Management of the security in smart secure devices

1 Introduction Security is a key component for information technologies and communication. It undoubtedly represents one of the main tools of its rise because it introduces confidence which is necessary for users. Among the security threats, vulnerability of electronic material that implements cryptography (such as smart card), for services of confidentiality, authentication and data integrity, is perhaps the most important. Indeed, some unfaithful means, or 'attacks', on this material make it possible to extract confidential information like encoding keys and thus to lower the security of all the protected transmission chain of information. There are three main kinds of such``physical'' attacks. The first kind, called``side channel attacks'', exploits the fact that some physical values such as the power consumption, the electromagnetic radiation or the duration of computation of the chip depend on its internal computations [KJ99,MP07]. It is of particular concern, since it does not destroy the physical integrity of smart cards and it can be quickly mounted with cheap instrumentation equipments. The second type, called``fault attacks'', consists in modifying the circuit's behavior in order to bypass hardware or software protections or to exploit computational errors [BS97,PQ03]. The faults are injected into the device by various means as laser, glitches on clock [AD10], spikes on voltage supply or electromagnetic perturbations. The third type, called``invasive attacks'' [KK99], consists in analyzing the design of the chip by using destructive means such as abrasion, chemical etching and then probing the most informative signals with, for example, focused ion beam. A lot of protections have been proposed to counter those attacks. The first kind (further called " sensors ") gives information about the state of the system either by measuring the light, the voltage, the frequency or the temperature of the chip or by detecting error during computations. This detection is generally based on spatial redundancy (ie. realizing the same computation several times in parallel) or temporal redundancy (i.e. realizing the same computation several times) [MR10,NR10]. The second kind (further called " actuators ") does not modify the functional behavior of the circuit but only secures it. To reduce sensibility to side channel attacks, noise has been added to the power consumption, for example, by using an internal clock, by randomizing the order of the instructions, by adding dummy operations or by masking the internal computations that can be predicted by the attacker [RP09,CK09]. Another way to reduce sensibility to side channel attacks consists …