EP2449497A1 - Procede de detection d'une tentative d'attaque, support d'enregistrement et processeur de securite pour ce procede - Google Patents

Procede de detection d'une tentative d'attaque, support d'enregistrement et processeur de securite pour ce procede

Info

Publication number
EP2449497A1
EP2449497A1 EP10731487A EP10731487A EP2449497A1 EP 2449497 A1 EP2449497 A1 EP 2449497A1 EP 10731487 A EP10731487 A EP 10731487A EP 10731487 A EP10731487 A EP 10731487A EP 2449497 A1 EP2449497 A1 EP 2449497A1
Authority
EP
European Patent Office
Prior art keywords
attack
processor
concomitance
events
value
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
EP10731487A
Other languages
German (de)
English (en)
French (fr)
Inventor
Emmanuel Barau
Olivier Granet
Patrick Socquet
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Viaccess SAS
Original Assignee
Viaccess SAS
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Viaccess SAS filed Critical Viaccess SAS
Publication of EP2449497A1 publication Critical patent/EP2449497A1/fr
Withdrawn legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/554Detecting local intrusion or implementing counter-measures involving event detection and direct action
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information

Definitions

  • the invention relates to a method for detecting an attempt to attack a security processor by the security processor itself.
  • the invention also relates to an information recording medium and a security processor for the implementation of this method.
  • Security processors are, generally, hardware components containing confidential information such as cryptographic keys or access rights that only legitimate users can use. To preserve the confidentiality of this information, they are designed to be as robust as possible against attack attempts by hackers.
  • a security processor is a smart card equipped with an electronic processor.
  • Security processors are subject to different types of attack. Some of these attacks are aimed at extracting or determining the confidential information contained in the security processor. For this purpose, a multitude of attacks have been developed. For example, some of these attacks seek abnormal operation of the security processor by processing messages built by hackers. Other more invasive methods seek to disrupt the operation of the security processor at key moments in its operation by changing its supply voltage or using a laser beam directed to the security processor.
  • Card sharing is to decipher by the same security processor several encrypted control words from different receivers. As before, all these receivers can then descramble the scrambled multimedia content while only one of these receivers is entitled to access the content.
  • the countermeasure is an action that aims to prevent the attack against the security processor from lasting or can not be fruitful.
  • the difficulty is that events representative of an attempted attack may also occur in the absence of an attempted attack.
  • it is necessary to avoid producing false detections of attempted attack because they can result in the untimely execution of countermeasures which then impede the legitimate user of the security processor.
  • the predetermined threshold a value much higher than all the measurements that can be obtained in the absence of attack.
  • the choice of a high predetermined threshold makes some attacks undetectable or slows the detection of an attack attempt.
  • the invention aims to remedy this problem by proposing a method of detecting an attack attempt also comprising:
  • the above method takes into account the temporal proximity between different events occurring in the security processor. This makes it possible to detect an attack attempt more quickly or to detect an attack attempt that could not be detected by observing the measurement of a single event. Indeed, taken individually, the measurement of each of these events may not be quickly representative of an attack attempt since these events occur during normal operation of the security processor. On the other hand, when these events occur almost concomitantly when normally they must occur independently of each other, this indicates, with a high degree of confidence, that an attempted attack takes place. The above method therefore allows the security processor to detect quickly and with a high degree of confidence that it is the victim of an attempted attack. The execution of the appropriate countermeasures can then be triggered more quickly.
  • the value of the attack indicator is constructed from several indices of concomitance between different measured events and weighting the importance of these concomitance indices with respect to one another by means of a predetermined game weighting coefficients;
  • the method comprises constructing a plurality of attack indicator values by using a plurality of different sets of weighting coefficients between the same concomitance indices, each set of weighting coefficients being predetermined to be more sensitive to a different attack attempt. those to which the other indicators are more sensitive;
  • the weighting coefficient of the same concomitance index is the same in all the sets of weighting coefficients used to construct the different values of attack indicators
  • the measurement of an event is limited to a sliding time window so as not to take into account events that occurred outside this time window, to establish that the events are concomitant in the measurement of this time window ;
  • At least one of the events measured is the detection of a security processor operating error, each occurrence of which causes the security processor to stop the current processes and automatically reset itself to resume these processes from the beginning;
  • weighting coefficients between the concomitance indices makes it possible to simply modify the sensitivity of the attack indicator constructed to a particular type of attack by modifying the value of these weighting coefficients.
  • the use of several different sets of weighting coefficients makes it possible, from the same set of concomitance indices, to construct several attack indicators each dedicated to detecting a different attack attempt,
  • the invention also relates to an information recording medium comprising instructions for executing the above method, when these instructions are executed by an electronic computer.
  • the invention also relates to a security processor comprising:
  • FIG. 1 is a schematic illustration of a scrambled multimedia content transmission system comprising a security processor
  • FIG. 2 is a schematic illustration of a matrix of weighting coefficients used by the security processor of the system of FIG. 1,
  • FIG. 3 is a schematic illustration of an alarm threshold table used by the security processor of FIG. 1
  • FIG. 4 is a flowchart of a method for detecting an attempt to attack the security processor of the system of FIG. 1.
  • Figure 1 shows a pay system broadcast content multimedia.
  • system 2 is a system for broadcasting multiple scrambled TV channels. The descrambling of each of these television channels or group of television channels is conditioned to the payment of a subscription by subscribers.
  • the terms "scramble” / "encrypt” and “unscramble” / “decipher” are considered synonymous.
  • the system 2 comprises at least one transmitter 4 scrambled multimedia content and a multitude of receivers able to descramble the multimedia content broadcast by the transmitter 4. To simplify Figure 1, only a receiver 6 has been shown. For example, the other receptors are identical to the receiver 6.
  • the receiver 6 is connected to the transmitter 4 via a network 8 long distance information transmission.
  • the network 8 may be a wireless telecommunications network or a wired network such as the Internet.
  • the transmitter 4 broadcasts multiplexed multimedia content with ECM (Entitlement Control Message) and EMM (Entitlement Management Message).
  • ECM Entitlement Control Message
  • EMM Entitlement Management Message
  • Each ECM message comprises at least one CW * cryptogram of a CW control word for descrambling the scrambled multimedia content.
  • the receiver 6 comprises a decoder 10 and a security processor 12 removably connected to the decoder 10.
  • the decoder 10 comprises a receiver 14 of the data transmitted by the transmitter 4 connected to a demultiplexer 16.
  • the demultiplexer 16 demultiplexes the received data and transmits the scrambled multimedia content to a descrambler 18 and ECM or EMM messages to the processor. security 12.
  • the processor 12 receives the cryptogram CW * and decrypts the cryptogram to return the CW control word in clear to the descrambler 18. This decryption is only authorized if the access titles contained in the ECM message correspond to access rights stored in the security processor 12.
  • the processor 12 is the processor of a smart card.
  • the descrambler 18 descrambles the scrambled multimedia content using the CW control word decrypted by the security processor 12.
  • the multimedia content descrambled is then, for example, displayed in clear on a screen 20 so that the displayed multimedia content is directly perceptible and comprehensible to the user.
  • the processor 12 comprises an electronic computer 24 connected to sensors 26, 27 and a set 30 of registers.
  • the sensor 26 comprises a voltage transducer capable of converting the supply voltage of the processor 12 into a digital data item that can be used by the computer 24.
  • the sensor 27 comprises a light transducer capable of converting photons of a laser beam directed on the processor 12 into digital data that can be used by the computer 24.
  • the assembly 30 comprises eleven registers referenced Co to C10.
  • Each of the registers Ci to C10 is intended to contain a measurement of an event that can be triggered by an attempt to attack the processor 12.
  • the measured events can also occur in the absence of an attempted attack. However, in the absence of attempted attacks these measured events occur independently of one another. Thus, it is likely that in the absence of an attempted attack, the measured events occur concomitantly. Concomitantly, it is meant that they occur during the same time window.
  • a time window is associated with each measured event. This time window can have a finite duration or, on the contrary, infinite. In the case of a finite duration, this means that the events that occur outside this time window are not taken into account in the measurement of this event.
  • a time window of finite duration is a sliding time window.
  • This sliding time window has a finite duration that is shifted as time passes to take into account only the most recent events for the measurement of this event.
  • An infinite duration means that all events are taken into account for the measurement since the measurement of this event was triggered.
  • the measurement of an event consists in counting the number of times this event has occurred during the time window associated with this event.
  • each of the registers contains a representative number of the number occurrences of the same event. Therefore, in the rest of this description, the registers Ci are called counters Cj.
  • measured events There is a large number of measurable events. Typically, measured events fall into one of the following categories:
  • the operating errors may be errors in the execution of the code of the operating system of the processor 12, the measurement by the sensors 26 or 27 of an abnormal situation, the discovery of an integrity error on processed data, ... etc.
  • the processes in progress are interrupted and the processor 12 resets automatically.
  • the counter Ci contains the number of times a command to consult the data of the processor 12 has been received. Indeed, a certain number of data contained in the processor 12 are freely available. For example, there are commands to consult the identification number of the processor 12 or the access rights stored in the processor 12. The receipt of a consultation command is therefore a normal event as long as it is occasional. On the other hand, enumeration of a large number of data look-up commands of the processor 12 over a short time interval can be caused by an attack attempt.
  • the counter C2 indicates the presence of unusual rights registered in the processor 12.
  • An unusual right is a right that the operator of the system 2 normally does not use. For example, most operators never enter a security entitlement for security processors longer than one year. Therefore, a right entered in the processor 12 whose validity is greater than one year, for example a right of infinite validity, is an unusual right even if this possibility is technically provided. Similarly, normally, the operator never enters a right allowing access and decryption of all multimedia contents in the security processors. Under these conditions, the registration of a right authorizing access to all these multimedia contents in the processor 12 is considered as an unusual right. Registration of a right Unusual in the processor 12 may come from an operator error but may also be representative of an attack attempt.
  • the counter C3 counts the number of messages received by the processor 12 which have no functional utility for the processor.
  • a message without any functional utility can be:
  • a message deleting non-existent data for example: access code, (7) in the processor, or
  • the counter C 4 counts the number of syntax errors in the messages transmitted to the processor 12, that is to say typically in the ECM and EMM messages transmitted to this processor. Indeed, the syntax or structure of ECM and EMM messages respects a predetermined grammar.
  • the processor 12 can therefore detect these syntax errors and count them in the counter C 4 . Syntax errors can be caused by an operator error but also during an attack attempt.
  • the counter C5 is a counter of replayed commands whereas they should not normally be replayed several times.
  • the replay of an order consists of sending the same command several times to the security processor.
  • the command may be a message for updating certain data stored in the processor 12.
  • a replay of a message may be detected by the processor 12 by recording the date of the last update message.
  • the counter Ce counts the number of integrity errors detected in the messages received by the processor 12.
  • the messages received by the processor 12 contain data and a cryptographic redundancy of these data, which which allows the processor 12 to verify that there is no error in the received data.
  • the redundancy on the data can be obtained by integrating in the message received a signature or a CRC ("Cyclic Redundancy Check") data contained in this message. Errors in the data contained in the message can be caused by disturbances during their transport in the network 8 or in the decoder 10. However, erroneous data are also used during an attack attempt.
  • the counter C 7 counts the number of integrity errors on data contained in the processor 12.
  • a certain number of data recorded in the processor 12 are associated with a cryptographic redundancy for verifying the integrity of the respective recorded data. Again, it may happen accidentally, for example following electromagnetic disturbances, that a data stored in the processor 12 is erroneous. However, the presence of erroneous data recorded in the processor 12 may also be representative of an attack attempt.
  • the counter Cs counts the number of traps during the execution of the operating system code of the processor 12.
  • a trap is an unwanted or erroneous jump of an instruction of the code executed by the processor 12 to another instruction. These traps in code execution can be detected by executing the same instructions twice on the same data. If the two executions of the code do not give the same result, it signals a diversion. Unintentional jumps of instructions in the code executed by the processor 12 can be caused by playing on the supply voltage of the processor 12 or by directing a laser beam towards this processor 12.
  • the counter Cg count the number of times the data recovery procedure following a tear of the processor 12 is executed.
  • the breakout of the processor 12 consists in removing, during operation, the processor 12 of the decoder 10 so that the power of the processor 12 is interrupted during data processing.
  • the data recovery procedure makes it possible to restore, after such a power failure, the processor 12 in the state in which it was before this power failure.
  • the processor 12 may be accidentally torn from the decoder 10. However, untimely power cuts to the processor 12 are also frequently used during an attack attempt to prevent the processor 12 from executing countermeasures.
  • the counter C10 counts the number of times an abnormal supply voltage is measured by the cumulative sensor 26 to the number of times a laser beam is detected by the sensor 27.
  • abnormal voltages and the presence of a laser beam are typical of an attempt to attack the processor 12.
  • these sensors 26 and 27 can also detect an abnormal voltage or the presence of a laser beam accidentally following, for example, electromagnetic disturbances caused by a device near the processor 12 and this even in the absence of attempted attack.
  • the powering on of the decoder 12 may result in the detection of an abnormal voltage by the sensor 26.
  • the counter Co is distinguished from the previous counters since it counts an event that occurs only during normal operation of the processor 12 and can not be caused by an attack attempt.
  • the event counted by the counter Co is the number of ECM and EMM messages correctly processed by the processor 12.
  • the value of this counter Co is used to limit the time memory of some of the previous counters to a sliding time window of finite duration.
  • the value of the counter Co is subtracted from the value of the counter Ci, where i> 0, and only the difference between these two counters, brought to zero if it is negative, is used in the calculation of a concomitance index as described below.
  • the computer 24 is connected to a memory 32 containing the various data and instructions necessary for the operation of the processor 12.
  • the memory 32 comprises:
  • a matrix 36 of weighting coefficients and a table 38 of alert thresholds is shown.
  • matrix 36 An example of matrix 36 is shown in more detail in FIG. 2.
  • This matrix 36 contains as many columns as event counters that can be triggered by an attack attempt.
  • the matrix 36 is thus a matrix with ten columns each associated with a counter Ci.
  • the matrix 36 also contains nine lines associated, respectively, with the counters C2 to C10.
  • each concomitance index is constructed in such a way that its value is all the higher when a large number of events measured by the counters Ci and Cj + 1, respectively, occurred near the same instant.
  • each concurrency index QC j + i corresponds to the product of the values of the counters Ci and Cj + 1 at the same instant.
  • the alert threshold table 38 illustrated in FIG. 3 comprises a first column containing four warning thresholds Si at S 4 . Each alert threshold is a numeric value and these alert thresholds are ranked in ascending order from top to bottom in table 38.
  • the table 38 also contains a second column associating with each threshold If one or more countermeasures noted CMi. Countermeasures are actions performed by the security processor 12 which aim to make it more difficult to extract or determine the data contained in the processor 12 or the misuse of this processor 12.
  • the countermeasures CMi associated with the threshold Si are less severe and less disabling for the processor user than those associated with the upper alert threshold Si + i.
  • the higher the alert threshold If crossed, the higher the countermeasures CMi executed in response are severe.
  • the countermeasures CMi consist in adding redundancy to the conditional branches of the code to be executed by the processor 12. For example, this redundancy is obtained by executing the conditional connection several times and checking that at each execution the result obtained is the same.
  • the countermeasure CMi consists in adding in addition to the redundancy on the verification operations of the integrity of the processed data. For example, the integrity of the data is checked several times whereas if the threshold Si is not crossed, it is checked only once. It also consists of verifying the integrity of data whose integrity is not verified if the threshold Si is not crossed.
  • the countermeasures CM 2 consist, for example, in adding restrictions on the possibilities of chaining instructions of the code executed by the processor 12. This can be obtained by forcing the processor 12 to execute a complete block of instructions without allowing interruption between the execution of the instructions of this block.
  • the countermeasure CM 2 also consists in deleting certain previously authorized functions of the processor 12 when the threshold S 2 has not been crossed. For example, adding new services such as adding a new operator or subscription is prohibited. Access to the administrative functions of the processor 12 can also be prohibited if the threshold S 2 is crossed.
  • the countermeasures CM3 consist in modifying the weighting coefficients present in the matrix 36 so that the upper threshold, that is to say S 4 , is easily and rapidly reached when events are measures.
  • the sensitivity of the processor 12 to the detection of an attack attempt is increased.
  • CM 3 countermeasures also include the systematic and duplicate verification of the integrity of each message received.
  • Countermeasures CM 3 can also consist of strengthening the controls of the flow of execution. This may include running twice each portion of the executable code by the processor 12 and compare at the end of these two executions that the results obtained are the same. In case of discrepancy between the results obtained, the counter Ce is incremented.
  • the countermeasures CM 4 consist in permanently invalidating the processor 12 so that it is permanently unusable. For example, for this purpose, the confidential information contained in the processor 12 is erased.
  • the processor 12 In parallel with the normal operation of the processor 12, it also performs a method of detecting an attack attempt. For this purpose, during a step 50, it measures the events likely to be caused by an attempted attack. Here, this measure consists of counting in the counters C 1 the corresponding event.
  • the processor 12 builds three attack indicators, respectively, h, I 2 and I 3 .
  • the indicator h is designed to be more sensitive to laser disturbance attack attempts than the indicators I 2 and I 3 .
  • a laser disruption attack is to direct a laser beam on the security processor to cause instruction jumps in the code executed by that processor at key moments in its execution. Key moments typically correspond to conditional branching.
  • rrij j is the weighting coefficient whose value is contained in matrix 36.
  • the indicator I 2 is designed to be more sensitive than the other two to the logical attacks.
  • a logical attack is to look for a software flaw or an implementation error in the code executed by the processor 12 so as to obtain abnormal behavior of this processor. For example, the logical attack is to send a very large number of erroneous messages to the processor 12 all different from each other until one of these messages causes abnormal behavior of the processor 12.
  • the value of the indicator I 2 is constructed using the following relation:
  • I 2 mi, 2 CiC 3 + mi, 3 CiC 4 + m 3 , 3 C 3 C 4
  • the indicator I 3 is designed to be more sensitive to differential power analysis (DPA) attempts.
  • DPA differential power analysis
  • a DPA is to send a large number of messages to the processor 12 to cause a large number of executions of the cryptographic algorithms on a large number of data different and to measure, in parallel, the current consumption of the processor 12. Then, by a statistical analysis on the data collected, it is possible to discover what are the values of the keys or confidential data stored in the processor 12.
  • the indicator I 3 is constructed using the following relation:
  • I3 ( 114.4C 4 Cs + m4.5C4C6 + ( 115.5CsCe.
  • the value of these indicators is compared to the different alert thresholds recorded in the table 38 to detect an attempt to attack.
  • the transmitter 4 transmits, for example by means of an EMM or ECM message, new values for the weighting coefficients. Then, during a step 62, the processor 12 receives this message and updates the values of the weighting coefficients contained in the matrix 36.
  • the updating of the weighting coefficients makes it possible to easily modify the sensitivity of an indicator to a particular attack attempt.
  • the processor 12 may comprise several different matrices of weighting coefficients. Each of these matrices can be used to calculate a respective attack indicator. This then makes it possible to assign to each concomitance index a different weighting coefficient as a function of the attack indicator constructed.
  • the use of multiple weighting matrixes can also be useful for modifying the weighting matrix used when a new alert threshold is crossed.
  • a single attack indicator can be constructed instead of several.
  • alert thresholds associated with a particular attack indicator are therefore not necessarily the same as the alert thresholds associated with another attack indicator.
  • the table 38 can also be replaced by a single alert threshold associated with countermeasures.
  • One of the counters O can simply count the existence of an event without counting the number of occurrences of this event.
  • the value of this counter is codable using a single information bit.
  • the value of this existence counter can be associated with a time window of infinite or finite duration.
  • the processor 12 may also include a temperature sensor.
  • the concomitance index is not limited to the product of two measurements. For example, it may also be a product of more than two measurements. However, increasing the number of measurements multiplied between them also increases the size of the matrix of weighting coefficients.
  • countermeasures may be executed in response to crossing an alert threshold by one of the attack indicators.
  • other countermeasures may consist of modifying the cryptographic algorithm executed by the processor 12.
  • a countermeasure may also consist of using or measuring new events to construct an attack indicator that was previously not not measured. For example, in response to crossing an alert threshold, the events measured by one of the sensors 26 or 27 can be counted whereas previously they were not.
  • the computer 24 may be formed of one or more processors. For example, it may be formed of a processor with which a coprocessor is associated. The detection method can then be executed by both the processor and the co-processor.
  • the measurement has been described here in the particular case where it is a question of counting the number of occurrences of an event.
  • the measurement can also consist in recording in one of the registers the value of an event such as for example a value measured by one of the sensors 26 or 27.
  • the value of the counters can also be decremented instead of being incremented as previously described.
  • the architecture of the receiver 6 is here only illustrative of a particular situation.
  • the descrambler 18 can also be removable.
  • the descrambler and the security processor can be implemented without any degree of freedom in the decoder.
  • the descrambler and the security processor may be in the form of a software component.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Mathematical Physics (AREA)
  • Storage Device Security (AREA)
  • Maintenance And Management Of Digital Transmission (AREA)
  • Debugging And Monitoring (AREA)
EP10731487A 2009-06-29 2010-06-23 Procede de detection d'une tentative d'attaque, support d'enregistrement et processeur de securite pour ce procede Withdrawn EP2449497A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
FR0954431A FR2947361B1 (fr) 2009-06-29 2009-06-29 Procede de detection d'une tentative d'attaque, support d'enregistrement et processeur de securite pour ce procede
PCT/EP2010/058949 WO2011000756A1 (fr) 2009-06-29 2010-06-23 Procede de detection d'une tentative d'attaque, support d'enregistrement et processeur de securite pour ce procede

Publications (1)

Publication Number Publication Date
EP2449497A1 true EP2449497A1 (fr) 2012-05-09

Family

ID=41508781

Family Applications (1)

Application Number Title Priority Date Filing Date
EP10731487A Withdrawn EP2449497A1 (fr) 2009-06-29 2010-06-23 Procede de detection d'une tentative d'attaque, support d'enregistrement et processeur de securite pour ce procede

Country Status (9)

Country Link
US (1) US9600667B2 (ru)
EP (1) EP2449497A1 (ru)
CN (1) CN102473209B (ru)
BR (1) BRPI1013816A2 (ru)
FR (1) FR2947361B1 (ru)
MX (1) MX2011013513A (ru)
RU (1) RU2568298C2 (ru)
TW (1) TWI512519B (ru)
WO (1) WO2011000756A1 (ru)

Families Citing this family (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9503785B2 (en) 2011-06-22 2016-11-22 Nagrastar, Llc Anti-splitter violation conditional key change
US9392319B2 (en) * 2013-03-15 2016-07-12 Nagrastar Llc Secure device profiling countermeasures
CN103678709B (zh) * 2013-12-30 2017-02-22 中国科学院自动化研究所 一种基于时序数据的推荐系统攻击检测方法
EP3270620A1 (en) * 2016-07-13 2018-01-17 Gemalto Sa Method and devices for managing a secure element
RU179302U1 (ru) * 2017-11-21 2018-05-07 Александра Владимировна Харжевская Устройство динамического контроля выполнения специальных вычислений
EP3663959B1 (en) * 2018-12-06 2021-08-11 Mastercard International Incorporated An integrated circuit, method and computer program
US11848941B2 (en) * 2020-09-02 2023-12-19 Nxp B.V. Collection of diagnostic information in a device
CN115775419A (zh) * 2021-09-06 2023-03-10 华为技术有限公司 防护方法、智能锁及计算机可读存储介质
US20240031391A1 (en) * 2022-07-22 2024-01-25 Semperis Technologies Inc. (US) Attack path monitoring and risk mitigation in identity systems

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20080209550A1 (en) * 2004-06-30 2008-08-28 St Incard S.R.L. Method For Detecting and Reacting Against Possible Attack to Security Enforcing Operation Performed by a Cryptographic Token or Card

Family Cites Families (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1126078C (zh) * 1994-04-18 2003-10-29 松下电器产业株式会社 防止非法复制或非法安装光记录媒体的信息的方法和装置
US5533123A (en) * 1994-06-28 1996-07-02 National Semiconductor Corporation Programmable distributed personal security
US6075884A (en) * 1996-03-29 2000-06-13 Sarnoff Corporation Method and apparatus for training a neural network to learn and use fidelity metric as a control mechanism
GB2365153A (en) * 2000-01-28 2002-02-13 Simon William Moore Microprocessor resistant to power analysis with an alarm state
EP1447976B1 (en) 2003-02-12 2019-06-19 Irdeto B.V. Method of controlling descrambling of a plurality of program transport streams, receiver system and portable secure device
US7681235B2 (en) * 2003-05-19 2010-03-16 Radware Ltd. Dynamic network protection
EP1575293A1 (en) 2004-03-11 2005-09-14 Canal+ Technologies Dynamic smart card management
US8190731B2 (en) * 2004-06-15 2012-05-29 Alcatel Lucent Network statistics processing device
JP4899442B2 (ja) * 2005-11-21 2012-03-21 ソニー株式会社 情報処理装置、情報記録媒体製造装置、情報記録媒体、および方法、並びにコンピュータ・プログラム
FR2907930B1 (fr) 2006-10-27 2009-02-13 Viaccess Sa Procede de detection d'une utilisation anormale d'un processeur de securite.

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20080209550A1 (en) * 2004-06-30 2008-08-28 St Incard S.R.L. Method For Detecting and Reacting Against Possible Attack to Security Enforcing Operation Performed by a Cryptographic Token or Card

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See also references of WO2011000756A1 *

Also Published As

Publication number Publication date
US20120096547A1 (en) 2012-04-19
MX2011013513A (es) 2012-04-20
RU2012102988A (ru) 2013-08-20
BRPI1013816A2 (pt) 2016-04-12
TWI512519B (zh) 2015-12-11
FR2947361A1 (fr) 2010-12-31
RU2568298C2 (ru) 2015-11-20
WO2011000756A1 (fr) 2011-01-06
CN102473209B (zh) 2016-04-13
TW201101090A (en) 2011-01-01
US9600667B2 (en) 2017-03-21
FR2947361B1 (fr) 2011-08-26
CN102473209A (zh) 2012-05-23

Similar Documents

Publication Publication Date Title
WO2011000756A1 (fr) Procede de detection d'une tentative d'attaque, support d'enregistrement et processeur de securite pour ce procede
US9646140B2 (en) Method and apparatus for protecting online content by detecting noncompliant access patterns
EP1900211A1 (fr) Methode et dispositif de controle d'acces a des donnees chiffrees
EP2357783A1 (fr) Procédé de détection d'un fonctionnement potentiellement suspect d'un dispositif électronique et dispositif électronique correspondant.
FR2983597A1 (fr) Procede de detection d'une erreur de lecture d'une donnee
CN102209266A (zh) 跟踪安全模块的未授权使用
EP1353511B1 (fr) Procédé de gestion de droits d'accès à des services de télévision
CN102890756A (zh) 媒体内容备生成方法和装置,媒体内容播放方法和装置
EP1773055B1 (fr) Méthode de vérification de droits contenus dans un module de sécurité
EP3031000B1 (fr) Procede de fourniture d'une licence dans un systeme de fourniture de contenus multimedias
EP3008905B1 (fr) Procede d'identification de terminal dans un systeme de fourniture de contenus multimedia
EP3380983B1 (fr) Procédé d'identification de processeurs de sécurité
WO2007006758A1 (fr) Procede de detection d'erreurs lors de l'initialisation d'un appareil electronique et appareil implementant le procede
EP2098073B1 (fr) Procédé de gestion du nombre de visualisations, processeur de securité et terminal pour ce procédé
WO2012055829A1 (fr) Procede de reception d'un contenu multimedia embrouille a l'aide de mots de controle et captcha
US8452009B2 (en) Control message processing method
EP2304944A1 (fr) Procédé de protection de données de sécurité transmises par un dispositif émetteur à un dispositif récepteur.
EP2356608B1 (fr) Procede et dispositif de diagnostic de la premiere reception d'un identifiant, procede de detection, support d'enregistrement et programme d'ordinateur pour ce procede
EP1584190B1 (fr) Procede et systeme pour garantir l'integrite d'au moins un logiciel transmis a un module de chiffrement/dechiffrement et supports d'enregistrement pour mettre en oeuvre le procede
WO2017103526A1 (fr) Procede d'elaboration d'un mot challenge, dispositif electronique, peripherique de consigne et systeme mettant en oeuvre ledit procede
EP2172896A1 (fr) Méthode de gestion d'une valeur dans un dispositif à prépaiement
WO2009083371A1 (fr) Procede de securisation d'un branchement conditionnel, support d'informations, programme, systeme securise et processeur de securite pour ce procede
WO2010004162A1 (fr) Procede et systeme tracables de diffusion de donnees numeriques
FR3000353A1 (fr) Systeme, appareils et methodes pour l'indexation et la detection de programmes audiovisuels
EP2517452A1 (fr) Procédé de mise à jour d'un processeur de sécurité, système, programme d'ordinateur et processeur de sécurité correspondants

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

17P Request for examination filed

Effective date: 20111213

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO SE SI SK SM TR

DAX Request for extension of the european patent (deleted)
17Q First examination report despatched

Effective date: 20170616

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION HAS BEEN WITHDRAWN

18W Application withdrawn

Effective date: 20190410