CN116707772A - Identity information management method of controller chip - Google Patents
Identity information management method of controller chip Download PDFInfo
- Publication number
- CN116707772A CN116707772A CN202310976189.7A CN202310976189A CN116707772A CN 116707772 A CN116707772 A CN 116707772A CN 202310976189 A CN202310976189 A CN 202310976189A CN 116707772 A CN116707772 A CN 116707772A
- Authority
- CN
- China
- Prior art keywords
- ciphertext data
- chip
- bit stream
- data
- uplink
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000007726 management method Methods 0.000 title claims abstract description 12
- 238000012795 verification Methods 0.000 claims abstract description 12
- 230000004044 response Effects 0.000 claims abstract description 8
- 238000003860 storage Methods 0.000 claims abstract description 7
- 238000000034 method Methods 0.000 claims description 15
- 238000012360 testing method Methods 0.000 claims description 12
- 230000006870 function Effects 0.000 claims description 6
- 238000013461 design Methods 0.000 claims description 4
- 238000004519 manufacturing process Methods 0.000 claims description 3
- 230000008569 process Effects 0.000 claims description 2
- 238000011144 upstream manufacturing Methods 0.000 claims 2
- 230000005284 excitation Effects 0.000 abstract description 2
- 238000011161 development Methods 0.000 description 3
- 230000007547 defect Effects 0.000 description 2
- 238000001514 detection method Methods 0.000 description 2
- 238000004458 analytical method Methods 0.000 description 1
- 238000013473 artificial intelligence Methods 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 238000007689 inspection Methods 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
- 238000004904 shortening Methods 0.000 description 1
Abstract
The invention discloses an identity information management method of a controller chip, and belongs to the technical field of data identification. The invention uses clock source characteristics as an excitation source, and obtains an identity verification result by comparing the response value of the key generation circuit as a unique identity mark with preset standard data. In the data flow layer, adopting double chips to be respectively and independently associated with an upper computer and a key generation circuit, and exchanging information between the two chips by ciphertext data; the clock source characteristic forms downlink ciphertext data through bit stream coding and bit stream encryption, and the response value of the key generation circuit can adopt AES-CBC block encryption or AES-GCM stream encryption to form uplink ciphertext data; and for the received uplink ciphertext data, the received uplink ciphertext data is stored by a special RAM on the chip, and the storage position is selected from BBRAM or eFUSE, so that the safety of the data is ensured. The key generation circuit can generate a unique key according to the uniqueness of read-write operation, the random frequency characteristic of the ring oscillator circuit or the tiny difference of capacitance, and the accuracy and uniqueness of identity verification are ensured.
Description
Technical Field
The invention relates to the technical field of data identification, in particular to an identity information management method of a controller chip.
Background
The robot controller is one of the most central parts of the industrial robot, plays a decisive role in the performance of the robot and affects the development of the robot to a certain extent. The robot controller is a device for controlling the robot to complete certain actions or work tasks according to the instructions and the sensing information, and is a heart of the robot, so that the performance of the robot is determined. The chip is a component of the control robot system, and in the case of an industrial robot, it is necessary to mount a chip including FPGA, MCU, DSP, IGBT.
The FPGA chip has the advantages of high speed, parallelism, abundant operation and pin resources, flexible functions, direct realization of algorithm by hardware, simple and efficient operand access mechanism, direct detection of the bottom layer of hardware by developing and debugging means and the like when being applied to the field of robots. The application of the FPGA in the servo driver is a common practice in the industry, and the FPGA is stronger than a CPU in the aspect of executing an image processing algorithm, so that the FPGA is an optimal scheme; when executing the artificial intelligence algorithm, the FPGA is a mainstream scheme parallel to the GPU, and has certain advantages in terms of power consumption. In addition to shortening development and verification cycles, the use of FPGAs, as compared to ASIC development, also means that the logic can be changed quickly when a problem arises, or that functional requirements can be modified or enhanced if necessary.
Although the method has the advantages in the aspects of execution efficiency, power consumption, programmability and the like, the FPGA chip has the defects of high cost, complex design, poor safety and the like. Especially for wide-range applications as robot control chips, there may be a security risk, as the FPGA chip is programmable, for example unauthorized persons may insert malicious code into the FPGA chip. To adequately protect it from attacks, FPGA vendors have introduced bit stream encryption techniques to authenticate and keep secret. Various techniques have been proposed in the past for bit stream encryption such as bypass analysis and detection, however, new attack modes manipulate the encrypted bit stream during configuration, redirecting decrypted content to the WBSTAR configuration registers whose contents can be read out after reset, thereby implementing an attack bypassing the encryption hierarchy. In this case, improving the management level of the chip on the identity information is also one way to reduce the security risk.
Disclosure of Invention
The invention aims at solving the technical defects of the prior art, and provides an identity information management method of a controller chip, so as to solve the technical problem that the conventional management method is to be improved in safety.
In order to achieve the technical purpose, the invention adopts the following technical scheme:
an identity information management method of a controller chip, comprising: the primary chip responds to an upper computer instruction to read the clock source characteristic of the controller chip from the DB, encodes the clock source characteristic into a bit stream and encrypts the bit stream to form downlink ciphertext data, then transmits the downlink ciphertext data to the secondary chip, decodes the received downlink ciphertext data and loads the decoded downlink ciphertext data to the key generation circuit, the secondary chip encrypts a response value from the key generation circuit to form uplink ciphertext data, the uplink ciphertext data is returned to the primary chip, and the primary chip decodes the received uplink ciphertext data and compares the decoded uplink ciphertext data with preset standard data to obtain an identity verification result.
Preferably, the key generation circuit generates a plurality of different key data under the same circuit structure by utilizing the process parameter deviation in the integrated circuit manufacturing process, so as to realize the hardware function with the chip identity.
Preferably, the key generation circuit is selected from SRAM PUF circuits, ringOscillator PUF circuits, or PUF circuits based on interconnection capacitance.
Preferably, the SRAM PUF exploits the inherent randomness of the SRAM memory cells to generate a non-replicable key by read and write operations to the SRAM; ring Oscillator PUF utilizes the random frequency characteristics of the ring oscillator circuit to generate a non-replicable key by starting and stopping the ring oscillator; PUFs based on interconnection capacitance exploit small differences in capacitance to generate unique keys.
Preferably, the primary chip is provided with a bit stream encryption module and an on-chip bit stream decryption module, and the received uplink ciphertext data is stored by a special RAM on the chip, and the storage position is selected from BBRAM or eFUSE.
Preferably, the uplink ciphertext data is transmitted only through the JTAG port, and the on-chip bit stream decryption module adopts AES decryption logic and is not used for other purposes for decrypting the uplink ciphertext data.
Preferably, the encryption mode of the primary chip to the bit stream is selected from AES-CBC block encryption or AES-GCM stream encryption; wherein the AES-GCM stream encryption is provided with a GMAC information verification module.
Preferably, the primary chip executes the following steps while receiving the uplink ciphertext data: generating an unencrypted bit stream, an encrypted bit stream using an independent key, an encrypted bit stream using all 1's, an encrypted bit stream using all 0's, respectively, checking each generated bit stream to verify whether encryption has been performed
Preferably, the method further comprises: checking hardware, testing an FPGA decoder and testing the safety of uplink ciphertext data on an FPGA which is not programmed.
Preferably, the checking hardware includes: the device programmer is connected to the FPGA, unencrypted data is downloaded through JTAG, and whether the design operates according to expectations is verified; the test FPGA decoder includes: downloading a bit stream file encrypted by using an all-zero key, and loading the bit stream file to eFUSEs; the security testing of the uplink ciphertext data comprises the following steps: the bit stream file encrypted using the independent key is downloaded and compared to the expected configuration.
The invention discloses an identity information management method of a controller chip. According to the technical scheme, clock source characteristics are used as an excitation source, a response value of a key generation circuit is used as a unique identity mark, and the unique identity mark is compared with preset standard data, so that an identity verification result is obtained. In the data flow layer, the invention adopts double chips to be respectively and independently associated with an upper computer and a key generation circuit, and information is exchanged between the two chips by ciphertext data; the clock source characteristic forms downlink ciphertext data through bit stream coding and bit stream encryption, and the response value of the key generation circuit can adopt AES-CBC block encryption or AES-GCM stream encryption to form uplink ciphertext data; for the received uplink ciphertext data, the storage position is selected from BBRAM or eFUSE in the special RAM on the chip, so that the security of the data is ensured. The key generation circuit can generate a unique key according to the uniqueness of read-write operation, the random frequency characteristic of the ring oscillator circuit or the tiny difference of capacitance, and the accuracy and uniqueness of identity verification are ensured.
Detailed Description
Hereinafter, embodiments of the present invention will be described in detail. In order to avoid unnecessary detail, well-known structures or functions will not be described in detail in the following embodiments. Approximating language, as used in the following examples, may be applied to create a quantitative representation that could permissibly vary without resulting in a change in the basic function. Unless defined otherwise, technical and scientific terms used in the following examples have the same meaning as commonly understood by one of ordinary skill in the art to which this invention belongs.
Example 1
An identity information management method of a controller chip, comprising: the primary chip responds to an upper computer instruction to read the clock source characteristic of the controller chip from the DB, encodes the clock source characteristic into a bit stream and encrypts the bit stream to form downlink ciphertext data, then transmits the downlink ciphertext data to the secondary chip, decodes the received downlink ciphertext data and loads the decoded downlink ciphertext data to the key generation circuit, the secondary chip encrypts a response value from the key generation circuit to form uplink ciphertext data, the uplink ciphertext data is returned to the primary chip, and the primary chip decodes the received uplink ciphertext data and compares the decoded uplink ciphertext data with preset standard data to obtain an identity verification result. The key generation circuit is selected from an SRAM PUF circuit, a RingOscillator PUF circuit or an interconnection capacitance-based PUF circuit. The SRAM PUF generates a non-replicable key through read-write operation of the SRAM by utilizing the inherent randomness of the SRAM storage unit; ring Oscillator PUF utilizes the random frequency characteristics of the ring oscillator circuit to generate a non-replicable key by starting and stopping the ring oscillator; PUFs based on interconnection capacitance exploit small differences in capacitance to generate unique keys.
Example 2
An identity information management method of a controller chip, comprising: the primary chip responds to an upper computer instruction to read the clock source characteristic of the controller chip from the DB, encodes the clock source characteristic into a bit stream and encrypts the bit stream to form downlink ciphertext data, then transmits the downlink ciphertext data to the secondary chip, decodes the received downlink ciphertext data and loads the decoded downlink ciphertext data to the key generation circuit, the secondary chip encrypts a response value from the key generation circuit to form uplink ciphertext data, the uplink ciphertext data is returned to the primary chip, and the primary chip decodes the received uplink ciphertext data and compares the decoded uplink ciphertext data with preset standard data to obtain an identity verification result.
The key generation circuit generates a plurality of different key data under the same circuit structure by utilizing the technological parameter deviation in the integrated circuit manufacturing process, so as to realize the hardware function with the chip identity.
The key generation circuit is selected from an SRAM PUF circuit, a RingOscillator PUF circuit or an interconnection capacitance-based PUF circuit.
The SRAM PUF generates a non-replicable key through read-write operation of the SRAM by utilizing the inherent randomness of the SRAM storage unit; ring Oscillator PUF utilizes the random frequency characteristics of the ring oscillator circuit to generate a non-replicable key by starting and stopping the ring oscillator; PUFs based on interconnection capacitance exploit small differences in capacitance to generate unique keys.
The primary chip is provided with a bit stream encryption module and an on-chip bit stream decryption module, and the received uplink ciphertext data is stored by a special RAM on the chip, and the storage position is selected from BBRAM or eFUSE.
The uplink ciphertext data is transmitted only through the JTAG port, and the on-chip bit stream decryption module adopts AES decryption logic and is not used for other purposes for decrypting the uplink ciphertext data.
The encryption mode of the primary chip to the bit stream is selected from AES-CBC block encryption or AES-GCM stream encryption; wherein the AES-GCM stream encryption is provided with a GMAC information verification module.
The primary chip executes the following steps when receiving the uplink ciphertext data: generating an unencrypted bit stream, an encrypted bit stream using an independent key, an encrypted bit stream using all 1's, an encrypted bit stream using all 0's, respectively, checking each generated bit stream to verify whether encryption has been performed
Further comprises: checking hardware, testing an FPGA decoder and testing the safety of uplink ciphertext data on an FPGA which is not programmed.
The inspection hardware includes: the device programmer is connected to the FPGA, unencrypted data is downloaded through JTAG, and whether the design operates according to expectations is verified; the test FPGA decoder includes: downloading a bit stream file encrypted by using an all-zero key, and loading the bit stream file to eFUSEs; the security testing of the uplink ciphertext data comprises the following steps: the bit stream file encrypted using the independent key is downloaded and compared to the expected configuration.
The foregoing describes the embodiments of the present invention in detail, but the description is only a preferred embodiment of the present invention and is not intended to limit the present invention. Any modification, equivalent replacement, improvement, etc. made within the scope of the present invention should be included in the protection scope of the present invention.
Claims (10)
1. An identity information management method of a controller chip, comprising: the primary chip responds to an upper computer instruction to read the clock source characteristic of the controller chip from the DB, encodes the clock source characteristic into a bit stream and encrypts the bit stream to form downlink ciphertext data, then transmits the downlink ciphertext data to the secondary chip, decodes the received downlink ciphertext data and loads the decoded downlink ciphertext data to the key generation circuit, the secondary chip encrypts a response value from the key generation circuit to form uplink ciphertext data, the uplink ciphertext data is returned to the primary chip, and the primary chip decodes the received uplink ciphertext data and compares the decoded uplink ciphertext data with preset standard data to obtain an identity verification result.
2. The method for managing identity information of a controller chip according to claim 1, wherein the key generation circuit generates a plurality of different key data under the same circuit structure by using process parameter deviation in the integrated circuit manufacturing process, thereby realizing a hardware function with chip identity.
3. The method of claim 1, wherein the key generation circuit is selected from the group consisting of SRAM PUF circuits, ringOscillator PUF circuits, and PUF circuits based on interconnection capacitance.
4. A method of managing identity information of a controller chip according to claim 3, wherein the SRAM PUF uses the inherent randomness of the SRAM memory cells to generate a non-replicable key by read-write operations to the SRAM; ring Oscillator PUF utilizes the random frequency characteristics of the ring oscillator circuit to generate a non-replicable key by starting and stopping the ring oscillator; PUFs based on interconnection capacitance exploit small differences in capacitance to generate unique keys.
5. The method of claim 1, wherein the primary chip is provided with a bitstream encryption module and an on-chip bitstream decryption module, and the received uplink ciphertext data is stored in a dedicated RAM on-chip, and the storage location is selected from BBRAM or eFuse.
6. The method of claim 1, wherein the upstream ciphertext data is transmitted only through a JTAG port, and the on-chip bitstream decryption module uses AES decryption logic without other use for decrypting the upstream ciphertext data.
7. The method for managing identity information of a controller chip according to claim 1, wherein the encryption mode of the bit stream by the primary chip is selected from AES-CBC block encryption or AES-GCM stream encryption; wherein the AES-GCM stream encryption is provided with a GMAC information verification module.
8. The method for managing identity information of a controller chip according to claim 1, wherein the primary chip performs the following steps while receiving the uplink ciphertext data: generating an unencrypted bit stream, an encrypted bit stream using an independent key, an encrypted bit stream using all 1's, and an encrypted bit stream using all 0's, respectively, and checking each of the generated bit streams to verify whether encryption has been performed.
9. The method for managing identity information of a controller chip according to claim 1, further comprising: checking hardware, testing an FPGA decoder and testing the safety of uplink ciphertext data on an FPGA which is not programmed.
10. The method for managing identity information of a controller chip according to claim 9, wherein said checking hardware comprises: the device programmer is connected to the FPGA, unencrypted data is downloaded through JTAG, and whether the design operates according to expectations is verified; the test FPGA decoder includes: downloading a bit stream file encrypted by using an all-zero key, and loading the bit stream file to eFUSEs; the security testing of the uplink ciphertext data comprises the following steps: the bit stream file encrypted using the independent key is downloaded and compared to the expected configuration.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310976189.7A CN116707772A (en) | 2023-08-04 | 2023-08-04 | Identity information management method of controller chip |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310976189.7A CN116707772A (en) | 2023-08-04 | 2023-08-04 | Identity information management method of controller chip |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN116707772A true CN116707772A (en) | 2023-09-05 |
Family
ID=87826158
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202310976189.7A Pending CN116707772A (en) | 2023-08-04 | 2023-08-04 | Identity information management method of controller chip |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN116707772A (en) |
Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20030204743A1 (en) * | 2002-04-16 | 2003-10-30 | Srinivas Devadas | Authentication of integrated circuits |
| KR20100067584A (en) * | 2008-12-11 | 2010-06-21 | 한국전자통신연구원 | Device and method for offering integrated security |
| CN104090790A (en) * | 2014-06-30 | 2014-10-08 | 飞天诚信科技股份有限公司 | Two-chip scheme firmware updating method for safety terminal |
| CN108234132A (en) * | 2017-12-07 | 2018-06-29 | 深圳市中易通安全芯科技有限公司 | The safe communication system and method for a kind of main control chip and encryption chip |
| CN110889123A (en) * | 2019-11-01 | 2020-03-17 | 浙江地芯引力科技有限公司 | Authentication method, key pair processing method, device and readable storage medium |
| CN110909338A (en) * | 2019-11-01 | 2020-03-24 | 浙江地芯引力科技有限公司 | Security authentication method and system based on security chip and security chip |
| CN111082925A (en) * | 2019-10-23 | 2020-04-28 | 中山大学 | Embedded system encryption protection device and method based on AES algorithm and PUF technology |
| CN210515295U (en) * | 2019-11-01 | 2020-05-12 | 浙江地芯引力科技有限公司 | Security authentication system and information processing device based on security chip |
| WO2021083349A1 (en) * | 2019-11-01 | 2021-05-06 | 浙江地芯引力科技有限公司 | Security chip-based security authentication method and system, security chip, and readable storage medium |
-
2023
- 2023-08-04 CN CN202310976189.7A patent/CN116707772A/en active Pending
Patent Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20030204743A1 (en) * | 2002-04-16 | 2003-10-30 | Srinivas Devadas | Authentication of integrated circuits |
| KR20100067584A (en) * | 2008-12-11 | 2010-06-21 | 한국전자통신연구원 | Device and method for offering integrated security |
| CN104090790A (en) * | 2014-06-30 | 2014-10-08 | 飞天诚信科技股份有限公司 | Two-chip scheme firmware updating method for safety terminal |
| CN108234132A (en) * | 2017-12-07 | 2018-06-29 | 深圳市中易通安全芯科技有限公司 | The safe communication system and method for a kind of main control chip and encryption chip |
| CN111082925A (en) * | 2019-10-23 | 2020-04-28 | 中山大学 | Embedded system encryption protection device and method based on AES algorithm and PUF technology |
| CN110889123A (en) * | 2019-11-01 | 2020-03-17 | 浙江地芯引力科技有限公司 | Authentication method, key pair processing method, device and readable storage medium |
| CN110909338A (en) * | 2019-11-01 | 2020-03-24 | 浙江地芯引力科技有限公司 | Security authentication method and system based on security chip and security chip |
| CN210515295U (en) * | 2019-11-01 | 2020-05-12 | 浙江地芯引力科技有限公司 | Security authentication system and information processing device based on security chip |
| WO2021083349A1 (en) * | 2019-11-01 | 2021-05-06 | 浙江地芯引力科技有限公司 | Security chip-based security authentication method and system, security chip, and readable storage medium |
Non-Patent Citations (2)
| Title |
|---|
| 刘丹等: "《一种基于SRAM PUF的安全双向认证协议》", 《密码学报》 * |
| 张亮: "《一种安全身份认证芯片研究与实现》", 《CNKI优秀硕士学位论文全文库》 * |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108269605B (en) | Security device state apparatus and method | |
| US20240031158A1 (en) | Secure unlock systems for locked devices | |
| US20200302090A1 (en) | Selectively Disabling Configurable Communication Paths of a Multiprocessor Fabric | |
| US9165143B1 (en) | Image file generation and loading | |
| US9230112B1 (en) | Secured booting of a field programmable system-on-chip including authentication of a first stage boot loader to mitigate against differential power analysis | |
| JP5607546B2 (en) | Method and apparatus for controlling system access during a protected mode of operation | |
| US8423788B2 (en) | Secure memory card with life cycle phases | |
| KR101726108B1 (en) | Secure key derivation and cryptography logic for integrated circuits | |
| US8572410B1 (en) | Virtualized protected storage | |
| TWI460604B (en) | Secure microcontroller,hardware cipher,and method for securing content within a microcontroller | |
| CN100386707C (en) | Generating key hierarchy for use in isolated execution environment | |
| US8321686B2 (en) | Secure memory card with life cycle phases | |
| KR20170095161A (en) | Secure system on chip | |
| US20060176068A1 (en) | Methods used in a secure memory card with life cycle phases | |
| US11354417B2 (en) | Enhanced secure boot | |
| CN107729758A (en) | Secure processor for multi-tenant cloud workloads | |
| KR100972540B1 (en) | Secure memory card with life cycle phases | |
| CN107111728A (en) | Safe key export function | |
| Kumar et al. | Itus: A secure risc-v system-on-chip | |
| CN108920984A (en) | The anti-clone of one kind distorts safe SSD main control chip framework | |
| Jiang et al. | Implementing a arm-based secure boot scheme for the isolated execution environment | |
| CN116707772A (en) | Identity information management method of controller chip | |
| CN111095213B (en) | Secure boot method, device, equipment and storage medium for embedded program | |
| Chaves et al. | Reconfigurable cryptographic processor | |
| Niu et al. | Security Mechanism Design on the Embedded Computer System |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |