1. Field of the Invention
The present invention generally relates to electronic circuits and, more specifically, to microprocessors exploiting an external memory. “External memory” means a memory connected to the processor by communication buses accessible for a measurement of the electric signals, for example, by a possible person attempting to fraud.
The present invention more specifically applies to the checking of the integrity (the absence of modification between the writing and the reading thereof) of information contained in an external volatile memory for processing by a microprocessor.
2. Discussion of the Related Art
A solution to check the integrity of the content of a memory read by a microprocessor is known as the CRC (Cyclic Redundancy Check) and comprises storing, with the content of a block in the memory, a value representative of this content. This value is then checked on reading to detect possible errors in the content of the memory block. Such a solution may be efficient to detect incidental errors but is not efficient against a possible hacking. Indeed, it is enough for the hacker to know the CRC value calculation mode to be able to force the system with erroneous data, accompanied with a CRC value which will have been calculated by the hacker himself and which will be admitted by the system.
Another solution comprises ciphering the entire memory content by means of a ciphering algorithm executed by the microprocessor. On reading, the data extracted from the memory are then deciphered by the microprocessor. Such a solution does not prevent the introduction of erroneous data, for example, in a fraud attempt by fault injection into the program execution, since the data or instructions will anyway be deciphered by the processor.
A third solution is based on the calculation of a signature with a key (MAC—Message Authentication Code) or with no key (hash function), and comprises calculating the result of a cryptographic algorithm. US patent application no 2006/0253708 describes an example of a solution with a key. This solution provides good results but requires storing a large number of data (one per memory line) on the microprocessor side. Such storage spaces are not always available.
U.S. Pat. No. 6,247,151 discloses a method for verifying the integrity of data stored in a memory, two signatures respectively taking into account a data and a copy of it in another memory area are generated.