1. Field
This invention pertains to the field of memory devices and smart cards having memory devices, and more particularly, to memory devices and smart cards employing methods to for detecting attacks, and specifically light attacks.
2. Description
Smart cards have integrated circuit (IC) chips which may include embedded microprocessors, card operating systems, security modules, and memories therein. Unless other cards that just have a memory, smart cards can perform various specific operations, such as arithmetic operations, data encryption and decryption, bidirectional communication etc. Operations for reading, writing, and erasing data and programs stored in a smart card, and communications between a smart card and an external system, and strictly controlled and protected from unauthorized access or interference by built-in security functions and elaborate encryption algorithms.
In general smart cards can be divided into contact type smart cards and contactless smart cards.
FIG. 7A shows a functional block diagram of a contact type smart card 700A. Smart card 700A includes a central processing unit 710A and a crypto coprocessor 720A connected to a read only memory (ROM) 730A, a random access memory (RAM) 740A, and an electrically erasable programmable read only memory (EEPROM) 750A via a bus 760A. Smart card 700A also includes input/output circuits and security sensors 770A and a bank of electrical contacts 780A. In one embodiment, electrical contacts 780A includes a VCC contact C1, a reset (RST) contact C2, a clock contact C3, a ground contact C5, and a VPP contact C7. Contacts C4 and C8 are reserved.
FIG. 7B shows a functional block diagram of a contactless smart card 700B. Smart card 700B includes control and arithmetic unit 710B, authentication and access control 720B, ROM 730B, RAM 740B, EEPROM 750B, I/O 760B, RF circuit 770B (including power reception circuit 772B and data transmission circuit 774B) and an antenna 780B.
Smart cards are increasingly used in a variety of applications, where identification and authentication are important. Such applications may include banking transactions, credit transactions, point of sale purchases, mobile telephones, conditional access to video and audio programs, personal access to secure facilities, etc.
Fir these applications, smart cards are generally required to store sensitive information, such as account numbers, access codes, personal data, etc. Therefore, it is essential for the internal information of smart cards to be secure in order to safely employ such cards in these applications.
With the expansion in the use of smart cards, there are increasing efforts to develop techniques for “attacking” the smart cards so as to defeat their security measures and obtain access to the sensitive information utilized by the smart cards for pecuniary gain. In general, unauthorized access to the smart card is called “tampering.” Tampering techniques include microprobing, software attacks, eavesdropping and fault generation.
A microprobing technique may be used for directly accessing the surface of an IC chip. A software attack is operable with a general communication interface, utilizing security vulnerability arising from protocols, an encryption algorithm, or execution of an algorithm. An eavesdropping technique is carried out by evaluating analog characteristics of the power supplies and interfaces of the smart card and analyzing electromagnetic generated from a processor during normal operations. A fault generation technique operates to create a malfunction of a processor to provide an additional access by means of abnormal environment conditions. The microprobing technique is a kind of invasive attack, requiring a lot of time. The other techniques are kinds of non-invasive attacks.
One type of non-invasive attack is a glitch attack technique. The glitch attack technique attempts to “hack” a smart card by applying an external signal thereto or an abnormal signal to its power supply so as to make the smart card operate irregularly.
In recent years, an attacking technique has been developed for changing data in a smart card by means of a laser light which can be controlled to be emitted onto very localized areas of the smart card.
Accordingly, it would be desirable to provide a method of detecting a light attack on a memory device. It would also be desirable to provide a memory device that can detect such a light attack. It would further be desirable to provide a smart card that can detect a light attack on a memory device embedded into the smart card.
The present invention is directed to a method of detecting a light attack in a memory device, and a memory device employing such a method.
In one aspect of the inventive concept, a method is provided for detecting a light attack on a memory device having a plurality of memory blocks each including a plurality of memory cells. The method comprises: turning off all of the memory cells of memory blocks of the memory device that are not currently being accessed for a read/write operation; sensing a leakage current of at least one of the memory cells of the memory blocks that are not currently being accessed for a read/write operation; and detecting a light attack on the memory device when a leakage current of the one of the memory cells of the memory blocks that are not currently being accessed for a read/write operation is greater than a threshold.
In another aspect of the inventive concept, a method is provided for detecting a light attack on a memory device having a plurality of memory cells. The method comprises: turning off all of the memory cells of the memory device when the memory device is not currently being accessed for a read/write operation; sensing a leakage current of at least one of the memory cells of the memory device when the memory device is not currently being accessed for a read/write operation; and detecting a light attack on the memory device when the leakage current of the one of the memory cells of the memory device is greater than a threshold when the memory device is not currently being accessed for a read/write operation.
In yet another aspect of the inventive concept, a method is provided for detecting a light attack on a memory device having a plurality of memory cells. The method comprises employing at least one memory cell to detect a light attack on the memory device when the memory cell is in an inactive state, and outputting a signal indicating whether a light attack is detected.
In still another aspect of the inventive concept, a memory device comprises: a plurality of memory cells; an arrangement for turning off all of the memory cells in response to a security detection enable signal; and a detection circuit operatively connected to the memory cells for detecting leakage currents of the turned-off memory cells and for detecting a light attack on the memory device when the leakage current of one of the memory cells of the memory device is greater than a threshold.
In a further aspect of the invention, a smartcard comprises a processor; a memory interface unit adapted to receive memory access instructions from the processor; a memory device; a bus connecting the processor, the memory interface unit and the memory device; and a security detection enable controller adapted to generate a security detection enable signal in response to the memory access instructions. The memory device comprises a plurality of memory cells, wherein a memory cell is part of a light attack detection means for the memory device when the memory cell is in an inactive state.
In a still further aspect of the invention, a smartcard comprises: a processor; a memory interface unit adapted to receive memory access instructions from the processor; a memory device; a bus connecting the processor, the memory interface unit and the memory device; a security detection enable controller adapted to generate a security detection enable signal in response to the memory access instructions. The memory device comprises: a plurality of memory cells; an arrangement for turning off all of the memory cells in response to the security detection enable signal; and a detection circuit operatively connected to the memory cells for detecting leakage currents of the turned-off memory cells and for detecting a light attack on the memory device when the leakage current of one of the memory cells of the memory device is greater than a threshold.