1. Field of the Invention
The present invention relates to a nonvolatile memory system and a method for controlling a nonvolatile memory for prohibiting a reading operation under an improper environment.
2. Description of the Related Art
For example, in a security LSI (large scale integration) such as an IC (integrated circuit) card, data is transmitted to or received from another apparatus with the data being encrypted. Thus, an encrypting engine is mounted in the LSI, and a nonvolatile memory is also mounted therein in order to store secret information including a key in many cases. The security LSI can be attacked in various methods by an attacker who tries to illegally obtain secret information. The methods used by the attacker include the followings.
(1) Operate the security LSI under an operation environment (including voltage and clock frequency) outside a range defined by the specification in order to cause a malfunction, and extract secret information (encryption key or the like) by analyzing a result obtained through the malfunction.
(2) Obtain a consumption current waveform while an encrypting engine is operated with a plurality of input values, and extract an encryption key by performing a statistical process on the current waveform (DPA attack: differential power analysis).
(3) Open the LSI and cause a malfunction by using laser irradiation while the encrypting engine is operated, and extract an encryption key by analyzing the result (DFA attack: differential fault analysis).
The LSI is provided with countermeasures against the respective methods.
Against the methods (2) and (3), a countermeasure is mounted on a logic circuit of the encrypting engine or around the encrypting engine.
Against the method (1), a voltage detector or a frequency detector is mounted. If a voltage or a frequency outside a defined range is input, the detector outputs a detection signal and the system side performs reset in response to the detection signal.
Recently, some products have been provided with a temperature detector for an attack outside a defined temperature range, as well as the voltage detector and the frequency detector.
For example, as shown in FIG. 20, when the specification defines that a power supply voltage is 2.50 V±10%, the range of operation guarantee is 2.25 V to 2.75 V. However, design and evaluation are performed in a range of 2.15 V to 2.85 V with a margin of 0.1 V. Against an attack of causing a malfunction by supplying a voltage outside the range of guarantee and extracting secret information from an output result of the malfunction, a voltage detector to detect a voltage of 2.15 V or less and 2.85 V or more is provided, and if the voltage detector detects a voltage outside the range of guarantee, the voltage detector outputs a reset signal to a CPU. The same countermeasures can be taken for an externally-supplied system clock frequency and operation temperature. Accordingly, countermeasures can be taken against an attack of causing a malfunction under a non-guaranteed operation environment and extracting secret information from an operation result of the malfunction.
However, any of the above-described detectors is designed with an analog circuit, which causes process variations. Thus, in a case where a voltage to be detected on a lower limit side is set to 2.15 V, for example, an upper limit of the distribution is set to 2.15 V by taking process variations into consideration. In this case, when a distribution width of the process variations is 0.1 V, for example, the lower limit of a voltage detected by the voltage detector is 2.05 V. In an LSI used for a security application, the operation thereof needs to be guaranteed for security so that a malfunction does not occur within a voltage range detected by the voltage detector, and thus the LSI needs to be designed so that the LSI normally operates at 2.05 V at the minimum.
When the LSI is designed with a low voltage, one of circuit blocks raising a problem is a nonvolatile memory. When an EEPROM (electronically erasable and programmable read only memory) is used as the nonvolatile memory, a booster is required because the EEPROM requires a high voltage of about a dozen volts in erasing and writing. However, a low power supply voltage causes a large scale of the booster, which leads to an increase in area. Also, if the power supply voltage drops due to refinement of a process generation, a power supply voltage of a peripheral circuit that operates at the voltage also drops accordingly.
For example, as shown in FIG. 21, in a case where a power supply voltage is 1.8 V±10%, the range of voltage guarantee is 1.62 V to 1.98 V. In design of the peripheral circuit, the range of voltage guarantee is set to 1.50 to 2.10 V by taking an operation margin into consideration in order to guarantee an operation in the range of voltage guarantee. When set voltages for the voltage detector are 1.50 V and 2.10 V and when a variation of the voltage detector is 0.1 V, a voltage to be detected by the detector on a lower limit side is 1.4 V. In this case, the peripheral circuit using this voltage as power needs to operate at 1.4 V, which is the lower limit of voltage detection.