CN102110038B - Hardware test circuit structure applied in security chip - Google Patents
Hardware test circuit structure applied in security chip Download PDFInfo
- Publication number
- CN102110038B CN102110038B CN2009102434930A CN200910243493A CN102110038B CN 102110038 B CN102110038 B CN 102110038B CN 2009102434930 A CN2009102434930 A CN 2009102434930A CN 200910243493 A CN200910243493 A CN 200910243493A CN 102110038 B CN102110038 B CN 102110038B
- Authority
- CN
- China
- Prior art keywords
- data
- circuit
- address
- test
- encryption
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Landscapes
- Storage Device Security (AREA)
Abstract
The invention discloses a hardware test circuit structure applied in a security chip. The hardware test circuit structure comprises two circuit structures, namely, a data downloading circuit structure and a data reading circuit structure. The circuit structure supports hardware encrypted writing in a chip memory and a hardware decrypted reading, software encryption is not required in the process of data downloading, and the efficiencies of downloading and reading/checking chip key data are improved.
Description
Technical field
What the present invention relates to is the integrated circuit (IC) chip technical field; a kind of test circuit structure that is applied to the security classes chip; specifically; relate to a kind of be used to the chip that has storer and security algorithm or hardware protection mechanism; in chip testing and download phase, can carry out hardware encipher to the critical data in the storer and download the test circuit structure of reading with deciphering.Being that a kind of Jian is complete, controlled and convenient is the test circuit structure of one.
Background technology
Because the requirement of current chip data security is more and more higher, attack and physical attacks in order effectively to resist electron detection, at present the security classes chip of tape storage has added the method for designing of storage address and data encryption more and more, and namely the physical address of Memory storer and real data are address and the data after the encryption.Under chip normal use path, chip can be given Memory the logical address of CPU after encrypting, and when getting the Memory data, chip can be given CPU the Memory data after deciphering, and the CPU of chip could correct peek or executive routine like this.
Generally in chip, the address of Memory and data are transparent for test circuit, and will deposit enciphered data in Memory, just need be finished the process of encryption and decryption by software, also just need write the software crossover tool in advance.The address of Memory and data could be downloaded in the Memory storer by test circuit after the instrument conversion like this.
The mode of this software cryptography has been brought many problems:
(1) increased the intermediate link of downloading data, comprised software conversion (encryption) instrument of writing, enforcement conversion, confirm correctness of encrypting conversion etc.
(2) for the chip of different series, if the key difference, the software crossover tool must be write again.
(3) some critical datas such as the chip identification of chip, each chip has its unique chip identification, when downloading, downloads vector for one and can't deal with problems.Chip of every download just needs an independent vector.So just increase manpower and workload greatly, also be difficult to management.
For addressing the above problem and guarantee that chip CPU path can have access to correct data, can make things convenient for key message to write among the Memory again, this invention is now proposed, a kind of hardware testing circuit namely is provided, in certain test modes (enable signal TestMem_en is effective) following time, expressly being downloaded among the Memory through after the hardware encryption circuit, when reading, data are read through deciphering.What store among the Memory like this is ciphertext, has guaranteed the security of chip; Save the intermediate link of software cryptography again, finished the encryption and decryption process by hardware, also can improve the efficient of test download and verification.
Summary of the invention
What the present invention relates to is a kind of test circuit structure that is applied to the security classes chip of integrated circuit (IC) chip technical field.This test circuit structure is (the TestMem_en signal effectively is high level) under certain test modes, and support hardware is encrypted to write with hardware decryption and read the key agreement under the key of its encryption and decryption and the normal use path.Under this test pattern, the address date that the Memory store memory is put is ciphertext, and the address date on the test circuit module port is expressly.This has guaranteed the safety of chip data, has guaranteed that also CPU can correctly visit or carry out data and the program among the Memory.
Particular content comprises:
(1) downloads the data circuit structure, referring to Fig. 1
Downloading the data circuit structure comprises: the address signal (Mem_Addr) of address signal (TestMem_Addr), address encryption circuit and the key key0 of test module (Test) and memory module (Memory), test pattern enable signal (TestMem_en), Test port, outputting data signals (TestMem_Data), data encryption circuit and the key key1 of Test port and Memory storer and input data signal (Mem_Data_in).
As seen from Figure 1, when certain test modes enable signal (TestMem_en) is effective, address encryption circuit and data encryption circuit will be opened work, and the address of Memory storer and data are exactly address and the address date of data behind encrypted circuit on the Test port.And when test pattern enable signal (TestMem_en) was invalid, address encryption circuit and data encryption circuit can not opened work.
(2) sense data circuit structure is referring to Fig. 2
The sense data circuit structure comprises: the address signal (Mem_Addr) of address signal (TestMem_Addr), address encryption circuit and the key key0 of test module (Test) and memory module (Memory), certain test modes enable signal (TestMem_en), Test port, input data signal (MemTest_Data), data decrypt circuit and the key key2 of Test port and Memory storer and outputting data signals (Mem_Data_out).
As seen from Figure 2, when certain test modes enable signal (TestMem_en) is effective, address encryption circuit and data decrypt circuit will be opened work, the address of Memory storer is the address of OPADD after encrypting of test module, and the input data of test module are the data of Memory output data after deciphering.And when test pattern enable signal (TestMem_en) was invalid, address encryption circuit and data decrypt circuit can not opened work.
Description of drawings
Fig. 1 downloads the data circuit structural drawing
Fig. 2 sense data circuit structure diagram
Embodiment
Below in conjunction with accompanying drawing the specific embodiment of the present invention is further described.
Under specific test pattern, when test enable signal is effective, be 1 effective as the TestMem_en signal, then when data were downloaded, as seen from Figure 1, Mem_Addr was the address behind the address encryption circuit.The TestMem_en signal is the enable signal of address encryption decoding circuit, and the address encryption circuit is upset encryption to address signal, and key is key0.Corresponding, the data input signal Mem_Data_in of Memory is the data of TestMem_Data behind the data encryption circuit, the TestMem_en signal is the enable signal of data encryption decoding circuit, and the data encryption circuit is encrypted upset to data (TestMem_Data), and its key is key1.Under this certain test modes, behind the encrypted circuit through address and data, ciphertext after the address of Memory port memory (Mem_Addr) and data (Mem_Data_in) are encryption, and be expressly with data (TestMem_Data) in the address of test circuit port (TestMem_Addr).And when test enable signal is invalid, be 0 o'clock as the TestMem_en signal, address encryption circuit and data encryption circuit are not all opened work, and the path that the testing encryption of storer is downloaded has also namely turn-offed.This process that has guaranteed hardware encipher is controlled.
Under this certain test modes, when needs carry out the data reader check, as seen from Figure 2, if TestMem_en is 1 effective, address encryption circuit and data decrypt circuit unlatching work, Mem_Addr is the address behind the address encryption circuit, and key still is key0, so just can have access to the actual identical address that writes last time.Thereby the encrypted circuit among Fig. 1 and Fig. 2 on the address wire and key0 are multiplexing.And the data M emTest_Data that test circuit is read is the data behind the Memory output data M em_Data_out process decrypt circuit, and MemTest_Data reads as expressly.And when test enable signal is invalid, be 0 o'clock as the TestMem_en signal, address encryption circuit and data decrypt circuit are not all opened work, and the path of the test deciphering sense data of storer has also namely turn-offed, and this process that has guaranteed hardware decryption is controlled.
Disclosed in this invention is a kind of test circuit structure that is applied to the security classes chip, and support hardware is encrypted to write with deciphering and read; Both guaranteed that the data of actual storage in the Memory district were enciphered data, guaranteed chip data security; The key of encryption and decryption must with the normal use path under key agreement, could guarantee that CPU can correctly get needed data; Because the encryption and decryption process is finished by hardware circuit, improved test and downloaded and verification efficient, reduced intermediate link (saving the process of the artificial translation data of Test Engineer); Also made things convenient for and tested reciprocal process between the foundries; On the other hand, this circuit structure simply only increases a kind of certain test modes and address encryption circuit and data encrypting and deciphering circuit and part line, and the hardware enciphering and deciphering process has controllability, and the circuit cost is little, can ignore substantially on the cost.But can improve the efficient and the artificial probability of errors of minimizing of test download and verification.
Claims (3)
1. the test circuit of a security classes chip is characterized in that comprising and downloads data circuit, sense data circuit, wherein:
Described download data circuit, further comprise test module, memory module, address encryption circuit, data encryption circuit, when the certain test modes enable signal is effective, address encryption circuit and data encryption circuit working, the address of memory module and data are exactly address and address and the data of data behind address encryption circuit and data encryption circuit on the test module port;
Described sense data circuit, further comprise test module, memory module, address encryption circuit, data decrypt circuit, when the certain test modes enable signal is effective, address encryption circuit and the work of data decrypt circuit, the address of memory module is the address of OPADD after the address encryption circuit is encrypted of test module, and the input data of test module are the data of memory module output data after the deciphering of data decrypt circuit; The input end of the test module address output signal link address encrypted circuit of described download data circuit, the test module data output signal connects the input end of data encrypted circuit, the address encryption circuit is input as the test module address output signal and encrypts enable signal, export to the memory module Input Address, the data encryption circuit, be input as the test module data output signal and encrypt enable signal, export to memory module input data;
Described data decrypt circuit is input as memory module output data and conciliates secret emissary's energy signal, data after the deciphering are exported to test module, the address encryption circuit is input as the test module OPADD and conciliates secret emissary's energy signal, and memory module is exported in the address after the encryption.
2. the test circuit of a kind of security classes chip as claimed in claim 1 it is characterized in that encrypting to write with deciphering at this test circuit support hardware reading, and the encrypt and decrypt process is finished by hardware circuit.
3. the test circuit of a kind of security classes chip as claimed in claim 1 is characterized in that address encryption circuit and data encryption circuit and data decrypt circuit all have Enable Pin, whether will open work by certain test modes enable signal control decipher circuit.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2009102434930A CN102110038B (en) | 2009-12-23 | 2009-12-23 | Hardware test circuit structure applied in security chip |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2009102434930A CN102110038B (en) | 2009-12-23 | 2009-12-23 | Hardware test circuit structure applied in security chip |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN102110038A CN102110038A (en) | 2011-06-29 |
| CN102110038B true CN102110038B (en) | 2013-08-14 |
Family
ID=44174205
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2009102434930A Active CN102110038B (en) | 2009-12-23 | 2009-12-23 | Hardware test circuit structure applied in security chip |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102110038B (en) |
Families Citing this family (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104678284B (en) * | 2013-12-03 | 2017-11-14 | 北京中电华大电子设计有限责任公司 | A kind of novel test control circuit and method for improving chip robustness |
| CN109783299B (en) * | 2018-12-03 | 2020-07-17 | 北京深思数盾科技股份有限公司 | Production test method and device for core board |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US5925141A (en) * | 1997-02-04 | 1999-07-20 | Mitsubishi Denki Kabushiki Kaisha | Semiconductor memory device with data scramble circuit |
| CN1536486A (en) * | 2003-04-04 | 2004-10-13 | 上海华园微电子技术有限公司 | Intelligent card chip with microprocessor capable of making automatic test |
| CN101551438A (en) * | 2009-04-28 | 2009-10-07 | 钰创科技股份有限公司 | Chip data compressing and testing multiplex circuit and chip test circuit |
-
2009
- 2009-12-23 CN CN2009102434930A patent/CN102110038B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US5925141A (en) * | 1997-02-04 | 1999-07-20 | Mitsubishi Denki Kabushiki Kaisha | Semiconductor memory device with data scramble circuit |
| CN1536486A (en) * | 2003-04-04 | 2004-10-13 | 上海华园微电子技术有限公司 | Intelligent card chip with microprocessor capable of making automatic test |
| CN101551438A (en) * | 2009-04-28 | 2009-10-07 | 钰创科技股份有限公司 | Chip data compressing and testing multiplex circuit and chip test circuit |
Also Published As
| Publication number | Publication date |
|---|---|
| CN102110038A (en) | 2011-06-29 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9483664B2 (en) | Address dependent data encryption | |
| CN102138300B (en) | Message authentication code pre-computation with applications to secure memory | |
| US8213612B2 (en) | Secure software download | |
| CN100403281C (en) | Dynamic key based hardware data enciphering method and device thereof | |
| CA2793810C (en) | Method and system for securing data utilizing redundant secure key storage | |
| CN101231622B (en) | Data storage method and equipment base on flash memory, as well as data fetch method and apparatu | |
| CN105160242B (en) | Certificate loading method, certificate update method and the card reader of a kind of card reader | |
| EP3667535B1 (en) | Storage data encryption and decryption device and method | |
| CN1734475B (en) | Semiconductor integrated circuit and information processing apparatus | |
| CN109429222A (en) | A kind of pair of Wireless Communication Equipment upgrade procedure and the method for communication data encryption | |
| CN102436423B (en) | Controller and method for protecting NorFlash core data outside universal sheet | |
| CN109104724B (en) | A kind of data ciphering method and device for device upgrade | |
| JP2020535693A (en) | Storage data encryption / decryption device and method | |
| CN101882189B (en) | Embedded-type system for ensuring completeness of program and realization method thereof | |
| US9152576B2 (en) | Mode-based secure microcontroller | |
| US20160072779A1 (en) | Securing a cryptographic device against implementation attacks | |
| US11429751B2 (en) | Method and apparatus for encrypting and decrypting data on an integrated circuit | |
| CN103258172A (en) | Off-chip Nor Flash bus interface hardware encryption device | |
| CN104732159A (en) | File processing method and file processing device | |
| CN112400294B (en) | Secure communications from within a non-volatile memory device | |
| CN102110038B (en) | Hardware test circuit structure applied in security chip | |
| CN113158203B (en) | SOC chip, circuit and external data read-write method of SOC chip | |
| CN105721139A (en) | AES decryption and decryption method and circuit for FPGA with limited IO resource | |
| CN103336919A (en) | System and method for achieving instrument encryption verification control function | |
| CN103544011B (en) | A kind of dynamic creation is also used the method for functional object |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| C56 | Change in the name or address of the patentee | ||
| CP02 | Change in the address of a patent holder |
Address after: 102209 Beijing, Beiqijia, the future of science and technology in the south area of China electronic network security and information technology industry base C building, Patentee after: Beijing CEC Huada Electronic Design Co., Ltd. Address before: 100102 Beijing City, Chaoyang District Lize two Road No. 2, Wangjing science and Technology Park A block five layer Patentee before: Beijing CEC Huada Electronic Design Co., Ltd. |