KR20130072182A - Device for securing an electronic document - Google Patents

Device for securing an electronic document Download PDF

Info

Publication number
KR20130072182A
KR20130072182A KR1020120151196A KR20120151196A KR20130072182A KR 20130072182 A KR20130072182 A KR 20130072182A KR 1020120151196 A KR1020120151196 A KR 1020120151196A KR 20120151196 A KR20120151196 A KR 20120151196A KR 20130072182 A KR20130072182 A KR 20130072182A
Authority
KR
South Korea
Prior art keywords
passive element
component
current
triggering
electrical current
Prior art date
Application number
KR1020120151196A
Other languages
Korean (ko)
Other versions
KR102044034B1 (en
Inventor
크리스토페 지라우드
니콜라스 모린
Original Assignee
오베르뛰르 테크놀로지스
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 오베르뛰르 테크놀로지스 filed Critical 오베르뛰르 테크놀로지스
Publication of KR20130072182A publication Critical patent/KR20130072182A/en
Application granted granted Critical
Publication of KR102044034B1 publication Critical patent/KR102044034B1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06KGRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
    • G06K19/00Record carriers for use with machines and with at least a part designed to carry digital markings
    • G06K19/06Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code
    • G06K19/067Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards also with resonating or responding marks without active components
    • G06K19/07Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards also with resonating or responding marks without active components with integrated circuit chips
    • G06K19/077Constructional details, e.g. mounting of circuits in the carrier
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/86Secure or tamper-resistant housings
    • GPHYSICS
    • G01MEASURING; TESTING
    • G01RMEASURING ELECTRIC VARIABLES; MEASURING MAGNETIC VARIABLES
    • G01R19/00Arrangements for measuring currents or voltages or for indicating presence or sign thereof
    • G01R19/165Indicating that current or voltage is either above or below a predetermined value or within or outside a predetermined range of values
    • GPHYSICS
    • G01MEASURING; TESTING
    • G01RMEASURING ELECTRIC VARIABLES; MEASURING MAGNETIC VARIABLES
    • G01R29/00Arrangements for measuring or indicating electric quantities not covered by groups G01R19/00 - G01R27/00
    • G01R29/12Measuring electrostatic fields or voltage-potential
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • G06F21/77Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in smart cards
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/86Secure or tamper-resistant housings
    • G06F21/87Secure or tamper-resistant housings by means of encapsulation, e.g. for integrated circuits
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06KGRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
    • G06K19/00Record carriers for use with machines and with at least a part designed to carry digital markings
    • G06K19/06Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code
    • G06K19/067Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards also with resonating or responding marks without active components
    • G06K19/07Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards also with resonating or responding marks without active components with integrated circuit chips
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06KGRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
    • G06K19/00Record carriers for use with machines and with at least a part designed to carry digital markings
    • G06K19/06Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code
    • G06K19/067Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards also with resonating or responding marks without active components
    • G06K19/07Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards also with resonating or responding marks without active components with integrated circuit chips
    • G06K19/073Special arrangements for circuits, e.g. for protecting identification code in memory
    • G06K19/07309Means for preventing undesired reading or writing from or onto record carriers
    • G06K19/07363Means for preventing undesired reading or writing from or onto record carriers by preventing analysis of the circuit, e.g. dynamic or static power analysis or current analysis
    • HELECTRICITY
    • H01ELECTRIC ELEMENTS
    • H01LSEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
    • H01L23/00Details of semiconductor or other solid state devices
    • H01L23/52Arrangements for conducting electric current within the device in operation from one component to another, i.e. interconnections, e.g. wires, lead frames
    • H01L23/522Arrangements for conducting electric current within the device in operation from one component to another, i.e. interconnections, e.g. wires, lead frames including external interconnections consisting of a multilayer structure of conductive and insulating layers inseparably formed on the semiconductor body
    • H01L23/5227Inductive arrangements or effects of, or between, wiring layers
    • HELECTRICITY
    • H01ELECTRIC ELEMENTS
    • H01LSEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
    • H01L23/00Details of semiconductor or other solid state devices
    • H01L23/552Protection against radiation, e.g. light or electromagnetic waves
    • HELECTRICITY
    • H01ELECTRIC ELEMENTS
    • H01LSEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
    • H01L23/00Details of semiconductor or other solid state devices
    • H01L23/57Protection from inspection, reverse engineering or tampering
    • H01L23/573Protection from inspection, reverse engineering or tampering using passive means
    • HELECTRICITY
    • H01ELECTRIC ELEMENTS
    • H01LSEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
    • H01L2223/00Details relating to semiconductor or other solid state devices covered by the group H01L23/00
    • H01L2223/58Structural electrical arrangements for semiconductor devices not otherwise provided for
    • H01L2223/64Impedance arrangements
    • H01L2223/66High-frequency adaptations
    • H01L2223/6661High-frequency adaptations for passive devices
    • H01L2223/6677High-frequency adaptations for passive devices for antenna, e.g. antenna included within housing of semiconductor device
    • HELECTRICITY
    • H01ELECTRIC ELEMENTS
    • H01LSEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
    • H01L2224/00Indexing scheme for arrangements for connecting or disconnecting semiconductor or solid-state bodies and methods related thereto as covered by H01L24/00
    • H01L2224/01Means for bonding being attached to, or being formed on, the surface to be connected, e.g. chip-to-package, die-attach, "first-level" interconnects; Manufacturing methods related thereto
    • H01L2224/42Wire connectors; Manufacturing methods related thereto
    • H01L2224/47Structure, shape, material or disposition of the wire connectors after the connecting process
    • H01L2224/48Structure, shape, material or disposition of the wire connectors after the connecting process of an individual wire connector
    • H01L2224/481Disposition
    • H01L2224/48151Connecting between a semiconductor or solid-state body and an item not being a semiconductor or solid-state body, e.g. chip-to-substrate, chip-to-passive
    • H01L2224/48221Connecting between a semiconductor or solid-state body and an item not being a semiconductor or solid-state body, e.g. chip-to-substrate, chip-to-passive the body and the item being stacked
    • H01L2224/48225Connecting between a semiconductor or solid-state body and an item not being a semiconductor or solid-state body, e.g. chip-to-substrate, chip-to-passive the body and the item being stacked the item being non-metallic, e.g. insulating substrate with or without metallisation
    • H01L2224/48227Connecting between a semiconductor or solid-state body and an item not being a semiconductor or solid-state body, e.g. chip-to-substrate, chip-to-passive the body and the item being stacked the item being non-metallic, e.g. insulating substrate with or without metallisation connecting the wire to a bond pad of the item
    • HELECTRICITY
    • H01ELECTRIC ELEMENTS
    • H01LSEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
    • H01L2224/00Indexing scheme for arrangements for connecting or disconnecting semiconductor or solid-state bodies and methods related thereto as covered by H01L24/00
    • H01L2224/01Means for bonding being attached to, or being formed on, the surface to be connected, e.g. chip-to-package, die-attach, "first-level" interconnects; Manufacturing methods related thereto
    • H01L2224/42Wire connectors; Manufacturing methods related thereto
    • H01L2224/47Structure, shape, material or disposition of the wire connectors after the connecting process
    • H01L2224/48Structure, shape, material or disposition of the wire connectors after the connecting process of an individual wire connector
    • H01L2224/481Disposition
    • H01L2224/48151Connecting between a semiconductor or solid-state body and an item not being a semiconductor or solid-state body, e.g. chip-to-substrate, chip-to-passive
    • H01L2224/48221Connecting between a semiconductor or solid-state body and an item not being a semiconductor or solid-state body, e.g. chip-to-substrate, chip-to-passive the body and the item being stacked
    • H01L2224/48225Connecting between a semiconductor or solid-state body and an item not being a semiconductor or solid-state body, e.g. chip-to-substrate, chip-to-passive the body and the item being stacked the item being non-metallic, e.g. insulating substrate with or without metallisation
    • H01L2224/48237Connecting between a semiconductor or solid-state body and an item not being a semiconductor or solid-state body, e.g. chip-to-substrate, chip-to-passive the body and the item being stacked the item being non-metallic, e.g. insulating substrate with or without metallisation connecting the wire to a die pad of the item
    • HELECTRICITY
    • H01ELECTRIC ELEMENTS
    • H01LSEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
    • H01L2224/00Indexing scheme for arrangements for connecting or disconnecting semiconductor or solid-state bodies and methods related thereto as covered by H01L24/00
    • H01L2224/73Means for bonding being of different types provided for in two or more of groups H01L2224/10, H01L2224/18, H01L2224/26, H01L2224/34, H01L2224/42, H01L2224/50, H01L2224/63, H01L2224/71
    • H01L2224/732Location after the connecting process
    • H01L2224/73251Location after the connecting process on different surfaces
    • H01L2224/73265Layer and wire connectors
    • HELECTRICITY
    • H01ELECTRIC ELEMENTS
    • H01LSEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
    • H01L24/00Arrangements for connecting or disconnecting semiconductor or solid-state bodies; Methods or apparatus related thereto
    • H01L24/01Means for bonding being attached to, or being formed on, the surface to be connected, e.g. chip-to-package, die-attach, "first-level" interconnects; Manufacturing methods related thereto
    • H01L24/42Wire connectors; Manufacturing methods related thereto
    • H01L24/47Structure, shape, material or disposition of the wire connectors after the connecting process
    • H01L24/48Structure, shape, material or disposition of the wire connectors after the connecting process of an individual wire connector
    • HELECTRICITY
    • H01ELECTRIC ELEMENTS
    • H01LSEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
    • H01L2924/00Indexing scheme for arrangements or methods for connecting or disconnecting semiconductor or solid-state bodies as covered by H01L24/00
    • H01L2924/0001Technical content checked by a classifier
    • H01L2924/00014Technical content checked by a classifier the subject-matter covered by the group, the symbol of which is combined with the symbol of this group, being disclosed without further technical details
    • HELECTRICITY
    • H01ELECTRIC ELEMENTS
    • H01LSEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
    • H01L2924/00Indexing scheme for arrangements or methods for connecting or disconnecting semiconductor or solid-state bodies as covered by H01L24/00
    • H01L2924/10Details of semiconductor or other solid state devices to be connected
    • H01L2924/102Material of the semiconductor or solid state bodies
    • H01L2924/1025Semiconducting materials
    • H01L2924/10251Elemental semiconductors, i.e. Group IV
    • H01L2924/10253Silicon [Si]
    • HELECTRICITY
    • H01ELECTRIC ELEMENTS
    • H01LSEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
    • H01L2924/00Indexing scheme for arrangements or methods for connecting or disconnecting semiconductor or solid-state bodies as covered by H01L24/00
    • H01L2924/10Details of semiconductor or other solid state devices to be connected
    • H01L2924/11Device type
    • H01L2924/14Integrated circuits
    • HELECTRICITY
    • H01ELECTRIC ELEMENTS
    • H01LSEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
    • H01L2924/00Indexing scheme for arrangements or methods for connecting or disconnecting semiconductor or solid-state bodies as covered by H01L24/00
    • H01L2924/19Details of hybrid assemblies other than the semiconductor or other solid state devices to be connected
    • H01L2924/191Disposition
    • H01L2924/19101Disposition of discrete passive components
    • H01L2924/19107Disposition of discrete passive components off-chip wires
    • HELECTRICITY
    • H01ELECTRIC ELEMENTS
    • H01LSEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
    • H01L2924/00Indexing scheme for arrangements or methods for connecting or disconnecting semiconductor or solid-state bodies as covered by H01L24/00
    • H01L2924/30Technical effects
    • H01L2924/301Electrical effects
    • H01L2924/3025Electromagnetic shielding

Abstract

PURPOSE: An apparatus for protecting an electronic document is provided to protect a card from electromagnetic fault attack (EMFA), without detecting the attack. CONSTITUTION: A passive element (40) generates a current in a place where there is electric field or magnetic field. If the intensity of the current exceeds a determined threshold, a triggering unit (50) triggers protective action to the detection of the current. The passive element is differently calibrated in order to detect a different type of a different kind of electric field or magnetic field. The passive element is arranged on a layer of an active part of a component. The triggering unit includes a fuse arranged in serial with the passive element.

Description

전자 문서를 보호하기 위한 장치{DEVICE FOR SECURING AN ELECTRONIC DOCUMENT}DEVICE FOR SECURING AN ELECTRONIC DOCUMENT}

본 발명은 전자 콤포넌트(electronic components)를 보호(secure)하는 분야에 관한 것이다.The present invention relates to the field of securing electronic components.

오류 주입에 의한 공격(attacks by fault injection)이 특히 알려져 있다. 이 공격은, 다루어 지고 있는 변수들(variables)의 값(value) 또는 실행 중의 코드(code)를 변형(modify)하는 콤포넌트(component)를 물리적으로 교란(perturb)하는 것을 포함한다.Attacks by fault injection are particularly known. This attack involves physically perturbing a component that modifies the value of the variables being handled or the code in execution.

대응하는 오류 출력(erroneous output)은 공격자(attacker)가 콤포넌트 안에 저장(stored)된 비밀 정보(information on secrets)를 얻는 것을 허용(allow)해준다.The corresponding erroneous output allows the attacker to obtain information on secrets stored in the component.

콤포넌트를 교란하는 효과적인 수단은 광 소스(light source)를 사용하는 것이다. 예를 들어, 콤포넌트에 가해지는 충격(impact on the component)의 효과에 대한 레이저(laser)는 오류를 생성하기 위해 실리콘(silicon) 안에 로컬 광전 전류(local photoelectric current)를 생산(create)하기 위한 것이다.An effective means of disturbing components is to use a light source. For example, the laser for the effect of the impact on the component is to create a local photoelectric current in silicon to create an error. .

광 교란을 이용한 공격(attacks by light perturbation)은 세미인베이시브 (semi-invasive)한 공격이다. 특히, 이 공격은 광선(light ray)이 콤포넌트에 충격을 가할 수 있도록 콤포넌트의 표면(surface)을 노광(expose)시킬 필요가 있는 공격이다.Attacks by light perturbation are semi-invasive attacks. In particular, this attack is an attack that needs to expose the surface of the component so that light ray can impact the component.

기술분야에서 통상의 지식을 가진 자(the person skilled in the art)는 콤포넌트의 제조(preparation)라는 표현(expression)으로 상기 동작(operation)을 알고 있다.The person skilled in the art knows the operation in terms of the preparation of the component.

콤포넌트 제조를 해야 하는 사실(fact)은 때때로(sometimes) 이러한 공격을 어렵게(difficult) 만든다. 예를 들어, 언패킹(unpacking)을 방지(prevent)하기 위한 대응조치(countermeasure) 또는 콤포넌트의 패키징(packaging)의 성질(nature)(세라믹 커버(ceramic cover)는 피접지(pierce)하기 어렵다) 때문이다.The fact of having to manufacture components sometimes makes this attack difficult. For example, because of countermeasures to prevent unpacking or the nature of the packaging of components (ceramic cover is difficult to pierce). to be.

임베디드 콤포넌트(embedded component)를 교란시키는 다른(another) 수단은 실리콘 근처(near)에 강한 자기 또는 전기 펄스(strong magnetic or electric pulse)를 방출(emit)시키는 것이다. 자기장 또는 전기장은 교란을 생성할 수 있는 집적회로(integrated circuit)의 금속 레이어(metal layer)의 레벨(level)에서 콤포넌트의 표면에 로컬 전류(local current)를 생성한다.Another means of disturbing an embedded component is to emit a strong magnetic or electric pulse near the silicon. Magnetic or electric fields generate local current at the surface of the component at the level of the metal layer of the integrated circuit that can create disturbances.

광 교란을 이용한 공격과 비교해보면, 이런 공격은 콤포넌트가 제조(prepared)될 필요(require)가 없는 EMFA(ElectroMagnetic Fault Attack)으로 알려져 있다.Compared to attacks using light disturbances, such attacks are known as ElectroMagnetic Fault Attacks (EMFAs), where the components do not need to be prepared.

예를 들어, 스마트 카드(smart card)의 경우, 카드 후면(behind the card)에 주입된(injected) 전자 교란(electromagnetic perturbation)은 카드를 통하여 콤포넌트를 쉽게 교란시킬 수 있다.For example, in the case of a smart card, electromagnetic perturbation injected at the back of the card can easily disturb the component through the card.

전자 오류 공격(Electromagnetic Fault Attack)를 나타내는 EMFA의 노테이션(notation)은 포괄적인 이름(generic name)으로서 자기 또는 전기 타입(magnetic or electric type)의 주입을 현실적으로(in reality) 포함한다.The notation of EMFA, which represents an Electromagnetic Fault Attack, includes the injection of magnetic or electric type as a generic name in reality.

자기 교란의 경우에 있어서, 교란시키는 프로브(perturbing probe)는 국부적으로 강력한 자기장(locally powerful magnetic field)을 보내는 작은 코일(coil)을 포함한다. 공격을 받은 콤포넌트의 메탈리제이션 라인(metallisation line)은 콤포넌트의 동작을 방해하는 유도된 전류(induced current)를 수신(receive)한다. 상기 프로브는 교란시키는 전류를 주입시키도록 인덕티브 커플링(inductive coupling)을 활용한다(utilises).In the case of magnetic disturbances, perturbing probes include small coils that send a locally powerful magnetic field. The metallisation line of the component under attack receives the induced current that hinders the operation of the component. The probe utilizes inductive coupling to inject a disturbing current.

전기 교란의 경우에 있어서, 교란시키는 프로브는 금속 포인트(metal point)(또는 작은 금속 면(small metal plane))가 될 수 있으며, 공격당하기 위하여(to be attacked) 콤포넌트의 접지와 관련(relative)되는 상당한 포텐셜(considerable potential)을 야기한다.In the case of electrical disturbances, the disturbing probe may be a metal point (or a small metal plane), which is relative to the ground of the component to be attacked. It causes a significant potential.

프로브에 의해 적용(applied)된 포텐셜은 전기장을 유도시키며, 이러한 베리에이션(variation)은 메탈리제이션 라인에 전류를 생산한다. 프로브는 인덕티브 커플링을 사용하여 교란시키는 전류를 주입한다.The potential applied by the probe induces an electric field, and this variation produces a current in the metallization line. The probe injects a disturbing current using inductive coupling.

본 발명은 EMFA 타입의 공격으로부터 콤포넌트를 보호하는 상이한(different) 솔루션(solution)을 제시(propose)한다.The present invention proposes a different solution that protects a component from an EMFA type of attack.

더 구체적으로, 제1 측에 따르면, 본 발명은,More specifically, according to the first side, the present invention,

전기장 또는 자기장이 있는 곳에서(in the presence of electric field or magnetic field) 전기적 전류(electric current)를 생성할 수 있는 적어도 하나의 패시브 엘리먼트(at least one passive element); 및At least one passive element capable of generating an electric current in the presence of electric field or magnetic field; And

후자(the latter)의 세기(intensity)가 미리 결정된 스레시홀드(threshold)를 초과할 때 상기 전류의 검출(detection)에 대한 모듈의 보호적 조치(protective measure)을 트리거링하는 수단(triggering means)Triggering means for triggering a module's protective measure on the detection of the current when the intensity of the latter exceeds a predetermined threshold.

을 포함하는 장치에 관련된다.It relates to a device comprising a.

이 장치는 EMFA(ElectroMagnetic Fault Attack) 교란(pertubation)을 검출(detect)할 수 있다.The device can detect Electromagnetic Fault Attack (EMFA) pertubation.

바람직한 실시예에 있어서, 본 발명의 이러한 제1 측에 사용된 패시브 엘리먼트는 전기 또는 자기 교란을 검출하도록 데디케이트(dedicate)되었다. 상기 엘리먼트는 장치(device)를 공급(supply)하는 것에는 참여(participate)하지 않는다. 상기 장치가 유용한 데이터(useful data)를 교환(exchange)할 때, 예를 들어 다른 장치와의 응답(resopnses) 또는 커맨드(command) 형태의 메시지(message)(예를 들어 스마트 카드), 본 발명의 패시브 엘리먼트는 이런 유용한 데이터의 통신(communication)에 참여하지 않으며 장치의 인터페이스(interface)와 구분(distinct)된다. 다시 말해서, 본 실시예의 패시브 엘리먼트는 장치의 입력/출력(inputs/outputs)과 구분된다.In a preferred embodiment, the passive element used on this first side of the present invention has been dedicated to detect electrical or magnetic disturbances. The element does not participate in supplying the device. When the device exchanges useful data, for example a message (e.g. a smart card) in the form of a response or a command with another device, of the invention Passive elements do not participate in the communication of this useful data and are distinct from the interface of the device. In other words, the passive elements of this embodiment are distinguished from the inputs / outputs of the device.

두 개의 주된 베리언트(main variant)가 가능(feasible)하다.Two main variants are feasible.

첫 번째 베리언트에 있어서, 본 발명에 따른 장치는, 서포트(support) 안에 배열(arranged)된 패시브 엘리먼트 또는 패시브 엘리먼트와 함께, 서포트(예를 들어, 섬네일(thumbnail))와 콤포넌트를 포함한다.In a first variant, the device according to the invention comprises a support (eg a thumbnail) and a component, together with a passive element or a passive element arranged in a support.

본 발명의 일실시예에 있어서, 서포트 안에 배열된 적어도 하나의 패시브 엘리먼트는 자기장이 있는 곳에서 전기적 전류를 생성할 수 있는 안테나(antenna)이다.In one embodiment of the invention, at least one passive element arranged in the support is an antenna capable of generating electrical current in the presence of a magnetic field.

알려진 바와 같이, 전기적 전류의 세기는 자기장의 세기와 실질적으로(substantially) 비례(proportional)한다.As is known, the strength of the electrical current is proportionally proportional to the strength of the magnetic field.

기술분야에서 통상의 지식을 가진 자는 안테나의 디자인(design)이 본 발명에서 검출될 수 있는 전파(wave)의 대역폭(bandwidth)의 폭(width)를 고정(fix)시킨다는 것을 알 수 있을 것이다.Those skilled in the art will appreciate that the design of the antenna fixes the width of the bandwidth of the wave that can be detected in the present invention.

본 발명의 구체적인 실시예에 있어서, 상기 안테나는 바람직하게 서포트의 전 표면(entire surface)에 걸쳐 네트워크(network)에 오거나이즈(organise)되어 있다. 각 안테나는 자기 센서(magnetic sensor)와 같이 작동(acting)한다.In a specific embodiment of the invention, the antenna is preferably organized in a network over the entire surface of the support. Each antenna acts like a magnetic sensor.

바람직하게(preferably), 네트워크의 안테나는 상이한 대역폭의 자기장의 검출을 가능(enable)하게 하는 상이한 특징(characteristic)을 가지고 있다.Preferably, the antennas of the network have different characteristics that enable detection of magnetic fields of different bandwidths.

다른 실시예에 있어서(in another embodiment), 서포트에 배열된 적어도 하나의 패시브 엘리먼트는 자기장이 있는 곳에서 전기적 전류를 생성할 수 있는 금속 면(metal plane)이다.In another embodiment, the at least one passive element arranged in the support is a metal plane capable of generating an electrical current in the presence of a magnetic field.

상기 실시예에 있어서, 금속 면은 교란시키는 소스와 함께 용량성 커플링(capacitive coupling)을 강조(accentuating)하여 전기장을 검출(retrieve)한다.In this embodiment, the metal face detects the electric field by accentuating capacitive coupling with a disturbing source.

이러한 안테나의 경우에, 금속 면을 통해 전해진(delivered) 전기적 전류의 세기는 전기장의 세기와 함께 증가(increase)한다. 더 정확하게(more precisely), 전류의 세기는 금속 면과 교란하는 프로브(전기장의 송신자(sender)) 사이에 존재(present)하는 포텐셜(potential)의 디리버티브(derivative)와 동일하다(equal). 면(plane)과 프로브 사이의 등가 용량(equivalent capacity)만큼 증가된다.In the case of such an antenna, the strength of the electrical current delivered through the metal plane increases with the strength of the electric field. More precisely, the strength of the current is equal to the potential of the potential to be present between the metal plane and the disturbing probe (sender of the electric field). The equivalent capacity between the plane and the probe is increased.

또한, 금속 면은 바람직하게 서포트의 전 표면에 걸쳐 네트워크에 배열될 수 있다, 각 금속 면은 전기 센서와 같이 작동한다.In addition, the metal faces can preferably be arranged in a network over the entire surface of the support, each metal face working like an electrical sensor.

네트워크의 금속 면은 전기장의 다른 타입을 검출하도록 디자인될 수 있다.The metal side of the network can be designed to detect other types of electric fields.

본 발명의 다른 베리언트에 있어서, 본 발명에 따른 장치는 콤퍼넌트이고, 패시브 엘리먼트 또는 패시브 엘리먼트(안테나 또는 금속 면)는 콤포넌트의 메탈리제이션 레이어(metallisation layer)에 배열된다.In another variant of the invention, the device according to the invention is a component, and the passive element or passive element (antenna or metal face) is arranged in the metallisation layer of the component.

상기 메탈리제이션 레이어는 바람직하게 액티브 부분(active part)의 보호 레이어(protective layer)의 아래(under)에 위치(located)해 있다. 알려진 바와 같이(in a known manner) 보호 레이어("보호 실드"(protection shield))은 보호 레이어가 변경될 때 콤포넌트가 작용(functioning)하지 않도록 방지하는 첫 번째 레이어(first layer)을 구성(constitute)한다.The metallization layer is preferably located under the protective layer of the active part. As in a known manner, a protection layer ("protection shield") constitutes a first layer that prevents the component from functioning when the protection layer is changed. do.

상기 실시예는 패시브 엘리먼트를 포함하는 레이어를 찾아 제거하기 위해 찾는 공격으로부터 유리하게(advantageously) 보호된다.This embodiment is advantageously protected from a seeking attack to find and remove a layer containing passive elements.

본 발명에 따르면, 본 발명에 따른 장치의 둘 모두(both)의 베리언트는 전기적 전류의 세기가 스레시홀드를 초과(exceed)할 때 대응조치를 트리거링하는 수단을 포함한다.According to the invention, both variants of the device according to the invention comprise means for triggering a countermeasure when the strength of the electrical current exceeds the threshold.

상기 스레시홀드는 전자 호환성 스탠다드(electromagnetic compatibility standards)(CEM)에 따라(in accordance with) 정의(define)될 수 있다.The threshold may be defined according to electromagnetic compatibility standards (CEM).

구체적인 실시예에 있어서, 대응조치를 트리거링하는 수단은 퓨즈(fuse)를 통과하는 전기적 전류의 세기가 상기 스레시홀드보다 클 때 용단(melt)되도록 디멘션(dimensioned)되고 상기 패시브 엘리먼트와 직렬(series)로 배치(placed)되는 퓨즈를 포함한다.In a specific embodiment, the means for triggering the countermeasure is dimensioned to melt when the strength of the electrical current through the fuse is greater than the threshold and in series with the passive element. A fuse placed in the furnace.

다른 실시예에 있어서, 대응조치를 트리거링하는 수단은 전압 스레시홀드를 가진 패시브 엘리먼트(passive elements with a voltage threshold)으로 생성된 전기적 전류와 첫 번째 비례하는 전압(first proportional voltage)을 비교하는 것을 포함한다.In another embodiment, the means for triggering the countermeasure comprises comparing the first proportional voltage with the electrical current generated by the passive elements with a voltage threshold. do.

구체적인 실시예에 있어서, 대응조치는 장치와 결합(incorporating)되는 마이크로회로 카드(microcircuit card)와 인터페이스 시그널(interface signal)를 부착(adhering)하는 것을 포함한다.In a specific embodiment, the countermeasure includes adhering an interface signal with a microcircuit card incorporating with the device.

본 발명은 스탠다드 ISO7816(standard ISO7816)에 따른 인터페이스 시그널을 부착하는데 특별히(in particular for) 적용(applies)된다. 예로 장치가 스마트 카드 안으로(into) 결합(incorporated)될 때 리이니셜리제이션 시그널(reinitialisation signal), 입력/출력 시그널 또는 클럭 시그널(clock signal)을 들 수 있다.The invention applies in particular for attaching interface signals according to standard ISO7816. For example, when the device is incorporated into a smart card, it may be a reinitialization signal, an input / output signal, or a clock signal.

또한, 본 발명은 앞서 언급한 바와 같이 장치를 포함하는 마이크로회로 카드를 스페시파이(specifies)한다.In addition, the present invention specifies a microcircuit card comprising the device as mentioned above.

일실시예에 있어서, 상기 장치는 집적회로이다.In one embodiment, the device is an integrated circuit.

상기 집적회로는 텔레폰(telephone) 안에 사용되도록 디자인될 수 있다. 집적회로는 특히 모바일 텔레폰 네트워크(mobile telephone network)의 가입자(subscriber)의 식별 회로(identification circuit)가 될 수 있다. 예를 들어, 장치는 SIM 카드이다.The integrated circuit can be designed for use in a telephone. The integrated circuit may in particular be an identification circuit of a subscriber of a mobile telephone network. For example, the device is a SIM card.

베리언트로서, 상기 장치는 아이덴티티 도큐먼트(identity document) 또는 은행카드(bankcard) 안에 배열된다.As a variant, the device is arranged in an identity document or bankcard.

예를 들어, 상기 장치는 공통 기준(common criteria) 또는 FIPS 스탠다드(FIPS standard)를 컴플라이(complies)한다.For example, the device complies with common criteria or FIPS standards.

제2 측에 따르면, 장치와 관련된 본 발명은 콤포넌트와 서포트를 포함하고, 액티브 부분은 장치의 커넥팅 핀과 전기적으로 커넥트되는 커넥팅 핀을 포함하고, 장치는 서포트 위에 레스팅하는 금속 면을 포함하는 특징을 가지고 있고, 케이지(cage)는 장치의 커넥팅 핀과 콤포넌트를 커버(cover)하고 있다.According to a second aspect, the invention relates to a device comprising a component and a support, the active portion comprising a connecting pin electrically connected with the connecting pin of the device, the device comprising a metal face resting on the support. The cage covers the connecting pins and components of the device.

본 발명의 제2 측은 이러한 공격(such attack)을 검출하지 않고 EMFA 공격으로부터 카드를 보호하는 것을 목표로 한다(aim).The second side of the present invention aims to protect the card from the EMFA attack without detecting such an attack.

금속 월(metal wall)은 콤포넌트 측(sides of component)을 보호한다.Metal walls protect the sides of the component.

본 발명의 이러한 측은 이러한 측이 공격자를 EMFA 공격을 가하기(inflict) 위해 카드를 제조하도록 오블리주(obliges)하기 때문에 매우 흥미롭다(interesting). 예를 들어, 통상적으로(typically) 액티브 부분보다 상방(above)에, 월에 홀(hole)을 파내는(hollowing out) 공격이 있다.This side of the present invention is very interesting because this side obliges the attacker to manufacture a card to inflict an EMFA attack. For example, there is an attack hollowing out the wall above the typically active portion.

구체적인 실시예에 있어서, 상기 금속 케이지(metal cage)는 장치의 커넥팅 핀(connecting pins)과 콤포넌트를 내포하는 적어도 하나의 측면 벽(at least one lateral wall)을 포함하고, 상기 측면 벽의 에지(edge)는 서포트에 레스팅(resting)하며, 월(wall)은 측면 벽의 커버를 형성한다.In a specific embodiment, the metal cage comprises at least one lateral wall containing the connecting pins of the device and the component, and an edge of the side wall. ) Rests on the support, and the wall forms a cover of the side wall.

구체적인 실시예에 있어서, 콤포넌트는 서포트에 고정되어 있으며, 장치의 커넥팅 핀은 서포트 위에(on the support) 직접(directly) 배열되어 있다.In a specific embodiment, the component is secured to the support and the connecting pins of the device are arranged directly on the support.

다른 구체적인 실시예에 있어서, 금속 케이지는 폐쇄적인 엔클로저(closed enclosure)를 구성하고 외부 월(external wall)은 서포트에 고정되어 있으며, 상기 콤포넌트와 모듈(module)의 커넥팅 핀은 상기 엔클로저의 내부(interior)에 고정되어 있다. 엔클로저는 커넥팅 와이어(connecting wires)가 통과하여 지나갈 수 있을 정도로 작은 홀을 포함한다.In another specific embodiment, the metal cage constitutes a closed enclosure and an external wall is secured to the support, and connecting pins of the component and the module are internal to the enclosure. It is fixed to). The enclosure contains holes that are small enough for the connecting wires to pass through.

상기 실시예는 콤포넌트를 공격하기 위해 서포트를 제거(removing)하는 것을 성공(succeed)한 공격자로부터 스스로(itself)를 보호한다.This embodiment protects it from an attacker who has succeeded in removing the support to attack the component.

구체적인 실시예에 있어서, 접지(earth)에 커넥트(connecting)하기 위한(intended to be connected) 액티브 부분의 커넥팅 핀은 케이지에 커넥트 된다. 케이지 자체는 장치의 접지 핀(earth pin)과 커넥트되어 진다.In a specific embodiment, the connecting pins of the active portion for connecting to earth are connected to the cage. The cage itself is connected to the earth pin of the device.

상기 실시예는 본 발명의 제2 측의 보안을 보강(reinforce)한다.This embodiment reinforces the security of the second side of the invention.

또한, 본 발명은 본 발명의 제1 측에 따른 카운터어택(counterattack)과 검출하기 위한 수단과 본 발명의 제2 측에 따른 공격으로부터 보호 수단을 포함하는 장치를 스페시파이한다.The present invention also speculates a device comprising a counterattack according to the first side of the invention and means for detecting and a means for protection against attack according to the second side of the invention.

본 발명의 다른 모드(modes) 및 이점은, 특징을 제한하지 않고, 본 발명의 구체적인 실시예의 설명으로부터 드러날 것이다.
도 1 및 2는 본 발명의 제1 측에 따른 2개의 장치를 도시한다.
도 3 내지 6은 도 1 및 2의 장치의 보호적 조치(protective measure)를 트리거(trigger)하기 위한 수단을 설명한다.
도 7A 내지 도 7C는 본 발명의 제2 측에 따른 장치를 도시한다.Other modes and advantages of the present invention will appear from the description of specific embodiments of the present invention without limiting its features.
1 and 2 show two devices according to the first side of the invention.
3 to 6 illustrate means for triggering a protective measure of the apparatus of FIGS. 1 and 2.
7A-7C show an apparatus according to a second side of the invention.

도 1은 본 발명의 제2 측에 따른 장치(10)를 도시한다.1 shows an apparatus 10 according to a second side of the invention.

상기 장치(10)는 콤포넌트(14)와 서포트(12)를 포함하며, 패시브 엘리먼트(40)는 전기장 또는 자기장이 존재하는 곳에서 전기적 전류를 생성할 수 있으며, 서포트(12)에 배열된다.The device 10 comprises a component 14 and a support 12, the passive element 40 being capable of generating an electrical current in the presence of an electric or magnetic field and arranged in the support 12.

상기 패시브 엘리먼트(40)는 전기장이 존재하는 곳에서 전기적 전류를 생성할 수 있는 금속 판 또는 자기장이 존재하는 곳에서 전기적 전류를 생성할 수 있는 안테나를 포함할 수 있다.The passive element 40 may include a metal plate capable of generating an electrical current in the presence of an electric field or an antenna capable of generating an electrical current in the presence of a magnetic field.

여기서 설명된 실시예에 있어서, 서포트는 동시에 전기장과 자기장을 검출할 수 있도록 금속 판과 안테나 둘 모두를 포함한다.In the embodiment described herein, the support includes both a metal plate and an antenna to detect electric and magnetic fields at the same time.

도 2는 본 발명의 제1 측에 따른 다른 장비(10)를 도시한다.2 shows another equipment 10 according to the first side of the invention.

상기 실시예에 있어서, 장치(10)은 콤포넌트이며, 패시브 엘리먼트(40)은 콤포넌트의 메탈리제이션 레이어(15b)에 배열되어 있다. 예를 들어, 콤퍼넌트는 집적회로이고 레이어(15b)는 하나 또는 다수의 포토리소그래피 스텝(photolithography steps)에 의한 제조공정(manufacture) 동안 얻어진(obtained) 집적회로의 레이어이다.In this embodiment, the device 10 is a component and the passive element 40 is arranged in the metallization layer 15b of the component. For example, the component is an integrated circuit and layer 15b is a layer of an integrated circuit obtained during manufacturing by one or more photolithography steps.

도면에서(in the figure), 레이어(15b)가 보호 레이어(15a) 아래에 배치되는 패시브 엘리먼트를 포함하는 것은 분명하다.In the figure, it is clear that the layer 15b includes a passive element disposed under the protective layer 15a.

예시의 방법에 의해서만(by way of example only), 도면은 한 개(또는 다수)의 펑크셔널 메탈리제이션 레이어(functional metallisation layers)과 실리콘의 레이어(반도체 엘리먼트(semiconductor elements)(트랜지스터, 다이오드...)이 표면에 위치하고 있는)를 구성하는 레이어(15c)를 설명한다.By way of example only, the figure shows one (or more) functional metallisation layers and a layer of silicon (semiconductor elements (transistors, diodes). Next, the layer 15c constituting the surface) is described.

본 발명의 제1 측에 따라, 장치(10)은 패시브 엘리먼트가 미리 결정된 스레시홀드를 초과하여 전류가 생성될 때 보호적 조치를 트리거링하는 수단을 포함한다.According to the first side of the invention, the apparatus 10 comprises means for triggering a protective action when the passive element is generated with a current exceeding a predetermined threshold.

도 3은 첫 번째 어렌지먼트(first arrangement)를 도시하며, 안테나에 의해 보내지는 전류는 퓨즈를 직접 지나가며, 안테나와 직렬로 배치되는 퓨즈(55)는 안테나(40)와 커넥트된다.3 shows a first arrangement in which the current sent by the antenna passes directly through the fuse and a fuse 55 in series with the antenna is connected to the antenna 40.

안테나가 아웃사이드(outside)에서부터 비롯(originating)되는 전자 교란 또는 콤포넌트 자체로부터 비롯하는 전자 발산(electromagnetic emanations)을 검출할 때 상기 퓨즈는 용단되지 않도록 디멘션된다.When the antenna detects electromagnetic disturbances originating from the outside or electromagnetic emanations originating from the component itself, the fuses are dimensioned so as not to blow.

퓨즈는 CEM 스탠다드 보다 더 적은 진폭의 자기장에 의해 유도된 전류로 인하여 용단되지 않아야 한다.Fuses should not blow due to currents induced by magnetic fields of less amplitude than the CEM standard.

반대로, 퓨즈(55)는, MFA 공격과 밀접하고, 안테나가 강한 교란을 감지(sense)했을 때 용단될 수 있게 디멘션 되야 한다. 장치를 위한 스레시홀드 세트(threshold set)는 퓨즈의 특성과 링크(linked)되어 있다.In contrast, the fuse 55 should be dimensioned so that it is close to the MFA attack and blown when the antenna senses a strong disturbance. The threshold set for the device is linked to the nature of the fuse.

도 3의 실시예에 있어서, 노멀 모드(normal mode)에서, 즉, 퓨즈(55)가 용단되지 않을 때, 안테나(40)는 저항 R2를 단락(short-circuit)시키고, 안테나로부터 비롯되는 전류에서 베리에이션이 유일하게 저항 R2에 도달(reach)한다. 콤포넌트의 전자기파(electromagnetic waves) 또는 자기장의 아웃사이드에서 비롯되는 이러한 베리에이션은 저항 R2의 터미널(terminals)에 전압을 유도하며, 이 전압은 트랜지스터 M의 스레시홀드 전압을 초과하지 않게 약하여 오류 검출의 경우를 대비해 SIG 시그널이 부착(adhered)되는 것을 교란시키지 않고 후자가 차단(blocked)된 상태로 유지(remain)된다. In the embodiment of FIG. 3, in normal mode, ie when fuse 55 is not blown, antenna 40 short-circuit resistor R2 and at a current drawn from the antenna. Variation uniquely reaches resistor R2. This variation, originating from the electromagnetic waves of the component or the outside of the magnetic field, induces a voltage at the terminals of resistor R2, which is weak enough not to exceed the threshold voltage of transistor M so that in case of error detection In contrast, the latter remains blocked without disturbing the adhering of the SIG signal.

만약 스레시홀드보다 큰 전류가 안테나(40)에 의해 방출된다면, 외부 필드(outer field)는 CEM 특징(CEM characteristics)을 초과하는 것으로 여겨(consider)지고 이런 현상이 MFA 공격이다. 정확하게(correctly) 디멘션된 퓨즈(55)는 용단된다. If a current larger than the threshold is emitted by the antenna 40, the outer field is considered to exceed the CEM characteristics and this is an MFA attack. The correctly dimensioned fuse 55 is blown out.

이러한 현상(this)은 비정상 모드(abnormal mode)를 이니시에이트(initiates)한다. 저항 R1과 R2는 분압기 브리지(voltage-divider bridge)를 형성(form)하고 트랜지스터 M으로 보내진(sent) 전압은 VCC x R2 / (R1 + R2)와 동일하다.This initiates an abnormal mode. Resistors R1 and R2 form a voltage-divider bridge and the voltage sent to transistor M is equal to VCC x R2 / (R1 + R2).

R1은 트랜지스터 M의 스레시홀드 전압보다 분압기 브리지의 출력 전압이 더 크게 하기 위해 디멘션 되어야 한다.R1 must be dimensioned to make the output voltage of the voltage divider bridge larger than the threshold voltage of transistor M.

트랜지스터 M이 동작하고 있으므로, R2는 폐쇄적인 인터럽터(closed interrupter)을 형성하고 트랜지스터 M의 수단(means of the transistor M)을 통해 SIG 시그널은 접지에 부착된다.Since transistor M is operating, R2 forms a closed interrupter and the SIG signal is attached to ground through the means of the transistor M.

도 4는 패시브 엘리먼트가 금속 면인 실시예를 도시한다.4 shows an embodiment in which the passive element is a metal face.

상기 실시예에 있어서, 노멀 모드에서, 즉, 퓨즈(55)가 용단되지 않았을 때, 면(40) - 퓨즈(55) 어셈블리(assembly)는 트랜지스터 M의 컨트롤 전압(control voltage)에 닐 U 전압(nil U voltage)를 임포즈(imposing)시켜 그리드(grid)와 트랜지스터 NMOS M의 소스를 단락시킨다. 트랜지스터 M은 차단된 상태로 유지되고 SIG 시그널이 부착되도록 하는 작동을 하지 않는다.In this embodiment, in normal mode, ie when the fuse 55 is not blown, the face 40-fuse 55 assembly is connected to the control voltage of transistor M to the Neil U voltage ( Imposing a nil U voltage shorts the grid and the source of transistor NMOS M. Transistor M remains blocked and does not operate to allow the SIG signal to attach.

만약 전기장이 면에 인가(applied)되면, 용량성 커플링은 퓨즈를 경유(via)하여 통과하고 접지로 가기 위한 최소의 저항성 경로(least resistive path)를 바로우(borrows)하는 전기장을 생산한다. 만약 상기 전류가 극 강하지(too strong) 않는다면, EFA 공격의 검출에 대응하고(corresponding), 퓨즈(55)는 용단된다. 전압 U는 저항 R1을 경유하여 VCC 포텐셜을 드로운(drawn)한다. 트랜지스터 M은 스위치 온(switches on)되며 시그널 SIG을 0V에 부착시킨다.If an electric field is applied to the surface, the capacitive coupling produces an electric field that directly passes through the fuse and bores the least resistive path to ground. If the current is too strong, it corresponds to the detection of an EFA attack and fuse 55 is blown. Voltage U draws the VCC potential via resistor R1. Transistor M is switched on and attaches signal SIG to 0V.

도 5는 다른 집적회로에 배치(put in place)될 수 있는 보호적 시스템(protective system)을 설명한다.5 illustrates a protective system that can be put in place in another integrated circuit.

실시예에 있어서, 리액션 시스템(reaction system) 퓨즈의 사이즈(size of fuse)에 기반(based)하지 않고 전압 레벨에 기반한다.In an embodiment, the reaction system is not based on the size of the fuse but based on the voltage level.

두 번째 실시예는 실행(execute)되기 용이하다(easier).The second embodiment is easy to execute.

센서(40)은 안테나와 대응한다. 센서는 센서의 전류를 직접 저항 R에게 릴리즈(releases)한다. 상기 저항R은 옴의 법칙(Ohm law)에 따라서, 패시브 엘리먼트에 의해 생성된 전류에 비례하는 전압 U으로 전류를 변환(convert)시킨다.Sensor 40 corresponds to the antenna. The sensor releases the sensor's current directly to the resistor R. The resistor R converts the current to a voltage U proportional to the current generated by the passive element, in accordance with Ohm's law.

전압 U는 전압 디퍼렌셜 콤퍼레이터(voltage differential comparator)(60)의 파지티브 터미널(positive terminal)로 인가된다.The voltage U is applied to the positive terminal of the voltage differential comparator 60.

스레시홀드 전압 TS는, 예를 들어, 상기 콤퍼레이터의 네거티브 터미널(negative terminal)에 인가되는 디바이더 브리지(divider bridge)에 의해 생성된다.The threshold voltage TS is generated by a divider bridge applied to, for example, a negative terminal of the comparator.

만약 전압 U가 상기 스레시홀드를 초과하지 않는다면, 콤퍼레이터(60)의 출력은 "0"과 동일하게 유지된다. 후자는 비동기 RS 플립플롭(asynchronous RS flip-flop)의 SET 입력(SET input)에 직접 커넥트되고 DET 검출(DET detection)은 "0"에 지속(stay)한다.If the voltage U does not exceed the threshold, the output of the comparator 60 remains equal to " 0 ". The latter is directly connected to the SET input of an asynchronous RS flip-flop and the DET detection stays at " 0 ".

만약 전압 U가 스레시홀드를 초과한다면, 콤퍼레이터(60)의 출력은 오버슈트에 걸쳐(throughout the overshoot) "1"로 전환(goes)된다. 이로 인해 RS 플립플롭의 SET 입력에 '1' 스텔스 로직(stealth logic)를 배치하는 것이 충분(enough)하고, 따라서 1 스테이트(1 state)에서 DET 출력을 차단할 수 있다.If the voltage U exceeds the threshold, the output of the comparator 60 goes through " 1 " through the overshoot. This is enough to place a '1' stealth logic at the SET input of the RS flip-flop, thus blocking the DET output in one state.

상기 "1"에 배치된 비트(bit)는 그 다음에(then) 콤포넌트에 대한 인게이지 세이프티 액션(engage safety action)에 사용될 수 있다.A bit placed at " 1 " may then be used for engagement safety actions on the component.

콤포넌트가 기동(start up)될 때 DET 시그널이 0에 있는 것을 보장(ensure)하고 뜻밖의 세이프티 액션(unforeseen safety actions)을 막기(avoid) 위하여, 인터페이스 ISO7816(RS 플립플롭의 RESET 입력에 커넥팅된)의 RESET 시그널(RESET signal)의 부가(addition)은 콤포넌트가 리이니셜리제이션 될 때마다 DET 시그널을 0으로 포스(force)시킨다.Interface ISO7816 (connected to the RESET input of the RS flip-flop) to ensure that the DET signal is at zero when the component is started up and to avoid unexpected safety safety actions. The addition of a RESET signal forces the DET signal to zero each time the component is reinitialized.

도 6의 실시예에 있어서, 패시브 엘리먼트(40)는 금속 면이다. 도 5의 경우와 같이, 금속 면(40)에서 엑시트(exits)하는 전류는 저항 R을 통과하고 콤퍼레이터(60) 도달하기 전에(before the comparator) 전압 U를 임포즈(impose)한다. 이러한 검출 방법(detection method)는 집적회로에서 구현하기 단순하다(simple to implement). 검출 스레시홀드는, 특히 실행하기 단순하고, 분압기 브리지로 조절(regulated)된다. In the embodiment of FIG. 6, the passive element 40 is a metal surface. As in the case of FIG. 5, the current exiting the metal plane 40 imposes a voltage U through the resistor R and before the comparator. This detection method is simple to implement in an integrated circuit. The detection threshold is particularly simple to implement and is regulated with a voltage divider bridge.

도 7A 내지 7C는 MFA 공격으로부터 콤포넌트(10)를 보호하는 것을 목표로 하는 본 발명의 제2 측을 설명한다.7A-7C illustrate a second side of the present invention that aims to protect component 10 from MFA attacks.

실시예에 있어서, 장치(10)은 서포트(12)와 콤포넌트(14)을 포함하며, 액티브 부분은 장치(10)의 커넥팅 핀(17)과 전기적으로(electrically) 커넥팅된 커넥팅 핀(16)을 포함한다.In an embodiment, the device 10 includes a support 12 and a component 14, the active portion of which connects the connecting pin 16 electrically connected with the connecting pin 17 of the device 10. Include.

장치(10)은 장치가 콤포넌트(14)와 커넥팅 핀(17)을 커버(cover)하고 있고, 서포트 안에 레스트(rests on the support)하는 금속 케이지(30)를 포함하고 있다는 면에서 우수(remarkable)하다.The device 10 is remarkable in that the device covers the component 14 and the connecting pin 17 and includes a metal cage 30 that rests on the support in the support. Do.

도 7A의 모드에 있어서, 금속 케이지(30)은 콤포넌트를 엔클로즈(enclose)하고 있는 4개의 측면 벽(31)과 모듈(module)의 커넥팅 핀을 포함하고 있고, 상기 측면 벽의 에지는 서포트(12) 위에 레스팅하며, 월(32)은 커버를 형성한다.In the mode of FIG. 7A, the metal cage 30 comprises four side walls 31 enclosing the component and connecting pins of the module, the edges of the side walls being the support ( 12) rests on, and the wall 32 forms a cover.

물론, 하나의 측면 벽(31)을 갖는 실시예도 가능하다(예를 들어, 원형의 크로스섹션(circular cross-section)).Of course, embodiments with one side wall 31 are also possible (eg circular cross-section).

도 7B의 실시예에 있어서, 고도로 유리하게(highly advantageously), 접지에 커넥팅되어야 하는 커넥팅 핀(16a) 케이지(30)과 직접 커넥트된다. 케이지 자체는 장치의 접지 핀(earth pin)(17a)에 커넥트된다.In the embodiment of FIG. 7B, it is highly advantageously connected directly to the cage 30 of the connecting pin 16a which should be connected to ground. The cage itself is connected to the earth pin 17a of the device.

도 7C의 실시예에 있어서, 케이지(30)은 폐쇄적인 엔클로저가 된다. 상기 엔클로저의 월(33)은 서포트에 고정되며, 콤포넌트(14)와 모듈의 커넥팅 핀은 엔클로저의 내면(inside)에 고정된다.In the embodiment of FIG. 7C, the cage 30 is a closed enclosure. The wall 33 of the enclosure is fixed to the support, and the connecting pins of the component 14 and the module are fixed to the inside of the enclosure.

또한, 본 발명은, 도 7A 내지 7C에서 표시된 것과 같이 엔클로저에 의해 보호되고, 도 1 내지 도 6에서 레퍼런스(reference)로 설명한 것처럼 공격을 카운터랙트(counteracting)하고 검출할 수 있는 장치인, 본 발명의 제1 측과 제2 측의 실시예를 구체화한다(specify).
In addition, the present invention is a device protected by an enclosure as indicated in FIGS. 7A to 7C and capable of counteracting and detecting attacks as described by reference in FIGS. 1 to 6. Embodiments of the first and second sides of are specified.

Claims (12)

장치(10)에 있어서,
전기장 또는 자기장이 있는 곳에서 전기적 전류를 생성할 수 있는 적어도 하나의 패시브 엘리먼트(40); 및
후자(the latter)의 세기가 미리 결정된 스레시홀드를 초과할 때 상기 전류의 검출에 대한 보호적 조치를 트리거링하는 트리거링 수단(50)
을 포함하는 장치(10).In the device 10,
At least one passive element 40 capable of generating an electrical current in the presence of an electric or magnetic field; And
Triggering means 50 for triggering a protective measure against the detection of the current when the intensity of the latter exceeds a predetermined threshold
(10). 제1항에 있어서,
상기 패시브 엘리먼트의 네트워크를 포함하는 장치(10).The method of claim 1,
Apparatus (10) comprising a network of passive elements. 제2항에 있어서,
상기 네트워크의 패시브 엘리먼트는 다른 유형의 전기장 또는 자기장의 상이한 타입을 검출하기 위하여 다르게 캘리브레이트(calibrate)되는 장치(10).The method of claim 2,
Passive elements of the network are calibrated differently to detect different types of electric or magnetic fields of different types. 제1항 내지 제3항 중 어느 한 항에 있어서,
서포트(12) 및 콤포넌트(14)를 포함하고,
상기 적어도 하나의 패시브 엘리먼트(40)는 상기 서포트(12)에 배열되는 장치(10).4. The method according to any one of claims 1 to 3,
Including a support 12 and a component 14,
The at least one passive element (40) is arranged in the support (12). 제1항 내지 제3항 중 어느 한 항에 있어서,
콤포넌트(14)에 의해 구성되고, 상기 적어도 하나의 패시브 엘리먼트(40)는 상기 콤포넌트의 액티브 부분의 레어어(15b)에 배열되는 장치(10).4. The method according to any one of claims 1 to 3,
An apparatus (10) configured by a component (14), wherein the at least one passive element (40) is arranged in a rare (15b) of an active portion of the component. 제5항에 있어서,
상기 패시브 엘리먼트는 상기 액티브 부분의 보호 레이어(15a) 아래에 위치하는 레이어(15b)에 배치되는 장치(10).The method of claim 5,
The passive element is arranged in a layer (15b) located below the protective layer (15a) of the active portion. 제1항 내지 제6항 중 어느 한 항에 있어서,
상기 패시브 엘리먼트(40)는 자기장이 있는 곳에서 상기 전기적 전류를 생성할 수 있는 안테나인 것을 특징으로 하는 장치(10).7. The method according to any one of claims 1 to 6,
And the passive element (40) is an antenna capable of generating the electrical current in the presence of a magnetic field. 제1항 내지 제7항 중 어느 한 항에 있어서,
상기 패시브 엘리먼트(40)는 전기장이 있는 곳에서 상기 전기적 전류를 생성할 수 있는 금속 판인 것을 특징으로 하는 장치(10).8. The method according to any one of claims 1 to 7,
The passive element (40) is characterized in that the device is a metal plate capable of generating the electrical current in the presence of an electric field. 제1항 내지 제8항 중 어느 한 항에 있어서,
대응조치(countermeasure)를 트리거링하는 트리거링 수단(50)은 퓨즈(55)를 통과하는 전기적 전류의 세기가 상기 스레시홀드보다 클 때 용단되도록 디멘션되고 상기 패시브 엘리먼트(40)와 직렬로 배치되는 퓨즈를 포함하는 장치(10).The method according to any one of claims 1 to 8,
The triggering means 50 for triggering a countermeasure is fused to fuse when the intensity of the electrical current passing through the fuse 55 is greater than the threshold and arranged in series with the passive element 40. Including device 10. 제1항 내지 제8항 중 어느 한 항에 있어서,
상기 대응조치를 트리거링하는 트리거링 수단(50)은 전압 스레시홀드와 상기 전류에 비례하는 첫 번째 전압(first voltage)을 비교하는 수단(60)을 포함하는 장치(10).The method according to any one of claims 1 to 8,
The triggering means (50) for triggering the corresponding action comprises means (60) for comparing a voltage threshold with a first voltage proportional to the current. 제1항 내지 제10항 중 어느 한 항에 있어서,
상기 대응조치는 상기 장치의 인터페이스의 바이탈 시그널(vital signal)(SIG)을 부착하는 것을 포함하는 장치(10).11. The method according to any one of claims 1 to 10,
The countermeasure includes attaching a vital signal (SIG) of the interface of the device. 제1항 내지 제13항 중 어느 한 항에 있어서,
장치(10)를 포함하는 마이크로회로 카드.
The method according to any one of claims 1 to 13,
Microcircuit card comprising the device (10).
KR1020120151196A 2011-12-21 2012-12-21 Device for securing an electronic document KR102044034B1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
FR1162194 2011-12-21
FR1162194A FR2985059B1 (en) 2011-12-21 2011-12-21 DEVICE FOR SECURING AN ELECTRONIC DOCUMENT

Publications (2)

Publication Number Publication Date
KR20130072182A true KR20130072182A (en) 2013-07-01
KR102044034B1 KR102044034B1 (en) 2019-11-12

Family

ID=46489265

Family Applications (1)

Application Number Title Priority Date Filing Date
KR1020120151196A KR102044034B1 (en) 2011-12-21 2012-12-21 Device for securing an electronic document

Country Status (3)

Country Link
KR (1) KR102044034B1 (en)
FR (1) FR2985059B1 (en)
TW (1) TWI636376B (en)

Families Citing this family (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
FR3042055B1 (en) * 2015-10-06 2017-11-24 Inside Secure CONTREMESURES FOR ATTACKS BY INJECTION OF FAULTS BY OPTICAL AND ELECTROMAGNETIC PULSES
FR3053503B1 (en) * 2016-06-30 2019-03-29 Stmicroelectronics (Rousset) Sas METHOD FOR PROTECTING AN INTEGRATED CIRCUIT, AND CORRESPONDING INTEGRATED CIRCUIT
CN107942154A (en) * 2017-10-16 2018-04-20 北京中电华大电子设计有限责任公司 A kind of protection structures and methods suitable for the protection of chip EMP attack N
FR3084521B1 (en) * 2018-07-25 2020-08-14 Stmicroelectronics Rousset PROTECTION PROCESS OF AN INTEGRATED CIRCUIT MODULE AND CORRESPONDING DEVICE
FR3084520B1 (en) 2018-07-25 2020-08-14 Stmicroelectronics Rousset PROTECTION METHOD FOR AN INTEGRATED CIRCUIT, AND CORRESPONDING DEVICE
FR3084492A1 (en) 2018-07-30 2020-01-31 Stmicroelectronics (Rousset) Sas METHOD FOR DETECTING AN ATTACK BY A BEAM OF ELECTRICALLY CHARGED PARTICLES ON AN INTEGRATED CIRCUIT, AND CORRESPONDING INTEGRATED CIRCUIT
US11276648B2 (en) * 2018-07-31 2022-03-15 Nvidia Corporation Protecting chips from electromagnetic pulse attacks using an antenna
FR3099259B1 (en) 2019-07-24 2021-08-13 St Microelectronics Rousset Method for protecting data stored in a memory, and corresponding integrated circuit
EP3812946B1 (en) * 2019-08-16 2022-01-19 Shenzhen Goodix Technology Co., Ltd. Detection circuit for electromagnetic fault injection, security chip, and electronic device

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2005244212A (en) * 2004-01-30 2005-09-08 Semiconductor Energy Lab Co Ltd Semiconductor device
US7804317B1 (en) * 2006-10-19 2010-09-28 Advanced Micro Devices, Inc. Test device for determining charge damage to a transistor

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5483596A (en) * 1994-01-24 1996-01-09 Paralon Technologies, Inc. Apparatus and method for controlling access to and interconnection of computer system resources
IL165468A0 (en) * 2002-06-04 2006-01-15 Nds Ltd Prevention of tampering in electronic devices
EP1941588A4 (en) * 2005-10-27 2011-03-16 Charles L Manto System and method for providing certifiable electromagnetic pulse and rfi protection through mass-produced shielded containers and rooms
KR100816750B1 (en) * 2006-08-11 2008-03-27 삼성전자주식회사 Smart card, detector and semiconductor integrated circuit having share block and unique block

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2005244212A (en) * 2004-01-30 2005-09-08 Semiconductor Energy Lab Co Ltd Semiconductor device
US7804317B1 (en) * 2006-10-19 2010-09-28 Advanced Micro Devices, Inc. Test device for determining charge damage to a transistor

Also Published As

Publication number Publication date
TWI636376B (en) 2018-09-21
KR102044034B1 (en) 2019-11-12
FR2985059B1 (en) 2014-01-10
FR2985059A1 (en) 2013-06-28
TW201342114A (en) 2013-10-16

Similar Documents

Publication Publication Date Title
KR102044034B1 (en) Device for securing an electronic document
US10778679B2 (en) Secure semiconductor chip and operating method thereof
AU2014329851B2 (en) Tamper protection mesh in an electronic device
US7656630B2 (en) Active protection device for protecting circuit against mechanical and electromagnetic attack
CN101512660B (en) Circuit device and circuit
US20090212945A1 (en) Intrusion detection systems for detecting intrusion conditions with respect to electronic component enclosures
US10289840B2 (en) Integrated circuit with tamper protection and method therefor
CN107563191B (en) Method for protecting an integrated circuit and corresponding integrated circuit
KR20080011223A (en) Security method for data protection
US11276648B2 (en) Protecting chips from electromagnetic pulse attacks using an antenna
CN109214174B (en) Integrated receiver circuit for electromagnetic pulse detection in wireless microcontrollers
US20100265681A1 (en) Memory Card Reader
CN107942154A (en) A kind of protection structures and methods suitable for the protection of chip EMP attack N
Gnad et al. Remote electrical-level security threats to multi-tenant FPGAs
US20180336376A1 (en) Memory card reader body with protective mesh on both sides
CN105281295B (en) For protecting motor and/or being coupled to method and protection equipment of the operation machine from incorrect control operation of motor
US6437959B1 (en) Electrical and/or electronic system integrated with an isolating device and method that isolates a functional module
EP2180466A2 (en) Improvements introduced in magnetic card reader with protection against thermal and exothermic chemical attack and assembly process
Beckers et al. (Adversarial) Electromagnetic Disturbance in the Industry
US10951205B2 (en) Protection circuit against short circuits of switching device for SiC or GaN MOSFET transistor and associated method
CN115989495A (en) Integrated circuit device with protection function against malicious attacks
CN114168943A (en) Integrated circuit protection method for preventing electromagnetic injection attack and related device
Potestad-Ordóñez et al. Protecting FPGA-Based Cryptohardware Implementations from Fault Attacks Using ADCs
CN103296025A (en) ESD (electro-static discharge) protection circuit for integrated circuit chips on circuit board
Hayashi et al. Introduction to Physical Layer Security and Hardware Supply Chain Security: EM Tricks to Keep Your Information and Devices Safe

Legal Events

Date Code Title Description
A201 Request for examination
E902 Notification of reason for refusal
E701 Decision to grant or registration of patent right
GRNT Written decision to grant