The present invention relates to a semiconductor integrated circuit and an IC card, and more particularly to a technique that can be effectively applied to, for instance, the prevention of reverse engineering of a cryptographic key or the like held by a semiconductor integrated circuit, such as a microcomputer for IC cards.
Along with the development of semiconductor technology, it has become a common practice to settle accounts in a safe and secure way by incorporating integrated circuits (ICs) into credit cards, securities or the like and communicating account information in an encrypted form. This IC-based method makes it more difficult to forge a paper or use another person's name than the conventional method of using magnetic records, and as such is beneficial to both end users and service providers.
Cryptographic algorithms have been studied for many years, making it extremely difficult to infer a cryptographic key from signals obtained by tapping a communication line, and this risk is virtually negligible. A real problem, however, is posed by attempts to open an IC and reverse-engineering it to directly read internal information or a cryptographic key contained in the IC. Reverse engineering is a technique or an act to analyze the structure and/or specifications of a hardware or software product and thereby and thereby reveal the technical information contained.
Previously devised reverse engineering techniques was to read internal information or a cryptographic key contained in an IC card by supplying a clock of an illegitimate frequency to the card, abruptly raising or reducing the voltage of power supply to it or irradiating it with a powerful electromagnetic wave to abnormally operate the IC card. On the part of the IC card, such intrusions were fought back by detecting such abnormal states, and preventing internal information or the cryptographic key from being read out on the basis of the detected acts.
For instance, according to a technique described in Patent Reference 1, an IC chip for an IC card is provided with an unsealing sensor and, if it detects unsealing, a CPU will erase data in the memory to ensure safe protection of secrets.
Patent Reference 2 describes a technique according to which a small hole is bored in a part of a package to seal and shadow the circuit configuration so that only the sensor part for light detection be illuminated with a light and the circuit can operate normally only when the light is detected. Since an unauthorized analyst would open the package in a dark place to avoid adverse impacts of light, the circuit would operate differently from its usual way in a state in which no light is detected. This different operation makes impossible analysis of the normal operation of the circuit and accordingly illegitimate reading of the stored information.
Patent Reference 3 discloses a technique according to which a plurality of light receiving elements are integrated on an IC in a distributive way, and each of the plurality of light receiving elements is connected to one of a connection line connected to a nonvolatile memory cell, a connection line connected to a logic circuit and a connection line connected to a logic element and, by intercepting, establishing conduction of or grounding these connection lines, the circuits related to the respective connection lines are inhibited from normally operating so that the internal information contained in the IC can be protected even if it is unsealed.
Patent Reference 1: Japanese Published Unexamined Patent Application No. Hei 10(1998)-320293
Patent Reference 2: Japanese Published Unexamined Patent Application No. 2000-216345 (paragraphs 0009 through 0011)
Patent Reference 3: Japanese Published Unexamined Patent Application No. Hei 11(1999)-102324