Data security refers to the confidentiality, integrity, and/or availability of information that is stored or processed on the data processing platform. Data security addresses the need to reduce the vulnerability of information to malicious software and hardware based attacks. Data processing platforms therefore include physical and logical features to provide a secure execution. A monotonic counter may be included as part of the secure execution and may be used in combination with various authentication procedures to prevent user attacks including in particular replay attacks.
A monotonic counter is implemented to produce incrementing or decrementing values. For the incrementing values implementation, once the count value changes to a higher number, it should not thereafter exhibit any value less than the higher number. For the decrementing values implementation, once the count value changes to a lower number, it should not thereafter exhibit any value greater than the lower number. For either implementation, the monotonic nature of the count value should be maintained throughout the life of the device, in which the monotonic counter operates, including across any number of power-on and power-off cycles. Causing a monotonic counter to not maintain its count value and revert to an earlier value can result in a compromise in the device's security (referred to herein as a “replay attack”).
Data processing platforms may utilize a non-volatile memory for storing boot instructions and pertaining parameters (e.g., basic input output system (BIOS) instructions). Flash memory device is commonly used as a storage for these instructions and parameters. Flash memory and in particular no-chip flash memory is an ideal candidate for storing monotonic counters. However, a limitation of flash memory is that flash memory has a finite number of program-erase cycles, which results to a limitation of the number of data write accesses to the flash memory.
The write cycles required to maintain the value of a monotonic counter, which is incremented/decremented at a high rate may exceed the finite number of program-erase cycles before the expected end of the live time of the device, which hosts the monotonic counter.