Data processing method and device
First Claim
1. A data processing method implemented in an electronic apparatus for securing a microcircuit card against fault generation attacks comprising the following steps performed by a microprocessor of the microcircuit card during a same execution of a computer program by the microprocessor:
- verifying a criterion indicative of normal running of the method to detect a fault generation attack on the microcircuit card;
updating an error flag when the verifying step result is negative, thereby detecting a fault generation attack on the microcircuit card;
testing the error flag; and
a processing executed when the step of testing the error flag indicates the verifying step result is negative and a fault generation attack is detected on the microcircuit card,wherein the processing step is separated from the verifying step by an intermediate step of non-null duration performed prior to testing the error flag,wherein a first action is performed when the verifying step result is positive and prior to testing the error flag, wherein the intermediate step includes performing at least one second action having a same first external signature observable by an observer external to the microcircuit card as the first action,wherein a third action is performed after testing the error flag when the verifying step result is positive and wherein the processing step includes performing at least one fourth action having a same second external signature observable by the observer external to the microcircuit card as the third action,wherein said third and fourth actions comprise writing data in a physical memory and wherein said fourth action comprises the writing of at least one of;
blocking data preventing any subsequent use of the electronic apparatus, anddata representative of a detected anomaly when the verifying step result is negative, said data representative of the detected anomaly enabling an analysis of a problem encountered by said electronic apparatus,wherein the same first external signature is a same electrical consumption signature or a same electromagnetic radiation signature of the electronic apparatus generated by the first action and by the second action and the same second external signature is a same electrical consumption signature or a same electromagnetic radiation signature of the electronic apparatus generated by the third action and by the fourth action.
4 Assignments
0 Petitions
Accused Products
Abstract
A data processing method pertains to a step (E308) including in verifying a criterion indicative of the normal running of the method and a step (E320) including in processing performed in case of negative verification. The processing step (E230) is separated from the verifying step (E308) by an intermediate step (E312, E314) of non-null duration. The intermediate step (E312, E314) and/or the processing step (E320) includes at least one action (E314) performed in case of positive verification. The invention also concerns a corresponding device.
-
Citations
20 Claims
-
1. A data processing method implemented in an electronic apparatus for securing a microcircuit card against fault generation attacks comprising the following steps performed by a microprocessor of the microcircuit card during a same execution of a computer program by the microprocessor:
-
verifying a criterion indicative of normal running of the method to detect a fault generation attack on the microcircuit card; updating an error flag when the verifying step result is negative, thereby detecting a fault generation attack on the microcircuit card; testing the error flag; and a processing executed when the step of testing the error flag indicates the verifying step result is negative and a fault generation attack is detected on the microcircuit card, wherein the processing step is separated from the verifying step by an intermediate step of non-null duration performed prior to testing the error flag, wherein a first action is performed when the verifying step result is positive and prior to testing the error flag, wherein the intermediate step includes performing at least one second action having a same first external signature observable by an observer external to the microcircuit card as the first action, wherein a third action is performed after testing the error flag when the verifying step result is positive and wherein the processing step includes performing at least one fourth action having a same second external signature observable by the observer external to the microcircuit card as the third action, wherein said third and fourth actions comprise writing data in a physical memory and wherein said fourth action comprises the writing of at least one of; blocking data preventing any subsequent use of the electronic apparatus, and data representative of a detected anomaly when the verifying step result is negative, said data representative of the detected anomaly enabling an analysis of a problem encountered by said electronic apparatus, wherein the same first external signature is a same electrical consumption signature or a same electromagnetic radiation signature of the electronic apparatus generated by the first action and by the second action and the same second external signature is a same electrical consumption signature or a same electromagnetic radiation signature of the electronic apparatus generated by the third action and by the fourth action. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. A data processing device comprising:
-
a microcircuit card with a microprocessor; the microprocessor having the following means that are operative during a same execution of a computer program by the microprocessor, means for verification of a criterion indicative of normal operation of the device to detect a fault generation attack on the microcircuit card; means for updating an error flag when the verification is negative, thereby detecting a fault generation attack on the microcircuit card; means for testing the error flag; processing means activated when the means for testing the error flag indicates that the verification is negative and a fault generation attack is detected on the microcircuit card; and separation means for separating the operation of the verification means from the operation of the processing means with an intermediate step of a non-null duration performed prior to testing the error flag, wherein the microprocessor is configured to perform a first action prior to testing the error flag when the means for verification indicates a positive result, and wherein said separation means is configured to perform a second action having a same external signature observable by an observer external to the microcircuit card as the first action, wherein the microprocessor is configured to perform a third action after testing the error flag when the means for verification indicates the positive result, and wherein the processing means is configured to perform a fourth action having a same second external signature observable by the observer external to the microcircuit card as the third action, wherein said third and fourth actions write data in a physical memory and wherein said fourth action writes at least one of; blocking data preventing any subsequent use of the device, and data representative of a detected anomaly when the verification is negative, said data representative of the detected anomaly enabling an analysis of a problem encountered by said device, wherein the same first external signature is a same electrical consumption signature or a same electromagnetic radiation signature of the device generated by the first action and by the second action and the same second external signature is a same electrical consumption signature or a same electromagnetic radiation signature of the device generated by the third action and by the fourth action.
-
Specification