1. Field of the Invention
The present invention relates to a voltage-glitch detection circuit and, more particularly, to a circuit for securing an integrated circuit smart card from a glitch attack.
2. Discussion of Related Art
A smart card contains electronics in the form of integrated circuit (IC) chips such as a central processing unit (CPU) or microprocessor, a chip operating system (COS), an electrically erasable and programmable read only memory (EEPROM) acting as a secure storage area, and so forth. The IC chips are usually mounted on a surface of a plastic card whose material and size are similar or the same as a typical credit card.
Depending on the electronics on the smart card, information can be stored, processed, read, erased as well as communicate with the outside. Because smart cards can be easily misplaced, and information stored thereon can be highly sensitive and confidential, smart cards are tightly controlled and protected by embedded security and password systems. Smart cards are used, for example, as ATM cards for banking transactions, as phone cards with prepaid time for phone calls or used in time-based cellular phones. Other uses of smart cards include, for example, the authentication of a user connected to an Internet Bank; the payment for parking; the payment of subway, train or bus fare; the direct supply of personal information to a hospital or a doctor; and Internet shopping.
As usage of smart cards for routine financial transactions increases, the incentive for unauthorized access or tampering of the smart cards also increases. Microprobing, software attacks, eavesdropping, and fault generation are known methods of tampering.
Microprobing involves directly accessing a chip surface. Software attack involves interfacing the processor and accessing password algorithm or algorithm execution in a protocol. Eavesdropping involves measuring and detecting smart card signaling characteristics and electromagnetic radiations from the smart card during a normal operation. Fault generation uses an abnormal circumstance condition to generate a processor error providing an additional access. The microprobing technique is an invasive attack, and the other techniques are non-invasive.
A glitch attack involves application of an externally applied signal or energy to the smart card or the power source to access the smart card. For example, data may be extracted from an EEPROM by applying a glitch to the voltage supply for driving an internal chip of the smart card. A glitch attack may also involve a communication between the smart card and a smart card terminal made through a series of sequential operations. First, when a card is inserted into a card terminal (in case of a touch smart card), the card and the card terminal are connected to each other. The card terminal provides power and a set of signals to the card. The card receives a constant chip operation voltage (Vdd) from the power supply voltage so that the chip can operate. If the card is reset by a reset signal, the card generates an Answer To Reset (ATR) to exchange information between the card and the card terminal. The ATR protocol is defined in ISO/TEC 7816 part 3, and has parameters such as a physical property and a logical characteristic of an exchange protocol.
When N data are read out from a specific address of a smart card chip to transmit an ATR, a high voltage glitch may occur. The high voltage glitch may cause an EEPROM dump, resulting in data being read from an ffh address of the EEPROM.
A need therefore exists for a voltage-glitch detection circuit for detecting a voltage glitch, and an integrated circuit device for securing internal information from a voltage glitch.