WO2018090932A1 - 一种集成有安全组件的终端芯片 - Google Patents
一种集成有安全组件的终端芯片 Download PDFInfo
- Publication number
- WO2018090932A1 WO2018090932A1 PCT/CN2017/111140 CN2017111140W WO2018090932A1 WO 2018090932 A1 WO2018090932 A1 WO 2018090932A1 CN 2017111140 W CN2017111140 W CN 2017111140W WO 2018090932 A1 WO2018090932 A1 WO 2018090932A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- power
- interface
- terminal chip
- security component
- application processor
- Prior art date
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
- G06F21/75—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information by inhibiting the analysis of circuitry or operation
- G06F21/755—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information by inhibiting the analysis of circuitry or operation with measures against power attack
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
- G06F21/72—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in cryptographic circuits
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
- G06F21/75—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information by inhibiting the analysis of circuitry or operation
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/81—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer by operating on the power supply, e.g. enabling or disabling power-on, sleep or resume operations
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2107—File encryption
Definitions
- the present invention relates to the field of chips, and in particular to a terminal chip integrated with a security component.
- smart terminals With the improvement of the performance of smart terminals and the popularity of Internet applications, financial activities such as online payment through the wireless network of smart terminals have become part of people's daily lives.
- security components often have built-in coprocessors, security applications for encryption and decryption and authentication, and corresponding protocol platforms.
- the security component provides authentication and information encryption services for users of the smart terminal during the financial transaction process.
- SIM card is a relatively common security component that is distributed by operators and can be used for authentication.
- the U shield management client can be saved in the SIM card to meet the functional needs of the online banking of major banks.
- the SIM card is generally connected to the system in the smart terminal through a dedicated slot on the smart terminal.
- the security component is fixed in the form of a separate chip together with other components such as the processor chip of the intelligent terminal in the smart terminal, and the industry calls it an embedded security component.
- embedded security component eSE for short
- the function of the embedded security component chip is basically the same as that of the SIM card.
- the embedded security component chip is customized by the terminal device manufacturer, its interface and communication module can be more flexibly set to interwork and share with other chips and components in the smart terminal.
- Both the embedded security component chip and the processor chip are powered by the power management chip in the smart terminal.
- power pin burr injection causes a voltage glitch injection through the power pins of the embedded security component chip.
- the voltage glitch injection causes a short-term fluctuation of the voltage signal on the power supply pin. This short-term fluctuation causes the threshold voltage of the on-chip transistor to drift, causing the sampling input time of some flip-flops to be abnormal, eventually causing the trigger to enter an erroneous state, resulting in Misoperation.
- the attacker can use the generated misoperation to perform modeling analysis, and thus may find important security information hidden in the embedded security component chip, which harms the user's interests.
- the embodiment of the invention provides a terminal chip.
- the terminal chip includes a security component, an application processor, and an interface module for communicating information between the application processor and the security component.
- the terminal chip is provided with a first power interface for receiving power from outside the terminal chip.
- a first power port of the security component is connected to the first power interface, and a power port of at least one of the application processor and the interface module is connected to the first power interface.
- the power port of the security component is connected to the application processor of the terminal chip or the power port of the interface module. Therefore, when a power attack occurs, the power supply may cause an abnormality in the application processor or the interface module of the terminal chip.
- the abnormality of the application processor and the interface module may result in the information in the security component not being correctly acquired by the outside, so that an attacker cannot obtain sensitive information in the security component through a power attack.
- the terminal chip includes a plurality of interface modules, such as a bus and a memory controller, and at least one of the application processor, the memory, and the memory controller is connected to the first power interface.
- a plurality of interface modules such as a bus and a memory controller
- the first power interface is a digital power interface.
- the terminal chip is further provided with a second power interface, and the second power interface is an analog power source.
- the security component also includes an analog power port that is connected to the analog power interface.
- the terminal chip further includes a high speed interface physical layer circuit, a phase locked loop circuit, and an electrical programming fuse circuit, at least one of the high speed interface physical layer circuit, the phase locked loop circuit, and the electrically programmed fuse circuit being connected to the An analog power interface is connected to the analog power interface. Therefore, when the power attack is initiated from the analog power interface, the damage of the high-speed interface physical layer circuit, the phase-locked loop circuit or the electrical programming fuse circuit can also affect the normal operation of the application processor, thereby improving the attacker. The difficulty of getting sensitive information from security components.
- the lowest timing margin in the security component is greater than the lowest timing margin of the application processor or interface module connected to the first power interface, thereby ensuring that the application processor or interface module is in the power supply. An exception will occur first under the attack.
- a system for secure verification is provided in the security component.
- the security component includes a coprocessor, a secure bus, and a module for encryption and decryption and authentication.
- FIG. 1 is a schematic diagram of a terminal device according to an embodiment of the present invention.
- FIG. 1 is a schematic structural diagram of a terminal device according to an embodiment of the present invention.
- the terminal device includes a terminal chip 10, an off-chip memory 20, and a power management unit 30 (PMU).
- the terminal chip 10 is provided with an application processor 12, a bus 14 (Bus), a memory controller 16, and a security component 18.
- the application processor 12 is generally a so-called Central Processing Unit (CPU) for performing tasks according to instructions of various applications.
- the application processor 12 interacts with other modules within the host chip 10 via a bus 14.
- the application processor 12 when an application having security requirements accesses the security component, the application processor 12 writes the access request to the off-chip memory 20 through the memory controller 16, and The security component 18 is notified to extract the access request from the off-chip memory 20 via the memory controller 16.
- the security component 18 When the security component 18 has data to be passed back to the application processor 12, the security component 18 also writes the backhaul data to the off-chip memory 20 through the memory controller 16, and notifies the The application processor 12 extracts the backhaul data from the off-chip memory 20.
- the security component 18 is similar in function to the security component described in the background section for providing security services such as authentication, encryption and decryption for tasks with security requirements under the security system.
- the security component The various modules of 18 are integrated within the terminal chip and interact with the application processor 12 and off-chip memory 20 via a unique interface.
- the security component 18 of the embodiment of the present invention includes a coprocessor 182, an interaction interface 183, a secure memory 184, a storage plus descrambling module 185, a security bus 186, and a sensor module 187.
- the coprocessor 182 is configured to coordinate and schedule various tasks under the security system.
- An IPC (Inter-Process Communication) module 1832 and a shared cache 1834 are provided in the interaction interface 183.
- the IPC module is configured to send an interrupt request to the application processor 12 or the coprocessor 182, and the shared cache 1834 is configured to simultaneously cache the request to be executed for the application processor 12 or the coprocessor 182. data.
- the shared cache 1834 is the only data interface that all security components 18 have with the outside world. When the interrupt chip 10 has request data to be processed by the security component 18, the request data is generally first saved in the off-chip memory 20, and then the request is sent by the application processor 12 over the bus. Data is written to the shared cache 1834 and an interrupt request is sent to the coprocessor 182 via the bus 13 and the IPC module 1832.
- the coprocessor 182 After receiving the interrupt request, the coprocessor 182 extracts the request data from the shared cache and executes a corresponding task. After the coprocessor 182 performs the completion of the request data, the processing result may be written into the shared cache 1834, and then the IPC module is instructed to send an interrupt request through the bus 14 to notify the application processor 12 to extract the location. Describe the processing results.
- Interrupt requests cause the receiver to interrupt the currently ongoing operation or application.
- Security-related applications such as online payments, financial transactions, etc., often have high-priority requirements. Therefore, by interrupting the request, it can be ensured that the coprocessor in the security component 18 can extract and execute the request data in the cache 1834 in a high priority manner.
- the secure memory 184 acts as dedicated memory for the coprocessor 182 for system or platform code.
- the secure memory 184 is generally provided with two kinds of memories, a ROM (Read-Only Memory) and a RAM (Ramdom Access Memory). Among them, ROM is used to store the code of security system startup, self-test and initialization; RAM is used to store security application code and data such as security-related operating system software.
- the verification module 185 is configured to perform an identity verification related operation according to the request data received from the shared cache 1834, such as generating a random number, key management, encryption and decryption, and the like.
- the security bus 186 is configured to provide bus services for modules within the security component 18.
- the sensor module 187 includes a digital sensor and an analog sensor for detecting that the security component 18 is subject to an illegal physical intrusion and issuing an alert to the coprocessor 182.
- the coprocessor 182 protects sensitive information in the security component by means of resetting or clearing registers.
- the terminal chip 10 is further provided with a power interface 17.
- the power interface 17 can be a pin of the terminal chip 10.
- the power interface 17 is connected to the power management unit 30 for receiving power from the power management unit 30 and supplying power to a plurality of modules in the terminal chip 10.
- the power port of the security component 18 is connected to the power interface 17 for connecting through the power interface 17 Power is collected to meet the power needs of the various modules within the security component 18.
- a voltage input of at least one of the application processor 12, the bus 14 and the memory controller 16 is coupled to the power interface 17 for receiving power through the power interface 17 for meeting respective power needs. Therefore, when an attacker initiates a power attack through the power interface 17, the application processor 12, the bus 14 or the memory controller 16 will first generate an abnormality, so that the attacker cannot obtain accurate feedback information of the security component 18, thereby avoiding information leakage.
- the minimum timing margin in each register array inside the security component 18 is made larger than the application connected to the power interface 17.
- timing margin is introduced here.
- Integrated circuits such as Field-Programmable Gate Array (FPGA) are very common combinations in current integrated circuits and can be used to transfer instructions and data.
- FPGAs are widely used in terminal modules for functional modules including processors, buses, and memory controllers.
- the security components in the embodiments of the present invention also include corresponding integrated circuits of coprocessors, security buses, and storage controls, and naturally include various FPGAs.
- Registers are the basic unit in an FPGA. During the operation of the FPGA, digital signals are passed between registers. As shown in FIG. 2, register D1 passes a signal of 0 or 1 to register D2. Registers D1 and D2 operate under the control of a uniform clock signal. The clock signal shown in Figure 2 has three rising edges, Edge0, Edge1, and Edge2. Register D1 begins transmitting the signal on the rising edge Edge0. Since there is a delay in the process of latching the data by the register, in order to ensure that the register D2 can properly latch the signal, the signal needs to arrive at the register D2 a certain time before the rising edge Edge1 arrives. The "advance time" can be regarded as "sequence margin".
- the register D2 can correctly latch the signal sent by the register D1. If the size of the timing margin does not satisfy the time when the register D2 latches the signal, that is, when the rising edge Edge1 arrives, the register D2 does not successfully latch the signal issued by the register D1, and the signal finally latched by the register D2 may have an error.
- the timing margin that can satisfy the normal operation has a minimum value, that is, under normal operation, as long as To meet the minimum timing margin, then two adjacent registers can correctly pass signals to each other.
- designing the integrated circuit will ensure that the timing margin can meet the requirements.
- the signal transfer between two adjacent registers creates an additional delay, resulting in insufficient timing margin. Therefore, the larger the timing margin, the stronger the ability of the register array to withstand power attacks.
- a stricter standard is applied to the timing margin of each register array in the security component 18 during the design phase to ensure the lowest in the security component 18.
- the timing margin is greater than the lowest timing margin of the bus, memory controller, or application processor that is also connected to power interface 17.
- the bus, the memory controller, or the application processor may have an abnormality in the register array.
- the external information path of the security component 18 may be confusing under the power attack, and the attacker does not have an attack.
- the method obtains sensitive information in the security component 18 by abnormal feedback of the power attack.
- the application processor 12, the bus 14 and the memory controller are In addition to the 16th, the working state of other interface modules in the terminal chip can directly affect the data entering and leaving the security component 18, and connecting the power supply port of the interface module and the security component to the same power pin, The technical effect of the present invention is achieved.
- the data sent by the register D1 to the register D2 is subjected to two delays before reaching the register D2.
- the register D1 starts triggering the transmission of the data at the time of Edge0, and the data is officially left from the register D1 after a certain time t1, where the time t1 is caused by the propagation of the register D1 itself.
- the time t1 is named as the transmission delay.
- the path of the signal on the path between the register D1 and the register D2 will take time. There will also be various logic devices between the register D1 and the register D2, and the signals will also consume time through these logic devices. .
- the time consumed by the signal on the path between the registers D1 and D2 is added to the time consumed by the logic device between the registers D1 and D2 to obtain the time t2 as a path. Delay.
- the signal Edge0 is transmitted by the register D1, and the register D2 is reached after the time t1+t2. Since the time interval between Edge0 and Edge1 is fixed, increasing the timing margin can be achieved by shortening the time t1+t2. To shorten the time t1+t2, a more sensitive register can be selected to shorten the transmission delay t1, or to simplify the logic between registers to shorten the path delay t2.
- the terminal chip will have two power interfaces, namely a digital power interface and an analog power interface.
- the digital power interface is generally connected to a digital voltage of 0.8v (16nm, 0.8v under the new 28nm process, other old process data supply voltage may be greater than 0.8v), used for application processor, bus and memory control in the terminal chip
- Digital functional devices such as devices provide power. So the power interface described above is actually a digital power interface.
- important components such as coprocessors, authentication modules, and safety buses within the security component are inputs that require digital power. Therefore, it is very important to prevent power attacks initiated from the digital power side.
- the analog power interface is generally connected to the analog voltage of 1.8v (1.8v under the new process of 16nm and 28nm, and the power supply voltage of other old process data may be higher than 1.8v). It is generally used for the physical layer of the high-speed interface of the chip memory in the terminal chip. Analog devices such as DDR-phy, Phase Locked Loop (PLL), and efuse circuits (electrically programmed fuses) provide power. In the security component 18, the analog power input is often required for monitoring and sensing circuits, and these circuits do not involve the processing and storage of sensitive information. Therefore, an attacker's power attack from an analog power source does not pose a significant risk of compromise.
- PLL Phase Locked Loop
- the security component As an integrated module built into the terminal chip, the security component has a small area in the terminal chip. Therefore, the security component as a whole generally has only two power input ports, an analog power input and a digital power input.
- the digital power input and the analog power input are respectively connected to a digital power interface and an analog power interface of the terminal chip.
- the terminal chip should consider the wiring needs, and it is possible to have multiple digital power inputs or multiple analog power terminals.
- the bus, the memory controller or the application processor of the terminal chip and the digital power input of the security component are connected to the same digital power interface, thereby preventing information in the security component.
- the lowest timing margin of the module connected to the digital power interface in the security component is greater than the minimum timing margin of the bus, the storage controller or the application processor of the terminal chip, which can better serve of Security effect.
- the function module that receives the analog power input in the terminal chip may interfere with the attacker's function through the terminal chip if an abnormality occurs under power attack.
- the module steals sensitive information within the security component. Therefore, in a special scenario, some function modules of the terminal chip that receive the analog power input may be connected to the same analog power interface, and the lowest timing of the corresponding module of the security component may be selected. The amount is greater than the lowest timing margin of other modules connected to the analog power interface.
- the disclosed system can be implemented in other ways.
- the device embodiments described above are merely illustrative.
- the division of the modules is only a logical function division.
- there may be another division manner for example, multiple units or components may be combined or Can be integrated into another system, or some features can be ignored or not executed.
- the mutual coupling or direct coupling or communication connection shown or discussed may be an indirect coupling or communication connection through some interface, device or unit, and may be in an electrical, mechanical or other form.
- the modules described as separate components may or may not be physically separate.
- the components displayed as modules may or may not be physical units, that is, may be located in one place, or may be distributed to multiple network nodes. Some or all of the nodes may be selected according to actual needs to achieve the purpose of the solution of the embodiment.
- each functional module in each embodiment of the present invention may be integrated into one processing unit, or each module may exist physically separately, or two or more modules may be integrated into one unit.
- the above integrated unit can be implemented in the form of hardware or in the form of a software functional unit.
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Computer Security & Cryptography (AREA)
- General Physics & Mathematics (AREA)
- Mathematical Physics (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Storage Device Security (AREA)
- Semiconductor Integrated Circuits (AREA)
Abstract
Description
Claims (10)
- 一种终端芯片,其特征在于,包括安全组件,应用处理器,以及用于在所述应用处理器和所述安全组件之间传递信息的接口模块,所述终端芯片上设有第一电源接口,用于从所述终端芯片外部接收电力,所述安全组件的第一供电端口被连接到所述第一电源接口,所述应用处理器和所述接口模块中的至少一个被连接到所述第一电源接口。
- 如权利要求1所述的终端芯片,其特征在于,所述终端芯片包括多个所述接口模块,所述多个接口模块中的至少一个被连接到所述第一电源接口。
- 如权利要求1或2所述的终端芯片,其特征在于,所述接口模块为总线或内存控制器。
- 如权利要求1-3中任一项所述的终端芯片,其特征在于,所述第一电源接口为数字电源接口。
- 如权利要求1-4中任一项所述的终端芯片,其特征在于,所述终端芯片还设有第二电源接口,所述第二电源接口为模拟电源。
- 如权利要求5所述的终端芯片,其特征在于,所述第一供电端口为数字电源端口,所述安全组件还包括模拟电源端口,所述模拟电源端口被连接至所述模拟电源接口。
- 如权利要求6所述的终端芯片,其特征在于,所述终端芯片还包括高速接口物理层电路、锁相环电路以及电编程熔丝电路,所述高速接口物理层电路、锁相环电路以及电编程熔丝电路中的至少一个被连接至所述模拟电源接口。
- 如权利要求1-7中任一项所述的终端芯片,其特征在于,所述安全组件中的最低时序余量大于被连接到所述第一电源接口上的应用处理器或接口模块的最低时序余量。
- 如权利要求1-8中任一项所述的终端芯片,其特征在于,所述安全组件中设有用于安全验证的系统。
- 如权利要求1-9中任一项所述的终端芯片,其特征在于,所述安全组件中包括协处理器,安全总线,以及用于加解密、身份验证的模块。
Priority Applications (4)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
EP17872149.4A EP3534289B1 (en) | 2016-11-15 | 2017-11-15 | Terminal chip integrated with security component |
KR1020197016888A KR102225283B1 (ko) | 2016-11-15 | 2017-11-15 | 보안 요소가 집적된 단말 칩 |
JP2019546965A JP6814305B2 (ja) | 2016-11-15 | 2017-11-15 | セキュリティ要素と一体化される端末チップ |
US16/412,932 US11436376B2 (en) | 2016-11-15 | 2019-05-15 | Terminal chip integrated with security element |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201611006033.2 | 2016-11-15 | ||
CN201611006033.2A CN108073830B (zh) | 2016-11-15 | 2016-11-15 | 一种集成有安全组件的终端芯片 |
Related Child Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US16/412,932 Continuation US11436376B2 (en) | 2016-11-15 | 2019-05-15 | Terminal chip integrated with security element |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2018090932A1 true WO2018090932A1 (zh) | 2018-05-24 |
Family
ID=62146089
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/CN2017/111140 WO2018090932A1 (zh) | 2016-11-15 | 2017-11-15 | 一种集成有安全组件的终端芯片 |
Country Status (6)
Country | Link |
---|---|
US (1) | US11436376B2 (zh) |
EP (1) | EP3534289B1 (zh) |
JP (1) | JP6814305B2 (zh) |
KR (1) | KR102225283B1 (zh) |
CN (1) | CN108073830B (zh) |
WO (1) | WO2018090932A1 (zh) |
Families Citing this family (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
FR3060161A1 (fr) * | 2016-12-08 | 2018-06-15 | Orange | Technique de gestion d'un droit d'acces a un service pour un dispositif communicant |
CN113158260B (zh) * | 2021-03-30 | 2023-03-31 | 西南电子技术研究所(中国电子科技集团公司第十研究所) | SoC芯片内部数据分级防护电路 |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103034804A (zh) * | 2012-12-11 | 2013-04-10 | 深圳国微技术有限公司 | 安全芯片及其攻击检测电路 |
CN103730161A (zh) * | 2013-12-23 | 2014-04-16 | 深圳国微技术有限公司 | 一种安全芯片抗攻击的安全电路及采用该安全电路的安全芯片 |
CN204360420U (zh) * | 2014-12-31 | 2015-05-27 | 上海动联信息技术股份有限公司 | 便携式nfc订单生成终端 |
CN106096457A (zh) * | 2016-06-06 | 2016-11-09 | 合肥工业大学 | 一种安全芯片的抗时钟频率错误注入攻击的防御电路 |
Family Cites Families (14)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6054893A (en) * | 1997-04-10 | 2000-04-25 | Institute Of Microelectronics | Low current differential fuse circuit |
US6594760B1 (en) * | 1998-12-21 | 2003-07-15 | Pitney Bowes Inc. | System and method for suppressing conducted emissions by a cryptographic device |
US6535986B1 (en) | 2000-03-14 | 2003-03-18 | International Business Machines Corporation | Optimizing performance of a clocked system by adjusting clock control settings and clock frequency |
DE10061998A1 (de) * | 2000-12-13 | 2002-07-18 | Infineon Technologies Ag | Kryptographieprozessor |
US6973565B2 (en) * | 2001-05-09 | 2005-12-06 | Safenet Canada, Inc. | Biometrically secured memory IC |
US20060059372A1 (en) * | 2004-09-10 | 2006-03-16 | International Business Machines Corporation | Integrated circuit chip for encryption and decryption having a secure mechanism for programming on-chip hardware |
CN101588643B (zh) | 2008-05-19 | 2012-08-29 | 上海锦诺信息科技有限公司 | 一种带手机应用软件开发平台的卡片 |
JP5552027B2 (ja) * | 2010-11-01 | 2014-07-16 | ルネサスエレクトロニクス株式会社 | 半導体装置 |
US9231409B2 (en) * | 2012-01-24 | 2016-01-05 | Texas Instruments Incorporated | Sourcing and securing dual supply rails of tamper protected battery backed domain |
US8912814B2 (en) * | 2012-11-12 | 2014-12-16 | Chaologix, Inc. | Clocked charge domain logic |
US9268948B2 (en) * | 2013-06-24 | 2016-02-23 | Intel Corporation | Secure access enforcement proxy |
US9255968B2 (en) * | 2013-11-22 | 2016-02-09 | Altera Corporation | Integrated circuit with a high-speed debug access port |
US20160378344A1 (en) * | 2015-06-24 | 2016-12-29 | Intel Corporation | Processor and platform assisted nvdimm solution using standard dram and consolidated storage |
CN205158415U (zh) * | 2015-12-08 | 2016-04-13 | 深圳中科讯联科技有限公司 | 智能卡 |
-
2016
- 2016-11-15 CN CN201611006033.2A patent/CN108073830B/zh active Active
-
2017
- 2017-11-15 KR KR1020197016888A patent/KR102225283B1/ko active IP Right Grant
- 2017-11-15 WO PCT/CN2017/111140 patent/WO2018090932A1/zh unknown
- 2017-11-15 EP EP17872149.4A patent/EP3534289B1/en active Active
- 2017-11-15 JP JP2019546965A patent/JP6814305B2/ja active Active
-
2019
- 2019-05-15 US US16/412,932 patent/US11436376B2/en active Active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103034804A (zh) * | 2012-12-11 | 2013-04-10 | 深圳国微技术有限公司 | 安全芯片及其攻击检测电路 |
CN103730161A (zh) * | 2013-12-23 | 2014-04-16 | 深圳国微技术有限公司 | 一种安全芯片抗攻击的安全电路及采用该安全电路的安全芯片 |
CN204360420U (zh) * | 2014-12-31 | 2015-05-27 | 上海动联信息技术股份有限公司 | 便携式nfc订单生成终端 |
CN106096457A (zh) * | 2016-06-06 | 2016-11-09 | 合肥工业大学 | 一种安全芯片的抗时钟频率错误注入攻击的防御电路 |
Non-Patent Citations (1)
Title |
---|
See also references of EP3534289A4 * |
Also Published As
Publication number | Publication date |
---|---|
US11436376B2 (en) | 2022-09-06 |
CN108073830B (zh) | 2021-05-18 |
EP3534289B1 (en) | 2021-07-28 |
JP6814305B2 (ja) | 2021-01-13 |
EP3534289A4 (en) | 2019-11-13 |
JP2019534528A (ja) | 2019-11-28 |
EP3534289A1 (en) | 2019-09-04 |
KR20190077089A (ko) | 2019-07-02 |
CN108073830A (zh) | 2018-05-25 |
US20190266360A1 (en) | 2019-08-29 |
KR102225283B1 (ko) | 2021-03-09 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
EP2894588B1 (en) | Data processing device, method for executing an application and computer program product | |
US7372304B2 (en) | System and method for glitch detection in a secure microcontroller | |
Basak et al. | A flexible architecture for systematic implementation of SoC security policies | |
TW201723949A (zh) | 針對遺失的電子裝置停用行動付款 | |
WO2018090932A1 (zh) | 一种集成有安全组件的终端芯片 | |
US11636231B2 (en) | Methods and apparatus for in-memory device access control | |
US10496974B2 (en) | Secure transactions with connected peripherals | |
US7823133B2 (en) | Smart card device and method for debug and software development | |
KR20240064635A (ko) | 신뢰 수준 향상을 위한 센서 정보를 이용하는 장치 및 방법 | |
Huffmire et al. | Hardware trust implications of 3-D integration | |
CN104199517A (zh) | 一种基于国产处理器的异构可信冗余服务器系统 | |
CN106548099A (zh) | 一种电路系统安全保护的芯片 | |
CN111512297A (zh) | 数据中心中的可编程设备的安全性 | |
CN111104696B (zh) | 一种多路安全元件集群板卡 | |
US10169616B1 (en) | Cryptographic processing of data and instructions stored off-chip | |
EP3044721B1 (en) | Automatic pairing of io devices with hardware secure elements | |
US11734457B2 (en) | Technology for controlling access to processor debug features | |
CN112181860B (zh) | 具有快闪存储器仿真功能的控制器及其控制方法 | |
CN206100055U (zh) | 基于arm嵌入式加密卡的大宗商品交易系统 | |
US20240152925A1 (en) | Methods and arrangements for credit card lock | |
Wang et al. | A Secure Dual-Core Processor Design for Embedded Terminal Device | |
US20180076966A1 (en) | Subscriber identification system | |
CN106504071A (zh) | 基于嵌入式数据保护的交易系统 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 17872149 Country of ref document: EP Kind code of ref document: A1 |
|
ENP | Entry into the national phase |
Ref document number: 2019546965 Country of ref document: JP Kind code of ref document: A |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
ENP | Entry into the national phase |
Ref document number: 20197016888 Country of ref document: KR Kind code of ref document: A |
|
ENP | Entry into the national phase |
Ref document number: 2017872149 Country of ref document: EP Effective date: 20190527 |