CN114328269B - Password chip security detection method - Google Patents
Password chip security detection method Download PDFInfo
- Publication number
- CN114328269B CN114328269B CN202210053967.0A CN202210053967A CN114328269B CN 114328269 B CN114328269 B CN 114328269B CN 202210053967 A CN202210053967 A CN 202210053967A CN 114328269 B CN114328269 B CN 114328269B
- Authority
- CN
- China
- Prior art keywords
- level
- side channel
- chip
- register
- fpga
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000001514 detection method Methods 0.000 title claims abstract description 28
- 230000005540 biological transmission Effects 0.000 claims abstract description 95
- 238000012546 transfer Methods 0.000 claims description 26
- 238000000034 method Methods 0.000 claims description 20
- 238000004364 calculation method Methods 0.000 claims description 5
- 238000012986 modification Methods 0.000 claims description 4
- 230000004048 modification Effects 0.000 claims description 4
- 238000011156 evaluation Methods 0.000 abstract description 6
- 238000004422 calculation algorithm Methods 0.000 description 37
- 238000013461 design Methods 0.000 description 13
- 238000012938 design process Methods 0.000 description 6
- 238000011161 development Methods 0.000 description 3
- 238000013478 data encryption standard Methods 0.000 description 2
- 230000015572 biosynthetic process Effects 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000004088 simulation Methods 0.000 description 1
- 238000003786 synthesis reaction Methods 0.000 description 1
Landscapes
- Storage Device Security (AREA)
Abstract
The application discloses a security detection method of a password chip, which comprises the following steps: simulating a register transmission stage realization code of a target cipher chip according to a plurality of groups of plaintext and a plurality of groups of keys to generate register transmission stage side channel information; counting the correlation between the variable value set of the side channel and the information of the transmission level side channel of the register, and generating a correlation result of the transmission level of the register; and judging whether to modify and iterate the register transmission stage realization codes according to the register transmission stage correlation result. The application solves the technical problem of how to improve the evaluation efficiency of the channel protection capability of the cipher chip side.
Description
Technical Field
The application relates to the technical field of information security. More particularly, the application relates to a security detection method for a cryptographic chip.
Background
In the design process of the cipher chip, the side channel protection capability of the cipher algorithm is one of the important factors for considering the security of the cipher chip. In the prior art, the password chip is actually evaluated for the protection capability of the side channel of the password algorithm after being developed and produced, so that if the security of the password chip does not meet the requirement, the situation of adjusting the design is necessarily faced, namely the password chip is redesigned and manufactured. The situation not only ensures that the evaluation efficiency of the security is low, but also severely restricts the iteration speed of the password algorithm and the development speed of the password chip, and greatly increases the design cost of the password chip.
Disclosure of Invention
It is an object of the present application to solve at least the above problems and to provide corresponding advantages.
The application further aims to provide a security detection method for the password chip, which solves the technical problem of how to improve the evaluation efficiency of the protection capability of the channel at the side of the password chip. The application is realized mainly by the following technical scheme:
the application provides a security detection method of a password chip, which comprises the following steps:
simulating a register transmission stage realization code of a target cipher chip according to a plurality of groups of plaintext and a plurality of groups of keys to generate register transmission stage side channel information;
counting the correlation between the variable value set of the side channel and the information of the transmission level side channel of the register, and generating a correlation result of the transmission level of the register;
and judging whether to modify and iterate the register transmission stage realization codes according to the register transmission stage correlation result.
According to the password chip security detection method provided by the application, the register transmission level side channel information is generated by simulating the register transmission level implementation code of the target password chip, so that a designer can count the correlation between a side channel variable value set and the register transmission level side channel information, and the security of the register transmission level implementation code is determined according to the register transmission level correlation result, namely whether modification iteration is needed or not. Compared with the prior art, the method and the device can iterate the target cipher chip in the design process of the target cipher chip (namely, the register transmission stage realizes the code design stage), and the iteration update is not required to be started until the design of the target cipher chip is completed, so that the evaluation efficiency of the side channel protection capability can be greatly improved.
In some embodiments, the step of generating the correlation result of the transmission stage of the register includes:
generating the side channel variable value set according to the plurality of groups of plaintext and the plurality of groups of secret keys;
and calculating the correlation between the side channel variable value set and the register transmission stage side channel information, and generating a register transmission stage correlation result.
In some embodiments, the step of determining whether to modify the register transfer level implementation code according to the register transfer level correlation result includes:
acquiring a register transmission level maximum value of the register transmission level correlation result;
and judging whether the maximum value of the register transmission level exceeds a preset value of the register transmission level, and if so, carrying out modification iteration on the register transmission level realization code.
In some technical solutions, the method for detecting security of a cryptographic chip further includes:
the FPGA ((Field Programmable Gate Array, field programmable gate array)) is used for realizing the FPGA-level side channel information generated by codes according to a plurality of groups of plaintext and a plurality of groups of key acquisition target password chips;
counting the correlation between the side channel variable value set and the FPGA-level side channel information to generate an FPGA-level correlation result;
and judging whether to modify and iterate the FPGA implementation code and/or the register transmission level implementation code according to the FPGA level correlation result.
In some technical solutions, the step of counting the correlation between the set of side channel variable values and the FPGA-level side channel information, and generating an FPGA-level correlation result includes:
generating the side channel variable value set according to the plurality of groups of plaintext and the plurality of groups of secret keys;
and calculating the correlation between the side channel variable value set and the FPGA-level side channel information to generate an FPGA-level correlation result.
In some technical solutions, the step of determining whether to modify and iterate the FPGA implementation code and/or the register transmission level implementation code according to the FPGA level correlation result includes:
acquiring an FPGA-level maximum value of the FPGA-level correlation result;
and judging whether the maximum value of the FPGA level exceeds a preset value of the FPGA level, and if so, modifying and iterating the FPGA implementation code and/or the register transmission level implementation code.
In some technical solutions, the method for detecting security of a cryptographic chip further includes:
acquiring chip-level side channel information generated by a target cipher chip according to a plurality of groups of plaintext and a plurality of groups of keys;
counting the correlation between the side channel variable value set and the chip-level side channel information to generate a chip-level correlation result;
and judging whether to modify and iterate at least one code of the chip implementation code, the FPGA implementation code and the register transmission level implementation code according to the chip-level correlation result.
In some embodiments, the step of generating a chip-level correlation result includes:
generating the side channel variable value set according to the plurality of groups of plaintext and the plurality of groups of secret keys;
and calculating the correlation between the side channel variable value set and the chip-level side channel information to generate a chip-level correlation result.
In some technical solutions, the step of determining whether to modify and iterate at least one code of the chip implementation code, the FPGA implementation code, and the register transmission level implementation code according to the chip-level correlation result includes:
acquiring a chip-level maximum value of the chip-level correlation result;
and judging whether the chip-level maximum value exceeds a chip-level preset value, and if so, modifying and iterating at least one code of the chip implementation code, the FPGA implementation code and the register transmission-level implementation code.
In some embodiments, the calculation formula for calculating the correlation between the set of side channel variable values and the register transmission level side channel information, the correlation between the set of side channel variable values and the FPGA level side channel information, and the correlation between the set of side channel variable values and the chip level side channel information is
In some technical solutions, the method for detecting the security of the cryptographic chip includes:
simulating an algorithm-level realization code of the target cipher chip according to a plurality of groups of plaintext and a plurality of groups of keys to generate algorithm-level side channel information;
counting the correlation between the side channel variable value set and the algorithm-level side channel information to generate an algorithm-level correlation result;
and judging whether to modify and iterate the algorithm stage realization codes according to the algorithm stage correlation result.
In some technical solutions, the method for detecting the security of the cryptographic chip includes:
simulating a circuit-level implementation code of the target cipher chip according to a plurality of groups of plaintext and a plurality of groups of keys to generate circuit-level side channel information;
counting the correlation between the side channel variable value set and the circuit-level side channel information to generate a circuit-level correlation result;
and judging whether to modify and iterate the circuit-level implementation code according to the circuit-level correlation result.
The technical effects of the embodiment of the application at least comprise:
according to the password chip security detection method provided by the application, the register transmission level side channel information is generated by simulating the register transmission level implementation code of the target password chip, so that a designer can count the correlation between the side channel variable value set and the register transmission level side channel information, and the security of the register transmission level implementation code is determined according to the register transmission level correlation result, namely whether modification iteration is needed or not. Compared with the prior art, the method and the device can iterate the target cipher chip in the design process of the target cipher chip (namely, the register transmission stage realizes the code design stage), and the iteration update is not required to be started until the design of the target cipher chip is completed, so that the evaluation efficiency of the side channel protection capability can be greatly improved.
In some technical schemes, the security detection method of the cipher chip of the application further comprises FPGA-level side channel information generated by using FPGA to realize codes according to the multiple groups of plaintext and multiple groups of key acquisition target cipher chips; counting the correlation of the side channel variable value set and the FPGA-level side channel information to generate an FPGA-level correlation result; and judging whether to modify and iterate the FPGA implementation code and/or the register transmission level implementation code according to the FPGA level correlation result. Therefore, in the FPGA-level design stage, the code of the password chip can be iterated for the second time, and the design cost of the password chip is greatly reduced.
In some technical schemes, the method for detecting the security of the cipher chip further comprises the step of acquiring chip-level side channel information generated by a target cipher chip according to a plurality of groups of plaintext and a plurality of groups of keys; counting the correlation between the side channel variable value set and the chip-level side channel information to generate a chip-level correlation result; and judging whether to modify and iterate at least one code of the chip implementation code, the FPGA implementation code and the register transmission level implementation code according to the chip-level correlation result. Therefore, the password chip is subjected to iteration of codes corresponding to the register transmission level, the FPGA level and the chip level respectively, namely, the codes of the password chip are iterated for three times, so that the safety of the password chip in the whole design process can be ensured, and the trial-and-error cost in the code development process is reduced.
Unless defined otherwise, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this application belongs.
The various features and embodiments of the application mentioned in the above aspects can be applied to other aspects as appropriate, where appropriate. Thus, a particular feature in one aspect may be combined with a particular feature in another aspect as appropriate.
Additional advantages, objects, and features of the application will be set forth in part in the description which follows and in part will become apparent to those having ordinary skill in the art upon examination of the following or may be learned from practice of the application.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings that are needed in the description of the embodiments of the present application will be briefly described below, it being obvious that the drawings in the following description are only some embodiments of the present application, and that other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
FIG. 1 is a flow chart of a cryptographic chip security detection method of the present application in some embodiments;
FIG. 2 is a flow chart of a method for detecting security of a cryptographic chip according to another embodiment of the application;
FIG. 3 is a flow chart of a cryptographic chip security detection method according to the present application in further embodiments;
FIG. 4 is a flow chart of a cryptographic chip security detection method according to the present application in further embodiments;
FIG. 5 is a reference diagram of the register transfer level correlation results of the present application in some embodiments;
FIG. 6 is a flow chart of a cryptographic chip security detection method according to the present application in further embodiments;
FIG. 7 is a flow chart of a cryptographic chip security detection method according to the present application in further embodiments;
FIG. 8 is a flow chart of a cryptographic chip security detection method of the present application in further embodiments;
FIG. 9 is a flow chart of a cryptographic chip security detection method of the present application in further embodiments;
FIG. 10 is a flow chart of a cryptographic chip security detection method of the present application in further embodiments;
FIG. 11 is a flowchart of a method for detecting security of a cryptographic chip according to the present application in still other embodiments.
Detailed Description
In order to make the objects, technical solutions and advantages of the present application more apparent, the technical solutions of the embodiments of the present application will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present application, and it is apparent that the described embodiments are some embodiments of the present application, but not all embodiments of the present application. All other embodiments, which can be made by those skilled in the art based on the embodiments of the application without making any inventive effort, are intended to be within the scope of the application.
In embodiments of the application, words such as "exemplary" or "such as" are used to mean serving as an example, instance, or illustration. Any embodiment or design described herein as "exemplary" or "e.g." in an embodiment should not be taken as preferred or advantageous over other embodiments or designs. Rather, the use of words such as "exemplary" or "such as" is intended to present related concepts in a concrete fashion.
It should be noted that, in this document, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements that are expressly listed or inherent to such process, method, article, or apparatus.
It should be appreciated that the present application may be used to perform side channel security detection on cryptographic chips embedded with symmetric cryptographic algorithms and public key cryptographic algorithms, such as DES (Data Encryption Standard) algorithm, AES (Advanced Encryption Standard) algorithm, SM4 algorithm, RSA encryption algorithm, ECC (elliptic curve encryption algorithm) or SM2 algorithm.
Hereinafter, various embodiments of the present application will be described with reference to the accompanying drawings.
As shown in FIG. 1, the method for detecting the security of the cryptographic chip is provided by the application. In fig. 1, the cryptographic chip security detection method includes:
s101, simulating a register transmission stage realization code of a target cipher chip according to a plurality of groups of plaintext and a plurality of groups of keys, and generating register transmission stage side channel information.
It should be understood that the simulation operation of step S101 may be performed using a power consumption simulator.
The register transfer level side channel information includes register transfer level power consumption information, which may be presented in the form of a power consumption curve.
S102, generating a register transmission level correlation result by counting correlation of the side channel variable value set and the register transmission level side channel information.
The set of side channel variable values is generated from the plurality of sets of plaintext and plurality of sets of key execution algorithms, which may be a set of a plurality of intermediate variable values. The intermediate variable value may be a power consumption value.
S103, judging whether to modify and iterate the register transmission stage implementation codes according to the register transmission stage correlation result.
According to the password chip security detection method provided by the application, the register transmission level side channel information is generated by simulating the register transmission level implementation code of the target password chip, so that a designer can count the correlation between a side channel variable value set and the register transmission level side channel information, and the security of the register transmission level implementation code is determined according to the register transmission level correlation result, namely whether iteration is needed or not. Compared with the prior art, the method and the device can iterate the target cipher chip in the design process of the target cipher chip (namely, the register transmission stage realizes the code design stage), and the iteration update is not required to be started until the design of the target cipher chip is completed, so that the evaluation efficiency of the side channel protection capability can be greatly improved.
In some embodiments, as shown in fig. 2, the step S102 includes:
s201, generating the side channel variable value set according to the plurality of groups of plaintext and the plurality of groups of secret keys.
S202, calculating the correlation between the side channel variable value set and the side channel information of the register transmission stage, and generating a register transmission stage correlation result.
The calculation formula for calculating the correlation between the side channel variable value set and the register transmission level side channel information is as followsWherein D represents the group number of the plaintext, D represents the D-th register transfer stageSide channel information (i.e., register transfer level side channel information obtained by the d-th group plaintext), i denotes a time point, h d,i Side channel variable value set representing the d-th register transmission stage side channel information at time i,/>Represents the average of all side channel variable values at time i, j represents the time point, t d,j Register transfer level side channel information representing the d-th group plaintext time j +.>The average value of all the register transmission stage side channel information at the time j is represented.
In some embodiments, as shown in fig. 3, the implementation of step S102 may be implemented by the following examples:
in FIG. 3, multiple sets of plaintext use d 1 、d 2 、d n Representing multiple sets of keys using k 1 、k 2 、k m Representing, from a plurality of sets of plaintext and a plurality of sets of keys, a set of register-level side channel variable values, which may be represented in the form of a power consumption model, which in fig. 3 uses v 11 、v 12 、v 1m 、v 21 、v 22 、v 2m 、v n1 、v n2 、v nm And (3) representing. And calculating the correlation between the side channel variable value set and the side channel information of the register transmission stage, and generating a register transmission stage correlation result. In fig. 3, the register transfer level side channel information uses t 11 、t 12 、t 1m 、t 21 、t 22 、t 2m 、t n1 、t n2 、t nm Representing that the register transfer level dependency result uses r 11 、r 12 、r 1m 、r 21 、r 22 、r 2m 、r n1 、r n2 、r nm And (3) representing. The designer can pass r 11 、r 12 、r 1m 、r 21 、r 22 、r 2m 、r n1 、r n2 、r nm It is determined whether the register transfer level algorithm requires iteration.
In some embodiments, as shown in fig. 4, the step S103 includes:
s301, obtaining a maximum value of the register transmission level of the correlation result of the register transmission level.
S302, judging whether the maximum value of the register transmission level exceeds a preset value of the register transmission level, and if so, modifying and iterating the register transmission level realization code.
It should be noted that the predetermined value of the register transfer level may be 2×10 -5 (reference herein to a "×" symbol is to be understood as a multiplier in a mathematical symbol). In some embodiments, reference may be made to FIG. 5, where the abscissa in FIG. 5 is time and the ordinate is the correlation value, i.e. the register transfer level correlation result. In fig. 5, the time is between 200ns and 250ns, there is a register transfer level maximum that exceeds the register transfer level by a predetermined value of 2 x 10 -5 It is therefore necessary to iterate the register transfer level algorithm. In other embodiments, the predetermined value of the register transfer stage may be other values, which may be set by those skilled in the art according to actual needs, and this is not limited herein.
In some embodiments, as shown in fig. 6, the cryptographic chip security detection method further includes:
s401, acquiring FPGA-level side channel information generated by using FPGA to realize codes according to a plurality of groups of plaintext and a plurality of groups of key acquisition target password chips.
The FPGA-level side channel information comprises FPGA-level power consumption information, and the FPGA-level side channel information can be presented in the form of a power consumption curve.
S402, counting correlation of the side channel variable value set and the FPGA-level side channel information, and generating an FPGA-level correlation result.
The set of side channel variable values is generated from the plurality of sets of plaintext and plurality of sets of key execution algorithms, which may be a set of a plurality of intermediate variable values.
S403, judging whether to modify and iterate the FPGA implementation code and/or the register transmission level implementation code according to the FPGA level correlation result.
Through the embodiment, the password chip can realize the register transmission stage to realize code iteration and/or the FPGA to realize code iteration. The security of the password chip is more perfect, and the design cost of the password chip is further reduced.
In some embodiments, as shown in fig. 7, the step S402 includes:
s501, generating the side channel variable value set according to the plurality of groups of plaintext and the plurality of groups of secret keys.
S502, calculating the correlation between the side channel variable value set and the FPGA-level side channel information, and generating an FPGA-level correlation result.
The calculation formula for calculating the correlation between the side channel variable value set and the FPGA-level side channel information is also
In some embodiments, the implementation of the step S402 may also be implemented with reference to fig. 3, and a specific implementation example may refer to an implementation example of the step S102, which will not be described in detail herein.
In some embodiments, as shown in fig. 8, the step S403 includes:
s601, obtaining an FPGA-level maximum value of the FPGA-level correlation result;
s602, judging whether the maximum value of the FPGA level exceeds a preset value of the FPGA level, and if so, modifying and iterating the algorithm implementation code and/or the register transmission level implementation code of the FPGA.
It should be noted that the predetermined value of the FPGA level may be 2×10 -5 . In some embodiments, reference may be made to FIG. 5, where in FIG. 5, the time is between 200ns and 250ns, with a maximum FPGA level that exceeds the predetermined FPGA level value by 2 x 10 -5 Therefore, it is necessary to stack FPGA implementation codes and/or register transfer level implementation codesAnd (3) replacing. In other embodiments, the predetermined FPGA value may be other values, which may be set by those skilled in the art according to actual needs, which is not limited herein.
In some embodiments, as shown in fig. 9, the cryptographic chip security detection method further includes:
s701, acquiring chip-level side channel information generated by a target cipher chip according to a plurality of groups of plaintext and a plurality of groups of keys.
The chip-level side channel information includes chip-level power consumption information, which may be presented in the form of a power consumption curve.
S702, counting correlation of a side channel variable value set and the chip-level side channel information, and generating a chip-level correlation result.
The set of side channel variable values is generated from the plurality of sets of plaintext and plurality of sets of key execution algorithms, which may be a set of a plurality of intermediate variable values.
S703, judging whether to modify and iterate at least one code of the chip implementation code, the FPGA implementation code and the register transmission level implementation code according to the chip level correlation result.
Through the embodiment, the password chip can realize register transmission level code iteration, FPGA code iteration and chip level code iteration, namely three iterations are performed. Through multiple iterations, the security of the password chip in the whole design process can be ensured, and the trial-and-error cost in the code development process is reduced.
In some embodiments, as shown in fig. 10, the step S702 includes:
s801, generating the side channel variable value set according to the plurality of groups of plaintext and the plurality of groups of secret keys.
S802, calculating the correlation between the side channel variable value set and the chip-level side channel information, and generating a chip-level correlation result.
The calculation formula for calculating the correlation between the side channel variable value set and the chip-level side channel information is also
In some embodiments, the implementation of the step S702 may also be implemented with reference to fig. 3, and a specific implementation example may refer to an implementation example of the step S102, which will not be described in detail herein.
In some embodiments, as shown in fig. 11, the step S703 includes:
and S901, acquiring a chip-level maximum value of the chip-level correlation result.
S902, judging whether the chip-level maximum value exceeds a chip-level preset value, and if so, modifying and iterating at least one code of the chip-level implementation code, the FPGA-implementation code and the register-level implementation code.
It should be noted that the chip-level predetermined value may be 2×10 -5 . In some embodiments, reference may be made to FIG. 5, where in FIG. 5, the time is between 200ns and 250ns, with a chip-level maximum that exceeds a chip-level predetermined value of 2 x 10 -5 Therefore, at least one code of the chip implementation code, the FPGA implementation code, and the register transfer level implementation code needs to be iterated. In other embodiments, the predetermined value on chip may be other values, which may be set by those skilled in the art according to actual needs, and this is not limited herein.
In some embodiments, the cryptographic chip security detection method further comprises:
simulating an algorithm-level realization code of the target cipher chip according to the plurality of groups of plaintext and the plurality of groups of keys to generate algorithm-level side channel information;
counting the correlation of the side channel variable value set and the algorithm level side channel information to generate an algorithm level correlation result;
and judging whether to modify and iterate the algorithm stage realization codes according to the algorithm stage correlation result.
In some embodiments, the cryptographic chip security detection method further comprises:
simulating a circuit-level implementation code of the target cipher chip according to the plurality of groups of plaintext and the plurality of groups of keys to generate circuit-level side channel information;
counting the correlation between the side channel variable value set and the circuit-level side channel information to generate a circuit-level correlation result;
and judging whether to modify and iterate the circuit-level implementation code according to the circuit-level correlation result.
In some embodiments, the cryptographic chip security detection method includes:
simulating a register transmission level realization code of a target cipher chip according to a plurality of groups of plaintext and a plurality of groups of keys to generate register level side channel information;
counting the correlation between the side channel variable value set and the register level side channel information to generate a register level correlation result;
and judging whether to iterate at least one code of the algorithm stage implementation code, the circuit stage implementation code, the register transmission stage implementation code, the FPGA implementation code and the chip implementation code according to the register stage correlation result.
It should be mentioned that the register transfer level mentioned herein refers to an implementation form of a cryptographic algorithm described from the register transfer level using a hardware description language; the FPGA level refers to a circuit level cryptographic algorithm implementation form realized by FPGA hardware; the chip level refers to the implementation form of the cryptographic algorithm IP in an actual chip; algorithm level refers to an implementation of a cryptographic algorithm described from algorithm level using a high-level language; the circuit level refers to an implementation form of the circuit level after logical synthesis using a cryptographic algorithm described in a hardware description language.
Although embodiments of the present application have been disclosed above, it is not limited to the details and embodiments shown and described, it is well suited to various fields of use for which the application would be readily apparent to those skilled in the art, and accordingly, the application is not limited to the specific details and illustrations shown and described herein, without departing from the general concepts defined in the claims and their equivalents.
Claims (6)
1. The method for detecting the security of the cipher chip is characterized by comprising the following steps:
simulating a register transmission stage realization code of a target cipher chip according to a plurality of groups of plaintext and a plurality of groups of keys to generate register transmission stage side channel information;
counting the correlation between the variable value set of the side channel and the information of the transmission level side channel of the register, and generating a correlation result of the transmission level of the register;
judging whether to modify and iterate the register transmission stage realization codes according to the register transmission stage correlation result;
the step of generating a register transmission level correlation result comprises generating the side channel variable value set according to the plurality of groups of plaintext and the plurality of groups of secret keys; calculating the correlation between the side channel variable value set and the register transmission level side channel information to generate a register transmission level correlation result;
the calculation formula for calculating the correlation between the side channel variable value set and the register transmission level side channel information is as followsWherein D represents the group number of the plaintext, D represents the transmission-level side channel information of the D-th register, i represents the time point, h d,i Side channel variable value set representing the d-th register transmission stage side channel information at time i,/>Represents the average of all side channel variable values at time i, j represents the time point, t d,j Register transfer level side channel information representing the d-th group plaintext time j +.>The average value of all the register transmission stage side channel information at the time j is represented.
2. The cryptographic chip security detection method according to claim 1, wherein the step of determining whether to modify iterated the register transfer level implementation code according to the register transfer level correlation result comprises:
acquiring a register transmission level maximum value of the register transmission level correlation result;
and judging whether the maximum value of the register transmission level exceeds a preset value of the register transmission level, and if so, carrying out modification iteration on the register transmission level realization code.
3. The cryptographic chip security detection method according to claim 1, further comprising:
acquiring FPGA-level side channel information generated by using FPGA to realize codes according to a plurality of groups of plaintext and a plurality of groups of secret keys;
counting the correlation between the side channel variable value set and the FPGA-level side channel information to generate an FPGA-level correlation result;
and judging whether to modify and iterate the FPGA implementation code and/or the register transmission level implementation code according to the FPGA level correlation result.
4. The method for detecting security of a cryptographic chip according to claim 3, wherein the step of determining whether to modify and iterate the FPGA implementation code and/or the register transfer level implementation code according to the FPGA level correlation result comprises:
acquiring an FPGA-level maximum value of the FPGA-level correlation result;
and judging whether the maximum value of the FPGA level exceeds a preset value of the FPGA level, and if so, modifying and iterating the FPGA implementation code and/or the register transmission level implementation code.
5. A cryptographic chip security detection method according to claim 1 or 3, further comprising:
acquiring chip-level side channel information generated by a target cipher chip according to a plurality of groups of plaintext and a plurality of groups of keys;
counting the correlation between the side channel variable value set and the chip-level side channel information to generate a chip-level correlation result;
and judging whether to modify and iterate at least one code of the chip implementation code, the FPGA implementation code and the register transmission level implementation code according to the chip-level correlation result.
6. The method for detecting security of a cryptographic chip according to claim 5, wherein the step of determining whether to modify and iterate at least one of a chip implementation code, an FPGA implementation code, and a register transfer level implementation code according to the chip level correlation result comprises:
acquiring a chip-level maximum value of the chip-level correlation result;
and judging whether the chip-level maximum value exceeds a chip-level preset value, and if so, modifying and iterating at least one code of the chip implementation code, the FPGA implementation code and the register transmission-level implementation code.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210053967.0A CN114328269B (en) | 2022-01-18 | 2022-01-18 | Password chip security detection method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210053967.0A CN114328269B (en) | 2022-01-18 | 2022-01-18 | Password chip security detection method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN114328269A CN114328269A (en) | 2022-04-12 |
| CN114328269B true CN114328269B (en) | 2023-09-15 |
Family
ID=81029652
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210053967.0A Active CN114328269B (en) | 2022-01-18 | 2022-01-18 | Password chip security detection method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114328269B (en) |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP2010135881A (en) * | 2008-12-02 | 2010-06-17 | Nec Corp | Device, method and program for evaluating side-channel attack resistance |
| CN104657680A (en) * | 2013-11-20 | 2015-05-27 | 上海华虹集成电路有限责任公司 | In-chip template attack resisting data transmission method |
| CN104796250A (en) * | 2015-04-11 | 2015-07-22 | 成都信息工程学院 | Side channel attack method for implementation of RSA (Rivest, Shamir and Adleman) cipher algorithms M-ary |
| CN106656459A (en) * | 2016-11-17 | 2017-05-10 | 大唐微电子技术有限公司 | Side channel energy analysis method and device for SM3-HMAC |
| CN106850203A (en) * | 2017-02-22 | 2017-06-13 | 北京智慧云测科技有限公司 | The security assessment method and device of cryptographic algorithm |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| KR101418962B1 (en) * | 2009-12-11 | 2014-07-15 | 한국전자통신연구원 | Secure device and method for preventing side chnannel attack |
-
2022
- 2022-01-18 CN CN202210053967.0A patent/CN114328269B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP2010135881A (en) * | 2008-12-02 | 2010-06-17 | Nec Corp | Device, method and program for evaluating side-channel attack resistance |
| CN104657680A (en) * | 2013-11-20 | 2015-05-27 | 上海华虹集成电路有限责任公司 | In-chip template attack resisting data transmission method |
| CN104796250A (en) * | 2015-04-11 | 2015-07-22 | 成都信息工程学院 | Side channel attack method for implementation of RSA (Rivest, Shamir and Adleman) cipher algorithms M-ary |
| CN106656459A (en) * | 2016-11-17 | 2017-05-10 | 大唐微电子技术有限公司 | Side channel energy analysis method and device for SM3-HMAC |
| CN106850203A (en) * | 2017-02-22 | 2017-06-13 | 北京智慧云测科技有限公司 | The security assessment method and device of cryptographic algorithm |
Also Published As
| Publication number | Publication date |
|---|---|
| CN114328269A (en) | 2022-04-12 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Yu et al. | A lightweight masked AES implementation for securing IoT against CPA attacks | |
| Sahari et al. | A pseudo-random numbers generator based on a novel 3D chaotic map with an application to color image encryption | |
| Liu et al. | An image encryption algorithm based on Baker map with varying parameter | |
| Boriga et al. | A new hyperchaotic map and its application in an image encryption scheme | |
| Azzaz et al. | Synchronized hybrid chaotic generators: Application to real-time wireless speech encryption | |
| EP2228941B1 (en) | Encryption processing apparatus | |
| Liu et al. | A stream cipher algorithm based on 2D coupled map lattice and partitioned cellular automata | |
| Al-Hazaimeh | A new speech encryption algorithm based on dual shuffling Hénon chaotic map | |
| Cheng et al. | An asymmetric image cryptosystem based on the adaptive synchronization of an uncertain unified chaotic system and a cellular neural network | |
| US11936768B2 (en) | Obfuscating cryptographic parameters used in elliptical curve cryptography, and related systems and devices | |
| CN106656459A (en) | Side channel energy analysis method and device for SM3-HMAC | |
| Karawia | Image encryption based on fisher‐yates shuffling and three dimensional chaotic economic map | |
| Crocetti et al. | A simulated approach to evaluate side-channel attack countermeasures for the Advanced Encryption Standard | |
| CN112260818A (en) | Side channel curve enhancement method, side channel attack method and side channel attack device | |
| Sbiaa et al. | High-level implementation of a chaotic and AES based crypto-system | |
| Liu et al. | Machine learning-based similarity attacks for chaos-based cryptosystems | |
| CN114328269B (en) | Password chip security detection method | |
| Ma et al. | Improved conditional differential attacks on Grain v1 | |
| Othman et al. | Implementation of neural-cryptographic system using FPGA | |
| Liu et al. | Characteristics of 3D coupled map lattice and its application in pseudo-random number generator | |
| De Meyer | Cryptography in the presence of physical attacks: Design, implementation and analysis | |
| Tolba et al. | Hardware speech encryption using a chaotic generator, dynamic shift and bit permutation | |
| Joye | Basics of side-channel analysis | |
| CN102201912A (en) | Blind recognition method for self-synchronization scrambling code generation polynomial | |
| Hoang et al. | Deep learning enhanced side channel analysis on crystals-kyber |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |