Current state of OTP memory used with new received information to define new OTP state for computation of new digital signature in preventing playback attacks

摘要

A processor has a multiple bit OTP (one-time programmable) memory, the current state of the OTP memory (OTP state) being defined by the bits that have been programmed, i.e. typically set to 1. New information is received 40 to be written to a data memory which, in an embodiment, comprises authorisation information allowing access to media content. At least one further bit of the OTP memory is selected to be programmed, based on the new information and the current OTP state, thereby defining 42 a new OTP state. A new digital signature is computed 44 over the new information and the new OTP state, the signature depending on a distribution of the OTP bits in the new state, not just their number. Thus the new signature depends on the full state of the OTP memory (its binary value) and not just its Hamming weight or a count of the programmed bits. The new information and new digital signature are saved 46 in the data memory without overwriting the previous information and signature. Only then is the further bit of the OTP memory programmed 48, i.e. the new OTP state becomes the current OTP state.