| 摘要 |
The invention relates to a method for securing a calculation in a cryptographic algorithm, whereby the calculation receives input data in order to produce output data, wherein input data is initially prepared for calculation (10). The calculation is then carried out (12) in order to obtain the output data of the calculation. After the calculation has been carried out, monitoring (14) occurs as to whether the input data was modified during the calculation, using a monitoring algorithm which is different from the calculation. If monitoring reveals that the input data was modified during the calculation, reproduction of the output data is suppressed (16). It is thus possible to prevent, with a high degree of security, incorrect results of the calculation of the cryptographic algorithm from being outputted since input data is particularly vulnerable with respect to hardware attacks . The input data can be examined with regard to the integrity thereof with little effort in comparison with the calculation of the cryptographic algorithm itself. |
