CN107229578B - Method and device for generating non-repeated application data based on chip - Google Patents
Method and device for generating non-repeated application data based on chip Download PDFInfo
- Publication number
- CN107229578B CN107229578B CN201710574271.1A CN201710574271A CN107229578B CN 107229578 B CN107229578 B CN 107229578B CN 201710574271 A CN201710574271 A CN 201710574271A CN 107229578 B CN107229578 B CN 107229578B
- Authority
- CN
- China
- Prior art keywords
- data
- submodule
- generating
- bit
- decoding
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F12/00—Accessing, addressing or allocating within memory systems or architectures
- G06F12/14—Protection against unauthorised use of memory or access to memory
- G06F12/1408—Protection against unauthorised use of memory or access to memory by using cryptography
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Detection And Correction Of Errors (AREA)
- Error Detection And Correction (AREA)
Abstract
The invention discloses a method and a device for generating non-repetitive application data based on a chip, wherein the method comprises the following steps: powering on and powering off the chip, and reading data from the chip during the chip powering on to generate a first data list; when the same bit in each data in the first data list has the same value, generating first data according to the value, and extracting a first identification code from the first data; error correction coding is carried out on the random number to obtain an error correction code word, and help data are generated according to the error correction code word and the first identification code for help storage; generating a second identification code according to the data bit marked as 1 in the stored marking data and the read data, and generating an operation result according to the second identification code and the help data; and carrying out error correction decoding on the operation result, generating decoding data according to the decoding result, generating an extended sequence according to the decoding data and preset data, and acquiring required application data from the extended sequence. The technical scheme of the invention can generate unique application data with any length, and improve the use safety of the application data.
Description
Technical Field
The invention relates to the field of information security, in particular to a method and a device for generating non-repetitive application data based on a chip.
Background
The product serial number is application data stored in a flash (Chinese name: nonvolatile memory) during production or use of the product, other application data (such as a secret key) is also stored in the flash, and an attacker can easily illegally obtain the application data through reverse engineering. The protection technology used at present is to encrypt application data and store the encrypted application data in a flash, but when the method is used, an attacker can also obtain a completely same chip by copying data on all the flash, and the application data output by the chip is completely the same as the attacked chip, so that great potential safety hazards exist.
PUF (Physical Unclonable Functions, which is a common English name) is a DNA technology based on chip which is proposed by using the unique characteristics (such as fingerprint or iris) of human body currently used for authenticating individuals. A PUF is a physical entity within a chip that outputs an unpredictable response using its built-in algorithm by inputting a stimulus to the physical entity. The SRAM PUF (English name: Static Random Access Memory PUF, Chinese name: Static Random Access Memory physical unclonable function) is an improved PUF, and the input is the chip electrification; the output is random data on SRAM (Chinese name: static random access memory), the concrete realization method includes registration process and application process;
the registration process comprises the following steps:
1. reading an initial value, and generating an SRAM seed value according to the initial value, wherein the seed value is a BCH code with a fault-tolerant function;
2. performing BCH coding operation on the SRAM seed value to generate a BCH code word; the BCH code words have error tolerance;
3. reading an SRAM initial value, and generating an identification code according to the SRAM initial value, wherein the SRAM initial value is the same as the BCH code word in length;
4. generating a 256-bit unique key value by the identification code through a secure hash algorithm SHA-256;
5. performing XOR processing on the BCH code word and the identification code to generate and store help data; the helper data HD is used for key reconstruction, recovering the identification code from the noisy identification code.
The application process comprises the following steps:
1. reading a network identification code with noise and the same address as the identification code;
2. reading the saved helper data;
3. performing XOR processing on the network identification code with the noise and the help data to obtain a BCH code with an error;
4. performing BCH decoding operation on the BCH codes with errors, if the actual errors are not larger than the designed error correction tolerance, generating standard BCH codes, and continuing the system authentication if the system authentication is successful; otherwise, BCH decoding fails, and the method is ended;
5. performing exclusive or operation on the standard BCH code and the help data to recover an identification code used in a system registration stage;
6. and (3) generating a 256-bit key value by the recovered identification code through a secure hash algorithm SHA-256, wherein the key value is the same as the unique key value generated during system registration.
Although the method can prevent an attacker from copying the application data and improve the safety of the application data, the method also has other disadvantages:
1. because the SRAM has strong instability, the SRAM seed value is used without any screening in the registration stage, so that a large amount of data needing error correction exists in BCH coding, the number of the data needing error correction is seriously more than the error correction capability of commonly used error correction codes, and the system cannot be applied;
2. the acquired identification code contains a large amount of unstable data, which also causes a large amount of data to be corrected during application, thus increasing the computational load of the error correction code or making the error correction code unable to correct errors properly.
Disclosure of Invention
The invention aims to overcome the defects of the prior art and provides a method and a device for generating non-repetitive application data based on a chip.
The invention provides a method for generating non-repetitive application data based on a chip, which comprises a registration process and an application process, wherein the registration process comprises the following steps:
step S0: powering off and then powering on the chip for preset times, and reading and storing data with fixed length from the chip during each chip power-on period;
step S1: generating a first data list according to the stored data;
step S2: sequentially judging whether the values on the same bit in each data of the first data list are the same, if so, marking the corresponding data bit as 1 to obtain marked data, and executing a step S3, otherwise, marking the corresponding data bit as 0 to obtain marked data, and executing a step S3;
step S3: acquiring values on corresponding bit positions from the data of the first data list according to the data bits marked as 1 in the marking data to obtain first data, and extracting data with a first preset length from the first data to obtain a first identification code;
step S4: generating a random number with a second preset length, carrying out error correction coding on the random number to obtain an error correction code word, generating help data according to the error correction code word and the first identification code, and correspondingly storing the help data and the mark data;
the application process comprises the following steps:
step P1: acquiring the stored marking data and reading the data with fixed length from the chip;
step P2: obtaining a value on a corresponding bit from read data according to a data bit marked as 1 in the marked data to obtain a bit string;
step P3: extracting the data with the first preset length from the bit string to obtain a second identification code, reading the stored corresponding help data, and generating an operation result according to the second identification code and the help data;
step P4: performing error correction decoding on the operation result, if the decoding is successful, taking the second identification code as decoding data, and executing step P5; if the decoding fails and the error correction succeeds, modifying the values of all the error bits in the second identification code according to the decoding result to obtain decoded data, and executing step P5; if decoding fails and error correction fails, an error is reported;
step P5: and generating an extended sequence according to the decoded data and preset data, and acquiring required application data from the extended sequence.
Further, the step S2 is replaced with:
step S2': and carrying out exclusive OR operation on all data in the first data list to obtain marked data.
Further, the step S0 includes:
step S01: powering down the chip and then powering up the chip;
step S02: reading and storing data with fixed length from the fixed position of the chip;
step S03: and judging whether the reading times reach the preset times, if so, executing the step S1, and otherwise, returning to the step S01.
Further, the step S2 includes:
step S2-1: taking the highest bit of each data in the first data list as the current bit;
step S2-2: judging whether the values on the current bit positions of the data in the first data list are the same or not, if so, marking the corresponding data bit as 1 and storing, and executing the step S2-3, otherwise, marking the corresponding data bit as 0 and storing, and executing the step S2-3;
step S2-3: judging whether the values of all the bits of each data in the first data list are processed, if so, executing a step S2-4, otherwise, taking the next bit of each data in the first data list as the current bit, and returning to the step S2-2;
step S2-4: tag data is generated based on the stored data bits.
Further, the step S3, between obtaining first data by obtaining a value at a corresponding bit from the data in the first data list according to the data bit marked as 1 in the mark data and obtaining the first identification code by extracting data of a first preset length from the first data, includes:
and judging whether the length of the first data is smaller than a first preset length, if so, reporting an error, and otherwise, extracting the data with the first preset length from the first data to obtain a first identification code.
Further, the generating of the help data according to the error correction codeword and the first identification code specifically includes: performing an exclusive-or operation on the error correction codeword and the first identification code to obtain the helper data;
the generating of the operation result according to the second identification code and the help data specifically includes: and carrying out XOR operation on the second identification code and the read help data to obtain the operation result.
Further, the generating of the spreading sequence according to the decoded data and the preset data specifically includes: and carrying out hash calculation on the decoded data and preset data by using a hash algorithm to obtain the extended sequence.
Further, the error reporting in step P4 if the decoding fails and the error correction fails includes: judging whether the decoding failure times exceed a preset value, if so, finishing error reporting; otherwise, the decoding failure times are updated, and the step P1 is returned.
The invention also provides a device for generating non-repetitive application data based on a chip, which comprises a registration module and an application module, wherein the registration module comprises:
the power-off and power-on module is used for carrying out power-off and power-on operation on the chip sub-module;
the chip submodule is used for storing data with fixed length;
the reading and storing submodule is used for reading and storing the data with fixed length from the chip submodule during the power-on period of the chip submodule;
the first generation submodule is used for generating a first data list according to the data stored by the reading and storing submodule;
the first judgment submodule is used for sequentially judging whether values on the same bit in each data of the first data list generated by the first generation submodule are the same, if so, marking the corresponding data bit as 1 to obtain marked data, otherwise, marking the corresponding data bit as 0 to obtain marked data;
the first extraction submodule is used for acquiring values on corresponding bit positions from data of a first data list generated by the first generation submodule according to data bits marked as 1 in the marking data acquired by the first judgment submodule to acquire first data, and extracting data with a first preset length from the first data to acquire a first identification code;
the generation coding submodule is used for generating a random number with a second preset length and carrying out error correction coding on the random number to obtain an error correction code word;
the second generation submodule is used for generating help data according to the error correction code word obtained by the generation coding submodule and the first identification code obtained by the first extraction submodule;
the storage submodule is used for correspondingly storing the help data generated by the second generation submodule and the marking data obtained by the first judgment submodule;
the application module comprises:
the acquisition reading submodule is used for acquiring the mark data stored by the storage submodule and reading the data with fixed length from the chip submodule;
the first obtaining submodule is used for obtaining a value on a corresponding bit from the data read by the obtaining and reading submodule according to the data bit marked as 1 in the mark data obtained by the obtaining and reading submodule to obtain a bit string;
the second extraction submodule is used for extracting data with a first preset length from the bit string acquired by the first acquisition submodule to obtain a second identification code, and reading the help data stored by the storage submodule;
the third generation submodule is used for generating an operation result according to the second identification code obtained by the second extraction submodule and the read help data;
the decoding submodule is used for carrying out error correction decoding on the operation result generated by the third generation submodule, and if the decoding is successful, the second identification code is used as decoding data; if the decoding fails and the error correction succeeds, modifying the values of all error bit positions in the second identification code according to the decoding result to obtain decoded data;
the error reporting submodule is used for reporting errors when the decoding submodule fails to decode and fails to correct errors;
the fourth generation submodule is used for generating an extended sequence according to the decoding data obtained by the decoding submodule and preset data;
and the second obtaining submodule is used for obtaining the required application data from the spreading sequence generated by the fourth generating submodule.
Further, the first judgment sub-module is further configured to perform an exclusive or operation on all data in the first data list generated by the first generation module to obtain labeled data.
Further, the read save submodule includes:
the reading and storing unit is used for reading and storing data with fixed length from the fixed position of the chip submodule;
the first judgment unit is used for judging whether the reading times reach preset times or not, if so, the first generation sub-module is triggered to work, and otherwise, the lower-power and upper-power sub-modules are triggered to work;
the first generating submodule is specifically configured to generate a first data list according to the data stored in the reading and storing unit.
Further, the first judgment sub-module includes:
a first acting unit, configured to take a highest bit of each piece of data in a first data list generated by the first generation submodule as a current bit;
a second judging unit, configured to judge whether values at current bit positions of each piece of data in the first data list generated by the first generating sub-module are the same, if so, mark the corresponding data bit as 1 and store the corresponding data bit, and otherwise, mark the corresponding data bit as 0 and store the corresponding data bit;
a third judging unit, configured to judge whether values on all bits of each data in the first data list generated by the first generating sub-module are processed;
a second determining unit, configured to determine, when the third determining unit determines that the current bit is the next bit of each piece of data in the first data list generated by the first generating submodule, that is, the current bit;
and the generating unit is used for generating the marking data according to the data bits stored by the second judging unit when the third judging unit judges that the data bits are positive.
Further, the first extraction sub-module is further configured to determine whether the length of the first data is smaller than a first preset length, if so, an error is reported, otherwise, extract data of the first preset length from the first data to obtain the first identification code.
Further, the second generating sub-module is specifically configured to perform an exclusive-or operation on the error correction codeword obtained by the generated coding sub-module and the first identification code obtained by the first extracting sub-module to obtain the helper data;
the third generating sub-module is specifically configured to perform an exclusive or operation on the second identification code obtained by the second extracting sub-module and the read help data to obtain the operation result.
Further, the fourth generation submodule is specifically configured to perform hash calculation on the decoded data and the preset data obtained by the decoding submodule by using a hash algorithm to obtain the extended sequence.
Further, the application module further comprises a second judgment submodule and an updating submodule;
the second judgment submodule is used for judging whether the decoding failure times exceed a preset value or not when the decoding submodule fails in decoding and error correction fails;
the updating submodule is used for updating the decoding failure times when the second judging submodule judges that the decoding failure times are not the decoding failure times, and triggering the acquisition reading submodule to work;
the error reporting sub-module is specifically configured to report an error when the second determination sub-module determines that the determination result is yes.
Compared with the prior art, the invention has the following advantages:
according to the technical scheme, data in a fixed position on a chip are read after power-off and power-on are carried out for multiple times in the registration process, and a relatively stable state of a first identification code is obtained; the random numbers are coded, each chip is ensured to have different error correction code words, and an attacker is prevented from obtaining corresponding information through attacking the error correction code words; in the application process, in order to ensure the stability of the output of the application data, the second identification code uses the data with the preset length in the bit string in the stable state, the number of times of error correction needed by the error correction code is reduced to the maximum extent, and the efficiency of generating the non-repeated application data based on the chip is improved.
Drawings
Fig. 1 is a flowchart of a method for generating non-repetitive application data based on a chip according to an embodiment of the present invention;
fig. 2 and fig. 3 are flowcharts of a method for generating non-repetitive application data based on a chip according to a second embodiment of the present invention;
fig. 4 is a block diagram of an apparatus for generating non-repetitive application data based on a chip according to a third embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Example one
An embodiment of the present invention provides a method for generating non-repetitive application data based on a chip, as shown in fig. 1, including a registration process (an upper portion of a dotted line in fig. 1) and an application process (a lower portion of a dotted line in fig. 1), where the registration process includes:
step S0: powering off and then powering on the chip for preset times, and reading and storing data with fixed length from the chip during each chip power-on period;
specifically, in the present embodiment, the data stored on the chip will change after the chip is powered off and powered on; step S0 includes:
step S01: powering down the chip and then powering up the chip;
step S02: reading and storing data with fixed length from a fixed position of a chip;
step S03: judging whether the reading times reach the preset times, if so, executing the step S1, otherwise, returning to the step S01;
step S1: generating a first data list according to the stored data;
step S2: sequentially judging whether the values on the same bit in each data of the first data list are the same, if so, marking the corresponding data bit as 1 to obtain marked data, and executing a step S3, otherwise, marking the corresponding data bit as 0 to obtain marked data, and executing a step S3;
specifically, in this embodiment, step S2 includes:
step S2-1: taking the highest bit of each data in the first data list as the current bit;
step S2-2: judging whether the values on the current bit positions of the data in the first data list are the same, if so, marking the corresponding data bit as 1 and storing, and executing the step S2-3, otherwise, marking the corresponding data bit as 0 and storing, and executing the step S2-3;
step S2-3: judging whether the values of all the bits of each data in the first data list are processed, if so, executing a step S2-4, otherwise, taking the next bit of each data in the first data list as the current bit, and returning to the step S2-2;
step S2-4: tag data is generated based on the stored data bits.
Optionally, step S2 in this embodiment may be replaced by: step S2': performing exclusive-or operation on all data in the first data list to obtain marked data;
step S3: acquiring values on corresponding bit positions from data of a first data list according to the data bits marked as 1 in the marking data to obtain first data, and extracting data with a first preset length from the first data to obtain a first identification code;
preferably, in this embodiment, the step of obtaining the first data and obtaining the first identification code in step S3 includes: judging whether the length of the first data is smaller than a first preset length, if so, reporting an error, and otherwise, extracting the data with the first preset length from the first data to obtain a first identification code;
step S4: generating a random number with a second preset length, carrying out error correction coding on the random number to obtain an error correction code word, generating help data according to the error correction code word and the first identification code, and correspondingly storing the help data and the mark data;
in this embodiment, the generating the helper data according to the error correction codeword and the first identification code specifically includes: carrying out XOR operation on the error correction code words and the first identification codes to obtain help data; preferably, the error correction coding method in this embodiment may be BHC coding, or may be implemented by other error correction coding methods (for example, forward error correction coding, etc.), which are not described herein again;
preferably, step S4 may further include: clearing the first identification code;
the application process comprises the following steps:
step P1: acquiring the stored marking data and reading the data with fixed length from the chip;
preferably, in step P1, fixed-length data is read from a fixed position on the chip;
step P2: obtaining a value on a corresponding bit from the read data according to the data bit marked as 1 in the marking data to obtain a bit string;
step P3: extracting data with a first preset length from the bit string to obtain a second identification code, reading the stored corresponding help data, and generating an operation result according to the second identification code and the help data;
in this embodiment, an operation result is generated according to the second identification code and the help data, specifically: performing XOR operation on the second identification code and the read help data to obtain an operation result;
step P4: performing error correction decoding on the operation result, if the decoding is successful, taking the second identification code as decoding data, and executing step P5; if the decoding fails and the error correction succeeds, modifying the values of all the error bits in the second identification code according to the decoding result to obtain decoded data, and executing step P5; if decoding fails and error correction fails, an error is reported;
in this embodiment, if the decoding fails and the error correction fails, the error reporting in step P4 specifically includes: judging whether the decoding failure times exceed a preset value, if so, reporting an error; otherwise, updating the decoding failure times, and returning to the step P1;
preferably, the error correction decoding method in this embodiment may be BHC decoding, or may be implemented by other error correction decoding methods (for example, forward error correction decoding, etc.), which is not described herein again;
step P5: generating an extended sequence according to the decoded data and preset data, and acquiring required application data from the extended sequence;
in this embodiment, the generating the spreading sequence according to the decoded data and the preset data specifically includes: and performing hash calculation on the decoded data and the preset data by using a hash algorithm to obtain an extended sequence.
Example two
An embodiment of the present invention provides a method for generating non-repetitive application data based on a chip, including a registration process and an application process, where the registration process is shown in fig. 2 and includes:
step A0: powering down the chip and then powering up the chip;
specifically, in the present embodiment, the data stored on the chip changes after the chip is powered down and then powered up;
step A1: reading and storing data with fixed length from a fixed position of a chip;
preferably, the fixed length in this embodiment is 1024 bits;
step A2: judging whether the reading times reach the preset times, if so, generating a first data list according to the stored data, and executing the step A3, otherwise, returning to the step A0;
in this embodiment, the preset number may be any number greater than 1, and preferably, the preset number is 50; for example, the length of the data at the fixed position in this embodiment is 1024; the first data list generated is:
| number of readings | Read data (length 1024 bits) |
| 1 | 11100010......110001 |
| 2 | 10100010......110001 |
| ...... | ...... |
| 49 | 11101010......110001 |
| 50 | 11100010......110101 |
Step A3: sequentially judging whether the values on the same bit in each data of the first data list are the same, if so, marking the corresponding data bit as 1 to obtain marked data, executing the step A4, otherwise, marking the corresponding data bit as 0 to obtain marked data, and executing the step A4;
for example, the tag data obtained from the first data list generated as described above: 10110111.. 111011; the length is 1024 bits;
specifically, in this embodiment, step a3 includes:
step A3-1: taking the highest bit of each data in the first data list as the current bit;
step A3-2: judging whether the values on the current bit positions of the data in the first data list are the same or not, if so, marking the corresponding data bit as 1 and storing, and executing the step A3-3, otherwise, marking the corresponding data bit as 0 and storing, and executing the step A3-3;
step A3-3: judging whether the values on all the bits of each data in the first data list are processed, if so, executing the step A3-4, otherwise, taking the next bit of each data in the first data list as the current bit, and returning to the step A3-2;
step A3-4: generating marker data according to the stored data bits;
step A4: acquiring values on corresponding bit positions from the data of the first data list according to the data bits marked as 1 in the marking data to obtain first data;
step A5: judging whether the length of the first data is smaller than a first preset length, if so, reporting an error, otherwise, extracting the data with the first preset length from the first data to obtain a first identification code, and executing the step A6;
preferably, the first preset length in this embodiment is 256 bits, and data of a corresponding length is intercepted from the upper bits of the first data according to the first preset length as the first identification code; for example, the first data composed in this embodiment is 110010. The extracted first identification code is 110010;
step A6: generating a random number with a second preset length, and carrying out error correction coding on the random number to obtain an error correction code word;
preferably, the second preset length in this embodiment is 160 bits; the specific steps of performing error correction coding on the random number to obtain an error correction code word are as follows: BCH coding is carried out on the random number to obtain an error correction code word, and the length of the error correction code word is 256 bits;
step A7: carrying out XOR operation on the error correction code words and the first identification codes to obtain help data;
step A8: clearing the stored first identification code, and correspondingly storing the marking data and the help data;
in the present embodiment, the registration process ends after step A8;
the application process is shown in fig. 3 and includes:
step B1: electrifying the chip, acquiring mark data, and reading data with fixed length from a fixed position of the chip;
step B2: acquiring a corresponding bit value from the read data according to the data bit marked as 1 in the marking data to obtain a bit string;
step B3: extracting data with a first preset length from the bit string to obtain a second identification code, and reading the stored corresponding help data;
preferably, the first preset length in this embodiment is 256 bits; extracting data with a first preset length from the bit string to obtain a second identification code, which specifically comprises the following steps: intercepting data with corresponding length from the high order of the bit string according to the first preset length as a second identification code;
step B4: performing XOR operation on the second identification code and the read help data to obtain an operation result;
step B5: performing error correction decoding on the operation result, if the decoding is successful, taking the second identification code as decoding data, and executing the step B6; if the decoding fails and the error correction succeeds, modifying the values of all the error bits in the second identification code according to the decoding result to obtain decoded data, and executing step B6; if the decoding fails and the error correction fails, execute step B7;
for example, the value of the error bit in the operation result is 1; the value on the bit is modified to 0; preferably, the error correction decoding of the operation result specifically includes: performing BCH decoding on the operation result;
step B6: generating an extended sequence according to the decoded data and preset data, and acquiring required application data from the extended sequence;
in this embodiment, the generating the spreading sequence according to the decoded data and the preset data specifically includes: performing hash calculation on the decoded data and the preset data by using a hash algorithm (such as an SM3 algorithm) to obtain a spreading sequence; for example, the preset data is 0x00000001, 0x00000002, 0x00000003, or the like;
in the embodiment of the invention, the generated application data can be used as a product serial number, a secret key and the like;
step B7: judging whether the decoding failure times exceed a preset value, if so, reporting an error; otherwise, updating the decoding failure times, powering down the chip and returning to the step B1.
Preferably, in this embodiment, the initial value of the decryption failure times is 0, and the updating the decoding failure times specifically includes: the number of decoding failures is increased by 1.
EXAMPLE III
A third embodiment of the present invention provides a device for generating non-repetitive application data based on a chip, as shown in fig. 4, including a registration module 30 and an application module 31, where the registration module 30 includes:
the power-off and power-on module 300 is used for performing power-off and power-on operations on the chip sub-module 301;
the chip submodule 301 is used for storing data with fixed length;
a read-save submodule 302 for reading and saving data of a fixed length from the chip submodule 301 during the power-on period of the chip submodule 301;
specifically, the reading and saving sub-module 302 in this embodiment includes:
a reading and storing unit for reading and storing data of a fixed length from a fixed position of the chip sub-module 301;
the first judging unit is used for judging whether the reading times reach the preset times or not, if so, the first generating submodule 303 is triggered to work, and otherwise, the power-off and power-on submodule 300 is triggered to work;
a first generating submodule 303, configured to generate a first data list according to the data stored in the reading and storing submodule 302;
correspondingly, the first generating sub-module 303 in this embodiment is specifically configured to generate a first data list according to the data stored in the reading and storing unit;
a first judging submodule 304, configured to sequentially judge whether values on the same bit in each data of the first data list generated by the first generating submodule 303 are the same, if yes, mark the corresponding data bit as 1 to obtain marked data, and otherwise mark the corresponding data bit as 0 to obtain marked data;
specifically, in this embodiment, the first determining sub-module 304 includes:
a first acting unit, configured to take a highest bit of each piece of data in the first data list generated by the first generation sub-module 303 as a current bit;
a second judging unit, configured to judge whether values at current bit positions of each piece of data in the first data list generated by the first generating sub-module 303 are the same, if yes, mark the corresponding data bit as 1 and store the corresponding data bit, and if not, mark the corresponding data bit as 0 and store the corresponding data bit;
a third judging unit, configured to judge whether or not the values at all bits of each data in the first data list generated by the first generating sub-module 303 are processed;
a second determining unit, configured to determine, when the third determining unit determines that the current bit is the next bit of each data in the first data list generated by the first generating sub-module 303;
a generation unit configured to generate flag data based on the data bits held by the second judgment unit when the third judgment unit judges yes;
optionally, the first determining submodule 304 in this embodiment is further configured to perform an exclusive-or operation on all data in the first data list generated by the first generating module 303 to obtain labeled data;
the first extraction submodule 305 is configured to obtain a value on a corresponding bit from data in a first data list generated by the first generation submodule 303 according to a data bit marked as 1 in the mark data obtained by the first judgment submodule 304 to obtain first data, and extract data with a first preset length from the first data to obtain a first identification code;
preferably, the first extraction sub-module 305 in this embodiment is further configured to determine whether the length of the first data is smaller than a first preset length, if so, an error is reported, otherwise, extract the data with the first preset length from the first data to obtain the first identification code.
The generation coding submodule 306 is configured to generate a random number with a second preset length, and perform error correction coding on the random number to obtain an error correction codeword;
preferably, the generated coding sub-module 306 uses an error correction coding mode to code the BHC, and may also use other error correction coding modes (for example, forward error correction coding, etc.), which are not described herein again;
a second generating sub-module 307, configured to generate help data according to the error correction codeword obtained by the generating and encoding sub-module 306 and the first identification code obtained by the first extracting sub-module 305;
preferably, in this embodiment, the second generating sub-module 307 is specifically configured to perform an exclusive or operation on the error correction codeword obtained by the generating and encoding sub-module 306 and the first identification code obtained by the first extracting sub-module 305 to obtain help data;
a saving submodule 308 for correspondingly saving the help data generated by the second generating submodule 307 and the mark data obtained by the first judging submodule 304;
the application module 31 includes:
the obtaining and reading sub-module 311 is configured to obtain the tag data stored by the storage sub-module 308, and read data of a fixed length from the chip sub-module 301;
a first obtaining submodule 312, configured to obtain a bit string by obtaining a value on a corresponding bit from the data read by the obtaining and reading submodule 311 according to a data bit marked as 1 in the mark data obtained by the obtaining and reading submodule 311;
the second extraction submodule 313 is configured to extract data with a first preset length from the bit string acquired by the first acquisition submodule 312 to obtain a second identification code, and read the help data stored in the storage submodule 308;
the third generating sub-module 314 is configured to generate an operation result according to the second identification code and the help data obtained by the second extracting sub-module 313;
preferably, in this embodiment, the third generating sub-module 314 is specifically configured to perform an exclusive-or operation on the second identification code obtained by the second extracting sub-module 313 and the read help data to obtain an operation result;
the decoding submodule 315 is configured to perform error correction decoding on the operation result generated by the third generating submodule 314, and if the decoding is successful, the second identification code is used as decoding data; if the decoding fails and the error correction succeeds, modifying the values of all error bit positions in the second identification code according to the decoding result to obtain decoded data;
preferably, the decoding sub-module 315 may use an error correction decoding method to decode BHC, or may use other error correction decoding methods (e.g., forward error correction decoding, etc.), which is not described herein again;
an error reporting sub-module 316, configured to report an error when the decoding sub-module 315 fails to decode and fails to correct the error;
a fourth generating submodule 317, configured to generate an extended sequence according to the decoded data obtained by the decoding submodule 315 and the preset data;
preferably, the fourth generating sub-module 317 is specifically configured to perform hash calculation on the decoded data and the preset data obtained by the decoding sub-module 315 by using a hash algorithm to obtain an extended sequence;
a second obtaining submodule 318, configured to obtain the required application data from the spreading sequence generated by the fourth generating submodule 317.
In this embodiment, the application module 31 may further include a second determination submodule and an update submodule;
the second judgment sub-module is used for judging whether the decoding failure times exceed a preset value when the decoding sub-module 315 fails in decoding and error correction fails;
the updating submodule is used for updating the decoding failure times when the second judging submodule judges that the decoding failure times are not the same, and triggering the acquisition and reading submodule 311 to work;
the error reporting sub-module 316 is specifically configured to report an error when the second determination sub-module determines that the determination result is yes.
According to the technical scheme, data in a fixed position on a chip are read after power-off and power-on are carried out for multiple times in the registration process, and a relatively stable state of a first identification code is obtained; the random numbers are coded, each chip is ensured to have different error correction code words, and an attacker is prevented from obtaining corresponding information through attacking the error correction code words; in the application process, in order to ensure the stability of the output of the application data, the second identification code uses the data with the preset length in the bit string in the stable state, the number of times of error correction needed by the error correction code is reduced to the maximum extent, and the efficiency of generating the non-repeated application data based on the chip is improved.
The above description is only for the preferred embodiment of the present invention, but the scope of the present invention is not limited thereto, and any changes or substitutions that can be easily conceived by those skilled in the art within the technical scope of the present invention are included in the scope of the present invention. Therefore, the protection scope of the present invention shall be subject to the protection scope of the claims.
Claims (14)
1. A method for generating non-repetitive application data based on a chip is characterized by comprising a registration process and an application process, wherein the registration process comprises the following steps:
step S0: powering off and then powering on the chip for preset times, and reading and storing data with fixed length from the chip during each chip power-on period;
step S1: generating a first data list according to the stored data;
step S2: sequentially judging whether the values on the same bit in each data of the first data list are the same, if so, marking the corresponding data bit as 1 to obtain marked data, and executing a step S3, otherwise, marking the corresponding data bit as 0 to obtain marked data, and executing a step S3;
step S3: acquiring values on corresponding bit positions from the data of the first data list according to the data bits marked as 1 in the marking data to obtain first data, and extracting data with a first preset length from the first data to obtain a first identification code;
step S4: generating a random number with a second preset length, carrying out error correction coding on the random number to obtain an error correction code word, generating help data according to the error correction code word and the first identification code, and correspondingly storing the help data and the mark data;
the application process comprises the following steps:
step P1: acquiring the stored marking data and reading the data with fixed length from the chip;
step P2: obtaining a value on a corresponding bit from read data according to a data bit marked as 1 in the marked data to obtain a bit string;
step P3: extracting the data with the first preset length from the bit string to obtain a second identification code, reading the stored corresponding help data, and generating an operation result according to the second identification code and the help data;
step P4: performing error correction decoding on the operation result, if the decoding is successful, taking the second identification code as decoding data, and executing step P5; if the decoding fails and the error correction succeeds, modifying the values of all the error bits in the second identification code according to the decoding result to obtain decoded data, and executing step P5; if decoding fails and error correction fails, an error is reported;
step P5: generating an extended sequence according to the decoded data and preset data, and acquiring required application data from the extended sequence;
the generating of the extended sequence according to the decoded data and the preset data specifically includes: and carrying out hash calculation on the decoded data and preset data by using a hash algorithm to obtain the extended sequence.
2. The method of claim 1, wherein said step S2 is replaced with:
step S2': and carrying out exclusive OR operation on all data in the first data list to obtain marked data.
3. The method according to claim 1 or 2, wherein said step S0 comprises:
step S01: powering down the chip and then powering up the chip;
step S02: reading and storing data with fixed length from the fixed position of the chip;
step S03: and judging whether the reading times reach the preset times, if so, executing the step S1, and otherwise, returning to the step S01.
4. The method of claim 1, wherein the step S2 includes:
step S2-1: taking the highest bit of each data in the first data list as the current bit;
step S2-2: judging whether the values on the current bit positions of the data in the first data list are the same or not, if so, marking the corresponding data bit as 1 and storing, and executing the step S2-3, otherwise, marking the corresponding data bit as 0 and storing, and executing the step S2-3;
step S2-3: judging whether the values of all the bits of each data in the first data list are processed, if so, executing a step S2-4, otherwise, taking the next bit of each data in the first data list as the current bit, and returning to the step S2-2;
step S2-4: tag data is generated based on the stored data bits.
5. The method as claimed in claim 1, wherein the step S3, between obtaining the first data by obtaining the value at the corresponding bit from the data in the first data list according to the data bit marked as 1 in the marking data and obtaining the first identification code by extracting the data with the first preset length from the first data, comprises:
and judging whether the length of the first data is smaller than a first preset length, if so, reporting an error, and otherwise, extracting the data with the first preset length from the first data to obtain a first identification code.
6. The method of claim 1, wherein said generating helper data from said error correction codeword and said first identification code is by: performing an exclusive-or operation on the error correction codeword and the first identification code to obtain the helper data;
the generating of the operation result according to the second identification code and the help data specifically includes: and carrying out XOR operation on the second identification code and the read help data to obtain the operation result.
7. The method of claim 1, wherein the reporting an error if the decoding fails and the error correction fails in step P4 specifically comprises: judging whether the decoding failure times exceed a preset value, if so, finishing error reporting; otherwise, the decoding failure times are updated, and the step P1 is returned.
8. An apparatus for generating non-repetitive application data based on a chip, comprising a registration module and an application module, wherein the registration module comprises:
the power-off and power-on module is used for carrying out power-off and power-on operation on the chip sub-module;
the chip submodule is used for storing data with fixed length;
the reading and storing submodule is used for reading and storing the data with fixed length from the chip submodule during the power-on period of the chip submodule;
the first generation submodule is used for generating a first data list according to the data stored by the reading and storing submodule;
the first judgment submodule is used for sequentially judging whether values on the same bit in each data of the first data list generated by the first generation submodule are the same, if so, marking the corresponding data bit as 1 to obtain marked data, otherwise, marking the corresponding data bit as 0 to obtain marked data;
the first extraction submodule is used for acquiring values on corresponding bit positions from data of a first data list generated by the first generation submodule according to data bits marked as 1 in the marking data acquired by the first judgment submodule to acquire first data, and extracting data with a first preset length from the first data to acquire a first identification code;
the generation coding submodule is used for generating a random number with a second preset length and carrying out error correction coding on the random number to obtain an error correction code word;
the second generation submodule is used for generating help data according to the error correction code word obtained by the generation coding submodule and the first identification code obtained by the first extraction submodule;
the storage submodule is used for correspondingly storing the help data generated by the second generation submodule and the marking data obtained by the first judgment submodule;
the application module comprises:
the acquisition reading submodule is used for acquiring the mark data stored by the storage submodule and reading the data with fixed length from the chip submodule;
the first obtaining submodule is used for obtaining a value on a corresponding bit from the data read by the obtaining and reading submodule according to the data bit marked as 1 in the mark data obtained by the obtaining and reading submodule to obtain a bit string;
the second extraction submodule is used for extracting data with a first preset length from the bit string acquired by the first acquisition submodule to obtain a second identification code, and reading the help data stored by the storage submodule;
the third generation submodule is used for generating an operation result according to the second identification code obtained by the second extraction submodule and the read help data;
the decoding submodule is used for carrying out error correction decoding on the operation result generated by the third generation submodule, and if the decoding is successful, the second identification code is used as decoding data; if the decoding fails and the error correction succeeds, modifying the values of all error bit positions in the second identification code according to the decoding result to obtain decoded data;
the error reporting submodule is used for reporting errors when the decoding submodule fails to decode and fails to correct errors;
the fourth generation submodule is used for generating an extended sequence according to the decoding data obtained by the decoding submodule and preset data;
the second obtaining submodule is used for obtaining the required application data from the extended sequence generated by the fourth generating submodule;
the fourth generation submodule is specifically configured to perform hash calculation on the decoded data and preset data obtained by the decoding submodule by using a hash algorithm to obtain the extended sequence.
9. The apparatus of claim 8, wherein the first determining sub-module is further configured to perform an exclusive-or operation on all data in the first data list generated by the first generating module to obtain the tag data.
10. The apparatus of claim 8 or 9,
the reading and saving submodule comprises:
the reading and storing unit is used for reading and storing data with fixed length from the fixed position of the chip submodule;
the first judgment unit is used for judging whether the reading times reach preset times or not, if so, the first generation sub-module is triggered to work, and otherwise, the lower-power and upper-power sub-modules are triggered to work;
the first generating submodule is specifically configured to generate a first data list according to the data stored in the reading and storing unit.
11. The apparatus of claim 8, wherein the first determination submodule comprises:
a first acting unit, configured to take a highest bit of each piece of data in a first data list generated by the first generation submodule as a current bit;
a second judging unit, configured to judge whether values at current bit positions of each piece of data in the first data list generated by the first generating sub-module are the same, if so, mark the corresponding data bit as 1 and store the corresponding data bit, and otherwise, mark the corresponding data bit as 0 and store the corresponding data bit;
a third judging unit, configured to judge whether values on all bits of each data in the first data list generated by the first generating sub-module are processed;
a second determining unit, configured to determine, when the third determining unit determines that the current bit is the next bit of each piece of data in the first data list generated by the first generating submodule, that is, the current bit;
and the generating unit is used for generating the marking data according to the data bits stored by the second judging unit when the third judging unit judges that the data bits are positive.
12. The apparatus of claim 8, wherein the first extracting sub-module is further configured to determine whether the length of the first data is smaller than a first preset length, if so, an error is reported, otherwise, the first extracting sub-module extracts data with the first preset length from the first data to obtain the first identification code.
13. The apparatus according to claim 8, wherein the second generating sub-module is specifically configured to perform an exclusive-or operation on the error correction codeword obtained by the generating and encoding sub-module and the first identification code obtained by the first extracting sub-module to obtain the helper data;
the third generating sub-module is specifically configured to perform an exclusive or operation on the second identification code obtained by the second extracting sub-module and the read help data to obtain the operation result.
14. The apparatus of claim 8, wherein the application module further comprises a second determination submodule and an update submodule;
the second judgment submodule is used for judging whether the decoding failure times exceed a preset value or not when the decoding submodule fails in decoding and error correction fails;
the updating submodule is used for updating the decoding failure times when the second judging submodule judges that the decoding failure times are not the decoding failure times, and triggering the acquisition reading submodule to work;
the error reporting sub-module is specifically configured to report an error when the second determination sub-module determines that the determination result is yes.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710574271.1A CN107229578B (en) | 2017-07-14 | 2017-07-14 | Method and device for generating non-repeated application data based on chip |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710574271.1A CN107229578B (en) | 2017-07-14 | 2017-07-14 | Method and device for generating non-repeated application data based on chip |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN107229578A CN107229578A (en) | 2017-10-03 |
| CN107229578B true CN107229578B (en) | 2020-08-18 |
Family
ID=59957036
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201710574271.1A Active CN107229578B (en) | 2017-07-14 | 2017-07-14 | Method and device for generating non-repeated application data based on chip |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN107229578B (en) |
Families Citing this family (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109525399A (en) * | 2018-10-22 | 2019-03-26 | 国家电网有限公司 | A method of the system authentication of power grid intelligent mobile terminal is realized based on PUF |
| CN112804678B (en) * | 2021-04-15 | 2021-07-20 | 浙江口碑网络技术有限公司 | Device registration, authentication and data transmission method and device |
| CN114510753B (en) * | 2022-04-20 | 2023-04-07 | 浙江地芯引力科技有限公司 | Memory data protection method and device, electronic equipment and storage medium |
| CN118133264A (en) * | 2024-05-07 | 2024-06-04 | 杭州天宽科技有限公司 | Authentication method and system for embedded device PUF hardware fingerprint extraction device |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103338107A (en) * | 2013-06-05 | 2013-10-02 | 北京华大信安科技有限公司 | A secret key generation method and a secret key generation apparatus |
| CN105530097A (en) * | 2014-09-30 | 2016-04-27 | 中国科学院数据与通信保护研究教育中心 | Secret key extraction method and system based on SRAM PUF |
Family Cites Families (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20110002461A1 (en) * | 2007-05-11 | 2011-01-06 | Validity Sensors, Inc. | Method and System for Electronically Securing an Electronic Biometric Device Using Physically Unclonable Functions |
| DE102012102254B4 (en) * | 2012-03-16 | 2020-09-24 | Infineon Technologies Ag | Device and method for reconstructing a bit sequence with pre-correction |
-
2017
- 2017-07-14 CN CN201710574271.1A patent/CN107229578B/en active Active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103338107A (en) * | 2013-06-05 | 2013-10-02 | 北京华大信安科技有限公司 | A secret key generation method and a secret key generation apparatus |
| CN105530097A (en) * | 2014-09-30 | 2016-04-27 | 中国科学院数据与通信保护研究教育中心 | Secret key extraction method and system based on SRAM PUF |
Also Published As
| Publication number | Publication date |
|---|---|
| CN107229578A (en) | 2017-10-03 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN107229578B (en) | Method and device for generating non-repeated application data based on chip | |
| Gao et al. | Lightweight (reverse) fuzzy extractor with multiple reference PUF responses | |
| KR102026757B1 (en) | Soft decision error correction for memory based puf using a single enrollment | |
| JP6827032B2 (en) | Cryptographic device with physical replication difficulty function | |
| EP3337084B1 (en) | Cryptographic data processing method, cryptographic data processing apparatus, and program | |
| Koeberl et al. | Entropy loss in PUF-based key generation schemes: The repetition code pitfall | |
| WO2019153867A1 (en) | Two-dimensional code generation and identification | |
| CN107251475B (en) | Encryption key product from physical unclonable function | |
| CN107566122B (en) | Method for performing multiple registrations of physically unclonable functions | |
| US8433983B2 (en) | Secure protection of biometric templates | |
| KR101059005B1 (en) | Semiconductor device, identifier generation method and identification method thereof | |
| US9356622B2 (en) | Apparatus and method for reconstructing a bit sequence with preliminary correction | |
| Gao et al. | Building secure SRAM PUF key generators on resource constrained devices | |
| CN106941400B (en) | Fuzzy safe authentication method based on SRAM-PUF | |
| CN106650869B (en) | Information hiding method based on two-dimensional code | |
| CN106612172A (en) | Data change recovery algorithm capable of restoring data authenticity in cloud storage | |
| JP6588048B2 (en) | Information processing device | |
| CN110869997B (en) | Electronic encryption device, electronic registration and reconstruction method, and computer-readable medium | |
| CN109995507A (en) | A kind of key generation method and device based on PUF, private key storage method | |
| CN109525399A (en) | A method of the system authentication of power grid intelligent mobile terminal is realized based on PUF | |
| Aysu et al. | A new maskless debiasing method for lightweight physical unclonable functions | |
| CN110545543A (en) | authentication method, device and system of wireless equipment | |
| EP3142292B1 (en) | Encrypted-data processing method, system, apparatus, and program | |
| CN107256370B (en) | Secret key storage method of fuzzy safe based on SRAM-PUF | |
| CN117395030A (en) | Data encryption method, data decryption method, electronic device, and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |