JP2005532728A - 誤りに基づく攻撃から電子回路を保護する方法 - Google Patents
誤りに基づく攻撃から電子回路を保護する方法 Download PDFInfo
- Publication number
- JP2005532728A JP2005532728A JP2004519119A JP2004519119A JP2005532728A JP 2005532728 A JP2005532728 A JP 2005532728A JP 2004519119 A JP2004519119 A JP 2004519119A JP 2004519119 A JP2004519119 A JP 2004519119A JP 2005532728 A JP2005532728 A JP 2005532728A
- Authority
- JP
- Japan
- Prior art keywords
- calculation
- function
- signature
- electronic assembly
- error
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
- 238000004364 calculation method Methods 0.000 claims abstract description 30
- 238000000034 method Methods 0.000 claims abstract description 29
- 238000012795 verification Methods 0.000 claims abstract description 22
- 238000004590 computer program Methods 0.000 claims 1
- 230000006870 function Effects 0.000 description 37
- 238000013478 data encryption standard Methods 0.000 description 4
- 230000000694 effects Effects 0.000 description 2
- 230000010365 information processing Effects 0.000 description 2
- 238000002347 injection Methods 0.000 description 2
- 239000007924 injection Substances 0.000 description 2
- 238000013507 mapping Methods 0.000 description 2
- 230000000712 assembly Effects 0.000 description 1
- 238000000429 assembly Methods 0.000 description 1
- 125000004122 cyclic group Chemical group 0.000 description 1
- 238000001514 detection method Methods 0.000 description 1
- 238000012360 testing method Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/52—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F7/00—Methods or arrangements for processing data by operating upon the order or content of the data handled
- G06F7/38—Methods or arrangements for performing computations using exclusively denominational number representation, e.g. using binary, ternary, decimal representation
-
- G—PHYSICS
- G09—EDUCATION; CRYPTOGRAPHY; DISPLAY; ADVERTISING; SEALS
- G09C—CIPHERING OR DECIPHERING APPARATUS FOR CRYPTOGRAPHIC OR OTHER PURPOSES INVOLVING THE NEED FOR SECRECY
- G09C1/00—Apparatus or methods whereby a given sequence of signs, e.g. an intelligible text, is transformed into an unintelligible sequence of signs by transposing the signs or groups of signs or by replacing them by others according to a predetermined system
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/002—Countermeasures against attacks on cryptographic mechanisms
- H04L9/004—Countermeasures against attacks on cryptographic mechanisms for fault attacks
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2207/00—Indexing scheme relating to methods or arrangements for processing data by operating upon the order or content of the data handled
- G06F2207/72—Indexing scheme relating to groups G06F7/72 - G06F7/729
- G06F2207/7219—Countermeasures against side channel or fault attacks
- G06F2207/7271—Fault verification, e.g. comparing two values which should be the same, unless a computational fault occurred
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/12—Details relating to cryptographic hardware or logic circuitry
- H04L2209/127—Trusted platform modules [TPM]
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Computer Hardware Design (AREA)
- Mathematical Analysis (AREA)
- Computing Systems (AREA)
- Computational Mathematics (AREA)
- Pure & Applied Mathematics (AREA)
- Mathematical Optimization (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Storage Device Security (AREA)
- Testing Of Individual Semiconductor Devices (AREA)
- Testing, Inspecting, Measuring Of Stereoscopic Televisions And Televisions (AREA)
- Tests Of Electronic Circuits (AREA)
Abstract
Description
・参考(1):FIPS PUB46−2、Data Encryption Standard、1994
・参考(2):A New Cryptanalytic Attack on DES,Draft
形式的に書くと、以下のようになる。
・B={0,1}*二値ワードの集合
・E={xi}0<i<n+1、ここで、要素xiは実質上はBの要素、我々が保護したいと考えるn個の中間結果の集合
検証関数Vは、固定長Nの二値ワードとEのすべての要素とを関連付ける関数でありV:E→{0,1}N
・Vは、計算「署名」と中間値の集合とを関連付ける関数であり、この計算を繰り返すことにより、この署名は起こりうるエラーを検知するために使用される。
・E={0.1}6とF={0.1}4
であり、次いで、
・E’=Eとh1識別関数
・F’={0,1}6と単にFのワードの最上位ビットと最下位ビットを除去することから成るh2
を導入する。
Vj+1=Vj||xj+1
V(x1,...,xn)=x1XOR...XORxn
Vj+1=(Vj+xj+1)modulo2N
V(x1,...,xn)=CRC(x1,...,xn)
Vj+1=(Vj<<1)XOR xj+1
Vj+1=VjXOR((Vjxxj+1)modulo2N)
V=SHA−1(X)
C1=1
For i=0 to N do:
C2=C1×C1
C1=C2×M
If bit i of D=0 then
C1=C2
End If.
End loop.
Output the result C1.
Claims (8)
- 計算処理を実行する電子アセンブリを保護する方法であって、計算署名を得るため少なくとも1つの中間結果に検証関数によって追加演算を行うことを含むことを特徴とする、方法。
- 起こりうるエラーを検知するために前記署名を再計算しそれらを比較するために、計算の全部または一部を少なくとも1回以上実行することを含むことを特徴とする、請求項1に記載の方法。
- ・より大きな集合から、および/またはより大きな集合に作用する別の「スーパー関数」演算を用いて基本的演算を行うことと、
・前記計算署名を得るために前記スーパー関数によって得られた結果を用いて前記検証関数による前記計算を行うことと、
を含むことを特徴とする、請求項1または2に記載の方法。 - 基本的演算の計算がスーパー関数の計算を用いて見出されることを特徴とする、請求項3に記載の方法。
- FにおけるEの基本的演算fがF’におけるE’の演算f’に置き換えられ、
・E’とF’がEとFのスーパー集合であり、
・1対1関数h1によりEからE’へ移動し、
・上への関数h2によりF’からFへ移動し、
・Eの任意の要素xに関して:h2(f’(h1(x)))=f(x)である、
ことを特徴とする、請求項3または4に記載の方法。 - 計算処理の記憶手段と前記処理の処理手段を備える電子アセンブリであって、計算署名を得るために中間結果に追加の計算を行うため使用される検証関数の記憶手段を含むことを特徴とする、電子アセンブリ。
- プログラムがコンピュータシステム内で実行されるとき、請求項1から5のいずれか一項に記載の方法のステップを実行するプログラムコード命令を含むコンピュータプログラム。
- 計算処理の記憶手段と前記処理の処理手段を備えるスマートカードであって、計算署名を得るために中間結果に追加の計算を行うため使用される検証関数の記憶手段を含むことを特徴とする、スマートカード。
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
EP02291728A EP1387519A3 (fr) | 2002-07-09 | 2002-07-09 | Procédé de sécurisation d'un ensemble électronique contre des attaques par introduction d'erreurs |
PCT/IB2003/003120 WO2004006074A2 (en) | 2002-07-09 | 2003-07-07 | Method for protecting an electronic circuit against fault-based attacks |
Related Child Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
JP2011002280A Division JP5401477B2 (ja) | 2002-07-09 | 2011-01-07 | 誤りに基づく攻撃から電子回路を保護する方法 |
Publications (1)
Publication Number | Publication Date |
---|---|
JP2005532728A true JP2005532728A (ja) | 2005-10-27 |
Family
ID=30011261
Family Applications (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
JP2004519119A Withdrawn JP2005532728A (ja) | 2002-07-09 | 2003-07-07 | 誤りに基づく攻撃から電子回路を保護する方法 |
JP2011002280A Expired - Fee Related JP5401477B2 (ja) | 2002-07-09 | 2011-01-07 | 誤りに基づく攻撃から電子回路を保護する方法 |
Family Applications After (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
JP2011002280A Expired - Fee Related JP5401477B2 (ja) | 2002-07-09 | 2011-01-07 | 誤りに基づく攻撃から電子回路を保護する方法 |
Country Status (6)
Country | Link |
---|---|
US (1) | US7826610B2 (ja) |
EP (2) | EP1387519A3 (ja) |
JP (2) | JP2005532728A (ja) |
AU (1) | AU2003249501A1 (ja) |
BR (1) | BR0312561A (ja) |
WO (1) | WO2004006074A2 (ja) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2018533312A (ja) * | 2015-11-09 | 2018-11-08 | コーニンクレッカ フィリップス エヌ ヴェKoninklijke Philips N.V. | ターゲットブロック暗号を計算する暗号デバイス |
Families Citing this family (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR100546375B1 (ko) * | 2003-08-29 | 2006-01-26 | 삼성전자주식회사 | 자체 오류 감지 기능을 강화한 상호 의존적 병렬 연산방식의 하드웨어 암호화 장치 및 그 하드웨어 암호화 방법 |
EP2005291B1 (en) * | 2006-04-06 | 2010-06-23 | Nxp B.V. | Decryption method |
KR100837270B1 (ko) | 2006-06-07 | 2008-06-11 | 삼성전자주식회사 | 스마트 카드 및 그것의 데이터 보안 방법 |
GB2468419B (en) * | 2006-06-07 | 2011-01-05 | Samsung Electronics Co Ltd | Cyrptographic systems for encrypting input data, error detection circuits, and methods of operating the same |
FR2919739B1 (fr) | 2007-08-03 | 2009-12-04 | Oberthur Card Syst Sa | Procede de traitement de donnees protege contre les attaques par generation de fautes et dispositif associe |
EP2166696B1 (fr) * | 2008-08-27 | 2016-10-05 | STMicroelectronics (Rousset) SAS | Protection de l'intégrité de données chiffrées en utilisant un état intermédiare de chiffrement pour générer une signature |
CN105814833B (zh) * | 2013-12-20 | 2019-12-13 | 皇家飞利浦有限公司 | 用于安全的数据变换的方法和系统 |
US11468037B2 (en) | 2019-03-06 | 2022-10-11 | Semiconductor Components Industries, Llc | Memory device and data verification method |
US11394702B2 (en) * | 2019-09-23 | 2022-07-19 | T-Mobile Usa, Inc. | Authentication system when authentication is not functioning |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JPH02252027A (ja) * | 1989-03-27 | 1990-10-09 | Hitachi Shonan Denshi Co Ltd | 誤り検出方法 |
JP2000066585A (ja) * | 1998-08-20 | 2000-03-03 | Toshiba Corp | 暗号化・復号装置、暗号化・復号方法、およびそのプログラム記憶媒体 |
Family Cites Families (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JPH10154976A (ja) * | 1996-11-22 | 1998-06-09 | Toshiba Corp | タンパーフリー装置 |
JPH118616A (ja) * | 1997-06-17 | 1999-01-12 | Dainippon Printing Co Ltd | 故障利用攻撃対応icカード |
ATE360866T1 (de) * | 1998-07-02 | 2007-05-15 | Cryptography Res Inc | Leckresistente aktualisierung eines indexierten kryptographischen schlüssels |
FR2789535B1 (fr) * | 1999-02-04 | 2001-09-28 | Bull Cp8 | Procede de securisation d'un ensemble electronique de cryptographie a cle secrete contre les attaques par analyse physique |
US6832316B1 (en) * | 1999-12-22 | 2004-12-14 | Intertrust Technologies, Corp. | Systems and methods for protecting data secrecy and integrity |
KR100377175B1 (ko) * | 2000-06-08 | 2003-03-26 | 주식회사 하이닉스반도체 | 데이터 암호화 표준 알고리즘을 이용한 암호화 장치 |
DE60111746T2 (de) * | 2000-08-03 | 2006-05-18 | Koninklijke Philips Electronics N.V. | Lineartransformation für symmetrische verschlüsselungssysteme |
FR2829331B1 (fr) * | 2001-09-04 | 2004-09-10 | St Microelectronics Sa | Procede de securisation d'une quantite secrete |
-
2002
- 2002-07-09 EP EP02291728A patent/EP1387519A3/fr not_active Withdrawn
-
2003
- 2003-07-07 EP EP03762843A patent/EP1552362A2/en not_active Withdrawn
- 2003-07-07 US US10/520,806 patent/US7826610B2/en not_active Expired - Fee Related
- 2003-07-07 WO PCT/IB2003/003120 patent/WO2004006074A2/en active Application Filing
- 2003-07-07 AU AU2003249501A patent/AU2003249501A1/en not_active Abandoned
- 2003-07-07 BR BR0312561-0A patent/BR0312561A/pt not_active IP Right Cessation
- 2003-07-07 JP JP2004519119A patent/JP2005532728A/ja not_active Withdrawn
-
2011
- 2011-01-07 JP JP2011002280A patent/JP5401477B2/ja not_active Expired - Fee Related
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JPH02252027A (ja) * | 1989-03-27 | 1990-10-09 | Hitachi Shonan Denshi Co Ltd | 誤り検出方法 |
JP2000066585A (ja) * | 1998-08-20 | 2000-03-03 | Toshiba Corp | 暗号化・復号装置、暗号化・復号方法、およびそのプログラム記憶媒体 |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2018533312A (ja) * | 2015-11-09 | 2018-11-08 | コーニンクレッカ フィリップス エヌ ヴェKoninklijke Philips N.V. | ターゲットブロック暗号を計算する暗号デバイス |
Also Published As
Publication number | Publication date |
---|---|
WO2004006074A3 (en) | 2004-03-04 |
EP1552362A2 (en) | 2005-07-13 |
BR0312561A (pt) | 2005-12-20 |
US20080130869A1 (en) | 2008-06-05 |
AU2003249501A8 (en) | 2004-01-23 |
AU2003249501A1 (en) | 2004-01-23 |
US7826610B2 (en) | 2010-11-02 |
EP1387519A2 (fr) | 2004-02-04 |
JP2011072040A (ja) | 2011-04-07 |
WO2004006074A2 (en) | 2004-01-15 |
JP5401477B2 (ja) | 2014-01-29 |
EP1387519A3 (fr) | 2004-02-18 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
JP5401477B2 (ja) | 誤りに基づく攻撃から電子回路を保護する方法 | |
US8477933B2 (en) | Cryptographic algorithm fault protections | |
US9515820B2 (en) | Protection against side channels | |
US9298947B2 (en) | Method for protecting the integrity of a fixed-length data structure | |
KR20100098520A (ko) | 비밀 데이터를 획득하려는 공격으로부터 마이크로회로를 보호하는 방법 및 장치 | |
JP5693927B2 (ja) | 故障利用攻撃の検出方法及び検出装置 | |
JP2008545163A (ja) | セキュアハッシュ関数の強化 | |
US10187198B2 (en) | Protection of a rijndael algorithm | |
US10819502B2 (en) | Method for symmetric block encryption or decryption | |
US20210152331A1 (en) | Protecting polynomial hash functions from external monitoring attacks | |
CN106936563B (zh) | 用于保护密码运算的方法和系统 | |
JP2009005164A (ja) | 暗号処理装置,暗号処理プログラム及び暗号処理方法 | |
US10862669B2 (en) | Encryption/description method protected against side-channel attacks | |
US8311212B2 (en) | Method of processing data protected against attacks by generating errors and associated device | |
EP3891925B1 (en) | A computation device using shared shares | |
EP3214567B1 (en) | Secure external update of memory content for a certain system on chip | |
US20110126085A1 (en) | Method of signature verification | |
JP2005045760A (ja) | 暗号処理方法及び装置 | |
US20200067693A1 (en) | Systems and methods for masking ecc operations | |
JP2017098944A (ja) | デジタルデータの不連続ハッシュ法に関するデバイス及び方法 | |
US20170012769A1 (en) | Imbalanced montgomery ladder | |
Rahman | Towards integrity protection of software for e-health data | |
CN115605869A (zh) | 用于在安全元件中安全地处理数字信息的方法 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
A621 | Written request for application examination |
Free format text: JAPANESE INTERMEDIATE CODE: A621 Effective date: 20060706 |
|
A131 | Notification of reasons for refusal |
Free format text: JAPANESE INTERMEDIATE CODE: A131 Effective date: 20091215 |
|
A601 | Written request for extension of time |
Free format text: JAPANESE INTERMEDIATE CODE: A601 Effective date: 20100309 |
|
A602 | Written permission of extension of time |
Free format text: JAPANESE INTERMEDIATE CODE: A602 Effective date: 20100316 |
|
A521 | Request for written amendment filed |
Free format text: JAPANESE INTERMEDIATE CODE: A523 Effective date: 20100615 |
|
A02 | Decision of refusal |
Free format text: JAPANESE INTERMEDIATE CODE: A02 Effective date: 20100907 |
|
A761 | Written withdrawal of application |
Free format text: JAPANESE INTERMEDIATE CODE: A761 Effective date: 20110221 |