CN112395649B - Method, chip and computer readable storage medium for preventing electromagnetic radiation attack - Google Patents
Method, chip and computer readable storage medium for preventing electromagnetic radiation attack Download PDFInfo
- Publication number
- CN112395649B CN112395649B CN201910758725.XA CN201910758725A CN112395649B CN 112395649 B CN112395649 B CN 112395649B CN 201910758725 A CN201910758725 A CN 201910758725A CN 112395649 B CN112395649 B CN 112395649B
- Authority
- CN
- China
- Prior art keywords
- electromagnetic
- rate
- preset
- random number
- control strategy
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 230000005670 electromagnetic radiation Effects 0.000 title claims abstract description 58
- 238000000034 method Methods 0.000 title claims abstract description 43
- 238000011217 control strategy Methods 0.000 claims abstract description 74
- 238000004590 computer program Methods 0.000 claims description 11
- 238000004422 calculation algorithm Methods 0.000 description 14
- 230000001105 regulatory effect Effects 0.000 description 5
- 238000010586 diagram Methods 0.000 description 4
- 230000000694 effects Effects 0.000 description 3
- 238000004364 calculation method Methods 0.000 description 2
- 230000001360 synchronised effect Effects 0.000 description 2
- 238000004458 analytical method Methods 0.000 description 1
- 238000003491 array Methods 0.000 description 1
- 230000006870 function Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000002265 prevention Effects 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
Landscapes
- Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- Computer Hardware Design (AREA)
- Theoretical Computer Science (AREA)
- Mathematical Physics (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
Abstract
The invention relates to the field of information safety, and aims to reduce power consumption of a chip while realizing safety protection, and the operation performance of the chip is not affected. Specifically disclosed are a method, a chip and a computer readable storage medium for preventing electromagnetic radiation attack, the method comprises the following steps: determining whether the current operation is a sensitive operation; if the current operation is determined to be sensitive operation, determining whether the preset electromagnetic radiator is in an operating state or not according to the current value of the preset register; if the electromagnetic radiator is in an operating state, determining an electromagnetic noise control strategy according to the attribute information of the sensitive operation; the electromagnetic radiator sends out corresponding electromagnetic noise based on the electromagnetic noise control strategy so as to prevent electromagnetic radiation attack; if the current operation is determined not to be sensitive operation, and when the electromagnetic radiator is in a running state, the electromagnetic radiator is closed.
Description
Technical Field
The present invention relates to the field of information security, and in particular, to a method, a chip, and a computer readable storage medium for protecting against electromagnetic radiation attacks.
Background
The key guarantee of the information system safety is the safety management of the cryptographic algorithm and the secret key, and the chip, especially the safety chip, is the common cryptographic operation and secret key storage equipment and is the safety carrier of the key secret key of the information system, thus being easy to suffer various safety attacks. The side channel attack is a common one, and is also called side channel attack, and the side channel attack acquires sensitive information such as a key of a cryptographic algorithm by collecting and analyzing side information leakage such as power consumption, electromagnetic radiation and the like during chip operation. The power consumption information is usually the power consumption of the whole chip, and comprises the power consumption of other modules irrelevant to the password operation, and is interference noise for the analysis of the opposite side channels, and the collection of the electromagnetic radiation information can achieve the purpose of accurately positioning and collecting more effective information by adjusting the position of the acquisition equipment on the chip, so that more and more attackers are attacked by the electromagnetic radiation.
At present, various protection methods capable of preventing electromagnetic radiation attack are known, and generally, one chip can use various protection methods simultaneously so as to achieve better protection effect. For example, the electromagnetic noise is added to prevent electromagnetic radiation attack, so that the method has the advantages of strong universality and no need of carrying out specific design again for each cipher algorithm, but the electromagnetic noise can generate consumption, and the whole power consumption of the chip is increased, so that the operation performance of the chip is reduced.
Disclosure of Invention
The invention mainly aims to provide a method, a chip and a computer readable storage medium for preventing electromagnetic radiation attack, and aims to solve the technical problems that the electromagnetic noise is increased to prevent the consumption of the electromagnetic noise in the electromagnetic radiation attack, and the whole power consumption of the chip is increased, so that the operation performance of the chip is reduced.
In a first aspect, the present application provides a method for protecting against electromagnetic radiation attack, where the method for protecting against electromagnetic radiation attack includes:
determining whether the current operation is a sensitive operation;
if the current operation is determined to be sensitive operation, determining whether the preset electromagnetic radiator is in an operating state or not according to the current value of the preset register;
if the electromagnetic radiator is in an operating state, determining an electromagnetic noise control strategy according to the attribute information of the sensitive operation;
the electromagnetic radiator sends out corresponding electromagnetic noise based on the electromagnetic noise control strategy so as to prevent electromagnetic radiation attack;
if the current operation is determined not to be sensitive operation, and when the electromagnetic radiator is in a running state, the electromagnetic radiator is closed.
In a second aspect, the present application also provides a chip, the chip comprising: an electromagnetic radiator for emitting electromagnetic noise, and a memory, a processor and a computer program stored on the memory and executable on the processor, which when executed by the processor, implements the steps of the method of protecting against electromagnetic radiation attacks as described above.
In a third aspect, the present application also provides a computer readable storage medium having stored thereon a computer program which, when executed by a processor, implements the steps of the method for protecting against electromagnetic radiation attacks as described in the above-mentioned invention.
The embodiment of the invention provides a method, a chip and a computer readable storage medium for preventing electromagnetic radiation attack, which are implemented by determining whether the current operation is sensitive operation or not; if the current operation is determined to be sensitive operation, determining whether the preset electromagnetic radiator is in an operating state or not according to the current value of the preset register; if the electromagnetic radiator is in an operating state, determining an electromagnetic noise control strategy according to the attribute information of the sensitive operation; the electromagnetic radiator sends out corresponding electromagnetic noise based on the electromagnetic noise control strategy so as to prevent electromagnetic radiation attack; if the current operation is determined not to be sensitive operation, and when the electromagnetic radiator is in an operation state, the electromagnetic radiator is closed, the chip selects and controls the energy of electromagnetic noise and the opening and closing time period according to a preset strategy, and the chip is opened only in the required time period, so that the power consumption can be reduced, the power consumption of the chip is reduced while the safety protection is realized, and the operation performance of the chip is not influenced.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings needed in the description of the embodiments will be briefly introduced below, and it is obvious that the drawings in the following description are some embodiments of the present application, and other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
Fig. 1 is a schematic flow chart of a method for preventing electromagnetic radiation attack according to an embodiment of the present application;
FIG. 2 is a flow chart illustrating sub-steps of the method for protecting against electromagnetic radiation attacks in FIG. 1;
FIG. 3 is a flow chart illustrating sub-steps of the method for protecting against electromagnetic radiation attacks in FIG. 1;
FIG. 4 is a flow chart illustrating sub-steps of the method for protecting against electromagnetic radiation attacks in FIG. 1;
FIG. 5 is a flowchart of another method for protecting against electromagnetic radiation attack according to an embodiment of the present disclosure;
fig. 6 is a schematic block diagram of a chip according to an embodiment of the present application.
The realization, functional characteristics and advantages of the present application will be further described with reference to the embodiments, referring to the attached drawings.
Detailed Description
The following description of the embodiments of the present application will be made clearly and fully with reference to the accompanying drawings, in which it is evident that the embodiments described are some, but not all, of the embodiments of the present application. All other embodiments, which can be made by one of ordinary skill in the art without undue burden from the present disclosure, are within the scope of the present disclosure.
The flow diagrams depicted in the figures are merely illustrative and not necessarily all of the elements and operations/steps are included or performed in the order described. For example, some operations/steps may be further divided, combined, or partially combined, so that the order of actual execution may be changed according to actual situations.
The embodiment of the application provides a method, a chip and a computer readable storage medium for preventing electromagnetic radiation attack. The method for preventing electromagnetic radiation attack can be applied to chips, systems on chips and electronic equipment comprising the chips.
Some embodiments of the present application are described in detail below with reference to the accompanying drawings. The following embodiments and features of the embodiments may be combined with each other without conflict.
Referring to fig. 1, fig. 1 is a flow chart of a method for protecting against electromagnetic radiation attack according to an embodiment of the present application.
As shown in fig. 1, the method for protecting against electromagnetic radiation attack includes steps S101 to S105.
Step S101, determining whether the current operation is a sensitive operation or not;
the chip receives an operation instruction sent by a user, operates through the operation instruction, and determines whether the current operation is sensitive operation or not when the current operation of the chip is detected. The chip is a device capable of independently generating and encrypting and decrypting the key, and is internally provided with an independent processor and a storage unit, so that the key and characteristic data can be stored, encryption and security authentication services are provided for the chip, the key is stored in hardware, and stolen data cannot be decrypted, so that privacy and data security are protected. Sensitive operations refer to the effect of this operation or the influence on sensitive data, which includes keys of cryptographic algorithms, key authentication information (e.g. personal identification number PIN), passwords, privacy data, etc. Cryptographic algorithms are sensitive operations because of the secret key involved. Authentication is a sensitive operation because it involves PINs, password, etc. It should be noted that the above sensitive operation may be set based on practical situations, which is not specifically limited in this application.
Step S102, if the current operation is determined to be sensitive operation, determining whether a preset electromagnetic radiator is in an operation state or not according to the current value of a preset register;
if the chip determines that the current operation is sensitive operation, the current value of the preset register is obtained, and whether the preset electromagnetic radiator is in an operation state is determined according to the current value of the register. Wherein the registers are part of the chip and are high-speed memory elements of limited memory capacity that can be used to temporarily store instructions, data and addresses.
For example, when the chip detects that the current operation is a cryptographic algorithm operation or an authentication operation, the chip determines that the current operation is a sensitive operation, and reads a current value of a preset register, so as to determine whether the electromagnetic radiator is in an operation state, wherein the current value in the preset register can be a single-digit value or a multi-digit value, and the application is not particularly limited. It should be noted that, the current states of the electromagnetic radiator include an operation state and a closing state, and the electromagnetic radiator in the operation state may emit electromagnetic noise based on a control instruction of the central processing unit, and the electromagnetic radiator in the closing state may not emit electromagnetic noise.
In one embodiment, referring specifically to fig. 2, step S102 includes: substep S1021 to substep S1023.
Step S1021, if the current operation is determined to be sensitive operation, reading the current value of the preset register;
if the chip determines that the current operation is a sensitive operation, for example, when the chip detects that the current operation is a cryptographic algorithm operation or an authentication operation, the chip determines that the current operation is a sensitive operation. And calling the preset register, and reading the current value of the preset register. The current value in the preset register may be preset to determine the meaning of each value by presetting, thereby determining the operating state of the electromagnetic radiator. For example, when the current value of the setting register is 1, it is determined that the electromagnetic radiator is in an operating state; when the current value of the setting register is 0, it is determined that the electromagnetic radiator is in the off state.
Sub-step S1022, when the current value of the preset register is read as a preset first threshold value, judging that the electromagnetic radiator is in a closed state;
when the chip reads the current value of the preset register, the read current value is compared with a preset first threshold value. When the comparison is consistent, the chip judges that the electromagnetic radiator is in a closed state. For example, when the first threshold preset by the chip is 0 and the current value of the preset register read by the chip is also 0, it is determined that the electromagnetic radiator is in the off state. It should be noted that the meaning of the current value and the first threshold value of the above register may be set based on actual situations, which is not specifically limited in this application.
Substep S1023, when the current value of the register is read as the preset second threshold value, determining that the electromagnetic radiator is in the operating state.
When the chip reads the current value of the preset register, comparing the read current value with a preset second threshold value, and when the comparison is consistent, the chip judges that the electromagnetic radiator is in an operating state. For example, when the second threshold value preset by the chip is 1 and the current value of the preset register read by the chip is also 1, it is determined that the electromagnetic radiator is in an operating state. It should be noted that the meaning of the current value and the second threshold value of the above register may be set based on actual situations, which is not specifically limited in this application.
Step S103, if the electromagnetic radiator is in an operation state, determining an electromagnetic noise control strategy according to attribute information of sensitive operation;
and if the chip determines that the electromagnetic radiator is in the running state, acquiring attribute information of sensitive operation, and determining an electromagnetic noise control strategy according to the attribute information. The attribute information of the sensitive operation comprises the type of the sensitive operation and the clock frequency for recording the sensitive operation, a plurality of electromagnetic noise control strategies are stored in the chip, each electromagnetic noise control strategy comprises a respective group of control parameters, the group of parameters determines the speed of generating random numbers by the high-speed random number generator and whether the high-speed random number generator is operated or closed, and also determines whether the electromagnetic radiator is operated or closed and whether electromagnetic noise is strong or weak. That is, one strategy is a combination of a set of control parameters. For example, when the attribute information of the cryptographic operation is obtained, an electromagnetic noise control strategy corresponding to the cryptographic operation is obtained; and when the attribute information of the authentication operation is acquired, acquiring an electromagnetic noise control strategy corresponding to the authentication operation.
In one embodiment, referring specifically to fig. 3, step S103 includes: substep S1031 to substep S1032.
Sub-step S1031, when the electromagnetic radiator is in an operation state, acquiring attribute information of the sensitive operation, and acquiring the type of the sensitive operation from the attribute information;
when the chip determines that the electromagnetic radiator is in an operating state, attribute information of sensitive operation is acquired. And acquiring the type of the sensitive operation from the attribute information of the sensitive operation through the acquired attribute information. For example, the chip acquires the sensitive operation as a cryptographic algorithm operation or an authentication operation, and the types of the cryptographic algorithm operation or the authentication operation correspond to different electromagnetic noise control strategies. The type of the sensitive operation can be that sensitive data is detected, and a secret key can be detected when the cryptographic algorithm operation is carried out; when authentication is performed, an authentication code such as a personal identification code can be detected. In some cases, the type of sensitive operation may also be determined by determining the type of specific arithmetic function used by the sensitive operation, e.g., a cryptographic algorithm operation may use specific cryptographic circuitry.
Sub-step S1032, determining an electromagnetic noise control strategy according to the type of the sensitive operation, wherein the type of the sensitive operation has a corresponding relation with the electromagnetic noise control strategy;
when the chip obtains the type of sensitive operation, the corresponding electromagnetic noise control strategy is determined. Each type of sensitive operation corresponds to an electromagnetic noise control strategy. The electromagnetic noise control strategy may be presented in a tabular manner, or may be presented in other manners, which are not particularly limited.
Step S104, corresponding electromagnetic noise is sent out by the electromagnetic radiator based on an electromagnetic noise control strategy so as to prevent electromagnetic radiation attack;
after the chip acquires the electromagnetic noise strategy corresponding to the sensitive operation type, the parameter information in the electromagnetic noise control strategy is read through the electromagnetic radiator to send out the corresponding electromagnetic noise, for example, the chip acquires the parameter information of electromagnetic radiation in the electromagnetic noise control strategy, and the electromagnetic radiator is operated through the parameter information of the electromagnetic radiation to send out the electromagnetic noise corresponding to the parameter information, so that the electromagnetic radiation attack is prevented.
In one embodiment, referring specifically to fig. 4, step S104 includes: substep S1041 to substep S1042.
S1041, calling a preset high-speed random number generator to generate a high-speed random number sequence corresponding to a serial number in an electromagnetic noise control strategy;
the chip reads the serial number from the electromagnetic noise control strategy and invokes a preset high-speed random number generator. And generating a high-speed random number sequence corresponding to the serial number by operating the high-speed random number generator. When the sequence number is acquired, the high-speed random number sequence corresponding to the sequence number is calculated and generated through the random number calculation formula in the high-speed random number generator and the sequence number. It should be noted that, the random number calculation formula of the random number sequence may be set based on actual situations, which is not specifically limited in this application.
Invoking a preset high-speed random number generator, wherein generating a high-speed random number sequence corresponding to a serial number in an electromagnetic noise control strategy comprises the steps of obtaining a first clock frequency of the preset high-speed random number generator and reading a first coefficient in the electromagnetic noise control strategy; calculating a first running rate of a preset high-speed random number generator according to the first clock frequency and the first coefficient; and operating the preset high-speed random number generator based on the first operation rate to generate a high-speed random number sequence corresponding to the serial number in the electromagnetic noise control strategy.
When the chip calls the preset high-speed random number generator, the first clock frequency of the preset high-speed random number generator is obtained, and a first coefficient in the electromagnetic noise control strategy is read. The clock system of the chip is formed by a preset mode, and when the preset high-speed random number generator is called, the clock signal corresponding to the preset high-speed random number generator is acquired, so that the first clock frequency corresponding to the preset high-speed random number generator is acquired. The clock frequency refers to the basic frequency of the clock in the synchronous circuit, the clock frequency takes Hz as the basic unit, and 1MHz is equal to 10 6 Hz. The first coefficient is recorded in an electromagnetic noise control strategy, and the first coefficient is a coefficient relation between a clock frequency and a rate of a preset high-speed random number generator, for example, the coefficient relation may be a multiple relation or a fractional relation. When the chip acquires the first clock frequency and the first coefficient of the preset high-speed random number generator, the first running speed of the preset high-speed random number generator is calculated through a preset calculation program. When the chip acquires a first operation rate of the preset high-speed random number generator, the preset high-speed random number generator is operated through the first operation rate, and a high-speed random number sequence corresponding to the serial number is generated.
In the substep S1042, the high-speed random number sequence is converted into electromagnetic noise by an electromagnetic radiator and transmitted to the electromagnetic noise to prevent electromagnetic radiation attack.
When the chip acquires the generated high-speed random number sequence number, the high-speed random number sequence is converted into electromagnetic noise through the electromagnetic radiator and the electromagnetic noise is sent out, so that electromagnetic radiation attack is prevented, and at the moment, the current operation of the chip is sensitive operation.
Step S105, if the current operation is not sensitive operation, and when the electromagnetic radiator is in a running state, the electromagnetic radiator is closed.
When the chip determines that the current operation is not sensitive operation, a preset register is called, the current value of the preset register is read, and whether the electromagnetic radiator is in an operation state is determined through the current value of the preset register. For example, a predetermined is made to the value in the register, and when the value in the register is read as 1, it is determined that the electromagnetic radiator is in the off state; when the value read into the register is 2, it is determined that the electromagnetic radiator is in an operating state. The operating state of the electromagnetic radiator is determined by the current value of the preset register. When the electromagnetic radiator is determined to be in the running state, the chip turns off the electromagnetic radiator through a control instruction in a preset memory, and the running of the electromagnetic radiator is stopped. It should be noted that the meaning of the current value of the register may be set based on actual situations, which is not specifically limited in this application.
According to the electromagnetic radiation attack prevention method provided by the embodiment, the opening and closing time period of the electromagnetic noise is regulated and controlled according to the preset electromagnetic noise control strategy, and the electromagnetic noise is opened only in the required time period, so that the power consumption expenditure can be reduced, and the power consumption of the chip is not obviously increased while the safety protection is realized.
Referring to fig. 5, fig. 5 is a flowchart of another method for protecting against electromagnetic radiation according to an embodiment of the present application.
As shown in fig. 5, the method for protecting against electromagnetic radiation attack includes steps S201 to S209.
Step S201, determining whether the current operation is a sensitive operation.
And when the chip receives an operation instruction sent by a user, the operation is performed through the operation instruction, and when the current operation is detected, whether the current operation is sensitive operation is determined. The chip is a device capable of independently generating and encrypting and decrypting the key, and is internally provided with an independent processor and a storage unit, so that the key and characteristic data can be stored, encryption and security authentication services are provided for the chip, the key is stored in hardware, and stolen data cannot be decrypted, so that privacy and data security are protected. Sensitive operations refer to the effect of this operation or the influence on sensitive data, which includes keys of cryptographic algorithms, key authentication information (e.g. personal identification number PIN), passwords, privacy data, etc. Cryptographic algorithms are sensitive operations because of the secret key involved. Authentication is a sensitive operation because it involves PINs, password, etc. It should be noted that the above sensitive operation may be set based on practical situations, which is not specifically limited in this application.
Step S202, if the current operation is determined to be sensitive operation, determining whether the preset electromagnetic radiator is in an operation state according to the current value of the preset register.
If the chip determines that the current operation is sensitive operation, the current value of the preset register is obtained, and whether the preset electromagnetic radiator is in an operation state is determined according to the current value of the register. Wherein the registers are integral parts of the chip and are high-speed memory elements of limited memory capacity that can be used to temporarily store instructions, data and addresses.
For example, when the chip detects that the current operation is a cryptographic algorithm operation or an authentication operation, the current operation of the chip is determined to be a sensitive operation, and a current value of a preset register is read, so as to determine whether the electromagnetic radiator is in an operation state, wherein the current value in the preset register can be a single-digit value or a multi-digit value, and the application is not particularly limited. It should be noted that, the current states of the electromagnetic radiator include an operation state and a closing state, and the electromagnetic radiator in the operation state may emit electromagnetic noise based on a control instruction of the central processing unit, and the electromagnetic radiator in the closing state may not emit electromagnetic noise.
Step S203, if the electromagnetic radiator is in an operation state, determining an electromagnetic noise control strategy according to attribute information of the sensitive operation.
And if the chip determines that the electromagnetic radiator is in the running state, acquiring attribute information of sensitive operation, and determining an electromagnetic noise control strategy according to the attribute information. The attribute information of the sensitive operation comprises the type of the sensitive operation and the clock frequency for recording the sensitive operation, a plurality of electromagnetic noise control strategies are stored in the chip, each electromagnetic noise control strategy comprises a respective group of control parameters, the group of parameters determines the speed of generating random numbers by the high-speed random number generator and whether the high-speed random number generator is operated or closed, and also determines whether the electromagnetic radiator is operated or closed and whether electromagnetic noise is strong or weak. That is, one strategy is a combination of a set of control parameters. For example, when the attribute information of the cryptographic operation is obtained, an electromagnetic noise control strategy corresponding to the cryptographic operation is obtained; and when the attribute information of the authentication operation is acquired, acquiring an electromagnetic noise control strategy corresponding to the authentication operation.
Step S204, a first clock frequency of a preset high-speed random number generator is obtained, and a first coefficient in an electromagnetic noise control strategy is read.
When the chip calls the preset high-speed random number generator, the first clock frequency of the preset high-speed random number generator is obtained, and a first coefficient in the electromagnetic noise control strategy is read. The clock system of the chip is formed by a preset mode, and when the preset high-speed random number generator is called, the clock signal corresponding to the preset high-speed random number generator is acquired, so that the first clock frequency corresponding to the preset high-speed random number generator is acquired. The clock frequency refers to the basic frequency of the clock in the synchronous circuit, the clock frequency takes Hz as the basic unit, and 1MHz is equal to 10 6 Hz。
Step S205, calculating a first operation rate of a preset high-speed random number generator according to a first clock frequency and a first coefficient;
the first coefficient is recorded in an electromagnetic noise control strategy, and the first coefficient is a coefficient relation between a clock frequency and a rate of a preset high-speed random number generator, for example, the coefficient relation may be a multiple relation or a fraction. When the chip acquires the first clock frequency and the first coefficient of the preset high-speed random number generator, the first running speed of the preset high-speed random number generator is calculated through a preset calculation program.
Step S206, calculating a second running rate of the sensitive operation according to a second clock frequency of the sensitive operation in the attribute information and a second coefficient in the electromagnetic noise control strategy;
before the chip runs the preset high-speed random number generator through the running speed, the chip acquires a second clock frequency of the sensitive operation from the attribute information of the sensitive operation, and acquires a second coefficient in the acquired electromagnetic noise control strategy. The clock system of the chip is formed in a preset mode, and a preset corresponding clock program is acquired from attribute information of sensitive operation, so that a second clock frequency corresponding to the sensitive operation in the clock program is acquired. The second coefficient is a coefficient relation between the running speed of sensitive operation and the second clock frequency recorded in the electromagnetic noise control strategy, and the coefficient relation can be a multiple relation or a fractional relation, etc. When the chip acquires the second clock frequency and the second coefficient of the sensitive operation, the second running rate of the sensitive operation is calculated through a preset calculation program.
Step S207, judging whether the first operation rate is the same as the second operation rate;
when the second operation rate of the sensitive operation and the first operation rate of the high-speed random number generator are obtained, the chip judges whether the first operation rate is the same as the second operation rate.
Step S208, if the first operation rate is the same as the second operation rate, operating the preset high-speed random number generator based on the first operation rate to generate a high-speed random number sequence corresponding to the sequence number in the electromagnetic noise control strategy;
the chip compares the first operation rate with the second operation rate, and if the first operation rate is the same as the second operation rate, for example, the first operation rate is 100MHz and the second operation rate is 100MHz. By comparing the first operating rate 100MHz to the second operating rate 100MHz. The chip controls the high-speed random number generator to operate according to the first operation rate or the second operation rate through a control instruction in the processor. The above operation rate is not limited.
Step S209, if the first operation rate is different from the second operation rate, the first operation rate is adjusted so that the adjusted first operation rate is the same as the second operation rate, and a preset high-speed random number generator is operated based on the adjusted first operation rate to generate a high-speed random number sequence corresponding to the serial number in the electromagnetic noise control strategy.
The chip compares the first operation rate with the second operation rate, and if the first operation rate is different from the second operation rate, for example, the first operation rate is 40MHz and the second operation rate is 100MHz. By comparing the first operating rate 40MHz to the second operating rate 100MHz. The first operating rate is adjusted to be the same as the second operating rate by adjusting the first operating rate, for example, by adjusting the first operating rate 40MHz to 100MHz. And operating the high-speed random number generator according to the adjusted first operating rate to generate a high-speed random number sequence corresponding to the sequence number in the electromagnetic noise control strategy. The above operation rate is not limited.
If the first operation rate is different from the second operation rate, determining whether the first operation rate is greater than the second operation rate; if the first operation rate is greater than the second operation rate, the first operation rate is regulated down so that the regulated first operation rate is the same as the second operation rate; if the first operation rate is smaller than the second operation rate, the first operation rate is adjusted to be higher so that the adjusted first operation rate is the same as the second operation rate.
When the first operating rate is different from the second operating rate, the chip determines whether the first operating rate is greater than the second operating rate. And when the chip determines that the first operation rate is greater than the second operation rate, the first operation rate is reduced. For example, the first operating rate is 100MHz and the second operating rate is 40MHz, the first operating rate is 100MHz greater than the second operating rate is 40MHz, and the first operating rate 100MHz is reduced to 40MHz by the second operating rate being 40MHz. And when the chip determines that the first operation rate is smaller than the second operation rate, the first operation rate is increased. For example, the first operating rate is 40MHz and the second operating rate is 100MHz, the first operating rate is 40MHz less than the second operating rate is 100MHz, and the first operating rate 40MHz is adjusted up to 100MHz by the second operating rate being 100MHz. So that the adjusted first operating rate is the same as the second operating rate. The above operation rate is not limited.
Step S210, the high-speed random number sequence is converted into electromagnetic noise through an electromagnetic radiator, and the electromagnetic noise is sent out to prevent electromagnetic radiation attack.
When the chip acquires the generated high-speed random number sequence number, the high-speed random number sequence is converted into electromagnetic noise through the electromagnetic radiator and the electromagnetic noise is sent out, so that electromagnetic radiation attack is prevented, and at the moment, the current operation of the chip is sensitive operation.
In this embodiment, the chip adjusts the first operation rate by comparing the first operation rate and the second operation rate, when the first operation rate and the second operation rate are different, electromagnetic information leakage generated by the sensitive operation itself can be better covered, and the purpose of safety protection is achieved.
Referring to fig. 6, fig. 6 is a schematic block diagram of a chip according to an embodiment of the present application. The chip includes an electromagnetic radiator and a high-speed random number generator.
As shown in fig. 6, the chip 10 includes a memory 11, a processor 12, and an electromagnetic radiator 14, and the processor 11, the memory 12, and the electromagnetic radiator 14 are connected through a system bus 13, where the memory 11 may include a nonvolatile storage medium and an internal memory.
The non-volatile storage medium may store a computer program. The computer program comprises program instructions which, when executed, cause the processor 11 to perform any of a number of methods for protecting against electromagnetic radiation attacks.
The processor 11 is used to provide computing and control capabilities, supporting the operation of the entire chip.
The internal memory provides an environment for the execution of a computer program in a non-volatile storage medium that, when executed by a processor, causes the processor to perform any of a number of methods for protecting against electromagnetic radiation attacks.
It will be appreciated by those skilled in the art that the structure shown in fig. 6 is merely a block diagram of a portion of the structure associated with the present application and is not limiting of the chip on which the present application is applied, and that a particular chip may include more or fewer components than shown, or may combine some of the components, or have a different arrangement of components.
It should be appreciated that the processor 11 may be a central processing unit (Central Processing Unit, CPU), the processor 11 may also be other general purpose processors, digital signal processors (Digital Signal Processor, DSP), application specific integrated circuits (Application Specific Integrated Circuit, ASIC), field programmable gate arrays (Field-Programmable Gate Array, FPGA) or other programmable logic devices, discrete gate or transistor logic devices, discrete hardware components, or the like. The general-purpose processor 11 may be a microprocessor or any conventional processor.
The memory 12 may be a Flash chip, a read-only memory, a magnetic disk, an optical disk, a usb disk, a removable hard disk, or the like.
Wherein in one embodiment the processor is configured to run a computer program stored in the memory to implement the steps of:
determining whether the current operation is a sensitive operation;
if the current operation is determined to be sensitive operation, determining whether the preset electromagnetic radiator is in an operating state or not according to the current value of the preset register;
if the electromagnetic radiator is in an operating state, determining an electromagnetic noise control strategy according to attribute information of sensitive operation;
the electromagnetic radiator sends out corresponding electromagnetic noise based on an electromagnetic noise control strategy so as to prevent electromagnetic radiation attack;
if the current operation is determined not to be sensitive operation, and when the electromagnetic radiator is in a running state, the electromagnetic radiator is closed.
In one embodiment, if the current operation is determined to be a sensitive operation, determining whether the preset electromagnetic radiator is in an operational state according to the current value of the preset register comprises:
if the current operation is determined to be sensitive operation, reading the current value of the preset register;
when the current value of the preset register is read to be a preset first threshold value, judging that the electromagnetic radiator is in a closed state;
and when the current value of the preset register is read to be a preset second threshold value, judging that the electromagnetic radiator is in an operating state.
In one embodiment, after determining that the electromagnetic radiation range device is in the off state when the current data value in the read register is the preset first threshold value, the method further comprises:
if the electromagnetic radiator is in a closed state, the electromagnetic radiator is started, and an electromagnetic noise control strategy is determined according to attribute information of sensitive operation.
In another embodiment, if the electromagnetic radiator is in an operational state, determining the electromagnetic noise control strategy based on the attribute information of the sensitive operation includes:
when the electromagnetic radiator is in an operating state, acquiring attribute information of sensitive operation, and acquiring the type of the sensitive operation from the attribute information;
and determining an electromagnetic noise control strategy according to the type of the sensitive operation, wherein the type of the sensitive operation has a corresponding relation with the electromagnetic noise control strategy.
In one embodiment, the emitting, by the electromagnetic radiator, the corresponding electromagnetic noise based on the electromagnetic noise control strategy, to prevent electromagnetic radiation attack, includes:
calling a preset high-speed random number generator to generate a high-speed random number sequence corresponding to the serial number in the electromagnetic noise control strategy;
the high-speed random number sequence is converted into electromagnetic noise through the electromagnetic radiator, and the electromagnetic noise is sent out to prevent electromagnetic radiation attack.
In one embodiment, invoking a preset high-speed random number generator to generate a high-speed random number sequence corresponding to a serial number in an electromagnetic noise control strategy comprises:
acquiring a first clock frequency of a preset high-speed random number generator, and reading a first coefficient in an electromagnetic noise control strategy;
calculating a first running rate of a preset high-speed random number generator according to the first clock frequency and the first coefficient;
and operating a preset high-speed random number generator based on the first operation rate to generate a high-speed random number sequence corresponding to the serial number in the electromagnetic noise control strategy.
In one embodiment, the method further comprises the step of running a preset high-speed random number generator based on the first running speed and before generating a high-speed random number sequence corresponding to the serial number in the electromagnetic noise control strategy;
calculating a second running rate of the sensitive operation according to a second clock frequency of the sensitive operation in the attribute information and a second coefficient in the electromagnetic noise control strategy;
judging whether the first operation rate is the same as the second operation rate;
if the first operation rate is the same as the second operation rate, operating a preset high-speed random number generator based on the first operation rate to generate a high-speed random number sequence corresponding to the sequence number in the electromagnetic noise control strategy;
if the first operation rate is different from the second operation rate, the first operation rate is adjusted to enable the adjusted first operation rate to be the same as the second operation rate, a preset high-speed random number generator is operated based on the adjusted first operation rate, and a high-speed random number sequence corresponding to the sequence number in the electromagnetic noise control strategy is generated.
In one embodiment, if the first operating rate is different from the second operating rate, adjusting the first operating rate such that the adjusted first operating rate is the same as the second operating rate comprises:
if the first operation rate is different from the second operation rate, determining whether the first operation rate is greater than the second operation rate;
if the first operation rate is greater than the second operation rate, the first operation rate is regulated down so that the regulated first operation rate is the same as the second operation rate;
if the first operation rate is smaller than the second operation rate, the first operation rate is adjusted to be higher so that the adjusted first operation rate is the same as the second operation rate.
Embodiments of the present application further provide a computer readable storage medium, where a computer program is stored, where the computer program includes program instructions, and a method implemented when the program instructions are executed may refer to various embodiments of an electromagnetic radiation attack protection method of the present application.
The computer readable storage medium may be an internal storage unit of the chip, the chip or the system on a chip according to the foregoing embodiment, for example, a hard disk or a memory of the chip. The computer readable storage medium may also be an external storage device of the chip, such as a plug-in hard disk, a Smart Media Card (SMC), a Secure Digital (SD) Card, a Flash memory Card (Flash Card) or the like, which are provided on the chip.
While the embodiments of the present invention have been described above with reference to the drawings, the present invention is not limited to the above-described embodiments, which are merely illustrative and not restrictive, and many modifications may be made thereto by those of ordinary skill in the art without departing from the spirit of the present invention and the scope of the appended claims, which are to be accorded the full scope of the present invention as defined by the following description and drawings, or by any equivalent structures or equivalent flow changes, or by direct or indirect application to other relevant technical fields.
Claims (10)
1. A method of protecting against electromagnetic radiation attacks, comprising:
determining whether the current operation is a sensitive operation;
if the current operation is determined to be sensitive operation, determining whether the preset electromagnetic radiator is in an operating state or not according to the current value of the preset register;
if the electromagnetic radiator is in an operating state, determining an electromagnetic noise control strategy according to the attribute information of the sensitive operation;
the electromagnetic radiator sends out corresponding electromagnetic noise based on the electromagnetic noise control strategy so as to prevent electromagnetic radiation attack;
if the current operation is determined not to be sensitive operation, and when the electromagnetic radiator is in a running state, the electromagnetic radiator is closed.
2. The method for protecting against electromagnetic radiation attack of claim 1 wherein if the current operation is determined to be a sensitive operation, determining whether the preset electromagnetic radiator is in an operational state based on the current value of the preset register comprises:
if the current operation is determined to be sensitive operation, reading the current value of the preset register;
when the current value of the preset register is read to be a preset first threshold value, judging that the electromagnetic radiator is in a closed state;
and when the current value of the preset register is read to be a preset second threshold value, judging that the electromagnetic radiator is in an operating state.
3. The method for protecting against electromagnetic radiation attack according to claim 2, wherein after determining that the electromagnetic radiator is in the off state when the current value of the preset register is read as the preset first threshold value, further comprising:
and if the electromagnetic radiator is in a closed state, starting the electromagnetic radiator, and determining an electromagnetic noise control strategy according to the attribute information of the sensitive operation.
4. A method of protecting against electromagnetic radiation attacks as claimed in any one of claims 1-3, wherein determining an electromagnetic noise control strategy based on attribute information of the sensitive operation if the electromagnetic radiator is in an operational state comprises:
when the electromagnetic radiator is in an operating state, acquiring attribute information of the sensitive operation, and acquiring the type of the sensitive operation from the attribute information;
and determining an electromagnetic noise control strategy according to the type of the sensitive operation, wherein the type of the sensitive operation has a corresponding relation with the electromagnetic noise control strategy.
5. The method for protecting against electromagnetic radiation attacks according to claim 4, wherein the emitting, by the electromagnetic radiator, corresponding electromagnetic noise based on the electromagnetic noise control strategy, comprises:
calling a preset high-speed random number generator to generate a high-speed random number sequence corresponding to a serial number in the electromagnetic noise control strategy;
and converting the high-speed random number sequence into electromagnetic noise through the electromagnetic radiator, and transmitting the electromagnetic noise to prevent electromagnetic radiation attack.
6. The method for protecting against electromagnetic radiation attack according to claim 5, wherein said invoking a preset high-speed random number generator to generate a high-speed random number sequence corresponding to a serial number in said electromagnetic noise control strategy comprises:
acquiring a first clock frequency of the preset high-speed random number generator, and reading a first coefficient in the electromagnetic noise control strategy;
calculating a first running rate of the preset high-speed random number generator according to the first clock frequency and the first coefficient;
and operating the preset high-speed random number generator based on the first operation rate to generate a high-speed random number sequence corresponding to the sequence number in the electromagnetic noise control strategy.
7. The method for protecting against electromagnetic radiation attack according to claim 6, wherein before the running the preset high-speed random number generator based on the first running rate to generate the high-speed random number sequence corresponding to the serial number in the electromagnetic noise control strategy, the method further comprises:
calculating a second running rate of the sensitive operation according to a second clock frequency of the sensitive operation in the attribute information and a second coefficient in the electromagnetic noise control strategy;
judging whether the first operation rate is the same as the second operation rate;
if the first operation rate is the same as the second operation rate, operating the preset high-speed random number generator based on the first operation rate to generate a high-speed random number sequence corresponding to a sequence number in the electromagnetic noise control strategy;
and if the first operation rate is different from the second operation rate, adjusting the first operation rate so that the adjusted first operation rate is the same as the second operation rate, and operating the preset high-speed random number generator based on the adjusted first operation rate to generate a high-speed random number sequence corresponding to the serial number in the electromagnetic noise control strategy.
8. The method of protecting against electromagnetic radiation attacks of claim 7, wherein adjusting the first operating rate if the first operating rate is different from the second operating rate such that the adjusted first operating rate is the same as the second operating rate comprises:
if the first operation rate is different from the second operation rate, determining whether the first operation rate is greater than the second operation rate;
if the first operation rate is greater than the second operation rate, the first operation rate is reduced so that the adjusted first operation rate is the same as the second operation rate;
and if the first operation rate is smaller than the second operation rate, the first operation rate is adjusted to be higher so that the adjusted first operation rate is the same as the second operation rate.
9. A chip, the chip comprising: electromagnetic radiator for emitting electromagnetic noise, and a memory, a processor and a computer program stored on the memory and executable on the processor, which when executed by the processor realizes the steps of the method of protecting against electromagnetic radiation attacks according to any one of claims 1 to 8.
10. A computer-readable storage medium, on which a computer program is stored, which computer program, when being executed by a processor, implements the steps of the method of protecting against electromagnetic radiation attacks according to any one of claims 1 to 8.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910758725.XA CN112395649B (en) | 2019-08-16 | 2019-08-16 | Method, chip and computer readable storage medium for preventing electromagnetic radiation attack |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910758725.XA CN112395649B (en) | 2019-08-16 | 2019-08-16 | Method, chip and computer readable storage medium for preventing electromagnetic radiation attack |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN112395649A CN112395649A (en) | 2021-02-23 |
| CN112395649B true CN112395649B (en) | 2024-01-26 |
Family
ID=74602060
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910758725.XA Active CN112395649B (en) | 2019-08-16 | 2019-08-16 | Method, chip and computer readable storage medium for preventing electromagnetic radiation attack |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112395649B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114760003A (en) * | 2022-06-14 | 2022-07-15 | 北京密码云芯科技有限公司 | Encryption protection device for electromagnetic perception attack and use method |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102970131A (en) * | 2011-08-31 | 2013-03-13 | 北京中电华大电子设计有限责任公司 | Circuit structure for preventing power attacks on grouping algorithm |
| CN108490281A (en) * | 2018-01-31 | 2018-09-04 | 中国人民解放军陆军工程大学 | With frequency equipment random noise electromagnetic radiation effect prediction technique and terminal device |
| CN108521325A (en) * | 2018-03-27 | 2018-09-11 | 林喆昊 | A kind of anti-side-channel attack algorithm suitable for system data Life cycle |
| CN108830089A (en) * | 2018-05-16 | 2018-11-16 | 哈尔滨工业大学 | The Initiative Defence System that electromagnetic radiation information leaks in high frequency data transfer |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20040002644A1 (en) * | 2002-07-01 | 2004-01-01 | Axis-Shield Poc As | Method and apparatus for digitizing electromagnetic radiation measurements by shutter speed control |
-
2019
- 2019-08-16 CN CN201910758725.XA patent/CN112395649B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102970131A (en) * | 2011-08-31 | 2013-03-13 | 北京中电华大电子设计有限责任公司 | Circuit structure for preventing power attacks on grouping algorithm |
| CN108490281A (en) * | 2018-01-31 | 2018-09-04 | 中国人民解放军陆军工程大学 | With frequency equipment random noise electromagnetic radiation effect prediction technique and terminal device |
| CN108521325A (en) * | 2018-03-27 | 2018-09-11 | 林喆昊 | A kind of anti-side-channel attack algorithm suitable for system data Life cycle |
| CN108830089A (en) * | 2018-05-16 | 2018-11-16 | 哈尔滨工业大学 | The Initiative Defence System that electromagnetic radiation information leaks in high frequency data transfer |
Also Published As
| Publication number | Publication date |
|---|---|
| CN112395649A (en) | 2021-02-23 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US8139763B2 (en) | Randomized RSA-based cryptographic exponentiation resistant to side channel and fault attacks | |
| US20180114038A1 (en) | Attack prevention method, apparatus and chip for cipher engine | |
| Tawalbeh et al. | Lightweight crypto and security | |
| US10776522B1 (en) | Asymmetric protection of circuit designs | |
| Lisovets et al. | Let’s take it offline: Boosting brute-force attacks on iPhone’s user authentication through SCA | |
| JP6533553B2 (en) | Encryption / decryption device and power analysis protection method therefor | |
| CN209803788U (en) | PCIE credible password card | |
| US20130185567A1 (en) | Method or process for securing computers or mobile computer devices with a contact or dual-interface smart card | |
| US10567155B2 (en) | Securing a cryptographic device | |
| CN108959943B (en) | Method, device, apparatus, storage medium and corresponding vehicle for managing an encryption key | |
| CN103903043A (en) | Method and system for three-in-one smart card anti-side-channel-attack protection | |
| US9401802B2 (en) | Side channel power attack defense with pseudo random clock operation | |
| CN112395649B (en) | Method, chip and computer readable storage medium for preventing electromagnetic radiation attack | |
| EP2701101B1 (en) | Information processing devices and information processing methods | |
| WO2008013083A1 (en) | Pseudo random number generator, stream encrypting device, and program | |
| US9076002B2 (en) | Stored authorization status for cryptographic operations | |
| CN109891823B (en) | Method, system, and non-transitory computer readable medium for credential encryption | |
| CN110932853B (en) | Key management device and key management method based on trusted module | |
| EP4075412A1 (en) | Securing cryptographic operations from side channel attacks using a chaotic oscillator | |
| KR100987845B1 (en) | IC Card For Protecting Power Monitoring Attack | |
| US10936757B2 (en) | Registration destination determination device, searchable encryption system, destination determination method, and computer readable medium | |
| Brindha et al. | ISCAP: Intelligent and smart cryptosystem in android phone | |
| US20230259618A1 (en) | Method and device for detecting a profiling attack | |
| CN112866987A (en) | Networking verification method, equipment and computer readable storage medium | |
| JP6950861B2 (en) | Electronic information storage device, IC card, calculation decision method, and calculation decision program |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |