CN103049681B - A kind of anti-flight system and method based on anti-copying circuit - Google Patents
A kind of anti-flight system and method based on anti-copying circuit Download PDFInfo
- Publication number
- CN103049681B CN103049681B CN201210537534.9A CN201210537534A CN103049681B CN 103049681 B CN103049681 B CN 103049681B CN 201210537534 A CN201210537534 A CN 201210537534A CN 103049681 B CN103049681 B CN 103049681B
- Authority
- CN
- China
- Prior art keywords
- data
- uart
- embedded chip
- module
- copying circuit
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Abstract
The invention discloses a kind of anti-flight system and method based on anti-copying circuit, the anti-copying circuit that this system comprises embedded chip and is electrically connected with this embedded chip, described anti-copying circuit comprises microprocessor and the interrupt system that is connected with this microprocessor and encrypted transmission module; Described embedded chip is used for producing expressly random in not timing interruptions and sending to described anti-copying circuit, and this embedded chip expressly calculates standard ciphertext at random according to this simultaneously; This anti-copying circuit is interrupted for receiving this random plaintext and being produced by described interrupt system, and described encrypted transmission module is encrypted described random plaintext and the ciphertext after encryption is sent to described embedded chip; Described embedded chip is also for comparing the ciphertext after this encryption and standard ciphertext, if both are consistent, continues to perform the program in this embedded chip.The advantage that there is flexible design based on the anti-flight system and method for anti-copying circuit, be not easily cracked of the present invention.
Description
Technical field
The present invention relates to protect embedded electronic product illegally not cracked the device of clone; in particular to a kind of anti-flight system based on anti-copying circuit, there is the anti-copying circuit ensureing the effect of embedded electronic product copyright and the anti-flight system set up thus.
Background technology
The piracy of PCB software is the subject matter of puzzlement Software Industry development always, is commonly called as flight.So-called flight, being also clone or imitated, is carry out reverse engineering research to the pcb board designed; Definition brand-new at present: from the narrow sense, flight only refers to the extraction reduction of electron product circuit plate PCB file and utilizes file to carry out the process of circuit board clone; From broadly, flight not only comprises technical processes such as extracting circuit board file, circuit board is cloned, circuit board is imitated, and comprises all technical processes of the electronic product complete set clones such as dis-assembling that modify (namely changing plate) to circuit board file, copy, are decrypted, carry out the system software of electronic product the chip that circuit board has been encrypted or single-chip microcomputer all kinds of electronic devices and components on electron product circuit plate.Because this technology to be applied on the electronic product that copyright protected by lawless person, to seek profit by illegal others' product of clone that copies, very adverse influence has been served to the development of industry.
In recent years, along with PDA, palm PC, the information terminals such as Set Top Box come into the life of people gradually, embedded OS also as Windows for people know, along with the develop rapidly of ic core chip technology, design of electronic products industry is also more and more as computer industry, the hardware solution of a lot of product has become a kind of disclosed data, and in fact the core technology of product designer concentrates in embedded application software.So, in hardware technology ripe and disclosed today gradually, how to protect the design of product, the copyright of product, in fact changed into the protection to embedded application software.Along with the development of hacking technique and chip anatomy, the attack that electronic product embedded system faces also gets more and more, the reading of various debugging software is utilized to leave the scale-of-two BIN file of the inner ROM/EEPROM/FLASH of embedded system chip in, the copy completed code in embedded system chip that just can be simple, and then complete the illegal clone to the even whole product of whole PCB.
Embedded chip is inner generally has inner ROM/EEPROM/FLASH to deposit program for user.In order to prevent unauthorized access or copy chip program, most of embedded chip is all located or encrypted byte with encryption lock, with screening glass internal program.If encryption lock location is enabled (locking) when programming, just cannot directly read chip internal program with common programmable device, Here it is so-called Copy Protection lock function in other words.In fact, such safeguard measure is very fragile, is easy to be cracked.Assailant, by specialized equipment, utilizes the leak in chip design or software defect, by multiple technologies means, just can extract key message from chip, obtains embedded chip internal processes.
Anti-flight system popular on market mainly adopts the authentication of (between embedded chip and anti-copying circuit) between logical encrypt mode and simple contrast certification mode completion system.First kind of way normally adopts an EEPROM to add peripheral logical circuit, and carry out protection certification by simple logic authenticate password, protected effect is poor.The second way only carries out authentication when powering on between anti-copying circuit due to shielded embedded chip, and the data of transmission over communication lines are easily detected thus crack its proof procedure, causes its protected effect still not good.
Summary of the invention
The technical problem to be solved in the present invention is, for the above-mentioned defect of prior art, provides a kind of and not easily cracks, the anti-flight system and method based on anti-copying circuit of simplicity of design.
For achieving the above object, the adoptable technical scheme of the present invention is:
Based on an anti-flight system for anti-copying circuit, the anti-copying circuit that it comprises embedded chip and is electrically connected with this embedded chip, described anti-copying circuit comprises microprocessor and the interrupt system that is connected with this microprocessor and encrypted transmission module;
Described embedded chip is used for producing expressly random in not timing interruptions and sending to described anti-copying circuit, and this embedded chip expressly calculates standard ciphertext at random according to this simultaneously;
This anti-copying circuit is interrupted for receiving this random plaintext and being produced by described interrupt system, and described encrypted transmission module is encrypted described random plaintext and the ciphertext after encryption is sent to described embedded chip;
Described embedded chip is also for comparing the ciphertext after this encryption and standard ciphertext, if both are consistent, continues process data in this embedded chip.
An aspect according to the anti-flight system based on anti-copying circuit of the present invention: the microprocessor in described anti-copying circuit is also for the treatment of the partial data in described embedded chip.
An aspect according to the anti-flight system based on anti-copying circuit of the present invention: described anti-copying circuit also comprises the storage unit be connected with described microprocessor, this storage unit and described embedded chip storage area data respectively.
An aspect according to the anti-flight system based on anti-copying circuit of the present invention: described encrypting module is AES encryption module.
The present invention further provides a kind of anti-flight method based on anti-copying circuit, the method adopts anti-copying circuit to protect connected embedded chip, and it comprises the steps:
Shielded embedded chip produces expressly random in not timing interruptions and sends to anti-copying circuit, and this embedded chip calculates standard ciphertext according to this random plaintext simultaneously;
Described anti-copying circuit receives this random expressly and by interrupt system generation and interrupts, and to be encrypted and the ciphertext after encryption is sent to described embedded chip by encrypted transmission module to described random plaintext;
Ciphertext after this encryption and standard ciphertext compare by described embedded chip, if both are consistent, continue process data.
An aspect according to the anti-flight method based on anti-copying circuit of the present invention: the partial data in described embedded chip is stored in described anti-copying circuit.
An aspect according to the anti-flight method based on anti-copying circuit of the present invention: the partial data in described embedded chip is by described anti-copying processing of circuit.
An aspect according to the anti-flight method based on anti-copying circuit of the present invention: described encrypted transmission module adopts aes algorithm to be expressly encrypted random.
The encrypted transmission module of the anti-flight system of the present invention can complete random reception expressly, encryption, transmission voluntarily, and it is not only as independently IP, and can also directly be used by other circuit design, simplified design, improves design flexibility.Anti-flight system and method for the present invention not timing can carry out authentication; Complete the function of the not timing checking of many wheels, there is extremely strong dirigibility and very strong security.Adopt and traditional crack out the code in embedded type CPU and the mode adopting debugging method to skip contrast points is difficult to crack.
Will be appreciated that, the feature in the above each side of the present invention can independent assortment within the scope of the invention, as long as and not by the restriction of its order---the technical scheme after combination drops in connotation of the present invention.
Accompanying drawing explanation
Below in conjunction with drawings and Examples, the invention will be further described, in accompanying drawing:
Fig. 1 is the structural drawing of anti-copying circuit in anti-flight system of the present invention;
Fig. 2 is the fundamental diagram of the encrypted transmission module of anti-copying circuit in anti-flight system of the present invention;
Fig. 3 ~ 6 are the structural drawing of the encrypted transmission module of anti-copying circuit in anti-flight system of the present invention;
Fig. 7 is the circuit connecting relation figure of anti-flight system of the present invention;
Fig. 8 is the fundamental diagram of anti-flight system of the present invention;
Fig. 9 is the program execution flow of embedded chip in anti-flight system of the present invention;
Figure 10 is the modelsim simulation result figure of the encrypted transmission module of anti-copying circuit in the present invention.
Embodiment
Below in conjunction with the drawings and specific embodiments, illustrate the present invention further, these embodiments should be understood only be not used in for illustration of the present invention and limit the scope of the invention, after reading this disclosure, the amendment of those skilled in the art to the various equivalent form of value of the present invention all falls within the claim limited range of the application.
RIJNDAEL is a kind of block cipher also known as AES (advanced encryption standard), its block length and key length separate, can change.Its software and hardware is to the strong adaptability of computing environment, and stable performance, the Key Establishing time is excellent, and key dirigibility is strong.Storage demand amount is low, also has good performance even if use at the environment of limited space, and high cracks the excellent selection that difficulty becomes cryptographic algorithm in anti-copying circuit with it.
Fig. 1 is the structural drawing of anti-copying circuit in anti-flight system of the present invention.The embedded microprocessor of circuit, such as 8051CPU, is communicated with the embedded chip in system by UART and Parallel I/O.
8051CPU is one of core component in anti-copying circuit, 8 bit data width, is responsible for controlling, command and dispatch the work that whole cellular system is coordinated.When embedded chip needs and anti-copying circuit carries out data interaction, embedded chip passes through I/O transfer control signal to anti-copying circuit, after the CPU of anti-copying circuit detects control signal, judge that control signal needs to read data or executive routine, program and the data of the different address spaces be stored in expansion ROM are read according to the difference of control signal, directly by Parallel I/O, result is returned to embedded chip after bearing results by Parallel I/O return data or working procedure, complete data interaction.
Anti-copying circuit has carried out the subregion of some sections to the address of expansion ROM, different programs and data can be write in the different address partition of ROM according to subregion by user, thus corresponding reading command can be configured when embedded chip needs calling data or program to the CPU of anti-copying circuit, identifying for CPU needs the program called in which sector address in ROM to perform or data in which sector address transmit.
The control program programming of anti-copying circuit, in FLSAH, comprises the reading for I/O control signal and identification, to the reading of outside expansion ROM internal program and execution and interrupt routine.
Anti-copying circuit includes the extension storage unit of 64K, and a part of significant data can be stored in anti-copying circuit by user, from wherein transferring when needs, or the subprogram in product software is downloaded in anti-copying circuit and performs.The process of called data and executive routine as above.
Anti-copying circuit and embedded chip complete authentication by UART interface.The signal start bit (starting to carry out authentication) on communication line detected as the UART receiving end RXD of anti-copying circuit, interrupt system just produces interrupt notification CPU and stops current operation, preferentially completes authentication link.Encrypted transmission module independently completes encryption and ciphertext transmission afterwards, and after authentication completes, zone bit is dragged down the breakpoint before notice master routine is got back to by encrypted transmission module, and the operation in CPU continues to perform.Encrypted transmission module rear describes in detail.
Fig. 2 is the fundamental diagram of the encrypted transmission module of anti-copying circuit of the present invention.This module is to complete anti-copying circuit by UART to 128 random receptions expressly, AES encryption also returns the function of encrypted result and custom-designed circuit module, so this encrypted transmission module is by two sub-module composition-AES encryption modules and UART module by UART.How to complete one by encrypted transmission module to take turns checking below between the shielded embedded chip of our detailed description and anti-copying circuit:
1). shielded embedded chip part
1. embedded chip produces 128 random plaintexts in startup or not timing interruptions, and sends to anti-copying circuit by UART, and embedded chip employing simultaneously and anti-copying circuit identical algorithms are to being expressly encrypted after generation standard ciphertext for comparing.
2. after, embedded chip Program continues to perform, and waits for that the enciphered data of anti-copying circuit returns.
3. produce receive interruption when embedded chip receives when anti-copying circuit transmits by UART the data returned, enter interrupt service routine.
4. the standard ciphertext that embedded chip generates before calling in interrupt service routine compares with the return data received, if unanimously, then embedded chip Program continues to perform, if inconsistent, program determination runs, and so far one-time authentication completes.
2). anti-copying circuit part
1. after anti-copying circuit initializes, wait for that the random plaintext of 128 sends over by embedded chip.
2. when the signal start bit of UART receiving end being detected, start to receive expressly, interrupt system produces and interrupts producing to CPU interrupting simultaneously, enters interrupt service routine.
3. complete the reception of 128 plaintexts in interrupt service routine, and utilize the key being stored in its inside through row cryptographic operation, and return to the ciphertext after embedded chip encryption.
4. return ciphertext complete after encrypted transmission module zone bit signal is dragged down, notice master routine get back to before breakpoint, CPU Program continue perform, one takes turns checking completes.
Fig. 3-6 is the structural drawing of encrypted transmission module in anti-copying circuit of the present invention.
Encrypted transmission module is divided into two submodules-UART module (for receiving the plaintext that embedded chip sends, and returning the ciphertext after encryption to embedded chip); AES module (to form ciphertext etc. to AES encryption expressly to be transmitted for completing).UART module comprises uart_rx, uart_tx.
1) .uart_rx is the receiver module of UART, comprises detect.v, speed_select.v, uart_rx_c tri-functional modules.
1. the input of .detect.v is connected to serial input pin rs232_rx, and it mainly detects the 0th of frame data, namely start bit, then produces a high impulse neg_rs232_rx to uart_rx_c.v, to represent that a frame data reception job starts.
2. .speed_select.v is the functional module producing baud rate timing, namely configures the module of baud rate.When reception data start, main control module uart_rx_c.v draws high bps_start, and speed_select.v is that uart_rx_c.v carries out timing through clk_bps.
3. .uart_rx_c.v is kernel control module.To the data of the configuration of serial ports mainly 1 frame 10, pay close attention to eight bit data position, ignore start bit and stop bit, do not establish check bit.When neg_rs232_rx draws high, this module is just started working, data from rx232_rx will be gathered, in time completing 128 bit data and receive, rx_int will be dragged down, show that receiver module has completed the reception of 128 data, and receive 128 plaintext rx_data are flowed to next module.
2) .AES module completes the AES encryption to 128 plaintexts, generating ciphertext.AES module receives 128 plaintexts that uart_rx transmission comes, and (shows to finish receiving) to start encryption when rx_int signal drags down, and has encrypted and done signal is drawn high level, shown that encryption completes, and ciphertext tx_data is transferred to uart_tx.
1.. when load signal effective (high level), AES encryption module is loaded into 128 expressly rx_data [127:0], and cipher key expansion module starts to carry out serial mathematical operation to initial key simultaneously, produces the dynatron key that 10 take turns 128, encryption beginning.
2.. the process of encryption is carried out according to the round function shown in Fig. 7, according to the difference of the pattern preset and key length, the plaintext read in, key carried out successively to the interative computation of Nr wheel.Therebetween, counter can control, and carries out computing to often taking turns required correct key.Here set a counter dcnt, for the key of 128 bit lengths, make the initial value of dcnt be 11, often carry out the choosing generation of taking turns, dcnt subtracts I.The key register expanded, according to the value of counter dcnt, is selected suitable key to participate in choosing for computing, is reduced to 0, then show that encryption completes to dcnt.
3.. when having encrypted there is the rising edge of a clock period in done signal, tells that sending module ciphertext tx_data [127:0] below is ready to.
3) .uart_tx is the receiver module of UART, comprises detect.v, speed_select.v, uart_rx_c.v tri-functional modules.
Speed_select.v is the function as " regularly " equally.When bps_start draws low level time, it is the state being in sleep.Once bps_start draws high level, so speed_select.v just starts counting.Then timing produces a high impulse through clk_bps to uart_tx_c.v.
Uart_tx_c.v control module is a part for core the most, when done draws high level, simultaneously tx_en also draw high level (show to send and start) simultaneously speed_select.v also can start counting.Uart_tx_c.v is by the value of tx_data, and the timing produced by speed_select.v, rhythmical past rs232_tx sends.After 128 plaintexts are sent, just drag down zone bit tx_en(show ciphertext send terminate), notice master routine get back to before breakpoint, CPU Program continue perform.
Fig. 7 is the circuit connecting relation figure of anti-flight system of the present invention.Comprise shielded embedded chip and anti-copying circuit two parts in anti-flight system, two parts are connected with Parallel I/O by UART.UART transmitting and receiving terminal TXD with RXD of embedded chip is connected respectively with RXD with TXD of anti-copying circuit, completes authentication link; The transmission of control signal and the mutual of data is completed by Parallel I/O.Complete embedded software code and some interface routines have been divided into two parts---Code1 and Code2 leaves in embedded chip and anti-copying circuit respectively.Wherein Code2 be user download to anti-copying circuit extend out subprogram in ROM and data, anti-copying circuit is used as the extended memory of embedded chip and coprocessor, and both form whole anti-flight system jointly.
Fig. 8 is the fundamental diagram of anti-flight system of the present invention.How elaborate anti-copying circuit below in conjunction with fundamental diagram protects embedded product to be difficult to be copied illegally:
1). anti-copying circuit is connected with embedded chip with Parallel I/O by UART in encrypted transmission module.
The plaintext that encrypted transmission module is transmitted by UART reception embedded chip, encrypts it and gained ciphertext is returned to embedded chip, for completing cryptographic authentication process.
Anti-copying circuit is connected with embedded chip by Parallel I/O, can use as extended memory and coprocessor.A part of data in program or code can download in anti-copying circuit and run by Software for Design business, and the data of passback needs and operation result.
Common anti-copying circuit carries out the communication authentication of embedded chip and anti-copying circuit often at the initial stage of powering on, consider the deficiency of this mode, the anti-copying circuit in the present invention adopts the method for many wheel not timing checkings to carry out the communication authentication of same embedded chip.Described in detail one embodiment of taking turns checking above, and user (Embedded Software Design business) can utilize Interruption and random timing sequence jointly to produce the interruption of not timing, in each interruption, produce the random plaintext of 128 and encrypt, thus carry out such one and take turns checking, what form not timing takes turns checking more.
Embedded chip in anti-flight system produces 128 random plaintexts when checking link starts.In order to the expense of the random expressly and not adding users (embedded electronic product developer) of easy generation, adopt in the present invention software approach produce in embedded chip random expressly: utilize in java standard library <stdlib> and provide two and help to generate the function of pseudo random numbers and adopt current time as initialization seed, the good pseudo-random sequence of randomness can be generated easily.
2). by the connected mode introduced above in conjunction with design concept of the present invention:
Anti-copying circuit uses as coprocessor, and storage inside a part of data in embedded product software program or code becomes, thus anti-copying circuit has been called embedded electronic product " part ".Even if the code like this in embedded chip is obtained by lawless person, because its code is incomplete, when not having corresponding anti-copying circuit, copying of embedded electronic product still cannot complete.
What anti-copying circuit carried out not timing with shielded embedded chip takes turns checking more, if anti-copying circuit lacks, such as lawless person replicates the PCB of electronic product, the kernel firmware even in storer, but due to the anti-copying circuit of Corresponding matching cannot be obtained, cause the embedded chip in electronic product not work because anti-copying circuit lacks thus cannot complete checking link; If key is inconsistent with the key in embedded chip in anti-copying circuit, such as lawless person obtains anti-copying circuit by certain channel, but the chip keys in the product of clone cannot be known, even if replicate product, because key does not mate, the embedded chip in product can not normally work; Only have user to buy anti-copying circuit, know key in chip and oneself configure the same key in the product product just can be made normally to work.
The protection of anti-copying circuit the present invention is ensure that from above two angles.
Fig. 9 is the program execution flow of embedded chip in anti-flight system of the present invention.Here borrow the program execution flow of embedded chip to illustrate to build anti-flight system, embedded chip needs extra to add which program, and how these programs combine with the program of itself.
1). be first authentication link.Embedded chip unloading phase carry out authentication with anti-copying circuit, the mode of interrupting with random timing (not timing) in program process afterwards carries out the authentication of many wheels.
There is provided random number generation function (for generating the timing in expressly random and random Interruption) by us, user configures timer and utilizes random number generation function to complete the generation of random Interruption in embedded software program.
Random Interruption produces, expressly random by generation, send expressly random and utilize the random complete interrupt handling routine expressly carrying out this three step of program composition of AES encryption to be provided by us, as long as the interrupt mechanism that user utilizes embedded chip to provide configures interrupt vector number.
When anti-copying circuit returns the ciphertext of having encrypted, the UART receiving end of embedded chip produces receive interruption, and is compared by 128 plaintexts to 128 ciphertexts and oneself encryption generation before received in the handling procedure that breaks in the reception.The program of receive interruption and ciphertext comparison is all provided by us, as long as the interrupt vector number program we provided that user configures receive interruption is embedded in corresponding interrupt handling routine.
2). be secondly the reading to downloading to anti-copying circuit Program and data.We have carried out subregion to the address of the expansion ROM of anti-copying circuit, facilitate user to download in different address partition by different programs and data, are also convenient to reading below.As long as the distinct program and different pieces of information programming that need to be downloaded into anti-copying circuit complete according to the subregion of ROM by user, then send different control signals to anti-copying circuit (corresponding relation of control signal difference and ROM subregion can be supplied to user) when needs call by Parallel I/O, returning and the reading of data of the program execution result of needs can be completed.
Can be found by above introduction, in order to build anti-flight system, the overhead that embedded software needs is very little, this part expense does not need burden for users substantially simultaneously, the program segment that the integrated level that user only needs adding portion in software to be provided by us is very high, or do and a bit simply configure.
Figure 10 is the modelsim simulation result figure of the encrypted transmission module of anti-copying circuit in the present invention.In figure, rs232_rx representative inputs the digital waveform of 128 plaintext correspondences of encrypted transmission module, and rx_data is 128 input plaintexts under 16 corresponding systems.The ciphertext waveform that rs232_tx representative completes from 128 bit encryptions that encrypted transmission module exports, tx_data is 128 output ciphertexts under 16 corresponding systems.Plaintext and the key of input are that we are set in test file in advance, adopt AES software to carry out testing the correctness that can prove encrypted transmission modular design of the present invention to the ciphertext exported.
In a word; the present invention adopts the contrast certification mode of improvement; adopt UART(Universal Asynchronous Receive/dispensing device between shielded embedded chip and anti-copying circuit) carry out authentication, transmission over communication lines be the random plaintext of 128 and the ciphertext of having encrypted.Embedded chip produces, send 128 random expressly adopts aes algorithm to encrypt it to anti-copying circuit, contrasts subsequently with the same encrypted result adopting the anti-copying circuit of AES encryption to return back embedded chip, and unanimously then title one is taken turns and is proved to be successful.Embedded chip and anti-copying circuit corresponding in the form of a key, only have anti-copying circuit that double secret key should be consistent and embedded chip group just may be proved to be successful in coded communication checking.For strengthening anti-copying performance, embedded chip not only carries out authentication at power up phase with anti-copying circuit, but employing program performs crucial moment or adopt randomizer to coordinate the mode of Interruption to verify, thus realize the not timing accidental validation of many wheels, improve anti-copying performance.
In some embodiments of the invention, anti-copying circuit adopts embedded 8051 processors, and inside provides storage space to can be used as user's growth data storer, deposits key character data.A part of data in program or code can download in anti-copying circuit and run by Software for Design business, and the data of passback needs and operation result, thus make anti-copying circuit stronger with the Corresponding matching of embedded chip, even combine together, ensure the safety of embedded electronic product with its indispensable property, substantially stop the possibility cracking clone.
In some embodiments of the invention, encrypted transmission circuit module is integrated with AES encryption circuit and UART circuit, can complete the reception of 128 plaintexts, encryption, transmission voluntarily.This encrypted transmission circuit module uses as complete independently IP kernel, just can from the comparison process data of output terminal being sent to embedded chip and carrying out below after clear data being connected to the input end of encrypted transmission circuit module.This independently IP kernel can also directly be used by other circuit design, simplify design, improve design flexibility.
Compared with the prior art in background, system and method for the present invention has following advantage:
Embedded chip generates 128 random plaintexts and sends and encrypt, the data real-time change of transmission over communication lines, even if adopt the mode of traditional monitoring communication line cannot crack authentication link.
Embedded chip utilizes software approach to generate random number sequence, as the timing of several times Interruption, in interrupt service routine, carries out authentication with anti-copying circuit; Matching embedded type software program performs the authentication at crucial moment simultaneously, completes the function of the not timing checking of many wheels, has extremely strong dirigibility and very strong security.Adopt and traditional crack out the code in embedded type CPU and the mode adopting debugging method to skip contrast points is difficult to crack protection of the present invention.
Adopt AES encryption means, rely on the security that aes algorithm is extremely strong, even if the communication line of embedded chip and anti-copying circuit is detected, know plaintext and the ciphertext of taking turns checking that circuit transmits, lawless person also cannot know key corresponding consistent in two chips, thus cannot crack encrypted authentication link.
Anti-copying circuit built-in with CPU and storage space, the Software for Design business of embedded electronic product can by a part of significant data even code download in anti-copying circuit and preserve or perform, anti-copying circuit is become embedded electronic product " part ".Even if the code like this in embedded chip is obtained by lawless person, due to the imperfection of its code, the cracking or cannot complete of embedded electronic product.
Claims (4)
1. the anti-flight system based on anti-copying circuit, it is characterized in that: the anti-copying circuit that it comprises embedded chip and is electrically connected with this embedded chip, described anti-copying circuit comprises microprocessor and the interrupt system that is connected with this microprocessor and encrypted transmission module;
When embedded chip needs and anti-copying circuit carries out data interaction, embedded chip passes through I/O transfer control signal to anti-copying circuit, after the CPU of anti-copying circuit detects control signal, judge that control signal needs to read data or executive routine, program and the data of the different address spaces be stored in expansion ROM are read according to the difference of control signal, directly by Parallel I/O, result is returned to embedded chip after bearing results by Parallel I/O return data or working procedure, complete data interaction;
Anti-copying circuit has carried out the subregion of some sections to the address of expansion ROM, different programs and data can be write in the different address partition of ROM according to subregion by user, thus corresponding reading command can be configured when embedded chip needs calling data or program to the CPU of anti-copying circuit, identifying for CPU needs the program called in which sector address in ROM to perform or data in which sector address transmit;
Described embedded chip is used for producing 128 random plaintexts in startup or not timing interruptions, and sending to anti-copying circuit by UART, embedded chip employing simultaneously and anti-copying circuit identical algorithms are to being expressly encrypted after generation standard ciphertext for comparing; Embedded chip Program continues to perform afterwards, waits for that the enciphered data of anti-copying circuit returns; Produce receive interruption when embedded chip receives when anti-copying circuit transmits by UART the data returned, enter interrupt service routine; The standard ciphertext generated before embedded chip calls in interrupt service routine compares with the return data received, if unanimously, then embedded chip Program continues to perform, if inconsistent, program determination runs, and so far one-time authentication completes;
This anti-copying circuit waits for that the random plaintext of 128 sends over by embedded chip after being used for initialization; When the signal start bit of UART receiving end being detected, start to receive expressly, interrupt system produces and interrupts producing to CPU interrupting simultaneously, enters interrupt service routine; Complete the reception of 128 plaintexts in interrupt service routine, and utilize the key being stored in its inside through row cryptographic operation, and return to the ciphertext after embedded chip encryption; Return ciphertext complete after encrypted transmission module zone bit signal is dragged down, notice master routine get back to before breakpoint, CPU Program continue perform, one takes turns checking completes;
Described encrypted transmission module is divided into two submodules:
UART module, for receiving the plaintext that embedded chip sends, and returns to embedded chip by the ciphertext after encryption; AES module, for completing, to form ciphertext etc. to AES encryption expressly to be transmitted,
Wherein UART module comprises uart_rx and uart_tx, and described uart_rx is the receiver module of UART, comprises detect.v, speed_select.v and uart_rx_c tri-functional modules;
The input of described detect.v is connected to serial input pin rs232_rx, for detecting the 0th of frame data, namely start bit, then produces a high impulse neg_rs232_rx to uart_rx_c.v, to represent that a frame data reception job starts;
Described speed_select.v is the functional module producing baud rate timing, namely configure the module of baud rate, when reception data start, main control module uart_rx_c.v draws high bps_start, and speed_select.v is that uart_rx_c.v carries out timing through clk_bps;
Described uart_rx_c.v is kernel control module, to the data of the configuration of serial ports mainly 1 frame 10, pays close attention to eight bit data position, ignores start bit and stop bit, do not establish check bit; When neg_rs232_rx draws high, this module is just started working, data from rx232_rx will be gathered, in time completing 128 bit data and receive, rx_int will be dragged down, show that receiver module has completed the reception of 128 data, and receive 128 plaintext rx_data are flowed to next module;
Described uart_tx is the sending module of UART, comprises detect.v, speed_select.v and uart_rx_c.v tri-functional modules;
Described speed_select.v is as the functional module of timing, and when bps_start draws low level time, it is the state being in sleep; Once bps_start draws high level, speed_select.v just starts counting, and then timing produces a high impulse through clk_bps to uart_tx_c.v;
Described uart_tx_c.v control module is core, when done draws high level, tx_en also draws high level simultaneously, and speed_select.v also can start counting simultaneously, uart_tx_c.v is by the value of tx_data, by the timing that speed_select.v produces, rhythmical toward rs232_tx transmission, after 128 plaintexts are sent, just drag down zone bit tx_en, show ciphertext send terminate, notice master routine get back to before breakpoint, CPU Program continue perform;
Described AES module is for completing the AES encryption to 128 plaintexts, generating ciphertext, AES module receives 128 plaintexts that uart_rx transmission comes, when rx_int signal drags down, show to finish receiving, start encryption, encrypted and done signal is drawn high level, show that encryption completes, and ciphertext tx_data is transferred to uart_tx;
When load signal is effective, AES encryption module is loaded into 128 expressly rx_data [127:0], and cipher key expansion module starts to carry out serial mathematical operation to initial key simultaneously, and produce the dynatron key that 10 take turns 128, encryption starts;
According to the difference of the pattern preset and key length, the plaintext read in, key are carried out successively to the interative computation of N wheel, therebetween, counter can control, and carrying out computing, setting a counter dcnt to often taking turns required correct key, for the key of 128 bit lengths, make the initial value of dcnt be 11, often carry out the choosing generation of taking turns, dcnt subtracts 1, the key register expanded is according to the value of counter dcnt, select suitable key to participate in choosing for computing, reduce to 0 to dcnt, then show that encryption completes;
When having encrypted there is the rising edge of a clock period in done signal, tells that sending module ciphertext tx_data [127:0] below is ready to.
2. the anti-flight system based on anti-copying circuit according to claim 1, is characterized in that: the microprocessor in described anti-copying circuit is also for the treatment of the partial data in described embedded chip.
3. the anti-flight system based on anti-copying circuit according to claim 1 and 2, is characterized in that: described anti-copying circuit also comprises the storage unit be connected with described microprocessor, this storage unit and described embedded chip storage area data respectively.
4. the anti-flight system based on anti-copying circuit according to claim 1 and 2, is characterized in that: described encrypting module is AES encryption module.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210537534.9A CN103049681B (en) | 2012-12-13 | 2012-12-13 | A kind of anti-flight system and method based on anti-copying circuit |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210537534.9A CN103049681B (en) | 2012-12-13 | 2012-12-13 | A kind of anti-flight system and method based on anti-copying circuit |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN103049681A CN103049681A (en) | 2013-04-17 |
| CN103049681B true CN103049681B (en) | 2016-01-06 |
Family
ID=48062315
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201210537534.9A Active CN103049681B (en) | 2012-12-13 | 2012-12-13 | A kind of anti-flight system and method based on anti-copying circuit |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103049681B (en) |
Families Citing this family (14)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103440451A (en) * | 2013-07-23 | 2013-12-11 | 福州福大海矽集成电路有限公司 | Electronic system authentication chip based on DES (data encryption standard) |
| CN103491439A (en) * | 2013-09-18 | 2014-01-01 | 深圳市九洲电器有限公司 | Set top box protection method and system, set top box and encryption device |
| CN104573567B (en) * | 2013-10-17 | 2017-11-10 | 联芯科技有限公司 | Chip programming encryption protecting method and its system |
| CN103824005A (en) * | 2014-03-11 | 2014-05-28 | 东南大学 | Anti-copying system embedded with configurable IP core and anti-copying method |
| CN105095780B (en) * | 2014-05-08 | 2019-08-16 | 国民技术股份有限公司 | The access method and device of test port in a kind of chip |
| CN104318188B (en) * | 2014-10-11 | 2017-07-04 | 中国航天科工集团第三研究院第八三五七研究所 | A kind of anti-plagiarism SIP chips |
| CN105117664A (en) * | 2015-07-31 | 2015-12-02 | 成都亿信标准认证集团有限公司 | Anti-duplication data storage apparatus |
| CN105117659A (en) * | 2015-07-31 | 2015-12-02 | 成都亿信标准认证集团有限公司 | Anti-copying monitoring method used for data storage device |
| CN105488435A (en) * | 2015-11-30 | 2016-04-13 | 南京南瑞继保电气有限公司 | Anti-attack method for embedded system serial port terminal |
| CN105512574B (en) * | 2015-12-08 | 2019-01-04 | 李灵超 | The anti-shovelling plate encryption method and device of electronic product |
| CN105825096A (en) * | 2016-03-11 | 2016-08-03 | 合肥联宝信息技术有限公司 | Startup control method, computer equipment and server |
| CN106533653A (en) * | 2016-08-22 | 2017-03-22 | 深圳市华曦达科技股份有限公司 | Encrypted chip, encryption method and encryption system |
| CN107451480A (en) * | 2017-07-21 | 2017-12-08 | 山东华芯半导体有限公司 | A kind of encrypted partition access method based on unidirectional 4-Way Handshake |
| CN108733987A (en) * | 2018-04-12 | 2018-11-02 | 惠州市源医科技有限公司 | A kind of encryption method and device of the binary object file based on embedded device |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1677383A (en) * | 2005-01-21 | 2005-10-05 | 深圳市致芯微电子有限公司 | Encryption chip, CPU program encryption method using said chip and system thereof |
| CN101841411A (en) * | 2005-10-28 | 2010-09-22 | 北京书生数字技术有限公司 | Data resource anti-copying encrypted transmission method and device system |
| CN102567671A (en) * | 2011-12-30 | 2012-07-11 | 大连捷成实业发展有限公司 | Encryption system and encryption method for field-programmable gate array (FPGA) configuration data |
-
2012
- 2012-12-13 CN CN201210537534.9A patent/CN103049681B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1677383A (en) * | 2005-01-21 | 2005-10-05 | 深圳市致芯微电子有限公司 | Encryption chip, CPU program encryption method using said chip and system thereof |
| CN101841411A (en) * | 2005-10-28 | 2010-09-22 | 北京书生数字技术有限公司 | Data resource anti-copying encrypted transmission method and device system |
| CN102567671A (en) * | 2011-12-30 | 2012-07-11 | 大连捷成实业发展有限公司 | Encryption system and encryption method for field-programmable gate array (FPGA) configuration data |
Non-Patent Citations (1)
| Title |
|---|
| KEELOQ加密算法在硬件加密中的应用;李罗;《计算机技术》;20060930(第9期);第42-57页 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN103049681A (en) | 2013-04-17 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103049681B (en) | A kind of anti-flight system and method based on anti-copying circuit | |
| US8732468B2 (en) | Protecting hardware circuit design by secret sharing | |
| US8631247B2 (en) | System and method for hardware based security | |
| CN101854243B (en) | Circuit system design encryption circuit and encryption method thereof | |
| CN100452075C (en) | Security control methods for date transmission process of software protection device and device thereof | |
| US20130086385A1 (en) | System and Method for Providing Hardware-Based Security | |
| US9166800B2 (en) | Authentication method, authentication system, and authentication chip using common key cryptography | |
| WO2014105310A1 (en) | Device authentication using a physically unclonable functions based key generation system | |
| SG177597A1 (en) | System and method for performing serialization of devices | |
| CN101997834A (en) | Device for supporting high-performance safety protocol | |
| US8688983B2 (en) | Data transmission method using an acknowledgement code comprising hidden authentication bits | |
| CN104463026B (en) | A kind of system and method for the anti-flight of hardware | |
| CN102014015B (en) | Self-checking method of intelligent secret key equipment | |
| CN109033895B (en) | Lightweight authentication system based on improved DAPUF circuit | |
| CN109104724A (en) | A kind of data ciphering method and device for device upgrade | |
| JP2018523439A (en) | Authentication system, authentication method, IP license system for hardware module | |
| CN111783078A (en) | Android platform security chip control system | |
| US9641339B2 (en) | System and method for authentication for field replaceable units | |
| Roy et al. | Protecting bus-based hardware IP by secret sharing | |
| KR102543267B1 (en) | Method and apparatus for white box cryptography | |
| Sami et al. | Poca: First power-on chip authentication in untrusted foundry and assembly | |
| CN109194467A (en) | A kind of safe transmission method and system of encryption data | |
| CN107872311A (en) | A kind of power transmission and distribution Internet of Things wireless communications method | |
| CN105022651A (en) | Anti-piratic method in equipment production process and firmware burning device | |
| CN101290648B (en) | Method for remotely verifying legal copy of software |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant |