CN107368755A - Circuit and its security architecture design method, device, equipment and storage medium - Google Patents

Circuit and its security architecture design method, device, equipment and storage medium Download PDF

Info

Publication number
CN107368755A
CN107368755A CN201710423463.2A CN201710423463A CN107368755A CN 107368755 A CN107368755 A CN 107368755A CN 201710423463 A CN201710423463 A CN 201710423463A CN 107368755 A CN107368755 A CN 107368755A
Authority
CN
China
Prior art keywords
rram
read
write
current
switching tube
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201710423463.2A
Other languages
Chinese (zh)
Other versions
CN107368755B (en
Inventor
池源
刘远
恩云飞
王力纬
陈义强
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Electronic Product Reliability and Environmental Testing Research Institute
Original Assignee
China Electronic Product Reliability and Environmental Testing Research Institute
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Electronic Product Reliability and Environmental Testing Research Institute filed Critical China Electronic Product Reliability and Environmental Testing Research Institute
Priority to CN201710423463.2A priority Critical patent/CN107368755B/en
Publication of CN107368755A publication Critical patent/CN107368755A/en
Application granted granted Critical
Publication of CN107368755B publication Critical patent/CN107368755B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • G06F21/73Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information by creating or determining hardware identification, e.g. serial numbers
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • G06F21/72Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in cryptographic circuits
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0866Generation of secret information including derivation or calculation of cryptographic keys or passwords involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3271Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
    • H04L9/3278Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response using physically unclonable functions [PUF]

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mathematical Physics (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)

Abstract

The present invention, which provides a kind of physics unclonable function circuit and its security architecture design method, device, equipment and storage medium, the circuit, to be included:RRAM read-write cells and the current comparator being connected with RRAM read-write cells;RRAM read-write cells include RRAM units and read signal switching tube;One end of RRAM units is connected to driving voltage as the excitation input of RRAM read-write cells, and the other end connects the first pole of read signal switching tube;Second pole of read signal switching tube is connected as the read signal input of RRAM read-write cells with input stimulus, and the 3rd pole of read signal switching tube is connected as the current output terminal of RRAM read-write cells with current comparator;The output current of RRAM read-write cells compared with preset reference electric current, is obtained output signal corresponding with RRAM units by current comparator.Because the circuit includes RRAM units, output signal is obtained by way of read current, therefore with high, simple in construction, chip occupying area the is small beneficial effect of stability.

Description

Circuit and its security architecture design method, device, equipment and storage medium
Technical field
The present invention relates to chip secure technical field, more particularly to a kind of physics unclonable function circuit and its roll-over protective structure Structure design method, device, equipment and storage medium.
Background technology
Physics unclonable function (Physical Unclonable Function, PUF) was being made using chip The slight change of technique in journey, a series of characteristics similar to fingerprint are produced on device physicses structural level, these are special It is unique for each chip on every wafer to levy data.In the circuit comprising PUF structures, only defeated Enter to obtain under conditions of correct key relevant information or cause circuit normal work, encryption, the decryption of the process and software Process is more similar.However, compared to the logical calculated of traditional software, PUF keys are determined that it has by the physical features of chip It is unclonable and distort, be stable unique, with take with, be difficult to predict but the advantages that be easy to measurement, its function is encrypted compared with pure software It is stronger.Based on PUF and associated higher AES is combined, is greatly improved the safety of integrated circuit and system information transmission Property.
Conventional PUF structures are divided into silicon substrate PUF and non-silicon-based PUF.Wherein, silicon substrate PUF has static memory PUF, annular Oscillator PUF, moderator PUF, coating PUF and butterfly-type PUF etc..Non-silicon-based PUF refer to using non-silicon technology produce PUF units, Then the technology being used in combination with silicon-based electronic circuits, theoretical research aspect is only rested at present, have no that Related product emerges.Due to Silicon substrate PUF is influenceed by factors such as environment temperature, noise jammings, and it is often narrower to result in correct working range, can not ensure The output that PUF is consistent when electric on each chip, its stability are poor;And some stability it is higher PUF structures it is past Toward the very big chip area of occupancy is needed, it is unfavorable for the integrated of chip and reduces cost.
The content of the invention
Based on this, it is necessary to provide a kind of physics high, simple in construction, that chip occupying area is small of stability unclonable letter Number circuit and its security architecture design method, device, equipment and storage medium.
A kind of physics unclonable function circuit, including:RRAM read-write cells and it is connected with the RRAM read-write cells Current comparator;
The RRAM read-write cells include RRAM units and read signal switching tube;Described in one end of the RRAM units is used as The excitation input of RRAM read-write cells is connected to driving voltage, and the other end connects the first pole of the read signal switching tube;Institute The second pole for stating read signal switching tube is connected as the read signal input of the RRAM read-write cells with input stimulus, the reading 3rd pole of signaling switch pipe is connected as the current output terminal I/O of the RRAM read-write cells with the current comparator;When The second of the read signal switching tube extremely high level when, the read signal switching tube is turned on from the first pole to the 3rd pole;
The current comparator compared with preset reference electric current, obtains the output current of the RRAM read-write cells Output signal corresponding with the RRAM units.
A kind of physics unclonable function circuit safety architecture design method, including:
By carrying out write operation to the RRAM units of above-mentioned physics unclonable function circuit, complete mono- to the RRAM The initialization of member;
Will be pre- with being write in the initial phase write operation according to the current output signal that current input stimulus obtain If key is matched;
When matching result is that the match is successful, authorize successfully;Otherwise, authorization failure.
A kind of physics unclonable function circuit safety architecture design device, including:
Initialization module, for by carrying out write operation to the RRAM units of above-mentioned physics unclonable function circuit, Complete the initialization to the RRAM units;
Cipher key match module, for the current output signal that will be obtained according to current input stimulus and in the initialization rank The preset-key of section write operation write-in is matched;
Matching result module, for when matching result is that the match is successful, authorizing successfully;Otherwise, authorization failure.
A kind of computer equipment, including memory, processor and be stored on the memory and can be in the processor The computer program of upper operation, above-mentioned physics unclonable function electricity is realized described in the computing device during computer program The step of road security architecture design method.
A kind of computer-readable storage medium, computer program, the computer journey are stored with the computer-readable storage medium When sequence is executed by processor, the step of realizing above-mentioned physics unclonable function circuit safety architecture design method.
Physics unclonable function circuit and its security architecture design method, device, equipment and storage medium, due to the electricity Road includes RRAM units, and output signal is obtained by way of read current, therefore compared to traditional silicon substrate PUF circuits, tool There is the beneficial effect that stability is high, simple in construction, chip occupying area is small.
Brief description of the drawings
Fig. 1 is the schematic diagram of the physics unclonable function circuit of an embodiment;
Fig. 2 is the structural representation of the RRAM units in the physics unclonable function circuit of a specific embodiment;
Fig. 3 is the resistance value state and excitation electricity of the RRAM units in the physics unclonable function circuit of a specific embodiment The graph of a relation of pressure;
Fig. 4 is the electric current probability distribution graph of RRAM units;
Fig. 5 is the resistance probability distribution graph of RRAM units;
Fig. 6 is the schematic diagram of the physics unclonable function circuit of another embodiment;
Fig. 7 is the flow chart of the physics unclonable function circuit safety architecture design method of an embodiment;
Fig. 8 is the flow chart of the physics unclonable function circuit safety architecture design method of another embodiment;
Fig. 9 is the structure chart of the physics unclonable function circuit safety architecture design device of an embodiment.
Embodiment
For the ease of understanding the present invention, the present invention is described more fully below with reference to relevant drawings.In accompanying drawing Give the preferred embodiment of the present invention.But the present invention can realize in many different forms, however it is not limited to herein Described embodiment.On the contrary, the purpose for providing these embodiments is to make the understanding to the disclosure more saturating It is thorough comprehensive.
Unless otherwise defined, all of technologies and scientific terms used here by the article is with belonging to technical field of the invention The implication that technical staff is generally understood that is identical.Term used in the description of the invention herein is intended merely to description tool The purpose of the embodiment of body, it is not intended that in the limitation present invention.Term as used herein " and/or " include one or more phases The arbitrary and all combination of the Listed Items of pass.
Referring to Fig. 1, an embodiment of the present invention provides a kind of physics unclonable function circuit, including:RRAM reads and writes Unit 120 and the current comparator 140 being connected with RRAM read-write cells 120;
RRAM read-write cells 120 include RRAM units 121 and read signal switching tube 123;One end conduct of RRAM units 121 The excitation input of RRAM read-write cells 120 is connected to driving voltage VW/VR, the first of other end connection read signal switching tube 123 Pole;Second pole of read signal switching tube 123 connects as the read signal input Read of RRAM read-write cells 120 with input stimulus Connect, the 3rd pole of read signal switching tube 123 connects as the current output terminal I/O of RRAM read-write cells 120 with current comparator 140 Connect;When the second extremely high level of read signal switching tube 123, read signal switching tube 123 is turned on from the first pole to the 3rd pole.Tool Body, read signal switching tube 123 can be metal-oxide-semiconductor (metal-oxid-semiconductor, Metal-oxide-semicondutor field Effect transistor), the second extremely grid, first can be extremely drain electrode, and the 3rd extremely can be source electrode, the extremely high level of guarantee second When, read signal switching tube 123 is turned on from the first pole to the 3rd pole.
Current comparator 140 is used for the output current of RRAM read-write cells 120 compared with preset reference electric current, obtains To with 121 corresponding output signal of RRAM units.
RRAM units 121 are resistive formula memory, wherein, RRAM is Resistive Random Access Memory's Abbreviation, i.e. resistive formula memory.Resistive formula memory is a kind of to be deposited based on change in resistance come the non-volatile of records store data Reservoir, it has, and simple in construction, size is small, the retention time is long, erasable speed is fast, operating voltage is small, non-Destructive readout, with The advantages that CMOS technology compatibility.
In a wherein specific embodiment, the sandwich knot of the generally use metal of RRAM units 121-resistive material-metal Structure, as shown in Figure 2.By metal electrode, such as Au (gold) in figure and the electrode where Ni (nickel), to resistive material (e.g., in figure HfO2) apply appropriate driving voltage (e.g., the V in figureCC) after, RRAM units 121 can be between high-impedance state and low resistance state Changed, to store corresponding logical data.After driving voltage is removed, the resistance value of resistive material can also remain unchanged, Thus its storage information has non-volatile, and value preserving property is good, and reading will not be right when the voltage of resistance fluctuates in wider scope Its value has an impact, and its stability is strong;In data read process, it is only necessary to apply to RRAM units 121 compared with the driving voltage Respective resistance values or electric current are read after small voltage can read data, and reading process can't produce to the resistance value of resistive material Influence, thus it has the characteristics that non-Destructive readout.In the case of external voltage is not applied, the shape at initial stage of RRAM units 121 State is random value;And after external voltage situation is applied, its logic state is fixed value, thus RRAM is applied to make PUF (Physical Unclonable Function, physics unclonable function) circuit structure.
The resistance value state of RRAM units 121 and the relation of driving voltage are as shown in Figure 3.Apply just if RRAM units 121 To driving voltage, when voltage is less than positive predeterminated voltage VTPWhen, the resistance value state of RRAM units 121 is high-impedance state;When voltage is big In positive predeterminated voltage VTPWhen, the resistance value state of RRAM units 121 is low resistance state.Apply negative incentive if RRAM units 121 Voltage, when voltage is more than negative sense predeterminated voltage VTNWhen, the resistance value state of RRAM units 121 is low resistance state;When voltage is less than negative sense Predeterminated voltage VTNWhen, the resistance value state of RRAM units 121 is high-impedance state.Wherein, positive predeterminated voltage VTPIt is RRAM units 121 The positive bias voltage node of resistance value state conversion;Negative sense predeterminated voltage VTNIt is the negative bias of the resistance value state of RRAM units 121 conversion Voltage node.
Please continue to refer to Fig. 1, when the second extremely high level, i.e. read signal input Read of read signal switching tube 123 is During high level, read signal switching tube 123 turns on;Now apply driving voltage VRRead operation is carried out, by read signal switching tube 123 The current output terminal I/O read currents of 3rd pole, i.e. RRAM read-write cells 120.
It should be noted that in this embodiment, it is input to by read current output end I/O electric current, then by the electric current Current comparator 140 is compared with preset reference electric current, so as to obtain output signal according to comparative result.Pass through read current Mode obtain in the mode of output signal available electric current probability distribution graph as shown in figure 4, the resistance of RRAM units 121 When state is high-impedance state (HRS), the position less than preset reference electric current is concentrated on, the resistance value state of RRAM units 121 is low-resistance During state (LRS), the position higher than preset reference electric current is concentrated on.In the mode that output signal is obtained by way of reading resistance Available distribution of resistance figure is as shown in figure 5, when resistance is near preset reference resistance, the resistance shape of RRAM units 121 State may be that high-impedance state (HRS) may also be low resistance state (LRS).Therefore, when output signal is obtained by way of read current, The resistance value state of RRAM units 121 significantly can be distinguished out, enable to the output signal result that finally gives more accurate Really, stably.
In a wherein specific embodiment, RRAM units 121 have binary feature, that is to say, that RRAM units 121 have There are two kinds of resistance value states, one of which is high-impedance state, can represent logical zero, and another is low resistance state, can represent logic “1”.When applying external drive voltage to some value, resistance value state will produce mutation, but the problem of due to technique, each RRAM units 121 can not possibly be identical, therefore the mechanism voltage of corresponding mutation also can be otherwise varied.Such as:For A units 0.5V correspond to high-impedance state i.e. logical zero, but 0.5V may correspond to low resistance state i.e. logic 1 for unit B. Therefore, for the physics unclonable function circuit including RRAM units 121, it is possible to produce random key signal. Only when output signal is consistent with the key signal, the physics unclonable function circuit could authorize success.
Above-mentioned physics unclonable function circuit, including:RRAM read-write cells 120 and it is connected with RRAM read-write cells 120 Current comparator 140;RRAM read-write cells 120 include RRAM units 121 and read signal switching tube 123;RRAM units 121 One end is connected to driving voltage as the excitation input of RRAM read-write cells 120, other end connection read signal switching tube 123 First pole;Read signal input Read and input stimulus of second pole of read signal switching tube 123 as RRAM read-write cells 120 Connection, the current output terminal I/O and current comparator 140 of the 3rd pole of read signal switching tube 123 as RRAM read-write cells 120 Connection;When the second extremely high level of read signal switching tube 123, read signal switching tube 123 is turned on from the first pole to the 3rd pole; Current comparator 140 is used for the output current of RRAM read-write cells 120 compared with preset reference electric current, obtains and RRAM Output signal corresponding to unit 121.Because the circuit includes RRAM units 121, output letter is obtained by way of read current Number, therefore compared to traditional silicon substrate PUF circuits, there is high, simple in construction, chip occupying area the is small beneficial effect of stability Fruit.
It is can be obtained by it should also be noted that, the circuit need not introduce ECC (error checking and correction technology) close to 0% Piece in Hamming distance;Hamming distance refers to the chip for determination in piece, reads the error condition of key every time, is just said for 0 Bright is not in error code phenomenon.
Please continue to refer to Fig. 1, in a wherein embodiment, RRAM read-write cells 120 also include write signal switching tube 125;RRAM units 121 connect first pole of the one end of the first pole of read signal switching tube 123 also with write signal switching tube 125 and connected Connect;Second pole of write signal switching tube 125, for being connected with external control unit outside;3rd pole of write signal switching tube 125 connects Ground;When the second extremely high level of write signal switching tube 125, write signal switching tube 125 is turned on from the first pole to the 3rd pole.Tool Body, write signal switching tube 125 can be metal-oxide-semiconductor (metal-oxide semiconductor fieldeffect transistor), the second extremely grid, First extremely can be drain electrode, the 3rd extremely can be source electrode, guarantee second extremely high level when, write signal switching tube 123 is by first Pole turns on to the 3rd pole.
When second extremely the second extremely low level of high level, read signal switching tube 123 of write signal switching tube 125, That is when write signal input Write is high level, read signal input Read is low level, write signal switching tube 125 turns on, and reads Signaling switch pipe 123 ends, and now applies driving voltage VWWrite operation is carried out, so as to be that key signal is written to by preset-key RRAM units 121.When write signal switching tube 125 second extremely low level, read signal switching tube 123 the second extremely high level When, i.e. when write signal input Write is low level, read signal input Read is high level, write signal switching tube 125 is cut Only, read signal switching tube 123 turns on, and now applies driving voltage VRRead operation is carried out, now, the input stimulus can be expressed as 1, by I/O ends read current.
In a wherein embodiment, the quantity of RRAM read-write cells 120 is at least two;Each RRAM read-write cells 120 Each excitation input be connected to driving voltage, each current output terminal I/O of each RRAM read-write cells 120 is connected to electric current Comparator 140, so as to obtain a string of output signals.
In one embodiment, the quantity of current comparator 140 can be 1, and the electric current of each RRAM read-write cells 120 exports End I/O is connected to the current comparator 140, the work in series of current comparator 140, so that the electric current of each output Compared with preset reference electric current.In another embodiment, the quantity of current comparator 140 and RRAM read-write cells 120 Quantity it is equal, current output terminal I/O of each current comparator 140 with a RRAM read-write cell 120 is connected, this When, each current comparator 140 can be with concurrent working, so as to rapidly make the electric current that each is exported electric with preset reference Stream is compared.
In a wherein embodiment, referring to Fig. 6, also including secondary encrypted circuit 110;Secondary encrypted circuit 110 Input is connected with input stimulus, the output end of secondary encrypted circuit 110 and the read signal input of each RRAM read-write cells 120 Read connections.So as to the further security for improving physics unclonable function circuit.Further, secondary encrypted circuit 110 For address selector.It is to be appreciated that in other embodiments, secondary encrypted circuit 110 can be other encrypted circuits.
Due to deviation in technique be present, therefore for different RRAM units 121, add appropriate driving voltage Afterwards, its resistance value state is likely to be high-impedance state, it is also possible to low resistance state.By each RRAM units 121 and CMOS (Complementary Metal Oxide Semiconductor, complementary metal oxide semiconductor) process circuit is combined Form PUF circuits, it is possible to obtain a string of uncertain output signals.This string output signal is for each PUF circuit All it is unique, therefore chip can be played a very good protection as the key of chip.In order to prevent the key Extracted by invasive mode, further encryption can be carried out to it by way of secondary encryption.
Please continue to refer to Fig. 6, each RRAM read-write cells 120 arrange in an array manner, form RRAM arrays.Receiving After input stimulus, the input stimulus select which of RRAM arrays RRAM units 121 to work by address selector, such as Select the first row the 5th, second row the 4th etc..Selected RRAM units 121 because its resistance had been configured, It now need to only add a driving voltage can and read the electric current wherein flowed through, the electric current is by current comparator 140 and in advance If reference current is compared, it is possible to obtains a string of output signals.Due to the deviation of technique, each RRAM units 121 are Discrepant, the RRAM arrays are all different for each chip, even if selecting the result that same address obtains And it is discrepant, therefore each chip is unique namely unclonable.
Referring to Fig. 7, the present invention also provide a kind of physics corresponding with above-mentioned physics unclonable function circuit can not gram Grand functional circuit security architecture design method, including:
S710:By carrying out write operation to the RRAM units of above-mentioned physics unclonable function circuit, complete to RRAM The initialization of unit;
S730:Will be pre- with being write in initial phase write operation according to the current output signal that current input stimulus obtain If key is matched;
S750:When matching result is that the match is successful, authorize successfully, otherwise, authorization failure.
The input of second pole of write signal switching tube is arranged to high level, the input of the second pole of read signal switching tube is set Low level is set to, i.e. write signal input Write is high level, and read signal input Read is low level, and now, write signal is opened Pipe conducting is closed, the cut-off of read signal switching tube, applies default driving voltage and carries out write operation, so as to be key letter by preset-key RRAM units number are written to, complete initialization.
Because above-mentioned physics unclonable function circuit includes RRAM units, exported by way of read current Signal, therefore compared to traditional silicon substrate PUF, there is high, simple in construction, chip occupying area the is small beneficial effect of stability, Therefore the chip designed by above-mentioned security architecture design method also have stability it is high, it is simple in construction, take chip The small effective effect of area, and can play a part of protecting chip to be not easy maliciously to be invaded.
Referring to Fig. 8, in a wherein embodiment, after the step of completing the initialization to RRAM units, i.e. step After S710, in addition to:
S720:Each input stimulus and the corresponding relation of output signal are established according to default AES, CRP is formed and (swashs Encourage response to) storehouse.
In this embodiment, by the current output signal obtained according to current input stimulus with writing behaviour in initial phase The step of preset-key for making to write is matched, i.e. step S730, including:
S731:Current input stimulus and the corresponding relation in CRP storehouses are contrasted, obtain current output signal;
S733:Current output signal is matched with the preset-key that initial phase write operation writes.
When matching result is that the match is successful, authorize successfully;Otherwise, authorization failure.Default AES can be to breathe out Uncommon algorithm, it is possible to understand that ground, or other AESs, can be such as encrypted by the form of address choice.Need Illustrate, by default AES, be referred to as secondary AES and establish each input stimulus and output signal Corresponding relation, a heavy safety guarantee can be further added by between input stimulus and output signal, increase and extracted key by force Difficulty.
In a wherein specific embodiment, the principle of the framework is:Each input stimulus can correspond to unique defeated Go out signal, can thus produce an one-to-one excitation response pair.Using this kind of structure chip in the fabrication process It is in preset-key implantation circuit, if the preset-key is 010101 by a fixed sequence program.If input stimulus are 101010, Output signal i.e. response results are just 010101 after PUF processing of circuit, now by the response results and preset-key I.e. key signal is matched, and explanation input is correct if the match is successful, authorizes successfully, chip can with normal work, otherwise, Illustrate input error, authorization failure, chip cisco unity malfunction.
In a wherein specific embodiment, above-mentioned security architecture design method can be divided into for three megastages, be respectively RRAM unit initial phases, cipher key store establishment stage and matching authorization stages.In initial phase, it is in RRAM units Low resistance state, one can be applied shown in Fig. 3 to it and be higher than positive predeterminated voltage VTPDriving voltage, be in RRAM units High-impedance state, one can be applied to it and be less than negative sense predeterminated voltage VTNDriving voltage.Before an initialization, RRAM units do not have Any resistance information, if applying positive predeterminated voltage VTP, then the RRAM units that have are low resistance state some for high-impedance state, each RRAM Unit can all have the value of a determination.When initialization, W=1 write operation is carried out first, by each input of address selector All RRAM units are set to 0 or 1 corresponding to excitation, be exactly the RRAM units of each address bit will be set to high-impedance state or Low resistance state.Then, address choice operation i.e. R=1 read operation are carried out, whether first reads each RRAM unit Beginningization sets resistance.Because single applies driving voltage some RRAM units may be caused not initialize, therefore by can be with Repeating to apply the mode of driving voltage ensures.If the initialized completion of all RRAM units is detected, now W= 0, the electric current of which RRAM unit of the reading is determined by input stimulus.The exhaustive judgement whether completed of initialization, it is ensured that Resistance value is set in each RRAM units in RRAM arrays.
After the completion of initialization, W=0 write operations are completed, and R=1 carries out read operation, and corresponding address is selected according to input stimulus RRAM units carry out read operation, the RRAM units specifically used how many position or use which address can determine by concrete application It is fixed.Output is read during read operation is carried out, the output signal of reading is response results, and each input stimulus is right Answer unique output signal.Output signal can be handled using hash algorithm, established one by one in cipher key store establishment stage Corresponding input-output pair, i.e. excitation response pair.The process for building storehouse is similar to the process for setting RRAM units, such as input swashs It is 6 bit sequences 000000 to 111111 to encourage, wherein all sequences can all correspond to a fixed response sequence i.e. output signal, Only all input stimulus sequences, which are all completed to set, just represents that storehouse is built in completion.It is to be appreciated that this storehouse is to designer Use, only designer just knows one-to-one relation, and domestic consumer can not know the corresponding relation in storehouse.Example 010101 such as can be inputted for A chips, the response results of chip are 101010, for B chips input 010101, the sound of chip Should result be 110011.Encrypted twice equivalent to chip in the CRP storehouses of each chip.Chip generates the process of key It is each chip of generation key of oneself, for example is 101010 for A chip keys signal, only input stimulus corresponds to 010101 its response results can match with its key signal, and chip could work.It is for B chip key signals 110011, similarly for needing input stimulus to be 010101 for B chips, its output result can just match with its key signal. In a word, response results corresponding to input stimulus are that output result needs to match with key signal.So, it is ensured that different cores Hamming distance between piece is 50%, ensures that key caused by the PUF circuits of different chips does not have any correlation.Hamming distance between piece From contacting between expression chip and the key of chip chamber, if existed less than 50% or higher than between 50% explanation key Certain contiguity, the digit order number in key sequence are more biased towards 0 or 1, are 0 or 1 if 50% explanation cipher key number word bit Probability is identical.
It is finally matching authorization stages, output signal corresponding to input stimulus needs to match with key signal, key signal Initialized and produced by PUF circuits, and this key signal only has designer to know just may be used, it is necessary to input corresponding input stimulus To obtain the function of chip, otherwise chip will not work.
Referring to Fig. 9, the present invention also provides a kind of and above-mentioned physics unclonable function circuit safety architecture design method Corresponding physics unclonable function circuit safety architecture design device, including:
Initialization module 910, for being grasped by entering row write to the RRAM units of above-mentioned physics unclonable function circuit Make, complete the initialization to RRAM units;
Cipher key match module 930, for the current output signal that will be obtained according to current input stimulus and in initialization rank The preset-key of section write operation write-in is matched;
Matching result module 950, for when matching result is that the match is successful, authorizing successfully, otherwise, authorization failure.
Because above-mentioned physics unclonable function circuit includes RRAM units, exported by way of read current Signal, therefore compared to traditional silicon substrate PUF, there is high, simple in construction, chip occupying area the is small beneficial effect of stability, Therefore by above-mentioned security architecture design the chip that device designs also have stability it is high, it is simple in construction, take chip The small effective effect of area, and can play a part of protecting chip to be not easy maliciously to be invaded.
In a wherein embodiment, in addition to:
CRP establishes module in storehouse:After the initialization to RRAM units is completed for initialization module, calculated according to default encryption Method establishes each input stimulus and the corresponding relation of output signal, forms CRP storehouses.
In this embodiment, cipher key match module 930, including:
Output signal acquiring unit, for current input stimulus and the corresponding relation in CRP storehouses to be contrasted, worked as Preceding output signal;
Cipher key match unit is exported, the preset-key for current output signal to be write with initial phase write operation enters Row matching.
When matching result is that the match is successful, authorize successfully;Otherwise, authorization failure.
The present invention also provides a kind of computer equipment, including memory, processor and storage on a memory and can located The computer program that runs on reason device, the physics unclonable letter of preceding claim is realized during computing device computer program The step of number circuit safety architecture design method.
The present invention also provides a kind of computer-readable storage medium, and computer program is stored with computer-readable storage medium, calculates When machine program is executed by processor, the step of realizing above-mentioned physics unclonable function circuit safety architecture design method.
Said apparatus, equipment and storage medium are mutually corresponding with the above method, circuit, are situated between for device, equipment and storage The matter details technical characteristic corresponding with method, circuit, therefore not to repeat here.
Above example only expresses the several embodiments of the present invention, and its description is more specific and detailed, but can not Therefore it is interpreted as the limitation to the scope of the claims of the present invention.It should be pointed out that for the person of ordinary skill of the art, Without departing from the inventive concept of the premise, multiple modification and improvement can also be made, these belong to the protection model of the present invention Enclose.Therefore, the protection domain of patent of the present invention should be determined by the appended claims.

Claims (10)

  1. A kind of 1. physics unclonable function circuit, it is characterised in that including:RRAM read-write cells and read and write with the RRAM single The current comparator of member connection;
    The RRAM read-write cells include RRAM units and read signal switching tube;One end of the RRAM units is as the RRAM The excitation input of read-write cell is connected to driving voltage, and the other end connects the first pole of the read signal switching tube;The reading Second pole of signaling switch pipe is connected as the read signal input of the RRAM read-write cells with input stimulus, the read signal 3rd pole of switching tube is connected as the current output terminal I/O of the RRAM read-write cells with the current comparator;When described The second of read signal switching tube extremely high level when, the read signal switching tube is turned on from the first pole to the 3rd pole;
    The current comparator compared with preset reference electric current, obtains the output current of the RRAM read-write cells and institute State output signal corresponding to RRAM units.
  2. 2. physics unclonable function circuit according to claim 1, it is characterised in that:The RRAM read-write cells also wrap Include write signal switching tube;Also opened with the write signal one end that the RRAM units connect the first pole of the read signal switching tube Close the first pole connection of pipe;Second pole of the write signal switching tube, for being connected with external control unit outside;The write signal is opened Close the 3rd pole ground connection of pipe;When the second extremely high level of the write signal switching tube, the write signal switching tube is by first Pole turns on to the 3rd pole.
  3. 3. physics unclonable function circuit according to claim 1 or 2, it is characterised in that:The RRAM read-write cells Quantity be at least two;Each excitation input is connected to driving voltage, and each current output terminal I/O is connected to The current comparator.
  4. 4. physics unclonable function circuit according to claim 3, it is characterised in that:Also include secondary encrypted circuit; The input of the secondary encrypted circuit is connected with input stimulus, and the output end of the secondary encrypted circuit is read with each RRAM The read signal input connection of r/w cell.
  5. 5. physics unclonable function circuit according to claim 4, it is characterised in that:The secondary encrypted circuit is ground Location selector.
  6. A kind of 6. physics unclonable function circuit safety architecture design method, it is characterised in that including:
    By carrying out write operation to the RRAM units of the physics unclonable function circuit described in claim 1-5 any one, Complete the initialization to the RRAM units;
    Will be default close with being write in the initial phase write operation according to the current output signal that current input stimulus obtain Key is matched;
    When matching result is that the match is successful, authorize successfully;Otherwise, authorization failure.
  7. 7. physics unclonable function circuit safety architecture design method according to claim 6, it is characterised in that described After the step of completing the initialization to the RRAM units, in addition to:
    Each input stimulus and the corresponding relation of output signal are established according to default AES, form CRP storehouses;
    It is described will be pre- with being write in the initial phase write operation according to the current output signal that current input stimulus obtain If the step of key is matched, including:
    Current input stimulus and the corresponding relation in the CRP storehouses are contrasted, obtain current output signal;
    The current output signal is matched with the preset-key that the initial phase write operation writes.
  8. A kind of 8. physics unclonable function circuit safety architecture design device, it is characterised in that including:
    Initialization module, for passing through the RRAM to the physics unclonable function circuit described in claim 1-5 any one Unit carries out write operation, completes the initialization to the RRAM units;
    Cipher key match module, for by according to the current output signal that current input stimulus obtain with being write in the initial phase The preset-key of operation write-in is matched;
    Matching result module, for when matching result is that the match is successful, authorizing successfully;Otherwise, authorization failure.
  9. 9. a kind of computer equipment, including memory, processor and it is stored on the memory and can be on the processor The computer program of operation, it is characterised in that realize that claim 6-7 is any described in the computing device during computer program The step of physics unclonable function circuit safety architecture design method described in one.
  10. 10. a kind of computer-readable storage medium, computer program is stored with the computer-readable storage medium, it is characterised in that institute When stating computer program and being executed by processor, the physics unclonable function circuit described in claim 6-7 any one is realized The step of security architecture design method.
CN201710423463.2A 2017-06-07 2017-06-07 Circuit and its security architecture design method, device, equipment and storage medium Active CN107368755B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710423463.2A CN107368755B (en) 2017-06-07 2017-06-07 Circuit and its security architecture design method, device, equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710423463.2A CN107368755B (en) 2017-06-07 2017-06-07 Circuit and its security architecture design method, device, equipment and storage medium

Publications (2)

Publication Number Publication Date
CN107368755A true CN107368755A (en) 2017-11-21
CN107368755B CN107368755B (en) 2019-06-07

Family

ID=60304807

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710423463.2A Active CN107368755B (en) 2017-06-07 2017-06-07 Circuit and its security architecture design method, device, equipment and storage medium

Country Status (1)

Country Link
CN (1) CN107368755B (en)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109817261A (en) * 2019-01-17 2019-05-28 北京大学深圳研究生院 A kind of PUF circuit and its control method based on resistive formula memory
CN111201533A (en) * 2018-08-10 2020-05-26 深圳市为通博科技有限责任公司 Physically unclonable function PUF device
CN111339579A (en) * 2020-03-26 2020-06-26 清华大学 Electronic device and operation method thereof
CN111581675A (en) * 2020-04-10 2020-08-25 安徽大学 Physical unclonable function circuit structure based on resistive random access memory
CN112165384A (en) * 2020-10-15 2021-01-01 清华大学 Data encryption method and decryption method, and data encryption device and decryption device

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20160148680A1 (en) * 2014-11-21 2016-05-26 Panasonic intellectual property Management co., Ltd Tamper-resistant non-volatile memory device
CN106297863A (en) * 2016-08-09 2017-01-04 复旦大学 Can the PUF memorizer of dual precharge and method for generating cipher code thereof

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20160148680A1 (en) * 2014-11-21 2016-05-26 Panasonic intellectual property Management co., Ltd Tamper-resistant non-volatile memory device
CN106297863A (en) * 2016-08-09 2017-01-04 复旦大学 Can the PUF memorizer of dual precharge and method for generating cipher code thereof

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
张紫楠,郭渊博: "物理不可克隆函数综述", 《计算机应用》 *

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111201533A (en) * 2018-08-10 2020-05-26 深圳市为通博科技有限责任公司 Physically unclonable function PUF device
CN111201533B (en) * 2018-08-10 2023-06-23 深圳市为通博科技有限责任公司 Physical Unclonable Function (PUF) device
CN109817261A (en) * 2019-01-17 2019-05-28 北京大学深圳研究生院 A kind of PUF circuit and its control method based on resistive formula memory
CN109817261B (en) * 2019-01-17 2020-10-20 北京大学深圳研究生院 PUF circuit based on resistive random access memory and control method thereof
CN111339579A (en) * 2020-03-26 2020-06-26 清华大学 Electronic device and operation method thereof
CN111339579B (en) * 2020-03-26 2022-07-08 清华大学 Electronic device and operation method thereof
CN111581675A (en) * 2020-04-10 2020-08-25 安徽大学 Physical unclonable function circuit structure based on resistive random access memory
CN112165384A (en) * 2020-10-15 2021-01-01 清华大学 Data encryption method and decryption method, and data encryption device and decryption device

Also Published As

Publication number Publication date
CN107368755B (en) 2019-06-07

Similar Documents

Publication Publication Date Title
CN107368755B (en) Circuit and its security architecture design method, device, equipment and storage medium
US11856115B2 (en) Physical unclonable function (PUF) security key generation
CN108694335B (en) SRAM-based physical unclonable function and method for generating PUF response
Joshi et al. Everything you wanted to know about PUFs
JP6587188B2 (en) Random number processing apparatus, integrated circuit card, and random number processing method
CN107004441B (en) The unclonable function of physics of being compared based on magnetic tunnel junction resistance
JP6617924B2 (en) Non-volatile memory device and integrated circuit card having tamper resistance, non-volatile memory device authentication method, and individual identification information generation method
Zhang et al. Highly reliable memory-based physical unclonable function using spin-transfer torque MRAM
US9787481B2 (en) Physical unclonable function using augmented memory for challenge-response hashing
TWI729666B (en) Storage cell
US10574469B1 (en) Physically unclonable function and method for generating a digital code
JP2016105344A (en) Nonvolatile memory device having tamper-resistance, and integrated circuit card
CN109994139A (en) A kind of complete non-volatile logic implementation method and its application based on unipolarity memristor
CN109509495B (en) Operation method of resistive random access memory, operation device of resistive random access memory, chip and chip authentication method
US11056161B2 (en) Data processing system and method for generating a digital code with a physically unclonable function
Vatajelu et al. Towards a highly reliable SRAM-based PUFs
Jia et al. Extracting robust keys from NAND flash physical unclonable functions
Yang et al. Cryptographic Key Generation and In Situ Encryption in One‐Transistor‐One‐Resistor Memristors for Hardware Security
US11955157B2 (en) Physically unclonable function apparatus based on ferroelectric elements and operation method thereof
Sun et al. A hardware security architecture: PUFs (physical unclonable functions) using memristor
Li et al. A fully configurable PUF using dynamic variations of resistive crossbar arrays
CN103716152A (en) Process-bias-based chip secret key generation method and circuit thereof
CN113539334A (en) Measurement mechanism for physically unclonable functions
Wang et al. A novel complementary architecture of one-time-programmable memory and its applications as physical unclonable function (PUF) and one-time password
Larimian et al. Improving machine learning attack resiliency via conductance balancing in memristive strong PUFs

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant