[go: up one dir, main page]

HK1098564B - Security module component - Google Patents

Security module component Download PDF

Info

Publication number
HK1098564B
HK1098564B HK07104158.3A HK07104158A HK1098564B HK 1098564 B HK1098564 B HK 1098564B HK 07104158 A HK07104158 A HK 07104158A HK 1098564 B HK1098564 B HK 1098564B
Authority
HK
Hong Kong
Prior art keywords
memory
processor cpu
cpu
processor
exchange
Prior art date
Application number
HK07104158.3A
Other languages
German (de)
French (fr)
Chinese (zh)
Other versions
HK1098564A1 (en
Inventor
Andre Kudelski
Original Assignee
Nagravision S.A.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from EP04102505A external-priority patent/EP1603088A1/en
Application filed by Nagravision S.A. filed Critical Nagravision S.A.
Publication of HK1098564A1 publication Critical patent/HK1098564A1/en
Publication of HK1098564B publication Critical patent/HK1098564B/en

Links

Description

Field of invention
The present invention relates to security modules containing at least one processor and memory, usually in the form of smart cards, which are available with or without contacts and are used in various applications requiring secure transactions such as payment, confidential data exchange or access control.
Early art
The safety module can be made in three main forms, one of which is a microprocessor card, a chip card, or more generally an electronic module (having the shape of a key, badge, etc.).
A second known form is an integrated circuit box placed, usually permanently and immovably, in the decoder box.
In a third form, the safety module is integrated into an integrated circuit housing with another function, for example in a decoder unlock module or decoder microprocessor.
In particular, in the context of digital pay-TV, these security modules are in the form of cards, which serve as a means of personalising and securing access to encrypted programmes received by decoders installed in the subscribers' homes.
In order to improve the security of access to paid data and prevent various attempts at fraud, several solutions have been adopted such as: hardware encapsulation of the security module, sophisticated encryption algorithms, high binary encryption/decryption keys, multiple cards or processors as described in documents US5666412 or US5774546.
In the latter two examples a pay-TV set-top box is equipped with a two-mouthed card reader in which a smart card is inserted into each. The first card includes an identification element containing partially encrypted personal and official information. The second smart card includes an application element containing access keys and algorithms allowing access to information contained in the identification element of the first card. Such a configuration is notably present in a parental control device that requires a second level of access control using a special key.
According to a variant of the document cited, the chips or integrated circuits of each of the two cards are grouped on a single support thus constituting a single card whose integrated circuits are accessible separately by the card reader.
DE19811646 describes a security module IC component comprising a first processor with an external interface bus connected to a program memory, a programmable erasable non-volatile memory and a live memory for temporary storage of data in process, and a second processor connected to the first processor and two memories, decoupled from the external interface bus.
Err1:Expecting ',' delimiter: line 1 column 260 (char 259)
Purpose of the invention
The purpose of the present invention is to optimally improve the security of the chip card by preventing fraudulent control of the cryptographic processor (s) by means of external signals that disrupt the normal performance of the processor (s).
Summary of the invention
The purpose of the invention is achieved by a safety module component comprising at least two processors each connected to program memory, programmable erasable non-volatile memory (EEPROM) containing data and RAM for temporary storage of data in process, the first processor having an interface bus to the outside of the component, characterized by the second processor being connected to the first processor via a DPR, the first processor's programmable erasable non-volatile memory being read-only access to the first processor, the second processor having read-only access to the first processor's programmable non-volatile memory and the first processor's programmable erasable memory being read-only access to the first processor.
Err1:Expecting ',' delimiter: line 1 column 472 (char 471)
This component, preferably made on a single silicon chip, is usually embedded in a portable support, usually a removable chip card, which is equipped with access points connected to the first processor, either by a set of contacts on one side of the card according to ISO 7816 or by an antenna allowing electromagnetic data exchange without galvanic contact (ISO 14443) with a suitable read-write device.
In another embodiment, the component is part of a larger electronic module with encrypted data processing capabilities. For example, part of this module processes DVB encrypted data and the component is only part of the silicon that is responsible for these processes.
The component configuration according to the present invention allows the second processor to be completely isolated from external accesses, since there is no direct connection between the two processors which would allow access to the second processor by means of appropriate instructions transmitted to the first processor via the external accesses. The memories connecting the two processors act as a barrier blocking both unwanted commands from the external accesses and preventing the analysis of signals passing between the two processors via the same accesses.
The first processor cannot change its program itself. Any change to its program must be verified by the second processor.
The second processor can therefore perform cryptographic operations independently of the operations performed by the first processor, and the latter cannot perform certain security-critical tasks without the authorisation of the second processor.
The invention will be better understood by the following detailed description, which refers to the single annexed figure given as a non-limiting example.
Summary of the figure
Figure 1 shows a block diagram of a security module component comprising two processors each connected to a memory set and connected to each other by an exchange memory.
Detailed description of the invention and examples of implementation
The IC component in Figure 1 is generally made on a single chip which is mounted on a portable support consisting, according to a preferred embodiment, of a card with ACC access in the form of contacts or an antenna.
The IC component consists of two CPU A, CPU B processors connected via a DPR exchange RAM and a programmable and erasable EEPROM A non-volatile memory. The first CPU A is connected to ACC accesses on the one hand and to RAM A and ROM A on the other. The second CPU B processor is also connected to RAM B and ROM B and to EEPROM B programmable and erasable non-volatile memory.
In one variant, an additional programmable, erasable non-volatile STAT memory can be connected in R/W read/write mode to the first CPU A. It is used to store, for example, component operating history data that would be read-accessible from the outside via ACC accesses.
One of the essential features of the invention is that the connection of the first CPU A to the programmable and erasable non-volatile EEPROM memory A is read-only R while the connection to the second CPU B is read-only R/W. Another aspect of the invention is the presence of the DPR exchange memory whose connections to each of the CPU A and CPU B are read-only R/W.
The first CPU A of this component, which is accessed from the outside, is responsible for performing tasks known to the security modules i.e. such as handling CW control words and ECM control messages as well as card rights checking.
The second CPU B manages and executes all secure operations using encryption/decryption keys stored, for example, in ROM B. The programmable and erasable EEPROM B contains the programs as well as algorithms necessary for decryption according to instructions communicated by the first CPU A via the DPR exchange RAM.
Due to the read-only configuration of the first CPU A, the contents of the programmable and erasable non-volatile memory EEPROM A cannot be modified from the outside. Any instruction from the processor from commands received via ACC accesses is temporarily stored in the DPR exchange RAM and its execution is checked by the second CPU B before the resulting data is stored by said second CPU B in the non-volatile memory EEPROM A via the EE R/W port.
A variant is that CPU B can directly control CPU A via a C connection without going through DPR memory. Such control allows for example a quick activation or blocking of CPU A depending on the result of a verification performed by CPU B.
A card with a component as described above can be used in a digital pay-TV set-top box where high security is required, on the one hand, at the level of access rights to encrypted data from a cable or satellite video audio stream and, on the other hand, at the level of the software to operate the card.
One function of the card is to control access to encrypted data from an audio-video stream received by the decoder by checking ECM control messages accompanying the encrypted data.
To define a user's rights, the management center sends EMM administration messages that are usually individual i.e. encrypted by a unique key for that user. According to an example of application of the invention, this type of message cannot be decrypted by the CPU A since the latter does not have the user's unique personal key. This key can be symmetrical or asymmetrical (private key and public key).
The memory that will contain this right is EEPROM A in our example. This memory being written only to by CPU B, CPU A will transmit the EMM administration message to CPU B via DPR exchange memory. CPU B will start its decryption cycle of the message, and after verification, will update EEPROM A with the new rights.
It is also possible to place these rights in STAT memory by another variant, in which case the result of decrypting the EMM message will be transmitted to CPU A via the DPR exchange memory to be stored in STAT memory.
The downloading of the software from the card stored in EEPROM A non-volatile memory or the updating of this software is handled with increased security in a card equipped with a component according to the invention.
The software or an update is received by the decoder as encrypted blocks which will then be routed one by one to the first CPU A via the ACC accesses on the card. The CPU A processor cannot decrypt because it does not have the corresponding key. These blocks are transmitted to CPU B via the DPR exchange memory. The CPU B will initiate a decryption process in a secure and therefore uninterruptible mode.
The verification value or signature is expected to be contained in an EMM administration message. The CPU B receives this message via the DPR exchange memory and will be able to calculate the signature of the previously decrypted data block and compare it with the one received in the message.
Only after this verification has been performed will CPU B initiate a write cycle to CPU A's memory, namely EEPROM A.
In case the result of this comparison is negative, the download or update process stops and the CPU A transmits either an error message to the decoder or a download reset command.
When all blocks have been successfully verified and stored in EEPROM B, CPU B transfers them to EEPROM A. CPU A then installs and commissiones the new software.
According to one variant, before a block is transferred to EEPROM A, all blocks stored in EEPROM B can still be verified by the CPU B by calculating a footprint on all blocks.
According to one variant of operation, EMM administration messages are processed by CPU A. It is noted that during each session of decrypting these EMM messages, CPU A requests the key needed from CPU B for direct decryption execution. Once decryption is completed, the key is erased and only stored in CPU A's RAM RAM. There is therefore no intermediate storage of the key in a non-volatile EEPROM A memory that would thus be accessible as a read via ACC accesses. Only intermediate computation results are stored in RAM A and CPU A processor transfers the final data (e.g. bits) to STAT RAM.
If the number of secure tasks were to increase and exceed the capacities of a single processor, it is possible to multiply the number of processors according to the complexity of the operations to be performed.
One variant is that the DPR split-exchange RAM can have as many additional ports as are needed to connect additional processors.

Claims (8)

  1. Component IC of a security module comprising at least two processors CPU A, CPU B linked through an exchange memory DPR and by a non-volatile programmable and erasable memory EEPROM A, the first processor CPU A having an interface bus with the exterior of the component IC and being connected to a random access memory RAM A and to a read only memory ROM A, the second processor CPU B being connected to a random access memory RAM B and to a read only memory ROM B as well as to a non-volatile programmable and erasable memory EEPROM B, the random access memories RAM A, RAM B being used for temporary storage of data in process, said IC component being characterized in that the non-volatile programmable and erasable memory EEPROM A of the first processor CPU A having read only access R for said first processor CPU A, the second processor CPU B having read and write R/W access on said non-volatile programmable and erasable memory EEPROM A of the first processor CPU A in that the exchange memory DPR consists of a random access memory intended for temporary data storage, said exchange memory DPR being equipped with two ports, each configured in read and write R/W, one of which is connected to the first processor CPU A and the other to the second processor CPU B. and in that all secured operations are managed and executed by the second processor CPU B.
  2. Component according to claim 1, characterized in that it is mounted on a portable support including accesses ACC intended for the exchange of data with an external processing unit, said accesses ACC being connected to the first processor CPU A via the interface bus.
  3. Component according to claims 1 and 2, characterized in that said read only memory ROM B and said non-volatile programmable and erasable memory EEPROM B contain the programs as well as the algorithms necessary for decryption according to instructions communicated by the first processor CPU A via the exchange random access memory DPR.
  4. Component according to claim 2, characterized in that the second processor CPU B includes means for verification of data received via the accesses ACC and the exchange random access memory DPR, said data being temporarily stored in said non-volatile programmable and erasable memory EEPROM B during verification.
  5. Component according to claims 1 to 4, characterized in that the second processor CPU B includes storage means via the port R/W of the data verified in said non-volatile programmable and erasable memory EEPROM A of the first processor CPU A.
  6. Component according to claim 1, characterized in that it is mounted on a card provided with galvanic contacts, of ISO 7816 format, forming accesses ACC, said card functioning as a removable security module in a Pay-TV decoder.
  7. Component according to claim 1, characterized in that it includes at least one supplementary processor connected to an exchange random access memory with two ports, one of which being connected to the first processor CPU A connected to the accesses towards the exterior.
  8. Component according to claim 1, characterized in that it includes at least one supplementary processor connected to a supplementary port of the exchange random access memory DPR.
HK07104158.3A 2004-06-03 2005-06-02 Security module component HK1098564B (en)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
EP04102505A EP1603088A1 (en) 2004-06-03 2004-06-03 Component for a security module
EP04102505.7 2004-06-03
PCT/EP2005/052519 WO2005119583A2 (en) 2004-06-03 2005-06-02 Security module component

Publications (2)

Publication Number Publication Date
HK1098564A1 HK1098564A1 (en) 2007-07-20
HK1098564B true HK1098564B (en) 2008-11-14

Family

ID=

Similar Documents

Publication Publication Date Title
CN100562903C (en) Security module component
US9529734B2 (en) Smart storage device
US20080098418A1 (en) Electronic module for digital television receiver
KR20040068614A (en) Protecting a device against unintended use in a secure environment
US20070186117A1 (en) Secure processor-based system and method
US8060925B2 (en) Processor, memory, computer system, and method of authentication
US8266444B2 (en) Chip integrated protection means
US8453233B2 (en) Method of and circuit for identifying and/or verifying hardware and/or software of an appliance and of a data carrier cooperating with the appliance
HK1098564B (en) Security module component
EP1596528A1 (en) Encryption and copy-protection system based on personalised configurations
HK1082617A (en) Encryption and copy-protection system based on personalised configurations