| CPC G06F 21/556 (2013.01) [G06F 21/64 (2013.01); G06F 21/79 (2013.01)] | 20 Claims |
|
1. A method for securely processing, within a secure element, digital information, said secure element including a secure processor adapted for security-critical applications, and at least one internal memory and a code associating unit, both external to the secure processor, wherein the method provides an end-to-end security ensuring that the digital information has not been altered from storage in an external memory to processing by the secure processor, and comprises the steps, performed by the secure element:
loading the digital information from the external memory into the at least one internal memory of the secure element;
decrypting the digital information to obtain the digital information in clear and a first integrity element;
by the code associating unit, segmenting the digital information in clear into words of digital information, generating error-detection codes or error-correction codes from said words of digital information and associating said error-detection codes or error-correction codes with the corresponding words in the at least one internal memory;
verifying the integrity of the digital information in clear by calculating an integrity element based on the segmented words and comparing the calculated integrity element with the first integrity element obtained during decryption, ensuring that the digital information has not been altered before transferring;
transferring the words of digital information and the associated error-detection codes or error-correction codes from the at least one internal memory to the secure processor;
by the secure processor, verifying the words of digital information based on the associated error-detection codes or error-correction codes before processing the digital information contained in said words.
|