CN104408509A - A device for improving security initiation of sensitive operation of chip of smart card - Google Patents
A device for improving security initiation of sensitive operation of chip of smart card Download PDFInfo
- Publication number
- CN104408509A CN104408509A CN201410427111.0A CN201410427111A CN104408509A CN 104408509 A CN104408509 A CN 104408509A CN 201410427111 A CN201410427111 A CN 201410427111A CN 104408509 A CN104408509 A CN 104408509A
- Authority
- CN
- China
- Prior art keywords
- sensitive operation
- register
- safeguard protection
- chip
- signal
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Landscapes
- Storage Device Security (AREA)
Abstract
The present invention relates to a device for improving security initiation of a sensitive operation of a chip of a smart card. A set of security protection registers is disposed on hardware of the chip. When software initiates a sensitive hardware operation to be protected, the security protection registers are set in order on a branch of the software, and the sensitive hardware operation cannot be initiated until all of the security protection registers are set. The method of the present invention can effectively protect the sensitive operation of the chip.
Description
Technical field
The invention belongs to the reliability field of integrated circuit (IC) chip, be specifically related to chip run in the presence of a harsh environment in power supply there is the reliability of unstable timing chip.
Background technology
Along with informationalized development, smart card has engendered in the life of people as the daily modes of payments, be applied in the every aspect in people's life, its reliabilities such as such as bank card, transportation card, Mobile phone card have become the problem that people are concerned about very much, reflecting the features such as the permanance of a product, non-fault, validity and its usage economy, is the important quality index of of product.
In the application of smart card, there are some severe applied environments or under attack, the power supply of interference to card that such as card reader is subject to electric power system causes interference, if the Robust Design of card is good not, the impact of electricity meeting on damaging property of card under such circumstances, causes sensitive information leakage in the interior loss of vital data of card or impact card, error in operation.
Along with semiconductor fabrication process is to the development in nanometer direction, chip internal logical device operating voltage becomes more and more lower, how the phenomenon of also makeing mistakes along with more easily occurring being subject to power supply disturbance while lower power consumption, ensure that the reliability of smart card becomes and become increasingly conspicuous.The present invention, by strengthening the protection of important operation in intelligent card chip (the erasable or algorithm of the interior nonvolatile memory of such as card), makes chip can use safely in rugged environment.
Summary of the invention
The present invention is a kind of method strengthening the clean boot of intelligent card chip sensitive operation, improves the reliability of smart card under various rugged surroundings, guarantees that chip significant data or information can not be rewritten or reveal.
The present invention is a kind of method strengthening the clean boot of intelligent card chip sensitive operation, and specifically have hardware and software two parts to complete this function, detailed technical scheme is described below:
The present invention is made up of one group of safeguard protection register, register output detection circuit, the enable treatment circuit of sensitive operation and sensitive operation circuit.Its principle of work is: software is in the process of executive routine; each control bit set gradually in safeguard protection register is effective; testing circuit detects that all safeguard protection registers are arranged effectively; software could start sensitive operation; after sensitive operation completes, hardware automatically or software all protection registers are all removed as disarmed state.Wherein: safeguard protection register chip power on or on once sensitive operation be in disarmed state after completing; In the operating path had to pass through before sensitive operation starts, the value of step-by-step setting safeguard protection register, before sensitive operation starts, complete the setting of all safeguard protection registers, and start sensitive operation, after completing sensitive operation, remove safeguard protection Parasites Fauna;
Whether register output detection circuit detects each register output signal in safeguard protection Parasites Fauna effective, if effectively, output detections effective marker, if arrange appearance order entanglement in safe register group process, then testing circuit exports invalid flag, produce error flag signal simultaneously, make chip enter interruption status or reset;
Only have when the signal that sensitive operation signal and register output detection circuit export is all effective, the enable treatment circuit of sensitive operation starts, otherwise cannot perform sensitive operation;
Sensitive operation circuit produces the signal removed safeguard protection Parasites Fauna after sensitive operation completes, and removes each register in safeguard protection Parasites Fauna for disarmed state.
Above-mentioned described safeguard protection register, its number can need to arrange arbitrarily according to actual chips, and the effective status of each register can require to arrange according to testing circuit, also can be able to be low level for high level.
Above-mentioned described register output detection circuit, its function mainly contains two parts, a function exports effective marker when all registers export testing circuit effectively, another function is arranging in the effective process of register, when a rear register arranges effective status, previous register is disarmed state, this thing produces mistake mark, can be used as to interrupt or exceptional reset signal to chip system.
Strengthen a method for intelligent card chip sensitive operation clean boot, use this method can significantly improve chip in harsh situation or the protection by sensitive operation in card in external attack situation, greatly strengthen the reliability of intelligent card chip.
Accompanying drawing explanation
Fig. 1 hardware circuit principle figure
Fig. 2 running software arranges protection register schematic diagram
Embodiment
Below in conjunction with Figure of description, the specific embodiment of the present invention is described in detail.
Shown in hardware circuit principle figure as of the present invention in Fig. 1; 100 represent safeguard protection Parasites Fauna; 200 represent safeguard protection Parasites Fauna export testing circuit; 300 signals representing software startup sensitive operation; the 400 startup control signals representing testing circuit output signal and the common sensitive operation effectively afterwards of software startup signal, 500 represent the signal removed safeguard protection Parasites Fauna after sensitive operation completes.
The safeguard protection Parasites Fauna of 100 representatives in Fig. 1, chip power on or on after once chip sensitive operation completes, each register can be in disarmed state.
The testing circuit of 200 representatives in Fig. 1; whether function mainly detects each register output signal in safeguard protection Parasites Fauna effective; if effectively, output detections effective marker; if appearance order entanglement in software design patterns safe register group process; then testing circuit exports invalid flag; produce error flag signal simultaneously, make chip enter interruption status or reset.
The software startup sensitive operation signal of 300 representatives in Fig. 1, refers to be the sensitive operation that software carries out starting, is embodied in software and produces an enabling signal by arranging special function register.
The startup control signal of the testing circuit output signal of 400 representatives in Fig. 1 and the common sensitive operation effectively afterwards of software startup signal, only have when testing circuit exports effectively and the enabling signal of software startup sensitive operation is also effective, sensitive operation could start, otherwise cannot perform sensitive operation.
In Fig. 1 500 represents the signal removed safeguard protection Parasites Fauna after sensitive operation completes; represent after sensitive operation completes; hardware produces or software produces a clear signal; each register in safeguard protection Parasites Fauna is removed for disarmed state, if now direct control sensitive operation can not start.
The setting how software carries out safeguard protection register is illustrated in Fig. 2; suppose that software has 1 to 12 execution blocks; sensitive operation starts in block 12; in way, example software performs block 12 needs through block 1, block 2, block 4, block 8, block 9 and block 11; disperse to carry out in the block that so can will pass through in these sensitive operation respectively for the setting of safeguard protection Parasites Fauna; when ensure that sensitive operation performs, software execution route is correct, illustrates intelligent card chip implementation and is not interfered.
Claims (2)
1. strengthen a device for intelligent card chip sensitive operation clean boot, it is characterized in that being made up of safeguard protection Parasites Fauna, register output detection circuit, the enable treatment circuit of sensitive operation and sensitive operation circuit, wherein:
Safeguard protection register chip power on or on once sensitive operation be in disarmed state after completing; In the operating path had to pass through before sensitive operation starts, the value of step-by-step setting safeguard protection register, before sensitive operation starts, complete the setting of all safeguard protection registers, and start sensitive operation, after completing sensitive operation, remove safeguard protection Parasites Fauna;
Whether register output detection circuit detects each register output signal in safeguard protection Parasites Fauna effective, if effectively, output detections effective marker, if arrange appearance order entanglement in safe register group process, then testing circuit exports invalid flag, produce error flag signal simultaneously, make chip enter interruption status or reset;
Only have when the signal that sensitive operation signal and register output detection circuit export is all effective, the enable treatment circuit of sensitive operation starts, otherwise cannot perform sensitive operation;
Sensitive operation circuit produces the signal removed safeguard protection Parasites Fauna after sensitive operation completes, and removes each register in safeguard protection Parasites Fauna for disarmed state.
2. device as claimed in claim 1, is characterized in that: safeguard protection register is made up of one group of register, and its quantity requires to determine according to chip hardware.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410427111.0A CN104408509A (en) | 2014-08-27 | 2014-08-27 | A device for improving security initiation of sensitive operation of chip of smart card |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410427111.0A CN104408509A (en) | 2014-08-27 | 2014-08-27 | A device for improving security initiation of sensitive operation of chip of smart card |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN104408509A true CN104408509A (en) | 2015-03-11 |
Family
ID=52646138
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410427111.0A Pending CN104408509A (en) | 2014-08-27 | 2014-08-27 | A device for improving security initiation of sensitive operation of chip of smart card |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104408509A (en) |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1146813A (en) * | 1994-03-01 | 1997-04-02 | 美国综合技术公司 | Proboot protection for a data security system |
| CN1521638A (en) * | 2003-02-04 | 2004-08-18 | ���µ�����ҵ��ʽ���� | Information processing device |
| US20060075312A1 (en) * | 2004-09-30 | 2006-04-06 | Fischer Stephen A | System and method for limiting exposure of hardware failure information for a secured execution environment |
| CN102279813A (en) * | 2011-08-12 | 2011-12-14 | 无锡城市云计算中心有限公司 | Protecting method of system inside encryption card |
-
2014
- 2014-08-27 CN CN201410427111.0A patent/CN104408509A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1146813A (en) * | 1994-03-01 | 1997-04-02 | 美国综合技术公司 | Proboot protection for a data security system |
| CN1521638A (en) * | 2003-02-04 | 2004-08-18 | ���µ�����ҵ��ʽ���� | Information processing device |
| US20060075312A1 (en) * | 2004-09-30 | 2006-04-06 | Fischer Stephen A | System and method for limiting exposure of hardware failure information for a secured execution environment |
| CN102279813A (en) * | 2011-08-12 | 2011-12-14 | 无锡城市云计算中心有限公司 | Protecting method of system inside encryption card |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| KR101576735B1 (en) | Radio communication devices and methods for controlling a radio communication device | |
| TWI619019B (en) | Security chip, non-volatile memory control device and non-volatile memory control method | |
| EP3188065A1 (en) | Secure intelligent terminal device and information processing method | |
| EP3258611B1 (en) | Mobile device having near field wireless communication function | |
| CN103150125A (en) | Method for prolonging service life of power-down protection date buffer memory and smart card | |
| CN1979686A (en) | Safety detecting method for system integrated chip with built-in non-volatile memory | |
| CN103714018B (en) | The safety access control method of chip-stored circuit | |
| CN104459519A (en) | Chip safety testing method and device | |
| CN103389923B (en) | Random access memory access bus ECC calibration equipment | |
| CN202049495U (en) | Identity recognition module | |
| CN101169755A (en) | Test pin free contact type CPU card test method | |
| CN106372540B (en) | A kind of safe transmission method and circuit of chip secure information | |
| CN203502954U (en) | Computer device and identification device thereof | |
| CN206193868U (en) | Prevent vehicle -mounted electronic label of cheating | |
| CN104408509A (en) | A device for improving security initiation of sensitive operation of chip of smart card | |
| CN210348532U (en) | Passive NFC anti-counterfeiting chip for realizing tamper-proof detection by detecting on-off of pin | |
| CN106371996A (en) | Power cutoff test method and system | |
| CN103389924B (en) | Be applied to the ECC storage system of random access memory | |
| JP6396119B2 (en) | IC module, IC card, and IC card manufacturing method | |
| CN204719853U (en) | Code keypad | |
| US20090235365A1 (en) | Data access system | |
| CN108256356B (en) | Method for resisting fault injection of chip register | |
| CN104077545A (en) | Method for realizing chip protection self-locking by using electrically erasable programmable read-only memory | |
| CN104573483A (en) | Method for clearing coded lock and terminal | |
| CN103455445A (en) | Method of intelligent card system for resisting to fault attack |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| CB02 | Change of applicant information |
Address after: 102209 Beijing, Beiqijia, the future of science and technology in the south area of China electronic network security and information technology industry base C building, Applicant after: Beijing CEC Huada Electronic Design Co., Ltd. Address before: 100102 Beijing City, Chaoyang District Lize two Road No. 2, Wangjing science and Technology Park A block five layer Applicant before: Beijing CEC Huada Electronic Design Co., Ltd. |
|
| COR | Change of bibliographic data | ||
| WD01 | Invention patent application deemed withdrawn after publication | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20150311 |