Method and device for protecting a memory against attacks by error injection

US 7,788,506 B2
Filed: 07/07/2006
Issued: 08/31/2010
Est. Priority Date: 07/08/2005
Status: Active Grant

First Claim

Patent Images

1. A method for securing a data memory in which individually read-accessible binary words are saved, comprising:

defining in the memory a memory zone covering a plurality of words;

receiving a write request to write a new word in the memory zone;

in response to receiving the write request, reading all words in a set of words present in the memory zone; and

simultaneously calculating a first current cumulative signature and a second current cumulative signature as a function of the words read in the memory zone, the calculating of the second current cumulative signature comprising replacing on-the-fly with the new word, a write target word, of the words read, that is intended to be replaced in the memory with the new word, wherein the words in the memory zone are read during the calculating of the current cumulative signatures, at a faster rate than a rate of writing the write target word in the memory.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method secures a memory in which individually read-accessible binary words are saved. The method includes defining a memory zone covering a plurality of words, calculating a cumulative signature according to all of the words in the memory zone, and storing the cumulative signature as an expected signature of the memory zone to check the integrity of data read in the memory. The method can be applied to the securing of smart cards.

23 Citations

View as Search Results

31 Claims

1. A method for securing a data memory in which individually read-accessible binary words are saved, comprising:
- defining in the memory a memory zone covering a plurality of words;
  
  receiving a write request to write a new word in the memory zone;
  
  in response to receiving the write request, reading all words in a set of words present in the memory zone; and
  
  simultaneously calculating a first current cumulative signature and a second current cumulative signature as a function of the words read in the memory zone, the calculating of the second current cumulative signature comprising replacing on-the-fly with the new word, a write target word, of the words read, that is intended to be replaced in the memory with the new word, wherein the words in the memory zone are read during the calculating of the current cumulative signatures, at a faster rate than a rate of writing the write target word in the memory.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method according to claim 1, wherein the writing of a new word in the memory zone further comprises storing the second current cumulative signature as an expected signature of the memory zone.
  - 3. The method according to claim 1, further comprising triggering a specific write-protect action if the first current cumulative signature does not correspond to an expected signature.
  - 4. The method according to claim 3, wherein the specific write-protect action comprises at least one of the following actions or a combination of the following actions:
    - preventing the writing of the new word in the memory, preventing the storing of the second current cumulative signature as a new expected signature, activating an alert signal, read- and/or write-disabling the memory, and erasing the memory zone.
  - 5. The method according to claim 1, wherein the second current cumulative signature is calculated before the new word is written in the memory zone.
  - 6. The method according to claim 1, wherein the write target word is replaced with the new word using a multiplexer circuit arranged in a private path for reading words and having a first input linked to a read output of the memory and a second input linked to an output of a storing buffer for storing the new word.
  - 7. The method according to claim 1, further comprising:
    - receiving a read request to read a read target word in the memory zone;
      
      in response to receiving the read request, reading all of the words in the set of words present in the memory zone;
      
      calculating the first current cumulative signature according to all of the words read in the set of words; and
      
      triggering a specific read-protect action if the first current cumulative signature does not correspond to an expected signature.
  - 8. The method according to claim 7, wherein the specific read-protect action comprises at least one of the following actions or a combination of the following actions:
    - preventing the read target word from being supplied to an external environment of the memory, activating an alert signal, read- and/or write-disabling the memory, or erasing the memory zone.
  - 9. The method according to claim 1, wherein the cumulative signatures are calculated with an invariable signature generation algorithm, or an algorithm using an invariable signature key, such that the first current cumulative signature corresponds to an expected signature if the first current cumulative and expected signatures are identical.

10. A device for securing a data memory in which individually read-accessible binary words are stored, comprising:
- means for locating a memory zone of the memory covering a plurality of words;
  
  means for reading all words of a set of words present in the memory zone;
  
  a first signature calculation circuit to calculate a first current cumulative signature as a function of the words read in the memory zone;
  
  means for intercepting a command for writing a new word in the memory zone;
  
  a second signature calculation circuit for calculating a second current cumulative signature as a function of the words read in the memory zone; and
  
  means for simultaneously applying, in response to the write request, the words read to the first signature calculation circuit for calculating the first current cumulative signature and to the second signature calculation circuit for calculating the second current cumulative signature by replacing on-the-fly with the new word, a write target word, of the words read, that is intended to be replaced in the memory with the new word, wherein the memory zone is scanned during the current cumulative signature calculations, at a faster rate than a rate of writing the write target word in the memory.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
- - 11. The device according to claim 10, further comprising means for storing the second current cumulative signature as an expected signature of the memory zone.
  - 12. The device according to claim 10, further comprising means for triggering a specific action to write-protect the memory if the first current cumulative signature does not correspond to an expected signature.
  - 13. The device according to claim 12, wherein the specific write-protect action comprises at least one of the following actions or a combination of the following actions:
    - preventing the writing of the new word in the memory, preventing the storing of a new current signature as expected signature, activating an alert signal, disabling the memory, and erasing the memory zone.
  - 14. The device according to claim 10, wherein the second current cumulative signature is calculated before writing the new word in the memory zone.
  - 15. The device according to claim 10, further comprising:
    - a storing buffer for storing the new word to be saved in the memory;
      
      a storing means for storing an address in the memory of the new word to be saved;
      
      an address counter for scanning addresses of all of the words in the set of words, and for applying the scanned addresses to the memory as read addresses;
      
      a comparison circuit for comparing each scanned address applied to the memory and the address of the new word to be saved; and
      
      a multiplexer circuit comprising;
      
      a first input linked to a read output of the memory,a second input linked to an output of the storing buffer,an output linked to the second signature circuit, anda control input controlled by the comparison circuit, such that the multiplexer circuit replaces with the new word, at an input of the second signature circuit, the write target word, when the scanned address supplied by the address counter is equal to the address of the new word to be saved.
  - 16. The device according to claim 10, further comprising:
    - means for intercepting a command for reading a read target word in the memory zone applied to the memory, wherein the means for reading, in response to the command for reading, reads all of the words in the set of words present in the memory zone, and applies the words read to the first signature calculation circuit to calculate the first current cumulative signature according to the words read; and
      
      means for triggering a specific read-protect action if the first current cumulative signature does not correspond to an expected signature.
  - 17. The device according to claim 16, wherein the specific read-protect action comprises at least one of the following actions or a combination of the following actions:
    - preventing the read target word from being supplied to an external environment of the memory, activating an alert signal, disabling the memory, and erasing the content of the memory zone.
  - 18. The device according to claim 10, wherein the cumulative signatures are calculated with an invariable signature generation algorithm, or an algorithm using an invariable signature key, such that the first current cumulative signature corresponds to an expected signature if the first current cumulative and expected signatures are identical.

19. A method for securing a data memory in which individually read-accessible words are saved, comprising:
- defining in the memory a memory zone storing a set of words;
  
  receiving a write request to write a new word in the memory zone in place of a write target word of the set;
  
  in response to receiving the write request, reading all of the words of the set; and
  
  simultaneously calculating a first current cumulative signature and a second current cumulative signature, the first current cumulative signature being calculated as a function of all of the words in the set, and the second current cumulative signature being calculated as a function of the new word and all of the words in the set except for the write target word, wherein the new memory zone is scanned during the current cumulative signature calculations, at a faster rate than a rate of writing in the memory.
- View Dependent Claims (20, 21, 22, 23, 24, 25, 26, 27)
- - 20. The method according to claim 19, further comprising writing the new word in the memory zone in place of the write target word prior to completing the calculating steps.
  - 21. The method according to claim 19, wherein the writing of a new word in the memory zone further comprises storing the second current cumulative signature as an expected signature of the memory zone.
  - 22. The method according to claim 19, further comprising triggering a specific write-protect action if the first current cumulative signature does not correspond to an expected signature.
  - 23. The method according to claim 22, wherein the specific write-protect action comprises at least one of the following actions or a combination of the following actions:
    - preventing the writing of the new word in the memory, preventing the storing of the second current cumulative signature as a new expected signature, activating an alert signal, read- and/or write-disabling the memory, and erasing the memory zone.
  - 24. The method according to claim 19, wherein the second current cumulative signature is calculated before the new word is written in the memory zone.
  - 25. The method according to claim 19, wherein the write target word is replaced with the new word using a multiplexer circuit arranged in a private path for reading words and having a first input linked to a read output of the memory and a second input linked to an output of a storing buffer for storing the new word.
  - 26. The method according to claim 19, further comprising:
    - receiving a read request to read a read target word in the memory zone;
      
      in response to receiving the read request, reading all of the words present in the memory zone;
      
      calculating the first current cumulative signature according to all of the words read; and
      
      triggering a specific read-protect action if the first current cumulative signature does not correspond to an expected signature.
  - 27. The method according to claim 26, wherein the specific read-protect action comprises at least one of the following actions or a combination of the following actions:
    - preventing the read target word from being supplied to an external environment of the memory, activating an alert signal, read- and/or write-disabling the memory, or erasing the memory zone.

28. A device to secure a data memory, the device comprising:
- a first signature calculator;
  
  a second signature calculator; and
  
  a controller configured to respond to a request to replace a target word in a set of words in a defined memory zone with a new word by simultaneously causing;
  
  the first signature calculator to calculate a first cumulative signature based on the set of words in the defined memory zone; and
  
  the second signature calculator to calculate a second cumulative signature based on the set of words in the defined memory zone with the target word replaced with the new word, wherein the memory zone is scanned during the current cumulative signature calculations, at a faster rate than a rate of writing in the memory.
- View Dependent Claims (29, 30)
- - 29. The device of claim 28, further comprising a signature storage memory configured to store expected signatures associated with sets of words.
  - 30. The device claim 28, further comprising:
    - a multiplexer comprising;
      
      a first input linked to a read output of the data memory,a second input configured to receive the new word; and
      
      an output linked to the second signature calculator, wherein the multiplexer is configured to replace with the new word, at an input of the second signature calculator, the write target word.

31. A system, comprising:
- a data memory;
  
  a device configured to secure the data memory, the device comprising;
  
  a first signature calculator;
  
  a second signature calculator; and
  
  a controller configured to respond to a request to replace a target word in a set of words in a defined memory zone with a new word by simultaneously causing;
  
  the first signature calculator to calculate a first cumulative signature based on the set of words in the defined memory zone; and
  
  the second signature calculator to calculate a second cumulative signature based on the set of words in the defined memory zone with the target word replaced with the new word, wherein the memory zone is scanned during the current cumulative signature calculations, at a faster rate than a rate of writing in the memory.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
STMicroelectronics SA (STMicroelectronics NV)
Original Assignee
STMicroelectronics SA (STMicroelectronics NV)
Inventors
Berard, Nicolas, Bancel, Frédéric
Primary Examiner(s)
Simitoski; Michael J

Application Number

US11/482,511
Publication Number

US 20070033467A1
Time in Patent Office

1,516 Days
Field of Search

713/193, 710/51, 327 1- 99, 714/701, 714/41, 714/42, 714/6, 714/52, 714/54, 714/719, 714/722, 714/258, 714/264, 714/766
US Class Current

713/193
CPC Class Codes

G06F 21/64 Protecting data integrity, ...

G06F 21/79 in semiconductor storage me...

Method and device for protecting a memory against attacks by error injection

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

23 Citations

31 Claims

Specification

Solutions

Use Cases

Quick Links

Method and device for protecting a memory against attacks by error injection

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

23 Citations

31 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links