Figure 9-2 – Maxim Integrated Secure Microcontroller User Manual
Page 77
Secure Microcontroller User’s Guide
77 of 187
Figure 9-2. DS5002 Software Encryption Block Diagram
The address encryptor translates each “logical” address, i.e., the normal sequence of addresses that are
generated in the logical flow of a program, into an encrypted address (or physical address) at which the
byte is actually stored in RAM. Each time a logical address is generated either during program loading or
during execution, the address encryptor circuits use the Encryption Key value and the address itself to
form the physical address that will be presented to the RAM on the Bytewide bus. The encryption
algorithm is such that there is one and only one physical address for every possible logical address. The
address encryptor operates over the entire memory range.
The Data Encryptor operates in a similar manner to the address encryptor. As each byte including op
code, operand, or data is received during Bootstrap Loading, its value is scrambled prior to storing it in
RAM. The value that is actually written in RAM is an encrypted representation. All values that are
subsequently stored in RAM during execution also are encrypted. As each byte is read back to the CPU
during execution, the internal Data Encryptor restores it to its original value. This encryptor uses the
Encryption Key and the data value itself, but also the logical address. Thus the same data with the same
Key will have different physical values at different address locations. The data encryption algorithm is
repeatable and reversible so that with the same key, data and address, the same encrypted value will be
obtained. Note however that there are many possible encrypted data values for each possible true value
due to the algorithms dependency on Key and address.
Using the combination of address and data encryption, the normal flow of program code is unintelligible
in the NV RAM. What had been a sequential flow of addresses is now apparently random. The values
stored in each memory location appear to have no relation to the original data. Another factor that makes
analysis more difficult is that all 256 possible values in each memory are valid possibilities. Thus an
encrypted value is not only scrambled, but it becomes another potentially valid byte.