1. Statement of the Technical Field
The invention concerns systems requiring protection from tampering and/or environmental factors that could adversely affect electrical performance. More particularly, the invention concerns cryptographic processor embedments and associated tamper protection circuits that are designed to meet customer requirements for high assurance tamper protection.
2. Description of the Related Art
In communications systems, cryptographic devices are employed to encrypt and decrypt information communicated via a physical or wireless communications link. The cryptographic device is capable of running at least one cryptographic algorithm in a protected state for generating secure data or obtaining data from an encrypted signal. The cryptographic device is typically placed between a signal generating circuit and a network interface. Similarly, decryption of information is accomplished by decrypting a signal received at a communications device utilizing a cryptographic device. The cryptographic device is typically placed between a network interface and signal processing circuits.
Such cryptographic devices may require high assurance techniques for tamper and high level security protection. In high assurance cryptographic applications, cryptographic devices can be protected from both physical and environmental tampering by a tamper protection circuit. The tamper protection circuit is comprised of discrete components configured to monitor physical and environmental security. This monitoring includes monitoring conditions occurring from a physically invasive act, such as the act of opening a casing, the act of breaking a circuit, or the act of placing covert signal monitoring pins in a circuit. Such conditions include, but are not limited to, changes in voltage, changes in temperature, and changes in ambient light.
The phrase “discrete component” as used herein refers to electronic components having a single passive or active circuit element. Such electronic components include, but are not limited to, transistors, silicon controlled rectifiers (SCRs), transorbs, diodes, capacitors, inductors and resistors. It should be noted that a “discrete component” does not include integrated circuits and hybrid circuits comprising several circuit elements. The term “physical security” as used herein refers to a hardware implementation that will monitor and/or protect against physical intrusions attempting to retrieve data stored in a cryptographic system or to compromise a cryptographic device. The term “physical security” as used herein also refers to a hardware implementation that will monitor and/or protect against environmental changes, such as low extreme temperatures. The term “environmental security” refers to a hardware implementation that will reduce a circuit's susceptibility to environmental noise, environmental vibrations, or the like.
Despite the advantages of such a tamper protection circuit, it suffers from certain drawbacks. For example, the tamper protection circuit is comprised of a relatively large number of discrete components which consume a significant amount of circuit board area and power. The discrete components can also fail in a silent manner without a real time method of detecting the failure. This can happen because such components often remain inactive until such time when an intrusion actually occurs. Accordingly, a component failure may not be apparent until the occasion when a security intrusion is attempted. Another limitation of conventional tamper protection circuits is that they are often application specific and therefore require re-engineering for each platform.
In view of the forgoing, there is a need for an improved tamper protection circuit for use in systems requiring high assurance tamper protection. The tamper protection circuit needs to be configured for use in a high assurance cryptographic application. The tamper protection circuit needs to comprise less discrete components than conventional tamper protection circuits. The tamper protection circuit needs to be relatively inexpensive to manufacture, flexible across multiple platforms, and have limited susceptibly to environmental noise. The tamper protection circuit further needs to implement an improved tamper protection technique. This improved tamper protection technique needs to provide a means for selectively monitoring any given number of conditions occurring from physically invasive acts. The improved tamper protection technique also needs to provide a means for adjusting the tamper protection circuit's operation based upon an assessment of at least one condition. The tamper protection system also needs to determine when a failure occurs in the tamper protection system.