lllllllllllllllllllllllllllllllllllll||ll|Illllllllllllllllllllllllllllllll

US005533 123A

United States Patent 1191

61] Patent Number:

Force et al.

[45]

5,533,123

Date of Patent:

Jul. 2, 1996

[54]

PROGRAMMABLE DISTRIBUTED
PERSONAL SECURITY

4,926,388
4,933,898

5/1990 Kunita etal. ......................... .. 365/244

6/1990 Gilberg 6131. ....... ..
365/53

5,027,397

6/1991

[75]

Inventors: Gordon Force San Jose Calif;

D- l)avis7 Arlington Tex;

5,053,992 10/1991 Gilberg et a1. .

...... .. 365/53
5,083,293 1/1992 Gilberg 61 al. ................... .. 365/189.01

5,117,457

Richard L. Duncan, Bedford, Tex.,

-

5/1992

Comerford etal.

5 159 629 10,1992 D M

Thomas M Norcross Arlin ton Tex'

_

Double et a1. .

5,185,717

Mwhael J~ ShayArhngwmTeX

al

Ou- e at
2/1993

.... .. 380/4

. ..................... ..

'

380/3

38014

"

Mon ................. ..

. 365/52

5,353,350 10/1994 Unsworth et a1. ........................ .. 380/3

Tlmothy A. Short, Duncanville, Tex.

Primary Exammer-Dav1d C. C3111

[73] Assignee: National Semiconductor Corporation,

[57]

ABSTRACT

Santa Clara, Calif.

The present invention is embodied in a Secured Processing

[21] APPL NO; 267788

Unit (SPU) chip, a microprocessor designed especially for

[22] Filed:

secure data processlng. By integraung keys, encrypuon/

decryption engines and algorithms in the SPU, the entire

Jun. 28, 1994

[51]

Int. Cl.6

. . . .. H04L 9/00

Sammy PTOFBSS 1S rendired portable 3? etsly dlsmbmed

[52]
[58]

4_
UIS' Cl """"""" "
380, 380,52
Field Of Search ...................................... .. 380/3, 4, 52
_

across physical boundaries. The lnvention 18 based on the

orchestration of three interrelated systems: (i) detectors,
which alert thg SpU to the existence and help Characterize
the nature, of a security attack; (ii) ?lters, which correlate the

[56]

.. . . . . . . .. . .... . .. . .

References Cited
UIS_ PATENT DOCUMENTS

data from the various detectors, weighing the severity of the

attack against the risk to the SPUs integrity, both to its

_
4,446,475

secret data and to the design itself; and (111) responses, which

5/1984 Gercekcl et al. ....................... .. 357/40

are Countermaasures calculated by the ?lters to be most

E1105; 6 a1- """"""""" "

appropriate under the circumstances, to deal with the attack

4,598,17O

.eune """""" "

7/1986 Piosenka et al.

4,691,350

9/1987 Kleijne etal.

380/3

4,764,959

8/1988 Watanabe 6161.

380/4

4,783,801

or attacks present. The present invention, with wide capa

b.1.
. all hr
f h d
?l
d

. 178/2208

19 m

11/1988 Kalll? ...................... .. 380/3

4,807,284

2/1989

Kleijne

.. . .. . . . .

. . . ..

4,811,288
4,860,351

3/1989 Kleijne et al.

365/52
8/1989 Weingart ................................... ._ 380/3

1 6e 0

t 6

'

'

12

Cation

14 Claims, 19 Drawing Sheets

36

MICRO

CONTROLLER

GENERAL
PURPOSE

32

|/0 PORT

33

BUS INTERFACE

tars an

IGSPOHSCS

approp??te 19v91 9f S?CllnIy/pohcy 111) an sPU-b?sed 39911

380/3

POWER ISOLATION

me???

allows ?1 great degree of ?CXIPIhPY for Programmmg a?

RESET

EXTERNAL
9/

ROM

20 SILICON FlREWALL

US. Patent

Jul. 2, 1996

Sheet 2 of 19

23

VOUT

22

vnn

POWER

21

VBAT

swncumc

5,533,123

VPP

24

191, L ______ ___A_P_WF_?QD______ 40

~ ------ "SEE-P ---- --41

ClRCUlT

ALARM

- ---------------- ~38

PWRGD
114

105

1,102

)__ START
vccPwoP
112
VREF

CHIP_
PWRGD

PWRUP
COUNTER

10s

'

'27

28

A26

DLY__PWRGD

RESET

115

Cm

SET_PWOP

4}

110

109

cm

108

cm
START
PWRDN
VCCPUD

'*'

107

COUNTER '

RESET
104 /

111 CLR_PWOP

Q03

13

FIG. 2

s11$1TZPowN

25

US. Patent

Jul. 2, 1996

Sheet 3 0f 19

5,533,123

710

/
INPUT

716

OUTPUT

'/

747/

\712

FIG. 3

cLocT<\714
720

/
722

724

732

726

727

754

/\
728

F
729

'

\
730
740

742
744
1

7 46

t>i-

>

/
758

FIG. 5

756

,754

752

748

H50

IG' 4

US. Patent

Jul. 2, 1996

CLOCK__RTC

Sheet 6 0f 19

RIPPLE COUNTER

CLEARRTC

"32 is
305 304

INTERNAL
BUS INTERFACE
1O BUS
AND DECODER

RQLEQVER _ _

CTR
25

303 \_

SYNC BLOCK

FIG. 8

5,533,123

RTCLK

U.S. Patent

Jul. 2, 1996

Sheet 7 0f 19

5,533,123

802

,L
806

,805
DISABLE AccEss

NO"

TO THE KEY

EXECUTE OTHER
FIRMWARE
PROGRAMS
,

810

s12

INVER'HNG ALL

THE BITS OF
THE KEY
\

CHANGE THE
KEY lNVERSlON
STATUS BIT

,/814
ENABLE AccEss
TO THE KEY

FIG. 9

US. Patent

Jul. 2, 1996

CLOCK

Sheet 8 0f 19

5,533,123

US. Patent

Jul. 2, 1996

Sheet 9 of 19

5,533,123

\/864-

V866

856\
/865

/857

855

854 \

853
ll
4

A
1

A350

/
852

0 1 2 3 4 5

0 1 2 3 4 5

862/

868

FIG. 11

US. Patent

Jul. 2, 1996

906

Sheet 10 of 19

907

902

903

5,533,123

905

904

FIG. 12

9/27

925

926

&
928

)7/20
i

929

930

931

US. Patent

Jul. 2, 1996

START

READ BACK
LAST RTC
READINO

Sheet 11 0f 19

5,533,123

55

-/552

MONOTONICITY
TEST;

RECORD PRESENT I
TIME AS

SIONAL

560A

SECURITY

-I

PROBLEM

554

RTc READINO

PERFORM FIXED

M 55

TASK OF I<NOwN
SYSCLK DURATION

RECORD

A56

PRESENT TIME
AS END READINO

SIGNAL

{CLOCK
OROSS~OIIEOI<I

SEOLIRITY
PROBLEM

C 5:3 558
FIG. 140

A59

US. Patent

Jul. 2, 1996

Sheet 12 of 19

5,533,123

( START >451
;

POWER UP,

/252

INITIALIZE SPU

PERFORM
MODIFICATTON

PERFORM I

MODIFICAITON
0515011011

DETECTION

INORMAL

IMANUFACTURING
STATE}

EXECUTE ONLY
COMMANDS
THAT RESTRICT
ACCESS TO
SECRET DATA
\
256

ZEROIZE ALL
SECRET DATA
AREAS.
USE DEFAULT
CONFIGURATION.

OPERATING STATE;

ENABLE
MANUFACTURING
TEST AND SET
CONFIGURATTON
COMMANDS.
\

263
PERFORM
MANUFACTURING
TESTS
\
264
LOAD

SECRET DATA,
STORE
MODIFICATTON
CODE
\
265
SET VRT=I

FIG. 14b

END

257

US. Patent

Jul. 2, 1996

351%

START

5,533,123

Sheet 13 0f 19

TRANSFER -/ 553
DATA ON BUS
CONVENTION ALLY

READ BACK
OUTPUT PORT
REGISTERS

,/ 354

SAVE IN
TEMPORARY
STORAGE

./ 355

MOVE TEST
NON-SECRET
DATA

./ 356

READ BACK
OUTPUT PORT
REGISTERS

3/ 357

ABORT,
SIGNAL
SECURITY PROBLEM
361
END

362

FIG. 15

MOVE NEXT
PART OF SECRET
DATA

US. Patent

Jul. 2, 1996

Sheet 14 0f 19

START

4m

/402

SET l/O PORT

BTT x To 1

V404

READ l/O PORT

BIT x

FIG. 16

/ 406

ABORT,
SIGNAL
SECURITY PROBLEM

END

407

5,533,123

US. Patent

Jul. 2, 1996
940

Sheet 15 0f 19

5,533,123

START

SET vALUES
OF THE
LIMIT
PARAMETERS

I/ 942

,/ 948

PROCESS
vALIO COMMAND

CALCULATE

/ 950

NUMBER OF
INVALID

COMMANDS/UNIT TTME
SIGNAL
A

/954

FIRST LIMIT

SECURITY PROBLEM

SIGNAL
A

/958

SECOND LIMIT

SECURITY PROBLEM

SIGNAL

/962

THIRD LIMIT

SECURITY PROBLEM

SIGNAL
FOURTH LIMIT
SECURITY PROBLEM

1/966

US. Patent

Jul. 2, 1996

HARDWARE

5,533,123

Sheet 16 0f 19

INTERRUPT

HARDWARE/

FIRMWARE

FIRMWARE
?

,/463

/ 459

RETURN
INTERRUPT
FROM

SGNAL

C4: 458
FIG. 18

US. Patent

Jul. 2, 1996

Sheet 17 of 19

5,533,123

501

FIG. 190

/ 502
v\\ A0 :

D0
505

FIG. 19b

504

Db I

505

7/
D01

5/06

FIG. 19c

DC2

508

509

510

FC1

507

/
D03
I/\

<9}

I \

7 R0 3/ 512

L _ _ _ - =

515
A

<6;

Re 514

US. Patent

Jul. 2, 1996

Sheet 18 of 19

5,533,123

1026
/

MESSAGE TO

USER, TRANSFER
TO OTHER CARD Row

6)
FIG. 200

POWER

1027

STATE;

{
.

.
T

S ATE}

U.S. Patent

Jul. 2, 1996

Sheet 19 0f 19

5,533,123

__@/1040

@1038
DISABLE
PERMANENTLY
\1036
1

LM 1037
FIG. 20:] FIG. 20b

KEY TO FIG. 20

MESSAGE To
USER, NOT TO
DO IT AGAIN

FIG. 20b