The invention relates to a circuit arrangement for electronic data processing.
The abstract in English of the document JP-A-08320832 describes a non-volatile semiconductor memory with a secrecy function, for example an EPROM, an EEPROM, a mask-programmed ROM or a so-called flash memory which utilizes a microcomputer. Such a non-volatile semiconductor memory includes a scrambling unit which modifies and outputs input information if data read from a selected element of the non-volatile memory matches entered key code information. The memory includes a storage field which consists of a plurality of non-volatile storage elements which are arranged in the form of a matrix. A user writes key code information into a non-volatile storage unit and an element of a volatile memory is selected. A comparator compares the data read from the selected storage element and the key code information and outputs the comparison results. A scrambling unit outputs the input information in non-modified form if the compared data do not correspond whereas it modifies and outputs the input information if the compared data corresponds. The aim is to enable the user to select a memory address independently. The secrecy of stored information should be improved, thus enhancing the reliability. The number of persons knowing secret key code information should thus be reduced. Moreover, the control should be simplified and the costs reduced.
It is an object of the invention to provide a circuit arrangement for electronic data processing which offers increased protection against unauthorized access.
This object is achieved by a circuit arrangement for electronic data processing according to the invention which includes
a writeable memory for storing data to be protected against unauthorized access,
a read-only memory for storing individualizing data,
a control unit for generating given control signals in dependence on a reset signal sequence to be executed by the control unit during operation of the circuit arrangement,
a scrambling pattern generator for generating scrambling pattern signals by combining at least a part of the individualizing data from the read-only memory with the control signals during the execution of the reset signal sequence and for subsequently outputting these scrambling pattern signals until the execution of a next reset signal sequence,
and a scrambling logic unit for the scrambling of address and/or data signals of the data to be stored in the writeable memory in conformity with the scrambling pattern signals supplied by the scrambling pattern generator upon storage of this data, and for the corresponding descrambling of the data signals upon reading out from the erasable memory.
Memories which are used in circuit arrangements for electronic data processing and are writeable notably in the context of the operation of such a circuit arrangement customarily have a regular structure so that address and/or data signals can be entered in conformity with a given, clearly organized scheme and data signals can also be derived in such a manner from such a memory. For applications where the secrecy of such data is of utmost importance, however, such a regular structure constitutes a drawback, because it can be comparatively simply found out by non-authorized access. Therefore, in the case of security-relevant applications, for example in the field of identification, data to be protected against discovery cannot be sufficiently reliably stored in such a memory.
It could be attempted to satisfy the described security requirements by scrambling addresses and data in the writeable memory in conformity with a fixed but as secret as possible scheme. The structure of the addresses and data is thus obscured, but if a large number of similar circuit arrangements were manufactured, the scrambling chosen would be the same in all circuit arrangements. In that case it would be possible to discover such scrambling on the basis of one specimen of said circuit arrangement and such knowledge of the scrambling scheme of this one circuit arrangement could be used to gain unauthorized access or at least facilitate access to all other circuit arrangements of the same kind.
In order to eliminate such a risk also, according to the invention the scrambling pattern used is made dependent on individualized data stored in the read-only memory. This data is selected so as to be different for each individual specimen of the circuit arrangement according to the invention, thus enabling identification of a specific, individual specimen of the circuit arrangement according to the invention. A scrambling pattern thus influenced for the address and/or data signals for the writeable memory ensures that an individual, non-recurrent scrambling pattern is indeed used for each individual specimen of the circuit arrangement according to the invention. As a result, even after discovery of the scrambling pattern of one specimen of the circuit arrangement according to the invention, it will be impossible to apply such knowledge to gain access to the protected data in the writeable memory of an arbitrary other specimen of the circuit arrangement according to the invention.
In conformity with the second step according to the invention, taken in combination with the previously described first step, the scrambling utilizes control signals which are generated by a control unit in the circuit arrangement if a predetermined reset signal sequence is to be executed during its operation. In the scrambling pattern generator the control signals generated during such a reset signal sequence (also referred to as reset sequence) are combined with the individualizing data from the read-only memory, with a part of such data or with a combination of at least a part of such individualizing data and other data, so that the scrambling pattern generated according to the invention (represented by the scrambling pattern signals) has been influenced by the individualizing data as well as by the control signals. The effect of the control signals is such that in the case of unauthorized access, causing a disturbance of the control signals, a false scrambling pattern would be generated; the use of such a false scrambling pattern would render data derived from the writeable memory useless. It can thus be prevented that in the case of unauthorized access, also referred to as a security attack, the security mechanisms of the circuit arrangement according to the invention, intended to protect the stored data, are circumvented by external influencing of given control signals, and notably that data to be protected is read from the writeable memory and hence discovered.
The circuit arrangement according to the invention can be used particularly for identification devices, notably chip cards, electronic labels, electronic access keys and the like. Not only customary data such as, for example account balances or the like, can thus be safely stored in the writeable memory; in a preferred application an EEPROM is provided as the writeable memory in which complete application programs can be stored as the data to be protected. This enables, for example a chip card provided with such a circuit arrangement to be prepared for different applications, if desired without modification of the structure. Depending on the data or programs stored in the writeable memory, such a chip card can then serve, as desired, as a credit card, an access key, purchasing identification or the like and, for example, for its function as credit card applications can be programmed as desired for different credit institutes in different locations. A combination of such specific applications, that is to say a combination individually composed for the relevant user, is also feasible. The read-only memory then provides the storage of the data individually related to the individual user. The read-only memory is preferably constructed as a programmable ROM.
In order to enable the processing of the data derived from the writeable memory and scrambled according to the invention, for example, in an arithmetic unit which is preferably of an identical construction for all specimens of the circuit arrangement according to the invention, the individually scrambled data must be reconverted into a uniform data format again upon reading out from the writeable memory, i.e. the scrambling must be suitably canceled. This operation will be referred to as xe2x80x9cdescramblingxe2x80x9d hereinafter.
The scrambling logic unit of the circuit arrangement according to the invention preferably includes a permutation stage for the permutation of bits of different value in the address and/or data signals applied to the scrambling logic unit, and also an inverter stage for inverting the values of the bits of the address and/or data signals. Thus, permutation as well as inversion of the data and/or the addresses in the writeable memory can be performed as scrambling operations. Thus, the spatial assignment of individual storage cells of the writeable memory is irregularly scrambled and the meaning of the values stored in such storage cells is obscured by irregular inversion. The permutation stage and the inverter stage are both controlled by the scrambling pattern signals.
In a further embodiment of the invention such control can be performed by control signals which are derived from the scrambling pattern signals in a decoding stage. The decoding stage preferably forms part of the scrambling logic unit.
The scrambling pattern generator in a further embodiment of the circuit arrangement according to the invention includes a clocked, retrocoupled shift register arrangement. During the reset signal sequence the shift register arrangement is supplied with the control signals and/or with at least a part of the individualizing data from the read-only memory and/or with a signal pattern derived therefrom by logic combination. On the basis of this signal pattern the shift register arrangement generates the scrambling pattern signals and stores these signals for subsequent supply to the scrambling logic unit.