The invention relates to an integrated circuit comprising a first processing unit and a non-volatile memory for storing a key, said first processing unit being arranged to carry out a cryptographic algorithm using said stored key, and to a smart card comprising such a circuit.
Such integrated circuits are used in various systems secured against penetration/use by unauthorized persons. The stored key is used to obtain the clear text of encrypted messages using the cryptographic algorithm. As an example of a system in which such an integrated circuit could be used a pay-TV system can be mentioned.
In view of the availability of more and more improved technical equipment to examine integrated circuits and their operation, unauthorized persons have the possibility to read a stored key from an integrated circuit of this type, whereby security of the system is broken.
The invention aims to provide an integrated circuit of the above-mentioned type with improved security.
According to the invention an integrated circuit is provided, the integrated circuit comprising a first processing unit and a non-volatile memory for storing a key, said first processing unit being arranged to carry out a cryptographic algorithm using said stored key, wherein the non-volatile memory comprises at least two non-volatile memory elements, each memory element storing a share of a key used in the cryptographic algorithm, wherein each memory element is connected to the first processing unit by an independent bus.
In this manner an integrated circuit with increased complexity is obtained, wherein both busses and/or logic circuits-within the processing unit have to be probed in order to recover the complete key.
According to the invention complexity can be further increased in a circuit, wherein second and third processing units are provided, the second processing unit being connected to each memory element by the corresponding independent bus, wherein each memory element stores a key share for the first and second processing units, said first and second processing units using each said key shares to determine an output key share, wherein the outputs of the first and second processing units are connected to the third processing unit to provide said output key shares to the third processing unit which is arranged to carry out the cryptographic algorithm.
The invention will be further explained by reference to the drawings in which two embodiments are shown in a very schematical way.