As known, a method to de-correlate electric signals emitted by an IC Card during computations, and sensitive data involved during such computations, provides the execution of one more noise functions. The execution of noise functions introduces electric signals to trick or defeat an attack which attempts to detect sensitive data. In fact the attack cannot distinguish between an electric signal involving the sensitive data and a similar electric signals, i.e. a signal with a same power consumption or frequency, introduced by the noise functions.
FIG. 1 is a diagram representing the electric signals sa, sb, sc emitted by an IC Card during the computations of instructions i1, i2, i3 as a function of the time t. These computations involve sensitive data, for example a cryptographic key used by instruction i2, to encrypt data. The computation of instruction i2 may generate an electric signal sb different from the signal emitted by the computations of instructions i1 and i3, due to the computational complexity of the cryptographic instruction with respect to other instructions.
FIG. 2, is another diagram representing the same electrical signals sa, sb, sc emitted by the IC Card for the computations of the instructions i1, i2, i3, as a function of the time t, with the insertion of further electric signals generated by the computation of noise functions f1, f2, for example between instruction i1, i2. When the IC Card process functions f1, f2, it emits electric signals s1, s2 which are substantially identical to the signal sb of the instruction i2 involving sensitive data. However, functions f1, f2, does not involve sensitive data. Thus, an attack trying to retrieve sensitive data from the electric signals, should take in considerations not only the signal sb, which is emitted during the effective computation involving sensitive data, but also the similar signals s1, s2, which are de-correlated from such sensitive data.
The bottom part of FIG. 2 schematically represents the implementation of the method to de-correlate electric signals according to the prior art. A timer TMR, for example counting 20 usec, is started. When the timer TMR is decreased to 0, i.e. when the 20 usec are lapsed (as indicated with a in FIG. 2), a noise function f1, f2 may be triggered. Then the timer TMR is reset to count the following 20 usec, after which, at point b of FIG. 2, another noise function f1, f2 may be triggered. In FIG. 2, the timer TMR is reset 8 times (indicated from a to h) and two noise functions f1, f2 are triggered between instruction i1 and i2. In other words, the noise functions f1, f2 may be randomly triggered or not triggered when the timer TMR is reset.
Even if this method is advantageous because it allows the random insertion of noise functions f1, f2, it is limited by the fact that such functions may be inserted only at predetermined times, which are determined by the timer reset. In other words, again with reference to FIG. 2, the functions f1, f2 may be inserted each time the timer TMR is reset, i.e. in each of the points a-h, in one of such points a-h, or in more than one point, for example in a and b, as represented in FIG. 2. However, the noise functions cannot be triggered in a time between the points, for example between a and b.
Thus, an attacker may try to identify all the possible insertion patterns of noise functions triggered by the timer reset and ignore the corresponding electric signals, because they are associated with the noise functions and thus they do not involve the sensitive data.