CN106685635A - Convolution checking method and convolution checking device - Google Patents
Convolution checking method and convolution checking device Download PDFInfo
- Publication number
- CN106685635A CN106685635A CN201510753037.6A CN201510753037A CN106685635A CN 106685635 A CN106685635 A CN 106685635A CN 201510753037 A CN201510753037 A CN 201510753037A CN 106685635 A CN106685635 A CN 106685635A
- Authority
- CN
- China
- Prior art keywords
- result
- wheel
- computing
- crypto module
- attacks
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Abstract
The invention discloses a convolution checking method and a convolution checking device. The convolution checking method comprises the steps of acquiring a result which is obtained through performing i-th encryption operation on input data by a password module and a result that is obtained after j-th encryption operation; performing k times of decryption operation on the result which is obtained after j-th encryption operation until a result after i-th decryption operation is obtained, wherein k=j-I; comparing the result after the i-th encryption operation with the result after the i-th decryption operation, and determining whether an interference or an attack to the password module occurs according to a comparison result. The convolution checking method can reduce time in convolution checking on the encrypted or decrypted data and furthermore improves operation efficiency of a password algorithm.
Description
Technical field
The present invention relates to data encryption technology field, and in particular to a kind of method and device of convolution verification.
Background technology
When cryptographic algorithm runs in corresponding crypto module, if subjected to interference or attack, such as,
Power jitter, clock jitter, laser injection or electromagnetism injection etc., the output of the crypto module may
Can be manipulated by attacker, or directly export the value of a mistake.
In order to improve the anti-interference or attacking ability of crypto module, input data is being encrypted or is being decrypted
After process, before the data generally after the crypto module exports encryption or decrypts, using convolution verification
Whether method is correct come the data after verifying encryption or decrypting.So that the crypto module is as encrypting module as an example,
The convolution verification, data that will be after the encryption by password decryption computing, then by the number after decryption
According to being compared with the input data of the crypto module.If the two is identical, the crypto module is not received
To disturbing or attacking, otherwise described crypto module is interfered or attacks.
However, in above-mentioned convolution method of calibration, to the encryption or the data after decryption convolution school is carried out
Time required for testing is longer, it is difficult to require higher situation in the safety to cryptographic algorithm and run time
Under, meet the requirement of user.
The content of the invention
Present invention solves the technical problem that being how to shorten to carry out convolution verification to the data after encryption or decryption
Time, improve cryptographic algorithm operational efficiency.
To solve above-mentioned technical problem, the embodiment of the present invention provides a kind of convolution method of calibration, methods described
Including:
Obtaining crypto module carries out the result after the i-th wheel cryptographic calculation and jth wheel encryption fortune to input data
Result after calculation, wherein, 1≤i < j≤N, N are total round that computing is encrypted to the input data,
I, j and N are positive integer;
The decryption computing of k wheels is carried out to the result after the jth wheel cryptographic calculation, until obtaining the i-th wheel solution
Result after close computing, wherein, k=j-i;
The result after cryptographic calculation is taken turns by described i-th to be compared with the result after the described i-th wheel decryption computing,
And judge whether the crypto module is interfered or attacks according to comparative result.
Alternatively, j=i+1.
Alternatively, i=N-1.
Alternatively, the result by after the described i-th wheel cryptographic calculation is decrypted after computing with the described i-th wheel
As a result it is compared, and judges whether the crypto module is interfered or attacks according to comparative result, wraps
Include:
When the result after the described i-th wheel cryptographic calculation is identical with the result after the described i-th wheel decryption computing,
Judge that the crypto module is not affected by disturbing or attacks, otherwise judge that the crypto module is interfered or attacks
Hit.
Alternatively, methods described also includes:When judging that the crypto module is interfered or attacks, produce
The corresponding alarm signal of life.
The embodiment of the present invention additionally provides another kind of convolution method of calibration, and methods described includes:
Obtaining crypto module carries out the result after the decryption computing of the i-th wheel and jth wheel decryption fortune to input data
Result after calculation, wherein, 1≤i < j≤N, N are total round that computing is decrypted to the input data,
I, j and N are positive integer;
The cryptographic calculation of k wheels is carried out to the result that the jth wheel is decrypted after computing, until obtain the i-th wheel adding
Result after close computing, wherein, k=j-i;
Described i-th wheel is decrypted into the result after computing to be compared with the result after the described i-th wheel cryptographic calculation,
And judge whether the crypto module is interfered or attacks according to comparative result.
Alternatively, j=i+1.
Alternatively, i=N-1.
Alternatively, the result by after the described i-th wheel decryption computing is taken turns after cryptographic calculation with described i-th
As a result it is compared, and judges whether the crypto module is interfered or attacks according to comparative result, wraps
Include:
When the result after the described i-th wheel decryption computing is identical with the result after the described i-th wheel cryptographic calculation,
Judge that the crypto module is not affected by disturbing or attacks, otherwise judge that the crypto module is interfered or attacks
Hit.
Alternatively, also include:When judging that the crypto module is interfered or attacks, corresponding report is produced
Alert signal.
The embodiment of the present invention additionally provides a kind of convolution calibration equipment, and described device includes:
First acquisition unit, being suitable to acquisition crypto module carries out the knot after the i-th wheel cryptographic calculation to input data
Result after fruit and jth wheel cryptographic calculation, wherein, 1≤i < j≤N, N is that the input data is entered
Total round of row cryptographic calculation, i, j and N are positive integer;
Decryption unit, is suitable to carry out the result after the jth wheel cryptographic calculation decryption computing of k wheels, obtains
The result after the i-th wheel decryption computing is obtained, wherein, k=j-i;
First judging unit, is suitable to take turns the result after cryptographic calculation with the described i-th wheel decryption fortune by described i-th
Result after calculation is compared, and judges whether the crypto module is interfered or attacks according to comparative result
Hit.
Alternatively, j=i+1.
Alternatively, i=N-1.
Alternatively, first judging unit is suitable to the result and described the after the described i-th wheel cryptographic calculation
When result after i wheel decryption computings is identical, judge that the crypto module is not affected by disturbing or attacks, otherwise sentence
The fixed crypto module is interfered or attacks.
Alternatively, described device also includes:First alarm unit, is suitable to when the judgement crypto module is received
When interference or attack, corresponding alarm signal is produced.
The embodiment of the present invention additionally provides another kind of convolution calibration equipment, and described device includes:
Second acquisition unit, being suitable to acquisition crypto module carries out the knot after the decryption computing of the i-th wheel to input data
Result after fruit and the decryption computing of jth wheel, wherein, 1≤i < j≤N, N is that the input data is entered
Total round of row decryption computing, i, j and N are positive integer;
Ciphering unit, is suitable to carry out the result that the jth wheel is decrypted after computing the cryptographic calculation of k wheels, obtains
The result after the i-th wheel cryptographic calculation is obtained, wherein, k=j-i;
Second judging unit, is suitable to for the described i-th wheel to decrypt the result after computing with the described i-th wheel encryption fortune
Result after calculation is compared, and judges whether the crypto module is interfered or attacks according to comparative result
Hit.
Alternatively, j=i+1.
Alternatively, i=N-1.
Alternatively, second judging unit is suitable to the result and described the after the described i-th wheel decryption computing
When result after i wheel cryptographic calculations is identical, judge that the crypto module is not affected by disturbing or attacks, otherwise sentence
The fixed crypto module is interfered or attacks.
Alternatively, described device also includes:Second alarm unit, is suitable to when the judgement crypto module is received
When interference or attack, corresponding alarm signal is produced.
Compared with prior art, the technical scheme of the embodiment of the present invention has the advantages that:
Result and the result after jth wheel cryptographic calculation after cryptographic calculation are taken turns by obtaining input data i-th,
And the decryption computing of k wheels is carried out to the result after jth wheel cryptographic calculation, after obtaining the i-th wheel decryption computing
As a result, such that it is able to the result after the result after by comparing the i-th wheel cryptographic calculation and the i-th wheel decryption computing,
To judge whether crypto module is interfered or attacks.With respect to the knot for comparing N wheel cryptographic calculations
Fruit with enter data to judge the mode whether crypto module is interfered or attacks, due to jth
Result after wheel cryptographic calculation only needs to be compared by performing the decryption computing that j-i takes turns, 1≤i < j≤N,
And the decryption computing of non-executing N wheel, therefore can be while crypto module security is ensured, effectively contracting
The time of short convolution verification, improve the operational efficiency of cryptographic algorithm.
Description of the drawings
Fig. 1 is a kind of convolution method of calibration flow chart in the embodiment of the present invention;
Fig. 2 is a kind of structural representation of convolution calibration equipment in the embodiment of the present invention;
Fig. 3 is another kind of convolution method of calibration flow chart in the embodiment of the present invention;
Fig. 4 is the structural representation of another kind of convolution calibration equipment in the embodiment of the present invention.
Specific embodiment
At present, the data after crypto module is generally verified encryption using the method for convolution verification or decrypted
It is whether correct.For example, in ciphering process, the crypto module can first call AES to input
Data D carry out N wheel encryptions, obtain encrypted result TN, then to encrypted result TNIt is decrypted fortune
Calculate, result D1 after being decrypted finally is compared result D1 after decryption and input data D,
And judge whether encrypted result T is correct according to comparative result.
In above-mentioned convolution checking procedure, the decryption computing for performing N wheels is needed, could be tested accordingly
Card result, causes the time of whole convolution verification longer, the operational efficiency reduction of cryptographic algorithm.
For the problems referred to above, a kind of convolution method of calibration is embodiments provided, methods described passes through
Acquisition carries out the result after the i-th wheel cryptographic calculation and the result after jth wheel cryptographic calculation to input data,
The decryption computing of k wheels is further carried out to the result after the jth wheel cryptographic calculation, such that it is able to according to decryption
Result and described i-th after computing takes turns the result after cryptographic calculation to judge whether the crypto module is subject to
Interference is attacked.Due to the decryption computing for only k wheels being carried out to the result after jth wheel cryptographic calculation, you can sentence
Whether the fixed crypto module is interfered or attacks, 1≤i < j≤N, therefore can effectively shorten convolution school
The time tested, improve the operational efficiency of cryptographic algorithm.
It is understandable to enable above-mentioned purpose of the invention, feature and beneficial effect to become apparent from, with reference to
Accompanying drawing is described in detail to the specific embodiment of the present invention.
As shown in figure 1, embodiments providing a kind of convolution method of calibration, methods described can be fitted
For carrying out convolution verification to the result of cryptographic calculation.Methods described may comprise steps of:
Step 101, obtaining crypto module carries out the result after the i-th wheel cryptographic calculation and the to input data
Result after j wheel cryptographic calculations.
In being embodied as, when the crypto module is encrypted input data D, need to carry out N wheels
Round transformation cryptographic calculation.Wherein, the i-th wheel round transformation cryptographic calculation result is Ti, jth wheel round transformation adds
Close operation result is Tj, 1≤i < j≤N, i, j and N are positive integer.
In actual applications, the diffusion due to cryptographic algorithm and the characteristic obscured, attacker is generally in password
Module is attacked when performing the round transformation cryptographic calculation of later several rounds.In other words, attacker is generally in password
Module carries out error injection when performing the round transformation cryptographic calculation of later several rounds, and then according to wrong output result
It is inferred to key.Therefore, compared with input data without the result that N is taken turns round transformation cryptographic calculation
Compared with, it is only necessary to jth wheel round transformation cryptographic calculation result is obtained for Tj, and according to jth wheel round transformation cryptographic calculation
As a result it is TjTo judge whether the crypto module is interfered or attacks.
In one embodiment of this invention, j=i+1, now TiWith TjFor adjacent two-wheeled round transformation cryptographic calculation
Result.
In another embodiment of the invention, i=N-1, i.e. now TiRound transformation cryptographic calculation is taken turns for N-1
Result.Correspondingly, TjFor the result that N takes turns round transformation cryptographic calculation.
It should be noted that in being embodied as, the crypto module can adopt symmetric encipherment algorithm pair
Input data D is encrypted, it would however also be possible to employ rivest, shamir, adelman is to the input data
D is encrypted.Wherein, the symmetric encipherment algorithm can include DES algorithms, RC2 algorithms,
RC4 algorithms, RC5 algorithms and Blowfish algorithms etc..The rivest, shamir, adelman can include RSA
Algorithm, ECC algorithm and Knapsack algorithms etc..It is concrete which kind of AES no matter adopted to the input
Data D are encrypted, and are not construed as limiting the invention, and in protection scope of the present invention
Within.
Step 102, carries out the decryption computing of k wheels, until obtaining to the result after the jth wheel cryptographic calculation
The result after the i-th wheel decryption computing is obtained, wherein, k=j-i.
Specifically, it is T to obtain jth wheel round transformation cryptographic calculation resultjAfterwards, decipherment algorithm is called to TjHold
The decryption computing of the wheel of row 1, obtains result T that jth -1 takes turns round transformation cryptographic calculationj-1’;
Decipherment algorithm is called to Tj-1' the 1 decryption computing taken turns is performed, obtain the wheel round transformation encryption fortune of jth -2
Result T of calculationj-2’;
Decipherment algorithm is called to Tj-1' the 1 decryption computing taken turns is performed, obtain the wheel round transformation encryption fortune of jth -3
Result T of calculationj-3’;
……
The rest may be inferred, until the number of times for performing decryption computing is k time, obtains result of calculation Ti', that is, obtain
Result T after i-th wheel decryption computingi’。
For example, as j=i+1, now k=j-i=1, i.e., only perform 1 and take turns round transformation decryption computing, you can
Obtain the result after the i-th wheel decryption computing.
Step 103, takes turns described i-th the result after cryptographic calculation and the knot after computing is decrypted with the described i-th wheel
Fruit is compared, and judges whether the crypto module is interfered or attacks according to comparative result.
Result T in being embodied as, after the described i-th wheel cryptographic calculationiWith the described i-th wheel decryption computing
Result T afterwardsi' it is identical when, judge that the crypto module is not affected by disturbing or attacks, otherwise judge described close
Code module is interfered or attacks.
In being embodied as, in order that user can more easily know the result, it is described when judging
When crypto module is interfered or attacks, corresponding alarm signal is produced, led to by the alarm signal
Know that crypto module described in user is interfered or attacks.
In being embodied as, when alarm signal is produced, although the final operation result of enciphering/deciphering process is
Error result, but still suffer from necessarily contacting with the information of leakage in enciphering/deciphering processing procedure.Therefore, in order to
Further improve the security of the crypto module, can make the crypto module be output as 0 or band with
The value of machine information, it is possible thereby to so that attacker cannot obtain the error result, further improve described close
The security of code module.
As shown in the above, by obtain input data is carried out the result after the i-th wheel cryptographic calculation and
Result after jth wheel cryptographic calculation, only carries out the decryption of k wheels to the result after the jth wheel cryptographic calculation
Computing, you can according to the result after the result after decryption computing and the i-th wheel cryptographic calculation to judge
State whether crypto module is interfered or attacks, it is possible thereby to effectively shorten the time of convolution verification, improve
The operational efficiency of cryptographic algorithm.
In order that those skilled in the art more fully understand and realize the present invention, above-mentioned convolution is verified below
The corresponding device of method is described in detail.
As shown in Fig. 2 embodiments providing a kind of convolution calibration equipment 20, described device 20 can
To include:First acquisition unit 201, the judging unit 203 of decryption unit 202 and first.Wherein:
The first acquisition unit 201 can be connected with the ciphering unit 21 of crypto module, be suitable to obtain close
Code module carries out the result after the i-th wheel cryptographic calculation and the result after jth wheel cryptographic calculation to input data,
Wherein, 1≤i < j≤N, N are total round that computing is encrypted to the input data, and i, j and N are equal
For positive integer.
The decryption unit 202 is suitable to carry out the result after the jth wheel cryptographic calculation decryption fortune of k wheels
Calculate, obtain the result after the i-th wheel decryption computing, wherein, k=j-i.
First judging unit 203 is suitable to take turns the result after cryptographic calculation with the described i-th wheel by described i-th
Result after decryption computing is compared, and it is dry to judge whether the crypto module is subject to according to comparative result
Disturb or attack.
So that the cryptographic algorithm is for DES algorithms as an example, now N=16.I=15, j=j+1=16 are made, i.e.,
First acquisition unit 201 obtains result T that round transformation cryptographic calculation is taken turns to input data D the 15th15, and
Result T of the 16th wheel round transformation cryptographic calculation16.202 pairs the 16th wheel round transformation encryptions of the decryption unit
Result T of computing16The decryption computing of 1 wheel is performed, result T after decryption computing is obtained15’.Described first
Judging unit 203 is to T15And T15' be compared, the result and institute after the described i-th wheel cryptographic calculation
State the result after the decryption computing of the i-th wheel it is identical when, judge that the crypto module is not affected by disturbing or attacks, it is no
Then judge that the crypto module is interfered or attacks.
Further, described device 20 can also include the first alarm unit (not shown).Described first
Alarm unit (not shown) is suitable to when judging that the crypto module is interfered or attacks, and is produced corresponding
Alarm signal.
As shown in figure 3, the embodiment of the present invention additionally provides another kind of convolution method of calibration, methods described can
To carry out convolution verification suitable for the result to decrypting computing.Methods described comprises the steps:
Step 301, obtaining crypto module carries out the result and the after the decryption computing of the i-th wheel to input data
Result after j wheel decryption computings.
In being embodied as, when the crypto module is decrypted input data A, need to carry out N wheels
Round transformation decryption computing.Wherein, the i-th wheel round transformation decryption operation result is Yi, jth wheel round transformation solution
Close operation result is Yj, 1≤i < j≤N, i, j and N are positive integer.
In actual applications, the diffusion due to cryptographic algorithm and the characteristic obscured, attacker is generally in password
Module is attacked when performing the round transformation decryption computing of later several rounds.In other words, attacker is generally in password
Module carries out error injection when performing the round transformation decryption computing of later several rounds, and then according to wrong output result
It is inferred to key.Therefore, compared with input data without the result that N is taken turns round transformation decryption computing
Compared with, it is only necessary to it is Y to obtain jth wheel round transformation decryption operation resultj, and computing is decrypted according to jth wheel round transformation
As a result it is YjTo judge whether the crypto module is interfered or attacks.
In one embodiment of this invention, j=i+1, now YiWith YjComputing is decrypted for adjacent two-wheeled round transformation
Result.
In another embodiment of the invention, i=N-1, i.e. now YiFor N wheel round transformation decryption computings
Result.Correspondingly, YjFor the result that round transformation in N wheels decrypts computing.
It should be noted that in being embodied as, the crypto module can adopt symmetrical decipherment algorithm pair
Input data A is decrypted process, it would however also be possible to employ asymmetric decipherment algorithm is to the input data
D is decrypted process.Wherein, the symmetrical decipherment algorithm can include DES algorithms, RC2 algorithms,
RC4 algorithms, RC5 algorithms and Blowfish algorithms etc..The asymmetric decipherment algorithm can include RSA
Algorithm, ECC algorithm and Knapsack algorithms etc..It is concrete which kind of decipherment algorithm no matter adopted to the input
Data A are decrypted process, are not construed as limiting the invention, and in protection scope of the present invention
Within.
Step 302, carries out the cryptographic calculation of k wheels, until obtaining to the result that the jth wheel is decrypted after computing
The result after the i-th wheel cryptographic calculation is obtained, wherein, k=j-i.
Specifically, it is Y to obtain jth wheel round transformation decryption operation resultjAfterwards, decipherment algorithm is called to YjHold
The cryptographic calculation of the wheel of row 1, obtains result Y that jth -1 takes turns round transformation cryptographic calculationj-1’;
Decipherment algorithm is called to Yj-1' 1 cryptographic calculation taken turns is performed, obtain the wheel round transformation encryption fortune of jth -2
Result Y of calculationj-2’;
Decipherment algorithm is called to Yj-1' 1 cryptographic calculation taken turns is performed, obtain the wheel round transformation encryption fortune of jth -3
Result Y of calculationj-3’;
……
The rest may be inferred, until the number of times for performing cryptographic calculation is k time, obtains result of calculation Yi', that is, obtain
Result Y after i-th wheel cryptographic calculationi’。
For example, as j=i+1, now k=j-i=1, i.e., only perform 1 and take turns round transformation cryptographic calculation, you can
Obtain i-th and take turns the result after cryptographic calculation.
Step 303, takes turns described i-th the result after cryptographic calculation and the knot after computing is decrypted with the described i-th wheel
Fruit is compared, and judges whether the crypto module is interfered or attacks according to comparative result.
Result Y in being embodied as, after the described i-th wheel decryption computingiWith the described i-th wheel decryption computing
Result Y afterwardsi' it is identical when, judge that the crypto module is not affected by disturbing or attacks, otherwise judge described close
Code module is interfered or attacks.
In being embodied as, in order that user can more easily know the result, it is described when judging
When crypto module is interfered or attacks, corresponding alarm signal is produced, led to by the alarm signal
Know that crypto module described in user is interfered or attacks.
In being embodied as, when alarm signal is produced, although the final operation result of enciphering/deciphering process is
Error result, but still suffer from necessarily contacting with the information of leakage in enciphering/deciphering processing procedure.Therefore, in order to
Further improve the security of the crypto module, can make the crypto module be output as 0 or band with
The value of machine information, it is possible thereby to so that attacker cannot obtain the error result, further improve described close
The security of code module.
As shown in the above, by obtain input data is carried out the i-th wheel decrypt computing after result and
Result after the decryption computing of jth wheel, only carries out the encryption of k wheels to the result that the jth wheel is decrypted after computing
Computing, you can according to the result after the result after cryptographic calculation and the i-th wheel decryption computing to judge
State whether crypto module is interfered or attacks, it is possible thereby to effectively shorten the time of convolution verification, improve
The operational efficiency of cryptographic algorithm.
In order that those skilled in the art more fully understand and realize the present invention, above-mentioned convolution is verified below
The corresponding device of method is described in detail.
As shown in figure 4, embodiments providing a kind of convolution calibration equipment 40, described device 40 can
To include:Second acquisition unit 401, the judging unit 403 of ciphering unit 402 and second.Wherein:
The second acquisition unit 401 is connected with the decryption unit 41 of crypto module, is suitable to obtain password mould
Block carries out the result after the decryption computing of the i-th wheel and the result after the decryption computing of jth wheel to input data, its
In, 1≤i < j≤N, N is total round that computing is decrypted to the input data, and i, j and N are
Positive integer.
The ciphering unit 402 is suitable to carry out the result that the jth wheel is decrypted after computing the encryption fortune of k wheels
Calculate, obtain i-th and take turns the result after cryptographic calculation, wherein, k=j-i.
Second judging unit 403 is suitable to for the described i-th wheel to decrypt the result after computing with the described i-th wheel
Result after cryptographic calculation is compared, and it is dry to judge whether the crypto module is subject to according to comparative result
Disturb or attack.
In one embodiment of this invention, j=i+1, the result and i-th after now jth wheel decryption computing
Result after wheel decryption computing is the result that adjacent two-wheeled round transformation decrypts computing.
In another embodiment of the invention, i=N-1, i.e., now i-th wheel decrypts the result after computing
The result that round transformation decrypts computing is taken turns for N-1.
So that the cryptographic algorithm is for DES algorithms as an example, now N=16.I=15, j=j+1=16 are made, i.e.,
Second acquisition unit 401 obtains the 15th and takes turns result Y that round transformation decrypts computing15, and the 16th wheel round transformation
And result Y of close computing16.402 pairs the 16th wheel round transformations of the ciphering unit decrypt result Y of computing16
The cryptographic calculation of 1 wheel is performed, result Y after cryptographic calculation is obtained15’.Second judging unit 403
To Y15And Y15' be compared, result Y after the described i-th wheel cryptographic calculation15' take turns with described i-th
Result Y after decryption computing15When identical, judge that the crypto module is not affected by disturbing or attacks, otherwise sentence
The fixed crypto module is interfered or attacks.
Further, described device 40 can also include the second alarm unit (not shown).Described second
Alarm unit (not shown) is suitable to when judging that the crypto module is interfered or attacks, and is produced corresponding
Alarm signal.
One of ordinary skill in the art will appreciate that all or part of step in the various methods of above-described embodiment
Suddenly can be by program to instruct the hardware of correlation to complete, the program can be stored in a computer can
In reading storage medium, storage medium can include:ROM, RAM, disk or CD etc..
Although present disclosure is as above, the present invention is not limited to this.Any those skilled in the art,
Without departing from the spirit and scope of the present invention, can make various changes or modifications, therefore the guarantor of the present invention
Shield scope should be defined by claim limited range.
Claims (20)
1. a kind of convolution method of calibration, it is characterised in that include:
Obtaining crypto module carries out the result after the i-th wheel cryptographic calculation and jth wheel encryption fortune to input data
Result after calculation, wherein, 1≤i < j≤N, N are total round that computing is encrypted to the input data,
I, j and N are positive integer;
The decryption computing of k wheels is carried out to the result after the jth wheel cryptographic calculation, until obtaining the i-th wheel solution
Result after close computing, wherein, k=j-i;
The result after cryptographic calculation is taken turns by described i-th to be compared with the result after the described i-th wheel decryption computing,
And judge whether the crypto module is interfered or attacks according to comparative result.
2. convolution method of calibration as claimed in claim 1, it is characterised in that j=i+1.
3. convolution method of calibration as claimed in claim 1, it is characterised in that i=N-1.
4. convolution method of calibration as claimed in claim 1, it is characterised in that it is described will the described i-th wheel encryption
Result after computing is compared with the result after the described i-th wheel decryption computing, and is judged according to comparative result
Whether the crypto module is interfered or attacks, including:
When the result after the described i-th wheel cryptographic calculation is identical with the result after the described i-th wheel decryption computing,
Judge that the crypto module is not affected by disturbing or attacks, otherwise judge that the crypto module is interfered or attacks
Hit.
5. convolution method of calibration as claimed in claim 1, it is characterised in that also include:It is described close when judging
When code module is interfered or attacks, corresponding alarm signal is produced.
6. a kind of convolution method of calibration, it is characterised in that include:
Obtaining crypto module carries out the result after the decryption computing of the i-th wheel and jth wheel decryption fortune to input data
Result after calculation, wherein, 1≤i < j≤N, N are total round that computing is decrypted to the input data,
I, j and N are positive integer;
The cryptographic calculation of k wheels is carried out to the result that the jth wheel is decrypted after computing, until obtain the i-th wheel adding
Result after close computing, wherein, k=j-i;
Described i-th wheel is decrypted into the result after computing to be compared with the result after the described i-th wheel cryptographic calculation,
And judge whether the crypto module is interfered or attacks according to comparative result.
7. convolution method of calibration as claimed in claim 6, it is characterised in that j=i+1.
8. convolution method of calibration as claimed in claim 6, it is characterised in that i=N-1.
9. convolution method of calibration as claimed in claim 6, it is characterised in that it is described will the described i-th wheel decryption
Result after computing is compared with the result after the described i-th wheel cryptographic calculation, and is judged according to comparative result
Whether the crypto module is interfered or attacks, including:
When the result after the described i-th wheel decryption computing is identical with the result after the described i-th wheel cryptographic calculation,
Judge that the crypto module is not affected by disturbing or attacks, otherwise judge that the crypto module is interfered or attacks
Hit.
10. convolution method of calibration as claimed in claim 6, it is characterised in that also include:It is described close when judging
When code module is interfered or attacks, corresponding alarm signal is produced.
11. a kind of convolution calibration equipments, it is characterised in that include:
First acquisition unit, being suitable to acquisition crypto module carries out the knot after the i-th wheel cryptographic calculation to input data
Result after fruit and jth wheel cryptographic calculation, wherein, 1≤i < j≤N, N is that the input data is entered
Total round of row cryptographic calculation, i, j and N are positive integer;
Decryption unit, is suitable to carry out the result after the jth wheel cryptographic calculation decryption computing of k wheels, obtains
The result after the i-th wheel decryption computing is obtained, wherein, k=j-i;
First judging unit, is suitable to take turns the result after cryptographic calculation with the described i-th wheel decryption fortune by described i-th
Result after calculation is compared, and judges whether the crypto module is interfered or attacks according to comparative result
Hit.
12. convolution calibration equipments as claimed in claim 11, it is characterised in that j=i+1.
13. convolution calibration equipments as claimed in claim 11, it is characterised in that i=N-1.
14. convolution calibration equipments as claimed in claim 11, it is characterised in that first judging unit is fitted
In when the result after the described i-th wheel cryptographic calculation is identical with the result after the described i-th wheel decryption computing, sentence
The fixed crypto module is not affected by disturbing or attacks, and otherwise judges that the crypto module is interfered or attacks.
15. convolution calibration equipments as claimed in claim 11, it is characterised in that also include:First reports to the police single
Unit, is suitable to, when judging that the crypto module is interfered or attacks, produce corresponding alarm signal.
16. a kind of convolution calibration equipments, it is characterised in that include:
Second acquisition unit, being suitable to acquisition crypto module carries out the knot after the decryption computing of the i-th wheel to input data
Result after fruit and the decryption computing of jth wheel, wherein, 1≤i < j≤N, N is that the input data is entered
Total round of row decryption computing, i, j and N are positive integer;
Ciphering unit, is suitable to carry out the result that the jth wheel is decrypted after computing the cryptographic calculation of k wheels, obtains
The result after the i-th wheel cryptographic calculation is obtained, wherein, k=j-i;
Second judging unit, is suitable to for the described i-th wheel to decrypt the result after computing with the described i-th wheel encryption fortune
Result after calculation is compared, and judges whether the crypto module is interfered or attacks according to comparative result
Hit.
17. convolution calibration equipments as claimed in claim 16, it is characterised in that j=i+1.
18. convolution calibration equipments as claimed in claim 16, it is characterised in that i=N-1.
19. convolution calibration equipments as claimed in claim 16, it is characterised in that second judging unit is fitted
In when the result after the described i-th wheel decryption computing is identical with the result after the described i-th wheel cryptographic calculation, sentence
The fixed crypto module is not affected by disturbing or attacks, and otherwise judges that the crypto module is interfered or attacks.
20. convolution calibration equipments as claimed in claim 16, it is characterised in that also include:Second reports to the police single
Unit, is suitable to, when judging that the crypto module is interfered or attacks, produce corresponding alarm signal.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510753037.6A CN106685635B (en) | 2015-11-07 | 2015-11-07 | Method of calibration of circling round and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510753037.6A CN106685635B (en) | 2015-11-07 | 2015-11-07 | Method of calibration of circling round and device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN106685635A true CN106685635A (en) | 2017-05-17 |
| CN106685635B CN106685635B (en) | 2019-10-18 |
Family
ID=58862911
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510753037.6A Active CN106685635B (en) | 2015-11-07 | 2015-11-07 | Method of calibration of circling round and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN106685635B (en) |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20050041809A1 (en) * | 2003-06-26 | 2005-02-24 | Infineon Technologies Ag | Device and method for encrypting data |
| CN101231622A (en) * | 2007-12-27 | 2008-07-30 | 深圳华为通信技术有限公司 | Data storage method and equipment base on flash memory, as well as data fetch method and apparatu |
| CN102546152A (en) * | 2012-03-22 | 2012-07-04 | 山东泰信电子有限公司 | Method for achieving multi-stage encryption and decryption of data |
| CN102625025A (en) * | 2012-03-26 | 2012-08-01 | 中山大学 | Encryption/decryption method and system based on image transmission |
| CN104104500A (en) * | 2013-04-02 | 2014-10-15 | 华为技术有限公司 | Quantum secrecy transmission method and device |
-
2015
- 2015-11-07 CN CN201510753037.6A patent/CN106685635B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20050041809A1 (en) * | 2003-06-26 | 2005-02-24 | Infineon Technologies Ag | Device and method for encrypting data |
| CN101231622A (en) * | 2007-12-27 | 2008-07-30 | 深圳华为通信技术有限公司 | Data storage method and equipment base on flash memory, as well as data fetch method and apparatu |
| CN102546152A (en) * | 2012-03-22 | 2012-07-04 | 山东泰信电子有限公司 | Method for achieving multi-stage encryption and decryption of data |
| CN102625025A (en) * | 2012-03-26 | 2012-08-01 | 中山大学 | Encryption/decryption method and system based on image transmission |
| CN104104500A (en) * | 2013-04-02 | 2014-10-15 | 华为技术有限公司 | Quantum secrecy transmission method and device |
Also Published As
| Publication number | Publication date |
|---|---|
| CN106685635B (en) | 2019-10-18 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9911010B2 (en) | Secure field-programmable gate array (FPGA) architecture | |
| CN102880836B (en) | Safety feature | |
| JP6499519B2 (en) | Cryptographic scheme for securely exchanging messages and apparatus and system for implementing the scheme | |
| CN103716157A (en) | Grouped multiple-key encryption method and grouped multiple-key encryption device | |
| JPH10154976A (en) | Tamper-free system | |
| TWI809292B (en) | Data encryption and decryption method, device, storage medium and encrypted file | |
| US8577024B2 (en) | Concealing plain text in scrambled blocks | |
| CN103404073B (en) | Protection for passive monitoring | |
| WO2016200474A1 (en) | Techniques for integrated circuit data path confidentiality and extensions thereof | |
| US7779272B2 (en) | Hardware cryptographic engine and encryption method | |
| CN106101150A (en) | The method and system of AES | |
| CN112906070A (en) | Block cipher side channel attack mitigation for security devices | |
| Ziener et al. | Configuration tampering of BRAM-based AES implementations on FPGAs | |
| US8774402B2 (en) | Encryption/decryption apparatus and method using AES rijndael algorithm | |
| CN109255225A (en) | Hard disc data security control apparatus based on dual-identity authentication | |
| CN105376046B (en) | A kind of encipher-decipher method and device of block cipher attack protection | |
| CN106685635A (en) | Convolution checking method and convolution checking device | |
| JP5945525B2 (en) | KEY EXCHANGE SYSTEM, KEY EXCHANGE DEVICE, ITS METHOD, AND PROGRAM | |
| CN108242997A (en) | The method and apparatus of secure communication | |
| CN113408013A (en) | Encryption and decryption chip framework with multiple algorithm rules mixed | |
| CN104753664B (en) | Safe encryption method and device, secure decryption method and device | |
| JP2015534415A (en) | Control method and device for controlling code authenticity by applying bijective algorithm to messages | |
| CN116684075B (en) | Mobile medium encryption method, device, equipment and storage medium | |
| CN117240610B (en) | PLC module operation data transmission method and system based on data encryption | |
| CN105262743A (en) | Data storage method, safety device and network storage system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |