Unlock instant, AI-driven research and patent intelligence for your innovation.

Side channel attack resisting method for SoC security chip and side channel attack resisting electronic system

A security chip and channel attack technology, applied in the protection of internal/peripheral computer components, etc., can solve the problem of not being able to balance the security protection capability of SoC security chips and the speed of cryptographic operations, and improve the ability to resist side channel attacks and similarity. High, enhance the effect of side channel attack

Active Publication Date: 2021-02-26
ZHENGZHOU XINDA JIEAN INFORMATION TECH
View PDF4 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0006] Aiming at the problem that the existing solutions cannot better balance the security protection capability and cryptographic operation speed of the SoC security chip, the present invention provides a SoC security chip anti-side-channel attack method and an electronic system for anti-side-channel attack

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Side channel attack resisting method for SoC security chip and side channel attack resisting electronic system
  • Side channel attack resisting method for SoC security chip and side channel attack resisting electronic system
  • Side channel attack resisting method for SoC security chip and side channel attack resisting electronic system

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0044] This embodiment provides a SoC security chip anti-side channel attack method, such as figure 1 As shown, each time the plaintext data to be processed is received, a cryptographic operation is performed on the plaintext data to be processed, and each cryptographic operation includes two cryptographic operations, specifically including the following steps:

[0045] Step S101, setting N types of true and false combination modes of the password parameters of the current cryptographic operation, the N types of true and false combination modes include: the combination mode in which the password parameters of the two cryptographic operations are all true, the combination mode of the two cryptographic operations There is at least one of the combination modes in which at least one parameter is false in the password parameters, and in the combination mode in which all the password parameters of one cryptographic operation are true and at least one parameter in the password paramet...

Embodiment 2

[0060] On the basis of the above embodiments, the embodiment of the present invention provides another SoC security chip anti-side channel attack method, such as figure 2 As shown, the difference from the above embodiment is that this embodiment further optimizes the operation process of each cryptographic operation in step S103, so as to make the energy trace of the SoC security chip more confusing, specifically including:

[0061] S201: Generate an IP core state control random number R1, and write R1 into the IP core state control register in the SoC security chip, activate the IP core whose state bit is "1" in the IP core state control register and perform this password For the IP core of the operation, turn off the IP core whose status bit is "0" to generate random power consumption;

[0062] Specifically, the SoC security chip is integrated with IP cores with multiple functions. For example, GPIO general input / output IP core, URAT serial communication IP core, EMM memor...

Embodiment 3

[0079] An embodiment of the present invention provides a SoC security chip anti-side-channel attack method. After each plaintext data to be processed is received, at least one cryptographic operation is performed on the plaintext data to be processed, and each cryptographic operation includes L passwords. Operation, L is greater than 2;

[0080] The difference from each round of cryptographic operations including two cryptographic operations is that if the combination of authenticity and falsehood determined according to R0 is: the cryptographic parameters of each cryptographic operation in this round of cryptographic operations are all true, then continue to judge the pending Whether the length of the plaintext data is greater than L times the length of the plaintext data required for a cryptographic operation, if so, add a false operation between any two true operations, otherwise re-execute step S102.

[0081] For example, if L=3, the password parameters of the three crypto...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention provides an SoC security chip side channel attack resistance method and an electronic system. The method comprises the steps of after plaintext data to be processed is received each time, executing at least one round of cryptographic operation on the plaintext data to be processed, and each round of cryptographic operation comprises at least two times of cryptographic operation and specifically comprises the steps of generating a random number R0, determining the true and false combination mode of the password parameters of each password operation and the sequence of the true andfalse password operations according to the R0; according to the true and false combination mode of the password parameters of each time of password operation, performing the password operation; if the password parameters of at least one time of password operation in the password operation are true, reserving the operation result of the password operation with the password parameters being true, and discarding the operation result of the password operation with at least one parameter being false in the password parameters; and if the plaintext data which are not subjected to the cryptographicoperation still exists after the current cryptographic operation is executed, performing the next cryptographic operation, otherwise, ending the cryptographic operation of the plaintext data to be processed.

Description

technical field [0001] The invention relates to the application field of SoC (System on Chip) security chip cryptographic services, in particular to a SoC security chip anti-side-channel attack method and an electronic system for anti-side-channel attack. Background technique [0002] SoC security chip refers to the microprocessor chip of the system-on-chip embedded with hardware cryptographic algorithm IP core, such as smart card, ID card, bank card, encryption network card and security terminal equipment. The chips that provide cryptographic service functions are all SoC security chips. [0003] With the popularization of people's network communication and Internet of Things applications, the information flowing on the network can only be protected by encryption technology to ensure the confidentiality, integrity and non-repudiation of information. The embedded SoC security chip only needs to negotiate or download the key in a secure environment, and the key management can...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F21/75
CPCG06F21/75
Inventor 张鲁国彭金辉刘武忠卫志刚孙晓鹏乔少虎
Owner ZHENGZHOU XINDA JIEAN INFORMATION TECH