WO2002050639A1 - Integrated circuit comprising a circuit for encrypting data recorded in a volatile storage area - Google Patents

Integrated circuit comprising a circuit for encrypting data recorded in a volatile storage area

Info

Publication number
WO2002050639A1
WO2002050639A1 PCT/FR2001/004073 FR0104073W WO0250639A1 WO 2002050639 A1 WO2002050639 A1 WO 2002050639A1 FR 0104073 W FR0104073 W FR 0104073W WO 0250639 A1 WO0250639 A1 WO 0250639A1
Authority
WO
Grant status
Application
Patent type
Prior art keywords
circuit
data
memory
integrated
key
Prior art date
Application number
PCT/FR2001/004073
Other languages
French (fr)
Inventor
Sylvie Wuidart
Original Assignee
Stmicroelectronics Sa
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/78Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
    • G06F21/79Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data in semiconductor storage media, e.g. directly-addressable memories
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/82Protecting input, output or interconnection devices
    • G06F21/85Protecting input, output or interconnection devices interconnection devices, e.g. bus-connected or in-line devices

Abstract

The invention concerns an integrated circuit (MP2) comprising a volatile storage area (DTMEM) whereof the content has a specific value after the integrated circuit has been reset, the volatile storage area being connected to a data bus (DTB) via an encryption circuit (JMCT) coding data recorded in the storage area and decoding data read in the storage area, the data being coded at least in accordance with a key (Ks) applied to the encryption circuit. The invention is characterised in that the key applied to the encryption circuit is a random key delivered by a random signal generator (RGEN) designed to modify the value of the key at least each time the integrated circuit is reset.

Description

INTEGRATED CIRCUIT INCLUDING INTERFERENCE CIRCUIT DATA STORED IN VOLATILE MEMORY AREA

The present invention relates to an integrated circuit comprising a volatile memory area whose contents has a predetermined value after a reset of the integrated circuit, the volatile memory region being connected to a data bus via a scrambling circuit providing coding of data recorded in the memory area and the decoding of the data read from the memory area, the encoding of data being at least a function of a key applied to the scrambling circuit. 1 schematically shows an integrated circuit of the aforementioned type, here forming a MPI microprocessor (or microcontroller). The integrated circuit includes a CPU, a memory PMEM program, e.g., a programmable and erasable FLASH memory device, and a volatile memory DTMEM, typically a RAM memory, provided to store temporary data during a session. These elements are connected by a common data bus DTB. JMCT a scrambling circuit is arranged between the data bus DTB and the input / output data - the DTMEM memory. This scrambling circuit comprises a WJM party providing the coding data when they are written in the DTMEM memory, and a RJM part which ensures the decoding of the data as they are read in the DTMEM memory and applying them to the data bus. DTIN for encoding data to be recorded in the memory DTMEM the JMCT circuit receives a fixed key Ks and, preferably, additional DTsup taken at various points of the integrated MPI loop data (the choice of the designer). DWhile the coded data outputted from the JMCT circuit are of the type: F = DWhile (DTIN, Ks, DTsup)

F being the scrambling function performed by the JMCT circuit. The fixed key Ks has a determined number of bits, for example 8, 16 or 32 bits. The scrambling circuit is generally a wired logic circuit of a relatively simple structure, comprising e.g. exclusive-OR gates arranged to mix DTIN data bits with the bits of the key Ks and the bits of DTsup data.

Such interference circuit generally provides good security against fraudulent reading of data stored in the memory DTMEM during registration. Such interference circuit, however, has a weakness in the security plan, which appears when starting the integrated MPI circuit, after a RESET reset signal was applied to the CPU and memory DTMEM. Indeed, in this case, the whole content of the memory is erased DTMEM and each memory cell has an identical value, for example the value "0".

Thus, there is a risk that a hacker takes control of the CPU at the beginning of a transfer, after the resetting of the microprocessor, and performs a complete reading of all the memory contents. The contents of the memory being experienced after a reset, the RJM part of the scrambling circuit supplies the data bus DTB decoded data DWhile 'which are equal to the transform constant data by the inverse function of the scrambling function . For example, if the constant data are equal to "0", the data DWhile 'are of the following form:

DWhile '= F "1 (0, Ks, DTsup)

In this case, reading DWhile data 'may uncover the inverse function F "1 of the scrambling function F and therefore allow to discover the scrambling function itself and the secret key Ks.

A known solution to overcome this disadvantage is to modify the structure of the memory cells of the memory DTMEM so that they have a different content, relative to each other, after application of the reset signal. For example, some cells are found at "1" and others to "0". However, this solution makes the architecture more complex memory because of the differentiation of each memory cell. Moreover, despite the differentiation of default values ​​in the memory cells after reset, the memory content is still the same after each reset. The present invention aims to overcome this disadvantage.

More particularly, the present invention provides a means of protection against hacking of a scrambling circuit associated with a volatile memory area having a constant content after each reset.

This object is achieved by providing an integrated circuit comprising a volatile memory area whose contents has a predetermined value after a reset of the integrated circuit, the volatile memory region being connected to a data bus by means of a scrambling circuit providing the coding of data recorded in the memory area and the decoding of the data read from the memory area, the encoding of data being at least a function of a key applied to the scrambling circuit, wherein the key applied to the circuit interference is a random key supplied by a random signal generator arranged to change the key value at least at each new reset of the integrated circuit. According to one embodiment, the random key issued by the random signal generator is stored in a register by 1 via the data bus, the output of the register being applied to the scrambling circuit.

According to one embodiment, the output of random signal generator is connected directly to the scrambling circuit so that the random key is applied to the scrambling circuit without passing through the data bus.

According to one embodiment, the volatile memory area is a RAM. According to one embodiment, the volatile memory zone is a register bank.

According to one embodiment, the integrated circuit comprises a RAM memory, a register bank, a first scramble circuit arranged between the RAM and the data bus, and a second scramble circuit arranged between the register bank and the bus of data . According to one embodiment, the first random signal generator has its output directly connected to the first scramble circuit without passing through the data bus, and the second random signal generator has its output connected directly to the second scrambling circuit bypassing the data bus.

According to one embodiment, the integrated circuit includes a central processing unit and form a microprocessor.

According to one embodiment, the integrated circuit is arranged on a drinking medium to form a smart card or any other equivalent portable electronic object. These objects, features and advantages and other of the present invention will be discussed in more detail in the following description of embodiments of an integrated circuit according to the invention, made with reference to the accompanying drawings: - FIG 1 described above shows an integrated circuit comprising a conventional scrambling circuit arranged at the entrance of a volatile memory area, - Figure 2 shows schematically an embodiment of an integrated circuit according to the invention comprising a circuit interference protected against piracy, - Figure 3 shows another embodiment of an integrated circuit according to the invention, and

- Figure 4 shows another embodiment of an integrated circuit according to the invention.

2 schematically shows an integrated circuit according to the invention, here a microprocessor MP2 comprising a ROM or FLASH program memory and a data memory DTMEM RAM kind connected to a data bus DTB.

DTMEM the volatile memory is connected to the data bus via a conventional scrambling circuit JMCT comprising a coding JM part for writing in the memory and a set top RJM part for reading the memory. The encoding part WJM is active when a WRITE signal is applied to the memory and the set top portion RJM is active when a read signal READ is applied to the memory. The scrambling circuit JMCT receives at one input a scramble key Ks. Optionally but preferably, the scrambling circuit JMCT DTsup also receives additional interference data collected at various points of the microprocessor.

According to the invention, the scramble key Ks is supplied by a random signal RGEN generator whose output is connected to the data bus. After each start of the microprocessor, when a signal to reset internal or external RESET is applied to the CPU and memory DTMEM, the CPU applies the generator RGEN a LTCH signal causing the issuance, RGEN output generator, a new key Ks. The new key Ks is stored in a KREG register writable from the data bus, the output of which is directly connected to JMCT scrambling circuit.

So if a hacker takes control of the CPU using a fraudulent program after resetting the microprocessor reads the entire contents of the memory DTMEM and manages to decode the key Ks, this key will not be usable by the following. Indeed, when the fraudster will restart a new session by means of an application program provided in the PMEM memory and will try to decode the data stored in the memory DTMEM by the application program, the key Ks will be the same.

3 shows one embodiment of a microprocessor according to one MP3 invention offering a higher degree of security. Here, the output of RGEN generator is directly connected to JMCT interference circuit, without passing through the data bus DTB. Thus, the new key Ks issued to each new session does not circulate in light on the data bus DTB. The LTCH signal applied to RGEN generator to trigger the issuance of a new key Ks, is preferably generated so as hardware by the CPU so as not to be inhibited by a manipulation of the operating system of the CPU . A specific hardware circuit can also be expected to trigger RGEN circuit after a reset of the microprocessor.

In the embodiment shown in Figure 4, an MP4 microprocessor 1 according to the invention further comprises a register bank RBANK connected to the data bus DTB. This register bank is also formed by volatile memory cells and is equipped with its own scrambling circuit JMCT 'arranged between the data bus and its input / output. The key Ks 'applied to the second scrambling circuit JMCT is generated by a second random signal generator RGEN' whose output is connected directly here to the scrambling circuit, without passing through the data bus. So every JMCT scrambling circuit JMCT 'has its own secret key Ks, Ks' changing value with each new session.

It will be clear to the skilled person that the present invention is capable of various variants. In particular, in Figure 4, a common random signal generator to both interference circuits could be provided. Furthermore, other interference circuits may be provided at other points of the microprocessor, for example between the data bus and the program memory PMEM.

The present invention is also capable of various applications. The main application described here consists in achieving a secure microprocessor intended to be incorporated in a portable object such as a plastic card to form a smart card or other secure electronic portable object, for example an electronic tag, badge electronic access control, etc .. However, the present invention is generally applicable to any type of secure integrated circuit provided with a "volatile memory area may contain data confidentiality must be preserved.

Claims

1. An integrated circuit (MP2, MP3, MP4) comprising a volatile memory area (DTMEM, REGBANK) whose content has a determined value after a reset of the integrated circuit, the volatile memory region being connected to a data bus (DTB ) via a scrambling circuit (JMCT, JMCT ') providing the coding of data recorded in the memory area and the decoding of the data read from the memory area, the encoding of data being at least a function of a key (Ks, Ks ') applied to the scrambling circuit, characterized in that the key applied to the scrambling circuit is a random key supplied by a random signal generator (RGEN, RGEN') arranged to change the key value at least with each new reset IC.
2. The integrated circuit of claim 1, wherein the random key issued by the random signal generator is stored in a register (KREG) via the data bus (DTB), the register output being applied to circuit interference.
3. The integrated circuit of claim 1, wherein the output of the random signal generator is connected directly to the scrambling circuit so that the random key is applied to the scrambling circuit without passing through the data bus.
4. Integrated circuit according to one of claims 1 to 3, wherein the volatile memory is a memory area
RAM (DTMEM).
5. Integrated circuit according to one of claims 1 to 3, wherein the volatile memory zone is a register bank (RBANK).
6. Integrated circuit according to one of Claims 4 and 5, comprising a RAM (DTMEM), a register bank (RBANK), a first scramble circuit (JMCT) arranged between the RAM and the data bus, and a second scramble circuit (JMCT ') arranged between the register bank and the data bus.
7. The integrated circuit of claim 6, wherein the first random signal generator has its output directly connected to the first scramble circuit without passing through the data bus, and the second random signal generator has its output connected directly to the second circuit interference without going through the data bus.
8. Integrated circuit according to one of claims 1 to 7, comprising a central processing unit (CPU) and forming a microprocessor.
9. Integrated circuit according to one of claims 1 to 8, arranged on a drinking medium to form a smart card or any other equivalent portable electronic object.
PCT/FR2001/004073 2000-12-21 2001-12-19 Integrated circuit comprising a circuit for encrypting data recorded in a volatile storage area WO2002050639A1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
FR00/16747 2000-12-21
FR0016747A FR2818845B1 (en) 2000-12-21 2000-12-21 Integrated circuit comprising a data scrambling circuit recorded in a volatile memory area

Publications (1)

Publication Number Publication Date
WO2002050639A1 true true WO2002050639A1 (en) 2002-06-27

Family

ID=8857985

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/FR2001/004073 WO2002050639A1 (en) 2000-12-21 2001-12-19 Integrated circuit comprising a circuit for encrypting data recorded in a volatile storage area

Country Status (2)

Country Link
FR (1) FR2818845B1 (en)
WO (1) WO2002050639A1 (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2300954B1 (en) 2008-06-24 2014-12-03 NDS Limited Security within integrated circuits

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5915025A (en) * 1996-01-17 1999-06-22 Fuji Xerox Co., Ltd. Data processing apparatus with software protecting functions
US6003135A (en) * 1997-06-04 1999-12-14 Spyrus, Inc. Modular security device

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5915025A (en) * 1996-01-17 1999-06-22 Fuji Xerox Co., Ltd. Data processing apparatus with software protecting functions
US6003135A (en) * 1997-06-04 1999-12-14 Spyrus, Inc. Modular security device

Also Published As

Publication number Publication date Type
FR2818845B1 (en) 2003-03-21 grant
FR2818845A1 (en) 2002-06-28 application

Similar Documents

Publication Publication Date Title
US4969188A (en) Process and apparatus for the protection of secret elements in a network of encrypting devices with open key management
US7117376B2 (en) Platform and method of creating a secure boot that enforces proper user authentication and enforces hardware configurations
US5247577A (en) Methods and apparatus for securely enabling features in highly integrated electronic circuits
US4319079A (en) Crypto microprocessor using block cipher
US4593353A (en) Software protection method and apparatus
US20090113217A1 (en) Memory randomization for protection against side channel attacks
US5825882A (en) Encryption and authentication method and circuit for synchronous smart card
US4120030A (en) Computer software security system
US4807288A (en) Microprocessor intended particularly for executing the calculation algorithms of a public code encoding system
US5097504A (en) Method and device for qualitative saving of digitized data
US5093862A (en) Data carrier-controlled terminal in a data exchange system
US20040059925A1 (en) Secure memory device for smart cards
EP1273996A2 (en) Secure bootloader for securing digital devices
US5148481A (en) Transaction system security method and apparatus
US5237609A (en) Portable secure semiconductor memory device
US20070186117A1 (en) Secure processor-based system and method
US20060177064A1 (en) Secure memory card with life cycle phases
US5875480A (en) Microcomputer PC-cards
US4278837A (en) Crypto microprocessor for executing enciphered programs
US4465901A (en) Crypto microprocessor that executes enciphered programs
US5845066A (en) Security system apparatus for a memory card and memory card employed therefor
US6296191B1 (en) Storing data objects in a smart card memory
US20050210287A1 (en) Secure mode controlled memory
US5319765A (en) Semiconductor memory unit utilizing a security code generator for selectively inhibiting memory access
US6089460A (en) Semiconductor device with security protection function, ciphering and deciphering method thereof, and storage medium for storing software therefor

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): JP US

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR

121 Ep: the epo has been informed by wipo that ep was designated in this application
122 Ep: pct application non-entry in european phase
NENP Non-entry into the national phase in:

Ref country code: JP

WWW Wipo information: withdrawn in national office

Country of ref document: JP