法国专利FR3020161A1 DEVICE AND METHOD FOR PROCESSING DATA

专利PDF首页>>法国专利

专利附录

专利说明

权利要求

类似技术

同族专利

引用文献

法律状态

优先权

专利摘要:
Device (100) for processing data, having an input interface (110) for receiving input data (X) and a processing unit (120). An encoding unit (130) encodes the input data (X) arriving at the input interface (110) in the form of data words (Xn), to obtain encoded data words (Xn '), by coding the words (Xn) so that a predetermined part of measurement values (X1n, X2n) which characterize the coded data words (Xn ') and / or their processing by the device (100) and which are determined as a function of at least one physical quantity of the device (100), differ from a predefined value (Vn). The difference is less than or equal to a predefined threshold (S), and the encoding unit (130) applies an encoding prescription according to an encoding parameter (t-i).
公开号:FR3020161A1
申请号:FR1553242
申请日:2015-04-14
公开日:2015-10-23
发明作者:Paulius Duplys；Robert Szerwinski；Matthew Lewis
申请人:Robert Bosch GmbH；
IPC主号:

专利说明:

[0001] Field of the Invention The present invention relates to a data processing device having an input interface for receiving input data and a processing unit for processing the data.
[0002] The invention also relates to a method for managing such a device. OBJECT OF THE INVENTION The object of the present invention is to develop a device and method of the type defined above for improving security against attacks, including side channel attacks. DISCLOSURE AND ADVANTAGES OF THE INVENTION For this purpose the invention relates to a device for processing data, the device having an input interface for receiving the input data and a processing unit for processing the data, this device being characterized by a coding unit for coding the input data arriving at the input interface in the form of data words, to obtain coded data words, the coding unit encoding the data words encoded and / or processed by the device and determined according to at least one physical quantity of the device, preferably at least about 50% of all measurement values differ from a predefined value, the difference being less than or equal to a predefined threshold, the coding unit applying a coding requirement for coding the words of data coded according to at least one coding parameter, the processing unit processing the coded data words. According to the invention the coding of the coded data words to be processed according to the principle proposed above complicates the lateral channel attacks towards the device according to the invention or makes them practically impossible. In a known manner, the lateral channel attacks of certain data processing device or method implementations, for example the implementation of encryption algorithms or the like, use the fact that one or more observable or measurable physical quantities of the device depend on the processed data and thus make it possible to draw conclusions about the processed data such as a common cryptographic key or the like. In the context of a side channel attack the measurement values mentioned above and which represent the coded data words and / or which characterize a processing of these data words encoded by the device, are inputted; an attacker can seek metric information about the actual processed data. According to the invention, it is possible to provide coding of the coded data words before their processing so as to complicate the lateral channel attack of the device. The principle according to the invention consists in performing the coding in order to weaken the measurement values determined by lateral channel attack, which are less significant in terms of the difference or which have a common correlation with the data to be processed, respectively. In other words, the coding according to the invention provides that the actual processed data, i.e. the coded data words, are thus adapted to a practical implementation of the device (with respect to the data words uncoded) so that measurement values used for a side channel drive give measured values used for side channel drive with low information hold or low correlation of the processed, coded data words. Such a configuration may be referred to as "leakage protection code" because it reduces or avoids "leakage" in the sense of encryption.
[0003] According to the invention, it is furthermore possible to apply an encryption requirement for coding the coded data words as a function of at least one coding parameter and by modifying the coding parameter, the channel attacks are advantageously further complicated. lateral.
[0004] The problem of the invention is also solved by a device for processing data, comprising an input interface for receiving the input data and a processing unit for processing the data, this device being characterized by a coding unit for encoding the data words obtained as input data at the input interface, to obtain coded data words, the coding unit performing the coding of the data words, and in that a predefined part of all the data words Preferably, at least 50% of the coded data words have a predefined Hamming distance and / or a predefined Hamming weight, the encoding unit applying a coding requirement for encoding the data words. according to at least one coding parameter and the processing unit processes the coded data words. Thus, the coding parameters advantageously make it possible to modify the coding operation to further complicate the lateral channel attacks. According to a preferred development, the coding parameter or parameters is varied as a function of time. It is also possible to vary them according to the data processed or to be encoded and / or as a function of time.
[0005] According to a preferred development, the predefined value is chosen the same for all the measurement values, which makes it possible to simply determine a concerned code. According to a particularly preferred development, the predefined value is the average value of all the possible values of the measurement values. The expression "all possible values of the measurement values" represents the set of all measurement values resulting from the processing of all the coded data words provided by the coding of the invention. The set of all possible measurement values can be determined, for example, in a test setup with a practical implementation of the device of the invention in that for a certain coding there will be a data processing by the device such as that each coded data word would once arrive at the processing unit to be processed. The processing of a corresponding coded data word provides a determined measurement value characterizing the coded data word or data word processing encoded in the device. The measurement values thus obtained can be determined according to one embodiment and finally their average value can be used as a predefined value for the coding of the invention. For example, the coding according to the invention, that is to say the association of data words with uncoded data words can also be done step by step. This association can be done, for example, by an iterative method for refining the coded data words or the transformations carried out by the coding unit according to the invention as part of the coding, step by step until arriving at a difference of one or more of the predetermined measurement values with respect to a predefined value of the threshold criterion according to the invention. It is thus ensured that the measurement values which are deduced from such coded data words differ only slightly from the predefined value in order to considerably complicate or make impossible a lateral channel attack by the exploitation of the measured values or values which are deduced. In a particularly advantageous way, the principle of the invention does not rely on the use of random numbers or pseudorandom numbers nor does it require an entropy source. Moreover, the coding or encryption according to the invention, even using at least one coding parameter, corresponds to a deterministic prescription for transforming the data to be processed into coded data words. Preferably, for each specific implementation of the device, a special coding is determined and used, the corresponding variants being selected by means of the coding parameter (s). For a specific implementation of the device, it is also possible to consider several possible codings and change them during the operation of the device which increases all the protection vis-à-vis side channel attacks.
[0006] According to another advantageous development, the predefined value is not chosen to be identical for all the measurement values. This means that the coding according to the invention of the embodiment concerned thus offers degrees of freedom for different measurement values with different predefined values. This allows for example to account for asymmetries in the implementation or in obtaining measurement values. For example, by using a first group of coded data words, measurement values having a higher information content with respect to the processed data can be obtained than by processing a second group of coded data words. .
[0007] In this case, for the different groups of coded data words it is advantageous to provide different predefined values to reduce the asymmetries or to compensate them if possible in order that all the possible measurement values, regardless of the asymmetries, have an information content. analogous, vis-à-vis the processed data.
[0008] According to another advantageous development, for at least two measurement values or for the coded data words associated with these measurement values, a different threshold is each time provided. This makes it possible to create another degree of freedom for coding in order to more easily find the transformation according to the invention on which the coding is based. According to another advantageous development, the measurement values are scalar or vector quantities or they have a matrix form. For example, the measurement values represent an electrical energy consumption of the device or at least one of its components. In this case, an attacker of the device can determine this consumption of electrical energy as a measurement value in the sense of the present invention to perform a side channel attack. In this practical case, the coding according to the invention of the coded data words which will finally be processed in the processing unit has the advantage that the corresponding measurement values of the electrical energy consumption of the device or of at least one component, only differ slightly from each other which complicates a side channel attack. An example of measurement values in vector form is for example an application scenario according to which several values of electrical energy consumption of several different components or generally parts of the device are obtained according to the coded data word to be processed. Such a set of measurement values can obviously also be organized in the matrix form. Another example in which it is interesting to have a matrix representation of the measurement values is, for example, the determination of the electromagnetic fields radiated by the device. In this case, it is possible to use, for example, a set of field probes for measuring the electromagnetic fields during the operation of the device and being placed in the device; the corresponding measurement values provided by the different field probes can be associated, for example, with matrix elements of a measurement value in matrix form in the sense of the present invention.
[0009] Depending on the expression of the measurement values in the sense of the present invention, it is also possible to choose the comparison operations to determine the difference of the measurement values with respect to a predefined value. The same remark also applies to predefined values. For example, for seawater quantities, a simple difference can be formed and then an absolute value can be formed to evaluate the difference between a measurement value, for example a value of the electrical energy consumption by the device and a predefined value. . In the case of vector or matrix quantities for the measurement values, other appropriate functions can be defined for defining the relevant difference with respect to a predefined value (for example a predefined vector, a predefined matrix or elements like). In general terms, the term "measurement values" in the sense of the present invention represents a form of magnitude that is derived from physical measurement values. For example, a Hamming distance or a Hamming weight deduced from one or more measurement values of the device will also be considered as a measurement value or quantity in the sense of the present invention. This means that for an appropriate embodiment of the invention, the coding can also be done so that the measurement values which do not correspond to quantities which can not be physically grasped in a direct way but even more the quantities which deduced therefrom contain the threshold criterion according to the invention. This means that the coding can also be done according to the invention in that, for example, the physical measurement values which represent the coded data word or its processing, do not directly contain the threshold criterion according to the invention but this are the magnitudes which are deduced from it, for example the distance of Hamming or the weight of Hamming. According to another development, the encoding unit encodes the encoded data words so that a predefined fraction of all the data words encoded preferably at least about 50% of all the coded data words have a distance. predefined Hamming and / or preset Hamming weight. According to the invention, the transformation of the data words obtained on the input side defined by the proposed coding, the criteria relating to the Hamming distance or the Hamming weight, namely a low information leakage of the data processed in the processing unit according to the invention and they participate in particular in compliance with the threshold criterion by the measurement values.
[0010] According to the present invention, all the coded data words, preferably all of the coded data words, preferably correspond to all of the theoretically arriving data words. If, for example, we have j data words obtained on the input side, we can associate them, by the coding unit, with a number of coded data words. Preferably, the coding according to one embodiment is that at least 50% of the coded data words have a predefined Hamming distance between them. Alternatively or additionally, the coding may also consist of at least about 50% of the coded data words having a predetermined Hamming weight. According to an advantageous development, the processing unit comprises at least one register which, at least from time to time, stores at least one coded data word. This means that it is a simple embodiment of the invention and a device having an input interface and a coding unit according to the invention, the processing according to the invention being carried out for example by a recording in memory, periodic in the register. In this embodiment, a data word coded according to the invention (or several coded data words) is recorded at least periodically in a register or in another memory and this in encoded form to then allow the reading coded data words or their processing. For example, a downstream cryptographic method can read the corresponding register and process the data. Alternatively, or in addition, the processing unit according to the invention comprises at least one encryption unit for performing at least part of the encryption process. For example, the processing unit includes an encryption unit to perform the complete algorithm AES (Advanced encryption standard). According to another development, the processing unit comprises an encryption unit for performing part of an encryption process (or the entire encryption method) for example to perform a non-linear substitution operation such as that which is the sub-octet () function of the AES encryption standard (see httb: JJcsrc.nist.gov/publications/fips/fips197Jfips- 197.pdf, chapter 5.1.1). According to another development, the data bus processing unit or is made in the form of a data bus and in particular a parallel data bus. In this case, the coding according to the invention protects the transmission of data by the data bus with respect to side channel attacks. According to another development, the coding unit encodes the coded data words by adding to each coded data word a predefined number of bits. The value of the corresponding bits added is chosen according to the coding of the invention. In other words, the addition according to the invention of a predefined number of bits (and the selection of each respective value) creates a number of degrees of freedom for the coding according to the invention which allows a desired Hamming weight. and / or a desired Hamming distance for one or more coded data words. The actual information of the uncoded data words is not lost because, according to the invention, only new bits are added. Where appropriate, alternatively or in addition, several bits may be added to thereby fulfill the threshold criterion of the invention by the measured values with respect to the predefined value. According to one embodiment, the addition of a predefined number of bits and / or their value is done according to at least one coding parameter proposed by the method. According to another advantageous embodiment, the coding selects the predefined number of bits to be added or their value so that the predefined fraction of all data words coded between them has the predefined Hamming distance and / or the predefined Hamming weight. . The Hamming distance or the Hamming weight is the number of different positions of two codewords compared. In the case of a binary code and two corresponding code words, the Hamming distance or the Hamming difference corresponds to a number of bit positions different from the compared code words. The Hamming weight is the Hamming distance with respect to the vector 0. In the case of a binary code, the Hamming weight thus corresponds to the different number of zero positions of the code word concerned, which corresponds to the number of bits of code. According to various advantageous embodiments, the device is at least partly in the form of an integrated circuit IC preferably implemented with semiconductors (additional oxide metal). The functions according to the invention can also be implemented in an ASIC circuit or an FPGA circuit. The invention also relates to a method for managing a data processing device, the device having an input interface for receiving input data and a processing unit for processing the data, this method characterized by the fact that, by means of a coding unit, the coded data words received in the form of input data at the input interface are coded to obtain coded data words. encoding unit encoding the coded data words for a predefined action of measurement values which characterize the coded data words and / or their processing by the device and which is determined according to at least one the physical quantity of the device, preferably at least about 50% of all the measurement values differ from a predefined value by a difference less than or equal to a predefined threshold, the coding unit applying a coding requirement to coding the coded data words according to at least one coding parameter, the coding unit processing the coded data words. Drawings The present invention will be described in more detail below with the aid of an exemplary data processing device and a method for managing such a data processing device schematically shown in FIGS. attached drawings in which: Figure 1 shows very schematically an embodiment of a device of the invention, Figures 2a, 2b are diagrams of an embodiment of a device according to the invention, Figures 3a 3b schematically show an embodiment of a processing unit according to the invention, FIGS. 4a, 4b show schematically an apparatus comprising a device according to the invention, FIG. 5 is a schematic example of a mode of embodiment of a coding according to the invention, FIG. 6 in its parts 6a and 6b gives an example of an embodiment of a coding according to the invention, FIG. 7 is a diagram of another device corresponding to a mode of r 8 is a very simplified flow chart of an embodiment of the method of the invention.
[0011] DESCRIPTION OF EMBODIMENTS OF THE INVENTION FIG. 1 schematically shows an embodiment of a data processing device 100 according to the invention. The device 100 is for example an integrated circuit (IC) in CMOS technique.
[0012] The data processing of a device 100 gives measurement values X1n representing coded data words Xn 'which are being processed in one or more devices 100. These measurement values can be obtained by known methods serving to determine physical magnitudes. By way of example, it is possible to obtain the consumption of the electrical energy of the device 100 or of different components as measurement values Xln. In this case, the processing of each coded data word Xn 'in the device 100 gives a corresponding electrical energy measurement value Xln. As a variant, for the consumption of electrical energy at a known operating voltage of the device 100, the intensity of the current absorbed or a similar measurement can be used as a measurement value, for example. The absorbed current can for example be deduced from the voltage drop detected by a measurement across a shunt resistor (low ohmic resistor not shown). This resistor is connected in series to the unrepresented power supply line of the device 100. In a variant, instead of electrical energy measurement values or intensity or analogous parameter measurements, values can also be obtained. measurement, for example by entering the electric fields of the device lo 100, the magnetic fields of the device 100 or the electromagnetic fields of the device 100 or a combination of such fields. For an appropriate spatial resolution of the measurement method used it is also possible to use only one component of the measuring device 100. For example, for a device 100 produced as an integrated circuit, it may be advantageous to obtain targeted measurement values X 1n originating from such a component or part of the device 100 which comprise components such as, for example, the AES core or a analogous element executing a cryptographic method or the like and which may be the object of an auxiliary channel attack. According to an advantageous development, the measurement values are scalar values (for example the measurement of a current intensity) or vector values (for example several intensity measurement values for different components of the circuit). values in a matrix form. The measurement values in the sense of the invention, besides the values determined by the physical input, are also X.sub.2n values which are deduced from values obtained in a physical manner by Xln, for example by calculation methods. For example, an attacker of a processing or measurement unit 1000 may enter one or more physical quantities X1n of the device 100 and form deduced X2n values. These deduced X2n values are called measurement values in the sense of the present invention. These deduced values X2n can be for example a Hamming distance or a Hamming or other weighting. This may be the case, for example, if the device 1000 detects the electromagnetic radiation of different lines of a parallel bus. In this case, for example, a measurement value is obtained for each bus line and, for example, for eight bus lines, there will be in all eight measurement values Xln from which the device 100 will form a Hamming distance with respect to the other values of the bus. X2n measurement obtained in this way or a Hamming weighting. According to the invention, the device 100 comprises a coding unit 130 (see FIG. 2a) which encodes the data words Xn obtained at an input interface 110 as input variables X to obtain Xn coded data words. and in that a processing unit 120 of the device 100 processes the coded data words Xn '. In this way, the measurement values X1n, X2n (FIG. 1) as for example obtained during auxiliary channel attacks depend on the coded data words Xn 'or the processing of the coded data words Xn' in the device 100 and not directly coded data words Xn, supplied to the coding unit 130 according to the invention. Thus, an appropriate choice of coding advantageously makes the measurement values X1n, X2n less significant for the coded data Xn 'currently processed by the device 100, which complicates or even makes impossible an auxiliary channel attack. According to another characteristic of the invention, the coding unit 130 performs a coding prescription of the coded data words Xn as a function of at least one coding parameter t i. In particular, according to one embodiment, a polymorphic control unit 132 predefines at least one coding parameter t_i for the coding of at least one coded data word Xn, preferably, however, for the coding of several or of all Xn coded data words. In other words, the coding parameter t_i according to the invention increases by at least one other degree of freedom, the representation of the data words Xn on the coded coded data words Xn ', that is to say for some coding, the security of the device 100 and the data processed therein is increased. In one embodiment, the polymorphic control unit 132 which forms at least one coding parameter t_i and / or provides it, is integrated in the device 100 (see FIG. 2a). In one embodiment, the polymeric control unit 132 uses linear functions. According to another embodiment, the polymorphic control unit 132 is implemented using nonlinear functions. Combinations for other embodiments may also be contemplated.
[0013] In particular, in one embodiment, the coding unit 130 encodes coded data words Xn so that a predefined part of all the measurement values Xln, X2n, preferably at least about 50% of all Measurement values X 1n, X 2n have a difference with respect to a predefined value V n (FIG. 2b) less than or equal to a predefined threshold S. The analyzes made in the context of the invention have shown that for such a coding and for the processing of the coded data words Xn 'in the processing unit 120, the technical quantities which can be entered (measured values Xln) or the quantities X2n which are deduced therefrom are less significant as regards their information content, concerning the uncoded data words Xn so that the coding according to the invention provides an effective protection against the auxiliary channel attacks. The use of at least one coding parameter t_i for coding increases the security even more advantageously.
[0014] The coding according to the invention is therefore also called "leak-resistant polymorphic code" (PLRS code) because it avoids or reduces "leakage" in the cryptographic direction by using the polymorphic coding principle with at least one coding parameter t i.
[0015] Unlike methods which use random numbers or pseudorandom numbers to complicate auxiliary channel attacks and which are complicated for this reason, the principle according to the invention uses only a deterministic method namely coding by the unit of coding 130 with at least one coding parameter t_i and the processing of the coded data. According to one embodiment, the input data X (FIG. 2a) is provided, for example, digital coded data words that follow each other in time; it is for example coded data words Xn having a data width for example of four bits. Other data widths are also possible. Correspondingly, the input interface 110 outputs the input data X in the form of coded data words Xn. The coded data words Xn 'are, as shown in FIG. 2a, transmitted at the output of the coding unit 130 to be supplied to the processing unit 120. Correspondingly, the processing unit 120 outputs coded, processed data words Yn '. Figure 2b shows a coding unit 130 according to an embodiment of the invention. The coding unit 130 advantageously has a predefined value V and a predefined threshold S for the evaluation of the measurement values Xln, X2n to make it possible to check whether a current coding already meets the current threshold criterion concerning the difference between minus a measurement value Xln, X2n and the predefined value y. The polymorphic control unit 132 may, alternatively, also be provided according to FIG. 2b, for example in the coding unit 130, which is not shown so as not to complicate the drawing. According to a particularly preferred embodiment, the set value V is an average value (over several possible values of the measurements Xln or X2n) In this sense, the expression "all the possible values of the measured values" designates the set of all the measurement values or Xln, X2n, as is the result of the processing of all the coded data words Xn 'by the coding according to the invention The set of all the measurement values pos- For example, a new test realization of a practical implementation of the device 100 according to the invention can be determined in that for a given coding data is processed by the device 100 or the unit 120 by supplying each data word. Once coded Xn 'to the processing unit 120. The processing of an encoded coded data word Xn' gives correspondingly a measurement value Xln-X2n which characterizes the data word coded Xn 'or cara ctérise the processing of the coded data word in the device. The measurement values thus obtained can be determined according to one embodiment and finally their average value can be used as a predefined value for the coding according to the invention. By way of example, the coding according to the invention, that is to say the association between coded data words and uncoded data words, can be done step by step. This association can for example be done by an iterative method for refining the coded data words or the transformation carried out by the coding unit according to the invention as part of the coding until a difference is reached between one or more values. determined measurement and the predefined value of the threshold criterion according to the invention. This ensures that the measured values Xln or X2n deduced from coded data words Xn 'will differ only slightly from the predefined value which considerably complicates or even makes impossible an auxiliary channel attack based on the exploitation of the values. measuring Xln, X2n. In a particularly advantageous manner, the principle according to the invention does not rely on the use of random numbers or pseudo-random numbers. Moreover, the coding according to the invention establishes a deterministic prescription for transforming the data to be processed into coded data words. Preferably for each specific implementation of the device 100 a special coding is determined and used.
[0016] It is also possible to envisage for a specific implementation of the device, to determine several possible codings and to change them during the operation of the device, which consequently increases the security with respect to the auxiliary channel attacks. According to another advantageous development, the predefined value V (FIG. 2b) is not chosen the same for all the measurement values Xln, X2n. This means that the coding according to the invention of the embodiment thus offers degrees of freedom to provide different measurement values for several different predefined values. This makes it possible, for example, to advantageously take advantage of asymmetries for implementing or obtaining measurement values. For example, it can be envisaged that, for the processing of a first group of encoded coded data words, measurement values are obtained which have a larger information content concerning the processed data than for the processing of a second group of coded coded data. encoded data words.
[0017] In this case, it is advantageous to provide different predefined values for the different groups of coded data words, to reduce these asymmetries or to compensate them if possible for the purpose that all the possible measurement values, regardless of the asymmetries, present a similar information content regarding the processed data. According to another advantageous embodiment, for at least two measurement values or for the coded data words associated with these measurement values, a different threshold S is provided each time. This makes it possible to create another degree of freedom for coding making it easier to find the transformation according to the invention which is at the basis of the coding. According to another advantageous development, the measurement values X ln, X2n are scalar quantities or vector quantities or they are in a matrix form. The measurement values may for example represent an electrical energy consumption of the device or at least one component of the device. In this case, an attacker of the device will be able to determine the electrical energy consumption as a measurement value in the sense of the present invention, to effect an auxiliary channel attack. In this practical application, the coding according to the invention of the coded data words finally processed in the processing unit causes the corresponding measurement values of the electrical energy consumption of the device or of at least one component to differ. than slightly one another, which complicates again and all, an auxiliary channel attack. An example of measurement values in a vectorial presentation is for example that of an application scenario according to which several values of electrical energy consumption of different components or, in general, of parts of the device 100 per words of coded, processed data. Such a set of measurement values can also be organized in a matrix form. Another example in which it is interesting to represent measurement values in a matrix form is, for example, that of the determination of electromagnetic fields emitted by a device. In this case, it is possible to use, for example, a set of field probes for the measurement of electromagnetic fields by installing them during the operation of the device above it and by collecting corresponding measurement values for the different electromagnetic fields. field probes, for example the various elements of a matrix form of the measurement value in the sense of the present invention. Depending on the extension of the measurement values in the sense of the invention, it is also possible to choose the comparison operation to determine the difference between the measurement value and the predefined value. The same remark also applies to a predefined value. It is possible, for example, to use as a scalar quantity a simple difference with the consecutive limitation for exploiting the difference between a measurement value, for example a value of the consumption of electrical energy by the device and a corresponding predefined value. In the case of vector or matrix quantities for the measurement, corresponding functions can be defined correspondingly to define the difference concerned with respect to a predefined value (for example a predefinition vector, a predefinition matrix or similar means).
[0018] According to another preferred embodiment, the coding unit 130 encodes the data words Xn in that all the coded data words Xn 'have a predefined Hamming distance relative to one another. As a variant or in addition, the coding is done so that all the coded data words Xn 'have a predefined Hamming weight. In this variant also, the security can be increased by using at least one coding parameter t i (FIG. 2a) to perform PLRC coding. According to a preferred embodiment, the processing unit 120 is for example a register. Figure 3a shows another embodiment of a variant 120a of the processing unit 120 of Figure 2a. The processing unit 120a has two registers R1, R2 which serve at least for the temporary storage of coded data words Xn 'which are input, as obtained from the coding unit 130. Processing 120a provides the coded data words stored in registers R1, R2 at a given time for further processing by an output in the form of coded, "processed" Yn 'data. In the present exemplary embodiment, it is particular that, because of the fact that the processing unit 120a is the only memory, the coded data words Yn 'at the output of the unit 120a do not correspond to the input words. Xn. FIG. 3b shows another embodiment 120b of a processing unit according to the invention. This processing unit 120b comprises a cryptographic unit 124 which is, for example, a unit for applying part of an algorithm of an encryption method. The cryptographic unit 124 is made to perform a non-linear substitution operation on the input data Xn 'provided to it to obtain output data Yn'. Such a non-linear substitution operation is, for example, provided in the SubBytes () function of the Advanced Encryption Standard AES (subbyte function). Correspondingly, a variant of the invention according to Figure 3b can be applied to execute the relevant parts of the AES algorithm. According to another embodiment, the processing unit 120 is a data bus (serial or parallel data) or generally a circuit component which receives the coded data words Xn '. In another embodiment, the components 120 and 130 may also be functionally combined. Figure 4a shows another field of application of the invention. The figure shows a smart card 2000 provided with a device 100 according to the invention. The device 100 is in data transmission link with an interface 2002 by which the smart card 2000 or its device 100 can exchange data in a known manner with external devices such as for example a smart card reader (not shown) or a similar means.
[0019] The device 100 according to FIG. 4a advantageously has at least the structure of FIG. 2a, but it is also possible to envisage several coordination units 130 or several identical or different processing units 120, 120a, 120b in the same device 100. provides advantages of the invention, steps of a data processing method implemented in the device 100. FIG. 4b corresponds to another application of the invention, showing a memory data carrier 3000 (FIG. in the form of a USB bus) which has a device according to the invention 100 as well as USB connections 3002. FIG. 5 shows an example of an encoding according to the invention using four bits (which corresponds to a half-byte) comprising the coded data word Xn. A first bit of encoded data words Xn is referenced X1 in Fig. 5; the second bit bears the reference X2 and the third bit bears the reference X3; the fourth bit carries the reference X4. For the representation of the coded data word Xn, the following notation (x1, x2, x3, x4) will advantageously be used, which corresponds to the succession of the different bits (x1, x2, x3, x4) of the coded data word Xn. The coding with the coding unit 130 (Fig. 2a) transforms the data word Xn of Fig. 5 into a coded data word Xn '(see arrow a in Fig. 5). As shown in Fig. 5, the coded data word Xn 'always has the four bits x1, x2, x3, x4 of the original coded data word Xn and also three other bits x5, x6, x7. Here the coding is obtained also by hanging a sequence of bits Rn of a length of three bits. The values of the different bits x5, x6, x7 of the sequence of bits Rn hung according to the coding of the invention can be advantageously chosen, for example to obtain a desired Hamming distance between the coded data word Xn '. relative to the other coded data words or a Hamming weighting desired for the coded data word Xn '. In this variant, the security is increased by using at least one coding parameter t_i (FIG. 2a) for the PLRC code. By way of example, the value predefined each time by the polymorphic control unit 132 (FIG. 2a) with at least one coding parameter t_i makes it possible to control the selection of a variant of possible coding algorithm of the unit coding device 130 for encoding different coded data words Xn, i with different coding variants.
[0020] FIG. 6a shows, by way of example, a four column coding table S1, S2, S3, S4 that can be used, for example, in the coding unit 130 (FIG. 2a) according to one embodiment. Column S1 contains the input coded data words Xn in a binary representation with values between 0000 (decimal zero) up to 1111 (i.e., the decimal value 15). In each case, columns S2, S3, S4 form in combination a coded data word Xn '. The second column S2 contains useful coded data words (pay service) at four bits. Column S3 of the table of Fig. 6a contains a reversal bit of a first exemplary encoding requirement and column S4 contains two compensation bits of the first encoding rule used. By way of example, at the input data word Xn = 0001 the table of FIG. 6a assigns the coded data word Xn '= 0001010. And so on.
[0021] FIG. 6b shows, by way of example, another four column coding table 51 ', S2', S3 ', S4', which can be used, for example, in the coding unit 130 (FIG. production. Column 51 'contains the input coded data words Xn in binary representation with values between the null decimal value 0000 up to the decimal value (1111) and this column is identical to column 51 of the table. of Figure 6a. The columns S2 ', S3', S4 'of the table according to FIG. 6b thus constitute in combination each time a coded data word Xn'. The second column S2 'contains the useful four-bit coded data words (paid service). Column S3 'of the table shown in FIG. 6b contains two compensation bits, the second predefined coding rule and column S4' contains an inversion bit, for example the second coding requirement. As shown in the comparison of the tables of Figs. 6a, 6b, the columns S3, S4 correspond to the columns S4 ', S3' with the different coding requirements to be realized in these columns. For example, the coding parameter ti according to the invention can be used as a value for controlling the coding unit 130 or the coding table of FIG. 6a or of FIG. 6b for an input coded data word Xn at code. In this case, all that is required is a single bit for the coding parameter t i. The flexible change between preferably two coding variants or coding table made possible by the coding parameter according to the invention ti, significantly increases the protection of the device 100 (FIG. 2a) with respect to the DPA attacks (auxiliary channel attack). ). The example described above with reference to FIGS. 6a, 6b is used to simply explain the polymorphic mode resilient to leaks according to the invention (PLRC code). More than two different coding variants can be controlled by the coding parameter t_i according to the invention. It is also possible to use more complex coding requirements than those described by way of example above. For example, codes, allowing scalar processing and / or variable code density or coding rate, error recognition, error correction or the like. The coded data words Xn 'according to FIG. 6a can be obtained from the sixteen coded data words Xn, for example with the following equation or the formation rule: c = {(7c, 1,142 (x, 1), 142 (x, 1,1) x, 0, 142 (x, 0), 142 (x, 0,1) If HW (x) <2 Otherwise 0 Equation 1 In this formula, c is a seven-bit code mode; x corresponds to a four-bit code mode (x0, x1, x2, x3): corresponds to a complement; "" is a bit concatenation; HW (.) Represents the Hamming code of a data mode and for the following W function: 1, If HW (x) <2 Otherwise 0 Equation 2 For the coded data word Xn = x = 1111, we use for example, the upper line of equation 1 because the Hamming weight of the coded data word concerned 1111 is greater than 2, so that the 7-bit code mode c = 0000110 is obtained, and so on. The coded coded data words Xn 'according to FIG. 6b can be obtained from the sixteenth encoded data words Xn, for example with the following equations or formation rules: c = {x, w (x, 1,1) , w (x, 1), 1), siliff (x)) 2} x, w (x, 0,1), w (x, 0), 0) Equation 3 In these formulas it is a codeword to 7 bits; x is a 4-bit code mode (x0, x1, x2, x3) corresponding to a bit complement; "corresponds to a concatenation by bits (serialization), HW (.) indicates the weight of the Hamming code of a coded data word and for the function W we apply equation 2 above. thus represent different variants of a coding parameter t_i according to the invention with the coding used by the coding unit 130, which means that, depending on the value of the coding parameter ti, the coding unit 130 applies either equations 1 and 2, ie equations 3 and 2 for the coding of a given data word Xn (4) According to another development, the algorithm given in the pseudocode can be used hereinafter. to detect the coding according to figure 6a if invert bit == 1 decoded output invert bitwise (codeword [0: 3]) else decoded output codeword [0: 3] end if So, in line 1 of the pseudocode we check everything first, if the inversion bit of the data word, which we are trying to encode, is put in the state and if so, gets as decoded data word, the first four bits are inverted per bit. If the inversion bit is not used, the data words decoded directly from the coded data word are obtained for the first four bits of the coded data word.
[0022] The coding variants according to the invention explained with the aid of the tables of FIGS. 6a and 6b have the advantage of the effect that all the coded data words have a constant Hamming weight (in the present example this weight is equal to 2) so that the attacks on the device 100 are more and more complicated because of DPA; in the context of the processing of the coded data words Xn 'according to the invention (FIG. 2a) in the processing unit 120, for each codeword the same number of state variations of the different bits of the data word is coded; these variations are not attributed directly to code words which are processed precisely by unit 120. In addition, the method according to the invention can use coordination parameters t_i between the variants of FIGS. 6a, 6b, for example each nth coded data word (value of n for example 1, 2, 3 or greater than these values or non-constant values).
[0023] To implement an 8-bit implementation based on the principle of the invention, it is possible to apply the steps described above as well as the coding of the tables of FIGS. 6a, 6b each time two half-bytes (also called "nibble") which correspond to an eight-bit encoded data word. This allows, for example, an eight-bit implementation of the SubBytes () subbyte function of AES. The solution according to the invention can also be realized very well in scalar mode so that for example for a 32-bit implementation, the 32-bit coded data word is first broken down into eight half-octets preferably in a time cycle, that is to say in parallel, to then obtain eight octets that are coded according to the invention. Figure 7 shows another embodiment of the invention according to which there is a device 100a for data processing. On the input side, the device 100a receives the input data X which is, for example, transmitted in the form of four-bit inputted data words Xn which arrive via the input interface 110 to the input unit. coding 130 following. The coding unit 130 performs the coding according to the invention (by using the coding parameter according to the invention t_i (see also Fig. 2a) to thereby obtain coded input data Xn '.The coded data words Xn' are processed in the next processing unit 120 and at the output of the processing unit 120 are obtained the coded data words, processed Yn ', then the unit 140 which constitutes a decoding unit provides the decoding of the words of coded Yn 'data which ultimately results in coded processed, decoded Y data words. These words are provided by the output interface 150 to other units external to the device 100. According to another development, the components 120 and 140 can also be functionally combined as shown in FIG. 7.
[0024] In general, the principle of the invention is not limited to an encoding according to which the coded data words have, as described above, a predefined Hamming distance and / or a predefined Hamming weight. Moreover, the invention allows other embodiments in which the coding unit 130 (FIG. 1, FIG. 6) is alternatively adapted so as to transform the input data words Xn by using an "anti" code. leakage-preserving, in particular a PLRC code with which the encoded coded data words Xn 'are transformed. This is obtained, for example, by compliance with the threshold criterion of the invention for the difference between the measurement values Xn 1, Xn 2 and the predefined value V. In a very general way, the use of the leakage code has the same effect. advantage of the coded data words thus encoded makes it possible to determine an information leak, for example by observable or physically measurable quantities Xn 1, Xn 2 (measurement of electromagnetic fields, measurements of electrical energy consumption by the device 100 or the unit 120) which makes it possible to minimize the data processed in the unit 120. The use of PLRC according to the invention has the other advantage that the image of the coded data words, obtained by the coding, can be an even more complex way on coded data words and thus be much more difficult for attackers. Figure 8 shows very schematically a flowchart of an embodiment of the method of the invention. In step 200, one or more input data words Xn are coded using the coding unit 130 using the coding parameter t i according to the invention (FIG. 2a). In step 210, the coded data words Xn 'obtained in step 200 are processed using the processing unit 120. Then, in step 220, the coded, processed data words are decoded. yn.
[0025] The principle according to the invention of providing coded data words Xn 'which are subjected to another processing, in place of the processing of the input data, which are not coded Xn, has the advantage of not requiring a method based on random modes or pseudo-random methods for hardening PPS (enhancement of device 100 against DPA attacks); this reduces the means to implement vis-à-vis the known methods. In addition, the device 100 according to the invention can be implemented using conventional CMOS cells; the device 100 is provided in the form of an integrated monolithic circuit or in the form of circuit components integrated in other circuits. Another advantage of the invention is that one can test relatively simply the proper operation of the device 100 because the invention is not based on the use of random numbers or pseudo-random numbers. In addition, device 100 can be implemented on a relatively small chip area. As the means of the invention which provide the reinforcement vis-à-vis the DPA attacks can be done at the architecture level, it allows very simply reusing the different chip designs or the general designs of the devices to apply them the according to the invention.
[0026] Another element of the present invention is the method of managing a data processing device 100 in which the device 100 includes an interface 110 for receiving input data and a processing unit 120 for processing the data. According to the invention, it is provided under these conditions to code the received Xn coded data words as input data by the input interface 110 using the coding unit 130 to obtain data words. encoded coded Xn 'and in that the processing unit 120 processes the coded coded data words Xn'; the coding unit 130 uses a leak-resistant polymorphic code for coding. The core of this feature of the invention consists in providing coding of the coded data words before processing them by using the coding parameter ti according to the invention which makes it possible to reduce or completely eliminate leaks in the cryptographic sense for the processing of coded data words coded by the device 1000.
[0027] The invention can advantageously be implemented both in the form of a circuit and also in the form of a program or a combination of these two solutions. In general, the principle of the invention makes it possible, with the coding unit 130 (FIG. 1), to transform the input data Xn into coded data Xn 'which have an anti-leak code, in particular a PLRC code that is less sensitive to DPA attacks. In other words, the code which contains the coded data words X 'has less cryptographic leakage. This means that there is no auxiliary channel information or little such information in the coded data words. Therefore, an attack of the device 100 according to the invention by known means such as for example the seizure of the electromagnetic radiation of the device 100 or the seizure of its power consumption or similar parameters gives only relatively few information or no information at all about the unit 120. As already described above, the processing unit 120 can execute part of a cryptographic method or algorithm or a complete cryptographic method, for example encryption or decryption, for example, according to the AES cryptographic standard and / or forming a hash value according to the SHA standard. This allows a simple scalar treatment of the principle of the invention. For economy, another embodiment, the invention comprises components 110, 120, 130, 132 for example only for processing units particularly concerning the security of a cryptographic algorithm. As a variant, all the processing steps of a data processing device can be hardened by the principle of the invention.
[0028] Compared with the usual countermeasures against aux channel attacks, the solutions of the invention based on coding countermeasures have different advantages: 1. The countermeasures based on the coding are of a deterministic nature so that they require relatively calculation and in particular no random generator or pseudo-random generator. 2. The implementation in the form of an integrated circuit using conventional CMOS cells is relatively simple. 3. Due to the independence between the random numbers, a test of the device 100 according to the invention is much simpler than a test of devices and methods using random numbers. 4. Countermeasures based on the method of the invention require for their implementation only relatively little chip area or few complex codes that the coding unit 130 must apply. 5. The principle of the invention can be advantageously applied to isolated components of a device to be protected or to the entire device. 6. The invention applies in a modular manner. For example, a reinforced memory register DPA may be implemented in the form of a device 100 according to the invention if the processing unit 120 is made for example as a usual memory register R1. In this case, one can have the configuration 100 of Figure 1 in a modular form and apply it to a device to protect, resulting from mass production. The coding-based means of the invention eliminate or largely prevent information leakage by the auxiliary channels. According to another advantageous development, the code is designed to allow partial or complete error correction of coded data words that have been distorted, for example during a so-called fault attack. This can be done for example by adding other bits that increase redundancy. According to another advantageous development, the processing unit 120 checks one or more coded data words Xn 'to determine whether the valid coded data words are used in the sense of the code applied by the coding unit. Such a verification can be done in the configuration of FIG. 7, not only in the unit 120, but also in the unit 140. For example, in the case of an encoding by the coding unit 130 which is With a constant Hamming weight (for example, all coded data words Xn 'have a constant Hamming weight), the processing unit 120 will be able to check whether an added coded data word Xn' actually has the Hamming weight concerned. If not, it can be concluded that there has been a flaw injection attack in the device 100; by this attack an attacker intentionally injected false code words, for example into the link between the components 130 and 120 to allow a more efficient DPA attack. The verification according to the invention of the coded data words Xn 'will for example be avoided in the unit 120 or 160. According to an advantageous development, the verification described above can be done for example by means of a test called of adherent member for the coded data words.
[0029] Other advantageous embodiments are described below. According to the Applicant's research, an auxiliary channel leak makes it possible to draw conclusions regarding the internally processed data Xn 'in the device 100 and thus to determine, for example, a common cryptographic key. In other words, an auxiliary channel leak contains the information relating to the processed internal data. An example is the link between the data-dependent power consumption in CMOS circuits as indicated in the previous explanations for the device 100 and corresponding to the measurement value X ln.
[0030] The lateral channel leak L of an internal quantity V of the device 100 may be defined as a function f () of this variable v, that is to say: L = f (v). A practical example of the variable v would be the value emitted from the encrypted block sub-octet of the AES advanced encryption standard. Practical examples of the f (v) function would be, for example, the measurement of the current consumption, the measurement of the electromagnetic radiation, but also the deduced properties, such as the weight or the Hamming weighting (HW) or the Hamming distance (HD ) of V while this variable V is processed or is stored by the device 100. The last two examples HW or HD are certainly abstract but ultimately lead to a behavior of the device 100 physically dependent data, for example a current consumption that depends Datas.
[0031] Furthermore, it is possible to determine an average value M of the auxiliary channel leak L for all the possible values of the variable v GV, that is to say M = average (L) and a compatible standard v in the example of the amplitude function v Thus, the image C: wv is defined which gives a word wi for a code word vi: f (ci-M <= Epsilon; In this formula "Epsilon" is a predefined limit value ( According to another development, the inequality f (ci-M <= Epsilon is not necessarily valid for all the values of v, but it suffices for example that some of the values of v fulfill this condition. image described above C: wv is so called leak-proof code, that is to say a code that reduces leakage because the variation of the auxiliary channel leakage data dependent f (v) = L remains at inside the epsilon channel of width 2 * Epsilon.
[0032] According to the invention, the leak resistance code can be further improved by executing a coding requirement for coding the data words Xn (FIG. 2a) according to at least one coding parameter ti, by which the image representing the digit C: w4- v is executed in addition, based on at least one encoding parameter (or encryption parameter) t_i. Such improved code according to the invention can also be called polymorphic code resistant to leakage (polymorphic code allowing less leakage) and be defined as a function as follows: CPLRC (w, t_i) 1 - vi with C (w, ti) o C (w, ti) for all ioj. The operating principle described above of the PLRC code will be explained hereinafter with reference to the device 100a according to FIG. 7. The polymorphic control unit 132 (see FIG. 2a) controls the selection of a given code variant (FIGS. 6a, 6b) by predefining the parameter t_i to the coding unit 130 so that the concrete image representing the encryption of the data words Xn into coded data words (encrypted coded data words) Xn 'depends on the encryption parameter t i. Such coded data words Xn 'are then applied to the unit 120 which may have an L () channel leak. Since the PLRC code used by the coding unit 130 according to the invention is a leak-resistant code, depending on the auxiliary channel leak L () which does not disappear from the unit 120, this causes the attacks to fail. auxiliary channel. The unit 120 transmits the processed data Y which must then be decoded according to one embodiment, by the decoding unit 150. The decoding unit 150 also receives the coding parameter t_i very advantageously in order to be able to decode the data. Y. The coding parameter t_i may be applied to the decoding unit 150, for example also directly by the control unit 132 (FIG. 2a).
[0033] According to another development, the coding unit 130 (FIG. 2a) only encodes (encrypts) a part of all the data words Xn. This means that it is not necessary to code all the data words. To further explain the above explanations, reference is made to two other examples below.
[0034] First example: The function L = f (V ') is the current consumption of a data dependent cryptographic circuit (encryption circuit) (for example a component of the device 100 of FIG. 2a) and this current consumption is measured from the voltage drop across a shunt resistor (usual procedure for an auxiliary channel attack). Epsilon is chosen to be smaller than the quantized error of the digital memory oscilloscope used to measure the voltage drop; this means that Epsilon is practically no longer measurable. A code avoiding leaks is then a code for which the power consumption f (V ') depending on the data, differs from a value y' with respect to V 'of more than Epsilon compared to the average current consumption, that is, if we have the relation f (v) -M <= Epsilon. Second example: According to another embodiment, a code used by the coding unit 130 has a constant Hamming weight (HG) equal to 2, that is to say that all the values Xn 'have a weight HG = 2. If we choose the function f (V '), it means that this function returns the Hamming weight of the values y' of V 'and if we choose an Epsilon value equal to zero, then the indicated code is a code avoiding the leaks, because we have the relation f (v ') - M <= Epsilon since the average value M of the Hamming weight of the code words is equal to 2 and none of the code words differs from more than Epsilon chosen (= 0), that is, 0 Hw (v ') - 2 <= 0, (for V y', since Hw (v ') = 2 for V).

权利要求:
Claims (2)
[0001]
CLAIMS 1) Device (100) for processing data, - the device (100) having an input interface (110) for receiving the input data (X) and a processing unit (120) for processing the data, device characterized by - an encoding unit (130) for encoding the input data (X) arriving at the input interface (110) in the form of coded data words (Xn), to obtain data words (Xn '), - the coding unit (130) encoding the data words (Xn) for a predetermined part of measurement values (X ln, X2n) which characterize the encoded coded data words (Xn') and / or their processing by the device (100) and which are determined according to at least one physical quantity of the device (100), preferably at least about 50% of all the measured values (X ln, X2n ) differ from a predefined value (Vn), - the difference being less than or equal to a predefined threshold (S), - the coding unit (130) ) applying a coding requirement for coding the encoded data words (Xn) according to at least one coding parameter (ti), and - the processing unit (120) processing the coded data words (Xn ') ).
[0002]
2 °) Device (100) according to claim 1, characterized in that - the predefined value (Vn) is chosen equal for all the measurement values (X ln, X2n), - at least in particular as a predefined value (V) on selects an average value of all the possible values of the measurement values, in particular for at least two measurement values (X ln, X2n) or the data words (Xn ') associated with these measurement values each time have a different threshold (S) .353 °) Device (100) according to claim 1, characterized in that a. the measured values are scalar quantities or vector quantities or have a matrix form and / or b. the measured values represent an electrical energy consumption of the device (100) or at least one component of the device (100) and / or c. the measured values represent a Hamming weight or a Hamming distance. A device (100) for processing data, having an input interface (110) for receiving the input data (X) and a processing unit (120) for processing the data, which device is characterized by a data processing unit. encoding (130) for encoding the data words (Xn) obtained as input data (X) at the input interface (110), and obtaining coded data words (Xn '), - the encoding unit (130) encoding the data words (Xn), and a predefined part of all the data words, preferably at least 50% of all the data words, have between them a predefined Hamming distance and / or a predefined Hamming weight, - the coding unit (130) applying a coding requirement for encoding the coded data words (Xn) according to at least one coding parameter (ti), and - the processing unit (120) processes the coded data words (Xn '). 5. Device (100) according to claim 1, characterized by a polymorphic control unit (132) for predefining for coding of at least one data word (Xn), preferably however for the coding of several words. of data (Xn) or of all data words (Xn), or at least one coding parameter (ti) .356 °) Device (100) according to claim 1, characterized in that the processing unit (120) ) has at least one register (R1, R2) made for at least temporarily storing at least one coded data word (Xn ') and / or an encryption unit (124) applying at least a part of a method of encryption. Device (100) according to claim 1, characterized in that the coding unit (130) performs the coding of the data words (Xn) by adding a predefined number of bits (Rn) to each data word ( Xn), preferably depending on the coding parameter (ti). Device (100) according to claim 7, characterized in that the coding unit (130) selects the predefined number of bits to be added (Rn) so that a predefined part of all the coded data words ( Xn ') have between them a predefined Hamming distance and / or a predefined Hamming weight. 9 °) Device (100) according to claim 1, characterized in that it is made at least partly in the form of an integrated circuit preferably implemented in CMOS technique. 10) ° Device (100) according to claim 1, characterized in that the processing unit (120) is a data bus or comprises a data bus. 11) Method for managing a data processing device (100), the device (100) having an input interface (110) for receiving input data (X) and a processing unit (120) for processing the data, characterized in that by means of a coding unit (130) the received data words (Xn) are coded as input data (X) at the input interface (110), to obtain coded data words (Xn '), the encoding unit (130) encoding the data words (Xn) for a predefined action of measurement values (X ln, X2n) which characterizes the coded data words (Xn ') and / or their processing by the device (100) and which is determined as a function of at least one physical quantity of the device (100), preferably at least about 50% of all the measured values (X ln, X2n) differ from a predefined value (Vn) by a difference less than or equal to a predefined threshold (S), the coding unit (1 30) applying a coding requirement for encoding the data words (Xn) according to at least one coding parameter (t i), the coding unit (120) processing the data words (Xn '). A method of managing a data processing device (100) in which the device (100) has an input interface (110) for receiving input data (X) and a processing unit (120). ) for processing the data, characterized in that with the aid of a coding unit (130) the data words (Xn) obtained as input data (X) are coded at the interface of input (110) for obtaining coded data words (Xn '), - the encoding unit (130) encoding the data words (Xn) so that a predefined fraction of all the coded data words, preferably at least about 50% of all coded data words have between them a predefined Hamming distance and / or a predefined Hamming weight, - the coding unit (130) applying a coding requirement to encode the words of encoded data (Xn) according to at least one coding parameter (ti), and - the processing unit (120) processes the coded data words (Xn ') 3513 °) Method according to claim 11, characterized in that a calibration is performed according to which predefined calibrated coded data words are processed by the processing unit (120) and the measurement values corresponding to the coded, calibrated data words are determined. Method according to Claim 13, characterized in that the coding is done by the coding unit (130) as a function of the measured values corresponding to the calibrated data words.

类似技术:

公开号 | 公开日 | 专利标题

FR3020161A1|2015-10-23|DEVICE AND METHOD FOR PROCESSING DATA

CN106257590B|2021-03-30|Tamper-resistant non-volatile memory device and integrated circuit card

US9104610B2|2015-08-11|Method, system and medium for analog encryption in a flash memory

JP6380804B2|2018-08-29|Random number processing apparatus and random number processing method

CN106257860B|2021-02-09|Random number processing device and integrated circuit card

Fridrich et al.2004|Perturbed quantization steganography with wet paper codes

FR3004036A1|2014-10-03|DEVICE AND METHOD FOR PROCESSING DATA

JP2013242584A|2013-12-05|Method and device for giving seed to encryption random number generator

EP2893431B1|2016-11-02|Protection against side channel attacks

FR2941342A1|2010-07-23|CRYPTOGRAPHIC CIRCUIT PROTECTED AGAINST ATTACKS IN OBSERVATION, IN PARTICULAR OF HIGH ORDER.

US9767281B2|2017-09-19|Device and method for processing data

US8566609B2|2013-10-22|Integrity of ciphered data

FR2981472A1|2013-04-19|DEVICE AND METHOD FOR PRODUCING A BIT SEQUENCE

WO2014131546A1|2014-09-04|Method for encoding data on a chip card by means of constant-weight codes

US20200295920A1|2020-09-17|Device and method for hardware-based data encryption with complementary resistive switches

CN1388929A|2003-01-01|Watermark detector

JP4863279B2|2012-01-25|Memory system and memory access method

Cambou et al.2020|Cryptography with analog scheme using memristors

FR3007552A1|2014-12-26|SECURE METHOD OF COMPARING TWO OPERANDS AND CORRESPONDING DEVICE

EP3300293B1|2019-01-23|Method for symmetric encryption or decryption by blocks

FR3000246A1|2014-06-27|GENERATOR OF CHAOTIC SEQUENCES

Zhang et al.2014|Leakage-resilient memory-based physical unclonable function using phase change material

FR2802669A1|2001-06-22|NON-DETERMINED METHOD FOR SECURE DATA TRANSFER

FR2969878A1|2012-06-29|MULTIMODAL AUTHENTICATION METHOD AND CRYPTOGRAPHIC KEY GENERATION USING SECURE GENERAL SKETCHES

CN111630598A|2020-09-04|Nonvolatile memory device and writing method thereof

同族专利:

公开号 | 公开日

US20160019386A1|2016-01-21|

CN105024708A|2015-11-04|

DE102014207296A1|2015-10-22|

US9798874B2|2017-10-24|

CN105024708B|2021-01-01|

引用文献:

公开号 | 申请日 | 公开日 | 申请人 | 专利标题

US6259456B1|1997-04-30|2001-07-10|Canon Kabushiki Kaisha|Data normalization techniques|

US6904110B2|1997-07-31|2005-06-07|Francois Trans|Channel equalization system and method|

US6456208B1|2000-06-30|2002-09-24|Marvell International, Ltd.|Technique to construct 32/33 and other RLL codes|

DE10105794A1|2001-02-07|2002-08-08|Philips Corp Intellectual Pty|Communication system, method and signal for time-coded data transmission|

DE10225684B4|2002-06-10|2007-01-11|Siemens Ag|Method of coding|

DE102004021308B4|2004-03-23|2020-07-16|Robert Bosch Gmbh|Procedure for error correction of packet data|

KR100855958B1|2004-11-24|2008-09-02|삼성전자주식회사|Cryptographic system and method for securing against side channel attacks based on Hamming distance|

CN101116081A|2005-02-11|2008-01-30|通用数据保护公司|Method and system for microprocessor data security|

US7721178B2|2006-06-01|2010-05-18|International Business Machines Corporation|Systems, methods, and computer program products for providing a two-bit symbol bus error correcting code|

US9083495B2|2010-05-06|2015-07-14|Telefonaktiebolaget Lm Ericsson |System and method for signaling control information in a mobile communication network|

CN102571108B|2012-02-24|2014-02-26|清华大学深圳研究生院|Self-adaptive iterative decoding method for Turbo product codes|

DE102013205542A1|2013-03-28|2014-10-02|Robert Bosch Gmbh|Apparatus and method for processing data|

DE102013205544A1|2013-03-28|2014-10-02|Robert Bosch Gmbh|Apparatus and method for processing data|EP3089398B1|2015-04-30|2017-10-11|Nxp B.V.|Securing a cryptographic device|

EP3220304B1|2016-02-22|2018-11-07|Eshard|Method of testing the resistance of a circuit to a side channel analysis|

US10431301B2|2017-12-22|2019-10-01|Micron Technology, Inc.|Auto-referenced memory cell read techniques|

US10541808B2|2018-01-21|2020-01-21|Gideon Samid|Advanced bitflip: threat-adjusted, quantum-ready, battery-friendly, application-rich cipher|

US10901035B2|2019-02-01|2021-01-26|Intel Corporation|Techniques in ensuring functional safetysystems|

法律状态:
2016-04-22| PLFP| Fee payment|Year of fee payment: 2 |

2017-04-24| PLFP| Fee payment|Year of fee payment: 3 |

2018-04-23| PLFP| Fee payment|Year of fee payment: 4 |

2018-07-20| PLSC| Publication of the preliminary search report|Effective date: 20180720 |

2019-04-23| PLFP| Fee payment|Year of fee payment: 5 |

2020-04-21| PLFP| Fee payment|Year of fee payment: 6 |

2022-01-07| ST| Notification of lapse|Effective date: 20211205 |

优先权:

申请号 | 申请日 | 专利标题

DE102014207296.4A|DE102014207296A1|2014-04-16|2014-04-16|Apparatus and method for processing data|

[返回顶部]