EP1295200A2 - Procede et dispositif de traitement de donnees servant a proteger l'execution d'instructions - Google Patents

Procede et dispositif de traitement de donnees servant a proteger l'execution d'instructions

Info

Publication number
EP1295200A2
EP1295200A2 EP01936364A EP01936364A EP1295200A2 EP 1295200 A2 EP1295200 A2 EP 1295200A2 EP 01936364 A EP01936364 A EP 01936364A EP 01936364 A EP01936364 A EP 01936364A EP 1295200 A2 EP1295200 A2 EP 1295200A2
Authority
EP
European Patent Office
Prior art keywords
program
sequence
program instructions
accumulated
signature register
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
EP01936364A
Other languages
German (de)
English (en)
Inventor
Thorwald Rabeler
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
NXP BV
Original Assignee
Koninklijke Philips Electronics NV
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Koninklijke Philips Electronics NV filed Critical Koninklijke Philips Electronics NV
Publication of EP1295200A2 publication Critical patent/EP1295200A2/fr
Withdrawn legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/30Arrangements for executing machine instructions, e.g. instruction decode
    • G06F9/30098Register arrangements
    • G06F9/30101Special purpose registers
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • G06F21/74Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information operating in dual or compartmented mode, i.e. at least one secure mode
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/341Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/0806Details of the card
    • G07F7/0813Specific details related to card security
    • G07F7/082Features insuring the integrity of the data on or in the card
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1008Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/12Card verification
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/12Card verification
    • G07F7/122Online card verification

Definitions

  • This invention generally relates to a method and data processing device for the execution of instruction sequences. Specifically, the present invention pertains to a method and data processing device for ensuring that a program portion has not been altered and is running in the proper sequence.
  • a smart card is a flat card that contains a data processing device in the form of a microprocessor as well as a memory.
  • the smart card is operated in conjunction with a host device (e.g., a read apparatus) utilizing contacts or a wireless contact medium.
  • a host device e.g., a read apparatus
  • Smart cards of this kind may be utilized for banking applications where data in the smart card memory may be read out and/or modified only under stringently defined conditions.
  • typically given other data e.g., security-related data
  • security-related data is only exchanged between the smart card and the read apparatus and may not be externally disseminated or discerned.
  • security-related data may also be involved in other applications of smart cards, for example their use as a health care card, a set top box access card, etc.
  • the program present in these smart cards is often modified or supplemented in order to add data to the smart card, to adapt the smart card to various applications, and/or to create further possibilities for use.
  • the originator of the smart card should realize these modifications or supplements.
  • unauthorized persons may attempt to modify the instruction sequences present in the microprocessor or in the program memory thereof, in order to carry out unauthorized reading or fraudulent modification of data.
  • German Patent Application No. 19804784.3 incorporated herein by reference, a smart card is proposed that offers a high degree of protection against this type of manipulation.
  • the program portion that controls the smart card and reading apparatus interaction is subdivided into essentially two instruction sequences, with one instruction sequence being stored so that it cannot be modified. All accesses to essential, notably security-relevant data, are only possible in one instruction sequence that is referred to as the system program.
  • the other instruction sequence is referred to as the application program. Both instruction sequences and programs may consist of a respective number of individual instruction sequences.
  • a jump is made to the system program. Thereafter, a jump is made back to the application program and the execution thereof is continued.
  • intended entry and exit portions may be circumnavigated for the purposes of entering the system program in such a way as to either gain external access to security-relevant data or to cause the system program to run in an unauthorized manner.
  • a signature register is utilized to accumulate a sequence of addresses or instructions.
  • the accumulated addresses or instructions from the signature register are compared to a value contained in an instruction portion to determine if the intended instruction flow has been improperly modified.
  • the value stored in the signature register will not correspond to the value in the instruction portion and operation of the device is terminated.
  • an encryption device is utilized at times to modify the value in the signature register in a secret way.
  • the security of the device may be compromised. Accordingly, it is an object of the present invention to overcome the disadvantages of the prior art.
  • a device to determine whether an application program has been unduly manipulated is provided with a signature register that is coupled to the output of the instruction register and or to the addresses of the program memory.
  • the signature register is also coupled to a mode bit of a processor having two operating modes. In a first mode, the signature register accumulates the output of the instruction register and/or the addresses of the program memory, yet the output of the signature register is not externally discernable. In a second mode, the signature register is set to no longer accumulate inputs. In the second mode, the signature register content is checked by a comparison with a specified value. This comparison value can be effectively contained in an instruction at relevant positions in the program or may be stored in an unalterable memory location. In one embodiment, the signature value is not compared directly but is only compared after the value is encrypted to ensure that in the case of unauthorized manipulation of the program, the comparison value cannot be readily modified.
  • the signature register is coupled to the addresses of the program memory through a memory management unit.
  • the signature register may accumulate virtual addresses of the program memory in place of the actual addresses of the program memory thereby facilitating characterization of the program flow.
  • the virtual addresses may correspond to self-relative addresses.
  • the first mode of the processor is reserved for untrusted application program sequences while the second mode of the program is reserved for trusted system program sequences.
  • Untrusted program sequences are program sequences that are changeable and discernable by intervention outside the device.
  • Trusted program sequences are program sequences that are unchangeable and not discernable by intervention outside the device.
  • the device may correspond to a smart card.
  • Fig. 1 is a block diagram of a data processing device in accordance with an embodiment of the present invention.
  • Fig. 2 shows a flow chart for the execution of instruction sequences in accordance with an embodiment of the present invention.
  • FIG. 1 shows a block diagram of a data processing device 100 in accordance with the invention.
  • a memory 10 contains sequences of instructions that are addressed by an address generator 12 via a lead 13A and thereby read out successively.
  • the instructions read out are applied to an instruction register 14 which stores each time at least one instruction.
  • the instructions or at least parts thereof, are applied to various elements via the lead 15.
  • the instruction decoder 16 notably decodes the operation part of the instruction and conducts signals, via corresponding control leads, to other elements that are in this case shown in general as an execution device 18.
  • the execution device 18 includes notably a processor, such as a central processing unit (“CPU”) as well as registers (not shown).
  • a lead 19 from the execution device 18 to the address generator 12 conducts control signals to the address generator 12 when the execution of an instruction is to be terminated and the next instruction is to be called. Additionally, the lead 19 conducts control signals to the address generator 12, for example, in response to an instantaneous instruction (e.g., an interrupt instruction) or when on a state of the execution device 18, a different instruction portion is requested from the address generator 12.
  • the new address of the different instruction portion is preferably indicated, via the lead 15, by a part of the instruction present in the instruction register 14. In this case, this new address together with the control signal on lead 19 triggers a jump in the instruction sequence.
  • the lead 15 is also connected to an input of a signature register 20.
  • the signature register 20 is also connected, via a lead 13B, to the output of the address generator 12. In other embodiments it is also possible for only one of these two leads 13B and 15, to be connected to the signature register 20.
  • the signature register 20 accumulates newly received values from either or both of the address generator 12 and the instruction register 14 with the value stored in the signature register 20.
  • the signature register 20 stores the accumulated value in response to a received relevant signal from the instruction decoder 16 via a lead 17 A. It should be clear that the signature register 20 may accumulate all received values or any portion thereof to confound any intentional malicious intervention.
  • the signature register 20 may accumulate values in many known ways such as maintaining a checksum of the accumulated data, an exclusive-or (XOR) of accumulated data, or other known accumulation methods.
  • bits of incoming values may be combined/accumulated and thereafter may be accumulated to stored accumulation result.
  • accumulation methods may be known in the art, the particular method selected may be unknown to further foil attempts at concealing an unauthorized modification or supplementation of instructions.
  • all bits of incoming values may be accumulated wherein in other embodiments, only selected bits may be accumulated or even some combination thereof to further provide unpredictability (apparent random behavior) of the accumulated data.
  • the output 21 of the signature register 20 is illustratively connected to an input of a comparator 22.
  • a second input of the comparator 22 is connected to the lead 15 in the illustrative embodiment.
  • the comparator 22 compares the value output by the signature register 20 via the lead 21 with a value contained in an instruction portion when the instruction decoder 16, via the lead 17B, supplies a corresponding signal.
  • the comparator 22 may compare the value output by the signature register 20 with a value contained in an unalterable portion of the memory 10 via the instruction register 14 and lead 15.
  • the comparator 22 outputs, via the lead 23, a value and a control signal to the address generator 12.
  • the address generator 12 is set to a given address so that a predetermined instruction sequence is executed.
  • the predetermined instruction sequence may, for example, be an interrupt instruction sequence that inhibits further functions of the device.
  • the signature register 20 may also contain an encryption device 24 that generates a new value from the combined value stored in the signature register 20 using a secret algorithm. This new value is stored in the signature register 20 in the presence of a relevant control signal on the lead 17A.
  • the signature register 20 then commences the further signature formation on the basis of a value that cannot be predicted by a person not knowing the encryption algorithm in the encryption device 24. Consequently, it is rendered difficult to modify the value applied to the comparator 22 by a relevant instruction in such a manner that in the case of a modification of the previous instruction sequence, the comparator 23 does not produce a signal or perform a jump into an interrupt instruction sequence. In this way, it can be checked whether the instruction sequences and the instructions contained therein are executed in the correct order and whether instructions therein have been modified.
  • the additional encryption and protection provided by the encryption device 24 may further be utilized when the checksum is communicated to the outside, such as through a card reader 28. Encrypting the checksum output by the signature register 20 makes it more difficult for a hacker to simply tap a lead (e.g., a telephone line) of a corresponding device, such as an automatic teller machine (ATM), and patch in a good checksum.
  • a lead e.g., a telephone line
  • ATM automatic teller machine
  • a mode signal output from the execution device 18 on lead 17C acts as a hardware protection that excludes the application mode from accessing and/or modifying the signature register 20.
  • the device 100 such as a smart card, has distinct operating modes as determined by a hardware constraint in the form of the mode signal.
  • the "application mode” or "user mode” is determined by a mode signal logical state of zero ("zero mode signal").
  • the zero mode signal is reserved for executing non-trusted applications.
  • a mode signal logical state of one (“one mode signal”) is reserved for the system program, including the execution of interrupt code portions.
  • the mode signal is part of the processor state (e.g., the CPU of the execution device 18). Accordingly, an application program is excluded by the hardware constraint (e.g., the mode signal), from increasing the operating mode to "system mode”, other than by passing full control to operating system code thru predetermined entry points.
  • the application program invokes "system call” instructions.
  • the system call instructions from the instruction register 14 triggers an interrupt instruction portion.
  • the operating system code acts as an interrupt handler for these "system call” interrupts.
  • the signature register 20 may build up a checksum or other logical operations of executed instructions and/or instruction addresses, while the CPU is running in the application mode.
  • the signature register 20 is not accessible in any way by the application program since the zero mode signal acts as a hardware lock that is set in the application mode. The zero mode signal thus prevents access, by the application program, to the output 21 of the signature register 20.
  • the checksum state of the signature register 20 is unaffected by additional address generation and is accessible for read operations. Since all interrupt code is executed in the system mode, the interrupt code is also excluded from being summed by the signature register 20.
  • the mode of an interrupted program is saved/restored on interrupt entry/exit, so the signature register 20 resumes checksumming only once control is returned to the application mode by an interrupt exit. The signature register 20 will not resume checksumming if control is returned to a previously interrupted system program. In this way, the mode of the CPU controls the accumulate/stop state and access to the result (e.g., checksum) of the signature register 20.
  • the exclusion of the interrupt code from the result of the signature register 20 is desirable to facilitate characterization of the application program and its flow by a unique signature. Inclusion of the interrupt code portions in the result renders the result dependent on the exact time or instruction portion where the interrupt code was executed with respect to the application program. This makes it more difficult to properly characterize the instruction flow by the result contained in the signature register 20 since the occurrence of an interrupt is not restricted to a given particular portion of the application program.
  • the system program In the system mode, the system program has full control over the result of the signature register 20. There is no need to protect the signature register 20 from alteration by the system program, since the system program is "TRUSTED” code, that is not modifiable from the "NONTRUSTED” application program, as controlled by a hardware protection mechanism as described in the German Patent Application No. 19804784.3. As shown therein, the system program is also in full control of the memory protection hardware, so the system program can protect itself from access by the application program.
  • the address generator 12 acts as a memory management unit that performs relocation of the addresses for accessing the memory 10 and for controlling addresses that may be output to the signature register 20 via the lead 13B. This is desirable since the signature register 20 may, in one embodiment, perform a checksum of the addresses, yet application programs may be loaded on the fly without defined (e.g., fixed) memory locations.
  • the addresses such as those referenced within the program (e.g., JUMP to address XX) should be changed for the final location of the program in memory.
  • a relocating loader may perform this change in the addresses.
  • the checksum in the signature register may no longer characterize the program, but the program at its new address.
  • the relocating loader is a utility program that typically modifies the address portion of a program, while it is brought into memory, e.g., before execution.
  • the relocation loader prior to program execution goes through the program and changes all references from a symbolic address (e.g., an address relative to the program flow and not relative to the actual location in memory where the program is stored) to the actual addresses where the program is stored.
  • the address generator 12 may solve this problem.
  • the program flow may at times refer to virtual addresses that are unchanged prior to execution.
  • the virtual addresses are output by the address generator 12 to the signature register 20 via the lead 13B so that the checksum in the signature register is unaffected by the actual addresses where the program is located in the memory 10.
  • the memory management unit performs the change of virtual addresses to the actual addresses and outputs these actual addresses via the lead 13 A to the memory 10.
  • the memory management unit or other means of address independence is desirable to facilitate the characterization of the program by the programs address sequence.
  • the memory management unit is under full control of the system program.
  • the system mode program "knows" the correspondence of application program virtual address to actual address. In this way, the application program only refers to the virtual addresses, which are unchanged, regardless of the location of the application program in memory. In this way, the signature register may characterize the program flow (by the virtual addresses) without being affected by the actual addresses.
  • the program portion may utilize self-relative addressing. Self-relative addressing renders the program portion "position-independent". This approach utilizes addressing modes in the CPU, like relative jumps, to ensure that the checksum in the signature register 20 characterizes the program flow.
  • self relative addressing the application program addresses are relative to some basis address, e.g., reflecting only the distance of a branch target from the current instruction. As long as the application program is moved in one piece, all branches inside the application program are unchanged, as the relative location of start and end of a branch move together.
  • the device 100 shown in Fig. 1 constitutes the control device of a smart card as described in the cited German patent application 19804784.3.
  • the control signal on the lead 17b may activate the comparator 22 and is generated preferably for each jump instruction whereby a jump to the described system program is executed.
  • the signature register 20 is set to not accumulate by a change in the mode signal from the CPU.
  • the system program is preferably stored in a part of the memory 10 that cannot be modified as discussed above.
  • the signature register 20 is released to accumulate again by the mode signal only upon a return jump to the application program.
  • the value generated by the encryption unit 24 may then be stored as the checksum in the signature register 20 in response to a signal on a lead 29 from the smart card or on the lead 17A from the instruction decoder 16.
  • smart cards operate in cooperation with a card reader.
  • the block 28 in Fig. 1 symbolically represents such a card reader.
  • the card reader 28 may receive, for example, the value at the output 21 of the signature register 20.
  • the output 21 may represent the checksum directly or may represent the value encrypted by the encryption unit 24. This value can then be compared with a predetermined value in the card reader 28.
  • the comparator 22 may be omitted if the card reader 28 is capable of controlling the smart card accordingly.
  • the card reader 28 may form a further signature from said received value and may return this further signature to the signature register 20 via the lead 29.
  • the smart card may thus check whether it is cooperating with an appropriate, notably non-manipulated card reader.
  • Fig. 2 shows an illustrative flow chart of an execution of instruction sequences in accordance with an embodiment of the present invention.
  • the execution commences with a start 30 that symbolizes the introduction of the smart card into the card reader thereby establishing a conductive connection or a contactless connection.
  • a start program 31 is performed during which the card and the card reader exchange various data, for example in order to determine the nature of the card, whether authorization tests have to be performed, etc.
  • the processing proceeds with a program sequence 32 that forms a portion of an application program.
  • the mode signal of the CPU of the execution device 18 is cleared to zero thereby setting the signature register 20 to begin accumulating.
  • the program sequence 32 contains, in a predetermined position, a jump instruction to the system program.
  • the CPU sets the mode bit, thereby setting the signature register 20 to stop accumulating.
  • the processing proceeds with a sequence 33 of system instructions.
  • the sequence 33 verifies the signature previously formed during the processing of the program sequence 32.
  • further predetermined system instructions 34 are carried out, after which a return jump to the application program is made and the CPU clears the mode bit setting the signature register 20 to accumulate.
  • the application program continues at sequence 35 during which new signatures are formed by the signature register 20.
  • a jump is made to the system program and the CPU sets the mode bit, thereby setting the signature register 20 to stop accumulating.
  • the processing then proceeds with system instructions at sequence 36 and the signature formed is again tested. Additional system instructions may continue at sequence 37.
  • the sequence 37 may incorporate the generation of a new initial value, being an erasure or other alteration of the checksum stored in the signature register such as an encryption of the previously formed checksum.
  • the altered checksum may be written to the signature register 20 by the system program during sequence 37 of the system program. In this case, the altered checksum may be utilized as the basis for further checksum generation upon a return to an application program sequence.
  • the interruption program inhibits all further external operations of the card and directly leads to the end 42.
  • the system program may dispatch control to several application programs in a controlled fashion (e.g. in a cyclic mode for timesharing).
  • the system program may save and restore the corresponding intermediate results from/to the signature register 20, such that each separate application program execution only updates the result of the corresponding application program.
  • the system program may load a checksum A into the signature register 20, execute instructions of an application program A and accumulate to the checksum A, then save the accumulated checksum A. Thereafter, the system program may load a checksum B into the signature register 20, execute part of an application program B and accumulate to the checksum B, and then save the checksum B. The system program may then restore the checksum A into the signature register 20 and resume execution of the application program A, and so on. After both (or more) application programs are executed to some known point, the cumulative checksum of each of the application programs may be evaluated. This enables "timesharing" of not only the processor for several application programs at quasi the same time, but also “timesharing" of the checksum mechanism, such that the signature register 20 operates independently for all of the application programs involved at quasi the same time.
  • FIG. 1 shows separate functional blocks for the identified functions, one or more of these functions may be combined into a single block or divided into separate functional blocks.
  • any one or more of these functional blocks may be performed via an instruction sequence of a processor, may be performed by a hardwired integrated circuit, may be performed by a re-programmable integrated circuit, or any other known means or combination thereof.
  • Numerous alternative embodiments may be devised by those having ordinary skill in the art without departing from the spirit and scope of the following claims.

Landscapes

  • Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Business, Economics & Management (AREA)
  • Microelectronics & Electronic Packaging (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Accounting & Taxation (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • Mathematical Physics (AREA)
  • Storage Device Security (AREA)
  • Executing Machine-Instructions (AREA)
  • Debugging And Monitoring (AREA)

Abstract

Selon l'invention, un dispositif permettant de déterminer si un programme applicatif a été manipulé frauduleusement est muni d'un registre de signatures couplé à la sortie du registre d'instructions et/ou aux adresses de la mémoire du programme. Le registre de signatures est également couplé à un bit modal d'un processeur fonctionnant selon deux modes opératoires. Dans un premier mode, le registre de signatures accumule la sortie du registre d'instructions et/ou des adresses de la mémoire du programme, sans toutefois que la sortie du registre de signatures soit visible à l'extérieur. Dans un deuxième mode, le registre de signatures est configuré de manière à ne plus accumuler des entrées. Dans ce deuxième mode, le contenu du registre de signatures est vérifié par comparaison avec une valeur déterminée. Cette valeur de comparaison peut effectivement être contenue dans une instruction à des possitions pertinentes dans le programme. Dans une autre forme de réalisation, la valeur de signature n'est pas comparée directement, mais seulement après chiffrement de la valeur afin de s'assurer qu'en cas de manipulation non autorisée du programme, la valeur de comparaison ne puisse pas être modifiée facilement.
EP01936364A 2000-06-12 2001-05-14 Procede et dispositif de traitement de donnees servant a proteger l'execution d'instructions Withdrawn EP1295200A2 (fr)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US59206000A 2000-06-12 2000-06-12
US592060 2000-06-12
PCT/EP2001/005560 WO2001097010A2 (fr) 2000-06-12 2001-05-14 Procede et dispositif de traitement de donnees servant a proteger l'execution d'instructions

Publications (1)

Publication Number Publication Date
EP1295200A2 true EP1295200A2 (fr) 2003-03-26

Family

ID=24369117

Family Applications (1)

Application Number Title Priority Date Filing Date
EP01936364A Withdrawn EP1295200A2 (fr) 2000-06-12 2001-05-14 Procede et dispositif de traitement de donnees servant a proteger l'execution d'instructions

Country Status (3)

Country Link
EP (1) EP1295200A2 (fr)
JP (1) JP2004503860A (fr)
WO (1) WO2001097010A2 (fr)

Families Citing this family (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7533412B2 (en) * 2002-04-23 2009-05-12 Stmicroelectronics S.A. Processor secured against traps
FR2849226B1 (fr) 2002-12-20 2005-12-02 Oberthur Card Syst Sa Procede et dispositif de securisation de l'execution d'un programme informatique.
US7322042B2 (en) * 2003-02-07 2008-01-22 Broadon Communications Corp. Secure and backward-compatible processor and secure software execution thereon
US20100017627A1 (en) 2003-02-07 2010-01-21 Broadon Communications Corp. Ensuring authenticity in a closed content distribution system
EP3043232A1 (fr) 2003-08-26 2016-07-13 Panasonic Intellectual Property Corporation of America Dispositif d'exécution de programme
EP1548537A1 (fr) * 2003-12-23 2005-06-29 STMicroelectronics Limited Agencement d'un processeur sécurisé
DE102005050767A1 (de) * 2005-10-24 2007-04-26 Robert Bosch Gmbh Instruktionsspeicherabsicherung durch Control Flow Checking
DE102007038763A1 (de) * 2007-08-16 2009-02-19 Siemens Ag Verfahren und Vorrichtung zur Sicherung eines Programms gegen eine Kontrollflussmanipulation und gegen einen fehlerhaften Programmablauf
EP3301600B1 (fr) * 2016-09-29 2021-03-31 Commsolid GmbH Procédé et appareil de suivi de signature
WO2020038559A1 (fr) 2018-08-21 2020-02-27 Commsolid Gmbh Convertisseur analogique-numérique
US11698969B1 (en) * 2021-06-25 2023-07-11 Amazon Technologies, Inc. Boot security of integrated circuit device

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH0484348A (ja) * 1990-07-27 1992-03-17 Nec Corp Romデータ保護方式
US5754762A (en) * 1997-01-13 1998-05-19 Kuo; Chih-Cheng Secure multiple application IC card using interrupt instruction issued by operating system or application program to control operation flag that determines the operational mode of bi-modal CPU
DE19804784A1 (de) * 1998-02-06 1999-08-12 Philips Patentverwaltung Chipkarte mit integrierter Schaltung
DE19834486A1 (de) * 1998-07-31 2000-02-03 Philips Corp Intellectual Pty Verfahren und Datenverarbeitungsanordnung zum gesicherten Ausführen von Befehlen

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See references of WO0197010A2 *

Also Published As

Publication number Publication date
JP2004503860A (ja) 2004-02-05
WO2001097010A2 (fr) 2001-12-20
WO2001097010A3 (fr) 2002-03-21

Similar Documents

Publication Publication Date Title
JP4172745B2 (ja) プロセッサによる命令シーケンスの実行を監視する方法および監視装置
US9767271B2 (en) System and method for validating program execution at run-time
US10509568B2 (en) Efficient secure boot carried out in information processing apparatus
US7849315B2 (en) Method for managing operability of on-chip debug capability
US6952778B1 (en) Protecting access to microcontroller memory blocks
US7516902B2 (en) Protection of a microcontroller
US7496738B2 (en) Method of automatic control of the execution of a program by a microprocessor
US7392404B2 (en) Enhancing data integrity and security in a processor-based system
CN108885663A (zh) 用于使处理器抵御瞬时故障攻击的自适应系统和程序
US10223117B2 (en) Execution flow protection in microcontrollers
CN102968392A (zh) 防止存储器转储的微处理器
EP1295200A2 (fr) Procede et dispositif de traitement de donnees servant a proteger l'execution d'instructions
US7451485B2 (en) Information processing unit having tamper-resistant system
US7447916B2 (en) Blocking of the operation of an integrated circuit
EP3454216A1 (fr) Procédé pour protéger l'accès non autorisé aux données dans une mémoire
EP1465038B1 (fr) Dispositif de mémoire sécurisée pour des environnements logiciel flexibles
KR100300794B1 (ko) 칩카드에정보를입력하는방법
CN108629185B (zh) 服务器可信平台度量控制系统及其运行方法
US20130268934A1 (en) Dynamic method for controlling the integrity of the execution of an executable code
CN112100686B (zh) 一种基于arm指针验证的内核代码指针完整性保护方法
US20060265578A1 (en) Detection of a sequencing error in the execution of a program
EP3667533A1 (fr) Procédé de sécurisation d'un système en cas de perte d'alimentation indésirable
WO2007020758A1 (fr) Lsi pour carte ci
US11847203B2 (en) Method, system and device for managing an execution of a program relating to part or all of a first application
JP7247638B2 (ja) 電子情報記憶媒体、icカード、改竄チェック方法、及びプログラム

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

17P Request for examination filed

Effective date: 20030113

AK Designated contracting states

Kind code of ref document: A2

Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LI LU MC NL PT SE TR

Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LI LU MC NL PT SE TR

RAP1 Party data changed (applicant data changed or rights of an application transferred)

Owner name: NXP B.V.

17Q First examination report despatched

Effective date: 20080201

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN

18D Application deemed to be withdrawn

Effective date: 20090620