1. Field of the Invention
The present invention generally relates to electronic circuits and, more specifically, to the protection of information contained in an electronic circuit or the circulation of which is controlled by this circuit. “Information” designates any type of data that is not to be communicated in uncontrolled fashion, be they contained in the circuit (for example, access codes, passwords, storage addresses, specific steps of algorithms, etc.) or external to the circuit but with said circuit controlling their availability (for example, ciphered data, broadcast media contents, etc.).
A first aspect relates to the protection of data contained in an electronic circuit against fraud attempts aiming at discovering the data supposed to remain secret.
Another aspect relates to the control, by means of an electronic circuit, of the communication or of the use of information contained in the circuit or in an appended device.
The present invention will be described hereafter in relation with an example of application to an electronic circuit of a smart card, but it more generally applies to any electronic circuit containing information with a controlled circulation or conditioning the circulation of information with a controlled circulation, be the circuit on a smart card, isolated, or assembled on an electronic board of a more complex device.
2. Discussion of the Related Art
According to one aspect, when an electronic circuit is capable of manipulating information which are supposed to remain secret, it may be equipped with software and/or hardware mechanisms of detection and protection against different attack attempts aiming at hacking these data. The protection mechanisms (countermeasures) against attacks distribute between those which scramble the manipulation of the critical information (for example, by injection of random numbers) and those which try to detect attack attempts to block the information or the circuit. All such mechanisms have the disadvantage of lengthening the information processing time as compared with a lack of protection.
Further, they require that the circuit to be powered to operate. On the one hand, this generates non-productive power consumption. On the other hand, this enables a person attempting fraud to bypass some countermeasures by cutting-off the circuit power supply (for example, by abruptly extracting the smart card from the reader).
According to another aspect which relates to the control, by means of an electronic circuit, of the communication or of the use of information, ciphering/deciphering units are difficult to protect. This results in a weakness of the system since the same unit can then be used by several receivers. For example, it is enough for an authentic smart card forming an access unit to be made available on-line by its owner over the Internet for several users to request at the same time on-the-fly decipherings via the Internet. The increase in available Internet throughputs and the use of the Internet for the broadcasting of digital contents have increased the vulnerability of such systems.
It would be desirable to be able to control the access to the deciphering circuit resources to prevent such frauds.
More generally, it would be desirable to be able to control the access to resources of an electronic circuit, be it to avoid frauds or for any other reason (for example, limiting the number and/or the duration of use of the resources). “Resource” is used to designate any software or hardware application of the circuit (for example, a ciphering algorithm, a program of a circuit application, etc.) as well as any information stored or manipulated by the circuit (for example, a ciphering circuit, an authentication code, etc.).