CN112134685B - DPA attack-preventing circuit to be tested safety simulation analysis method and device - Google Patents
DPA attack-preventing circuit to be tested safety simulation analysis method and device Download PDFInfo
- Publication number
- CN112134685B CN112134685B CN202011164446.XA CN202011164446A CN112134685B CN 112134685 B CN112134685 B CN 112134685B CN 202011164446 A CN202011164446 A CN 202011164446A CN 112134685 B CN112134685 B CN 112134685B
- Authority
- CN
- China
- Prior art keywords
- information
- key
- power consumption
- unit
- key signal
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000004088 simulation Methods 0.000 title claims abstract description 130
- 238000004458 analytical method Methods 0.000 title claims abstract description 46
- 238000012360 testing method Methods 0.000 claims abstract description 152
- 230000008859 change Effects 0.000 claims abstract description 62
- 238000000034 method Methods 0.000 claims abstract description 42
- 230000005284 excitation Effects 0.000 claims abstract description 23
- 238000012544 monitoring process Methods 0.000 claims abstract description 21
- 238000004422 calculation algorithm Methods 0.000 claims description 59
- 230000008569 process Effects 0.000 claims description 27
- 238000013500 data storage Methods 0.000 claims description 24
- 230000004044 response Effects 0.000 claims description 21
- 230000015572 biosynthetic process Effects 0.000 claims description 12
- 238000003786 synthesis reaction Methods 0.000 claims description 12
- 238000004364 calculation method Methods 0.000 claims description 9
- 238000012795 verification Methods 0.000 claims description 5
- 238000003780 insertion Methods 0.000 claims description 4
- 230000037431 insertion Effects 0.000 claims description 4
- 238000013461 design Methods 0.000 abstract description 10
- 238000010586 diagram Methods 0.000 description 5
- 230000005540 biological transmission Effects 0.000 description 4
- 230000002265 prevention Effects 0.000 description 3
- 238000001514 detection method Methods 0.000 description 2
- 238000013507 mapping Methods 0.000 description 2
- 238000012546 transfer Methods 0.000 description 2
- 230000004075 alteration Effects 0.000 description 1
- 210000004556 brain Anatomy 0.000 description 1
- 238000012937 correction Methods 0.000 description 1
- 238000005336 cracking Methods 0.000 description 1
- 238000013524 data verification Methods 0.000 description 1
- 230000007123 defense Effects 0.000 description 1
- 238000012938 design process Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012216 screening Methods 0.000 description 1
- 230000009466 transformation Effects 0.000 description 1
- 238000000844 transformation Methods 0.000 description 1
- 230000000007 visual effect Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/002—Countermeasures against attacks on cryptographic mechanisms
- H04L9/003—Countermeasures against attacks on cryptographic mechanisms for power analysis, e.g. differential power analysis [DPA] or simple power analysis [SPA]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Storage Device Security (AREA)
Abstract
The invention provides a method and a device for simulating and analyzing the safety of a circuit to be tested for preventing DPA attack, wherein the device comprises the following steps: the key signal storage unit is used for storing the key signals and the path information corresponding to the key signals; the simulation circuit unit is used for receiving the test excitation information to perform multiple simulation tests; the key signal monitoring unit is used for monitoring the key signal according to the path information corresponding to the key signal when each simulation test is performed, and recording change time stamp information when the key signal changes; the differential power consumption analysis unit analyzes whether the difference between the power consumption difference value of a certain variation type and the power consumption difference value of other variation types of bit numerical values of the same key signal in two times of testing is larger than a preset error, if so, the key signal is judged to be associated with the variation type, and prompt information is sent out. Through the scheme, the safety simulation test of the circuit to be tested can be simulated in the chip design stage, and the differential power consumption attack analysis can be automatically completed.
Description
Technical Field
The invention relates to the field of chip circuit design, in particular to a method and a device for simulating and analyzing the safety of a circuit to be tested for preventing DPA attack.
Background
SSD data storage has evolved into the primary storage medium for consumer device data storage and cloud storage. For SSD data storage, the meaning of data error correction is significant, especially for personal critical data and government agency related data. The SSD main control chip is used as the brain of the SSD storage device, and the safety performance of the SSD main control chip directly determines the overall final safety performance of the SSD hard disk.
Side channel attacks are the primary hacking means, and DPA (Differential power analysis, differential power attack) is one of the most common types of attacks. DPA is a more advanced means of power consumption analysis than SPA, which allows an attacker to calculate intermediate values in cryptographic operations by statistically analyzing data collected from multiple cryptographic operations. And a hacker can infer the content of the key signal operated by the circuit to be tested by analyzing the differential power consumption information of the circuit to be tested when the key signal is operated. There are many methods for defending against the attack of differential power consumption in the prior art, but these methods are all required to be verified in detail after the chip circuit is completely designed.
Disclosure of Invention
Therefore, a technical scheme for the security simulation analysis of the circuit to be tested for preventing the DPA attack is needed to be provided, so that the problem that simulation defense cannot be performed against the differential power consumption attack in the chip design process is solved.
In order to achieve the above object, a first aspect of the present invention provides a circuit to be tested safety simulation analysis device for preventing DPA attack, the device comprising:
the key signal storage unit is used for storing the key signals and the path information corresponding to the key signals;
the simulation circuit unit is used for receiving the test excitation information to perform multiple simulation tests; the test stimulus information includes the key signal;
the key signal monitoring unit is used for monitoring the key signal according to the path information corresponding to the key signal when each simulation test is performed, and recording change time stamp information when the key signal changes;
the differential power consumption analysis unit is used for acquiring first power consumption information and second power consumption information corresponding to each key signal, calculating power consumption difference values of the first power consumption information and the second power consumption information, analyzing whether the difference between the power consumption difference value of a certain variation type and the power consumption difference value of other variation types of bit numerical values of the same key signal in two times of testing is larger than a preset error, if so, judging that the key signal is related to the variation type, and sending prompt information;
the first power consumption information is the power consumption information corresponding to the key signal in the change time stamp information during the current simulation test, and the second power consumption information is the power consumption information corresponding to the key signal in the change time stamp information during the last simulation test.
Further, the apparatus comprises:
the power consumption calculation unit is used for calculating the power consumption data of the circuit to be tested in each simulation process and storing the power consumption data in the power consumption data storage unit;
the differential power consumption analysis unit is used for acquiring first power consumption information from the power consumption data storage unit according to the change time stamp information of the key signal in the current simulation test and acquiring second power consumption information from the power consumption data storage unit according to the change time stamp information of the key signal in the last simulation test.
Further, the key signal monitoring unit comprises a mark inserting unit;
the mark inserting unit is used for setting a mark signal, inserting the mark signal into path information corresponding to the key signal, and recording current time stamp information when the value of the mark signal changes; the value of the marking signal is equal to the value of the key signal in real time.
Further, the apparatus further comprises:
a random number generation unit for generating a random number;
and the simulation excitation generating unit is used for generating test excitation information according to the random numbers generated by the random number generating unit and transmitting the test excitation information to the simulation circuit unit.
Further, the apparatus further comprises:
the logic synthesis unit is used for carrying out logic synthesis operation on the circuit to be tested to obtain netlist information;
and the power consumption calculation unit is used for calculating power consumption simulation data of the circuit to be tested in the whole simulation process according to the netlist information.
Further, the key signal includes a plurality of variation types; the change type is determined according to the value of the key signal when the key signal is changed during two simulation tests;
the differential power consumption analysis unit is used for judging whether the difference between the power consumption difference value of the key signal in a certain variation type and the power consumption difference value of other variation types is larger than a preset error, and if so, judging that the key signal has correlation on the variation type.
Further, the key signal includes test key information; the device comprises:
a key generation unit for generating the test key information;
a key recording unit for storing the test key information;
the differential power consumption analysis unit is used for acquiring the test key information and judging whether the power consumption difference values corresponding to the same test key information are associated or not.
Further, the key generation unit includes:
the source data storage unit is used for storing encrypted source data, and the source data comprises a source key and a hierarchical key encryption and decryption algorithm;
The source data decryption unit is used for obtaining the encrypted source data to decrypt, obtaining a decrypted source key and a decrypted hierarchical key encryption and decryption algorithm, sending the decrypted source key to the root key operation unit, and storing the decrypted hierarchical key encryption and decryption algorithm in the algorithm information storage unit;
a hierarchical information storage unit for storing hierarchical key information and user identification information;
the root key operation unit is used for acquiring the user identification information and the decrypted source key, and carrying out hash operation on the user identification information according to the decrypted source key to obtain root key information;
and the hierarchical operation decryption unit is used for acquiring the hierarchical key encryption and decryption algorithm, the hierarchical key information and the root key information, and decrypting the hierarchical key information by applying the root key information by adopting the hierarchical key encryption and decryption algorithm to obtain the test key information.
Further, the hierarchical information storage unit is further configured to store handshake request information and handshake response information;
the key generation unit includes:
the handshake decryption operation circuit is used for decrypting the test key information by adopting the test key information to obtain handshake encryption key information;
The handshake encryption operation circuit is used for receiving the handshake request information and encrypting the handshake request information by adopting the handshake encryption key information to obtain handshake encryption information;
and the handshake information verification circuit is used for acquiring the handshake response information and the handshake encryption information, judging whether the handshake response information and the handshake encryption information are matched, and if yes, storing the test key information into the key recording unit through verification.
The second aspect of the present application also provides a method for analyzing the security simulation of a circuit to be tested against DPA attack, the method being applied to the apparatus according to the first aspect of the present application, the method comprising the steps of:
the key signal storage unit stores key signals and path information corresponding to the key signals;
the simulation circuit unit receives the test excitation information to perform multiple simulation tests; the test stimulus information includes the key signal;
the key signal monitoring unit monitors the key signal according to the path information corresponding to the key signal when each simulation test is performed, and records change timestamp information when the key signal changes;
the differential power consumption analysis unit acquires first power consumption information and second power consumption information corresponding to each key signal, calculates power consumption difference values of the first power consumption information and the second power consumption information, analyzes whether the difference between the power consumption difference value of a certain variation type and the power consumption difference value of other variation types of bit numerical values of the same key signal in two tests is larger than a preset error, if so, judges that the key signals are related on the variation types, and sends out prompt information; the first power consumption information is the power consumption information corresponding to the key signal in the change time stamp information during the current simulation test, and the second power consumption information is the power consumption information corresponding to the key signal in the change time stamp information during the last simulation test.
Compared with the prior art, the DPA attack prevention circuit to be tested safety simulation analysis method and the DPA attack prevention circuit to be tested safety simulation analysis device are different from the prior art, and the DPA attack prevention circuit to be tested safety simulation analysis device comprises the following steps: the key signal storage unit is used for storing the key signals and the path information corresponding to the key signals; the simulation circuit unit is used for receiving the test excitation information to perform multiple simulation tests; the key signal monitoring unit is used for monitoring the key signal according to the path information corresponding to the key signal when each simulation test is performed, and recording change time stamp information when the key signal changes; the differential power consumption analysis unit is used for acquiring first power consumption information and second power consumption information corresponding to each key signal, calculating power consumption difference values of the first power consumption information and the second power consumption information, analyzing whether the power consumption difference values of the key signals in the bit value type change are associated, and sending prompt information if the association exists; through the scheme, the safety simulation test of the circuit to be tested can be simulated in the chip design stage, and the differential power consumption attack analysis can be automatically completed.
Drawings
FIG. 1 is a schematic diagram of a simulation analysis device for circuit security to be tested for preventing DPA attack according to an embodiment of the present invention;
FIG. 2 is a schematic diagram of a simulation analysis device for circuit security to be tested for preventing DPA attack according to another embodiment of the present invention;
fig. 3 is a schematic diagram of a key generation unit according to an embodiment of the present invention;
fig. 4 is a schematic diagram of a key generation unit according to another embodiment of the present invention;
FIG. 5 is a flowchart of a method for analyzing a simulation of the security of a circuit under test against DPA attack according to an embodiment of the present invention;
FIG. 6 is a flowchart of a method for analyzing a simulation of the security of a circuit under test against DPA attack according to another embodiment of the present invention;
fig. 7 is a schematic diagram of a drawing unit according to an embodiment of the invention.
Reference numerals illustrate:
101. a key signal storage unit;
102. a simulation circuit unit;
103. a key signal monitoring unit; 201. a mark insertion unit;
104. a differential power consumption analysis unit;
105. a random number generation unit;
106. a simulation excitation generation unit;
107. a drawing unit;
108. a key generation unit;
109. a key recording unit.
110. A power consumption calculation unit;
111. a power consumption data storage unit;
112. a change time storage unit;
113. a circuit to be tested;
114. a logic synthesis unit;
115. netlist information;
301. A source data storage unit;
302. a source data decryption unit;
303. an algorithm information storage unit;
304. a hierarchy information storage unit;
305. a root key operation unit;
306. a hierarchical decryption operation unit; 3061. a first-stage decryption operation unit; 3062. a secondary decryption operation unit; 3063. a three-stage decryption operation unit;
307. a handshake decryption operation circuit; 3071. a first-stage handshake decryption operation circuit; 3072. a secondary handshake decryption operation circuit; 3073. a three-stage handshake decryption operation circuit;
308. a handshake encryption operation circuit; 3081. a primary handshake encryption operation circuit; 3082. a two-stage handshake encryption operation circuit; 3083. a three-stage handshake encryption operation circuit;
309. a handshake information checking circuit;
310. a key selection unit;
311. an algorithm selection unit; 3111. a first-order algorithm selection unit; 3112. a second-level algorithm selection unit; 3113. and a three-stage algorithm selection unit.
Detailed Description
In order to describe the technical content, constructional features, achieved objects and effects of the technical solution in detail, the following description is made in connection with the specific embodiments in conjunction with the accompanying drawings.
As shown in fig. 1, a first aspect of the present invention provides a circuit to be tested safety simulation analysis device for preventing DPA attack, the device includes:
The key signal storage unit 101 is configured to store the key signal and path information corresponding to the key signal.
The key signal refers to data to be monitored safely, and is a series of machine codes consisting of 0 or 1 for a computer, which can be key information or security data with higher importance. The path information is a set of executable paths of the key signals, and the change condition of the key signals can be timely detected by selecting proper test cases, so that the change condition of the key signals is collected and analyzed.
In the present embodiment, the key signal and the path information corresponding to the key signal may be obtained by: before the simulation test starts, the circuit to be tested (such as a main control chip to be tested) is firstly subjected to one-time RTL test design, the circuit to be tested of the RTL design is used as an input file to enable the simulation analysis platform to start working, and key signals in the RTL design and path information corresponding to the signals are written into the key signal storage unit 101.
The simulation circuit unit 102 is used for receiving the test excitation information to perform multiple simulation tests; the test stimulus information includes the key signal.
The test stimulus information refers to a test case, which refers to a set of test inputs, execution conditions, and expected results programmed for a particular target, to verify whether a particular software requirement is met. The simulation circuit unit 102 may be implemented by simulation circuit tools, such as a VCS simulation tool and a modelsim simulation tool.
And the key signal monitoring unit 103 is used for monitoring the key signal according to the path information corresponding to the key signal during each simulation test, and recording change timestamp information when the key signal changes.
When the key signal is executed according to the corresponding path information, if the value of the key signal changes (for example, from 0 to 1 or from 1 to 0), the current change time stamp information is recorded, and the power consumption of the key signal on the change time stamp information is analyzed by screening at the later stage, so that the correlation of whether the power consumption difference value exists when the value of the key signal changes in different simulation tests can be analyzed, and further whether the possibility of being attacked by the differential power consumption exists in the key signal is judged.
The differential power consumption analysis unit 104 is configured to obtain first power consumption information and second power consumption information corresponding to each key signal, calculate a power consumption difference value of the first power consumption information and the second power consumption information, analyze whether the power consumption difference values of the key signals in the bit value type change are associated, and send out prompt information if the association exists. The prompt information can comprise one or more of voice prompt information, image prompt information, light prompt information and video prompt information.
The first power consumption information is the power consumption information corresponding to the key signal in the change time stamp information during the current simulation test, and the second power consumption information is the power consumption information corresponding to the key signal in the change time stamp information during the last simulation test.
Preferably, the two time stamp information for calculating the power consumption difference refers to the time stamp information of the key signal under the same change times in the corresponding simulation test. For example, when a certain key signal changes twice during the current simulation test, the key signal also changes twice during the last simulation test, and when the power consumption difference is calculated, the difference between the power consumption value corresponding to the timestamp information of the key signal which changes for the first time during the current simulation test and the power consumption value corresponding to the timestamp information of the key signal which changes for the first time during the last simulation test is calculated.
Of course, in other embodiments, the timestamp information for calculating the power consumption difference may refer to timestamp information of different times of change, for example, a difference between a power consumption value corresponding to timestamp information of a first change in the current simulation test process and a power consumption value corresponding to timestamp information of a second change in the last simulation test process of the key signal, or a difference between a power consumption value corresponding to timestamp information of a second change in the current simulation test process and a power consumption value corresponding to timestamp information of a first change in the last simulation test process of the key signal. The configuration is specifically performed according to actual needs, and a detailed description is not expanded here.
In judging the correlation between the power consumption differences of the respective key signal change types, this can be performed by: for example, when the difference of the power consumption of the variation type of a certain key signal is significantly higher or lower than that of other variation types, it can be determined that there is a correlation between the power consumption differences of the key signal on the variation types, that is, the possibility that the key signal is attacked by differential power consumption (a means for detecting key data through differential power consumption differences) in the simulation process. The device can record the key signal of the change type, the corresponding power consumption value and the power consumption difference value uniformly for further analysis by technicians.
Through the scheme, the safety simulation test of the chip can be simulated at the early stage of chip design, specifically, the performance of a circuit to be tested (such as a main control chip) is detected through various test cases, and the detection mainly comprises differential power consumption detection when key signals change, so that a hacker can effectively early warn in a power consumption attack mode, and the analysis efficiency is greatly improved.
As shown in fig. 2, in some embodiments, the apparatus comprises:
a power consumption calculating unit 110, configured to calculate power consumption data of the circuit to be tested in each simulation process, and store the power consumption data in a power consumption data storage unit 111; the differential power consumption analysis unit 104 is configured to obtain first power consumption information from the power consumption data storage unit 111 according to the change timestamp information of the key signal during the current simulation test, and obtain second power consumption information from the power consumption data storage unit 111 according to the change timestamp information of the key signal during the previous simulation test. In short, the power consumption calculation unit 110 calculates and stores the power consumption data of the circuit to be tested at each time point in the simulation test process, and prepares to be extracted and invoked by the differential power consumption analysis unit 104 at any time, thereby effectively improving the calculation efficiency.
In order to facilitate the differential power consumption analysis unit 104 to obtain the power consumption information, in this embodiment, the apparatus further includes a change time storage unit 112 for storing change timestamp information when the key signal changes during each simulation. Preferably, the change time storage unit 112 is configured to store not only the change time stamp information but also the number of simulations corresponding to the change time stamp information, the number of changes in the simulation process, and the like.
As shown in fig. 2, in some embodiments, the key signal monitoring unit 103 includes a tag insertion unit 201; the tag inserting unit 201 is configured to set a tag signal, insert the tag signal into path information corresponding to the key signal, and record current timestamp information when a value of the tag signal changes; the value of the marking signal is equal to the value of the key signal in real time.
In the practical application process, the key signal monitoring unit 103 may add a key signal monitoring component to the verification platform of circuit simulation (i.e. the aforementioned "simulation circuit unit") according to the current position of the key signal, for example, for the key signal a with path_x, the monitoring component may be configured to:
wait(path_x.a==1’b1)$display_time;
Thus, the key signal a in the path_x can be printed with the current simulation time when the value of the key signal a is 1. Of course, the judgment condition in the path information may be changed to (path_ x.a = 0' b 1) $display_time, and this means that when the value of the key signal a is 0, the current simulation time is printed.
The tag insertion unit 201 is then responsible for time-stamping the key signals, and the specific components are configured as follows:
wait(path_x.a==1’b1)set flag_a=1’b1;
thus, the mark signal a is marked as 1 when the value of a of the path_x is 1, namely the value of the mark signal is equal to the value of the key signal in real time. After the excitation information to be tested is traversed, the values of all the marking signals are searched and called, so that the change condition of the key signals in the value of each bit value type change can be clearly known.
In certain embodiments, the apparatus further comprises:
a random number generation unit 105 for generating a random number. Preferably, the random number generation unit generates a random number at regular intervals, and the generated random number is random, so that the excitation generated by the simulation excitation generation unit is also completely random.
And a simulation excitation generating unit 106, configured to generate test excitation information according to the random number generated by the random number generating unit, and transmit the test excitation information to the simulation circuit unit 102. The random number is used as an influence factor for influencing the generation of the test excitation information, so that the randomness of the generation of the test excitation information can be ensured, and the operation process of the main control chip in each application scene is simulated. In order to ensure that the test stimulus information covers as much as possible all possible occurrences, the number of random numbers generated by the random number generating unit 105 is also sufficiently large (exceeds a preset number) in the present embodiment.
In certain embodiments, the apparatus further comprises: a logic synthesis unit 114, configured to perform logic synthesis operation on the circuit to be tested 113 to obtain netlist information 115; and the power consumption calculation unit 110 is used for calculating power consumption simulation data of the circuit to be tested in the whole simulation process according to the netlist information 115.
The logical Synthesis (Logic Synthesis) refers to the process of converting the hdl code of the register transfer level (RTL, register Transfer Level) to a process-related gate level netlist (Gate Level Netlist). The logic synthesis unit 114 may be implemented by a DC synthesis tool, which synthesizes DC (Design Compiler) RTL codes of the circuit to be tested after the simulation circuit unit starts to operate, to generate netlist information 115. The netlist information 115 includes, but is not limited to: netlist files, SDF (standard delay files), SVF files (containing RTL to netlist mapping information), etc.
The power consumption calculation unit 110 is further configured to receive a netlist file, an SDF file, an SVF file, and RTL simulation waveforms and standard library unit information of a foundry, which are generated by DC synthesis, map RTL simulation waveform nodes to the netlist file based on mapping information from RTL to netlist stored in the SVF file, thereby generating a simulation waveform of the netlist, and add delay information in the SDF file and standard library unit power consumption information of the foundry to obtain power consumption simulation data of the whole simulation process, and store the power consumption data in the power consumption data storage unit.
In certain embodiments, the apparatus further comprises: and the drawing unit 107 is configured to generate a visual chart according to the power consumption difference value corresponding to the key signal in each bit value type change. Therefore, a tester can intuitively see whether the difference power consumption corresponding to the change of the numerical value type of each bit of the current key signal has relevance or not through the generated chart, and further analyze the possibility that the current circuit to be tested is attacked by the differential power consumption when the power consumption difference information of a certain change type of the key signal has relevance, so that the test analysis efficiency is effectively improved.
In some embodiments, the key signal includes a plurality of variation types; the change type is determined according to the value of the key signal when the key signal is changed during two simulation tests; the differential power consumption analysis unit is used for judging whether the difference between the power consumption difference value of the key signal in a certain variation type and the power consumption difference value of other variation types is larger than a preset error, and if so, judging that the key signal has correlation on the variation type;
multiple variation values of the key signal may occur during each simulation, including two variation values of "0" and "1". For example, the key signal is test key information, where the test key information is a value of 8 bits, and the corresponding power consumption information values of each bit when a certain number of values change (for example, when the values change for the first time) in the first simulation test and the second simulation test are shown in table 1 and table 2:
| Key value | 0 | 1 | 0 | 1 | 1 | 0 | 0 | 1 |
| Power consumption (mW) | 3.9 | 8 | 3 | 8.5 | 7.8 | 3.2 | 2.5 | 9 |
TABLE 1 Power consumption information Table corresponding to each bit of test Key information when the value changes during the first simulation test
| Key value | 1 | 1 | 0 | 0 | 1 | 0 | 0 | 1 |
| Power consumption (mW) | 8.6 | 8.1 | 2.9 | 3 | 8 | 3 | 2.7 | 8.5 |
TABLE 2 Power consumption information Table corresponding to each bit of test Key information when the value changes during the second simulation test
The differential power consumption analysis unit calculates the power consumption difference of the key signal on each variation type according to the power consumption data in table 1 and table 2 as shown in table 3:
| key change | 0->1 | 1->1 | 0->0 | 1->0 | 1->1 | 0->0 | 0->0 | 1->1 |
| Differential power consumption (mW) | 4.7 | 0.1 | -0.1 | -5.5 | 0.2 | -0.2 | 0.2 | -0.5 |
TABLE 3 Power consumption difference Table corresponding to each bit of test Key information during two simulation tests
As can be seen from table 3, when the bit value of the key information is 0 to 1 or 1 to 0, for example, the key change type corresponding to the test key information of the 1 st bit and the 4 th bit in table 3 is obviously higher than the power consumption difference value of other change types (such as 1 to 1, 0 to 0, etc.), that is, it can be determined that the key information has an association on the power consumption difference value information corresponding to the change type (i.e. 0 to 1 or 1 to 0) between the bit positions, and the tester can further analyze the possibility of the differential power consumption attack of the current main control chip.
For example, the preset error may be set as a ratio of an average value of power consumption differences corresponding to a certain variation type of the key signal to an average value of power consumption differences of other variation types in different simulation tests is 30%, taking the data in table 3 as an example, the key value in table 3 is on a variation type between 0 and 1, the power consumption differences are about 4mW for multiple times, the power consumption differences corresponding to the key value of other variation types are only 16mW on average, and the ratio between the two is 3400% different, that is, the ratio is far greater than the preset error, so that it can be considered that there is an obvious correlation on the variation type when the key signal varies between 0 and 1. Of course, the preset error may be set according to actual needs, for example, the difference between the power consumption differences of two different variation types is set to be within 2mW, or the ratio between the two is set to be below 50%, or the like.
In order to enable a tester to more intuitively acquire a simulation result, as shown in fig. 7, according to each Bit value of key information and power consumption information of corresponding bits in the current simulation process recorded in table 1, a broken line change chart is generated, wherein a horizontal axis in fig. 7 represents a change type of a key signal (such as a change of a key value of each Bit of the key information), and a vertical axis is a corresponding power consumption difference value. From fig. 7, it can be intuitively seen whether the power consumption difference values of the key values in different variation types have linear correlation, if so, it is indicated that the current circuit to be tested is likely to be found by a hacker in the operation process so as to crack the security information, and the tester can further optimize the correlation design to improve the overall security performance of the chip.
In certain embodiments, the critical signal comprises test key information; the device comprises:
a key generation unit 108 for generating the test key information;
a key recording unit 109 for storing the test key information;
the differential power consumption analysis unit 104 is configured to obtain the test key information, and determine whether the power consumption differences corresponding to the same test key information in different variation types are associated with each other.
The key information is used as a data encryption and decryption tool and is a key ring of chip security simulation. Therefore, in this embodiment, in addition to monitoring some key data, key information changes are monitored with emphasis, so that a tester can find out in time when the key is attacked by power consumption. The specific method is that the power consumption information of the same test key information is also monitored, and prompt information is output when the power consumption information of a certain type of key information is judged to be associated. The prompt information comprises one or more of voice prompt information, image prompt information, light prompt information and video prompt information.
In order to further secure the key information used by the chip in the operation process, the present application designs a special key generation unit 108 to generate key information required for the operation. As shown in fig. 3, the key generation unit 108 according to the present application includes:
The source data storage unit 301 is configured to store encrypted source data, where the source data includes a source key and a hierarchical key encryption and decryption algorithm. In this embodiment, the source data storage unit 301 is an OTP storage unit (i.e. one-time programmable unit), so that the source data can be effectively prevented from being tampered with. In order to prevent a hacker from directly obtaining the source data from the source data storage unit 301, the source data is encrypted and then stored in the OTP storage unit in the present application, and an initial key used for encryption may be stored in other storage units, so as to improve the security of source data storage. The hierarchical key encryption and decryption algorithm is an algorithm selected when data encryption and decryption are carried out later, and specifically can comprise any one or more of an aes algorithm, a tdes algorithm and a sm4 algorithm.
The source data decryption unit 302 is configured to obtain the encrypted source data, decrypt the encrypted source data, obtain a decrypted source key and a decrypted hierarchical key encryption and decryption algorithm, send the decrypted source key to the root key operation unit, and store the decrypted hierarchical key encryption and decryption algorithm in the algorithm information storage unit 303.
The hierarchical information storage unit 304 is used for storing the hierarchical key information and the user identification information.
And the root key operation unit 305 is configured to obtain the user identification information and the decrypted source key, and perform hash operation on the user identification information according to the decrypted source key to obtain root key information. The root key information is obtained by carrying out hash operation on the user identification information through the decrypted source key, so that the consistency of the source key and the bit number of the generated root key can be ensured, meanwhile, the adopted keys are different after the chip receives different user logins, and the security is further improved. The user identification information is an ID for distinguishing different users, and may be a string of characters, for example.
And the hierarchical decryption operation unit 306 is configured to obtain the hierarchical key encryption and decryption algorithm, the hierarchical key information and the root key information, and decrypt the hierarchical key information by applying the root key information to the hierarchical key encryption and decryption algorithm, thereby obtaining the test key information. In this way, the decryption algorithm in the test key information generation process comes from the hierarchical key encryption and decryption algorithm in the algorithm information storage unit 303, and is screened by the algorithm selection unit 311. The decrypted object is hierarchical key information, the decrypted key is root key information, and the decrypted key and the root key information come from different units respectively, so that the security of the generated test key information is further improved.
In order to prevent the test key information from being intercepted and tampered during the generation process, in the present embodiment, the hierarchical information storage unit is further configured to store handshake request information and handshake response information, and the key generation unit 108 includes:
and the handshake decryption operation circuit 307 is configured to decrypt the test key information by using the test key information to obtain handshake encryption key information. The test key information is easy to intercept or tamper in the transmission process, but after the test key information is firstly used for decrypting the test key information, the difficulty of reverse cracking of a hacker is exponentially increased, so that the test key information is firstly used for decrypting the test key information before data verification is carried out, and handshake encryption key information is obtained.
And the handshake encryption operation circuit 308 is configured to receive the handshake request information, and encrypt the handshake request information with the handshake encryption key information to obtain handshake encryption information. The handshake request information may be stored in the hierarchical information storage unit 304 in advance, where the handshake request information refers to information to be verified, and may obtain handshake encryption information after being encrypted by the handshake encryption key information.
The handshake information checking circuit 309 is configured to obtain the handshake response information and the handshake encryption information, and determine whether the handshake response information and the handshake encryption information are matched, if yes, check the test key information, and store the test key information in the key recording unit; otherwise, checking is not passed, and the test key information is not stored in the key recording unit. The handshake response information refers to check standard information that is stored in the hierarchical information storage unit 304 in advance and is obtained after the handshake request information is encrypted. By comparing the handshake response information with the handshake encryption information, whether the current test key information is tampered or not can be deduced, and if the handshake response information and the handshake encryption information are matched, the test key information can be output.
As shown in fig. 4, in order to enable the use of functions with different rights when different users use the chip to be tested, in this embodiment, different levels may be set for the key information when different users use the chip to be tested, that is, the key generating unit may generate the key information to be tested of the corresponding level according to the security level of the user, and the higher the level, the higher the security of the key information to be tested.
Taking three security levels as key levels for example, the apparatus comprises a key selection unit 310. The decryption operation units comprise a primary decryption operation unit 3061, a secondary decryption operation unit 3062 and a tertiary decryption operation unit 3063. The handshake decryption operation circuit includes a primary handshake decryption operation circuit 3071, a secondary handshake decryption operation circuit 3072, and a tertiary handshake decryption operation circuit 3073. The handshake encryption operation circuit comprises a primary handshake encryption operation circuit 3081, a secondary handshake encryption operation circuit 3082 and a tertiary handshake encryption operation circuit 3083. The algorithm information storage unit 303 is provided with a plurality of encryption and decryption algorithms, including a primary encryption and decryption algorithm, a secondary encryption and decryption algorithm, and a tertiary encryption and decryption algorithm, and sequentially selects by a primary algorithm selection unit 3111, a secondary algorithm selection unit 3112, and a tertiary algorithm selection unit 3113. The hierarchical key information includes a first layer source key, a second layer source key, and a third layer source key.
The key generation unit 108 described in fig. 4 operates as follows: the key generating unit 108 obtains the current user class, and outputs a test key matched with the user class to the key recording unit 109 through the key selecting unit 310, and if the user class has three classes, the key selecting unit 310 sequentially selects a primary key, a secondary key and a tertiary key for output, wherein the security class of the tertiary key is greater than that of the secondary key, and the security class of the secondary key is greater than that of the primary key.
The primary key is generated as follows:
the source data decryption unit 302 obtains the source key and the hierarchical key encryption and decryption algorithm encrypted in the source data storage unit 301 to decrypt, obtains the source key and the hierarchical key encryption and decryption algorithm decrypted, sends the source key decrypted to the root key operation unit 305, and stores the hierarchical key encryption and decryption algorithm decrypted in the algorithm information storage unit 303. And the root key operation unit acquires the user identification information and the decrypted source key, and carries out hash operation on the user identification information according to the decrypted source key to obtain root key information.
The next-stage decryption operation unit 3061 receives the first-layer source key of the hierarchical information storage unit 304, and the first-stage algorithm selection unit 3111 selects a first-stage key encryption and decryption algorithm to the first-stage decryption operation unit 3061, so that the first-stage decryption operation unit 3061 decrypts the first-layer source key by applying the root key information with the first-stage key encryption and decryption algorithm, and obtains the first-stage key. The key selection unit 310 may select the primary key output if the security level of the current user is primary.
Before outputting, in order to prevent the primary key from being tampered in the transmission process, the generated primary key needs to be checked, specifically, the primary key is encrypted once by the primary handshake decryption operation circuit 3071, so as to obtain primary handshake encryption key information. And then, the first-layer handshake request data transmitted by the hierarchical information storage unit 304 is received by the first-layer handshake encryption operation circuit 3081, and the first-layer handshake request data is encrypted by adopting the first-layer handshake encryption key information, so as to obtain first-layer handshake encryption information. And then receiving the first-layer handshake response data transmitted by the hierarchical information storage unit 304, comparing the first-layer handshake response data with the first-layer handshake encryption information, if the first-layer handshake response data and the first-layer handshake encryption information are matched, the first-layer handshake encryption information indicates that the primary secret key is not tampered, the first-layer handshake encryption information can be output through the secret key selection unit 310, otherwise, prompt information can be sent.
The secondary key is generated as follows:
the generation process of the secondary key is similar to that of the primary key, except that the primary key is used as an input parameter (corresponding to a root key input during generation of the primary key) of the secondary key generation, specifically, the secondary decryption operation unit 3062 receives the second layer source key of the hierarchical information storage unit 304, and the secondary algorithm selection unit 3112 selects a secondary key encryption and decryption algorithm to the secondary decryption operation unit 3062, so that the secondary decryption operation unit 3062 uses the secondary key encryption and decryption algorithm to decrypt the second layer source key by applying the primary key to obtain the secondary key. The key selection unit 310 may select the secondary key output if the security level of the current user is secondary.
Before outputting, in order to prevent the secondary key from being tampered in the transmission process, the generated secondary key needs to be checked, specifically, the secondary key is encrypted once by using the secondary key through the secondary handshake decryption operation circuit 3072, so as to obtain secondary handshake encryption key information. And then, the second-layer handshake request data transmitted by the hierarchical information storage unit 304 is received by the second-layer handshake encryption operation circuit 3082, and the second-layer handshake request data is encrypted by adopting the second-layer handshake encryption key information, so as to obtain second-layer handshake encryption information. And then receiving the second-layer handshake response data transmitted by the hierarchical information storage unit 304, comparing the second-layer handshake response data with the second-layer handshake encryption information, if the second-layer handshake response data and the second-layer handshake encryption information are matched, the second-layer handshake encryption information indicates that the second-layer secret key is not tampered, the second-layer handshake encryption information can be output through the secret key selection unit 310, otherwise, prompt information can be sent.
The three-level key generation process is as follows:
the generation process of the tertiary key is similar to that of the secondary key, except that the secondary key is used as an input parameter (corresponding to the primary key input during the generation of the secondary key) of the tertiary key generation, specifically, the tertiary decryption operation unit 3063 receives the third layer source key of the hierarchical information storage unit 304, and the tertiary algorithm selection unit 3113 selects the tertiary key encryption and decryption algorithm to the tertiary decryption operation unit 3063, so that the tertiary decryption operation unit 3063 uses the tertiary key encryption and decryption algorithm to decrypt the third layer source key by applying the secondary key to obtain the tertiary key. The key selection unit 310 may select the tertiary key output if the security level of the current user is tertiary.
Before outputting, in order to prevent the tertiary key from being tampered in the transmission process, the generated tertiary key needs to be checked, specifically, the tertiary key is encrypted once by the tertiary handshake decryption operation circuit 3073 by using the tertiary key, so as to obtain the information of the tertiary handshake encryption key. And then, the third-layer handshake request data transmitted by the hierarchical information storage unit 304 is received by the three-layer handshake encryption operation circuit 3083, and the third-layer handshake request data is encrypted by adopting the three-layer handshake encryption key information, so as to obtain third-layer handshake encryption information. And then receiving the third-layer handshake response data transmitted by the hierarchical information storage unit 304, comparing the third-layer handshake response data with the third-layer handshake encryption information, if the third-layer handshake response data and the third-layer handshake encryption information are matched, the third-layer handshake encryption information indicates that the third-layer secret key is not tampered, the third-layer handshake encryption information can be output through the secret key selection unit 310, and otherwise, prompt information can be sent.
Of course, in other embodiments, the number of the user levels may also be other values, such as two security levels or more than four security levels, and correspondingly, the level of the test key information may also be other numbers, which are set specifically according to actual needs. When the level of the test key information is other, the method of generating the test key information can refer to the circuit application process shown in fig. 4, which is not described herein.
As shown in fig. 5, a method for analyzing the security simulation of a circuit to be tested for preventing DPA attack, the method comprises the following steps:
firstly, entering step S501, a key signal storage unit stores key signals and path information corresponding to the key signals;
then, the step S502 is entered, and the simulation circuit unit receives the test excitation information to perform multiple simulation tests; the test stimulus information includes the key signal;
then, the step S503 is entered, when each simulation test is performed, the key signal monitoring unit monitors the key signal according to the path information corresponding to the key signal, and when the bit number value of the key signal changes, the change timestamp information is recorded;
and then, a step S504 is performed, wherein a differential power consumption analysis unit acquires first power consumption information and second power consumption information corresponding to a key signal, calculates power consumption difference values of the first power consumption information and the second power consumption information, analyzes whether the difference between the power consumption difference value of a certain variation type and the power consumption difference value of other variation types of the bit numerical value of the same key signal in two times of testing is larger than a preset error, if so, judges that the key signal is related on the variation type, and sends out prompt information.
In some embodiments, the key signal includes test key information generated by a key generation unit including a source data storage unit, a source data decryption unit, a hierarchy information storage unit, a root key operation unit, and a hierarchy operation decryption unit;
as shown in fig. 6, the method comprises the steps of:
first, step S601 is performed, where the source data storage unit stores encrypted source data, where the source data includes a source key and a hierarchical key encryption and decryption algorithm.
And then, the step S602 of the source data decryption unit obtaining the encrypted source data to decrypt, obtaining a decrypted source key and a decrypted hierarchical key encryption and decryption algorithm, sending the decrypted source key to the root key operation unit, and storing the decrypted hierarchical key encryption and decryption algorithm in the algorithm information storage unit.
In parallel with step S601 and step S602, step S603 may be entered in which the hierarchical information storage unit stores the hierarchical key information and the user identification information;
step S602 and step S603 may be followed by entering step S604, where the root key operation unit obtains the user identification information and the decrypted source key, and performs hash operation on the user identification information according to the decrypted source key, so as to obtain root key information.
Step S604 may be followed by entering step S605, where the hierarchical decryption operation unit obtains the hierarchical key encryption and decryption algorithm, the hierarchical key information and the root key information, and uses the hierarchical key encryption and decryption algorithm to decrypt the hierarchical key information by applying the root key information, so as to obtain the test key information.
It should be noted that, although the foregoing embodiments have been described herein, the scope of the present invention is not limited thereby. Therefore, based on the innovative concepts of the present invention, alterations and modifications to the embodiments described herein, or equivalent structures or equivalent flow transformations made by the present description and drawings, apply the above technical solution, directly or indirectly, to other relevant technical fields, all of which are included in the scope of the invention.
Claims (9)
1. The utility model provides a circuit security simulation analysis device that awaits measuring of preventing DPA attack which characterized in that, the device includes:
the key signal storage unit is used for storing a key signal and path information corresponding to the key signal, wherein the key signal is a series of machine codes and comprises a plurality of bit numerical values, and the bit numerical values are 0 or 1;
The simulation circuit unit is used for receiving the test excitation information to perform multiple simulation tests; the test stimulus information includes the key signal;
the key signal monitoring unit is used for monitoring the key signal according to the path information corresponding to the key signal when each simulation test is performed, and recording change timestamp information when the bit number value of the key signal is changed;
the differential power consumption analysis unit is used for acquiring first power consumption information and second power consumption information corresponding to the key signal, calculating power consumption difference values of the first power consumption information and the second power consumption information, analyzing whether the difference between the power consumption difference value of a certain variation type and the power consumption difference value of other variation types of bit numerical values of the same key signal in two times of testing is larger than a preset error, if so, judging that the key signal is associated with the variation type, and sending prompt information, wherein the preset error is that the ratio of the average value of the power consumption difference values corresponding to the bit numerical values of the key signal in different variation types in different simulation testing to the average value of the power consumption difference values of other variation types is 30%;
the first power consumption information is the power consumption information corresponding to the key signal in the change time stamp information during the current simulation test, and the second power consumption information is the power consumption information corresponding to the key signal in the change time stamp information during the last simulation test.
2. The DPA attack resistant circuit under test security simulation analysis apparatus as set forth in claim 1, wherein the apparatus comprises:
the power consumption calculation unit is used for calculating the power consumption data of the circuit to be tested in each simulation process and storing the power consumption data in the power consumption data storage unit;
the differential power consumption analysis unit is further configured to obtain first power consumption information corresponding to a key signal from the power consumption data storage unit according to change timestamp information of the current simulation test, and obtain second power consumption information corresponding to the same key signal from the power consumption data storage unit according to change timestamp information of the last simulation test.
3. The DPA attack-preventing circuit to be tested safety simulation analysis apparatus as set forth in claim 1, wherein the key signal monitoring unit includes a mark insertion unit;
the mark inserting unit is used for setting a mark signal, inserting the mark signal into path information corresponding to the key signal, and recording current time stamp information when the value of the mark signal changes; the value of the marking signal is equal to the value of the key signal in real time.
4. The DPA attack resistant circuit under test security simulation analysis apparatus as set forth in claim 1, further comprising:
A random number generation unit for generating a random number;
and the simulation excitation generating unit is used for generating test excitation information according to the random numbers generated by the random number generating unit and transmitting the test excitation information to the simulation circuit unit.
5. The DPA attack resistant circuit under test security simulation analysis apparatus as set forth in claim 4, further comprising:
the logic synthesis unit is used for carrying out logic synthesis operation on the circuit to be tested to obtain netlist information;
and the power consumption calculation unit is used for calculating power consumption simulation data of the circuit to be tested in the whole simulation process according to the netlist information.
6. The DPA attack resistant circuit under test security simulation analysis apparatus of claim 1, wherein the key signal comprises test key information;
the device comprises:
a key generation unit for generating the test key information;
a key recording unit for storing the test key information;
the differential power consumption analysis unit is also used for acquiring the test key information and judging whether the bit numerical value of the same test key information has association on a certain change type.
7. The DPA attack resistant circuit under test security simulation analysis apparatus as set forth in claim 6, wherein the key generation unit comprises:
The source data storage unit is used for storing encrypted source data, and the source data comprises a source key and a hierarchical key encryption and decryption algorithm;
the source data decryption unit is used for obtaining the encrypted source data to decrypt, obtaining a decrypted source key and a decrypted hierarchical key encryption and decryption algorithm, sending the decrypted source key to the root key operation unit, and storing the decrypted hierarchical key encryption and decryption algorithm in the algorithm information storage unit;
a hierarchical information storage unit for storing hierarchical key information and user identification information;
the root key operation unit is used for acquiring the user identification information and the decrypted source key, and carrying out hash operation on the user identification information according to the decrypted source key to obtain root key information;
and the hierarchical operation decryption unit is used for acquiring the hierarchical key encryption and decryption algorithm, the hierarchical key information and the root key information, and decrypting the hierarchical key information by applying the root key information by adopting the hierarchical key encryption and decryption algorithm to obtain the test key information.
8. The DPA attack resistant circuit to be tested security simulation analysis apparatus as set forth in claim 7, wherein said hierarchical information storage unit is further configured to store handshake request information and handshake response information;
The key generation unit includes:
the handshake decryption operation circuit is used for decrypting the test key information by adopting the test key information to obtain handshake encryption key information;
the handshake encryption operation circuit is used for receiving the handshake request information and encrypting the handshake request information by adopting the handshake encryption key information to obtain handshake encryption information;
and the handshake information verification circuit is used for acquiring the handshake response information and the handshake encryption information, judging whether the handshake response information and the handshake encryption information are matched, and if yes, storing the test key information into the key recording unit through verification.
9. The method for analyzing the safety simulation of the circuit to be tested for preventing the DPA attack is characterized by comprising the following steps of:
the key signal storage unit stores key signals and path information corresponding to the key signals, wherein the key signals are a series of machine codes and comprise a plurality of bit numerical values, and the bit numerical values are 0 or 1;
the simulation circuit unit receives the test excitation information to perform multiple simulation tests; the test stimulus information includes the key signal;
the key signal monitoring unit monitors the key signal according to the path information corresponding to the key signal when each simulation test is performed, and records change timestamp information when the key signal changes;
The differential power consumption analysis unit acquires first power consumption information and second power consumption information corresponding to a key signal, calculates power consumption difference values of the first power consumption information and the second power consumption information, analyzes whether the difference between the power consumption difference value of a certain variation type and the power consumption difference value of other variation types of bit numerical values of the same key signal in two times of testing is larger than a preset error, if so, judges that the key signal is associated with the variation type, and sends out prompt information, wherein the preset error is that the ratio of the average value of the power consumption difference values corresponding to the bit numerical values of the key signal in different variation types in different simulation testing to the average value of the power consumption difference values of other variation types is 30%;
the first power consumption information is the power consumption information corresponding to the key signal in the change time stamp information during the current simulation test, and the second power consumption information is the power consumption information corresponding to the key signal in the change time stamp information during the last simulation test.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011164446.XA CN112134685B (en) | 2020-10-27 | 2020-10-27 | DPA attack-preventing circuit to be tested safety simulation analysis method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011164446.XA CN112134685B (en) | 2020-10-27 | 2020-10-27 | DPA attack-preventing circuit to be tested safety simulation analysis method and device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN112134685A CN112134685A (en) | 2020-12-25 |
| CN112134685B true CN112134685B (en) | 2024-02-13 |
Family
ID=73853593
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011164446.XA Active CN112134685B (en) | 2020-10-27 | 2020-10-27 | DPA attack-preventing circuit to be tested safety simulation analysis method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112134685B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114500022B (en) * | 2022-01-18 | 2023-07-07 | 深圳模微半导体有限公司 | Side channel protective capability detection system |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102325021A (en) * | 2011-05-17 | 2012-01-18 | 武汉大学 | A DPA security evaluation and countermeasure method and its device |
| CN102710413A (en) * | 2012-04-25 | 2012-10-03 | 杭州晟元芯片技术有限公司 | System and method with function of DPA/SPA (Differential Power Analysis/Simple Power Analysis) attack prevention |
| CN109002714A (en) * | 2018-06-26 | 2018-12-14 | 天津飞腾信息技术有限公司 | Key node hardware Trojan horse detection method and device based on power consumption mean analysis |
| CN109240872A (en) * | 2018-08-08 | 2019-01-18 | 福州瑞芯微电子股份有限公司 | A kind of chip checking key signal coverage rate statistical analysis technique and storage medium |
| CN213028070U (en) * | 2020-10-27 | 2021-04-20 | 深圳安捷丽新技术有限公司 | DPA attack prevention to-be-tested circuit safety simulation analysis device |
Family Cites Families (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP1768040A4 (en) * | 2004-07-07 | 2008-05-21 | Mitsubishi Electric Corp | POWER SUPPLY CALCULATING APPARATUS, POWER SUPPLY CALCULATING METHOD, APPARATUS FOR EVALUATING INVIOLABILITY, AND INVIOLABILITY ASSESSING METHOD |
| JP4729007B2 (en) * | 2007-06-20 | 2011-07-20 | 株式会社東芝 | Power consumption analysis apparatus and power consumption analysis method |
| CN103679008B (en) * | 2012-09-03 | 2018-08-17 | 江苏东大集成电路系统工程技术有限公司 | A kind of efficient secure chip power consumption attack test method |
| CN110968878B (en) * | 2018-09-28 | 2024-04-05 | 京东科技控股股份有限公司 | Information transmission method, system, electronic equipment and readable medium |
-
2020
- 2020-10-27 CN CN202011164446.XA patent/CN112134685B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102325021A (en) * | 2011-05-17 | 2012-01-18 | 武汉大学 | A DPA security evaluation and countermeasure method and its device |
| CN102710413A (en) * | 2012-04-25 | 2012-10-03 | 杭州晟元芯片技术有限公司 | System and method with function of DPA/SPA (Differential Power Analysis/Simple Power Analysis) attack prevention |
| CN109002714A (en) * | 2018-06-26 | 2018-12-14 | 天津飞腾信息技术有限公司 | Key node hardware Trojan horse detection method and device based on power consumption mean analysis |
| CN109240872A (en) * | 2018-08-08 | 2019-01-18 | 福州瑞芯微电子股份有限公司 | A kind of chip checking key signal coverage rate statistical analysis technique and storage medium |
| CN213028070U (en) * | 2020-10-27 | 2021-04-20 | 深圳安捷丽新技术有限公司 | DPA attack prevention to-be-tested circuit safety simulation analysis device |
Non-Patent Citations (3)
| Title |
|---|
| A general model for differential power analysis attacks to static logic circuits;Massimo Alioto, Massimo Poli, Santina Rocchi;IEEE Xplore;全文 * |
| 密码系统差分功耗分析攻击及功耗模型;褚杰;赵强;丁国良;邓高明;;华中科技大学学报(自然科学版)(第06期);全文 * |
| 防御差分功耗分析攻击技术研究;汪鹏君, 张跃军, 张学龙;电子与信息学报;第34卷(第11期);全文 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN112134685A (en) | 2020-12-25 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Dabosville et al. | A new second-order side channel attack based on linear regression | |
| US7984305B2 (en) | Encryption processing apparatus and encryption processing method for setting a mixed encryption processing sequence | |
| CN117407926B (en) | Storage terminal and method and device for processing destroyed data thereof | |
| JP2019192101A (en) | Vulnerability information generation device and vulnerability evaluation device | |
| CN112114248B (en) | A chip security simulation analysis method and device for preventing differential time attacks | |
| CN213276647U (en) | Safety simulation analysis device for preventing time attack | |
| CN112115657B (en) | A chip security simulation analysis method and device for preventing single time attack | |
| CN110011794B (en) | Test Methods for Cipher Key Properties | |
| Taouil et al. | Power side channel attacks: Where are we standing? | |
| CN112134685B (en) | DPA attack-preventing circuit to be tested safety simulation analysis method and device | |
| CN112104447B (en) | SPA attack-preventing circuit to be tested safety simulation analysis method and device | |
| CN213028070U (en) | DPA attack prevention to-be-tested circuit safety simulation analysis device | |
| CN119203175B (en) | A storage medium security encryption system for computer software development | |
| CN112152780B (en) | SEMA attack-preventing circuit to be tested safety simulation analysis method and device | |
| CN213547530U (en) | SPA attack prevention to-be-detected circuit safety simulation analysis device | |
| Mather et al. | Pinpointing side-channel information leaks in web applications | |
| Yeow et al. | Neural network based data encryption: A comparison study among des, aes, and he techniques | |
| CN110912672A (en) | A method for detecting COLM authentication encryption algorithm against differential fault attack | |
| CN106650504B (en) | A kind of abstract extraction method and detection method for Web page face data | |
| CN112532374A (en) | Method for detecting SILC authentication encryption algorithm to resist differential fault attack | |
| CN112104448B (en) | DEMA attack prevention circuit to be tested safety simulation analysis method and device | |
| CN118890197A (en) | A red team attack simulation software obfuscation method and system based on dynamic encryption and decryption | |
| CN112511291A (en) | Method for detecting OCB authentication encryption algorithm to resist differential fault attack | |
| Zhou et al. | Leakage detection with Kolmogorov-Smirnov test | |
| Treus et al. | Early analysis of security threats by modeling and simulating power attacks in SystemC |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |