CN105095002A - Security test method and system based on chip - Google Patents
Security test method and system based on chip Download PDFInfo
- Publication number
- CN105095002A CN105095002A CN201410193983.5A CN201410193983A CN105095002A CN 105095002 A CN105095002 A CN 105095002A CN 201410193983 A CN201410193983 A CN 201410193983A CN 105095002 A CN105095002 A CN 105095002A
- Authority
- CN
- China
- Prior art keywords
- chip
- ray
- occurring source
- control device
- intensity
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Abstract
The present invention is applicable to the field of chip testing, and provides a security test method and system based on a chip. The method comprises: controlling a radiation generating source by using a control device to generate at least two types of rays; collecting the at least two types of rays emitted by the radiation generating source by using a buncher; performing fault injection processing on a chip through the collected rays to enable the chip to undergo a bit-flipping and output data; performing cryptanalysis according to data outputted by the chip. If a password analyzed is the correct password, an algorithm used for chip encryption is required to be modified; and if the password analyzed is not the correct password, an encryption algorithm currently used for chip encryption is secure; Accordingly, the problem of chip security is solved from the perspective of fault injection attack defense and the chip can be used securely.
Description
Technical field
The invention belongs to chip detection field, particularly relate to a kind of safety detection method based on chip and system.
Background technology
At present, the cipher system mathematically cracking merely a certain maturation is difficult to, but this does not represent and is difficult to crack to a certain chip or a certain concrete cryptographic algorithm yet.The current primary challenge mode adopted for cracking chip has three kinds: non-intrusion type is attacked, half intrusive mood is attacked and intrusive mood is attacked; Utilize radioactive ray to carry out error injection and just can belong to non-intrusion type attack.
It is the bit reversal bringing out chip internal that error injection is attacked, as the irradiation by carrying out radioactive ray to the transistor of chip internal causes this transistor generation bit reversal to inject electronics to this transistor; Chip can be brought into a uncertain running status by bit reversal, introduces error running flow process and causes algorithm to be made mistakes; And then the result that can export according to chip carries out decryption.The enforcement cost that error injection is attacked is not high, but success attack rate is higher, becomes one of Main Means cracking chip.
Along with the lasting propelling of domestic Golden Card Program, the technology of the anti-wrong injection attacks of smart card develops to some extent, as sensor installation in the chips, can monitor single specify the irradiation (error injection) of ray and report to the police by this sensor.Therefore, the safety detection that prior art is carried out for chip, also just detects for this appointment ray of single; But unavoidable exist other ray, carry out mistake by this ray and enter to inject with successful decryption.
Summary of the invention
The object of the present invention is to provide a kind of safety detection method based on chip and system, be intended to solve prior art only single ray chip is carried out to the safety detection of error injection, still there is the problem of security risk.
On the one hand, a kind of safety detection method based on chip, the described safety detection method based on chip comprises:
Control ray occurring source by control device and produce at least two kinds of rays;
By at least two kinds of ray collection that described ray occurring source is launched by buncher;
Error injection is carried out to chip, to make described chip generation bit reversal and to export data by the ray of set;
Cryptanalysis is carried out according to the data that described chip exports.
On the one hand, a kind of safety detecting system based on chip, the described safety detecting system based on chip comprises:
Control device;
Ray occurring source, for being controlled to produce at least two kinds of rays by control device;
Buncher, at least two kinds of ray collection produced by described ray occurring source, carries out error injection to chip, to make described chip generation bit reversal and to export data by the ray of set;
Cryptanalysis module, carries out cryptanalysis for the data exported according to described chip.
The invention has the beneficial effects as follows: control device ray occurring source produces multiple ray, at least two kinds of ray collection of described ray occurring source being launched by buncher, by the ray of set, error injection is carried out to chip; While carrying out error injection, the data that receiving chip exports, carry out cryptanalysis to the data received.Like this, if the password analyzed is proper password, then need change for the algorithm to this chip encryption; If the password analyzed is for this proper password, is safe by the cryptographic algorithm of current use to this chip encryption, this chip can be used safely.
Accompanying drawing explanation
In order to be illustrated more clearly in the technical scheme in the embodiment of the present invention, be briefly described to the accompanying drawing used required in embodiment or description of the prior art below, apparently, accompanying drawing in the following describes is only some embodiments of the present invention, for those of ordinary skill in the art, under the prerequisite not paying creative work, other accompanying drawing can also be obtained according to these accompanying drawings.
Fig. 1 is the process flow diagram of the safety detection method based on chip that the embodiment of the present invention provides;
Fig. 2 is the particular flow sheet based on step S3 in the safety detection method of chip that the embodiment of the present invention provides;
Fig. 3 is the first Organization Chart of the safety detecting system based on chip that the embodiment of the present invention provides;
Fig. 4 is the second Organization Chart of the safety detecting system based on chip that the embodiment of the present invention provides;
Fig. 5 is the third Organization Chart of the safety detecting system based on chip that the embodiment of the present invention provides.
Embodiment
In order to make object of the present invention, technical scheme and advantage clearly understand, below in conjunction with drawings and Examples, the present invention is further elaborated.Should be appreciated that specific embodiment described herein only in order to explain the present invention, be not intended to limit the present invention.In order to technical solutions according to the invention are described, be described below by specific embodiment.
Fig. 1 shows the workflow of the safety detection method based on chip that the embodiment of the present invention provides, and for convenience of description, illustrate only the part relevant to the embodiment of the present invention.
The safety detection method based on chip that the embodiment of the present invention provides, as shown in Figure 1, the described safety detection method based on chip comprises the following steps: S1, controls ray occurring source produce at least two kinds of rays by control device; S2, at least two kinds of ray collection of described ray occurring source being launched by buncher; S3, carries out error injection to chip, to make described chip generation bit reversal and to export data by the ray of set; S4, carries out cryptanalysis according to the data that described chip exports.
The embodiment of the present invention uses multiple ray to carry out error injection to chip simultaneously, carries out safety monitoring; Therefore, need multiple ray occurring source to generate ray not of the same race respectively, namely each ray occurring source generates a kind of ray.Each ray occurring source accepts the control of control device, and particularly, control device controls the ray that ray occurring source generates fixed frequency and constant intensity, and wherein, this fixed frequency and this constant intensity are all specified by control device.Like this, different ray emission source correspondingly may generate different types of ray, or different ray emission source may correspondingly generate with kind but the ray of different frequency and/or intensity.As a kind of embodiment of the present invention, in advance according to the ability of the dissimilar of chip with the anti-error injection (anti-bit reversal) of chip, select varying strength to carry out experiment test respectively to often kind of ray, filter out the ray type and corresponding intensity that more can cause bit reversal.The preferred ray of the embodiment of the present invention comprises X ray, alpha ray and gamma-rays; Above-mentioned three kinds of rays all have good ionizing power and penetration capacity, are easier to the bit reversal bringing out chip (transistor as chip internal).
And then in step s 2, error injection is carried out to chip for using multiple ray simultaneously, buncher receives different ray (different ray occurring source generates), buncher is gathered the different rays received, assemble a branch of ray, the ray assembled has multi-wavelength, multiple intensity or multi-frequency.
And then in step s3, by the ray assembled, local or full illumination are carried out to chip, namely by the ray of set to the local of chip or all carry out error injection; May there is bit reversal in the place receiving irradiation in chip, the transistor as being irradiated to electronics can occur and loses or increase and cause bit reversal.And then, data (data be made up of bit) can be exported from the output terminal of chip.
And then in step s 4 which, while error injection is carried out to described chip, received the data of described chip output by cryptanalysis module; Cryptanalysis module, to the data analysis received, analyzes the possible password of described chip.
Then, whether the possible password that goes out of discriminatory analysis is correct; If the possible password analyzed is proper password (this proper password is: use current algorithm to encrypt the password obtained to this chip), then represent: if certain ray that the embodiment of the present invention uses carries out error injection to chip, the password of this chip may be gone out by Correct Analysis; Therefore, need for improving the current algorithm of this chip encryption or redesigning cryptographic algorithm, then whether the possible password that goes out of discriminatory analysis is correct.
If the possible password analyzed is for described proper password, then represent: the often kind of ray used by the embodiment of the present invention carries out error injection to chip, all can not go out the password of this chip by Correct Analysis; Therefore, use current algorithm to be safe to the password that this chip encryption obtains, use this current algorithm can ensure the safety of chip to this chip, safety detection is passed through in representative.
Fig. 2 shows the idiographic flow based on step S3 in the safety detection method of chip that the embodiment of the present invention provides, and for convenience of description, illustrate only the part relevant to the embodiment of the present invention.
In an embodiment of the present invention, as shown in Figure 2, by the ray of set, the step that chip carries out error injection is specially: S31, described chip is fixed on the operation bench of precision optical machinery position; S32, controls described precision optical machinery position operation bench by described control device and moves described chip, is irradiated described chip traversal by the ray of described set.
In the present embodiment, the fixing and movement of chip is all manipulated by precision optical machinery position operation bench.Particularly, when needing to carry out safety detection to certain chip, first this chip is fixed on the operation bench of precision optical machinery position, and then control device manipulates the movement of this chip by this precision optical machinery position operation bench; Certainly, this precision optical machinery position operation bench manipulates the move mode of this chip movement and moving step length does not all limit, and can need according to safety detection and determine; But preferably, control device manipulates this chip by this precision optical machinery position operation bench to carry out little step-length and moves, and the scope of movement meets: the ray of the described set that buncher is launched can carry out traversal to this chip and irradiate (namely carrying out error injection with traveling through to this chip).
In the present invention one specific embodiment, the one giving step S1 specifically may, the step being controlled ray occurring source generation at least two kinds of rays by control device is specially: the X ray being produced first frequency and the first intensity by described control device control Χ ray occurring source, controls by described control device the alpha ray that alpha ray occurring source produces second frequency and the second intensity.The one giving step S2 accordingly specifically may, the step of described at least two kinds of ray collection of being launched by described ray occurring source by buncher is specially: the alpha ray set of the X ray produced by described Χ ray occurring source by described buncher and the generation of described alpha ray occurring source.
In the present embodiment, ray occurring source comprises: Χ ray occurring source and alpha ray occurring source; Χ ray occurring source and alpha ray occurring source all accept the control of control device.
Control device control Χ ray occurring source produces the X ray having first frequency and have the first intensity.It should be noted that, described first frequency is: a frequency in the frequency range (30PHz to 30EHz) of Χ ray.Because the ionizing power of Χ ray is strong, be easier to the bit reversal bringing out chip (transistor as chip internal).Preferably, for the X ray produced by described control device control Χ ray occurring source, described first intensity of the X ray of this generation is: the arbitrary intensity in 0.1mGy/h to 1000mGy/h scope.X ray in this 0.1mGy/h to 1000mGy/h scope has good ionizing power and penetration capacity, easily brings out the bit reversal of chip (transistor as chip internal).
Control device controls alpha ray occurring source and produces the alpha ray having second frequency and have the second intensity.It should be noted that, described second frequency is: a frequency in Alpha-ray frequency range.Because Alpha-ray ionizing power is strong, be also easier to the bit reversal bringing out chip (transistor as chip internal).Preferably, for the alpha ray being controlled the generation of alpha ray occurring source by described control device, Alpha-ray described second intensity of this generation is: the arbitrary intensity in 0.1mGy/h to 1000mGy/h scope.Alpha ray in this 0.1mGy/h to 1000mGy/h scope has good ionizing power and penetration capacity, easily brings out the bit reversal of chip (transistor as chip internal).
In an alternative embodiment of the invention, the described safety detecting system based on chip also comprises beam splitter; If ray occurring source only sends a kind of ray, by beam splitter, multi beam is divided into this kind of ray that described ray occurring source sends, by the multi beam radiation exposure chip (and carrying out error injection to chip) separated, simultaneously by the data that cryptanalysis module receiving chip exports, the data analysis that cryptanalysis module exports chip is to analyze possible password; And then whether be described proper password according to the possible password analyzed, determine whether to need change for the current algorithm to this chip encryption.
Those of ordinary skill in the art it is also understood that, the all or part of step realized in above-described embodiment method is that the hardware that can carry out instruction relevant by program has come, described program can be stored in a computer read/write memory medium, described storage medium, comprises ROM/RAM, disk, CD etc.
It should be noted that, the safety detection method based on chip that the embodiment of the present invention provides and the safety detecting system based on chip that the embodiment of the present invention provides are suitable for mutually.
Fig. 3 shows the first framework of the safety detecting system based on chip that the embodiment of the present invention provides, and for convenience of description, illustrate only the part relevant to the embodiment of the present invention.
The safety detecting system based on chip that the embodiment of the present invention provides, as shown in Figure 3, the described safety detecting system based on chip comprises: control device 61;
Ray occurring source 63, for being controlled to produce at least two kinds of rays by control device;
Buncher 64, at least two kinds of ray collection produced by described ray occurring source, carries out error injection by the ray of set to chip 62, bit reversal occurs to make described chip 62 and exports data;
Cryptanalysis module 65, carries out cryptanalysis for the data exported according to described chip 62.
Fig. 4 shows the second framework of the safety detecting system based on chip that the embodiment of the present invention provides, and for convenience of description, illustrate only the part relevant to the embodiment of the present invention.
In an embodiment of the present invention, as shown in Figure 4, the described safety detecting system based on chip also comprises:
Precision optical machinery position operation bench 66, for fixing described chip 62, also for described chip 62 mobile under the control of described control device, the ray of the described set of launching to make buncher carries out traversal to described chip 62 and irradiates.
Fig. 5 shows the third framework of the safety detecting system based on chip that the embodiment of the present invention provides, and for convenience of description, illustrate only the part relevant to the embodiment of the present invention.
In an embodiment of the present invention, as shown in Figure 5, described ray occurring source 63 comprises Χ ray occurring source 631 and alpha ray occurring source 632;
Described Χ ray occurring source 631, for controlling by described control device the X ray producing first frequency and the first intensity;
Described alpha ray occurring source 632, for controlling by described control device the alpha ray producing second frequency and the second intensity.
In an embodiment of the present invention, described first intensity of the X ray of described Χ ray occurring source 631 generation is: the arbitrary intensity in 0.1mGy/h to 1000mGy/h scope.
In an embodiment of the present invention, Alpha-ray described second intensity that described alpha ray occurring source 632 produces is: the arbitrary intensity in 0.1mGy/h to 1000mGy/h scope.
Above content is in conjunction with concrete preferred implementation further description made for the present invention, can not assert that specific embodiment of the invention is confined to these explanations.For general technical staff of the technical field of the invention; make some equivalent alternative or obvious modification without departing from the inventive concept of the premise; and performance or purposes identical, all should be considered as belonging to the scope of patent protection that the present invention is determined by submitted to claims.
Claims (10)
1. based on a safety detection method for chip, it is characterized in that, the described safety detection method based on chip comprises:
Control ray occurring source by control device and produce at least two kinds of rays;
By at least two kinds of ray collection that described ray occurring source is launched by buncher;
Error injection is carried out to chip, to make described chip generation bit reversal and to export data by the ray of set;
Cryptanalysis is carried out according to the data that described chip exports.
2. as claimed in claim 1 based on the safety detection method of chip, it is characterized in that, by the ray of set, chip carried out to the step of error injection, be specially:
Described chip is fixed on the operation bench of precision optical machinery position;
Control described precision optical machinery position operation bench by described control device and move described chip, by the ray of described set, described chip traversal is irradiated.
3. as claimed in claim 1 or 2 based on the safety detection method of chip, it is characterized in that, the step being controlled ray occurring source generation at least two kinds of rays by control device is specially:
Produced the X ray of first frequency and the first intensity by described control device control Χ ray occurring source, control by described control device the alpha ray that alpha ray occurring source produces second frequency and the second intensity;
The step of described at least two kinds of ray collection of being launched by described ray occurring source by buncher is specially:
The alpha ray set that the X ray produced by described Χ ray occurring source by described buncher and described alpha ray occurring source are produced.
4., as claimed in claim 3 based on the safety detection method of chip, it is characterized in that, described first intensity of the X ray of generation is: the arbitrary intensity in 0.1mGy/h to 1000mGy/h scope.
5., as claimed in claim 3 based on the safety detection method of chip, it is characterized in that, Alpha-ray described second intensity of generation is: the arbitrary intensity in 0.1mGy/h to 1000mGy/h scope.
6. based on a safety detecting system for chip, it is characterized in that, the described safety detecting system based on chip comprises:
Control device;
Ray occurring source, for being controlled to produce at least two kinds of rays by control device;
Buncher, at least two kinds of ray collection produced by described ray occurring source, carries out error injection to chip, to make described chip generation bit reversal and to export data by the ray of set;
Cryptanalysis module, carries out cryptanalysis for the data exported according to described chip.
7., as claimed in claim 6 based on the safety detecting system of chip, it is characterized in that, the described safety detecting system based on chip also comprises:
Precision optical machinery position operation bench, for fixing described chip, also for described chip mobile under the control of described control device, the ray of the described set of launching to make buncher carries out traversal to described chip and irradiates.
8. the safety detecting system based on chip as claimed in claims 6 or 7, it is characterized in that, described ray occurring source comprises Χ ray occurring source and alpha ray occurring source;
Described Χ ray occurring source, for controlling by described control device the X ray producing first frequency and the first intensity;
Described alpha ray occurring source, for controlling by described control device the alpha ray producing second frequency and the second intensity.
9. as claimed in claim 8 based on the safety detecting system of chip, it is characterized in that, described first intensity of the X ray that described Χ ray occurring source produces is: the arbitrary intensity in 0.1mGy/h to 1000mGy/h scope.
10. as claimed in claim 8 based on the safety detecting system of chip, it is characterized in that, Alpha-ray described second intensity that described alpha ray occurring source produces is: the arbitrary intensity in 0.1mGy/h to 1000mGy/h scope.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410193983.5A CN105095002A (en) | 2014-05-09 | 2014-05-09 | Security test method and system based on chip |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410193983.5A CN105095002A (en) | 2014-05-09 | 2014-05-09 | Security test method and system based on chip |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN105095002A true CN105095002A (en) | 2015-11-25 |
Family
ID=54575505
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410193983.5A Pending CN105095002A (en) | 2014-05-09 | 2014-05-09 | Security test method and system based on chip |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105095002A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106326053A (en) * | 2016-08-25 | 2017-01-11 | 深圳先进技术研究院 | Chip security test method and system based on fault injection |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101243450A (en) * | 2005-08-19 | 2008-08-13 | Nxp股份有限公司 | Circuit arrangement with non-volatile memory module and method for registering attacks on said non-volatile memory module |
| CN103679011A (en) * | 2012-09-20 | 2014-03-26 | 瑞萨电子株式会社 | Semiconductor integrated circuit |
-
2014
- 2014-05-09 CN CN201410193983.5A patent/CN105095002A/en active Pending
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101243450A (en) * | 2005-08-19 | 2008-08-13 | Nxp股份有限公司 | Circuit arrangement with non-volatile memory module and method for registering attacks on said non-volatile memory module |
| CN103679011A (en) * | 2012-09-20 | 2014-03-26 | 瑞萨电子株式会社 | Semiconductor integrated circuit |
Non-Patent Citations (3)
| Title |
|---|
| SERGEI P.SKOROBOGATOV 等: "Optical Fault Induction Attacks", 《LECTURE NOTES IN COMPUTER SCIENCE》 * |
| 孙春辉: "边信道攻击及防御的研究与实现", 《中国博士学位论文全文数据库 信息科技辑》 * |
| 王红胜 等: "针对高级加密标准算法的光故障注入攻击", 《计算机工程》 * |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106326053A (en) * | 2016-08-25 | 2017-01-11 | 深圳先进技术研究院 | Chip security test method and system based on fault injection |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109379329B (en) | Network security protocol fuzzy test method and system based on LSTM | |
| CN112134761B (en) | Electric power Internet of things terminal vulnerability detection method and system based on firmware analysis | |
| US8901916B2 (en) | Detecting malicious hardware by measuring radio frequency emissions | |
| Paul et al. | Manifestations of warped extra dimension in rare charm decays and asymmetries | |
| KR101689795B1 (en) | Method and system for detecting vulnerabilities of communication protocol software | |
| CN106326053B (en) | Chip safety testing method and system based on fault injection | |
| Zhang et al. | Using test case reduction and prioritization to improve symbolic execution | |
| Men et al. | Finding sands in the eyes: vulnerabilities discovery in IoT with EUFuzzer on human machine interface | |
| CN111770076A (en) | Self-detection network security system and working method thereof | |
| CN105095002A (en) | Security test method and system based on chip | |
| Yulianton et al. | Web application vulnerability detection using taint analysis and black-box testing | |
| Iqbal et al. | Exploratory studies into forensic logs for criminal investigation using case studies in industrial control systems in the power sector | |
| KR20140077405A (en) | Method and apparatus for detecting cyber target attack | |
| Cai et al. | Automatic software vulnerability detection based on guided deep fuzzing | |
| Zhao et al. | Dynamic taint tracking of web application based on static code analysis | |
| CN113849817B (en) | Detection method and device for pollution loopholes of JavaScript prototype chain | |
| CN113156295B (en) | Test method and system suitable for response time of power safety chip | |
| Omotunde et al. | A hybrid threat model for software security requirement specification | |
| Anand et al. | Penetration testing security tools: a comparison | |
| CN110503345A (en) | A kind of equipment O&M process means of defence and device | |
| CN108242993A (en) | The alignment schemes and device of a kind of side channel signal and reference signal | |
| CN202720652U (en) | Dual-computer system for information security protection | |
| Shelbaya et al. | On-Line Retuning of ISAC Linac Beam with Quadrupole Scan Tomography | |
| CN104504379A (en) | Fingerprint authorization and verification method and system | |
| Podadera et al. | Beam diagnostics for the multi-MW hadron linac IFMIF/DONES |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20151125 |