WO2024066533A1 - Ensemble puce et son procédé de traitement d'informations, et support lisible par ordinateur - Google Patents

Ensemble puce et son procédé de traitement d'informations, et support lisible par ordinateur Download PDF

Info

Publication number
WO2024066533A1
WO2024066533A1 PCT/CN2023/102614 CN2023102614W WO2024066533A1 WO 2024066533 A1 WO2024066533 A1 WO 2024066533A1 CN 2023102614 W CN2023102614 W CN 2023102614W WO 2024066533 A1 WO2024066533 A1 WO 2024066533A1
Authority
WO
WIPO (PCT)
Prior art keywords
information
chip
ciphertext
confidential
confidential information
Prior art date
Application number
PCT/CN2023/102614
Other languages
English (en)
Chinese (zh)
Inventor
杜嘉宇
孙福山
潘跃
Original Assignee
深圳市中兴微电子技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 深圳市中兴微电子技术有限公司 filed Critical 深圳市中兴微电子技术有限公司
Publication of WO2024066533A1 publication Critical patent/WO2024066533A1/fr

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F3/00Input arrangements for transferring data to be processed into a form capable of being handled by the computer; Output arrangements for transferring data from processing unit to output unit, e.g. interface arrangements
    • G06F3/06Digital input from, or digital output to, record carriers, e.g. RAID, emulated record carriers or networked record carriers
    • GPHYSICS
    • G11INFORMATION STORAGE
    • G11CSTATIC STORES
    • G11C17/00Read-only memories programmable only once; Semi-permanent stores, e.g. manually-replaceable information cards
    • G11C17/14Read-only memories programmable only once; Semi-permanent stores, e.g. manually-replaceable information cards in which contents are determined by selectively establishing, breaking or modifying connecting links by permanently altering the state of coupling elements, e.g. PROM
    • G11C17/16Read-only memories programmable only once; Semi-permanent stores, e.g. manually-replaceable information cards in which contents are determined by selectively establishing, breaking or modifying connecting links by permanently altering the state of coupling elements, e.g. PROM using electrically-fusible links
    • GPHYSICS
    • G11INFORMATION STORAGE
    • G11CSTATIC STORES
    • G11C17/00Read-only memories programmable only once; Semi-permanent stores, e.g. manually-replaceable information cards
    • G11C17/14Read-only memories programmable only once; Semi-permanent stores, e.g. manually-replaceable information cards in which contents are determined by selectively establishing, breaking or modifying connecting links by permanently altering the state of coupling elements, e.g. PROM
    • G11C17/18Auxiliary circuits, e.g. for writing into memory

Definitions

  • the present disclosure relates to the field of chip technology, and in particular to a chip component and an information processing method thereof, and a computer-readable medium.
  • Security information used by a chip can be stored in a one-time programmable memory eFUSE to ensure that it cannot be modified.
  • the present disclosure provides a chip component and an information processing method thereof, and a computer-readable medium.
  • an embodiment of the present disclosure provides a method for information processing of a chip component, wherein the chip component includes a chip, an information storage device, and an eFUSE.
  • the method includes: encrypting plaintext of confidential information according to an information encryption algorithm to obtain ciphertext of the confidential information; writing the ciphertext of the confidential information into the information storage device, and writing configuration information into the eFUSE, wherein the configuration information represents the storage status of the ciphertext of the confidential information in the information storage device.
  • the present disclosure provides a method for information processing of a chip component, wherein the chip component includes a chip, an information storage device, and an eFUSE; the information storage device stores ciphertext of confidential information, and the ciphertext of the confidential information is encrypted according to an information encryption algorithm.
  • the eFUSE stores configuration information, and the configuration information represents the storage status of the ciphertext of the confidential information in the information storage device.
  • the method includes: reading the configuration information stored in the eFUSE; reading the ciphertext of the confidential information from the information storage device according to the configuration information; and decrypting the ciphertext of the confidential information according to the information encryption algorithm to obtain the plaintext of the confidential information.
  • an embodiment of the present disclosure provides a chip component, including a chip, an information storage device, and an eFUSE, wherein the chip can implement an information processing method of any chip component of the embodiment of the present disclosure.
  • the information storage includes a flash memory FLASH.
  • an embodiment of the present disclosure provides a non-temporary computer-readable medium having a computer program stored thereon, which, when executed by a processor, can implement a method for information processing in which the chip can implement any chip component of the embodiment of the present disclosure.
  • confidential information is actually stored in an information storage device (such as FLASH), and eFUSE only stores its configuration information. Therefore, no matter how large the confidential information is, the space required for eFUSE is very small, thereby being able to store a larger amount of information at a low cost of eFUSE to meet customer needs.
  • the confidential information is encrypted, and its configuration information is stored in eFUSE and cannot be modified. Therefore, although the confidential information is actually located in the information storage device, its security is still very high and cannot be cracked or tampered with.
  • FIG1 is a block diagram of a chip assembly according to an embodiment of the present disclosure.
  • FIG2 is a flow chart of a method for information processing of a chip assembly provided by an embodiment of the present disclosure
  • FIG3 is a flow chart of a method for information processing of a chip assembly provided by another embodiment of the present disclosure.
  • FIG4 is a flow chart of a method for information processing of a chip component provided by another embodiment of the present disclosure.
  • FIG5 is a flow chart of a method for information processing of a chip assembly provided by another embodiment of the present disclosure.
  • FIG. 6 is a logic diagram of a method for processing information of a chip component provided in an embodiment of the present disclosure. Process diagram
  • FIG. 7 is a block diagram of the composition of a computer-readable medium provided in an embodiment of the present disclosure.
  • the present disclosure may be described with reference to plan views and/or cross-sectional views by means of ideal schematic views of the present disclosure. Therefore, the exemplary illustrations may be modified according to manufacturing techniques and/or tolerances.
  • the present disclosure is not limited to the embodiments shown in the drawings, but includes modifications of the configurations formed based on the manufacturing process. Therefore, the regions illustrated in the drawings have schematic properties, and the shapes of the regions shown in the drawings illustrate the specific shapes of the regions of the elements, but are not intended to be limiting.
  • security information used by a chip may be stored in a one-time programmable memory (eFUSE).
  • eFUSE one-time programmable memory
  • eFUSE One-time programmable memory
  • OTP One Time Programable
  • security information Some of the information used by the chip requires high security and cannot be changed. This type of information is called "security information”. Based on the need for security information, it can be stored in eFUSE to ensure that it cannot be tampered with.
  • the eFUSE used in chips is often expensive, so the storage space is limited and is often fixed when the chip is designed.
  • the amount of security information data may vary depending on the needs (such as different services). For example, customers may require that their serial (SN) code, market code, access code, etc. be stored in the eFUSE as security information.
  • An embodiment of the present disclosure provides a method for information processing of a chip component, wherein the chip component includes a chip, an information storage device, and an eFUSE.
  • the information processing method of the embodiment of the present disclosure is executed by a chip component, that is, it is a method for the chip component to process information.
  • the chip assembly of the embodiment of the present disclosure includes a chip (processor) that actually performs data operations, and an information memory and eFUSE for storing information (or data).
  • the above chips, information storage, and eFUSE can communicate with each other, that is, the chip can write information to the information storage and eFUSE, and can also read information from the information storage and eFUSE.
  • the chip component also has an external interface for receiving external instructions (such as from software) to perform corresponding operations and feedback the results of the operations to the outside.
  • eFUSE can be integrated with the chip (i.e., on-chip storage), and information storage
  • the memory is a rewritable memory that can be stored outside the chip (i.e., off-chip storage).
  • the information storage includes a flash memory FLASH.
  • FLASH (such as off-chip FLASH) may be used as an information storage device in a chip component.
  • the method for information processing of a chip assembly includes steps S101 and S102 .
  • step S101 the plain text of the confidential information is encrypted according to the information encryption algorithm to obtain the cipher text of the confidential information.
  • the chip uses a preset encryption algorithm (called an information encryption algorithm) to encrypt the plain text of the information that needs to be kept confidential (i.e., the confidential information, that is, the information to be stored in the eFUSE) to obtain the ciphertext of the confidential information.
  • an information encryption algorithm a preset encryption algorithm to encrypt the plain text of the information that needs to be kept confidential (i.e., the confidential information, that is, the information to be stored in the eFUSE) to obtain the ciphertext of the confidential information.
  • the specific form of the information encryption algorithm is diverse, for example, it can be a symmetric encryption algorithm such as AES_CBC256.
  • step S102 the ciphertext of the confidential information is written into the information storage device, and the configuration information is written into the eFUSE.
  • the configuration information represents the storage status of the ciphertext of the confidential information in the information storage device.
  • the chip writes the ciphertext of the confidential information obtained above into the information storage device (such as FLASH), and writes the storage status (such as address) of the ciphertext of the confidential information in the information storage device into the eFUSE as configuration information, so that the written configuration information cannot be modified.
  • the information storage device such as FLASH
  • the storage status such as address
  • the configuration information when confidential information is needed, the configuration information must be obtained from the eFUSE first, and the confidential information (specifically, the ciphertext of the confidential information) is determined in the information storage according to the configuration information, and then the confidential information is obtained from the information storage. Therefore, even if the hacker tampers with the confidential information in the information storage (such as writing "fake" confidential information in other locations of the information storage), the storage of the tampered information does not match the configuration information in the eFUSE (the configuration information cannot be modified), so the chip component still will not obtain the tampered information.
  • the confidential information specifically, the ciphertext of the confidential information
  • the confidential information is actually stored in the information storage device (such as FLASH) eFUSE only stores its configuration information. Therefore, no matter how large the confidential information is, the space required by eFUSE is very small, so that more information can be stored at a low cost of eFUSE to meet customer needs.
  • the confidential information is encrypted, and its configuration information is stored in eFUSE and cannot be modified. Therefore, although the confidential information is actually located in the information storage device, its security is still very high and cannot be cracked or tampered with.
  • the configuration information includes at least one of the following: the address of the ciphertext of the confidential information in the information storage device, the size of the ciphertext of the confidential information, and the configuration of whether the confidential information is readable by the software.
  • the configuration information may include the storage address of the confidential information, the size of the information, etc., and may also include a configuration indicating whether the confidential information is readable by the software, etc., so that the confidential information can be read from the information storage in a corresponding manner based on this information.
  • the chip includes an encryption interface, and the information key is embedded in the chip.
  • encrypting the plain text of confidential information according to the information encryption algorithm to obtain the cipher text of the confidential information includes steps S1011 and S1012 .
  • step S1011 through the encryption interface, the chip uses the information key according to the information encryption algorithm to encrypt the plain text of the confidential information to obtain the cipher text of the confidential information.
  • step S1012 the encryption interface is closed.
  • confidential information can be encrypted through an encryption interface using an information key solidified in the chip, and then the encryption interface is permanently closed (such as solidifying another eFUSE built into the chip), thereby ensuring that hackers cannot obtain the information key to crack the confidential information, and cannot use the chip to re-encrypt to obtain "fake” confidential information, thereby further improving the security of the confidential information.
  • an information key can be randomly generated on the hardware.
  • the information key is fixed in the chip, so it cannot be modified or obtained again (because it is randomly generated).
  • the information key is invisible and inaccessible to the outside world (such as software).
  • the software can only implement encryption operations through the encryption interface of the chip hardware (such as the encryption and decryption module controlled by a specific register). After the encryption of the confidential information is completed, the encryption interface can be closed by hardware, so that it cannot be reused.
  • the method of the embodiment of the present disclosure further includes steps S1031 and S1032 .
  • step S1031 verification information is generated according to the ciphertext of the confidential information and/or the plaintext of the confidential information.
  • step S1032 the verification information is written into the information storage.
  • verification information (such as a "certificate" derived from confidential information (plain text, cipher text) may also be stored in an information storage device so that when the confidential information is read, the confidential information may be verified based on the verification information to determine whether it is correct.
  • the verification information can be attached to the header of the ciphertext of the confidential information, thereby serving as its "header certificate”.
  • the verification information can be a check value (such as a hash value) calculated based on the confidential information (ciphertext, plaintext), so that when reading the confidential information, its check value can be calculated again, and the correctness of the confidential information can be judged based on whether the calculated check value is the same as the check value in the verification information.
  • a check value such as a hash value
  • the verification information itself can also be encrypted by a preset encryption algorithm (such as a verification encryption algorithm).
  • a verification encryption algorithm can be an asymmetric encryption algorithm such as RSA2048, which is encrypted by a private key, and the verification information is decrypted by a public key when reading confidential information.
  • the process of writing the verification information into the information storage device can be performed before or after the process of writing the confidential information into the information storage device, or it can be performed simultaneously (such as writing as a header certificate of confidential information).
  • An embodiment of the present disclosure provides a method for information processing of a chip component, wherein the chip component includes a chip, an information storage device, and an eFUSE.
  • the information processing method of the embodiment of the present disclosure is executed by a chip component, that is, it is a method for the chip component to process information.
  • the chip assembly of the embodiment of the present disclosure includes a chip (processor) that actually performs data operations, and an information memory and eFUSE for storing information (or data).
  • the above chips, information storage, and eFUSE can communicate with each other, that is, the chip can write information to the information storage and eFUSE, and can also read information from the information storage and eFUSE; at the same time, the chip component also has an external interface to receive external Instructions (such as from software) are used to perform corresponding operations and the results of the operations are fed back to the outside.
  • external Instructions such as from software
  • the eFUSE may be integrated with the chip (ie, on-chip storage), while the information memory is a rewritable memory that may be located outside the chip (ie, off-chip storage).
  • the information storage includes FLASH.
  • FLASH (such as off-chip FLASH) may be used as an information storage device in a chip component.
  • the information storage device stores ciphertext of confidential information, which is obtained by encrypting plaintext of the confidential information according to an information encryption algorithm.
  • the eFUSE stores configuration information, which represents the storage status of the ciphertext of the confidential information in the information storage device.
  • the information in the chip component of the embodiment of the present disclosure is written by the above chip component information processing method, so the ciphertext of confidential information is stored in its information storage, and the corresponding configuration information is stored in the eFUSE.
  • the information processing method of the chip assembly according to the embodiment of the present disclosure includes steps S201 to S203 .
  • step S201 the configuration information stored in the eFUSE is read.
  • the chip When confidential information is needed, the chip first reads its configuration information from eFUSE.
  • step S202 the ciphertext of the confidential information is read from the information storage according to the configuration information.
  • the chip can actually read the ciphertext of the corresponding confidential information from the information storage (such as FLASH) according to the above configuration information.
  • the configuration information includes at least one of the following: the address of the ciphertext of the confidential information in the information storage device, the size of the ciphertext of the confidential information, and the configuration of whether the confidential information is readable by the software.
  • the corresponding information may be read from the information storage device according to the address and size of the ciphertext of the confidential information, and whether the confidential information is readable by the software may be determined according to the configuration.
  • step S203 the ciphertext of the confidential information is decrypted according to the information encryption algorithm to obtain the plaintext of the confidential information.
  • the chip After obtaining the ciphertext of the confidential information, the chip can perform corresponding decryption according to the information encryption algorithm to obtain the plaintext of the confidential information for subsequent use.
  • the prerequisite for executing the above steps is that the configuration information is stored in the eFUSE, that is, the eFUSE has been solidified. If there is no configuration information in the eFUSE (not solidified), the above steps do not need to be performed.
  • confidential information is actually stored in an information storage device (such as FLASH), and eFUSE only stores its configuration information. Therefore, no matter how large the confidential information is, the space required for eFUSE is very small, thereby being able to store a larger amount of information at a low cost of eFUSE to meet customer needs.
  • the confidential information is encrypted, and its configuration information is stored in eFUSE and cannot be modified. Therefore, although the confidential information is actually located in the information storage device, its security is still very high and cannot be cracked or tampered with.
  • reading the configuration information stored in the eFUSE includes step S2011 .
  • step S2011 in response to the chip remotely starting the bootrom, the configuration information stored in the eFUSE is read.
  • the above process of reading confidential information can be performed when the chip is in bootrom, and can only be performed when the chip is in bootrom, so that the confidential information can be used after the chip is started, and it can be ensured that the above steps are not performed in other processes, thereby further improving the security of the confidential information.
  • step S205 is further included.
  • step S205 the plain text of the confidential information is written into the random access memory RAM.
  • the plain text of the confidential information obtained by the above decryption can be stored in the RAM of the chip, so that the confidential information (plain text) can be obtained from the RAM at any time and used after the chip is started.
  • the confidential information in the RAM can also have different forms as needed. For example, whether the confidential information is readable by the software can be set when writing to the RAM based on the configuration of whether the confidential information is readable by the software.
  • the chip includes a decryption interface, and the information key is embedded in the chip.
  • decrypting the ciphertext of the confidential information according to the information encryption algorithm to obtain the plaintext of the confidential information includes step S2031 .
  • step S2031 through the decryption interface, the chip uses the information key according to the information encryption algorithm to decrypt the ciphertext of the confidential information to obtain the plaintext of the confidential information.
  • the chip when the ciphertext of the confidential information is encrypted using the fixed information key through the above writing interface, the chip may also have a hardware decryption interface.
  • the software calls the decryption interface to make the chip decrypt with the information key solidified in it, so that the outside world can only obtain the plaintext as the decryption result, but still cannot access the information key, further improving security.
  • the information storage device further stores verification information, where the verification information is generated based on the ciphertext of the confidential information and/or the plaintext of the confidential information.
  • the method of the embodiment of the present disclosure further includes steps S2041 and S2042 .
  • step S2041 the verification information stored in the information storage is read.
  • step S2042 the ciphertext of the confidential information and/or the plaintext of the confidential information is verified according to the verification information.
  • the above verification information when the above verification information is also stored in the information storage device, the above verification information can also be used to verify the correctness of the verification information during the process of reading the confidential information.
  • the verification information may be attached to the header of the ciphertext of the confidential information, so that the verification information may be read at the same time as the confidential information is read.
  • the verification information can be a check value (such as a HASH value) calculated based on the confidential information (ciphertext, plaintext), so that when reading the confidential information, its check value can be calculated again, and the correctness of the confidential information can be judged based on whether the calculated check value is the same as the check value in the verification information.
  • a check value such as a HASH value
  • the verification information itself can also be encrypted by a preset encryption algorithm (such as a verification encryption algorithm).
  • a verification encryption algorithm can be an asymmetric encryption algorithm such as RSA2048, which is encrypted by a private key, and the verification information is decrypted by a public key when reading confidential information.
  • confidential information ciphertext, plaintext
  • it can be verified based on the verification information, so the numbering and description order of the above steps does not necessarily represent their execution order.
  • a method for information processing of a chip component may specifically include steps A101 to A109 , some of which are shown in FIG. 6 .
  • step A101 when the chip is designed and produced, the information encryption algorithm, information key, and verification encryption algorithm are solidified in it, and a hardware encryption interface and decryption interface controlled by software are set in the chip.
  • the information encryption algorithm may be a symmetric encryption algorithm (AES_CBC256), and the information key used by the algorithm is a random number of a fixed size (eg, 256 bits) generated by hardware when the chip is produced.
  • AES_CBC256 symmetric encryption algorithm
  • the verification encryption algorithm is used to encrypt the verification information, which may be an asymmetric encryption algorithm (such as RSA2048), and its key is a randomly generated key pair, in which the private key is used for encryption and the public key is used for decryption.
  • asymmetric encryption algorithm such as RSA2048
  • the encryption interface can be the plaintext address, plaintext size, and DDR address where the ciphertext is stored in the memory DDR (double data rate synchronous dynamic random access memory), and another built-in eFUSE is used to calibrate whether the encryption is completed.
  • DDR double data rate synchronous dynamic random access memory
  • step A102 during the production (or development and debugging) of the security version, the hardware encryption interface is called, and the plain text of the confidential information written into the eFUSE in the related technology is encrypted using the information encryption algorithm to convert the ciphertext of the security information.
  • the ciphertext may be obtained by encrypting the plaintext using a symmetric encryption algorithm (such as AES_CBC256).
  • a symmetric encryption algorithm such as AES_CBC256
  • step A103 the ciphertext of the security information is stored in a specific storage area of the off-chip FLASH (information storage), verification information about the plaintext and ciphertext is generated, and the verification information is written as a header certificate in the header of the ciphertext of the security information.
  • HASH256 operation can be performed on the ciphertext and plaintext of the confidential information respectively to obtain a 256-bit HASH value (check value) respectively, and the two HASH values are encrypted through an asymmetric encryption algorithm (such as the private key of RSA2048) to generate a 2048-bit signature, and the 1KB header certificate and the ciphertext image of the confidential information are used as encrypted images and returned to the specific DDR space through configuration.
  • asymmetric encryption algorithm such as the private key of RSA2048
  • step A104 the address, size, and whether the security information ciphertext is readable by software in the FLASH are used as configuration information, and the configuration information is written into the eFUSE, and the eFUSE is solidified to become Read-only, permanently close the hardware encryption interface, the encryption function becomes invalid, the hardware ensures that the relevant registers become read-only, and finally erase the plaintext and ciphertext stored in DDR.
  • step A105 when the chip boots into rom, it attempts to read the fixation mark of eFUSE. If it has been fixed (configuration information has been written), the following steps are executed. If it has not been fixed, it boots into rom in a conventional manner.
  • step A106 configuration information is obtained, information of corresponding size is read from the corresponding FLASH address as ciphertext of security information, and the header certificate etc. is read at the same time.
  • step A107 the header certificate is used to perform signature verification and decryption to obtain the corresponding plaintext. If the signature verification and decryption fails, an error is reported and the process stops. If successful, the corresponding plaintext is obtained and the subsequent steps are continued.
  • a symmetric encryption algorithm (such as AES_CBC256) can be used to decrypt with a fixed information key to obtain plaintext; and an asymmetric encryption algorithm can be used to decrypt the header certificate (such as the public key of RSA2048) to obtain two 256-bit HASH values corresponding to the ciphertext and plaintext stored therein; then the ciphertext stored in the FLASH and the decrypted plaintext are respectively subjected to HASH256 operations to calculate two 256-bit HASH values corresponding to the ciphertext and plaintext respectively; finally, the stored HASH value is compared with the calculated HASH value to see if they are the same.
  • AES_CBC256 a symmetric encryption algorithm
  • the signature verification and decryption are successful, and the decrypted plaintext is used as the correct plaintext. If they are different, the signature verification and decryption fail (if the HASH values of the ciphertext are different, it means that the ciphertext has been tampered with; if the HASH values of the plaintext are different, it means that the decryption failed or the plaintext has been tampered with)
  • step A108 the plain text is written to a specific address of the RAM, and whether it is readable by the software is set according to the configuration, thereby ensuring that the subsequent code can only read the contents of the above specific address of the RAM, or cannot read it (that is, only hardware access is allowed).
  • step A109 after the chip is started, the security information can be read from the corresponding area of the RAM and used when needed.
  • an embodiment of the present disclosure provides a chip component, including a chip, an information storage device, and an eFUSE, wherein the chip can implement an information processing method of any chip component of the embodiment of the present disclosure.
  • the chip component of the disclosed embodiment can execute the above chip component information processing method (including both the above method of writing confidential information and the above method of reading confidential information), thereby meeting various needs of customers and ensuring the security of confidential information at a low eFUSE cost.
  • the information storage includes FLASH.
  • FLASH (such as off-chip FLASH) may be used as an information storage device in a chip component.
  • an embodiment of the present disclosure provides a computer-readable medium having a computer program stored thereon, and when the computer program is executed by a processor, a chip can implement a method for information processing of any chip component of the embodiment of the present disclosure.
  • a processor is a device with data processing capabilities, including but not limited to a central processing unit (CPU); a memory is a device with data storage capabilities, including but not limited to random access memory (RAM, more specifically SDRAM, DDR, etc.), read-only memory (ROM), electrically erasable programmable read-only memory (EEPROM), and flash memory (FLASH); an I/O interface (read-write interface) is connected between the processor and the memory, and can realize information exchange between the memory and the processor, including but not limited to a data bus (Bus), etc.
  • CPU central processing unit
  • a memory is a device with data storage capabilities, including but not limited to random access memory (RAM, more specifically SDRAM, DDR, etc.), read-only memory (ROM), electrically erasable programmable read-only memory (EEPROM), and flash memory (FLASH); an I/O interface (read-write interface) is connected between the processor and the memory, and can realize information exchange between the memory and the processor, including but not limited to a data bus (Bus
  • the division between functional modules/units mentioned in the above description does not necessarily correspond to the division of physical components; for example, one physical component may have multiple functions, or one function or step may be performed by several physical components in cooperation.
  • Some or all of the physical components may be implemented as software executed by a processor, such as a central processing unit (CPU), a digital signal processor, or a microprocessor, or as hardware, or as an integrated circuit, such as an application specific integrated circuit.
  • a processor such as a central processing unit (CPU), a digital signal processor, or a microprocessor, or as hardware, or as an integrated circuit, such as an application specific integrated circuit.
  • Such software may be distributed on a computer-readable medium, which may include a computer storage medium (or non-transitory medium) and a communication medium (or transient medium).
  • the term computer storage media includes volatile and non-volatile, removable and non-removable media implemented in any method or technology for storing information (such as computer-readable instructions, data structures, program modules, or other data).
  • Computer storage media include, but are not limited to, random access memory (RAM, more specifically SDRAM, DDR, etc.), read-only memory (ROM), electrically erasable programmable read-only memory (EEPROM), flash memory (FLASH) or other disk storage; CD-ROM, DVD or other optical disk storage; cassettes, tapes, disk storage or other magnetic storage; any other medium that can be used to store the desired information and can be accessed by a computer.
  • RAM random access memory
  • ROM read-only memory
  • EEPROM electrically erasable programmable read-only memory
  • FLASH compact discsable programmable read-only memory
  • CD-ROM CD-ROM, DVD or other optical disk storage
  • cassettes, tapes, disk storage or other magnetic storage any other medium that can be used to store the desired information and can be accessed by a computer.
  • communication media generally contain computer-readable instructions, data structures, program modules, or other data in a modulated data signal such as a carrier wave or other transport mechanism, and may include any information delivery media.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Health & Medical Sciences (AREA)
  • Human Computer Interaction (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Storage Device Security (AREA)

Abstract

La présente invention concerne un procédé de traitement d'informations d'un ensemble puce. L'ensemble puce comprend une puce, une mémoire d'informations, et un eFUSE de mémoire programmable une seule fois. Le procédé comprend les étapes suivantes : chiffrement d'un texte en clair d'informations confidentielles selon un algorithme de chiffrement d'informations afin d'obtenir un texte chiffré des informations confidentielles ; et écriture du texte chiffré des informations confidentielles dans la mémoire d'informations, et écriture d'informations de configuration dans l'eFUSE, les informations de configuration représentant la situation de stockage du texte chiffré des informations confidentielles dans la mémoire d'informations. La présente invention concerne en outre un ensemble puce et un support lisible par ordinateur.
PCT/CN2023/102614 2022-09-30 2023-06-27 Ensemble puce et son procédé de traitement d'informations, et support lisible par ordinateur WO2024066533A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN202211230338.7 2022-09-30
CN202211230338.7A CN117854566A (zh) 2022-09-30 2022-09-30 芯片组件及其信息处理的方法、计算机可读介质

Publications (1)

Publication Number Publication Date
WO2024066533A1 true WO2024066533A1 (fr) 2024-04-04

Family

ID=90475931

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2023/102614 WO2024066533A1 (fr) 2022-09-30 2023-06-27 Ensemble puce et son procédé de traitement d'informations, et support lisible par ordinateur

Country Status (2)

Country Link
CN (1) CN117854566A (fr)
WO (1) WO2024066533A1 (fr)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111475815A (zh) * 2020-04-08 2020-07-31 上海汉枫电子科技有限公司 一种用于芯片的代码保护方法
CN112363956A (zh) * 2020-11-11 2021-02-12 上海磐启微电子有限公司 一种对flash存储器加解密的方法及装置
CN113076563A (zh) * 2021-04-08 2021-07-06 上海磐启微电子有限公司 一种Flash内容保护方法及装置
CN113297546A (zh) * 2021-06-21 2021-08-24 尧云科技(西安)有限公司 一种复合加密的代码保护方法及装置

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111475815A (zh) * 2020-04-08 2020-07-31 上海汉枫电子科技有限公司 一种用于芯片的代码保护方法
CN112363956A (zh) * 2020-11-11 2021-02-12 上海磐启微电子有限公司 一种对flash存储器加解密的方法及装置
CN113076563A (zh) * 2021-04-08 2021-07-06 上海磐启微电子有限公司 一种Flash内容保护方法及装置
CN113297546A (zh) * 2021-06-21 2021-08-24 尧云科技(西安)有限公司 一种复合加密的代码保护方法及装置

Also Published As

Publication number Publication date
CN117854566A (zh) 2024-04-09

Similar Documents

Publication Publication Date Title
US10361851B2 (en) Authenticator, authenticatee and authentication method
US8543839B2 (en) Electronic device and method of software or firmware updating of an electronic device
KR101393307B1 (ko) 보안 부팅 방법 및 그 방법을 사용하는 반도체 메모리시스템
JP5214782B2 (ja) メモリ装置、ストレージメディア、ホスト装置、及びシステム
JP5793709B2 (ja) 鍵実装システム
EP2583213B1 (fr) Mémoire non volatile destinée à un anti-clonage et procédé d'authentification de celle-ci
EP1855281A2 (fr) Appareil pour l'écriture de données sur un support
TWI379571B (en) Method and system for command authentication to achieve a secure interface
US8850207B2 (en) Data recording device, and method of processing data recording device
US9830479B2 (en) Key storage and revocation in a secure memory system
FR2979443A1 (fr) Microcontroleur securise a base de mode
CN109445705A (zh) 固件认证方法及固态硬盘
US10387653B2 (en) Secure provisioning of semiconductor chips in untrusted manufacturing factories
EP1640844A1 (fr) OTP sécurisée utilisant une mémoire externe
US20140281570A1 (en) Method of performing an authentication process between data recording device and host device
WO2024066533A1 (fr) Ensemble puce et son procédé de traitement d'informations, et support lisible par ordinateur
JP2007193800A (ja) カード認証システムのセキュリティレベルを向上させる装置及び方法
JP5591964B2 (ja) 認証方法、被認証装置及び認証装置
US10318766B2 (en) Method for the secured recording of data, corresponding device and program
CN109598154B (zh) 一种可信全盘加解密方法
EP4254855A1 (fr) Dispositif et procédé permettant de commander le fonctionnement d'une clé cryptographique
CN115185879A (zh) 控制装置、数据处理的方法、存储系统、soc
CN116167040A (zh) 基于安全证书的调试权限控制方法及安全芯片

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 23869781

Country of ref document: EP

Kind code of ref document: A1