To process logic and arithmetic operations in a program, microprocessor arrangements have an execution unit, an “arithmetic and logic unit” (ALU) and associated working registers which are used for storing (buffering) addresses and data which are required for a task which is currently being processed by the execution unit.
Working registers, such, as accumulators, ensure, inter alia, rapid, random and simultaneous read and/or write access to operands which are involved in a computation operation in the ALU. One of these working registers to which a programmer has access is the “flag register”, which contains information about the last computation result obtained when executing the task or operation. To this end, the execution unit has control elements, for example comparison means, which evaluate the content of an accumulator after a computation or storage operation has been carried out and set or erase flags in the flag register.
If all of the bits in the accumulator are equal to zero, for example as the result of an operation, then the zero flag is set in the flag register, that is to say is set to a logic “1”. The states of the flag bits are of significance particularly when the execution of particular operations, for example a conditional jump, requires a query to the flag register. By way of example, conditional jumps are executed only if the query in question is true, which means that the corresponding bit in the flag register needs to be set.
For the purpose of setting and erasing the bits, the microprocessor arrangement incorporates electronic circuits or gates which switch after every executed operation on the basis of the computation result and in so doing actuate or update the flag register. The switching of the gates produces a characteristic current profile. “Side-channel attacks” involve the current drawn or the electromagnetic emission from the gates being detected, for example. The time profile, particularly the timing of the current drawn or of the electromagnetic emission, allows conclusions to be drawn about a computation algorithm which is being used, for example, or even allows some of the useful information processed to be ascertained.
Differential power analysis (DPA) is a known attack scenario for security CPUs. Such an attack involves a succession of instructions in a program and their effects in the circuit to be ascertained using statistical evaluations of the characteristic curves of the current drawn. These evaluations may be used to reach detailed conclusions about the program which is being executed. The detection of electromagnetic emission is known by the term DEMA (“Differential Electro-Magnetic Analysis”).
It follows from this that the integrated circuits, such as microprocessor arrangements, should be of such a nature that they have a high level of security against the spying-out of data.