1. Field of the Invention
The present invention generally relates to electronic circuits and, more specifically, to the detection of incidental or voluntary disturbances in the power supply of an electronic circuit. The present invention more specifically applies to the detection of such disturbances in the context of attacks by fault injection in the execution of programs or of algorithms by the circuit.
2. Discussion of the Related Art
FIG. 1 schematically shows a smart card 10 of the type to which the present invention applies as an example. Such a card is most often formed of a plastic support on or in which is placed an integrated circuit chip 1 associated with contacts 2 for communication with a terminal (not shown) and/or with radio-frequency transmit/receive elements, not shown, for a contactless communication.
FIG. 2 is a schematic block diagram illustrating a second example of application of the present invention to a receiver 20 of signals broadcast in controlled fashion, for example a decoder of television signals received by a satellite antenna 21 for display on a screen 22 of television set type. The decoding of the received transmissions is dependent on access rights managed by decoder 20 (for example, of a type known under name Set Top Box). In certain cases, decoder 20 comprises a smart card reader 10 of the type illustrated in FIG. 1, integrated circuit 1 of which contains the rights of access (more specifically, an identifier and generally a ciphering key) necessary for the proper decoding of transmissions. In other cases, integrated circuits (not shown) internal to decoder 20 comprise elements for managing the rights of access (especially, of deciphering).
FIG. 3 is a schematic block diagram of a conventional example of a microcontroller 1, for example, of a smart card, to which the present invention applies as an example. Such a circuit comprises a central processing unit 31 (CPU) capable of executing the programs most often contained in a non-volatile memory 32 (NVM), for example of ROM or EEPROM type, with which it communicates by means of one or several buses 33. Bus(es) 33 convey signals (address, control, and data signals) between the different elements of circuit 1 and between all or part of these elements and an input/output interface 34 (I/O) to communicate with or without contact with the outside. Most often, volatile storage elements 35 (MEM) of RAM type and/or of register type are contained in circuit 1. Other functions (block 36, FCT) may also be integrated to circuit 1 according to the application. For example, such functions may comprise a ciphering cell, an integrity check cell, etc.
Circuit 10 handles digital quantities (be it program or data instructions) which, in the applications aimed at by the present invention, condition the access to certain data (for example, telecast programs). It may be secret keys of ciphering algorithms, secret authentication codes, algorithmic steps of a program, etc.
Different attacks are likely to be implemented to attempt discovering the secrets of the integrated circuit or to make a protection of processed data inoperative, by examining the input/output signals and/or the power consumption of the circuit or any other quantity influenced by its operation. In particular, so-called fault injection attacks comprise causing a disturbance in the operation of integrated circuit 1 on execution of a cryptography or decoding algorithm and interpreting the subsequent circuit operation to attempt discovering the secret quantities. More simply, the disturbance may generate a jump in the program aiming at not executing instructions capable of forbiding the access to data.
The most current disturbance in fault-injection attacks is a disturbance on the circuit power supply (glitch attack) causing a noise peak of very short duration in the circuit power supply.
To attempt blocking such attacks, integrated circuits comprise software and/or hardware tools reacting to a disturbance in the circuit operation (countermeasure), to block the circuit operation, prevent the output of confidential data, make a calculation result inexploitable, etc. when a fraud attempt is detected.
Among such tools, the present invention more specifically relates to detectors of disturbances of the power supply of a circuit, for example, directly acting on the circuit by resetting the central processing unit, thus forbidding the possible hacker from taking advantage of the disturbance.
The need for a detector of power supply noise peaks especially results from the imperfection of voltage regulators most often equipping electronic circuits due to miniaturization needs, which prevent the use of filtering capacitors of sufficient size.
FIG. 4 very schematically shows in the form of blocks a conventional example of a circuit for detecting noise peaks in the power supply of an electronic circuit. This detector is based on a voltage comparator 41 (COMP) having its two inputs receiving a voltage proportional to supply voltage Vdd after filtering by resistive and capacitive circuits exhibiting different time constants. Voltage dividers (resistors R11 and R12 in series and resistors R21 and R22 in series) between a terminal 42 of application of voltage Vdd and ground 43 are coupled to the two input terminals (− and +) of comparator 41, a capacitor C1, respectively C2 connecting the corresponding comparator input (midpoint of the associated resistive bridge) to ground to form the filtering cell. The output of comparator 41 crosses a level adapter element 44 (BUF) having its output connected to a reset terminal R of central processing unit 31. The circuit of FIG. 4 is described, for example, in document US-A-2003/0226082. The values provided to the filtering cells define different time constants to detect a supply noise.
A disadvantage of the circuit of FIG. 4 is that it does not enable detecting fast noise peaks on the power supply. Now, more and more, noise peak attacks exploit very short peak durations (shorter than some hundred nanoseconds). The limits of the circuit of FIG. 4 are due not only to the filterings performed on the two inputs of comparator 41, but also to the very structure of this comparator, based on an operational amplifier structure. Such a structure is also complex.
Another disadvantage of the solution described in relation with FIG. 4, here again aggravated by the internal structure of the comparator, is that this circuit becomes even more complex to detect both positive and negative noise peaks.