CN103997402A - Encryption chip safety performance testing method and device - Google Patents

Encryption chip safety performance testing method and device Download PDF

Info

Publication number
CN103997402A
CN103997402A CN201410240453.1A CN201410240453A CN103997402A CN 103997402 A CN103997402 A CN 103997402A CN 201410240453 A CN201410240453 A CN 201410240453A CN 103997402 A CN103997402 A CN 103997402A
Authority
CN
China
Prior art keywords
encryption chip
attack parameter
cryptographic algorithm
scanning output
parameter
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201410240453.1A
Other languages
Chinese (zh)
Other versions
CN103997402B (en
Inventor
邵翠萍
李慧云
徐国卿
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
State Cryptography Administration Commercial Code Testing Center
Shenzhen Institute of Advanced Technology of CAS
Original Assignee
Shenzhen Institute of Advanced Technology of CAS
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen Institute of Advanced Technology of CAS filed Critical Shenzhen Institute of Advanced Technology of CAS
Priority to CN201410240453.1A priority Critical patent/CN103997402B/en
Publication of CN103997402A publication Critical patent/CN103997402A/en
Application granted granted Critical
Publication of CN103997402B publication Critical patent/CN103997402B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Landscapes

  • Storage Device Security (AREA)

Abstract

The invention is applied to the field of testing, and provides an encryption chip safety performance testing method and device. The method includes the steps of firstly, determining an attacked parameter that attacks are wrongly injected into an encryption algorithm according to the encryption algorithm of an encryption chip; secondly, finding a sensitive register related to calculation of the attacked parameter in the encryption chip, and inserting a scan chain into the sensitive register; thirdly, determining safety of the encryption chip through the scan output result of the attacked parameter when the attacked chip works in a tested mode, wherein the scan output result is obtained through scan output. The scan chain is inserted into the sensitive register related to the attacked parameter, and therefore the change of the attacked parameter can be obtained, whether effective errors are produced or not can be more visually judged, and testing efficiency of safety of the encryption chip is effectively improved.

Description

A kind of encryption chip Testing Method of Safety and device
Technical field
The invention belongs to field tests, relate in particular to a kind of encryption chip Testing Method of Safety and device.
Background technology
Along with the development of the communication technology, it is more and more important that information security also seems.Although in chip, there are complicated enciphering and deciphering algorithm and key protection mechanism,, chip still is easily subject to inducing fault analysis, thereby causes the leakage of the data content in chip.
Data when avoiding chip to be subject to inducing fault analysis are revealed, and such as the leakage of private key, need to test the safety and stability of the encrypted circuit in safety chip.Wherein, mistake injection attacks be exactly a kind of widely used, fault-tolerant ability of being used for assessing encryption chip and, the Testing Method of Safety of fault on encryption chip impact.
The wrong injection attacks principle of encryption chip is: by the certain mistake of artificial injection, go out the method for key information according to the interpretation of result of erroneous transmissions mechanism and encryption and decryption.Wherein, the common induction mistake for injecting comprises: voltage and clock sudden change mistake, induced with laser mistake, X ray and ion beam inject mistake.
Yet, due to the uncertainty of present wrong injection technique on time and space, the interior change that can not effectively the mistake of injection be produced is on the one hand reflected in Output rusults, on the other hand, in actual applications, only, with the encryption and decryption result of output, the wrong mechanism that produces is judged in very difficult analysis.Thereby make the testing efficiency of existing encryption chip method of testing lower.
Summary of the invention
The object of the embodiment of the present invention is to provide a kind of Testing Method of Safety of encryption chip, to solve in the test process of encryption chip of prior art, the interior change that the mistake of injecting produces can not be reacted at Output rusults, only with output encryption and decryption result, be difficult to analyze judgement and produce wrong mechanism, cause the low problem of testing efficiency of existing encryption chip.
The embodiment of the present invention is achieved in that a kind of encryption chip Testing Method of Safety, and described method comprises:
According to the cryptographic algorithm of described encryption chip, determine wrong injection attacks in cryptographic algorithm by attack parameter;
According to described wrong injection attacks by attack parameter, search in described encryption chip to calculate described by the relevant responsive register of attack parameter;
Calculating described responsive register interleave scan chain of being correlated with by attack parameter;
According to test vector and the described wrong injection attacks of input, scanning output is described by the scanning Output rusults of attack parameter;
By the scanning Output rusults comparison of the scanning Output rusults of being attacked and expectation, according to comparative result, determine the fail safe of encryption chip.
Another object of the embodiment of the present invention is to provide a kind of encryption chip security performance testing apparatus, and described device comprises:
By attack parameter determining unit, according to the cryptographic algorithm of described encryption chip, determine wrong injection attacks in cryptographic algorithm by attack parameter;
Responsive register is searched unit, for according to described wrong injection attacks by attack parameter, search in described encryption chip to calculate described by the relevant responsive register of attack parameter;
Scan chain plug-in unit, for calculating described responsive register interleave scan chain of being correlated with by attack parameter;
Result output unit, for according to test vector and the described wrong injection attacks of input, scans output described by the scanning Output rusults of attack parameter;
Fail safe determining unit, for by the scanning Output rusults comparison of the scanning Output rusults of being attacked and expectation, determines the fail safe of encryption chip according to comparative result.
In embodiments of the present invention, the fault analysis determine injecting according to the cryptographic algorithm of chip by attack parameter, and according to described by attack parameter, search calculate described by relevant register that attack parameter was used, be referred to as responsive register, and sensitivity is posted in device and is inserted in scan chain, the result of variations that scanning output is produced because of the fault analysis injecting by attack parameter, and by the scanning Output rusults comparison by the Output rusults of attack parameter and expectation, determine the fail safe of encryption chip.The embodiment of the present invention is due to responsive register is inserted in scan chain, thereby can obtain by the variation of attack parameter, thereby judges whether more intuitively to produce effective mistake, effectively improves the testing efficiency of encryption chip fail safe.
Accompanying drawing explanation
Fig. 1 is the realization flow figure of the encryption chip Testing Method of Safety that provides of the embodiment of the present invention;
Fig. 2 is the structural representation of the encryption chip security performance test that provides of the embodiment of the present invention;
Fig. 3 is the structural representation of the encryption chip security performance testing apparatus that provides of the embodiment of the present invention;
Embodiment
In order to make object of the present invention, technical scheme and advantage clearer, below in conjunction with drawings and Examples, the present invention is further elaborated.Should be appreciated that specific embodiment described herein, only in order to explain the present invention, is not intended to limit the present invention.
Encryption chip Testing Method of Safety described in the embodiment of the present invention, can be used for the security evaluation of encryption chip design phase, also can be used for the actual test of encryption chip.
In the security evaluation process of design phase, the in the situation that in gate level netlist, artificial introducing being wrong, by emulation, can obtain that fault analysis produces for the scanning Output rusults by attack parameter, according to the scanning Output rusults comparison of described result and expectation, whether the cryptographic algorithm that can obtain the design phase meets security requirement.
In actual test process, can obtain, by the result of variations of attack parameter, according to the Output rusults of scan chain, comparing analysis according to the scan chain inserting in chip in advance, be positioned at responsive register place, can measure chip and whether meet safety requirements.Below in conjunction with embodiment, illustrate.
As Fig. 1 shows the realization flow of the encryption chip Testing Method of Safety that the embodiment of the present invention provides, details are as follows:
In step S101, according to the cryptographic algorithm of described encryption chip, determine wrong injection attacks in cryptographic algorithm by attack parameter.
Concrete, because the embodiment of the present invention can be used for design phase of encryption chip, also the test phase that can be used for encryption chip, therefore, the encryption chip described in the embodiment of the present invention, (chip is to need through design in the Encryption Design stage of chip, also to can be described as Encryption Design to chip, and the finished product of producing through flow), test phase at chip is called encryption chip, for ease of describing, is referred to as encryption chip.
Chip encryption algorithm described in the embodiment of the present invention, is not limited to a kind of cryptographic algorithm, can be symmetric encipherment algorithm AES, DES, also can be rivest, shamir, adelman RSA, ECC, certainly, can also be the algorithm of other type, cryptographic algorithm as commercial in country etc.
Wherein, AES cryptographic algorithm (its English full name is Advanced Encryption Standard, and Chinese full name is Advanced Encryption Standard), based on arranging and in-place computation.Arrangement is that data are re-started to arrangement, and displacement is that a data cell is replaced with to another.AES carries out and arranges and in-place computation with several diverse ways.
AES is the password of an iteration, symmetric key grouping, and it can use 128,192 and 256 keys, and with 128 (16 byte) block encryption and data decryptions.Use key to different from public key cryptography, symmetric key cipher is used identical secret key encryption and data decryption.The figure place of the enciphered data of returning by block cipher is identical with input data.Iterative cryptographic is used a loop structure, repeats displacement and replace input data in this circulation.
Described DES (English full name is Data Encryption Algorithm, and Chinese full name is DEA), is a kind of symmetric encipherment algorithm, is most popular cipher key system, particularly in the safety of protecting finance data.
DES is used the key of 56 and additional 8 bit parity check positions (the 8th of every group as parity check bit), produces the packet size of maximum 64.This is the block cipher of an iteration, uses the technology that is called Feistel, wherein by the text block of encrypting in two.Use sub-key to half application cycle function wherein, then output and second half are carried out to nonequivalence operation; Then exchange these two halves, this process can continue, but last circulation does not exchange.DES is used 16 to take turns circulation, uses XOR, displacement, replacement, four kinds of basic operations of shifting function.
Described RSA, i.e. public-key encryptosystem.So-called public-key encryptosystem is exactly to use different encryption key and decruption key, is a kind of " go out decruption key by known encryption key derivation is infeasible on calculating " cryptographic system.
In public-key encryptosystem, encryption key (being public-key cryptography) is public information, and decruption key (being privacy key) is need to be keep secret.Cryptographic algorithm and decipherment algorithm are all also disclosed.Although privacy key is determined by public-key cryptography, can not calculate privacy key according to public-key cryptography.
(English full name is Elliptic Curves Cryptography to described ECC, Chinese full name is elliptic curve cipher coding theory) cryptographic algorithm, the mathematical theory of ECC algorithm is very abstruse and complicated, be relatively difficult to realize, but its unit security intensity is relatively high in engineering application.
Described according to the cryptographic algorithm of encryption chip, determine wrong injection attacks in cryptographic algorithm by attack parameter, according to different cryptographic algorithm, described not identical by attack parameter yet, as for CRT, (English full name is: Chinese remainder theorem, Chinese full name is: Chinese remainder theorem) in RSA cryptographic algorithms, as long as one of them power operation (S por S q) make a mistake, just can successfully extrapolate key.Therefore, in RSA-CRT cryptographic algorithm by attack parameter, can be S p, can be also S q.
For other cryptographic algorithm, also can, according to the corresponding fault analysis injection parameter of cryptographic algorithm, determine by attack parameter accordingly.
In step S102, according to described wrong injection attacks by attack parameter, search in described encryption chip to calculate described by the relevant responsive register of attack parameter.
Concrete, the fault analysis of described injection, can be including, but not limited to heavy ion fault analysis, Ear Mucosa Treated by He Ne Laser Irradiation fault analysis, X ray fault analysis etc.
Described search in described encryption chip to calculate described by the relevant responsive register of attack parameter, can be according to by the expression formula of attack parameter, obtain and calculate describedly by the relevant factor of attack parameter, this relevant register memory space because of sub-definite is responsive register.
In step S103, calculating described responsive register interleave scan chain of being correlated with by attack parameter.
Concrete, according to safe design for Measurability instrument (DFST, English full name is Design for Safe Testability), interleave scan chain in calculating described responsive register of being correlated with by attack parameter.
Described scan chain, (English full name is: a kind of technology that realizes that is Scan chain) Testability Design.It is by implanting shift register, makes the tester can be from the signal value of external control and observation inside circuit trigger.
In step S104, according to test vector and the described wrong injection attacks of input, scanning output is described by the scanning Output rusults of attack parameter.
Described test vector, can be used automatic test vector instrument, such as TeraMax, generates test vector.
In step S105, by the scanning Output rusults comparison of the scanning Output rusults of being attacked and expectation, according to comparative result, determine the fail safe of encryption chip.
Described responsive register, for to by the relevant register of the calculating of attack parameter, other not to by attack parameter, calculated relevant register, and cipher key register does not need interleave scan chain.
The benefit of doing is like this, can avoid causing because of the insertion of scan chain on the one hand the Key Exposure of chip, induces on the other hand under wrong injection experiments, can judge fast the safe coefficient of this safety chip under test pattern by sweep test.
Wherein, by the scanning Output rusults comparison of the scanning Output rusults of being attacked and expectation, according to comparative result, determine that the fail safe step of encryption chip comprises:
By the scanning Output rusults comparison of the scanning Output rusults of being attacked and expectation, judge that whether both are identical;
If identical, the fail safe of described encryption chip is by testing authentication;
If not identical, described encryption chip is failed by security test.
The scanning Output rusults of described expectation, encryption chip when receiving test vector input, the normal result of being exported by attack parameter.
CRT-RSA cryptographic algorithm below by 1024 of concrete rivest, shamir, adelmans is that example is specifically described; be to be understood that; CRT-RSA is a kind of execution mode wherein just; persons skilled in the art it will also be appreciated that other similar design therewith, all should be in protection scope of the present invention.
If a and b are precalculated values, p and q are two prime numbers, n=p*q, and d is private key parameter, and:
a ≡ 1 mod p a ≡ 0 mod q and b ≡ 0 mod p b ≡ 1 mod q
And definition:
d p=d (mod p-1)
d q=d (mod q-1)
Can be expressed as of RSA signature:
s=a·s p+b·s q(mod N),
Wherein,
s p = m d p , mod p
s q = m d q , mod q ,
If s por s qwherein there is one to make a mistake, such as s qmake a mistake, so wrong signature result can be expressed as:
s′=a·s p+b·s′ q(mod N),
Correct signature result and wrong signature result are subtracted each other and can be obtained: Δ=s-s '=b (s q-s ' q) (modn), a simple calculations just can calculate p, thereby obtain key information: gcd (Δ, n)=p.
Therefore, in CRT-RSA cryptographic algorithm, selected and calculating s por s qthe register of relevant parameter is responsive register, and interleave scan chain, avoids inserting register in key, thereby can eliminate the potential safety hazard of being brought by transmission scan chain, has guaranteed again measurability and ornamental to sensitizing range, safety chip inside.
In addition, by safe design for Measurability method DFST and the wrong injection technique of induction, combine, encryption chip with specific scan chain is carried out to mistake and inject test, can assess fast the fail safe of encryption chip, the accurate weak spot of positioning chip, for the defence design of encryption chip provides strong reference.
The structural representation of the Testing Method of Safety of the encryption chip that Fig. 2 provides for the embodiment of the present invention, as shown in Figure 2, by test vector Core Generator, generate CRT-RSA test vector, described test vector can generate test vector by TetraMax, and the test vector of generation is input to chip.In described encryption chip, store encrypting and decrypting algorithm, and by abductive approach mistake injection attacks, at responsive register interleave scan chain.Input by test vector and induce wrong injection, by the variation of scan chain monitoring sensitive parameter, the output vector of output sensitive parameter, compare with the result of test pattern file expectation, if come to the same thing, represent not to be subject to inducing wrong interference, the security performance of chip is good.
Fig. 3 is the structural representation of the encryption chip safety instrumentation described in the embodiment of the present invention, and encryption chip security performance testing apparatus comprises described in the embodiment of the present invention:
By attack parameter determining unit 301, according to the cryptographic algorithm of described encryption chip, determine wrong injection attacks in cryptographic algorithm by attack parameter;
Responsive register is searched unit 302, for according to described wrong injection attacks by attack parameter, search in described encryption chip to calculate described by the relevant responsive register of attack parameter;
Scan chain plug-in unit 303, for calculating described responsive register interleave scan chain of being correlated with by attack parameter;
Result output unit 304, for according to test vector and the described wrong injection attacks of input, scans output described by the scanning Output rusults of attack parameter;
Fail safe determining unit 305, for by the scanning Output rusults comparison of the scanning Output rusults of being attacked and expectation, determines the fail safe of encryption chip according to comparative result.
Concrete optional, described cryptographic algorithm is symmetric encipherment algorithm or rivest, shamir, adelman.
More specifically, the cryptographic algorithm of described chip is CRT-RSA cryptographic algorithm, described by attack parameter determining unit specifically for:
The signature expression formula of encrypting according to CRT-RSA: s=as p+ bs q(modn) what, determine wrong injection attacks in described CRT-RSA cryptographic algorithm is s by attack parameter por s q, wherein, s q = m d q ( mod q ) , d p=d(modp-1),d q=d(modq-1), a ≡ 1 ( mod p ) a ≡ 0 ( mod q ) , b ≡ 0 ( mod p ) b ≡ 1 ( mod q ) , Two prime numbers that wherein p and q are, m is the message for encrypting, n=p*q, d is private key parameter.
Concrete, described fail safe determining unit comprises:
Relatively subelement, for by the scanning Output rusults comparison of the scanning Output rusults of being attacked and expectation, judges that whether both are identical;
The first checking subelement, if for identical, the fail safe of described encryption chip is by testing authentication;
The second checking subelement, if for not identical, described encryption chip is failed by security test.
Preferably, described scan chain plug-in unit specifically for: according to design for Measurability instrument, calculating described responsive register interleave scan chain of being correlated with by attack parameter.
Encryption chip safety instrumentation described in Fig. 3 is corresponding with the encryption chip safety detecting method described in Fig. 1, at this, does not repeat.
The foregoing is only preferred embodiment of the present invention, not in order to limit the present invention, all any modifications of doing within the spirit and principles in the present invention, be equal to and replace and improvement etc., within all should being included in protection scope of the present invention.

Claims (10)

1. an encryption chip Testing Method of Safety, is characterized in that, described method comprises:
According to the cryptographic algorithm of described encryption chip, determine wrong injection attacks in cryptographic algorithm by attack parameter;
According to described wrong injection attacks by attack parameter, search in described encryption chip to calculate described by the relevant responsive register of attack parameter;
Calculating described responsive register interleave scan chain of being correlated with by attack parameter;
According to test vector and the described wrong injection attacks of input, scanning output is described by the scanning Output rusults of attack parameter;
By the scanning Output rusults comparison of the scanning Output rusults of being attacked and expectation, according to comparative result, determine the fail safe of encryption chip.
2. method according to claim 1, is characterized in that, described cryptographic algorithm is symmetric encipherment algorithm or rivest, shamir, adelman.
3. according to method described in claim 1 or 2, it is characterized in that, the cryptographic algorithm of described chip is CRT-RSA cryptographic algorithm, described according to the cryptographic algorithm of described encryption chip, determines being comprised by attack parameter of wrong injection attacks in cryptographic algorithm:
The signature expression formula of encrypting according to CRT-RSA: s=as p+ bs q(modn) what, determine wrong injection attacks in described CRT-RSA cryptographic algorithm is s by attack parameter por s q, wherein, d p=d (modp-1), d q=d (modq-1), two prime numbers that wherein p and q are, m is the message for encrypting, n=p*q, d is private key parameter.
4. method according to claim 1, is characterized in that, by the scanning Output rusults comparison of the scanning Output rusults of being attacked and expectation, determines that the fail safe step of encryption chip comprises according to comparative result:
By the scanning Output rusults comparison of the scanning Output rusults of being attacked and expectation, judge that whether both are identical;
If identical, the fail safe of described encryption chip is by testing authentication;
If not identical, described encryption chip is failed by security test.
5. method according to claim 1, is characterized in that, is describedly specially calculating described responsive register interleave scan chain step of being correlated with by attack parameter:
According to design for Measurability instrument, searched responsive register is inserted in scan chain.(this step is only for to interleave scan chain, and the process of searching responsive register has restriction in other step).
6. an encryption chip security performance testing apparatus, is characterized in that, described device comprises:
By attack parameter determining unit, according to the cryptographic algorithm of described encryption chip, determine wrong injection attacks in cryptographic algorithm by attack parameter;
Responsive register is searched unit, for according to described wrong injection attacks by attack parameter, search in described encryption chip to calculate described by the relevant responsive register of attack parameter;
Scan chain plug-in unit, for calculating described responsive register interleave scan chain of being correlated with by attack parameter;
Result output unit, for according to test vector and the described wrong injection attacks of input, scans output described by the scanning Output rusults of attack parameter;
Fail safe determining unit, for by the scanning Output rusults comparison of the scanning Output rusults of being attacked and expectation, determines the fail safe of encryption chip according to comparative result.
7. install according to claim 6, it is characterized in that, described cryptographic algorithm is symmetric encipherment algorithm or rivest, shamir, adelman.
According to described in claim 6 or 7 device, it is characterized in that, the cryptographic algorithm of described chip is CRT-RSA cryptographic algorithm, described by attack parameter determining unit specifically for:
The signature expression formula of encrypting according to CRT-RSA: s=as p+ bs q(modn) what, determine wrong injection attacks in described CRT-RSA cryptographic algorithm is s by attack parameter por s q, wherein, d p=d (modp-1), d q=d (modq-1), two prime numbers that wherein p and q are, m is the message for encrypting, n=p*q, d is private key parameter.
9. install according to claim 6, it is characterized in that, described fail safe determining unit comprises:
Relatively subelement, for by the scanning Output rusults comparison of the scanning Output rusults of being attacked and expectation, judges that whether both are identical;
The first checking subelement, if for identical, the fail safe of described encryption chip is by testing authentication;
The second checking subelement, if for not identical, described encryption chip is failed by security test.
According to claim 6 device, it is characterized in that, described scan chain plug-in unit specifically for: according to design for Measurability instrument, searched responsive register is inserted in scan chain.
CN201410240453.1A 2014-05-30 2014-05-30 A kind of encryption chip Testing Method of Safety and device Active CN103997402B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201410240453.1A CN103997402B (en) 2014-05-30 2014-05-30 A kind of encryption chip Testing Method of Safety and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201410240453.1A CN103997402B (en) 2014-05-30 2014-05-30 A kind of encryption chip Testing Method of Safety and device

Publications (2)

Publication Number Publication Date
CN103997402A true CN103997402A (en) 2014-08-20
CN103997402B CN103997402B (en) 2017-06-23

Family

ID=51311413

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201410240453.1A Active CN103997402B (en) 2014-05-30 2014-05-30 A kind of encryption chip Testing Method of Safety and device

Country Status (1)

Country Link
CN (1) CN103997402B (en)

Cited By (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104660466A (en) * 2015-02-06 2015-05-27 深圳先进技术研究院 Security testing method and system
CN104836808A (en) * 2015-05-12 2015-08-12 中国科学院软件研究所 Method for verifying safety of SM2 signature algorithm based on improved difference error attack
CN105045695A (en) * 2015-08-17 2015-11-11 大唐微电子技术有限公司 Method and system for protecting chips in process of entering test mode
CN105376058A (en) * 2015-10-08 2016-03-02 深圳先进技术研究院 A security evaluation method and device for hardware based on the RSA algorithm
CN106100827A (en) * 2015-04-29 2016-11-09 Arm 有限公司 Error Protection Key Generation Method And System
CN107966644A (en) * 2017-10-23 2018-04-27 北京中电华大电子设计有限责任公司 A kind of test pattern guard method of random key and circuit
CN108173645A (en) * 2017-12-27 2018-06-15 中国科学院国家空间科学中心 The safety detection method and its device of a kind of crypto chip
CN110020558A (en) * 2019-04-09 2019-07-16 长沙理工大学 A kind of safe crypto chip Testability Design structure under boundary scan design environment
CN110247929A (en) * 2019-06-28 2019-09-17 兆讯恒达微电子技术(北京)有限公司 A kind of method of the anti-injection attack of elliptic curve encryption algorithm coprocessor
CN110598398A (en) * 2019-08-26 2019-12-20 浙江大学 Chip security evaluation method based on steady-state fault
CN110798305A (en) * 2019-09-24 2020-02-14 瓦戈科技有限公司 Fault analysis defense method, electronic equipment and readable storage medium
CN111416796A (en) * 2019-01-06 2020-07-14 新唐科技股份有限公司 Protected system and protection method thereof
CN112506730A (en) * 2020-11-10 2021-03-16 中国人民解放军战略支援部队信息工程大学 Verification platform and verification method suitable for network switching chip ECC function verification
WO2022088584A1 (en) * 2020-10-28 2022-05-05 南京邮电大学 Method for preventing differential cryptanalysis attack
CN116400199A (en) * 2023-06-05 2023-07-07 中国汽车技术研究中心有限公司 Chip clock burr fault injection cross-validation test method and device

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103530566A (en) * 2013-10-21 2014-01-22 中国科学院深圳先进技术研究院 System for detecting safety performance of safety chip under induced error attacks

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103530566A (en) * 2013-10-21 2014-01-22 中国科学院深圳先进技术研究院 System for detecting safety performance of safety chip under induced error attacks

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
BO YANG ET AL.: "Secure Scan: A Design-for-Test Architecture for Crypto Chips", 《IEEE TRANSACTIONS ON COMPUTER-AIDED DESIGN OF INTEGRATED CIRCUITS AND SYSTEMS》 *
H. LI AND S. MOORE: "Security evaluation at design time against optical fault injection attacks", 《IEE PROCEEDINGS - INFORMATION SECURITY》 *

Cited By (29)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104660466B (en) * 2015-02-06 2018-02-09 深圳先进技术研究院 A kind of safety detecting method and system
CN104660466A (en) * 2015-02-06 2015-05-27 深圳先进技术研究院 Security testing method and system
CN106100827A (en) * 2015-04-29 2016-11-09 Arm 有限公司 Error Protection Key Generation Method And System
US11360850B2 (en) 2015-04-29 2022-06-14 Arm Limited Error protection key generation method and system
CN104836808A (en) * 2015-05-12 2015-08-12 中国科学院软件研究所 Method for verifying safety of SM2 signature algorithm based on improved difference error attack
CN104836808B (en) * 2015-05-12 2017-12-15 中国科学院软件研究所 Based on the SM2 signature algorithm security verification methods for improving difference fault analysis
CN105045695B (en) * 2015-08-17 2018-08-10 大唐微电子技术有限公司 A kind of chip enters guard method and the system of test pattern
CN105045695A (en) * 2015-08-17 2015-11-11 大唐微电子技术有限公司 Method and system for protecting chips in process of entering test mode
CN105376058A (en) * 2015-10-08 2016-03-02 深圳先进技术研究院 A security evaluation method and device for hardware based on the RSA algorithm
CN105376058B (en) * 2015-10-08 2018-08-10 深圳先进技术研究院 A kind of security assessment method and device of the hardware based on RSA Algorithm
CN107966644A (en) * 2017-10-23 2018-04-27 北京中电华大电子设计有限责任公司 A kind of test pattern guard method of random key and circuit
CN108173645A (en) * 2017-12-27 2018-06-15 中国科学院国家空间科学中心 The safety detection method and its device of a kind of crypto chip
CN108173645B (en) * 2017-12-27 2021-02-02 中国科学院国家空间科学中心 Security detection method and device for password chip
CN111416796A (en) * 2019-01-06 2020-07-14 新唐科技股份有限公司 Protected system and protection method thereof
CN110020558A (en) * 2019-04-09 2019-07-16 长沙理工大学 A kind of safe crypto chip Testability Design structure under boundary scan design environment
CN110247929B (en) * 2019-06-28 2021-06-11 兆讯恒达科技股份有限公司 Method for preventing injection type attack of elliptic encryption algorithm coprocessor
CN110247929A (en) * 2019-06-28 2019-09-17 兆讯恒达微电子技术(北京)有限公司 A kind of method of the anti-injection attack of elliptic curve encryption algorithm coprocessor
CN110598398B (en) * 2019-08-26 2021-03-19 浙江大学 Chip security evaluation method based on steady-state fault
CN110598398A (en) * 2019-08-26 2019-12-20 浙江大学 Chip security evaluation method based on steady-state fault
CN110798305B (en) * 2019-09-24 2023-05-30 瓦戈科技有限公司 Fault analysis defense method, electronic equipment and readable storage medium
CN110798305A (en) * 2019-09-24 2020-02-14 瓦戈科技有限公司 Fault analysis defense method, electronic equipment and readable storage medium
JP7270172B2 (en) 2020-10-28 2023-05-10 南京郵電大学 How to prevent differential cryptanalysis attacks
JP2022549980A (en) * 2020-10-28 2022-11-30 南京郵電大学 How to prevent differential cryptanalysis attacks
US11520934B2 (en) 2020-10-28 2022-12-06 Nanjing University Of Posts And Telecommunications Method for preventing differential cryptanalysis attack
WO2022088584A1 (en) * 2020-10-28 2022-05-05 南京邮电大学 Method for preventing differential cryptanalysis attack
CN112506730B (en) * 2020-11-10 2022-11-01 中国人民解放军战略支援部队信息工程大学 Verification platform and verification method suitable for network switching chip ECC function verification
CN112506730A (en) * 2020-11-10 2021-03-16 中国人民解放军战略支援部队信息工程大学 Verification platform and verification method suitable for network switching chip ECC function verification
CN116400199A (en) * 2023-06-05 2023-07-07 中国汽车技术研究中心有限公司 Chip clock burr fault injection cross-validation test method and device
CN116400199B (en) * 2023-06-05 2023-09-15 中国汽车技术研究中心有限公司 Chip clock burr fault injection cross-validation test method and device

Also Published As

Publication number Publication date
CN103997402B (en) 2017-06-23

Similar Documents

Publication Publication Date Title
CN103997402A (en) Encryption chip safety performance testing method and device
JP6366595B2 (en) Method and system for anti-glitch cryptographic discrete log-based signature
Aghaie et al. Impeccable circuits
EP3208789B1 (en) Method of protecting a circuit against a side-channel analysis
Turan et al. Recommendation for password-based key derivation
TWI503688B (en) Method for authenticating access to a secured chip by a test device
Lashermes et al. A DFA on AES based on the entropy of error distributions
Da Rolt et al. A new scan attack on rsa in presence of industrial countermeasures
Otto Fault attacks and countermeasures.
KR20100113130A (en) Countermeasure method and devices for asymmetric cryptography
Tunstall Smart card security
JP2010164904A (en) Elliptic curve arithmetic processing unit and elliptic curve arithmetic processing program and method
TWI512610B (en) Modular reduction using a special form of the modulus
Genkin et al. Cache vs. key-dependency: Side channeling an implementation of Pilsung
Turan et al. Sp 800-132. recommendation for password-based key derivation: Part 1: Storage applications
CN110912672A (en) Method for detecting resistance of COLM authentication encryption algorithm to differential fault attack
Huang et al. Cache-timing attack against HQC
Fahr The Effects of Side-Channel Attacks on Post-Quantum Cryptography: Influencing FrodoKEM Key Generation Using the Rowhammer Exploit
Feiten et al. Formal vulnerability analysis of security components
Rahman et al. Design and security-mitigation of custom and configurable hardware cryptosystems
Karri et al. Parity-based concurrent error detection in symmetric block ciphers
Arjunan et al. Securing RSA algorithm against timing attack.
Vassilev et al. Psst, can you keep a secret?
Cintas-Canto et al. Reliable Code-Based Post-Quantum Cryptographic Algorithms through Fault Detection on FPGA
Cucurull et al. Transitioning to a Javascript voting client for remote online voting

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
ASS Succession or assignment of patent right

Owner name: BUSINESS PASSWORD TEST CENTER STATE CRYPTOGRAPHY A

Effective date: 20150113

C41 Transfer of patent application or patent right or utility model
C53 Correction of patent of invention or patent application
CB03 Change of inventor or designer information

Inventor after: Shao Cuiping

Inventor after: Li Huiyun

Inventor after: Xu Guoqing

Inventor after: Li Dawei

Inventor after: Luo Peng

Inventor before: Shao Cuiping

Inventor before: Li Huiyun

Inventor before: Xu Guoqing

COR Change of bibliographic data

Free format text: CORRECT: INVENTOR; FROM: SHAO CUIPING LI HUIYUN XU GUOQING TO: SHAO CUIPING LI HUIYUN XU GUOQING LI DAWEI LUO PENG

TA01 Transfer of patent application right

Effective date of registration: 20150113

Address after: 1068 No. 518000 Guangdong city in Shenzhen Province, Nanshan District City Xili University School Avenue

Applicant after: Shenzhen Institutes of Advanced Technology, Chinese Academy of Science

Applicant after: State Cryptography Administration Commercial Code Testing Center

Address before: 1068 No. 518000 Guangdong city in Shenzhen Province, Nanshan District City Xili University School Avenue

Applicant before: Shenzhen Institutes of Advanced Technology, Chinese Academy of Science

GR01 Patent grant
GR01 Patent grant