US20070220603A1 - Data Processing Method and Device - Google Patents

Data Processing Method and Device Download PDF

Info

Publication number
US20070220603A1
US20070220603A1 US11/660,218 US66021805A US2007220603A1 US 20070220603 A1 US20070220603 A1 US 20070220603A1 US 66021805 A US66021805 A US 66021805A US 2007220603 A1 US2007220603 A1 US 2007220603A1
Authority
US
United States
Prior art keywords
action
verification
data
case
processing
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Abandoned
Application number
US11/660,218
Other languages
English (en)
Inventor
Francis Chamberot
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Idemia France SAS
Original Assignee
Oberthur Card Systems SA France
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Oberthur Card Systems SA France filed Critical Oberthur Card Systems SA France
Assigned to OBERTHUR CARD SYSTEMS SA reassignment OBERTHUR CARD SYSTEMS SA ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: CHAMBEROT, FRANCIS
Publication of US20070220603A1 publication Critical patent/US20070220603A1/en
Assigned to OBERTHUR TECHNOLOGIES reassignment OBERTHUR TECHNOLOGIES CHANGE OF NAME (SEE DOCUMENT FOR DETAILS). Assignors: OBERTHUR CARD SYSTEMS SA
Abandoned legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/552Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting

Definitions

  • the present invention concerns a method of processing data, used for example in a microcircuit card.
  • an electronic entity for example microcircuit card
  • One such electronic entity is for example a bank card, a telephone SIM card (the acronym SIM stemming from the English Subscriber Identity Module), an electronic passport, a secure module of the HSM type (from the English Hardware Security Module) such as a PCMCIA card of the IBM4758 type, without these examples being limiting.
  • One large category of attacks to be combated consists of attacks known as fault generation attacks, during which malicious persons seek to cause the data processing apparatus to depart from its normal, and thus secure, operation.
  • the data processing methods commonly used provide steps for verification of the normal running of the method, with the aim of detecting anomalies one possible origin whereof is a fault generation attack. If an anomaly is detected (i.e. if normal running is not verified), the anomaly is processed immediately, and this is generally called security processing. This type of processing consists in fact in a countermeasure intended to combat the attack, for example by prohibiting all subsequent operation of the data processing apparatus.
  • the processing of the anomaly is usually thought of as following on immediately from detection, since the fact of continuing the processing in the presence of an anomaly clearly entails the risk of further degrading the operation of the data processing apparatus and therefore its security.
  • this ordinary thinking gives the attacker information as to the moment at which the anomaly is detected.
  • the time of detection of the anomaly is in itself difficult to access from outside.
  • the attacker by observing and analyzing the electrical consumption (or the electromagnetic radiation) of the apparatus, can obtain access to the time of implementation of the processing of the anomaly, for example in the case where this processing consists in an action on an external device. Since according to the ordinary thinking this processing follows on immediately from the detection of the anomaly, the attacker could deduce relatively easily from this the time of detection of the anomaly.
  • the invention proposes a data processing method comprising a step of verification of a criterion indicative of the normal running of the method and a processing step effected in the case of negative verification, wherein the processing step is separated from the verification step by an intermediate step of non-null duration.
  • the intermediate step entails effecting at least one second action having at least one first characteristic in common with the first action.
  • the second action is different from the first action, for example.
  • the second action may comprise fewer risks, or even no risk, to the security of the system.
  • the processing step may entail effecting at least one fourth action having at least one second characteristic in common with the third action.
  • the first or second common characteristic is for example the electrical consumption or the electromagnetic radiation of the apparatus generated by the first, respectively the third, action and by the second, respectively the fourth, action.
  • the first or second common characteristic may equally be the number of instructions used in the first, respectively the third, action and in the second, respectively the fourth, action, which makes it impossible to distinguish between the modes of operation by the duration of said actions.
  • the first or second common characteristic may further be the type of instruction used by the first, respectively the third, action and by the second, respectively the fourth, action, which ensures great similarity in the electrical and/or electromagnetic signature of said actions.
  • the first or second common characteristic may also be the type of data processed by the first, respectively the third, action and by the second, respectively the fourth, action, which also ensures such similarity.
  • the second, respectively the fourth, action may entail access to a second area of said memory different from the first area.
  • the processing of the data therefore appears similar in both the modes of operation mentioned above although it is in fact effected in different contexts.
  • the first or second common characteristic is communication with an external device, which may be for example a cryptoprocessor, a memory (e.g. a rewritable semiconductor memory), or a user terminal. Communication with such external devices is in fact observed by attackers and this common characteristic is therefore particularly likely to lead them into error.
  • an external device which may be for example a cryptoprocessor, a memory (e.g. a rewritable semiconductor memory), or a user terminal.
  • the first action may entail a secure step, for example a cryptographic algorithm, which is thus protected against fault generation attacks.
  • the processing step entails for example writing blocking data into a physical memory.
  • the writing of blocking data may be effected in accordance with a chronology identical to writing data into the physical memory in the case of normal running of the method.
  • this data represents a pecuniary value. Thus an attacker will not be able to distinguish a priori between blocking of the apparatus and an operation on the value that it represents.
  • the criterion is negative for example if an erroneous signature is provided or if an anomaly is detected.
  • the criterion may also be negative if an attack is detected.
  • the invention is of particular interest in this context.
  • the criterion may equally be negative if a functional error is detected.
  • Such processing in the case of functional error is unusual but proves interesting for enhancing the security of the system, in particular because such functional errors are very rare outside attack situations and thus reflect the probable presence of an attack.
  • the intermediate step entails at least one instruction determined during the execution of the method, for example randomly.
  • the understanding of the operation of the system by the attacker is further complicated by this.
  • a microcircuit card comprises a microprocessor and the method is executed by the microprocessor.
  • the invention also proposes a data processing device comprising means for verification of a criterion indicative of the normal operation of the device and processing means used in the case of negative verification characterized by separation means for separating the operation of the verification means from the operation of the processing means by a non-null duration.
  • first action means are used in the case of positive verification and the separation means have at least one first characteristic in common with the first action means.
  • second action means are used in the case of positive verification and the processing means have at least one second characteristic in common with the second action means.
  • This device is for example a microcircuit card.
  • the invention further proposes, in a manner that is novel in itself, a method of processing data comprising a step of verification of a criterion indicative of the normal running of the method and a processing step effected in the case of negative verification, characterized in that, a first action being effected in the case of positive verification, the processing step entails effecting at least one second action having a characteristic in common with the first action.
  • the second action may be provided with a chronology identical to the first action in the case of normal running of the method.
  • the first action is for example writing data into a physical memory and the second action is for example writing blocking data into that physical memory.
  • This method may moreover have the characteristics associated with the method proposed hereinabove and the advantages that flow therefrom. Moreover, a device which comprises means for implementing the various steps of this method is proposed in the same line of thinking.
  • FIG. 1 represents diagrammatically the main elements of one possible embodiment of a microcircuit card
  • FIG. 2 represents the general physical appearance of the microcircuit card from FIG. 1 ;
  • FIG. 3 represents a method implemented in accordance with a first embodiment of the invention
  • FIG. 4 represents a method implemented in accordance with a second embodiment of the invention.
  • FIG. 5 represents a method implemented in accordance with a third embodiment of the invention.
  • the microcircuit card 10 the principal elements whereof are represented in FIG. 1 includes a microprocessor 2 connected on the one hand to a random access memory (or RAM from the English Random Access Memory) 4 and on the other hand to a rewritable semiconductor memory 6 , for example a read-only memory that can be erased and programmed electrically (or EEPROM from the English Electrically Erasable Programmable Read Only Memory).
  • a rewritable semiconductor memory 6 for example a read-only memory that can be erased and programmed electrically (or EEPROM from the English Electrically Erasable Programmable Read Only Memory).
  • the rewritable semiconductor memory 6 could be a flash memory.
  • the memories 4 , 6 are each connected to the microprocessor 2 by a bus in FIG. 1 ; alternatively, there could be one common bus.
  • the microcircuit card 10 also includes an interface 8 for communication with a user terminal that here takes the form of contacts one of which provides a bidirectional link with the microprocessor 2 , for example.
  • the interface 8 thus enables bidirectional communication to be set up between the microprocessor 2 and the user terminal into which the microcircuit card 10 will be inserted.
  • the microprocessor 2 executes a method of operation of the microcircuit card 10 in accordance with a set of instructions stored for example in a read-only memory (or ROM from the English Read-Only Memory)—not shown—or in the rewritable memory 6 , which defines a computer program.
  • This method generally includes the exchange of data with the user terminal via the interface 8 and the processing of data within the microcircuit card 10 , and precisely within the microprocessor 2 , possibly using data stored in the rewritable memory 6 and data stored temporarily in the random access memory 4 .
  • FIG. 2 represents the general physical appearance of the microcircuit card 10 produced with the general shape of a rectangular parallelepiped of very small thickness.
  • the communication interface 8 provided with the contacts already mentioned is clearly apparent on the face of the microcircuit card 10 visible in FIG. 2 , in the form of a rectangle inscribed within the upper face of the microcircuit card 10 .
  • FIG. 3 represents a method of reading in the rewritable memory 6 such as may be used by the microcircuit card 10 shown in FIG. 1 , for example thanks to the execution of a computer program within the microprocessor 2 .
  • This method is given as a first example of use of the invention.
  • Such a method is used for example if the data written in the rewritable memory (or EEPROM) 6 must be used by the microprocessor 2 during a data processing operation; the data written in rewritable memory 6 is read beforehand in order to be transferred into the random access memory 4 in which it can be easily manipulated.
  • the method receives as input the address ADR at which it must effect the read operation in the rewritable memory (or EEPROM) 6 .
  • step E 304 the method initializes to the value 0 an error flag S.
  • step E 306 proceeds to the verification of a checksum.
  • other verifications are possible but have not been represented in FIG. 3 to clarify the explanation of the invention.
  • the step E 306 of verification of a checksum consists in verifying that the data written in rewritable memory 6 is consistent with the checksum (sometimes designated by the Anglo-Saxon terminology “checksum”) associated with that data.
  • step E 308 if the checksum is not erroneous, i.e. the verification of the checksum is positive, normal operation continues with the step E 314 described hereinafter; if on the other hand an error is detected in the checksum, i.e. the step of verification of the checksum gives a negative result, there follows the step E 310 .
  • an erroneous checksum although it indicates in all cases abnormal operation of the microcircuit card, may have diverse origins: it may be a question of a functional error (for example an error in the content of the rewritable memory 6 ), but it may equally be a question of the trace of a fault generation attack.
  • the error flag S is updated to the value 1 to indicate that an anomaly has been detected.
  • step E 312 in which the read address ADR received as input to the method (see the step E 302 described hereinabove) is replaced by the address of a “bait-area” situated in the rewritable memory 6 .
  • the bait-area is a memory area a priori different from the address received in the step E 302 ; it is for example an address at which no reading should normally be effected in normal operation (i.e. during the normal and anomaly-free operation of the microcircuit card).
  • these bait-areas may include data determined randomly and/or data of the same structure as the data that was initially to be read at the address ADR received in the step E 302 .
  • step E 312 does not constitute a step of processing of the anomaly detected in the step E 308 : for example, it is not a question of the transmission of a code relating to the detected anomaly, the display of a message relating to that anomaly, or a countermeasure when it is considered that the anomaly stems from a fault generation attack.
  • step E 312 (effected like the step E 310 only in the case of abnormal operation of the microcircuit card, i.e. in the case of negative verification of normal operation in the step E 306 )
  • step E 314 which, as indicated hereinabove, forms part of the normal operation of the microcircuit card (in the case of positive verification of the checksum as indicated with regard to the step E 308 ).
  • the step E 314 consists in transferring the data from the rewritable memory 6 to the random access memory 4 and therefore constitutes in this regard the core of the FIG. 3 method, following the initialization and verification steps.
  • the step E 314 reads in the rewritable memory 6 at the address specified by the variable ADR previously mentioned and writes the data it has read in random access memory 4 in an area usually referred to as buffer memory that is generally used to manipulate data.
  • variable ADR actually points to the address in rewritable memory 6 received as input, i.e. to the data that must actually be read.
  • the variable ADR points to the bait-area defined in the step E 312 with the result that the step E 314 will in fact transfer data from the bait-area into the buffer memory area in random access memory 4 , and not effect the reading operation required by the address received in the step E 302 .
  • step E 314 being effected in normal operation as after detection of an operating anomaly (although with different data), it is virtually impossible for an attacker to detect a departure from normal operation, for example by current measurements.
  • step E 314 the method proceeds to the step E 316 in which the error flag S is tested.
  • step E 320 in which the anomaly previously detected is processed, for example by writing blocking (or lock) data in the rewritable memory 6 .
  • Writing a lock in the rewritable memory 6 consists in writing certain data into that memory 6 that will prevent any subsequent use of the microcircuit card 10 . For example, if the microcircuit card 10 is subsequently inserted into another user terminal, the microprocessor 2 of the microcircuit card 10 will detect the presence of the blocking data in the rewritable memory 6 and will not carry out any processing or exchange of information with the user terminal.
  • the countermeasure may equally consist in deleting confidential data, for example secret keys, from the rewritable memory 6 .
  • the step of processing the anomaly could consist in updating a flag (stored in random access memory 4 or in rewritable memory 6 ) representative of the anomaly detected during the FIG. 3 method.
  • This solution does not lead immediately to the blocking of the microcircuit card, but keeps a trace of the presence of an operating anomaly in order to analyze the problem encountered and where appropriate then to proceed to blocking the card (for example if other elements corroborate the hypothesis of a fault generation attack).
  • step E 316 If the step E 316 previously described indicates that the error flag S does not have the value 1 (i.e. that the verification of the step E 306 was positive), the method continues its normal operation with the step E 318 , in which the address of the buffer memory area in random access memory 4 previously mentioned is sent to the output in order to enable use of the data read in the rewritable memory 6 in subsequent operation of the microcircuit card.
  • the method is a Read Record routine as defined by the ISO 7816 standard
  • the content of the buffer memory area is sent in the subsequent steps.
  • FIG. 4 shows a method of reading in rewritable memory 6 carried out in accordance with a second embodiment of the invention.
  • This method is for example implemented by the execution of the instructions of a computer program by the microprocessor 2 .
  • the method described here receives as input, in the step E 402 , the address ADR at which it must read data in the rewritable memory 6 .
  • the step E 404 may for example consist in reading in the rewritable memory 6 the header of the file designated by the address ADR and verifying that the data of that header corresponds to data indicative of the type that must be read using the method described here.
  • step E 406 If the file type designated by the header does not correspond to the type of file that must be read, there is a departure from the normal running of the method in the step E 406 to go to the step E 430 described hereinafter. If on the other hand the file type is correct, the step E 406 leads to the step E 408 of normal operation as now described.
  • step E 408 it is verified that reading in the rewritable memory 6 is authorized by comparing the necessary access rights specified in the header of the file to those presented by the user, this information being accessible in random access memory 4 .
  • step E 410 if it is determined in the step E 410 that access to the rewritable memory 6 is authorized, there follows the step E 412 for the continuation of normal operation of the microcircuit card.
  • the steps E 404 to E 410 therefore proceed to verifications of the normal operation of the microcircuit card. Verifications other than those given here by way of example could naturally be carried out.
  • the step E 412 already mentioned which follows if the various verifications relating to normal operation have been positive, consists in reading the data stored at the address ADR in the rewritable memory 6 in order to store it in random access memory 4 to use it subsequently during data processing effected by the miropressor 2 .
  • This step therefore brings about repeated access in read mode to the rewritable memory 6 and repeated access in write mode to the random access memory 4 .
  • step E 414 of verifying the accuracy of the read data. To do this, for example, the data in the rewritable memory 6 is read again and that data is compared to the corresponding data previously stored in the random access memory 4 in the step E 412 .
  • step E 434 described hereinafter follows on from the step E 416 .
  • step E 416 leads to the continuation of normal operation in the step E 418 now described.
  • the step E 418 consists in returning as output the address at which the data read in the rewritable memory 6 is stored in random access memory in order for the latter data to be available for the continuation of the normal operation diagrammatically represented by the step E 420 in FIG. 4 .
  • this step E 420 consists for example in sending the data that has been read.
  • step E 430 of updating an error report E so that the latter indicates an error stemming from the file type.
  • the step E 430 is followed by the step E 450 in which a bait-area in random access memory 4 is read.
  • the bait-area is for example a dedicated area, with no other use, that contains data dedicated to this use and that is different here for example from the access rights relating to the authorization to read in rewritable memory 6 mentioned in relation to the step E 408 .
  • step E 452 in which the data read in the step E 450 (i.e. the data read in the bait-area which can therefore be referred to as “bait-data”) is compared to the value 0 .
  • steps E 450 and E 452 have no functional role in the operation of the card, i.e. neither the data that is processed therein nor the result of the comparison that is effected has any impact on the other portions of the method.
  • step E 452 is followed by the step E 454 that will be described hereinafter.
  • step E 408 In the same line of thinking as that which has just been described with regard to the detection of an erroneous file type, there follows as already stated in the case of prohibition of access to rewritable memory (steps E 408 and E 410 ) a step E 432 in which the error report E is updated to indicate that the-error stems from a prohibition of reading the rewritable memory 6 .
  • step E 432 is also followed by the step E 454 already mentioned and that will now be described.
  • the method reads in a bait-area of the rewritable memory 6 and writes in a bait-area of the random access memory 4 .
  • the bait-areas in the memories 4 , 6 are areas of those memories in which data is written that has no particular function in normal operation. Access in read or in write mode to these bait-areas nevertheless allows simulation, for an external observer of the running of the method, the steps carried out during normal operation, for example in the step E 412 , without impacting on the data used elsewhere by the method or on the security thereof.
  • the step E 454 is followed by a step E 456 of reading bait-areas in the random access memory 4 and in the rewritable memory 6 .
  • this access in read mode has no functional role in the normal operation of the program (i.e. the data read in the bait-areas is not used in other portions of the method).
  • the steps E 454 and E 456 generate signatures that are respectively similar to the signatures generated by the steps E 412 and E 414 during normal operation.
  • the steps E 454 and E 456 are not steps of processing the detected anomaly, since these steps work on bait-data, without seeking to remedy a functional error or to implement a countermeasure if the anomaly stems from a fault generation attack.
  • step E 456 is followed by the step E 458 described hereinafter.
  • step E 416 is followed by the step E 434 of updating the error report E in order for the latter to indicate that the error detected stems from an error in reading the rewritable memory 6 .
  • step E 434 is then followed by the step E 458 already mentioned and now described.
  • the step E 458 consists in sending the error report as determined during a preceding step (i.e. during one of the steps E 430 , E 432 and E 434 ).
  • the error code may be sent to another method (or another part-method) implemented in the microcircuit card. For example, if the method represented in FIG. 4 represents a subroutine executed if the main program managing the operation of the microcircuit card requires the rewritable memory 6 to be read, the step E 458 may consist in returning the value of the error report to the main program.
  • the error report may be sent in the step E 458 to the user terminal via the interface 8 .
  • the method represented in FIG. 4 therefore has two main branches:
  • a first branch which corresponds to the normal running of the method (steps E 402 to E 420 );
  • a second branch made up of steps at least some of which are effected after an anomaly has been detected (steps E 450 to E 458 ).
  • the corresponding step of the second branch uses an instruction of the same type as the corresponding step of the first branch, and where necessary uses a call with a device identical to that used in the corresponding step of the first branch, to generate for an attacker the same signature, for example in terms of electrical consumption or electromagnetic radiation.
  • FIG. 5 represents a method used in an electronic purse type microcircuit card (sometimes designated by the English word purse) according to the teachings of a third embodiment of the invention.
  • This method is implemented for example by the execution of a program consisting of instructions in the microprocessor 2 of the microcircuit card.
  • FIG. 5 represents the main steps of the method used to credit the electronic purse, i.e. to modify the data stored in the microcircuit card that represents the value of the electronic purse in the sense of an increase in that value.
  • step E 502 the microprocessor 2 of the microcircuit card 10 receives from the user (via the interface 8 ) a credit command code C, the amount M to be credited and a signature S, as represented in the step E 502 .
  • the signature S ensures that the user actually has an authorization to effect this credit; in fact, without this precaution, anyone could command the increase in the value of the electronic purse, which is obviously unacceptable.
  • step E 504 which follows the step E 502 in normal operation, the microprocessor commands the reading in the rewritable memory 6 of a key K by specifying the storage address of this key in the rewritable memory 6 .
  • the key K stored in the rewritable memory 6 is secret and is therefore not accessible from the outside.
  • the microprocessor 2 then proceeds to the step E 506 of sending the secret key K read in the rewritable memory 6 and the control code C to a cryptoprocessor (not shown in FIG. 1 ).
  • the cryptoprocessor effects a cryptographic calculation on the basis of the data received (secret key K, command code C) using conventional cryptographic algorithms, for example the DES algorithm. More precisely, an algorithm is applied here to the control code C using the secret key K in order to obtain a calculated signal S 1 .
  • the cryptoprocessor then returns to the microprocessor 2 the calculated signature S 1 (step E 508 ).
  • the secret key K can therefore determine the signature S in exactly the same way as the calculation that has just been effected to calculate the signature S 1 .
  • step E the signature received from the user S is compared to the signature S 1 calculated on the basis of the secret key K stored in the microcircuit card, which makes it possible to determine if writing the credit is authorized.
  • step E 510 if the comparison between S and S 1 is positive in the step E 510 , there follows the step E 512 in which the amount M to be credited, or alternatively the value of the electronic purse resulting from that credit, is written in the rewritable memory 6 .
  • step E 510 if it is determined in the step E 510 that the signature S received from the user does not correspond to the calculated signature S 1 , crediting the electronic purse cannot be authorized and there then follows the step E 514 in which the microprocessor 2 sends the user terminal an error report.
  • the microprocessor 2 carries out steps different from those of normal operation, as now described. According to a variant that maybe compatible with what is described hereinafter, the method may also use these different steps (or other steps different from normal operation) if a functional error is detected (rather than an attack).
  • step E 502 of receiving data if an attack is detected between the step E 502 of receiving data and the step E 504 of reading the secret key K in the rewritable memory 6 , there follows the step E 520 in which data is read in the rewritable memory 6 at an address K′ that constitutes a bait-area corresponding to the area containing the secret key K read in the step E 504 during normal operation.
  • step E 520 whereof the electrical or electromagnetic signature (as observed by the attacker) is similar to that of the step E 504 effected in normal operation. The attacker therefore thinks that his attack has not been detected and that the microprocessor 2 is actually reading the secret key K in the rewritable memory 6 .
  • step E 522 there follows the step E 522 .
  • This step E 522 also follows if an attack is detected by steps of verification of the normal running of the method situated between the steps E 504 and E 506 previously described.
  • the step E 522 consists in sending to the cryptoprocessor (previously mentioned with regard to the steps E 506 and E 508 ) data C′ and K′ that constitutes bait-data.
  • the step E 522 has no particular functional role, but simulates the step E 506 for an attacker who is observing the operation of the microcircuit card 10 by simply studying the electrical consumption of or the electromagnetic radiation generated by the card.
  • the bait-data K′ may be the data read during the step E 520 .
  • it may be predetermined data, and preferably data unrelated to the secure operation of the microcircuit card 10 .
  • the signature of the step E 522 being similar to that of the step E 506 effected in normal operation, an attacker is unaware when the step E 522 is executed that his attack has in fact been detected.
  • step E 522 is followed by the step E 524 described hereinafter.
  • steps E 506 and E 508 may be separated by steps of verification of the normal operation of the method adapted to detect an attack, as represented in dashed line in FIG. 5 . If an attack is detected, the method also continues at the step E 524 .
  • the step E 524 consists in receiving a signature calculated by the cryptoprocessor. As previously for the steps E 520 and E 522 , the step E 524 simulates a step of normal operation (here the step E 508 ) in order to prevent an attacker detecting that his preceding attack has been detected.
  • the signature S 1 ′ is for example the signature calculated by the cryptoprocessor on the basis of the data C′ and K′ transmitted during the step E 522 .
  • the calculated signature S 1 ′ has no functional role since it is based on bait-data.
  • the step E 524 may for example consist in actually receiving only a portion of the signature calculated by the cryptoprocessor on the basis of the data C and K sent in the step E 506 .
  • the rest of the signature S′ is for example forced to a predetermined value, such that the result obtained (signature S 1 ′) does not correspond to the signature S 1 in order to preserve the security of the operation of the microcircuit card.
  • the step E 524 is followed by the step E 526 in which there is effected for example a comparison of the value S 1 ′ that has just been determined with itself.
  • this step has no functional role (since the result of the comparison of a number with itself is obviously known in advance), but simulates the step E 510 for an attacker who is observing the electrical and/or electromagnetic behavior of the microcircuit card 10 .
  • the steps E 526 and E 510 using the same instruction they have very similar electrical (and electromagnetic) signatures.
  • step E 526 is followed by the step E 528 in which blocking (or lock) data is written in the rewritable memory 6 .
  • writing blocking data in the rewritable memory 6 prevents all subsequent use of the microcircuit card 10 . It is therefore a particularly severe and effective countermeasure in response to the detection of an attack.
  • step E 528 is executed at a time when normal operation would have executed the step E 512 of writing the amount in rewritable memory 6 .
  • step E 528 is initially confused by the attacker with the step E 512 of normal operation that has the same electrical and/or electromagnetic signature, in particular because the steps E 512 and E 528 correspond to instructions of the same type that both effect a communication from the microprocessor 2 to the rewritable memory 6 .
  • the step E 512 and the preceding steps of normal operation each have a similar signature step executed in the case of detection of an attack.
  • the step E 512 of writing the amount in the rewritable memory 6 which constitutes an important step in the execution of the method, is associated with the step E 528 of writing blocking data, which precisely constitutes the countermeasure in the case of detection of an attack against this method.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • General Health & Medical Sciences (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Storage Device Security (AREA)
  • Debugging And Monitoring (AREA)
US11/660,218 2004-08-17 2005-08-12 Data Processing Method and Device Abandoned US20070220603A1 (en)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
FR0408928A FR2874440B1 (fr) 2004-08-17 2004-08-17 Procede et dispositif de traitement de donnees
FR0408928 2004-08-17
PCT/FR2005/002083 WO2006021686A2 (fr) 2004-08-17 2005-08-12 Procédé et dispositif de traitement de données

Related Parent Applications (1)

Application Number Title Priority Date Filing Date
PCT/FR2005/002083 A-371-Of-International WO2006021686A2 (fr) 2004-08-17 2005-08-12 Procédé et dispositif de traitement de données

Related Child Applications (1)

Application Number Title Priority Date Filing Date
US13/845,914 Division US9454663B2 (en) 2004-08-17 2013-03-18 Data processing method and device

Publications (1)

Publication Number Publication Date
US20070220603A1 true US20070220603A1 (en) 2007-09-20

Family

ID=34948280

Family Applications (2)

Application Number Title Priority Date Filing Date
US11/660,218 Abandoned US20070220603A1 (en) 2004-08-17 2005-08-12 Data Processing Method and Device
US13/845,914 Active US9454663B2 (en) 2004-08-17 2013-03-18 Data processing method and device

Family Applications After (1)

Application Number Title Priority Date Filing Date
US13/845,914 Active US9454663B2 (en) 2004-08-17 2013-03-18 Data processing method and device

Country Status (8)

Country Link
US (2) US20070220603A1 (es)
EP (2) EP2309409B1 (es)
JP (2) JP4790717B2 (es)
CA (1) CA2575143C (es)
ES (2) ES2543210T3 (es)
FR (1) FR2874440B1 (es)
PL (2) PL2309409T3 (es)
WO (1) WO2006021686A2 (es)

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060112436A1 (en) * 2004-11-19 2006-05-25 Proton World International N.V. Protection of a microcontroller
US20080018927A1 (en) * 2006-07-21 2008-01-24 Research In Motion Limited Method and system for providing a honeypot mode for an electronic device
US20100299511A1 (en) * 2007-11-26 2010-11-25 Herve Pelletier Method of Masking the End-of-Life Transition of an Electronic Device, and a Device Including a Corresponding Control Module
US20110010775A1 (en) * 2007-01-05 2011-01-13 Proton World International N.V. Protection of information contained in an electronic circuit
US20110007567A1 (en) * 2007-01-05 2011-01-13 Jean-Louis Modave Temporary locking of an electronic circuit
US20110122694A1 (en) * 2007-01-05 2011-05-26 Proton World International N.V. Limitation of the access to a resource of an electronic circuit
US20180239906A1 (en) * 2013-03-15 2018-08-23 Power Fingerprinting Inc. Systems, methods, and apparatus to enhance the integrity assessment when using power fingerprinting systems for computer-based systems

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
FR2935823B1 (fr) * 2008-09-11 2010-10-01 Oberthur Technologies Procede et dispositif de protection d'un microcircuit contre les attaques.
FR3045184B1 (fr) 2015-12-15 2018-07-20 Idemia France Procede d’ecriture dans une memoire non-volatile d’une entite electronique et entite electronique associee
FR3075430B1 (fr) * 2017-12-20 2020-08-07 Oberthur Technologies Procede de traitement de donnees et dispositif electronique associe

Citations (61)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4719626A (en) * 1983-12-30 1988-01-12 Fujitsu Limited Diagnostic method and apparatus for channel control apparatus
US5367149A (en) * 1992-08-27 1994-11-22 Mitsubishi Denki Kabushiki Kaisha IC card and method of checking personal identification number of the same
US6000004A (en) * 1996-10-23 1999-12-07 Sharp Kabushiki Kaisha Nonvolatile semiconductor memory device with write protect data settings for disabling erase from and write into a block, and erase and re-erase settings for enabling write into and erase from a block
US6223290B1 (en) * 1998-05-07 2001-04-24 Intel Corporation Method and apparatus for preventing the fraudulent use of a cellular telephone
US20010010602A1 (en) * 2000-02-02 2001-08-02 Fujitsu Limited Method detecting a fault of a magnetic recording head, and a magnetic recording device
US20020018384A1 (en) * 2000-04-21 2002-02-14 Ken Sumitani Semiconductor storage device, control device, and electronic apparatus
US20020106084A1 (en) * 2000-06-12 2002-08-08 Hiroo Azuma Encryption method and apparatus
US20020108036A1 (en) * 2000-07-24 2002-08-08 Takumi Okaue Data processing system, data processing method, data processing apparatus, license system, and program providing medium
US20020151992A1 (en) * 1999-02-01 2002-10-17 Hoffberg Steven M. Media recording device with packet data interface
US6510521B1 (en) * 1996-02-09 2003-01-21 Intel Corporation Methods and apparatus for preventing unauthorized write access to a protected non-volatile storage
US20030028784A1 (en) * 2001-08-03 2003-02-06 Nec Corporation User authentication method and user authentication device
US20030065828A1 (en) * 2001-08-31 2003-04-03 Autodesk Canada Inc. Processing data
US6567539B1 (en) * 1998-02-12 2003-05-20 Bull Cp8 Method for producing an image using a portable object
US20030097344A1 (en) * 1994-01-11 2003-05-22 David Chaum Multi-purpose transaction card system
US20030110390A1 (en) * 2000-05-22 2003-06-12 Christian May Secure data processing unit, and an associated method
US20030112665A1 (en) * 2001-12-17 2003-06-19 Nec Electronics Corporation Semiconductor memory device, data processor, and method of determining frequency
US20030188117A1 (en) * 2001-03-15 2003-10-02 Kenji Yoshino Data access management system and management method using access control tickert
US20030222797A1 (en) * 2002-04-12 2003-12-04 Yuichi Futa Positional information storage system and method , semiconductor memory, and program
US20040003321A1 (en) * 2002-06-27 2004-01-01 Glew Andrew F. Initialization of protected system
US20040030905A1 (en) * 2000-02-18 2004-02-12 Chow Stanley T. Encoding method and system resistant to power analysis
US20040061500A1 (en) * 2002-09-30 2004-04-01 Continental Teves, Inc. Offset calibration of a semi-relative steering wheel angle sensor
US20040088064A1 (en) * 2002-10-28 2004-05-06 Satoshi Endo Backup system for multi-source audio apparatus
US6738749B1 (en) * 1998-09-09 2004-05-18 Ncr Corporation Methods and apparatus for creating and storing secure customer receipts on smart cards
US20040103177A1 (en) * 2002-11-13 2004-05-27 Waeil Ben Ismail Software upgrade over a USB connection
US20040133794A1 (en) * 2001-03-28 2004-07-08 Kocher Paul C. Self-protecting digital content
US20040136421A1 (en) * 2003-01-10 2004-07-15 Robinson Michael A. Loss of signal detection and programmable behavior after error detection
US20040145339A1 (en) * 2001-04-02 2004-07-29 Paul Dischamp Methods for protecting a smart card
US20040153626A1 (en) * 2003-01-29 2004-08-05 Kabushiki Kaisha Toshiba Semiconductor device and a method for checking state transition thereof
US20040151026A1 (en) * 2003-01-30 2004-08-05 Micron Technology, Inc. Chip protection register unlocking
US20040158728A1 (en) * 2003-02-06 2004-08-12 Seo-Kyu Kim Smart cards having protection circuits therein that inhibit power analysis attacks and methods of operating same
US20040172538A1 (en) * 2002-12-18 2004-09-02 International Business Machines Corporation Information processing with data storage
US20040172576A1 (en) * 2001-09-28 2004-09-02 Takeo Yoshii Data writing apparatus, data writing method, and program
US20040199743A1 (en) * 2000-10-19 2004-10-07 Loaiza Juan R. Data block location verification
US20040204800A1 (en) * 2003-04-11 2004-10-14 Denso Corporation Electronic control unit for a vehicle
US20040215909A1 (en) * 2003-04-23 2004-10-28 Renesas Technology Corp. Nonvolatile memory device and data processing system
US20040225776A1 (en) * 2001-03-12 2004-11-11 Motorola, Inc. Method of regulating usage and/or concession eligibility via distributed list management in a smart card system
US6820047B1 (en) * 1999-11-05 2004-11-16 Kabushiki Kaisha Toshiba Method and system for simulating an operation of a memory
US20040236961A1 (en) * 1997-07-15 2004-11-25 Walmsley Simon Robert Integrated circuit incorporating protection from power supply attacks
US20040240097A1 (en) * 2003-04-28 2004-12-02 Hewlett-Packard Development Company, L.P. Method and apparatus for use in data transfer
US20040243766A1 (en) * 2003-05-30 2004-12-02 Lovelace John V. Writing cached data to system management memory
US20040260593A1 (en) * 2003-05-20 2004-12-23 Klaus Abraham-Fuchs System and user interface supporting workflow operation improvement
US20040268312A1 (en) * 2003-05-30 2004-12-30 International Business Machines Corporation Application development support, component invocation monitoring, and data processing
US20040264023A1 (en) * 2003-05-30 2004-12-30 International Business Machines Corp. System, method and computer program product for tape failure detection
US20050021990A1 (en) * 2001-09-04 2005-01-27 Pierre-Yvan Liardet Method for making secure a secret quantity
US20050021427A1 (en) * 2003-07-22 2005-01-27 Norio Takahashi System and method for processing account data
US20050073902A1 (en) * 2003-10-02 2005-04-07 Broadcom Corporation Phase controlled high speed interfaces
US20050073885A1 (en) * 2002-11-18 2005-04-07 Matsushita Electric Industrial Co., Ltd. Semiconductor memory device
US20050154672A1 (en) * 2004-01-13 2005-07-14 Griffin Daniel C. Performance optimized smartcard transaction management
US20050157563A1 (en) * 2004-01-19 2005-07-21 Comax Semiconductor Inc. Memory Device and mobile communication device using a specific access procedure
US20050183072A1 (en) * 1999-07-29 2005-08-18 Intertrust Technologies Corporation Software self-defense systems and methods
US20050271202A1 (en) * 2004-06-08 2005-12-08 Hrl Laboratories, Llc Cryptographic architecture with random instruction masking to thwart differential power analysis
US20060020810A1 (en) * 2004-07-24 2006-01-26 International Business Machines Corporation System and method for software load authentication
US20060031676A1 (en) * 2004-08-05 2006-02-09 Luc Vantalon Methods and apparatuses for configuring products
US7036739B1 (en) * 1999-10-23 2006-05-02 Ultracard, Inc. Data storage device apparatus and method for using same
US7043615B1 (en) * 2000-06-02 2006-05-09 Renesas Technology Corp. Nonvolatile semiconductor memory and method of managing information in information distribution system
US7057937B1 (en) * 1992-03-17 2006-06-06 Renesas Technology Corp. Data processing apparatus having a flash memory built-in which is rewritable by use of external device
US7058819B2 (en) * 2000-07-24 2006-06-06 Sony Corporation Data processing system, data processing method, and program providing medium
US7073073B1 (en) * 1999-07-06 2006-07-04 Sony Corporation Data providing system, device, and method
US7149946B2 (en) * 2003-06-13 2006-12-12 Microsoft Corporation Systems and methods for enhanced stored data verification utilizing pageable pool memory
US7249108B1 (en) * 1997-07-15 2007-07-24 Silverbrook Research Pty Ltd Validation protocol and system
US7349884B1 (en) * 2001-03-29 2008-03-25 Gsc Enterprises, Inc. Method and apparatus for electronic commerce services at a point of sale

Family Cites Families (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5483518A (en) * 1992-06-17 1996-01-09 Texas Instruments Incorporated Addressable shadow port and protocol for serial bus networks
US5274817A (en) * 1991-12-23 1993-12-28 Caterpillar Inc. Method for executing subroutine calls
FR2773250B1 (fr) 1997-12-31 2000-03-10 Grp Des Cartes Bancaires Procede et dispositif de traitement de codes confidentiels
US6141771A (en) * 1998-02-06 2000-10-31 International Business Machines Corporation Method and system for providing a trusted machine state
US7599491B2 (en) * 1999-01-11 2009-10-06 Certicom Corp. Method for strengthening the implementation of ECDSA against power analysis
US20040141439A1 (en) * 2000-03-28 2004-07-22 Takayuki Suzuki Decoder
US6745370B1 (en) * 2000-07-14 2004-06-01 Heuristics Physics Laboratories, Inc. Method for selecting an optimal level of redundancy in the design of memories
DE10131575A1 (de) * 2001-07-02 2003-01-16 Bosch Gmbh Robert Verfahren zum Schutz eines Mikrorechner-Systems gegen Manipulation von in einer Speicheranordnung des Mikrorechner-Systems gespeicherten Daten
JP3993063B2 (ja) * 2001-10-15 2007-10-17 三菱電機株式会社 暗号通信装置
FR2832824A1 (fr) * 2001-11-28 2003-05-30 St Microelectronics Sa Blocage du fonctionnement d'un circuit integre
US7284111B1 (en) * 2002-04-17 2007-10-16 Dinochip, Inc. Integrated multidimensional sorter
JP2004102825A (ja) * 2002-09-11 2004-04-02 Renesas Technology Corp キャッシュメモリ制御装置
US9002724B2 (en) * 2003-02-28 2015-04-07 Panasonic Corporation Incentive provision system
US7216270B1 (en) * 2004-05-14 2007-05-08 National Semiconductor Corporation System and method for providing testing and failure analysis of integrated circuit memory devices
US7483533B2 (en) * 2004-08-05 2009-01-27 King Fahd University Of Petroleum Elliptic polynomial cryptography with multi x-coordinates embedding

Patent Citations (63)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4719626A (en) * 1983-12-30 1988-01-12 Fujitsu Limited Diagnostic method and apparatus for channel control apparatus
US7057937B1 (en) * 1992-03-17 2006-06-06 Renesas Technology Corp. Data processing apparatus having a flash memory built-in which is rewritable by use of external device
US5367149A (en) * 1992-08-27 1994-11-22 Mitsubishi Denki Kabushiki Kaisha IC card and method of checking personal identification number of the same
US20030097344A1 (en) * 1994-01-11 2003-05-22 David Chaum Multi-purpose transaction card system
US6510521B1 (en) * 1996-02-09 2003-01-21 Intel Corporation Methods and apparatus for preventing unauthorized write access to a protected non-volatile storage
US6000004A (en) * 1996-10-23 1999-12-07 Sharp Kabushiki Kaisha Nonvolatile semiconductor memory device with write protect data settings for disabling erase from and write into a block, and erase and re-erase settings for enabling write into and erase from a block
US7249108B1 (en) * 1997-07-15 2007-07-24 Silverbrook Research Pty Ltd Validation protocol and system
US20040236961A1 (en) * 1997-07-15 2004-11-25 Walmsley Simon Robert Integrated circuit incorporating protection from power supply attacks
US6567539B1 (en) * 1998-02-12 2003-05-20 Bull Cp8 Method for producing an image using a portable object
US6223290B1 (en) * 1998-05-07 2001-04-24 Intel Corporation Method and apparatus for preventing the fraudulent use of a cellular telephone
US6738749B1 (en) * 1998-09-09 2004-05-18 Ncr Corporation Methods and apparatus for creating and storing secure customer receipts on smart cards
US20020151992A1 (en) * 1999-02-01 2002-10-17 Hoffberg Steven M. Media recording device with packet data interface
US7073073B1 (en) * 1999-07-06 2006-07-04 Sony Corporation Data providing system, device, and method
US7430670B1 (en) * 1999-07-29 2008-09-30 Intertrust Technologies Corp. Software self-defense systems and methods
US20050183072A1 (en) * 1999-07-29 2005-08-18 Intertrust Technologies Corporation Software self-defense systems and methods
US7036739B1 (en) * 1999-10-23 2006-05-02 Ultracard, Inc. Data storage device apparatus and method for using same
US6820047B1 (en) * 1999-11-05 2004-11-16 Kabushiki Kaisha Toshiba Method and system for simulating an operation of a memory
US20010010602A1 (en) * 2000-02-02 2001-08-02 Fujitsu Limited Method detecting a fault of a magnetic recording head, and a magnetic recording device
US20040030905A1 (en) * 2000-02-18 2004-02-12 Chow Stanley T. Encoding method and system resistant to power analysis
US20040078588A1 (en) * 2000-02-18 2004-04-22 Chow Stanley T Method and apparatus for balanced electronic operations
US20020018384A1 (en) * 2000-04-21 2002-02-14 Ken Sumitani Semiconductor storage device, control device, and electronic apparatus
US20030110390A1 (en) * 2000-05-22 2003-06-12 Christian May Secure data processing unit, and an associated method
US7043615B1 (en) * 2000-06-02 2006-05-09 Renesas Technology Corp. Nonvolatile semiconductor memory and method of managing information in information distribution system
US20020106084A1 (en) * 2000-06-12 2002-08-08 Hiroo Azuma Encryption method and apparatus
US20020108036A1 (en) * 2000-07-24 2002-08-08 Takumi Okaue Data processing system, data processing method, data processing apparatus, license system, and program providing medium
US7058819B2 (en) * 2000-07-24 2006-06-06 Sony Corporation Data processing system, data processing method, and program providing medium
US20040199743A1 (en) * 2000-10-19 2004-10-07 Loaiza Juan R. Data block location verification
US20040225776A1 (en) * 2001-03-12 2004-11-11 Motorola, Inc. Method of regulating usage and/or concession eligibility via distributed list management in a smart card system
US20030188117A1 (en) * 2001-03-15 2003-10-02 Kenji Yoshino Data access management system and management method using access control tickert
US20040133794A1 (en) * 2001-03-28 2004-07-08 Kocher Paul C. Self-protecting digital content
US7349884B1 (en) * 2001-03-29 2008-03-25 Gsc Enterprises, Inc. Method and apparatus for electronic commerce services at a point of sale
US20040145339A1 (en) * 2001-04-02 2004-07-29 Paul Dischamp Methods for protecting a smart card
US20030028784A1 (en) * 2001-08-03 2003-02-06 Nec Corporation User authentication method and user authentication device
US20030065828A1 (en) * 2001-08-31 2003-04-03 Autodesk Canada Inc. Processing data
US20050021990A1 (en) * 2001-09-04 2005-01-27 Pierre-Yvan Liardet Method for making secure a secret quantity
US20040172576A1 (en) * 2001-09-28 2004-09-02 Takeo Yoshii Data writing apparatus, data writing method, and program
US20030112665A1 (en) * 2001-12-17 2003-06-19 Nec Electronics Corporation Semiconductor memory device, data processor, and method of determining frequency
US20030222797A1 (en) * 2002-04-12 2003-12-04 Yuichi Futa Positional information storage system and method , semiconductor memory, and program
US20040003321A1 (en) * 2002-06-27 2004-01-01 Glew Andrew F. Initialization of protected system
US20040061500A1 (en) * 2002-09-30 2004-04-01 Continental Teves, Inc. Offset calibration of a semi-relative steering wheel angle sensor
US20040088064A1 (en) * 2002-10-28 2004-05-06 Satoshi Endo Backup system for multi-source audio apparatus
US20040103177A1 (en) * 2002-11-13 2004-05-27 Waeil Ben Ismail Software upgrade over a USB connection
US20050073885A1 (en) * 2002-11-18 2005-04-07 Matsushita Electric Industrial Co., Ltd. Semiconductor memory device
US20040172538A1 (en) * 2002-12-18 2004-09-02 International Business Machines Corporation Information processing with data storage
US20040136421A1 (en) * 2003-01-10 2004-07-15 Robinson Michael A. Loss of signal detection and programmable behavior after error detection
US20040153626A1 (en) * 2003-01-29 2004-08-05 Kabushiki Kaisha Toshiba Semiconductor device and a method for checking state transition thereof
US20040151026A1 (en) * 2003-01-30 2004-08-05 Micron Technology, Inc. Chip protection register unlocking
US20040158728A1 (en) * 2003-02-06 2004-08-12 Seo-Kyu Kim Smart cards having protection circuits therein that inhibit power analysis attacks and methods of operating same
US20040204800A1 (en) * 2003-04-11 2004-10-14 Denso Corporation Electronic control unit for a vehicle
US20040215909A1 (en) * 2003-04-23 2004-10-28 Renesas Technology Corp. Nonvolatile memory device and data processing system
US20040240097A1 (en) * 2003-04-28 2004-12-02 Hewlett-Packard Development Company, L.P. Method and apparatus for use in data transfer
US20040260593A1 (en) * 2003-05-20 2004-12-23 Klaus Abraham-Fuchs System and user interface supporting workflow operation improvement
US20040268312A1 (en) * 2003-05-30 2004-12-30 International Business Machines Corporation Application development support, component invocation monitoring, and data processing
US20040243766A1 (en) * 2003-05-30 2004-12-02 Lovelace John V. Writing cached data to system management memory
US20040264023A1 (en) * 2003-05-30 2004-12-30 International Business Machines Corp. System, method and computer program product for tape failure detection
US7149946B2 (en) * 2003-06-13 2006-12-12 Microsoft Corporation Systems and methods for enhanced stored data verification utilizing pageable pool memory
US20050021427A1 (en) * 2003-07-22 2005-01-27 Norio Takahashi System and method for processing account data
US20050073902A1 (en) * 2003-10-02 2005-04-07 Broadcom Corporation Phase controlled high speed interfaces
US20050154672A1 (en) * 2004-01-13 2005-07-14 Griffin Daniel C. Performance optimized smartcard transaction management
US20050157563A1 (en) * 2004-01-19 2005-07-21 Comax Semiconductor Inc. Memory Device and mobile communication device using a specific access procedure
US20050271202A1 (en) * 2004-06-08 2005-12-08 Hrl Laboratories, Llc Cryptographic architecture with random instruction masking to thwart differential power analysis
US20060020810A1 (en) * 2004-07-24 2006-01-26 International Business Machines Corporation System and method for software load authentication
US20060031676A1 (en) * 2004-08-05 2006-02-09 Luc Vantalon Methods and apparatuses for configuring products

Cited By (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7516902B2 (en) * 2004-11-19 2009-04-14 Proton World International N.V. Protection of a microcontroller
US20060112436A1 (en) * 2004-11-19 2006-05-25 Proton World International N.V. Protection of a microcontroller
US20080018927A1 (en) * 2006-07-21 2008-01-24 Research In Motion Limited Method and system for providing a honeypot mode for an electronic device
US8479288B2 (en) * 2006-07-21 2013-07-02 Research In Motion Limited Method and system for providing a honeypot mode for an electronic device
US8566931B2 (en) * 2007-01-05 2013-10-22 Proton World International N.V. Protection of information contained in an electronic circuit
US20110010775A1 (en) * 2007-01-05 2011-01-13 Proton World International N.V. Protection of information contained in an electronic circuit
US20110007567A1 (en) * 2007-01-05 2011-01-13 Jean-Louis Modave Temporary locking of an electronic circuit
US20110122694A1 (en) * 2007-01-05 2011-05-26 Proton World International N.V. Limitation of the access to a resource of an electronic circuit
US8411504B2 (en) 2007-01-05 2013-04-02 Proton World International N.V. Limitation of the access to a resource of an electronic circuit
US9036414B2 (en) 2007-01-05 2015-05-19 Proton World International N.V. Temporary locking of an electronic circuit to protect data contained in the electronic circuit
US20100299511A1 (en) * 2007-11-26 2010-11-25 Herve Pelletier Method of Masking the End-of-Life Transition of an Electronic Device, and a Device Including a Corresponding Control Module
US8566572B2 (en) 2007-11-26 2013-10-22 Morpho Method, device and non-transitory computer readable storage medium for masking the end of life transition of a electronic device
US20180239906A1 (en) * 2013-03-15 2018-08-23 Power Fingerprinting Inc. Systems, methods, and apparatus to enhance the integrity assessment when using power fingerprinting systems for computer-based systems

Also Published As

Publication number Publication date
WO2006021686A2 (fr) 2006-03-02
ES2543210T3 (es) 2015-08-17
JP5254372B2 (ja) 2013-08-07
PL1779284T3 (pl) 2014-09-30
EP1779284A2 (fr) 2007-05-02
EP2309409A1 (fr) 2011-04-13
EP1779284B1 (fr) 2014-03-19
JP2008510242A (ja) 2008-04-03
PL2309409T3 (pl) 2015-10-30
JP4790717B2 (ja) 2011-10-12
JP2011076636A (ja) 2011-04-14
US20130219522A1 (en) 2013-08-22
FR2874440B1 (fr) 2008-04-25
US9454663B2 (en) 2016-09-27
CA2575143C (fr) 2016-05-31
EP2309409B1 (fr) 2015-04-22
CA2575143A1 (fr) 2006-03-02
WO2006021686A3 (fr) 2006-04-13
ES2473326T3 (es) 2014-07-04
FR2874440A1 (fr) 2006-02-24

Similar Documents

Publication Publication Date Title
US9454663B2 (en) Data processing method and device
US9596250B2 (en) System and method for protecting against point of sale malware using memory scraping
US8566927B2 (en) Method for detecting and reacting against possible attack to security enforcing operation performed by a cryptographic token or card
EP2115655B1 (en) Virtual secure on-chip one time programming
WO2019072158A1 (zh) 安全控制方法及计算机系统
CN105512055A (zh) 用于减少存储器信息泄漏的系统和方法
CN101441604A (zh) 一种固态硬盘的访问保护方法和固态硬盘
KR102180098B1 (ko) 악성코드 모니터링 및 사용자 단말 제어 기능을 수행하는 악성코드 탐지 시스템
AU8545398A (en) Method for managing a secure terminal
Bouffard et al. Reversing the operating system of a Java based smart card
US7447916B2 (en) Blocking of the operation of an integrated circuit
CN108229210A (zh) 一种保护数据的方法、终端及计算机可读存储介质
EP1739587A1 (en) Portable electronic apparatus and secured data output method therefor
CN112199740B (zh) 一种加密锁的实现方法及加密锁
CN105893877A (zh) 安全数据读取的方法和数据处理系统
JP4447470B2 (ja) セキュリティ・エレメントのクローン作成を防ぐための方法および装置
GB2464008A (en) Smartcard system using second session for fraud detection
US9483641B2 (en) Method and device for the performance of a function by a microcircuit
Chaumette et al. An Efficient and Simple Way to Test the Security of Java CardsTM.
CN113364766A (zh) 一种apt攻击的检测方法及装置
Toll et al. The Caernarvon secure embedded operating system
US7806319B2 (en) System and method for protection of data contained in an integrated circuit
Chaumette et al. Some security problems raised by open multiapplication smart cards
US20240187231A1 (en) Forensics Module and Integrated System
US20230019987A1 (en) Method for secure executing of a security related process

Legal Events

Date Code Title Description
AS Assignment

Owner name: OBERTHUR CARD SYSTEMS SA, FRANCE

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:CHAMBEROT, FRANCIS;REEL/FRAME:018949/0820

Effective date: 20070104

AS Assignment

Owner name: OBERTHUR TECHNOLOGIES, FRANCE

Free format text: CHANGE OF NAME;ASSIGNOR:OBERTHUR CARD SYSTEMS SA;REEL/FRAME:029026/0923

Effective date: 20071227

STCB Information on status: application discontinuation

Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION