EP1044534A1 - Procede de codage permettant d'executer des operations cryptographiques - Google Patents
Procede de codage permettant d'executer des operations cryptographiquesInfo
- Publication number
- EP1044534A1 EP1044534A1 EP99948821A EP99948821A EP1044534A1 EP 1044534 A1 EP1044534 A1 EP 1044534A1 EP 99948821 A EP99948821 A EP 99948821A EP 99948821 A EP99948821 A EP 99948821A EP 1044534 A1 EP1044534 A1 EP 1044534A1
- Authority
- EP
- European Patent Office
- Prior art keywords
- memory cell
- bit word
- data
- written
- random numbers
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
- G06F21/72—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in cryptographic circuits
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
- G06F21/75—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information by inhibiting the analysis of circuitry or operation
- G06F21/755—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information by inhibiting the analysis of circuitry or operation with measures against power attack
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/002—Countermeasures against attacks on cryptographic mechanisms
- H04L9/003—Countermeasures against attacks on cryptographic mechanisms for power analysis, e.g. differential power analysis [DPA] or simple power analysis [SPA]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2207/00—Indexing scheme relating to methods or arrangements for processing data by operating upon the order or content of the data handled
- G06F2207/72—Indexing scheme relating to groups G06F7/72 - G06F7/729
- G06F2207/7219—Countermeasures against side channel or fault attacks
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2123—Dummy operation
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/08—Randomization, e.g. dummy operations or using noise
Definitions
- the invention relates to an encryption method, wherein at least one partial cryptographic operation is carried out digitally as data stored as at least one data bit word in a memory cell or a register, according to the preamble of claim 1.
- cryptographic operations serve to protect the operation of these devices or to protect data carried in the device.
- the calculation operations required for this are carried out both by standard arithmetic units and by dedicated crypto arithmetic units.
- a typical example of the latter are chip cards or IC cards.
- the data or intermediate results used in this context are usually security-relevant information, such as cryptographic keys or operands.
- CMOS complementary metal-oxide-semiconductor
- This type of cryptanalysis is also referred to as "differential power analysis", by means of which an outsider can successfully carry out a possibly unauthorized cryptanalysis of the cryptographic operations, algorithms, operands or data by simply observing changes in the power consumption of the data processing device.
- a memory card with microcircuit and at least one memory known from EP 0 482 975 B1 which is connected to a data processing element, the data processing element being controlled by a data signal from outside the card and emitting an end-of-command signal in response to this data signal, which is delayed by a predetermined duration (T) with respect to the reception of the data signal, the duration (T) is chosen to be variable in time to increase the protection.
- T duration
- Data bit word in a memory cell in which a data bit word is stored which is generated based on random numbers.
- the current consumption changes only as a function of a difference in the Hamming weight of the written data from the unknown random number, so that this difference and thus the change in current consumption are random and cannot be predetermined.
- bit word based on random numbers is written into the memory cell by an arithmetic unit.
- bit word based on random numbers is written into the latter via a direct connection between a random number source and the memory cell.
- a temporal correlation between the writing of the random number into a memory cell and the cryptographic partial operation is avoided in that the bit word based on random numbers is stored in the memory cell at a time interval before the cryptographic partial operation.
- a memory cell 10 or a register for writing or storing data Xj in the form of a data bit word is provided via a connection 11.
- 12 random numbers are generated by a random number source and written into the memory cell 10 via a direct connection 14 or stored therein.
- the memory cell 10 is assigned a random value r; initialized.
- the random value T ⁇ can also be written via the connection 11 by an arithmetic logic unit which has previously received the random value from the random number source 12.
- the time of this pre-initialization can be selected as desired and is preferably not carried out immediately before the cryptographic operation.
- the memory area or register is expediently pre-initialized with changing random numbers. If the memory areas or registers thus pre-initialized are loaded with data x, in the course of a cryptographic operation, the current consumption changes only as a function of a difference in the Hamming weight of the operand x, and the Hamming weight of the unknown random number. Based on this random difference value, it is now not possible to derive information about the operands or intermediate results used.
Landscapes
- Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- Computer Hardware Design (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Mathematical Physics (AREA)
- Software Systems (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Storage Device Security (AREA)
Abstract
Applications Claiming Priority (5)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
DE19845096 | 1998-09-30 | ||
DE19845096 | 1998-09-30 | ||
DE19936890A DE19936890A1 (de) | 1998-09-30 | 1999-08-05 | Verschlüsselungsverfahren zum Ausführen von kryptographischen Operationen |
DE19936890 | 1999-08-05 | ||
PCT/EP1999/007019 WO2000019657A1 (fr) | 1998-09-30 | 1999-09-20 | Procede de codage permettant d'executer des operations cryptographiques |
Publications (1)
Publication Number | Publication Date |
---|---|
EP1044534A1 true EP1044534A1 (fr) | 2000-10-18 |
Family
ID=26049211
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
EP99948821A Withdrawn EP1044534A1 (fr) | 1998-09-30 | 1999-09-20 | Procede de codage permettant d'executer des operations cryptographiques |
Country Status (3)
Country | Link |
---|---|
EP (1) | EP1044534A1 (fr) |
JP (1) | JP2002526849A (fr) |
WO (1) | WO2000019657A1 (fr) |
Families Citing this family (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20100042851A1 (en) * | 2005-11-04 | 2010-02-18 | Gemplus | Method for Securely Handling Data During the Running of Cryptographic Algorithms on Embedded Systems |
CN101978648A (zh) * | 2008-03-25 | 2011-02-16 | 三菱电机株式会社 | 密码运算装置、密码运算程序以及记录介质 |
FR2955436B1 (fr) * | 2010-01-19 | 2012-11-23 | St Microelectronics Rousset | Procede et dispositif de contremesure pour proteger des donnees circulant dans un composant electronique |
Family Cites Families (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4386234A (en) * | 1977-12-05 | 1983-05-31 | International Business Machines Corp. | Cryptographic communication and file security using terminals |
JPH01298829A (ja) * | 1988-05-27 | 1989-12-01 | Nec Corp | データ変換器 |
-
1999
- 1999-09-20 EP EP99948821A patent/EP1044534A1/fr not_active Withdrawn
- 1999-09-20 JP JP2000573038A patent/JP2002526849A/ja active Pending
- 1999-09-20 WO PCT/EP1999/007019 patent/WO2000019657A1/fr not_active Application Discontinuation
Non-Patent Citations (1)
Title |
---|
See references of WO0019657A1 * |
Also Published As
Publication number | Publication date |
---|---|
WO2000019657A1 (fr) | 2000-04-06 |
JP2002526849A (ja) | 2002-08-20 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
DE69805155T2 (de) | Integrierte Schaltung und Chipkarte mit einer solchen Schaltung | |
DE3811378C3 (de) | Informationsaufzeichnungssystem | |
EP0281057B1 (fr) | Circuit pour la sécurité de l'accès à un ordinateur à l'aide d'une carte à circuit intégré | |
DE69615736T2 (de) | Speicherkarte und Vorrichtung zum Betrieb einer solchen Karte | |
EP0030381B1 (fr) | Procédé et dispositif pour la production et le contrôle de documents protégés contre des falsifications et document utilisé à cet effet | |
EP0932867B1 (fr) | Circuit electronique de traitement de donnees | |
EP1115094A2 (fr) | Dispositif de traitement de données et sa méthode de mise en oeuvre | |
EP0155399A2 (fr) | Circuit de protection contre l'exécution non-autorisée d'un programme | |
DE2824135A1 (de) | Datenverarbeitungsanlage, die das geheimnis vertraulicher informationen schuetzt | |
EP1044426B1 (fr) | Dispositif de traitement de donnees et son mode d'alimentation en tension | |
EP0981115A2 (fr) | Méthode d'exécution d'un programme de chiffrage pour chiffrer des données dans un support de données portable avec microprocesseur | |
DE10319585A1 (de) | Manipulationssicheres Datenverarbeitungssystem und zugehöriges Verfahren zur Manipulationsverhinderung | |
DE3318083A1 (de) | Schaltungsanordnung mit einem speicher und einer zugriffskontrolleinheit | |
WO2000019657A1 (fr) | Procede de codage permettant d'executer des operations cryptographiques | |
WO2001048706A1 (fr) | Support de donnees portatif avec protection d'acces pour invalider des messages | |
DE102006035610A1 (de) | Speicherzugriffssteuerung und Verfahren zur Speicherzugriffssteuerung | |
DE19936890A1 (de) | Verschlüsselungsverfahren zum Ausführen von kryptographischen Operationen | |
DE19936938A1 (de) | Datenverarbeitungseinrichtung und Verfahren zu dessen Betrieb zum Verhindern einer differentiellen Stromverbrauchanalyse | |
EP1046131B1 (fr) | Dispositif de traitement de donnees et son mode de fonctionnement permettant d'empecher une analyse differentielle de la consommation de courant | |
DE69934707T2 (de) | Gegenmassnahmenvorrichtung in einem elektronischen bauteil um einen krypto-algorithmus mit geheimschlüssel durchzuführen | |
DE4242579C2 (de) | Verfahren zur Echtheitserkennung von Datenträgern | |
WO2000019386A1 (fr) | Dispositif de traitement des donnees et son procede de fonctionnement permettant d'empecher toute analyse differentielle de consommation d'energie | |
DE19936939A1 (de) | Datenverarbeitungseinrichtung und Verfahren zu dessen Betrieb zum Verhindern einer differentiellen Stromverbrauchanalyse | |
EP0353530B1 (fr) | Méthode de différenciation de circuits électroniques à mémoires non volatiles | |
WO2008040686A1 (fr) | Agencement de boîte noire et procédé pour la mise en place d'une identification dans un adaptateur pour l'agencement de boîte noire |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PUAI | Public reference made under article 153(3) epc to a published international application that has entered the european phase |
Free format text: ORIGINAL CODE: 0009012 |
|
AK | Designated contracting states |
Kind code of ref document: A1 Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LI LU MC NL PT SE |
|
17P | Request for examination filed |
Effective date: 20001006 |
|
RAP1 | Party data changed (applicant data changed or rights of an application transferred) |
Owner name: PHILIPS CORPORATE INTELLECTUAL PROPERTY GMBH Owner name: KONINKLIJKE PHILIPS ELECTRONICS N.V. |
|
RAP1 | Party data changed (applicant data changed or rights of an application transferred) |
Owner name: PHILIPS INTELLECTUAL PROPERTY & STANDARDS GMBH Owner name: KONINKLIJKE PHILIPS ELECTRONICS N.V. |
|
17Q | First examination report despatched |
Effective date: 20050504 |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN |
|
18D | Application deemed to be withdrawn |
Effective date: 20050915 |