The invention relates to microprocessor cards and, in such cards, different devices for hiding the operations performed in the card for the purpose of improving security against fraudulent intrusions.
Chip cards are divided into several categories, namely:
simple-memory cards,
memory cards known as smart cards, and
microprocessor cards.
A simple-memory card makes it possible to perform read and write operations freely in the electrically erasable read only memory area. Such a card is inexpensive but does not offer sufficient security so that it is being used less and less.
A smart memory card notably improves the security of the read/write operations by enabling them only when certain conditions implemented in hard-wired form are fulfilled.
A card in the third category contains a microprocessor capable of executing programs recorded in a memory and thus making calculations with secret data inaccessible to the world external to the card. Thus a key recorded in the memory can serve to validate an electronic transaction such as a purchase or a door opening without having to be manipulated outside the card.
Unfortunately, certain microprocessors have current consumptions which depend on the calculations made inside the card. Thus a cryptographic calculation comprising a calculation tree which depends on the digits of the key used will have different current consumption footprints according to the value of the key used. As a result a fraudster could correlate the current consumption footprint of the key used and thus go back to the value of the key.
To prevent this correlation, a usual countermeasure consists of programming the cryptographic algorithm so that, whatever the value of the key, the algorithm will always pass through the same calculation steps.
Many so-called xe2x80x9cbyte orientedxe2x80x9d algorithms lend themselves well to this program mode, but other pose a few technical problems which are surmountable only at the cost of a less optimal calculatory performance.
The purpose of the invention is therefore to use, in microprocessor cards, devices for hiding the operations performed whilst permitting the programmer the free choice of the programming rules, whether or not they are of the xe2x80x9cbyte orientedxe2x80x9d type.
This purpose is achieved by modifying or scrambling the consumption of the card so that its footprint is independent of the calculations made.
This modification or scrambling of the footprint can be obtained by adding a device to the card which modifies the current consumption.
In a first example embodiment, this device consumes electrical power in an irregular or random manner, which is added to that of the normal consumption.
In a second example embodiment, this device achieves a mean consumption by effecting, for example, an integration of the current consumed.
In a third example embodiment, this device triggers the microprocessor memory erasure or programming circuit which consumes power in a chaotic manner, power which masks the consumption due to the operations performed by the microprocessor during the programming or erasure of the memory.