A method and a device for constructing an overturning counting model

A model and hierarchical model technology, applied in the field of information security, can solve problems such as inability to obtain intermediate values, characterization of combined circuit power consumption leakage, etc., to achieve the effect of strong pertinence and high efficiency

Pending Publication Date: 2019-05-10
CHINA ACADEMY OF INFORMATION & COMM
0 Cites 0 Cited by

AI-Extracted Technical Summary

Problems solved by technology

[0004] Its disadvantage is that when using the Hamming heavy model, it is considered that the power consumption generated by the encryption equipment is related to the Hamming heavy weight of the data processed
[0006] The disadvantage is that when the attacker knows the original design or a part of the continuously processed data in the netlist, the Hamming distance model ...
View more

Method used

Embodiments of the present invention construct the flipping count leakage model obtained by simulating the required model hierarchy, characterizing the glitch information and combining the actual encryption device circuit type, so that when implementing the actual side channel power analysis, it is more targeted stronger and more efficient.
Embodiments of the present invention select the corresponding emulation level model by confirming the circuit type of the encryption device, and then determine the used flip counting model for this secondary side channel analysis, and improve the efficiency and accuracy of the flip counting model acquired .
The embodiment of the present invention constructs the flipping count leakage model obtained by simulating the required model hierarchy, describing the glitch information and combining the type of the actual encryption device circuit, so that it is more targeted when implementing the actual side channel power consumption analysis stronger and more efficient.
The embodiment of the present invention selects the corresponding emulation level model by...
View more

Abstract

The invention provides a method and a device for constructing an overturning counting model. The method comprises the following steps: carrying out simulation hierarchical model classification on a logic simulation tool for analyzing power consumption leakage in encryption equipment; dividing the simulation hierarchical model into a burr-free model and a burr-containing model; determining that thesimulation hierarchical model is a burr-free model, and obtaining a final simulation hierarchical model according to the simulation hierarchical model corresponding to the circuit type of the encryption equipment; Exporting the simulation data in the final simulation hierarchical model as a VCD file; and analyzing the overturning signal in the VCD file to obtain an overturning counting model. According to the method and the device for constructing the flip counting model provided by the invention, the burr information is depicted through the model hierarchy required by simulation, and the flip counting leakage model is constructed in combination with the type of the circuit of the actual encryption equipment, so that the pertinence is stronger and the efficiency is higher when the actualside channel power consumption analysis is implemented.

Application Domain

Platform integrity maintainanceSpecial data processing applications

Technology Topic

Free modelChannel power +4

Image

  • A method and a device for constructing an overturning counting model
  • A method and a device for constructing an overturning counting model
  • A method and a device for constructing an overturning counting model

Examples

  • Experimental program(1)

Example Embodiment

[0032] The technical solutions in the embodiments of the present invention will be clearly and completely described below in conjunction with the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments are only a part of the embodiments of the present invention, rather than all the embodiments. Based on the embodiments of the present invention, all other embodiments obtained by those of ordinary skill in the art without creative work shall fall within the protection scope of the present invention.
[0033] With the rapid development of information technology, the role of information security has become more and more important. One of the core technologies in the existing information security field is cryptography. From the various protocols of the computer network application layer to the various hardware devices in the communication system, cryptography plays a very important role. Existing encryption algorithms are mainly divided into two types: symmetric ciphers and public key ciphers. Among them, symmetric ciphers include encryption algorithms such as AES, 3-DES, and SMS4. Symmetric encryption is widely used in various devices due to its high security and simple implementation process. The implementation of cryptographic algorithms includes software and hardware implementation. Software implementation is applied to smart cards and embedded devices due to its good customizability; while hardware implementation is applied to various dedicated encryption chips due to its fast encryption and decryption speed. , Including FPGA, ASIC, etc. However, both the hardware and software implementations of encryption algorithms are subject to various security threats. Among them, side channel analysis is one of the existing important methods to threaten the security of encryption devices.
[0034] When an attacker uses side channel analysis technology to attack an encrypted device, he first needs to use special equipment such as electromagnetic probes to detect the side channel information of the encrypted device, and use an oscilloscope to collect and save the side channel information, and then use multiple side channels The analysis method analyzes this information, and finally achieves the purpose of recovering the correct secret key in the encryption device. When an attacker obtains the correct secret key of the encryption device, all the secret information of the encryption device will be leaked, completely destroying the security of the encryption device. Later, in order to improve the efficiency of side information analysis, scholars proposed various leakage models. However, the existing leakage models have power leakage analysis suitable for registers or buses. The power side channel analysis data of the combined circuit part is not accurate. In order to solve the above-mentioned problems, the present invention provides a method and device for constructing a flip count model. as the picture shows, figure 1 It is a schematic flowchart of a method for constructing a rollover counting model provided by an embodiment of the present invention. figure 1 , The method includes:
[0035] Step 101: Perform a simulation hierarchy model classification on a logic simulation tool used to analyze power consumption leakage in an encrypted device.
[0036] Specifically, the logic simulation tools required to construct a power leakage model include ISIM, ModelSim, etc. According to the different simulation tools selected by the analyst, the simulation classification is different.
[0037] Step 102: Divide the simulation level model into a model without burrs and a model with burrs.
[0038] Specifically, it is judged whether to count the glitch information in the circuit signal, so as to divide the simulation level model into a glitch-free model and a glitch-containing model. The glitch information refers to the unintended transition in the circuit due to the signal transmission delay. The glitch information is useless for the normal operation of the circuit, but it can be used as useful information when doing side channel analysis on the circuit.
[0039] Step 103: Determine that the simulation level model is a glitch-free model, and obtain the final simulation level model according to the simulation level model corresponding to the circuit type of the encryption device.
[0040] Specifically, after the judgment, it is determined that the simulation level model is a glitch-free model, and then the simulation level model is further divided according to the circuit type of the encryption device to obtain the final simulation level model. Among them, the circuit types of encryption devices include: SLCD (simple logical circuit design) or CLCD (complex logical circuit design). SLCD corresponds to the type of post-translation simulation model in the glitch-free model, and CLCD corresponds to the non-glitch-free model. The behavior simulation model type in the glitch model.
[0041] Step 104: Export the simulation data in the final simulation level model as a VCD file.
[0042] Specifically, the relevant circuit data, glitch information data, signal inversion and other simulation data in the final simulation level model are used as simulation results and exported as VCD files. Among them, the VCD file is used to describe all signal changes in the circuit. According to different circuit inputs, different numbers of signal inversions will be reflected in the VCD file. By counting the number of signal inversions at different inputs, the corresponding relationship between the circuit input and the number of signal inversions can be obtained.
[0043] Step 105: Analyze the flip information in the VCD file to obtain a flip count model.
[0044] Specifically, the signal of the flip transition in the VCD file is analyzed to obtain the flip count model, which is the final power consumption leakage model in the embodiment of the present invention.
[0045] The embodiment of the present invention constructs the obtained flip count leakage model through the model level required by the simulation, the description of the glitch information and the type of the actual encryption device circuit, so that the actual side channel power consumption analysis is more targeted and efficient higher.
[0046] Based on the content of the foregoing embodiment, as an optional embodiment: the simulation hierarchy model includes: a behavior simulation model, a post-translation simulation model, a post-mapping simulation model, and a post-wiring simulation model.
[0047] Specifically, when implementing a verilog design, three key steps are required: translation, mapping, and wiring. These steps are common methods in the industry. It should be noted that, in the embodiment of the present invention, behavior simulation is executed before translation in the verilog design. Post-translation simulation, post-mapping simulation, and post-wiring simulation are executed after translation, mapping, and wiring steps respectively.
[0048] The embodiment of the present invention classifies the simulation hierarchical model to make the subsequent leakage model more accurate.
[0049] Based on the content of the foregoing embodiment, as an optional embodiment: further includes:
[0050] If it is determined that the simulation level model is a model with glitches, the post-wiring simulation model is used as the final simulation level model.
[0051] Specifically, in the embodiment of the present invention, the post-mapping simulation model and the post-wiring simulation model belong to models containing glitches. When it is determined that the simulation level model is a glitch-containing model after judgment, the post-wiring simulation model is directly selected as the final simulation level model. This is because although it takes a long time for the simulation model to build the model after wiring, the model obtained by simulation after wiring has the highest accuracy.
[0052] According to the statistics of the glitch information, the embodiment of the present invention selects the wiring simulation model as the final simulation level model for the glitch-containing model, so that the accuracy of the constructed model can reach the highest.
[0053] Based on the content of the foregoing embodiment, as an optional embodiment: the circuit type includes: SLCD or CLCD.
[0054] Specifically, in the Verilog design, the line signal, input signal, and output signal are used as the basic units of jump calculation. Each element in the original design is represented as BLU, and the number of BLU inputs is limited. If a certain signal cannot be represented by one BLU output, multiple BLUs and additional output signals are required to represent it.
[0055] Define CLCD circuit and SLCD circuit: Let BLU(I n ,O) represents a BLU with n-bit input and one-bit output. Among them, I means Input, O means Output, and n is a natural number. y(y∈Y) represents the variable after the ASSIGN statement in the Verilog design, and Y is the set containing all y. at this time, among them Indicates that any logical operation x and y are both one-bit binary variables. At this time, SLCD and CLCD can be expressed as follows:
[0056]
[0057] If the circuit of the encryption device belongs to SLCD, the translated simulation model is selected as the glitch-free model; if the circuit of the encryption device belongs to CLCD, the behavioral simulation model is selected as the glitch-free model.
[0058] The embodiment of the present invention selects the corresponding simulation level model by confirming the circuit type of the encryption device, and then determines the flip count model used for the secondary side channel analysis, and improves the efficiency and accuracy of the obtained flip count model.
[0059] Based on the content of the above embodiment, as an optional embodiment: analyze the flip signal in the VCD file to obtain the flip count model, and then further include:
[0060] Perform side-channel analysis of power consumption on the measured power consumption curve according to the flip meter model.
[0061] Specifically, after obtaining the rollover count model for power leakage analysis, side channel analysis of power consumption is performed on the measured power consumption curve using methods such as correlation power analysis or mutual information power analysis. The embodiment of the present invention does not specifically limit the side channel analysis method of power consumption.
[0062] In the embodiment of the present invention, after the flip count model is obtained, the model is used for power consumption analysis of the actually measured power consumption curve, so that the actual side channel analysis is more targeted and more efficient.
[0063] According to another aspect of the present invention, an embodiment of the present invention also provides a device for constructing a flip count model, see figure 2 , figure 2 It is a block diagram of an apparatus for constructing a flip count model provided by an embodiment of the present invention. The device is used to construct the flip count model in the foregoing embodiments. Therefore, the descriptions and definitions in the method for constructing the rollover counting model in the foregoing embodiments can be used to understand the execution modules in the embodiments of the present invention.
[0064] As shown in the figure, the device includes:
[0065] The model classification module 201 is configured to classify the simulation level model of the logic simulation tool used to analyze the power consumption leakage in the encrypted device;
[0066] The glitch model determination module 202 is used to divide the simulation level model into a glitch-free model and a glitch-containing model;
[0067] The circuit type selection module 203 is used to determine that the simulation level model is a glitch-free model, and obtain the final simulation level model according to the simulation level model corresponding to the circuit type of the encryption device;
[0068] The VCD file obtaining module 204 is used to export the simulation data in the final simulation level model as a VCD file;
[0069] The flip count model determining module 205 is used to analyze the flip signal in the VCD file to obtain the flip count model.
[0070] The embodiment of the present invention constructs the obtained flip count leakage model through the model level required by the simulation, the description of the glitch information and the type of the actual encryption device circuit, so that the actual side channel power consumption analysis is more targeted and efficient higher.
[0071] Based on the content of the foregoing embodiment, as an optional embodiment: the simulation hierarchy model includes: a behavior simulation model, a post-translation simulation model, a post-mapping simulation model, and a post-wiring simulation model.
[0072] The embodiment of the present invention classifies the simulation hierarchical model to make the subsequent leakage model more accurate
[0073] Based on the content of the foregoing embodiment, as an optional embodiment: further includes:
[0074] The post-wiring simulation model determination module is used to determine that the simulation level model is a glitch-containing model, and the post-wiring simulation model is used as the final simulation level model.
[0075] According to the statistics of the glitch information, the embodiment of the present invention selects the wiring simulation model as the final simulation level model for the glitch-containing model, so that the accuracy of the constructed model can reach the highest.
[0076] Based on the content of the foregoing embodiment, as an optional embodiment: the circuit type includes: SLCD or CLCD.
[0077] The embodiment of the present invention selects the corresponding simulation level model by confirming the circuit type of the encryption device, and then determines the flip count model used for the secondary side channel analysis, and improves the efficiency and accuracy of the obtained flip count model.
[0078] Based on the content of the foregoing embodiment, as an optional embodiment: further includes:
[0079] The power analysis module is used for side channel analysis of power consumption on the measured power consumption curve according to the flip meter model.
[0080] In the embodiment of the present invention, after the flip count model is obtained, the model is used for power consumption analysis of the actually measured power consumption curve, so that the actual side channel analysis is more targeted and more efficient.
[0081] Based on the content of the foregoing embodiment, as an optional embodiment: the embodiment of the present invention provides a structural solution for constructing a rollover counting model, such as image 3 As shown, image 3 It is a schematic diagram of the overall structure of the flip counting model provided by the embodiment of the present invention.
[0082] The overall design diagram of the embodiment of the present invention mainly includes four major parts: model classification stage, model selection stage, model construction stage, and model implementation stage. Among them, the model classification stage passes the classified model into the model selection stage, and the model selection stage passes the selected model into the model construction stage. The model construction phase obtains the flip count model through calculation, and then uses the flip count model in the model implementation phase. Side channel power consumption analysis.
[0083] Figure 4 The basic process of the model classification stage is given. The figure contains two parts: the simulation level confirmation stage and the glitch information requirement confirmation stage. The operation process is as follows:
[0084] The tools needed to build the model are commonly used tools for logic simulation, including: ISIM, ModelSim, etc. According to the different simulation tools selected by the analyst, the simulation classification is different. For example, ISIM can be divided into four types: behavior simulation, post-translation simulation, post-mapping simulation, and post-wiring simulation. If the analyst needs to count the glitch information, he can continue to divide the simulation level into simulation without glitch and simulation with glitch. The model classification stage outputs the simulation level model classification supported by the simulation tool.
[0085] Figure 5 The basic process of the model selection phase is given. The figure contains two parts: the circuit type confirmation phase and the model confirmation phase. The operation process is as follows:
[0086] After passing in the available model classifications in the model selection stage, the circuit type confirmation stage confirms that the encryption device circuit belongs to SLCD or CLCD. The model confirmation stage selects the type of flip count model required for the secondary side channel analysis according to the type of the encryption device circuit. If the encryption device circuit belongs to SLCD, then select the translated flip count model as the glitch-free model; if the encryption device circuit belongs to CLCD, select the behavior flip count model as the glitch-free model. The model selection stage finally outputs the flip count model used in the secondary side channel analysis.
[0087] Image 6 The basic process of the model construction phase is given. The figure contains three parts: the logic simulation phase, the simulation data export phase and the model calculation phase. The operation process is as follows:
[0088] 1) The logic simulation stage is based on the logic simulation of the original circuit design using logic simulation tools.
[0089] 2) The simulation data export stage exports the simulation results as a VCD file.
[0090] 3) Analyze the VCD file in the model calculation stage, and obtain the calculated rollover count model.
[0091] After completing the above three steps, the accurate flip count model corresponding to the circuit design can be obtained for use in the subsequent model implementation stage.
[0092] Figure 7 The basic process of the model implementation phase is given. The operation process is as follows:
[0093] In the model implementation phase, the flip count model obtained in the construction phase is used to perform side-channel analysis on the measured power consumption curve through methods such as correlation power analysis or mutual information power analysis.
[0094] In the present invention, specific examples are used to illustrate the principles and implementation of the present invention. The description of the above examples is only used to help understand the method and core idea of ​​the present invention; at the same time, for those of ordinary skill in the art, according to this The idea of ​​the invention will change in the specific implementation and the scope of application. In summary, the content of this specification should not be construed as limiting the invention.

PUM

no PUM

Description & Claims & Application Information

We can also present the details of the Description, Claims and Application information to help users get a comprehensive understanding of the technical details of the patent, such as background art, summary of invention, brief description of drawings, description of embodiments, and other original content. On the other hand, users can also determine the specific scope of protection of the technology through the list of claims; as well as understand the changes in the life cycle of the technology with the presentation of the patent timeline. Login to view more.

Similar technology patents

Device and method for spraying pesticides onto multiple weeds

ActiveCN109601517ATargetedGood weeding effect
Owner:JIANGSU UNIV

Infectious bovine rhinotracheitis virus IBRV-JN03 isolate and application thereof

ActiveCN104928260Agood immunogenicityTargeted
Owner:SHANDONG NORMAL UNIV

Clinical medication decision support system

InactiveCN107845411ATargetedImproving the decision-making level of clinical medication
Owner:THE AFFILIATED HOSPITAL OF QINGDAO UNIV

Classification and recommendation of technical efficacy words

  • Targeted
  • Improve efficiency

Game video recording method and game video recording device

ActiveCN104811787ATargeted
Owner:SHENZHEN TENCENT COMP SYST CO LTD

Full-period electric pressure cooker production control method

InactiveCN107713732ATargetedincrease profit
Owner:GUANGDONG HUILIPU ROAD & BRIDGE INFORMATION ENG

Intelligent social advertisement release platform based on portrait data of big data

ActiveCN108416620ATargeted
Owner:HANGZHOU FUYUN NETWORK TECHNOLOGY CO LTD

Missed call reminding method and portable terminal

Owner:SAMSUNG GUANGZHOU MOBILE R&D CENT +1

Network scheduling method and system

InactiveCN105898402ATargetedMeet individual needs
Owner:LETV CLOUD COMPUTING CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products