CN114816867A - FPGA-based fault injection password target implementation system and method - Google Patents
FPGA-based fault injection password target implementation system and method Download PDFInfo
- Publication number
- CN114816867A CN114816867A CN202110063628.6A CN202110063628A CN114816867A CN 114816867 A CN114816867 A CN 114816867A CN 202110063628 A CN202110063628 A CN 202110063628A CN 114816867 A CN114816867 A CN 114816867A
- Authority
- CN
- China
- Prior art keywords
- fpga
- circuit
- module
- fault injection
- implementation system
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000002347 injection Methods 0.000 title claims abstract description 38
- 239000007924 injection Substances 0.000 title claims abstract description 38
- 238000000034 method Methods 0.000 title claims abstract description 27
- 238000002955 isolation Methods 0.000 claims abstract description 29
- 230000008878 coupling Effects 0.000 claims abstract description 15
- 238000010168 coupling process Methods 0.000 claims abstract description 15
- 238000005859 coupling reaction Methods 0.000 claims abstract description 15
- 230000003287 optical effect Effects 0.000 claims abstract description 15
- 238000006243 chemical reaction Methods 0.000 claims abstract description 5
- 238000004422 calculation algorithm Methods 0.000 claims description 16
- 230000008569 process Effects 0.000 claims description 6
- 238000005336 cracking Methods 0.000 claims description 2
- 238000011156 evaluation Methods 0.000 abstract description 3
- 238000013461 design Methods 0.000 abstract description 2
- 238000011161 development Methods 0.000 description 8
- 238000005516 engineering process Methods 0.000 description 3
- 230000009286 beneficial effect Effects 0.000 description 2
- 238000010586 diagram Methods 0.000 description 2
- 230000009545 invasion Effects 0.000 description 2
- 238000007781 pre-processing Methods 0.000 description 2
- 238000012545 processing Methods 0.000 description 2
- 238000007619 statistical method Methods 0.000 description 2
- 230000002159 abnormal effect Effects 0.000 description 1
- 230000006399 behavior Effects 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 230000007123 defense Effects 0.000 description 1
- 238000002474 experimental method Methods 0.000 description 1
- 238000003973 irrigation Methods 0.000 description 1
- 230000002262 irrigation Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000035945 sensitivity Effects 0.000 description 1
- 238000012360 testing method Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/22—Detection or location of defective computer hardware by testing during standby operation or during idle time, e.g. start-up testing
- G06F11/2205—Detection or location of defective computer hardware by testing during standby operation or during idle time, e.g. start-up testing using arrangements specific to the hardware being tested
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/22—Detection or location of defective computer hardware by testing during standby operation or during idle time, e.g. start-up testing
- G06F11/26—Functional testing
- G06F11/263—Generation of test inputs, e.g. test vectors, patterns or sequences ; with adaptation of the tested hardware for testability with external testers
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
- G06F21/76—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in application-specific integrated circuits [ASIC] or field-programmable devices, e.g. field-programmable gate arrays [FPGA] or programmable logic devices [PLD]
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- Computer Security & Cryptography (AREA)
- General Physics & Mathematics (AREA)
- Software Systems (AREA)
- Health & Medical Sciences (AREA)
- Quality & Reliability (AREA)
- General Health & Medical Sciences (AREA)
- Virology (AREA)
- Bioethics (AREA)
- Microelectronics & Electronic Packaging (AREA)
- Mathematical Physics (AREA)
- Storage Device Security (AREA)
Abstract
The invention provides a fault injection password target implementation system and method based on an FPGA. The FPGA-based fault injection password target implementation system comprises a DC/DC isolation module, a DC/DC power supply module, an optical coupling isolation module, an FPGA nuclear circuit, a USB serial port conversion module, a reset input circuit, a trigger output circuit, a JTAG download circuit, a reset circuit, a clock burr circuit, a voltage burr circuit and a FLASH storage, wherein the DC/DC isolation module is a DC/DC voltage conversion module, the DC/DC isolation module is connected with the DC/DC power supply module, and the DC/DC power supply module is connected with the optical coupling isolation module and the FPGA nuclear circuit. The fault injection password target implementation system and method based on the FPGA have the advantages of being reasonable in design, capable of obtaining error information leaked by the FPGA and analyzing the error information, thereby obtaining a correct key result and providing support for effective evaluation of the fault attack resistance of password equipment.
Description
Technical Field
The invention relates to the technical field of password equipment irrigation, in particular to a fault injection password target implementation system and method based on an FPGA.
Background
With the popularization of information devices, cryptographic chips are widely used in the fields of finance, commerce, medical treatment, education, and the like, and security problems caused by the cryptographic chips are also highlighted. At present, a cryptographic algorithm is mature, a vulnerability of the cryptographic algorithm is researched on a mathematical level, and the possibility of breaking the cryptographic algorithm is low, but the security of the cryptographic chip can be greatly threatened by collecting and analyzing the running time, energy, clock and the like of the core on a physical level. By injecting physical faults into the encryption chip, the chip is enabled to carry out abnormal encryption, and an attacker can carry out differential analysis by using the encrypted ciphertext to obtain corresponding key information.
The external physical interference can attack the cipher chip in 3 modes of invasion, semi-invasion or non-invasion, wherein physical changes of temperature, ray, voltage, electromagnetism and the like can be used as means for attacking the encryption of the chip. When the power supply voltage is too high or too low, the chip arithmetic logic operation instruction, the storage read-write instruction and the judgment instruction can be tampered, and wrong execution occurs. The voltage burr is used as a non-invasive attack mode, the concealment is strong, the voltage burr is formed by debugging chip power supply voltage, a specific burr voltage is injected into a power supply section of the password chip, the password chip can wrongly execute an instruction, mistaken encryption is carried out, and a wrong ciphertext is output. By setting the burr delay, amplitude and width, the voltage burr can attack a certain round of the cryptographic algorithm, and the purpose of fault injection is achieved. Because the chip hardware structure has different sensitivity degrees to different voltage values, the effective attack voltages corresponding to different chips are different. The voltage fault injection attack needs to clearly attack the first round in advance and debug the pulse width and the voltage value which can be effectively attacked.
The technical scheme of the prior art I is as follows:
the password product is generally realized based on an electronic technology, the traditional fault injection password target is based on attack on a password security chip, however, the password chip is mainly applied to products such as an intelligent IC card, an encryption machine and the like, the password chip is subjected to external interference or artificial introduced faults including voltage burrs, clock burrs, laser, electromagnetic injection and the like in the operation process, so that the operation module has register faults or operation errors, and the fault injection attack is a method for obtaining a secret key by using the fault information attack generated by the fault behaviors.
The first prior art has the following defects:
the internal circuit of a common cryptographic chip is based on a CMOS process, and all operations of the cryptographic chip are realized by state changes of gate circuits. The traditional security chip is applied to products such as an intelligent IC card, an encryption machine and the like, and provides functions such as payment authentication, encryption communication and the like. The password chip is a chip for storing a password algorithm, and if the encryption level is not high, the password chip is easy to be reversed by a person, and then the password is obtained. The current attacks still mainly focus on resource-limited cryptographic integrated circuits represented by smart cards, and many attack methods rely on details of algorithm implementation or defense methods, which are difficult in most resource-limited attacks. Therefore, there is a need to provide a new implementation of fault injection password target based on FPGA to solve the above technical problems.
Therefore, it is necessary to provide a new FPGA-based fault injection cryptographic target implementation system and method to solve the above technical problems.
Disclosure of Invention
The technical problem to be solved by the invention is to provide a fault injection password target implementation system and method based on FPGA, which has reasonable design, can avoid being analyzed reversely, solves the problems of insufficient resources, high operation speed and high flexibility, provides higher safety, can integrate various encryption and decryption algorithms into a whole and can analyze out a secret key quickly.
In order to solve the technical problem, the fault injection password target implementation system and method based on the FPGA provided by the invention comprise:
the DC/DC isolation module is a DC direct current voltage conversion module, the DC/DC isolation module is connected with the DC/DC power supply module, the DC/DC power supply module is connected with the optical coupling isolation module and the FPGA nuclear power circuit, the optical coupling isolation module is connected with the FPGA nuclear power circuit, the USB to serial port module, the reset input circuit, the trigger input circuit and the trigger output circuit are connected with the optical coupling isolation module, and the USB to serial port module is connected with the DC/DC isolation module, the JTAG downloading circuit, the reset circuit, the clock burr circuit, the voltage burr circuit and the FLASH storage are connected with the FPGA core circuit.
Preferably, the FPGA core circuit is an EP4 series chip of ALTERA written with AES \ RSA \ DES \ SM4\ SM2 algorithm.
Preferably, the optical coupling isolation module is a chip adopting optical coupling isolation.
Preferably, the clock glitch circuit and the voltage glitch circuit are an external input glitch-containing clock and voltage.
Preferably, the USB to serial port module is a chip using a USB to serial port.
Preferably, the reset input circuit supports an externally input reset signal of 5V/3.3V.
Preferably, the trigger output circuit is a trigger signal supporting output of 5V/3.3V.
Preferably, the output voltage of the DC/DC power supply module is 3.3V, 2.5V, 1.2V and 1.0V.
A fault injection password target implementation method based on FPGA comprises the following two steps:
s1, sending a random plaintext through a serial port, and executing a corresponding cryptographic algorithm to obtain a correct ciphertext;
and S2, introducing a precisely controllable clock or voltage burr in the power-on running process to make the chip generate specific errors during operation, and analyzing and cracking out the sensitive information such as correct keys.
Compared with the related technology, the fault injection password target implementation system and method based on the FPGA have the following beneficial effects:
the invention provides a fault injection password target implementation system and method based on FPGA, which can help a user to quickly detect a leakage point and quickly evaluate an attack strategy, is a powerful tool for the user to carry out fault injection analysis, carries out statistical analysis and complex mathematical processing on an acquired track signal through ICAttack powerful analysis software, and finally presents a final analysis result to the user in an interface display mode to help the user to realize development and implementation of self functions; when a user has own special algorithm requirements or other module requirements (such as a preprocessing module, a leakage model and the like), the user can completely realize free development through the platform, integrate own functions, realize personalized function customization, provide a completely open development environment, meet the secondary development requirements of the user and provide support for effective evaluation of the fault attack resistance capability of the password equipment.
Drawings
FIG. 1 is a block diagram of a fault injection password target implementation system based on FPGA provided by the present invention;
fig. 2 is a flowchart of encryption operation execution in the method for implementing fault injection coded target based on FPGA according to the present invention.
Detailed Description
The invention is further described with reference to the following figures and embodiments.
Please refer to fig. 1 and fig. 2 in combination, wherein fig. 1 is a block diagram of the FPGA-based fault injection cryptographic target implementation system provided in the present invention; fig. 2 is a flowchart of encryption operation execution in the method for implementing fault injection coded target based on FPGA according to the present invention. The fault injection password target implementation system and method based on the FPGA comprise the following steps:
the DC/DC isolation module is a DC direct current voltage conversion module, the DC/DC isolation module is connected with the DC/DC power supply module, the DC/DC power supply module is connected with the optical coupling isolation module and the FPGA nuclear power circuit, the optical coupling isolation module is connected with the FPGA nuclear power circuit, the USB to serial port module, the reset input circuit, the trigger input circuit and the trigger output circuit are connected with the optical coupling isolation module, and the USB to serial port module is connected with the DC/DC isolation module, the JTAG downloading circuit, the reset circuit, the clock burr circuit, the voltage burr circuit and the FLASH storage are connected with the FPGA core circuit.
The FPGA core circuit is an EP4 series chip of ALTERA written with AES \ RSA \ DES \ SM4\ SM2 algorithm.
The optical coupling isolation module is a chip adopting optical coupling isolation.
The clock burr circuit and the voltage burr circuit are an external input clock and voltage with burrs.
The USB-to-serial port module is a chip adopting a USB-to-serial port.
The reset input circuit is used for supporting an externally input reset signal of 5V/3.3V.
The trigger output circuit supports outputting 5V/3.3V trigger signals.
The output voltage of the DC/DC power supply module is 3.3V, 2.5V, 1.2V and 1.0V.
A fault injection password target implementation method based on FPGA comprises the following two steps:
s1, sending a random plaintext through a serial port, and executing a corresponding cryptographic algorithm to obtain a correct ciphertext;
and S2, introducing a precisely controllable clock or voltage burr in the power-on running process to make the chip generate specific errors in operation and analyze and crack out sensitive information such as correct keys.
In the S1, the password target based on the FPGA core circuit is connected to a PC port through a USB connecting line, corresponding parameters are set, a test attack script code compiled by an upper computer is operated, a random plaintext is sent through a serial port, after the password target receives the plaintext, a trigger signal is generated, encryption operation of the random plaintext and a fixed key is firstly carried out, the upper computer receives a returned correct ciphertext, ciphertext information is automatically stored, and the execution is repeated for multiple times until the experiment is finished.
In the S2, the PC continuously sends random plaintext to the cipher target through the serial port, then displays the sent plaintext and the returned correct cipher text on the software interface, introduces precisely controllable voltage burr or clock burr signals on the pins of GND, VCC and CLK of the ARM at a certain position at a certain moment, so that the chip generates some wrong cipher texts under the condition of fault injection, records the cipher text information collected by the computer during each encryption and automatically stores the cipher text information. And then guiding the collected fault ciphertext data into a computer with ICAttack to carry out DFA attack, opening a differential error analysis tool, selecting a random fault attack model of a corresponding algorithm, and analyzing a correct key result.
Compared with the related technology, the fault injection password target implementation system and method based on the FPGA have the following beneficial effects:
the invention provides a fault injection password target implementation system and method based on FPGA, which can help a user to quickly detect a leakage point and quickly evaluate an attack strategy, is a powerful tool for the user to carry out fault injection analysis, carries out statistical analysis and complex mathematical processing on an acquired track signal through ICAttack powerful analysis software, and finally presents a final analysis result to the user in an interface display mode to help the user to realize development and implementation of self functions; when a user has own special algorithm requirements or other module requirements (such as a preprocessing module, a leakage model and the like), the user can completely realize free development through the platform, integrate own functions, realize personalized function customization, provide a completely open development environment, meet the secondary development requirements of the user and provide support for effective evaluation of the fault attack resistance capability of the password equipment.
The above description is only an embodiment of the present invention, and not intended to limit the scope of the present invention, and all modifications of equivalent structures and equivalent processes, which are made by using the contents of the present specification and the accompanying drawings, or directly or indirectly applied to other related technical fields, are included in the scope of the present invention.
Claims (9)
1. The utility model provides a fault injection password target implementation system based on FPGA which characterized in that includes:
the DC/DC isolation module is a DC direct current voltage conversion module, the DC/DC isolation module is connected with the DC/DC power supply module, the DC/DC power supply module is connected with the optical coupling isolation module and the FPGA nuclear power circuit, the optical coupling isolation module is connected with the FPGA nuclear power circuit, the USB to serial port module, the reset input circuit, the trigger input circuit and the trigger output circuit are connected with the optical coupling isolation module, and the USB to serial port module is connected with the DC/DC isolation module, the JTAG downloading circuit, the reset circuit, the clock burr circuit, the voltage burr circuit and the FLASH storage are connected with the FPGA core circuit.
2. The FPGA-based fault injection cryptographic target implementation system of claim 1, wherein the FPGA core circuit is an EP4 series chip of ALTERA written with AES \ RSA \ DES \ SM4\ SM2 algorithm.
3. The FPGA-based fault injection coded target implementation system of claim 1, wherein the optocoupler isolation module is a chip employing optocoupler isolation.
4. The FPGA-based fault injection cryptographic target implementation system of claim 1, wherein the clock glitch circuit and the voltage glitch circuit are external input glitched clocks and voltages.
5. The FPGA-based fault injection coded target implementation system of claim 1, wherein the USB to serial port module is a chip employing a USB to serial port.
6. The FPGA-based fault injection cryptographic target implementation system of claim 1, wherein the reset input circuit is a reset signal supporting external input of 5V/3.3V.
7. The FPGA-based fault injection cryptographic target implementation system of claim 1, wherein the trigger output circuit is a trigger signal supporting output of 5V/3.3V.
8. The FPGA-based fault injection coded target implementation system of claim 1, wherein the output voltage of the DC/DC power supply module is 3.3V, 2.5V, 1.2V and 1.0V.
9. The FPGA-based fault injection cryptographic target implementation method of claims 1-8, comprising the following two steps:
s1, sending a random plaintext through a serial port, and executing a corresponding cryptographic algorithm to obtain a correct ciphertext;
and S2, introducing a precisely controllable clock or voltage burr in the power-on running process to make the chip generate specific errors during operation, and analyzing and cracking out the sensitive information such as correct keys.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110063628.6A CN114816867A (en) | 2021-01-18 | 2021-01-18 | FPGA-based fault injection password target implementation system and method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110063628.6A CN114816867A (en) | 2021-01-18 | 2021-01-18 | FPGA-based fault injection password target implementation system and method |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN114816867A true CN114816867A (en) | 2022-07-29 |
Family
ID=82524572
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110063628.6A Pending CN114816867A (en) | 2021-01-18 | 2021-01-18 | FPGA-based fault injection password target implementation system and method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114816867A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116400199A (en) * | 2023-06-05 | 2023-07-07 | 中国汽车技术研究中心有限公司 | Chip clock burr fault injection cross-validation test method and device |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105281888A (en) * | 2015-11-05 | 2016-01-27 | 工业和信息化部电信研究院 | Fault injection method and fault injection device for password chips |
| CN110795900A (en) * | 2019-11-26 | 2020-02-14 | 北京智慧云测信息技术有限公司 | Intelligent burr design circuit |
-
2021
- 2021-01-18 CN CN202110063628.6A patent/CN114816867A/en active Pending
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105281888A (en) * | 2015-11-05 | 2016-01-27 | 工业和信息化部电信研究院 | Fault injection method and fault injection device for password chips |
| CN110795900A (en) * | 2019-11-26 | 2020-02-14 | 北京智慧云测信息技术有限公司 | Intelligent burr design circuit |
Non-Patent Citations (3)
| Title |
|---|
| 中国计算机学会微机专业委员会: "《2004年全国第五届嵌入式系统学术交流会论文集》", 30 September 2004, 北京航空航天大学出版社, pages: 436 * |
| 李德文: "《煤矿粉尘危害防控关键技术》", 30 September 2020, 东南大学出版社, pages: 177 - 178 * |
| 段晓毅, 李姣, 蒋桂秋: "智能卡电压故障注入攻击研究与实现", 《北京电子科技学院学报》, vol. 27, no. 3, 30 September 2019 (2019-09-30), pages 40 - 49 * |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116400199A (en) * | 2023-06-05 | 2023-07-07 | 中国汽车技术研究中心有限公司 | Chip clock burr fault injection cross-validation test method and device |
| CN116400199B (en) * | 2023-06-05 | 2023-09-15 | 中国汽车技术研究中心有限公司 | Chip clock burr fault injection cross-validation test method and device |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Limaye et al. | Is robust design-for-security robust enough? Attack on locked circuits with restricted scan chain access | |
| US8341475B2 (en) | Microprocessor comprising signature means for detecting an attack by error injection | |
| KR100966661B1 (en) | Method and apparatus for secure scan testing | |
| US10282552B1 (en) | Device blanking | |
| Korak et al. | Clock glitch attacks in the presence of heating | |
| Prinetto et al. | Hardware Security, Vulnerabilities, and Attacks: A Comprehensive Taxonomy. | |
| CN104777761B (en) | Realize the method and circuit of MCU securities | |
| Gamaarachchi et al. | Power analysis based side channel attack | |
| CN105095750A (en) | Method and device for analyzing attack on smart card chip | |
| CN104660466A (en) | Security testing method and system | |
| US20190197216A1 (en) | Method, apparatus, and computer-readable medium for executing a logic on a computing device and protecting the logic against reverse engineering | |
| CN114816867A (en) | FPGA-based fault injection password target implementation system and method | |
| Zhang et al. | BitFREE: On significant speedup and security applications of FPGA bitstream format reverse engineering | |
| CN105281888A (en) | Fault injection method and fault injection device for password chips | |
| Hutle et al. | Resilience against physical attacks | |
| Liu et al. | Fault Model Analysis of DRAM under Electromagnetic Fault Injection Attack | |
| Mezzah et al. | Assertion based on-line fault detection applied on UHF RFID tag | |
| Hummel | Exploring effects of electromagnetic fault injection on a 32-bit high speed embedded device microprocessor | |
| Hutter et al. | On the security of RFID devices against implementation attacks | |
| Mezzah et al. | Extensive fault emulation on RFID tags for fault tolerance and security evaluation | |
| Hériveaux | Black-box laser fault injection on a secure memory | |
| Kaur et al. | Analytical Classifications of Side Channel Attacks, Glitch Attacks and Fault Injection Techniques: Their Countermeasures | |
| Puschner et al. | Security Analysis of IoT Devices: From the system level to the logic level | |
| Skorobogatov | Hardware security evaluation of MAX 10 FPGA | |
| Desiraju | High Speed Clock Glitching |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |