CA2247475A1 - Method for ensuring the safety of a security module, and related security module - Google Patents
Method for ensuring the safety of a security module, and related security module Download PDFInfo
- Publication number
- CA2247475A1 CA2247475A1 CA002247475A CA2247475A CA2247475A1 CA 2247475 A1 CA2247475 A1 CA 2247475A1 CA 002247475 A CA002247475 A CA 002247475A CA 2247475 A CA2247475 A CA 2247475A CA 2247475 A1 CA2247475 A1 CA 2247475A1
- Authority
- CA
- Canada
- Prior art keywords
- sensitive operation
- interrupted
- execution
- sensitive
- attempts
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Abandoned
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F12/00—Accessing, addressing or allocating within memory systems or architectures
- G06F12/14—Protection against unauthorised use of memory or access to memory
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F7/00—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
- G07F7/08—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
- G07F7/10—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
- G07F7/1008—Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F12/00—Accessing, addressing or allocating within memory systems or architectures
- G06F12/14—Protection against unauthorised use of memory or access to memory
- G06F12/1458—Protection against unauthorised use of memory or access to memory by checking the subject access rights
- G06F12/1466—Key-lock mechanism
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/52—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
- G06F21/54—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by adding security routines or objects to programs
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/34—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
- G06Q20/341—Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F7/00—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
- G07F7/08—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
- G07F7/0806—Details of the card
- G07F7/0813—Specific details related to card security
- G07F7/082—Features insuring the integrity of the data on or in the card
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07F—COIN-FREED OR LIKE APPARATUS
- G07F7/00—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
- G07F7/08—Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
- G07F7/0806—Details of the card
- G07F7/0813—Specific details related to card security
- G07F7/0826—Embedded security module
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Business, Economics & Management (AREA)
- Computer Hardware Design (AREA)
- Microelectronics & Electronic Packaging (AREA)
- Computer Networks & Wireless Communication (AREA)
- Accounting & Taxation (AREA)
- Strategic Management (AREA)
- General Business, Economics & Management (AREA)
- Storage Device Security (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention concerns a method for ensuring the safety of a security module (8) designed for co-operating with a data processing device (1), said module being arranged for executing a set of operations including at least a sensitive operation (23). The invention is characterised in that the method comprises the following steps consisting in: executing, for each execution of the sensitive operation and upstream of it, a first sequence of supplementary operations (22) for activating signalling means and, downstream of said sensitive operation, a second set of supplementary operations (24) for deactivating said signalling means; verifying, for each execution of the sensitive operation and upstream of the first sequence of supplementary operations (22), whether the signalling means are deactivated; if the signalling means are activated, inhibiting the execution of the sensitive operation.
Description
CA 0224747~ 1998-08-20 1 . PROCESS FOR PROTEC~ING A SEC~TRITY MODULE, AND ASSOCIATED
4 The invention relates to a process for protecting a security module designed to cooperate with a data processing device, the 6 module comprising data processing means and data storage means 7 and being designed to execute a set of operations including at 8 least one sensitive operation. The term "sensitive operation"
9 means any operation whose execution has serious repercussions on:
- security in general: particularly in regard to any 11 operation intended to verify a person's authorization with 12 respect to access to certain information, services, or functions;
13 - the application involved in particular: particularly in 14 regard to any operation intended to define or modify certain parameters characterizing the fundamental rights and obligations 16 of a user with respect to this application (for example, for a 17 banking application, an operation intended to update an account 18 balance).
19 The term "security moduleU should be taken either in its classic sense, in which it designates a device in a communication 21 or information network intended to be held by an institution 22 supervising the network and to be stored so as to be protected by 23 secret and fundamental parameters of the network such as 24 cryptographic keys, or more simply, as designating a device allocated to various users of the network, enabling each of them 26 to have access to it, which latter device is also capable of 27 holding secret parameters. The security module could take the 28 ~orm of a portable object of the chip card type.
29 The object of the invention is to prevent any interruption of the sensitive operation in the process of being executed from 31 occurring, or at least to control the number of interruptions 32 that are capable of occurring. The invention relates particularly 33 to fraudulent interruptions, but does not exclude accidental 34 interruptions. The risk is that the operations intended to protect the execu~ion of the set of operations will not be 36 e~ecuted. For example, in the case of a program for testing a CA 0224747~ l998-08-20 1 confidential code presented by a user, there is an operation for 2 writing the result of the comparison, the purpose of which is to 3 limit the number of attempts authorized. If the defrauder 4 succeeds in stopping the program after the comparison but before S the writing of its result, he can repeat the operation a large 6 number of times, presenting a new confidential code, and may 7 possibly benefit from observing the electrical signals present in 8 the terminals of the security module, signals that are 9 practically alway~ affected by the nature of the calculation or the result. By storing a large number of such observations and 11 performing a statistical analysis, the defrauder may succeed in 12 identifying the user's correct confidential code.
13 According to the invention, this problem is solved by 14 providing measures which enable the security module to verify whether or not the sensitive operation or the previous sensitive 16 operations initiated have been executed in full, and if not, to 17 inh;hit the execution of the next sensitive operation.
18 More precisely, the process according to the invention 19 includes the steps comprised of:
- executing, at the time of each execution of the sensitive 21 operation and u~stream from the latter, a first supplementary 22 sequence of operations intended to activate signaling means, and 23 downstream from this sensitive operation, a second supplementary 24 sequence of operations intended to deactivate these signaling means;
26 - counting each interrupted attempt for which the sensitive 27 operation has been initiated but not executed, so that the 28 signaling means have been initially activated but not 29 subsequently deactivated, in order to define a number of interrupted attempts detected NRS;
31 - defining a number of interrupted attempts authorized NRSA;
32 - comparing, at the time of each execution of the sensitive 33 operation and upstream from the latter, this number of 34 interrupted attempts detected NRS to the number of interrupted attempts authorized NRSA; and CA 0224747~ 1998-08-20 1 - in the case where this number of interrupted attempts 2 detected NRS is greater than the number of interrupted attempts 3 authorized NRS~I inhibiting the execution of the sensitive 4 operation.
The invention also relates to a security module designed to 6 implement this process.
~ Other details and advantages of the present invention will 8 emerge from the following description of a preferred but non-9 limiting embodiment, in reference to the appended drawings in which:
11 Fig. 1 is the diagram of a security module for which the 12 invention is intended, which cooperates with a data processing 13 device;
14 Fig. 2 is a flow chart of the execution of a sensitive operation; and 16 Figs. 3a through 3c and 4a, 4b represent the state of a 17 counter of sequence breaks CRS at various instants during the 18 execution of one or more sensitive operations.
19 The data processing device 1 represented in Fig. 1 comprises, in a known way, a microprocessor 2 to which are 21 connected a ROM memory 3, a RAM memory 4, means 5 for cooperating 22 with a security module 8, and a tr~n~ sion interface 7 which 23 allows the data processing device to communicate with another 24 similar device, either directly or through a communications network.
26 The device 1 may or may not also be equipped with storage 27 means such as diskettes or removable disks, data entry means 28 ~such a~ a keyboard and/or a pointing device of the mouse type) 2~ and display means, which various means are not represented in Fig. 1.
31 The data processing device can also be constituted by any 32 data processing device installed at a private or public site and 33 capable of providing means for managing information or supplying 34 various goods or services, this device being permanently installed or portable. It can also be a telecommunications . ~ . .
CA 0224747~ 1998-08-20 1 device.
2 In addition, the security module 8 includes data processing 3 means 9, an associated non-volatile memory 10, and means 13 for 4 cooperating with the data processing device. This module is designed to define, in the memory 10, a secret area 11 in which 6 information, once stored, is inaccessible from outside the module 7 but accessible to the processing means 9, and a free area 12 8 which is accessible from outside the module for a reading and/or 9 writing of information. Each memory area can comprise a non-erasable ROM part and a part that is an erasable EPROM, EEPROM or 11 is constituted by a RAM memory of the "flash" type, that is, 12 having the characteristics of an EEPROM memory, but with access 13 times identical to those of a standard RAM. A volatile RAM
14 memory, not represented, is also provided.
lS In particular, it is possible to use as the security module 16 8 a microprocessor with a non-volatile self-programmable memory 17 like the one described in u.S. patent No. 4,382,279 in the name 18 of the Applicant. As indicated on page 1, lines 5 through 17 of 19 this patent, the self-programmable nature of the memory corresponds to the capability for a program fi located in this 21 memory to change another program fj, also located in this memory, 22 into a program gj. Although the means to be used to implement 23 this self-programming can vary depending on the technology used 24 to design the data processing means 9, it is noted that in the case where these processing means are constituted by a 26 microprocessor associated with a non-volatile memory and 27 according to the above-mentioned patent, these means can include:
28 - data and address buffers, associated with the memory;
29 - a program for writing in the memory, loaded into the latter and specifically cont~i n; ng the instructions that make it 31 possible to maintain the programming voltage of the memory, as 32 well as the data to be written and their addresses, for a 33 sufficient length of time, which write program may possibly be 34 replaced by a write controller with logic circuits.
In a variant, the microprocessor of the security module 8 is CA 0224747~ 1998-08-20 1 replaced -- or at least supplemented -- by logic circuits 2 installed in a semiconductor chip. In effect, circuits of this 3 ~ype are capable of performing calculations, particularly for 4 authentication and signature, because the electronics are hardwired, and not microprogrammed. In particular, they can be of 6 the ASIC (Application Specific Integrated Circuit) type. Examples 7 that may be cited are the SIEMENS component marketed under the 8 reference number SLE 4436 and the SGS-THOMSON component marketed 9 under the reference number ST 1335.
Advantageously, the security module 8 will be designed in 11 monolithic form on a single chip.
12 In a variant of the microprocessor with a non-volatile self-13 programmable memory described above, the protected nature of the 14 security module could result from its being located in an inviolable enclosure.
16 The signaling means mentioned above comprise at least one 17 ~equence break counter CRS designed to count sequence breaks 18 occurring during the execution of the sensitive operation, that 19 }s intervening in the step-by-step execution of this operation.
This counter is incorporated into the data processing means 9 of 21 the security module 8. According to the process of Fig. 2, two 22 reference numbers are distinguished, namely a number of sequence 23 breaks detected NRS and a number of sequence breaks authorized 24 NRS~' the first of which corresponds to the number of sequence breaks that have occurred in the e~ecution of a given sensitive 26 operation since a predetermined instant, and the second of which 27 corresponds to the maximum number of sequence breaks that can 28 occur without disabling the security module. Typically, the 29 instant from which the number of sequence breaks NRS is calculated corresponds to a first use of the security module by a 31 user for whom the latter is intended, the number NRS accounting 32 ~or any sequence break that has occurred from this instant up to 33 a predetermined date. The number of sequence breaks authorized 34 NRSA is determined by an authority so as to account for sequence breaks resulting not only from a fraudulent act, but from faulty CA 0224747~ 1998-08-20 1 operations of the security module, which can occur spontaneously 2 throughout its service life. Naturally, the NRS~ chosen must be 3 small, otherwise a defrauder would have the benefit of a 4 comfortable number of attempts to try to violate the security module. For example, NRSA will be less than 20, and particularly 6 less than 10.
7 At an input of the flow chart of the execution of the 8 sensitive operation, a first step 21 is comprised of verifying 9 whether the number of sequence breaks NRS is in fact less than or equal to the number of authorized sequence breaks NRSA- If not, it 11 proceeds to a sequence break executed in order to inhibit the 12 execution of the sensitive operation: this break can either be 13 ~inal in that it will prevent any subsequent execution of this 14 sensitive operation, or possibly even disable any further functioning of the security module no matter what the intended 16 operation, or temporary if it is anticipated that the sensitive 17 operation can be re-executed in the future a~ter a resetting of 18 the number of sequence breaks NRS by an authorized authority. On 19 the other hand, if the number of sequence breaks NRS is in fact less than or equal to the number of sequence breaks authorized 21 NRS~ a second step 22 is comprised of incrementing the sequence 22 bresk counter CRS by one unit. The next step is comprised of 23 e~ecuting the sensitive operation itself. If this operation is 24 executed in its entirety, that is, without the occurrence of any accidental or fraudulent sequence break, the sequence break 26 counter CRS is then decremented by one unit in step 24, in order 27 to return to the value it had before the start of the sensitive 28 operation.
29 In a variant, the operation 21 for testing the value of the number of sequence breaks NRS can be executed after that 22 for 31 incrementing the sequence break counter CRS by one unit.
32 Figs. 3a through 3c show successive states of the sequence 33 break counter CRS~ upstream from the execution of a sensitive 34 operation to be protected. This counter is constituted by a cyclic volume with a plurality of positions (at least three), CA 0224747~ 1998-08-20 ' 1 each position being embodied by at least one storage cell. In 2 this example, there are 8 positions, numbered 1 through 8. A
3 value of the number of sequence breaks NRS is stored in each 4 position, except in one position (in this case the position 5~, which is blank and does not contain any value. All blank 6 positions are labelled by the symbol 0.
7 Fig. 3a represents the state of the counter upstream from 8 the step 22 in the flow chart of Fig. 2. The position located 9 above the blank position (in this case the position 4) stores a current value NRS corresponding to an actual value of the 11 counter, while the six positions 3 through 1, then 8 through 6, 12 respectively, store different values, which increase successively 13 with time, namely NRS + 1 for the position 3, NRS for the position 14 2, etc., all the way to NRS ~ 2 for the oldest position 6, these positions corresponding to a certain number of successive 16 sensitive operations.
17 It may be said that the positions 2 through 4 correspond to 18 the following events:
19 - position 2: state of the counter before step 22 of Fig. 2;
- position 3: state of the counter just after step 22 (increase 21 of one unit~;
22 - position 4: state of the counter just after the step 24 23 (decrease of one unit), which shows that no sequence break, 24 either intentional or accidental~ has occurred during this execution of the sensitive operation.
26 Furthermore, it may be said that the positions 7 and 8 27 correspond to the following events, relative to a prior execution 28 of a sensitive operation:
29 - position 7: state of the counter before step 22 of Fig. 2;
- position 8: state of the counter just after step 22 (increase 31 of one unit);
32 - given that the ne~t position 1 does not correspond to a 33 decrease of one unit relative to the position 8 (that is NRS ~
34 1), it must be concluded that a sequence break, either intentional or accidental, has in fact occurred during this CA 0224747~ 1998-08-20 .
1 execution of the sensitive operation, so the normally expected 2 step 24 has not been executed. In conclusion, there has not been 3 a new recording of a counter value since this value has not 4 changed.
The position 6 corresponds to the state of the counter just 6 before the step 24 during an even older execution of the 7 sensitive operation. In effect, the value it contains corresponds 8 to that of the position 7, increased by one unit.
9 Returning to the sensitive operation in the process of being executed, Fig. 3b shows the state of the sequence break counter 11 in a preliminary phase of the execution of step 22 in the flow 12 chart of Fig. 2. The data processing means 9 of the security 13 module have proceeded to erase the position 6 located beneath the 14 blank position 5, thus defining a new blank position. In Fig. 3c, the data processing means 9 have executed the step 22 of Fig. 2, 16 adding one unit to the current value NRS of the position 4 and 17 ~toring the result NRS + 1 in the next position 5.
18 Figs. 4a and 4b show succes~ive states of the sequence break 19 counter CRS~ downstream from the execution of the sensitive operation 23 of Fig. 2. Fig. 4A shows the state of the sequence 21 break counter in a preliminary phase of e~ecution of the step 24 22 o~ Fig. 2. The data processing means 9 of the security module 23 have proceeded to an erasure of the position 7 located beneath 24 the new blank position 6. In Fig. 4b, the data processing means 9 have executed the step 24 of Fig. 2, subtracting one unit from 26 the current value NRS + 1 of the position 5 and storing the 27 result NRS in the next position 6.
28 It will be noted in the example of Figs. 2 through 4b that 29 the si~nal;ng function is advantageously interleaved with that ~or counting the sequence breaks by means of a single device: the 31 sequence break counter CRS.
32 Advantageously, the steps 21, 22 and 24 for incrementing and 33 decrementing the counter could be designed as subprograms of a 34 main program constituted by the sensitive operation itself. In this case, a label or address of the counter is introduced as a CA 0224747~ 1998-08-20 ;
1 parameter when the sub-program is called. This mode of operation 2 adds ~lexibility in the implementation of the sequences of 3 operations.
4 In the case where it is sought to protect a plurality of distinct sensitive operations intended to be executed 6 independently from one another, it is possible to define as many 7 sequence ~reak counters CRS as there are operations, each 8 verifying the proper execution of a given sensitive operation.
9 However, in a preferred mode, only one common counter is defined, which will be incremented, and in principle decremented, during 11 the execution of any of these sensitive operations. This 12 observation is also true for the case where the counter is 13 replaced by a flag.
14 An important concern of the invention is that the protection procedure descri~ed does not end up slowing or inhibiting the 16 operation o~ the security module, by reason of the inevitable 17 accidental interruptions observed throughout the latter's period 18 of operation, relative not only to sensitive operations but also 19 to ordinary operations, like those related to the application involved (financial application, performance of service, etc.) 21 whose non-execution affects neither security in general, nor the 22 fundamental rights and obligations of the user in the application 23 in question. In effect, the large number of operations protected 24 in this way would run the risk of consequently increasing the number of accidental interruptions observed: the number of 26 sequence breaks authorized NRSA would then be reached more 27 quickly, so a partial or total disabling of the security module 28 would also occur more quickly. This noteworthy result is obtained 29 according to the invention by applying the security procedure described only to the operations that actually correspond to 31 sensitive operations.
32 An improvement of the invention is comprised of the fact 33 that the number of interrupted attempts authorized NRSA includes a 34 random number that varies each time a predetermined number of sensitive operations have been initiated. Thus, the number NRSA
1 varies with predetermined frequency, but it assumes successive 2 values that are not predictable, which helps to interfere with 3 any fraudulent observation of the behavior of the security 4 module. This random number can advantageously be generated in the s security module according to any of the software processes 6 described in the U.S. patents 5,177,790 or 5,365,466. According 7 to a variant, the number of interrupted attempts authorized NRS~
8 is composed of a fixed number to which a random number is added.
9 means any operation whose execution has serious repercussions on:
- security in general: particularly in regard to any 11 operation intended to verify a person's authorization with 12 respect to access to certain information, services, or functions;
13 - the application involved in particular: particularly in 14 regard to any operation intended to define or modify certain parameters characterizing the fundamental rights and obligations 16 of a user with respect to this application (for example, for a 17 banking application, an operation intended to update an account 18 balance).
19 The term "security moduleU should be taken either in its classic sense, in which it designates a device in a communication 21 or information network intended to be held by an institution 22 supervising the network and to be stored so as to be protected by 23 secret and fundamental parameters of the network such as 24 cryptographic keys, or more simply, as designating a device allocated to various users of the network, enabling each of them 26 to have access to it, which latter device is also capable of 27 holding secret parameters. The security module could take the 28 ~orm of a portable object of the chip card type.
29 The object of the invention is to prevent any interruption of the sensitive operation in the process of being executed from 31 occurring, or at least to control the number of interruptions 32 that are capable of occurring. The invention relates particularly 33 to fraudulent interruptions, but does not exclude accidental 34 interruptions. The risk is that the operations intended to protect the execu~ion of the set of operations will not be 36 e~ecuted. For example, in the case of a program for testing a CA 0224747~ l998-08-20 1 confidential code presented by a user, there is an operation for 2 writing the result of the comparison, the purpose of which is to 3 limit the number of attempts authorized. If the defrauder 4 succeeds in stopping the program after the comparison but before S the writing of its result, he can repeat the operation a large 6 number of times, presenting a new confidential code, and may 7 possibly benefit from observing the electrical signals present in 8 the terminals of the security module, signals that are 9 practically alway~ affected by the nature of the calculation or the result. By storing a large number of such observations and 11 performing a statistical analysis, the defrauder may succeed in 12 identifying the user's correct confidential code.
13 According to the invention, this problem is solved by 14 providing measures which enable the security module to verify whether or not the sensitive operation or the previous sensitive 16 operations initiated have been executed in full, and if not, to 17 inh;hit the execution of the next sensitive operation.
18 More precisely, the process according to the invention 19 includes the steps comprised of:
- executing, at the time of each execution of the sensitive 21 operation and u~stream from the latter, a first supplementary 22 sequence of operations intended to activate signaling means, and 23 downstream from this sensitive operation, a second supplementary 24 sequence of operations intended to deactivate these signaling means;
26 - counting each interrupted attempt for which the sensitive 27 operation has been initiated but not executed, so that the 28 signaling means have been initially activated but not 29 subsequently deactivated, in order to define a number of interrupted attempts detected NRS;
31 - defining a number of interrupted attempts authorized NRSA;
32 - comparing, at the time of each execution of the sensitive 33 operation and upstream from the latter, this number of 34 interrupted attempts detected NRS to the number of interrupted attempts authorized NRSA; and CA 0224747~ 1998-08-20 1 - in the case where this number of interrupted attempts 2 detected NRS is greater than the number of interrupted attempts 3 authorized NRS~I inhibiting the execution of the sensitive 4 operation.
The invention also relates to a security module designed to 6 implement this process.
~ Other details and advantages of the present invention will 8 emerge from the following description of a preferred but non-9 limiting embodiment, in reference to the appended drawings in which:
11 Fig. 1 is the diagram of a security module for which the 12 invention is intended, which cooperates with a data processing 13 device;
14 Fig. 2 is a flow chart of the execution of a sensitive operation; and 16 Figs. 3a through 3c and 4a, 4b represent the state of a 17 counter of sequence breaks CRS at various instants during the 18 execution of one or more sensitive operations.
19 The data processing device 1 represented in Fig. 1 comprises, in a known way, a microprocessor 2 to which are 21 connected a ROM memory 3, a RAM memory 4, means 5 for cooperating 22 with a security module 8, and a tr~n~ sion interface 7 which 23 allows the data processing device to communicate with another 24 similar device, either directly or through a communications network.
26 The device 1 may or may not also be equipped with storage 27 means such as diskettes or removable disks, data entry means 28 ~such a~ a keyboard and/or a pointing device of the mouse type) 2~ and display means, which various means are not represented in Fig. 1.
31 The data processing device can also be constituted by any 32 data processing device installed at a private or public site and 33 capable of providing means for managing information or supplying 34 various goods or services, this device being permanently installed or portable. It can also be a telecommunications . ~ . .
CA 0224747~ 1998-08-20 1 device.
2 In addition, the security module 8 includes data processing 3 means 9, an associated non-volatile memory 10, and means 13 for 4 cooperating with the data processing device. This module is designed to define, in the memory 10, a secret area 11 in which 6 information, once stored, is inaccessible from outside the module 7 but accessible to the processing means 9, and a free area 12 8 which is accessible from outside the module for a reading and/or 9 writing of information. Each memory area can comprise a non-erasable ROM part and a part that is an erasable EPROM, EEPROM or 11 is constituted by a RAM memory of the "flash" type, that is, 12 having the characteristics of an EEPROM memory, but with access 13 times identical to those of a standard RAM. A volatile RAM
14 memory, not represented, is also provided.
lS In particular, it is possible to use as the security module 16 8 a microprocessor with a non-volatile self-programmable memory 17 like the one described in u.S. patent No. 4,382,279 in the name 18 of the Applicant. As indicated on page 1, lines 5 through 17 of 19 this patent, the self-programmable nature of the memory corresponds to the capability for a program fi located in this 21 memory to change another program fj, also located in this memory, 22 into a program gj. Although the means to be used to implement 23 this self-programming can vary depending on the technology used 24 to design the data processing means 9, it is noted that in the case where these processing means are constituted by a 26 microprocessor associated with a non-volatile memory and 27 according to the above-mentioned patent, these means can include:
28 - data and address buffers, associated with the memory;
29 - a program for writing in the memory, loaded into the latter and specifically cont~i n; ng the instructions that make it 31 possible to maintain the programming voltage of the memory, as 32 well as the data to be written and their addresses, for a 33 sufficient length of time, which write program may possibly be 34 replaced by a write controller with logic circuits.
In a variant, the microprocessor of the security module 8 is CA 0224747~ 1998-08-20 1 replaced -- or at least supplemented -- by logic circuits 2 installed in a semiconductor chip. In effect, circuits of this 3 ~ype are capable of performing calculations, particularly for 4 authentication and signature, because the electronics are hardwired, and not microprogrammed. In particular, they can be of 6 the ASIC (Application Specific Integrated Circuit) type. Examples 7 that may be cited are the SIEMENS component marketed under the 8 reference number SLE 4436 and the SGS-THOMSON component marketed 9 under the reference number ST 1335.
Advantageously, the security module 8 will be designed in 11 monolithic form on a single chip.
12 In a variant of the microprocessor with a non-volatile self-13 programmable memory described above, the protected nature of the 14 security module could result from its being located in an inviolable enclosure.
16 The signaling means mentioned above comprise at least one 17 ~equence break counter CRS designed to count sequence breaks 18 occurring during the execution of the sensitive operation, that 19 }s intervening in the step-by-step execution of this operation.
This counter is incorporated into the data processing means 9 of 21 the security module 8. According to the process of Fig. 2, two 22 reference numbers are distinguished, namely a number of sequence 23 breaks detected NRS and a number of sequence breaks authorized 24 NRS~' the first of which corresponds to the number of sequence breaks that have occurred in the e~ecution of a given sensitive 26 operation since a predetermined instant, and the second of which 27 corresponds to the maximum number of sequence breaks that can 28 occur without disabling the security module. Typically, the 29 instant from which the number of sequence breaks NRS is calculated corresponds to a first use of the security module by a 31 user for whom the latter is intended, the number NRS accounting 32 ~or any sequence break that has occurred from this instant up to 33 a predetermined date. The number of sequence breaks authorized 34 NRSA is determined by an authority so as to account for sequence breaks resulting not only from a fraudulent act, but from faulty CA 0224747~ 1998-08-20 1 operations of the security module, which can occur spontaneously 2 throughout its service life. Naturally, the NRS~ chosen must be 3 small, otherwise a defrauder would have the benefit of a 4 comfortable number of attempts to try to violate the security module. For example, NRSA will be less than 20, and particularly 6 less than 10.
7 At an input of the flow chart of the execution of the 8 sensitive operation, a first step 21 is comprised of verifying 9 whether the number of sequence breaks NRS is in fact less than or equal to the number of authorized sequence breaks NRSA- If not, it 11 proceeds to a sequence break executed in order to inhibit the 12 execution of the sensitive operation: this break can either be 13 ~inal in that it will prevent any subsequent execution of this 14 sensitive operation, or possibly even disable any further functioning of the security module no matter what the intended 16 operation, or temporary if it is anticipated that the sensitive 17 operation can be re-executed in the future a~ter a resetting of 18 the number of sequence breaks NRS by an authorized authority. On 19 the other hand, if the number of sequence breaks NRS is in fact less than or equal to the number of sequence breaks authorized 21 NRS~ a second step 22 is comprised of incrementing the sequence 22 bresk counter CRS by one unit. The next step is comprised of 23 e~ecuting the sensitive operation itself. If this operation is 24 executed in its entirety, that is, without the occurrence of any accidental or fraudulent sequence break, the sequence break 26 counter CRS is then decremented by one unit in step 24, in order 27 to return to the value it had before the start of the sensitive 28 operation.
29 In a variant, the operation 21 for testing the value of the number of sequence breaks NRS can be executed after that 22 for 31 incrementing the sequence break counter CRS by one unit.
32 Figs. 3a through 3c show successive states of the sequence 33 break counter CRS~ upstream from the execution of a sensitive 34 operation to be protected. This counter is constituted by a cyclic volume with a plurality of positions (at least three), CA 0224747~ 1998-08-20 ' 1 each position being embodied by at least one storage cell. In 2 this example, there are 8 positions, numbered 1 through 8. A
3 value of the number of sequence breaks NRS is stored in each 4 position, except in one position (in this case the position 5~, which is blank and does not contain any value. All blank 6 positions are labelled by the symbol 0.
7 Fig. 3a represents the state of the counter upstream from 8 the step 22 in the flow chart of Fig. 2. The position located 9 above the blank position (in this case the position 4) stores a current value NRS corresponding to an actual value of the 11 counter, while the six positions 3 through 1, then 8 through 6, 12 respectively, store different values, which increase successively 13 with time, namely NRS + 1 for the position 3, NRS for the position 14 2, etc., all the way to NRS ~ 2 for the oldest position 6, these positions corresponding to a certain number of successive 16 sensitive operations.
17 It may be said that the positions 2 through 4 correspond to 18 the following events:
19 - position 2: state of the counter before step 22 of Fig. 2;
- position 3: state of the counter just after step 22 (increase 21 of one unit~;
22 - position 4: state of the counter just after the step 24 23 (decrease of one unit), which shows that no sequence break, 24 either intentional or accidental~ has occurred during this execution of the sensitive operation.
26 Furthermore, it may be said that the positions 7 and 8 27 correspond to the following events, relative to a prior execution 28 of a sensitive operation:
29 - position 7: state of the counter before step 22 of Fig. 2;
- position 8: state of the counter just after step 22 (increase 31 of one unit);
32 - given that the ne~t position 1 does not correspond to a 33 decrease of one unit relative to the position 8 (that is NRS ~
34 1), it must be concluded that a sequence break, either intentional or accidental, has in fact occurred during this CA 0224747~ 1998-08-20 .
1 execution of the sensitive operation, so the normally expected 2 step 24 has not been executed. In conclusion, there has not been 3 a new recording of a counter value since this value has not 4 changed.
The position 6 corresponds to the state of the counter just 6 before the step 24 during an even older execution of the 7 sensitive operation. In effect, the value it contains corresponds 8 to that of the position 7, increased by one unit.
9 Returning to the sensitive operation in the process of being executed, Fig. 3b shows the state of the sequence break counter 11 in a preliminary phase of the execution of step 22 in the flow 12 chart of Fig. 2. The data processing means 9 of the security 13 module have proceeded to erase the position 6 located beneath the 14 blank position 5, thus defining a new blank position. In Fig. 3c, the data processing means 9 have executed the step 22 of Fig. 2, 16 adding one unit to the current value NRS of the position 4 and 17 ~toring the result NRS + 1 in the next position 5.
18 Figs. 4a and 4b show succes~ive states of the sequence break 19 counter CRS~ downstream from the execution of the sensitive operation 23 of Fig. 2. Fig. 4A shows the state of the sequence 21 break counter in a preliminary phase of e~ecution of the step 24 22 o~ Fig. 2. The data processing means 9 of the security module 23 have proceeded to an erasure of the position 7 located beneath 24 the new blank position 6. In Fig. 4b, the data processing means 9 have executed the step 24 of Fig. 2, subtracting one unit from 26 the current value NRS + 1 of the position 5 and storing the 27 result NRS in the next position 6.
28 It will be noted in the example of Figs. 2 through 4b that 29 the si~nal;ng function is advantageously interleaved with that ~or counting the sequence breaks by means of a single device: the 31 sequence break counter CRS.
32 Advantageously, the steps 21, 22 and 24 for incrementing and 33 decrementing the counter could be designed as subprograms of a 34 main program constituted by the sensitive operation itself. In this case, a label or address of the counter is introduced as a CA 0224747~ 1998-08-20 ;
1 parameter when the sub-program is called. This mode of operation 2 adds ~lexibility in the implementation of the sequences of 3 operations.
4 In the case where it is sought to protect a plurality of distinct sensitive operations intended to be executed 6 independently from one another, it is possible to define as many 7 sequence ~reak counters CRS as there are operations, each 8 verifying the proper execution of a given sensitive operation.
9 However, in a preferred mode, only one common counter is defined, which will be incremented, and in principle decremented, during 11 the execution of any of these sensitive operations. This 12 observation is also true for the case where the counter is 13 replaced by a flag.
14 An important concern of the invention is that the protection procedure descri~ed does not end up slowing or inhibiting the 16 operation o~ the security module, by reason of the inevitable 17 accidental interruptions observed throughout the latter's period 18 of operation, relative not only to sensitive operations but also 19 to ordinary operations, like those related to the application involved (financial application, performance of service, etc.) 21 whose non-execution affects neither security in general, nor the 22 fundamental rights and obligations of the user in the application 23 in question. In effect, the large number of operations protected 24 in this way would run the risk of consequently increasing the number of accidental interruptions observed: the number of 26 sequence breaks authorized NRSA would then be reached more 27 quickly, so a partial or total disabling of the security module 28 would also occur more quickly. This noteworthy result is obtained 29 according to the invention by applying the security procedure described only to the operations that actually correspond to 31 sensitive operations.
32 An improvement of the invention is comprised of the fact 33 that the number of interrupted attempts authorized NRSA includes a 34 random number that varies each time a predetermined number of sensitive operations have been initiated. Thus, the number NRSA
1 varies with predetermined frequency, but it assumes successive 2 values that are not predictable, which helps to interfere with 3 any fraudulent observation of the behavior of the security 4 module. This random number can advantageously be generated in the s security module according to any of the software processes 6 described in the U.S. patents 5,177,790 or 5,365,466. According 7 to a variant, the number of interrupted attempts authorized NRS~
8 is composed of a fixed number to which a random number is added.
Claims (6)
1. A process for protecting a security module (8) designed to cooperate with a data processing device (1), the module comprising data processing means (9, 2) and data storage means (10; 3, 4) and being designed to execute a set of operations including at least one sensitive operation (23), characterized in that it includes the steps comprised of:
- executing, at the time of each execution of the sensitive operation and upstream from the latter, a first supplementary sequence of operations (22) intended to activate signaling means, and downstream from said sensitive operation, a second supplementary sequence of operations (24) intended to deactivate said signaling means;
- counting each interrupted attempt for which the sensitive operation has been initiated but not executed, so that the signaling means have been initially activated but not subsequently deactivated, in order to define a number of interrupted attempts detected N RS;
- defining a number of interrupted attempts authorized N RSA;
- comparing, at the time of each execution of the sensitive operation and upstream from the latter, said number of interrupted attempts detected N RS to said number of interrupted attempts authorized N RSA; and - in the case where said number of interrupted attempts detected N RS is greater than said number of interrupted attempts authorized N RSA inhibiting the execution of the sensitive operation.
- executing, at the time of each execution of the sensitive operation and upstream from the latter, a first supplementary sequence of operations (22) intended to activate signaling means, and downstream from said sensitive operation, a second supplementary sequence of operations (24) intended to deactivate said signaling means;
- counting each interrupted attempt for which the sensitive operation has been initiated but not executed, so that the signaling means have been initially activated but not subsequently deactivated, in order to define a number of interrupted attempts detected N RS;
- defining a number of interrupted attempts authorized N RSA;
- comparing, at the time of each execution of the sensitive operation and upstream from the latter, said number of interrupted attempts detected N RS to said number of interrupted attempts authorized N RSA; and - in the case where said number of interrupted attempts detected N RS is greater than said number of interrupted attempts authorized N RSA inhibiting the execution of the sensitive operation.
2. The process according to claim 1 in which, in order to count each interrupted attempt, a counter is incremented by one unit at the time of each execution of the sensitive operation and upstream from the latter, and in the case where the sensitive operation has been executed, the counter is decremented by one unit downstream from the sensitive operation.
3. The process according to claim 1, in which said number of interrupted attempts authorized N RSA includes a random number that varies each time the sensitive operation (33) has been initiated a predetermined number of times.
4. The process according to claim 1, in which the security module (8) is designed to execute a plurality of distinct sensitive operations (33) and each interrupted attempt related to any of these sensitive operations is counted by means of the same number of interrupted attempts detected N RS.
5. A security module (8) designed to cooperate with a data processing device (1) and comprising data processing means (9, 2) and data storage means (10; 3, 4) and being designed to execute a set of operations including at least one sensitive operation (23), characterized in that it comprises:
- signaling means designed to assume a state in which they are activated upstream from a sensitive operation to be protected, and another state in which they are deactivated downstream from the sensitive operation if the latter has been executed;
- counting means for counting each interrupted attempt for which the sensitive operation has been initiated but not executed, so that the signaling means have been initially activated but not subsequently deactivated, in order to define a number of interrupted attempts detected N RS, said data storage means (10; 3,4) storing a number of interrupted attempts authorized N RSA;
- comparing means for comparing, at the time of each execution of the sensitive operation and upstream from the latter, said number of interrupted attempts detected N RS to said number of interrupted attempts authorized N RSA; and - inhibiting means for inhibiting, in the case where said number of interrupted attempts detected N RS is greater than said number of interrupted attempts authorized N RSA, the execution of the sensitive operation.
- signaling means designed to assume a state in which they are activated upstream from a sensitive operation to be protected, and another state in which they are deactivated downstream from the sensitive operation if the latter has been executed;
- counting means for counting each interrupted attempt for which the sensitive operation has been initiated but not executed, so that the signaling means have been initially activated but not subsequently deactivated, in order to define a number of interrupted attempts detected N RS, said data storage means (10; 3,4) storing a number of interrupted attempts authorized N RSA;
- comparing means for comparing, at the time of each execution of the sensitive operation and upstream from the latter, said number of interrupted attempts detected N RS to said number of interrupted attempts authorized N RSA; and - inhibiting means for inhibiting, in the case where said number of interrupted attempts detected N RS is greater than said number of interrupted attempts authorized N RSA, the execution of the sensitive operation.
6. The security module according to claim 5, in which said signaling and counting means comprise a counter designed to be incremented by one unit at the time of each execution of the sensitive operation and upstream from the latter, and in the case where the sensitive operation has been executed, to be decremented by one unit downstream from the sensitive operation.
Applications Claiming Priority (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| FR96/16257 | 1996-12-31 | ||
| FR9616257A FR2757972B1 (en) | 1996-12-31 | 1996-12-31 | METHOD FOR SECURING A SECURITY MODULE, AND RELATED SECURITY MODULE |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CA2247475A1 true CA2247475A1 (en) | 1998-07-09 |
Family
ID=9499336
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CA002247475A Abandoned CA2247475A1 (en) | 1996-12-31 | 1997-12-23 | Method for ensuring the safety of a security module, and related security module |
Country Status (12)
| Country | Link |
|---|---|
| EP (1) | EP0891587A1 (en) |
| JP (1) | JPH11505055A (en) |
| KR (1) | KR19990087418A (en) |
| CN (1) | CN1212770A (en) |
| AR (1) | AR009852A1 (en) |
| AU (1) | AU5668398A (en) |
| BR (1) | BR9707881A (en) |
| CA (1) | CA2247475A1 (en) |
| FR (1) | FR2757972B1 (en) |
| NO (1) | NO983960L (en) |
| TW (1) | TW405098B (en) |
| WO (1) | WO1998029813A1 (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2012079730A1 (en) * | 2010-12-14 | 2012-06-21 | Giesecke & Devrient Gmbh | Portable data storage medium with control error counter |
Families Citing this family (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6289457B1 (en) * | 1998-07-17 | 2001-09-11 | Amdahl Corporation | Value data system having containers for theft deterrent repositories |
| FR2793904B1 (en) * | 1999-05-21 | 2001-07-27 | St Microelectronics Sa | METHOD AND DEVICE FOR MANAGING AN ELECTRONIC CIRCUIT |
| JP2003316263A (en) * | 2002-04-19 | 2003-11-07 | Sony Corp | Arithmetic unit and operation method |
| FR2857473B1 (en) * | 2003-07-11 | 2005-09-16 | Oberthur Card Syst Sa | METHOD FOR SECURING THE EXECUTION OF A COMPUTER PROGRAM, IN PARTICULAR IN A MICROCIRCUIT BOARD |
| EP1605333B1 (en) * | 2004-06-07 | 2008-12-10 | Proton World International N.V. | Program execution control |
| EP1698958A1 (en) * | 2005-02-25 | 2006-09-06 | Axalto SA | Method for securing the writing in memory against radiation attacks or other attacks |
| FR2891654A1 (en) * | 2005-10-05 | 2007-04-06 | Proton World Int Nv | Event counting method for e.g. kilometric counter of motor vehicle, involves arithmetically adding values contained in different words of memory cells to obtain counting result, and incrementing/decrementing one word |
| CN101611414B (en) * | 2007-01-05 | 2012-12-05 | 质子世界国际公司 | Protection of information contained in an electronic circuit |
| JP4882006B2 (en) | 2007-01-05 | 2012-02-22 | プロトン ワールド インターナショナル エヌ.ヴィ. | Restricting access to electronic circuit resources |
| US9036414B2 (en) | 2007-01-05 | 2015-05-19 | Proton World International N.V. | Temporary locking of an electronic circuit to protect data contained in the electronic circuit |
| DE102010044687A1 (en) * | 2010-09-08 | 2012-03-08 | Giesecke & Devrient Gmbh | Portable data carrier with misoperation counter |
Family Cites Families (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JPS60207957A (en) * | 1984-03-31 | 1985-10-19 | Toshiba Corp | Data protecting system |
| US4614861A (en) * | 1984-11-15 | 1986-09-30 | Intellicard International, Inc. | Unitary, self-contained card verification and validation system and method |
| FR2674647A1 (en) * | 1991-03-29 | 1992-10-02 | Widmer Michel | Apparatus forming an electronic cheque-book for financial transactions and process for using such an apparatus |
| US5282247A (en) * | 1992-11-12 | 1994-01-25 | Maxtor Corporation | Apparatus and method for providing data security in a computer system having removable memory |
| EP0602867A1 (en) * | 1992-12-17 | 1994-06-22 | NCR International, Inc. | An apparatus for securing a system platform |
| DE4341887C2 (en) * | 1993-12-08 | 1996-12-19 | Siemens Ag | Method for preventing an unauthorized data change in a device with a non-volatile memory |
-
1996
- 1996-12-31 FR FR9616257A patent/FR2757972B1/en not_active Expired - Fee Related
-
1997
- 1997-12-23 EP EP97952982A patent/EP0891587A1/en not_active Withdrawn
- 1997-12-23 CN CN97192699A patent/CN1212770A/en active Pending
- 1997-12-23 AU AU56683/98A patent/AU5668398A/en not_active Abandoned
- 1997-12-23 CA CA002247475A patent/CA2247475A1/en not_active Abandoned
- 1997-12-23 BR BR9707881A patent/BR9707881A/en unknown
- 1997-12-23 JP JP10529680A patent/JPH11505055A/en active Pending
- 1997-12-23 WO PCT/FR1997/002389 patent/WO1998029813A1/en not_active Application Discontinuation
- 1997-12-23 KR KR1019980706836A patent/KR19990087418A/en not_active Application Discontinuation
- 1997-12-29 TW TW086119900A patent/TW405098B/en not_active IP Right Cessation
- 1997-12-30 AR ARP970106244A patent/AR009852A1/en unknown
-
1998
- 1998-08-28 NO NO983960A patent/NO983960L/en not_active Application Discontinuation
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2012079730A1 (en) * | 2010-12-14 | 2012-06-21 | Giesecke & Devrient Gmbh | Portable data storage medium with control error counter |
| US9298533B2 (en) | 2010-12-14 | 2016-03-29 | Giesecke & Devrient Gmbh | Portable data carrier having operating error counter |
Also Published As
| Publication number | Publication date |
|---|---|
| NO983960D0 (en) | 1998-08-28 |
| WO1998029813A1 (en) | 1998-07-09 |
| KR19990087418A (en) | 1999-12-27 |
| BR9707881A (en) | 1999-07-27 |
| NO983960L (en) | 1998-08-28 |
| FR2757972B1 (en) | 1999-02-19 |
| AR009852A1 (en) | 2000-05-03 |
| JPH11505055A (en) | 1999-05-11 |
| FR2757972A1 (en) | 1998-07-03 |
| TW405098B (en) | 2000-09-11 |
| CN1212770A (en) | 1999-03-31 |
| AU5668398A (en) | 1998-07-31 |
| EP0891587A1 (en) | 1999-01-20 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| AU752328B2 (en) | Method for storing and operating sensitive information in a security module, and associated security module | |
| US5533123A (en) | Programmable distributed personal security | |
| US5845069A (en) | Card-type storage medium protecting data stored in its memory by interrupting an existing transaction after a predetermined permissible number of accesses | |
| US8566927B2 (en) | Method for detecting and reacting against possible attack to security enforcing operation performed by a cryptographic token or card | |
| US5912453A (en) | Multiple application chip card with decoupled programs | |
| US7747870B2 (en) | Apparatuses and methods for decrypting encrypted data and locating the decrypted data in a memory space used for execution | |
| US20100313056A1 (en) | Secure Computing Device with Monotonic Counter and Method Therefor | |
| JP2000047945A (en) | Guarding method against analytic intelligence report of secret information | |
| CA2247475A1 (en) | Method for ensuring the safety of a security module, and related security module | |
| US7496738B2 (en) | Method of automatic control of the execution of a program by a microprocessor | |
| US20010010331A1 (en) | Process for protecting a security module, and associated security module | |
| EP2629447A1 (en) | Method and device for protecting an electronic device against fault attack(s) | |
| JP2003228521A (en) | Blocking of operation of integrated circuit | |
| EP1739587A1 (en) | Portable electronic apparatus and secured data output method therefor | |
| WO2001097010A2 (en) | Data processing method and device for protected execution of instructions | |
| EP3140775B1 (en) | Dynamic change of security configurations | |
| EP1811460B1 (en) | Secure software system and method for a printer | |
| WO2019219400A1 (en) | Electronic system and method for preventing malicious actions on a processing system of the electronic system | |
| US8239833B2 (en) | Statistical control of the integrity of a program | |
| JPH05204766A (en) | Identity confirming device | |
| CN114547651B (en) | Operating system interrupt context protection method based on chained encryption | |
| JPH1069435A (en) | Ic card | |
| JP4578167B2 (en) | Information processing device with authentication function | |
| CN114547651A (en) | Chain encryption-based operating system interrupt context protection method | |
| JP5131327B2 (en) | Issuing method of information processing apparatus having authentication function |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| FZDE | Discontinued |