CN109815038A - Parity check fault injection detection method based on local rearrangement - Google Patents
Parity check fault injection detection method based on local rearrangement Download PDFInfo
- Publication number
- CN109815038A CN109815038A CN201811473142.4A CN201811473142A CN109815038A CN 109815038 A CN109815038 A CN 109815038A CN 201811473142 A CN201811473142 A CN 201811473142A CN 109815038 A CN109815038 A CN 109815038A
- Authority
- CN
- China
- Prior art keywords
- detection method
- circuit
- parity
- register
- local
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Landscapes
- Detection And Correction Of Errors (AREA)
Abstract
A parity check fault injection detection method based on local rearrangement comprises the steps of adopting a word parity check fault injection detection method for a circuit to be detected, and rearranging registers in an attack range aiming at local fault injection attack, so that the number of the registers belonging to the same word in the attack range is an odd number. The parity check fault injection detection method based on the local re-layout realizes high fault detection rate and low resource occupation, analyzes the registers in the local fault injection attack range, adopts manual re-layout wiring to ensure that the number of the registers belonging to the same word is odd, and ensures that all faults can be detected. The method solves the problems of low detection rate of word parity check failures and high consumption of byte parity check resources in the existing failure detection technology, is a failure detection technology with high failure detection rate and low resource consumption, and improves the failure detection rate under the condition of not increasing the resource consumption.
Description
Technical field
The present invention relates to a kind of Research on Integrated Circuit Security and direct fault location detection method.More particularly to one kind based on part weight
The parity fault of layout injects detection method.
Background technique
With the continuous development of information technology, information security has become important composition very important in modern day computing systems
Part, encrypted circuit provide key theory and technology for information security.For fault injection attacks [1] serious prestige of encrypted circuit
Coerce IC chip safety.Fault injection attacks pass through differential fault analysis, non-difference by deliberately introducing failure in circuit
To divide the failure analysis techniques [2] such as accident analysis to crack encrypted circuit, obtains the key messages such as key, attacking ability is strong,
Required time is short.
Fault-resistant injection attacks technology can protect circuit from malicious attack, guarantee Data within the chip safety.Anti- event
Hinder in injection attacks technology, the smaller scope of application such as encapsulation interference, sensor, metal layer.Common redundant computation technology [3] makes
Confirm that circuit with the presence or absence of failure, can be divided into spatial redundancy, time redundancy and information redundancy with additional hardware or function.
Wherein, spatial redundancy and time redundancy are respectively necessary for biggish resource consumption and higher time cost;Information redundancy is using wrong
Error detection coding increases redundancy in data and carries out fault detection, and cost is relatively low for required room and time.
Parity check code is common error detection coding, haves the defects that even bit failure can not be detected.Byte is odd
Although even parity check can obtain the fault detection rate higher than word parity verification, required resource is also apparently higher than word verification [4].Cause
This, it is very necessary to find a kind of high fault detection rate, the direct fault location detection method of low consumption of resources.
Summary of the invention
The technical problem to be solved by the invention is to provide one kind can ensure institute it is faulty it is equal can be detected based on office
The parity fault of portion's remapping injects detection method.
The technical scheme adopted by the invention is that: a kind of parity fault injection detection side based on local remapping
Method, including, direct fault location detection method is verified using word parity to circuit under test, for local fault injection attacks, to attack
Register in range is laid out again, makes the register number odd number belonged in same word in the firing area.
The word parity verification direct fault location detection method includes prediction circuit and comparison circuit, the prediction circuit
It is predicted to obtain the theoretical value of circuit under test output result parity according to the input data of circuit under test and even-odd check principle, and
The actual value that the result parity is calculated in result is exported by circuit under test;The comparison circuit is comparator, is sentenced
Whether disconnected theoretical value and actual value are identical, if the two is consistent, then it is assumed that ifq circuit output is correct, and otherwise ifq circuit is faulty
Injection attacks.
Described is laid out the register in firing area again, comprising the following steps:
S1: in the design after circuit under test placement-and-routing, being laid out again by mobile or exchange register,
In, the movement is that the register that will be chosen is moved to new position;The exchange is that be exchanged two is chosen to deposit
Device, and by the location swap of two registers;
S2: rewiring is carried out to the line that the register with movement or after exchanging is connected;
S3: the case where checking rewiring, it is ensured that all wirings are completed;
S4: to again be laid out after design re-start static timing analysis, it is ensured that again be laid out after design meet to
The timing requirements of slowdown monitoring circuit.
A kind of parity fault based on local remapping of the invention injects detection method, realizes high fault detection
Rate, low-resource occupy, and analyze the register within the scope of local fault injection attacks, are routed, are made using manual remapping
The register number belonged in same word is odd number, it is ensured that the faulty equal energy of institute is detected.Solves existing fault detection technique
The middle word parity verification problem that fault detection rate is low, byte parity resource consumption is big is a kind of high fault detection rate, low money
The fault detection technique of source consumption, in the case where not increasing resource consumption, fault detection rate increases.
Detailed description of the invention
Fig. 1 is a kind of schematic diagram of the parity fault injection detection method based on local remapping of the present invention.
Specific embodiment
Inspection is injected to a kind of parity fault based on local remapping of the invention below with reference to embodiment and attached drawing
Survey method is described in detail.
As shown in Figure 1, a kind of parity fault based on local remapping of the invention injects detection method, including,
Increase prediction circuit and comparison circuit on the basis of circuit under test.Direct fault location detection side is verified using word parity to circuit under test
Method is laid out the register in firing area for local fault injection attacks again, makes to belong in the firing area
Register number in same word is odd number.
The word parity verification direct fault location detection method includes prediction circuit and comparison circuit, the prediction circuit
It is predicted to obtain the theoretical value p of circuit under test output result parity according to the input data x of circuit under test and even-odd check principle
(x), and by circuit under test the actual value y (x) that the result parity is calculated in result is exported;The comparison circuit is
Whether identical comparator judges theoretical value p (x) and actual value y (x), if the two is consistent, then it is assumed that ifq circuit output is correct,
Otherwise the faulty injection attacks of ifq circuit.
Described is laid out the register in firing area again, comprising the following steps:
S1: in the design after circuit under test placement-and-routing, being laid out again by mobile or exchange register,
In, the movement is that the register that will be chosen is moved to new position;The exchange is that be exchanged two is chosen to deposit
Device, and by the location swap of two registers;
S2: rewiring is carried out to the line that the register with movement or after exchanging is connected;
S3: the case where checking rewiring, it is ensured that all wirings are completed;
S4: to again be laid out after design re-start static timing analysis, it is ensured that again be laid out after design meet to
The timing requirements of slowdown monitoring circuit.
By taking the detection of RC5 Encryption Algorithm direct fault location as an example, its parameter combination is chosen are as follows: 32 bit of word length, key length 16
Byte, encryption round number 12 are taken turns.Assuming that fault injection attacks range includes two registers in same word, to solve even-odd check
The defect that even bit failure can not be detected carries out the register outside one of register and fault injection attacks range mutual
It changes, utilizes engineering changing order ECO in vivado (Engineering Change Order) Lai Shixian, comprising the following steps:
S1: in placement-and-routing's design, a register and the fault injection attacks within the scope of fault injection attacks are chosen
A register outside range swaps;
S2: to exchange after register connection line carry out rewiring;
S3: installation scenarios are checked using report_route_status order in Tcl Console, it is ensured that Suo Youxiu
Wiring after changing is completed;
S4: static timing analysis is re-started to modified design, it is ensured that the design after local remapping wiring meets
Former timing requirements.
In the design after local remapping, the register number in same word is belonged in direct fault location detection range for surprise
Number can detecte faulty, verification and measurement ratio 100% using parity fault injection detection method.In addition, remapping cloth
Resource consumption does not increase in design after line.
The present invention is not limited to embodiments described above.Above the description of specific embodiment is intended to describe and say
Bright technical solution of the present invention, the above mentioned embodiment is only schematical, is not restrictive.This is not being departed from
In the case of invention objective and scope of the claimed protection, those skilled in the art may be used also under the inspiration of the present invention
The specific transformation of many forms is made, within these are all belonged to the scope of protection of the present invention.
Bibliography:
[1]BARENGHI A,BREVEGLIERI L,KOREN I,et al.Fault injection attacks on
cryptographic devices:theory,practice,and countermeasures[J].Proceedings of
the IEEE,2012,100(11):3056-3076.
[2]Courtois N,Ware D,Jackson K M.Fault-algebraic attacks on inner
rounds of DES[EB/OL].Nice:Strategies Telecom and Multimedia,2010-9-22[2016-
11-16].http://www0.cs.ucl.ac.uk/staff/n.courtois/dfasolv.pdf.
[3]CHU J,BENAISSA M.Error detecting AES using polynomial residue
number systems[J].Microprocessors&Microsystems,2013,37(2):228-234.
[4]WEN Liang,JIANG Wei,JIANG Ke,et al.Detecting Fault Injection
Attacks on Embedded Real-Time Applications:A System-Level Perspective[C]//
IEEE,International Conference on High PERFORMANCE Computing and
Communications,2015IEEE,International Symposium on Cyberspace Safety and
Security,and 2015 IEEE,International Conf on Embedded Software and
Systems.New York:IEEE Computer Society,2015:700-705.
Claims (3)
1. a kind of parity fault based on local remapping injects detection method, which is characterized in that including to circuit under test
Direct fault location detection method is verified using word parity, for local fault injection attacks, the register in firing area is carried out
Again it is laid out, makes the register number odd number belonged in same word in the firing area.
2. a kind of parity fault based on local remapping according to claim 1 injects detection method, feature
It is, the word parity verification direct fault location detection method includes prediction circuit and comparison circuit, the prediction circuit root
It predicts to obtain the theoretical value of circuit under test output result parity according to the input data and even-odd check principle of circuit under test, and leads to
Cross the actual value that the result parity is calculated in circuit under test output result;The comparison circuit is comparator, judgement
Whether theoretical value is identical as actual value, if the two is consistent, then it is assumed that ifq circuit output is correct, otherwise the faulty note of ifq circuit
Enter attack.
3. a kind of parity fault based on local remapping according to claim 1 injects detection method, feature
It is, the register in firing area is laid out again, comprising the following steps:
S1: it in the design after circuit under test placement-and-routing, is laid out again by mobile or exchange register, wherein institute
The movement stated is that the register that will be chosen is moved to new position;The exchange be choose two registers to be exchanged, and
By the location swap of two registers;
S2: rewiring is carried out to the line that the register with movement or after exchanging is connected;
S3: the case where checking rewiring, it is ensured that all wirings are completed;
S4: static timing analysis is re-started to the design after being laid out again, it is ensured that the design after being laid out again meets electricity to be measured
The timing requirements on road.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811473142.4A CN109815038B (en) | 2018-12-04 | 2018-12-04 | Parity check fault injection detection method based on local rearrangement |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811473142.4A CN109815038B (en) | 2018-12-04 | 2018-12-04 | Parity check fault injection detection method based on local rearrangement |
Publications (2)
Publication Number | Publication Date |
---|---|
CN109815038A true CN109815038A (en) | 2019-05-28 |
CN109815038B CN109815038B (en) | 2022-03-29 |
Family
ID=66601949
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201811473142.4A Active CN109815038B (en) | 2018-12-04 | 2018-12-04 | Parity check fault injection detection method based on local rearrangement |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN109815038B (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2021131856A (en) * | 2020-02-18 | 2021-09-09 | 新唐科技股▲ふん▼有限公司 | Digital failure injection detector |
CN114328001A (en) * | 2022-03-11 | 2022-04-12 | 紫光同芯微电子有限公司 | Method and device for detecting fault injection attack on RAM and storage medium |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4546475A (en) * | 1982-12-06 | 1985-10-08 | At&T Bell Laboratories | Parity checking arrangement |
CN101923903A (en) * | 2009-06-16 | 2010-12-22 | St微电子(鲁塞)有限公司 | Detection is to the method and the corresponding memory of the fault-injection attack of storer |
CN106771962A (en) * | 2016-11-29 | 2017-05-31 | 天津大学 | A kind of Fault of Integrated Circuits injection attacks analogy method based on partial scan |
CN106777529A (en) * | 2016-11-23 | 2017-05-31 | 天津大学 | Integrated circuit fault-resistant injection attacks capability assessment method based on FPGA |
-
2018
- 2018-12-04 CN CN201811473142.4A patent/CN109815038B/en active Active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4546475A (en) * | 1982-12-06 | 1985-10-08 | At&T Bell Laboratories | Parity checking arrangement |
CN101923903A (en) * | 2009-06-16 | 2010-12-22 | St微电子(鲁塞)有限公司 | Detection is to the method and the corresponding memory of the fault-injection attack of storer |
CN106777529A (en) * | 2016-11-23 | 2017-05-31 | 天津大学 | Integrated circuit fault-resistant injection attacks capability assessment method based on FPGA |
CN106771962A (en) * | 2016-11-29 | 2017-05-31 | 天津大学 | A kind of Fault of Integrated Circuits injection attacks analogy method based on partial scan |
Non-Patent Citations (1)
Title |
---|
王沛晶: "一种混合粒度奇偶校验故障注入检测方法", 《北京航空航天大学学报》 * |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2021131856A (en) * | 2020-02-18 | 2021-09-09 | 新唐科技股▲ふん▼有限公司 | Digital failure injection detector |
JP7174786B2 (en) | 2020-02-18 | 2022-11-17 | 新唐科技股▲ふん▼有限公司 | digital fault injection detector |
CN114328001A (en) * | 2022-03-11 | 2022-04-12 | 紫光同芯微电子有限公司 | Method and device for detecting fault injection attack on RAM and storage medium |
Also Published As
Publication number | Publication date |
---|---|
CN109815038B (en) | 2022-03-29 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11734420B2 (en) | Snooping invalidation and snooping detection device and method | |
Raparti et al. | Lightweight mitigation of hardware Trojan attacks in NoC-based manycore computing | |
Zeng et al. | Finite state machine synthesis with concurrent error detection | |
TWI512520B (en) | Systems and methods for detecting attacks against a digital circuit | |
Hussain et al. | EETD: An energy efficient design for runtime hardware trojan detection in untrusted network-on-chip | |
Muduli et al. | Hyperfuzzing for soc security validation | |
Boraten et al. | Secure model checkers for network-on-chip (NoC) architectures | |
CN109815038A (en) | Parity check fault injection detection method based on local rearrangement | |
Hasan et al. | Translating circuit behavior manifestations of hardware Trojans using model checkers into run-time Trojan detection monitors | |
JP4009437B2 (en) | Information processing device | |
Al-Anwar et al. | Hardware Trojan detection methodology for FPGA | |
Feiten et al. | # SAT-based vulnerability analysis of security components—A case study | |
Wang et al. | Hardware trojan detection and high-precision localization in noc-based mpsoc using machine learning | |
US11636227B2 (en) | Protection against fault attacks by duplication | |
Rashidi | Fault-tolerant and error-correcting 4-bit S-boxes for cryptography applications with multiple errors detection | |
CN110727636B (en) | Equipment isolation method of system on chip | |
CN109541444A (en) | Integrated circuit fault injection detection method based on mixed granularity parity check | |
Al-Anwar et al. | Defeating hardware spyware in third party IPs | |
Köylü et al. | Exploiting PUF variation to detect fault injection attacks | |
Jayasena et al. | Network-on-chip trust validation using security assertions | |
Geier et al. | Compasec: a compiler-assisted security countermeasure to address instruction skip fault attacks on risc-v | |
CN106874796A (en) | The safety detection and fault-tolerance approach of instruction stream in system operation | |
Danger et al. | LAOCOÖN: A run-time monitoring and verification approach for hardware trojan detection | |
Raparti et al. | Securing 3d nocs from hardware trojan attacks | |
Bae et al. | Protection strategies against false data injection attacks with uncertain information on electric power grids |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
CP02 | Change in the address of a patent holder | ||
CP02 | Change in the address of a patent holder |
Address after: 300452 Binhai Industrial Research Institute Campus of Tianjin University, No. 48 Jialingjiang Road, Binhai New Area, Tianjin Patentee after: Tianjin University Address before: 300072 Tianjin City, Nankai District Wei Jin Road No. 92 Patentee before: Tianjin University |