CN109815038B - Parity check fault injection detection method based on local rearrangement - Google Patents
Parity check fault injection detection method based on local rearrangement Download PDFInfo
- Publication number
- CN109815038B CN109815038B CN201811473142.4A CN201811473142A CN109815038B CN 109815038 B CN109815038 B CN 109815038B CN 201811473142 A CN201811473142 A CN 201811473142A CN 109815038 B CN109815038 B CN 109815038B
- Authority
- CN
- China
- Prior art keywords
- circuit
- parity check
- fault injection
- registers
- detection method
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Abstract
A parity check fault injection detection method based on local rearrangement comprises the steps of adopting a word parity check fault injection detection method for a circuit to be detected, and rearranging registers in an attack range aiming at local fault injection attack, so that the number of the registers belonging to the same word in the attack range is an odd number. The parity check fault injection detection method based on the local re-layout realizes high fault detection rate and low resource occupation, analyzes the registers in the local fault injection attack range, adopts manual re-layout wiring to ensure that the number of the registers belonging to the same word is odd, and ensures that all faults can be detected. The method solves the problems of low detection rate of word parity check failures and high consumption of byte parity check resources in the existing failure detection technology, is a failure detection technology with high failure detection rate and low resource consumption, and improves the failure detection rate under the condition of not increasing the resource consumption.
Description
Technical Field
The invention relates to an integrated circuit safety and fault injection detection method. In particular to a parity check fault injection detection method based on local rearrangement.
Background
With the continuous development of information technology, information security becomes a non-negligible important component in modern computing systems, and an encryption circuit provides a key theory and technology for information security. Fault injection attacks [1] against cryptographic circuits seriously threaten the security of integrated circuit chips. The fault injection attack is characterized in that faults are deliberately introduced into a circuit, the encryption circuit is cracked through fault analysis technologies [2] such as differential fault analysis and non-differential fault analysis, key information such as a secret key is obtained, the attack capability is strong, and the required time is short.
The fault injection attack resisting technology can protect the circuit from malicious attack and ensure the safety of data inside the chip. In the technology of fault injection attack resistance, the application ranges of package interference, sensors, metal layers and the like are small. Common redundancy calculation techniques [3] use additional hardware or functionality to confirm whether a circuit has a fault, and can be classified as spatial redundancy, temporal redundancy, and information redundancy. Wherein, the spatial redundancy and the temporal redundancy respectively require a large resource consumption and a high time cost; the information redundancy adopts error detection coding, redundant information is added in data for fault detection, and the required space and time cost are low.
Parity check codes are commonly used error detection codes and have the defect that even bit faults cannot be detected. Byte parity, while achieving higher failure detection rates than word parity, requires significantly higher resources than word parity [4 ]. Therefore, it is necessary to find a fault injection detection method with high fault detection rate and low resource consumption.
Disclosure of Invention
The technical problem to be solved by the invention is to provide a parity check fault injection detection method based on local rearrangement, which can ensure that all faults can be detected.
The technical scheme adopted by the invention is as follows: a parity check fault injection detection method based on local rearrangement comprises the steps of adopting a word parity check fault injection detection method for a circuit to be detected, and rearranging registers in an attack range aiming at local fault injection attack, so that the number of the registers belonging to the same word in the attack range is an odd number.
The word parity check fault injection detection method comprises a prediction circuit and a comparison circuit, wherein the prediction circuit predicts to obtain a theoretical value of parity of an output result of a circuit to be detected according to input data and a parity check principle of the circuit to be detected and calculates to obtain an actual value of the parity of the output result of the circuit to be detected; the comparison circuit is a comparator, whether the theoretical value is the same as the actual value or not is judged, if the theoretical value is consistent with the actual value, the output of the original circuit is considered to be correct, and otherwise, the original circuit is failed and injected into an attack.
The method for rearranging the registers in the attack range comprises the following steps:
s1: in the design after the layout and wiring of the circuit to be tested, the re-layout is carried out by moving or exchanging registers, wherein the moving is to move the selected register to a new position; the interchanging is to select two registers to be interchanged and interchange the positions of the two registers;
s2: rewiring a connecting line connected with the moved or exchanged register;
s3: checking the rewiring condition to ensure that all the wirings are finished;
s4: and performing static time sequence analysis on the re-laid design again to ensure that the re-laid design meets the time sequence requirement of the circuit to be tested.
The parity check fault injection detection method based on the local re-layout realizes high fault detection rate and low resource occupation, analyzes the registers in the local fault injection attack range, adopts manual re-layout wiring to ensure that the number of the registers belonging to the same word is odd, and ensures that all faults can be detected. The method solves the problems of low detection rate of word parity check failures and high consumption of byte parity check resources in the existing failure detection technology, is a failure detection technology with high failure detection rate and low resource consumption, and improves the failure detection rate under the condition of not increasing the resource consumption.
Drawings
Fig. 1 is a schematic diagram of a parity check fault injection detection method based on local rearrangement.
Detailed Description
The following describes a parity check fault injection detection method based on local rearrangement according to the present invention in detail with reference to the following embodiments and the accompanying drawings.
As shown in fig. 1, a parity check fault injection detection method based on local rearrangement of the present invention includes adding a prediction circuit and a comparison circuit on the basis of a circuit to be tested. And (3) adopting a word parity check fault injection detection method for the circuit to be detected, and rearranging the registers in an attack range aiming at local fault injection attack to ensure that the number of the registers belonging to the same word in the attack range is an odd number.
The word parity check fault injection detection method comprises a prediction circuit and a comparison circuit, wherein the prediction circuit predicts and obtains a theoretical value p (x) of parity of an output result of a circuit to be detected according to input data x and a parity check principle of the circuit to be detected, and calculates and obtains an actual value y (x) of the parity of the output result of the circuit to be detected; the comparison circuit is a comparator, whether the theoretical value p (x) is the same as the actual value y (x) or not is judged, if the theoretical value p (x) is consistent with the actual value y (x), the output of the original circuit is considered to be correct, and otherwise, the original circuit fails to inject attacks.
The method for rearranging the registers in the attack range comprises the following steps:
s1: in the design after the layout and wiring of the circuit to be tested, the re-layout is carried out by moving or exchanging registers, wherein the moving is to move the selected register to a new position; the interchanging is to select two registers to be interchanged and interchange the positions of the two registers;
s2: rewiring a connecting line connected with the moved or exchanged register;
s3: checking the rewiring condition to ensure that all the wirings are finished;
s4: and performing static time sequence analysis on the re-laid design again to ensure that the re-laid design meets the time sequence requirement of the circuit to be tested.
Taking the RC5 encryption algorithm fault injection detection as an example, the parameter combination is selected as: the word length is 32 bits, the key length is 16 bytes, and the number of encryption rounds is 12. Assuming that the fault injection attack scope includes two registers in the same word, in order to solve the defect that parity check cannot detect even bit fault, one of the registers is exchanged with a register outside the fault injection attack scope, and the fault injection attack scope is realized by using an engineering Change command eco (engineering Change order) in vivado, which includes the following steps:
s1: in the layout and wiring design, a register in the fault injection attack range is selected to be exchanged with a register outside the fault injection attack range;
s2: rewiring a connecting line connected with the exchanged register;
s3: checking the wiring condition by using a report _ route _ status command in the Tcl Console to ensure that all modified wirings are finished;
s4: and performing static time sequence analysis on the modified design again to ensure that the design after local re-layout and wiring meets the original time sequence requirement.
In the design after the local rearrangement, the number of registers belonging to the same word in the fault injection detection range is odd, all faults can be detected by adopting a parity check fault injection detection method, and the detection rate is 100%. In addition, resource consumption does not increase in the design after the redistribution routing.
The present invention is not limited to the above-described embodiments. The foregoing description of the specific embodiments is intended to describe and illustrate the technical solutions of the present invention, and the above specific embodiments are merely illustrative and not restrictive. Those skilled in the art can make many changes and modifications to the invention without departing from the spirit and scope of the invention as defined in the appended claims.
Reference documents:
[1]BARENGHI A,BREVEGLIERI L,KOREN I,et al.Fault injection attacks on cryptographic devices:theory,practice,and countermeasures[J].Proceedings of the IEEE,2012,100(11):3056-3076.
[2]Courtois N,Ware D,Jackson K M.Fault-algebraic attacks on inner rounds of DES[EB/OL].Nice:Strategies Telecom and Multimedia,2010-9-22[2016-11-16].http://www0.cs.ucl.ac.uk/staff/n.courtois/dfasolv.pdf.
[3]CHU J,BENAISSA M.Error detecting AES using polynomial residue number systems[J].Microprocessors&Microsystems,2013,37(2):228-234.
[4]WEN Liang,JIANG Wei,JIANG Ke,et al.Detecting Fault Injection Attacks on Embedded Real-Time Applications:A System-Level Perspective[C]//IEEE,International Conference on High PERFORMANCE Computing and Communications,2015IEEE,International Symposium on Cyberspace Safety and Security,and 2015 IEEE,International Conf on Embedded Software and Systems.New York:IEEE Computer Society,2015:700-705.
Claims (1)
1. a parity check fault injection detection method based on local rearrangement is characterized by comprising the steps of adopting a word parity check fault injection detection method for a circuit to be detected, and rearranging registers in an attack range aiming at local fault injection attack to ensure that the number of the registers belonging to the same word in the attack range is an odd number; wherein the content of the first and second substances,
the word parity check fault injection detection method comprises a prediction circuit and a comparison circuit, wherein the prediction circuit predicts to obtain a theoretical value of parity of an output result of a circuit to be detected according to input data and a parity check principle of the circuit to be detected and calculates to obtain an actual value of the parity of the output result of the circuit to be detected; the comparison circuit is a comparator, whether the theoretical value is the same as the actual value or not is judged, if the theoretical value is consistent with the actual value, the output of the original circuit is considered to be correct, and otherwise, the original circuit is failed and injected into an attack;
the method for rearranging the registers in the attack range comprises the following steps:
s1: in the design after the layout and wiring of the circuit to be tested, the re-layout is carried out by moving or exchanging registers, wherein the moving is to move the selected register to a new position; the exchange is to select two registers to be exchanged and exchange the positions of the two registers;
s2: rewiring a connecting line connected with the moved or exchanged register;
s3: checking the rewiring condition to ensure that all the wirings are finished;
s4: and performing static time sequence analysis on the re-laid design again to ensure that the re-laid design meets the time sequence requirement of the circuit to be tested.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811473142.4A CN109815038B (en) | 2018-12-04 | 2018-12-04 | Parity check fault injection detection method based on local rearrangement |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811473142.4A CN109815038B (en) | 2018-12-04 | 2018-12-04 | Parity check fault injection detection method based on local rearrangement |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN109815038A CN109815038A (en) | 2019-05-28 |
| CN109815038B true CN109815038B (en) | 2022-03-29 |
Family
ID=66601949
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201811473142.4A Active CN109815038B (en) | 2018-12-04 | 2018-12-04 | Parity check fault injection detection method based on local rearrangement |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109815038B (en) |
Families Citing this family (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US11366899B2 (en) * | 2020-02-18 | 2022-06-21 | Nuvoton Technology Corporation | Digital fault injection detector |
| CN114328001B (en) * | 2022-03-11 | 2022-07-19 | 紫光同芯微电子有限公司 | Method and device for detecting fault injection attack on RAM and storage medium |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US4546475A (en) * | 1982-12-06 | 1985-10-08 | At&T Bell Laboratories | Parity checking arrangement |
| CN101923903A (en) * | 2009-06-16 | 2010-12-22 | St微电子(鲁塞)有限公司 | Detection is to the method and the corresponding memory of the fault-injection attack of storer |
| CN106777529A (en) * | 2016-11-23 | 2017-05-31 | 天津大学 | Integrated circuit fault-resistant injection attacks capability assessment method based on FPGA |
| CN106771962A (en) * | 2016-11-29 | 2017-05-31 | 天津大学 | A kind of Fault of Integrated Circuits injection attacks analogy method based on partial scan |
-
2018
- 2018-12-04 CN CN201811473142.4A patent/CN109815038B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US4546475A (en) * | 1982-12-06 | 1985-10-08 | At&T Bell Laboratories | Parity checking arrangement |
| CN101923903A (en) * | 2009-06-16 | 2010-12-22 | St微电子(鲁塞)有限公司 | Detection is to the method and the corresponding memory of the fault-injection attack of storer |
| CN106777529A (en) * | 2016-11-23 | 2017-05-31 | 天津大学 | Integrated circuit fault-resistant injection attacks capability assessment method based on FPGA |
| CN106771962A (en) * | 2016-11-29 | 2017-05-31 | 天津大学 | A kind of Fault of Integrated Circuits injection attacks analogy method based on partial scan |
Non-Patent Citations (1)
| Title |
|---|
| 一种混合粒度奇偶校验故障注入检测方法;王沛晶;《北京航空航天大学学报》;20181114 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN109815038A (en) | 2019-05-28 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Das et al. | Weight-based codes and their application to concurrent error detection of multilevel circuits | |
| Chakraborty et al. | A flexible online checking technique to enhance hardware trojan horse detectability by reliability analysis | |
| US11734420B2 (en) | Snooping invalidation and snooping detection device and method | |
| Raparti et al. | Lightweight mitigation of hardware Trojan attacks in NoC-based manycore computing | |
| Yu et al. | Exploiting error control approaches for hardware trojans on network-on-chip links | |
| CN109815038B (en) | Parity check fault injection detection method based on local rearrangement | |
| Hussain et al. | EETD: An energy efficient design for runtime hardware trojan detection in untrusted network-on-chip | |
| US9736181B2 (en) | Hardening data transmissions against power side channel analysis | |
| Frey et al. | Exploiting state obfuscation to detect hardware trojans in NoC network interfaces | |
| Lee et al. | Robust secure shield architecture for detection and protection against invasive attacks | |
| Sheikhpour et al. | Practical fault resilient hardware implementations of AES | |
| CN110727636B (en) | Equipment isolation method of system on chip | |
| Galathy et al. | A systematic approach to fault attack resistant design | |
| CN109541444B (en) | Integrated circuit fault injection detection method based on mixed granularity parity check | |
| US11636227B2 (en) | Protection against fault attacks by duplication | |
| Rashidi | Fault-tolerant and error-correcting 4-bit S-boxes for cryptography applications with multiple errors detection | |
| Köylü et al. | Exploiting PUF Variation to Detect Fault Injection Attacks | |
| Al-Anwar et al. | Defeating hardware spyware in third party IPs | |
| CN102986141B (en) | There is the data-interface of the integrated wrong identification of self-shield | |
| Rathor et al. | New lightweight architectures for secure FSM design to thwart fault injection and Trojan attacks | |
| Yu et al. | Investigating reliability and security of integrated circuits and systems | |
| Raparti et al. | Securing 3d nocs from hardware trojan attacks | |
| Keren et al. | Duplication based one-to-many coding for Trojan HW detection | |
| Satish et al. | Faulty Node Detection and Correction of Route in Network-On-Chip (NoC) | |
| Gondal et al. | A method to detect and avoid hardware Trojan for network-on-chip architecture based on error correction code and junction router (ECCJR) |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| CP02 | Change in the address of a patent holder |
Address after: 300452 Binhai Industrial Research Institute Campus of Tianjin University, No. 48 Jialingjiang Road, Binhai New Area, Tianjin Patentee after: Tianjin University Address before: 300072 Tianjin City, Nankai District Wei Jin Road No. 92 Patentee before: Tianjin University |
|
| CP02 | Change in the address of a patent holder |