CN102546150A - Cryptographic-equipment-oriented energy leakage acquisition method and system - Google Patents
Cryptographic-equipment-oriented energy leakage acquisition method and system Download PDFInfo
- Publication number
- CN102546150A CN102546150A CN2012100268571A CN201210026857A CN102546150A CN 102546150 A CN102546150 A CN 102546150A CN 2012100268571 A CN2012100268571 A CN 2012100268571A CN 201210026857 A CN201210026857 A CN 201210026857A CN 102546150 A CN102546150 A CN 102546150A
- Authority
- CN
- China
- Prior art keywords
- sampling
- oscilloscope
- server
- order
- sends
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Computer And Data Communications (AREA)
Abstract
The invention discloses a cryptographic-equipment-oriented energy leakage acquisition method and system, belonging to the technical field of information security. The method disclosed by the invention comprises the following steps that: (1) a sampling client-side resolves inputted command information to generate a sampling command sequence and sends the sampling command sequence to a sampling server; (2) the sampling server resolves the sampling command sequence to generate control information and sends the control information to an oscillograph or a cryptographic chip; (3) the cryptographic chip executes the received control information and generates a trigger signal, then, sends the executed result to the sampling server, and sends the trigger signal to the oscillograph; (4) the oscillograph executes the received control information, and carries out energy trace information acquisition on the cryptographic chip according to the trigger signal; and (5) the oscillograph sends acquired energy traces to the sampling client-side through the sampling server. The system disclosed by the invention comprises target equipment, the sampling client-side, the sampling server and the oscillograph. The cryptographic-equipment-oriented energy leakage acquisition method and the cryptographic-equipment-oriented energy leakage acquisition system contribute to the fast, accurate and effective evaluation of the energy analysis attack resistance of a cryptographic algorithm in the physics realization of embedded microprocessing.
Description
Technical field
The present invention relates to a kind of energy and reveal acquisition method and system, belong to field of information security technology towards encryption device.
Background technology
The essence of information security is exactly to protect the information resources in information system or the information network to avoid various types of threats, interference and destruction, i.e. the fail safe of guarantee information.According to the definition of International Standards Organization, the implication of Information Security mainly is meant information integrity, availability, confidentiality and reliability.The basis of RESEARCH OF CHAOS-BASED SECURITY COMMUNICATION is a cryptography, and cryptographic algorithm then is the foundation stone that makes up the RESEARCH OF CHAOS-BASED SECURITY COMMUNICATION mansion.
According to the Kirchhoff principle, the fail safe of cryptographic algorithm is only depended on key and is had nothing to do with AES itself, therefore protects the key of cryptographic system not to be illegally accessed the key that becomes information security.The extraneous information of being revealed when the cryptanalysis of side channel utilizes the cryptographic system operation, fast and effeciently analytical derivation goes out the secret parameter in the cryptographic system, perhaps reduces the required search volume of decryption parameter greatly.In recent years, utilized the side Multiple Channel Analysis method of side information leakage such as time of implementation, energy consumption, electromagnetic radiation that significant progress has all been arranged.Wherein, energy spectrometer is attacked and has mainly been utilized the secret information of revealing in the energy consumption of encryption device.When crypto chip carries out crypto-operation; Its energy consumption depends on sensitive parameter and ongoing crypto-operations such as the key, plaintext of this cryptographic algorithm closely; Energy consumption curve when therefore crypto chip being carried out cryptographic algorithm is gathered and is analyzed; Can therefrom find this dependence, thereby recover the key in the crypto chip.It is typical side channel cryptanalysis method that energy spectrometer is attacked, and the physical security to embedded cryptography equipment has caused serious threat.Energy is revealed and gathered is to implement the important prerequisite that energy spectrometer is attacked, and the present invention promptly reveals acquisition method and system towards the energy of encryption device, and energy is revealed the key technology in the gatherer process when being intended to solve energy spectrometer.
To be a research do not knowing to decipher usually the knowledge of under the situation of needed secret information information encrypted being deciphered in cryptanalysis.As far as contemporary cryptology, cryptanalytic core cracks out key exactly.To specific cryptographic system or encryption device, the side Multiple Channel Analysis can utilize the side information leakage of this system or equipment, recovers the secret parameter such as key of encryption device.In side channel field, it is a kind of attack pattern that the most also can cause huge lethality to encryption device that energy spectrometer is attacked.Energy spectrometer is attacked the physical security that password is realized and has been caused serious threat; So the physical security to cryptographic algorithm is realized is assessed; Especially the physical security of design phase assessment has become very urgent domestic demand in the current domestic and international password engineering practice.Also clearly proposed the assessment of crypto module among the crypto module evaluation criteria FIPS
of Federal Government issue in the recent period, the key player of side Multiple Channel Analysis field crypto module safety also has been described from a side to the defence capability of non-invasion formula attack.
In order to assess the ability that the physical security that cryptographic algorithm is realized, especially cryptographic algorithm realize that opposing side Multiple Channel Analysis is attacked, need a cover to carry out the system of side-channel attack analyzing and testing for encryption device.And be exactly fast and effeciently to obtain the energy consumption curve of encryption device when carrying out cryptographic algorithm to the first step that encryption device carries out the energy spectrometer attack detecting, i.e. sampling.Because energy expenditure information is followed the noise of major part usually, generally, energy spectrometer is attacked and all need be utilized more sampled data to reduce noise.How better the part that does not rely on the cryptosecurity parameter in the data to be reduced to minimum to the influence of analyzing, often the key of energy spectrometer success or not.This just the side channel leakage data and curves when fast and effeciently gathering cryptographic system or equipment and carry out cryptographic algorithm comparatively harsh requirement has been proposed.
Summary of the invention
The present invention proposes a kind of energy and reveal acquisition method, and realized a kind of general energy leakage acquisition system based on the method towards encryption device.This system interface and design of protocol are perfect; Have good autgmentability and configurability; Can support polytype target encryption device; Support for the energy spectrometer in the side channel cryptanalysis field provides direct basic system, will become the strong supporting tool that crypto chip detects.
Technical scheme of the present invention is:
A kind of energy towards encryption device is revealed acquisition method, the steps include:
1) the sampling client is resolved the command information of input, generates the sample command sequence and sends it to the sampling server;
2) the sampling server is resolved the said sample command sequence of receiving; If the order that parses is the control command of crypto chip on the target device, then is converted into the control information that this crypto chip can discern and sends to this crypto chip; If the order that parses is oscillographic control command, then is converted into the control information that this oscilloscope can discern and sends to this oscilloscope;
3) said crypto chip is carried out the control information of receiving and is generated triggering signal; Then execution result is sent to the sampling server, said triggering signal is sent to said oscilloscope;
4) said oscilloscope is carried out the control information of receiving, and according to the said triggering signal of receiving said crypto chip is carried out the information gathering of energy mark;
5) said oscilloscope sends to the sampling server with the energy mark of gathering, and the sampling server sends to the sampling client with energy mark of receiving and said execution result.
Further, said target device is provided with an energy consumption measurement circuit, and said oscilloscope is provided with difference detector; Said oscilloscope is gathered the energy that said energy consumption measurement circuit is surveyed through said difference detector.
Further, said sampling server is connected through network or data wire with said sampling client; Said target device is connected through serial ports or USB interface with said sampling server.
Further, comprise in the command information of said input sampling configuration order to said sampling server, to said oscillographic sampling configuration order, to the sampling configuration order of said target device.
A kind of energy towards encryption device is revealed acquisition system, it is characterized in that comprising target device, sampling client, sampling server, oscilloscope; Said sampling server is connected with said target device, said oscilloscope respectively through data wire, and said sampling server is connected with said sampling client through network or data wire; Said target device comprises a crypto chip, circuits for triggering that are connected with said crypto chip respectively and energy consumption measurement circuit, and said oscilloscope is provided with probe, is used to gather the energy mark of said target device; Wherein:
Said sampling client is used for the order of input is generated command sequence, and sends it to said sampling server;
Said sampling server is used to resolve the order that said sampling client is sent, if the order that parses is the control command of crypto chip on the target device, then is converted into the control information that this crypto chip can discern and sends to this crypto chip; If the order that parses is oscillographic control command, then is converted into the control information that this oscilloscope can discern and sends to this oscilloscope; And the said execution result that will receive and energy mark send to said sampling client;
Said target device comprises chip control module and algorithms library; Said chip control module is used to resolve the order of being sent by the sampling server, carry out corresponding operation and execution result is sent to said sampling server, and the triggering signal that said circuits for triggering are produced sends to said oscilloscope; Said algorithms library comprises some cryptographic algorithms;
Said oscilloscope is used to resolve and carry out the oscilloscope order that the sampling server sends; Postback command response after the fill order and give the sampling server, and said target device is carried out the collection of energy mark information and the energy mark of gathering is sent to said sampling server according to the said triggering signal of receiving.
Further, said sampling client receives the order of input through command line interpreter.
Further, comprise in the command information of said input sampling configuration order to said sampling server, to said oscillographic sampling configuration order, to the sampling configuration order of said target device.
Further, the configuration information of said sampling server comprises: listening port number, string slogan, serial communication baud rate, connect oscillographic connection name and equipment code name.
Further, said target device comprises that one supports the order control protocol that elongated parameter is provided with, and is used to receive the order control protocol of input, and the controlled target encryption device is accomplished crypto-operation, transmits parameter.
Further, said oscilloscope adopts character pattern or byte mode that the energy mark of gathering is sent to said sampling server.
At first introduce general frame of the present invention below, introduce its functional characteristic then.
At first introduce general frame of the present invention.The present invention mainly is made up of target device, sampling server, sampling client and four parts of oscilloscope.General frame and connected mode are as shown in Figure 1.Target device is connected with the sampling server through serial ports; Oscilloscope is through difference detector linking objective device measuring interface and collecting energy reveal information; Simultaneously oscilloscope through one group of ordinary ultrasonic probe linking objective equipment trigger interface and catch triggering signal; Oscilloscope is connected through the TCP/IP network with the sampling server, and the sampling client is connected through the TCP/IP network with the sampling server.
To introduce these four main composition parts below in detail.
1) target device
Target device promptly need be to its embedded cryptography chip and minimum operating circuit thereof of sampling.The target device that relates among the present invention must be connected with the sampling server, generally adopts serial ports or USB.Target device can be multiple embedded device based on complete dissimilar crypto chips, and the present invention is an example with the PowerSuite of an independent development, and the effect of target device in this sampling system is described.
With PowerSuite is example, and the basic module of its hardware components comprises: the STC89C58RD+ microprocessor, and based on the serial communication interface of SP3232EE serial ports control chip, the energy consumption measurement circuit part of special-purpose trigger control circuit and process filtering optimization.Software section mainly comprises 3 basic modules: core algorithm storehouse and crypto chip control module that crypto chip serial-port communication agreement (be communication module be used for and sample and carry out transfer of data between the server), crypto chip are supported.
2) oscilloscope
Native system has been selected a programmable digital oscilloscope for use.Software section on the oscilloscope mainly is quick sampling and the parameter set and connect configuration for ease; Mainly comprise 3 basic modules: link block; Oscilloscope basic parameter configuration module, large-scale data coding transmission module is used for and samples and carry out transfer of data between the server.
3) sampling server
The sampling server is a PC who has serial ports (or USB), is connected to local area network (LAN).Serial ports (or USB) linking objective equipment connects oscilloscope and sampling client through network.Its software section mainly comprises 5 modules:, be connected and protocol module command analysis module, crypto chip control module, oscilloscope control module based on the Configuration Manager of XML with client.
4) sampling client
The sampling client is a PC who is connected to local area network (LAN), is connected to the sampling server through network.Its software section mainly comprises 5 modules: the command line parameter explanation module, and based on the Configuration Manager of XML, experiment order sequence generation module, server connects and protocol module, energy mark format memory module.
The present invention has taken into full account the actual scene that energy spectrometer is attacked, and can carry out the flexile different requirement that is configured to adapt to, its basic function characteristic mainly comprise following some:
1) supports long-range sampling
On the basis that crypto chip, oscilloscope and sampling server all correctly dispose, connect and move, can easily the sampling client be deployed on the main frame of any networking.The user only need configure the order line sampling parameter of client, can accomplish the sampling task.The client of this framework can be transplanted to easily multi-platform on, to satisfy under the different platform demand to the energy spectrometer data acquisition.
2) support order line and XML mode to dispose
Command line mode can be distributed on the distance host with network configuration easily, is convenient to the long-range sampling system of utilizing and samples, and obtains data, carries out local off-line analysis and processing again.
3) support the several data form
The energy mark data that sampling system collects all can be carried out the preservation of multiple form, to satisfy different data analyses and processing demands.Stronger like ASCII character character mode readability, comparatively convenient when carrying out the little computing of data volume.The Binary mode is readable poor, but is convenient to transmission fast and storage, has also reduced the expense of data transaction in the input.
4) sampling condition is flexible
The requirement to sampled data is attacked in the binding energy component analysis, and this system can be provided with sampling parameter easily and fast.For example, the various parameters of cryptographic algorithm are set, expressly, key, mask etc., various modes is all supported in being provided with of every kind of parameter, and as generating at random, file reads etc., can select plaintext attack etc.Simultaneously, sampling is also supported the special time fragment that the specific cryptosystem algorithm is carried out is sampled, and for example the aes algorithm first round or row is obscured that operation is sampled etc.
5) support the plurality of target encryption device fast
As long as realized the encryption device that possesses serial communication interface (or realized target encryption device control protocol possess the usb communication interface) of target encryption device control protocol, but all fast integration advances native system.
Compared with prior art, good effect of the present invention is:
The present invention relates to energy leakage acquisition method and system, use this acquisition system the batch collection of automation ground to embed the energy consumption data of processing when certain specific cryptosystem algorithm of operation that decline towards encryption device.The data of utilizing the present invention to obtain can be used for that this cryptographic algorithm is carried out energy spectrometer and attack experiment, help to assess fast, accurately and efficiently the ability that anti-energy spectrometer that this cryptographic algorithm had on embedding declines the physics realization of handling is attacked.
Description of drawings
Fig. 1 overall system Organization Chart;
Fig. 2 integrated circuit board hardware structure diagram;
Fig. 3 target device internal state conversion sketch;
Fig. 4 software architecture diagram.
Embodiment
Simultaneously, command line mode can be used as tool software module fast integration and advances in other complicated energy analysis systems.Simultaneously, for the preset parameter of frequent execution and setting, can dispose easily through the XML file.
Below in conjunction with accompanying drawing the present invention is explained in further detail.
At first the concrete framework of introducing system and system's each several part connected mode are launched to describe to the detailed functions of various piece respectively then, introduce the whole system operation flow process at last.
Overall system is made up of target device, sampling server, sampling client and four parts of oscilloscope.General frame and connected mode are as shown in Figure 1.Target device is connected with the sampling server through serial ports; Oscilloscope is gathered the energy reveal information of target device through difference detector; Oscilloscope is gathered the triggering signal of target device through one group of ordinary ultrasonic probe simultaneously; Oscilloscope is connected through the TCP/IP network with the sampling server, and the sampling client is connected through the TCP/IP network with the sampling server.
Detailed functions
This trifle is with the design philosophy and the functional description of detailed introducing system each several part.
1) target device
The requirement of target device is the embedded chip with moved cryptographic algorithm of serial ports (or USB).The present invention chooses the STC89C58RD+ microprocessor of a C51 framework as the target flush bonding processor.A lot of Smart Card relevant devices all are based on this framework, and the disposal ability of its 8 bit processor can satisfy functional requirement, has simplified design and cost of manufacture again greatly, use very extensively in industrial circle at present.Academia also extensively adopts the benchmark of the microprocessor of 51 frameworks as the anti-energy spectrometer Attack Research of canonical algorithm, and the analysis result that therefore adopts this chip to obtain as target device has convincingness preferably.
With this processor is that the basic module of the hardware circuit integrated circuit board of core design comprises: the STC89C58RD+ microprocessor, based on the serial communication interface of SP3232EE serial ports control chip, trigger and the energy consumption measurement circuit part, and as shown in Figure 2.
The software section that moves on this target device mainly comprises following 3 modules:
■ serial port drive and protocol module
Serial port drive correctly drives serial ports, and the configuration suitable parameters makes its operate as normal.Be an order control protocol of supporting that elongated parameter is provided with on the serial port drive, be used for the controlled target encryption device and accomplish crypto-operation, transmit parameter etc.
The ■ chip control module
The order (with the byte form coding) that the sampling server that parsing is sent to by serial port drive and protocol module sends; Carry out corresponding operation, for example select cryptographic algorithm, be provided with expressly and key scheduling algorithm parameter; Triggered time and position are set, and the password for inquiry chip status etc.Usually after fill order, the result of command execution dressed up bag and give serial port drive according to protocol groups send back to host computer (being server).According to the chip controls order, produce the respective pin of triggering signal to chip simultaneously.Crypto chip internal operation state exchange is as shown in Figure 3.
The ■ algorithms library
The present invention at present supports rudimentary algorithms such as the AES 128, DES, 3DES, RSA 1024/2048, Ext stream cipher of standard.Algorithms library can move specific cryptographic algorithm etc. from being called by the chip control module and to carry out parameter with it mutual.Algorithms library is supported the additions and deletions cryptographic algorithm.
2) oscilloscope
The present invention need use a programmable digital oscilloscope, connects at network under the situation of configuration completion, can the data of oscilloscope collection be carried out the Local or Remote storage.Oscillographic concrete operation method needs to realize through the software programming interface.
The software section that moves on this oscilloscope mainly comprises following 3 modules:
■ oscilloscope link block
Based on the TCP/IP network, connect oscilloscope.
■ oscilloscope configuration module
Store and dispose some oscilloscope basic parameters, resolve the oscilloscope of also carrying out the transmission of sampling server and order, postback command response after the fill order and give the sampling server.The configuration item of supporting is mainly contained oscilloscope settings of sampling basically, and the for example configuration of each passage of oscilloscope, sampling trigger disposes storage depth and sample frequency etc.
The ■ data transmission module
This module can be set to two kinds of patterns: character pattern and byte mode.Character pattern readability is good, but data volume is big, and the Network Transmission expense is bigger.Byte mode is not readable, but data volume is little, and the Network Transmission expense is less.Byte mode can be selected encoding precision, and data can be encoded to 1 byte or 2 bytes.What adopt at present is the binary form of 2 bytes.
3) sampling server
The sampling server should be chosen one and have serial ports other interfaces such as (or) USB and the good main frame of network, through serial ports other interfaces such as (or) USB linking objective equipment, connects client and oscilloscope through network.The sampling server is tight alternately with the employing client, and with the form of software develop and field, its main software framework is as shown in Figure 4.
Software program in sampling server deploy mainly comprises following module:
■ XML Configuration Manager
Based on the parameter configuration management module of XML file, the configuration of the server self of can dynamically supporting to sample (like listening port number, string slogan, serial communication baud rate, connect oscillographic connection name and equipment code name etc.).
The ■ network connecting module
This module is monitored certain port (give tacit consent to 8888 ports, can make amendment through the XML configuration module) based on TCP/IP Socket.This module is responsible for setting up stable the connection with client, receives the order bag that client is sent, and will order bag to be forwarded to the command analysis module, and receive corresponding state and data response bag from the order parsing module, postbacks simultaneously to the sampling client.When a plurality of clients connected the sampling server simultaneously, this module need be ranked to the multi-client request, handled request according to the processing mode of formation.
■ command analysis module
Resolve the request and the processing of client.Client-requested is divided into three objects: crypto chip, oscilloscope and server self.Resolve different commands, and be sent to corresponding processing module (order of server self is directly handled) in this module, collect the respond packet of each module, in respond packet, add server response packet header, then it is delivered to network connecting module.
■ crypto chip control module
Mainly receive order to crypto chip from the order parsing module.The character style order of ASCII coding is decoded and is converted into the configurable parameter based on byte that crypto chip supports and transmit protocol streams, and is sent to crypto chip through the serial port drive program.Simultaneously, obtain the byte protocol streams that crypto chip postbacks, the character style of encoding with ASCII again after the parsing is assembled into respond packet.
■ oscilloscope control module
Mainly accept to oscillographic control or configuration order from the order parsing module.With the oscilloscope option and the parameter of needs configuration, recompile is the readable order of oscilloscope, is sent to oscilloscope and carries out.Oscilloscope executes simultaneously command execution results is returned to the sampling server.
4) sampling client
■ XML Configuration Manager
Based on the parameter configuration management module of XML file, but all the configurable attributes in the dynamic support program.Comprise all configurations (target algorithm of sampling like needs, expressly selection, expressly length, ciphertext length, key length, mask-length (if the words that have), expressly generating mode, clear text file path (if expressly the source is file), key source, key file path (if the key source is file), mask source (if the words that have), mask file path (if the mask source is file), Trace file format and the storing path of quantity, number of repetition, oscilloscope average time, trigger point) of sampling; Connect configuration (like the IP address and the port of sampling server) and oscilloscope configuration (like switching, side-play amount and the measuring range of each passage; Oscillographic storage depth, sample rate, average number and difference; Triggering source, trigger mode and triggering level; Energy mark acquisition channel, the storage and the transmission of energy mark data).
The ■ network connecting module
Based on the Socket of ICP/IP protocol programming standard, obtain the IP and the port numbers of server, the request of connecting from Configuration Manager.Can set up stable data with the sampling server and be connected, initiatively send the command request bag then, accept state and result data bag that server returns simultaneously to server.Network connecting module needs to set up stable the connection with the sampling server earlier usually, then target encryption device and oscilloscope is carried out reasonable and effective configuration, begins sampling then.
Data acquisition each time all need be passed through cryptographic parameter is set, and starts crypto chip and oscilloscope and triggers control, and trigger condition satisfies to be judged; Transfer of data; Remove operations such as oscilloscope trigger condition and crypto chip cryptographic parameter, this module cooperates closely with other modules, accomplishes the sampling task jointly.
The ■ command line interpreter
Accept the parameter of user, can customize some parameters (preserving form and path) like plaintext quantity, plaintext generating mode, plaintext length, key source, key file path (if the key source is a file), key length, mask-length (as if having), mask source (if having), mask file path (is file if mask is originated), ciphertext length, the selection of triggering signal, number of repetition, oscilloscope average time, execution algorithm, energy mark about sampling from the order line input.This parameter will override project identical in the XML configuration file, if some parameter is not provided with in order line, program then can read the configuration in the XML file.
■ sample command sequence generation module
Sample command sequence generation module is a nucleus module.It is a complete process that the energy mark is sampled; Need be according to the sample requirement of command line interpreter and XML configuration expression; Need to carry out sequence of operations; Convert each operation into corresponding crypto chip order and oscilloscope command sequence then, make crypto chip, oscilloscope, sampling server, sampling client four parts can accomplish sampling with the method for synchronization, and correctly preserve sampled data.
This module is accepted input from order line parsing module and XML configuration module, then the command sequence that produces is sent to mixed-media network modules mixed-media, and the result of data request command is transmitted to energy mark logging modle.Whole sampling process is exactly that this module is constantly called other modules, accomplishes the process of the order execution of command sequence.
This module mainly is responsible for the different sample demand is generated corresponding correct sample command sequence.
For example: gather the energy mark of an aes algorithm, need to generate command sequence like next series.
Configuration oscilloscope Channel1 is a signalling channel; Channel3 is a trigger port, and the configure trigger condition is sampled 1 time to the cryptographic calculation of plaintext, key configuration to each; Not averaging processing; Expressly length, key length, ciphertext length all are 16, and expressly, key is all from file, the Trace file format is MULTILINE (data of a sampled point of each row storage).
In the above-mentioned configuration information, the oscilloscope signal passage can be revised by the user in the XML configuration module voluntarily, and other configuration information user can be through making amendment at sampling client input command.
The user imports to order in client:
SCAClient.exe-r1-plainLength?16-keyLength?16-cipherLength?16-plain?FILE-plainfile?D:/plain.txt-key?FILE-keyfile?D:/key.txt-Trace?MULTILINE-root?D;/root
After the user pressed carriage return, command line interpreter began dissection process is carried out in the order of user's input immediately, and will send to sample command sequence generation module with the relevant configuration information of sampling; As in this example-r1 ,-plainLength 16 ,-keyLength 16;-cipherLength 16;-plain FILE ,-plainfile D:/plain.txt ,-key FILE and-keyfile D:/key.txt.Do not have sample information such as the storage depth and the sample frequency of configuration for the user, the sample command generation module receives the default configuration from the XML configuration module.Then, command sequence is handled and generated to the sample command generation module with the configuration information that receives, and then these command sequences sent to mixed-media network modules mixed-media.
■ energy mark logging modle
Mainly receive the energy mark data of binary form, be translated into the file format of appointment in the sampling configuration, preserve into file according to the path of parameter appointment from network connecting module.This module is supported multiple file format, according to file number branch, file of an energy mark is arranged, and many energy marks of once gathering all exist in the file; According to the document No. branch, the binary form of preserving energy mark mid point is arranged, and the readable form that saves as ASCII character.
Different files form purposes is different, can be provided with flexibly according to sample requirement.
Workflow
Correctly connect in system, and after having confirmed experimental program, just can begin to carry out the sampling of energy mark, in this process, internal system can be carried out following work (shown in arrow in the Figure of description 4):
1, the user is in client input command information; The order line resolver of client is resolved command information; And utilize corresponding order that XML configuration module, energy mark logging modle are provided with, utilize sample command sequence generation module to generate the sample command sequence simultaneously;
2, the sample command sequence that in 1, generates sends to the network connecting module of server end through the network connecting module of sampling client;
3, server end utilizes command analysis and Knockdown block that the sample command sequence that receives is resolved and handled.And the order that will be resolved to sends to corresponding processing module (order of server self is directly handled) in this module: crypto chip control module, oscilloscope control module.In different module, carry out follow-up processing.
4, after crypto chip control module and oscilloscope control module receive order, can carry out following processing:
After A, crypto chip control module receive order, with its decoding and be converted into the configurable parameter that crypto chip supports and transmit protocol streams, and send to crypto chip through the serial port drive program based on byte;
After B, oscilloscope control module receive order, it is decoded as the discernible order of oscilloscope and calls the corresponding API of Agilent IO Library oscillographic option and parameter are configured.
5, carry out corresponding work of treatment respectively by crypto chip and oscilloscope two parts in this step:
A, crypto chip are carried out order accordingly after receiving the control information from server end through serial port drive and protocol module, and the result of command execution is dressed up bag and transfers to the crypto chip control module that serial port drive sends back to server according to protocol groups;
B, carry out in the process of the corresponding command, can produce the relative trigger signal, can leak energy mark information simultaneously at crypto chip.Oscilloscope just can be sampled to the energy mark according to existing configuration.Through data transmission module and oscilloscope link block energy mark information is sent to the oscilloscope control module of server end then.
6, server end utilizes command analysis and Knockdown block in information packet, to add server response packet header energy mark information that receives and crypto chip execution result, sends it to the sampling client through network connecting module then.
7, the sampling client utilizes energy mark logging modle with the file format of the energy mark data conversion that receives for appointment in the sampling configuration, and preserves according to the path of parameter appointment.
When the sampling client receives the crypto chip execution result, show that an algorithm execution finishes in the crypto chip, execution result prints at terminal interface.
Claims (10)
1. the energy towards encryption device is revealed acquisition method, the steps include:
1) the sampling client is resolved the command information of input, generates the sample command sequence and sends it to the sampling server;
2) the sampling server is resolved the said sample command sequence of receiving; If the order that parses is the control command of crypto chip on the target device, then is converted into the control information that this crypto chip can discern and sends to this crypto chip; If the order that parses is oscillographic control command, then is converted into the control information that this oscilloscope can discern and sends to this oscilloscope;
3) said crypto chip is carried out the control information of receiving and is generated triggering signal; Then execution result is sent to the sampling server, said triggering signal is sent to said oscilloscope;
4) said oscilloscope is carried out the control information of receiving, and according to the said triggering signal of receiving said crypto chip is carried out the information gathering of energy mark;
5) said oscilloscope sends to the sampling server with the energy mark of gathering, and the sampling server sends to the sampling client with energy mark of receiving and said execution result.
2. the method for claim 1 is characterized in that said target device is provided with an energy consumption measurement circuit, and said oscilloscope is provided with difference detector; Said oscilloscope is gathered the energy that said energy consumption measurement circuit is surveyed through said difference detector.
3. the method for claim 1 is characterized in that said sampling server is connected through network or data wire with said sampling client; Said target device is connected through serial ports or USB interface with said sampling server.
4. like claim 1 or 2 or 3 described methods, it is characterized in that comprising in the command information of said input sampling configuration order, to said oscillographic sampling configuration order, to the sampling configuration order of said target device to said sampling server.
5. the energy towards encryption device is revealed acquisition system, it is characterized in that comprising target device, sampling client, sampling server, oscilloscope; Said sampling server is connected with said target device, said oscilloscope respectively through data wire, and said sampling server is connected with said sampling client through network or data wire; Said target device comprises a crypto chip, circuits for triggering that are connected with said crypto chip respectively and energy consumption measurement circuit, and said oscilloscope is provided with probe, is used to gather the energy mark of said target device; Wherein:
Said sampling client is used for the order of input is generated command sequence, and sends it to said sampling server;
Said sampling server is used to resolve the order that said sampling client is sent, if the order that parses is the control command of crypto chip on the target device, then is converted into the control information that this crypto chip can discern and sends to this crypto chip; If the order that parses is oscillographic control command, then is converted into the control information that this oscilloscope can discern and sends to this oscilloscope; And the said execution result that will receive and energy mark send to said sampling client;
Said target device comprises chip control module and algorithms library; Said chip control module is used to resolve the order of being sent by the sampling server, carry out corresponding operation and execution result is sent to said sampling server, and the triggering signal that said circuits for triggering are produced sends to said oscilloscope; Said algorithms library comprises some cryptographic algorithms;
Said oscilloscope is used to resolve and carry out the oscilloscope order that the sampling server sends; Postback command response after the fill order and give the sampling server, and said target device is carried out the collection of energy mark information and the energy mark of gathering is sent to said sampling server according to the said triggering signal of receiving.
6. system as claimed in claim 5 is characterized in that said sampling client receives the order of input through command line interpreter.
7. system as claimed in claim 6 is characterized in that comprising in the command information of said input sampling configuration order to said sampling server, to said oscillographic sampling configuration order, to the sampling configuration order of said target device.
8. system as claimed in claim 7 is characterized in that the configuration information of said sampling server comprises: listening port number, string slogan, serial communication baud rate, connect oscillographic connection name and equipment code name.
9. system as claimed in claim 5 is characterized in that said target device comprises that one supports the order control protocol that elongated parameter is provided with, and is used to receive the order control protocol of input, and the controlled target encryption device is accomplished crypto-operation, transmits parameter.
10. system as claimed in claim 5 is characterized in that said oscilloscope adopts character pattern or byte mode that the energy mark of gathering is sent to said sampling server.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2012100268571A CN102546150A (en) | 2012-02-07 | 2012-02-07 | Cryptographic-equipment-oriented energy leakage acquisition method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2012100268571A CN102546150A (en) | 2012-02-07 | 2012-02-07 | Cryptographic-equipment-oriented energy leakage acquisition method and system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN102546150A true CN102546150A (en) | 2012-07-04 |
Family
ID=46352173
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2012100268571A Pending CN102546150A (en) | 2012-02-07 | 2012-02-07 | Cryptographic-equipment-oriented energy leakage acquisition method and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102546150A (en) |
Cited By (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103516509A (en) * | 2013-10-24 | 2014-01-15 | 中国科学院信息工程研究所 | Segmented acquisition method and system for side information leakage aiming at password device |
| CN103903043A (en) * | 2012-12-24 | 2014-07-02 | 北京握奇数据系统有限公司 | Method and system for three-in-one smart card anti-side-channel-attack protection |
| CN104346545A (en) * | 2014-08-27 | 2015-02-11 | 北京中电华大电子设计有限责任公司 | Electromagnetic bypass signal acquisition device and method for USB (universal serial bus) Key |
| CN104572541A (en) * | 2013-10-10 | 2015-04-29 | 上海华虹集成电路有限责任公司 | System and method for acquiring running power consumption of USBKEY |
| CN105187197A (en) * | 2015-10-22 | 2015-12-23 | 成都芯安尤里卡信息科技有限公司 | Energy track extractor aiming at USB (Universal Serial Bus) Key |
| CN105205016A (en) * | 2015-10-22 | 2015-12-30 | 成都芯安尤里卡信息科技有限公司 | Instrument for extracting energy trace of CPU smart card |
| CN105737994A (en) * | 2016-03-02 | 2016-07-06 | 中国人民解放军军械工程学院 | Analysis and processing method for cipher chip light leakage acquisition noise |
| CN103888242B (en) * | 2014-03-31 | 2017-03-29 | 武汉大学 | A kind of intelligent cipher system towards side Multiple Channel Analysis |
| CN107959542A (en) * | 2017-11-30 | 2018-04-24 | 北京理工大学 | A kind of high-frequency electromagnetic signal processing module of Embedded chip security test and appraisal |
| CN112287354A (en) * | 2020-10-29 | 2021-01-29 | 天津津航计算技术研究所 | Bypass attack simulation system of password chip |
| CN112740217A (en) * | 2018-09-27 | 2021-04-30 | 赛灵思公司 | Cryptographic system |
| CN112866213A (en) * | 2021-01-04 | 2021-05-28 | 中国神华能源股份有限公司神朔铁路分公司 | Equipment monitoring data processing method, device and system |
| CN114062749A (en) * | 2021-11-02 | 2022-02-18 | 南京理工大学 | Multichannel bypass signal acquisition system |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1851666A (en) * | 2005-11-01 | 2006-10-25 | 华为技术有限公司 | Method and system for realizing software automatic test |
| CN101924600A (en) * | 2010-07-30 | 2010-12-22 | 中国科学院软件研究所 | Method for detecting capability of resisting energy analysis attacks of cryptographic module |
-
2012
- 2012-02-07 CN CN2012100268571A patent/CN102546150A/en active Pending
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1851666A (en) * | 2005-11-01 | 2006-10-25 | 华为技术有限公司 | Method and system for realizing software automatic test |
| CN101924600A (en) * | 2010-07-30 | 2010-12-22 | 中国科学院软件研究所 | Method for detecting capability of resisting energy analysis attacks of cryptographic module |
Non-Patent Citations (1)
| Title |
|---|
| 樊海锋: "FPGA密码芯片功耗分析攻击方法研究", 《中国优秀硕士学位论文全文数据库》 * |
Cited By (17)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103903043A (en) * | 2012-12-24 | 2014-07-02 | 北京握奇数据系统有限公司 | Method and system for three-in-one smart card anti-side-channel-attack protection |
| CN104572541A (en) * | 2013-10-10 | 2015-04-29 | 上海华虹集成电路有限责任公司 | System and method for acquiring running power consumption of USBKEY |
| CN104572541B (en) * | 2013-10-10 | 2017-09-29 | 上海华虹集成电路有限责任公司 | Gather the system and method that USBKEY runs power consumption |
| CN103516509A (en) * | 2013-10-24 | 2014-01-15 | 中国科学院信息工程研究所 | Segmented acquisition method and system for side information leakage aiming at password device |
| CN103516509B (en) * | 2013-10-24 | 2016-05-11 | 中国科学院信息工程研究所 | Side information leakage segmented acquisition approach and the system of cryptographic-equipment-oriented |
| CN103888242B (en) * | 2014-03-31 | 2017-03-29 | 武汉大学 | A kind of intelligent cipher system towards side Multiple Channel Analysis |
| CN104346545A (en) * | 2014-08-27 | 2015-02-11 | 北京中电华大电子设计有限责任公司 | Electromagnetic bypass signal acquisition device and method for USB (universal serial bus) Key |
| CN105187197A (en) * | 2015-10-22 | 2015-12-23 | 成都芯安尤里卡信息科技有限公司 | Energy track extractor aiming at USB (Universal Serial Bus) Key |
| CN105205016A (en) * | 2015-10-22 | 2015-12-30 | 成都芯安尤里卡信息科技有限公司 | Instrument for extracting energy trace of CPU smart card |
| CN105737994A (en) * | 2016-03-02 | 2016-07-06 | 中国人民解放军军械工程学院 | Analysis and processing method for cipher chip light leakage acquisition noise |
| CN105737994B (en) * | 2016-03-02 | 2018-07-31 | 中国人民解放军军械工程学院 | Crypto chip light reveals analysis and the processing method of acquisition noise |
| CN107959542A (en) * | 2017-11-30 | 2018-04-24 | 北京理工大学 | A kind of high-frequency electromagnetic signal processing module of Embedded chip security test and appraisal |
| CN112740217A (en) * | 2018-09-27 | 2021-04-30 | 赛灵思公司 | Cryptographic system |
| CN112740217B (en) * | 2018-09-27 | 2024-02-02 | 赛灵思公司 | Cryptographic system |
| CN112287354A (en) * | 2020-10-29 | 2021-01-29 | 天津津航计算技术研究所 | Bypass attack simulation system of password chip |
| CN112866213A (en) * | 2021-01-04 | 2021-05-28 | 中国神华能源股份有限公司神朔铁路分公司 | Equipment monitoring data processing method, device and system |
| CN114062749A (en) * | 2021-11-02 | 2022-02-18 | 南京理工大学 | Multichannel bypass signal acquisition system |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102546150A (en) | Cryptographic-equipment-oriented energy leakage acquisition method and system | |
| EP3501136B1 (en) | Method, transmitter, and receiver for authenticating and protecting the integrity of message contents | |
| CN104144419B (en) | Identity authentication method, device and system | |
| CN103516509B (en) | Side information leakage segmented acquisition approach and the system of cryptographic-equipment-oriented | |
| CA2592643A1 (en) | Methods and apparatuses for authentication and validation of computer-processable communications | |
| CN101605074A (en) | The method and system of communication behavioural characteristic monitoring wooden horse Network Based | |
| CN108400909A (en) | A kind of flow statistical method, device, terminal device and storage medium | |
| CN103746962B (en) | GOOSE electric real-time message encryption and decryption method | |
| RU2013126419A (en) | METHOD FOR PERFORMING A FINANCIAL TRANSACTION THROUGH UNPROTECTED COMMON USE COMMUNICATION INFRASTRUCTURE AND DEVICE FOR THIS | |
| CN107070926A (en) | A kind of structure and method that unified operation is carried out to electronic equipment | |
| CN111555872A (en) | Communication data processing method, device, computer system and storage medium | |
| CN102055582A (en) | Data processing device for field device | |
| CN110968882A (en) | IC card remote operation system and method | |
| US20120036355A1 (en) | Method and system for encrypting and decrypting transaction in power network | |
| CN102664904B (en) | Hidden file transfer service positioning method in passive mode | |
| CN108458724B (en) | Step counting method and device | |
| CN104935783B (en) | A kind of safe active distorted image detection method and device | |
| Ochôa et al. | Data transmission performance analysis with smart grid protocol and cryptography algorithms | |
| CN113225299A (en) | Multi-path distributed power data transmission method and system based on two-dimensional code | |
| CN104735094A (en) | Information separation based data security transmission system and method | |
| CN101552778A (en) | Construction method of attacker model in automatic detection of safety protocol | |
| CN203435022U (en) | Energy leakage acquisition platform for target smart card | |
| CN104836598B (en) | Method for processing business, apparatus and system based on near-field communication | |
| CN114363059A (en) | Attack identification method and device and related equipment | |
| CN110875852B (en) | System for automatically identifying network topology structure between devices |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C12 | Rejection of a patent application after its publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20120704 |