Defrauders have developed so-called current-based attacks in order to obtain information about confidential data handled by smart card micro-controllers. These are, for example, keys for executing encryption algorithms implemented within the micro-controllers, such as algorithms known as the DES (DataEncryption Standard) or RSA (Rivest Shamir Adleman) algorithms or portions of the code executed by said micro-controllers.
These attacks are based upon the following principle. The current i(t) used by the micro-controller which, over a time interval T, executes an instruction INS is a function of operands OPE handled by said instruction INS.
In order to carry out current-based attacks, defrauders may in particular connect a resistor R having a small resistance, for instance of 1 Ω in series between a power-supply source and a power-supply terminal of the smart card. They then display a signal which represents variations in the current i(t) used by the micro-controller as a function of time. This signal is obtained in response to the micro-controller executing several hundreds or even several thousands of instructions applied to identical operands, be they similar or different. The instructions derive from APDU (Application Data Unit) commands, which are described in the IO 7816 standard. The ADPU commands are transmitted to the micro-controller by means of a computer equipped with a reader. This computer is also connected, for example, to a digital oscilloscope which samples variations in the current i(t) used by the micro-controller and digitizes the obtained results for subsequent analysis. According, it is possible to retrieve secret information contained in a smart card.
Micro-controller manufacturers and smart card manufacturers have developed methods for securing these devices against current-based attacks. A known method consists in adding some form of random noise to the current consumed by the micro-controller. However, this countermeasure is not sufficiently immune to statistical attacks such as DPA (Differential Power Analysis) or IPA (Inferential Power Analysis).