CN1540525A - Seeurity protection device in use for IC card - Google Patents

Seeurity protection device in use for IC card Download PDF

Info

Publication number
CN1540525A
CN1540525A CNA031165516A CN03116551A CN1540525A CN 1540525 A CN1540525 A CN 1540525A CN A031165516 A CNA031165516 A CN A031165516A CN 03116551 A CN03116551 A CN 03116551A CN 1540525 A CN1540525 A CN 1540525A
Authority
CN
China
Prior art keywords
card
test pattern
main circuit
port
phase inverter
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CNA031165516A
Other languages
Chinese (zh)
Inventor
印义中
印义言
郭俊
黄萍
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
HUAYUAN MICRO ELECTRONIC TECHNOLOGY Co Ltd SHANGHAI
Original Assignee
HUAYUAN MICRO ELECTRONIC TECHNOLOGY Co Ltd SHANGHAI
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by HUAYUAN MICRO ELECTRONIC TECHNOLOGY Co Ltd SHANGHAI filed Critical HUAYUAN MICRO ELECTRONIC TECHNOLOGY Co Ltd SHANGHAI
Priority to CNA031165516A priority Critical patent/CN1540525A/en
Publication of CN1540525A publication Critical patent/CN1540525A/en
Pending legal-status Critical Current

Links

Images

Landscapes

  • Semiconductor Integrated Circuits (AREA)
  • Storage Device Security (AREA)

Abstract

The device includes main circuit, CPU in main circuit, port for testing mode, inverter, inner fuse wire set. The port through inverter is connected to inner fuse wire set. Test is carried out by CPU in main circuit in testing mode or in normal mode selected under control of inner fuse wire set. Thus, when test of IC card is ended, the IC card can be operated at normal mode only, cannot enter into testing mode so as to ensure safety data in IC card.

Description

Safety guard in integrated circuit card
Technical field
The present invention relates to integrated circuit fields, relate in particular to a kind of safety guard in integrated circuit card.
Background technology
Along with the range of application of integrated circuit card constantly enlarges, also will occur at integrated circuit card various attack phenomenon thereupon.
The attack that may occur integrated circuit card has the Analogous Integrated Electronic Circuits card, and for various IC card terminal equipment, the signal of its input and output also may be artificial simulation.And, himself can't judge but that the signal of coming into contacts with it is from real legal integrated circuit card from the angle of terminal device, still from illegal simulating signal.Perhaps with pseudo-card replacement operation: terminal device is in the process of read-write integrated circuit card, may have the regular hour gap, before this time slot,, and before writing data, replace true card with false card with legal authorization card open a terminal equipment and control device thereof.Perhaps destroy operation, in the read-write process of integrated circuit card, certain signal wire is applied undesired signal in the specific moment, so that the data corruption in the integrated circuit card or can't correctly write down and revise integrated circuit card with undesired signal.The perhaps inner structure of dissection and analysis integrated circuit card is carried out dissection and analysis with the circuit of integrated circuit card, and is utilized the position and the status word of the various passwords of advanced instrument and equipment testing integrated circuits card.
According to the needs of practical application, selecting the suitable integrated circuit card with hardware logic encryption function is that raising safety precaution function is the most direct effectively.Different integrated circuit card kinds has different encryption logic circuit, and these logical encrypt circuit make integrated circuit card itself can resist multiple attack from the outside.A kind of in these encryption logic circuit is the PIN storer of integrated circuit card: the PIN of card (personal identification codes, i.e. user cipher) makes the disabled user can't open card easily.Second kind of password sent into the errors number counter: the password error counter can be when counting down to zero, with all parts " locked " of whole card.In general, the input error number of times that counter allowed is chosen to be 3-4 time usually and Password Length reaches the 8-16 position.Therefore, this function can prevent that the various people that illegally hold from stealing the tracking and testing that the integrated circuit clip pin carries out exhaustive with producing effect.
From integrated circuit card attack protection angle, each card manufacturer constantly releases new structure and the higher semiconductor circuit of density.Card chips density is high more carries out analytical test and forges imitated difficulty also big more to them, needed investment cost is also big more.Selection has the chip of high density structures, high strength secret algorithm and enough distinguishing abilities, so that provide firm strick precaution for integrated circuit card.
The safeguard measure that integrated circuit card manufacturer can take is as follows: a kind of is that the electric charge protection is set: promptly the specified point in the card chips is preserved the electric charge of a spot of special injection.In case the probe of outside dissection and analysis is near core circuit, corresponding charge changes.Thereby block storer or change the content of storer fully.Another kind is that pilot protection is set: a plurality of leads promptly is set, in case outside dissection and analysis person destroys lead-in wire in the periphery of core circuit, then will blocks storer or make circuit refuse to provide any response.
The attack protection measure of software comprised multistage cryptoguard is set, the storer password perhaps is set: the purpose that the storer password is set is the legitimacy of the checking exterior terminal equipment of accepting card and holder's legitimacy.File or district's password perhaps are set: the purpose that file password or district's password are set is the legitimacy of the operation of checking current application classification in the system of " one card for multiple uses " and the legitimacy that information transmits, and whether the simultaneous verification operator is authorized to.Also can adopt the proof of algorithm software protection: so-called proof of algorithm is the software of design one cover proof of algorithm in to the software systems of the terminal device of reading and writing integrated circuit card or upper managing computer, checks with the software of this dedicated functions whether the content of storing in the recognition integrated circuit card was altered.
More than these measures improved integrated circuit card security in use greatly.On the other hand, after machining, wafer must detect each chip in the card, especially to preserving key in the card, and data, the electrically-erasable storer (EEPROM) of file system will carry out strict erasable, reads the test of preserving with data.This moment, card was not set up the file system of operate as normal as yet, can not test under normal mode of operation.Even set up normal file system, under normal mode of operation, test also and lack because of the test duration, test making test infeasible less than whole EEPORM.At this problem, present solution is to set up a special test pattern: can do a test mode signal input port on card usually, add the test pattern level on this input port, then card can enter test pattern.Can be fast under this pattern, detect sticking into row all sidedly.This port is enclosed in the card chips after the card encapsulation, and external signal can not be added to this port, then can only carry out the normal mode of operation operation.If but the card encapsulation is opened, signal just can be added on this port, and then security just is damaged.
Summary of the invention
The technical issues that need to address of the present invention have provided a kind of safety guard in integrated circuit card, be intended to solve in the integrated circuit card card encapsulation is opened, and signal just can be added on this port, then the defective that just is damaged of security
In order to solve the problems of the technologies described above, the present invention is achieved by the following technical solutions:
The present invention includes main circuit, the CPU in the main circuit, test pattern port, phase inverter, interior fuse equipment; Described test pattern port is connected with interior fuse equipment by phase inverter, under the control of the CPU of interior fuse equipment in main circuit described main circuit is carried out the test of test pattern or close test pattern entering normal manipulation mode.
Compared with prior art, the invention has the beneficial effects as follows: after the scribing of integrated circuit card end of test (EOT), sealing, card can only be operated in normal manipulation mode and can not enter test pattern, has guaranteed the safety of data in the integrated circuit card.
Description of drawings
Fig. 1 is the block scheme of one embodiment of the invention;
Fig. 2 is an interior fuse equipment block scheme among the present invention;
Fig. 3 is the block scheme of another embodiment of the present invention;
Fig. 4 is outer fuse equipment block scheme;
Fig. 5 is a fundamental diagram of the present invention.
Wherein: data input pin 11, interior fuse equipment 12, main circuit 13, test pattern port one 4, data-out port 15, phase inverter 16, anti-static device 17, input buffer 18, ROM (read-only memory) 121, electrically-erasable storer 122, control circuit 123, multi-way switch 124, CPU131 in the main circuit, outer fuse equipment 2, sheet female connector 21, the interior fuse 22 of scribe line that card is outer, sheet inner metal layer 211, polysilicon layer 212 in the sheet, (address, data, control) bus 41, normal mode of operation data line 42, test pattern data line 43, control signal wire 44.
Embodiment
Below in conjunction with accompanying drawing and embodiment the present invention is described in further detail:
By Fig. 1, Fig. 2, Fig. 5 as seen: this embodiment of the present invention comprises main circuit 13, the CPU131 in the main circuit, test pattern port one 4, phase inverter 16, interior fuse equipment 12; Described test pattern port one 4 is connected with interior fuse equipment 12 by phase inverter 16, under the control of the CPU131 of interior fuse equipment 12 in main circuit described main circuit 13 is carried out the test of test pattern or close test pattern entering normal manipulation mode.
Fuse equipment 12 comprises ROM (read-only memory) 121, electrically-erasable storer 122, control circuit 123, multi-channel switching device 124 in described; Described ROM (read-only memory) 121 and electrically-erasable memory 122 are connected with CPU131 in the main circuit by (address, data, control) bus 41; The input end of described control circuit 123 is connected with test pattern port one 4 by phase inverter 16, and another input end passes through control signal wire 44 and is connected with CPU131 in the main circuit; The output terminal of described control circuit 123 connects with multi-channel switching device 124 input ends; Described multi-channel switching device 124 another input ends are connected with the output terminal of data-in port 11, and the output terminal of described multi-channel switching device 124 is connected with CPU131 in the main circuit by normal mode data line 42 or test pattern data line 43.
Below just the principle of this embodiment of the present invention do following introduction:
Input buffer 18 is used for outside and inner level conversion, and the unwanted undesired signal of filtering, and anti-static device 17 is used for electrostatic protection.
Storing security password in ROM (read-only memory) 121, this security password just is kept in the ROM (read-only memory) by mask when card is made, and this security password is immutable, also can not read under normal mode of operation.
Electrically-erasable storer 122 can be wiped under the test pattern, writes, read by the control of the CPU131 in the main circuit; Guarantee that under normal mode of operation the security password data can not be wiped in this storer, rewrite, also can not read.
Before reading in data after the card energized and by data-in port 11, CPU131 in the main circuit at first reads security password data in the electrically-erasable storer 122, and and ROM (read-only memory) 121 in the security password data compare, inequality as both, then the control signal of the output of the CPU131 in the main circuit " test pattern permission " is delivered to control circuit 123 through control signal wire 44, the test mode signal that allows to be added in test pattern port one 4 by control circuit 123 is sent to multi-channel switching device 124 through phase inverter 16, multi-channel switching device 124 gatings, card is operated in make under the test pattern from the test data of data-in port 11 inputs and delivers to CPU131 the main circuit from test pattern data line 43 through multi-way switch 124, under CPU131 control, card is tested fast, chip in the card is carried out test job, wipe entirely as the electrically-erasable storer, test job such as write entirely.And with test result from data-out port 15 output.
After test is all over, under test pattern, pass through the control of the CPU131 in the main circuit before the card scribing encapsulation, import from data-in port 11 by outside input command, security password data in the ROM (read-only memory) 121 are write in the electrically-erasable storer 122, withdraw from test procedure after writing careful sign indicating number.
Before chip read in data after the energized and by data-in port 11 once more, the CPU131 in the main circuit with data in electrically-erasable storer 122 and the ROM (read-only memory) 121 relatively.Both are identical, then the control signal of the output of the CPU131 in the main circuit " test pattern is closed " is delivered to control circuit 123 through control signal wire 44, do not allow the test mode signal of phase inverter 16 to be sent to multi-channel switching device 24 by control circuit 123, make card can only be under normal mode of operation with the operate as normal data of data-in port 11 in multi-channel switching device 124 and normal mode of operation data line 42 are delivered to CPU131 in the main circuit.Chip can only be worked under normal mode of operation.
Because wafer processes and tests, card for the first time during energized in the electrically-erasable storer 122 data have necessarily with property on opportunity, for data in the electrically-erasable storer 122 that prevents to occur at random just in time identical with security password, and the blockade test pattern, the length that the security password in the electrically-erasable storer 122 will be necessary.When security password adopted 3 bytes, then the security password sum can reach 2 24=16777216, when promptly powering on first, in the electrically-erasable storer 122 with the data that the occur opportunity possibility identical with security password less than one of 1,000 ten thousand minutes.When guaranteeing that like this card powers on first, interior fuse equipment 12 can not block test pattern, and card can enter test mode.
By Fig. 3, Fig. 4, Fig. 5 as seen: another embodiment of the present invention comprises main circuit 13, the CPU131 in the main circuit, test pattern port one 4, outer fuse equipment 2, phase inverter 16, interior fuse equipment 12; Described test pattern port one 4 is connected with the input end of phase inverter 16 by outer fuse equipment 2, the output terminal of described phase inverter 16 is connected with interior fuse equipment 12, under the control of the CPU131 in main circuit described main circuit 13 is carried out the test of test pattern or close test pattern entering normal manipulation mode.
Described outer fuse equipment 2 comprises sheet female connector 21, the interior fuse 22 of scribe line that card is outer.Fuse 22 is connected in the outer scribe line of described female connector 21 and card, and the connector 21 in described is connected with the input end of test pattern port one 4 output terminals and phase inverter 16.
Described female connector 21 can be sheet inner metal layer 211, or polysilicon layer 212 in the sheet.
Do following introduction with regard to the principle of another embodiment of the present invention below:
When wafer is not divided into single card,, link the input end of phase inverter 16 through outer fuse equipment 2 from the test mode signal of input buffer 18.Phase inverter 16 input ends are that low level is represented test mode.This signal is fuse equipment 12 in phase inverter 16 passes to, and makes card can enter test pattern.Work as end of test (EOT), when wafer was diced into single card, the outer fuse equipment 2 that is in the scribe line was cut off.Just can not pass to interior fuse equipment 12 again from the test mode signal of test pattern port one 4, thereby guarantee that card can not enter test pattern.Making the input end of phase inverter 16 during fuse equipment 12 in no external testing mode signal passes to is high level (normal operating condition).Thereby card is under the normal operation mode when guaranteeing that outside no test mode signal is delivered to test pattern port one 4 or outside fuse circuit and is cut off.Sheet inner metal layer 211 lead-in wires are more difficult to be connected by outside artificial means than adopting if outer fuse equipment 2 adopts polysilicon layer 212 lines in the sheet.
Because the lead-in wire in the outer fuse equipment 2 is only less than the width of 1 μ m, and adopt the lead-in wire of polysilicon, and be embedded in other below each layer circuit layer, be difficult to connect with artificial method, thus the interior data security of assurance card.

Claims (5)

1. the safety guard in integrated circuit card comprises main circuit (13), the CPU in the main circuit (131), and test pattern port (14), phase inverter (16) is characterized in that also comprising: interior fuse equipment (12); Described test pattern port (14) is connected with interior fuse equipment (12) by phase inverter (16), under the control of the CPU (131) of interior fuse equipment (12) in main circuit described main circuit (13) is carried out the test of test pattern or close test pattern entering normal manipulation mode.
2. a kind of safety guard in integrated circuit card according to claim 1, it is characterized in that: fuse equipment (12) comprises ROM (read-only memory) (121) in described, electrically-erasable storer (122), control circuit (123), multi-channel switching device (124); Described ROM (read-only memory) (121) and electrically-erasable memory (122) are connected with CPU (131) in the main circuit by (address, data, control) bus (41); The input end of described control circuit (123) is connected with test pattern port (14) by phase inverter (16), and another input end passes through control signal wire (44) and is connected with CPU (131) in the main circuit; The output terminal of described control circuit (123) connects with multi-channel switching device (124) input end; Another input end of described multi-channel switching device (124) is connected with the output terminal of data-in port (11), and the output terminal of described multi-channel switching device (124) is connected with CPU (131) in the main circuit by normal mode data line (42) or test pattern data line (43).
3. a kind of safety guard in integrated circuit card according to claim 1 is characterized in that: outer fuse equipment (2); Described test pattern port (14) is connected with the input end of phase inverter (16) by outer fuse equipment (2), and the output terminal of described phase inverter (16) is connected with interior fuse equipment (12).
4. a kind of safety guard in integrated circuit card according to claim 3 is characterized in that: described outer fuse equipment (2) comprises sheet female connector (21), the interior fuse (22) of scribe line that card is outer.Fuse (22) is connected in the outer scribe line of described female connector (21) and card, and the connector (21) in described is connected with the input end of test pattern port (14) output terminal and phase inverter (16).
5. a kind of safety guard in integrated circuit card according to claim 4 is characterized in that: described female connector (31) can be sheet inner metal layer (211), or polysilicon layer (212) in the sheet.
CNA031165516A 2003-04-22 2003-04-22 Seeurity protection device in use for IC card Pending CN1540525A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CNA031165516A CN1540525A (en) 2003-04-22 2003-04-22 Seeurity protection device in use for IC card

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CNA031165516A CN1540525A (en) 2003-04-22 2003-04-22 Seeurity protection device in use for IC card

Publications (1)

Publication Number Publication Date
CN1540525A true CN1540525A (en) 2004-10-27

Family

ID=34320392

Family Applications (1)

Application Number Title Priority Date Filing Date
CNA031165516A Pending CN1540525A (en) 2003-04-22 2003-04-22 Seeurity protection device in use for IC card

Country Status (1)

Country Link
CN (1) CN1540525A (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101950332A (en) * 2010-07-12 2011-01-19 大唐微电子技术有限公司 Chip protecting method and system
CN103018657A (en) * 2012-12-05 2013-04-03 北京华大信安科技有限公司 Method and device for controlling circuit testing
CN103530575A (en) * 2012-07-04 2014-01-22 北京中电华大电子设计有限责任公司 Protection method for chip testing mode
CN104459519A (en) * 2014-12-05 2015-03-25 大唐微电子技术有限公司 Chip safety testing method and device

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101950332A (en) * 2010-07-12 2011-01-19 大唐微电子技术有限公司 Chip protecting method and system
CN101950332B (en) * 2010-07-12 2012-08-29 大唐微电子技术有限公司 Chip protecting method and system
CN103530575A (en) * 2012-07-04 2014-01-22 北京中电华大电子设计有限责任公司 Protection method for chip testing mode
CN103018657A (en) * 2012-12-05 2013-04-03 北京华大信安科技有限公司 Method and device for controlling circuit testing
CN104459519A (en) * 2014-12-05 2015-03-25 大唐微电子技术有限公司 Chip safety testing method and device

Similar Documents

Publication Publication Date Title
CA1071771A (en) Operating system authenticator
EP0727785B1 (en) Enhanced self-test of memories
US8194489B2 (en) Paired programmable fuses
US7529987B2 (en) Integrity control for data stored in a non-volatile memory
US8423788B2 (en) Secure memory card with life cycle phases
JP4094944B2 (en) Circuit arrangement and method for detecting unwanted attacks on integrated circuits
JP3074639B2 (en) Method and apparatus for validating system operation
US8321686B2 (en) Secure memory card with life cycle phases
US8108691B2 (en) Methods used in a secure memory card with life cycle phases
US11409872B2 (en) Confirming a version of firmware loaded to a processor-based device
KR100972540B1 (en) Secure memory card with life cycle phases
CN108804352B (en) Apparatus for managing state of security integrated circuit and method thereof
CN1436308A (en) Method of checking EEPROM data with embedded CRC
CN1540525A (en) Seeurity protection device in use for IC card
CN2613828Y (en) Safety protector in IC card
CN111324884B (en) Multi-authority authorization verification method based on FPGA
CN1186732C (en) Method and system for protecting hard disk of computer
US20050044403A1 (en) Detection circuit for a smart card
EP1435558A1 (en) On-device random number generator
CN1430153A (en) Method and equipment for protecting circuit numeric portion
CN105389224A (en) Test protection method and device for safety chips
US20030065931A1 (en) Semiconductor integrated circuit, method for testing semiconductor integrated circuit, and semiconductor storage apparatus
JP2000090010A (en) Semiconductor integrated circuit
US20220301649A1 (en) Protection of the content of a fuse memory
CN113035249B (en) Information tamper-proof system and method

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C02 Deemed withdrawal of patent application after publication (patent law 2001)
WD01 Invention patent application deemed withdrawn after publication