CN112668060A - Fault injection attack method and device, electronic equipment and storage medium - Google Patents
Fault injection attack method and device, electronic equipment and storage medium Download PDFInfo
- Publication number
- CN112668060A CN112668060A CN202110029559.7A CN202110029559A CN112668060A CN 112668060 A CN112668060 A CN 112668060A CN 202110029559 A CN202110029559 A CN 202110029559A CN 112668060 A CN112668060 A CN 112668060A
- Authority
- CN
- China
- Prior art keywords
- attack
- parameter
- effective
- generalization
- determining
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000002347 injection Methods 0.000 title claims abstract description 74
- 239000007924 injection Substances 0.000 title claims abstract description 74
- 238000000034 method Methods 0.000 title claims abstract description 42
- 238000011282 treatment Methods 0.000 claims abstract description 20
- 238000012545 processing Methods 0.000 claims description 17
- 238000004590 computer program Methods 0.000 claims description 7
- 239000000243 solution Substances 0.000 description 7
- 230000008569 process Effects 0.000 description 6
- 238000010586 diagram Methods 0.000 description 4
- 230000006870 function Effects 0.000 description 4
- 238000004891 communication Methods 0.000 description 3
- 230000008878 coupling Effects 0.000 description 3
- 238000010168 coupling process Methods 0.000 description 3
- 238000005859 coupling reaction Methods 0.000 description 3
- 230000008859 change Effects 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000011156 evaluation Methods 0.000 description 1
- 238000007620 mathematical function Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000003672 processing method Methods 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 238000012360 testing method Methods 0.000 description 1
Images
Landscapes
- Test And Diagnosis Of Digital Computers (AREA)
Abstract
The application discloses a fault injection attack method, a fault injection attack device, electronic equipment and a storage medium, wherein the method comprises the following steps: determining a plurality of groups of effective attack parameter combinations of the encryption chip, wherein each group of effective attack parameter combination comprises a plurality of effective attack parameters; respectively determining a generalization standard value corresponding to each effective attack parameter; based on the generalization standard value, carrying out multiple generalization treatments on each group of effective attack parameter combinations, and determining multiple groups of generalization attack parameter combinations; and carrying out fault injection attack on the encryption chip by utilizing the multiple groups of generalized attack parameter combinations. By adopting the fault injection attack method, the fault injection attack device, the electronic equipment and the storage medium, the problems that when the fault injection attack is carried out on the encryption chip, the effective attack parameter combination cannot be found quickly and the attack efficiency is low are solved.
Description
Technical Field
The present application relates to the field of security attack evaluation technologies, and in particular, to a fault injection attack method and apparatus, an electronic device, and a storage medium.
Background
The method mainly utilizes the modes of power supply operation, electromagnetic operation or laser injection to influence the normal encryption operation of the encryption chip so as to generate encryption errors, and utilizes the encryption error data to analyze an encryption key so as to verify whether the function of the encryption chip is safe. The attack method can be abstracted in that a fault signal with certain intensity is injected into an encryption chip which is carrying out encryption operation at a specific physical position and a specific time, so that encryption error data is generated, and therefore, the factors for generating the encryption error data comprise parameters such as an attack position, an attack time, attack intensity and the like. In the prior art, a plurality of attack positions, attack times, attack strengths and other parameters are combined to form a plurality of specific attack parameter combinations, and the specific attack parameter combinations are sequentially executed according to a set program, so that automatic fault injection attack is realized, that is, the fault injection attack is performed in a batch processing mode.
In the existing batch processing mode, because parameters such as attack positions, attack moments, attack strengths and the like have respective variable ranges, the number of attack parameter combinations is huge, and thus, when fault injection attack is performed on an encryption chip, the problems that effective attack parameter combinations cannot be found quickly and the attack efficiency is low are caused.
Disclosure of Invention
In view of this, the present application provides a fault injection attack method, apparatus, electronic device and storage medium, which aims to optimize a fault injection attack parameter combination, improve fault injection attack efficiency, and avoid the problem that an effective attack parameter combination cannot be quickly found and attack efficiency is low when a fault injection attack is performed on an encryption chip.
In a first aspect, an embodiment of the present application provides a fault injection attack method, including:
determining a plurality of groups of effective attack parameter combinations of the encryption chip, wherein each group of effective attack parameter combination comprises a plurality of effective attack parameters;
respectively determining a generalization standard value corresponding to each effective attack parameter;
based on the generalization standard value, carrying out multiple generalization treatments on each group of effective attack parameter combinations, and determining multiple groups of generalization attack parameter combinations;
and carrying out fault injection attack on the encryption chip by utilizing a plurality of groups of generalized attack parameter combinations.
Optionally, the plurality of valid attack parameters may include, but are not limited to: the effective attack position parameter, the effective attack time parameter, and the effective attack strength parameter, and the generalized standard value corresponding to each effective attack parameter is respectively determined, which may include: determining a reference attack parameter corresponding to the effective attack parameter; and determining the product of the reference attack parameter and the corresponding preset ratio as a generalization standard value corresponding to the effective attack parameter.
Optionally, based on the generalization standard value, the process of performing each generalization processing on each group of effective attack parameter combinations may include: determining a group of random numbers corresponding to each generalization treatment, wherein each group of random numbers can comprise a plurality of random numbers, and each random number in the plurality of random numbers corresponds to an effective attack parameter; and aiming at each effective attack parameter in the effective attack parameter combination, determining the product of the generalization standard value corresponding to the effective attack parameter and the corresponding random number, and determining the sum of the effective attack parameter and the product as the generalization attack parameter after the generalization treatment of the effective attack parameter.
Optionally, each group of generalized attack parameter combination is a combination of a plurality of generalized attack parameters required for performing a fault injection attack on the encryption chip; the plurality of generalized attack parameters includes: a generalized attack position parameter, a generalized attack time parameter and a generalized attack strength parameter.
Optionally, the method may further include: obtaining effective encryption error data generated by an encryption chip under fault injection attack; and analyzing the key used by the encryption chip by using the obtained effective encryption error data.
In a second aspect, an embodiment of the present application provides a fault injection attack apparatus, including:
the effective parameter combination determining module is used for determining a plurality of groups of effective attack parameter combinations of the encryption chip, wherein each group of effective attack parameter combination comprises a plurality of effective attack parameters;
the generalization standard value determining module is used for respectively determining the generalization standard value corresponding to each effective attack parameter;
the generalization processing module is used for carrying out multiple generalization processing on each group of effective attack parameter combinations based on the generalization standard value and determining multiple groups of generalization attack parameter combinations;
and the injection module is used for carrying out fault injection attack on the encryption chip by utilizing a plurality of groups of generalized attack parameter combinations.
Optionally, the plurality of valid attack parameters may include: the generalized standard value determining module determines a reference attack parameter corresponding to each effective attack parameter; and determining the product of the reference attack parameter and the corresponding preset ratio as a generalization standard value corresponding to the effective attack parameter.
Optionally, the process that the generalization processing module performs each generalization processing on each effective attack parameter combination may include: determining a group of random numbers corresponding to each generalization treatment, wherein each group of random numbers comprises a plurality of random numbers, and each random number in the plurality of random numbers corresponds to an effective attack parameter; and aiming at each effective attack parameter in the effective attack parameter combination, determining the product of the generalization standard value corresponding to the effective attack parameter and the corresponding random number, and determining the sum of the effective attack parameter and the product as the generalization attack parameter after the generalization treatment of the effective attack parameter.
In a third aspect, an embodiment of the present application provides an electronic device, including: a processor, a memory and a bus, the memory storing machine readable instructions executable by the processor, the processor and the memory communicating via the bus when the electronic device is operating, the machine readable instructions when executed by the processor performing the steps of the fault injection attack method as described above.
In a fourth aspect, the present application provides a computer-readable storage medium, where a computer program is stored on the computer-readable storage medium, and when the computer program is executed by a processor, the computer program performs the steps of the fault injection attack method described above.
The embodiment of the application brings the following beneficial effects:
the embodiment of the application provides a fault injection attack method, which comprises the following steps: determining a plurality of groups of effective attack parameter combinations of the encryption chip, wherein each group of effective attack parameter combination comprises a plurality of effective attack parameters; respectively determining a generalization standard value corresponding to each effective attack parameter; based on the generalization standard value, carrying out multiple generalization treatments on each group of effective attack parameter combinations, and determining multiple groups of generalization attack parameter combinations; and carrying out fault injection attack on the encryption chip by utilizing a plurality of groups of generalized attack parameter combinations. According to the method and the device, the fault injection attack parameter combination can be optimized, the fault injection attack efficiency is improved, and the problems that the effective attack parameter combination cannot be found quickly and the attack efficiency is low when the fault injection attack is carried out on the encryption chip are solved.
In order to make the aforementioned objects, features and advantages of the present application more comprehensible, preferred embodiments accompanied with figures are described in detail below.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings needed to be used in the embodiments are briefly described below, and it is obvious that the following drawings are some embodiments of the present application, and it is obvious for those skilled in the art to obtain other related drawings without creative efforts.
Fig. 1 is a schematic flowchart of a fault injection attack method according to an embodiment of the present application;
fig. 2 is a schematic structural diagram of a fault injection attack apparatus provided in an embodiment of the present application;
fig. 3 is a schematic structural diagram of an electronic device according to an embodiment of the present application.
Detailed Description
To make the objects, technical solutions and advantages of the embodiments of the present application clearer, the technical solutions of the present application will be clearly and completely described below with reference to the accompanying drawings, and it is obvious that the described embodiments are some, but not all embodiments of the present application. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
In the conventional batch processing method, parameters such as attack positions, attack moments, attack strengths and the like have respective variable ranges, so that the number of combinations of attack parameters is huge. For example, the variable range of each parameter is 100, then the attack parameters can form 100 thousands of combinations, and many of the attack parameter combinations are invalid, which results in that when a fault injection attack is performed on the encryption chip, all valid attack parameter combinations cannot be found quickly, and the attack efficiency is low.
Based on this, the embodiments of the present application provide a fault injection attack method, an apparatus, an electronic device, and a storage medium, which can efficiently find out more effective attack parameter combinations based on known multiple effective attack parameter combinations, improve the efficiency of fault injection attack, and avoid the problem that when a fault injection attack is performed on an encryption chip, effective attack parameter combinations cannot be quickly found and the attack efficiency is low.
To facilitate understanding of the present embodiment, first, a fault injection attack method disclosed in an embodiment of the present application is described in detail, and fig. 1 is a flowchart of a fault injection attack method provided in an embodiment of the present application, and as shown in fig. 1, the method includes the following steps:
Specifically, when a fault injection attack is performed on an encryption chip, a plurality of attack parameters required by the attack are determined, the fault injection attack is performed on the encryption chip running a cryptographic algorithm according to the combination of the determined attack parameters, and if encrypted data generated by the encryption chip is different from expected correct data, the encrypted data is called encrypted error data.
The combination of the attack parameters is called attack parameter combination, the encryption error data helpful for analyzing the key is called effective encryption error data, the attack parameter combination capable of enabling the encryption chip to generate the effective encryption error data is called effective attack parameter combination, and the parameters contained in the effective attack parameter combination are called effective attack parameters.
In the embodiment of the application, the prior information is known, a plurality of groups of effective attack parameter combinations can be determined from the prior information, and the plurality of groups of effective attack parameter combinations can be utilized to carry out subsequent parameter generalization processing. Wherein the prior information is experience and historical data obtained from past fault injection attack tests, including but not limited to: the system comprises a plurality of groups of effective attack parameter combination information, encryption error data information, encryption key information and cipher algorithm information. Among them, the cryptographic algorithm is a mathematical function for encryption and decryption, and is implemented in a cryptographic device by using codes or circuits, and common cryptographic algorithms include AES, DES, SM4, RSA, and the like. A cryptographic device is a generic term for a device that has a certain cryptographic function or can perform a certain cryptographic task.
Illustratively, the attack parameters may include, but are not limited to: and the attack parameter combination consisting of the attack position parameter L, the attack time parameter T and the attack strength parameter P is recorded as (L, T, P). The attack position may be [ L (Xmin, Ymin), L (Xmax, Ymax) ], where L (Xmin, Ymin) represents coordinates of an upper left corner point in a rectangular region corresponding to the package range of the encryption chip, and L (Xmax, Ymax) represents coordinates of a lower right corner point in the rectangular region corresponding to the package range of the encryption chip. The attack time may be within the execution time range of the cryptographic algorithm, and is recorded as [ Tmin, Tmax ], where Tmin represents the start time of the cryptographic algorithm execution, and Tmax represents the end time of the cryptographic algorithm execution. The attack strength can be determined by the attacking device and is marked as [ Pmin, Pmax ], Pmin represents the minimum strength of the disturbance source generated by the attacking device, and Pmax represents the maximum strength of the disturbance source generated by the attacking device. Accordingly, the effective attack parameters may include, but are not limited to: effective attack position parameters, effective attack time parameters and effective attack strength parameters. In one example, it is assumed that N sets of valid attack parameter combinations are known, denoted as (Li, Ti, Pi), where i ∈ [1, N ], Li represents a valid attack position parameter in the i-th set of valid attack parameter combinations, Ti represents a valid attack time parameter in the i-th set of valid attack parameter combinations, and Pi represents a valid attack strength parameter in the i-th set of valid attack parameter combinations.
And 102, respectively determining a generalization standard value corresponding to each effective attack parameter.
Specifically, for each effective attack parameter, a reference attack parameter corresponding to the effective attack parameter may be determined, and a product of the reference attack parameter and a corresponding preset ratio is determined as a generalization standard value corresponding to the effective attack parameter. For example, the reference attack parameter corresponding to any effective attack parameter may be a parameter value corresponding to any corresponding effective attack parameter in each effective attack parameter combination, and taking an effective attack parameter as an example of the effective attack position parameter, an effective attack position parameter may be arbitrarily selected from a plurality of effective attack position parameters in a plurality of groups of effective attack parameter combinations to be used as the reference attack parameter corresponding to the effective attack position parameter. In addition, the reference attack parameter may not change with the change of each effective attack parameter combination, that is, the reference attack parameter may be an average value, a median value, a maximum value, a minimum value, and the like of parameter values corresponding to each effective attack parameter in all effective attack parameter combinations, which is not limited in the present application. For example, taking the effective attack parameter as the effective attack time parameter, an average value, a median value, a maximum value, or a minimum value of a plurality of effective attack time parameters in a plurality of groups of effective attack parameter combinations may be used as the reference attack parameter corresponding to the effective attack time parameter.
In addition, the preset ratio may be a percentage value determined empirically, the preset ratios corresponding to the reference attack parameters may be the same or different, and a person skilled in the art may determine a specific value of the preset ratio according to actual requirements.
In the embodiment of the present application, a reference attack position parameter corresponding to the effective attack position parameter is represented by δ L0, a reference attack time parameter corresponding to the effective attack time parameter is represented by δ T0, a reference attack intensity parameter corresponding to the effective attack intensity parameter is represented by δ P0, a generalization standard value corresponding to the effective attack position parameter is represented by δ L, a generalization standard value corresponding to the effective attack time parameter is represented by δ T, and a generalization standard value corresponding to the effective attack intensity parameter is represented by δ P. In one example, the empirically predetermined percentage may take any value in the range of 1% -5%.
Taking the example in the step 101 as an example, assuming that the preset ratio corresponding to each reference attack parameter is 3%, the generalization standard value δ L corresponding to the effective attack position parameter is δ L0 × 3%; the generalization standard value delta T corresponding to the effective attack time parameter is delta T0 multiplied by 3%; the generalization standard value δ P corresponding to the effective attack strength parameter is δ P0 × 3%.
And 103, performing multiple generalization processing on each group of effective attack parameter combinations based on the generalization standard value, and determining multiple groups of generalization attack parameter combinations.
Specifically, the whole generalization treatment process is as follows: firstly, carrying out a plurality of generalization treatments on the first group of effective attack parameter combinations, then carrying out the same number of generalization treatments on the second group of effective attack parameter combinations, and so on until completing the generalization treatments on all the effective attack parameter combinations. The number of generalization processing performed on each effective attack parameter combination is referred to as a generalization number, and is denoted as K.
The process of each generalization treatment is as follows: and during each generalization treatment, generating a group of random numbers corresponding to each effective attack parameter in the effective attack parameter combination, calculating the product of the generalization standard value corresponding to each effective attack parameter in the effective attack parameter combination and the corresponding random number, and determining the sum of the effective attack parameters and the corresponding products as the generalization attack parameters of the effective attack parameters after the generalization treatment. Each generated group of random numbers comprises a plurality of random numbers, and each random number corresponds to one effective attack parameter.
In one example, assume that the generated set of random numbers are R1, R2, R3, respectively, which may range from [ -1,1 ]. R1 corresponds to a valid attack location parameter, R2 corresponds to a valid attack time parameter, and R3 corresponds to a valid attack strength parameter.
Taking the example in the above step 102 as an example, the generalized attack parameter combination (L1, T1, P1) can be obtained by using the following formula:
L1=Li+δL×R1;
T1=Ti+δT×R2;
P1=Pi+δP×R3;
wherein, the value range of i is [1, N ], L1, T1 and P1 respectively represent a generalized attack position parameter, a generalized attack time parameter and a generalized attack strength parameter.
And 104, utilizing a plurality of groups of generalized attack parameter combinations to carry out fault injection attack on the encryption chip.
Specifically, a plurality of groups of generalized attack parameter combinations obtained through generalization are used for fault injection attack, effective encryption error data generated by the encryption chip under the fault injection attack are obtained, and the obtained effective encryption error data are used for analyzing a key used by the cryptographic device.
Taking the example in step 103 as an example, the effective attack parameter combinations have N groups, and the number of generalization times performed by each group is K, so that N × K groups of generalized attack parameter combinations are obtained.
The embodiment of the application provides a fault injection attack method, which comprises the steps of determining a plurality of groups of effective attack parameter combinations of an encryption chip, wherein each group of effective attack parameter combinations comprises a plurality of effective attack parameters; respectively determining a generalization standard value corresponding to each effective attack parameter; based on the generalization standard value, carrying out multiple generalization treatments on multiple groups of effective attack parameter combinations to determine multiple groups of generalization attack parameter combinations; and carrying out fault injection attack on the encryption chip by utilizing a plurality of groups of generalized attack parameter combinations. By adopting the fault injection attack method and device, the electronic equipment and the storage medium, the fault injection attack parameter combination can be optimized, the fault injection attack efficiency is improved, and the problems that the effective attack parameter combination cannot be quickly found and the attack efficiency is low when the fault injection attack is carried out on the encryption chip are solved.
An embodiment of the present application further provides a fault injection attack apparatus, and fig. 2 is a schematic structural diagram of the fault injection attack apparatus provided in the embodiment of the present application, and as shown in fig. 2, the apparatus includes the following modules:
an effective parameter combination determining module 201, configured to determine a plurality of effective attack parameter combinations of the cryptographic chip, where each effective attack parameter combination includes a plurality of effective attack parameters;
a generalization standard value determination module 202, which determines a generalization standard value corresponding to each effective attack parameter;
the generalization processing module 203 is used for performing multiple generalization processing on multiple groups of effective attack parameter combinations based on the generalization standard value to determine multiple groups of generalization attack parameter combinations;
the injection module 204 is used for carrying out fault injection attack on the encryption chip by utilizing a plurality of groups of generalized attack parameter combinations;
corresponding to the fault injection attack method in fig. 1, an embodiment of the present application further provides a schematic structural diagram of an electronic device 300, as shown in fig. 3, where the electronic device 300 includes a processor 310, a memory 320, and a bus 330. The memory 320 stores machine-readable instructions executable by the processor 310, when the electronic device 300 runs, the processor 310 communicates with the memory 320 through the bus 330, and when the machine-readable instructions are executed by the processor 310, the fault injection attack method can be executed, so that a fault injection attack parameter combination can be optimized, the fault injection attack efficiency is improved, and the problems that an effective attack parameter combination cannot be quickly found and the attack efficiency is low when a fault injection attack is performed on an encryption chip are solved.
Corresponding to the fault injection attack method in fig. 1, an embodiment of the present application further provides a computer-readable storage medium, where a computer program is stored on the computer-readable storage medium, and the computer program is executed by a processor to perform the steps of the fault injection attack method.
Specifically, the storage medium can be a general storage medium, such as a mobile disk, a hard disk, and the like, and when a computer program on the storage medium is run, the fault injection attack parameter combination can be optimized, so that the fault injection attack efficiency is improved, and the problems that an effective attack parameter combination cannot be quickly found and the attack efficiency is low when the fault injection attack is performed on the encryption chip are avoided.
It is clear to those skilled in the art that, for convenience and brevity of description, the specific working processes of the foregoing systems, apparatuses and units may refer to the corresponding processes in the foregoing method embodiments, and are not described herein again.
In the embodiments provided in the present application, it should be understood that the disclosed apparatus and method may be implemented in other ways. The above-described embodiments of the apparatus are merely illustrative, and for example, a division of a unit is merely a division of one logic function, and there may be other divisions when actually implemented, and for example, a plurality of units or components may be combined or integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection of devices or units through some communication interfaces, and may be in an electrical, mechanical or other form.
The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.
In addition, functional units in the embodiments provided in the present application may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit.
The functions, if implemented in the form of software functional units and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present application or portions thereof that substantially contribute to the prior art may be embodied in the form of a software product stored in a storage medium and including instructions for causing an electronic device (which may be a personal computer, a server, or a network device) to perform all or part of the steps of the method according to the embodiments of the present application. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and other various media capable of storing program codes.
It should be noted that: like reference numbers and letters refer to like items in the following figures, and thus once an item is defined in one figure, it need not be further defined and explained in subsequent figures, and moreover, the terms "first", "second", "third", etc. are used merely to distinguish one description from another and are not to be construed as indicating or implying relative importance.
Finally, it should be noted that: the above-mentioned embodiments are only specific embodiments of the present application, and are used for illustrating the technical solutions of the present application, but not limiting the same, and the scope of the present application is not limited thereto, and although the present application is described in detail with reference to the foregoing embodiments, those skilled in the art should understand that: any person skilled in the art can modify or easily conceive the technical solutions described in the foregoing embodiments or equivalent substitutes for some technical features within the technical scope disclosed in the present application; such modifications, changes or substitutions do not depart from the spirit and scope of the exemplary embodiments of the present application, and are intended to be covered by the scope of the present application. Therefore, the protection scope of the present application shall be subject to the protection scope of the claims.
Claims (10)
1. A fault injection attack method, comprising:
determining a plurality of groups of effective attack parameter combinations of the encryption chip, wherein each group of effective attack parameter combination comprises a plurality of effective attack parameters;
respectively determining a generalization standard value corresponding to each effective attack parameter;
based on the generalization standard value, carrying out multiple generalization treatments on each group of effective attack parameter combinations, and determining multiple groups of generalization attack parameter combinations;
and carrying out fault injection attack on the encryption chip by utilizing the multiple groups of generalized attack parameter combinations.
2. The method of claim 1, wherein the plurality of valid attack parameters comprises: an effective attack position parameter, an effective attack time parameter, an effective attack intensity parameter,
respectively determining a generalization standard value corresponding to each effective attack parameter, including:
determining a reference attack parameter corresponding to the effective attack parameter;
and determining the product of the reference attack parameter and the corresponding preset ratio as a generalization standard value corresponding to the effective attack parameter.
3. The method of claim 1, wherein the generalizing each of the effective attack parameter combinations for each group based on the generalizing criteria comprises:
determining a group of random numbers corresponding to each generalization treatment, wherein each group of random numbers comprises a plurality of random numbers, and each random number in the plurality of random numbers corresponds to an effective attack parameter;
and aiming at each effective attack parameter in the effective attack parameter combination, determining the product of the generalization standard value corresponding to the effective attack parameter and the corresponding random number, and determining the sum of the effective attack parameter and the product as the generalization attack parameter after the generalization treatment of the effective attack parameter.
4. The method of claim 1, wherein each set of generalized attack parameter combinations is a combination of a plurality of generalized attack parameters required for one fault injection attack on a cryptographic chip; the plurality of generalized attack parameters includes: a generalized attack position parameter, a generalized attack time parameter and a generalized attack strength parameter.
5. The method of claim 1, further comprising:
obtaining effective encryption error data generated by the encryption chip under fault injection attack;
and analyzing the key used by the encryption chip by using the obtained valid encryption error data.
6. A fault injection attack apparatus, comprising:
the effective parameter combination determining module is used for determining a plurality of groups of effective attack parameter combinations of the encryption chip, wherein each group of effective attack parameter combination comprises a plurality of effective attack parameters;
the generalization standard value determining module is used for respectively determining the generalization standard value corresponding to each effective attack parameter;
the generalization processing module is used for carrying out multiple generalization processing on each group of effective attack parameter combinations based on the generalization standard value and determining multiple groups of generalization attack parameter combinations;
and the injection module is used for carrying out fault injection attack on the encryption chip by utilizing the multiple groups of generalized attack parameter combinations.
7. The apparatus of claim 6, wherein the plurality of valid attack parameters comprises: an effective attack position parameter, an effective attack time parameter, an effective attack intensity parameter,
the generalization standard value determining module determines a reference attack parameter corresponding to each effective attack parameter; and determining the product of the reference attack parameter and the corresponding preset ratio as a generalization standard value corresponding to the effective attack parameter.
8. The apparatus of claim 6, wherein the generalization processing module performs each generalization processing on each set of valid attack parameter combinations comprising:
determining a group of random numbers corresponding to each generalization treatment, wherein each group of random numbers comprises a plurality of random numbers, and each random number in the plurality of random numbers corresponds to an effective attack parameter;
and aiming at each effective attack parameter in the effective attack parameter combination, determining the product of the generalization standard value corresponding to the effective attack parameter and the corresponding random number, and determining the sum of the effective attack parameter and the product as the generalization attack parameter after the generalization treatment of the effective attack parameter.
9. An electronic device comprising a processor, a memory and a bus, the memory storing machine-readable instructions executable by the processor, the processor and the memory communicating over the bus when the electronic device is run, the machine-readable instructions when executed by the processor performing the steps of the fault injection attack method according to any one of claims 1-5.
10. A computer-readable storage medium, characterized in that the computer-readable storage medium has stored thereon a computer program which, when being executed by a processor, carries out the steps of the fault injection attack method according to any one of claims 1-5.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110029559.7A CN112668060B (en) | 2021-01-11 | 2021-01-11 | Fault injection attack method and device, electronic equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110029559.7A CN112668060B (en) | 2021-01-11 | 2021-01-11 | Fault injection attack method and device, electronic equipment and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN112668060A true CN112668060A (en) | 2021-04-16 |
| CN112668060B CN112668060B (en) | 2024-04-16 |
Family
ID=75414020
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110029559.7A Active CN112668060B (en) | 2021-01-11 | 2021-01-11 | Fault injection attack method and device, electronic equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112668060B (en) |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP2706455A1 (en) * | 2012-09-10 | 2014-03-12 | Oberthur Technologies | Method for testing the security of an electronic device against an attack, and electronic device implementing countermeasures |
| CN104391784A (en) * | 2014-08-27 | 2015-03-04 | 北京中电华大电子设计有限责任公司 | Method and device for fault injection attack based on simulation |
| CN105763312A (en) * | 2016-03-02 | 2016-07-13 | 中国人民解放军军械工程学院 | Cryptographic chip optical fault injection system and attack method |
| CN106371989A (en) * | 2016-05-06 | 2017-02-01 | 北京中电华大电子设计有限责任公司 | Efficient and secure attack fault injection method adopting batch processing mode |
| CN111459816A (en) * | 2020-03-31 | 2020-07-28 | 北京百度网讯科技有限公司 | Fault injection test method, device, system and storage medium |
-
2021
- 2021-01-11 CN CN202110029559.7A patent/CN112668060B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP2706455A1 (en) * | 2012-09-10 | 2014-03-12 | Oberthur Technologies | Method for testing the security of an electronic device against an attack, and electronic device implementing countermeasures |
| CN104391784A (en) * | 2014-08-27 | 2015-03-04 | 北京中电华大电子设计有限责任公司 | Method and device for fault injection attack based on simulation |
| CN105763312A (en) * | 2016-03-02 | 2016-07-13 | 中国人民解放军军械工程学院 | Cryptographic chip optical fault injection system and attack method |
| CN106371989A (en) * | 2016-05-06 | 2017-02-01 | 北京中电华大电子设计有限责任公司 | Efficient and secure attack fault injection method adopting batch processing mode |
| CN111459816A (en) * | 2020-03-31 | 2020-07-28 | 北京百度网讯科技有限公司 | Fault injection test method, device, system and storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN112668060B (en) | 2024-04-16 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN112789824A (en) | Block chain system, information transmission method, system, device and computer medium | |
| US9577826B2 (en) | Method of generating proven prime numbers suitable for being implemented in a smart card | |
| US20140095883A1 (en) | Hardening of direct anonymous attestation from side-channel attack | |
| US10282552B1 (en) | Device blanking | |
| CN102063586B (en) | For the method and apparatus that detection failure is attacked | |
| US20130218937A1 (en) | Arithmetic apparatus, elliptic scalar multiplication method of arithmetic apparatus, elliptic scalar multiplication program, residue operation method of arithmetic apparatus, and residue operation program | |
| CN105637516A (en) | Method for verifying integrity of dynamic code using hash | |
| CN111160879A (en) | Hardware wallet and security improving method and device thereof | |
| CN111695097A (en) | Login checking method and device and computer readable storage medium | |
| CN114528602B (en) | Security chip operation method and device based on attack detection behavior | |
| CN103597490A (en) | Protection of applets against hidden-channel analyses | |
| CN112769548A (en) | Block chain numerical information transmission method, system, device and computer medium | |
| CN112668060A (en) | Fault injection attack method and device, electronic equipment and storage medium | |
| CN109886685A (en) | A kind of commodity tracing system and method based on block chain | |
| CN1365214A (en) | Cipher key managing method based on public cipher key system | |
| Leng | Smart card applications and security | |
| CN111127020A (en) | Transaction data confusion method based on block chain and related equipment | |
| CN104919751B (en) | For the method for running portable data medium and this portable data medium | |
| CN114760073B (en) | Block chain-based warehouse commodity distribution method and device, electronic equipment and medium | |
| CN108073411A (en) | A kind of kernel loads method and device of patch | |
| CN113761479B (en) | Software authorization method, system, equipment and computer storage medium | |
| US11216561B2 (en) | Executing processes in sequence | |
| CN113055178B (en) | Block chain system, and method, system, device and medium for transmitting numerical information | |
| CN112825093B (en) | Security baseline checking method, host, server, electronic device and storage medium | |
| CN113449034A (en) | Intelligent contract data security management method, system and storage medium based on block chain network |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |