CN111884799A - CRPs library construction method and system based on RO-PUF - Google Patents

CRPs library construction method and system based on RO-PUF Download PDF

Info

Publication number
CN111884799A
CN111884799A CN202010752059.1A CN202010752059A CN111884799A CN 111884799 A CN111884799 A CN 111884799A CN 202010752059 A CN202010752059 A CN 202010752059A CN 111884799 A CN111884799 A CN 111884799A
Authority
CN
China
Prior art keywords
data
crps
library
response data
excitation
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202010752059.1A
Other languages
Chinese (zh)
Other versions
CN111884799B (en
Inventor
郑力
潘亚雄
雷颜铭
钟杰
陈洁
刘晖
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Chengdu Mingxiang Information Technology Co ltd
Chengdu Science and Technology Development Center of CAEP
Original Assignee
Chengdu Mingxiang Information Technology Co ltd
Chengdu Science and Technology Development Center of CAEP
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Chengdu Mingxiang Information Technology Co ltd, Chengdu Science and Technology Development Center of CAEP filed Critical Chengdu Mingxiang Information Technology Co ltd
Priority to CN202010752059.1A priority Critical patent/CN111884799B/en
Publication of CN111884799A publication Critical patent/CN111884799A/en
Application granted granted Critical
Publication of CN111884799B publication Critical patent/CN111884799B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0618Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
    • H04L9/0631Substitution permutation network [SPN], i.e. cipher composed of a number of stages or rounds each involving linear and nonlinear transformations, e.g. AES algorithms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0825Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0894Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
    • H04L9/0897Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage involving additional devices, e.g. trusted platform module [TPM], smartcard or USB

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)
  • Error Detection And Correction (AREA)

Abstract

The invention discloses a CRPs library construction and system based on RO-PUF, the method comprises the following steps: the client randomly generates a plurality of groups of excitation data and repeatedly transmits the plurality of groups of excitation data to the chip; the chip generates corresponding response data A according to the received excitation data A and transmits the response data A to the client; the client carries out probability statistics on response data A generated by the same excitation signal A, and when the probability of any response data A is higher than a threshold probability, response data B with the highest probability in the response data A and the excitation data A are selected to jointly form CRP; performing randomness check on the CRP, and storing the CRP into a CRPs library when the CRP passes the randomness check; the CRPs library is encrypted and stored. The invention aims to provide a CRPs library construction method and system based on RO-PUF, which greatly improve the stability and accuracy of physical fingerprint data in actual engineering.

Description

CRPs library construction method and system based on RO-PUF
Technical Field
The invention relates to the technical field of hardware security, in particular to a CRPs library construction method and system based on RO-PUF.
Background
Chip physical fingerprinting is a new digital fingerprinting technology that was originally applied to the unique identity of chip devices. The technology is expanded to extract more digital fingerprint information entropies, so that the technology is applied to high-security digital authentication of various application scenes.
The application of the chip physical fingerprint technology in key generation and authentication can improve the security of the system. Compared with the PKI and CPK authentication technologies, the technology has the advantages that a third-party authentication mechanism is not needed, and a secret key is not stored in a chip. For various reasons, the responses generated by the same random excitation may not be identical, resulting in instability of the physical fingerprint of the chip. In chip physical fingerprint technology application, instability is not negligible. The accuracy of the response data is greatly affected by using an error correction algorithm for improving stability. And the requirement is that the capability of generating random numbers by hardware is provided in the using process, and the requirement on a hardware system is high. The existing stability improvement method is not universal for a certain hardware or even a certain type of chip, different improvement strategies need to be considered for each type of hardware, and the method is large in workload and long in time consumption.
Disclosure of Invention
The invention aims to provide a CRPs library construction method and system based on RO-PUF, which greatly improve the stability and accuracy of physical fingerprint data in actual engineering; in the authentication process, the chip does not need to store public and private keys, so that the energy consumption and storage overhead of chip authentication are reduced.
The invention is realized by the following technical scheme:
a CRPs library construction method based on RO-PUF comprises the following steps:
s1: the client randomly generates a plurality of groups of excitation data and repeatedly transmits the plurality of groups of excitation data to the chip;
s2: the chip generates corresponding response data A according to the received excitation data A and transmits the response data A to the client;
s3: the client carries out probability statistics on the response data A generated by the same excitation signal A, and when the probability of any response data A is higher than a threshold probability, the response data B with the highest probability in the response data A and the excitation data A are selected to jointly form CRP; wherein the threshold probability is: in the corresponding response data A generated by the excitation data A, the number of times of the same response data accounts for the minimum value of the total number of times of the response data;
s4: performing randomness verification on the CRP, and storing the CRP into a CRPs library when the CRP passes the randomness verification;
s5: and encrypting and storing the CRPs library.
Further, the S1 includes the following sub-steps:
s11: the client randomly generating a set of incentive data;
s12: the client repeatedly sends the excitation data to the chip;
s13: and repeating the steps S11-S12.
Further, the randomness test comprises frequency detection, intra-block frequency detection and run detection, and when the CRP passes through the frequency detection, the intra-block frequency detection and the run detection, the CRP is stored in a CRPs library.
Further, the frequency detection is calculated by:
Sn=X1+X2+...+Xn
Xn=2n-1
Figure BDA0002610352290000021
Figure BDA0002610352290000022
wherein S isnRepresenting the A-converted sum, X, of all said response datanRepresents any one of the response data a conversion results (0 to-1),nrepresents the nth bit, s, of any one of the response data AobsRepresents the distance from an ideal frequency value, and P-value represents the passing probability value, and the CRP is detected by the frequency when the P-value is greater than 0.01.
Further, the frequency detection is calculated by the following formula:
the excitation data is divided into N sequences of length M,
Figure BDA0002610352290000023
and (3) calculating:
Figure BDA0002610352290000024
wherein i is more than or equal to 1 and less than or equal to N;
Figure BDA0002610352290000025
Figure BDA0002610352290000026
wherein, piiThe ratio of 1 in each sub-block is shown,(i-1)indicates the i-1 th bit, χ, in any one of the response data A2(obs) represents the closeness of the proportion of 1 in a block to an ideal value, and when the P-value is greater than 0.01, the CRP is detected by the intra-block frequency number.
Further, the run length detection is calculated by the following formula
Figure BDA0002610352290000031
If it is
Figure BDA0002610352290000032
Then not pass; otherwise, calculating:
Figure BDA0002610352290000033
when in usek(k +1), otherwise, r (k) is 0, otherwise, r (k) is 1;
and (3) calculating:
Figure BDA0002610352290000034
wherein the content of the first and second substances,jrepresents the jth bit in any one of the response data A, pi represents the number of 1 in the input sequence, Vn(obs) represents the total number of trips,kdenotes a k-th bit in any one of the response data a, where r (k) ═ 0 denotes that the k-th bit is the same as the k + 1-th bit, and r (k) ═ 1 denotes that the k-th bit is not the same as the k + 1-th bit; when P-value is larger than 0.01, CRP passes the run detection.
Further, the S5 includes the following sub-steps:
s51: randomly generating a group of private key data A, and calculating corresponding public key data A according to an ECC (error correction code) encryption algorithm;
s52: averagely dividing the excitation data in the CRPs library into a plurality of groups, and carrying out XOR operation on each group of excitation data and then combining the excitation data again to form public key data B; the length of the public key data B is consistent with that of the private key data A;
s53: encrypting the excitation data in the CRPs library according to the public key data A and the ECC encryption algorithm;
s54: performing exclusive-or processing on the public key data A and the public key data B, wherein an exclusive-or result of the public key data A and the public key data B is used as a secret key of an AES (advanced encryption Standard) algorithm, and the secret key is used for encrypting the response data in the CRPs library;
s55: and importing the encrypted CRPs library into a nonvolatile memory of a container.
A CRPs library construction system based on RO-PUF comprises a client and a chip end, wherein the client is connected with the chip end through a data line; the client comprises a generating module, a counting module, a checking module and an encrypting module;
the generating module is used for randomly generating a plurality of groups of excitation data and repeatedly transmitting the plurality of groups of excitation data to the chip end;
the chip end is used for generating corresponding response data A according to the received excitation data A and transmitting the response data A to the statistical module;
the statistical module is used for carrying out probability statistics on the response data A generated by the same excitation signal A, and when the probability of any response data A is higher than a threshold probability, selecting the response data B with the highest probability in the response data A and the excitation data A to jointly form CRP; wherein the threshold probability is: in the corresponding response data A generated by the excitation data A, the number of times of the same response data accounts for the minimum value of the total number of times of the response data;
the checking module is used for carrying out randomness checking on the CRP, and storing the CRP into a CRPs library when the CRP passes through the randomness checking;
the encryption module is used for encrypting and storing the CRPs library.
Further, the randomness test comprises frequency detection, intra-block frequency detection and run detection, and when the CRP passes through the frequency detection, the intra-block frequency detection and the run detection, the CRP is stored in a CRPs library.
Wherein the frequency detection is calculated by:
Sn=X1+X2+...+Xn
Xn=2n-1
Figure BDA0002610352290000041
Figure BDA0002610352290000042
wherein S isnRepresenting the A-converted sum, X, of all response datanIndicating the conversion result (0 to-1) of any one of the response data a,nindicates the nth bit, s, of any one of the response data AobsRepresents the distance from the ideal frequency value (0), and P-value represents the passing probability value, and the CRP is detected by the frequency when the P-value is greater than 0.01.
Frequency detection is calculated by:
the excitation data is divided into N sequences of length M,
Figure BDA0002610352290000043
and (3) calculating:
Figure BDA0002610352290000051
wherein i is more than or equal to 1 and less than or equal to N;
Figure BDA0002610352290000052
Figure BDA0002610352290000053
wherein, piiThe ratio of 1 in each sub-block is shown,(i-1)indicates the i-1 th bit, χ, in any one of the response data A2(obs) represents the closeness of the proportion of 1 in a block to an ideal value, and when the P-value is greater than 0.01, the CRP is detected by the intra-block frequency number.
Run length detection is calculated by
Figure BDA0002610352290000054
If it is
Figure BDA0002610352290000055
Then not pass; otherwise, calculating:
Figure BDA0002610352290000056
when in usek(k +1), otherwise, r (k) is 0, otherwise, r (k) is 1;
and (3) calculating:
Figure BDA0002610352290000057
wherein the content of the first and second substances,jdenotes the jth bit in any one of the response data A, pi denotes the number of 1's in the input sequence, Vn(obs) represents the total number of trips,kindicating the k-th bit in any one of the response data a, where r (k) ═ 0 indicates that the k-th bit is the same as the k + 1-th bit, and r (k) ═ 1 indicates that the k-th bit is not the same as the k + 1-th bit, and the CRP is detected by the run length when P-value is greater than 0.01.
Further, the processing procedure of the encryption module is as follows:
randomly generating a group of private key data A, and calculating corresponding public key data A according to an ECC (error correction code) encryption algorithm;
averagely dividing the excitation data in the CRPs library into a plurality of groups, and carrying out XOR operation on each group of excitation data and then combining the excitation data again to form public key data B; the length of the public key data B is consistent with that of the private key data A;
encrypting the excitation data in the CRPs library according to the public key data A and the ECC encryption algorithm;
performing exclusive-or processing on the public key data A and the public key data B, wherein an exclusive-or result of the public key data A and the public key data B is used as a secret key of an AES (advanced encryption Standard) algorithm, and the secret key is used for encrypting the response data in the CRPs library;
and importing the encrypted CRPs library into a nonvolatile memory of a container.
According to the method, CRP generated by the RO-PUF with low stability is removed, and CRP with high stability is collected to be used as the physical fingerprint of the chip, so that the stability and the usability of the RO-PUF are improved, and the fingerprint collection efficiency is improved. In addition, in the life cycle of the CRPs library, the encryption protection is carried out on the CRPs library by setting a secret key.
Compared with the prior art, the invention has the following advantages and beneficial effects:
the method greatly improves the stability and accuracy of physical fingerprint data in actual engineering; in the authentication process, the chip does not need to store public and private keys, so that the energy consumption and storage overhead of chip authentication are reduced.
Drawings
The accompanying drawings, which are included to provide a further understanding of the embodiments of the invention and are incorporated in and constitute a part of this application, illustrate embodiment(s) of the invention and together with the description serve to explain the principles of the invention. In the drawings:
FIG. 1 is a diagram of the physical framework for physical fingerprint acquisition according to the present invention;
FIG. 2 is a data flow diagram of a physical fingerprint acquisition process according to the present invention;
FIG. 3 is a schematic diagram of the encryption process of CRPs according to the present invention;
FIG. 4 is a schematic diagram of the CRPs decryption process according to the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is further described in detail below with reference to examples and accompanying drawings, and the exemplary embodiments and descriptions thereof are only used for explaining the present invention and are not meant to limit the present invention.
A construction method of CRPs library based on RO-PUF, comprising the following steps, as shown in fig. 1 and 2:
s1: the client randomly generates a plurality of groups of excitation data and repeatedly transmits the plurality of groups of excitation data to the chip;
firstly, a physical fingerprint acquisition environment is built, and an unconnected client is connected with a chip to be acquired, so that the independent and safe physical fingerprint acquisition process is ensured;
secondly, in the physical fingerprint collection process, the client randomly generates a plurality of groups of excitation data and repeatedly sends the excitation data to the chip. When transmitting excitation data, the excitation data is transmitted in units of bytes, and a certain time interval exists between the bytes.
In the physical fingerprint acquisition process, due to the existence of working voltage, environmental temperature, device aging and other external factors, deviation of response data can occur in the process of acquiring the response data. That is, if the same excitation data may obtain a plurality of different response data, and if only one set of excitation data is transmitted for each excitation data, the response data that can be obtained is not accurate response data, and therefore, in the present embodiment, by repeatedly transmitting the same excitation data, a highly reliable excitation response pair is obtained.
S2: the chip generates corresponding response data A according to the received excitation data A and transmits the response data A to the client;
s3: the client carries out probability statistics on response data A generated by the same excitation signal A, and when the probability of any response data A is higher than a threshold probability, response data B with the highest probability in the response data A and the excitation data A are selected to jointly form CRP; wherein the threshold probability is: in the corresponding response data A generated by the excitation data A, the number of times of the same response data accounts for the minimum value of the total number of times of the response data;
in the scheme, a group of excitation data is repeatedly sent, so that a corresponding amount of response data can be obtained, and due to interference of external factors, the response data obtained by the same group of excitation data are different. Considering that the interference of external factors only exists occasionally, only a small part of response data can be affected, and most of the response data are accurate, in the scheme, the response data are screened by setting the threshold probability, so that the response data with high accuracy are obtained.
S4: performing randomness check on the CRP, and storing the CRP into a CRPs library when the CRP passes the randomness check;
the CRP is often used in an authentication process or key generation, and in order to ensure that an authentication voucher is not predicted by an attacker and the key is not cracked by the attacker, so that the information transmission safety is ensured, the CRP needs to have good randomness, so that the CRP is subjected to randomness verification, and when the CRP passes the randomness verification, the CRP is stored in a CRPs library.
Specifically, in the scheme, the randomness test comprises frequency detection, intra-block frequency detection and run-length detection, and when CRP passes through the frequency detection, the intra-block frequency detection and the run-length detection, CRP is stored in a CRPs library.
Wherein the frequency detection is calculated by:
Sn=X1+X2+...+Xn
Xn=2n-1
Figure BDA0002610352290000071
Figure BDA0002610352290000072
wherein S isnRepresenting the A-converted sum, X, of all binary response datanIndicating the conversion result (0 to-1) of any one of the binary response data a,nindicating the nth bit, s, in any one of the binary response data AobsRepresents the distance from the ideal frequency value (0), and P-value represents the passing probability value, and when the P-value is greater than 0.01, the CRP passes the frequency detection.
The intra block frequency detection is calculated by:
the excitation data is divided into N sequences of length M,
Figure BDA0002610352290000081
and (3) calculating:
Figure BDA0002610352290000082
wherein i is more than or equal to 1 and less than or equal to N;
Figure BDA0002610352290000083
Figure BDA0002610352290000084
wherein, piiThe ratio of 1 in each sub-block is shown,(i-1)indicates the i-1 th bit, χ, in any one of the binary response data A2(obs) indicates the closeness of the proportion of 1 in the block to the ideal value, and when P-value is greater than 0.01, CRP is detected by the frequency of the blocks.
Run length detection is calculated by
Figure BDA0002610352290000085
If it is
Figure BDA0002610352290000086
Then not pass; otherwise, calculating:
Figure BDA0002610352290000087
when in usek(k +1), otherwise, r (k) is 0, otherwise, r (k) is 1;
and (3) calculating:
Figure BDA0002610352290000088
wherein the content of the first and second substances,jrepresents the jth bit in any binary response data A, pi represents the number of 1 in the input sequence, Vn(obs) represents the total number of trips,kindicating the k-th bit in any one of the binary response data a, where r (k) ═ 0 indicates that the k-th bit is the same as the k + 1-th bit, and r (k) ═ 1 indicates that the k-th bit is not the same as the k + 1-th bit, and when P-value is greater than 0.01, CRP passes run-length detection.
S5: encrypting and storing the CRPs library, as shown in fig. 3, the specific process is as follows:
s51: randomly generating a group of private key data A, and calculating corresponding public key data A according to an ECC (error correction code) encryption algorithm;
averagely dividing excitation data in the CRPs library into a plurality of groups, and after carrying out exclusive OR operation on each group of excitation data, randomly combining the excitation data to form public key data B; the length of the public key data B is consistent with that of the private key data A; (ii) a
Encrypting the excitation data in the CRPs library according to the public key data A and an ECC encryption algorithm;
carrying out XOR processing on the public key data A and the public key data B, wherein the XOR result of the public key data A and the public key data B is used as a secret key of an AES algorithm, and the secret key is used for encrypting response data in a CRPs library;
and importing the encrypted CRPs library into a nonvolatile memory of the container.
A CRPs library construction system based on RO-PUF comprises a client and a chip end, wherein the client is connected with the chip end through a data line; the client comprises a generation module, a statistic module, a verification module and an encryption module;
the generating module is used for randomly generating a plurality of groups of excitation data and repeatedly transmitting the plurality of groups of excitation data to the chip end;
the chip end is used for generating corresponding response data A according to the received excitation data A and transmitting the response data A to the statistical module;
the statistical module is used for carrying out probability statistics on response data A generated by the same excitation signal A, and selecting response data B with the highest probability in the response data A and the excitation data A to jointly form CRP when the probability of any response data A is higher than a threshold probability; wherein the threshold probability is: in the corresponding response data A generated by the excitation data A, the number of times of the same response data accounts for the minimum value of the total number of times of the response data;
the verification module is used for carrying out randomness verification on the CRP, and when the CRP passes the randomness verification, the CRP is stored into a CRPs library;
the encryption module is used for encrypting and storing the CRPs library.
Further, in this embodiment, the randomness test includes frequency detection, intra-block frequency detection, and run-length detection, and when the CRP passes the frequency detection, intra-block frequency detection, and run-length detection, the CRP is stored in the CRPs library.
Further, in this embodiment, the processing procedure of the encryption module is as follows:
randomly generating a group of private key data A, and calculating corresponding public key data A according to an ECC (error correction code) encryption algorithm;
averagely dividing excitation data in the CRPs library into a plurality of groups, and carrying out XOR operation on each group of excitation data and then combining the excitation data to form public key data B; the length of the public key data B is consistent with that of the private key data A;
encrypting the excitation data in the CRPs library according to the public key data A and an ECC encryption algorithm;
carrying out XOR processing on the public key data A and the public key data B, wherein the XOR result of the public key data A and the public key data B is used as a secret key of an AES algorithm, and the secret key is used for encrypting response data in a CRPs library;
and importing the encrypted CRPs library into a nonvolatile memory of the container.
The following is illustrated by specific examples:
the client is provided with physical fingerprint acquisition software, and the client and the chip end receive and send data through the serial port to provide a fingerprint acquisition function. Specifically, in this embodiment, the hardware chip is an FPGA chip board with a model of XC7a100T-2FGG484 l. The length of the excitation data and the length of the response data provided by the embodiment are both 64 bits, namely the length of one fingerprint is 128 bits; the physical fingerprint acquisition software sets the probability threshold to 95%.
The client randomly generates a plurality of groups of excitation data and repeatedly sends the plurality of groups of excitation data to the chip side. In this embodiment, only one of them is illustrated, for example, the generated set of excitation data is represented as hexadecimal as: and D6EF A5 ED 2C 949D F0 is used as excitation data and sent to the chip repeatedly 100 times to obtain response data, the maximum number of times of repetition in the response data is 1B 57539F A2531B, if 1B 57539F A25B occurs 100 times, namely the probability of the response is 100%, the excitation/response pair D6EF A5 ED 2C 949D F6301 822531B is stored as a fingerprint, then randomness verification is performed, and if all three kinds of random number verification pass, the excitation/response pair D6EF A5 ED 2C 949D F01B 57539F A25B is stored in a CRPs library.
After the CRPs library is generated, the CRPs library is encrypted and stored in a local computer, as shown in FIG. 3:
(1) the generator of the CRPs library and the user of the CRPs library negotiate various parameters of an ECC algorithm and an AES algorithm;
(2) a user of the CRPs library randomly generates 256-bit private key data A as a private key of an ECC (error correction code) encryption algorithm, and calculates public key data A according to various parameters of the ECC algorithm;
(3) averagely dividing all excitation data in the CRPs library into 4 groups (256/excitation data length 64), and after carrying out exclusive OR operation on the excitation data in each group, randomly combining to form 256-bit public key data B;
(4) encrypting the excitation data in the CRPs library according to the public key data A and various parameters of an ECC encryption algorithm;
(5) carrying out XOR processing on the public key data A and the public key data B, wherein the XOR result of the public key data A and the public key data B is used as a secret key of an AES algorithm, and the secret key is used for encrypting response data in a CRPs library;
(6) and importing each parameter of the encrypted CRPs library and the ECC algorithm into the USB flash disk.
When the method is used, as shown in fig. 4, the U disk is transmitted to a user of the CRPs library, the user of the CRPs library receives the U disk, the excitation data part is decrypted by using the private key data A, then the excitation data is used for calculation to generate the public key data B, then the public key data A and the public key data B are subjected to XOR to generate a secret key, response data are decrypted, and the CRPs library is obtained.
The above-mentioned embodiments are intended to illustrate the objects, technical solutions and advantages of the present invention in further detail, and it should be understood that the above-mentioned embodiments are merely exemplary embodiments of the present invention, and are not intended to limit the scope of the present invention, and any modifications, equivalent substitutions, improvements and the like made within the spirit and principle of the present invention should be included in the scope of the present invention.

Claims (10)

1. A CRPs library construction method based on RO-PUF is characterized by comprising the following steps:
s1: the client randomly generates a plurality of groups of excitation data and repeatedly transmits the plurality of groups of excitation data to the chip;
s2: the chip generates corresponding response data A according to the received excitation data A and transmits the response data A to the client;
s3: the client carries out probability statistics on the response data A generated by the same excitation signal A, and when the probability of any response data A is higher than a threshold probability, the response data B with the highest probability in the response data A and the excitation data A are selected to jointly form CRP; wherein the threshold probability is: in the corresponding response data A generated by the excitation data A, the number of times of the same response data accounts for the minimum value of the total number of times of the response data;
s4: performing randomness verification on the CRP, and storing the CRP into a CRPs library when the CRP passes the randomness verification;
s5: and encrypting and storing the CRPs library.
2. A method for constructing a library of RO-PUF-based CRPs according to claim 1, wherein the S1 comprises the following sub-steps:
s11: the client randomly generating a set of incentive data;
s12: the client repeatedly sends the excitation data to the chip;
s13: and repeating the steps S11-S12.
3. The method of claim 2, wherein the randomness test comprises frequency detection, intra-block frequency detection and run-length detection, and the CRP is stored in the CRPs library when the CRP passes the frequency detection, the intra-block frequency detection and the run-length detection.
4. A method according to claim 3, wherein said frequency detection is calculated by the following formula:
Sn=X1+X2+…+Xn
Xn=2n-1
Figure FDA0002610352280000011
Figure FDA0002610352280000012
wherein S isnRepresenting the sum, X, of response data A after conversionnIndicating the result of conversion of any one of the response data a,nrepresents the nth bit, s, of any one of the response data AobsRepresents the distance from an ideal frequency value, and P-value represents the passing probability value, and the CRP is detected by the frequency when the P-value is greater than 0.01.
5. A method of constructing CRPs library based on RO-PUF according to claim 3, wherein the intra-block frequency detection is calculated by the following formula:
the excitation data is divided into N sequences of length M,
Figure FDA0002610352280000021
and (3) calculating:
Figure FDA0002610352280000022
wherein i is more than or equal to 1 and less than or equal to N;
Figure FDA0002610352280000023
Figure FDA0002610352280000024
wherein, piiThe ratio of 1 in each sub-block is shown,(i-1)indicates the i-1 th bit, χ, in any one of the response data A2(obs) represents the closeness of the proportion of 1 in a block to an ideal value, and when the P-value is greater than 0.01, the CRP is detected by the intra-block frequency number.
6. The method of claim 3, wherein the run-length detection is calculated by the following formula
Figure FDA0002610352280000025
If it is
Figure FDA0002610352280000026
Then not pass; otherwise, calculating:
Figure FDA0002610352280000027
when in usek(k +1), otherwise, r (k) is 0, otherwise, r (k) is 1;
and (3) calculating:
Figure FDA0002610352280000028
wherein the content of the first and second substances,jrepresents the jth bit in any one of the response data A, pi represents the number of 1 in the input sequence, Vn(obs) represents the total number of trips,kdenotes a k-th bit in any one of the response data a, where r (k) ═ 0 denotes that the k-th bit is the same as the k + 1-th bit, and r (k) ═ 1 denotes that the k-th bit is not the same as the k + 1-th bit; when P-value is larger than 0.01, CRP passes the run detection.
7. A method for constructing a library of RO-PUF based CRPs according to any one of claims 1-6, wherein said S5 comprises the following sub-steps:
s51: randomly generating a group of private key data A, and calculating corresponding public key data A according to an ECC (error correction code) encryption algorithm;
s52: averagely dividing all the excitation data in the CRPs library into a plurality of groups, and combining the excitation data of each group again to form public key data B after carrying out XOR operation; the length of the public key data B is consistent with that of the private key data A;
s53: encrypting the excitation data in the CRPs library according to the public key data A and the ECC encryption algorithm;
s54: performing exclusive-or processing on the public key data A and the public key data B, wherein an exclusive-or result of the public key data A and the public key data B is used as a secret key of an AES (advanced encryption Standard) algorithm, and the secret key is used for encrypting the response data in the CRPs library;
s55: and importing the encrypted CRPs library into a nonvolatile memory of a container.
8. A CRPs library construction system based on RO-PUF is characterized by comprising a client and a chip end, wherein the client is connected with the chip end through a data line; the client comprises a generating module, a counting module, a checking module and an encrypting module;
the generating module is used for randomly generating a plurality of groups of excitation data and repeatedly transmitting the plurality of groups of excitation data to the chip end;
the chip end is used for generating corresponding response data A according to the received excitation data A and transmitting the response data A to the statistical module;
the statistical module is used for carrying out probability statistics on the response data A generated by the same excitation signal A, and when the probability of any response data A is higher than a threshold probability, selecting the response data B with the highest probability in the response data A and the excitation data A to jointly form CRP; wherein the threshold probability is: in the corresponding response data A generated by the excitation data A, the number of times of the same response data accounts for the minimum value of the total number of times of the response data;
the checking module is used for carrying out randomness checking on the CRP, and storing the CRP into a CRPs library when the CRP passes through the randomness checking;
the encryption module is used for encrypting and storing the CRPs library.
9. An RO-PUF based CRPs library construction system according to claim 8, wherein the randomness test comprises frequency detection, intra-block frequency detection and run-length detection, and when the CRPs pass the frequency detection, the intra-block frequency detection and the run-length detection, the CRPs are stored in the CRPs library.
10. An RO-PUF-based CRPs library construction system according to claim 8 or 9, wherein the encryption module processes:
randomly generating a group of private key data A, and calculating corresponding public key data A according to an ECC (error correction code) encryption algorithm;
averagely dividing the excitation data in the CRPs library into a plurality of groups, and carrying out XOR operation on each group of excitation data and then combining the excitation data again to form public key data B; the length of the public key data B is consistent with that of the private key data A;
encrypting the excitation data in the CRPs library according to the public key data A and the ECC encryption algorithm;
performing exclusive-or processing on the public key data A and the public key data B, wherein an exclusive-or result of the public key data A and the public key data B is used as a secret key of an AES (advanced encryption Standard) algorithm, and the secret key is used for encrypting the response data in the CRPs library;
and importing the encrypted CRPs library into a nonvolatile memory of a container.
CN202010752059.1A 2020-07-30 2020-07-30 CRPs library construction method and system based on RO-PUF Active CN111884799B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010752059.1A CN111884799B (en) 2020-07-30 2020-07-30 CRPs library construction method and system based on RO-PUF

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010752059.1A CN111884799B (en) 2020-07-30 2020-07-30 CRPs library construction method and system based on RO-PUF

Publications (2)

Publication Number Publication Date
CN111884799A true CN111884799A (en) 2020-11-03
CN111884799B CN111884799B (en) 2021-03-30

Family

ID=73204570

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010752059.1A Active CN111884799B (en) 2020-07-30 2020-07-30 CRPs library construction method and system based on RO-PUF

Country Status (1)

Country Link
CN (1) CN111884799B (en)

Citations (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102546149A (en) * 2012-01-16 2012-07-04 华南理工大学 Crypto chip system and secret key extraction method
CN104753667A (en) * 2013-12-27 2015-07-01 西门子公司 A circuit unit for providing a cryptographic key
CN107194117A (en) * 2017-06-16 2017-09-22 合肥工业大学 A kind of reliability method for improving of butterfly trigger physics unclonable function
US20170288885A1 (en) * 2016-03-31 2017-10-05 Intel Corporation System, Apparatus And Method For Providing A Physically Unclonable Function (PUF) Based On A Memory Technology
CN107924645A (en) * 2015-08-06 2018-04-17 本质Id有限责任公司 There is the unclonable encryption device of physics
CN108696354A (en) * 2018-06-20 2018-10-23 北京邮电大学 A kind of quantum asymmetric encryption equipment using quantum random number
CN108985105A (en) * 2018-08-22 2018-12-11 合肥工业大学 The reliability method for improving of physics unclonable function based on ring oscillator
CN109190358A (en) * 2018-09-18 2019-01-11 中国科学院计算技术研究所 Site passwords generation method, system and code management device
CN110462713A (en) * 2016-12-21 2019-11-15 智能Ic卡公司 The unclonable function of the physics of synthesis
CN110730068A (en) * 2019-09-25 2020-01-24 中国电子科技集团公司第五十八研究所 Secret key extraction method based on SRAM-PUF
US10574467B2 (en) * 2015-11-16 2020-02-25 Arizona Board Of Regents On Behalf Of Northern Arizona University Multi-state unclonable functions and related systems
CN111082925A (en) * 2019-10-23 2020-04-28 中山大学 Embedded system encryption protection device and method based on AES algorithm and PUF technology

Patent Citations (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102546149A (en) * 2012-01-16 2012-07-04 华南理工大学 Crypto chip system and secret key extraction method
CN104753667A (en) * 2013-12-27 2015-07-01 西门子公司 A circuit unit for providing a cryptographic key
CN107924645A (en) * 2015-08-06 2018-04-17 本质Id有限责任公司 There is the unclonable encryption device of physics
US10574467B2 (en) * 2015-11-16 2020-02-25 Arizona Board Of Regents On Behalf Of Northern Arizona University Multi-state unclonable functions and related systems
US20170288885A1 (en) * 2016-03-31 2017-10-05 Intel Corporation System, Apparatus And Method For Providing A Physically Unclonable Function (PUF) Based On A Memory Technology
CN110462713A (en) * 2016-12-21 2019-11-15 智能Ic卡公司 The unclonable function of the physics of synthesis
CN107194117A (en) * 2017-06-16 2017-09-22 合肥工业大学 A kind of reliability method for improving of butterfly trigger physics unclonable function
CN108696354A (en) * 2018-06-20 2018-10-23 北京邮电大学 A kind of quantum asymmetric encryption equipment using quantum random number
CN108985105A (en) * 2018-08-22 2018-12-11 合肥工业大学 The reliability method for improving of physics unclonable function based on ring oscillator
CN109190358A (en) * 2018-09-18 2019-01-11 中国科学院计算技术研究所 Site passwords generation method, system and code management device
CN110730068A (en) * 2019-09-25 2020-01-24 中国电子科技集团公司第五十八研究所 Secret key extraction method based on SRAM-PUF
CN111082925A (en) * 2019-10-23 2020-04-28 中山大学 Embedded system encryption protection device and method based on AES algorithm and PUF technology

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
余益飞: ""环形振荡器物理不可克隆函数的比较策略及可重构研究"", 《中国优秀硕士学位论文全文库信息科技辑》 *

Also Published As

Publication number Publication date
CN111884799B (en) 2021-03-30

Similar Documents

Publication Publication Date Title
EP2987267B1 (en) System and methods for encrypting data
US20060251250A1 (en) Method of generating successions of pseudo-random bits or numbers
EP3563516B1 (en) Pseudo-random generation of matrices for a computational fuzzy extractor and method for authentication
CN109614790B (en) Lightweight authentication equipment and authentication method based on feedback loop PUF
CN104704768A (en) System for generating a cryptographic key from a memory used as a physically unclonable function
CN104104500A (en) Quantum secrecy transmission method and device
Ngo et al. Breaking masked and shuffled CCA secure Saber KEM by power analysis
Ganji et al. Lattice basis reduction attack against physically unclonable functions
CN106664204A (en) Differential power analysis countermeasures
CN102449951A (en) Method for performing a cryptographic task in an electronic component
KR101631680B1 (en) Physically unclonable function circuit using S-box of AES algorithm
Wisiol et al. Why attackers lose: Design and security analysis of arbitrarily large XOR arbiter PUFs
Ueno et al. Tackling biased PUFs through biased masking: A debiasing method for efficient fuzzy extractor
CN111884799B (en) CRPs library construction method and system based on RO-PUF
Wang et al. A side-channel attack on a bitsliced higher-order masked crystals-kyber implementation
He et al. Cryptanalysis and improvement of a block cipher based on multiple chaotic systems
CN111565110B (en) Unified identity authentication system and method based on RO PUF multi-core system
CN112436945B (en) Secret key obtaining method based on SRAM-PUF
CN106375082B (en) A kind of pseudo random number production method
CN108279864A (en) System random number generation method
CN110784868B (en) Encryption and decryption method for wireless communication, data transmission method and wireless communication system
Jerjees et al. Hybrid ciphering method based on chaos logistic map and fingerprint information
US20230017265A1 (en) Method for performing cryptographic operations in a processing device, corresponding processing device and computer program product
CN111740819B (en) Time-based one-time password method and system suitable for PLC
CN117200974A (en) Fault attack protection method and device based on SM4 block cipher algorithm

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant