Implementation of complex strategies of security in secure embedded systems
Abstract
Secure components are subject to physical attacks whose aim is to recover the secret information that they store. Most of works which aim to protect these components generally consist in developing protections (or countermeasures) taken one by one. But this ``countermeasure-centered'' approach drastically decreases the performances of the whole chip in terms of power and speed. Our work is complementary and consists in re-organising a given set of existing countermeasures in order to optimise both the security and the availability of the circuit without reducing its global performances. The proposed solution is based on a double-processor architecture and on mechanisms to parametrise the hardware and software countermeasures. One processor embeds the state-of-the-art set of countermeasures and executes the application code. The second processor, much smaller, applies the strategy of security (i.e the response of the circuit when a security event arises), but without sharing sensitive data with the first processor. We show that our approach enables the secure circuit's designer to easily fine tune the strategy of security, for example, of Pay-TV applications and could, in the future, be used to optimise dynamically the trade-off between performance and security.