CN107229578A - A kind of method and device that non-duplicate application data is generated based on chip - Google Patents

A kind of method and device that non-duplicate application data is generated based on chip Download PDF

Info

Publication number
CN107229578A
CN107229578A CN201710574271.1A CN201710574271A CN107229578A CN 107229578 A CN107229578 A CN 107229578A CN 201710574271 A CN201710574271 A CN 201710574271A CN 107229578 A CN107229578 A CN 107229578A
Authority
CN
China
Prior art keywords
data
submodule
generation
decoding
identification code
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201710574271.1A
Other languages
Chinese (zh)
Other versions
CN107229578B (en
Inventor
王亚伟
张文婧
雷艳
张贺
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
BEIJING HONGSI ELECTRONIC TECHNOLOGY Co Ltd
Original Assignee
BEIJING HONGSI ELECTRONIC TECHNOLOGY Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by BEIJING HONGSI ELECTRONIC TECHNOLOGY Co Ltd filed Critical BEIJING HONGSI ELECTRONIC TECHNOLOGY Co Ltd
Priority to CN201710574271.1A priority Critical patent/CN107229578B/en
Publication of CN107229578A publication Critical patent/CN107229578A/en
Application granted granted Critical
Publication of CN107229578B publication Critical patent/CN107229578B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/14Protection against unauthorised use of memory or access to memory
    • G06F12/1408Protection against unauthorised use of memory or access to memory by using cryptography
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds

Abstract

The present invention discloses a kind of method and device that non-duplicate application data is generated based on chip, this method:Electricity is lower electric again on chip, and reading data from it during electricity on chip generates the first data list;The first data are generated according to the value when there is identical value on same bits position in each data in the first data list, from first the first identification code of extracting data;Error Correction of Coding is carried out to random number and obtains error correction code word, helps data side to preserve according to error correction code word and the generation of the first identification code;The data bit for being according to being marked in the flag data of preservation and the data read generate the second identification code, according to the second identification code and help data generation operation result;Error correction decoding is carried out to operation result, decoding data is generated according to decoded result, sequence spreading is generated according to decoding data and preset data and required application data is obtained therefrom.The application data of unique random length can be generated using technical solution of the present invention, the safety in utilization of application data is improved.

Description

A kind of method and device that non-duplicate application data is generated based on chip
Technical field
The present invention relates to information security field, more particularly to it is a kind of based on chip generate non-duplicate application data method and Device.
Background technology
Product ID is that product is stored in flash (Chineses during production or use:Nonvolatile storage) In application data, be also stored with flash other application data (such as secrecy key), and attacker is easy to by reverse work Journey illegally obtains application data.The guard technology used at present is to be stored after application data is encrypted in flash, but This mode is in use, attacker also can obtain duplicate chip by replicating data on all flash, the now core , there is very big potential safety hazard in the application data and just the same by attack chip of piece output.
PUF (English full name:Physical Unclonable Functions, Chinese full name:Physics unclonable function) It is to use for reference currently used human body unique features (fingerprint or iris etc.) to be based on chip to one kind that individual is authenticated and proposed DNA technique.PUF is a physical entity in chip, by inputting an excitation to the physical entity, utilizes its built-in calculation Method exports a unpredictable response.SRAM PUF (English names:Static Random Acess Memory PUF, in Literary fame claims:SRAM physics unclonable function) it is a kind of follow-on PUF, input to be electric on chip;It is output as SRAM (Chineses:SRAM) on random data, concrete methods of realizing include registration process and application process;
Registration process includes:
1st, initial value is read, SRAM seeds are generated according to initial value, seed position has the BCH code of fault tolerance;
2nd, Bose-Chaudhuri-Hocquenghem Code operation generation BCH code word is carried out to SRAM seeds;BCH code word has error margins;
3rd, SRAM initial values are read, identification code, the SRAM initial values and BCH code word length phase are generated according to SRAM initial values Together;
4th, identification code is generated into 256 unique key values by Secure Hash Algorithm SHA-256;
5th, BCH code word and identification code are done into XOR processing, generation helps data and preserved;Data HD is helped to be used for key reconsul Structure, identification code is recovered according to noisy identification code.
Application process includes:
1st, the noisy NID of band with identification code identical address is read;
2nd, the help data of reading and saving;
3rd, it will be obtained with noisy NID with helping data to do XOR processing with vicious BCH code;
4th, BCH decoding operates will be passed through with vicious BCH code, if factual error is not more than design error correction tolerance limit, given birth to Into standard BCH code, system authentication success continues;Otherwise, BCH decodings failure, terminates;
5th, standard BCH code is recovered into the identification code that the system registry stage uses with helping data to do xor operation;
6th, the identification code recovered is passed through into the key value that Secure Hash Algorithm SHA-256 generates 256, this key value The unique key value produced during with system registry is identical.
Although attacker's replication application data can be prevented using the above method, the security of application data is improved, There are other shortcomings:
1st, because SRAM has very strong unstability, registration phase SRAM seeds are just used without any screening, meeting Cause to there are the data for largely needing error correction in Bose-Chaudhuri-Hocquenghem Code, it is necessary to which the data amount check of error correction seriously exceedes commonly used error correction The error correcting capability of code, causes system not apply;
2nd, the identification code obtained includes a large amount of unstable data, and the data equally cause largely to need error correction in application process Data, aggravate the calculated load of error correcting code or prevent error correcting code from normal error correction.
The content of the invention
The invention aims to overcome the deficiencies in the prior art there is provided one kind based on the non-duplicate application number of chip generation According to method and device.
The present invention provides a kind of method that non-duplicate application data is generated based on chip, including registration process and applies Journey, the registration process includes:
Step S0:The lower electric power on operation again of preset times is carried out to chip, from the core during electricity on each chip Data and the preservation of regular length are read on piece;
Step S1:The first data list is generated according to the data of preservation;
Step S2:Judge whether the value in each data of first data list on same bits position is homogeneous successively Together, it is that corresponding data position is obtained into flag data labeled as 1, step S3 is performed, otherwise obtained corresponding data position labeled as 0 Flag data, performs step S3;
Step S3:The data bit for being according to being marked in the flag data is obtained from the data of first data list Take and be worth to the first data on corresponding bit position, first is obtained from the data of the preset length of the first extracting data first Identification code;
Step S4:The random number of the second preset length is generated, and Error Correction of Coding is carried out to the random number and obtains error correcting code Word, data are helped according to the error correction code word and first identification code generation, by the help data and the flag data Correspondence is preserved;
The application process includes:
Step P1:Obtain preserve flag data, and from the chip read regular length data;
Step P2:The data bit for being according to being marked in the flag data obtains corresponding bit position from the data of reading On be worth to Bit String;
Step P3:The data that first preset length is extracted from the Bit String obtain the second identification code, read and protect The corresponding help data deposited, operation result is generated according to second identification code and the help data;
Step P4:Error correction decoding is carried out to the operation result, the second identification code by as described in is used as solution if successfully decoded Code data, perform step P5;Own if decoding failure and error correction success in the second identification code according to being changed decoded result Decoding data is worth on faulty bit position, step P5 is performed;Reported an error if decoding failure and error correction failure;
Step P5:According to the decoding data and preset data generation sequence spreading, institute is obtained from the sequence spreading The application data needed.
Further, the step S2 is replaced with:
Step S2 ':XOR is carried out to all data in first data list and obtains flag data.
Further, the step S0 includes:
Step S01:To upper electric again after electricity under the chip;
Step S02:Data and the preservation of regular length are read from the fixed position of the chip;
Step S03:Judge whether reading times reach preset times, be then to perform step S1, otherwise return to step S01.
Further, the step S2 includes:
Step S2-1:It regard the highest-order bit of each data in first data list as current bit position;
Step S2-2:Judge whether the value on the current bit position of each data in first data list is identical, is Corresponding data position is then labeled as 1 and preserved, step S2-3 is performed, corresponding data position is otherwise labeled as 0 and preserved, step is performed Rapid S2-3;
Step S2-3:Judge whether to have handled the value in first data list on all bits of each data, It is then to perform step S2-4, otherwise using the following bit position of each data in first data list as current bit position, Return to step S2-2;
Step S2-4:Flag data is generated according to the data bit of preservation.
Further, the data bit for being according to being marked in the flag data in the step S3 is from first data Obtained in the data of list and be worth to the first data with being grown from first extracting data first is default on corresponding bit position The data of degree are obtained between the first identification code, including:
Judge whether the length of first data is less than the first preset length, be to report an error, otherwise from the described first number The first identification code is obtained according to the data of the first preset length of middle extraction.
Further, it is described that data are helped according to the error correction code word and first identification code generation, be specially:To institute State error correction code word and first identification code carries out XOR and obtains the help data;
It is described to generate operation result according to second identification code and the help data, be specially:Marked to described second Know code and the help data read carry out XOR and obtain the operation result.
Further, it is described to be specially according to the decoding data and preset data generation sequence spreading:Calculated using Hash Method carries out Hash calculation to the decoding data and preset data and obtains the sequence spreading.
Further, report an error, specifically include if decoding failure and error correction failure in the step P4:Judge decoding failure Whether number of times exceedes preset value, is the end that reports an error;Otherwise the more new decoding frequency of failure, return to step P1.
The present invention provides a kind of device that non-duplicate application data is generated based on chip again, including Registering modules and applies mould Block, the Registering modules include:
The lower upper electronic module of electricity, for carrying out lower electricity power on operation again to chip submodule;
The chip submodule, the data for preserving regular length;
Reading and saving submodule, for the electricity on the chip submodule during from the chip submodule read fix The data of length and preservation;
First generation submodule, the data for being preserved according to the reading and saving submodule generate the first data list;
First judging submodule, for judging that described first generates each for the first data list that submodule is generated successively Value in data on same bits position whether all same, be that corresponding data position labeled as 1 is obtained into flag data, otherwise will be right Data bit is answered to obtain flag data labeled as 0;
First extracting sub-module, for marking the number for being in the flag data that is obtained according to first judging submodule Obtained according to position from the data of the first data list of the described first generation submodule generation and be worth to the on corresponding bit position One data, the first identification code is obtained from the data of the preset length of the first extracting data first;
Encoding submodule is generated, the random number for generating the second preset length, and error correction volume is carried out to the random number Code obtains error correction code word;
Second generation submodule, the error correction code word and described first for being obtained according to the generation encoding submodule is extracted The first identification code generation that submodule is obtained helps data;
Submodule is preserved, for the help data and first judging submodule for generating the described second generation submodule Obtained flag data correspondence is preserved;
The application module includes:
Reading submodule is obtained, for obtaining the flag data that the preservation submodule is preserved, and from the chip submodule The data of regular length are read on block;
First acquisition submodule, for marking the number for being in the flag data according to the acquisition reading submodule acquisition Obtained in the data read according to position from the acquisition reading submodule on corresponding bit position and be worth to Bit String;
Second extracting sub-module, for extracting the first preset length in the Bit String that is obtained from first acquisition submodule Data obtain the second identification code, read and described preserve the help data that submodule is preserved;
3rd generation submodule, for the second identification code obtained according to second extracting sub-module and the help of reading Data generate operation result;
Decoding sub-module, carries out error correction decoding for the operation result to the described 3rd generation submodule generation, such as decodes It is successful then regard second identification code as decoding data;If decoding failure and error correction success according to being changed decoded result In second identification code decoding data is worth on all faulty bit positions;
Report an error submodule, for being reported an error when the decoding sub-module is in decoding failure and error correction failure;
4th generation submodule, decoding data and preset data for being obtained according to the decoding sub-module generate extension Sequence;
Second acquisition submodule, for obtaining required application from the sequence spreading of the described 4th generation submodule generation Data.
Further, first judging submodule is additionally operable to the first data list generated to first generation module In all data carry out XOR obtain flag data.
Further, the reading and saving submodule includes:
Reading and saving unit, data and guarantor for reading regular length from the fixed position of the chip submodule Deposit;
First judging unit, for judging whether reading times reach preset times, is to trigger the first generation Module works, and otherwise triggers the upper electronic module work of the lower electricity;
The first generation submodule generates the first data specifically for the data preserved according to the reading and saving unit List.
Further, first judging submodule includes:
First as unit, for by each data in the first data list of the described first generation submodule generation most Higher bit position is used as current bit position;
Second judging unit, each data in the first data list for judging the first generation submodule generation Whether the value on current bit position is identical, is, corresponding data position is labeled as into 1 and preserved, and is otherwise labeled as corresponding data position 0 and preserve;
3rd judging unit, in the first data list for judging whether to have handled the first generation submodule generation Value on all bits of each data;
Second as unit, for generating the described first generation submodule when the 3rd judging unit is judged as NO The first data list in each data following bit position be used as current bit position;
Generation unit, for the data bit preserved when the 3rd judging unit is judged as YES according to second judging unit Generate flag data.
Further, first extracting sub-module is additionally operable to judge whether the length of first data is pre- less than first If length, it is, reports an error, otherwise the data from the preset length of the first extracting data first obtains the first identification code.
Further, the second generation submodule to described specifically for generating the error correction code word that encoding submodule is obtained The first identification code obtained with first extracting sub-module carries out XOR and obtains the help data;
The 3rd generation submodule is specifically for the second identification code obtained to second extracting sub-module and reading The help data carry out XOR obtain the operation result.
Further, the 4th generation submodule to the decoding sub-module specifically for being obtained using hash algorithm Decoding data and preset data carry out Hash calculation and obtain the sequence spreading.
Further, the application module also includes the second judging submodule and updates submodule;
Second judging submodule is used to judge decoding when the decoding sub-module is in decoding failure and error correction failure Whether the frequency of failure exceedes preset value;
The renewal submodule is used for the more new decoding frequency of failure when second judging submodule is judged as NO, triggering The acquisition reading submodule is operated;
The submodule that reports an error when second judging submodule is judged as YES specifically for being reported an error.
The present invention compared with prior art, with advantages below:
Technical solution of the present invention reads fixed position on chip on lower electricity by being carried out in registration process repeatedly after electricity In data, obtain the first identification code relatively stable states;And random number is encoded, it is ensured that have per chips different Error correction code word, prevent attacker from obtaining corresponding information by attacking error correction code word;Application process is defeated for guarantee application data The stability gone out, preset length data when the second identification code uses stable state in Bit String, error correcting code is reduced to greatest extent to be needed The number of times of error correction is wanted, the efficiency that non-duplicate application data is generated based on chip is improved, can be generated only using technical solution of the present invention The application data of one random length, improves the safety in utilization of application data.
Brief description of the drawings
Fig. 1 is a kind of method flow diagram that non-duplicate application data is generated based on chip that the embodiment of the present invention one is provided;
Fig. 2 and Fig. 3 is a kind of method stream that non-duplicate application data is generated based on chip that the embodiment of the present invention two is provided Cheng Tu;
Fig. 4 is a kind of device block diagram that non-duplicate application data is generated based on chip that the embodiment of the present invention three is provided.
Embodiment
Below in conjunction with the accompanying drawing in the embodiment of the present invention, the technical scheme in the embodiment of the present invention is carried out clear, complete Site preparation is described, it is clear that described embodiment is only a part of embodiment of the invention, rather than whole embodiments.It is based on Embodiment in the present invention, the every other implementation that those skilled in the art are obtained under the premise of creative work is not made Example, belongs to the scope of protection of the invention.
Embodiment one
The embodiment of the present invention one provides a kind of method that non-duplicate application data is generated based on chip, as shown in figure 1, including Registration process (part on the dotted line in Fig. 1) and application process (part under the dotted line in Fig. 1), registration process includes:
Step S0:The lower electric power on operation again of preset times is carried out to chip, on each chip during electricity from chip Read data and the preservation of regular length;
Specifically, in the present embodiment, the data stored thereon after electric under chip, upper electricity can change;Then step S0 includes:
Step S01:To upper electric again after electricity under chip;
Step S02:Data and the preservation of regular length are read from the fixed position of chip;
Step S03:Judge whether reading times reach preset times, be then to perform step S1, otherwise return to step S01;
Step S1:The first data list is generated according to the data of preservation;
Step S2:Judge successively value on the position of same bits in each data of the first data list whether all same, be Corresponding data position is then obtained into flag data labeled as 1, step S3 is performed, is otherwise marked corresponding data position labeled as 0 Data, perform step S3;
Specifically, in the present embodiment, step S2 includes:
Step S2-1:It regard the highest-order bit of each data in the first data list as current bit position;
Step S2-2:Judge whether the value on the current bit position of each data in the first data list is identical, then will be Corresponding data position is labeled as 1 and preserves, and performs step S2-3, and corresponding data position otherwise is labeled as into 0 and preserved, step is performed S2-3;
Step S2-3:Judge whether to have handled the value on all bits of each data in the first data list, be then Step S2-4 is performed, otherwise the following bit position of each data in the first data list is regard as current bit position, return to step S2-2;
Step S2-4:Flag data is generated according to the data bit of preservation.
Optionally, the step S2 in the present embodiment can be replaced:Step S2 ':To all data in the first data list Carry out XOR and obtain flag data;
Step S3:The data bit for being according to being marked in flag data obtains correspondence ratio from the data of the first data list The first data are worth on special position, the first identification code is obtained from the data of first the first preset length of extracting data;
It is preferred that, in the present embodiment, the first data are obtained in step S3 and obtain including between the first identification code:Judge Whether the length of the first data is less than the first preset length, is to report an error, otherwise from first the first preset length of extracting data Data obtain the first identification code;
Step S4:The random number of the second preset length is generated, and Error Correction of Coding is carried out to random number and obtains error correction code word, root Data are helped according to error correction code word and the generation of the first identification code, will help data are corresponding with flag data to preserve;
In the present embodiment, data are helped according to error correction code word and the generation of the first identification code, is specially:To error correction code word and First identification code carries out XOR and got help data;It is preferred that, the Error Correction of Coding mode in the present embodiment can be compiled for BHC Code, can also be realized with other Error Correction of Coding modes (such as forward error correction coding), will not be repeated here;
It is preferred that, it can also include in step S4:Remove the first identification code;
Application process includes:
Step P1:Obtain preserve flag data, and from chip read regular length data;
It is preferred that, the data of regular length are read in step P1 from the fixed position of chip;
Step P2:The data bit for being according to being marked in flag data is obtained from the data of reading on corresponding bit position It is worth to Bit String;
Step P3:The data that the first preset length is extracted from Bit String obtain the second identification code, the correspondence of reading and saving Help data, according to the second identification code and help data generation operation result;
In the present embodiment, according to the second identification code and help data generation operation result, it is specially:To the second identification code XOR, which is carried out, with the help data of reading obtains operation result;
Step P4:Error correction decoding is carried out to operation result, held the second identification code as decoding data if successfully decoded Row step P5;As decoded failure and error correction success is then changed in the second identification code on all faulty bits position according to decoded result Decoding data is worth to, step P5 is performed;Reported an error if decoding failure and error correction failure;
In the present embodiment, report an error, specifically include if decoding failure and error correction failure in step P4:Judge decoding failure Whether number of times exceedes preset value, is to report an error;Otherwise the more new decoding frequency of failure, return to step P1;
It is preferred that, the error correction decoding mode in the present embodiment can be BHC decodings, can also use other error correction decoding modes To realize (such as decoding FEC), it will not be repeated here;
Step P5:According to decoding data and preset data generation sequence spreading, required application is obtained from sequence spreading Data;
In the present embodiment, it is specially according to decoding data and preset data generation sequence spreading:Use hash algorithm pair Decoding data and preset data carry out Hash calculation and are expanded sequence.
Embodiment two
The embodiment of the present invention two provides a kind of method that non-duplicate application data is generated based on chip, including registration process and Application process, registration process as shown in Fig. 2 including:
Step A0:To upper electric again after electricity under chip;
Specifically, in the present embodiment, the data stored thereon after electric electricity upper again under each chip can change;
Step A1:Data and the preservation of regular length are read from the fixed position of chip;
It is preferred that, the regular length in the present embodiment is 1024bit;
Step A2:Judge whether reading times reach preset times, be then to generate the first data row according to the data of preservation Table, performs step A3, otherwise return to step A0;
In the present embodiment, preset times can be any number more than 1, it is preferred that preset times are 50;For example, Data length in the present embodiment on fixed position is 1024;The first data list then generated is:
Reading times The data of reading (length is 1024bit)
1 11100010......110001
2 10100010......110001
...... ......
49 11101010......110001
50 11100010......110101
Step A3:Judge successively value on the position of same bits in each data of the first data list whether all same, be Corresponding data position is then obtained into flag data labeled as 1, step A4 is performed, is otherwise marked corresponding data position labeled as 0 Data, perform step A4;
For example, the flag data obtained according to the first data list of above-mentioned generation:10110111......111011;It is long Spend for 1024bit;
Specifically, in the present embodiment, step A3 includes:
Step A3-1:It regard the highest-order bit of each data in the first data list as current bit position;
Step A3-2:Judge whether the value on the current bit position of each data in the first data list is identical, then will be Corresponding data position is labeled as 1 and preserves, and performs step A3-3, and corresponding data position otherwise is labeled as into 0 and preserved, step is performed A3-3;
Step A3-3:Judge whether to have handled the value on all bits of each data in the first data list, be then Step A3-4 is performed, otherwise the following bit position of each data in the first data list is regard as current bit position, return to step A3-2;
Step A3-4:Flag data is generated according to the data bit of preservation;
Step A4:The data bit for being according to being marked in flag data obtains correspondence ratio from the data of the first data list The first data are worth on special position;
Step A5:Judge whether the length of the first data is less than the first preset length, be to report an error, otherwise from the first data The middle data for extracting the first preset length obtain the first identification code, perform step A6;
It is preferred that, the first preset length in the present embodiment is 256bit, according to the first preset length from the first data A high position plays interception correspondence length data and is used as the first identification code;For example, the first data constituted in the present embodiment are 110010......11001:It is 110010...... to extract the first obtained identification code;
Step A6:The random number of the second preset length is generated, and Error Correction of Coding is carried out to the random number and obtains error correction code word;
It is preferred that, the second preset length in the present embodiment is 160bit;Error Correction of Coding is carried out to the random number to be entangled Error code word is specially:Bose-Chaudhuri-Hocquenghem Code is carried out to the random number and obtains error correction code word, the error correction code word size is 256bit;
Step A7:Get help data to error correction code word and the first identification code progress XOR;
Step A8:Remove preserve the first identification code, and by flag data and help data it is corresponding preservation;
In the present embodiment, registration process terminates after step A8;
Application process as shown in figure 3, including:
Step B1:It is electric on chip, flag data is obtained, and read from the fixed position of chip the data of regular length;
Step B2:Data bit in flag data obtains correspondence ratio labeled as 1 data bit from the data of reading Paricular value obtains Bit String;
Step B3:The data that the first preset length is extracted from Bit String obtain the second identification code, the correspondence of reading and saving Help data;
It is preferred that, the first preset length in the present embodiment is 256bit;The first preset length is extracted from Bit String Data obtain the second identification code, are specially:Corresponding length data work is intercepted from a high position for Bit String according to the first preset length For the second identification code;
Step B4:XOR is carried out to the second identification code and the help data read and obtains operation result;
Step B5:Error correction decoding is carried out to operation result, held the second identification code as decoding data if successfully decoded Row step B6;As decoded failure and error correction success is then changed in the second identification code on all faulty bits position according to decoded result Decoding data is worth to, step B6 is performed;Step B7 is performed if decoding failure and error correction failure;
Such as, the value in operation result on faulty bit position is 1;The value on the bit is then revised as 0;It is preferred that, Carrying out error correction decoding to operation result is specially:BCH decodings are carried out to operation result;
Step B6:According to decoding data and preset data generation sequence spreading, required application is obtained from sequence spreading Data;
In the present embodiment, it is specially according to decoding data and preset data generation sequence spreading:Use hash algorithm (example Such as SM3 algorithms) be expanded sequence to decoding data and preset data progress Hash calculation;For example preset data is 0x00000001 or 0x00000002 or 0x00000003 etc.;
In embodiments of the present invention, the application data of generation can be used as product ID, key etc.;
Step B7:Judge whether the decoding frequency of failure exceedes preset value, be to report an error;Otherwise the more new decoding frequency of failure, It is electric under chip, return to step B1.
It is preferred that, in the present embodiment, the initial value of the decryption frequency of failure is 0, and the more new decoding frequency of failure is specially:Solution The code frequency of failure Jia 1 certainly.
Embodiment three
The embodiment of the present invention three provides a kind of device that non-duplicate application data is generated based on chip, as shown in figure 4, including Registering modules 30 and application module 31, Registering modules 30 include:
The lower upper electronic module 300 of electricity, for carrying out lower electricity power on operation again to chip submodule 301;
Chip submodule 301, the data for preserving regular length;
Reading and saving submodule 302, for the electricity on chip submodule 301 during read from chip submodule 301 it is solid The data of measured length and preservation;
Specifically, the reading and saving submodule 302 in the present embodiment includes:
Reading and saving unit, data and preservation for reading regular length from the fixed position of chip submodule 301;
First judging unit, is that then triggering first generates submodule for judging whether reading times reach preset times 303 work, otherwise trigger the lower upper electronic module 300 of electricity and work;
First generation submodule 303, the data for being preserved according to reading and saving submodule 302 generate the first data row Table;
Corresponding, the first generation submodule 303 in the present embodiment is specifically for the number that is preserved according to reading and saving unit According to generating the first data list;
First judging submodule 304, for judging each of the first data list that the first generation submodule 303 is generated successively Value in individual data on same bits position whether all same, be corresponding data position labeled as 1 to be obtained into flag data, otherwise general Corresponding data position obtains flag data labeled as 0;
Specifically, in the present embodiment, the first judging submodule 304 includes:
First as unit, for each data in the first data list for generating the first generation submodule 303 most Higher bit position is used as current bit position;
Second judging unit, for judging each data in the first data list that the first generation submodule 303 is generated Whether the value on current bit position is identical, is, corresponding data position is labeled as into 1 and preserved, and is otherwise labeled as corresponding data position 0 and preserve;
3rd judging unit, for judging whether to have handled in the first data list that the first generation submodule 303 is generated Value on all bits of each data;
Second as unit, for the first generation submodule 303 is generated when the 3rd judging unit is judged as NO the The following bit position of each data is used as current bit position in one data list;
Generation unit, the data bit for being preserved when the 3rd judging unit is judged as YES according to the second judging unit is generated Flag data;
Optionally, the first judging submodule 304 in the present embodiment is additionally operable to first generated to the first generation module 303 All data in data list carry out XOR and obtain flag data;
First extracting sub-module 305, for being marked in the flag data that is obtained according to the first judging submodule 304 Obtained in the data for the first data list that data bit is generated from the first generation submodule 303 on corresponding bit position and be worth to the One data, the first identification code is obtained from the data of first the first preset length of extracting data;
It is preferred that, the first extracting sub-module 305 in the present embodiment is additionally operable to judge whether the length of the first data is less than First preset length, is to report an error, and otherwise the data from first the first preset length of extracting data obtain the first identification code.
Encoding submodule 306 is generated, the random number for generating the second preset length, and Error Correction of Coding is carried out to random number Obtain error correction code word;
It is preferred that, generation encoding submodule 306 is encoded using Error Correction of Coding mode for BHC, or other error correction are compiled Code mode (such as forward error correction coding), will not be repeated here;
Second generation submodule 307, error correction code word and first for being obtained according to generation encoding submodule 306 extract son The first identification code generation that module 305 is obtained helps data;
It is preferred that, in the present embodiment, the second generation submodule 307 to generation encoding submodule 306 specifically for obtaining Error correction code word and obtained the first identification code of the first extracting sub-module 305 carry out XOR and get help data;
Submodule 308 is preserved, for the help data and the first judging submodule for generating the second generation submodule 307 304 obtained flag data correspondences are preserved;
Application module bag 31 is included:
Reading submodule 311 is obtained, the flag data that submodule 308 is preserved is preserved for obtaining, and from chip submodule The data of regular length are read on 301;
First acquisition submodule 312, for being marked according in the flag data for obtaining the acquisition of reading submodule 311 Data bit obtains on corresponding bit position from the data that reading submodule 311 is read are obtained and is worth to Bit String;
Second extracting sub-module 313, for extracting the first default length in the Bit String that is obtained from the first acquisition submodule 312 The data of degree obtain the second identification code, the help data that reading and saving submodule 308 is preserved;
3rd generation submodule 314, for the second identification code and help data obtained according to the second extracting sub-module 313 Generate operation result;
It is preferred that, in the present embodiment, the 3rd generation submodule 314 to the second extracting sub-module 313 specifically for obtaining The second identification code and read help data carry out XOR obtain operation result;
Decoding sub-module 315, for carrying out error correction decoding to the operation result that the 3rd generation submodule 314 is generated, is such as solved Code success then regard the second identification code as decoding data;Marked if decoding failure and error correction success according to decoded result modification second Know in code and be worth to decoding data on all faulty bit positions;
It is preferred that, decoding sub-module 315 can be BHC decodings using error correction decoding mode, or other error correction decodings Mode (such as decoding FEC), will not be repeated here;
Report an error submodule 316, for being reported an error when decoding sub-module 315 is in decoding failure and error correction failure;
4th generation submodule 317, decoding data and preset data for being obtained according to decoding sub-module 315, which are generated, to expand Open up sequence;
It is preferred that, the 4th generation submodule 317 is specifically for the decoding that is obtained using hash algorithm to decoding sub-module 315 Data and preset data carry out Hash calculation and are expanded sequence;
Second acquisition submodule 318, answering needed for for being obtained from the sequence spreading of the 4th generation generation of submodule 317 Use data.
In the present embodiment, application module 31 may also include the second judging submodule and update submodule;
Second judging submodule is used to judge decoding failure time when decoding sub-module 315 is in decoding failure and error correction failure Whether number exceedes preset value;
Updating submodule is used for the more new decoding frequency of failure when the second judging submodule is judged as NO, and triggering, which is obtained, reads Submodule 311 is operated;
Submodule 316 report an error specifically for being reported an error when the second judging submodule is judged as YES.
Technical solution of the present invention reads fixed position on chip on lower electricity by being carried out in registration process repeatedly after electricity In data, obtain the first identification code relatively stable states;And random number is encoded, it is ensured that have per chips different Error correction code word, prevent attacker from obtaining corresponding information by attacking error correction code word;Application process is defeated for guarantee application data The stability gone out, preset length data when the second identification code uses stable state in Bit String, error correcting code is reduced to greatest extent to be needed The number of times of error correction is wanted, the efficiency that non-duplicate application data is generated based on chip is improved, can be generated only using technical solution of the present invention The application data of one random length, improves the safety in utilization of application data.
The foregoing is only a preferred embodiment of the present invention, but protection scope of the present invention be not limited thereto, Any one skilled in the art is in technical scope disclosed by the invention, the change or replacement that can be readily occurred in, It should all be included within the scope of the present invention.Therefore, protection scope of the present invention should be with scope of the claims It is defined.

Claims (16)

1. a kind of method that non-duplicate application data is generated based on chip, it is characterised in that including registration process and application process, The registration process includes:
Step S0:The lower electric power on operation again of preset times is carried out to chip, on each chip during electricity from the chip Read data and the preservation of regular length;
Step S1:The first data list is generated according to the data of preservation;
Step S2:Judge successively value on the position of same bits in each data of first data list whether all same, be Corresponding data position is then obtained into flag data labeled as 1, step S3 is performed, is otherwise marked corresponding data position labeled as 0 Data, perform step S3;
Step S3:The data bit for being according to being marked in the flag data is obtained pair from the data of first data list Answer and be worth to the first data on bit, the first mark is obtained from the data of the preset length of the first extracting data first Code;
Step S4:The random number of the second preset length is generated, and Error Correction of Coding is carried out to the random number and obtains error correction code word, root Data are helped according to the error correction code word and first identification code generation, by the help data guarantor corresponding with the flag data Deposit;
The application process includes:
Step P1:Obtain preserve flag data, and from the chip read regular length data;
Step P2:The data bit for being according to being marked in the flag data is obtained from the data of reading on corresponding bit position It is worth to Bit String;
Step P3:The data that first preset length is extracted from the Bit String obtain the second identification code, reading and saving Corresponding help data, operation result is generated according to second identification code and the help data;
Step P4:Error correction decoding is carried out to the operation result, the second identification code by as described in is used as solution yardage if successfully decoded According to execution step P5;All errors in the second identification code according to being changed decoded result if decoding failure and error correction success Decoding data is worth on bit, step P5 is performed;Reported an error if decoding failure and error correction failure;
Step P5:Sequence spreading is generated according to the decoding data and preset data, needed for being obtained from the sequence spreading Application data.
2. the method as described in claim 1, it is characterised in that the step S2 is replaced with:
Step S2 ':XOR is carried out to all data in first data list and obtains flag data.
3. method as claimed in claim 1 or 2, it is characterised in that the step S0 includes:
Step S01:To upper electric again after electricity under the chip;
Step S02:Data and the preservation of regular length are read from the fixed position of the chip;
Step S03:Judge whether reading times reach preset times, be then to perform step S1, otherwise return to step S01.
4. the method as described in claim 1, it is characterised in that the step S2 includes:
Step S2-1:It regard the highest-order bit of each data in first data list as current bit position;
Step S2-2:Judge whether the value on the current bit position of each data in first data list is identical, then will be Corresponding data position is labeled as 1 and preserves, and performs step S2-3, and corresponding data position otherwise is labeled as into 0 and preserved, step is performed S2-3;
Step S2-3:Judge whether to have handled the value in first data list on all bits of each data, be then Step S2-4 is performed, otherwise returns to the following bit position of each data in first data list as current bit position Step S2-2;
Step S2-4:Flag data is generated according to the data bit of preservation.
5. the method as described in claim 1, it is characterised in that be according to mark in the flag data in the step S3 Data bit obtained from the data of first data list on corresponding bit position be worth to the first data with from described the The data of one the first preset length of extracting data are obtained between the first identification code, including:
Judge whether the length of first data is less than the first preset length, be to report an error, otherwise from first data The data for extracting the first preset length obtain the first identification code.
6. the method as described in claim 1, it is characterised in that described to be given birth to according to the error correction code word and first identification code Into data are helped, it is specially:XOR is carried out to the error correction code word and first identification code and obtains the help data;
It is described to generate operation result according to second identification code and the help data, be specially:To second identification code XOR, which is carried out, with the help data of reading obtains the operation result.
7. the method as described in claim 1, it is characterised in that
It is described to be specially according to the decoding data and preset data generation sequence spreading:Using hash algorithm to the solution yardage The sequence spreading is obtained according to Hash calculation is carried out with preset data.
8. the method as described in claim 1, it is characterised in that reported in the step P4 if decoding failure and error correction failure Mistake, is specifically included:Judge whether the decoding frequency of failure exceedes preset value, be the end that reports an error;Otherwise the more new decoding frequency of failure, Return to step P1.
9. a kind of device that non-duplicate application data is generated based on chip, it is characterised in that including Registering modules and application module, The Registering modules include:
The lower upper electronic module of electricity, for carrying out lower electricity power on operation again to chip submodule;
The chip submodule, the data for preserving regular length;
Reading and saving submodule, for the electricity on the chip submodule during read regular length from the chip submodule Data and preservation;
First generation submodule, the data for being preserved according to the reading and saving submodule generate the first data list;
First judging submodule, each data of the first data list for judging the first generation submodule generation successively Value on middle same bits position whether all same, be that corresponding data position is obtained into flag data labeled as 1, otherwise will corresponding number According to position flag data is obtained labeled as 0;
First extracting sub-module, for marking the data bit for being in the flag data that is obtained according to first judging submodule Obtained from the data of the first data list of the described first generation submodule generation and be worth to the first number on corresponding bit position According to obtaining the first identification code from the data of the preset length of the first extracting data first;
Encoding submodule is generated, the random number for generating the second preset length, and random number progress Error Correction of Coding is obtained To error correction code word;
Second generation submodule, the error correction code word and described first for being obtained according to the generation encoding submodule extracts submodule The first identification code generation that block is obtained helps data;
Submodule is preserved, for the help data of the described second generation submodule generation to be obtained with first judging submodule Flag data correspondence preserve;
The application module includes:
Reading submodule is obtained, for obtaining the flag data that the preservation submodule is preserved, and from the chip submodule Read the data of regular length;
First acquisition submodule, for marking the data bit for being in the flag data according to the acquisition reading submodule acquisition Obtained in the data read from the acquisition reading submodule on corresponding bit position and be worth to Bit String;
Second extracting sub-module, the number for extracting the first preset length in the Bit String that is obtained from first acquisition submodule According to the second identification code is obtained, the help data for preserving submodule preservation are read;
3rd generation submodule, for the second identification code obtained according to second extracting sub-module and the help data of reading Generate operation result;
Decoding sub-module, error correction decoding, such as successfully decoded are carried out for the operation result to the described 3rd generation submodule generation Then it regard second identification code as decoding data;If decoding failure and error correction success second according to being changed decoded result In identification code decoding data is worth on all faulty bit positions;
Report an error submodule, for being reported an error when the decoding sub-module is in decoding failure and error correction failure;
4th generation submodule, for decoding data and preset data the generation extension sequence obtained according to the decoding sub-module Row;
Second acquisition submodule, for obtaining required application number from the sequence spreading of the described 4th generation submodule generation According to.
10. device as claimed in claim 9, it is characterised in that first judging submodule is additionally operable to give birth to described first All data in the first data list generated into module carry out XOR and obtain flag data.
11. the device as described in claim 9 or 10, it is characterised in that
The reading and saving submodule includes:
Reading and saving unit, data and preservation for reading regular length from the fixed position of the chip submodule;
First judging unit, for judging whether reading times reach preset times, is to trigger the first generation submodule Work, otherwise triggers the upper electronic module work of the lower electricity;
The first generation submodule generates the first data list specifically for the data preserved according to the reading and saving unit.
12. device as claimed in claim 9, it is characterised in that first judging submodule includes:
First as unit, the highest ratio of each data in the first data list for generating submodule generation by described first Special position is used as current bit position;
Second judging unit, each data is current in the first data list for judging the first generation submodule generation Whether the value on bit is identical, is, corresponding data position is labeled as into 1 and preserved, and corresponding data position otherwise is labeled as into 0 simultaneously Preserve;
3rd judging unit, each in the first data list for judging whether to have handled the first generation submodule generation Value on all bits of data;
Second as unit, for when the 3rd judging unit is judged as NO by the of the described first generation submodule generation The following bit position of each data is used as current bit position in one data list;
Generation unit, the data bit for being preserved when the 3rd judging unit is judged as YES according to second judging unit is generated Flag data.
13. device as claimed in claim 9, it is characterised in that first extracting sub-module is additionally operable to judge described first Whether the length of data is less than the first preset length, is to report an error, otherwise from the preset length of the first extracting data first Data obtain the first identification code.
14. device as claimed in claim 9, it is characterised in that the second generation submodule is specifically for the generation The first identification code that the error correction code word and first extracting sub-module that encoding submodule is obtained are obtained carries out XOR and obtained The help data;
The 3rd generation submodule is specifically for the second identification code obtained to second extracting sub-module and the institute of reading State help data progress XOR and obtain the operation result.
15. device as claimed in claim 9, it is characterised in that the 4th generation submodule using Hash specifically for being calculated The decoding data and preset data that method is obtained to the decoding sub-module carry out Hash calculation and obtain the sequence spreading.
16. device as claimed in claim 9, it is characterised in that the application module is also including the second judging submodule and more New submodule;
Second judging submodule is used to judge decoding failure when the decoding sub-module is in decoding failure and error correction failure Whether number of times exceedes preset value;
The renewal submodule is used for the more new decoding frequency of failure when second judging submodule is judged as NO, and triggering is described Reading submodule is obtained to be operated;
The submodule that reports an error when second judging submodule is judged as YES specifically for being reported an error.
CN201710574271.1A 2017-07-14 2017-07-14 Method and device for generating non-repeated application data based on chip Active CN107229578B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710574271.1A CN107229578B (en) 2017-07-14 2017-07-14 Method and device for generating non-repeated application data based on chip

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710574271.1A CN107229578B (en) 2017-07-14 2017-07-14 Method and device for generating non-repeated application data based on chip

Publications (2)

Publication Number Publication Date
CN107229578A true CN107229578A (en) 2017-10-03
CN107229578B CN107229578B (en) 2020-08-18

Family

ID=59957036

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710574271.1A Active CN107229578B (en) 2017-07-14 2017-07-14 Method and device for generating non-repeated application data based on chip

Country Status (1)

Country Link
CN (1) CN107229578B (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109525399A (en) * 2018-10-22 2019-03-26 国家电网有限公司 A method of the system authentication of power grid intelligent mobile terminal is realized based on PUF
CN112804678A (en) * 2021-04-15 2021-05-14 浙江口碑网络技术有限公司 Device registration, authentication and data transmission method and device
CN114510753A (en) * 2022-04-20 2022-05-17 浙江地芯引力科技有限公司 Memory data protection method and device, electronic equipment and storage medium

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20110002461A1 (en) * 2007-05-11 2011-01-06 Validity Sensors, Inc. Method and System for Electronically Securing an Electronic Biometric Device Using Physically Unclonable Functions
US20130246881A1 (en) * 2012-03-16 2013-09-19 Infineon Technologies Ag Apparatus and Method for Reconstructing a Bit Sequence with Preliminary Correction
CN103338107A (en) * 2013-06-05 2013-10-02 北京华大信安科技有限公司 A secret key generation method and a secret key generation apparatus
CN105530097A (en) * 2014-09-30 2016-04-27 中国科学院数据与通信保护研究教育中心 Secret key extraction method and system based on SRAM PUF

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20110002461A1 (en) * 2007-05-11 2011-01-06 Validity Sensors, Inc. Method and System for Electronically Securing an Electronic Biometric Device Using Physically Unclonable Functions
US20130246881A1 (en) * 2012-03-16 2013-09-19 Infineon Technologies Ag Apparatus and Method for Reconstructing a Bit Sequence with Preliminary Correction
CN103338107A (en) * 2013-06-05 2013-10-02 北京华大信安科技有限公司 A secret key generation method and a secret key generation apparatus
CN105530097A (en) * 2014-09-30 2016-04-27 中国科学院数据与通信保护研究教育中心 Secret key extraction method and system based on SRAM PUF

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109525399A (en) * 2018-10-22 2019-03-26 国家电网有限公司 A method of the system authentication of power grid intelligent mobile terminal is realized based on PUF
CN112804678A (en) * 2021-04-15 2021-05-14 浙江口碑网络技术有限公司 Device registration, authentication and data transmission method and device
CN112804678B (en) * 2021-04-15 2021-07-20 浙江口碑网络技术有限公司 Device registration, authentication and data transmission method and device
CN114510753A (en) * 2022-04-20 2022-05-17 浙江地芯引力科技有限公司 Memory data protection method and device, electronic equipment and storage medium
CN114510753B (en) * 2022-04-20 2023-04-07 浙江地芯引力科技有限公司 Memory data protection method and device, electronic equipment and storage medium

Also Published As

Publication number Publication date
CN107229578B (en) 2020-08-18

Similar Documents

Publication Publication Date Title
CN105007285B (en) A kind of cryptographic key protection method and safety chip based on physics unclonable function
EP2789116B1 (en) Soft decision error correction for memory based puf using a single enrollment
Wang Quantum resistant random linear code based public key encryption scheme RLCE
EP3156946B1 (en) Method for concealing secret information, secret information concealing device, program, method for extracting secret information, and secret information extraction device
CN107229578A (en) A kind of method and device that non-duplicate application data is generated based on chip
CN106612172A (en) Data change recovery algorithm capable of restoring data authenticity in cloud storage
US10313125B2 (en) Generating cryptographic checksums
CN101840485B (en) Method for disordering, splitting, storing, combining and mutually validating files
EP3183836A1 (en) Generating cryptographic checksums
CN107634832A (en) Character string encryption, verification method, device, computer-readable recording medium
CN105337725A (en) Key management device and key management method
CN105228157A (en) A kind of wireless sensor network security light weight reprogramming method
CN109995507A (en) A kind of key generation method and device based on PUF, private key storage method
Dubrova et al. CRC-based message authentication for 5G mobile technology
CN111314090B (en) Secure multi-cloud password management method based on bit level threshold
Wang RLCEKeyEncapsulation Mechanism (RLCE-KEM) Specifcation
CN101673250B (en) Method and device for protecting codes or data in mobile phone memory
CN102612025B (en) Protective system and protective method for mobile phone documents
CN109525399A (en) A method of the system authentication of power grid intelligent mobile terminal is realized based on PUF
CN105718978B (en) QR code generation method and device, and decoding method and device
Vyas et al. Improving the efficiency of PUF-based key generation in FPGAs using variation-aware placement
CN105827404A (en) Identity authentication method, identity authentication device, and server
Sendrier et al. On the use of structured codes in code based cryptography
Alabbadi et al. Digital signature schemes based on error-correcting codes
CN106059748A (en) Lightweight data secure storage method based on block security regeneration codes

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant