CN116432252A - Anti-disclosure board card, anti-disclosure method and electronic equipment - Google Patents
Anti-disclosure board card, anti-disclosure method and electronic equipment Download PDFInfo
- Publication number
- CN116432252A CN116432252A CN202211721064.1A CN202211721064A CN116432252A CN 116432252 A CN116432252 A CN 116432252A CN 202211721064 A CN202211721064 A CN 202211721064A CN 116432252 A CN116432252 A CN 116432252A
- Authority
- CN
- China
- Prior art keywords
- card
- circuit
- wires
- disclosure
- chip
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title abstract description 25
- 239000000523 sample Substances 0.000 claims abstract description 55
- 238000005553 drilling Methods 0.000 claims abstract description 43
- 230000008859 change Effects 0.000 claims abstract description 19
- 230000002159 abnormal effect Effects 0.000 claims abstract description 13
- 239000002184 metal Substances 0.000 claims description 88
- 229910052751 metal Inorganic materials 0.000 claims description 88
- 230000001681 protective effect Effects 0.000 claims description 27
- 230000004044 response Effects 0.000 claims description 16
- 230000001960 triggered effect Effects 0.000 claims description 11
- 230000002265 prevention Effects 0.000 abstract description 13
- 238000010586 diagram Methods 0.000 description 13
- 230000005856 abnormality Effects 0.000 description 7
- 101100456739 Drosophila melanogaster Mesh1 gene Proteins 0.000 description 5
- 101150020754 Hddc3 gene Proteins 0.000 description 5
- 238000001514 detection method Methods 0.000 description 5
- 238000004364 calculation method Methods 0.000 description 4
- 230000006870 function Effects 0.000 description 4
- 230000007246 mechanism Effects 0.000 description 4
- 238000004590 computer program Methods 0.000 description 3
- 230000008878 coupling Effects 0.000 description 3
- 238000010168 coupling process Methods 0.000 description 3
- 238000005859 coupling reaction Methods 0.000 description 3
- 238000013461 design Methods 0.000 description 3
- 238000012545 processing Methods 0.000 description 3
- 238000004422 calculation algorithm Methods 0.000 description 2
- 238000004891 communication Methods 0.000 description 2
- 230000000694 effects Effects 0.000 description 2
- 238000007726 management method Methods 0.000 description 2
- 230000002829 reductive effect Effects 0.000 description 2
- 238000012360 testing method Methods 0.000 description 2
- RYGMFSIKBFXOCR-UHFFFAOYSA-N Copper Chemical compound [Cu] RYGMFSIKBFXOCR-UHFFFAOYSA-N 0.000 description 1
- 230000008094 contradictory effect Effects 0.000 description 1
- 239000011889 copper foil Substances 0.000 description 1
- 238000013500 data storage Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000002224 dissection Methods 0.000 description 1
- 239000000835 fiber Substances 0.000 description 1
- 238000001914 filtration Methods 0.000 description 1
- 230000010354 integration Effects 0.000 description 1
- 230000009545 invasion Effects 0.000 description 1
- 230000001788 irregular Effects 0.000 description 1
- 230000002427 irreversible effect Effects 0.000 description 1
- 239000000463 material Substances 0.000 description 1
- 150000002739 metals Chemical class 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000000149 penetrating effect Effects 0.000 description 1
- 238000011160 research Methods 0.000 description 1
- 230000002441 reversible effect Effects 0.000 description 1
- 239000004065 semiconductor Substances 0.000 description 1
- 239000007787 solid Substances 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
- 239000004575 stone Substances 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/78—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/86—Secure or tamper-resistant housings
- G06F21/87—Secure or tamper-resistant housings by means of encapsulation, e.g. for integrated circuits
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/88—Detecting or preventing theft or loss
Abstract
The invention discloses a secret leakage prevention board card, a secret leakage prevention method and electronic equipment. This prevent divulging secret integrated circuit board includes: a printed circuit board; a chip disposed on a printed circuit board, the chip including two pins configured to determine theft of a data signal by a probe to the chip according to abnormal changes in levels on the two pins; the anti-drilling circuit is arranged on the printed circuit board and is connected with the two pins; at least one set of wires, each set of wires comprising two wires connected to the anti-drilling circuit and distributed over a surface of the printed circuit board, the anti-drilling circuit being configured to change a level on the two pins as the probe connects the two wires together when the probe is performing theft of the data signal at the surface.
Description
Technical Field
The disclosure relates to the technical field of data security, in particular to a secret leakage prevention board card, a secret leakage prevention method and electronic equipment.
Background
The security performance of the hardware of the chip is a basic stone for information security, and how to prevent the risk of external intrusion of the chip has been an important research hotspot.
When an attacker attacks (or physically attacks) a board card with a chip, the attacker mainly opens the package of the board card to attack, for example, the attacker may first unpack the board card, then collect signals at a position close to the signal source of the chip, and steal or inject data. In addition, an attacker can drill and test the board through tools such as a probe, so that data and a secret key in the chip can be stolen, and the safety of hardware of the board is seriously affected.
Disclosure of Invention
In view of this, the disclosure provides a disclosure board card, a disclosure method and an electronic device for preventing disclosure, so as to improve the security of the hardware of the board card.
In a first aspect, there is provided a tamper evident card, the tamper evident card comprising: the chip is arranged on the printed circuit board and comprises two pins, and is configured to determine that the probe steals data signals of the chip according to the abnormal change of the level on the two pins; the anti-drilling circuit is arranged on the printed circuit board and is connected with the two pins; and the anti-drilling circuit is configured to change the level on the two pins as the probe connects the two metal wires together when the probe steals the data signal on the surface.
In one embodiment, the anti-drill circuit comprises a first anti-drill circuit and a second anti-drill circuit, the two pins comprise a first pin and a second pin, the two wires comprise a first wire and a second wire, the first anti-drill circuit is connected between the first pin and the positive power supply, the first wire is connected between the first pin and the positive power supply, the second anti-drill circuit is connected between the second pin and the negative power supply, and the second wire is connected between the second pin and the negative power supply.
In one embodiment, when the first and second metal lines are connected together by the probe, a high anomaly occurs in the level on the first and second pins detected by the chip.
In one embodiment, when the probe connects the first metal wire and the second metal wire together and connects the positive power supply electrode and the negative power supply electrode together, a low abnormality occurs in the levels on the first pin and the second pin detected by the chip.
In one embodiment, the two metal lines are metal grid wires or metal meander wires.
In one embodiment, the spacing between the two wires is on the order of one thousandth of an inch.
Optionally, the anti-disclosure board card of the first aspect further includes: and the zero setting circuit is used for sending out an alarm and clearing the data signal when the probe is determined to steal the data signal from the chip.
Optionally, the anti-disclosure board card of the first aspect further includes: and the protective cover is covered on the outer side of the printed circuit board and is used for physically protecting sensitive devices and chips on the board, and at least one group of metal wires are arranged in the protective cover.
In an embodiment, the protection cover comprises a plurality of protection plates, one protection plate is used for covering at least one side face of the anti-disclosure board card, one protection plate corresponds to at least one anti-drilling circuit, and each protection plate is provided with at least one group of metal wires.
In one embodiment, each of the guard plates is an FPC.
In one embodiment, one side of the tamper evident card is not covered by the protective cover, and at least one set of wires is also routed in the side.
Optionally, the anti-disclosure board card of the first aspect further includes: the first anti-disassembly circuit comprises at least one first contact point for connecting the protective cover with the printed circuit board, responding to the opening of the protective cover, and disconnecting the at least one first contact point, so that the first anti-disassembly circuit is disconnected, and then a zero setting circuit in the anti-leakage board card is triggered to send out an alarm and clear out data signals in the anti-leakage board card.
Optionally, the anti-disclosure board card of the first aspect further includes: the shell is arranged on the outer side of the printed circuit board and is used for physically protecting sensitive devices and chips on the anti-leakage board card; the second anti-disassembly circuit comprises at least one second contact point for connecting the shell with the printed circuit board, and the at least one second contact point is disconnected in response to the shell being opened, so that the second anti-disassembly circuit is disconnected, and then a zero setting circuit in the anti-leakage board card is triggered to send out an alarm and clear data signals in the anti-leakage board card.
In a second aspect, there is provided an electronic device comprising: a tamper evident card as in the first aspect.
In an embodiment, the electronic device is a server or an all-in-one machine supporting privacy calculations.
In a third aspect, a disclosure protection method is provided, including: the chip in the anti-disclosure board card detects that the level on two pins on the chip is abnormally changed, wherein in response to the fact that two adjacent metal wires in each group of metal wires in at least one group of metal wires in the anti-disclosure board card are connected together by the penetrated probe, the anti-drilling circuit in the anti-disclosure board card changes the level on the two pins, and the two metal wires are connected with the anti-drilling circuit and distributed on the surface of the printed circuit board; and in response to the abnormal change of the level, triggering a zero setting circuit in the anti-disclosure board card to send out an alarm and clearing a data signal in the anti-disclosure board card.
Optionally, the anti-disclosure method of the third aspect further includes: in response to the shield in the anti-tamper panel card being opened, causing at least one first contact point of a first tamper-evident short on the anti-tamper panel card to open, the first tamper-evident circuit being open; and responding to the breaking of the first anti-disassembling circuit, triggering a zero setting circuit in the anti-disclosure board card to give an alarm and clearing a data signal in the anti-disclosure board card.
Optionally, the anti-disclosure method of the third aspect further includes: in response to the housing in the tamper evident card being opened, causing at least one second contact point of a second tamper evident short on the tamper evident card to open, the second tamper evident circuit being open; and responding to the breaking of the second anti-disassembling circuit, triggering a zero setting circuit in the anti-disclosure board card to give an alarm and clearing sensitive data on the anti-disclosure board card.
In a fourth aspect, there is provided an electronic device comprising a memory having executable code stored therein and a processor configured to execute the executable code to implement a method as in the first aspect.
In a fifth aspect, there is provided a computer readable storage medium having executable code stored thereon, which when executed is capable of implementing a method as in the first aspect.
In a sixth aspect, there is provided a computer program product comprising executable code which when executed is capable of implementing a method as in the first aspect.
The embodiment of the disclosure provides a scheme of anti-disclosure board card, through being connected two pins of anti-drilling circuit and chip on the anti-disclosure board card, and lay two metal wires of being connected with anti-drilling circuit at the surface of anti-disclosure board card, so make when the probe steals data signal at the surface of anti-disclosure board card, along with the probe connects two metal wires and changes the level on two pins together, so, the chip can confirm according to the unusual change of the level of two pins that anti-disclosure board card is by the probing, thereby the security of the hardware of anti-disclosure board card has been improved.
Drawings
Fig. 1 is a schematic circuit diagram of a disclosure-proof board card according to an embodiment of the disclosure.
Fig. 2 is an equivalent circuit diagram of a tamper-proof card according to an embodiment of the present disclosure after it is drilled by a probe.
Fig. 3 is an equivalent circuit diagram of a tamper-proof card according to an embodiment of the present disclosure after it is drilled by a probe.
Fig. 4 is a schematic structural diagram of Mesh routing according to an embodiment of the present disclosure.
Fig. 5 is a schematic structural diagram of Mesh routing according to another embodiment of the present disclosure.
Fig. 6 is a schematic structural diagram of Mesh routing according to another embodiment of the present disclosure.
Fig. 7 is a schematic structural diagram of Mesh routing according to another embodiment of the present disclosure.
Fig. 8 is a schematic structural view of a PCB and an FPC provided in an embodiment of the present disclosure.
Fig. 9 is a schematic structural view of a PCB and an FPC provided in another embodiment of the present disclosure.
Fig. 10 is a diagram showing a Mesh trace on an FPC according to an embodiment of the present disclosure.
Fig. 11 is a schematic structural diagram of a disclosure-proof board card according to another embodiment of the disclosure.
Fig. 12 is a schematic flow chart of a disclosure-proof method provided by an embodiment of the disclosure.
Fig. 13 is a schematic structural view of a disclosure-proof device according to an embodiment of the disclosure.
Fig. 14 is a schematic structural diagram of an electronic device according to an embodiment of the present disclosure.
Detailed Description
The following description of the technical solutions in the embodiments of the present disclosure will be made clearly and completely with reference to the accompanying drawings in the embodiments of the present disclosure, and it is apparent that the described embodiments are only some embodiments of the present disclosure, not all embodiments.
The chip is adopted by a large number of Internet of things equipment or automatic driving equipment, once the chip has a safety problem, the influence is far-reaching, and therefore the safety of the chip is more important. However, the need to improve the security of a chip requires solving a critical contradictory problem, namely the contradiction between the cost of the chip security mechanism and the security in application environments where computing resources, memory resources and power consumption are severely limited. Although the chip adopts a basic chip security mechanism such as key security storage, encryption and decryption calculation based on keys, the chip still has the problem of being easy to be attacked physically.
Keys of the privacy card are typically stored in a nonvolatile memory, and an attacker may acquire these keys from a chip in the privacy card using a physical attack mode such as a probe. In cryptography, the development of physical attack techniques has spawned an attack method that obtains the private information of an operating system by attacking circuit board-level hardware components. The attack may be reversible or irreversible. Under an invasive attack scene, an attacker can directly access the inside of the privacy board card through uncapping, dissection and other modes, and can also adopt attack means such as probe drilling, detection and the like, for example, the probe can capture and analyze the signal of the electrical signal of the hardware component, and the test vector can be injected into the chip to collect corresponding information so as to analyze information such as keys and the like.
Although the security of the chip can be improved by adding the key secure storage of the tamper-proof function, the cost overhead caused by the security is not bearable for the internet of things device chip or the automatic driving device chip. The key management of the chip is complex, the encryption and decryption computation complexity is high, and the key management is difficult to bear in the aspects of algorithm engine functions, performances and power consumption for lightweight terminal equipment such as the Internet of things or automatic driving.
Therefore, to improve the security of the chip, the contradiction between the cost of the chip security mechanism and the security must be solved.
The application provides a privacy card prevent tearing open, prevent probe design scheme, carries out the bottom design through the system software and hardware such as chip, hardware, the structure to privacy card, under the condition that does not show the cost that improves chip safety mechanism, has improved privacy card's security performance greatly, has reached the purpose of protecting privacy card.
Fig. 1 is a schematic circuit diagram of a disclosure board 100 according to an embodiment of the disclosure. The tamper evident card 100 includes a printed circuit board 105, a chip 110, an anti-drilling circuit 120, and at least one set of metal lines 130.
The chip 110 is disposed on the printed circuit board 105, and the chip 110 includes two pins 111, 112 configured to determine theft of the data signal by the probe to the chip 110 based on abnormal changes in the level on the two pins 111, 112. An anti-drilling circuit 120 is provided on the printed circuit board 105 and is connected to the two pins 111, 112. Each of the at least one set of wires 130 includes two wires 131, 132, the two wires 131, 132 being connected to an anti-drill circuit and distributed across the surface of the printed circuit board 105, the anti-drill circuit being configured to change the level on the two pins as the probe connects the two wires together when the probe is taking a data signal at the surface.
Probes in this document essentially refer to very fine metallic objects. When an attacker adopts a probe to drill a leakage-proof board card, two metal wires distributed on the surface of the printed circuit board can be short-circuited, the short-circuited can change the structure of a drilling-proof circuit connected with the short-circuited, and further abnormal changes of the electric levels on two pins are caused, so that the chip can determine probe invasion according to the abnormal changes of the electric levels on the two pins, and alarm and/or sensitive data removal can be triggered in time.
The two metal wires may be copper foil traces, and the line widths and line distances of the two metal wires are configured to enable shorting of the two metal wires when the probe drills the anti-disclosure board. The two metal wires can form a grid (Mesh) wiring pattern according to a preset rule, and can be circulated without rule, so long as a short circuit state of the two metal wires can be caused when the probe drills the anti-leakage board card. The pattern formed by the two metal wires can be covered on each surface of the anti-leakage board card, each surface can be covered with one group of metal wires, each surface can be covered with two groups of metal wires, and one group of metal wires can be covered on a plurality of surfaces. For convenient layout, two metal wires can be manufactured in a Flexible Printed Circuit (FPC) 140, and when in use, the FPC140 containing the two metal wires is attached to the outer surface of a printed circuit board or the inner surface of the shell of the anti-disclosure board card.
The chip may be an integrated circuit chip for collecting, storing, processing sensitive information (e.g. privacy calculations), also known as a cryptographic chip, a security chip or a national security chip. For example, the chip may be a chip applied to an internet of things device, a chip applied to an automatic driving device, or a chip used in important fields such as medical treatment and finance.
The two pins can be reserved I/O pins (or ports) or custom I/O pins of the chip, and also can be I/O pins specially used for intrusion alarm on the chip. The change in the level of the two pins 111, 112 can be detected by using a voltage transformer connected to the two pins, i.e., by detecting a change in the low level (e.g., "0", "1") in a static detection manner to determine high and low anomalies.
The anti-drilling circuit is connected between the power supply of the anti-leakage board card and the I/O pin and is used for generating level change on the I/O pin according to whether the two metal wires are in short circuit or not. To cause a preset level change when the two metal lines are shorted, the anti-drilling circuit may include a preset resistance topology.
The embodiment of the disclosure provides a scheme of anti-disclosure board card, through being connected two pins of anti-drilling circuit and chip on the anti-disclosure board card, and lay two metal wires of being connected with anti-drilling circuit at the surface of anti-disclosure board card, so make when the probe steals data signal at the surface of anti-disclosure board card, along with the probe connects two metal wires and changes the level on two pins together, so, the chip can confirm according to the unusual change of the level of two pins that anti-disclosure board card is by the probing, thereby the security of the hardware of anti-disclosure board card has been improved.
In an embodiment, the anti-drilling circuit comprises a first anti-drilling circuit and a second anti-drilling circuit, the two pins comprise a first pin 111 and a second pin 112, the two wires comprise a first metal wire 131 and a second metal wire 132, the first anti-drilling circuit is connected between the first pin 111 and a power supply positive pole VCC, the first metal wire 131 is connected between the first pin 111 and the power supply positive pole VCC, the second anti-drilling circuit is connected between the second pin 112 and a power supply negative pole GND, and the second metal wire 132 is connected between the second pin 112 and the power supply negative pole GND.
Specifically, a first end of the first metal line 131 is connected to the first pin 111, and the first drill preventing circuit may include a second resistor 122 connected between a second end of the first metal line 131 and the power supply positive electrode VCC. The first end of the second wire 132 is connected to the second pin 112, and the second anti-drill circuit may include a fourth resistor 124 connected between the second end of the second wire 132 and the negative power supply GND.
Further, a first resistor 121 is connected between the first pin 111 and the negative electrode of the power supply, and a third resistor 123 is connected between the second pin and the positive electrode of the power supply. It should be appreciated that the first resistor 121 and the third resistor 123 may be internal resistors of the chip. For example, the internal resistance may be set to 20mΩ or other resistance values. The first resistor 121, the second resistor 122, the third resistor 123, and the fourth resistor 124 may be set to the same resistor so as to more conveniently and accurately determine whether the level of the two pins has abnormal change.
In an embodiment, the power negative electrode connected to the first resistor 121 and the power negative electrode connected to the second metal 132 may be the same power negative electrode, and the power positive electrode connected to the third resistor 123 and the power positive electrode connected to the first metal wire 131 may be the same power positive electrode, for example, the power positive electrode and the negative plate are the positive electrode and the negative electrode of the internal power (or the external power) of the board, respectively. Therefore, the structure of the anti-drilling circuit can be simplified, and the cost of the board card is reduced.
In another embodiment, the power negative electrode connected to the first resistor 121 and the power negative electrode connected to the second metal 132 may be different power negative electrodes, the power positive electrode connected to the third resistor 123 and the power positive electrode connected to the first metal line 131 may be different power positive electrodes, for example, the power negative electrode connected to the first resistor 121 and the power positive electrode connected to the third resistor 123 are respectively the negative electrode and the positive electrode of the internal power of the board, and the power negative electrode connected to the second metal 132 and the power positive electrode connected to the first metal line 131 are respectively the negative electrode and the positive electrode of the external power of the board, for example, the positive electrode and the negative electrode of the on-board battery. Therefore, the drilling-preventing circuit structure can be preferentially arranged, the safety of the board card is improved, for example, under the condition that an external power supply fails, and the internal power supply can also ensure that the drilling-preventing circuit works normally.
In addition, in the chip, the I/O pins may be connected with an anti-shake filter circuit to perform anti-shake filtering processing, and embodiments of the present application are not limited thereto, and the anti-shake filter circuit may also be connected outside the chip, that is, between the two pins and the anti-drill circuit.
In one embodiment, when the first and second metal lines 131 and 132 are probed together, a high anomaly occurs in the level on the first and second pins 111 and 112 detected by the chip.
Referring to fig. 2, when an attacker drills a probe on the anti-disclosure board card, under the condition that the probe does not drill through the FPC, two wires (Mesh) on the FPC are connected together, for example, a node a and a node B are short-circuited, so that a resistor with 2 identical resistance values is connected between VCC and GND, so that the level on two pins is 0.5V (if the power supply voltage is 1V), that is, a high abnormality occurs, and the two I/O ports monitor the high abnormality.
In one embodiment, when the probe connects the first metal wire 131 and the second metal wire 132 together and connects the power supply positive electrode and the VCC power supply negative electrode GND together, the level on the first pin 131 and the second pin 132 detected by the chip is 0, i.e. a low abnormality occurs, and the two IO ports detect the low abnormality.
Referring to fig. 3, when an attacker drills a probe on the anti-disclosure board card, under the condition that the probe directly drills through the FPC, the probe directly drills on the PCB, causing a short circuit between node C and node B, thereby causing a short circuit between VCC and GND, which is equivalent to a short circuit discharge of an on-board battery, and the two I/O ports detect low anomalies. Specifically, be provided with power layer and ground plane on the anti-disclosure integrated circuit board, power layer connects power positive pole VCC, and ground plane connects power negative pole GND. When the probe passes through the FPC and is drilled onto the PCB, it is possible to short the power layer and the ground layer, which connects the power positive and power poles together, so that the level on the first and second pins of the chip becomes zero.
In one embodiment, the two metal lines are metal Mesh (Mesh) traces or metal meander traces.
The two wires of each set of wires may be Mesh (Mesh) traces or meandering traces distributed around the periphery of the chip. The metal wire may comprise a split or arc segment, with the distance between adjacent segments of two metals being the same.
According to the embodiment of the application, the Mesh wiring can be composed of high and low levels, and similar to differential pair wiring, the flying line attack difficulty can be increased.
Referring to fig. 4, each of the two wires Mesh1 and Mesh2 is arranged in a comb shape, and the comb teeth formed by one wire Mesh1 are inserted between two adjacent comb teeth formed by the other wire Mesh2, so that when the probe is drilled, any adjacent comb teeth of the two wires are shorted by the probe, and both wires can be shorted.
Referring to fig. 5, two wires Mesh1 and Mesh2 may also be arranged in a meandering manner, and adjacent folded sections of the two wires extend in parallel, so that when the probe is drilled, any adjacent folded sections of the two wires are shorted by the probe, and both wires can be shorted.
Referring to fig. 6, two metal wires Mesh1 and Mesh2 may be further configured as zigzag wires, and adjacent folded sections of the two metal wires extend in parallel, so that when the probe is drilled, any adjacent folded sections of the two metal wires are shorted by the probe, and both the two metal wires can be shorted.
It should be understood that the two metal lines Mesh1 and Mesh2 may also be arranged as circular or spiral tracks.
Embodiments of the present application are not limited to the regular patterns described above, and it should be understood that the routing manner of each layer may be irregular and may follow the pattern shown in fig. 7. The two metal wires are metal zigzag wires, and the metal wires are arranged as the metal zigzag wires, so that the wiring positions of the metal wires can be selectively arranged, for example, the positions of the signal wires can be flexibly avoided, and the material cost is saved.
For example, the two metal wires may be disposed only in the vicinity of a position of the FPC corresponding to a position (for example, a signal source) of the chip that is vulnerable to probe drilling, and the two metal wires are insulated from each other and continuously laid out in a detour manner, and a predetermined pattern is formed in the FPC to cover the entire area to be secured.
In one embodiment, the spacing between the two wires is on the order of one thousandth of an inch.
For example, two metal lines may be set to have line widths of 6 mils (mils) and line spacing of 6 mils or less to increase the difficulty of flying line attacks.
The Mesh trace may include an even number of layers, e.g., 2 or 4 layers, and embodiments of the present application are not limited thereto, and the Mesh trace may also include an odd number of layers, e.g., 1 or 3 layers.
Optionally, as another embodiment, the disclosure-proof board card further includes: and the zero setting circuit is used for sending out an alarm and clearing the data signal when the probe is determined to steal the data signal from the chip.
The chip can send out an alarm when the probe is determined to steal the data signal of the chip, and trigger the zero setting circuit to clear sensitive information.
Optionally, as another example, the anti-disclosure board card 300 further includes: and the protective cover is covered on the outer side of the printed circuit board and is used for physically protecting sensitive devices and chips on the anti-leakage board card, and the at least one group of metal wires are arranged in the protective cover.
In an embodiment, the protection cover comprises a plurality of protection plates, one protection plate is used for covering at least one side face of the anti-disclosure board card, one protection plate corresponds to at least one anti-drilling circuit, and each protection plate is provided with at least one group of metal wires.
Specifically, each of the shielding plates may be an FPC. The FPCs may be arranged on the periphery of the PCB, for example, as shown in fig. 8, with the FPCs attached to the lower surface and the lower surface of the PCB, and as shown in fig. 9, with the FPCs attached to the sides of the PCB, it should be understood that the protective cover on the sides of the PCB may be a single protective cover, i.e., all sides of the PCB are wrapped by a single protective cover, and one protective cover may be attached to each side of the PCB, i.e., one side of the PCB is wrapped by one protective cover.
Each protection plate is provided with at least one group of metal wires, and one protection plate corresponds to at least one anti-drilling circuit, that is, a plurality of groups of metal wires can be arranged in a layered manner in each FPC, and the higher the number of the plurality of groups of metal wires is, the higher the security protection level of the anti-leakage board card is. For example, a set of wires may be provided on each of the upper and lower surfaces of each FPC, the set of wires on the upper surface being connected to one of the anti-drilling circuits, and the set of wires on the lower surface being connected to the other anti-drilling circuit. The upper and lower groups of metal wires can be arranged in a staggered way in space. The upper and lower groups of metal wires can adopt the same pattern or different patterns, and only the orthographic projection on the surface of the chip is staggered by a preset distance. Because the metal wires arranged in the same layer are too dense to easily generate abnormal short circuits, thereby causing false alarm, by adopting a layered staggered arrangement mode, the coverage area of the metal wires can be enlarged, and the probability of false alarm caused by abnormal short circuits can be reduced.
Referring to fig. 10, each FPC has an upper surface and a lower surface, both of which are provided with a set of metal wires to achieve a better drilling-preventing effect. The two I/O ports of the PCB are connected with one metal wire, mesh1 and Mesh2, on the upper surface of the FPC, and the two I/O ports of the PCB are connected with one metal wire, mesh1 and Mesh2, on the lower surface of the FPC, and the two I/O ports of the FPC are connected with the other metal wire, namely, each surface of the PCB comprises two drilling prevention circuits, and of course, only one drilling prevention circuit can be realized on the upper surface or the lower surface, and the two drilling prevention circuits have better drilling prevention effect.
In one embodiment, one side of the anti-disclosure board is not covered by the protective cover, and the two wires are also routed in the side. For example, the at least one set of metal lines may be embedded directly on the surface of the PCB on the side where the I/O ports of the PCB are located. At least one set of wires embedded directly on the side of the I/O port is also connected to the anti-drill circuit for being configured to change the level on both pins of the chip as the probe connects the two wires together when the probe is performing theft of the data signal on the side of the I/O port.
Optionally, as another embodiment, the disclosure-proof board card further includes: the first anti-disassembly circuit comprises at least one first contact point for connecting the protective cover with the anti-leakage board card, and responding to the opening of the protective cover, the at least one first contact point is disconnected, so that the first anti-disassembly circuit is broken, and then the zero setting circuit is triggered to send out an alarm and clear out data signals in the anti-leakage board card.
Specifically, the zero setting circuit can be connected with a normally closed switch, the first contact point is a contact point of the normally closed switch, the first contact point is closed when the anti-disclosure board card is normal, and the first contact point is opened when the protective cover is opened, so that the zero setting circuit is triggered to send out an alarm and clear data signals in the anti-disclosure board card. For example, the first contact point may be a POGO Pin connector.
Optionally, as another embodiment, the disclosure-proof board card further includes: the shell is arranged on the outer side of the printed circuit board and is used for physically protecting sensitive devices and chips on the anti-leakage board card; the second anti-disassembly circuit comprises at least one second contact point for connecting the shell with the anti-leakage board card, and the at least one second contact point is disconnected in response to the shell being opened, so that the second anti-disassembly circuit is disconnected, and then the zero setting circuit is triggered to send out an alarm and clear out data signals in the anti-leakage board card.
Similarly, the zeroing circuit can be connected with a normally closed switch, the second contact point is a contact point of the normally closed switch, the second contact point is closed when the anti-disclosure board card is normal, and the second contact point is opened when the shell is opened, so that the zeroing circuit is triggered to send out an alarm and clear data signals in the anti-disclosure board card. For example, the second contact point may be a POGO Pin connector.
The embodiment of the disclosure provides a scheme of a secret leakage prevention board card, by connecting an anti-disassembly circuit on the secret leakage prevention board card with contacts on a shell or an FPC, when an attacker dismantles the secret leakage prevention board card, the contacts can be disconnected to trigger a zero setting circuit to send out an alarm and clear data signals in the secret leakage prevention board card, so that the safety of hardware of the secret leakage prevention board card is improved.
The application also provides an electronic device, which is characterized by comprising: a tamper evident card as described in the embodiment of fig. 1. For example, the electronic device is a server or an all-in-one machine supporting privacy calculations.
The application scenario of the embodiment of the present disclosure is described below by taking a PCIE card as an example. Referring to fig. 11, the PCB of the PCIE card is generally hexahedral, and the whole PCIE card except for the I/O ports is covered and protected as a sensitive device by an FPC. That is, except for the side where the I/O port is located, three of the upper surface, the lower surface, and the side of the PCB may be wrapped with FPCs, one corresponding to the upper surface of the PCB, one corresponding to the lower surface of the PCB, and one corresponding to three of the side of the PCB. The FPC may be understood as a first level of physical protection to the PCB, and the housing located outside the FPC may be understood as a second level of physical protection to the PCB, through which the security protection level of the PCB can be enhanced.
In order to protect the PCB more fully, at least one group of metal wires may be directly disposed on a side of the PCB that is not covered by the FPC, and the metal wires on the side of the PCB are connected to two I/O ports of the PCB as a path of anti-drilling circuit, similar to the metal wires of the FPC. When the two I/O ports detect high abnormality or low abnormality, a zero setting circuit is triggered to clear sensitive information.
Further, the shell of the anti-disclosure board card can be electrically connected with the PCB through contacts (such as POGO Pin connectors) on the anti-disclosure circuit, when an attacker disassembles the shell, the contacts are disconnected, the anti-disclosure circuit is broken, the zero setting circuit is triggered, and sensitive information is cleared. In addition, FPC also can carry out electric connection through preventing tearing open the contact on the circuit and PCB, when tearing apart FPC, the contact disconnection prevents tearing open the circuit and opens circuit, triggers the zero setting circuit, clears away sensitive information.
In addition, the radiator on the upper surface of the PCB can be shielded and protected along the edge of the PCB; the back plate of the lower surface of the PCB may be shielded along the edges of the PCB. For example, the heat sink and the inner surface of the back plate are both attached with a metal wire-attached FPC for anti-drilling detection protection.
Embodiments of the disclosure related to a tamper evident card are described in detail above with reference to fig. 1 through 11, and method embodiments of the disclosure are described in detail below with reference to fig. 12
Fig. 12 is a schematic flow chart of a disclosure method according to an embodiment of the disclosure. The anti-disclosure method is performed by the chip of the anti-disclosure board in the above embodiment, and a part not described in detail may be referred to the above related embodiments of the anti-disclosure board. The anti-disclosure method comprises the following steps:
1210, detecting, by a chip in the anti-disclosure board, that an abnormal change occurs in the electrical level on two pins thereon, wherein in response to adjacent two wires in each of at least one set of wires in the anti-disclosure board being connected together by a pierced probe, an anti-drilling circuit in the anti-disclosure board changes the electrical level on the two pins, the two wires being connected with the anti-drilling circuit and distributed over a surface of the anti-disclosure board.
1220, in response to the abnormal change in level, triggering a zeroing circuit in the anti-tamper card to alert and clear a data signal in the anti-tamper card.
The embodiment of the disclosure provides a scheme of anti-disclosure board card, through being connected two pins of anti-drilling circuit and chip on the anti-disclosure board card, and lay two metal wires of being connected with anti-drilling circuit at the surface of anti-disclosure board card, so make when the probe steals data signal at the surface of anti-disclosure board card, along with the probe connects two metal wires and changes the level on two pins together, so, the chip can confirm according to the unusual change of the level of two pins that anti-disclosure board card is by the probing, thereby the security of the hardware of anti-disclosure board card has been improved.
Optionally, as another embodiment, the disclosure-proof method further includes: in response to the shield in the anti-tamper panel card being opened, causing at least one first contact point of a first tamper circuit on the anti-tamper panel card to open, the first tamper circuit being open; and responding to the breaking of the first anti-disassembling circuit, triggering a zero setting circuit in the anti-disclosure board card to give an alarm and clearing a data signal in the anti-disclosure board card.
Optionally, as another embodiment, the method further includes: in response to the housing in the anti-tamper card being opened, causing at least one second contact point of a second tamper circuit on the anti-tamper card to open, the second tamper circuit being open; and responding to the breaking of the second anti-dismantling circuit, and triggering a zero setting circuit in the anti-revealing card to send out an alarm and clear out a data signal in the anti-revealing card.
The method embodiment of the present disclosure is described in detail above in connection with fig. 12, and the apparatus embodiment of the present disclosure is described in detail below in connection with fig. 13. It is to be understood that the description of the method embodiments corresponds to the description of the device embodiments, and that parts not described in detail can therefore be seen in the preceding method embodiments. Fig. 13 is a schematic structural diagram of a disclosure-provided anti-disclosure device 1300. The apparatus 1300 may include: a detection module 1310 and a trigger module 1320. These units are described in detail below.
The detection module 1310 is configured to detect that the electrical levels on two pins on a chip of the anti-disclosure board are abnormally changed, where, in response to the adjacent two wires in each of at least one set of wires in the anti-disclosure board being connected together by a penetrating probe, an anti-drilling circuit in the anti-disclosure board changes the electrical levels on the two pins, and the two wires are connected with the anti-drilling circuit and distributed on a surface of the anti-disclosure board.
The trigger module 1320 is configured to trigger a zeroing circuit in the anti-tamper card to alert and clear a data signal in the anti-tamper card in response to an abnormal change in the level.
Optionally, as another embodiment, the triggering module 1320 is further configured to cause at least one first contact point of a first tamper circuit on the tamper evident card to open in response to a protective cover in the tamper evident card being opened, the first tamper evident circuit being broken; and responding to the breaking of the first anti-disassembling circuit, triggering a zero setting circuit in the anti-disclosure board card to give an alarm and clearing a data signal in the anti-disclosure board card.
Optionally, as another embodiment, the triggering module 1320 is further configured to cause at least one second contact point of a second tamper circuit on the card to open in response to the housing in the tamper resistant card being opened, the second tamper circuit being open; and responding to the breaking of the second anti-disassembling circuit, triggering a zero setting circuit in the anti-disclosure board card to give an alarm and clearing data signals in the anti-disclosure board card.
Fig. 14 is a schematic structural diagram of an electronic device 1400 provided in accordance with yet another embodiment of the present disclosure. The electronic device 1400 may be, for example, a computing device having computing functionality. For example, the electronic device 1400 may be a server. The electronic device 1400 may include a memory 1410 and a processor 1420. Memory 1410 may be used to store executable code. Processor 1420 may be used to execute executable code stored in memory 1410 to implement steps in the various methods described previously. In some embodiments, the electronic device 1400 may also include a network interface 1430 through which data exchange of the processor 1420 with external devices may be implemented.
In the above embodiments, it may be implemented in whole or in part by software, hardware, firmware, or any other combination. When implemented in software, may be implemented in whole or in part in the form of a computer program product. The computer program product includes one or more computer instructions. When loaded and executed on a computer, produces a flow or function in accordance with embodiments of the present disclosure, in whole or in part. The computer may be a general purpose computer, a special purpose computer, a computer network, or other programmable apparatus. The computer instructions may be stored in a computer-readable storage medium or transmitted from one computer-readable storage medium to another computer-readable storage medium, for example, the computer instructions may be transmitted from one website, computer, server, or data center to another website, computer, server, or data center by a wired (e.g., coaxial cable, fiber optic, digital subscriber line (Digital Subscriber Line, DSL)) or wireless (e.g., infrared, wireless, microwave, etc.). The computer readable storage medium may be any available medium that can be accessed by a computer or a data storage device such as a server, data center, etc. that contains an integration of one or more available media. The usable medium may be a magnetic medium (e.g., a floppy Disk, a hard Disk, a magnetic tape), an optical medium (e.g., a digital video disc (Digital Video Disc, DVD)), or a semiconductor medium (e.g., a Solid State Disk (SSD)), or the like.
Those of ordinary skill in the art will appreciate that the elements and algorithm steps described in connection with the embodiments disclosed herein can be implemented as electronic hardware, or combinations of computer software and electronic hardware. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the solution. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present disclosure.
In the several embodiments provided in the present disclosure, it should be understood that the disclosed systems, devices, and methods may be implemented in other manners. For example, the apparatus embodiments described above are merely illustrative, e.g., the division of the units is merely a logical function division, and there may be additional divisions when actually implemented, e.g., multiple units or components may be combined or integrated into another system, or some features may be omitted or not performed. Alternatively, the coupling or direct coupling or communication connection shown or discussed with each other may be an indirect coupling or communication connection via some interfaces, devices or units, which may be in electrical, mechanical or other form.
The units described as separate units may or may not be physically separate, and units shown as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution of this embodiment.
In addition, each functional unit in each embodiment of the present disclosure may be integrated in one processing unit, or each unit may exist alone physically, or two or more units may be integrated in one unit.
The foregoing is merely specific embodiments of the disclosure, but the protection scope of the disclosure is not limited thereto, and any person skilled in the art can easily think about changes or substitutions within the technical scope of the disclosure, and it is intended to cover the scope of the disclosure. Therefore, the protection scope of the present disclosure shall be subject to the protection scope of the claims.
Claims (14)
1. A tamper evident card, comprising:
a printed circuit board;
a chip disposed on the printed circuit board, the chip including two pins configured to determine theft of a data signal by a probe to the chip according to abnormal changes in levels on the two pins;
the anti-drilling circuit is arranged on the chip and connected with the two pins;
at least one set of wires, each set of wires comprising two wires connected to the anti-drilling circuit and distributed on a surface of the printed circuit board, the anti-drilling circuit being configured to change a level on the two pins as the probe connects the two wires together when the theft of the data signal is performed on the surface.
2. The tamper resistant card of claim 1, the tamper resistant circuit comprising a first tamper resistant circuit and a second tamper resistant circuit, the two pins comprising a first pin and a second pin, the two wires comprising a first wire and a second wire, the first tamper resistant circuit being connected between the first pin and a positive power supply, the first wire being connected between the first pin and the positive power supply, the second tamper resistant circuit being connected between the second pin and a negative power supply, the second wire being connected between the second pin and the negative power supply.
3. The tamper evident card of claim 2, wherein a high anomaly occurs in the levels on the first pin and the second pin detected by the chip when the first wire and the second wire are connected together by the probe.
4. The anti-tamper card of claim 2, wherein when the probe connects the first and second wires together and connects the positive power supply to the negative power supply, a low anomaly occurs in the levels on the first and second pins detected by the chip.
5. The tamper evident card of any one of claims 1 to 4, the two wires being metal grid wires or metal meander wires.
6. The tamper evident card of any one of claims 1 to 4, the two wires being spaced on the order of one thousandth of an inch apart.
7. The tamper evident card of any one of claims 1 to 4, further comprising: and the protective cover is covered on the outer side of the printed circuit board and is used for physically protecting the sensitive devices on the anti-leakage board card and the chips, and at least one group of metal wires are arranged in the protective cover.
8. The tamper evident card of claim 7, the protective cover comprising a plurality of protective plates, one protective plate for covering at least one side of the tamper evident card, one protective plate corresponding to at least one of the tamper evident circuits, each protective plate being lined with the at least one set of wires.
9. The tamper evident card of claim 8, each shield being an FPC.
10. The tamper evident card of claim 7, a side of the tamper evident card not covered by the protective cover, the at least one set of wires also routed in the side.
11. The tamper evident card of any one of claims 1 to 4, further comprising:
the first anti-disassembly circuit comprises at least one first contact point used for connecting the protective cover with the anti-leakage board card, and the at least one first contact point is disconnected in response to the protective cover being opened, so that the first anti-disassembly circuit is disconnected, and then a zero setting circuit in the anti-leakage board card is triggered to send out an alarm and clear data signals in the anti-leakage board card.
12. The tamper evident card of any one of claims 1 to 4, further comprising:
the shell is arranged on the outer side of the printed circuit board and is used for physically protecting the sensitive devices and the chips on the anti-leakage board card;
the second anti-disassembly circuit comprises at least one second contact point, the second anti-disassembly circuit is used for connecting the shell with the anti-leakage board card, the at least one second contact point is disconnected in response to the shell being opened, so that the second anti-disassembly circuit is disconnected, and then a zero setting circuit in the anti-leakage board card is triggered to send out an alarm and clear out data signals in the anti-leakage board card.
13. An electronic device, comprising: a tamper evident card as defined in any one of claims 1 to 12.
14. The electronic device of claim 13, the electronic device being a server or an all-in-one machine supporting privacy computing.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211721064.1A CN116432252A (en) | 2022-12-30 | 2022-12-30 | Anti-disclosure board card, anti-disclosure method and electronic equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211721064.1A CN116432252A (en) | 2022-12-30 | 2022-12-30 | Anti-disclosure board card, anti-disclosure method and electronic equipment |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN116432252A true CN116432252A (en) | 2023-07-14 |
Family
ID=87080308
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202211721064.1A Pending CN116432252A (en) | 2022-12-30 | 2022-12-30 | Anti-disclosure board card, anti-disclosure method and electronic equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN116432252A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113496047A (en) * | 2021-07-29 | 2021-10-12 | 深圳市纽创信安科技开发有限公司 | Electronic password card with anti-disassembly protection |
| CN113496047B (en) * | 2021-07-29 | 2024-04-30 | 深圳市纽创信安科技开发有限公司 | Electronic cipher card with anti-disassembly protection |
-
2022
- 2022-12-30 CN CN202211721064.1A patent/CN116432252A/en active Pending
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113496047A (en) * | 2021-07-29 | 2021-10-12 | 深圳市纽创信安科技开发有限公司 | Electronic password card with anti-disassembly protection |
| CN113496047B (en) * | 2021-07-29 | 2024-04-30 | 深圳市纽创信安科技开发有限公司 | Electronic cipher card with anti-disassembly protection |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US7791898B2 (en) | Security apparatus | |
| CN105051751B (en) | For protecting circuit unit from the security module of unauthorized access | |
| US8836509B2 (en) | Security device | |
| US8223503B2 (en) | Security cover for protecting the components mounted on a printed circuit board (PCB) against being attached | |
| JP2002529928A (en) | Protection circuit for IC integrated circuit | |
| CN101611382A (en) | Anti-tamper protected enclosure | |
| JP6905473B2 (en) | Integrated circuit chip protection against physical and / or electrical changes | |
| US20170286725A1 (en) | Penetration detection boundary having a heat sink | |
| US11886626B2 (en) | Physical barrier to inhibit a penetration attack | |
| US20140146485A1 (en) | Technique for intrusion detection | |
| JP5062705B1 (en) | Flexible printed cable and information processing apparatus | |
| US7701244B2 (en) | False connection for defeating microchip exploitation | |
| WO2009036610A1 (en) | Safety protection device | |
| TW201939344A (en) | Keypad apparatus and method of providing keypad and security attack detection | |
| KR20080033418A (en) | Security method for data protection | |
| CN113574570B (en) | Apparatus and method for tamper detection | |
| CN116432252A (en) | Anti-disclosure board card, anti-disclosure method and electronic equipment | |
| US10719633B2 (en) | Inhibiting a penetration attack | |
| JP6462923B1 (en) | Information protection device and electronic device | |
| ES2707364T3 (en) | Intrusion detection system | |
| BRPI1101001A2 (en) | method of mechanical and electronic protection of safety equipment based on plates and tapes | |
| BRMU9103184Y1 (en) | constructive arrangement of electronic and mechanical protection of sensitive electronic circuits |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |