+

CN114218588A - Anti-attack block cipher encryption method for multi-scenario applications - Google Patents

Anti-attack block cipher encryption method for multi-scenario applications Download PDF

Info

Publication number
CN114218588A
CN114218588A CN202111504497.7A CN202111504497A CN114218588A CN 114218588 A CN114218588 A CN 114218588A CN 202111504497 A CN202111504497 A CN 202111504497A CN 114218588 A CN114218588 A CN 114218588A
Authority
CN
China
Prior art keywords
encryption
plaintext
round
random number
register
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202111504497.7A
Other languages
Chinese (zh)
Inventor
赵力强
陈晓棠
王爽
韩旭东
唐虹
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
No47 Institute Of China Electronics Technology Group Corp
Original Assignee
No47 Institute Of China Electronics Technology Group Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by No47 Institute Of China Electronics Technology Group Corp filed Critical No47 Institute Of China Electronics Technology Group Corp
Priority to CN202111504497.7A priority Critical patent/CN114218588A/en
Publication of CN114218588A publication Critical patent/CN114218588A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F7/00Methods or arrangements for processing data by operating upon the order or content of the data handled
    • G06F7/58Random or pseudo-random number generators
    • G06F7/588Random number generators, i.e. based on natural stochastic processes

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Mathematical Optimization (AREA)
  • Pure & Applied Mathematics (AREA)
  • Mathematical Analysis (AREA)
  • Computational Mathematics (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Storage Device Security (AREA)

Abstract

The invention relates to an anti-attack block cipher encryption method for multi-scenario application. Firstly, a group of random numbers generated by a random number module are prestored in a register, plaintext is encrypted by designing two groups of round functions at the same time, irrelevant data is encrypted by an irrelevant key at the same time of encrypting the correct plaintext to interfere with a power consumption curve of a current chip, so that the power consumption curve obtained by an attacker contains irrelevant power consumption, the analysis difficulty of the power consumption curve is increased, and meanwhile, a random dummy round is inserted into 10 rounds of encryption in normal operation to prevent fault injection attack; when no attacker attacks, the two sets of round functions can be used simultaneously, and the two sets of plaintext are encrypted simultaneously, so that the encryption speed is increased.

Description

Anti-attack block cipher encryption method for multi-scene application
Technical Field
The invention belongs to the field of embedded microcontrollers, and provides a block cipher encryption method capable of preventing attacks to a certain extent.
Background
With the wide range of applications of intelligent devices, data security in the process of data encryption is a considered problem, and how to defend an attacker against attacks in the encryption process is an important aspect of data security. The encryption algorithm is subjected to strict mathematical reasoning verification when being proposed, and is confirmed to be irreversible under the condition of known ciphertext, but when the encryption process is actually realized, other loopholes are always accompanied, and the secret key can be obtained through simple analysis.
Accompanying with information leakage in the encryption process of an attacker, the attacker researches a plurality of attack modes such as energy attack, fault attack and the like, so that defense in the encryption process is an important ring in the defense process, different defense means exist aiming at different attack means, new holes can be introduced into some defense means, and the attacker is difficult to obtain effective information by adopting interference and insertion modes.
Disclosure of Invention
The invention relates to an anti-attack encryption scheme design of a block cipher capable of being applied in multiple scenes. Firstly, a group of random numbers generated by a random number module (RNG) are prestored in a register, the plaintext is encrypted by designing two groups of round functions at the same time, and irrelevant data is encrypted by an irrelevant key at the same time of encrypting the correct plaintext to interfere with a power consumption curve of a current chip, so that the power consumption curve obtained by an attacker contains irrelevant power consumption, the power consumption curve analysis difficulty is increased, and meanwhile, a random dummy wheel is inserted into a 10-round AES encryption algorithm in normal operation to prevent fault injection attack; when no attacker attacks, the two sets of round functions can be used simultaneously, and the two sets of plaintext are encrypted simultaneously, so that the encryption speed is increased.
The technical scheme adopted by the invention for realizing the purpose is as follows: before encryption operation, a random number module writes several groups of random numbers into a register for standby use when encryption and random number fetching operations are not performed, simultaneously generates a signal that the random numbers are not empty, and simultaneously performs round key generation and encryption operations after plaintext writing so as to interfere with power consumption information in an encryption process.
When the controller is idle, the random number module writes a random number into the random number register, finishes the preparation work before encryption and generates a data non-idle signal to the controller;
starting an anti-attack mode enable, starting an encryption mode, and performing a first round of encryption operation and key expansion after writing in a plaintext;
simultaneously, different pseudo-rounds are randomly inserted in the 10 rounds of AES encryption process, after encryption is completed, a correct ciphertext and an interference ciphertext are simultaneously stored in corresponding registers, and the correct ciphertext is read;
when the anti-attack mode is not enabled, two plaintexts can be written simultaneously for encryption for different application scenarios.
The anti-attack block cipher encryption method for multi-scenario application comprises the following steps:
1) writing a plaintext into a plaintext register by a user; the random number module writes a random number into a random number register in the encryption control module and updates the random number in idle time;
2) when encryption operation is started, a controller in an encryption control module reads one group of random numbers, and k dummy wheels are inserted into an ith wheel according to the value of the first group of random numbers to ensure that the real encryption position is random;
3) the controller writes a plaintext, a round key and a random number into a round function A, a round function B, a key expansion A and a key expansion B respectively, and simultaneously starts the round function A, the round function B, the key expansion A and the key expansion B to enable power consumption generated by the round function A, the round function B, the key expansion A and the key expansion B to interfere with each other;
4) and returning to the step 3) to circulate the round function encryption process for multiple times until the current plaintext is encrypted, and writing the ciphertext into a ciphertext register which can be read by a user to finish one encryption operation.
4. The encryption method of the attack-prevention block cipher for the multi-scenario application according to claim 1, wherein for the plaintext encryption, when a user writes an ith plaintext, the plaintext register is in a full state, the plaintext is read into the controller after the start of the operation, and the plaintext register becomes in a null state to continue to write an (i + 1) th plaintext;
and when the ith plaintext is encrypted, the ciphertext register is changed into a full state to be read by the user, the controller encrypts the (i + 1) th plaintext at the moment, and the step 2) is returned until all plaintext encryption of the user is completed.
And (4) performing serial operation for 10 rounds, performing one round of encrypted data operation in one cycle, and rewriting the result of the previous round into a round function to perform the next round of operation.
The invention has the following beneficial effects and advantages:
1. the invention adopts a mode of linkage of the random number module and the encryption module, the random number module writes data into the specific register in idle time and calls the specific register in encryption, thereby preventing the encryption speed from being influenced by the slow data generation of the random number module, and after the random number is prepared, the control logic can automatically call the random number after the attack prevention and is applied in the encryption process.
2. The invention adopts two round functions to carry out parallel operation design, one true and one false design interferes the power consumption of the chip, so that an attacker has interference when acquiring the power consumption, and the attack difficulty is increased; inserting dummy rounds between each round function makes it difficult for an attacker to perform fault injection.
3. The invention can be applied to other block cipher algorithms, in the realization process, the block cipher algorithms such as AES and DES are designed in the same control logic to reduce the chip area consumption, and simultaneously, the multiplexing design can be carried out on the same logic part to further reduce the area consumption.
Drawings
Fig. 1 is a diagram of an encryption algorithm structure with an anti-attack function according to the present invention.
Detailed Description
The present invention will be described in detail below with reference to the accompanying drawings.
The controller of the encryption algorithm with the anti-attack function has the design idea that as shown in fig. 1:
the operation process of the encryption algorithm is that data is written into the algorithm control register through the random number module, and then the controller carries out encryption operation until the operation is finished. A random number module (RNG) writes random numbers into a register in an encryption control module and updates the random numbers when the RNG is idle, after a user writes 128-bit plaintext into the register, when an all-attack-prevention mode is started and encryption operation is started, a controller reads one group of random numbers, k pseudo wheels are inserted into the ith wheel according to the value of the first group of 128-bit random numbers and user setting, the real encryption position is ensured to be random, the controller writes the plaintext and the round keys into a round function A, a round function B, a key expansion A and a key expansion B, simultaneously starts the round function A, the round function B, the key expansion A and the key expansion B to enable the generated power consumption to interfere with each other, after the current round encryption is completed, the current ciphertext and the round keys are written into an internal register, and simultaneously the ciphertext and the round keys generated by the random numbers are written into the original register for the next use, the method prevents the encryption time from being greatly prolonged due to the fact that random numbers are generated by a random digital-analog block too slowly, the random numbers used each time are different in plaintext, the power consumption interference caused by repeated use is prevented from being the same, the round function encryption process is circulated for multiple times, and after the current plaintext is encrypted, a ciphertext is written into a register which can be read by a user to complete encryption operation once. When the user writes the first plaintext, the plaintext register is in a full state, the plaintext is read into the controller after the operation is started, the plaintext register is in an empty state, the plaintext register can be continuously written into the second plaintext, after the encryption of the first plaintext is finished, the ciphertext register is in a full state and is ready to be read by the user, the controller carries out the encryption of the second plaintext at the moment, and the encryption process is analogized until all plaintext encryption of the user is finished.
The round function includes byte substitution, row shift, column mixing, and round key addition. The byte substitution includes an S-box storing 16 × 16 8 bits of data, since each byte in the S-box maps it to a finite field GF (2)8) The inverse of (1) can calculate the corresponding relation between the input and the output of the S box through the expanded Euclidean algorithm and matrix transformation. The row shift can be directly transformed, and then the row and column mixing is realized by multiplying the operation matrix, and the value after the row shift is multiplied by the matrix
Figure BDA0003403634490000031
Wherein multiplication and addition between matrix elements is defined in Z2[x]Irreducible polynomial m (x) x8+x4+x3+ x +1 configuration GF (2)8) Is performed. And finally, adding the key in turn to finish the encryption operation in one turn.
The control register comprises a pseudo wheel control enable, a parallel operation interference enable, the number of pseudo wheels and the like. A user can start part of functions according to actual use conditions, and the round function B can also be applied to an encryption algorithm for operation under the condition that parallel operation interference enabling is not started, so that two groups of plaintexts can be encrypted simultaneously, and the efficiency is improved.
In the invention, through the random number generated by the random digital-analog module, the encryption algorithm controller applies the random number to carry out random insertion of the pseudo wheel and interference, so that the attack is difficult to acquire correct power consumption and cannot judge the ongoing process of the chip at the position, further, the power consumption analysis, fault attack and other means can not be used in a targeted manner, and the attack difficulty is increased. In the design, one controller is not only mounted with a single encryption algorithm, but also simultaneously connected with a plurality of grouping algorithms, such as DES, AES and the like, so that multiplexing design is carried out on partial functions, and the chip area consumption of a control logic part is reduced, so that the control logic of the invention can be applied to different use environments by combining different grouping algorithms according to different requirements.

Claims (5)

1.多场景应用的防攻击分组密码加密方法,其特征在于:在进行加密运算前,由随机数模块在没有加密和取随机数操作时向寄存器中写入几组随机数以备使用,同时产生随机数非空的信号,在明文写入后,同时进行轮密钥生成、加密操作,以干扰加密过程的功耗信息。1. the anti-attack block cipher encryption method of multi-scenario application, it is characterized in that: before carrying out the encryption operation, write several groups of random numbers into the register for use by the random number module when there is no encryption and random number operation, and simultaneously. Generate a non-empty random number signal, and after the plaintext is written, perform round key generation and encryption operations at the same time to interfere with the power consumption information of the encryption process. 2.根据权利要求1所述的多场景应用的防攻击分组密码加密方法,其特征在于,包括以下步骤:2. the anti-attack block cipher encryption method of multi-scenario application according to claim 1, is characterized in that, comprises the following steps: 空闲时,随机数模块向随机数寄存器中写入随机数,完成加密前的准备工作,产生数据非空信号给控制器;When idle, the random number module writes random numbers into the random number register, completes the preparatory work before encryption, and generates a non-empty data signal to the controller; 开启防攻击模式使能,开启加密模式,写入明文后,进行第一轮的加密操作和密钥扩展;Enable the anti-attack mode, enable the encryption mode, and after writing the plaintext, perform the first round of encryption and key expansion; 同时在10轮的AES加密过程中随机插入不等的伪轮,待加密完成后,将正确密文和干扰密文同时存在相应的寄存器中,正确密文被读取;At the same time, unequal pseudo-rounds are randomly inserted in the 10-round AES encryption process. After the encryption is completed, the correct ciphertext and the interference ciphertext are stored in the corresponding registers at the same time, and the correct ciphertext is read; 在未启用防攻击模式时,可同时写入两个明文进行加密,以用于不同的应用场景。When the anti-attack mode is not enabled, two plaintexts can be written simultaneously for encryption for different application scenarios. 3.根据权利要求1或2所述的多场景应用的防攻击分组密码加密方法,其特征在于,包括以下步骤:3. the anti-attack block cipher encryption method of multi-scenario application according to claim 1 and 2, is characterized in that, comprises the following steps: 1)用户向明文寄存器中写入明文;随机数模块向加密控制模块中的随机数寄存器写入随机数,并在空闲时进行更新;1) The user writes the plaintext to the plaintext register; the random number module writes the random number to the random number register in the encryption control module, and updates it when idle; 2)启动加密运算时,加密控制模块中的控制器读取其中一组随机数,根据第一组随机数的值,并在第i轮插入k个伪轮,以确保真实的加密位置是随机的;2) When the encryption operation is started, the controller in the encryption control module reads one of the random numbers, and inserts k pseudo-rounds in the i-th round according to the value of the first group of random numbers to ensure that the real encryption position is random. of; 3)控制器分别对轮函数A、轮函数B、密钥扩展A和密钥扩展B中写入明文、轮秘钥和随机数,同时启动轮函数A、轮函数B、密钥扩展A和密钥扩展B,使轮函数A、轮函数B、密钥扩展A和密钥扩展B所产生的功耗相互干扰,待完成当前轮加密后,将当前密文和轮秘钥写入内部某一寄存器,同时随机数产生的密文和轮密钥写回到随机数寄存器以备下次使用;3) The controller writes plaintext, round secret key and random number to round function A, round function B, key extension A and key extension B respectively, and starts round function A, round function B, key extension A and The key expansion B makes the power consumption generated by the round function A, the round function B, the key expansion A and the key expansion B interfere with each other. After the current round of encryption is completed, the current ciphertext and the round key are written into an internal A register, at the same time, the ciphertext and the round key generated by the random number are written back to the random number register for the next use; 4)返回步骤3)以循环多次轮函数加密过程,直至完成当前明文加密后,将密文写入到可被用户读取的密文寄存器中,完成一次加密运算。4) Return to step 3) to repeat the function encryption process multiple times until the current plaintext encryption is completed, write the ciphertext into the ciphertext register that can be read by the user, and complete an encryption operation. 4.根据权利要求1所述的多场景应用的防攻击分组密码加密方法,其特征在于,对于明文加密,在用户写入第i个明文,明文寄存器为满状态,开始运算后明文被读取到控制器内部,明文寄存器变为空状态,以继续写入第i+1个明文;4. the anti-attack block cipher encryption method of multi-scenario application according to claim 1, is characterized in that, for plaintext encryption, in user writes the ith plaintext, plaintext register is full state, and plaintext is read after starting operation Inside the controller, the plaintext register becomes empty to continue writing the i+1th plaintext; 当第i个明文加密完成后,密文寄存器变为满状态,待用户读取,此时控制器正在进行第i+1个明文的加密,返回步骤2)步骤,直至完成用户的所有明文加密。When the ith plaintext encryption is completed, the ciphertext register becomes full, waiting for the user to read. At this time, the controller is encrypting the i+1th plaintext, and returns to step 2) until all plaintext encryption of the user is completed. . 5.根据权利要求1所述的多场景应用的防攻击分组密码加密方法,其特征在于,采用10轮串行运算,一周期运算一轮加密数据,将前一轮的结果重新写入轮函数进行下一轮运算。5. the anti-attack block cipher encryption method of multi-scenario application according to claim 1, is characterized in that, adopts 10 rounds of serial operations, one cycle of computing one round of encrypted data, the result of previous round is rewritten into round function Go to the next round of operation.
CN202111504497.7A 2021-12-10 2021-12-10 Anti-attack block cipher encryption method for multi-scenario applications Pending CN114218588A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202111504497.7A CN114218588A (en) 2021-12-10 2021-12-10 Anti-attack block cipher encryption method for multi-scenario applications

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202111504497.7A CN114218588A (en) 2021-12-10 2021-12-10 Anti-attack block cipher encryption method for multi-scenario applications

Publications (1)

Publication Number Publication Date
CN114218588A true CN114218588A (en) 2022-03-22

Family

ID=80700764

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202111504497.7A Pending CN114218588A (en) 2021-12-10 2021-12-10 Anti-attack block cipher encryption method for multi-scenario applications

Country Status (1)

Country Link
CN (1) CN114218588A (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114531239A (en) * 2022-04-20 2022-05-24 广州万协通信息技术有限公司 Data transmission method and system for multiple encryption keys
US20230216677A1 (en) * 2021-12-30 2023-07-06 Nuvoton Technology Corporation Cipher accelerator and differential fault analysis method for encryption/decryption operation
CN116722970A (en) * 2023-08-09 2023-09-08 中国科学院长春光学精密机械与物理研究所 A hardware-based anti-attack gateway security system

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101754205A (en) * 2009-12-25 2010-06-23 西安交通大学 Parallelized multi-receiver signcryption method
CN103916235A (en) * 2012-12-28 2014-07-09 北京中电华大电子设计有限责任公司 Power consumption attack defending method by inserting pseudo wheel operation pair randomly
CN105656619A (en) * 2016-02-02 2016-06-08 清华大学无锡应用技术研究院 AES (Advanced Encryption Standard) encryption method and power attack resisting method based on the same
CN112765686A (en) * 2021-01-06 2021-05-07 苏州裕太微电子有限公司 Power consumption attack prevention framework and method for algorithm key in chip

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101754205A (en) * 2009-12-25 2010-06-23 西安交通大学 Parallelized multi-receiver signcryption method
CN103916235A (en) * 2012-12-28 2014-07-09 北京中电华大电子设计有限责任公司 Power consumption attack defending method by inserting pseudo wheel operation pair randomly
CN105656619A (en) * 2016-02-02 2016-06-08 清华大学无锡应用技术研究院 AES (Advanced Encryption Standard) encryption method and power attack resisting method based on the same
CN112765686A (en) * 2021-01-06 2021-05-07 苏州裕太微电子有限公司 Power consumption attack prevention framework and method for algorithm key in chip

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20230216677A1 (en) * 2021-12-30 2023-07-06 Nuvoton Technology Corporation Cipher accelerator and differential fault analysis method for encryption/decryption operation
US12425213B2 (en) * 2021-12-30 2025-09-23 Nuvoton Technology Corporation Cipher accelerator and differential fault analysis method for encryption/decryption operation
CN114531239A (en) * 2022-04-20 2022-05-24 广州万协通信息技术有限公司 Data transmission method and system for multiple encryption keys
CN114531239B (en) * 2022-04-20 2022-08-12 广州万协通信息技术有限公司 Data transmission method and system for multiple encryption keys
CN116722970A (en) * 2023-08-09 2023-09-08 中国科学院长春光学精密机械与物理研究所 A hardware-based anti-attack gateway security system
CN116722970B (en) * 2023-08-09 2023-11-14 中国科学院长春光学精密机械与物理研究所 Anti-attack gateway security system based on hardware implementation

Similar Documents

Publication Publication Date Title
CN114218588A (en) Anti-attack block cipher encryption method for multi-scenario applications
US8184806B2 (en) Table masking for resistance to power analysis attacks
CN104734842B (en) Method is resisted in circuits bypass attack based on pseudo-operation
US11841981B2 (en) Low cost cryptographic accelerator
US8428251B2 (en) System and method for stream/block cipher with internal random states
US20180062828A1 (en) Protecting block cipher computation operations from external monitoring attacks
EP1398901B1 (en) Feistel type encryption method and apparatus protected against DPA attacks
CN104734845A (en) Side-channel attack protection method based on full-encryption algorithm pseudo-operation
WO2001008012A1 (en) Method and apparatus for preventing information leakage attacks on a microelectronic assembly
WO2009043139A1 (en) Substitution table masking for cryptographic processes
US20070263859A1 (en) Protection of the execution of a DES algorithm
AU773982B2 (en) Method for making data processing resistant to extraction of data by analysis of unintended side-channel signals
US11258579B2 (en) Method and circuit for implementing a substitution table
KR100737171B1 (en) Low memory masking method for power analysis attack against aria
CN114428979A (en) Data processing method, device, equipment and system
CA2508160C (en) Table masking for resistance to power analysis attacks
CN111082918B (en) A two-dimensional random scrambling AES anti-power attack system and method
CN115484019B (en) AES key expansion improvement algorithm with weak correlation
AlTawy et al. Fault analysis of Kuznyechik
CN116112170A (en) Stream cipher encryption and decryption method based on integer arithmetic cryptography substitution
CN108737073A (en) The method and apparatus that power analysis is resisted in block encryption operation
US20050232416A1 (en) Method and device for determining a result
KR20240046850A (en) Encryption processing apparatus, encryption processing method for encryption processing apparatus, and storage medium
CN111314054A (en) Novel high-security lightweight ECEG block cipher realization method, system and storage medium
US12169570B2 (en) Data processing device and method for processing secret data

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
点击 这是indexloc提供的php浏览器服务,不要输入任何密码和下载