METHOD FOR WRITING A SET OF INFORMATION ENCRYPTED IN AN EXTERNAL MEMORY OF AN INTEGRATED CIRCUIT AND CORRESPONDING INTEGRATED CIRCUIT
20190179773 ยท 2019-06-13
Assignee
Inventors
Cpc classification
H04L9/0861
ELECTRICITY
G06F21/79
PHYSICS
H04L9/0894
ELECTRICITY
International classification
G06F12/14
PHYSICS
Abstract
A method for writing a set of information for processing by a processing unit of an integrated circuit in an external memory outside the integrated circuit, includes: generating, within the integrated circuit, an encryption key; for each item of information intended to be written at an address of the external memory, first encrypting the address within the integrated circuit by a first encryption/decryption circuit using the encryption key to obtain an encrypted address; second encrypting the item of information within the integrated circuit using a second encryption/decryption circuit using the encrypted address to obtain an encrypted item of information; and writing the encrypted item of information at the address of the external memory, wherein the external memory is not able to be written twice at a same address during a write process
Claims
1. A method for writing a set of information for processing by a processing unit of an integrated circuit in an external memory outside the integrated circuit, the method comprising: generating, within the integrated circuit, an encryption key; for each item of information intended to be written at an address of the external memory, first encrypting the address within the integrated circuit by a first encryption/decryption circuit using the encryption key to obtain an encrypted address; second encrypting the item of information within the integrated circuit using a second encryption/decryption circuit using the encrypted address to obtain an encrypted item of information; and writing the encrypted item of information at the address of the external memory, wherein the external memory is not able to be written twice at a same address during a write process.
2. The method according to claim 1, wherein, during the write process, a first item of information of a plurality of items of information is written at an initial address of the external memory, and wherein the method further comprises incrementing the address after each operation of writing each subsequent item of information of the plurality of items of information.
3. The method according to claim 1, wherein the set of information is to be written in a range of addresses of the external memory, and wherein the method further comprises forbidding any new operation of writing in the external memory in response to a determination that all addresses of the range of addresses have been used in the write process.
4. The method according to claim 1, wherein generating the encryption key comprises randomly generating the encryption key.
5. The method according to claim 1, further comprising generating a new encryption key before each new write process.
6. The method according to claim 1, wherein the processing unit comprises a microcontroller.
7. The method according to claim 1, wherein the set of information comprises a program code to be run by the processing unit.
8. The method according to claim 1, further comprising storing the encryption key in an internal storage inside the integrated circuit.
9. A method for processing a set of information by a processing unit of an integrated circuit, the set of information comprising an encrypted item of information having been written in an external memory outside the integrated circuit, the method comprising: for each encrypted item of information stored at an address of the external memory and intended to be loaded into the processing unit, first encrypting the address within the integrated circuit by a first encryption/decryption circuit using an encryption key to obtain an encrypted address; reading the encrypted item of information stored in the external memory at the address; decrypting the encrypted item of information within the integrated circuit using a second encryption/decryption circuit using the encrypted address to obtain a decrypted item of information; and loading the decrypted item of information into a register of the processing unit.
10. The method according to Claim 9, wherein the set of information comprises a program code including code data, and wherein the method further comprises running the program code by the processing unit loading each decrypted code datum into an instruction register of the processing unit.
11. A device comprising an integrated circuit and an external memory outside the integrated circuit, the integrated circuit comprising: a processing unit; an information input for receiving a set of information intended to be written in the external memory and to be processed by the processing unit; a generation circuit configured to generate an encryption key; an addressing circuit configured to generate an address of the external memory for each item of information intended to be written in the external memory and not to generate a same address twice in a process of writing the set of information to the external memory; a first encryption/decryption circuit configured to perform a first encrypting on the address using the encryption key to obtain an encrypted address; a second encryption/decryption circuit configured to perform a second encrypting n the item of information using the encrypted address to obtain an encrypted item of information; and a write circuit configured to write the encrypted item of information at the address of the external memory.
12. The device according to claim 11, wherein, during a write process, the addressing circuit is configured to generate an initial address and to increment the address after each operation of writing an item of information to the external memory.
13. The device according to claim 11, wherein the addressing circuit is configured to write the set of information in a range of addresses of the external memory and to forbid any new addressing in response to a determination that all addresses of the range of addresses have been used in a write process.
14. The device according to claim 11, wherein the generation circuit is configured to generate the encryption key in a random manner.
15. The device according to claim 11, wherein the generation circuit is configured to generate a new encryption key before each new write process.
16. The device according to claim 11, wherein the second encryption/decryption circuit comprises an EXCLUSIVE OR operator.
17. The device according to claim 16, wherein the second encryption/decryption circuit comprises a scrambling circuit configured to modify inputs of the EXCLUSIVE OR operator according to a scrambling code.
18. The device according to claim 11, wherein the processing unit comprises a microcontroller.
19. The device according to claim 11, wherein the set of information comprises a program code comprising code data and intended to be run by the processing unit.
20. The device according to claim 11, wherein the integrated circuit further comprises an internal storage configured to store the encryption key.
21. The device according to claim 20, wherein, in response to the external memory containing encrypted items of information, the first encryption/decryption circuit is configured to extract the encryption key from the internal storage and to encrypt, using the encryption key, each address at which an item of information is to be read, wherein the integrated circuit further comprises a read circuit configured to read, in the external memory at the address, the encrypted item of information, and wherein the second encryption/decryption circuit is configured to decrypt the read encrypted item of information with the encrypted address, and to deliver the decrypted code datum to a register of the processing unit.
Description
BRIEF DESCRIPTION OF THE DRAWINGS
[0031] Other advantages and features of the invention will become apparent on examining the detailed description of wholly non-limiting modes of implementation and embodiments and the appended drawings, in which:
[0032]
DETAILED DESCRIPTION OF ILLUSTRATIVE EMBODIMENTS
[0033] Throughout what follows, it is assumed by way of non-limiting example that the set of information intended to be stored encrypted in an external memory is a program code, although this information may also be data.
[0034] In
[0035] The memory 11 is intended to store an encrypted program code 110 intended to be run by a processing unit 100 of the integrated circuit. This processing unit may for example be a microcontroller such as a microcontroller of the STM32 family marketed by STMicroelectronics.
[0036] The external memory 11 may be a random-access memory or else a read-only memory, for example a flash memory.
[0037] The integrated circuit 10 includes a code input 107 for receiving a program code intended to be written encrypted in the external memory 11.
[0038] The device 1 also includes, within the integrated circuit 10, a generation circuit 101 configured to generate an encryption key. This encryption key RD may be generated randomly at the start of the process of writing the program code. In this case, preferably, any time a process of writing a program code is repeated, for example when modifying or updating the program code, it is advantageously possible to generate a new encryption key, valid for the write process currently in progress.
[0039] Such generation circuit 101 is conventional in structure and known structures in the art.
[0040] The integrated circuit 10 also includes addressing circuit 102 configured to generate an address of the memory for each code datum intended to be written in the memory 11 and not to generate the same address twice in the process of writing the program code.
[0041] An exemplary structure of the addressing circuit 102 will be revisited in greater detail below.
[0042] The integrated circuit 10 also includes a first encryption/decryption circuit 103, for example circuit executing a symmetric encryption algorithm of AES or DES type, which is configured to perform a first operation of encrypting the address at which the code datum is to be written, using the key, to obtain an encrypted address.
[0043] The integrated circuit 10 also includes a second encryption/decryption circuit 104, configured to perform a second operation of encrypting the code datum by using the encrypted address.
[0044] As above, exemplary structures of such second encryption/decryption circuit 104 will be described in detail below.
[0045] The integrated circuit 10 also includes write circuit 105, which are conventional in structure and known per se, configured to write the encrypted code datum at the corresponding address.
[0046] The integrated circuit 10 also includes, in the context of loading the program code into an instruction register 1000 of the processing unit 100, read circuit 106, which are conventional in structure and known per se, configured to read the encrypted program code data 110 contained in the external memory 11.
[0047] Reference is now more particularly made to
[0048] It is assumed here that the code datum 101, which may be a digital word, is to be stored in the external memory at the address ADRi.
[0049] In step S20, the generation circuit 101 generates the encryption key RD, for example randomly.
[0050] This encryption key RD may advantageously be stored (step S27) in an internal memory 109 (
[0051] It should be noted that this storage operation may be performed at the start of, during or at the end of the process of writing the program code in the external memory 11.
[0052] In a step S21, the first encryption/decryption circuit 103 encrypts the address ADRi using the encryption key RD to provide an encrypted address ADRCi.
[0053] Next, in step S22, the second encryption/decryption circuit 104 encrypts the code datum MCi with the encrypted address ADRCi to provide an encrypted code datum MCCi.
[0054] The write circuit 105 then writes (step S23) the encrypted datum MCCi in the memory 11 at the address ADRi.
[0055] The process described above is reiterated for the next address until the range of addresses provided for storing the program code has been filled (steps S24 and S26).
[0056] Conversely, in the case in which the end of the range of addresses, represented in step S24 by the value N for the index i, has been reached, the write process is stopped and any new operation of writing in the external memory 11 using the encryption key RD that was just used is forbidden.
[0057] Furthermore, in step S26, moving from the address ADRi to the next address ADRi+1, the next address is generated such that the memory cannot be written twice at the same address.
[0058] As illustrated in
[0059] Thus, if a malicious third party attempts to store multiple data in succession at one and the same address in the memory using the encryption process described above, the malicious third party will be unsuccessful since it is not possible to write two successive items of data at the same address, as stated above.
[0060] It will therefore be more difficult or even impossible for the malicious third party to attempt to obtain the encryption key.
[0061] Reference is now made to
[0062] More specifically, for an encrypted code datum MCCi stored at the address ADRi in the memory 11, the read circuit extracts this datum in step S40.
[0063] Furthermore, the first encryption circuit 103 encrypts the address ADRi using the encryption key RD extracted in step S41 from the protected memory 109.
[0064] The encrypted address ADRCi is then obtained, which is used by the decryption circuit 104 to decrypt S43 the encrypted code datum MCCi so as to deliver the unencrypted code datum MCi.
[0065] This code datum is then delivered (step S44) by the second encryption/decryption circuit 104 directly to the instruction register 1000 of the processing unit.
[0066] As illustrated in
[0067] As a variant, it would be possible, as illustrated in