1. Field of the Invention
The present invention generally relates to a data processing circuit and a control method therefor. More specifically, the present invention relates to a data processing circuit and a control method therefor that provide high security against theft of an encryption key used for an encryption scheme, such as DES (Data Encryption Standard).
2. Description of the Related Art
In systems using IC (Integrated Circuit) cards and readers/writers, for example, data to be exchanged between the IC cards and the readers/writers is encrypted using encryption keys to prevent data tampering or wiretapping.
Encryption schemes are roughly classified into a shared key type and a public key type. In the shared key type, data is encrypted and decoded using the same encryption key, called a shared key, and one known encryption scheme of the shared key type is DES. In the public key type, data is encrypted and decoded using separate encryption keys, called a public key and a private key, and one known encryption scheme of the public key type is the RSA (Rivest, Shamir, Adeleman) algorithm.
Generally, encryption is carried out by a hardware encryption circuit, such as a single IC, because the encryption scheme and the encryption key can easily be broken (found) if the encryption procedure can be observed. In this case, for example, unencrypted data (or plaintext) and encrypted data (or ciphertext) thereof can be observed outside the encryption circuit, which is an IC. However, it is difficult to break the encryption scheme and the encryption key used by the encryption circuit for encryption from the plaintext and the ciphertext.
Recently, a technique that allows an encryption key used by an encryption circuit to be decoded by analyzing the power consumption (current consumption) of the encryption circuit, called DPA (Differential Power Analysis), has been proposed (see, for example, P. Kocher, J. Jaffe, B. Jun, “Differential Power Analysis,” Advances in Cryptology—Crypto 99 Proceedings, Lecture Notes In Computer Science Vol. 1666, M. Wiener ed., Springer-Verlag, 1999.)
DPA is a technique using a small difference in the power consumption between the logical “1” and “0” levels in the processing performed by an encryption circuit. The encryption circuit is formed of, for example, a metal oxide semiconductor (MOS) IC. Ideally, no current flows in the MOS IC.
However, actually, a leakage current or the like flows in the encryption circuit. The leakage current or the like depends upon the logical “1” or “0” level, resulting in a difference in the power consumption between the logical “1” and “0” levels in the processing performed by the encryption circuit. Furthermore, the power consumption in the encryption circuit increases when data is transformed. In DPA, the encryption key used by the encryption circuit is decoded using the difference in the power consumption.
An encryption circuit that performs encryption using DES generates an intermediate key from an encryption key (i.e., a shared key), and encrypts data using the intermediate key.
The DPA algorithm allows an intermediate key used within an encryption circuit to be relatively easily broken (decoded) by analyzing the power consumption of the encryption circuit. Therefore, the DPA method has a critical problem in view of security for encryption performed by the encryption circuit.