Classifications

• • G—PHYSICS
  • G06—COMPUTING OR CALCULATING; COUNTING
  • G06F—ELECTRIC DIGITAL DATA PROCESSING
  • G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
  • G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
  • G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
  • G06F21/75—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information by inhibiting the analysis of circuitry or operation
  • G06F21/755—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information by inhibiting the analysis of circuitry or operation with measures against power attack
• • G—PHYSICS
  • G06—COMPUTING OR CALCULATING; COUNTING
  • G06F—ELECTRIC DIGITAL DATA PROCESSING
  • G06F11/00—Error detection; Error correction; Monitoring
  • G06F11/07—Responding to the occurrence of a fault, e.g. fault tolerance
  • G06F11/08—Error detection or correction by redundancy in data representation, e.g. by using checking codes
  • G06F11/10—Adding special bits or symbols to the coded information, e.g. parity check, casting out 9's or 11's
• • G—PHYSICS
  • G06—COMPUTING OR CALCULATING; COUNTING
  • G06K—GRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
  • G06K19/00—Record carriers for use with machines and with at least a part designed to carry digital markings
  • G06K19/06—Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code
  • G06K19/067—Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards also with resonating or responding marks without active components
  • G06K19/07—Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards also with resonating or responding marks without active components with integrated circuit chips
  • G06K19/073—Special arrangements for circuits, e.g. for protecting identification code in memory
  • G06K19/07309—Means for preventing undesired reading or writing from or onto record carriers
• • G—PHYSICS
  • G09—EDUCATION; CRYPTOGRAPHY; DISPLAY; ADVERTISING; SEALS
  • G09C—CIPHERING OR DECIPHERING APPARATUS FOR CRYPTOGRAPHIC OR OTHER PURPOSES INVOLVING THE NEED FOR SECRECY
  • G09C1/00—Apparatus or methods whereby a given sequence of signs, e.g. an intelligible text, is transformed into an unintelligible sequence of signs by transposing the signs or groups of signs or by replacing them by others according to a predetermined system
• • H—ELECTRICITY
  • H03—ELECTRONIC CIRCUITRY
  • H03M—CODING; DECODING; CODE CONVERSION IN GENERAL
  • H03M7/00—Conversion of a code where information is represented by a given sequence or number of digits to a code where the same, similar or subset of information is represented by a different sequence or number of digits
  • H03M7/14—Conversion to or from non-weighted codes
  • H03M7/20—Conversion to or from n-out-of-m codes
• • H—ELECTRICITY
  • H04—ELECTRIC COMMUNICATION TECHNIQUE
  • H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
  • H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
  • H04L9/002—Countermeasures against attacks on cryptographic mechanisms
  • H04L9/003—Countermeasures against attacks on cryptographic mechanisms for power analysis, e.g. differential power analysis [DPA] or simple power analysis [SPA]
• • H—ELECTRICITY
  • H04—ELECTRIC COMMUNICATION TECHNIQUE
  • H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
  • H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
  • H04L9/002—Countermeasures against attacks on cryptographic mechanisms
  • H04L9/004—Countermeasures against attacks on cryptographic mechanisms for fault attacks
• • H—ELECTRICITY
  • H04—ELECTRIC COMMUNICATION TECHNIQUE
  • H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
  • H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
  • H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
• • H—ELECTRICITY
  • H04—ELECTRIC COMMUNICATION TECHNIQUE
  • H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
  • H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
  • H04L2209/34—Encoding or coding, e.g. Huffman coding or error correction

Definitions

• Figure 3 shows an example of implementation of the encoding method.
• This decomposition makes it possible to reduce the size of each bit sequence for the subsequent calculation of binary operations with two operands, such as for example the exclusive or.
• Examples of preferred codes for the implementation of the method are also given; in the case where the size of the data D to be encoded is 4 bits, a 3.5-1, 2-code or a 2.5-1, 2-code, permutation of the first and second codes is preferably used. close, that is to say that the data D is decomposed into a sequence of 3 bits, then a bit.
• the first sequence being encoded into a 5-bit size partial codeword and a Hamming weight of 2 or 3, and the remaining bit being encoded into a 2-bit size partial codeword and a Hamming weight equal to 1 .
• the smart card may also include an error signal generating module 30, which may be integrated with or connected to the decoding module (as illustrated in FIG. 1).
• this module 30 verifies during a step 3000 that the Hamming weight of the codewords transmitted by the encoding module is equal to the constant Hamming weight ⁇ which is agreed before the implementation of the method. of transmission.
• the processing unit If the Hamming weight is within the expected weight, the processing unit
• the results of the arithmetic or encryption operations applied to the uncoded data can be obtained from the code words generated from said data, as described hereinafter.
• the decoding and / or exploitation 4000 of the code words to implement an encryption operation is performed without first checking the accuracy of the codewords.
• the encryption operations 4000 and / or the arithmetic operations can be performed by the first processing unit without or before a data transmission step 2000 to the second processing unit is implemented.
• an encryption operation may be a step of a cryptographic algorithm such as AES (for "Advanced Encryption Standard” or “Advanced Encryption Standard”) or LED, an algorithm for calculating a function such as for example SHA-1, SHA-2 or the future SHA-3, or an integrity calculation algorithm such as cyclic redundancy check (known by the acronym “CRC”) or the LRC ( acronym of
• the adaptation of the function to the codewords consists in taking up the pre-calculated tables and adapting them to the calculation by taking as inputs and outputs the values corresponding to the codewords. on which the calculation is made.
• at least one table is generated having as inputs the partial codewords on the basis of which the calculation or the complete code word is performed, and outputting the coded result of the operation applied to the non-coded complete data, which is the concatenation of the bit sequences from which the partial codewords are derived . The operation is therefore applied to all the partial codewords.
• A is a datum comprising the concatenation of two sequences of bits of 0 , ai of respective sizes L 0 and Li.
• B is a datum comprising the concatenation of two sequences of bits b 0 , b 1 , of respective sizes L 0 and Li.
• This table takes as input two data encoded by K1, and produces the rest of the Euclidean division of the sum of the two data by 2 L1 , encoded by K1.
• R 0 is the result of a 0 + b 0 modulo 2 L0 , that is the remainder of the Euclidean division of a 0 + b 0 by 2 L0
• X is the quotient of the Euclidean division of a + b by 2 L0 + L1
• Y is the result of a + b modulo 2 L0 + L1 , that is to say the rest of the Euclidean division of a + b by 2 L0 + L1, which decomposes into C 0 + Ri, where C 0 is the quotient of the Euclidean division of a-i + bi by 2 L1 , and R- ⁇ is the retention of the addition to 0 + b 0 modulo 2 L0 .
• CW (A + B modulo 2 L0 + L1 ) is therefore equal to K 1 (Y) + K 0 (R 0 ).
• Ki (Co) REM-K 0 [K 0 (a 0 ), K 0 (b 0 )]
• K 1 (R 1 ) ADD-K 1 [K 1 (a 1 ), K, (b)]
• this adaptation step for the operation or the decoding of the codewords can for This can be done by decomposing the code word M into the partial code words mi,. . . , m m that compose it, and performing the operation on each of the partial codewords before concatenating the results obtained.
• each code word on which the operation is implemented is decomposed into its partial code words, and the operation is applied separately to the corresponding partial code words of each code word.
• XOR-K 0 denotes the function or exclusive applied to two concatenated data, encoded by K 0 , and which returns their XOR in representation coded by K 0 .
• XOR- ⁇ which applies to data coded by Ki and returns their XOR in representation coded by Ki.
• R is of the same form as CW (A) and CW (B), that is to say the concatenation of two codewords coded respectively by Ki and K 0 .
• the processing unit wants to decode the code words, it separates each code word M into the partial code words m, m m , and implements on each partial code word a decoding corresponding to the encoding implemented to obtain them.
• the decoding algorithm depends of course on the encoding algorithm used beforehand. By way of non-limiting examples, other possibilities of encoding and decoding are described below in the context of the method described above.
• the set of words of weight 3 among 6 bits is chosen as the arrival code, which is the following: ⁇ 7, 1 1, 13, 14, 19, 21, 22, 25, 26, 28, 35, 37, 38, 41, 42, 44, 49, 50, 52, 56).
• This set has 20 elements; it is therefore adapted to encode the set E which contains 16.
• the table K is then written [X, X, X, X, X, X, X, O, X, X, X, 1, X, 2, 3, X, X, X, X, 4,
• X 5, 6, X, X, 7, 8, X, 9, X, X, X, X, X, 10, X, 1, 12, X, X, 13, 14, X, 15 , X, X, X, X, X, X, X, X, X, X, X, X, X, X, X, X, X, X], where X is a value that is not in the starting set E.
• this word is split into two sequences of 4 bits each, each encoded on 6 bits as described above, then the partial codewords obtained are concatenated.
• a table is prepared which receives the partial codewords as input and outputs the result of the operation applied to the concatenation of the partial codewords.

Landscapes

• Engineering & Computer Science (AREA)
• Theoretical Computer Science (AREA)
• Computer Security & Cryptography (AREA)
• Physics & Mathematics (AREA)
• Computer Hardware Design (AREA)
• General Physics & Mathematics (AREA)
• General Engineering & Computer Science (AREA)
• Signal Processing (AREA)
• Computer Networks & Wireless Communication (AREA)
• Mathematical Physics (AREA)
• Software Systems (AREA)
• Microelectronics & Electronic Packaging (AREA)
• Quality & Reliability (AREA)
• Storage Device Security (AREA)

Applications Claiming Priority (2)

Publications (1)

Family

ID=48468549

Family Applications (1)

Country Status (3)

Families Citing this family (9)

Citations (4)

Family Cites Families (14)

• 2014
  • 2014-01-17 EP EP14701692.7A patent/EP2885875A1/de not_active Ceased
  • 2014-01-17 US US14/770,797 patent/US9886597B2/en active Active
  • 2014-01-17 WO PCT/EP2014/050867 patent/WO2014131546A1/fr not_active Ceased

Patent Citations (4)

Non-Patent Citations (2)

Also Published As

Similar Documents

Legal Events