The invention relates to a method and an arrangement for controlling access to EEPROMs and to a corresponding computer software product and a corresponding computer-readable storage medium, which can in particular be used to prevent the unauthorized manipulation of EEPROMs. Specifically, it is possible by using the invention to stop the unauthorized use of totally erased EEPROMs in smart-card controllers.
The development of microelectronics in the seventies made it possible for miniature computers in credit card format with no user interface to be produced. Computers of this kind are referred to as smart cards. In a smart card, a data memory and an arithmetic and logic unit are integrated into a single chip measuring a few square millimeters in size. Smart cards are used in particular as telephone cards and GSM SIM cards and in the banking field and in health care. The smart card has thus become a computing platform that we see wherever we turn.
Smart cards are currently regarded primarily as a safe and secure place for holding secret data and as a safe and secure platform for running cryptographic algorithms. The reason why the data and algorithms on the card are assumed to enjoy relatively high safety and security lies in the hardware construction of the card and in the interfaces that are run to the exterior. From the outside the card looks like a xe2x80x9cblack boxxe2x80x9d, whose functions can only be accessed via a well-defined hardware and software interface and which can compel the observance of certain security policies. On the one hand, access to data can be linked to certain conditions. Access from outside to critical data, such as secret keys in a public key process for example, may even be totally barred. On the other hand a smart card is capable of running algorithms without it being possible for the execution of the individual operations to be observed from outside. The algorithms themselves may be protected on the card against being altered or read out. In an object-orientated sense, the smart card can be thought of as a type of abstract data that has a well-defined interface, that behaves in a specified way and that is itself capable of ensuring that certain integrity conditions are observed with regard to its state.
Essentially, there are two different types of smart card. Memory cards have simply a serial interface, addressing and security logic and ROM and EEPROM memories. Such cards perform only limited functions and are used for a specific application. This is why they are particularly cheap to produce. Smart cards produced in the form of microprocessor cards constitute, in principle, a complete general-purpose computer.