JP2001268071A - Anti-tamper encryption device - Google Patents
Anti-tamper encryption deviceInfo
- Publication number
- JP2001268071A JP2001268071A JP2000074177A JP2000074177A JP2001268071A JP 2001268071 A JP2001268071 A JP 2001268071A JP 2000074177 A JP2000074177 A JP 2000074177A JP 2000074177 A JP2000074177 A JP 2000074177A JP 2001268071 A JP2001268071 A JP 2001268071A
- Authority
- JP
- Japan
- Prior art keywords
- circuit
- tamper
- configuration data
- data
- encryption device
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H03—ELECTRONIC CIRCUITRY
- H03K—PULSE TECHNIQUE
- H03K19/00—Logic circuits, i.e. having at least two inputs acting on one output; Inverting circuits
- H03K19/02—Logic circuits, i.e. having at least two inputs acting on one output; Inverting circuits using specified components
- H03K19/173—Logic circuits, i.e. having at least two inputs acting on one output; Inverting circuits using specified components using elementary logic circuits as components
- H03K19/177—Logic circuits, i.e. having at least two inputs acting on one output; Inverting circuits using specified components using elementary logic circuits as components arranged in matrix form
- H03K19/17748—Structural details of configuration resources
- H03K19/17768—Structural details of configuration resources for security
Abstract
Description
【0001】[0001]
【発明の属する技術分野】本発明は、耐タンパー暗号装
置に関し、特に、暗号演算回路の回路構成を動的に変更
できる耐タンパー暗号装置に関する。The present invention relates to a tamper-resistant encryption device, and more particularly to a tamper-resistant encryption device capable of dynamically changing the circuit configuration of a cryptographic operation circuit.
【0002】[0002]
【従来の技術】従来の暗号回路は、回路構成が固定され
ていたため、暗号装置の入出力信号を暗号化しても、D
PA(Differential Power Analysis:消費電力の変動
を観測し、内部の暗号処理を推定することで秘密のデー
タを得る暗号回路攻撃方法)により、内部の演算内容が
解析できてしまう。これを避けるため、プログラムある
いはマイクロプログラムを書き換えて処理方法を変える
か、複数の回路を切り換えて演算を行なっている。2. Description of the Related Art A conventional cryptographic circuit has a fixed circuit configuration.
PA (Differential Power Analysis: a cryptographic circuit attack method that obtains secret data by observing fluctuations in power consumption and estimating internal cryptographic processing) can analyze the contents of internal computations. In order to avoid this, the processing is changed by rewriting the program or the microprogram, or the operation is performed by switching a plurality of circuits.
【0003】[0003]
【発明が解決しようとする課題】しかし、上記従来の暗
号回路では、プログラムの書換えに時間がかかってDP
A攻撃に有効に対処できず、暗号処理も高速に行なえな
かった。また、回路を複数にすると回路規模が大きくな
り、低コストで小型軽量にすることができなかった。こ
のように、従来の暗号回路では、効率的にDPA攻撃を
防いでセキュリティを高めることができないという問題
があった。However, in the above-mentioned conventional encryption circuit, it takes a long time to rewrite the program and the DP
The attack could not be effectively dealt with, and the encryption process could not be performed at high speed. Further, when a plurality of circuits are used, the circuit scale becomes large, and it is not possible to reduce the size and weight at low cost. As described above, the conventional encryption circuit has a problem that it is not possible to efficiently prevent a DPA attack and enhance security.
【0004】本発明は、上記従来の問題を解決して、暗
号回路の性能を低下させずにセキュリティを向上させる
ことを目的とする。An object of the present invention is to solve the above-mentioned conventional problems and to improve security without lowering the performance of a cryptographic circuit.
【0005】[0005]
【課題を解決するための手段】上記の課題を解決するた
めに、本発明では、耐タンパー暗号装置を、再コンフィ
グレーション可能な演算回路と、機能的に同一で内部動
作が異なる複数のコンフィグレーションデータを保持す
る回路データ記憶手段と、コンフィグレーションデータ
を演算回路へ書き込む回路更新手段とを具備する構成と
した。このように構成したことにより、同じ演算でも内
部動作が変わり、DPA攻撃が困難になるので、暗号回
路のセキュリティを向上させることができる。In order to solve the above-mentioned problems, according to the present invention, a tamper-resistant encryption device is provided with a reconfigurable arithmetic circuit and a plurality of configurations having the same function but different internal operations. A circuit data storage means for holding data and a circuit updating means for writing configuration data to the arithmetic circuit are provided. With such a configuration, the internal operation changes even with the same operation, and a DPA attack becomes difficult, so that the security of the encryption circuit can be improved.
【0006】[0006]
【発明の実施の形態】以下、本発明の実施の形態につい
て、図1〜図4を参照しながら詳細に説明する。DESCRIPTION OF THE PREFERRED EMBODIMENTS Embodiments of the present invention will be described below in detail with reference to FIGS.
【0007】(第1の実施の形態)本発明の第1の実施
の形態は、暗号演算を実行するFPGA/PLD回路の
コンフィグレーションデータを、同一機能の複数の候補
から選択交換できるようにした耐タンパー暗号装置であ
る。(First Embodiment) In a first embodiment of the present invention, configuration data of an FPGA / PLD circuit for executing a cryptographic operation can be selectively exchanged from a plurality of candidates of the same function. It is a tamper-resistant encryption device.
【0008】図1は、本発明の第1の実施の形態におけ
る耐タンパー暗号装置の機能ブロック図である。図1に
おいて、暗号演算回路1は、回路の再コンフィグレーシ
ョンが可能なデバイスで構成された、暗号化演算と復号
演算を行なう回路である。回路の再コンフィグレーショ
ンが可能なデバイスとは、一度しかコンフィグレーショ
ンできないアンチヒューズではなく、何度も書換えが可
能なSRAM/フラッシュメモリベースのFPGA/P
LDである。例えば、Xilinx社やAltera社の製品などを
利用する。回路更新手段2は、コンフィグレーションデ
ータを暗号演算回路に書き込む手段である。回路記憶手
段3は、コンフィグレーションデータを保持する記憶手
段である。FIG. 1 is a functional block diagram of the tamper-resistant encryption device according to the first embodiment of the present invention. In FIG. 1, a cryptographic operation circuit 1 is a circuit configured to perform an encryption operation and a decryption operation, and is configured by a device capable of reconfiguring the circuit. Devices that can reconfigure circuits are not antifuses that can be configured only once, but SRAM / flash memory-based FPGAs / Ps that can be rewritten many times.
LD. For example, Xilinx or Altera products are used. The circuit updating means 2 is means for writing the configuration data into the cryptographic operation circuit. The circuit storage unit 3 is a storage unit that stores configuration data.
【0009】上記のように構成された本発明の第1の実
施の形態における耐タンパー暗号装置の動作を説明す
る。暗号演算回路1のコンフィグレーションデータとし
て、複数の暗号回路構成データから選択交換できるよう
にする。各暗号回路は、同じデータ入力に対して同じ出
力結果を返すが、内部動作が異なるように設計するた
め、動作中の消費電力の変動パターンが異なる。The operation of the tamper-resistant encryption device according to the first embodiment of the present invention configured as described above will be described. As the configuration data of the cryptographic operation circuit 1, a plurality of cryptographic circuit configuration data can be selectively exchanged. Although each cryptographic circuit returns the same output result for the same data input, since the internal operation is designed differently, the fluctuation pattern of power consumption during operation is different.
【0010】あらかじめ、同じ機能をもつが内部動作の
異なる複数のコンフィグレーションデータを用意する。
例えば、速度(遅延)優先/サイズ優先など、配置配線
ルールを様々に変えたコンフィグレーションデータを用
意する。また、例えば、ベキ乗剰余演算における左向き
/右向き2進展開法など、演算方式が異なる複数のコン
フィグレーションデータを作成する。このようにして、
同じ機能だが内部動作が異なる回路のコンフィグレーシ
ョンデータを複数作成する。A plurality of configuration data having the same function but different internal operations are prepared in advance.
For example, configuration data in which placement and wiring rules are variously changed such as speed (delay) priority / size priority is prepared. Further, for example, a plurality of configuration data having different arithmetic methods, such as a leftward / rightward binary expansion method in a power-residue calculation, is created. In this way,
Create multiple configuration data for circuits with the same function but different internal operations.
【0011】それら複数のコンフィグレーションデータ
を、回路記憶装置3にストックする。回路記憶装置3に
ストックするコンフィグレーションデータは、定期的も
しくは必要に応じて、逐次作成したものを入れ替える。[0011] The plurality of configuration data are stored in the circuit storage device 3. The configuration data to be stocked in the circuit storage device 3 is replaced periodically or as needed.
【0012】任意のトリガにより、回路更新手段2で、
その中の一つのコンフィグレーションデータを選んで、
再コンフィグレーションする。この再コンフィグレーシ
ョンされた回路は、同じ機能を持つが、回路の配線遅延
や演算方式が異なるために、同じデータを処理しても、
消費電力変動パターンに差が生じる。したがって、消費
電力を観測して内部の動作を解析することを防ぐことが
でき、DPA攻撃に対する耐タンパー性が向上する。In response to an arbitrary trigger, the circuit updating means 2
Select one of the configuration data,
Reconfigure. This reconfigured circuit has the same function, but due to differences in circuit wiring delays and arithmetic methods, even when processing the same data,
A difference occurs in the power consumption fluctuation pattern. Therefore, it is possible to prevent the internal operation from being analyzed by observing the power consumption, and the tamper resistance against the DPA attack is improved.
【0013】秘密鍵などの秘密の変数を処理する演算回
路に、外部から既知の変数を自由に入力できる構成の暗
号演算回路では、その消費電力変動パターンを観測する
ことにより、変動パターンと秘密の変数との相関を知る
ことができる。したがって、そのような方式の回路で
は、DPA攻撃の対象となりやすい。しかし、上記のよ
うに、演算回路構成を更新することにより、演算回路と
秘密の変数との間の相関関係が、消費電力の変動を通じ
て観測できないようになる。すなわち、暗号に使う演算
回路そのものではなくて、暗号演算を行なう際の秘密の
変数を保護することができる。In a cryptographic operation circuit having a configuration in which a known variable can be freely input from the outside to an operation circuit for processing a secret variable such as a secret key, the fluctuation pattern and the secret are observed by observing the power consumption fluctuation pattern. You can know the correlation with the variables. Therefore, such a circuit is likely to be a target of a DPA attack. However, as described above, by updating the arithmetic circuit configuration, the correlation between the arithmetic circuit and the secret variable cannot be observed through fluctuations in power consumption. That is, it is possible to protect not only the operation circuit used for encryption but also a secret variable when performing the encryption operation.
【0014】上記のように、本発明の第1の実施の形態
では、耐タンパー暗号装置を、暗号演算を実行するFP
GA/PLD回路のコンフィグレーションデータを、同
一機能の複数の候補から選択交換できるように構成した
ので、DPA攻撃に対する耐タンパー性が向上する。As described above, according to the first embodiment of the present invention, the tamper-resistant encryption device is connected to the FP that executes the cryptographic operation.
Since the configuration data of the GA / PLD circuit can be selectively exchanged from a plurality of candidates of the same function, the tamper resistance against a DPA attack is improved.
【0015】(第2の実施の形態)本発明の第2の実施
の形態は、回路仕様データに基づいてコンフィグレーシ
ョンデータを作成する耐タンパー暗号装置である。(Second Embodiment) A second embodiment of the present invention is a tamper-resistant encryption device that creates configuration data based on circuit specification data.
【0016】図2は、本発明の第2の実施の形態におけ
る耐タンパー暗号装置の機能ブロック図である。第2の
実施の形態の基本的構成は、第1の実施の形態と同じで
ある。第2の実施の形態が第1の実施の形態と異なると
ころは、回路生成手段と仕様記憶手段を設けた点であ
る。図2において、回路生成手段4は、回路仕様データ
からコンフィグレーションデータを生成する手段であ
る。仕様記憶手段5は、回路仕様データを保持するメモ
リである。FIG. 2 is a functional block diagram of a tamper-resistant encryption device according to a second embodiment of the present invention. The basic configuration of the second embodiment is the same as that of the first embodiment. The second embodiment differs from the first embodiment in that a circuit generation unit and a specification storage unit are provided. In FIG. 2, a circuit generating means 4 is means for generating configuration data from circuit specification data. The specification storage means 5 is a memory for holding circuit specification data.
【0017】上記のように構成された本発明の第2の実
施の形態における耐タンパー暗号装置の動作を説明す
る。同一のHDLや論理合成後のbitデータから、様々
なパラメータによる論理合成や配置配線という処理を経
ることによって、様々なタイプのコンフィグレーション
データを作成する。HDLや論理合成後のbitデータ
に、論理合成や配置配線に使用するパラメータも加えて
「回路仕様データ」と呼ぶ。The operation of the tamper-resistant encryption device according to the second embodiment of the present invention configured as described above will be described. Various types of configuration data are created from the same HDL or bit data after logic synthesis through processes such as logic synthesis and placement and routing using various parameters. The parameters used for the logic synthesis and the placement and routing are added to the HDL and the bit data after the logic synthesis, and are called “circuit specification data”.
【0018】あらかじめ、HDLや論理合成後データな
どの回路仕様データを、仕様記憶手段5に記憶してお
く。回路生成手段4で、仕様記憶手段5から読み出した
回路仕様データに従って、論理合成からコンフィグレー
ションデータ作成までを行なう。作成したコンフィグレ
ーションデータを、回路記憶手段3に格納しておく。Circuit specification data such as HDL and data after logic synthesis is stored in the specification storage means 5 in advance. The circuit generation means 4 performs from logic synthesis to configuration data creation according to the circuit specification data read from the specification storage means 5. The created configuration data is stored in the circuit storage unit 3.
【0019】回路記憶手段3に、外部からコンフィグレ
ーションデータを入力することもできる。逆に、暗号チ
ップ外にはコンフィグレーションデータを持たないよう
にしてもよい。回路仕様データを仕様記憶手段5に保持
しておく代わりに、外部から入力することもできる。し
かし、暗号処理に使う演算回路を秘密にするためには、
外部入力は無いほうがよく、そのほうが耐タンパー性は
高い。Configuration data can be externally input to the circuit storage means 3. Conversely, configuration data may not be provided outside the encryption chip. Instead of holding the circuit specification data in the specification storage means 5, the circuit specification data can be inputted from outside. However, in order to keep the arithmetic circuit used for cryptographic processing secret,
It is better not to have an external input, which has higher tamper resistance.
【0020】上記のように、本発明の第2の実施の形態
では、耐タンパー暗号装置を、回路仕様データに基づい
てコンフィグレーションデータを作成する構成としたの
で、多くのコンフィグレーションデータを容易に生成で
きる。As described above, in the second embodiment of the present invention, the tamper-resistant encryption device is configured to create the configuration data based on the circuit specification data. Can be generated.
【0021】(第3の実施の形態)本発明の第3の実施
の形態は、演算途中のデータを退避し、演算途中で演算
回路にコンフィグレーションデータを書き込み、演算途
中のデータを復元して演算を続行する耐タンパー暗号装
置である。(Third Embodiment) In a third embodiment of the present invention, data in the middle of an operation is saved, configuration data is written in an arithmetic circuit in the middle of the operation, and data in the middle of the operation is restored. It is a tamper-resistant encryption device that continues the operation.
【0022】図3は、本発明の第3の実施の形態におけ
る耐タンパー暗号装置の機能ブロック図である。第3の
実施の形態の基本的構成は、第2の実施の形態と同じで
ある。第3の実施の形態が第2の実施の形態と異なると
ころは、退避復元手段とイベント検出手段を設けた点で
ある。図3において、退避復元手段6は、演算途中のデ
ータを退避復元する手段である。イベント検出手段7
は、演算の切れ目などの各種のイベントを検出する手段
である。FIG. 3 is a functional block diagram of a tamper-resistant encryption device according to a third embodiment of the present invention. The basic configuration of the third embodiment is the same as that of the second embodiment. The third embodiment is different from the second embodiment in that a save / restore means and an event detection means are provided. In FIG. 3, the save / restore means 6 is a means for saving / restoring data that is being calculated. Event detection means 7
Is a means for detecting various events such as breaks in computation.
【0023】上記のように構成された本発明の第3の実
施の形態における耐タンパー暗号装置の動作を説明す
る。イベント検出手段7で、演算ステップ数や処理ビッ
ト数に基づいて、演算の切れ目を検出する。回路更新手
段2は、イベント検出信号を受けて、暗号演算回路1の
途中の計算結果を、退避復元手段6のメモリに退避させ
る。回路更新手段2により、暗号演算の途中で演算回路
を書き換えて、暗号演算回路1を再コンフィグレーショ
ンする。その後、退避復元手段6のメモリから演算途中
データを復元して、演算を再開する。同一のデータで演
算を継続することになるので、中間結果が同じになる演
算回路しか使えないことになる。The operation of the tamper-resistant encryption device according to the third embodiment of the present invention configured as described above will be described. The event detecting means 7 detects a break in the calculation based on the number of calculation steps and the number of processing bits. The circuit updating means 2 receives the event detection signal and saves the calculation result in the middle of the cryptographic operation circuit 1 to the memory of the saving and restoring means 6. The arithmetic circuit is rewritten by the circuit updating means 2 in the middle of the cryptographic operation, and the cryptographic operation circuit 1 is reconfigured. Thereafter, the data in the middle of the operation is restored from the memory of the save / restore means 6, and the operation is restarted. Since the operation is continued with the same data, only the operation circuit having the same intermediate result can be used.
【0024】演算途中で演算回路を書き換える再コンフ
ィグレーションの速度について、具体例を説明する。べ
き乗剰余演算回路では、コンフィグレーションデータ
(HEXファイル)のサイズは480KBである。これをバイナ
リに変換すると約240KBとなる。bit換算では1925Kbitで
ある。これを33MHzのPCIクロックで書き込むと、1925Kb
it/33MHz=58.3msecとなる。また、高速なPROM(例え
ば、Xilinx社のXC1800ファミリ)を使った場合、最大500
Mbit/secなので、(1925kbit/1024)/500×1000=3.76m
secとなる。A specific example of the reconfiguration speed at which the arithmetic circuit is rewritten during the arithmetic operation will be described. In the modular exponentiation arithmetic circuit, the size of the configuration data (HEX file) is 480 KB. Converting this to binary results in about 240KB. It is 1925Kbit in bit conversion. When this is written with 33MHz PCI clock, 1925Kb
it / 33MHz = 58.3msec. Also, when using a high-speed PROM (for example, Xilinx's XC1800 family), up to 500
Because it is Mbit / sec, (1925kbit / 1024) /500×1000=3.76m
sec.
【0025】一方、演算速度は、Xilinx社のFPGA(XC408
5XL)で、クロック27MHzの場合、1回のべき乗剰余演算
が2〜3秒かかる。したがって、演算時間の方がはるか
に大きいため、演算途中の回路書換えによって演算速度
が大幅に落ちるようなことはない。On the other hand, the operation speed is determined by the Xilinx FPGA (XC408
5XL), when the clock is 27 MHz, one exponentiation remainder operation takes 2-3 seconds. Therefore, since the operation time is much longer, there is no possibility that the operation speed is greatly reduced by rewriting the circuit during the operation.
【0026】上記のように、本発明の第3の実施の形態
では、耐タンパー暗号装置を、演算途中のデータを退避
し、演算途中で演算回路にコンフィグレーションデータ
を書き込み、演算途中のデータを復元して演算を続行す
る構成としたので、DPAによる解析が一層困難にな
る。As described above, in the third embodiment of the present invention, the tamper-resistant encryption device saves data in the middle of calculation, writes configuration data in the calculation circuit in the middle of calculation, and stores the data in the middle of calculation. Since the configuration is such that restoration is performed and the calculation is continued, analysis by DPA becomes more difficult.
【0027】(第4の実施の形態)本発明の第4の実施
の形態は、タンパー攻撃検出や、タイミング信号や、電
源投入に応じて、演算回路にコンフィグレーションデー
タを書き込む耐タンパー暗号装置である。(Fourth Embodiment) A fourth embodiment of the present invention relates to a tamper-resistant encryption device that writes configuration data to an arithmetic circuit in response to detection of a tamper attack, a timing signal, or power-on. is there.
【0028】図4は、本発明の第4の実施の形態におけ
る耐タンパー暗号装置の機能ブロック図である。第4の
実施の形態の基本的構成は、第3の実施の形態と同じで
ある。第4の実施の形態が第3の実施の形態と異なると
ころは、タンパー検出手段とタイマを設けた点である。
図4において、タンパー検出手段8は、タンパー攻撃を
検出する手段である。タイマ9は、定期的なタイミング
信号を出力する回路である。FIG. 4 is a functional block diagram of a tamper-resistant encryption device according to a fourth embodiment of the present invention. The basic configuration of the fourth embodiment is the same as that of the third embodiment. The fourth embodiment differs from the third embodiment in that a tamper detecting means and a timer are provided.
In FIG. 4, a tamper detecting means 8 is a means for detecting a tamper attack. The timer 9 is a circuit that outputs a periodic timing signal.
【0029】上記のように構成された本発明の第4の実
施の形態における耐タンパー暗号装置の動作を説明す
る。再コンフィギュレーションのトリガとして、タイマ
の出力信号、バッテリー交換検出信号、電源投入検出信
号、タンパー検出信号などを利用する。The operation of the tamper-resistant cryptographic device according to the fourth embodiment of the present invention configured as described above will be described. As a reconfiguration trigger, an output signal of a timer, a battery replacement detection signal, a power-on detection signal, a tamper detection signal, and the like are used.
【0030】タイマ9で、定期的なタイミング信号を発
生し、イベント検出手段7で演算の切れ目を検出する
と、再コンフィギュレーションのトリガをかける。タイ
マ9で、ランダムなタイミング信号を発生させてもよ
い。タンパー検出手段8で、バッテリー交換や電源投入
を検出した際にも、再コンフィギュレーションする。こ
れは、タンパー攻撃の際に、電源再投入を伴うことが多
いからである。When the timer 9 generates a periodic timing signal and the event detecting means 7 detects a break in the operation, a reconfiguration trigger is activated. The timer 9 may generate a random timing signal. Reconfiguration is also performed when the tamper detector 8 detects battery replacement or power-on. This is because a tamper attack often involves turning on the power again.
【0031】特に、タンパー検出手段8で、電源電圧の
変動を検出して、タンパー攻撃があったことを検知す
る。これは、電源インピーダンスを高くして電源電圧の
変動を観測しやすくする方法でタンパー攻撃を行なうこ
とが多いからである。逆に、タンパー検出手段8で、電
源電圧の変動の大きいコンフィグレーションデータを選
別して除き、電源電圧変動の少ないコンフィグレーショ
ンデータのみを保持しておくことで、耐タンパー性を高
めることもできる。In particular, the tamper detecting means 8 detects a change in the power supply voltage to detect that a tamper attack has occurred. This is because a tamper attack is often performed by a method in which power supply impedance is increased to make it easier to observe fluctuations in power supply voltage. Conversely, the tamper detection means 8 selects and removes configuration data having a large fluctuation in power supply voltage, and retains only configuration data having a small fluctuation in power supply voltage, thereby improving tamper resistance.
【0032】上記のように、本発明の第4の実施の形態
では、耐タンパー暗号装置を、タンパー攻撃検出や、タ
イミング信号や、電源投入に応じて、演算回路にコンフ
ィグレーションデータを書き込む構成としたので、DP
Aで同じ信号を観測することがほとんどなくなる。As described above, in the fourth embodiment of the present invention, the tamper-resistant encryption device is configured to write the configuration data into the arithmetic circuit in response to the detection of a tamper attack, a timing signal, or power-on. So, DP
It is almost impossible to observe the same signal at A.
【0033】[0033]
【発明の効果】以上の説明から明らかなように、本発明
では、耐タンパー暗号装置を、再コンフィグレーション
可能な演算回路と、機能的に同一で内部動作が異なる複
数のコンフィグレーションデータを保持する回路データ
記憶手段と、コンフィグレーションデータを演算回路へ
書き込む回路更新手段とを具備する構成としたので、D
PAが困難になって耐タンパー性が高まり、暗号回路の
セキュリティが向上するという効果が得られる。As is apparent from the above description, in the present invention, the tamper-resistant encryption device holds a reconfigurable arithmetic circuit and a plurality of configuration data which are functionally the same and have different internal operations. Since the configuration includes circuit data storage means and circuit update means for writing configuration data to the arithmetic circuit, D
An effect is obtained that PA becomes difficult, tamper resistance increases, and security of the encryption circuit improves.
【図1】本発明の第1の実施の形態における耐タンパー
暗号装置の機能ブロック図、FIG. 1 is a functional block diagram of a tamper-resistant encryption device according to a first embodiment of the present invention;
【図2】本発明の第2の実施の形態における耐タンパー
暗号装置の機能ブロック図、FIG. 2 is a functional block diagram of a tamper-resistant encryption device according to a second embodiment of the present invention;
【図3】本発明の第3の実施の形態における耐タンパー
暗号装置の機能ブロック図、FIG. 3 is a functional block diagram of a tamper-resistant encryption device according to a third embodiment of the present invention;
【図4】本発明の第4の実施の形態における耐タンパー
暗号装置の機能ブロック図である。FIG. 4 is a functional block diagram of a tamper-resistant encryption device according to a fourth embodiment of the present invention.
1 暗号演算回路 2 回路更新手段 3 回路記憶手段 4 回路生成手段 5 仕様記憶手段 6 退避復元手段 7 イベント検出手段 8 タンパー検出手段 9 タイマ DESCRIPTION OF SYMBOLS 1 Cryptographic operation circuit 2 Circuit updating means 3 Circuit storing means 4 Circuit generating means 5 Specification storing means 6 Evacuation and restoring means 7 Event detecting means 8 Tamper detecting means 9 Timer
Claims (4)
と、機能的に同一で内部動作が異なる回路を構成するた
めの複数のコンフィグレーションデータを保持する回路
データ記憶手段と、前記コンフィグレーションデータを
前記演算回路へ書き込む回路更新手段とを具備すること
を特徴とする耐タンパー暗号装置。1. A reconfigurable arithmetic circuit, circuit data storage means for storing a plurality of configuration data for configuring a circuit having the same function and different internal operations, and performing the arithmetic operation on the configuration data A tamper-resistant encryption device, comprising: a circuit updating means for writing to a circuit.
グレーションデータを作成する回路生成手段を設けたこ
とを特徴とする請求項1記載の耐タンパー暗号装置。2. The tamper-resistant encryption device according to claim 1, further comprising circuit generation means for generating the configuration data based on circuit specification data.
を退避し復元する手段を設け、前記回路更新手段に、演
算途中で前記演算回路に前記中間データで演算継続可能
な回路のコンフィグレーションデータを書き込む手段を
設けたことを特徴とする請求項1記載の耐タンパー暗号
装置。3. The arithmetic circuit is provided with means for saving and restoring intermediate data during the operation, and the circuit updating means is provided with configuration data of a circuit capable of continuing the arithmetic operation with the intermediate data in the arithmetic circuit during the operation. 2. A tamper-resistant encryption device according to claim 1, further comprising means for writing a password.
号を出力するタンパー検出手段と、一定時間ごとまたは
ランダムにタイミング信号を出力するタイマと、前記タ
ンパー検出信号と前記タイミング信号と電源投入信号と
の少なくとも1つに応じてイベント検出信号を出力する
イベント検出手段とを設け、前記回路更新手段に、前記
イベント検出信号に応じて前記演算回路に更新回路デー
タを書き込む手段を設けたことを特徴とする請求項1記
載の耐タンパー暗号装置。4. A tamper detecting means for detecting a tamper attack and outputting a tamper detection signal, a timer for outputting a timing signal at regular time intervals or at random, and a timer for outputting the tamper detection signal, the timing signal and the power-on signal. An event detection unit that outputs an event detection signal in accordance with at least one of the circuit units; and the circuit updating unit includes a unit that writes updated circuit data to the arithmetic circuit in response to the event detection signal. The tamper-resistant encryption device according to claim 1.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| JP2000074177A JP2001268071A (en) | 2000-03-16 | 2000-03-16 | Anti-tamper encryption device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| JP2000074177A JP2001268071A (en) | 2000-03-16 | 2000-03-16 | Anti-tamper encryption device |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| JP2001268071A true JP2001268071A (en) | 2001-09-28 |
Family
ID=18592272
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| JP2000074177A Pending JP2001268071A (en) | 2000-03-16 | 2000-03-16 | Anti-tamper encryption device |
Country Status (1)
| Country | Link |
|---|---|
| JP (1) | JP2001268071A (en) |
Cited By (22)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP2006526227A (en) * | 2003-05-23 | 2006-11-16 | ワシントン ユニヴァーシティー | Intelligent data storage and processing using FPGA devices |
| JP2006345242A (en) * | 2005-06-09 | 2006-12-21 | Sony Corp | Encoding/decoding processing circuit and system thereof |
| JP2007180810A (en) * | 2005-12-27 | 2007-07-12 | Fuji Xerox Co Ltd | Electronic circuit and method for using programmable logical device |
| JP2007228141A (en) * | 2006-02-22 | 2007-09-06 | Hitachi Ltd | Encryption processing method and apparatus |
| JP2009200617A (en) * | 2008-02-19 | 2009-09-03 | Mitsubishi Electric Corp | Logic-changeable device |
| JP2010104018A (en) * | 2009-12-16 | 2010-05-06 | Research In Motion Ltd | System and method for protecting data on communication apparatus |
| US7921046B2 (en) | 2006-06-19 | 2011-04-05 | Exegy Incorporated | High speed processing of financial information using FPGA devices |
| US8078869B2 (en) | 2003-02-28 | 2011-12-13 | Research In Motion Limited | System and method of protecting data on a communication device |
| US8095508B2 (en) | 2000-04-07 | 2012-01-10 | Washington University | Intelligent data storage and processing using FPGA devices |
| US8379841B2 (en) | 2006-03-23 | 2013-02-19 | Exegy Incorporated | Method and system for high throughput blockwise independent encryption/decryption |
| US8762249B2 (en) | 2008-12-15 | 2014-06-24 | Ip Reservoir, Llc | Method and apparatus for high-speed processing of financial market depth data |
| JP2014120974A (en) * | 2012-12-18 | 2014-06-30 | Dainippon Printing Co Ltd | Cipher token and cipher processing system |
| JP2014178809A (en) * | 2013-03-14 | 2014-09-25 | Fujitsu Advanced Engineering Ltd | Electronic device, circuit data protection device and circuit data protection method |
| US8879727B2 (en) | 2007-08-31 | 2014-11-04 | Ip Reservoir, Llc | Method and apparatus for hardware-accelerated encryption/decryption |
| JP2017117065A (en) * | 2015-12-22 | 2017-06-29 | 株式会社Pfu | Information processing device, information processing method, and program |
| US9990393B2 (en) | 2012-03-27 | 2018-06-05 | Ip Reservoir, Llc | Intelligent feed switch |
| US10037568B2 (en) | 2010-12-09 | 2018-07-31 | Ip Reservoir, Llc | Method and apparatus for managing orders in financial markets |
| US10121196B2 (en) | 2012-03-27 | 2018-11-06 | Ip Reservoir, Llc | Offload processing of data packets containing financial market data |
| US10572824B2 (en) | 2003-05-23 | 2020-02-25 | Ip Reservoir, Llc | System and method for low latency multi-functional pipeline with correlation logic and selectively activated/deactivated pipelined data processing engines |
| US10650452B2 (en) | 2012-03-27 | 2020-05-12 | Ip Reservoir, Llc | Offload processing of data packets |
| US10846624B2 (en) | 2016-12-22 | 2020-11-24 | Ip Reservoir, Llc | Method and apparatus for hardware-accelerated machine learning |
| US11436672B2 (en) | 2012-03-27 | 2022-09-06 | Exegy Incorporated | Intelligent switch for processing financial market data |
-
2000
- 2000-03-16 JP JP2000074177A patent/JP2001268071A/en active Pending
Cited By (62)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8095508B2 (en) | 2000-04-07 | 2012-01-10 | Washington University | Intelligent data storage and processing using FPGA devices |
| US8078869B2 (en) | 2003-02-28 | 2011-12-13 | Research In Motion Limited | System and method of protecting data on a communication device |
| US9154469B2 (en) | 2003-02-28 | 2015-10-06 | Blackberry Limited | System and method of protecting data on a communication device |
| US8386778B2 (en) | 2003-02-28 | 2013-02-26 | Research In Motion Limited | System and method of protecting data on a communication device |
| JP2006526227A (en) * | 2003-05-23 | 2006-11-16 | ワシントン ユニヴァーシティー | Intelligent data storage and processing using FPGA devices |
| US8620881B2 (en) | 2003-05-23 | 2013-12-31 | Ip Reservoir, Llc | Intelligent data storage and processing using FPGA devices |
| US10719334B2 (en) | 2003-05-23 | 2020-07-21 | Ip Reservoir, Llc | Intelligent data storage and processing using FPGA devices |
| US8751452B2 (en) | 2003-05-23 | 2014-06-10 | Ip Reservoir, Llc | Intelligent data storage and processing using FPGA devices |
| US11275594B2 (en) | 2003-05-23 | 2022-03-15 | Ip Reservoir, Llc | Intelligent data storage and processing using FPGA devices |
| US10929152B2 (en) | 2003-05-23 | 2021-02-23 | Ip Reservoir, Llc | Intelligent data storage and processing using FPGA devices |
| US9176775B2 (en) | 2003-05-23 | 2015-11-03 | Ip Reservoir, Llc | Intelligent data storage and processing using FPGA devices |
| US8768888B2 (en) | 2003-05-23 | 2014-07-01 | Ip Reservoir, Llc | Intelligent data storage and processing using FPGA devices |
| US10572824B2 (en) | 2003-05-23 | 2020-02-25 | Ip Reservoir, Llc | System and method for low latency multi-functional pipeline with correlation logic and selectively activated/deactivated pipelined data processing engines |
| US10346181B2 (en) | 2003-05-23 | 2019-07-09 | Ip Reservoir, Llc | Intelligent data storage and processing using FPGA devices |
| US9898312B2 (en) | 2003-05-23 | 2018-02-20 | Ip Reservoir, Llc | Intelligent data storage and processing using FPGA devices |
| JP2006345242A (en) * | 2005-06-09 | 2006-12-21 | Sony Corp | Encoding/decoding processing circuit and system thereof |
| JP2007180810A (en) * | 2005-12-27 | 2007-07-12 | Fuji Xerox Co Ltd | Electronic circuit and method for using programmable logical device |
| JP2007228141A (en) * | 2006-02-22 | 2007-09-06 | Hitachi Ltd | Encryption processing method and apparatus |
| US8009827B2 (en) | 2006-02-22 | 2011-08-30 | Hitachi, Ltd. | Encryption processing method and encryption processing device |
| US8379841B2 (en) | 2006-03-23 | 2013-02-19 | Exegy Incorporated | Method and system for high throughput blockwise independent encryption/decryption |
| US8983063B1 (en) | 2006-03-23 | 2015-03-17 | Ip Reservoir, Llc | Method and system for high throughput blockwise independent encryption/decryption |
| US8737606B2 (en) | 2006-03-23 | 2014-05-27 | Ip Reservoir, Llc | Method and system for high throughput blockwise independent encryption/decryption |
| US8595104B2 (en) | 2006-06-19 | 2013-11-26 | Ip Reservoir, Llc | High speed processing of financial information using FPGA devices |
| US10169814B2 (en) | 2006-06-19 | 2019-01-01 | Ip Reservoir, Llc | High speed processing of financial information using FPGA devices |
| US11182856B2 (en) | 2006-06-19 | 2021-11-23 | Exegy Incorporated | System and method for routing of streaming data as between multiple compute resources |
| US10817945B2 (en) | 2006-06-19 | 2020-10-27 | Ip Reservoir, Llc | System and method for routing of streaming data as between multiple compute resources |
| US7921046B2 (en) | 2006-06-19 | 2011-04-05 | Exegy Incorporated | High speed processing of financial information using FPGA devices |
| US8407122B2 (en) | 2006-06-19 | 2013-03-26 | Exegy Incorporated | High speed processing of financial information using FPGA devices |
| US8655764B2 (en) | 2006-06-19 | 2014-02-18 | Ip Reservoir, Llc | High speed processing of financial information using FPGA devices |
| US8626624B2 (en) | 2006-06-19 | 2014-01-07 | Ip Reservoir, Llc | High speed processing of financial information using FPGA devices |
| US8600856B2 (en) | 2006-06-19 | 2013-12-03 | Ip Reservoir, Llc | High speed processing of financial information using FPGA devices |
| US10504184B2 (en) | 2006-06-19 | 2019-12-10 | Ip Reservoir, Llc | Fast track routing of streaming data as between multiple compute resources |
| US9582831B2 (en) | 2006-06-19 | 2017-02-28 | Ip Reservoir, Llc | High speed processing of financial information using FPGA devices |
| US9672565B2 (en) | 2006-06-19 | 2017-06-06 | Ip Reservoir, Llc | High speed processing of financial information using FPGA devices |
| US10467692B2 (en) | 2006-06-19 | 2019-11-05 | Ip Reservoir, Llc | High speed processing of financial information using FPGA devices |
| US8478680B2 (en) | 2006-06-19 | 2013-07-02 | Exegy Incorporated | High speed processing of financial information using FPGA devices |
| US9916622B2 (en) | 2006-06-19 | 2018-03-13 | Ip Reservoir, Llc | High speed processing of financial information using FPGA devices |
| US10360632B2 (en) | 2006-06-19 | 2019-07-23 | Ip Reservoir, Llc | Fast track routing of streaming data using FPGA devices |
| US8458081B2 (en) | 2006-06-19 | 2013-06-04 | Exegy Incorporated | High speed processing of financial information using FPGA devices |
| US9363078B2 (en) | 2007-03-22 | 2016-06-07 | Ip Reservoir, Llc | Method and apparatus for hardware-accelerated encryption/decryption |
| US8879727B2 (en) | 2007-08-31 | 2014-11-04 | Ip Reservoir, Llc | Method and apparatus for hardware-accelerated encryption/decryption |
| JP2009200617A (en) * | 2008-02-19 | 2009-09-03 | Mitsubishi Electric Corp | Logic-changeable device |
| US10929930B2 (en) | 2008-12-15 | 2021-02-23 | Ip Reservoir, Llc | Method and apparatus for high-speed processing of financial market depth data |
| US11676206B2 (en) | 2008-12-15 | 2023-06-13 | Exegy Incorporated | Method and apparatus for high-speed processing of financial market depth data |
| US8762249B2 (en) | 2008-12-15 | 2014-06-24 | Ip Reservoir, Llc | Method and apparatus for high-speed processing of financial market depth data |
| US10062115B2 (en) | 2008-12-15 | 2018-08-28 | Ip Reservoir, Llc | Method and apparatus for high-speed processing of financial market depth data |
| US8768805B2 (en) | 2008-12-15 | 2014-07-01 | Ip Reservoir, Llc | Method and apparatus for high-speed processing of financial market depth data |
| JP2010104018A (en) * | 2009-12-16 | 2010-05-06 | Research In Motion Ltd | System and method for protecting data on communication apparatus |
| US11803912B2 (en) | 2010-12-09 | 2023-10-31 | Exegy Incorporated | Method and apparatus for managing orders in financial markets |
| US10037568B2 (en) | 2010-12-09 | 2018-07-31 | Ip Reservoir, Llc | Method and apparatus for managing orders in financial markets |
| US11397985B2 (en) | 2010-12-09 | 2022-07-26 | Exegy Incorporated | Method and apparatus for managing orders in financial markets |
| US10963962B2 (en) | 2012-03-27 | 2021-03-30 | Ip Reservoir, Llc | Offload processing of data packets containing financial market data |
| US10872078B2 (en) | 2012-03-27 | 2020-12-22 | Ip Reservoir, Llc | Intelligent feed switch |
| US10650452B2 (en) | 2012-03-27 | 2020-05-12 | Ip Reservoir, Llc | Offload processing of data packets |
| US9990393B2 (en) | 2012-03-27 | 2018-06-05 | Ip Reservoir, Llc | Intelligent feed switch |
| US11436672B2 (en) | 2012-03-27 | 2022-09-06 | Exegy Incorporated | Intelligent switch for processing financial market data |
| US10121196B2 (en) | 2012-03-27 | 2018-11-06 | Ip Reservoir, Llc | Offload processing of data packets containing financial market data |
| JP2014120974A (en) * | 2012-12-18 | 2014-06-30 | Dainippon Printing Co Ltd | Cipher token and cipher processing system |
| JP2014178809A (en) * | 2013-03-14 | 2014-09-25 | Fujitsu Advanced Engineering Ltd | Electronic device, circuit data protection device and circuit data protection method |
| JP2017117065A (en) * | 2015-12-22 | 2017-06-29 | 株式会社Pfu | Information processing device, information processing method, and program |
| US10846624B2 (en) | 2016-12-22 | 2020-11-24 | Ip Reservoir, Llc | Method and apparatus for hardware-accelerated machine learning |
| US11416778B2 (en) | 2016-12-22 | 2022-08-16 | Ip Reservoir, Llc | Method and apparatus for hardware-accelerated machine learning |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| JP2001268071A (en) | Anti-tamper encryption device | |
| Güneysu et al. | Generic side-channel countermeasures for reconfigurable devices | |
| US6064740A (en) | Method and apparatus for masking modulo exponentiation calculations in an integrated circuit | |
| US20080201592A1 (en) | Hibernating a processing apparatus for processing secure data | |
| US8738926B2 (en) | Data processing system, method for executing a cryptographic algorithm and method for preparing execution of a cryptographic algorithm | |
| KR101946509B1 (en) | System and method for protection from side-channel attacks by varying clock delays | |
| CN109684030B (en) | Virtual machine memory key generation device and method, encryption method and SoC system | |
| EP3499788B1 (en) | Dynamic masking | |
| US10320562B2 (en) | Application specific low-power secure key | |
| Otero et al. | A modular peripheral to support self-reconfiguration in SoCs | |
| Mentens | Hiding side-channel leakage through hardware randomization: A comprehensive overview | |
| Agrawal et al. | Security and privacy of blockchain-based single-bit cache memory architecture for IoT systems | |
| US20050241005A1 (en) | Data processing apparatus and method for operating a dual rail circuit component | |
| Mahmoud et al. | FPGA-to-CPU undervolting attacks | |
| JP2002055883A (en) | Unpredictable microprocessor or microcomputer | |
| JP2014049891A (en) | Central processing unit and arithmetic unit | |
| CN101366231A (en) | Cryptographic calculation processing circuit | |
| CN106776132A (en) | Data recovery system and method | |
| WO2011047064A1 (en) | Protecting electronic systems from unauthorized access and hardware piracy | |
| JP4863279B2 (en) | Memory system and memory access method | |
| US10999058B2 (en) | System-on-chip and security circuit including a system-on-chip of this type | |
| KR20010032564A (en) | Data processing device and operating method for preventing a differential current consumption analysis | |
| US9571267B2 (en) | Data processor and decryption method | |
| Thoonen | Hardening FPGA-based AES implementations against side channel attacks based on power analysis | |
| US8074081B2 (en) | Method for replacing contents of a data storage unit |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| A02 | Decision of refusal |
Free format text: JAPANESE INTERMEDIATE CODE: A02 Effective date: 20040330 |