1. Field of the Invention
The present invention generally relates to the ciphering or encryption of data, of programs, or more generally of digital codes to be stored in one or several memories, external to an integrated processor in charge of exploiting these codes.
2. Discussion of the Related Art
An example of application of the present invention relates to the ciphering of executable programs downloaded by a device (computer, video or audio data reader, device provided with a microprocessor for executing downloadable programs, etc.) in which these programs are to be stored. The downloading may, for example, use the Internet. More specifically, the present invention relates to programs or data for which it is desired to prevent an unauthorized user from accessing and exploiting them.
Reference will be made hereafter to the term “data” to designate any digital code, be it executable programs or data processed by these programs.
“External to the integrated processor” means, according to the present invention, external to a so-called secure area within which is a central processing unit communicating with the outside of this secure area over one or several buses. The memory is then connected to this or these bus(es) and is thus external to the integrated processor.
FIG. 1 illustrates, partially and very schematically, the structure of a system with a microprocessor and an external memory to which the present invention applies. A so-called secure area 1 within which is located a CPU 2 communicating via one or several buses 3 with an external memory 4 (EXT MEM) is defined. Memory 4 generally is a non-sequential (random or not) access memory. Area 1 is, for example, the microprocessor or, more generally, one or several integrated data processing circuits defining an area within which it is considered that the processed data are not likely to be pirated. In practice, secure area 1 is most often formed of a single integrated circuit chip, external memory 4 being another chip. Processor 2 is associated, in the secure area, with an internal memory 5 (INT MEM) also considered as being secure and exploits a cache memory 6 (CACHE) used as an input-output interface with bus 3.
The ciphering to which the present invention applies relates to that of any data transiting on bus(es) 3, between memory 4 and central unit 2 or more generally area 1. This ciphering consists of coding the data stored by means of a key known by the integrated processor. For example, this key is transmitted thereto by an asymmetrical or symmetrical ciphering process from a distant system providing the program, so that the processor stores it in a protected internal area (for example, memory 5) and uses it to decrypt the downloaded program and/or to cipher the data in the external memory.
The present invention more specifically relates to the case of data which, when stored in the external memory, are ciphered by means of a key which depends on the integrated circuit and which is different from one chip to another, in some cases after personalization. However, the ciphering is independent from the actual data in that it is not necessary to know the data preceding or following those under ciphering to be capable of performing this ciphering.
An example of a known solution to cipher the content of a memory external to a processor is described in U.S. patent application No. 2003-0198344. This solution consists of dividing the data into blocks and of continuously ciphering each data block by means of a sequence combining a key specific to the integrated circuit and an initialization vector changing for each data block.
FIG. 2 very schematically illustrates in the form of blocks such a solution. This solution is based on the use of a pseudo-random generator 10 (SEGEN) providing a ciphering sequence SE of a data block P by means of an XOR-type gate 11. Gate 11 provides a ciphered result C, that is, a block P ciphered by means of sequence SE. Sequence SE provided by generator 10 is based on an internal key K corresponding to a key specific to the microprocessor and on an initialization vector IV provided by a generator 12 (IVGEN). Generator 10 is pseudo-random in that, for a given key K, it always provides the same sequence SE for a same initialization vector IV. Magnitudes K and IV are exploited by a pseudo-random number generation algorithm (block 10) and are binary words, the sizes of which depend on the desired security in terms of numbers of possible combinations. Sequence SE is a binary word, the size of which depends on the size of the blocks to be ciphered. The flow of data blocks C is stored in memory 4 (MEM). Initialization vector IV generated by generator 12 is stored in memory 4 at the same time as encrypted block C (CRYPT DATA) coming from gate 11, to be able to associate, with each stored block, an initialization vector specific thereto. What has been described hereabove corresponds to a write phase (high portion of FIG. 2, WRITE) in memory 4 (MEM).
To decipher (low portion of FIG. 2, READ) data read from memory 4, the same pseudo-random generator 10 of sequences SE and the same XOR gate 11 are used. Generator 10 receives on the one hand key K internal to the integrated circuit (processor) and on the other hand the initialization vector IV corresponding to block C to be deciphered, read from memory 4.
A solution such as illustrated in FIG. 2 corresponds to a solution described in the above-mentioned U.S. patent and enables the ciphered data to be ciphered by a key specific to the integrated circuit chip processing them.
A first problem of conventional solutions of the type described in this patent application is linked to the need to store the initialization vectors. Such storage takes space (be it external or internal to circuit 1).
Another problem is linked to the so-called collision risk with the method used to generate initialization vectors IV of sequence generator SE. Indeed, the probability to be in the presence of two identical initialization vectors is a function of the size of word IV generated by generator 12. However, increasing the length of the random sequence increases the circuit cost. In fact, for a same ciphering algorithm (block 10), the ciphering security lies on the size of the initialization vector.
WO-A-02/0778025 provides a ciphering result that is a function of the ciphering key, the data and its address in the memory.
EP-A-0 908 810 provides masking, upstream from the ciphering, data blocks with their respective addresses in the memory.
These solutions both make an initialization vector dependent on the address of the block to be ciphered and avoid the storage of such a vector in the memory. However, the initialization vector is then determinable (it is no longer random), and that is prejudicial to the security of the ciphering.