended to be incorporated into a portable object such as a plastic card, to form a smart card or any other portable electronic secure object, for example an electronic label, a badge Access control electronics, etc. However, the present invention is generally applicable to any type of secure integrated circuit provided with a "volatile memory area capable of containing data the confidentiality of which must be preserved.

Claims

REVENDICATIONS
1. Circuit intégré (MP2, MP3 , MP4) comprenant une zone mémoire volatile (DTMEM, REGBANK) dont le contenu présente une valeur déterminée après une remise à zéro du circuit intégré, la zone mémoire volatile étant connectée à un bus de données (DTB) par l'intermédiaire d'un circuit de brouillage (JMCT, JMCT') assurant le codage des données enregistrées dans la zone mémoire et le décodage des données lues dans la zone mémoire, le codage des données étant au moins fonction d'une clé (Ks, Ks ' ) appliquée au circuit de brouillage, caractérisé en ce que la clé appliquée au circuit de brouillage est une clé aléatoire délivrée par un générateur de signal aléatoire (RGEN, RGEN') agencé pour changer la valeur de la clé au moins à chaque nouvelle remise à zéro du circuit intégré.1. Integrated circuit (MP2, MP3, MP4) comprising a volatile memory area (DTMEM, REGBANK) whose content has a determined value after resetting the integrated circuit, the volatile memory area being connected to a data bus (DTB ) by means of a scrambling circuit (JMCT, JMCT ') ensuring the coding of the data recorded in the memory zone and the decoding of the data read in the memory zone, the coding of the data being at least a function of a key (Ks, Ks ') applied to the jamming circuit, characterized in that the key applied to the jamming circuit is a random key delivered by a random signal generator (RGEN, RGEN') arranged to change the value of the key at least each time the integrated circuit is reset to zero.
2. Circuit intégré selon la revendication 1, dans lequel la clé aléatoire délivrée par le générateur de signal aléatoire est stockée dans un registre (KREG) par l'intermédiaire du bus de données (DTB), la sortie du registre étant appliquée au circuit de brouillage.2. The integrated circuit as claimed in claim 1, in which the random key delivered by the random signal generator is stored in a register (KREG) via the data bus (DTB), the output of the register being applied to the interference.
3. Circuit intégré selon la revendication 1, dans lequel la sortie du générateur de signal aléatoire est reliée directement au circuit de brouillage, de telle manière que la clé aléatoire est appliquée au circuit de brouillage sans passer par le bus de données.The integrated circuit according to claim 1, wherein the output of the random signal generator is connected directly to the scrambling circuit, such that the random key is applied to the scrambling circuit without passing through the data bus.
4. Circuit intégré selon l'une des revendications 1 à 3, dans lequel la zone mémoire volatile est une mémoire4. Integrated circuit according to one of claims 1 to 3, in which the volatile memory area is a memory.
RAM (DTMEM) .RAM (DTMEM).
5. Circuit intégré selon l'une des revendications 1 à 3, dans lequel la zone mémoire volatile est une banque de registres (RBANK) . 5. Integrated circuit according to one of claims 1 to 3, wherein the volatile memory area is a register bank (RBANK).
6. Circuit intégré selon l'une des revendications 4 et 5, comprenant une mémoire RAM (DTMEM), une banque de registres (RBANK) , un premier circuit de brouillage (JMCT) agencé entre la mémoire RAM et le bus de données, et un second circuit de brouillage (JMCT') agencé entre la banque de registres et le bus de données .6. Integrated circuit according to one of claims 4 and 5, comprising a RAM memory (DTMEM), a register bank (RBANK), a first scrambling circuit (JMCT) arranged between the RAM memory and the data bus, and a second scrambling circuit (JMCT ') arranged between the register bank and the data bus.
7. Circuit intégré selon la revendication 6, dans lequel le premier générateur de signal aléatoire a sa sortie reliée directement au premier circuit de brouillage sans passer par le bus de données, et le second générateur de signal aléatoire a sa sortie reliée directement au second circuit de brouillage sans passer par le bus de données .7. The integrated circuit as claimed in claim 6, in which the first random signal generator has its output directly connected to the first scrambling circuit without passing through the data bus, and the second random signal generator has its output directly connected to the second circuit interference without going through the data bus.
8. Circuit intégré selon l'une des revendications 1 à 7, comprenant une unité centrale de traitement (CPU) et formant un microprocesseur.8. Integrated circuit according to one of claims 1 to 7, comprising a central processing unit (CPU) and forming a microprocessor.
9. Circuit intégré selon l'une des revendications 1 à 8 , agencé sur un support potable pour former un carte à puce ou tout autre objet portatif électronique équivalent . 9. Integrated circuit according to one of claims 1 to 8, arranged on a potable support to form a smart card or any other equivalent electronic portable object.
PCT/FR2001/004073 2000-12-21 2001-12-19 Integrated circuit comprising a circuit for encrypting data recorded in a volatile storage area WO2002050639A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
FR0016747A FR2818845B1 (en) 2000-12-21 2000-12-21 INTEGRATED CIRCUIT COMPRISING A INTERFERENCE CIRCUIT OF DATA RECORDED IN A VOLATILE MEMORY AREA
FR00/16747 2000-12-21

Publications (1)

Publication Number Publication Date
WO2002050639A1 true WO2002050639A1 (en) 2002-06-27

Family

ID=8857985

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/FR2001/004073 WO2002050639A1 (en) 2000-12-21 2001-12-19 Integrated circuit comprising a circuit for encrypting data recorded in a volatile storage area

Country Status (2)

Country Link
FR (1) FR2818845B1 (en)
WO (1) WO2002050639A1 (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2662796A3 (en) * 2008-06-24 2014-03-05 Nds Limited Security within integrated circuits

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5915025A (en) * 1996-01-17 1999-06-22 Fuji Xerox Co., Ltd. Data processing apparatus with software protecting functions
US6003135A (en) * 1997-06-04 1999-12-14 Spyrus, Inc. Modular security device

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5915025A (en) * 1996-01-17 1999-06-22 Fuji Xerox Co., Ltd. Data processing apparatus with software protecting functions
US6003135A (en) * 1997-06-04 1999-12-14 Spyrus, Inc. Modular security device

Also Published As

Publication number Publication date
FR2818845B1 (en) 2003-03-21
FR2818845A1 (en) 2002-06-28

Similar Documents

Publication Publication Date Title
EP0670063B1 (en) Synchronous smart card authentication and encryption circuit and method
FR2613856A1 (en) INFORMATION RECORDING SYSTEM
EP1247263A1 (en) Method for secure storage of sensitive data in a silicon chip integrated system storage, in particular a smart card, and integrated system therefor
EP1766588A2 (en) Security module component
EP3324327B1 (en) Storage in a non-volatile memory
EP0607133B1 (en) Memory card
EP1917598A2 (en) Method of configuring a memory space that is divided into memory areas
FR2656125A1 (en) METHOD FOR GENERATING A RANDOM NUMBER IN A DATA PROCESSING SYSTEM, AND SYSTEM EMPLOYING SUCH A METHOD.
EP1734536A1 (en) Memory protected against error injection attacks on memory cell selecting signals
FR2976147A1 (en) DATA INTERLACEMENT DIAGRAM FOR AN EXTERNAL MEMORY OF A SECURE MICROCONTROLLER
US6522607B1 (en) Recording device and method, decoding device and method, providing medium, and information recording medium
JP2003198529A (en) Regeneration of secret quantity from integrated circuit identifier
FR2801751A1 (en) Sensitive information processing electronic security component having peripheral/CPU word interchanges with key code generator secret key passing each clock cycle and interchange units encrypting/dencrypting words.
EP0735489A1 (en) Method of protecting zones of non-volatile memories
EP1108249A1 (en) Method for making secure a sensitive information processing in a monolithic security module, and associated security module
EP1055174B1 (en) Method for storing and operating data units in a security module and associated security module
WO2002050639A1 (en) Integrated circuit comprising a circuit for encrypting data recorded in a volatile storage area
EP1880387B1 (en) Device for protecting a memory against fault-injection attacks
EP2323067B1 (en) Secured method for processing content stored within a component and corresponding component
FR2808145A1 (en) DES checksum calculation procedure for electronic encryption, does not use parity is more secure
WO2002011081A1 (en) Data carrier comprising an optical memory
FR2820224A1 (en) DEVICE INCLUDING A CONTROL DEVICE AND A NON-VOLATILE MEMORY CONTAINING ENCODED DATA
FR2757654A1 (en) MEMORY WITH PROTECTED ZONES READING
FR2843506A1 (en) Universal calculation method for application to the points of an ellipse and for use in cryptography, wherein an elliptic curve is represented as a quadratic equation and identical programmed calculations are implemented
US7269745B2 (en) Methods and apparatus for composing an identification number

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): JP US

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR

121 Ep: the epo has been informed by wipo that ep was designated in this application
122 Ep: pct application non-entry in european phase
NENP Non-entry into the national phase

Ref country code: JP

WWW Wipo information: withdrawn in national office

Country of ref document: JP