CN104463027A - Method for achieving software conditional branching power dissipation balance - Google Patents
Method for achieving software conditional branching power dissipation balance Download PDFInfo
- Publication number
- CN104463027A CN104463027A CN201410427294.6A CN201410427294A CN104463027A CN 104463027 A CN104463027 A CN 104463027A CN 201410427294 A CN201410427294 A CN 201410427294A CN 104463027 A CN104463027 A CN 104463027A
- Authority
- CN
- China
- Prior art keywords
- branch
- address
- conditional
- condition
- conditional branching
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
- G06F21/77—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in smart cards
Landscapes
- Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- Computer Hardware Design (AREA)
- Theoretical Computer Science (AREA)
- Mathematical Physics (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Devices For Executing Special Programs (AREA)
Abstract
The invention relates to a method for achieving software conditional branching power dissipation balance. The method is applied to the safety protection field of smart card chips. According to the method, differences on time and power dissipation of conditional branching statement programs in the running period are eliminated, correlations of branching skip operation on power dissipation are hidden and damaged, and therefore the aim that software prevents simple power dissipation analyzing attacks is achieved. By means of the method, power dissipation attacks to the chips can be effectively defended; the method can be applied to software safety design of the high-safety chips.
Description
Technical field
The present invention is mainly used in field of smart card safety, also goes for various needs in the safety chip of defence timing attack and simple power consumption attack.
Background technology
Smart card (SmartCard), is also IC-card, be one use integrated circuit technology manufacture with micro-chip processor, the card with standard specification.
Along with society and scientific and technological development, the application of smart card is more next and universal, brings huge convenience to people's life.But since Kocher in 1996 proposes differential power attack method, industry conducts in-depth research power consumption attack method.The research of power consumption (energy) analytical attack, also brings the threat of secure context simultaneously to smart card.Malice user by obtaining work state information to the analysis of smart card operating power consumption, and then can obtain the sensitive information of smart card.
Power consumption (energy) analytical attack has been acknowledged as a kind of powerful tool obtaining intelligent card chip secret information, its ultimate principle be the instantaneous energy consumption of chipset and the operation performed by it and operation data between there is correlativity.Power consumption analysis attack, according to the principle of offside information analysis, can be divided into simple energy analysis (SPA), differential power analysis (DPA) and correlation energy analysis (CPA) etc.
For example, the conditional branch statements of usual higher level lanquage, as if-else, switch-case etc., after compiler compiling, corresponding assembly code normally conditional jump instructions.And for most microprocessor, conditional jump instructions is in Rule of judgment establishment with when being false, corresponding instruction cycles is different.When in instruction, Rule of judgment is false, instruction only performs judgement operation, and when Rule of judgment is set up, instruction process performs and judges, outside operation, also will perform skip operation.Therefore can cause same branch statement, due to the difference of branch condition, cause instruction operation time and power consumption produce difference.By this species diversity, use simple power consumption analysis, just likely analyze duty, the routine processes procedure information of intelligent card chip, bring potential safety hazard.
Such as in enhancement mode 8051 single-chip microcomputer, conditional jump instructions JB and JNB, when Rule of judgment is false, the execution cycle number of this instruction is 3, but when Rule of judgment is set up, the performance period of this instruction is 4.Equally, conditional jump instructions JC and JNC, the performance period under two kinds of different conditions is respectively 2 and 3.In ARM Cotex-M0 processor, conditional jump instructions, as BNE, BEQ etc., when Rule of judgment is false, the execution cycle number of instruction is 1, and when Rule of judgment is set up, the execution cycle number of instruction is 3.
Difference on the execution time that these conditional jump instructions cause because Rule of judgment is different, can be embodied on power consumption profile, by this species diversity, use simple power consumption analysis can analyze the branch of the actual execution of conditional branch statements, thus obtain the duty of intelligent card chip, or routine processes procedure information, bring potential safety hazard.
As can be seen from above-mentioned information, for products such as smart cards, power consumption information when how to protect card work is extremely important.Power consumption information is usually relevant with the ongoing operation of smart card, and the instruction that such as intelligent card chip process is different can cause the difference of power consumption, and this species diversity regularity can be seen from power consumption track easily.Namely simple power consumption analysis directly obtains the relevant information of smart card operation according to power consumption track, and these information likely reveal the gordian technique of smart card.
Therefore, corresponding guard technology must be implemented to protect smart card security.Due to the ultimate principle of power consumption analysis be the instantaneous energy consumption of chipset and the operation performed by it and operation data between there is correlativity, if so can hide or destroy this correlativity, the ability of chip defence power consumption analysis attack greatly will be strengthened.
Summary of the invention
In the present invention, adopt a kind of software branch equalization methods, the flow process difference of branch's judgement and skip operation in program is eliminated, conceals branch's skip operation correlativity in time, for the attack for branch's skip instruction power consumption analysis, there is certain defence capability.
Content of the present invention is, achieve a kind of branch statement by condition judgment be converted to the index of branch process program address and call, and be applied to the safety protection field of intelligent card chip, eliminate the difference on program run duration time and power consumption that branch difference produces, hide and destroy the correlativity of branch's skip operation in power consumption, thus reaching the object of the simple power consumption analysis attack of software protecting and timing attack.
A kind of method realizing the equilibrium of software branch power consumption, by setting up the concordance list of branch process program address and branch's Rule of judgment, by the skip operation of condition judgment, be converted to and search according to index value and to load redirect branch process program, for all branches, using branch's Rule of judgment as index value, first find the skew of index value, retrieve branch process program address, readout process program address is also called it by the address of branch process program, loading procedure also performs branch's skip operation of condition judgment thus eliminates the difference on working time and power consumption that branch difference produces.
Wherein change conditional branch statements, concrete implementation step is as follows:
1) be function or module by branch process grooms, ensure that the instruction execution cycle of the operating process of each branch process function or module is consistent with power consumption surface curve;
2) set up concordance list and store branch process program address, by the address extraction of each branch process program out, according to certain forms sequential storage in one piece of memory address;
3) set up the corresponding relation of branch condition and call number, using the call number of branch condition as handling procedure offset address, directly can be corresponded to the position of concordance list by branch condition, this corresponding relation operationally should have consistance;
4) rewrite branch process program, by the function call in branch statement and branch statement, be changed to by call number access function address, and by function address call function.
By branch's skip operation of condition judgment in the present invention, be converted to and search according to index value and to load branch process program.For all branches, be all in two steps: the skew finding index value, readout process program address, loading procedure also performs.In above step, corresponding assembly instruction comprises the data transfer instruction of band skew and the direct jump instruction containing destination address, in such as 8051 single-chip microcomputers, and corresponding MOV instruction and JMP@A+DPTR instruction; In ARM Cotex-M0, corresponding MOV instruction and BX Rm instruction, the performance period of this kind of instruction is all fixing.So, by this conversion, can difference between conditions to release branch.According to the feature of power consumption attack, if each branch's redirect and perform sequential and power consumption unified when, the difference of the sequential that branch's jump instruction would not produce and power consumption aspect.Use the method for this invention, can Rogue program operation with chip power-consumption between correlativity, therefore serve the protection effect to simple power consumption analysis attack.
Accompanying drawing explanation
Branch's redirect of Fig. 1 routine performs flow process
Branch's redirect in Fig. 2 the present invention performs flow process
Branch's redirect concordance list and branch process program maps graph of a relation in Fig. 3 the present invention
Embodiment
Below in conjunction with the drawings and specific embodiments, technical solution of the present invention is described in further details.
Fig. 1 is that conventional branch's jump routine performs flow process, and conventional branch's jump routine performs flow process and comprises the steps: step 101, the variate-value that setting model judges.Step 102, condition judgment is carried out by way conditional statement (as if-else), and turn to corresponding branch statement to perform, in this step, because Rule of judgment is different, condition judgment statement, likely produces skip operation, also likely skip operation is not produced, so the difference in program execution time and power consumption can be caused.Step 103 and 104 is different branch process programs.
The new method that the present invention proposes, is converted to the index of branch process program address and calls by the branch statement of condition judgment, eliminate the difference on program run duration time and power consumption that branch difference produces.After adopting the method, branch's jump routine performs flow process and is converted to following step, and as shown in Figure 2: step 201, the variate-value that setting model judges, it is the same that this step and conventional branch's jump routine perform flow process.Step 202, according to the index relative of branch's redirect condition and branch process program address, by the address of branch's redirect conditional search to branch process program.Step 203, by branch process program address, calls and performs branch process program.
The branch's redirect realized in the present invention performs flow process, and need to change conditional branch statements according to following steps, concrete implementation step is as follows:
1) writing branch process program, is function or module by branch process grooms.The operating process of each branch process function, ensure that instruction execution cycle is consistent with power consumption surface curve;
2) set up concordance list and store branch process program address, by the address extraction of each branch process program out, according to certain forms (as array) sequential storage in one piece of memory address, as shown in step 302 in Fig. 3;
3) corresponding relation of branch condition and call number is set up, using the call number of branch condition as handling procedure offset address, the position of concordance list directly can be corresponded to by branch condition, this corresponding relation operationally should have consistance (as array index is retrieved), as shown in step 303 in Fig. 3;
4) rewrite branch process program, by the function call in branch statement and branch statement, be changed to by call number access function address, and by function address call function.
Conversion in this way, all corresponding same operation steps of all branch's skip instructions, and execution sequential and power consumption reach unification.
The above, be only preferred embodiments of the present invention, understanding method of the present invention and core concept thereof, being not intended to limit protection scope of the present invention for helping.Within the spirit and principles in the present invention all, any amendment made, equivalent replacement, improvement etc., all should be included within protection scope of the present invention.
Claims (3)
1. a method for realization condition finger power consumption equilibrium, is characterized in that:
The concordance list of set up the condition branch process program address and conditional branching Rule of judgment, by the skip operation of condition judgment, be converted to and search according to index value and to load redirect conditional branching handling procedure, for all conditional branchings, using branch's Rule of judgment as index value, first find the skew of index value, retrieve conditional branching handler address, readout process program address is also called it by the address of conditional branching handling procedure, loading procedure also performs, difference by branch's skip operation of condition judgment thus in working time of producing of conditions to release branch difference and power consumption.
2. the method for claim 1, it is characterized in that changing conditional branch statements, concrete implementation step is as follows:
1) conditional branching handling procedure is arranged as function or module, ensure that the instruction execution cycle of the operating process of each conditional branching process function or module is consistent with power consumption surface curve;
2) concordance list storage condition branch process program address is set up, by the address extraction of each conditional branching handling procedure out, according to certain forms sequential storage in one piece of memory address;
3) set up the corresponding relation of branch condition and call number, using the call number of branch condition as handling procedure offset address, directly can be corresponded to the position of concordance list by branch condition;
4) rewrite conditional branching handling procedure, by the function call in conditional branch statements and conditional branch statements, be changed to by call number access function address, and by function address call function.
3. method as claimed in claim 1 or 2, is characterized in that: the assembly instruction that after conditional branch statements can be made to compile, the execution cycle number of correspondence is indefinite is converted to the fixing assembly instruction of execution cycle number.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410427294.6A CN104463027A (en) | 2014-08-27 | 2014-08-27 | Method for achieving software conditional branching power dissipation balance |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410427294.6A CN104463027A (en) | 2014-08-27 | 2014-08-27 | Method for achieving software conditional branching power dissipation balance |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN104463027A true CN104463027A (en) | 2015-03-25 |
Family
ID=52909046
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410427294.6A Pending CN104463027A (en) | 2014-08-27 | 2014-08-27 | Method for achieving software conditional branching power dissipation balance |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104463027A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113608495A (en) * | 2021-08-08 | 2021-11-05 | 上海领霄科技有限公司 | Programmable logic control implementation method |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20100166177A1 (en) * | 2008-12-31 | 2010-07-01 | Incard S.A. | Method for protecting a cryptographic device against spa, dpa and time attacks |
| CN102468956A (en) * | 2010-11-11 | 2012-05-23 | 上海华虹集成电路有限责任公司 | Method suitable for RSA modular exponentiation calculation |
| CN103488461A (en) * | 2012-06-12 | 2014-01-01 | 国际商业机器公司 | Fast index tree for accelerated branch prediction |
-
2014
- 2014-08-27 CN CN201410427294.6A patent/CN104463027A/en active Pending
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20100166177A1 (en) * | 2008-12-31 | 2010-07-01 | Incard S.A. | Method for protecting a cryptographic device against spa, dpa and time attacks |
| CN102468956A (en) * | 2010-11-11 | 2012-05-23 | 上海华虹集成电路有限责任公司 | Method suitable for RSA modular exponentiation calculation |
| CN103488461A (en) * | 2012-06-12 | 2014-01-01 | 国际商业机器公司 | Fast index tree for accelerated branch prediction |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113608495A (en) * | 2021-08-08 | 2021-11-05 | 上海领霄科技有限公司 | Programmable logic control implementation method |
| CN113608495B (en) * | 2021-08-08 | 2022-09-30 | 上海领霄科技有限公司 | Programmable logic control implementation method |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Sun et al. | Taintart: A practical multi-level information-flow tracking system for android runtime | |
| Fratrić | ROPGuard: Runtime prevention of return-oriented programming attacks | |
| EP2519908B1 (en) | Jcvm bytecode execution protection against fault attacks | |
| US20160283714A1 (en) | Technologies for control flow exploit mitigation using processor trace | |
| US9754104B2 (en) | Method for securing Java bytecode | |
| TW201941049A (en) | Systems and methods for transforming instructions for metadata processing | |
| CN106682460B (en) | It is a kind of based on the Code obfuscation method converted twice | |
| WO2019152792A1 (en) | Systems and methods for policy linking and/or loading for secure initialization | |
| CN102722672B (en) | A kind of method and device detecting running environment authenticity | |
| Van Cleemput et al. | Adaptive compiler strategies for mitigating timing side channel attacks | |
| US10867031B2 (en) | Marking valid return targets | |
| CN102034045B (en) | Software bug detection system with low computer system resource expense | |
| CN102708043A (en) | Static data race detection and anaylsis | |
| EP2988242A1 (en) | Information processing device, and information processing method | |
| US10515217B2 (en) | Technologies for mitigating call-oriented programming using an inter-module control flow policy | |
| CN103902890A (en) | Monitoring method and monitoring system for Android program behaviors | |
| NO20034816D0 (en) | Sequence numbering mechanism to ensure execution order integrity in interdependent smart card applications | |
| Heo et al. | Implementing an application-specific instruction-set processor for system-level dynamic program analysis engines | |
| Razafindralambo et al. | A friendly framework for hidding fault enabled virus for Java based smartcard | |
| CN110717181A (en) | Non-control data attack detection method and device based on novel program dependency graph | |
| Hayes et al. | {GPU} Taint Tracking | |
| CN104463027A (en) | Method for achieving software conditional branching power dissipation balance | |
| Lackner et al. | Towards the hardware accelerated defensive virtual machine–type and bound protection | |
| CN106055934A (en) | Method and device for code protection based on VEH | |
| Lackner et al. | Countering type confusion and buffer overflow attacks on Java smart cards by data type sensitive obfuscation |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| CB02 | Change of applicant information |
Address after: 102209 Beijing, Beiqijia, the future of science and technology in the south area of China electronic network security and information technology industry base C building, Applicant after: Beijing CEC Huada Electronic Design Co., Ltd. Address before: 100102 Beijing City, Chaoyang District Lize two Road No. 2, Wangjing science and Technology Park A block five layer Applicant before: Beijing CEC Huada Electronic Design Co., Ltd. |
|
| COR | Change of bibliographic data | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20150325 |