CN109617668A - A method of preventing bypass attack - Google Patents

A method of preventing bypass attack Download PDF

Info

Publication number
CN109617668A
CN109617668A CN201811535812.0A CN201811535812A CN109617668A CN 109617668 A CN109617668 A CN 109617668A CN 201811535812 A CN201811535812 A CN 201811535812A CN 109617668 A CN109617668 A CN 109617668A
Authority
CN
China
Prior art keywords
power consumption
module
computing module
control module
dynamic equilibrium
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201811535812.0A
Other languages
Chinese (zh)
Inventor
张福健
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Sichuan Changhong Electric Co Ltd
Original Assignee
Sichuan Changhong Electric Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Sichuan Changhong Electric Co Ltd filed Critical Sichuan Changhong Electric Co Ltd
Priority to CN201811535812.0A priority Critical patent/CN109617668A/en
Publication of CN109617668A publication Critical patent/CN109617668A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/002Countermeasures against attacks on cryptographic mechanisms
    • H04L9/003Countermeasures against attacks on cryptographic mechanisms for power analysis, e.g. differential power analysis [DPA] or simple power analysis [SPA]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0894Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage

Abstract

The invention discloses a kind of methods for preventing bypass attack, module is obscured including computing module, power consumption dynamic equilibrium control module and the operation in crypto chip, the computing module provides input signal for the power consumption dynamic equilibrium control module, power consumption dynamic equilibrium control module obscures module for operation and provides input signal, and the method is the following steps are included: the power consumption profile that power consumption dynamic equilibrium control module obtains computing module exports sampled value;Power consumption dynamic equilibrium control module is using the peak value of the power consumption profile of computing module output sampled value as the output valve of power-consumption balance curve;It calculates operation and obscures the power consumption that module needs to generate;The power consumption that computing module generates compensates the total power consumption of crypto chip by the power consumption that module generation is obscured in operation, the output valve for the total power consumption power-consumption balance curve for generating crypto chip.The present invention is steady state value using the power consumption that crypto chip dynamic generates, and can effectively prevent attacker and obtains crypto-operation information out of power consumption profile.

Description

A method of preventing bypass attack
Technical field
The present invention relates to computer information safety technique field, especially a kind of method for preventing bypass attack.
Background technique
With the fast development of network technology, the network information technology has goed deep into our life, while offering convenience, Also result in certain risk.We will often do the encryption process information when information is transmitted, and increase the secret of sensitive information Property.The safety of information depends on the secure storage ability of encryption key.Once key is acquired, information can be obtained by third party It arrives.Many security systems are devised for the generation of key, storage and replacement cryptologist to protect.From bright ciphertext to and exhaustion From the point of view of attack, break through similar to the time needed for AES, ECC algorithm in terms of a century.But what cryptographic algorithm was run in crypto chip Power consumption but exposes the relevant information of its cipher feature and key, and the method for efficiently decoding key is brought to attacker.
Summary of the invention
To solve problems of the prior art, the object of the present invention is to provide a kind of method for preventing bypass attack, The present invention is steady state value using the power consumption that crypto chip dynamic generates, and can effectively prevent attacker and obtains password out of power consumption profile Operation information.
To achieve the above object, the technical solution adopted by the present invention is that: a method of preventing bypass attack, including password Computing module in chip further includes power consumption dynamic equilibrium control module and module is obscured in operation, and the computing module is described Power consumption dynamic equilibrium control module provides input signal, and power consumption dynamic equilibrium control module obscures module for operation and provides input letter Number, the method the following steps are included:
A, the power consumption profile that power consumption dynamic equilibrium control module obtains computing module exports sampled value { p0,p1,p2…pt, Wherein PtFor the power consumption sampled value of t moment computing module;
B, power consumption dynamic equilibrium control module puts down the peak value of the power consumption profile of computing module output sampled value as power consumption The output valve P of weighing apparatus curvemax, i.e. Pmax=max { p0,p1,p2…pt};
C, it calculates operation and obscures the power consumption P that module needs to generates, in which: Ps=Pmax-Pt
D, the power consumption P that computing module is generated by the power consumption that module generation is obscured in operationsTo the total power consumption of crypto chip It compensates, the output valve P for the total power consumption power-consumption balance curve for generating crypto chipmax
As a further improvement of the present invention, in step a, the power consumption profile output sampled value of the computing module is adopted The time required to sample time interval is a modular multiplication.
As a further improvement of the present invention, in stepb, the peak of the power consumption profile output sampled value of the computing module Value, which is chosen, provides different operation combination according to different accuracy, and the selection of accuracy obscures the defeated of module as operation Enter, and determines that the basic unit in module is obscured in operation;Assuming that it is { P that the basic unit in module is obscured in operation0,P1,P2… Pn, then the power consumption P generated for computing module in t momentt, all there is { a0,a1,a2…anMake Ps=Pmax-Pt=a0P0+ a1P1+…anPn, wherein aiFor natural number, 0≤i≤n.
As a further improvement of the present invention, the operation obscure module generate power consumption specific step is as follows:
It includes big number adder and large number multiplication device that the basic unit in module is obscured in operation, and big number adder operation is primary Power consumption be denoted as Padd, the primary power consumption of large number multiplication device operation is denoted as Pmul, according to the power consumption number that t moment need to generate, obtain in t Stage at moment, the frequency n=P for the large number multiplication device operation for needing to carry outs/Pmul, need to carry out the number of number adder operation greatly
The beneficial effects of the present invention are: through the invention, crypto chip can be reasonably resistant to when carrying out crypto-operation Bypass attack makes to cannot get crypto-operation information in its power consumption profile from crypto chip, can guarantee the crypto-operation key Safety, can effectively resist power consumption analysis, prevent side-channel attack;And the present invention is not before changing existing code Putting can be realized, and not influence code redundancy and readability, no matter software realization code or hard-wired logic all Bypass attack can be prevented through the invention, the present invention is weak related to algorithm engineering, it is not necessary to modify algorithm engineering source code, algorithm is opened Hair engineer need not deliberately lay down a regulation to avoid power consumption analysis.
Detailed description of the invention
Fig. 1 is that crypto chip of embodiment of the present invention internal module changes schematic diagram;
Fig. 2 is the operating status figure of the embodiment of the present invention.
Specific embodiment
The embodiment of the present invention is described in detail with reference to the accompanying drawing.
Embodiment
Two modules of the present embodiment major design, to guarantee that the power consumption of crypto chip output is steady state value, thus not repairing Changing under the premise of algoritic module code is realized prevents bypass attack, improves the security capabilities of algorithm cipher chip.
As shown in Figure 1, two newly-increased modules are that module is obscured in power consumption dynamic equilibrium control module and operation respectively.Operation Module provides input for power consumption dynamic equilibrium control module, power consumption dynamic equilibrium control module for operation obscure module provide it is defeated Enter.
As shown in Fig. 2, power consumption dynamic equilibrium control module needs really in first operation after computing module version determines Fixed two elements:
1, power-consumption balance curve output valve Pmax=max { p0,p1,p2…pt, wherein PtFor the power consumption of t moment computing module Sampled value, the time required to sampling time interval is a modular multiplication, power consumption dynamic equilibrium control module obscures mould by operation Block generates interference operation, so that controlling crypto chip power consumption is always the peak value;
2, module is obscured in operation need to generate power consumption number Ps=Pmax-Pt, wherein PtFor t moment operation power consumption number, PmaxFor power consumption Profile of equilibrium output valve, i.e. power consumption maximum in operation a cycle.
Operation obscures module and includes a variety of basic processing units.To be containing big number adder and large number multiplication device operation Example, wherein big several adder operation power consumptions are denoted as Padd, large number multiplication device operation power consumption is denoted as Pmul, need to be generated according to t moment Power consumption number, it can be deduced that in the t moment stage, the frequency n=P for the large number multiplication device operation that need to be carried outs/Pmul, need to be counted greatly The number of adder operation
In actual use, computing module is coordinated by power consumption dynamic equilibrium control module and module is obscured in operation, made The curve that it is generated is as far as possible close to straight line.
The power consumption profile that bypass attack person obtains is computing module and the power consumption that the common operation of module generates is obscured in operation, should Power consumption number curve can not can not infer cryptographic algorithm, more instruct without information close close to straight line from cipher feature is wherein obtained Key generates.So it can effectively resist bypass attack.
Peak value selection about power consumption profile can provide different operation combination, accuracy according to different accuracy Selection the input of module is obscured as operation, and determine that the basic unit in module is obscured in operation.Assuming that its basic unit is {P0,P1,P2…Pn, then, the power consumption P generated for computing moduletAll there is { a0,a1,a2…anMake Ps=Pmax-Pt= a0P0+a1P1+…anPn, wherein aiFor natural number, 0≤i≤n.
A specific embodiment of the invention above described embodiment only expresses, the description thereof is more specific and detailed, but simultaneously Limitations on the scope of the patent of the present invention therefore cannot be interpreted as.It should be pointed out that for those of ordinary skill in the art For, without departing from the inventive concept of the premise, various modifications and improvements can be made, these belong to guarantor of the invention Protect range.

Claims (4)

1. a kind of method for preventing bypass attack, including the computing module in crypto chip, which is characterized in that further include that power consumption is dynamic Module is obscured in state balance control module and operation, and the computing module provides input letter for the power consumption dynamic equilibrium control module Number, power consumption dynamic equilibrium control module obscures module for operation and provides input signal, the method the following steps are included:
A, the power consumption profile that power consumption dynamic equilibrium control module obtains computing module exports sampled value { p0,p1,p2…pt, wherein Pt For the power consumption sampled value of t moment computing module;
B, power consumption dynamic equilibrium control module is using the peak value of the power consumption profile of computing module output sampled value as power-consumption balance song The output valve P of linemax, i.e. Pmax=max { p0,p1,p2…pt};
C, it calculates operation and obscures the power consumption P that module needs to generates, in which: Ps=Pmax-Pt
D, the power consumption P that computing module is generated by the power consumption that module generation is obscured in operationsThe total power consumption of crypto chip is mended It repays, the output valve P for the total power consumption power-consumption balance curve for generating crypto chipmax
2. the method according to claim 1 for preventing bypass attack, which is characterized in that in step a, the computing module Power consumption profile output sampled value sampling time interval be modular multiplication the time required to.
3. the method according to claim 1 for preventing bypass attack, which is characterized in that in stepb, the computing module The peak value of power consumption profile output sampled value choose and provide different operation according to different accuracy and combine, the choosing of accuracy It is taken as obscuring the input of module for operation, and determines that the basic unit in module is obscured in operation;Assuming that operation is obscured in module Basic unit is { P0,P1,P2…Pn, then the power consumption P generated for computing module in t momentt, all there is { a0,a1,a2…an} So that Ps=Pmax-Pt=a0P0+a1P1+…anPn, wherein aiFor natural number, 0≤i≤n.
4. the method according to claim 3 for preventing bypass attack, which is characterized in that the operation obscures module and generates function Specific step is as follows for consumption:
It includes big number adder and large number multiplication device, the primary function of big number adder operation that the basic unit in module is obscured in operation Consumption is denoted as Padd, the primary power consumption of large number multiplication device operation is denoted as Pmul, according to the power consumption number that t moment need to generate, obtain in t moment Stage, the frequency n=P for the large number multiplication device operation for needing to carry outs/Pmul, need to carry out the number of number adder operation greatly
CN201811535812.0A 2018-12-14 2018-12-14 A method of preventing bypass attack Pending CN109617668A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811535812.0A CN109617668A (en) 2018-12-14 2018-12-14 A method of preventing bypass attack

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811535812.0A CN109617668A (en) 2018-12-14 2018-12-14 A method of preventing bypass attack

Publications (1)

Publication Number Publication Date
CN109617668A true CN109617668A (en) 2019-04-12

Family

ID=66010162

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811535812.0A Pending CN109617668A (en) 2018-12-14 2018-12-14 A method of preventing bypass attack

Country Status (1)

Country Link
CN (1) CN109617668A (en)

Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1753357A (en) * 2005-08-18 2006-03-29 复旦大学 Differential power consumption analysis shield circuit for DES encrypted chip
CN101150392A (en) * 2006-09-21 2008-03-26 北京中电华大电子设计有限责任公司 Hardware 3DES for using digital power consumption compensation to prevent from power consumption power attack
CN101197660A (en) * 2006-12-07 2008-06-11 上海安创信息科技有限公司 Encrypting method and chip for anti-attack standard encryption criterion
CN101488846A (en) * 2009-02-24 2009-07-22 深圳先进技术研究院 Cipher code protection method and system
CN202189369U (en) * 2011-07-18 2012-04-11 中国电力科学研究院 Integrated circuit capable of preventing power consumption attack
CN102468954A (en) * 2010-11-10 2012-05-23 上海华虹集成电路有限责任公司 Method for preventing symmetric cryptographic algorithm from being attacked
CN102710413A (en) * 2012-04-25 2012-10-03 杭州晟元芯片技术有限公司 System and method with function of DPA/SPA (Differential Power Analysis/Simple Power Analysis) attack prevention
CN103646219A (en) * 2013-11-29 2014-03-19 东南大学 Power consumption compensation and attack resisting circuit based on neural network power consumption predication and control method
CN104283673A (en) * 2014-10-09 2015-01-14 东南大学 Random and dynamic voltage regulation anti-attack method for password circuit system and circuit system
US20180183576A1 (en) * 2016-12-22 2018-06-28 Shenzhen State Micro Technology Co Ltd Mask s-box, block ciphers algorithm device and corresponding construction process

Patent Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1753357A (en) * 2005-08-18 2006-03-29 复旦大学 Differential power consumption analysis shield circuit for DES encrypted chip
CN101150392A (en) * 2006-09-21 2008-03-26 北京中电华大电子设计有限责任公司 Hardware 3DES for using digital power consumption compensation to prevent from power consumption power attack
CN101197660A (en) * 2006-12-07 2008-06-11 上海安创信息科技有限公司 Encrypting method and chip for anti-attack standard encryption criterion
CN101488846A (en) * 2009-02-24 2009-07-22 深圳先进技术研究院 Cipher code protection method and system
CN102468954A (en) * 2010-11-10 2012-05-23 上海华虹集成电路有限责任公司 Method for preventing symmetric cryptographic algorithm from being attacked
CN202189369U (en) * 2011-07-18 2012-04-11 中国电力科学研究院 Integrated circuit capable of preventing power consumption attack
CN102710413A (en) * 2012-04-25 2012-10-03 杭州晟元芯片技术有限公司 System and method with function of DPA/SPA (Differential Power Analysis/Simple Power Analysis) attack prevention
CN103646219A (en) * 2013-11-29 2014-03-19 东南大学 Power consumption compensation and attack resisting circuit based on neural network power consumption predication and control method
CN104283673A (en) * 2014-10-09 2015-01-14 东南大学 Random and dynamic voltage regulation anti-attack method for password circuit system and circuit system
US20180183576A1 (en) * 2016-12-22 2018-06-28 Shenzhen State Micro Technology Co Ltd Mask s-box, block ciphers algorithm device and corresponding construction process

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
闫喜亮: "密码芯片中抗差分功耗分析攻击的DES方案设计", 《电子器件》 *

Similar Documents

Publication Publication Date Title
Gogniat et al. Reconfigurable hardware for high-security/high-performance embedded systems: The SAFES perspective
Dürmuth et al. Evaluation of standardized password-based key derivation against parallel processing platforms
US8010587B2 (en) Random number generator
Zheng et al. Research for the application and safety of MD5 algorithm in password authentication
CN105184181B (en) File encryption method, file decryption method and file encryption device
US20120288089A1 (en) System and method for device dependent and rate limited key generation
CN107528690A (en) A kind of symmetrical encryption and decryption method and systems of SM4 for accelerating platform based on isomery
CN106610995A (en) Ciphertext index creating method, device and system
CN103051460B (en) Based on dynamic token system and the encryption method thereof of inertial technology
CN108462574A (en) A kind of lightweight cipher encrypting method and system
CN108462686A (en) Acquisition methods, device, terminal device and the storage medium of dynamic key
CN103019648A (en) True random number generator with digital post-processing circuit
CN105978686A (en) Key management method and system
Zhou et al. Implementation of cryptographic algorithm in dynamic QR code payment system and its performance
CN104200137A (en) Method for guaranteeing self-security of JAVA program
CN102222188A (en) Information system user password generation method
CN107306180A (en) Ciphering and deciphering device and its power analysis defence method
CN103746805A (en) External authentication key generation method and system
CN103425939B (en) A kind of SM3 algorithm realization method and system in JAVA environment
Gong et al. The application of data encryption technology in computer network communication security
CN104252604B (en) Database based building block system type dynamic encryption method
CN109617668A (en) A method of preventing bypass attack
CN207530855U (en) Block cipher chip low-power consumption attack defending device
CN114866228A (en) Method, system, storage medium and terminal for realizing soft password module
CN104363099A (en) Mobile phone security co-processing chip

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20190412

RJ01 Rejection of invention patent application after publication