CN218451091U - Device for preventing electromagnetic analysis from side channel attack and electronic equipment - Google Patents
Device for preventing electromagnetic analysis from side channel attack and electronic equipment Download PDFInfo
- Publication number
- CN218451091U CN218451091U CN202222342774.5U CN202222342774U CN218451091U CN 218451091 U CN218451091 U CN 218451091U CN 202222342774 U CN202222342774 U CN 202222342774U CN 218451091 U CN218451091 U CN 218451091U
- Authority
- CN
- China
- Prior art keywords
- encryption module
- electromagnetic
- pin
- module
- connection point
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Abstract
The utility model provides a device and electronic equipment that anti-electromagnetic analysis carries out side channel attack relates to the information security field, and above-mentioned device includes: the electromagnetic shielding cover is used as a cover body of the encryption module and is used for shielding electromagnetic radiation energy when the encryption module operates; the inner surface of the electromagnetic shielding cover is provided with at least one connecting point, and the connecting point is used for connecting one pin of the encryption module or a pin for connecting peripheral circuits of the encryption module to a destination terminal. According to the utility model provides a device and electronic equipment that anti-electromagnetic analysis carries out side channel attack can avoid the hacker to acquire the electromagnetic radiation wave form from the source, has directly stopped the hacker and has stolen the possibility of key through analysis electromagnetic radiation wave, can not increase the key verification time moreover, can not influence user experience.
Description
Technical Field
The utility model relates to an information security field especially relates to an anti-electromagnetic analysis carries out device and electronic equipment of side channel attack.
Technical Field
With the progress of modern science and technology, especially information technology, embedded devices, systems and communication networks have been developed at a high speed and widely used, so that people can communicate information in various ways in different places, however, many information safety and reliability problems emerge while enjoying the convenience brought by the modern information technology, which is changing day by day, wherein the information safety problem is particularly prominent and is a key concern of people. In practical applications, for an electronic device with security protection implemented by using a cryptographic module for encryption, internal state information of the electronic device is leaked in a form of energy consumption during operation, and information related to a key used by a cryptographic algorithm is called side information. In the process of attacking the cryptographic module, an attacker can recover secret information such as a key by using various side information analysis technologies, so that each device with an encryption algorithm needs to be protected safely, and a device for preventing electromagnetic analysis from side channel attack is needed, so that a hacker is prevented from recovering the key by using the side information analysis technology through energy consumption analysis.
Disclosure of Invention
The utility model provides a device and electronic equipment that anti-electromagnetic analysis carries out side channel attack can avoid the hacker to acquire the electromagnetic radiation wave form from the source, has directly stopped the hacker and has stolen the possibility of getting the key through analysis electromagnetic radiation wave, can not increase the key verification time moreover, can not influence user experience.
In a first aspect, the utility model provides a device that anti-electromagnetic analysis carries out side channel attack, include: the electromagnetic shielding cover is used as a cover body of the encryption module and is used for shielding electromagnetic radiation energy when the encryption module operates;
the inner surface of the electromagnetic shielding cover is provided with at least one connecting point, and the connecting point is used for connecting one pin of the encryption module or a pin for connecting peripheral circuits of the encryption module to a destination terminal.
In one or more possible embodiments, the peripheral circuit is a switch circuit between the power supply terminal connection and the encryption module, and the connection point is used for connecting the control terminal of the switch circuit to the control signal terminal.
In one or more possible embodiments, the switch circuit is a MOS transistor, and the connection point is used to connect the control terminal of the MOS transistor between the power supply terminal connection and the encryption module to the ground.
In one or more possible embodiments, the connection point is also used to connect the integrated circuit bus IIC address configuration pin of the cryptographic module to ground.
In one or more possible embodiments, the electromagnetic shield is a unitary structure.
In one or more possible embodiments, the connection points are solder points for connecting one of the pins of the cryptographic module or a pin connecting a peripheral circuit of the cryptographic module to the destination terminal by soldering.
In a second aspect, the utility model provides an anti-electromagnetic analysis carries out electronic equipment that side channel attacked, include:
the encryption module is used for encrypting the data by adopting an encryption algorithm;
the electromagnetic shielding cover is used as a cover body of the encryption module and is used for shielding electromagnetic radiation energy when the encryption module operates;
wherein the inner surface of the electromagnetic shield case has at least one connection point for connecting one of the pins of the cryptographic module or a pin connecting a peripheral circuit of the cryptographic module to a destination.
In one or more possible embodiments, the peripheral circuit is a switch circuit between the power supply terminal connection and the encryption module, and the connection point is used for connecting the control terminal of the switch circuit to the control signal terminal.
In one or more possible embodiments, the peripheral circuit is a MOS transistor, and the connection point is used to connect a control terminal of the MOS transistor between the power supply terminal connection and the encryption module to a ground line.
In one or more possible embodiments, the connection point is also used to connect the integrated circuit bus IIC address configuration pin of the cryptographic module to ground.
According to the utility model provides a pair of prevent that electromagnetic analysis carries out device and electronic equipment that side channel attacked arouses electromagnetic radiation's change when preventing the key verification from the hardware, can avoid the hacker to acquire the electromagnetic radiation wave form from the source.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the invention and, together with the description, serve to explain the principles of the invention and are not to constitute an undue limitation on the invention.
Fig. 1 is a schematic diagram of an application environment provided according to an embodiment of the present invention;
fig. 2 is a schematic diagram illustrating an overall configuration according to an embodiment of the present invention;
fig. 3 is a schematic view of an overall configuration according to an embodiment of the present invention;
fig. 4 is a schematic structural diagram of an electromagnetic shield according to an embodiment of the present invention;
fig. 5 is a schematic structural diagram of an electromagnetic shield according to an embodiment of the present invention;
fig. 6 is a schematic diagram of a location of a connection point provided in accordance with an embodiment of the present invention;
fig. 7 is a schematic structural diagram of a peripheral circuit according to an embodiment of the present invention;
fig. 8 is a diagram of an electronic device for preventing electromagnetic analysis from side channel attack according to an embodiment of the present invention;
fig. 9 is a schematic diagram of a module structure provided according to an embodiment of the present invention;
fig. 10 is a schematic diagram of a module structure provided according to an embodiment of the present invention;
fig. 11 is a schematic diagram of a module structure according to an embodiment of the present invention.
Detailed Description
To make the objects, technical solutions and advantages of the present invention more apparent, the present invention will be described in further detail with reference to the accompanying drawings, and it is to be understood that the described embodiments are only some embodiments of the present invention, rather than all embodiments. Based on the embodiments in the present invention, all other embodiments obtained by a person skilled in the art without creative efforts belong to the protection scope of the present invention.
The traditional electromagnetic analysis for side channel attack prevention mainly includes two types: one is to change the side channel leakage characteristics of the cryptographic module in the time dimension, which is mainly accomplished by changing the operation execution time of the cryptographic algorithm; the other type is to hide the side channel leakage characteristics of the cryptographic module in the amplitude dimension and directly make the side information quantity of the operation executed by the cryptographic module equal or randomized. Both methods process the key by an algorithm, so that the side information quantity of the cryptographic module is randomized in the time dimension of the key, and all the operation and operand side information quantities of the cryptographic module are equal as much as possible in the amplitude dimension. The two methods only increase the difficulty of analysis and calculation after a hacker obtains the electromagnetic radiation waveform, the hacker can still obtain the electromagnetic radiation waveform, and the key can be cracked through more calculations.
The utility model provides a device and electronic equipment that anti-electromagnetic analysis carries out side channel attack can avoid the hacker to acquire the electromagnetic radiation wave form from the source, has directly stopped the hacker and has stolen the possibility of key through analysis electromagnetic radiation wave, the utility model provides a device can use various scenes that have cryptographic module, for example cell-phone, computer, earphone etc. as shown in figure 1, for according to the utility model discloses an application environment's of embodiment schematic diagram, include: the encryption module comprises an electromagnetic shielding case 101, an encryption module 102 and a circuit board 103, wherein the encryption module 102 is installed on the circuit board 103, and the electromagnetic shielding case 101 is used for covering the encryption module 102 and is installed on the circuit board 103; carry out the during operation at the encryption module, have the electromagnetic radiation ripples to radiate out, the hacker can carry out the analysis according to the change of electromagnetic radiation ripples and calculate, steals the secret key, according to the utility model provides a device can shield the change of electromagnetic radiation ripples from the source, effectively protects user's secret key safety, data security and privacy security.
In a first aspect, the present invention provides an anti-electromagnetic analysis device for side channel attack, as shown in fig. 2, including:
the electromagnetic shielding cover 201 is used as a cover body of the encryption module and is used for shielding electromagnetic radiation energy generated when the encryption module operates; wherein, the inner surface of the electromagnetic shielding case is provided with at least one connection point 204, and the connection point is used for connecting one pin of the encryption module 202 or a pin for connecting peripheral circuits of the encryption module to a destination 203; in the encryption module and the peripheral circuit, different pins are required to be connected to a destination end in order to ensure the normal work of the encryption module, the destination end comprises a signal end, a power end and a ground wire, the pins can be pins with different functions, one pin or a plurality of pins, and when any pin is disconnected from the destination end, the normal operation of the encryption module can be influenced, so that when the electromagnetic shielding cover is removed, the encryption module is in an abnormal state, and the encryption module can not normally operate and is used for protecting a secret key from being acquired by a hacker.
The embodiment of the utility model provides an electromagnetic shield cover can be used for shielding the electromagnetic radiation energy that sends when encrypting module moves, has directly stopped the possibility that the hacker steals the key through analysis electromagnetic radiation wave, can not increase the key verification time moreover, can not influence user experience.
In one or more possible embodiments, the electromagnetic shielding cover comprises a split electromagnetic shielding cover and an integrated electromagnetic shielding cover, the split electromagnetic shielding cover comprises a shielding cover and a shielding frame surrounding the shielding cover, so that the split electromagnetic shielding cover is convenient for people to detach and maintain, and is troublesome to produce and install during factory production; the integrated electromagnetic shielding cover is convenient to produce, can be produced integrally without being installed during factory production, and is troublesome to disassemble compared with a split electromagnetic shielding cover; the utility model provides an electromagnetic shield cover selects for use integral type electromagnetic shield cover, inconvenient dismouting can improve hacker's deciphering cost.
The integrated electromagnetic shielding cover can be a cuboid without a bottom surface, as shown in fig. 4, a top surface 401 and a side surface 402, or a cylinder without a bottom surface, as shown in fig. 5, a top surface 501 and a side surface 502 are provided, and other shapes can be designed according to practical application conditions.
The principle of the electromagnetic shielding case is as follows: when the electromagnetic wave reaches the inner surface of the electromagnetic shielding cover, the incident wave is reflected due to the impedance discontinuity on the interface of the air and the metal; the energy which is not reflected by the inner surface and runs out of the electromagnetic shielding cover is absorbed by the shielding material in the process of forward propagation in the body; when the residual energy which is not attenuated in the electromagnetic shielding cover is transmitted to the other surface of the material, the residual energy meets the interface with discontinuous metal-air impedance, forms re-reflection and returns back to the interior of the electromagnetic shielding cover. This reflection may be multiple reflections at the interface of the two metals. In summary, the electromagnetic attenuation of the electromagnetic shielding case is mainly accomplished based on the reflection and absorption of the electromagnetic wave.
The inner surface of the electromagnetic shielding case 201 has at least one connection point 204 for connecting one pin of the cryptographic module or a pin of a peripheral circuit of the cryptographic module to a destination, as shown in fig. 6, the connection point is a welding point 601, the pin of the peripheral circuit of the cryptographic module can be connected to the destination, for example, a connection line can be led out from one pin of the cryptographic module to the welding point, another connection line is led out to be welded to the welding point, and another connection line is connected to the destination, and the welding point can also be welded at a connection position between the side surface of the electromagnetic shielding case and the destination.
As shown in fig. 3, the inner surface of the electromagnetic shielding case further has two connection points, which are a connection point 301 and a connection point 302, respectively, for connecting two pins of the encryption module to a destination terminal, and the destination terminal is a ground line for grounding the two pins of the encryption module through the connection point 301 and the connection point 302, and may also be a power terminal or other signal terminals, etc. according to the functions of the pins.
In one or more possible embodiments, the peripheral circuit is a switch circuit between the power supply terminal connection and the encryption module, and the connection point is used for connecting the control terminal of the switch circuit to the control signal terminal.
In one or more possible embodiments, as shown in fig. 7, the switch circuit 701 is a MOS transistor, and the connection point 704 is used to connect the control terminal of the MOS transistor between the power supply terminal 702 connection and the encryption module to the ground line 703.
When the switch circuit is an MOS tube, the control end of the MOS tube between the power supply end connection and the encryption module is connected to the ground wire through the connection point, when the MOS tube is connected to the ground wire and is in a low-level state, the power supply end can supply power to the encryption module, when the electromagnetic shielding cover is detached, the connection point is detached along with the MOS tube, the MOS tube cannot be connected with the ground wire, at the moment, the MOS tube is in a high-level state, the power supply end cannot conduct output current to supply power to the encryption module, and when a hacker detaches the electromagnetic shielding cover, the cipher key verification cannot be performed to acquire information.
In one or more possible embodiments, as shown in FIG. 7, connection point 706 and connection point 708 are also used to connect the integrated circuit bus IIC address configuration pins of the cryptographic module to ground line 705 and ground line 707.
The IIC address configuration pin is used for configuring address information, when the IIC address configuration pin is connected with a ground wire through a connecting point on the electromagnetic shielding cover, the IIC address configuration pin is in a low level state, when the electromagnetic shielding cover is removed, the IIC address configuration pin is changed from the low level state to a high level state, and therefore configured address information is incorrect, and a hacker is prevented from obtaining passwords, information and the like of a user.
In one or more possible embodiments, the present invention further provides an electronic device for preventing electromagnetic analysis from side channel attack, as shown in fig. 8, including:
an encryption module 801, configured to encrypt data by using an encryption algorithm;
the electromagnetic shielding cover 802 is used as a cover body of the encryption module and is used for shielding electromagnetic radiation energy generated when the encryption module operates; the inner surface of the electromagnetic shielding cover is provided with at least one connecting point, and the connecting point is used for connecting one pin of the encryption module or a pin for connecting peripheral circuits of the encryption module to a destination terminal.
The connecting points are fixed on the electromagnetic shielding cover in a welding mode.
The specific implementation of the electromagnetic shielding case is described in the above embodiments, and will not be described in detail here.
In one or more possible embodiments, as shown in fig. 9, the peripheral circuit 901 is a switching circuit between a power supply terminal 903 connection and an encryption module 902, and the connection point is used to connect a control terminal of the switching circuit to a ground line 904. As shown in fig. 10, the peripheral circuit is a MOS transistor 1001, and a connection point 1005 is fixed to an electromagnetic shield 1006 by welding, and is used for connecting a control terminal of the MOS transistor 1001 between the power terminal 1003 and the cryptographic module 1002 to a ground 1004.
In one or more possible embodiments, as shown in FIG. 11, connection points 1103 are also used to connect the integrated circuit bus IIC address configuration pins of cryptographic module 1101 to ground 1102, two of which are connected to ground through connection points on electromagnetic shield 1104.
According to the utility model provides a pair of prevent electromagnetic analysis and carry out device and electronic equipment that side channel attacked can avoid the hacker to acquire the electromagnetic radiation wave form from the source, has directly stopped the hacker and has stolen the possibility of key through analysis electromagnetic radiation wave, can not increase the key verification time moreover, can not influence user experience.
As will be appreciated by one skilled in the art, embodiments of the present invention may be provided as a method, system, or computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present invention has been described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to the invention. It will be understood that each flow and/or block of the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
It will be apparent to those skilled in the art that various changes and modifications may be made without departing from the spirit and scope of the invention. Thus, if such modifications and variations of the present invention fall within the scope of the claims and their equivalents, the present invention is also intended to include such modifications and variations.
Claims (10)
1. An apparatus for preventing side channel attacks from electromagnetic analysis, comprising:
the electromagnetic shielding cover is used as a cover body of the encryption module and is used for shielding electromagnetic radiation energy generated when the encryption module operates;
wherein the inner surface of the electromagnetic shielding cover is provided with at least one connecting point which is used for connecting one pin of the encryption module or a pin for connecting peripheral circuits of the encryption module to a destination terminal.
2. The apparatus according to claim 1, wherein the peripheral circuit is a switch circuit between a power terminal connection and the cryptographic module, and the connection point is used for connecting a control terminal of the switch circuit to a control signal terminal.
3. The apparatus of claim 2, wherein the switching circuit is a MOS transistor, and the connection point is configured to connect a control terminal of the MOS transistor between the power terminal connection and the encryption module to a ground line.
4. The apparatus of any of claims 1-3, wherein the connection point is further configured to connect an integrated circuit bus IIC address configuration pin of the cryptographic module to ground.
5. The apparatus of claim 1, wherein the electromagnetic shield is a unitary structure.
6. The apparatus of claim 1, wherein the connection point is a solder joint for connecting one pin of the cryptographic module or a pin of a peripheral circuit connected to the cryptographic module to the destination terminal by soldering.
7. An electronic device for preventing electromagnetic analysis from side channel attack, comprising:
the encryption module is used for encrypting the data by adopting an encryption algorithm;
the electromagnetic shielding cover is used as a cover body of the encryption module and is used for shielding electromagnetic radiation energy generated when the encryption module operates;
wherein the inner surface of the electromagnetic shielding cover is provided with at least one connecting point which is used for connecting one pin of the encryption module or a pin for connecting peripheral circuits of the encryption module to a destination terminal.
8. The electronic device according to claim 7, wherein the peripheral circuit is a switch circuit between a power supply terminal connection and the encryption module, and the connection point is used for connecting a control terminal of the switch circuit to a control signal terminal.
9. The electronic device of claim 7, wherein the peripheral circuit is a MOS transistor, and the connection point is configured to connect a control terminal of the MOS transistor between the power terminal connection and the encryption module to a ground line.
10. The electronic device of claim 7, wherein the connection point is further configured to connect an integrated circuit bus (IIC) address configuration pin of the cryptographic module to ground.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202222342774.5U CN218451091U (en) | 2022-08-31 | 2022-08-31 | Device for preventing electromagnetic analysis from side channel attack and electronic equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202222342774.5U CN218451091U (en) | 2022-08-31 | 2022-08-31 | Device for preventing electromagnetic analysis from side channel attack and electronic equipment |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN218451091U true CN218451091U (en) | 2023-02-03 |
Family
ID=85102071
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202222342774.5U Active CN218451091U (en) | 2022-08-31 | 2022-08-31 | Device for preventing electromagnetic analysis from side channel attack and electronic equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN218451091U (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116961792A (en) * | 2023-04-24 | 2023-10-27 | 浙江大学 | Equipment digital evidence obtaining device and evidence obtaining method based on electromagnetic side channel |
-
2022
- 2022-08-31 CN CN202222342774.5U patent/CN218451091U/en active Active
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116961792A (en) * | 2023-04-24 | 2023-10-27 | 浙江大学 | Equipment digital evidence obtaining device and evidence obtaining method based on electromagnetic side channel |
| CN116961792B (en) * | 2023-04-24 | 2024-04-09 | 浙江大学 | Equipment digital evidence obtaining device and evidence obtaining method based on electromagnetic side channel |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Spreitzer et al. | Systematic classification of side-channel attacks: A case study for mobile devices | |
| CN110138749B (en) | Data security protection method and related equipment | |
| CN106529308B (en) | data encryption method and device and mobile terminal | |
| US8700908B2 (en) | System and method for managing secure information within a hybrid portable computing device | |
| US20150186679A1 (en) | Secure processor system without need for manufacturer and user to know encryption information of each other | |
| CN218451091U (en) | Device for preventing electromagnetic analysis from side channel attack and electronic equipment | |
| US10282552B1 (en) | Device blanking | |
| CN105117663A (en) | Encrypted object display method and device for application | |
| CN106301774A (en) | Safety chip, its encryption key generate method and encryption method | |
| CN104125216A (en) | Method, system and terminal capable of improving safety of trusted execution environment | |
| Hayashi et al. | Transient IEMI threats for cryptographic devices | |
| CN110071940A (en) | Software package encipher-decipher method, server, user equipment and storage medium | |
| CN113722683B (en) | Model protection method, device, equipment, system and storage medium | |
| CN105825599B (en) | A kind of multiple-protection system, method and the POS machine of the anti-intrusion of POS machine | |
| JP2007251783A (en) | Scrambling/descrambling method of data-to-be-processed of semiconductor device, its program, scrambling/descrambling circuit, and semiconductor device provided with them | |
| KR101402827B1 (en) | Pin pad and security method thereof | |
| Hayashi et al. | Introduction to electromagnetic information security | |
| WO2019243299A1 (en) | Improved detection of laser fault injection attacks on cryptographic devices | |
| CN114697007B (en) | Key management method, corresponding device and system | |
| US20200245133A1 (en) | Method for automatically encrypting short message, storage device and mobile terminal | |
| CN106127034B (en) | A kind of method, apparatus that anti-locking system is maliciously closed and electronic equipment | |
| US20160119136A1 (en) | Cryptographic device and secret key protection method | |
| US20090172388A1 (en) | Personal guard | |
| Rahimi et al. | Trends and challenges in ensuring security for low-power and high-performance embedded SoCs | |
| CN110932853B (en) | Key management device and key management method based on trusted module |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| GR01 | Patent grant | ||
| GR01 | Patent grant |