81 results about "Power attack" patented technology

RFID tags were believed to be immune to power analysis since they have no direct connection to an external power supply. However, recent research has shown that they s are vulnerable to such attacks, since it is possible to measure their power consumption remotely via a completely passive attack. The method and apparatus of the invention protects RFID tags against simple and differential power attacks. The invention is particularly useful regarding inventory control systems or secure documents such as epassports. The basic technique is to use two capacitors embedded in the RFID tag in lo such a way that at any given time one of them is storing energy that is being generated by the charge pump of the tag that sucks energy from the electromagnetic or magnetic field of a tag reader, and the other one is discharging and powering the computational element of the tag chip.

A method of masking a cryptographic operation using a secret value, comprising the steps of dividing the secret value into a plurality of parts; combining with each part a random value to derive a new part such that the new parts when combined are equivalent to the original secret value; and utilizing each of the individual parts in the operation.

A method of countering side-channel attacks on an elliptic curve cryptosystem (ECC) is provided. The method comprises extending a definition field of an elliptic curve of the ECC to an extension ring in a first field; generating a temporary ciphertext in the extension ring and countering attacks on the ECC; and generating a final ciphertext for the first field if a fault injection attack on the ECC is not detected. The countering of attacks on the ECC may comprise countering a power attack on the ECC. Checking if there is a fault injection attack on the ECC may be performed by determining if the temporary ciphertext satisfies a second elliptic curve equation. The fault detection algorithms takes place in a small subring of the extension ring, not in the original field, to minimize the computational overhead. The method can improve the stability of the ECC and reduce computational overhead of the ECC.

The invention discloses a software mask defense scheme capable of preventing attack on advanced encryption standard (AES) algorithm based on power analysis. The software mask defense scheme comprises steps of introducing a mask matrix M, and arranging three random mask defense points in each round of encryption operation; protecting the three mask defense points through a group of mask sequences generating M during each encryption; arranging a counter C in a crypto chip, superposing original values for each encryption, and finishing construction of the matrix M when the superposed value reaches the threshold value T1; when the superposed value reaches the threshold value T2, rearranging the counter C, updating the matrix M, and repeating the step over and over again. The three random mask defense points can perform mask defense on an important intermediate value calculated at least when few of subkeys are exhausted, therefore, high-order difference power attack can be effectively defended, and security of AES secret keys are protected. Furthermore, the mask matrix is updated through a queue mode, therefore, replacement frequency of random masks is reduced, and defense cost is reduced.

The invention discloses an AES (advanced encryption standard) algorithm circuit oriented method for testing differential power attack. An AES algorithm is a widely applied grouping symmetric cryptographic algorithm. The AES algorithm circuit oriented method is used for acquiring and processing power samples for tests for the differential power attack in a design stage of an AES cryptographic algorithm circuit and includes steps (1), carrying out functional simulation and acquiring power samples; (2), preprocessing the power samples; (3), acquiring hypothetical power samples; (4), computing correlation coefficients and analyzing attack results. The AES algorithm circuit oriented method has the advantages that only varied power points are sampled, so that large quantities of power sample data can be omitted, power attack computational complexity can be greatly reduced, the assess effectiveness and the speed are high, more importantly, the tests for the differential power attack can be carried out in the design stage of the circuit, the attack resistance of the cryptographic circuit can be assessed in advance, and tape-out risks of the AES circuit can be reduced.

The invention discloses a differential power attack testing method for a DES algorithm circuit. A DES algorithm is a widely-applied grouping symmetric encryption algorithm. According to the method, a differential power attack test is performed on the DES algorithm circuit at a design stage, and the method comprises the steps as follows: (1), functional simulation and acquisition of a power consumption sample; (2), preprocessing of the power consumption sample; (3), acquisition of a hypothetical power consumption sample; and (4) calculation of correlation coefficients and analysis of attack results. According to the differential power attack testing method, only varying power consumption points are sampled, a large number of power consumption sample data are saved, the power attack calculation amount is reduced substantially, the method has the advantages of high evaluation efficiency and high speed, and above all, the power attack test can be performed at the circuit design stage, so that the anti-attack capability of a password circuit is evaluated in advance, and the redesign risk of the DES circuit after assembly line production of chips is reduced.

The invention provides a power attack prevention method oriented at an AES algorithm and a circuit achieving method of the power attack prevention method oriented at the AES algorithm. According to the basic principle, a control module and redundancy registers are added to an AES algorithm circuit. The AES algorithm selects the position of a register storing middle calculation data in each turn according to a zone bit generated by the control module, so that the middle data of each turn of encryption operation are alternatively stored in the different registers, the Hamming distance of the middle data of the AES algorithm is effectively hidden, and the AES algorithm can resist power analysis attacks based on a Hamming distance model. The power attack prevention method oriented at the AES algorithm and the circuit achieving method of the power attack prevention method oriented at the AES algorithm have the advantages of being high in flexibility, small in area cost, high in power attack resistance and the like, and provide a good resolution scheme for designing safe chips.

The invention provides an encryption method and device using a random clock based on chaos, and belongs to the field of information safety. According to the system, a design scheme which is integrated from top to bottom is adopted. The device is composed of a crystal oscillator, a PLL1, a PLL2, a pseudorandom sequence generating module, a chaotic mapping control module, a disturbance generating module, a clear text input module, an encryption module, a secret key extension module and a cipher text output module. According to the encryption method and device using the random clock based on chaos, a common linear feedback shift register, chaotic mapping control and cipher text feedback are combined to generate the random clock, the safety of the random clock is effectively improved, and power attack and electromagnetism attack can be effectively resisted. The encryption method and device using the random clock based on chaos can be applied to industrial and technical production of encrypted hardware storage device static encryption, microwave or photo-communication chains, and a receiving or transmitting port of a computer terminal and the like.

The invention provides technology which can effectively resist to attacks on modules, chips, smart card bodies and the like adopting a grouping encryption and decryption algorithm through power analysis (simple power analysis (SPA) and difference power analysis (DPA)) or electromagnetic radiation analysis (DEMA) to obtain encryption and decryption operation secret keys and a circuit implementation structure of the technology. In application of a high-safety smart card, including but not limited to application areas such as electronic identification cards, debit cards and social security cards, the circuit structure can effectively protect the grouping encryption modules, the chips, the smart card bodies and the like and prevent the encryption and decryption operation secret keys from decoding and obtaining by the power analysis or the electromagnetic radiation analysis. The circuit structure can improve efficiency of encryption operation in continuous encryption operation, improves safety protection strength on the grouping encryption modules, the chips, the smart card bodies and the like, guarantees execution efficiency of the encryption operation, and has good innovation, practical applicability and effectiveness.

The invention discloses an anti-power-attack method and device for a DES (Data Encrypt Standard) algorithm. The method comprises the following steps: performing exclusive-or operation on a first-round sub-key and a first mask; determining a first-round correction S-box according to the first mask on the basis of an original first-round S-box, and substituting the original first-round S-box; performing exclusive-or operation on the back half part of first-round input data and a second mask, wherein an exclusive-or operation result is the front half part of first-round output data; in second to sixteenth rounds, substituting the original S-box with identical or different correction S-boxes, and determining a correction S-box according to a mask carried by a wheel key and a mask carried by the back half part of wheel input data in each round, wherein other algorithm flows are the same as a first-round algorithm flow; and performing exclusive-or operation on a result obtained after the execution of reverse initial permutation on sixteenth-round output, wherein the result of the exclusive-or operation is an output cipher text. Through the anti-power-attack method for the DES algorithm provided by the invention, power attacks can be effectively resisted.

The invention discloses a password mask method for enhancing attack resistance ability. The password mask method for enhancing the attack resistance ability includes an encryption process. The encryption process includes steps: (1) introducing an original random number X, and performing exclusive-or operation on a clear text; (2) performing IP (internet protocol) initial displacement, and then dividing the clear text into an L portion and an R portion, and furthermore introducing random numbers Xy and Xz, generated in the middle process; (3) introducing F functions amended by mask codes, and performing n turns of F function operation; (4) combining the L portion with the R portion, and then performing an FP inverse initial permutation; (5) introducing the original random number X, and performing the exclusive-or operation so as to obtain a cipher text C. The password mask method for enhancing the attack resistance ability can achieve different effects of the mask codes by only using two types of the F functions amended by the mask codes during the whole encryption and decryption process, and only needs to achieve two types of SM-Box, and compared with other schemes with CPA attack resistance, the password mask method for enhancing the attack resistance ability can save a great number of hardware resources and reduce cost on the premise of substantially enhancing differential power attack and related power consumption attack resistance.

The invention discloses a time delay-based double-track pre-charge logic NAND gate circuit and a time delay-based double-track pre-charge logic exclusive or gate circuit. By transforming positions of PMOS (P-channel metal oxide semiconductor) transistors or NMOS (N-channel metal oxide semiconductor) transistors in the time delay-based double-track pre-charge logic NAND gate circuit and the time delay-based double-track pre-charge logic exclusive or gate circuit in the prior art and increasing or decreasing the PMOS transistors or the NMOS transistors, the improvement of the NAND gate circuit and the exclusive or gate circuit is realized; the improved NAND gate circuit and the improved exclusive or gate circuit area capable of realizing more balanced power consumption, faster speed and lower power consumption, and can better resist differential power attack.

The invention relates to an SM2 elliptic curve signature verification hardware system and method for resisting differential power consumption attack, the anti-differential power consumption attack method of the invention is applied to scalar multiplication, by adding the improved randomized scalar method to the point multiplication operation, the correlation between the real key information and the power curve is destroyed, which makes it difficult for the power analysis to obtain the information to resist the power analysis, and ensures the security of the differential power attack, thus playing a very good role in resisting the differential power attack. And this method is simple and easy to implement, and can be integrated into a variety of encryption chips and other hardware devices.

This invention relates to a hardware 3DES preventing power loss attack by digital power loss compensation used in intelligent card chips of a safety applied field, which utilizes a method for digital circuit power loss compensation to design two symmetrical 3DEG hardware circuits, one for getting ciphering result and the other for compensaing power loss to a first 3DEG circuit only playing the role of a coprocessor of ciphered operation in an intellident card, which can prevent power loss attack in the intelligent card field at the same time when realizing 3DEG ciphered operation at high speed.

The invention discloses a method for enabling elliptic curve cryptography to defend differential power attack. The method comprises the following steps: step 1) selecting a non-zero point P=(X:Y:1) on an elliptic curve E(F2<n>) and giving any integer m; step 2) calculating isomorphic mapping phi (P)=(fuX:fvY:1), recording P'=(X': Y': 1)=phi (P); step 3) calculating scalar multiplication mP', and recording a point R=mP'=(X'':Y'':Z''); and step 4), calculating isomorphic and inverse mapping phi<-1> (R)=(fvX'':fv+2uY'':fv+uZ'')=mP. The differential power attack can be defended with very low time cost by utilizing the method.

The invention discloses an AES algorithm oriented power attack resisting method based on a register mask. The method comprises the following steps: adding a random number generator and a register protection module in an AES algorithm, wherein the register protection module comprises a first XOR unit, a second XOR unit and a register; saving an intermediate result in the register after performing XOR on an intermediate result needing to be saved and a random number when updating the intermediate result in the register, and saving the random number at the same time; and reading a value in the register and performing the XOR on the value and the saved random number when reading the intermediate result in the register. Through the adoption of the method disclosed by the invention, the randomness of the storage value in the register is guaranteed, the Hamming distance leakage in the AES cryptographic algorithm is effectively hidden, and the power attack based on a Hamming distance model can be effectively resisted.

A system and method for achieving power isolation across different cloud tenants and workloads is provided. The system includes a model of per-workload power consumption and an approach for attributing power consumption for each container. It allows a cloud provider to detect abnormally high power usage caused by specific containers and/or tenants, and to neutralize the emerging power attacks that exploit information leakages in the public container cloud. The approach also enables the provider to bill tenants for their specific power usage. Thus, the technique herein provides a mechanism that operates to attribute power consumption data for each container to defend against emerging power attacks, as well as to make it feasible to develop a cloud billing model based on power usage. The mechanism defends against emerging power attacks in container cloud offerings by implementing in a power-based namespace workflow in an OS kernel. The namespace workflow partitions the power consumption information for each container.