In general, a method for access to the cells of a memory area is used whenever a processing unit performs an operation of writing or reading data blocks in the cells of said memory area. This access operation consists, for the processing unit, at each access time, of generating an address that is then supplied on the addressing bus of a memory and either reading the data blocks stored in the cell at the address thus generated or writing a data block in said cell. The data blocks read in the cells of the memory area may be manipulated, that is to say processed, copied after processing, etc., by the processing unit or be transmitted after processing to an external processing unit. Likewise, the data blocks that are stored in the cells of said memory area may be data blocks that have been the subject of manipulations on the part of said processing unit, or data blocks that have been received from an external processing unit.
The manipulations of data blocks which relate to confidential information must be carried out by the processing unit in complete security. However, there exist analysis techniques, referred to as hidden channel analysis, such as for example the analysis of electrical consumption or of the emission of electromagnetic radiation, performed during specific operations, that can make it possible to know this confidential information if precautions are not taken. Countermeasures are therefore generally taken.
Among these, techniques consist of integrating a random component in the access to the memory area that contains the data blocks corresponding to this confidential information, different whenever access is made so that a hidden channel analysis cannot make it possible to get to the confidential information.
One technique consists of choosing a random index prior to the operation of access to the memory area, and then accessing the cells of the memory area in question so that the access addresses are in an order that is shifted by this random index with respect to the order of the access times. Thus, at each manipulation of the data blocks of the memory area in question, the combination of the access addresses is in an order different from that of a previous manipulation, an order simply offset by the random index. This technique may prove to be insufficient against repeated statistical attacks, since the number of combinations of possible access addresses that is equal to the maximum size of the memory area to be accessed proves to be relatively small.
Another technique consists of generating an index by applying an interference mask, for example for the use of an addition method in the Galois field GF(2n) where the coefficients are elements of GF(2). Though this technique proves to be more effective against repeated statistical attacks than the previous technique, it does nevertheless have the drawback that the direct application of a mask is dependent on the size of the memory area to be addressed, in particular if it is not a power of 2. To remedy this drawback, it is necessary to divide the memory area to be accessed into sub-areas of sizes that are a power of 2 and to perform the accesses on each of these sub-areas. The sub-areas with a smaller size are however not suitably jammed. As a result the number of combinations of access addresses possible is still too small and it is not possible to choose the last index for a size of the memory area that is odd.
It therefore turns out that the known techniques of the prior art are not sufficiently resistant to attacks by hidden channel analysis because the possible number of combinations of the access addresses in the different orders is not sufficiently large and therefore do not withstand attacks over a relatively long time.
The aim of the invention is therefore to remedy the above-mentioned drawbacks of the techniques of the prior art and to propose a method for access to all the cells of a memory area for purposes of writing or reading data blocks in said cells where the possible number of combinations of access addresses is sufficiently high to make an effective analysis in a reasonable time of the information obtained by hidden channel analysis techniques.