Method for executing a computer program by means of an electronic apparatus

The invention claimed is: 1. A method for executing a computer program with an electronic apparatus comprising a microprocessor, an unencrypted memory, an encrypted memory and a hardware security module, wherein, during the execution of the computer program, the transfer of data between the unencrypted memory and the encrypted memory is carried out in entire blocks of a plurality of encrypted and authenticated data, each datum being composed of one or more blocks of N o bytes, where N o is equal to the lowest number of bytes that can be written, independently of the other bytes of the datum, by the microprocessor when it executes a write instruction of its instruction set architecture, the method comprising: a) during the transfer of a block of cleartext data from the unencrypted memory to the encrypted memory: converting the block of cleartext data into a block of encrypted and authenticated data, said conversion comprising: encrypting the block of cleartext data to obtain a cryptogram of said block of cleartext data, said cryptogram being able to be decrypted solely in its entirety and not datum by datum, computing an authentication code using the data of the block of cleartext data or using the cryptogram of said block of cleartext data, and grouping, in the same block, the obtained cryptogram, the computed authentication code and metadata to obtain the block of encrypted and authenticated data, then storing the obtained block of encrypted and authenticated data in the encrypted memory, b) during the transfer of a block of encrypted and authenticated data from the encrypted memory to the unencrypted memory: verifying the integrity of the block of cleartext data or of the cryptogram of the block of cleartext data using the authentication code contained in said block of encrypted and authenticated data, when said verification fails, inhibiting processing, by the microprocessor, of the data of said block of data, and when said verification succeeds: decrypting the cryptogram contained in the block of encrypted and authenticated data to obtain the block of cleartext data, storing the obtained block of cleartext data in the unencrypted memory and storing the metadata of the block of encrypted and authenticated data in a register that is not addressable by the microprocessor, wherein the method comprises: incorporating, into the metadata of each block of data and for each block of N o bytes of each datum of said block of data, a validity indicator associated with said block of N o bytes, said validity indicator being switchable between: an active state, in which said validity indicator indicates that said block of bytes is valid, and an inactive state, in which said validity indicator indicates that said block of bytes is invalid, at least certain of the validity indicators initially being in their inactive state, for blocks of N o bytes of a datum of said block of data that are set to the inactive state when stored in the encrypted memory, when the microprocessor writes a block of N o bytes of a datum of the block of cleartext data stored in the unencrypted memory, the security module switches the validity indicator associated with said block of N o bytes to its active state, each time a block of N o bytes of a datum of the block of cleartext data is loaded by the microprocessor from the unencrypted memory, the hardware security module verifies whether the validity indicator associated with said block of N o bytes is in its active state and, if such is the case, processing, by the microprocessor, of said block of N o bytes is permitted, and, if such is not the case, processing, by the microprocessor, of said block of N o bytes is forbidden. 2. The method as claimed in claim 1 , wherein, during the computation of the authentication code, the authentication code is also computed using validity indicators associated with each group of N o bytes of each datum of the block of cleartext data. 3. The method as claimed in claim 1 , wherein: during the encryption of the cleartext data, the cleartext data are encrypted using a cryptographic key and an initialization vector, the cryptographic key used being the same on each transfer of a block of cleartext data from the unencrypted memory to the encrypted memory and the initialization vector being modified on each transfer of a block of cleartext data from the unencrypted memory to the encrypted memory, and the initialization vector used to obtain the cryptogram of said block of data is incorporated into the metadata of the block of encrypted and authenticated data, and during the decryption of the data, the hardware security module extracts from the metadata of the block of encrypted and authenticated data, the initialization vector to be used to carry out said decryption. 4. The method as claimed in claim 1 , wherein each block of encrypted and authenticated data is stored at an address @ BDCi equal to @ BDi ·T b /T BD , where: @ BDi is the physical address of the start, in the unencrypted memory, of the block of cleartext data obtained by decrypting the cryptogram of said block of encrypted and authenticated data, T b is the size, in number of bytes, of the block of encrypted and authenticated data, T BD is the size, in number of bytes, of the block of cleartext data. 5. The method as claimed in claim 4 , wherein: each datum is associated, via a one-to-one relationship, with one physical address and each block of cleartext data contains only the N d data associated, via said one-to-one relationship, with physical addresses contained in a respective and continuous range of N d consecutive physical addresses, and the address @ BDi of the start of said block of cleartext data is equal to the lowest physical address of said range of N d physical addresses, during the execution of the computer program, the microprocessor executes an instruction to access at least one block of N o bytes of a first datum associated with a physical address @ Di,j , said first datum belonging to none of the blocks of cleartext data currently stored in the unencrypted memory at the moment of the execution of said access instruction, in response, the hardware security module computes an address @ BDCi equal to E(@ Di,j /T BD )·T b , where E( ) is the function that returns the integer part of the number located between the parentheses, and @ BDCi is the address of the start, in the encrypted memory, of the block of encrypted and authenticated data that contains the first datum, then the block of encrypted and authenticated data that starts at the computed address @ BDCi is transferred from the encrypted memory to the unencrypted memory so as to store, in the unencrypted memory, a new block of cleartext data that contains the first datum, then said at least one block of N o bytes is accessed using the first datum contained in said new block of cleartext data. 6. The method as claimed in claim 5 , wherein: T b and T BD are both powers of two and the address @ BDCi is computed using the following first relationship @ BDCi =E(@ Di,j /T BD )·T b , or (T b −T BD ) and T BD are both powers of two and the address @ BDCi is computed using the following second relationship @ BDCi =E(@ Di,j /T BD )·T BD +E(@ Di,j /T BD )(T b −T BD ), and each division and each multiplication of the first and second relationships are executed by shift registers of the hardware security module. 7. The method as claimed in claim 1 , wherein, when the verification of the integrity of the block of cleartext data or of the cryptogram of the block of cleartext data fails: a virgin block of cleartext data is prepared and stored in the unencrypted memory in the same location as that where the block of cleartext data would hav