1. Field of the Invention
The present invention generally relates to electronic circuits and, more specifically, to the detection of incidental or voluntary disturbances in an electronic circuit power supply. The present invention more specifically applies to the qualifying of an electronic circuit provided with a detector of such disturbances.
2. Discussion of the Related Art
FIG. 1 schematically shows a smart card 10 of the type to which the present invention applies as an example. Such a card is most often formed of a plastic support on or in which is placed an integrated circuit chip 1 associated with contacts 2 of communication with a terminal (not shown), or with radiofrequency transceiver elements for a contactless communication.
FIG. 2 is a schematic block diagram of a second example of application of the present invention to a receiver 20 (STB) of signals broadcast in controlled fashion, for example, a decoder of television signals received by a satellite antenna 21 for display on a screen 22 of television screen type. The decoding of the received transmissions is subordinate to rights of access managed by decoder 20 (for example, of the type known as a Set Top Box). In certain cases, decoder 20 comprises a smart card reader 10 of the type illustrated in FIG. 1, with an integrated circuit 1 containing rights of access (more specifically an identifier and generally a deciphering key) necessary to correctly decode the transmissions. In other cases, circuits (not shown) internal to decoder 20 comprise elements for managing rights of access (especially for a deciphering).
FIG. 3 is a schematic block diagram of a microcontroller 1, for example, of a smart card, to which the present invention applies as an example. Such a circuit comprises a central processing unit 31 (CPU) capable of executing programs most often contained in a non-volatile memory 32 (NVM), for example, of ROM or EEPROM type. One or several buses 33 convey address, control, and data signals between the different elements of circuit 1 and between all or part of these elements and an input/output interface 34 (I/O) for communicating with or without contact with the outside. Most often, volatile memory elements 35 (MEM) of RAM type and/or of register type are contained in circuit 1. Other functions (block 36, FCT) may also be integrated to circuit 1 according to the application. For example, such functions may comprise a ciphering cell, an integrity check cell, etc.
Circuit 10 manipulates digital quantities (be they program or data instructions) which, in the applications aimed at by the present invention, condition the access to certain data (for example, programs to be broadcast). These may be secret keys of ciphering algorithms, secret authentication codes, algorithmic steps of a program, etc.
Different attacks are likely to be implemented to attempt to discover the secrets of the integrated circuit or making inoperative a protection of the processed data, by examining input-output signals and/or the circuit consumption, or any other quantity influenced by its operation. In particular, so-called fault-injection attacks comprise causing a disturbance in the operation of integrated circuit 1 on execution of a cryptography or decoding algorithm, and interpreting its subsequent operation to attempt to discover the secret quantities. More simply, the disturbance may generate a jump in a program aiming at not executing instructions capable of preventing access to data.
FIG. 4 schematically illustrates the most common disturbance in fault-injection attacks. This drawing shows an integrated circuit 1 (IC) supplied, between two terminals 41 and 42, with a voltage Valim and issuing at least one result on an output terminal OUT. A disturbance P on the supply of circuit 1 comprises causing a noise peak in the circuit power supply.
To attempt to defeat such attacks, integrated circuits comprise software and/or hardware tools (countermeasures) that respond to a disturbance in the circuit operation, to block its operation, prevent the output of confidential data, making the result of a calculation unexploitable, etc. when a fraud attempt is detected.
Among such tools, the present invention more specifically relates to hardware detectors of a disturbance in the power supply of a circuit, for example, directly acting on the circuit by resetting the central processing unit, thus forbidding the possible hacker to take advantage of the disturbance. The need for such power supply noise peak detectors is especially due to the imperfection of voltage regulators most often equipping electronic circuits, since miniaturization needs prevent the use of filtering capacitors of sufficient size.
FIG. 5 schematically shows a first conventional example of a circuit 50 for detecting noise peaks in the power supply of an electronic circuit. This detector is based on a voltage comparator 51 (COMP) having its two inputs receiving a voltage proportional to supply voltage Valim after filtering by resistive and capacitive circuits exhibiting different time constants. Voltage dividers (resistors R52 and R53 in series and resistors R54 and R55 in series) between a terminal 41 of application of voltage Valim and ground 42 are coupled to the two input terminals (− and +) of comparator 51, a capacitor C56, respectively, C57, connecting the corresponding comparator input (midpoint of the associated resistive bridge) to ground 42 to form the filtering cell. The output of comparator 51 is connected, possibly through a level adapter element, not shown, to a terminal R for resetting central processing unit 31. The circuit of FIG. 5 is described, for example, in document US-A-2003/0226082. The values given to the filtering cells define different time constants to detect power supply noise.
FIG. 6 schematically shows a second conventional example of a circuit 60 for detecting noise peaks in the power supply of an electronic circuit. It shows a comparator 61 triggering a reset of central processing unit 31. The detector of FIG. 6 is based on the use of a diode D62 in series with a resistor R63 between terminal 41 of application of voltage Valim and ground 42, their junction point 64 being connected to an input terminal (for example, inverting (−)) of comparator 61, the other comparator terminal (+) being grounded. The anode of diode D62 is connected to junction point 64. The circuit of FIG. 6 detects peaks causing a polarity reversal between terminals 41 and 42 to reset central processing unit 31. As compared with the circuit of FIG. 5, detector 60 of FIG. 6 only operates for polarity reversal peaks but enables detection of shorter peaks.
FIG. 7 shows another improved example of a circuit 70 for detecting noise peaks. A P-channel MOS transistor MP71 is used as a comparator of the voltage assumed to be positive Valim applied between a positive terminal 41 and a ground terminal 42 with respect to another average value Vm of voltage Valim minus an offset voltage Voff. A dividing bridge, formed in this example of two resistive elements R73 and R74 in series between terminals 41 and 42, has its midpoint 75 connected to the source of transistor MP71, a capacitive element C76 connecting this midpoint to ground 42. Functionally, point 75 corresponds to a low-pass filter output while the gate of transistor MP71 forms a first input (inverting) of a comparator having its non-inverting input formed by its source. Drain 77 of transistor MP71 is preferably grounded by a current source (here, a resistor R78) and forms the output terminal of circuit 70. The voltage across resistor R78 forms detection signal DETECT. This signal is a signal in all-or-nothing. The function of resistor R78 is to provide, between its terminals, a voltage representative of the detection by pulling part of the current down to ground.
Transistor MP71 is on when noisy voltage Valim, decreased by average value Vm set by elements R73 and C76, becomes greater than or equal to the absolute value of threshold voltage Vt of transistor MP71. The offset (Voff) with respect to the average level (Vm) is, as a first approximation, set by resistances R73 and R74 and by threshold voltage Vt (Voff=(R1*Valim)/(R73+R74)+|Vt|, where |Vt| is the absolute value of voltage Vt).
The condition on the conduction of transistor MP71 is settable by resistance R74. The higher the value of resistance R74, the lower offset voltage Voff. Resistor R78 may be replaced with an active current source, provided for its equivalent resistance to be greater than the value of resistor R73 to avoid absorbing the noise peaks to be detected.
A similar assembly may be formed for a detection of positive noise peaks, by replacing P-channel transistor MP71 with an N-channel transistor, the rest of the assembly being identical. According to another variation, terminals 41 and 42 do not directly see the integrated circuit supply voltage but see a reduced voltage, point 41 for example corresponding to the midpoint of a resistive divider.
FIG. 8 shows a second example of the forming of a detector of negative noise peaks based on the same principle as detector 70′ of FIG. 7. As compared with FIG. 7, resistor R74 has been eliminated, thus avoiding any quiescent consumption, capacitor C76 has also been eliminated, the source-substrate stray capacitance of transistor MP71 playing a similar role. The offset voltage of such an assembly is here not only a function of the value of resistor R73 and of threshold value Vt of transistor MP71, but also of its gate width-to-length ratio and of the value of output current source R78, the effects of which can no longer be neglected.
It would be desirable to be able to qualify an integrated circuit as to its resistance to attacks by injection of parasitic supply peaks.
It would also be desirable to be able to determine the type of detector equipping the circuit without it being necessary to make extensive investigations of the circuit integrating the detector (reverse engineering).