Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Particular communication authentication technique
Reexamination Certificate
1999-04-15
2001-02-27
Peeso, Thomas R. (Department: 2767)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Particular communication authentication technique
C713S190000, C713S193000, C713S152000, C380S255000, C380S037000, C380S042000
Reexamination Certificate
active
06195752
ABSTRACT:
BACKGROUND OF THE INVENTION
FIELD OF THE INVENTION
The invention relates to an electronic data processing circuit having an operating module such as, for example, a microprocessor, at least one data memory and a data bus extending between the data memory and the operating module.
Electronic data processing circuits of the generic type are frequently used in applications which are critical with regard to security. In such a case, confidential data, money values and access authorizations which are processed by the operating module, for example upon an external request, are stored in the data memory.
Since the memory contains information which is not to be accessed as far as possible, it is necessary to take security measures against manipulations of the electronic data processing circuit.
When an electronic data processing circuit of the generic type is constructed as an integrated circuit, it can be covered with different passivation layers. In that case, the passivation layers can be applied in such a way that removing a passivation layer entails the destruction of the data memory. Furthermore, the data memory can be buried in deeper lying layers of the integrated circuit, thus rendering access to it more difficult.
A further possibility for protecting an electronic data processing circuit against undesired manipulations is using sensors which sample operating conditions of the electronic data processing circuit. As soon as a value sampled by a sensor is outside a normal value, appropriate security measures are initiated which lead to deactivation of the electronic data processing circuit or else to an erasure of the data memory.
Furthermore, there are also software sensors which monitor the operation of the operating module for forbidden commands or for instances of access to address areas which are blocked for normal operation. Moreover, the access sequence can be monitored for its correctness.
Finally, it is further known for instances of access by the operating module to the data memory which are permitted in a special production mode to be limited by special hardware devices such as, for example, interruptably configured connecting tracks.
Despite the security measures set forth above, undesired manipulations occasionally occur on the electronic data processing circuits of the generic type.
SUMMARY OF THE INVENTION
It is accordingly an object of the invention to provide an electronic data processing circuit, which overcomes the hereinafore-mentioned disadvantages of the heretofore-known devices of this general type and which is better protected against undesired alterations.
It is accordingly an object of the invention to provide an electronic data processing circuit, comprising an operating module, such as a microprocessor; at least one data memory; a data bus having at least one data line connected between the at least one data memory and the operating module; and at least two encoding modules disposed in the vicinity of the at least one data line, the encoding modules cooperating to provide a complete encoding or decoding.
The invention is based on the finding, which is essential to the invention, that new technical methods have made it easier to precisely manipulate electronic data processing circuits that are constructed as integrated circuits. Thus, from the point of view of a manipulator, an electronic data processing circuit in an integrated circuit is no longer to be regarded in its totality only as a chip, but as a system which is formed of individual components on a silicon substrate and the components of which can be accessed separately.
It is therefore possible to draw conclusions about the information stored in the data memory by observing the data traffic on the data bus or by reading out the data memory, and that facilitates manipulation.
In accordance with a further finding, which is essential to the invention, many manipulations on the electronic data processing circuits of the generic type are to be ascribed to the fact that success has been achieved in “tapping” the data traffic on the data bus, with the result that the program flow in the operating module can be observed and understood in an undesirable manner.
In accordance with the invention, it is proposed to transport the data encoded in the electronic data processing circuit, so that devices are provided between the data bus and data memory or the operating module and data bus in order to encode and to decode the data traffic transported on the data bus. The devices of that type are denoted below as “encoding modules”, and that denotation is specifically not limited to devices which execute only encoding. In accordance with the basic concept of the invention, this denotation also covers devices which execute both encoding and decoding or only one of the two operations.
The configuration of the electronic data processing circuit according to the invention ensures that even in the case of successful tracking of the data traffic on the data bus it is not possible to draw direct conclusions regarding the data stored in the data memory. Furthermore, it is not possible to directly draw conclusions on the program flow from the information obtained when tracking the data traffic on the data bus. Specifically, even where data stored in the data memory are successfully read out, it is not possible to draw direct conclusions regarding their meaning, since they make no sense to an unschooled observer.
In accordance with the invention, it is particularly advantageous in this case that encoding and decoding be performed in a manner distributed or dislocated over the entire chip, because successful manipulation would require simultaneous observation of a plurality of locations of the electronic data processing circuit, and that can only be done with difficulty from a technical point of view.
It is important in the case of electronic data processing circuits provided with a latch buffer for buffering instances of access to the data memory that the encoding module be disposed in such a way that the content of the latch buffer is always encoded. Specifically, the content of the latch can be observed relatively easily, in such a way that during operation of the data processing circuit according to the invention it must be present in an encoded manner for the sake of security.
In accordance with the invention, the encoding and decoding can extend as far as into a CPU of a data processing circuit according to the invention. However, encoding and decoding can also be performed independently of one another in a plurality of encoding modules. In accordance with the invention, however, solutions are also covered in which only a single encoding module is provided.
Finally, there is a further advantage in data processing circuits which simultaneously process different applications in multitasking processing. Then, different applications or tasks can be assigned different data memories by suitable encoding, with a different key being agreed for each task. As a result, one task cannot access data of the other task.
It may therefore be stated in summary that in accordance with the invention it is now no longer sufficient to only examine the data processing circuit physically. In addition, it is now necessary, in particular, in conjunction with observing a plurality of components, to also detect the key stored in the encoding module or in the encoding modules and, if appropriate, the activation of this key.
In accordance with another feature of the invention, the encoding module is constructed in such a way that data traffic on the data bus can be encoded through the use of an encoding algorithm. An encoding module constructed in such a way has the advantage that it can be produced in a particularly cost-effective manner by mass production. However, encoding through the use of an algorithm takes a very long time, since it requires extensive calculations in the operating module. Real-time operation of this data processing circuit according to the invention is therefore not currently possible.
In accordance with a further featu
Greenberg Laurence A.
Lerner Herbert L.
Peeso Thomas R.
Siemens Aktiengesellschaft
Stemer Werner H.
LandOfFree
Electronic data processing circuit does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Electronic data processing circuit, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Electronic data processing circuit will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2603753