CN111082925A - Embedded system encryption protection device and method based on AES algorithm and PUF technology - Google Patents
Embedded system encryption protection device and method based on AES algorithm and PUF technology Download PDFInfo
- Publication number
- CN111082925A CN111082925A CN201911011610.0A CN201911011610A CN111082925A CN 111082925 A CN111082925 A CN 111082925A CN 201911011610 A CN201911011610 A CN 201911011610A CN 111082925 A CN111082925 A CN 111082925A
- Authority
- CN
- China
- Prior art keywords
- module
- embedded system
- key
- encryption
- puf
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 31
- 238000005516 engineering process Methods 0.000 title claims abstract description 17
- 230000004044 response Effects 0.000 claims abstract description 60
- 238000004891 communication Methods 0.000 claims abstract description 43
- 230000005284 excitation Effects 0.000 claims abstract description 38
- 238000012937 correction Methods 0.000 claims description 8
- 238000010586 diagram Methods 0.000 description 12
- 230000015654 memory Effects 0.000 description 7
- 230000008569 process Effects 0.000 description 7
- 238000013507 mapping Methods 0.000 description 6
- 238000012795 verification Methods 0.000 description 6
- 239000011159 matrix material Substances 0.000 description 5
- 238000005070 sampling Methods 0.000 description 5
- 238000004519 manufacturing process Methods 0.000 description 4
- 238000006467 substitution reaction Methods 0.000 description 3
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000012545 processing Methods 0.000 description 2
- 230000001012 protector Effects 0.000 description 2
- PXFBZOLANLWPMH-UHFFFAOYSA-N 16-Epiaffinine Natural products C1C(C2=CC=CC=C2N2)=C2C(=O)CC2C(=CC)CN(C)C1C2CO PXFBZOLANLWPMH-UHFFFAOYSA-N 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 230000006870 function Effects 0.000 description 1
- 230000009466 transformation Effects 0.000 description 1
- 230000007306 turnover Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L1/00—Arrangements for detecting or preventing errors in the information received
- H04L1/004—Arrangements for detecting or preventing errors in the information received by using forward error control
- H04L1/0056—Systems characterized by the type of code used
- H04L1/0061—Error detection codes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0435—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3271—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
- H04L9/3278—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response using physically unclonable functions [PUF]
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses an embedded system encryption protection device and method based on an AES encryption and decryption algorithm and a PUF technology. The device includes: a communication module; the true random number generator module is used for generating a random plaintext; a ring oscillator cluster; the RO PUF module generates a response value by utilizing the excitation generated by the ring oscillator; the codec module decodes according to the response value and the check code to generate a secret key; and the AES encryption module encrypts the random plaintext by using the key to obtain a ciphertext, and feeds the plaintext and the ciphertext back to the embedded system through the communication module. The device and the method for encrypting and protecting the embedded system based on the AES algorithm and the PUF technology adopt the key generation based on the RO PUF module and the codec module, wherein the RO PUF module realizes the excitation and response values uniquely related to the circuit by utilizing the physical difference of the circuit and uses the excitation and response values as the generation source of the key, and the generated key has the characteristics of high safety, unpredictability, unclonability and the like.
Description
Technical Field
The invention belongs to the field of encryption protection of an embedded system, and particularly relates to an embedded system encryption protection device and method based on an AES algorithm and a PUF technology.
Background
The hardware circuit and software system of the embedded system always face the danger of copy, plagiarism and copycat by the emulational manufacturer, the safety problem of the intellectual property will undoubtedly bring a huge attack to the innovation power of the developer, and simultaneously the normal operation of the market economy will be influenced.
The existing protection device and protection scheme of the anti-copy board generally generate an encryption key in advance, and then store the encryption key in a memory of an electronic product to be protected and a memory in the anti-copy board protection device. When the electronic product needs to work, the keys are read out from the respective memories, and the encryption verification algorithm is executed in the MCU and the protection device of the electronic product for verification. If the verification is successful, the electronic product operates normally, otherwise, the electronic product stops working. Therefore, even if a plagiarizer copies and cracks the hardware and the core program of the electronic product, the electronic product cannot pass the verification and cannot work due to the lack of a protection device, and finally the purpose of protecting the hardware circuit and the core program of the electronic product is achieved.
However, in the existing anti-copy board protection device and protection scheme, the encryption key is generally stored in the memory, so that there is a certain probability that the encryption key is cracked by a pirate, and in addition, because an additional memory is needed for storing the encryption key, the production and manufacturing costs are correspondingly increased.
Disclosure of Invention
The invention aims to provide an embedded system encryption protection device and method based on an AES algorithm and a PUF technology, which are used for encrypting an embedded system.
An embedded system encryption protection device based on an AES encryption and decryption algorithm and a PUF technology comprises:
the communication module is used for communicating with the embedded system;
the true random number generator module is used for generating a random plaintext;
a ring oscillator cluster comprising a plurality of ring oscillators for generating an excitation;
the RO PUF module generates a response value by utilizing the excitation generated by the ring oscillator after receiving an authentication request sent by the embedded system through the communication module;
the codec module is used for decoding according to the response value and the check code sent by the embedded system through the communication module to generate a key corresponding to AES encryption;
and the AES encryption module is used for encrypting a random plaintext by using the key received from the codec module to obtain a ciphertext and feeding the plaintext and the ciphertext corresponding to the plaintext back to the embedded system through the communication module.
Preferably, the codec module comprises a BCH codec for BCH decoding using the response value and a check code to generate the key.
Preferably, the codec module comprises a hamming code error correction code codec for hamming code error correction code decoding using the response value and the check code to generate the key.
Preferably, the RO PUF module and the true random number generator module share the excitation of the ring oscillator output.
Preferably, the AES encryption module encrypts based on a simplified circuit module and a key expansion module of an S-box lookup table inversion module optimized in a finite field, and completes one round of AES encryption operation per cycle, performs 10 rounds of encryption operations by the multiplexing encryption module, and completes one AES encryption operation per 10 cycles.
Preferably, the stimuli received by the RO PUF module correspond one-to-one to the resulting response values.
An encryption protection method for an embedded system based on an AES encryption and decryption algorithm and a PUF technology comprises an encryption authentication mode, wherein the encryption authentication mode comprises the following steps:
upon receiving an encryption authentication request through the communication module, the RO PUF module generates a response value using a stimulus generated by the ring oscillator;
the codec module decodes according to the response value and a check code sent by the embedded system through the communication module to generate a key corresponding to AES encryption;
and after receiving the key generated by the key generator module, the AES encryption module encrypts the random plaintext generated by the true random number generator module to obtain a ciphertext, and then feeds the plaintext and the ciphertext corresponding to the plaintext back to the embedded system through the communication module.
Preferably, after the AES encryption module feeds back the plaintext and the ciphertext corresponding to the plaintext to the embedded system through the communication module, the method further includes:
after receiving the plaintext and the ciphertext, the embedded system executes decryption on the received ciphertext according to a key stored by the embedded system;
and comparing the decrypted result with the received plaintext, if the decrypted result is consistent with the received plaintext, successfully authenticating, and otherwise, failing to authenticate the embedded system and stopping working.
Preferably, an initialization mode is further included, the initialization mode including:
if a key initialization request is received through the communication module, the true random number generator module generates a group of 16-bit random stimuli and sends the 16-bit random stimuli to the RO PUF module;
the RO PUF module generates a group of corresponding responses by utilizing the random excitation and sends the responses to the codec module;
the codec module encodes the response to obtain a group of keys and check codes;
and returning the key and the check code to the embedded system and storing the key and the check code to the embedded system.
Preferably, the method further comprises a key update mode, and the state switching among the encryption authentication mode, the initialization mode and the key update mode is controlled by a finite state machine, wherein the key update mode comprises the following steps:
if a key updating key request is received through the communication module, the true random number generator module generates a group of 16-bit random excitation and sends the 16-bit random excitation to the RO PUF module;
the RO PUF module generates a group of corresponding responses by utilizing the random excitation and sends the responses to the codec module;
the codec module encodes the response to obtain a group of new keys and check codes;
and returning the updated key and the updated check code to the embedded system, and updating and storing the key and the check code to the embedded system.
Compared with the prior art, the encryption protection device and method for the embedded system based on the AES algorithm and the PUF technology adopt the key generation based on the RO PUF module and the codec module, wherein the RO PUF module realizes the excitation and response values uniquely related to the circuit by utilizing the physical difference of the circuit, and the excitation and response values are used as the generation source of the key, and the generated key has the characteristics of high safety, unpredictability, unclonability and the like.
The secret key generator realizes the coding and decoding of the secret key, when a plurality of bits of the secret key have errors, the correction of the secret key can be realized through the check code, and the stability of the secret key generated by the RO PUF module is improved. In addition, the key generator adopted by the device does not need an additional nonvolatile memory to store the key, so the manufacturing cost is low.
In addition, the encryption protection device of the embedded system adopts a sharing strategy of the ring oscillator, namely the ROPUF module and the true random number generator based on the ring oscillator share the same ring oscillator, and the sharing strategy greatly reduces the expenditure of hardware resources under the condition of not influencing the normal work of the device.
Drawings
Fig. 1 is a schematic structural diagram of an encryption protection device of an embedded system.
Fig. 2 is a schematic diagram of a circuit configuration of a ring oscillator and a PUF module.
FIG. 3 is a schematic diagram of the structure of a ring oscillator and true random number generator.
Figure 4 is a schematic diagram of a ring oscillator sharing implementation.
Fig. 5 is a schematic structural diagram of an AES encryption module.
FIG. 6 is a schematic diagram of an embedded system encryption protector workflow finite state machine.
Fig. 7 is a flowchart in the key initialization mode.
Fig. 8 is a flowchart in the key update mode.
Fig. 9 is a flowchart in the encryption authentication mode.
Detailed Description
The invention will be further explained with reference to the drawings.
Example 1
Fig. 1 is a schematic structural diagram of an encryption protection device of an embedded system. As shown in fig. 1, the embodiment takes an ASIC chip as an example, and the encryption protection device for an embedded system based on the AES encryption and decryption algorithm and the PUF technology includes components such as a communication module, a true random number generator module, a ring oscillator cluster, an RO PUF module (ring oscillator Physical Unclonable function, referred to as RO PUF for short), a codec module, an AES encryption module, and a register set.
The communication module is used for encrypting the communication between the protection device and the embedded system. In this embodiment, the communication module may include an IIC communication module, and may also communicate with a communication protocol such as UART or USB. The encryption protection device uses two data lines of SDA and SCL to communicate with the protected embedded system through the IIC communication module, so as to realize the protection of the embedded system. The register group is a storage unit for storing information such as plaintext, ciphertext, excitation, secret key and the like generated by the encryption protection device in the process of carrying out encryption authentication protection on the embedded system, and is also a storage unit for carrying out data transmission with the embedded system.
Fig. 2 is a schematic diagram of a circuit configuration of a ring oscillator cluster and PUF modules. As shown in fig. 2, the ring oscillator cluster includes a plurality of ring oscillators for generating an excitation. In this embodiment, the ring oscillator cluster is composed of 8 groups of ring oscillators, each group is composed of 34 ring oscillators, and each ring oscillator is constructed by 59 or more inverters adopting the core international 130nm technology, including 59 or more inverters.
The RO PUF module in this embodiment is a PUF circuit based on a ring oscillator, and uses a delay of a signal when the signal is transmitted in the ring oscillator as a response difference source of the PUF. And after receiving an authentication request sent by the embedded system through the communication module, the RO PUF module generates a response value by utilizing the excitation generated by the ring oscillator, wherein the excitation received by the RO PUF module corresponds to the generated response value one to one. The stimulus required by the RO PUF module is sent by the embedded system through the communication module in the I2C communication mode. Referring to fig. 2, the RO PUF module includes a counter group and a comparator group. The 4 sets of ring oscillators are used as 16-bit input excitations, and the 16-bit input excitations are divided into 4 sets of 4-bit excitations. The input stimuli are compared by selecting a pair of ring oscillators through a 16-to-1 multiplexer. In the embodiment, a chain comparison strategy is adopted, that is, the RO PUF module always selects an adjacent pair of Ring Oscillators (ROs) for comparison, such as selecting ring oscillator 0 and ring oscillator 1 as a comparison pair, or selecting ring oscillator 1 and ring oscillator 2 as a comparison pair for comparison. The outputs of the ring oscillator are connected to two counters, respectively. The counter will record the number of flips of the two ring oscillators over a certain time. By comparing the turnover times of the two ring oscillators, a response value of 0 or 1 is output. Thus by inputting different 16-bit stimuli, different 16-bit response values can be obtained.
The true random number generator in this embodiment is based on a ring oscillator. The true random number generator module is used for generating random plaintext, and random numbers generated by the true random number generator can be stored in the register set and provided to the AES encryption module as the random plaintext. FIG. 3 is a schematic diagram of the structure of a ring oscillator and true random number generator. As shown in fig. 3, the true random number generator is mainly composed of three parts: the device comprises an entropy source module, a sampling module and an exclusive or network module. The entropy source module is composed of a plurality of ring oscillators, and each ring oscillator is a loop composed of an odd number of inverters and an AND gate. One input port of the AND gate is connected with an enable signal ENA, when the true random number generator works, the enable signal is set to be 1, the AND gate is equivalent to a buffer, and the ring oscillator starts to oscillate; otherwise, the enable signal is set to 0, the output of the AND gate is fixed to 0, and the ring oscillator stops oscillating. The sampling module consists of a D trigger, the D input is the output of the ring oscillator, the clock input is the low-frequency sampling clock clk _ sampling, and the output Q is connected to the input of the XOR network module. The exclusive-or network module is composed of a plurality of exclusive-or gates, and carries out exclusive-or processing on a plurality of random bit inputs obtained by sampling of a D trigger, wherein the D trigger is used for storing and outputting the random bits and is controlled by clk _ ctrl.
Figure 4 is a schematic diagram of a ring oscillator sharing implementation. As shown in fig. 4, the RO PUF module and the true random number generator module share the excitation of the ring oscillator output. The RO PUF module and the true random number generator module adopt a ring oscillator sharing strategy, and the RO PUF module and the true random number generator module share the same ring oscillator cluster. In this embodiment, the ring oscillator cluster is composed of 8 groups of ring oscillators, each group is composed of 34 ring oscillators, and each ring oscillator is constructed by 59 or more inverters of the central core international 130nm technology. When the RO PUF or the true random number generator works, the ring oscillator cluster starts to work.
The random number generated by the true random number generator may be stored in a register set and provided to the AES encryption module as random plaintext. The stimulus required by the RO PUF module is sent by the embedded system through the communication module in the I2C communication mode.
And the codec module decodes according to the response value and the check code sent by the embedded system through the communication module to generate a key corresponding to AES encryption. In this embodiment, the codec module includes a BCH codec, and is configured to encode the response value generated by the RO PUF module to obtain the secret key and the check code, and correct the secret key through the check code, so that stability of the secret key generated by the RO PUF module is improved.
Fig. 5 is a schematic structural diagram of an AES encryption module. As shown in fig. 5, the AES encrypting module receives the key generated by the key generator module to encrypt the random plaintext, and after obtaining the ciphertext, feeds back the plaintext and the ciphertext corresponding to the plaintext to the embedded system through the communication module. When the AES encryption module needs a secret key, the response value generated by the RO PUF module is sent to the BCH decoder for decoding, and the secret key can be obtained.
The Round-based circuit of the AES encryption module in this example is mainly composed of four parts, which correspond to four operations of byte substitution, line shift, column confusion, and Round key addition in the AES encryption process, respectively. In addition, the AES encryption module in this example is employed in the finite field GF (2)4)2The S-box implementation method of (1), namely, the AES encryption module is encrypted based on a simplified circuit module and a key expansion module of an S-box lookup table inversion module optimized in a finite field, and the size of the S-box can be reduced to 24byte bytes. The specific method is that the entire AES encryption operation is mapped into GF (24)2, and both the mapping circuit and the inverse mapping circuit are removed out of the Round-based circuit. One round of AES encryption operation is completed in each period, 10 rounds of encryption operation are performed through the multiplexing encryption module, and one time of AES encryption operation is completed in 10 periods. The AES encryption module is realized by adopting a hardware circuit, but the AES encryption module can also realize AES encryption operation by replacing the hardware circuit with a software algorithm, and is more flexible and easy to use.
Taking 128 as an example, the AES encryption module is implemented as follows:
(1) the 128-bit plaintext enters the circuit from the leftmost end, and the 128-bit plaintext is obtained after being mapped through the mapping circuit of the finite field;
(2) the mapped plaintext is arranged into a 4 x 4 state matrix from high order to low order in units of each byte. The state matrix is composed of 16-byte registers. Arranging the plaintext from top to bottom and from left to right, and storing the plaintext in a state matrix register;
(3) judging whether the first round is the first round, if so, executing the step (6), and if not, executing the step (4);
(4) the shift operation is realized directly through circuit logic connection, namely, data is taken out from a specific position of the state matrix for processing to obtain a corresponding row of data;
(5) in the byte substitution process, 16S boxes are used for simultaneously performing table look-up operation on 16 bytes, and then affine transformation is performed on the result obtained by table look-up to obtain the result after byte substitution;
(6) judging whether the process is the tenth process, if so, executing the step (8), and if not, executing the step (7);
(7) adding and multiplying finite fields by taking columns as units to realize column confusion operation;
(8) performing round key addition operation, and performing exclusive or operation on the column confusion result and the round key according to bits;
(9) judging whether the cipher is in the tenth round or not, if so, performing inverse mapping operation on the round key addition result through an inverse mapping circuit to obtain a 128-bit inverse mapping cipher text, and outputting a result; otherwise, updating the result of the round key addition to the state matrix, and performing the next round of operation, so as to reciprocate until ten rounds of operation are completed.
The AES encryption module completes one round of encryption operation in each period, and 1 period is needed when initial data is stored in a state, so that the total 11 periods are needed when the complete encryption operation is completed, and finally a 128-bit ciphertext is obtained through encryption and stored in a register set.
Example 2
The configuration of the encryption protection device in embodiment 2 is substantially the same as that of the second embodiment, except that: and the coder and decoder module is used for coding and decoding the response value of the ROPUF module by adopting a Hamming code error correction code method to generate the secret key. Since the Hamming code also has error correction capability, even if some bits of the secret key in the encryption protection device are wrong, the secret key can be corrected, and the stability of the generated secret key is improved. The whole key generation process can refer to embodiment 1, and is not described herein.
Example 3
FIG. 6 is a schematic diagram of an embedded system encryption protector workflow finite state machine. As shown in fig. 6, the encryption protection device of the embedded system has three modes, namely an encryption authentication mode, an initialization mode and a key updating mode, and the finite state machine controls the state switching among the encryption authentication mode, the initialization mode and the key updating mode, specifically, the switching steps are as follows:
(1) judging whether the working mode is key initialization or not, if so, executing the step (6), otherwise, executing the step (2);
(2) the true random number generator module generates a group of random numbers as random plaintext and sends the random numbers to the AES encryption module;
(3) the RO PUF module generates a group of corresponding response values according to the excitation sent by the embedded system and sends the response values to the codec module;
(4) the codec module decodes the response value by using the check code sent by the embedded system to obtain a group of keys and sends the keys to the AES encryption module;
(5) the AES encryption module encrypts the random plaintext by using the key to obtain a ciphertext, and sends the random plaintext and the ciphertext back to the embedded system. Judging whether the working mode is encryption authentication and key updating, if so, executing the step (6), otherwise, returning to an IDLE state;
(6) the true random number generator module generates a group of random numbers as excitation and sends the excitation to the RO PUF module;
(7) the RO PUF module generates a group of corresponding response values according to random excitation generated by the true random number generator and sends the response values to the codec module;
(8) and the codec module encodes the response value to obtain a check code and a secret key, and sends the check code, the secret key and the excitation back to the embedded system.
Fig. 7 is a flowchart in the key initialization mode. As shown in FIG. 7, the initialization mode includes steps S701 to 704.
Step S701: if a key initialization request is received via the communication module, the true random number generator module generates a set of 16-bit random stimuli and sends them to the RO PUF module. Specifically, the embedded system may initiate a key initialization request to the encryption protection device through IIC communication, and the encryption protection device starts to operate after receiving the key initialization request.
Step S702: the RO PUF module generates a set of corresponding responses using the random stimulus and sends the responses to a codec module.
Step S703: and the codec module encodes the response to obtain a group of keys and check codes. Taking the BCH decoder as an example, the BCH decoder performs BCH encoding on the response to obtain a set of 128-bit keys and a 10-bit check code.
Step S704: and returning the random excitation, the secret key and the check code to the embedded system and storing the random excitation, the secret key and the check code to the embedded system for application in the encryption authentication mode.
Fig. 8 is a flowchart in the key update mode. As shown in fig. 8, the refresh key mode includes the following steps.
Step S801: if a rekeying request is received via the communications module, the true random number generator module generates a set of 16-bit random stimuli and sends them to the RO PUF module.
Step S802: the RO PUF module generates a set of corresponding responses using the random stimulus and sends the responses to a codec module.
Step S803: and the codec module encodes the response to obtain a group of new keys and check codes.
Step S804: and returning the updated key and the updated check code to the embedded system, and updating and storing the key and the check code to the embedded system.
Fig. 9 is a flowchart in the encryption authentication mode, which includes the following steps, as shown in fig. 9.
Step S901: upon receiving a cryptographic authentication request through the communication module, the RO PUF module generates a response value using a stimulus generated by the ring oscillator. Specifically, the embedded system may send the stored excitation and check code to the encryption protection device through UART communication, and initiate an encryption authentication request to the encryption protection device. And the encryption protection device starts to work after receiving the authentication request. In this step, the response value may be 16 bits. The excitation, the check code and the secret key stored in the embedded system are obtained when a hardware encryption device is used for carrying out a secret key initialization mode, and can also be updated through a secret key updating mode.
Step S902: and the codec module decodes according to the response value and the check code sent by the embedded system through the communication module to generate a key corresponding to AES encryption. Taking the BCH decoder as an example, the BCH decoder performs BCH decoding by using the response value and the check code sent by the embedded system, generates a group of 128-bit keys required by the AES encryption process, and sends the keys to the AES encryption module.
Step S903: and after receiving the key generated by the key generator module, the AES encryption module encrypts the random plaintext generated by the true random number generator module to obtain a ciphertext, and then feeds the plaintext and the ciphertext corresponding to the plaintext back to the embedded system through the communication module. In this step, the random plaintext generated by the true random number generator module is a set of 128-bit random plaintext, and is sent to the AES encryption module.
Step S904: and after receiving the plaintext and the ciphertext, the embedded system executes decryption on the received ciphertext according to the key stored by the embedded system. Specifically, an AES encryption verification comparison program is stored in the embedded system, and after the embedded system receives a group of plaintext and ciphertext data, the AES encryption verification comparison program is used to decrypt the received ciphertext. The excitation, the check code and the secret key stored in the embedded system are obtained when a hardware encryption device is used for carrying out a secret key initialization mode, and can also be updated through a secret key updating mode.
Step S905: and comparing the decrypted result with the received plaintext, if the decrypted result is consistent with the received plaintext, successfully authenticating, and otherwise, failing to authenticate the embedded system and stopping working.
The device and the method for encrypting and protecting the embedded system based on the AES algorithm and the PUF technology adopt the ROPUF module and the codec module to generate the secret key, wherein the RO PUF module realizes the excitation and response values uniquely related to the circuit by utilizing the physical difference of the circuit, and uses the excitation and response values as the generation source of the secret key, and the generated secret key has the characteristics of high safety, unpredictability, unclonability and the like.
The secret key generator realizes the coding and decoding of the secret key, when a plurality of bits of the secret key have errors, the correction of the secret key can be realized through the check code, and the stability of the secret key generated by the RO PUF module is improved. In addition, the key generator adopted by the device does not need an additional nonvolatile memory to store the key, so the manufacturing cost is low.
In addition, the encryption protection device of the embedded system adopts a sharing strategy of the ring oscillator, namely the ROPUF module and the true random number generator based on the ring oscillator share the same ring oscillator, and the sharing strategy greatly reduces the expenditure of hardware resources under the condition of not influencing the normal work of the device.
It is to be understood that the present invention is not limited to the above-described embodiments, and that various changes and modifications may be made without departing from the spirit and scope of the invention, and it is intended to cover such changes and modifications as fall within the scope of the appended claims and equivalents thereof.
Claims (10)
1. An embedded system encryption protection device based on an AES encryption and decryption algorithm and a PUF technology is characterized by comprising:
the communication module is used for communicating with the embedded system;
the true random number generator module is used for generating a random plaintext;
a ring oscillator cluster comprising a plurality of ring oscillators for generating an excitation;
the RO PUF module generates a response value by utilizing the excitation generated by the ring oscillator after receiving an authentication request sent by the embedded system through the communication module;
the codec module is used for decoding according to the response value and the check code sent by the embedded system through the communication module to generate a key corresponding to AES encryption;
and the AES encryption module is used for encrypting a random plaintext by using the key received from the codec module to obtain a ciphertext and feeding the plaintext and the ciphertext corresponding to the plaintext back to the embedded system through the communication module.
2. The AES encryption/decryption algorithm and PUF technique based embedded system encryption protection apparatus of claim 1, wherein the codec module includes a BCH codec for BCH decoding using the response value and a check code to generate the key.
3. The AES encryption and decryption algorithm and PUF technique based embedded system encryption protection device of claim 1, wherein the codec module comprises a Hamming code error correction code codec for Hamming code error correction code decoding using the response value and a check code to generate the key.
4. The AES-encryption-decryption-algorithm-and-PUF-technology-based embedded system encryption protection device of claim 3, wherein the RO PUF module and the true random number generator module share a stimulus of the ring oscillator output.
5. The AES encryption and decryption algorithm and PUF technology-based embedded system encryption protection device of claim 4, wherein the AES encryption module encrypts based on the simplified circuit module of the S-box lookup table inversion module optimized in the finite field and the key expansion module, and completes one round of AES encryption operation per cycle, 10 rounds of encryption operation are performed by multiplexing the encryption module, and one AES encryption operation is completed in 10 cycles.
6. The AES encryption and decryption algorithm and PUF technique-based embedded system encryption protection device of claim 5, wherein the stimuli received by the RO PUF module correspond one-to-one to the resulting response values.
7. An encryption protection method for an embedded system based on an AES encryption and decryption algorithm and a PUF technology is characterized by comprising an encryption authentication mode, wherein the encryption authentication mode comprises the following steps:
upon receiving an encryption authentication request through the communication module, the RO PUF module generates a response value using a stimulus generated by the ring oscillator;
the codec module decodes according to the response value and a check code sent by the embedded system through the communication module to generate a key corresponding to AES encryption;
and after receiving the key generated by the key generator module, the AES encryption module encrypts the random plaintext generated by the true random number generator module to obtain a ciphertext, and then feeds the plaintext and the ciphertext corresponding to the plaintext back to the embedded system through the communication module.
8. The AES encryption/decryption algorithm and PUF technique based embedded system encryption protection method of claim 7, wherein after the AES encryption module feeds back the plaintext and the ciphertext corresponding to the plaintext to the embedded system through the communication module, further comprising:
after receiving the plaintext and the ciphertext, the embedded system executes decryption on the received ciphertext according to a key stored by the embedded system;
and comparing the decrypted result with the received plaintext, if the decrypted result is consistent with the received plaintext, successfully authenticating, and otherwise, failing to authenticate the embedded system and stopping working.
9. The AES encryption/decryption algorithm and PUF technique based embedded system encryption protection method of claim 8, further comprising an initialization mode, the initialization mode comprising:
if a key initialization request is received through the communication module, the true random number generator module generates a group of 16-bit random stimuli and sends the 16-bit random stimuli to the RO PUF module;
the RO PUF module generates a group of corresponding responses by utilizing the random excitation and sends the responses to the codec module;
the codec module encodes the response to obtain a group of keys and check codes;
and returning the key and the check code to the embedded system and storing the key and the check code to the embedded system.
10. The AES encryption and decryption algorithm and PUF technique based embedded system encryption protection method of claim 9, further comprising a key update mode, controlling state switching among the encryption authentication mode, the initialization mode, and the key update mode by a finite state machine, wherein the key update mode includes the steps of:
if a key updating key request is received through the communication module, the true random number generator module generates a group of 16-bit random excitation and sends the 16-bit random excitation to the RO PUF module;
the RO PUF module generates a group of corresponding responses by utilizing the random excitation and sends the responses to the codec module;
the codec module encodes the response to obtain a group of new keys and check codes;
and returning the updated key and the updated check code to the embedded system, and updating and storing the key and the check code to the embedded system.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911011610.0A CN111082925B (en) | 2019-10-23 | 2019-10-23 | Embedded system encryption protection device and method based on AES algorithm and PUF technology |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911011610.0A CN111082925B (en) | 2019-10-23 | 2019-10-23 | Embedded system encryption protection device and method based on AES algorithm and PUF technology |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111082925A true CN111082925A (en) | 2020-04-28 |
| CN111082925B CN111082925B (en) | 2021-07-30 |
Family
ID=70310549
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201911011610.0A Active CN111082925B (en) | 2019-10-23 | 2019-10-23 | Embedded system encryption protection device and method based on AES algorithm and PUF technology |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111082925B (en) |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111565110A (en) * | 2020-05-09 | 2020-08-21 | 西安电子科技大学 | Unified identity authentication system and method based on RO PUF multi-core system |
| CN111722831A (en) * | 2020-05-07 | 2020-09-29 | 中山大学 | Encryption system and implementation method thereof |
| CN111884799A (en) * | 2020-07-30 | 2020-11-03 | 中物院成都科学技术发展中心 | CRPs library construction method and system based on RO-PUF |
| WO2021232255A1 (en) * | 2020-05-19 | 2021-11-25 | 深圳市汇顶科技股份有限公司 | True random number generator and electronic device |
| CN116707772A (en) * | 2023-08-04 | 2023-09-05 | 山东天河科技股份有限公司 | Identity information management method of controller chip |
| CN117914491A (en) * | 2024-03-19 | 2024-04-19 | 中国人民解放军火箭军工程大学 | Digital encryption and decryption method and system of portable PUF (physical unclonable function) |
| CN117914491B (en) * | 2024-03-19 | 2024-07-09 | 中国人民解放军火箭军工程大学 | Digital encryption and decryption method and system for portable SRAM PUF |
Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20140089659A1 (en) * | 2010-11-30 | 2014-03-27 | Ernest F. Brickell | Method and apparatus for key provisioning of hardware devices |
| CN103778374A (en) * | 2014-02-19 | 2014-05-07 | 邹候文 | Trusted terminal, double-channel card, anti-cloning chip, chip fingerprint and channel attack resistance method |
| EP2693370A4 (en) * | 2011-03-31 | 2014-10-22 | Ictk Co Ltd | Apparatus and method for generating a digital value |
| CN106203134A (en) * | 2016-06-30 | 2016-12-07 | 珠海智融科技有限公司 | Anti-brush machine system and method based on hardware encryption |
| CN108768619A (en) * | 2018-06-08 | 2018-11-06 | 中国电子科技集团公司第五十八研究所 | A kind of strong PUF circuits and its working method based on ring oscillator |
| CN109409062A (en) * | 2018-09-30 | 2019-03-01 | 河海大学常州校区 | Identity authorization system and method based on the unclonable technology of physics and physiological characteristic |
| CN109547207A (en) * | 2018-11-08 | 2019-03-29 | 宁波大学 | A kind of physics unclonable function circuit using 2T2R mixed structure |
| US20190109718A1 (en) * | 2017-10-10 | 2019-04-11 | Nxp B.V. | Method for configuring a transponder, transponder and base station |
-
2019
- 2019-10-23 CN CN201911011610.0A patent/CN111082925B/en active Active
Patent Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20140089659A1 (en) * | 2010-11-30 | 2014-03-27 | Ernest F. Brickell | Method and apparatus for key provisioning of hardware devices |
| EP2693370A4 (en) * | 2011-03-31 | 2014-10-22 | Ictk Co Ltd | Apparatus and method for generating a digital value |
| CN103778374A (en) * | 2014-02-19 | 2014-05-07 | 邹候文 | Trusted terminal, double-channel card, anti-cloning chip, chip fingerprint and channel attack resistance method |
| CN106203134A (en) * | 2016-06-30 | 2016-12-07 | 珠海智融科技有限公司 | Anti-brush machine system and method based on hardware encryption |
| US20190109718A1 (en) * | 2017-10-10 | 2019-04-11 | Nxp B.V. | Method for configuring a transponder, transponder and base station |
| CN108768619A (en) * | 2018-06-08 | 2018-11-06 | 中国电子科技集团公司第五十八研究所 | A kind of strong PUF circuits and its working method based on ring oscillator |
| CN109409062A (en) * | 2018-09-30 | 2019-03-01 | 河海大学常州校区 | Identity authorization system and method based on the unclonable technology of physics and physiological characteristic |
| CN109547207A (en) * | 2018-11-08 | 2019-03-29 | 宁波大学 | A kind of physics unclonable function circuit using 2T2R mixed structure |
Non-Patent Citations (3)
| Title |
|---|
| WEIZE YU: "PUF-AES-PUF:a novel PUF architecture against non-invasive attacks", 《ARXIV》 * |
| 李刚: "基于SRAM PUF电路的AES算法设计", 《数学的实践与认识》 * |
| 杜文全: "Optimizing of Convolutional Neural Network Accelerator operator", 《GREEN ELECTRONICS》 * |
Cited By (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111722831A (en) * | 2020-05-07 | 2020-09-29 | 中山大学 | Encryption system and implementation method thereof |
| CN111722831B (en) * | 2020-05-07 | 2024-03-19 | 中山大学 | Encryption system and implementation method thereof |
| CN111565110A (en) * | 2020-05-09 | 2020-08-21 | 西安电子科技大学 | Unified identity authentication system and method based on RO PUF multi-core system |
| CN111565110B (en) * | 2020-05-09 | 2022-03-04 | 西安电子科技大学 | Unified identity authentication system and method based on RO PUF multi-core system |
| WO2021232255A1 (en) * | 2020-05-19 | 2021-11-25 | 深圳市汇顶科技股份有限公司 | True random number generator and electronic device |
| CN111884799A (en) * | 2020-07-30 | 2020-11-03 | 中物院成都科学技术发展中心 | CRPs library construction method and system based on RO-PUF |
| CN111884799B (en) * | 2020-07-30 | 2021-03-30 | 中物院成都科学技术发展中心 | CRPs library construction method and system based on RO-PUF |
| CN116707772A (en) * | 2023-08-04 | 2023-09-05 | 山东天河科技股份有限公司 | Identity information management method of controller chip |
| CN117914491A (en) * | 2024-03-19 | 2024-04-19 | 中国人民解放军火箭军工程大学 | Digital encryption and decryption method and system of portable PUF (physical unclonable function) |
| CN117914491B (en) * | 2024-03-19 | 2024-07-09 | 中国人民解放军火箭军工程大学 | Digital encryption and decryption method and system for portable SRAM PUF |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111082925B (en) | 2021-07-30 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111082925B (en) | Embedded system encryption protection device and method based on AES algorithm and PUF technology | |
| US8983069B2 (en) | System and method for counter mode encrypted communication with reduced bandwidth | |
| CN101149709B (en) | Encryption processor of memory card and method for writing and reading data using the same | |
| JP5167374B2 (en) | Data encryption device and memory card | |
| CN108073353B (en) | Data processing method and device | |
| US10650373B2 (en) | Method and apparatus for validating a transaction between a plurality of machines | |
| EP3577642B1 (en) | Methods and devices for protecting data | |
| US9418246B2 (en) | Decryption systems and related methods for on-the-fly decryption within integrated circuits | |
| CN112291056B (en) | Encryption key generator and transmission system | |
| US20170063853A1 (en) | Data cipher and decipher based on device and data authentication | |
| CN111722831B (en) | Encryption system and implementation method thereof | |
| CN112394877A (en) | Method for secure memory and system thereof | |
| JP2008516296A (en) | Cryptographic basic elements, error coding, and pseudorandom number improvement method using quasigroups | |
| WO2010024874A2 (en) | Message authentication code pre-computation with applications to secure memory | |
| CN116488794B (en) | Method and device for realizing high-speed SM4 password module based on FPGA | |
| CN210955077U (en) | Bus encryption and decryption device based on state cryptographic algorithm and PUF | |
| US9946662B2 (en) | Double-mix Feistel network for key generation or encryption | |
| US20220139434A1 (en) | Puf applications in memories | |
| CN106921490B (en) | True random number generator and label chip | |
| CN113518244B (en) | Digital television signal data transmission method and device based on substitute text combination | |
| KR101428665B1 (en) | Security system and method for using aes-otp | |
| CN102543182A (en) | Randomization circuit, memory control unit, memory, communicating system and method | |
| JP5586758B1 (en) | Dynamic encryption key generation system | |
| US20240007267A1 (en) | Side-channel resistant bulk aes encryption | |
| CN115280813A (en) | Interactive authentication method, device and system, computer equipment and readable storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |