CPC G06K 19/07372 (2013.01) [G06F 7/02 (2013.01); G06F 11/14 (2013.01); G06F 21/52 (2013.01); G06F 21/60 (2013.01); G06F 21/75 (2013.01); G09C 1/00 (2013.01); H04L 9/004 (2013.01); H04L 63/0428 (2013.01); G06F 9/30021 (2013.01); G06F 2207/7271 (2013.01)] | 17 Claims |
1. A method for securing an execution of a program by a first processing device, the method comprising:
subsequent to an execution of a first instruction of the program by the first processing device and prior to an execution of a data comparison function by the first processing device, receiving, from the first processing device and by a second processing device, an identifier of two data items on which the data comparison function is to be performed by the first processing device;
performing, by the second processing device, a first operation of a plurality of security operations to secure at least the data comparison function of the program, wherein the first operation computes, from the two data items, first comparison results comprising comparison variables representative of comparisons of the two data items;
subsequent to the execution of the data comparison function by the first processing device, receiving, from the first processing device and by the second processing device, an indication that the first processing device has executed a program branch of the program that corresponds to a second comparison result of the data comparison function, wherein the second comparison result identifies the two data items as equal;
responsive to receiving the indication that the first processing device has executed the program branch of the program, performing, by the second processing device, a second operation of the plurality of security operations to update a status indicator to indicate that the second comparison result identifies the two data items as equal;
performing, by the second processing device, a third operation of the plurality of security operations to verify whether the status indicator is consistent with the first comparison results; and
responsive to verifying that the status indicator is inconsistent with the first comparison results, performing, by the second processing device, a fourth operation of the plurality of security operations to enable an error signal to secure at least the data comparison function of the program executed by the first processing device, wherein securing the data comparison function secures the execution of the program by the first processing device.
|