Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Particular communication authentication technique
Reexamination Certificate
1999-09-03
2001-01-30
Peeso, Thomas R. (Department: 2767)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Particular communication authentication technique
C713S185000, C713S190000, C713S152000, C380S044000, C380S028000, C380S255000
Reexamination Certificate
active
06182217
ABSTRACT:
BACKGROUND OF THE INVENTION
Field of the Invention
The invention lies in the electronics field. Specifically, the invention relates to an electronic data-processing device with a processing unit, such as a microprocessor, at least one data memory, and a bus running between the data memory and the processing unit. The invention also relates to an electronic data-processing system equipped with such a data-processing device.
Electronic data-processing devices of this generic type are frequently used for applications in which security is critical. The data memory is thereby used to store confidential data, monetary values and access authorizations, which are processed by the processing unit in response to an external request, for example.
Since the memory contains information to which, as far as possible, it should not be possible to gain access from outside, it is necessary to provide security measures against manipulation of the electronic data-processing device.
If an electronic data-processing device of the generic type is implemented as an integrated circuit, the circuit can be covered with various passivation layers. The passivation layers can then be applied such that removing a passivation layer results in the destruction of the data memory. Furthermore, the data memory can be buried in lower layers of the integrated circuit, so that it becomes more difficult to access.
A further possibility for protecting an electronic data-processing device against undesirable manipulation is to use sensors which sample operating conditions in the electronic data-processing device. As soon as a value sampled by a sensor lies outside a normal value, appropriate security measures are initiated which cause the electronic data-processing device to be deactivated or else cause the data memory to be erased.
In addition, there are also software sensors which monitor the operation of the processing unit for prohibited commands or for access to address ranges which are blocked for proper use. Furthermore, the access sequence can be monitored to ensure that it is correct.
Finally, it is also conventional practice to permit access only in a special manufacturing mode, and to use special hardware devices, such as severable connection tracks, to restrict memory access by the processing unit to the data memory.
Despite the security measures listed above, electronic data-processing devices of the generic type can occasionally be subjected to undesirable manipulation.
SUMMARY OF THE INVENTION
It is accordingly an object of the invention to provide an electronic data-processing device of the generic type and an electronic data-processing system, which overcomes the above-mentioned disadvantages of the heretofore-known devices and methods of this general type and which is provided improved protection against undesirable changes to and/or surveillance of memory contents.
With the foregoing and other objects in view there is provided, in accordance with the invention, an integrated electronic data-processing device, comprising: at least one memory storing at least one secret key in encoded form, a processing unit, and a bus connecting the processing unit to the at least one memory;
an encryption and decryption unit connected to the processing unit;
a comparator connected between the at least one memory and the encryption and decryption unit for comparing the stored secret key with a keyword input by a user;
a switching unit connected to and driven by the comparator, the switching unit driving the encryption unit and selectively enabling data to be stored to be encrypted and stored data to be decrypted only upon a positive comparison in the comparator; and
the switching unit passing the keyword input by the user through to the encryption unit for encryption and decryption.
In other words, the objects of the invention are satisfied with the integrated circuit implementing an electronic data-processing device with a processing unit connected to at least one memory via a bus. The processing unit has an encryption unit associated with it, at least one secret key being stored in the memory or one of the memories. At least all the security-related data is stored in encrypted form in the memory or memories. The comparator compares the stored secret key with a user-input keyword and, upon a positive comparison (i.e., the user's keyword is authorized), drives a switching unit which drives the encryption unit to decrypt stored data.
The invention is based on the knowledge, essential to the invention, that new technical methods have made it easier to manipulate, in particular, electronic data-processing devices designed as integrated circuits. Hence, from the viewpoint of a hacker manipulator, an electronic data-processing device in an integrated circuit can no longer be regarded in its entirety merely as a chip, but is to be regarded as a system which comprises individual components on a silicon substrate and in which the components can be accessed separately.
Accordingly, it is possible to make inferences about the information stored in the data memory by observing the data interchange on the data bus or by reading the data memory, so that manipulation is simplified and memory contents which should actually be kept secret can be accessed in this way.
On the basis of further knowledge essential to the invention, much manipulation of the electronic data-processing devices of this generic type can be attributed to the fact that it has been possible to “tap” the data interchange on the data bus, so that program execution in the processing unit can be observed and understood, which is undesirable.
In one possible embodiment of the invention, the encryption unit is designed such that data interchange on the data bus can be encrypted using an encryption algorithm. An encryption unit designed in this way affords the advantage that it can be mass-produced particularly inexpensively. However, encryption with an algorithm still takes a long time today because it requires numerous calculations in the processing unit.
In another embodiment of the invention, the processing unit is designed such that data interchange on the data bus can be encrypted by means of hardware encryption. With hardware encryption, in particular, it is possible for the data-processing devices according to the invention to be operated in real time very easily, specifically both in the case of read and write access to the data memory.
According to the invention, hardware encryption can be performed using an encryption unit which is designed such that the significance of individual bits of the data interchange can be changed selectively. Bits stored in the memory as LOW, for example, then appear as HIGH in the data interchange on the data bus. This can be done, for example, using an encryption unit having at least one EXOR gate.
In a further possible embodiment of the invention, the encryption unit can be designed such that the connection sequence of data lines in the data bus can be changed selectively. This is outwardly expressed as if individual bit lines of the data bus were interchanged.
Finally, hardware encryption in the data-processing device according to the invention can also be performed by an encryption unit which is designed such that at least some of the data interchange between the data bus and the processing unit and/or between the data bus and the data memory can be delayed selectively. This feigns data interchange, on the data bus, which bears no relation to the current operating status of the electronic data-processing device according to the invention.
In this regard, an essential feature of the data-processing device according to the invention is that the encryption unit is designed such that encryption works selectively. This does not merely mean that there is the option of encryption taking place or not taking place. In addition, according to the invention, it also means that there is the ability to change between different keys for encrypting the data interchange. In this case, the use of the encryption unit according to the inv
Greenberg Laurence A.
Lerner Herbert L.
Peeso Thomas R.
Siemens Aktiengesellschaft
Stemer Werner H.
LandOfFree
Electronic data-processing device and system does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Electronic data-processing device and system, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Electronic data-processing device and system will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2514818