CN108256356B - Method for resisting fault injection of chip register - Google Patents
Method for resisting fault injection of chip register Download PDFInfo
- Publication number
- CN108256356B CN108256356B CN201611241559.9A CN201611241559A CN108256356B CN 108256356 B CN108256356 B CN 108256356B CN 201611241559 A CN201611241559 A CN 201611241559A CN 108256356 B CN108256356 B CN 108256356B
- Authority
- CN
- China
- Prior art keywords
- register
- chip
- value
- initialization
- reset
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
- G06F21/76—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in application-specific integrated circuits [ASIC] or field-programmable devices, e.g. field-programmable gate arrays [FPGA] or programmable logic devices [PLD]
Abstract
The invention provides a method for resisting fault injection of a chip register. The invention can be applied to various security chips with security requirements, such as electronic identity cards, financial cards, social security cards, bus card chips and the like, and can be matched with other chip resetting mechanisms to protect the chips from being illegally influenced or invaded, thereby improving the security protection strength of internal resources of the chips.
Description
Technical Field
The invention is mainly applied to the technical field of information security, and relates to an anti-attack technology suitable for a security chip.
Background
During the operation of the chip, there is a potential risk of attack. Common attack methods include lighting, electromagnetic or burr injection, changing environmental temperature, voltage, chip working frequency and the like, and false operation is generated on a register and a reset logic in a chip through the attack, so that data stored in the chip and security setting are falsified, for example, an enable switch of a security sensor, a switch of a security defense mechanism and the like are falsified from an open state to a closed state, so that the internal security setting of the chip is weakened or invalidated, the chip is in an unsafe working state, and an attacker can carry out further attack. Therefore, the abnormity of the working state of the register needs to be detected and found in time, thereby achieving the defense purpose.
Disclosure of Invention
The invention discloses a method for resisting fault injection of a chip register, which is characterized in that a group of registers are arranged in a chip, a corresponding initialization circuit and a comparison logic circuit are arranged, and the alarm output of the comparison logic circuit is used as a reset source of the chip. In the chip initialization stage, the initialization circuit initializes a set of registers. When the chip is interfered by abnormal conditions after initialization is completed and the register is abnormally reset, the comparison logic circuit detects the alarm value, so that the chip is reset. When the chip is not interfered by abnormal conditions, the data of one group of registers exist in a complementary data form, namely '01' or '10', the logic values are respectively represented as '0' and '1', and the chip works normally.
As shown in FIG. 1, the present invention adopts a register set structure circuit with an abnormal reset alarm mechanism, which is composed of a register A, a register B, an initialization control circuit C and a comparison and judgment logic circuit D; the register A and the register B are used for storing values in a complementary logic mode, the initialization control logic circuit C is used for initializing the register A and the register B in the chip initialization stage, the reset value of the register A and the reset value of the register B are '00' or '11', namely an alarm value, and are initialized to be '01' or '10', namely a normal working value, the output of the comparison judgment logic circuit D is shielded before the initialization is completed, and false alarm in the initialization stage is avoided; the comparison and judgment logic circuit D detects the values of the register A and the register B in real time, outputs an alarm signal when the value is '00' or '11', and causes the chip to reset when the chip is not in an initialization stage.
The invention needs to be matched with a chip reset mechanism for use, is an effective protection means for abnormal attack of external working conditions, and cannot influence the normal working process of the chip when the external working conditions are normal.
The present invention is explained by taking the output signal as the chip reset source, but the present invention is not limited to taking the output signal as the chip reset source, and may be an interrupt source or other exception handling control signals. The present invention can be replicated multiple times for protecting multiple (sets of) registers from the threat of fault injection attacks.
Drawings
FIG. 1 is a schematic diagram of a circuit for implementing the fault injection of a resistance chip register according to the present invention.
Detailed Description
The following description will be made of an embodiment of the present invention using a circuit for counteracting the chip register fault injection as an example.
The hardware implementation of the inventive circuit for counteracting the injection of chip register faults is shown in fig. 1.
The invention adopts the technical scheme that the data input and the inverted value of a register are respectively connected to the input ends of a group of registers (a register A and a register B), namely the data ends of the two registers, and the output end of a comparison logic circuit D, namely the comparison result output of the group of data of the register is connected with a chip system for resetting. In the chip initialization stage, the initialization circuit C initializes the value of the register group (the register A and the register B) to be '01' or '10' from the reset value '00' or '11', and simultaneously shields the alarm output of the comparison logic circuit D before the initialization is completed. After the initialization of the chip is completed, in the normal working process, when the external working condition is abnormal, so that the register group is abnormally reset, the value of the register group is reset to be '00' or '11', the comparison logic circuit D detects that the value of the register group is in an alarm state, and the circuit D outputs an alarm signal to cause the chip to reset. When the external operating condition is normal, the value of the register group (register a and register B) is "01" and represents the logical value "0" and "10" represents the logical value "1", so that the chip operates normally.
The present invention includes, but is not limited to, this embodiment. The present invention is explained by taking the implementation of a set of registers as an example, but the present invention is not limited to the case of a set of registers, and may be a plurality of registers. The value of the register set is not limited to "01" for the logical value "0" and "10" for the logical value "1", but may be used in the opposite way, or may be encoded in other ways. The output signal is not limited to being a reset source of the chip, and may be an interrupt source or other exception handling control signal.
Claims (6)
1. A method for resisting fault injection of a chip register is characterized in that a group of registers A and B, an initialization control logic circuit C and a comparison judgment logic circuit D are arranged in a chip;
the register A and the register B are used for storing values in a complementary logic mode, and the values of the register group are set as follows: "00" or "11" is a reset value, namely an alarm value, "01" or "10" is a normal working value;
the initialization control logic circuit C is used for initializing the register A and the register B in the chip initialization stage;
the comparison and judgment logic circuit D detects the values of the register A and the register B in real time, after the initialization of the chip is completed, in the normal working process, when the external working condition is abnormal and the register group is abnormally reset, the value of the register group is reset to be 00 or 11, the comparison logic circuit D detects that the value of the register group is in an alarm state, and the circuit D outputs an alarm signal to cause the chip to reset; when the external working condition is normal, the value of the register A and the register B is 01, the logical value is 0, and the logical value is 1 when the value of the register A and the register B is 10, so that the chip works normally;
wherein, the output of the comparison judgment logic circuit D is shielded before the initialization is completed, and false alarm in the initialization stage is avoided.
2. The method of claim 1, wherein a group of registers is initialized from an alarm state to a normal working state in a chip initialization process by adopting an initialization mode, and the alarm state is continuously detected after the initialization is finished, so as to alarm in real time.
3. A method as claimed in claim 1, characterized in that the register can enter an alarm state when it is affected by an anomaly due to a reset, so that an attack on the reset can be detected and alarmed.
4. The method of claim 1, wherein the alarm condition may be caused not only by interference with a register, but also by a reset exception effect.
5. The method of claim 1, wherein a group of registers is protected by fully relying on structural and logical principles without additional special design of protected registers during synthesis and place and route.
6. The method of claim 1, wherein the circuit structure is capable of being replicated multiple times for protecting groups of registers from fault injection attacks.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201611241559.9A CN108256356B (en) | 2016-12-29 | 2016-12-29 | Method for resisting fault injection of chip register |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201611241559.9A CN108256356B (en) | 2016-12-29 | 2016-12-29 | Method for resisting fault injection of chip register |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN108256356A CN108256356A (en) | 2018-07-06 |
| CN108256356B true CN108256356B (en) | 2021-05-25 |
Family
ID=62719624
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201611241559.9A Active CN108256356B (en) | 2016-12-29 | 2016-12-29 | Method for resisting fault injection of chip register |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN108256356B (en) |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1866160A (en) * | 2005-05-19 | 2006-11-22 | 美国博通公司 | Digital power-on reset circuit and power-on reset method |
| CN103714018A (en) * | 2013-12-11 | 2014-04-09 | 中国电子科技集团公司第三十研究所 | Security access control method for chip storage circuit |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US9171645B2 (en) * | 2013-05-28 | 2015-10-27 | Globalfoundries U.S. 2 Llc | Address windowing for at-speed bitmapping with memory built-in self-test |
-
2016
- 2016-12-29 CN CN201611241559.9A patent/CN108256356B/en active Active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1866160A (en) * | 2005-05-19 | 2006-11-22 | 美国博通公司 | Digital power-on reset circuit and power-on reset method |
| CN103714018A (en) * | 2013-12-11 | 2014-04-09 | 中国电子科技集团公司第三十研究所 | Security access control method for chip storage circuit |
Also Published As
| Publication number | Publication date |
|---|---|
| CN108256356A (en) | 2018-07-06 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9523736B2 (en) | Detection of fault injection attacks using high-fanout networks | |
| CN103198347B (en) | Safety equipment tamperproof circuit | |
| US9418250B2 (en) | Tamper detector with hardware-based random number generator | |
| US10013581B2 (en) | Detection of fault injection attacks | |
| Parameswaran et al. | Embedded systems security—an overview | |
| US8296845B2 (en) | Integrated circuits including reverse engineering detection using differences in signals | |
| Clark et al. | Securing the information highway: How to enhance the United States' electronic defenses | |
| EP3226168A1 (en) | Electronic device and protection method | |
| EP3147830B1 (en) | Protecting an integrated circuit | |
| US8453261B2 (en) | Systems and methods for securing the power supply of command means of a microcircuit card in case of attack | |
| US20160028394A1 (en) | Fault protection for high-fanout signal distribution circuitry | |
| US20150324583A1 (en) | Method for operating a control unit | |
| EP2629447A1 (en) | Method and device for protecting an electronic device against fault attack(s) | |
| Hamdioui et al. | Hacking and protecting IC hardware | |
| CN108256356B (en) | Method for resisting fault injection of chip register | |
| TWI763121B (en) | Secure ic with soft security countermeasures | |
| US9654111B1 (en) | Systems and methods for protecting data using reconfigurable logic paths | |
| CN111382466A (en) | Protection of microcontrollers | |
| Monjur et al. | ADobf: Obfuscated Detection Method against Analog Trojans on I 2 C Master-Slave Interface | |
| WO2020086087A1 (en) | Integrated circuit(s) with anti-glitch canary circuit(s) | |
| Lemke | Embedded security: Physical protection against tampering attacks | |
| Farag et al. | Smart employment of circuit redundancy to effectively counter trojans (SECRET) in third-party IP cores | |
| US7748637B2 (en) | Smart card with laser attack detector | |
| Sharma | Embedded Systems--A Security Paradigm for Pervasive Computing | |
| US10148671B2 (en) | Method for protecting a chip card against a physical attack intended to modify the logical behaviour of a functional program |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |