CN104700047A - Information leakage prevention security design method - Google Patents

Information leakage prevention security design method Download PDF

Info

Publication number
CN104700047A
CN104700047A CN201410427560.5A CN201410427560A CN104700047A CN 104700047 A CN104700047 A CN 104700047A CN 201410427560 A CN201410427560 A CN 201410427560A CN 104700047 A CN104700047 A CN 104700047A
Authority
CN
China
Prior art keywords
information
sensitive information
destination register
read
leakage
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201410427560.5A
Other languages
Chinese (zh)
Inventor
叶茵
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing CEC Huada Electronic Design Co Ltd
Original Assignee
Beijing CEC Huada Electronic Design Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing CEC Huada Electronic Design Co Ltd filed Critical Beijing CEC Huada Electronic Design Co Ltd
Priority to CN201410427560.5A priority Critical patent/CN104700047A/en
Publication of CN104700047A publication Critical patent/CN104700047A/en
Pending legal-status Critical Current

Links

Landscapes

  • Storage Device Security (AREA)

Abstract

The invention discloses a security design method capable of preventing the leakage of sensitive information such as a key. According to the method, information leakage during the reading of the sensitive information out of a memory and the writing of the sensitive information into a destination register can be prevented; power consumption information related to the number of 0/1 in the sensitive information is prevented from being leaked when being read out of the memory and written into the destination register by splitting and covering the sensitive information and performing equalization processing during the writing of the destination register.

Description

A kind of Security Design Methods resisting leakage of information
Technical field
The present invention relates to safety protection of chip technology, be specifically related to a kind of Security Design Methods resisting leakage of information, sensitive information can be resisted and read from storer and the information leakage produced during write destination register.
Background technology
Along with smart card is in the application of financial field, the security of chip gets the attention.Chip not only needs to complete specific function, performance, also needs to resist attack simultaneously, prevents the leakage of attacking the security information caused.
The sensitive informations such as key are generally stored in nonvolatile memory inside, when this sensitive information reads use from storer, mountain 0/1 number in the byte forming the sensitive informations such as key is different, the transient power consumption of chip can be made to produce difference, and assailant utilizes the power consumption difference of chip to carry out the acquisition of sensitive information by attack meanses such as differential power consumption analysis.
In order to reach the object that opposing is attacked; the method of the more sensitive information such as new key after general employing uses at every turn; but the method can propose high requirement to the write life-span of storer, also need the mirror image protection problem considering power down simultaneously, adverse effect will be brought to overall chip performance and reliability.
The present invention is directed to a kind of method that the problems referred to above propose hiding change of power consumption, the reading of the sensitive informations such as key no longer causes the difference of power consumption, make assailant that this information cannot be utilized to carry out the acquisition of sensitive information, thus reach the object preventing sensitive information leakage.
Summary of the invention
The present invention proposes the Security Design Methods preventing the sensitive informations such as key from leaking, the method can be resisted sensitive information and be read from storer and the information leakage produced during write destination register, the method, by the fractionation of sensitive information and equilibrium treatment when covering and write destination register, makes the power consumption information relevant to 0/1 number in sensitive information do not revealed when reading from storer and write destination register.The method specifically comprises following steps:
(1) the sensitive information K such as key are split into n part K0, K1 ... Kn-1} (n be more than or equal to 2 integer);
(2) by every part of information with cover information S and combine formation storage cell T (word once read or byte), the length of S be every part of message length m times (m be more than or equal to 1 integer); Making 0/1 number in storage cell T identical, namely by covering information, 0/1 number of sensitive information being covered;
(3) storage content is read according to storage cell;
(4) if the sensitive information of reading to be write direct destination register, then can produce power consumption during write to reveal, the invention provides two kinds of solutions, one is that the information of T is all write destination register, and two is that the inversion signal of K and K/K is write destination register.Only use information protection in effective sensitive information K, K application process during application not within the scope of the discussion of this patent;
(5) forward (3) to and read next storage unit, until all information reads and completes storage.
Then can hide by said method and step 0/1 number contained because of sensitive information different, read and the information leakage that causes in destination register ablation process at storer.
Accompanying drawing explanation
Fig. 1 all writes the inventive method schematic diagram of destination register
Fig. 2 K and/K writes the inventive method schematic diagram of destination register
Embodiment:
In order to understand the present invention better, below in conjunction with accompanying drawing, its course of work is described in detail.
Suppose by sensitive information K be 18 bit number 01 10 11 01}, for avoiding assailant to utilize the power consumption information relevant to 0/1 number to obtain this sensitive information, carry out as follows data store with read:
(1) K is divided into n part, composition graphs 1, supposes n=4 part, be divided into K3={01} by K, K2={10}, K1={11}, K0={01};
(2) covering it with covering information S, supposing m=3, every part of K covers with 3 times of its length, such as, to K0, adopts S0, S1, S2 to cover.The value of S0, S1, S2 should make T0={S2, and 0/1 number in S1, S0, K0} is identical, such as K0=01, then { S2, S1, S0} can get { 00,01,11}; K1=11, then S5, S4, S3} can get 01,10,00}, the T0 ~ T3 formed like this is respectively stored in the storage unit of storer;
(3) from storer, read the content T0 of a storage unit;
(4) information read can be adopted in two ways stored in destination register, and method one is direct stored in destination register as shown in Figure 1; K0={01} and its corresponding inversion signal/K0={10} as shown in Figure 2, is only write destination register after reading T0 by method two.Method one needs to take more register resources, but can ensure good handling safety; It is less that method two occupies register resources, but inversion operation exists certain information leakage, and the noise as fruit chip itself can cover this leakage preferably, can use the method;
(5) forward to (3), from storer, read T1, according to (4) write destination register, write with register until T3 completes storer reading.
It should be noted that, in schematic diagram sensitive information with cover the position of information in a storage unit and can arrange arbitrarily, be not limited to the arrangement method provided in schematic diagram, as T0 can also arrange as { K0, S2, S1, S0} or { S2, K0, S1, S0}.

Claims (1)

1. resist a Security Design Methods for leakage of information, the method includes the steps of:
(1) key sensitive information K is split into n part, K 0, K 1... K n-1, n be more than or equal to 2 integer;
(2) by every part of key sensitive information, combine formation storage cell T, a T be the word or byte that once read with covering information S, and the length of S is m times of every part of key sensitive information length, m be more than or equal to 1 integer; Making 0/1 number in storage cell T identical, namely by covering information, 0/1 number of key sensitive information being covered;
(3) storage content is read according to storage cell;
(4) information of T is all write destination register or the inversion signal of K and K/K is write destination register;
(5) forward (3) to and read next storage unit, until all information reads and completes storage.
CN201410427560.5A 2014-08-27 2014-08-27 Information leakage prevention security design method Pending CN104700047A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201410427560.5A CN104700047A (en) 2014-08-27 2014-08-27 Information leakage prevention security design method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201410427560.5A CN104700047A (en) 2014-08-27 2014-08-27 Information leakage prevention security design method

Publications (1)

Publication Number Publication Date
CN104700047A true CN104700047A (en) 2015-06-10

Family

ID=53347147

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201410427560.5A Pending CN104700047A (en) 2014-08-27 2014-08-27 Information leakage prevention security design method

Country Status (1)

Country Link
CN (1) CN104700047A (en)

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100332578A1 (en) * 2009-06-26 2010-12-30 Vinodh Gopal Method and apparatus for performing efficient side-channel attack resistant reduction
CN102509145A (en) * 2011-09-30 2012-06-20 清华大学 Power-aware power balancing S box unit circuit and application method thereof
CN102970132A (en) * 2011-08-31 2013-03-13 北京中电华大电子设计有限责任公司 Protection method for preventing power analysis and electromagnetic radiation analysis on grouping algorithm

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100332578A1 (en) * 2009-06-26 2010-12-30 Vinodh Gopal Method and apparatus for performing efficient side-channel attack resistant reduction
CN102970132A (en) * 2011-08-31 2013-03-13 北京中电华大电子设计有限责任公司 Protection method for preventing power analysis and electromagnetic radiation analysis on grouping algorithm
CN102509145A (en) * 2011-09-30 2012-06-20 清华大学 Power-aware power balancing S box unit circuit and application method thereof

Similar Documents

Publication Publication Date Title
CN102473453B (en) Semiconductor storage device
CN103559146B (en) A kind of method improving NAND flash controller read or write speed
CN105679359A (en) Semiconductor memory device
CN102324246B (en) Method, device and system for registering in register of memory
WO2008126609A1 (en) Error detection control system
US11354408B2 (en) Technique for detecting and thwarting row-hammer attacks
CN103413569B (en) One reads and one writes static RAM
CN102184365A (en) External data security memory architecture based on system on chip (SoC) and access control method
TWI628544B (en) System for preserving data in volatile memory and method thereof
CN101694639B (en) Computer data caching method
CN103257850B (en) A kind of instruction cache based on zone bit access trace
US11698730B2 (en) Data storage method, apparatus, and device, and readable storage medium
CN106845290B (en) SRAM controller for secure memory chip and interface circuit thereof
CN101178933B (en) Flash memory array device
CN104700047A (en) Information leakage prevention security design method
CN202102448U (en) SoC (System on Chip)-based external-data safe-storing framework
CN103198032A (en) SD (secure digital) card containing hidden partition and control method
CN104268005B (en) Virtual machine awakening method and device
CN106295402A (en) The hidden method of a kind of dll file and system
CN103778953B (en) The memory element of SRAM
CN105264500A (en) Data transmission method and apparatus
CN103399716A (en) Method and processor for writing and reading data
CN103412828B (en) The method and apparatus that a kind of data process
CN109299622B (en) DRAM PUF test system and DRAM PUF extraction method thereof
CN102063365A (en) Method and device for recording operation information of single plate

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
CB02 Change of applicant information

Address after: 102209 Beijing, Beiqijia, the future of science and technology in the south area of China electronic network security and information technology industry base C building,

Applicant after: Beijing CEC Huada Electronic Design Co., Ltd.

Address before: 100102 Beijing City, Chaoyang District Lize two Road No. 2, Wangjing science and Technology Park A block five layer

Applicant before: Beijing CEC Huada Electronic Design Co., Ltd.

COR Change of bibliographic data
WD01 Invention patent application deemed withdrawn after publication
WD01 Invention patent application deemed withdrawn after publication

Application publication date: 20150610