1. Field of the Invention
The invention relates to a microprocessor configuration in which a central processing unit, a further unit, and a memory unit are connected to one another through a bus and encryption is performed.
Such microprocessor configurations are used in security-critical applications, for example, in a chip card. The configuration is integrated on a single semiconductor chip, a “microcontroller”. The bus handles all the data traffic. By way of example, the bus transmits data, addresses, program commands, control commands, etc. The programs to be executed are stored in a non-volatile memory (ROM); data can likewise be stored in the non-volatile memory or temporarily in a volatile memory (RAM). Due to the long access time to these memories, the data to be processed are buffered in faster caches.
All the memories and the buses on the microprocessor or microcontroller are easily identifiable regular structures on the chip. They, therefore, represent preferred points of attack when attempts are being made to tap off chip-internal circuits or operating cycles for the purpose of covertly observing security-related data and functions. Any attacks can be made by probing, which involves tapping off the signal profiles by placing needles onto significant structures.
In conventional microprocessors or microcontrollers, data stored in the memory are, therefore, scrambled using complex encryption. Reading requires a corresponding level of computation complexity. The data are subsequently transferred and supplied to the various functional units of the microprocessor generally in unencrypted form. In the event of a needle attack on the bus, all data could, therefore, be requested as plain text. Comparatively complex encryption and decryption also of the data traffic from and to the central processing unit (CPU), a peripheral unit, or an arithmetic and logic unit (ALU) or of the cache are not recommended because this would significantly reduce the access speed to these units.