The chip of a smart card typically contains a processor or microcontroller together with a volatile memory such as a random access memory (RAM), and a non-volatile memory such as a flash memory, an electrically erasable programmable read-only memory (EEPROM), or indeed a read-only memory (ROM).
The execution of an operation by software in the smart card requires numerous exchanges of data from the non-volatile memory to the volatile memory of the chip. Thus, any use that is made of data stored in the non-volatile memory requires a transfer to the volatile memory.
This applies when reading a file that might in particular contain data associated with a secret code in order to compare it with a value that is provided via an input, and when reading a key in order to perform a cryptographic calculation.
This also applies when reading a static table of constants stored in ROM, e.g. containing data representative of access rights to files recorded in the card.
This transfer stage, which takes place via a data bus in the chip, is sensitive to disturbances of an electromagnetic kind. There thus exists a fraudulent technique that consists in subjecting the card to a source of electromagnetic radiation while it is transferring data, thus enabling the fraudulent person to access data that should normally remain hidden.
By way of example, such disturbances may cause data to be modified while it is being transferred, in which case the data loaded into the volatile memory differs from the source data in the non-volatile memory.
This sensitivity offers the potential of fraudulently recovering a key or a secret code of the card, of bypassing access rights to files contained in the card, and/or of modifying configuration parameters of the card.
That is why measures are provided to detect such modifications in order to prevent an operation being executed in the event of such a modification being detected.
One method consists in verifying, after transfer, that the data as transferred is identical to the source data. The data may comprise some or all of an element, i.e. some or all of the data constituting one or more files.
Specifically, after transfer, it is verified that each byte of the element written in the volatile memory is identical to each byte of the source element, with this corresponding to an operation of the read and verification type.
That known method nevertheless remains ineffective against certain attacks. If an attacker knows how to disturb a transfer so as to modify the data copied into the non-volatile memory, and if the attacker knows how to reproduce the same disturbance during the read and verification operation, then the modification may pass undetected.
Under such circumstances, the read and verification operation does not detect an anomaly since it verifies only that data previously disturbed during copying was also disturbed during the read operation preceding verification.