CN116361869A - Safety chip photon-proof detection method based on cyclic reset - Google Patents
Safety chip photon-proof detection method based on cyclic reset Download PDFInfo
- Publication number
- CN116361869A CN116361869A CN202310341261.9A CN202310341261A CN116361869A CN 116361869 A CN116361869 A CN 116361869A CN 202310341261 A CN202310341261 A CN 202310341261A CN 116361869 A CN116361869 A CN 116361869A
- Authority
- CN
- China
- Prior art keywords
- key
- sensitive
- input
- cyclic
- photon
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 125000004122 cyclic group Chemical group 0.000 title claims abstract description 21
- 238000001514 detection method Methods 0.000 title claims abstract description 13
- 230000005855 radiation Effects 0.000 claims abstract description 39
- 238000000034 method Methods 0.000 claims description 9
- 230000010354 integration Effects 0.000 claims description 5
- 230000008859 change Effects 0.000 claims description 2
- 230000003287 optical effect Effects 0.000 description 4
- 239000000969 carrier Substances 0.000 description 2
- 238000005336 cracking Methods 0.000 description 2
- 238000010586 diagram Methods 0.000 description 2
- 230000005684 electric field Effects 0.000 description 2
- 239000002184 metal Substances 0.000 description 2
- 239000000758 substrate Substances 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000002265 prevention Effects 0.000 description 1
- 230000008569 process Effects 0.000 description 1
- 239000000523 sample Substances 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
- G06F21/76—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in application-specific integrated circuits [ASIC] or field-programmable devices, e.g. field-programmable gate arrays [FPGA] or programmable logic devices [PLD]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
Abstract
The invention discloses a security chip photon-proof detection method based on cyclic reset, which comprises the following steps: when the chip does not use the key, all the sensitive logic gates of the key use passage carry out long-time cyclic 0/1 reset assignment, when the chip uses the key, the key use passage is switched to the input key, and as the sensitive transistors of all the sensitive logic gates of the key use passage carry out photon radiation in a cyclic manner, the same integral photon radiation image appears outwards under different input key conditions, and an attacker cannot judge the final state of the logic gates according to the photon radiation image, so that the chip is ensured not to be cracked by photoelectric detection.
Description
Technical Field
The invention relates to the technical field of information security, in particular to a security chip photon-proof detection method based on cyclic reset.
Background
Nowadays, security chips are vulnerable to semi-invasive attacks such as electromagnetic analysis and optical analysis, in addition to threats from invasive attacks such as reverse engineering and probe detection. The optical analysis is mainly to judge the final state of the logic gate by detecting whether photon radiation occurs in the process of turning over the logic gate. When the transistor enters the saturation region, the channel does not extend completely to the drain, but a space charge region appears in the region close to the drain, and because the electric field strength of the space charge region is relatively high, when carriers pass through the space charge region, the high electric field accelerates the carriers and simultaneously emits photons. And because the mobility of the current carrier in the NMOS tube is larger than that of the PMOS tube, the final state of the logic gate can be judged by detecting whether photon radiation occurs in the region where the NMOS tube in the logic gate is positioned or not to judge whether the NMOS enters a saturation region or not and combining the state before the logic gate. Taking an inverter as an example, as shown in fig. 1, if the state of the inverter input a after the circuit is reset is "0", when a is turned to "1", MN1 will enter the saturation region from the cut-off region first and finally enter the linear region, so that the MN1 tube experiences the saturation region when a is turned to "1" from "0", and photons will be radiated. Thus, the final state of A can be determined based on whether the region of NMOS tube MN1 detects photon radiation: if photon radiation is detected, then the A final state is "1", otherwise, the A final state is "0".
Although the photon radiation probability of the transistor is lower in an actual circuit, the photon radiation condition of the sensitive transistor can be accumulated for a plurality of times by adopting a long-time integral mode, so that the optical analysis and the cracking can be very effectively carried out.
It can be seen that an attacker can obtain the final key by long-time optical analysis of the digital circuit (e.g. registers or combinational logic gates) using the key, even without directly cracking the key storage circuit. Although for a chip, the multi-layer metal interconnection lines covered on the transistors can absorb and reflect a part of photons emitted by the transistors to a certain extent, so that the risk of light analysis is reduced, photon radiation still cannot be completely eliminated, and furthermore, more dangerous is that an attacker can perform light analysis on the transistors in the direction of the chip substrate because the direction of the chip substrate is not provided with any metal interconnection lines, so that the security chip has a very high risk of being broken by the light analysis.
Therefore, in order to avoid the threat of light analysis to the safety chip, the invention provides a cyclic reset technology, and through resetting the initial state of the logic gate for a plurality of times and 0/1 cycles, all transistors show photon radiation outwards under the condition of long-time integration, so that an attacker cannot judge the final state of the logic gate according to whether the transistors radiate photons or not.
Disclosure of Invention
The invention provides a secure chip photon-proof detection method based on cyclic reset, which aims at the problems in the background art, namely, when a chip does not use a secret key, all sensitive logic gates of a secret key use path carry out long-time 0/1 cyclic reset assignment, and when the chip uses the secret key, the secret key use path is switched to an input secret key. Because the key uses the sensitive transistors of all the sensitive logic gates of the access to circularly carry out photon radiation, the key presents the same integral photon radiation image outwards under the condition of different input keys, and an attacker cannot judge the final state of the logic gates according to the photon radiation image so as to ensure that the chip is not cracked by photoelectric detection.
In order to achieve the above purpose, the present invention adopts the following scheme:
the method for preventing the photon detection of the safety chip based on the cyclic reset is characterized by comprising the following steps of: when the chip does not use the key, the key is not connected to a key using passage, 0/1 of cyclical change is used as a key input key using passage, all sensitive logic gates of the key using passage carry out long-time cyclical 0/1 reset assignment, the sensitive transistors of the sensitive logic gates continuously enter a saturation region, the same photon radiation state is presented to the outside under the condition of long-time integration, and the initial state of the sensitive logic gates cannot be judged according to the photon radiation condition; when the chip uses the key, the key is accessed to the key use passage, and all the sensitive logic gates are switched to a normal working state; because the initial state is unknown, an attacker cannot judge the final state of the logic gate according to whether the transistor radiates photons or not, and further cannot acquire the secret key of the security chip.
The product of the cyclic variation 0/1 variation frequency and the photon radiation probability of the transistor in the sensitive logic gate of the key use path is larger than 1, so that the photon number radiated by the transistor in unit time is large enough to be effectively captured.
The 0/1 of the cyclical variation input to the key using path and the key are switched seamlessly, when the key is not used, the 0/1 of the cyclical variation is input to the key using path, and when the key is used, the input of the key using path is switched to the input of the key immediately.
The key usage path refers to all logic circuits directly or indirectly connected with the key, and when the key is changed, the states of the logic circuits are changed.
The beneficial effects of the invention are as follows:
the invention replaces the input key with the high-frequency circularly-changed 0/1 data to carry out circularly 0/1 reset assignment on the key using circuit, so that when the chip does not use the key, the sensitive transistor in the sensitive logic gate of the key using passage presents the same integral photon radiation condition to the outside; when the chip uses the secret key, the input secret key is quickly input to the secret key using circuit, no matter the value of the input secret key, the sensitive transistor still presents the same integral photon radiation condition to the outside, so that an attacker deduces the final state of the logic gate according to the photon radiation condition, namely the secret key value of the security chip cannot be obtained. The photon-proof detection method for the security chip based on the cyclic 0/1 reset can effectively resist photon radiation analysis and fully ensure the security of the chip.
Drawings
Fig. 1 is a schematic diagram of transistor photon radiation in a sensitive logic gate of an inverter.
FIG. 2 is a schematic diagram of D flip-flop cycle 0/1 reset according to the present invention.
Detailed Description
The present invention is further described below with reference to the drawings and specific examples of embodiments, examples of which are illustrated in the drawings, wherein the same or similar reference numerals refer to the same or similar elements or elements having the same or similar functions throughout. The embodiments described below are exemplary and intended to illustrate the present invention and should not be construed as limiting the invention, but any modifications, equivalent substitutions or improvements made within the spirit and principles of the present invention should be included within the scope of the claims of the present invention, which are not described in detail in the present technical solution.
Taking an inverter as an example, as shown in fig. 1, if the state of the inverter input a after the circuit is reset is "0", when a is turned to "1", MN1 will enter the saturation region from the cut-off region first and finally enter the linear region, so that the MN1 tube experiences the saturation region when a is turned to "1" from "0", and photons will be radiated. Thus, the final state of A can be determined based on whether the region of NMOS tube MN1 detects photon radiation: if photon radiation is detected, then the A final state is "1", otherwise, the A final state is "0".
Implementation example: as shown in figure 2, the input signal of the key use path is controlled by an enable signal EN, when the chip does not use the key, EN is 1, and the circularly changed 0/1 signal is accessed to the input end of the key use path; the 0/1 signal of the cyclic variation is obtained by the clock through frequency division, and as the input signal is continuously circularly changed between 0 and 1 at the moment, the input of the sensitive logic gate which is directly or indirectly related to the input signal in the key use path is continuously changed, so that the sensitive transistor in the sensitive logic gate continuously radiates photons; taking an inverter directly connected with an input signal in a key use path as an example, as the grid electrode of an NMOS transistor in the inverter continuously circularly changes between 0 and 1, the NMOS transistor continuously enters a saturation region, and photons are radiated outwards with a certain probability each time the NMOS transistor enters the saturation region. If the product of the cyclic variation 0/1 variation frequency and the photon radiation probability of the transistor in the sensitive logic gate of the key using path is greater than 1, that is, the cyclic variation 0/1 variation frequency is greater than the inverse of the photon radiation probability of the transistor, the number of photons of the transistor to external radiation is greater than 1 in unit time, and a photon radiation image with enough effective resolution is presented to the outside under the condition of long-time integration, the image is irrelevant to the original input key of the chip, and the image is presented every time the key is not used.
When the chip needs to use the input key, EN is 0, the input password is connected to the input end of the key use path, and the circuit works normally. At this time, even though the possible photon radiation condition is caused by the fact that the sensitive transistor enters the saturation region once due to the unknown value of the input key at the switching moment, the photon radiation is not generated after the switching is completed due to the fact that the input key value is stable, under the test condition of long-time integration, the photon radiation which can be generated at the switching moment is directly fused into a large quantity of photon radiation before the switching, an attacker cannot independently analyze the photon radiation condition at the switching moment, and further cannot analyze the final states of the transistor and the logic gate. In addition, the specific value of the input 0/1 signal at the switching moment is unknown, and the difficulty of photon analysis is further increased.
It can be seen that the photon radiation prevention detection method based on cyclic reset can effectively disturb the photon radiation condition of the key use circuit in the initial state, so that an attacker cannot judge the final state of the logic gate according to the photon radiation condition when carrying out long-time integral photographic detection on the transistor, thereby realizing effective protection of the security chip.
Claims (4)
1. The method for preventing the photon detection of the safety chip based on the cyclic reset is characterized by comprising the following steps of: when the chip does not use the key, the key is not connected to a key using passage, 0/1 of cyclical change is used as a key input key using passage, all sensitive logic gates of the key using passage carry out long-time cyclical 0/1 reset assignment, the sensitive transistors of the sensitive logic gates continuously enter a saturation region, the same photon radiation state is presented to the outside under the condition of long-time integration, and the initial state of the sensitive logic gates cannot be judged according to the photon radiation condition; when the chip uses the key, the key is accessed to the key use passage, and all the sensitive logic gates are switched to a normal working state; because the initial state is unknown, an attacker cannot judge the final state of the logic gate according to whether the transistor radiates photons or not, and further cannot acquire the secret key of the security chip.
2. The method for detecting the photons of the security chip based on the cyclic reset according to claim 1, wherein the method comprises the following steps: the product of the cyclic variation 0/1 variation frequency and the photon radiation probability of the transistor in the sensitive logic gate of the key use path is larger than 1, so that the photon number radiated by the transistor in unit time is large enough to be effectively captured.
3. The method for detecting the photons of the security chip based on the cyclic reset according to claim 1 or 2, wherein the method comprises the following steps: the 0/1 of the cyclical variation input to the key using path and the key are switched seamlessly, when the key is not used, the 0/1 of the cyclical variation is input to the key using path, and when the key is used, the input of the key using path is switched to the input of the key immediately.
4. The method for detecting the photons of the security chip based on the cyclic reset according to claim 1 or 2, wherein the method comprises the following steps: the key use path refers to all logic circuits directly or indirectly connected with the key, and when the key is changed, the state of the logic circuits is changed.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202310341261.9A CN116361869A (en) | 2023-03-31 | 2023-03-31 | Safety chip photon-proof detection method based on cyclic reset |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202310341261.9A CN116361869A (en) | 2023-03-31 | 2023-03-31 | Safety chip photon-proof detection method based on cyclic reset |
Publications (1)
Publication Number | Publication Date |
---|---|
CN116361869A true CN116361869A (en) | 2023-06-30 |
Family
ID=86923219
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202310341261.9A Pending CN116361869A (en) | 2023-03-31 | 2023-03-31 | Safety chip photon-proof detection method based on cyclic reset |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN116361869A (en) |
-
2023
- 2023-03-31 CN CN202310341261.9A patent/CN116361869A/en active Pending
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Das et al. | STELLAR: A generic EM side-channel attack protection through ground-up root-cause analysis | |
US10778679B2 (en) | Secure semiconductor chip and operating method thereof | |
US8350574B2 (en) | Circuit for detecting malfunction generation attack and integrated circuit using the same | |
US9523736B2 (en) | Detection of fault injection attacks using high-fanout networks | |
Ngo et al. | Hardware Trojan detection by delay and electromagnetic measurements | |
Vashistha et al. | Detecting hardware trojans inserted by untrusted foundry using physical inspection and advanced image processing | |
He et al. | Cheap and cheerful: A low-cost digital sensor for detecting laser fault injection attacks | |
Matsuda et al. | On-chip substrate-bounce monitoring for laser-fault countermeasure | |
Li et al. | Heavy-ion microbeam fault injection into SRAM-based FPGA implementations of cryptographic circuits | |
US20210049266A1 (en) | System and method for triggering and detecting hardware trojans | |
Rahman et al. | Backside security assessment of modern SoCs | |
Matsuda et al. | An IC-level countermeasure against laser fault injection attack by information leakage sensing based on laser-induced opto-electric bulk current density | |
Jain et al. | Special session: Novel attacks on logic-locking | |
CN111095004B (en) | Detection circuit, safety chip and electronic equipment of electromagnetic fault injection | |
US11546132B2 (en) | Detection of laser fault injection attacks on cryptographic devices | |
Lee et al. | Robust secure shield architecture for detection and protection against invasive attacks | |
Sugawara et al. | Side-channel leakage from sensor-based countermeasures against fault injection attack | |
CN116361869A (en) | Safety chip photon-proof detection method based on cyclic reset | |
JP4759085B2 (en) | Component with integrated circuit having crypto processor and method of installing the same | |
JP2008198700A (en) | Semiconductor integrated circuit device | |
Galathy et al. | A systematic approach to fault attack resistant design | |
Breier et al. | Extensive laser fault injection profiling of 65 nm FPGA | |
US20230124622A1 (en) | Alarm Systems and Circuits | |
Loubet-Moundi et al. | Static fault attacks on hardware des registers | |
Zabib et al. | Vulnerability of secured IoT memory against localized back side laser fault injection |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination |