Patent Application
20090040735
The invention concerns a method of physical protection of electronic chips placed on a substrate (for example a printed circuit) and connected electrically to contact areas of the said substrate, the chip or chips being protected by an insulating coating material. The invention also concerns the electronic devices thus protected.
The concern here is with the protection of electronic chips against fraudulent access or falsification of information that they contain.
It should be stated here that the placing of a coating on the chips by the deposition of an insulating material on the chips makes it possible firstly to protect the chips against any impurity or against moisture which, in the long term, might degrade their functioning. It is a case there of a physical protection that is not sufficient as soon as an ill-intentioned person seeks to effect an intrusion in order to be able to access, by means of probes, the signals (produced or received by the electronic chip or chips) present on the electrical connections that connect them to the substrate or to one another.
At the present time there exist many logical solutions to the protection of the data that the chips contain. These solutions consist mainly of encrypting the sensitive information or all the information exchanged by an electronic chip or held by this chip or concealing the information, for example by encrypting its address. To this end, many information encrypting methods have been developed and put in place in the program memories of chips in order to protect the information that they hold.
The invention relates particularly to protecting against intrusion devices comprising one or more electronic chips mounted on a substrate and connected electrically to this substrate, as is the case for example with smart cards or electronic labels, but of course it applies to any other device where it is sought to prevent any intrusion on these devices.
It is known that smart cards at the present time allow a large number of applications, in particular in the banking field and in the field of telephony. It is essential for such devices that the information that they contain is secure at the highest level in order to prevent any risk of fraud.
A new standard has just appeared precisely to define various security levels comprising in particular protection against intrusion (level 4) for the electronic chips; this is the standard FIPS PUB140-1 of the National Institute of Standards and Technology. The present invention affords a solution to this new standard. Thus, in addition to the encrypting methods used in the programming of the chip or chips of the (mono- or) multi-chip device made up,
This method is all the more effective since it has the following characteristics:
That is to say each of the chips no longer contains anything more than fragmentary algorithm data and assembly operators which, in order to reconstitute the operating mode of the system thus protected, will make the result very uncertain.
Whether the attack, that is to say the attempt to bare the protected chips (in order to be able to access the signals by means of probes) is mechanical or chemical: the effect of this protective circuit breaker is the same. As soon as the continuity is broken the chips not supplied by the battery become inert and are blocked in the state in which they are.
The object of the present invention is therefore more particularly a method of protecting electronic chips disposed on a substrate and connected thereto, the chip or chips and their connections being protected by an insulating cladding material, principally characterised in that it comprises the fitting of at least one conductive network above the insulating cladding material, forming part of the supply circuit for the said electronic chips.
According to another characteristic, it consists of superimposing several conductive networks so as to form a lattice with close meshes above the insulating cladding material.
According to another characteristics, it comprises the deposition of a layer of cladding material on the conductive network or networks.
The cladding material is preferably an opaque material.
According to one embodiment, the or each conductive network is in the form of a conductive track forming a labyrinth.
According to another embodiment, the conductive network or networks are in the form of conductive wires in a zigzag soldered to contact areas disposed in two lines placed on each side of the chip or chips.
Another object of the invention concerns a device comprising one or more integrated circuit chips placed on a substrate and connected at certain points on the said substrate corresponding to the accepting areas dedicated to these connections, the chip or chips being clad in an insulating material, principally characterised in that it comprises at least one conductive network protecting against intrusions, placed above the cladding material and forming part of the circuit supplying the chip or chips so as to obtain a circuit breaker at the time of any intrusion.
The device can consist of a smart card.
The device can consist of an electronic label.
Advantageously, the material constituting the conductive network is invisible to the naked eye and/or exhibits an absence of signature to infrared radiation or X-rays.
Other particularities and advantages of the invention will emerge clearly from the following description given by way of non-limiting but illustrative example and with regard to the drawings, in which:
Reference will now be made more particularly to the diagram in
Above the cladding resin E1, provision is made according to the method to put in place a conductive network in the form of a labyrinth L giving sufficient cover and whose geometry is sufficiently fine to be able to be interrupted during any attempt at intrusion by means of an investigation tool. This conductive network forms part of the electrical supply circuit of the chip or chips P1, P2 disposed on the substrate S since it is placed on the supply path of the said chips.
Thus, and reference can be made to the equivalent electrical diagram depicted in
The areas C can be located anywhere but preferably so that they are, subsequently to the fitting of the conductive network, concealed from sight by a second layer of opaque cladding E2.
As it is a question of a security system, the use of false accepting areas serving as decoys may be provided.
This conductive network can be produced in the form of a labyrinth L by means of a conducting substance, in particular a conducting ink. Many technologies exist for producing a conducting track by means of conducting ink. It is for example possible to use a printing technology, for example screen printing, inkjet or pad printing.
The ink used serving to produce this network will preferably be chosen so that it offers total invisibility to the naked eye and preferably also so that it exhibits an absence of signature to infrared or X-rays for example, in order to complicate further the detection of the outline of the labyrinth used.
Over this conductive outline, a second layer of opaque cladding resin E2 can, as stated, by deposited so as to trap, in order to make it totally invisible, the protective network previously put in place.
For higher still required levels of protection, it is possible to superimpose several layers of conductive network L and this so as to intersect the geometries of the labyrinths, thus reducing still further the possible dimensions of the attack tools to be used.
A second embodiment has been developed and depicted by the diagram in
According to this second embodiment, the resin cladding E1 protecting the chip or chips P1, P2 is surmounted by a succession of bridges Z produced by means of metal connecting wires. These wires are for example 30 to 50 microns in diameter and are disposed parallel to each other according to the finest step possible compatible with an absence of short-circuit (or shunting) with respect to one another. These wires are soldered to cabling area lines A1, A2 parallel to each other on each side of the chip so as to provide, all along the pattern thus created, electrical continuity by means of which the chips are supplied.
In order to protect and conceal this conductive network Z, a second layer of opaque cladding resin E2 is deposited, thus providing additional protection against any intrusion.
Just as in the previous example embodiment, in order to increase the level of protection or to make the required level of protection higher, it is possible to superimpose the network layers of conducting wires such as the one that has just been described, so as to intersect the geometries of the wires, thus reducing further the possible dimensions of the attack tools that can be used.
The arrangement of one network with respect to another will be chosen so as to obtain a mesh of the lattice thus formed that is as small as possible.
