1. Field
The invention relates to the field of information security, and more particularly, to reducing the risk of the observation of a secret value used by an instruction sequence.
2. Background Information
A data processing device, such as a personal computer, hand-held computer, laptop computer, set top box, and so forth, may execute instruction sequences which operate upon electronic information to make observation and tampering with the information more difficult. Such operations may involve encryption or decryption of the information using secret values (sometimes called xe2x80x9ckeysxe2x80x9d). The protections afforded by such operations may be compromised when an observer gains knowledge of the secret value used to perform the operation. Obtaining this value may enable the observer to alter the effects of the operation and observe or tamper with the information.
For these and other reasons the secret value used in an instruction sequence may be protected from observation. It may be difficult to prevent observation of the secret value by a third party employing a run-time debugger or other code observation tool. Typically the instruction sequence loads the secret value or portions thereof into memory locations or registers. Memory locations and registers are typically viewable using, for example, a run time debugger, making it difficult to prevent observation of these values.
A method embodiment is described to reduce the risk of observation of a secret value used in an instruction sequence. The method embodiment includes determining a recovery value for a portion of a secret value by measuring a first time value to execute an instruction sequence. The recovery value is determined as a function of the first time value and the portion of the secret value. An instruction sequence is adapted to measure a second time value to execute the instruction sequence. The instruction sequence is further adapted to determine the portion of a secret value as a function of the second time value and the recovery value.