Title of Invention	A MICROPROCESSOR SYSTEM
Abstract	This invention relates to a microprocessor system, data is temporarily stored in a cache memory (8) or a register bank (9). A respectively assigned cryptographic unit (81, 82; 91) ensures that the data is encrypted/decrypted when the cache memory (8) or the register bank (9) is accessed. The keyword which can be used here is changed if the cache memory (8) or the register (9) no longer contains any valid data to be read out. As a result, increased protection is obtained against unauthorised monitoring of data and program sequences.

Title of Invention

A MICROPROCESSOR SYSTEM

Abstract

This invention relates to a microprocessor system, data is temporarily stored in a cache memory (8) or a register bank (9). A respectively assigned cryptographic unit (81, 82; 91) ensures that the data is encrypted/decrypted when the cache memory (8) or the register bank (9) is accessed. The keyword which can be used here is changed if the cache memory (8) or the register (9) no longer contains any valid data to be read out. As a result, increased protection is obtained against unauthorised monitoring of data and program sequences.

Full Text	DESCRIPTION The invention relates to a mciroprocessor system with a processing unit and a memory which is connected to the processing unit in order to execute a reading or writing access operation. The invention also relates to a method for operating a microprocessor system with such a memory. Microprocessors require a memory in order to store in a permanent or volatile fashion data or programs which are to be processed. During the execution of the program, the microprocessor accesses the memory in order to load currently required program parts or data. Microprocessors are applied inter alia, in systems which are critical for security, for example in chip cards. The microprocessor is used there, inter alia, to encrypt data traffic or to execute other applications which are critical for security for the owner of the chip card. Here, data and programs which are critical for security are stored in the volatile and nonvolatile memory units of the microprocessor. In order to prevent this information from being monitored without authorization and displayed, such data is stored in encrypted form. The encryption method is relatively complex and requires a corresponding amount of expenditure on hardware and computing time during the reading and writing access operations to these memories. The data which is to be processed at a particular time by the central processing and control unit (CPU) of the microprocessor is therefore buffered in further memories which can respond significantly more quickly. On the one hand, a cache memory is provied in which data which is to read out of the slower, encrypted memories or to be written into them is buffered. On the other hand, registers are provided in which data values or operational settings which are to be processed at a particular time are buffered. As the information is to be made available as soon as possible in the next operating cycle when there is an access request to the cache memory or one of the registers, encryption of the buffered information there has previously not been considered. If conventional encryption methods were to be used for the encryption of the content of cache memories or registers, the response time would be too long. For this reason, hitherto the data has been buffered in cache memories and the working memories Of the processor in plain te; be monitored without authorization by means of suitable measuring methods. The object of the invention is to specify a microprocessor arrangement which protects stored data better against unauthorized monitoring. A further object of the invention is to specify a method for operating a microprocessor system with a memory. With respect to the system, this object is achieved by means of a microprocessor system which comprises: a processing unit, a memory which is connected to the processing unit for the execution of a reading or writing access operation; a cryptagraphic unit for encrypting and decrypting data values written or read into the memory; means for providing a variable key, it being possible to control the means in such a way that the key is changed if there are no longer any data values to be read out contained in the memory. With respect to the method, this object is achieved by means of a method for operating a microprocessor arrangement which contains a processing unit and a memory which is connected to the processing unit for executing a reading or writing access operation and in which, while the memory is being accessed by the microprocessor arrangement, the data values are encrypted or decrypted in accordance with a key, and the key is changed if there is no longer any data to be read out contained in the memory. In a microprocessor arrangement according to the invention and in contrast to known microprocessor arrangements, in addition a cryptographic unit is inserted into the access path to a memory, for example a cache memory or a register, which is connected to the processing unit. The key, which is used to operate the encryption and decryption, is changed. So that the reading into and out of the memory can be carried out with the same key, the key is changed only if there are no longer any data values to be read out contained in the memory. Because of the changing key,the encryption method itself can be relatively easy. The data is stored in the memory in a nonvolatile fashion so that, even after the supply voltage is switched off, there is no longer any useable information present, and repeated attempts at reading out are not successful. During operation, the available time for unauthorized monitoring of the key before a key change occurs is short. Overall, the combination of variable key with a simple encryption method provides sufficiently high protection against an attempt at monitoring. The invention is particularly suitable in conjunction with a further, slower memory in which the data is stored with a hard, complex encryption. The data is buffered in the memory which is wired according to the invention in order to provide it quickly to the central processing unit of the processor. The further, hard-encrypted memories may be nonvolatile memories such as ROMs or E2PROMs or volatile RAMs. In conventional process architectures, the CPU accesses these memories via a bus. With respect to this, the cache memory is located between the bus and CPU. When the invention is applied to a register bank, the registers are connected directly to the CPU, as in the conventional way. The cache memory is characterized in that when there is an access request to a memory which is external, i.e. only accessible via the bus, it is firstly checked whether the cache memory contains a data value. If the data value is contained there, it is output to the processor from the cache memory, and not from the external memory. If the requested data word is not contained in the cache memory, the cache memory is first reloaded with the data value and a suitable environment of this data value, the requested data value is also output to the CPU. The cache memory contains for this purpose a memory field in order to be able to detect the presence of the requested data value. The memory cells of the memory cell field are static or dynamic memory cells. A register bank is characterized in that it contains a multiplicity of registers which can be addressed directly by the CPU. The registers provide, for example, operands for logic operations or status and configuration setting values to be processed in the CPU. The register cells are embodied as bistable flip-flops. The safety expenditure for the encryption provides logic operation elements, expediently exclusive OR gates which are connected into the data lines in the access path of the memory. The data of the memory which is to stored or read out is logically linked to a keyword by means of exclusive OR gates. The keyword is made available by a register which contains the key which can vary from time to time. The keywords are preferably generated with random control. For this purpose, a random generator, which is connected at the output end to the key register, is used. The random generator provides the key in a physically random or pseudo-random way. The random generator is then made to bring about a new keyword if there is no longer any valid data present in the memory. This applies, on the one hand, if all the data read into the memory has already been read out. This also applies, on the other hand, if the processor is switched over to another application and re-initialized for this purpose. Conventionally, the content of the memory would then have to be completely deleted so that there is no longer any data from the previous application available for the following application. In the invention, it is no longer necessary to initialize the memory by resetting each memory cell. Instead it is sufficient to change only the key with random control. The data values contained in the memory can then no longer be encrypted. It is no longer necessary to reset each individual memory cell. The invention is explained in more detail below with reference to the exemplary embodiment illustrated in the drawing. Elements which correspond to one another are provided with identical reference symbols. In the drawing: Figure 1 shows a block circuit diagram of a microprocessor according to the invention, and Figure 2 shows a cache memory which shows details relevant to the invention. The microprocessor according to figure 1 comprises a data bus 1 via which the various functional units of the microprocessor exchange data, control or programming information with one another. The data bus 1 comprises a multiplicity of lines for transferring the useful information and control information. A central processing unit 2 controls the program sequence and carries out calculations. Data and program information can be permanently stored in an invariable fashion in a ROM memory 3 or permanently stored in a variable fashion in an E2PROM 4. Volatile data is stored in a RAM memory 5. In addition, at least one peripheral unit 6 is provided in order to receive data from the outside or output it to the outside. All functional units are arranged on a single integrated semiconductor chip. The units 2, ..., 6 are all connected to the bus 1 and exchange the information to be processed via said bus 1. The access control to the bus is monitored by a bus control unit 7. The data which is stored in the memories 3, 4, 5 is encrypted. When the data values are output onto the bus, the data is decrypted and passed on as plain text. For this purpose, a corresponding encryption and decryption unit 71 (MED = Memory En/Decryption) is used. When data values are stored in the RAM memory 5, the unit 71 carries out corresponding encryption. As the data contained in the memories 3, 4, 5 is available for a relatively long time in a volatile or nonvolatile fashion, the cryptographic method executed by the MED unit 71 is correspondingly complex. Memory access operations last a relatively long time. As an alternative to the central MED unit 71, each of the memories 3, 4, 5 can be directly assigned a cryptographic unit. In order to speed up data access operations to the external memories 3, 4, 5, a cache memory 8 is provided. The cache memory 8 lies in the signal path between the bus controller 7 and the CPU 2. The data which is requested by the CPU 2 at a particular time and a suitable environment of this data are buffered in the cache memory 8. A read request to one of the memories 3, 4, 5 is processed in such a way that it is firstly checked in the cache memory 8 whether it contains the requested data. If not, the data and the corresponding environment are reloaded from the external memories into the cache. If the requested data is contained in the cache 8, the reloading is omitted. In the exemplary embodiment, the cache memory 8 is divided into an instruction cache memory and a data cache memory. In the former, instruction sequences of the program which is being processed at that particular time are buffered, and in the latter the associated data. In principle, other structures for the cache memory are also possible. The cache memory can also be configured as a common cache for instructions and data (unified cache). In the case of associative cache memory architecture, such a unit is in turn divided into an associative memory for the addresses and the associated instruction/data storage part. By interrogating the associative memory, it is very quickly detected whether the requested data is contained in the cache. If the data item is not present (referred to as a cache miss), a request to reload is output to the corresponding external memory. Corresponding processes occur when a data value is written back into the RAM 5. During the reloading of the cache memory 8, the information received via the bus 1 is encrypted in plain text by means of a cryptographic unit 61. During a writing operation, the device 81 decrypts the data stored in encrypted form in the cache memory 8. When the data stored in encrypted form in the cache memory 8 is transferred to the CPU 2, it is decrypted by a cryptographic unit 82. During a writing operation, the unit 82 in the cache memory 8 encrypts information which is to be buffered. As described below, the key supplied to the cryptographic units 81, 82 is identical and is changed with random control if there is no longer any valid data to be read out in the cache memory 8. Operators and status information for the CPU 2 are stored in a register bank 9. The CPU 2 can access directly and immediately one or more of the registers arranged in the register bank 9. Data stored there is encrypted or decrypted by a cryptographic unit 91 when one of the registers of the register bank 9 is accessed. The key used at a given time in the units 81 and 82 on the one hand and the unit 91 on the other is expediently different. The cryptographic units are illustrated in detail by means of the example of the cache memory 8 in figure 2. A key register 83 contains the key which is being used at a given time. The key is provided by a random generator 84 which generates the keyword in a physically genuinely random or pseudo-random fashion. Respective exclusive OR gates 85a, 85b and 85c are connected into the data signal lines or bit lines which conduct the information written into or read out of the cache memory 8. Each of the exclusive OR gates 85 is in turn connected to an output of the register 83. The exclusive OR gates 85 are located both on the side of the cache memory 8 which faces the bus 1 and on the side of the cache memory 8 which faces the CPU 2. When data is read into the cache memory 8, encryption occurs owing to the exclusive OR operation performed on the data values with the keyword supplied from the register 83. In the case of reading out, the complementary decryption takes place by means of the same exclusive OR logic operation with the same keyword. As long as valid data for reading out is stored in the cache memory 8, the keyword provided by the register 83 must remain the same without modification. Each of the n-bit lines corresponds to one bit of the keyword. According to the invention, the keyword is changed if the cache memory 8 does not contain any valid data, i.e. data which is still to be read out. The random generator 84 is then activated in order to calculate a new keyword which is generated with random control. There is no longer any valid data contained in the memory 8 if all data values stored there are read out again. Furthermore, the keyword is to be changed when an initialization of the cache memory 8 is performed, referred to as a cache flush. A cache flush occurs, for example, when there is a change in the program executed by the microprocessor if the application, i.e. the application case in which the microprocessor is used, changes. In this case, it is also possible to dispense with a cache flush and a complete initialization and resetting of all the memory cells of the cache memory 8 which is brought about by this as the data can in any case no longer be decrypted owing to a change of the keyword in the register 83. The cryptographic unit 91 is constructed in detail in accordance with one of the cryptographic units in the access path to the cache memory 8. Its key register is then loaded with a new random value if all the registers of the register bank 9 no longer contain any valid data to be read out or have to be re-initialized. As a result of the invention, increased protection against unauthorized monitoring is provided to temporarily stored data in that the data is stored in encrypted form and the key is changed from time to time. Even when there is a program sequence which repeats many times, the stored data is different owing to different keys. The current drawn from the microprocessor during the execution of the program, in particular the current peaks or current troughs, varies. As a result, attempts at unauthorized monitoring which apply an evaluation of the current profile are made more difficult. WE CLAIM: 1. A microprocessor system comprising: - a processing unit (2), - a memory (8, 9) connected to the processihng unit (2) for the execution of a reading or writing access operat- ion , a cryptographic unit (81, 82; 91) for encrypting and decrypting data values written or read into the memory (8; 9), - means (83) for providing a variable key, - wherein the means (83) being controllable such that the variable key is modified when the memory (8) no longer contains any data values to be read out. 2. The microprocessor system as claimed in claim 1, comprising an additional memory (3, 4, 5) in which data values can be stored in encrypted form, and a decryption device (71) for decrypting the data values of the additional memory (3, 4, 5) when they are read out. 3. The microprocessor system as claimed in claim 1 or 2, wherein the memory is a cache memory (8). 4. The microprocessor as claimed in claim 3, wherein the cache memory (8) contains an access controller by means of which it is firstly poossible to check whether a data value of an access request of the processing umit (2) is contained in the cache memory (8) so that if the data values of the access request are contained in the cache memory (8) they are read out of the cache memory (8). 5. The microprocessor system as claimed in claim 3 or 4, wherein a bus (1) is provided for executing data traffic, wherein the memory (8) is connected in a data path between the bus (1) and the processing unit (2), and wherein the additional memory (3, 4, 5) is connected to the processing unit (2) via the bus (1). 6. The microprocessor system as claimed in claim 1 or 2, wherein the memory is a register (9) which comprises register cells which are embodied as bistable flip-flops. 7. The microprocessor system as claimed in one of claims 1 to 6, wherein the means for providing the variable key comprise a register (83), and wherein the register outputs are connected via logic operation elements (85a, 85b, 85c) to the lines via which memory cells in the memory (8) can be accessed. 8. The microprocessor system as claimed in claim 7, comprising a random generator (84) connected to the register (83) for feeding in the key. 9. The microprocessor system as claimed in claim 8, wherein the register (83) is loadable from the random generator (84) if the microprocessor is initialised for executing a different application. 10. A method for operating a microprocessor system having a processing unit (2) and a memory (8; 9) the memory being connected to the processing unit for executing a reading or writing access operation, in which, while the memory (8; 9) is being accessed by the microprocessor system, the data values are encrypted or decrypted in accordance with a key, and the key is changed if the memory (8; 9) no longer contains any data to be read out. 11 The method for operating a microprocessor system as claimed in claim 10, wherein the key is changed in a randow-controlled fashion. 12. The method for operating a microprocessor system as claimed in claim 10 or 11, wherein the key is changed if the memory (8;9) is completely read out. 13. The method for operating a microprocessor system as claimed in claim 10 or 11, wherein the key is changed if the program which is processed by the microprocessor arrangement is changed. This invention relates to a microprocessor system, data is temporarily stored in a cache memory (8) or a register bank (9). A respectively assigned cryptographic unit (81, 82; 91) ensures that the data is encrypted/decrypted when the cache memory (8) or the register bank (9) is accessed. The keyword which can be used here is changed if the cache memory (8) or the register (9) no longer contains any valid data to be read out. As a result, increased protection is obtained against unauthorised monitoring of data and program sequences.

Full Text

DESCRIPTION
The invention relates to a mciroprocessor system with a
processing unit and a memory which is connected to the
processing unit in order to execute a reading or writing access
operation.
The invention also relates to a method for operating a
microprocessor system with such a memory.
Microprocessors require a memory in order to store in a permanent
or volatile fashion data or programs which are to be processed.
During the execution of the program, the microprocessor accesses
the memory in order to load currently required program parts or
data. Microprocessors are applied inter alia, in systems which
are critical for security, for example in chip cards. The
microprocessor is used there, inter alia, to encrypt data traffic
or to execute other applications which are critical for security
for the owner of the chip card. Here, data and programs which are
critical for security are stored in the volatile and nonvolatile

memory units of the microprocessor. In order to prevent this
information from being monitored without authorization and
displayed, such data is stored in encrypted form. The
encryption method is relatively complex and requires a
corresponding amount of expenditure on hardware and computing
time during the reading and writing access operations to these
memories.
The data which is to be processed at a particular time by the
central processing and control unit (CPU) of the microprocessor
is therefore buffered in further memories which can respond
significantly more quickly. On the one hand, a cache memory is
provied in which data which is to read out of the slower,
encrypted memories or to be written into them is buffered. On the
other hand, registers are provided in which data values or
operational settings which are to be processed at a particular
time are buffered.

As the information is to be made available as soon as possible in
the next operating cycle when there is an access request to the
cache memory or one of the registers, encryption of the buffered
information there has previously not been considered. If
conventional encryption methods were to be used for the
encryption of the content of cache memories or registers, the
response time would be too long. For this reason, hitherto the
data has been buffered in cache memories and the working memories
Of the processor in plain te; be monitored without authorization by means of suitable measuring
methods.
The object of the invention is to specify a microprocessor
arrangement which protects stored data better against
unauthorized monitoring.
A further object of the invention is to specify a method for
operating a microprocessor system with a memory.

With respect to the system, this object is achieved by means of a
microprocessor system which comprises: a processing unit, a
memory which is connected to the processing unit for the
execution of a reading or writing access operation; a
cryptagraphic unit for encrypting and decrypting

data values written or read into the memory; means for
providing a variable key, it being possible to control the
means in such a way that the key is changed if there are no
longer any data values to be read out contained in the memory.
With respect to the method, this object is achieved by means
of a method for operating a microprocessor arrangement which
contains a processing unit and a memory which is connected to
the processing unit for executing a reading or writing access
operation and in which, while the memory is being accessed by
the microprocessor arrangement, the data values are encrypted
or decrypted in accordance with a key, and the key is changed
if there is no longer any data to be read out contained in the
memory.
In a microprocessor arrangement according to the invention and
in contrast to known microprocessor arrangements, in addition
a cryptographic unit is inserted into the access path to a
memory, for example a cache memory or a register, which is
connected to the processing unit. The key, which is used to
operate the encryption and decryption, is changed. So that the
reading into and out of the memory can be carried out with the
same key, the key is changed only if there are no longer any
data values to be read out contained in the memory. Because of
the changing key,the encryption method itself can be
relatively easy. The data is stored in the memory in a
nonvolatile fashion so that, even after the supply voltage is
switched off, there is no longer any useable information
present, and repeated attempts at reading out are not
successful. During operation, the available time for
unauthorized monitoring of the key before a key change occurs
is short. Overall, the combination of variable key with a
simple encryption method provides sufficiently high protection
against an attempt at monitoring.

The invention is particularly suitable in conjunction with a
further, slower memory in which the data is stored with a
hard, complex encryption. The data is buffered in the memory
which is wired according to the invention in order to provide
it quickly to the central processing unit of the processor.
The further, hard-encrypted memories may be nonvolatile
memories such as ROMs or E2PROMs or volatile RAMs. In
conventional process architectures, the CPU accesses these
memories via a bus. With respect to this, the cache memory is
located between the bus and CPU. When the invention is applied
to a register bank, the registers are connected directly to
the CPU, as in the conventional way. The cache memory is
characterized in that when there is an access request to a
memory which is external, i.e. only accessible via the bus, it
is firstly checked whether the cache memory contains a data
value. If the data value is contained there, it is output to
the processor from the cache memory, and not from the external
memory. If the requested data word is not contained in the
cache memory, the cache memory is first reloaded with the data
value and a suitable environment of this data value, the
requested data value is also output to the CPU. The cache
memory contains for this purpose a memory field in order to be
able to detect the presence of the requested data value. The
memory cells of the memory cell field are static or dynamic
memory cells. A register bank is characterized in that it
contains a multiplicity of registers which can be addressed
directly by the CPU. The registers provide, for example,
operands for logic operations or status and configuration
setting values to be processed in the CPU. The register cells
are embodied as bistable flip-flops.
The safety expenditure for the encryption provides logic
operation elements, expediently exclusive OR gates which are

connected into the data lines in the access path of the
memory. The data of the memory which is to stored or read out
is logically linked to a keyword by means of exclusive OR
gates. The keyword is made available by a register which
contains the key which can vary from time to time. The
keywords are preferably generated with random control. For
this purpose, a random generator, which is connected at the
output end to the key register, is used. The random generator
provides the key in a physically random or pseudo-random way.
The random generator is then made to bring about a new keyword
if there is no longer any valid data present in the memory.
This applies, on the one hand, if all the data read into the
memory has already been read out. This also applies, on the
other hand, if the processor is switched over to another
application and re-initialized for this purpose.
Conventionally, the content of the memory would then have to
be completely deleted so that there is no longer any data from
the previous application available for the following
application. In the invention, it is no longer necessary to
initialize the memory by resetting each memory cell. Instead
it is sufficient to change only the key with random control.
The data values contained in the memory can then no longer be
encrypted. It is no longer necessary to reset each individual
memory cell.
The invention is explained in more detail below with reference
to the exemplary embodiment illustrated in the drawing.
Elements which correspond to one another are provided with
identical reference symbols. In the drawing:
Figure 1 shows a block circuit diagram of a microprocessor
according to the invention, and

Figure 2 shows a cache memory which shows details relevant to
the invention.
The microprocessor according to figure 1 comprises a data bus
1 via which the various functional units of the microprocessor
exchange data, control or programming information with one
another. The data bus 1 comprises a multiplicity of lines for
transferring the useful information and control information. A
central processing unit 2 controls the program sequence and
carries out calculations. Data and program information can be
permanently stored in an invariable fashion in a ROM memory 3
or permanently stored in a variable fashion in an E2PROM 4.
Volatile data is stored in a RAM memory 5. In addition, at
least one peripheral unit 6 is provided in order to receive
data from the outside or output it to the outside. All
functional units are arranged on a single integrated
semiconductor chip. The units 2, ..., 6 are all connected to
the bus 1 and exchange the information to be processed via
said bus 1. The access control to the bus is monitored by a
bus control unit 7.
The data which is stored in the memories 3, 4, 5 is encrypted.
When the data values are output onto the bus, the data is
decrypted and passed on as plain text. For this purpose, a
corresponding encryption and decryption unit 71 (MED = Memory
En/Decryption) is used. When data values are stored in the RAM
memory 5, the unit 71 carries out corresponding encryption. As
the data contained in the memories 3, 4, 5 is available for a
relatively long time in a volatile or nonvolatile fashion, the
cryptographic method executed by the MED unit 71 is
correspondingly complex. Memory access operations last a
relatively long time. As an alternative to the central MED
unit 71, each of the memories 3, 4, 5 can be directly assigned
a cryptographic unit.

In order to speed up data access operations to the external
memories 3, 4, 5, a cache memory 8 is provided. The cache
memory 8 lies in the signal path between the bus controller 7
and the CPU 2. The data which is requested by the CPU 2 at a
particular time and a suitable environment of this data are
buffered in the cache memory 8. A read request to one of the
memories 3, 4, 5 is processed in such a way that it is firstly
checked in the cache memory 8 whether it contains the
requested data. If not, the data and the corresponding
environment are reloaded from the external memories into the
cache. If the requested data is contained in the cache 8, the
reloading is omitted.
In the exemplary embodiment, the cache memory 8 is divided
into an instruction cache memory and a data cache memory. In
the former, instruction sequences of the program which is
being processed at that particular time are buffered, and in
the latter the associated data. In principle, other structures
for the cache memory are also possible. The cache memory can
also be configured as a common cache for instructions and data
(unified cache). In the case of associative cache memory
architecture, such a unit is in turn divided into an
associative memory for the addresses and the associated
instruction/data storage part. By interrogating the
associative memory, it is very quickly detected whether the
requested data is contained in the cache. If the data item is
not present (referred to as a cache miss), a request to reload
is output to the corresponding external memory. Corresponding
processes occur when a data value is written back into the RAM
5.
During the reloading of the cache memory 8, the information
received via the bus 1 is encrypted in plain text by means of

a cryptographic unit 61. During a writing operation, the
device 81 decrypts the data stored in encrypted form in the
cache memory 8. When the data stored in encrypted form in the
cache memory 8 is transferred to the CPU 2, it is decrypted by
a cryptographic unit 82. During a writing operation, the unit
82 in the cache memory 8 encrypts information which is to be
buffered. As described below, the key supplied to the
cryptographic units 81, 82 is identical and is changed with
random control if there is no longer any valid data to be read
out in the cache memory 8.
Operators and status information for the CPU 2 are stored in a
register bank 9. The CPU 2 can access directly and immediately
one or more of the registers arranged in the register bank 9.
Data stored there is encrypted or decrypted by a cryptographic
unit 91 when one of the registers of the register bank 9 is
accessed. The key used at a given time in the units 81 and 82
on the one hand and the unit 91 on the other is expediently
different.
The cryptographic units are illustrated in detail by means of
the example of the cache memory 8 in figure 2. A key register
83 contains the key which is being used at a given time. The
key is provided by a random generator 84 which generates the
keyword in a physically genuinely random or pseudo-random
fashion. Respective exclusive OR gates 85a, 85b and 85c are
connected into the data signal lines or bit lines which
conduct the information written into or read out of the cache
memory 8. Each of the exclusive OR gates 85 is in turn
connected to an output of the register 83. The exclusive OR
gates 85 are located both on the side of the cache memory 8
which faces the bus 1 and on the side of the cache memory 8
which faces the CPU 2. When data is read into the cache memory
8, encryption occurs owing to the exclusive OR operation

performed on the data values with the keyword supplied from
the register 83. In the case of reading out, the complementary
decryption takes place by means of the same exclusive OR logic
operation with the same keyword. As long as valid data for
reading out is stored in the cache memory 8, the keyword
provided by the register 83 must remain the same without
modification. Each of the n-bit lines corresponds to one bit
of the keyword.
According to the invention, the keyword is changed if the
cache memory 8 does not contain any valid data, i.e. data
which is still to be read out. The random generator 84 is then
activated in order to calculate a new keyword which is
generated with random control. There is no longer any valid
data contained in the memory 8 if all data values stored there
are read out again. Furthermore, the keyword is to be changed
when an initialization of the cache memory 8 is performed,
referred to as a cache flush. A cache flush occurs, for
example, when there is a change in the program executed by the
microprocessor if the application, i.e. the application case
in which the microprocessor is used, changes. In this case, it
is also possible to dispense with a cache flush and a complete
initialization and resetting of all the memory cells of the
cache memory 8 which is brought about by this as the data can
in any case no longer be decrypted owing to a change of the
keyword in the register 83.
The cryptographic unit 91 is constructed in detail in
accordance with one of the cryptographic units in the access
path to the cache memory 8. Its key register is then loaded
with a new random value if all the registers of the register
bank 9 no longer contain any valid data to be read out or have
to be re-initialized.

As a result of the invention, increased protection against
unauthorized monitoring is provided to temporarily stored data
in that the data is stored in encrypted form and the key is
changed from time to time. Even when there is a program
sequence which repeats many times, the stored data is
different owing to different keys. The current drawn from the
microprocessor during the execution of the program, in
particular the current peaks or current troughs, varies. As a
result, attempts at unauthorized monitoring which apply an
evaluation of the current profile are made more difficult.

WE CLAIM:
1. A microprocessor system comprising:
- a processing unit (2),
- a memory (8, 9) connected to the processihng unit (2)
for the execution of a reading or writing access operat-
ion ,
a cryptographic unit (81, 82; 91) for encrypting and
decrypting data values written or read into the memory
(8; 9),
- means (83) for providing a variable key,
- wherein the means (83) being controllable such that the
variable key is modified when the memory (8) no longer
contains any data values to be read out.
2. The microprocessor system as claimed in claim 1, comprising
an additional memory (3, 4, 5) in which data values can be stored
in encrypted form, and a decryption device (71) for decrypting the
data values of the additional memory (3, 4, 5) when they are read
out.

3. The microprocessor system as claimed in claim 1 or 2,
wherein the memory is a cache memory (8).
4. The microprocessor as claimed in claim 3, wherein the cache
memory (8) contains an access controller by means of which it is
firstly poossible to check whether a data value of an access
request of the processing umit (2) is contained in the cache
memory (8) so that if the data values of the access request are
contained in the cache memory (8) they are read out of the cache
memory (8).
5. The microprocessor system as claimed in claim 3 or 4,
wherein a bus (1) is provided for executing data traffic, wherein
the memory (8) is connected in a data path between the bus (1)
and the processing unit (2), and wherein the additional memory
(3, 4, 5) is connected to the processing unit (2) via the bus (1).
6. The microprocessor system as claimed in claim 1 or 2,
wherein the memory is a register (9) which comprises register
cells which are embodied as bistable flip-flops.

7. The microprocessor system as claimed in one of claims 1
to 6, wherein the means for providing the variable key comprise
a register (83), and wherein the register outputs are connected
via logic operation elements (85a, 85b, 85c) to the lines via
which memory cells in the memory (8) can be accessed.
8. The microprocessor system as claimed in claim 7, comprising
a random generator (84) connected to the register (83) for
feeding in the key.
9. The microprocessor system as claimed in claim 8, wherein the
register (83) is loadable from the random generator (84) if the
microprocessor is initialised for executing a different
application.
10. A method for operating a microprocessor system having a
processing unit (2) and a memory (8; 9) the memory being
connected to the processing unit for executing a reading or
writing access operation, in which, while the memory (8; 9) is
being accessed by the microprocessor system, the data values are
encrypted or decrypted in accordance with a key, and the key is
changed if the memory (8; 9) no longer contains any data to be
read out.

11 The method for operating a microprocessor system as claimed
in claim 10, wherein the key is changed in a randow-controlled
fashion.
12. The method for operating a microprocessor system as claimed
in claim 10 or 11, wherein the key is changed if the memory (8;9)
is completely read out.
13. The method for operating a microprocessor system as claimed
in claim 10 or 11, wherein the key is changed if the program
which is processed by the microprocessor arrangement is changed.

This invention relates to a microprocessor system, data is temporarily stored in a cache memory (8) or a register bank (9). A respectively assigned cryptographic unit (81, 82; 91) ensures that the data is encrypted/decrypted when the cache
memory (8) or the register bank (9) is accessed. The keyword which can be used here is changed if the cache memory (8) or the register (9) no longer contains any valid data to be read out. As
a result, increased protection is obtained against unauthorised monitoring of data and program sequences.

Documents:

in-pct-2002-819-kol-granted-abstract.pdf

in-pct-2002-819-kol-granted-claims.pdf

in-pct-2002-819-kol-granted-correspondence.pdf

in-pct-2002-819-kol-granted-description (complete).pdf

in-pct-2002-819-kol-granted-drawings.pdf

in-pct-2002-819-kol-granted-examination report.pdf

in-pct-2002-819-kol-granted-form 1.pdf

in-pct-2002-819-kol-granted-form 18.pdf

in-pct-2002-819-kol-granted-form 2.pdf

in-pct-2002-819-kol-granted-form 3.pdf

in-pct-2002-819-kol-granted-form 5.pdf

in-pct-2002-819-kol-granted-gpa.pdf

in-pct-2002-819-kol-granted-priority document.pdf

in-pct-2002-819-kol-granted-reply to examination report.pdf

in-pct-2002-819-kol-granted-specification.pdf

« Previous Patent

Next Patent »

Patent Number

235056

Indian Patent Application Number

IN/PCT/2002/819/KOL

PG Journal Number

26/2009

Publication Date

26-Jun-2009

Grant Date

24-Jun-2009

Date of Filing

19-Jun-2002

Name of Patentee

INFINEON TECHNOLOGIES AG.

Applicant Address

ST MARTIN STR. 53 81669 MUNCHEN, GERMANY.

Inventors:

#	Inventor's Name	Inventor's Address
1	GAMMEL BERNDT	LUDWIG-DILL-WEG 3, 81737 MUNCHEN
2	SEDLAK HOLGER	NEUMUNSTER 10A, 65658 EGMATING
3	KNIFFLER OLIVER	WEDDGENSTR. 1, 81737 MUNCHEN
4	KNIFFLER OLIVER	WEDDGENSTR. 1, 81737 MUNCHEN
5	GAMMEL BERNDT	LUDWIG-DILL-WEG 3, 81737 MUNCHEN
6	SEDLAK HOLGER	NEUMUNSTER 10A, 65658 EGMATING

PCT International Classification Number

G06F 12/14

PCT International Application Number

PCT/DEO/00018

PCT International Filing date

2001-01-05

PCT Conventions:

#	PCT Application Number	Date of Convention	Priority Country
1	00100954.7	2000-01-18	Germany