A. Technical Field
The present invention generally relates to secure integrated circuits and more particularly to secure microcontrollers.
B. Background of the Invention
Several types of integrated circuit exist which are dedicated to the security of information, and it is nowadays common to base the security of an electronic system or computer system on an integrated circuit which performs the security functions.
One well-known example is that of the chip card, which is provided with an integrated circuit having the function of protecting sensitive information such as keys. These keys secure for example bank transactions, telephone charges or distance purchase transactions.
However, integrated circuits for chip cards have only a single input/output pin. It is therefore easy to encrypt the data circulating on this pin, so that it is not useful to secure the housing as such.
Another example of a circuit dedicated to security is the TPM (“Trusted Platform Module”) which, on the initiative of large computer companies, is nowadays present on almost all professional laptops, and these TPMs will tomorrow probably equip all personal computers sold throughout the world.
Complex secure circuits, in particular TPM circuits, have a much larger number of inputs/outputs than a circuit for a chip card (28 pins for the TPM). Thus, the securing of the component requires the protection of the sensitive information circulating on this multitude of inputs/outputs, so that an attacker cannot obtain information or force said information to the values that he desires. It can therefore be seen that the encryption solution which is suitable in the case of circuits for chip cards is no longer suitable in the case of complex secure circuits, since the computing power necessary for encrypting and decrypting in real time around 20 signals or even more would be crippling in terms of the necessary performance and cost.
A new solution is therefore required for securing complex circuits provided with a multitude of inputs/outputs.
Furthermore, it has been noted that devices for the physical and electrical analysis of integrated circuits progress rapidly. These devices include in particular the electron scanning microscope, focalized ion beam (FIB) devices or devices for analyzing the emission of photons by the junctions (also known as “Emiscopes”).
These items of equipment, which are basically intended for the development of integrated circuits, can also be used by some people as formidable means of attack directed against the security of circuits.
However, in this context, it is important to note that, for all these devices, the housing must be opened before carrying out the attack.
One way of responding to the problem would therefore consist in principle of protecting the whole of the circuit, by protecting the housing of the circuit against physical ingressions. The protection of the housing may be relatively simple in some cases, for example by depositing a resin coating on top of the integrated circuit, for packagings of the “Chip on Board” type or when the secure components are chip card micromodules.
This is what was done in FR 2 888 975 A, which provides for covering the entire surface of the chip with protective layers which are arranged on each side of the chip so as to cover the entirety thereof with a protective layer. Of course, such a structure is expensive in view of the surface area to be protected. In addition, it is relatively ineffective since all that is required is to remove the protective layers, which are clearly located and very apparent, in order to bypass the protection means.
However, such a protection is ineffective because a simple chemical attack makes it possible to remove the resin coating deposited at the time of placing the circuit on the support and to access the actual integrated circuit (chip).
The protection of the housing against physical ingressions is more complex in other implementations if the integrator has provided additional protection during the final mounting of the integrated circuit on its support. For example, it is known to cover the circuit with a deposit, a cap or a cover of variable type (resin deposit, metal cap). The latter may be very simple, thus providing minimal mechanical protection since the protection is merely passive.
Also known are more elaborate means of external protection, in the form of conductive circuits in which there is conveyed an electrical signal intended to detect any ingression into the cover by a checking of this signal by the security mechanisms, the conductive circuits generally being arranged in a material preventing access thereto (resin, gel, etc.). One highly representative example of such a coating which provides a high level of security is the product called “tamper-respondent security enclosure” by WL Gore & Associates. However, this external protection option presents considerable drawbacks for the person integrating the circuit in the final product. In fact:                the integration of the component thus protected is by definition more complicated to achieve since it requires additional elements, such as for example a cap, additional tooling for installing the cap, additional time for mounting the cap and drying the resin;        the manufacturing cost is higher due to the additional material required and the additional manufacturing steps;        there is a negative impact on the manufacturing yield of the final product;        the risk is higher from a security point of view since functional modifications on the final product may involve rethinking this protection;        the external protection must be validated by certifying laboratories.        