Ϊ227817Ϊ227817
(請先閲讀背面之注意事項再填寫本頁) 本發明係有關保全積體電路,此包含機密性質之機件 。積體電路包含儲存裝置,其中儲存機密資料,諸如加密 程式及至少一加密鑰,一微處理單元用以執行加密程式, 〜掁盪器級供應時脈信號,用以對微處理單元中之操作流 程定時,及一隨機數產生器連接至微處理單元。掁盪器級 經安排,以接收由隨機數產生器所產生之至少一隨機數, 以對掁盪器級組態,俾此產生時脈信號,其頻率取決於所 接收之隨機數。機密資料係特別有關欲保護之數學函數, 加密程式,及個人進出碼。 本發明並係有關用以操作或啓動保全積體電路之方法 保全積體電路特別用於特定之電子裝置上,其中之機 密性質之資料應加保護。該電路可應用於例如微電腦單元 或硬線邏輯電路,諸如徽章或智慧卡中,或編碼之資料傳 輸場合內。 經濟部智慧財產局員工消費合作社印製 在智慧卡,諸如金融卡之技術場合,至少一保全積體 電路整合於該卡中。連接至積體電路之接觸墊構製於智慧 卡上,俾用作特定資料之讀出及/或寫入裝置之介面。 當智慧卡插進於讀出及/或寫入裝置中時,一旦積體電路 接通,即在微處理單元中由加密鑰執行加密程式。 該程式之各種指令順序之執行時間,及用於微處理單 元中所處理之操作之定時之單頻時脈信號通常經良好訂定 。故此,未獲准之人士可使用密碼分析技術,相當容易對 若干機密資料項目欺詐解密。 本紙張尺度適用中國國家標準(CNS ) A4規格(210X297公釐) -4- 1227817 A7 B7 五、發明説明(2) (請先閲讀背面之注意事項再填寫本頁) 所用之分析技術例如爲DPA(微分功率分析)式或 DFA(微分錯誤分析)式。第一技術在於在程式之所有指 令順序之期間中,量度積體電路之電接觸端上所消耗之電 流幅度。如此,一方面可發現時脈信號之單頻率,及另一 方面,發現加密程式中所用之加密鑰。第二技術在於使加 密程式執行若干次,並在精確之時刻攔截之,俾加以中斷 (決定論之方法)。如此,且根據所獲得之良或不良之計算 結果,可對加密鑰解碼。 具有不良企圖之人士亦可使用適當之測試材料分析機 密資料記憶區而無多大困難,假定積體電路通常由單頻時 脈信號定時。爲達成此點,需移去金屬墊及覆蓋保全積體 電路之保護性鈍化層。在移去保護層後,測試探針置於記 憶區上,及達成各種測試之記憶區間之若干關聯性,以發 現所儲存之機密資料。 經濟部智慧財產局員工消費合作社印製 已有提出若干技術解決,以方止不良企圖之人士經由 加密分析技術發現機密資料。一解決例如包含使用具有可 變頻率之時脈信號,以放慢或加速加密程式之流程。可提 出例如國際專利文件 W0 97/33217號,此發表一種保全積 體電路,此設有解關聯裝置,用於主加密程式之至少一指 令順序之流程上。該積體電路主要包含儲存裝置,其中儲 存一主加密程式及一副程式,及一微處理單元連接至儲存 裝置,用以操作主程式及/或副程式。 積體電路之解關聯裝置特別包含一掁盪器,用以提供 在恆定頻率上之內部時脈信號,及一隨機數產生器經由一 本紙張尺度適用中國國家標準(CNS ) A4規格(210X 297公釐) -5 - 1227817 經濟部智慧財產局員工消費合作社印製 A7 B7 五、發明説明(3) 邏輯選擇電路,接收該內部時脈信號或外部時脈信號。隨 機數產生器經校準電路供應隨機分配之脈波信號,以對微 處理單元中之操作定時。應注意內部時脈信號爲非同步, 且對外部時脈信號移相,俾使微處理單元可移動至解關聯 之操作。 解關聯裝置亦含有一定時器,用以提供中斷信號至微 處理單元,以短暫中斷主程式之流程。每一中斷信號間之 時間間隔可由隨機數產生器提供給定時器之隨機數隨機訂 定。同樣,在中斷期間中,可執行一中斷常式或一副程式 ,以防止積體電路機密資料之任何分析。 該文件 W〇97/33217號中所發表之解決之一缺點爲, 內部時脈信號爲在恆定頻率上之脈波信號。如此,隨機數 產生器(此接收內部時脈信號)僅能提供可變週期之脈波 信號,其平均頻率低於內部時脈信號。應注意隨機分配之 脈波信號僅由內部時脈信號之隨機抑制之一些脈波獲得, 而不修改每一時脈之寬度。爲不太大放慢主程式之操作順 序,故此,內部時脈信號需在充分高之頻率上,此構成另 一'缺點。 本發明之主要目的在克服先行技藝之缺點,提供具有 簡單裝置之一保全積體電路,用以隨機改變加密程式之操 作順序之執行時間,以防止加密分析。 故此,本發明係有關上述型式之保全積體電路,其中 ,掁盪器級包含一 RC式掁盪器,且其中,可由引進於掁 盪器級之輸入端上之隨機數,選擇一些電阻器及/或電容 本紙張尺度適用中國國家標準(CNS ) A4規格(210X 297公釐) (請先閲讀背面之注意事項再填寫本頁)(Please read the precautions on the back before filling out this page) The present invention is related to the security integrated circuit, which includes confidential parts. The integrated circuit includes a storage device, which stores confidential data, such as an encryption program and at least one encryption key, a micro-processing unit to execute the encryption program, and a clock signal to the oscillator level for operations in the micro-processing unit. The flow timing and a random number generator are connected to the micro processing unit. The oscillator stage is arranged to receive at least one random number generated by the random number generator, and to configure the oscillator stage to generate a clock signal, the frequency of which depends on the received random number. Confidential information is specifically about mathematical functions to be protected, encryption programs, and personal access codes. The present invention is not related to a method for operating or activating a security integrated circuit. The security integrated circuit is particularly used on specific electronic devices, and the confidential nature of the information should be protected. The circuit can be used, for example, in microcomputer units or hard-wired logic circuits, such as badges or smart cards, or in coded data transmission applications. Printed by the Consumer Cooperative of the Intellectual Property Bureau of the Ministry of Economic Affairs. On smart cards, such as financial cards, at least one security integrated circuit is integrated in the card. The contact pads connected to the integrated circuit are constructed on the smart card and are used as an interface for reading and / or writing devices for specific data. When the smart card is inserted into the reading and / or writing device, once the integrated circuit is turned on, the encryption program is executed by the encryption key in the micro processing unit. The execution time of the various instruction sequences of the program and the single-frequency clock signal for the timing of the operations processed in the micro-processing unit are usually well-defined. Therefore, unauthorised persons can use cryptanalysis to make it easy to fraudulently decrypt certain confidential information items. This paper size applies Chinese National Standard (CNS) A4 specification (210X297mm) -4- 1227817 A7 B7 V. Description of the invention (2) (Please read the notes on the back before filling this page) The analysis technology used is, for example, DPA (Differential power analysis) or DFA (differential error analysis). The first technique is to measure the magnitude of the current consumed on the electrical contacts of the integrated circuit during all the instruction sequences of the program. In this way, on the one hand, the single frequency of the clock signal can be found, and on the other hand, the encryption key used in the encryption program can be found. The second technique consists in making the encryption program run several times, and intercepting it at the exact moment, and then interrupting it (deterministic method). In this way, and based on the obtained good or bad calculation results, the encryption key can be decoded. People with bad intentions can also analyze the confidential data memory area with appropriate test materials without much difficulty, assuming that the integrated circuit is usually timed by a single-frequency clock signal. To achieve this, the metal pads and protective passivation layer covering the protection integrated circuit need to be removed. After the protective layer is removed, the test probes are placed on the memory area and several correlations of the memory intervals of various tests are achieved to discover the stored confidential data. Printed by the Consumer Cooperatives of the Intellectual Property Bureau of the Ministry of Economic Affairs. Several technical solutions have been proposed to prevent people with bad attempts to discover confidential information through encryption analysis technology. One solution involves, for example, using a clock signal with a variable frequency to slow down or speed up the encryption process. For example, International Patent Document No. W0 97/33217 can be proposed, which publishes a security integrated circuit, which is provided with a disassociation device, and is used for at least one instruction sequence of the main encryption program. The integrated circuit mainly includes a storage device, in which a main encryption program and a sub program are stored, and a micro processing unit is connected to the storage device for operating the main program and / or the sub program. The de-correlation device of the integrated circuit specifically includes an oscillator to provide an internal clock signal at a constant frequency, and a random number generator adapted to the Chinese National Standard (CNS) A4 specification (210X 297) via a paper size (Mm)-5-1227817 Printed by the Consumer Cooperatives of the Intellectual Property Bureau of the Ministry of Economic Affairs A7 B7 V. Description of the invention (3) The logic selection circuit receives the internal clock signal or external clock signal. The random number generator supplies a randomly assigned pulse wave signal through a calibration circuit to time the operation in the microprocessor unit. It should be noted that the internal clock signal is asynchronous, and the external clock signal is phase-shifted so that the micro processing unit can be moved to the operation of disassociation. The disassociation device also contains a timer to provide an interrupt signal to the microprocessor unit to temporarily interrupt the flow of the main program. The time interval between each interrupt signal can be randomly set by the random number provided by the random number generator to the timer. Similarly, during the interruption period, an interruption routine or a routine can be executed to prevent any analysis of the confidential data of the integrated circuit. One of the disadvantages of the solution published in the document W〇97 / 33217 is that the internal clock signal is a pulse wave signal at a constant frequency. In this way, the random number generator (which receives the internal clock signal) can only provide a pulse signal with a variable period, and its average frequency is lower than the internal clock signal. It should be noted that the randomly assigned pulse wave signals are only obtained from some pulse waves of the random suppression of the internal clock signal, without modifying the width of each clock. In order not to slow down the operation sequence of the main program too much, the internal clock signal needs to be at a sufficiently high frequency, which constitutes another disadvantage. The main purpose of the present invention is to overcome the shortcomings of the prior art and provide a security integrated circuit with a simple device for randomly changing the execution time of the operation sequence of the encryption program to prevent encryption analysis. Therefore, the present invention relates to the above-mentioned type of security integrated circuit, in which the oscillator stage includes an RC type oscillator, and among them, some resistors can be selected by random numbers introduced on the input terminal of the oscillator stage And / or the size of this paper applies the Chinese National Standard (CNS) A4 specification (210X 297 mm) (Please read the precautions on the back before filling this page)
-6- 1227817 A7 ____B7 五、發明説明(4) 器,俾產生其頻率取決於RC組成件之時脈信號,其選擇 視所接收之隨機數而定。 (請先閲讀背面之注意事項再填寫本頁) 本發明之保全積體電路之一優點爲可使用連續接收之 每一隨機數,容易對掁盪器級組態,以產生具有隨機頻率 之時脈信號。如此,用以對微處理單元之操作定時之時脈 信號之頻率可迅速改變。每次接通保全積體電路時或當執 行加密程式時,時脈信號之頻率改變,因爲隨機數產生器 提供一隨機數至掁盪器級,該隨機數與前所產生之隨機數 不同。 本發明之保全積體電路之另一優點爲,由掁盪器級所 提供之時脈信號爲正規方形脈波信號,即二脈波間之間隔 大致與每一脈波之寬度相同。故此,提供於掁盪器級之輸 入端上之每一隨機數對脈波之寬度及二脈波間之間隔有相 等之影響。爲限制外部時脈信號之使用於引進例如一保全 智慧卡於讀出及/或寫入裝置中,內部時脈信號之頻率經 調整高於外部信號之頻率。 經濟部智慧財產局員工消費合作社印製 本發明之保全積體電路之另一優點爲,一定時器供應 中斷信號至微處理單元,以中斷加密程式之操作順序。如 定時器接收來自隨機數產生器之一隨機數,則可依隨機之 方式執行中斷程式之操作順序。而且,每一中斷信號可根 據隨機頻率時脈信號之一些脈波提供。定時器中計數之脈 波數可由定時器所接收之隨機數決定。如此,不能精確決 定執行程式之操作順序之時間,此防止保全積體電路之加 密分析。 本&張尺度適用中國國家標準(CNS ) A4規格(210X297公釐) 1227817 A7 B7 五、發明説明(5) (請先閲讀背面之注意事項再填寫本頁) 於收到中斷信號時,微處理單元亦可在加密程式之指 令順序之間執行一中斷常式。一旦收到中斷信號時,微處 理單元可命令傳輸隨機數至掁盪器級,俾產生一時脈信號 頻率改變。 本發明並係有關一種用以啓動上述型式之保全積體電 路之方法,此包括步驟: -在隨機數產生器中產生至少一隨機數, -發送所產生之隨機數至掁盪器級,此包含一 RC式 掁盪器,其中,一些電阻器及/或電容器可由引進於掁盪 器級之輸入端上之隨機數選擇, -在掁盪器級中產生時脈信號,其頻率取決於所接收 之隨機數,以對微處理單元之操作順序定時。 在以下說明由附圖所顯示之實施例中,可更淸楚顯示 保全積體電路之目的,優點,及特色,在附圖中: 圖1槪要顯示本發明之保全積體電路之功能單元, 圖2a顯示構成本發明之保全積體電路之掁盪器級之 各種電子元件, 經濟部智慧財產局員工消費合作社印製 圖 2b顯示用以產生圖2a所示之掁盪器級之方形脈 波信號之雙穩觸發電路之組成件,及 圖3顯示在本發明之保全積體電路之微處理單元中執 行加密程式之期間中,操作順序之流程圖。 主要元件對照表 1保全積體電路 本紙張尺度適用中國國家標準(CNS ) A4規格(2i〇X 297公釐) -8 - 1227817 A7 B7 五、發明説明(6) 2儲存裝置 2a非揮發ROM記憶體 2b記憶體 3微處理機單元 4暫存器 5振盪器級 6隨機數產生器 7定時器 8資料匯流排 以下並不詳細說明精於本藝之技術部份之人士所熟悉 之保全積體電路之所有組成件或電子單元。僅更詳細說明 掁盪器級之組成件或電子單元。 包含保全積體電路在內之各種重要單元顯示於圖1。 保全積體電路1第一包含儲存裝置2, 其中特別儲存一 加密程式及至少一加密鑰,及一微處理單元3經資料匯 流排8連接至儲存裝置,該單元欲使加密程式可使用加密 鐘執行。 加密程式例如爲此技術部份之專家所熟悉之DES式 演算法。此程式特別儲存於一非揮發性ROM記憶器2a 中。儲存裝置 2中亦設置一 EEPROM記憶器 2b,當 執行加密程式時,用以儲存若干資料項目,或用以保持機 密資料,諸如個人進出碼或加密鑰。在由微處理單元執行 加密程式之期間中,使用加密鑰。當然,儲存裝置2可另 本紙張尺度適用中國國家標準(CNS ) A4規格(210X 297公釐) (請先閲讀背面之注意事項再填寫本頁) .裝. 訂 經濟部智慧財產局員工消費合作社印製 -9 - 1227817 A7 B7 五、發明説明(7) 包含其他型式之記憶器,諸如快閃記憶器或RAM式記憶 器,未顯示於圖1中。 (請先閲讀背面之注意事項再填寫本頁) 保全積體電路亦包含一隨機數產生器6, 經由匯流排 RNG連接至微處理單元3 , 及一掁盪器級由暫存器4 構成,用以接收由微處理單元3經由匯流排RNGosc所 發送之隨機數,及一 RC式掁盪器5供應時脈信號 CLK特別至微處理單元。儲存裝置之定址,讀出,及/ 或寫入由時脈信號 CLK或由微處理單元之時脈信號控制 裝置所產生之信號直接定時。積體電路並包含一定時器7 ,用以提供中斷信號INT至微處理單元,以短暫中斷在該 單元中所處理之操作。 經濟部智慧財產局員工消費合作社印製 爲防止加密分析,由掁盪器級4,5所產生之時脈 信號CLK之頻率需能隨機變化。在正常操作,即特別在 執行加密程式之期間中,掁盪器級能由隨機數組態,俾產 生頻率在13及20MHz之頻率範圍內之時脈信號。然 而,在微處理單元,該頻率宜不超過 24MHz。如此,微處 理單元可包含一時脈信號控制裝置,此可在一些處理操作 中執行分頻,或引導時脈信號CLK至定時器7或儲存裝 置 2。 在不執行加密程式之積體電路之操作期間中,由掁盪 器級所產生之時脈信號之頻率可仍需固定於一低値,諸如 1.25MHz。在此情形,掁盪器級經組態,以產生僅固定之低 頻時脈信號,與引進於掁盪器級暫存器中之隨機數無關。 此頻率降低節約由積體電路所消耗之電流。同樣,爲降低 本紙張尺度適用中國國家標準(CNS ) A4規格(210X297公釐) -10- 1227817 A7 B7 五、發明説明(8) 保全積體電路之一些操作期間中之消耗,隨機數產生器及 /或定時器可短暫不啓動。 (請先閲讀背面之注意事項再填寫本頁) 在微處理單元執行加密程式之期間中,每次電路接通 時,或在微處理單元中接收中斷信號時,或每次自隨機數 產生器6供應隨機數時,頻率可發生變化。以下參考圖 2a及2b,更詳細說明構成掁盪器級之掁盪器5。 隨機數產生器 6通常用於例如電路之鑑認處理或加密 功能上。在本技術部份中所熟悉之該產生器可由非同步時 脈信號定時之假隨機計數器之掁盪器級之一獨立非同步掁 盪器構成,及一輸出暫存器連接至該計數器,俾在每一裝 載脈波上提供隨機數。非同步時脈信號頻率在30至 90kHz之範圍。 經濟部智慧財產局員工消費合作社印製 由產生器所產生之隨機數爲二進位字,此可限制於8 數元。經由來自微處理器之讀出指令EN,隨時數先經由 隨機數匯流排RNG發送至微處理單元。其次,微處理單 元經由匯流排RNGosc發送至少一所接收之隨機數,俾特 別載入於掁盪器級之暫存器4中,用於時脈信號CLK之 頻率改變上。 連續隨機數之供應至掁盪器級之暫存器4可由微處理 單元控制,尤其是在該單元執行加密程式之期間中爲然。 微處理單元3亦可發送所有所接收之隨機數至暫存器4 〇 在未顯示之一實施例中,掁盪器級可連續接收隨機數 ,此等由隨機數產生器直接產生。 本紙張尺度適用中國國家標準(CNS ) A4規格(21〇X 297公釐) " ~— -11 - 1227817 A7 B7 五、發明説明(9) (請先閱讀背面之注意事項再填寫本頁) 定時器7由時脈信號定時,其頻率隨掁盪器級之暫存 器4中所提供之隨機數變化。在經由微處理單元3所扱 收之一些時脈CLK後,定時器產生一中斷信號,此經由 匯流排INT發送至微處理單元3,以短暫中斷該單元中 所處理之操作。 定時器7亦經由微處理單元3接收隨機數,故二中 斷信號間之間隔依隨機之方式改變。可想像引進於定時器 中之一隨機數影響所接收之時脈信號CLK之數,此觸發 中斷信號。故此,隨機提供中斷至微處理單元。 故此,微處理單元中之加密程式之中斷亦可防止人士 找出保全積體電路之機密資料。例如,可提供微處理單元 中所執行之加密程式之至少16中斷及至多32中斷。 經濟部智慧財產局員工消費合作社印製 如參考圖3說明,亦規定在加密程式之中斷期間中, 在微處理單元中執行中斷常式。此常式隨機加進指令序列 於中斷之加密程式中,此防止精確訂定所執行之程式之執 行時間。而且,在執行加密程式及中斷常式之期間中,由 隨機施加資料儲存或儲存裝置之讀出,產生所消耗電流之 變化。故此,不能執行例如DPA式之加密分析,以找 出保全積體電路之機密內容,此構成本發明之積體電路所 達成之目的。 現參考圖2a及2b,更詳細說明掁盪器級。此級連接 至二電位端 Vdd及 Vss間之一調節之電壓源。電位 Vdd 具有一値低於 3 V,宜爲2.8 V,而電位 V s s則具有値Ο V ,此相當於積體電路之地端。 本紙張尺度適用中國國家標準(CNS ) A4規格(210X 297公釐) -12- 1227817 經濟部智慧財產局員工消費合作社印製 A7 B7 五、發明説明(id) 掁盪器級之R C式掁盪器包含一組電組器R 〇 s c。 由 掁盪器級暫存器所產生之二進位字TRIM對此組電阻器組 態。此二進位字相當於該暫存器中所置之一隨機數。 該組電阻器安排設置一些電阻器,此等可由切換元件 ,諸如未顯示之 NMOS或PMOS電晶體選擇成並連或串 聯。每一電晶體之閘極可由一電壓控制,隨自暫存器所接 收之二進位字 TRIM變化,俾使對應之電晶體導電或不導 電,及連接電阻器成並連或串聯。由二進位字TRIM所選 擇之電阻器値與電容器Cose決定在掁盪器輸出處所產生 之時脈信號 CLK之頻率値。 經組態之該組電阻器Rose使連接至正電位端 Vdd之 一第一電流鏡中及連接至負電位端 Vss之一第二電流鏡中 可產生電流源。該組故此串聯置於二電流鏡之間。 第一電流鏡包含一第一 PMOS電晶體P1及一第二 PMOS電晶體 P2, 以及一第三PMOS電晶體P3,此等 參考圖2a說明之。第一電晶體P1之閘極 Bp及汲極 連接至該組電阻器Rose之正端,及電晶體P1之源極連 接至端 Vdd。第二電晶體P2之閘極連接至第一電晶體 P1之閘極,及第二電晶體 P2之源極連接至端 Vdd。第 二電晶體之汲極連接至第三PMOS電晶體P3之源極。 弟一電流鏡包含一第一 NMOS電晶體N1及一第一 NMOS電晶體N2, 以及一第三NMOS電晶體N3,此 等參考圖2a說明之。第一電晶體N1之閘極Bn及汲 極連接至該組電阻器Rose之負端,及電晶體N1之源極 本紙張尺度適用中國國家標準(CNS ) A4規格(210X;297公釐) (請先閱讀背面之注意事項再填寫本頁)-6- 1227817 A7 ____B7 V. Description of the Invention (4) The frequency of the device depends on the clock signal of the RC component, and its selection depends on the random number received. (Please read the precautions on the back before filling this page) One of the advantages of the security integrated circuit of the present invention is that each random number received continuously can be used, and the oscillator level is easily configured to generate a time with random frequency. Pulse signal. In this way, the frequency of the clock signal used to time the operation of the microprocessor unit can be changed rapidly. The frequency of the clock signal changes every time the security integrated circuit is turned on or when the encryption program is executed, because the random number generator provides a random number to the oscillator level, which is different from the random number generated previously. Another advantage of the security integrated circuit of the present invention is that the clock signal provided by the oscillator stage is a regular square pulse signal, that is, the interval between two pulses is approximately the same as the width of each pulse. Therefore, each random number provided at the input of the oscillator level has an equal effect on the width of the pulse wave and the interval between the two pulse waves. In order to limit the use of external clock signals when introducing, for example, a secure smart card in a reading and / or writing device, the frequency of the internal clock signal is adjusted higher than the frequency of the external signal. Printed by the Consumer Cooperative of the Intellectual Property Bureau of the Ministry of Economics Another advantage of the security integrated circuit of the present invention is that a timer supplies an interrupt signal to the microprocessor unit to interrupt the operation sequence of the encryption program. If the timer receives a random number from a random number generator, it can execute the operation sequence of the interrupt program in a random manner. Moreover, each interrupt signal can be provided based on some pulses of a random frequency clock signal. The number of pulses counted in the timer can be determined by the random number received by the timer. In this way, the timing of the operation sequence of executing the program cannot be accurately determined, which prevents the security analysis of the integrated circuit. This & Zhang scale is applicable to Chinese National Standard (CNS) A4 specification (210X297 mm) 1227817 A7 B7 V. Description of the invention (5) (Please read the precautions on the back before filling this page) When receiving the interrupt signal, the micro The processing unit may also execute an interrupt routine between the instruction sequences of the encryption program. Once the interrupt signal is received, the micro-processing unit can command the transmission of a random number to the oscillator level, which will generate a clock signal with a frequency change. The invention also relates to a method for activating the above-mentioned type of security integrated circuit, which includes the steps of:-generating at least one random number in a random number generator,-sending the generated random number to an oscillator level, and Contains an RC oscillator, where some resistors and / or capacitors can be selected by random numbers introduced at the input of the oscillator stage,-the clock signal is generated in the oscillator stage, the frequency of which depends on the The received random number is timed according to the operation sequence of the micro processing unit. In the following description of the embodiment shown by the drawings, the purpose, advantages, and features of the security integrated circuit can be more clearly shown in the drawings: Figure 1 槪 shows the functional unit of the security integrated circuit of the present invention Figure 2a shows the various electronic components that make up the oscillator stage of the security integrated circuit of the present invention, printed by the Consumer Cooperative of the Intellectual Property Bureau of the Ministry of Economic Affairs. The components of the bistable trigger circuit of the wave signal, and FIG. 3 shows a flowchart of the operation sequence during the execution of the encryption program in the micro processing unit of the security integrated circuit of the present invention. Main component comparison table 1 Preserved integrated circuit This paper size is applicable to Chinese National Standard (CNS) A4 specification (2iOX 297 mm) -8-1227817 A7 B7 V. Description of the invention (6) 2 Storage device 2a Non-volatile ROM memory Body 2b Memory 3 Microprocessor Unit 4 Register 5 Oscillator Level 6 Random Number Generator 7 Timer 8 Data Bus The following does not detail the security products familiar to those skilled in the technical part of the art All components or electronic units of a circuit. Only the components or electronic units of the oscillator level are explained in more detail. Various important units including the security integrated circuit are shown in Figure 1. The security integrated circuit 1 includes a storage device 2 first, in which an encryption program and at least one encryption key are stored, and a micro processing unit 3 is connected to the storage device via a data bus 8. The unit is intended to enable the encryption program to use an encryption clock. carried out. The encryption program is, for example, a DES algorithm familiar to experts in this technology. This program is stored in a non-volatile ROM memory 2a. The storage device 2 is also provided with an EEPROM memory 2b, which is used to store several data items when the encryption program is executed, or to maintain confidential data, such as personal access codes or encryption keys. The encryption key is used during the execution of the encryption program by the microprocessor. Of course, the storage device 2 can be adapted to the Chinese national standard (CNS) A4 size (210X 297 mm) on this paper size (please read the precautions on the back before filling out this page). Pack. Order the Intellectual Property Bureau Staff Consumer Cooperatives Printing -9-1227817 A7 B7 V. Description of the invention (7) Contains other types of memory, such as flash memory or RAM memory, not shown in Figure 1. (Please read the precautions on the back before filling this page) The security integrated circuit also includes a random number generator 6, which is connected to the micro processing unit 3 via the bus RNG, and an oscillator stage is composed of the register 4. It is used to receive the random number sent by the micro-processing unit 3 via the bus RNGosc, and a RC oscillator 5 supplies the clock signal CLK to the micro-processing unit. The addressing, reading, and / or writing of the storage device is directly timed by the clock signal CLK or a signal generated by the clock signal control device of the microprocessor. The integrated circuit also includes a timer 7 for providing an interrupt signal INT to the microprocessor unit to temporarily interrupt the operation processed in the unit. Printed by the Consumer Cooperatives of the Intellectual Property Bureau of the Ministry of Economic Affairs To prevent cryptographic analysis, the frequency of the clock signal CLK generated by the oscillator stages 4, 5 needs to be able to change randomly. In normal operation, especially during the execution of the encryption program, the oscillator stage can be configured by random numbers, generating clock signals with frequencies in the frequency range of 13 and 20 MHz. However, in a microprocessor unit, this frequency should not exceed 24MHz. In this way, the micro processing unit may include a clock signal control device, which may perform frequency division in some processing operations, or guide the clock signal CLK to the timer 7 or the storage device 2. During the operation of the integrated circuit that does not execute the encryption program, the frequency of the clock signal generated by the oscillator stage may still be fixed at a low frequency, such as 1.25 MHz. In this case, the oscillator stage is configured to generate only fixed low-frequency clock signals, independent of the random numbers introduced into the oscillator stage register. This frequency reduction saves the current consumed by the integrated circuit. Similarly, in order to reduce the size of this paper, the Chinese National Standard (CNS) A4 specification (210X297 mm) -10- 1227817 A7 B7 V. Description of the invention (8) Preserving the consumption during the operation of the integrated circuit, the random number generator And / or the timer may be temporarily disabled. (Please read the precautions on the back before filling this page) During the execution of the encryption program by the microprocessor unit, each time the circuit is turned on, or when the interrupt signal is received in the microprocessor unit, or every time from the random number generator 6 When random numbers are supplied, the frequency can change. The oscillator 5 constituting the oscillator stage will be described in more detail below with reference to FIGS. 2a and 2b. The random number generator 6 is typically used for, for example, authentication processing of a circuit or encryption function. The generator, which is familiar in the technical part, may be composed of an independent asynchronous oscillator of one of the oscillator stages of a pseudo-random counter clocked by an asynchronous clock signal, and an output register is connected to the counter. Random numbers are provided on each loading pulse. The frequency of the asynchronous clock signal is in the range of 30 to 90 kHz. Printed by the Consumer Cooperative of the Intellectual Property Bureau of the Ministry of Economic Affairs. The random number generated by the generator is a binary word, which can be limited to 8 digits. Through the read command EN from the microprocessor, it is sent to the micro processing unit via the random number bus RNG at any time. Secondly, the micro processing unit sends at least one received random number via the bus RNGosc, and is particularly loaded into the register 4 of the oscillator level for changing the frequency of the clock signal CLK. The supply of consecutive random numbers to the register 4 of the oscillator level can be controlled by the microprocessor unit, especially during the execution of the encryption program by the unit. The micro processing unit 3 may also send all the received random numbers to the register 4 〇 In an embodiment not shown, the oscillator level may continuously receive the random numbers, which are directly generated by the random number generator. This paper size applies to China National Standard (CNS) A4 specification (21〇X 297 mm) " ~ — -11-1227817 A7 B7 V. Description of invention (9) (Please read the precautions on the back before filling this page) The timer 7 is timed by the clock signal, and its frequency changes with the random number provided in the register 4 of the oscillator level. After some clocks CLK received by the micro processing unit 3, the timer generates an interrupt signal, which is sent to the micro processing unit 3 via the bus INT to temporarily interrupt the operation processed in the unit. The timer 7 also receives a random number via the micro processing unit 3. Therefore, the interval between the two interrupt signals is changed in a random manner. It is conceivable that a random number introduced in the timer affects the number of clock signals CLK received, and this triggers an interrupt signal. Therefore, an interrupt is provided to the microprocessor at random. Therefore, the interruption of the encryption program in the micro-processing unit can also prevent people from finding out the confidential data of the integrated circuit. For example, at least 16 interrupts and at most 32 interrupts of the encryption program executed in the microprocessor unit may be provided. Printed by the Consumer Cooperative of the Intellectual Property Bureau of the Ministry of Economic Affairs As explained with reference to Figure 3, it is also stipulated that during the interruption period of the encryption program, an interruption routine is executed in the micro processing unit. This routine is randomly added to the instruction sequence in the interrupted encryption program, which prevents the exact execution time of the program being executed. In addition, during the execution of the encryption program and the interruption routine, a change in the consumed current is generated by a random application of data storage or reading from a storage device. Therefore, encryption analysis such as DPA cannot be performed to find out the confidential content of the integrated integrated circuit, which constitutes the purpose achieved by the integrated circuit of the present invention. Referring now to Figures 2a and 2b, the oscillating stage is explained in more detail. This stage is connected to a regulated voltage source between the two potential terminals Vdd and Vss. The potential Vdd has a voltage of less than 3 V, preferably 2.8 V, and the potential V s s has a voltage of 値 Ο V, which is equivalent to the ground end of the integrated circuit. This paper size applies the Chinese National Standard (CNS) A4 specification (210X 297 mm) -12- 1227817 Printed by the Consumer Cooperative of the Intellectual Property Bureau of the Ministry of Economic Affairs A7 B7 V. Description of the invention (id) Oscillator-grade RC-type oscillating The generator includes a group of electric generators Rosc. The binary word TRIM generated by the oscillator-level register configures this group of resistors. The binary word is equivalent to a random number set in the register. This group of resistors are arranged with resistors, which can be selected in parallel or in series by switching elements such as NMOS or PMOS transistors not shown. The gate of each transistor can be controlled by a voltage, which changes with the binary word TRIM received from the register, so that the corresponding transistor is conductive or non-conductive, and the resistor is connected in parallel or in series. The resistor 値 and capacitor Cose selected by the binary word TRIM determine the frequency 时 of the clock signal CLK generated at the oscillator output. The set of resistors Rose is configured to generate a current source in a first current mirror connected to the positive potential terminal Vdd and in a second current mirror connected to the negative potential terminal Vss. The group is therefore placed in series between the two current mirrors. The first current mirror includes a first PMOS transistor P1 and a second PMOS transistor P2, and a third PMOS transistor P3, which are described with reference to FIG. 2a. The gate Bp and the drain of the first transistor P1 are connected to the positive terminal of the group of resistors Rose, and the source of the transistor P1 is connected to the terminal Vdd. The gate of the second transistor P2 is connected to the gate of the first transistor P1, and the source of the second transistor P2 is connected to the terminal Vdd. The drain of the second transistor is connected to the source of the third PMOS transistor P3. The current mirror includes a first NMOS transistor N1 and a first NMOS transistor N2, and a third NMOS transistor N3, which are described with reference to FIG. 2a. The gate Bn and the drain of the first transistor N1 are connected to the negative terminal of the group of resistors Rose, and the source of the transistor N1. The paper size applies to the Chinese National Standard (CNS) A4 specification (210X; 297 mm) ( (Please read the notes on the back before filling out this page)
-13- 1227817 A7 B7 五、發明説明(11) (請先閲讀背面之注意事項再填寫本頁) 連接至端 Vss。第二電晶體N2之閘極連接至第一電晶體 N1之閘極,及第二電晶體n2之源極連接至端Vss。第 二電晶體 N2之汲極連接至第三 NMOS電晶體 N3之源 極0 第三電晶體P3及N3各具有其汲極連接至電容器 Cose之正端,其負端連接至 Vss 。此二第三電晶體P3 及N3之閘極相互連接。如連接至時脈信號CLK之輸出 端之電晶體P3及N3之閘極上之電位接近 Vdd,則電 晶體P3不導電,而電晶體N3變爲導電,使由第二電流 鏡複製之電流可通過。電容器Cose故此由於第二電流鏡 中所複製之電流而放電,視該組電阻器Rose而定。如連 接至時脈信號 CLK之輸出端之電晶體P3及N3之閘極 之電位接近 Vss,則電晶體N3不導電,而電晶體 P3變 爲導電,使由第一電流鏡複製之電流可通過。由於第一電 流鏡中所複製之電流,電容器Cose故此充電,視該組電 阻器Rose而定。 經濟部智慧財產局員工消費合作社印製 應明瞭由電容器Cose之充電及放電所產生之信號爲 三角形信號。故此應變換三角形信號爲方形脈波信號。此 變換特別由雙穩觸發電路ST或史密特觸發電路執行。此 電路 ST之輸入端連接至電容器Cose之正端,以及至電 晶體 P3及N3之汲極,而此電路 SY之輸出端則連接至 串聯之二反相器INV1及INV2。具有大致方形脈波之時 脈信號 CLK供應於第二反相器INV2之輸出端上。應 注意由於二反相器INV1及INV2之故,輸出端及輸出 本紙張尺度適用中國國家標準(CNS ) A4規格(21〇X297公釐) -14- 1227817 A7 B7 五、發明説明(y CLK之間有一些信號過渡延遲。 (請先閱讀背面之注意事項再填寫本頁) 當電容器Cose放電時,史密特觸發電路ST之輸出 在高狀態。在此情形,電晶體N3導電,而電晶體P3 則不導電,故由第二電流鏡所複製之電流使電容器Cose 放電。Cose進行放電,直至電容器Cose之電位到達一 第一低臨限位準爲止,此由在輸入端上之電路 ST偵測。 一旦電容器Cose之電位到達第一臨限位準時,電路ST 之輸出過渡至低狀態。自此時刻,在電路ST之輸出端上 之信號之過渡使時脈信號 CLK自高狀態過渡至低狀態。 時脈信號CLK之自高狀態過渡至低狀態使電晶體N3 阻斷,及電晶體打開,俾使電容器Cose使用第一電流 鏡所複製之電流充電。電容器 Cose如此充電,直至電容 器Cose之電位到達一第二高臨限位準爲止,此由輸入 端上之電路ST偵測。一旦電容器Cose之電位已到達第 二臨限位準,電路ST之輸出過渡至高狀態。自此時刻 ,在電路 ST之輸出端上之信號之過渡使時脈信號CLK 自低狀態過度至高狀態。 經濟部智慧財產局員工消費合作社印製 圖 2b顯示 Schmit觸發電路 ST。 第四 PMOS及 NMOS電晶體P4及N4具有其閘極分別連接至第一電流 鏡之閘極 Bp,及第二電流鏡之閘極En。第四電晶體n4 之源極連接至端 Vdd,而第四電晶體N4之源極則連接至 端 Vss。電晶體P4之汲極連接至一第六 PMOS電晶體 P6之源極,以提供在第一電流鏡中所複製之電流於此, 而電晶體 N4之汲極則連接至第六NMOS電晶體N6之 本紙張尺度適用中國國家標準(CNS ) A4規格(210X297公釐) -15- 1227817 A7 B7 五、發明説明(1云 源極,以提供在第二電流鏡中所複製之電流於此。 (請先閱讀背面之注意事項再填寫本頁) 電晶體P6及N6具有其閘極分別連接至Schmit觸 發電路之輸入端,及其汲極連接至第三反相器INV3之輸入 端。第三反相器INV3之輸出端連接至Schmit觸發電路之 輸出端,以及至第五 PMOS電晶體P5之閘極及第五 NMOS電晶體N5之閘極。第五電晶體P5之源極連接至 端 Vdd,而其汲極則連接至第六電晶體P6之源極。第五 電晶體N5之源極連接至端 Vss,而其汲極則連接至第六 電晶體N6之源極。 經濟部智慧財產局員工消費合作社印製 當輸出過渡至高狀態時,電晶體P5阻斷,而電晶體 N5則導電。故此,反相器INV3之輸出在低狀態,因爲 電晶體N6及N5在電容器Cose放電階段中導電。施 加於電路ST之輸入端上之電位在電容器Cose之放電階 段中呈線性下降。當電路ST之輸入端上之電位接近 Vdd/2時,電晶體P6變爲導電,使在第一電流鏡中所複 製之電流可通過。然而,由於電晶體N5全導電,此全部 吸收由電晶體P6供應通過導電之電晶體N6之良好界定 之電流。如此,在輸入端上之電流可降低遠至由電晶體N6 之臨限電壓所約略界定之第一低臨限位準,然後輸出自高 狀態過渡至低狀態。 當輸出過渡至低狀態時,電晶體N5不導電,而電晶 體 P5則導電。故此,反相器INV3之輸入在高狀態,因 爲電晶體P6及P5在電容器Cose充電階段中導電。施 加於電路 ST之輸入端上之電位在電容器 Cose之充電階 本紙張尺度適用中國國家標準(CNS ) A4規格(210X297公釐) 一 -16- 1227817 A7 B7 五、發明説明(14) (請先閲讀背面之注意事項再填寫本頁) 段中呈線性增加。當電路ST之輸入端上之電位接近 Vdd/2時,電晶體N6變爲導電,使在第二電流鏡中之電 流可通過。然而,由於電晶體P5全導電,此全部吸收由 電晶體N6提供通過導電之電晶體P6之良好界定之電流 。如此,在輸入端上之電流可升高遠至由電晶體P6之臨 限電壓所約略界定之第二高臨限位準,然後輸出自低狀態 過渡至高狀態。 由於史密特觸發電路,時脈信號大致爲方形脈波信號 〇 圖3顯示在微處理單元中執行加密程式之期間中,操 作順序之流程圖。 一旦保全積體電路接通,或當選擇執行其後之加密程 式時,由微處理單元在步驟10執行DES式加密程式。 經濟部智慧財產局員工消費合作社印製 應注意加密程式啓動選擇例如由發送至保全積體電路之一 外部命令達成。在步驟11中由微處理單元讀出隨機數產 生器之暫存器中之一隨機數。在步驟12, 由微處理單元 載入該隨機數於掁盪器級之暫存器TRIM中。掁盪器級如 此產生時脈信號,其頻率取決於所接收之隨機數。微處理 單元然後在步驟13讀出隨機數產生器之暫存器中之另一 隨機數,並在步驟14中發送其至定時器14。 顯然,同 一隨機數可同時載入於掁盪器級暫存器及定時器中。在微 處理單元在步驟15中執行DES式加密程式之期間中, 定時器在隨所接收之隨機數而定之隨機選擇之時刻,發送 中斷信號。 本紙張尺度適用中.國國家標準(CNS ) A4規格(210X 297公釐) -17- 1227817 A7 B7 五、發明説明(1滂 (請先閱讀背面之注意事項再填寫本頁) 一旦加密程式短暫中斷時,一第二常式或程式開始, 並由微處理單元在步驟16讀出一隨機數。在步驟17,此 隨機數載入於掁盪器級之暫存器TRIM中,以取代先前之 隨機數。如此,掁盪器級產生時脈信號,其新頻率取決於 所接收之新隨機數。在步驟1 8 ,由微處理單元讀出另一 隨機數。在此讀出後,及隨所讀出之隨機數而定,有隨機 在步驟19之寫入於EEPROM記憶器中之操作,或在步 驟20之不寫入於EEPROM記憶器中之操作。由於在執 行之中斷常式之期間中寫入於EEPROM記憶器中爲隨機 性,此在寫入期間中產生額外之電流損失,故此使未獲准 之人員更難分析任何加密。 其後,由微處理單元在步驟21讀出另一隨機數。在 步驟22中,載入該隨機數於定時器中,此改變由定時器 所產生之每一中斷信號間之時間。在步驟22後,微處理 單元可再繼續執行加密程式。中斷常式可執行數次,直至 該程式完成爲止,但每次發送一中斷信號至微處理單元時 ,不執行此中斷常式。 經濟部智慧財產局員工消費合作社印製 自剛提之說明,精於本藝之人士可想出保全積體電路 之許多改變,而不脫離本發明之範圍。例如,在掁盪器級 ,該組電阻器可由一固定電阻器取代,及該固定電容器可 由一組電容器取代。及該組電容器可由掁盪器級暫存器所 產生之二進位字 TRIM組態,與該組電阻器之情形相同。 此二進位字相當於暫存器中所置之隨機數。 該組電容器之組態在於設置一些電容器,此等可由例 本纸張尺度適用中國國家標準(CNS ) A4規格(210X297公釐) -18- 1227817 A7 B7 五、發明説明( 如電壓控制之切換元件選擇並連或串聯,此隨二進位字 TRIM而定。 (請先閲讀背面之注意事項再填寫本頁) 經濟部智慧財產局員工消費合作社印製 本紙張尺度適用中國國家標準(CNS ) A4規格(210X 297公釐) -19--13- 1227817 A7 B7 V. Description of the invention (11) (Please read the notes on the back before filling this page) Connect to the terminal Vss. The gate of the second transistor N2 is connected to the gate of the first transistor N1, and the source of the second transistor n2 is connected to the terminal Vss. The drain of the second transistor N2 is connected to the source of the third NMOS transistor N3. Each of the third transistors P3 and N3 has its drain connected to the positive terminal of the capacitor Cose, and its negative terminal connected to Vss. The gates of the two third transistors P3 and N3 are connected to each other. If the potentials on the gates of transistors P3 and N3 connected to the output of clock signal CLK are close to Vdd, transistor P3 is not conductive, and transistor N3 becomes conductive, so that the current copied by the second current mirror can pass through . The capacitor Cose is therefore discharged due to the current copied in the second current mirror, depending on the group of resistors Rose. If the potentials of the transistors P3 and N3 gates connected to the output of the clock signal CLK are close to Vss, the transistor N3 is not conductive and the transistor P3 becomes conductive, so that the current copied by the first current mirror can pass through . The capacitor Cose is charged due to the current copied in the first current mirror, depending on the group of resistors Rose. Printed by the Consumer Cooperative of the Intellectual Property Bureau of the Ministry of Economic Affairs. It should be clear that the signal generated by the charging and discharging of the capacitor Cose is a triangle signal. Therefore, the triangle signal should be converted into a square pulse signal. This conversion is performed in particular by a bistable trigger circuit ST or a Schmitt trigger circuit. The input terminal of this circuit ST is connected to the positive terminal of capacitor Cose and the drain terminals of transistors P3 and N3, and the output terminal of this circuit SY is connected to two inverters INV1 and INV2 connected in series. A clock signal CLK having a substantially square pulse wave is supplied to the output terminal of the second inverter INV2. It should be noted that due to the two inverters INV1 and INV2, the output end and the output paper size are applicable to China National Standard (CNS) A4 specifications (21 × 297 mm) -14- 1227817 A7 B7 V. Description of the invention (y CLK There are some signal transition delays. (Please read the precautions on the back before filling this page.) When the capacitor Cose is discharged, the output of the Schmitt trigger circuit ST is high. In this case, the transistor N3 is conductive, and the transistor P3 is not conductive, so the current copied by the second current mirror causes the capacitor Cose to discharge. Cose discharges until the potential of the capacitor Cose reaches a first low threshold level, which is detected by the circuit ST on the input terminal. Once the potential of the capacitor Cose reaches the first threshold level, the output of the circuit ST transitions to a low state. From this moment, the signal transition at the output of the circuit ST causes the clock signal CLK to transition from a high state to a low state. State. The transition of the clock signal CLK from a high state to a low state causes the transistor N3 to be blocked, and the transistor is turned on, so that the capacitor Cose is charged with the current copied by the first current mirror. The capacitor Cose This charging is performed until the potential of the capacitor Cose reaches a second high threshold level, which is detected by the circuit ST on the input terminal. Once the potential of the capacitor Cose has reached the second threshold level, the output of the circuit ST transitions to high State. From this moment, the transition of the signal at the output of the circuit ST causes the clock signal CLK to transition from a low state to a high state. Printed in Figure 2b by the Consumer Cooperatives of the Intellectual Property Bureau of the Ministry of Economy, Schmit trigger circuit ST. And NMOS transistors P4 and N4 have their gates connected to the gate Bp of the first current mirror and the gate En of the second current mirror, respectively. The source of the fourth transistor n4 is connected to the terminal Vdd, and the fourth transistor The source of the crystal N4 is connected to the terminal Vss. The drain of the transistor P4 is connected to the source of a sixth PMOS transistor P6 to provide the current copied in the first current mirror, and the transistor N4 is The drain is connected to the sixth NMOS transistor N6. The paper size is applicable to the Chinese National Standard (CNS) A4 specification (210X297 mm) -15-1227817 A7 B7 V. Description of the invention (1 Cloud source to provide the second Restored in a current mirror (Please read the precautions on the back before filling this page) Transistors P6 and N6 have their gates connected to the input of the Schmit trigger circuit, and their drains connected to the third inverter INV3 The input terminal of the third inverter INV3 is connected to the output terminal of the Schmit trigger circuit, and to the gate of the fifth PMOS transistor P5 and the gate of the fifth NMOS transistor N5. The fifth transistor P5 The source is connected to the terminal Vdd, and its drain is connected to the source of the sixth transistor P6. The source of the fifth transistor N5 is connected to the terminal Vss, and its drain is connected to the source of the sixth transistor N6. Printed by the Consumer Cooperative of the Intellectual Property Bureau of the Ministry of Economic Affairs When the output transitions to a high state, transistor P5 is blocked, while transistor N5 is conductive. Therefore, the output of the inverter INV3 is in a low state because the transistors N6 and N5 are conductive during the discharge phase of the capacitor Cose. The potential applied to the input of the circuit ST decreases linearly during the discharge phase of the capacitor Cose. When the potential at the input of the circuit ST approaches Vdd / 2, the transistor P6 becomes conductive, so that the current copied in the first current mirror can pass. However, since transistor N5 is fully conductive, this all absorbs a well-defined current supplied by transistor P6 through conductive transistor N6. In this way, the current at the input can be reduced as far as the first low threshold level, which is approximately defined by the threshold voltage of transistor N6, and then the output transitions from a high state to a low state. When the output transitions to a low state, transistor N5 is non-conductive and transistor P5 is conductive. Therefore, the input of the inverter INV3 is in a high state because the transistors P6 and P5 are conductive during the capacitor Cose charging stage. The potential applied to the input terminal of the circuit ST is in the charge stage of the capacitor Cose. The paper size is applicable to the Chinese National Standard (CNS) A4 specification (210X297 mm). -16- 1227817 A7 B7. 5. Description of the invention (14) (please first Read the notes on the back and fill out this page). When the potential at the input terminal of the circuit ST approaches Vdd / 2, the transistor N6 becomes conductive, so that the current in the second current mirror can pass. However, since transistor P5 is fully conductive, this all absorbs the well-defined current provided by transistor N6 through conductive transistor P6. In this way, the current on the input terminal can be increased as far as the second high threshold level, which is approximately defined by the threshold voltage of transistor P6, and then the output transitions from a low state to a high state. Due to the Schmitt trigger circuit, the clock signal is approximately a square pulse signal. Figure 3 shows a flowchart of the operation sequence during the execution of the encryption program in the micro processing unit. Once the security integrated circuit is turned on, or when the subsequent encryption program is selected to be executed, the microprocessor unit executes the DES-type encryption program at step 10. Printed by the Consumer Cooperatives of the Intellectual Property Bureau of the Ministry of Economic Affairs It should be noted that the selection of the encryption program activation is achieved, for example, by an external command sent to one of the security integrated circuits. In step 11, one of the random numbers in the register of the random number generator is read by the micro processing unit. In step 12, the random number is loaded into the oscillator-level register TRIM by the microprocessor unit. The oscillator stage thus generates a clock signal whose frequency depends on the random number received. The microprocessor unit then reads another random number in the register of the random number generator in step 13 and sends it to the timer 14 in step 14. Obviously, the same random number can be loaded into the oscillator-level register and timer at the same time. During the execution of the DES-type encryption program by the microprocessor in step 15, the timer sends an interrupt signal at a randomly selected time depending on the received random number. This paper size is applicable. National National Standard (CNS) A4 specification (210X 297 mm) -17-1227817 A7 B7 V. Description of the invention (1 滂 (Please read the precautions on the back before filling this page) Once the encryption program is short When interrupted, a second routine or program starts, and the microprocessor reads a random number in step 16. In step 17, this random number is loaded into the oscillator-level register TRIM to replace the previous one. In this way, the oscillator stage generates a clock signal whose new frequency depends on the new random number received. At step 18, another random number is read by the microprocessor unit. After this read, and Depending on the random number read out, there are operations that are randomly written in the EEPROM memory in step 19 or operations that are not written in the EEPROM memory in step 20. Because of the interrupt routine in execution, Writing to the EEPROM memory during the period is random, which causes additional current loss during the writing period, thus making it more difficult for unauthorized personnel to analyze any encryption. Thereafter, the microprocessor unit reads out another step in step 21 A random number. In step 22, The random number is in the timer, which changes the time between each interrupt signal generated by the timer. After step 22, the micro processing unit can continue to execute the encryption program. The interrupt routine can be executed several times until the program Until the completion, but this interruption routine is not executed each time an interruption signal is sent to the micro processing unit. The employee consumer cooperative of the Intellectual Property Bureau of the Ministry of Economic Affairs printed a description just mentioned, and those who are skilled in the art can come up with a preservation product. Many changes to the body circuit without departing from the scope of the present invention. For example, at the oscillator level, the group of resistors may be replaced by a fixed resistor, and the fixed capacitor may be replaced by a group of capacitors. The binary word TRIM configuration generated by the device-level register is the same as that of the group of resistors. This binary word is equivalent to the random number set in the register. The configuration of this group of capacitors is to set some capacitors This can be exemplified by the application of this paper's size to the Chinese National Standard (CNS) A4 (210X297 mm) -18-1227817 A7 B7 V. Description of the invention (such as switching of voltage control The components are selected in parallel or in series, this depends on the binary word TRIM. (Please read the notes on the back before filling out this page) Printed on the paper by the Consumers' Cooperative of the Intellectual Property Bureau of the Ministry of Economic Affairs This paper applies Chinese National Standard (CNS) A4 Specifications (210X 297 mm) -19-