Software protection method based on field programmable gate array
By using field-programmable gate arrays and memristor chaotic engines in medical software, combined with SRAM physical fingerprints and real-time timestamps, deep hardware-software integration and dynamic polymorphic defense are achieved. This solves the problem that existing medical software encryption schemes are easily cracked and reverse-engineered, thus improving the security and stability of the system.
Patent Information
- Authority / Receiving Office
- CN · China
- Patent Type
- Applications(China)
- Current Assignee / Owner
- ZHEJIANG XIUYUAN MEDICAL TECH CO LTD
- Filing Date
- 2026-02-28
- Publication Date
- 2026-06-12
AI Technical Summary
Existing medical software encryption schemes are easily cracked, hardware is easily cloned, and instruction streams are easily reverse-engineered. They lack deep hardware binding and dynamic anti-reverse engineering capabilities, and cannot effectively resist emulation or replacement attacks.
By employing a Field Programmable Gate Array (FPGA) combined with physically non-cloning functions and a memristor chaotic engine, an initial synchronization seed is generated by collecting SRAM physical fingerprints and real-time timestamps, the hyperchaotic state space is initialized, a dynamic instruction mapping matrix is constructed, polymorphic confusion transformation is performed on the algorithm instruction data, and closed-loop synchronization is achieved using a hardware noise error correction mechanism.
It achieves deep integration of software and hardware, dynamic polymorphic defense, improves the confidentiality and robustness of core algorithms, prevents reverse analysis and hardware simulation attacks, and enhances the system's anti-predictability and stability.
Smart Images

Figure CN122197029A_ABST
Abstract
Description
Technical Field
[0001] This invention proposes a software protection method based on field-programmable gate arrays, which relates to the field of software protection technology. Background Technology
[0002] With the rapid development of medical informatization and intelligentization, medical software has evolved from simple management systems into core assets containing high-value algorithms. Especially in fields such as medical image processing, AI-assisted diagnosis, gene sequencing analysis, and surgical robot control, the research and development of software algorithms involves huge investments and is a core competitive advantage for medical equipment manufacturers. However, this also exposes medical software to security threats such as illegal copying, malicious tampering, and reverse engineering. Once a core algorithm is cracked or stolen, it will not only cause huge economic losses to the research and development company, but the tampered medical software may also lead to misdiagnosis or equipment malfunction, seriously endangering the lives of patients.
[0003] In recent years, encryption technologies based on chaotic systems have been introduced into software protection due to their sensitivity to initial values and pseudo-randomness. However, existing chaotic encryption schemes are mostly based on low-dimensional chaotic mappings (such as the Logistic mapping), whose phase space structure is relatively simple and easily cracked by nonlinear prediction techniques based on phase space reconstruction. Furthermore, current hardware-software co-protection schemes mostly only address data encryption and do not protect the executed instruction stream. Attackers can still infer the algorithm logic by analyzing the software's assembly instruction stream. More importantly, existing digital chaotic systems are mostly purely mathematical evolutions, lacking strong binding to physical entities, and cannot resist simulation or substitution attacks targeting the hardware itself. The medical software industry urgently needs a new security protection method that can deeply integrate hardware physical characteristics, possess dynamic anti-reverse engineering capabilities, and provide real-time obfuscation protection for the algorithm instruction stream to solve the technical challenges of easy key leakage, easy hardware cloning, and easy reverse engineering of instruction logic in existing technologies. Summary of the Invention
[0004] This invention provides a software protection method based on field-programmable gate arrays (FPGAs) to solve the aforementioned problems: This invention proposes a software protection method based on a field-programmable gate array (FPGA), wherein the FPGA includes physically unclonable functions and a memristor chaotic engine. The method includes: The SRAM power-on physical fingerprint features and real-time timestamp of the field-programmable gate array are collected. Based on the physical fingerprint features and real-time timestamp, the SHA3-256 hash algorithm is used to generate an initial synchronization seed. Based on the initial synchronization seed, the hyperchaotic state space is initialized on the target protection software and the field programmable gate array respectively through a set of dynamic equations; The chaotic state vector in the hyperchaotic state space is monitored in real time on the target protection software side, and a dynamic instruction mapping matrix is constructed based on the chaotic state vector; The original algorithm instruction data to be executed by the target protection software and its operands are obtained. Based on the dynamic instruction mapping matrix and the hash value of the current chaotic state vector, the original algorithm instruction data and its operands are subjected to polymorphic obfuscation transformation to obtain disguised algorithm instruction data and encrypted operands. The disguised algorithm instruction data and the encrypted operands are sent to the field programmable gate array. In the field-programmable gate array (FPGA), the current state of the FPGA is obtained through the hyperchaotic state space. Based on the current state of the FPGA, the spoofing algorithm instruction data and encryption operands are reverse-mapped and restored to calculate the real instruction data stream and encryption operands and execute the real instruction to obtain the original calculation result. The deviation between the chaotic state vector of the target protection software and the chaotic state vector of the field-programmable gate array is obtained. The deviation is encoded to obtain a state error correction code. At the same time, the original calculation result is obfuscated again to construct a feedback response data packet. The feedback response data packet is parsed on the target protection software side, the state error correction code is extracted, and the chaotic state space of the target protection software side is weighted and corrected using the error correction code, so that the state of the target protection software side is forced to synchronize with the physical noise disturbance state of the field programmable gate array. The feedback data is decrypted based on the corrected state vector to obtain the execution result, and the system then enters the next security protection loop based on the synchronized state.
[0005] Furthermore, the hyperchaotic state space is initialized, including: The initial synchronization seed is evenly divided into 4 sub-data blocks; The four sub-data blocks are mapped onto the domain of the chaotic system to obtain the initial state vector; The hyperchaotic state space is initialized based on the initial state vector using a set of dynamic equations.
[0006] Furthermore, the set of dynamic equations is as follows: in, This represents the first position state variable of the system at time k. This represents the second position state variable of the system at time k. This represents the first memristor state variable at time k. Let represent the second memristor state variable at time k, a represent the nonlinear folding coefficient of the Enon map, and b represent the dissipation coefficient of the Enon map. This represents the modulation coupling weighting coefficient of the first memristor state variable to the first position state variable. This represents the sinusoidal coupling weighting coefficient of the second memristor state variable to the second position state variable; c represents the linear feedback coefficient of the first position state variable to the first memristor state variable, d represents the sinusoidal nonlinear modulation coefficient of the evolution of the first memristor state variable itself, e represents the quadratic nonlinear feedback coefficient of the second position state variable to the second memristor state variable, f represents the autoregressive coefficient of the second memristor state variable, and L represents the quantization precision. Represents the discrete memristor function. This represents physical disturbance noise.
[0007] Furthermore, the physical disturbance noise is 0 on the software side and is the real-time acquired thermal noise of the ring oscillator on the hardware side.
[0008] Furthermore, a dynamic instruction mapping matrix is constructed based on the four components of the chaotic state vector, including: Specifically, the dynamic instruction mapping matrix is constructed in the following way: Where P represents the total number of CPU instruction set opcodes at the current moment. This represents the dynamic instruction mapping matrix at time k.
[0009] Further, based on the dynamic instruction mapping matrix and the hash value of the current chaotic state vector, a polymorphic obfuscation transformation is performed on the original algorithm instruction data and its operands to obtain disguised algorithm instruction data and encrypted operands, including: The original algorithm instruction data and its operands are subjected to a polymorphic obfuscation transformation through the following operations: in, This represents the data indicating the spoofing algorithm instructions. This represents the original algorithm instruction data, where D represents the original operands. This represents the state vector at time k. Indicates the encrypted operand.
[0010] Further, obtaining the deviation value between the chaotic state vector of the target protection software and the chaotic state vector of the field-programmable gate array includes: Based on the aforementioned dynamic equations, the current chaotic state variables of the field-programmable gate array and the chaotic state vector of the target protection software are obtained, and the difference between the two is calculated to determine the deviation value.
[0011] Furthermore, the original calculation result is further obfuscated to construct a feedback response data packet, including: Where R represents the original result of the operation. Indicates the encryption result. This represents the actual second state variable of the system.
[0012] Furthermore, the feedback response data packet includes the encryption result and the status error correction code.
[0013] Furthermore, the feedback data is decrypted based on the corrected state vector, including: The beneficial effects of this invention are as follows: By combining the physical fingerprint of SRAM and the physical noise error correction mechanism, this invention achieves deep binding between software and hardware. On the one hand, the physical fingerprint ensures that the hardware cannot be forged or cloned; on the other hand, the software state must be updated in real time to keep up with the physical thermal noise perturbations of the hardware. Since thermal noise is truly random and unpredictable, attackers cannot forge hardware responses through software emulators or replay attacks, completely solving the problem of traditional dongles being easily simulated. Dynamic polymorphic defense of the instruction stream is achieved. This invention uses a dynamic instruction mapping matrix to obfuscate the instruction stream, realizing one-time pad and instruction polymorphism. The same algorithm instruction is mapped to completely different ciphertext data in different time slices, making it impossible for attackers to analyze the algorithm logic through static disassembly (such as IDA Pro) or locate key instructions through dynamic side-channel analysis (DPA), greatly improving the confidentiality of the core algorithm. A robust key space and anti-predictability (based on memristor hyperchaos): Hyperchaotic systems incorporating memristor models possess more complex topological structures, more positive Lyapunov exponents, and more complex attractor morphologies than traditional low-dimensional chaos (such as logistic mappings). This not only provides a vast key space (sufficient to resist exhaustive attacks), but also makes its dynamic behavior extremely difficult to predict using phase space reconstruction techniques, significantly enhancing the system's cryptographic strength. A self-recovering closed-loop synchronization mechanism: Traditional stream encryption is prone to communication interruptions due to packet loss or interference causing hardware and software synchronization issues. The deviation feedback-weighted correction mechanism designed in this invention allows the software to adjust its state in real time based on the error correction codes fed back from the hardware. This closed-loop design not only achieves physical entropy synchronization but also endows the system with the ability to automatically recover synchronization after being disturbed, enhancing the system's robustness and stability. Attached Figure Description
[0014] Figure 1 This is a schematic diagram of the software protection method based on field-programmable gate arrays described in this invention. Detailed Implementation
[0015] To better understand the above-mentioned objectives, features, and advantages of the present invention, the present invention will be described in detail below with reference to the accompanying drawings and specific embodiments. It should be noted that, unless otherwise specified, the embodiments and features described in these embodiments can be combined with each other.
[0016] Numerous specific details are set forth in the following description to provide a thorough understanding of the invention. The described embodiments are only a part of, and not all, of the embodiments of the invention. All other embodiments obtained by those skilled in the art based on the embodiments of the invention without inventive effort are within the scope of protection of the invention.
[0017] Unless otherwise defined, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this invention pertains. The terminology used herein in the description of the invention is for the purpose of describing particular embodiments only and is not intended to be limiting of the invention.
[0018] One embodiment of the present invention provides a software protection method based on a field-programmable gate array (FPGA), wherein the FPGA includes physically unclonable functions and a memristor chaotic engine, the method comprising: The SRAM power-on physical fingerprint features and real-time timestamp of the field-programmable gate array are collected. Based on the physical fingerprint features and real-time timestamp, the SHA3-256 hash algorithm is used to generate an initial synchronization seed. Based on the initial synchronization seed, the hyperchaotic state space is initialized on the target protection software and the field programmable gate array respectively through a set of dynamic equations; The chaotic state vector in the hyperchaotic state space is monitored in real time on the target protection software side, and a dynamic instruction mapping matrix is constructed based on the chaotic state vector; The original algorithm instruction data to be executed by the target protection software and its operands are obtained. Based on the dynamic instruction mapping matrix and the hash value of the current chaotic state vector, the original algorithm instruction data and its operands are subjected to polymorphic obfuscation transformation to obtain disguised algorithm instruction data and encrypted operands. The disguised algorithm instruction data and the encrypted operands are sent to the field programmable gate array. In the field-programmable gate array (FPGA), the current state of the FPGA is obtained through the hyperchaotic state space. Based on the current state of the FPGA, the spoofing algorithm instruction data and encryption operands are reverse-mapped and restored to calculate the real instruction data stream and encryption operands and execute the real instruction to obtain the original calculation result. The deviation between the chaotic state vector of the target protection software and the chaotic state vector of the field-programmable gate array is obtained. The deviation is encoded to obtain a state error correction code. At the same time, the original calculation result is obfuscated again to construct a feedback response data packet. The feedback response data packet is parsed on the target protection software side, the state error correction code is extracted, and the chaotic state space of the target protection software side is weighted and corrected using the error correction code, so that the state of the target protection software side is forced to synchronize with the physical noise disturbance state of the field programmable gate array. The feedback data is decrypted based on the corrected state vector to obtain the execution result, and the system then enters the next security protection loop based on the synchronized state.
[0019] In a specific application scenario, after the FPGA powers on, it reads a segment of SRAM memory cells (256 bits, or 32 bytes) starting at address 0x0000 to 0x001F. Due to slight differences in silicon wafer manufacturing processes, the 0 / 1 states of these memory cells upon power-on are random but fixed. The acquired raw binary stream (11010010 10101111 ...) is converted to hexadecimal representation, and the current Unix timestamp (in seconds) is obtained to prevent replay attacks and ensure that the seed for each session is fresh. The current time is May 14, 2024, 16:00:00 (UTC+8), decimal value: 1715673600, converted to hexadecimal (4 bytes, big-endian): 0x66431E00. The PUF data and the timestamp data are concatenated (padding) and used as the input message M for the hash algorithm. The SHA3-256 algorithm is used to process the input message M. Perform the calculation. Formula: Seed = SHA3 - 256(M) = The 256-bit Seed is divided into four sub-data blocks to initialize the four variables (x0, y0, z0, w0) of the chaotic system. Using the hardware's unique physical fingerprint and the current time, a completely unpredictable and unclonable session seed is generated, which is the root of trust for the entire security system.
[0020] To establish trust, upon system power-up, the FPGA utilizes the metastable characteristics randomly generated by the SRAM cells at the moment of power-on to extract a unique Physical Fingerprint (PUF). This fingerprint, like the hardware's "DNA," cannot be copied. The system combines this fingerprint with the current timestamp, generates a one-time initial synchronization seed using the SHA3-256 algorithm, and securely transmits it to the software. Based on this seed, both the hardware and software simultaneously activate the memristor hyperchaotic engine, ensuring not only the consistency of the initial state but also, due to the introduction of the PUF, achieving a strong binding between the software and specific hardware.
[0021] Dynamic polymorphic instruction obfuscation (downlink) means that the original instruction is no longer sent directly when the algorithm is executed in the software. The system collects the current chaotic state vector in real time and constructs a dynamic instruction mapping matrix that changes drastically over time. Using this matrix, the original opcode and operands are mapped to seemingly chaotic or deceptive disguised data streams. Due to the initial value sensitivity of chaotic systems, even the same original instruction (such as ADD) will be mapped to completely different ciphertexts at different times (i.e., "instruction polymorphism"), making it impossible for attackers to infer the true intent through statistical analysis or pattern recognition.
[0022] Hardware Reverse Engineering and Physical Entropy Injection (Hardware Execution): After receiving spoofed data, the FPGA uses its internally synchronized chaotic engine to generate an inverse matrix, restoring the spoofed instructions to the real instructions and executing them. During this process, physical noise within the FPGA (such as thermal noise) slightly perturbs the chaotic trajectory of the hardware, causing it to produce tiny, unpredictable offsets. These offsets represent the unique physical activity of the hardware.
[0023] Closed-loop error correction and forced synchronization (uplink): When the hardware feeds back the computation result, it not only encrypts the result twice, but also encodes its own state deviation caused by physical noise into a "state error correction code" and sends it along with the result. After receiving the feedback, the software must first use the error correction code to correct its own mathematical chaotic model, forcibly dragging the software state onto a physical disturbance track consistent with the hardware. Only after completing this "entangled synchronization" can the software correctly derive the decryption key, restore the computation result, and enter the next round of protection loop based on this new synchronization state.
[0024] One embodiment of the present invention initializes the hyperchaotic state space, including: The initial synchronization seed is evenly divided into 4 sub-data blocks; The four sub-data blocks are mapped onto the domain of the chaotic system to obtain the initial state vector; The hyperchaotic state space is initialized based on the initial state vector using a set of dynamic equations.
[0025] In specific application scenarios, regarding location status (Domain is modulo) (integer field) For memristor flux state (Domain is) (Phase domain): To map 64-bit integers to continuous phase intervals, a normalization formula is used: Let the state vector of the system at time k be... In one embodiment of the present invention, specifically, the set of dynamic equations is as follows: in, This represents the first position state variable of the system at time k. This represents the second position state variable of the system at time k. This represents the first memristor state variable at time k. Let represent the second memristor state variable at time k, a represent the nonlinear folding coefficient of the Enon map, and b represent the dissipation coefficient of the Enon map. This represents the modulation coupling weighting coefficient of the first memristor state variable to the first position state variable. This represents the sinusoidal coupling weighting coefficient of the second memristor state variable to the second position state variable; c represents the linear feedback coefficient of the first position state variable to the first memristor state variable, d represents the sinusoidal nonlinear modulation coefficient of the evolution of the first memristor state variable itself, e represents the quadratic nonlinear feedback coefficient of the second position state variable to the second memristor state variable, f represents the autoregressive coefficient of the second memristor state variable, and L represents the quantization precision. Represents the discrete memristor function. This represents physical disturbance noise.
[0026] In specific application scenarios, the basic parameters (derived from the classic Hénon mapping) are: a = 1.4 (classical nonlinear folding coefficient, typically between 1.0 and 1.4), b = 0.3 (classical dissipation coefficient); coupling weight coefficients (controlling the perturbation strength of the memristor to the main system, typically taking small values): k1 = 0.1, k2 = 0.2; feedback and evolution coefficients (controlling the evolution of internal states): c = 0.1, d = 0.5, e = 0.01, f = 0.9 (autoregressive coefficient, typically close to 1); and quantization precision L depends on the hardware bit width. For a 32-bit system, L is typically taken as 2. 32 Or a large prime number that is close to it.
[0027] a and b (system skeleton): These determine the basic form of the encrypted dynamic system. The larger a is, the more severe the nonlinear folding of the system (the more chaotic it becomes); b determines whether the system dissipates. A > 1.06 and a moderate b are necessary to generate chaos. The values of k1 and k2 cannot be too large; if they are, the memristor states z and w will excessively interfere with x and y, leading to system collapse or entry into a periodic state. They are typically taken between [0.01, 0.5]. Δnoise is not a fixed parameter but a real-time acquired variable. In an FPGA, it comes from a reading of an unconnected ADC pin or is obtained using a frequency jitter counter of a ring oscillator (RO).
[0028] The dynamic equations employ a Hénon map. The classic 2D Hénon map has only one positive Lyapunov exponent, resulting in a relatively simple phase space trajectory, making it easy for attackers to predict the next state using "phase space reconstruction" techniques (Takens embedding theorem). By introducing two memristor state variables, z and w, the system is elevated from 2D to 4D. The equations... (product term) and The trigonometric function terms introduce extremely strong nonlinearity. This causes the system to enter a hyper-chaotic state, possessing two or more positive Lyapunov exponents, with the trajectory simultaneously diverging in multiple directions, greatly increasing the difficulty of prediction. Pure mathematical chaos is deterministic; given the equations and initial values, software can perfectly replicate hardware behavior, making cloning impossible. Hardware physical noise is forcibly introduced into the evolution of z. This means that the system's evolution trajectory on the hardware is the result of the combined effects of mathematical laws and physical thermal noise, which the software (attacker) cannot know in real time. Therefore, the trajectory simulated by the software will quickly separate from the actual trajectory of the hardware, thus achieving a strong binding between software and hardware.
[0029] Because the system is 4-dimensional hyperchaos and incorporates the memory characteristics of memristors (the current state depends on past history), attackers, relying only on intercepted partial output data, will find it extremely difficult to deduce the system's dynamic equations or current internal state. Compared to ordinary chaotic systems, its security margin is increased exponentially. Overcoming the dynamic degradation problem (a common issue in many chaotic encryption methods), when implementing chaos in digital circuits (such as FPGAs), due to limited computational precision (e.g., 32-bit), the chaotic trajectory eventually becomes a short-period cycle (i.e., no longer random). This design addresses this by... Complex modular arithmetic and high-dimensional coupling, as well as physical noise. The constant perturbation effectively disrupts short-period cycles, ensuring that the generated pseudo-random sequence has an extremely long period and almost no repetition. This achieves a balance between resources and performance (suitable for FPGAs). Although the equations appear complex, they only involve multiplication (…). ,bx) -> FPGA DSP units excel at addition and subtraction -> FPGA logic units excel at addition and subtraction; sine / cosine (M(z),sin(w)) -> can be implemented extremely quickly in FPGA using lookup table (LUT). It avoids division and complex exponential operations, making it ideal for high-speed parallel pipelined processing on FPGA hardware. The equation contains a large number of configurable parameters, which together constitute the key space. It is virtually impossible for an attacker to guess all the parameters using brute force. In one embodiment of the present invention, the physical disturbance noise is 0 on the software side and is the real-time acquired thermal noise of the ring oscillator on the hardware side.
[0030] One embodiment of the present invention involves constructing a dynamic instruction mapping matrix based on the four components of the chaotic state vector, including: Specifically, the dynamic instruction mapping matrix is constructed in the following way: Where P represents the total number of CPU instruction set opcodes at the current moment. This represents the dynamic instruction mapping matrix at time k.
[0031] In one embodiment of the present invention, a polymorphic obfuscation transformation is performed on the original algorithm instruction data and its operands based on the hash value of the dynamic instruction mapping matrix and the current chaotic state vector to obtain disguised algorithm instruction data and encrypted operands, including: The original algorithm instruction data and its operands are subjected to a polymorphic obfuscation transformation through the following operations: in, This represents the data indicating the spoofing algorithm instructions. This represents the original algorithm instruction data, where D represents the original operands. This represents the state vector at time k. Indicates the encrypted operand.
[0032] In one embodiment of the present invention, obtaining the deviation value between the chaotic state vector of the target protection software and the chaotic state vector of the field-programmable gate array includes: Based on the aforementioned dynamic equations, the current chaotic state variables of the field-programmable gate array and the chaotic state vector of the target protection software are obtained, and the difference between the two is calculated to determine the deviation value.
[0033] In one embodiment of the present invention, the original calculation result is subjected to secondary obfuscation to construct a feedback response data packet, including: Where R represents the original result of the operation. Indicates the encryption result. This represents the actual second state variable of the system.
[0034] In one embodiment of the present invention, the feedback response data packet includes an encryption result and a status error correction code.
[0035] One embodiment of the present invention includes decrypting the feedback data based on the modified state vector, comprising: Obviously, those skilled in the art can make various modifications and variations to this invention without departing from its spirit and scope. Therefore, if these modifications and variations fall within the scope of the claims of this invention and their equivalents, this invention also intends to include these modifications and variations.
Claims
1. A software protection method based on field-programmable gate arrays, characterized in that, The field-programmable gate array includes physically non-cloning functions and a memristor chaotic engine, and the method includes: The SRAM power-on physical fingerprint features and real-time timestamp of the field-programmable gate array are collected. Based on the physical fingerprint features and real-time timestamp, the SHA3-256 hash algorithm is used to generate an initial synchronization seed. Based on the initial synchronization seed, the hyperchaotic state space is initialized on the target protection software and the field programmable gate array respectively through a set of dynamic equations; The chaotic state vector in the hyperchaotic state space is monitored in real time on the target protection software side, and a dynamic instruction mapping matrix is constructed based on the chaotic state vector; The original algorithm instruction data to be executed by the target protection software and its operands are obtained. Based on the dynamic instruction mapping matrix and the hash value of the current chaotic state vector, the original algorithm instruction data and its operands are subjected to polymorphic obfuscation transformation to obtain disguised algorithm instruction data and encrypted operands. The disguised algorithm instruction data and the encrypted operands are sent to the field programmable gate array. In the field-programmable gate array (FPGA), the current state of the FPGA is obtained through the hyperchaotic state space. Based on the current state of the FPGA, the spoofing algorithm instruction data and encryption operands are reverse-mapped and restored to calculate the real instruction data stream and encryption operands and execute the real instruction to obtain the original calculation result. The deviation between the chaotic state vector of the target protection software and the chaotic state vector of the field programmable gate array is obtained. The deviation is encoded to obtain a state error correction code. At the same time, the original calculation result is obfuscated twice to construct a feedback response data packet. The feedback response data packet is parsed on the target protection software side, the state error correction code is extracted, and the chaotic state space of the target protection software side is weighted and corrected using the error correction code, so that the state of the target protection software side is forced to synchronize with the physical noise disturbance state of the field programmable gate array. The feedback data is decrypted based on the corrected state vector to obtain the execution result, and the system then enters the next security protection loop based on the synchronized state.
2. The software protection method based on field-programmable gate array according to claim 1, characterized in that, Initialize the hyperchaotic state space, including: The initial synchronization seed is evenly divided into 4 sub-data blocks; The four sub-data blocks are mapped onto the domain of the chaotic system to obtain the initial state vector; The hyperchaotic state space is initialized based on the initial state vector using a set of dynamic equations.
3. The software protection method based on field-programmable gate array according to claim 2, characterized in that, Specifically, the set of dynamic equations is as follows: in, This represents the first position state variable of the system at time k. This represents the second position state variable of the system at time k. This represents the first memristor state variable at time k. Let represent the second memristor state variable at time k, a represent the nonlinear folding coefficient of the Enon map, and b represent the dissipation coefficient of the Enon map. This represents the modulation coupling weighting coefficient of the first memristor state variable to the first position state variable. This represents the sinusoidal coupling weighting coefficient of the second memristor state variable to the second position state variable; c represents the linear feedback coefficient of the first position state variable to the first memristor state variable, d represents the sinusoidal nonlinear modulation coefficient of the evolution of the first memristor state variable itself, e represents the quadratic nonlinear feedback coefficient of the second position state variable to the second memristor state variable, f represents the autoregressive coefficient of the second memristor state variable, and L represents the quantization precision. Represents the discrete memristor function. This represents physical disturbance noise.
4. The software protection method based on field-programmable gate array according to claim 3, characterized in that, The physical disturbance noise is 0 on the software side, and is the real-time thermal noise of the ring oscillator on the hardware side.
5. The software protection method based on field-programmable gate array according to claim 1, characterized in that, A dynamic instruction mapping matrix is constructed based on the four components of the chaotic state vector, including: Specifically, the dynamic instruction mapping matrix is constructed in the following way: Where P represents the total number of CPU instruction set opcodes at the current moment. This represents the dynamic instruction mapping matrix at time k.
6. The software protection method based on field-programmable gate array according to claim 1, characterized in that, Based on the dynamic instruction mapping matrix and the hash value of the current chaotic state vector, a polymorphic obfuscation transformation is performed on the original algorithm instruction data and its operands to obtain disguised algorithm instruction data and encrypted operands, including: The original algorithm instruction data and its operands are subjected to a polymorphic obfuscation transformation through the following operations: in, This represents the data indicating the spoofing algorithm instructions. This represents the original algorithm instruction data, where D represents the original operands. This represents the state vector at time k. Indicates the encrypted operand.
7. The software protection method based on field-programmable gate array according to claim 1, characterized in that, The deviation between the chaotic state vector of the target protection software and the chaotic state vector of the field-programmable gate array is obtained, including: Based on the aforementioned dynamic equations, the current chaotic state variables of the field-programmable gate array and the chaotic state vector of the target protection software are obtained, and the difference between the two is calculated to determine the deviation value.
8. The software protection method based on field-programmable gate array according to claim 1, characterized in that, The original calculation result is then obfuscated a second time to construct a feedback response data packet, including: Where R represents the original result of the operation. Indicates the encryption result. This represents the actual second state variable of the system.
9. The software protection method based on field-programmable gate array according to claim 8, characterized in that, The feedback response data packet includes the encryption result and the status error correction code.
10. The software protection method based on field-programmable gate arrays according to claim 1, characterized in that, Decrypting the feedback data based on the corrected state vector includes: