CN112395649A - Method, chip and computer readable storage medium for preventing electromagnetic radiation attack - Google Patents
Method, chip and computer readable storage medium for preventing electromagnetic radiation attack Download PDFInfo
- Publication number
- CN112395649A CN112395649A CN201910758725.XA CN201910758725A CN112395649A CN 112395649 A CN112395649 A CN 112395649A CN 201910758725 A CN201910758725 A CN 201910758725A CN 112395649 A CN112395649 A CN 112395649A
- Authority
- CN
- China
- Prior art keywords
- electromagnetic
- speed
- preset
- random number
- electromagnetic noise
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 230000005670 electromagnetic radiation Effects 0.000 title claims abstract description 51
- 238000000034 method Methods 0.000 title claims abstract description 41
- 238000011217 control strategy Methods 0.000 claims abstract description 73
- 238000004590 computer program Methods 0.000 claims description 13
- 238000004422 calculation algorithm Methods 0.000 description 12
- 238000010586 diagram Methods 0.000 description 4
- 238000004364 calculation method Methods 0.000 description 3
- 208000003580 polydactyly Diseases 0.000 description 2
- 230000001360 synchronised effect Effects 0.000 description 2
- 238000004458 analytical method Methods 0.000 description 1
- 238000003491 array Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 230000006870 function Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000002265 prevention Effects 0.000 description 1
- 230000001105 regulatory effect Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
Landscapes
- Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- Computer Hardware Design (AREA)
- Theoretical Computer Science (AREA)
- Mathematical Physics (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
Abstract
The invention relates to the field of information security, realizes the safety protection and simultaneously reduces the power consumption of a chip without influencing the running performance of the chip. Specifically disclosed are a method, a chip and a computer readable storage medium for preventing electromagnetic radiation attack, wherein the method comprises the following steps: determining whether the current operation is a sensitive operation; if the current operation is determined to be sensitive operation, determining whether a preset electromagnetic radiator is in a running state or not according to the current value of a preset register; if the electromagnetic radiator is in the running state, determining an electromagnetic noise control strategy according to the attribute information of the sensitive operation; sending out corresponding electromagnetic noise based on the electromagnetic noise control strategy through the electromagnetic radiator to prevent electromagnetic radiation attack; and if the current operation is determined not to be the sensitive operation and the electromagnetic radiator is in the running state, closing the electromagnetic radiator.
Description
Technical Field
The present invention relates to the field of information security, and in particular, to a method, a chip, and a computer-readable storage medium for preventing electromagnetic radiation attacks.
Background
The key guarantee of the information system safety is the safety management of a cryptographic algorithm and a secret key, and a chip, particularly a safety chip is common cryptographic operation and secret key storage equipment and is a safety carrier of the key secret key of the information system, so that the chip is easy to suffer from various safety attacks. There are many attack modes for chips, a side channel attack is a common one, and the side channel attack is also called a side channel attack, and acquires sensitive information such as a secret key of a cryptographic algorithm by collecting and analyzing side information leakage such as power consumption, electromagnetic radiation and the like during chip operation. The power consumption information is generally the power consumption of the whole chip, and includes the power consumption of other modules irrelevant to the cryptographic operation, and is interference noise for side channel analysis, and the collection of the electromagnetic radiation information can achieve the purpose of accurately positioning and collecting more effective information by adjusting the position of the collection equipment on the chip, so that more and more attackers are attacked by the electromagnetic radiation.
At present, there are a variety of known protection methods capable of preventing electromagnetic radiation attack, and generally, a chip can simultaneously use a variety of protection methods to achieve a better protection effect. For example, increasing electromagnetic noise to prevent electromagnetic radiation attack has the advantages of strong versatility, no need of specific design for each cryptographic algorithm, consumption of electromagnetic noise, and increase of overall power consumption of the chip, thereby reducing the operation performance of the chip.
Disclosure of Invention
The invention mainly aims to provide a method, a chip and a computer readable storage medium for preventing electromagnetic radiation attack, and aims to solve the technical problems that the consumption of electromagnetic noise in the electromagnetic radiation attack is prevented by increasing the electromagnetic noise, the overall power consumption of the chip is increased, and the running performance of the chip is reduced.
In a first aspect, the present application provides a method for preventing electromagnetic radiation attack, including:
determining whether the current operation is a sensitive operation;
if the current operation is determined to be sensitive operation, determining whether a preset electromagnetic radiator is in a running state or not according to the current value of a preset register;
if the electromagnetic radiator is in the running state, determining an electromagnetic noise control strategy according to the attribute information of the sensitive operation;
sending out corresponding electromagnetic noise based on the electromagnetic noise control strategy through the electromagnetic radiator to prevent electromagnetic radiation attack;
and if the current operation is determined not to be the sensitive operation and the electromagnetic radiator is in the running state, closing the electromagnetic radiator.
In a second aspect, the present application also provides a chip, comprising: an electromagnetic radiator for emitting electromagnetic noise, and a memory, a processor and a computer program stored on the memory and executable on the processor, which computer program, when executed by the processor, performs the steps of the method of preventing electromagnetic radiation attacks as described above.
In a third aspect, the present application further provides a computer-readable storage medium, on which a computer program is stored, which, when being executed by a processor, implements the steps of the method for preventing electromagnetic radiation attacks, as described in the above invention.
The method, the chip and the computer readable storage medium for preventing the electromagnetic radiation attack provided by the embodiment of the invention determine whether the current operation is sensitive operation; if the current operation is determined to be sensitive operation, determining whether a preset electromagnetic radiator is in a running state or not according to the current value of a preset register; if the electromagnetic radiator is in the running state, determining an electromagnetic noise control strategy according to the attribute information of the sensitive operation; sending out corresponding electromagnetic noise based on the electromagnetic noise control strategy through the electromagnetic radiator to prevent electromagnetic radiation attack; if the current operation is determined not to be sensitive operation and the electromagnetic radiator is in the running state, the electromagnetic radiator is closed, the chip selects and controls the energy of the electromagnetic noise and the time period for opening and closing according to a preset strategy, and the chip is opened only in the required time period, so that the power consumption can be reduced, the power consumption of the chip is reduced while the safety protection is realized, and the running performance of the chip is not influenced.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings needed to be used in the description of the embodiments are briefly introduced below, and it is obvious that the drawings in the following description are some embodiments of the present application, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without creative efforts.
Fig. 1 is a schematic flowchart illustrating a method for preventing electromagnetic radiation attack according to an embodiment of the present application;
FIG. 2 is a flow chart illustrating sub-steps of the method for preventing electromagnetic radiation attack in FIG. 1;
FIG. 3 is a flow chart illustrating sub-steps of the method for preventing electromagnetic radiation attack in FIG. 1;
FIG. 4 is a flow chart illustrating sub-steps of the method for preventing electromagnetic radiation attack in FIG. 1;
fig. 5 is a schematic flowchart of another method for preventing electromagnetic radiation attack according to an embodiment of the present application;
fig. 6 is a block diagram illustrating a structure of a chip according to an embodiment of the present disclosure.
The implementation, functional features and advantages of the objectives of the present application will be further explained with reference to the accompanying drawings.
Detailed Description
The technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are some, but not all, embodiments of the present application. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
The flow diagrams depicted in the figures are merely illustrative and do not necessarily include all of the elements and operations/steps, nor do they necessarily have to be performed in the order depicted. For example, some operations/steps may be decomposed, combined or partially combined, so that the actual execution sequence may be changed according to the actual situation.
The embodiment of the application provides a method, a chip and a computer readable storage medium for preventing electromagnetic radiation attack. The method for preventing electromagnetic radiation attack can be applied to chips, systems on chips and electronic equipment comprising the chips.
Some embodiments of the present application will be described in detail below with reference to the accompanying drawings. The embodiments described below and the features of the embodiments can be combined with each other without conflict.
Referring to fig. 1, fig. 1 is a schematic flowchart illustrating a method for preventing electromagnetic radiation attack according to an embodiment of the present application.
As shown in fig. 1, the method for preventing electromagnetic radiation attack includes steps S101 to S105.
Step S101, determining whether the current operation is sensitive operation;
the chip receives an operation instruction sent by a user, the operation is carried out through the operation instruction, and when the current operation of the chip is detected, whether the current operation is sensitive operation or not is determined. The chip is a device which can independently generate and encrypt and decrypt a key, is internally provided with an independent processor and a storage unit, can store the key and characteristic data, provides encryption and security authentication services for the chip, stores the key in hardware, and cannot decrypt stolen data, thereby protecting privacy and data security. Sensitive operation refers to the action of this operation or influences sensitive data, and the sensitive data includes a secret key of a cryptographic algorithm, key authentication information (such as a Personal Identification Number (PIN), a password (password), privacy data, and the like. Cryptographic algorithms are sensitive operations because of the key involved. Authentication is a sensitive operation because of the PIN, password, etc. involved. It should be noted that the above-mentioned sensitive operation can be set based on actual situations, and the present application is not limited to this.
Step S102, if the current operation is determined to be sensitive operation, determining whether a preset electromagnetic radiator is in a running state according to the current value of a preset register;
and if the chip determines that the current operation is sensitive operation, acquiring the current value of a preset register, and determining whether a preset electromagnetic radiator is in a running state according to the current value of the register. The registers are part of the chip and are high-speed memory units of limited memory capacity, which may be used to temporarily store instructions, data and addresses.
For example, when detecting that the current operation is a cryptographic operation or an authentication operation, the chip determines that the current operation is a sensitive operation, and reads a current value of a preset register, so as to determine whether the electromagnetic radiator is in an operating state, where the current value in the preset register may be a single-digit value or a multiple-digit value, which is not specifically limited in this application. It should be noted that the current state of the electromagnetic radiator includes an operating state and an off state, the electromagnetic radiator in the operating state may emit electromagnetic noise based on a control command of the central processing unit, and the electromagnetic radiator in the off state does not emit electromagnetic noise.
In an embodiment, specifically referring to fig. 2, step S102 includes: substeps 1021 to substep S1023.
Step S1021, if the current operation is determined to be sensitive operation, reading the current value of a preset register;
if the chip determines that the current operation is a sensitive operation, for example, when the chip detects that the current operation is a cryptographic algorithm operation or an authentication operation, the chip determines that the current operation is a sensitive operation. And when the preset register is called, reading the current value of the preset register. The current values in the preset registers can be preset, by which the meaning represented by each value is determined, and thus the operating state of the electromagnetic radiator. For example, when the current value of the setting register is 1, it is determined that the electromagnetic radiator is in the operating state; when the current value of the setting register is 0, it is determined that the electromagnetic radiator is in the off state.
Substep S1022, when the current value read from the preset register is a preset first threshold value, determining that the electromagnetic radiator is in a closed state;
when the chip reads the current value of the preset register, the read current value is compared with a preset first threshold value. And when the comparison is consistent, the chip judges that the electromagnetic radiator is in a closed state. For example, when the first threshold preset by the chip is 0, and the current value read by the chip to the preset register is also 0, the electromagnetic radiator is determined to be in the off state. It should be noted that the current value meaning and the first threshold value of the register may be set based on actual conditions, and this application is not limited to this.
And a substep S1023 of judging that the electromagnetic radiator is in the running state when the current value read to the register is a preset second threshold value.
And when the chip reads the current value of the preset register, the read current value is compared with a preset second threshold value, and when the comparison is consistent, the chip judges that the electromagnetic radiator is in the running state. For example, when the second threshold preset by the chip is 1, and the current value read by the chip to the preset register is also 1, the electromagnetic radiator is determined to be in the operating state. It should be noted that the current value meaning and the second threshold value of the register may be set based on actual conditions, and this application is not limited to this.
Step S103, if the electromagnetic radiator is in the running state, determining an electromagnetic noise control strategy according to attribute information of sensitive operation;
and if the chip determines that the electromagnetic radiator is in the running state, acquiring attribute information of sensitive operation, and determining an electromagnetic noise control strategy according to the attribute information. The attribute information of the sensitive operation comprises the type of the sensitive operation and the clock frequency of the recorded sensitive operation, a plurality of electromagnetic noise control strategies are stored in the chip, each electromagnetic noise control strategy comprises a respective group of control parameters, and the group of parameters determine the rate of generating random numbers by the high-speed random number generator and whether the high-speed random number generator is operated or closed, and also determine whether the electromagnetic radiator is operated or closed, and whether the electromagnetic noise is strong or weak. That is, one strategy is a combination of a set of control parameters. For example, when the attribute information of the cryptographic operation is acquired, the electromagnetic noise control strategy corresponding to the cryptographic operation is acquired; and when the attribute information of the authentication operation is acquired, acquiring an electromagnetic noise control strategy corresponding to the authentication operation.
In an embodiment, specifically referring to fig. 3, step S103 includes: sub-step S1031 to sub-step S1032.
Step S1031, when the electromagnetic radiator is in the running state, obtaining attribute information of the sensitive operation, and obtaining the type of the sensitive operation from the attribute information;
and when the chip determines that the electromagnetic radiator is in the running state, acquiring attribute information of the sensitive operation. And acquiring the type of the sensitive operation from the attribute information of the sensitive operation through the acquired attribute information. For example, the chip acquisition sensitive operation is a cryptographic algorithm operation or an authentication operation, and the types of the cryptographic algorithm operation or the authentication operation correspond to different electromagnetic noise control strategies. The type of the acquired sensitive operation can be that sensitive data is detected, and a secret key can be detected when a cryptographic algorithm is operated; when the authentication operation is performed, an authentication code such as a personal identification code can be detected. In some cases, the type of the sensitive operation may be determined by determining the type of the specific operation function used by the sensitive operation, such as a specific cryptographic operation circuit used by a cryptographic algorithm operation.
The substep S1032 is that an electromagnetic noise control strategy is determined according to the type of the sensitive operation, and the type of the sensitive operation and the electromagnetic noise control strategy have a corresponding relation;
and when the chip acquires the type of the sensitive operation, determining a corresponding electromagnetic noise control strategy. Each type of sensitive operation corresponds to an electromagnetic noise control strategy. The electromagnetic noise control strategy may be presented in a table manner, or may be presented in other manners, which is not particularly limited.
Step S104, sending out corresponding electromagnetic noise through an electromagnetic radiator based on an electromagnetic noise control strategy to prevent electromagnetic radiation attack;
after the chip acquires the electromagnetic noise strategy corresponding to the sensitive operation type, the parameter information in the electromagnetic noise control strategy is read through the electromagnetic radiator, and the corresponding electromagnetic noise is sent out.
In an embodiment, specifically referring to fig. 4, step S104 includes: substeps S1041 to substep S1042.
Substep S1041, calling a preset high-speed random number generator, and generating a high-speed random number sequence corresponding to a sequence number in an electromagnetic noise control strategy;
the chip reads the serial number from the electromagnetic noise control strategy and invokes a preset high-speed random number generator. And generating a high-speed random number sequence corresponding to the serial number by operating the high-speed random number generator. The high-speed random number generator stores a random number calculation formula, and when the serial number is obtained, a high-speed random number sequence corresponding to the serial number is calculated and generated through the random number calculation formula in the high-speed random number generator and the serial number. It should be noted that the random number calculation formula of the random number sequence may be set based on actual situations, and this is not specifically limited in this application.
Calling a preset high-speed random number generator, and generating a high-speed random number sequence corresponding to a sequence number in an electromagnetic noise control strategy, wherein the step of acquiring a first clock frequency of the preset high-speed random number generator and reading a first coefficient in the electromagnetic noise control strategy; calculating a first running speed of a preset high-speed random number generator according to the first clock frequency and the first coefficient; and operating the preset high-speed random number generator based on the first operating speed to generate a high-speed random number sequence corresponding to the serial number in the electromagnetic noise control strategy.
When the chip calls the preset high-speed random number generator, the first clock frequency of the preset high-speed random number generator is obtained, and a first coefficient in an electromagnetic noise control strategy is read. A plurality of different clock signals are arranged in one chip, the frequency of the clock signals can be different, a clock system of the chip is formed in a preset mode, when the preset high-speed random number generator is called, the clock signal corresponding to the preset high-speed random number generator is obtained, and therefore the first clock frequency corresponding to the preset high-speed random number generator is obtained. The clock frequency is the fundamental frequency of the clock in the synchronous circuit, the clock frequency is based on Hz, 1MHz is equal to 106Hz. The first coefficient being recorded in an electromagnetic noise control strategy and the first coefficient being a coefficient relation between a preset clock frequency and a preset rate of a high-speed random number generator, e.g.The coefficient relationship may be a multiple relationship or a fraction relationship. When the chip obtains the first clock frequency and the first coefficient of the preset high-speed random number generator, the first running speed of the preset high-speed random number generator is calculated through a preset calculation program. When the chip obtains the first running speed of the preset high-speed random number generator, the chip runs the preset high-speed random number generator through the first running speed to generate a high-speed random number sequence corresponding to the serial number.
And a substep S1042 of converting the high-speed random number sequence into electromagnetic noise through an electromagnetic radiator and transmitting the electromagnetic noise to prevent electromagnetic radiation attack.
When the chip acquires the generated high-speed random number sequence number, the high-speed random number sequence is converted into electromagnetic noise through the electromagnetic radiator, and the electromagnetic noise is sent, so that electromagnetic radiation attack is prevented, and at the moment, the current operation of the chip is sensitive operation.
And S105, if the current operation is determined not to be the sensitive operation and the electromagnetic radiator is in the running state, closing the electromagnetic radiator.
When the chip determines that the current operation is not sensitive operation, a preset register is called, the current value of the preset register is read, and whether the electromagnetic radiator is in the running state or not is determined by reading the current value of the preset register. For example, the value in the register is stipulated in advance, and when the value read into the register is 1, the electromagnetic radiator is determined to be in the off state; when the value read into the register is 2, it is determined that the electromagnetic radiator is in an operating state. The operating state of the electromagnetic radiator is determined by the current value of the preset register. When the electromagnetic radiator is determined to be in the running state, the chip turns off the electromagnetic radiator through a control command in the preset memory, and the running of the electromagnetic radiator is stopped. It should be noted that the meaning of the current value of the register may be set based on the actual situation, and the present application is not limited to this specifically.
According to the method for preventing the electromagnetic radiation attack, the time periods of the on and off of the electromagnetic noise are regulated and controlled according to the preset electromagnetic noise control strategy, and the electromagnetic noise is only turned on in the required time period, so that the power consumption overhead can be reduced, and the power consumption of the chip is not remarkably increased while the safety protection is realized.
Referring to fig. 5, fig. 5 is a schematic flowchart illustrating another method for preventing electromagnetic radiation attack according to an embodiment of the present application.
As shown in fig. 5, the method for preventing electromagnetic radiation attack includes steps S201 to S209.
Step S201, determining whether the current operation is a sensitive operation.
The chip receives an operation instruction sent by a user, performs operation through the operation instruction, and determines whether the current operation is sensitive operation or not when the current operation is detected. The chip is a device which can independently generate and encrypt and decrypt a key, is internally provided with an independent processor and a storage unit, can store the key and characteristic data, provides encryption and security authentication services for the chip, stores the key in hardware, and cannot decrypt stolen data, thereby protecting privacy and data security. Sensitive operation refers to the action of this operation or influences sensitive data, and the sensitive data includes a secret key of a cryptographic algorithm, key authentication information (such as a Personal Identification Number (PIN), a password (password), privacy data, and the like. Cryptographic algorithms are sensitive operations because of the key involved. Authentication is a sensitive operation because of the PIN, password, etc. involved. It should be noted that the above-mentioned sensitive operation can be set based on actual situations, and the present application is not limited to this.
Step S202, if the current operation is determined to be sensitive operation, whether the preset electromagnetic radiator is in the running state or not is determined according to the current value of the preset register.
And if the chip determines that the current operation is sensitive operation, acquiring the current value of a preset register, and determining whether a preset electromagnetic radiator is in a running state according to the current value of the register. The registers are components within the chip and are high-speed memory units of limited memory capacity that can be used to temporarily store instructions, data, and addresses.
For example, when the chip detects that the current operation is a cryptographic operation or an authentication operation, it determines that the current operation of the chip is a sensitive operation, and reads a current value of a preset register, so as to determine whether the electromagnetic radiator is in an operating state, where the current value in the preset register may be a single-digit value or a multiple-digit value, which is not specifically limited in this application. It should be noted that the current state of the electromagnetic radiator includes an operating state and an off state, the electromagnetic radiator in the operating state may emit electromagnetic noise based on a control command of the central processing unit, and the electromagnetic radiator in the off state does not emit electromagnetic noise.
Step S203, if the electromagnetic radiator is in the running state, determining an electromagnetic noise control strategy according to the attribute information of the sensitive operation.
And if the chip determines that the electromagnetic radiator is in the running state, acquiring attribute information of sensitive operation, and determining an electromagnetic noise control strategy according to the attribute information. The attribute information of the sensitive operation comprises the type of the sensitive operation and the clock frequency of the recorded sensitive operation, a plurality of electromagnetic noise control strategies are stored in the chip, each electromagnetic noise control strategy comprises a respective group of control parameters, and the group of parameters determine the rate of generating random numbers by the high-speed random number generator and whether the high-speed random number generator is operated or closed, and also determine whether the electromagnetic radiator is operated or closed, and whether the electromagnetic noise is strong or weak. That is, one strategy is a combination of a set of control parameters. For example, when the attribute information of the cryptographic operation is acquired, the electromagnetic noise control strategy corresponding to the cryptographic operation is acquired; and when the attribute information of the authentication operation is acquired, acquiring an electromagnetic noise control strategy corresponding to the authentication operation.
And step S204, acquiring a first clock frequency of a preset high-speed random number generator, and reading a first coefficient in an electromagnetic noise control strategy.
When the chip calls the preset high-speed random number generator, the first clock frequency of the preset high-speed random number generator is obtained, and a first coefficient in an electromagnetic noise control strategy is read. A plurality of different clock signals are arranged in a chip, the frequency of the clock signals can be different, and the time of the chip is formed in a preset modeAnd the clock system acquires a clock signal corresponding to the preset high-speed random number generator when the preset high-speed random number generator is called, so that a first clock frequency corresponding to the preset high-speed random number generator is acquired. The clock frequency is the fundamental frequency of the clock in the synchronous circuit, the clock frequency is based on Hz, 1MHz is equal to 106Hz。
Step S205, calculating a first running speed of a preset high-speed random number generator according to the first clock frequency and the first coefficient;
the first coefficient is recorded in an electromagnetic noise control strategy and is a coefficient relationship between a clock frequency and a rate of a preset high-speed random number generator, for example, the coefficient relationship may be a multiple or a fraction. When the chip obtains the first clock frequency and the first coefficient of the preset high-speed random number generator, the first running speed of the preset high-speed random number generator is calculated through a preset calculation program.
Step S206, calculating a second running speed of the sensitive operation according to a second clock frequency of the sensitive operation in the attribute information and a second coefficient in the electromagnetic noise control strategy;
before the chip runs the preset high-speed random number generator through the running speed, the chip obtains a second clock frequency of the sensitive operation from the attribute information of the sensitive operation, and obtains a second coefficient from the obtained electromagnetic noise control strategy. The method comprises the steps that a plurality of different clocks are arranged in one chip, the frequencies of the clocks can be different, a clock system of the chip is formed in a preset mode, a corresponding preset clock program is obtained from attribute information of sensitive operation, and therefore a second clock frequency corresponding to the sensitive operation in the clock program is obtained. The second coefficient is recorded in the electromagnetic noise control strategy, and is a coefficient relation between the running speed of the sensitive operation and the second clock frequency, and the coefficient relation can be a multiple relation or a fraction relation and the like. And when the chip acquires the second clock frequency and the second coefficient of the sensitive operation, calculating a second running speed of the sensitive operation through a preset calculation program.
Step S207, judging whether the first running speed is the same as the second running speed;
and when the chip acquires the second running speed of the sensitive operation and the first running speed of the high-speed random number generator, judging whether the first running speed is the same as the second running speed.
Step S208, if the first running speed is the same as the second running speed, running the preset high-speed random number generator based on the first running speed to generate a high-speed random number sequence corresponding to the serial number in the electromagnetic noise control strategy;
the chip compares the first operating rate with the second operating rate, and if the first operating rate is the same as the second operating rate, for example, the first operating rate is 100MHz, and the second operating rate is 100 MHz. The first operation rate 100MHz is identical to the second operation rate 100MHz through comparison. The chip controls the high-speed random number generator to operate according to the first operation speed or the second operation speed through the control instruction in the processor. The above operation rate is not limited.
Step S209, if the first operation speed is different from the second operation speed, adjusting the first operation speed to make the adjusted first operation speed the same as the second operation speed, and operating a preset high-speed random number generator based on the adjusted first operation speed to generate a high-speed random number sequence corresponding to the serial number in the electromagnetic noise control strategy.
By comparing the first operating rate with the second operating rate, if the first operating rate is different from the second operating rate, for example, the first operating rate is 40MHz, and the second operating rate is 100 MHz. The first operation speed of 40MHz is different from the second operation speed of 100MHz through comparison. The first operating rate is adjusted to be the same as the second operating rate by adjusting the first operating rate, for example, by adjusting the first operating rate to 40MHz to 100 MHz. And the high-speed random number generator operates according to the adjusted first operation speed to generate a high-speed random number sequence corresponding to the serial number in the electromagnetic noise control strategy. The above operation rate is not limited.
If the first operating rate is different from the second operating rate, determining whether the first operating rate is greater than the second operating rate; if the first operation speed is greater than the second operation speed, the first operation speed is reduced so that the adjusted first operation speed is the same as the second operation speed; if the first operation speed is smaller than the second operation speed, the first operation speed is increased, so that the adjusted first operation speed is the same as the second operation speed.
When the first operating rate is different from the second operating rate, the chip determines whether the first operating rate is greater than the second operating rate. And when the chip determines that the first operation speed is greater than the second operation speed, the first operation speed is reduced. For example, the first operating rate is 100MHz, the second operating rate is 40MHz, the first operating rate is 100MHz greater than the second operating rate is 40MHz, and the first operating rate of 100MHz is adjusted down to 40MHz by the second operating rate being 40 MHz. And when the chip determines that the first operation speed is less than the second operation speed, increasing the first operation speed. For example, the first operating rate is 40MHz, the second operating rate is 100MHz, the first operating rate is 40MHz less than the second operating rate is 100MHz, and the first operating rate of 40MHz is adjusted up to 100MHz by the second operating rate being 100 MHz. Such that the adjusted first operating rate is the same as the second operating rate. The above operation rate is not limited.
Step S210, converting the high-speed random number sequence into electromagnetic noise through an electromagnetic radiator, and transmitting the electromagnetic noise to prevent electromagnetic radiation attack.
When the chip acquires the generated high-speed random number sequence number, the high-speed random number sequence is converted into electromagnetic noise through the electromagnetic radiator, and the electromagnetic noise is sent, so that electromagnetic radiation attack is prevented, and at the moment, the current operation of the chip is sensitive operation.
In this embodiment, the chip adjusts the first operation rate by comparing the first operation rate with the second operation rate when the first operation rate is different from the second operation rate, so that the leakage of electromagnetic information generated by sensitive operation can be better covered, and the purpose of safety protection is achieved.
Referring to fig. 6, fig. 6 is a schematic block diagram of a chip according to an embodiment of the present disclosure. The chip includes an electromagnetic radiator and a high speed random number generator.
As shown in fig. 6, the chip 10 includes a memory 11, a processor 12, and an electromagnetic radiator 14, and the processor 11, the memory 12, and the electromagnetic radiator 14 are connected by a system bus 13, wherein the memory 11 may include a nonvolatile storage medium and an internal memory.
The non-volatile storage medium may store a computer program. The computer program comprises program instructions which, when executed, cause the processor 11 to perform any of the methods for protecting against electromagnetic radiation attacks.
The processor 11 is used to provide computing and control capabilities, supporting the operation of the entire chip.
The internal memory provides an environment for running a computer program on a non-volatile storage medium, and the computer program, when executed by the processor, causes the processor to perform any one of the methods for protecting against electromagnetic radiation attacks.
Those skilled in the art will appreciate that the structure shown in fig. 6 is a block diagram of only a portion of the structure relevant to the present application, and does not constitute a limitation on the chip to which the present application is applied, and a particular chip may include more or less components than those shown, or combine certain components, or have a different arrangement of components.
It should be understood that the Processor 11 may be a Central Processing Unit (CPU), and the Processor 11 may also be other general purpose processors, Digital Signal Processors (DSPs), Application Specific Integrated Circuits (ASICs), Field Programmable Gate Arrays (FPGAs) or other Programmable logic devices, discrete Gate or transistor logic devices, discrete hardware components, etc. The general purpose processor 11 may be a microprocessor or the processor may be any conventional processor or the like.
The memory 12 may be a Flash chip, a read-only memory, a magnetic disk, an optical disk, a usb disk, or a removable hard disk, among others.
Wherein, in one embodiment, the processor is configured to execute a computer program stored in the memory to implement the steps of:
determining whether the current operation is a sensitive operation;
if the current operation is determined to be sensitive operation, determining whether a preset electromagnetic radiator is in a running state or not according to the current value of a preset register;
if the electromagnetic radiator is in the running state, determining an electromagnetic noise control strategy according to the attribute information of the sensitive operation;
sending out corresponding electromagnetic noise based on an electromagnetic noise control strategy through an electromagnetic radiator to prevent electromagnetic radiation attack;
and if the current operation is determined not to be the sensitive operation and the electromagnetic radiator is in the running state, the electromagnetic radiator is turned off.
In one embodiment, if the current operation is determined to be a sensitive operation, determining whether a preset electromagnetic radiator is in a run state based on the current value of the preset register comprises:
if the current operation is determined to be sensitive operation, reading the current value of a preset register;
when the current value of the preset register is read to be a preset first threshold value, the electromagnetic radiator is judged to be in a closed state;
when the current value of the preset register is read to be a preset second threshold value, the electromagnetic radiator is judged to be in the running state.
In one embodiment, after determining that the electromagnetic radiation range device is in the off state when the current data value read into the register is the preset first threshold value, the method further includes:
and if the electromagnetic radiator is in the closed state, the electromagnetic radiator is opened, and an electromagnetic noise control strategy is determined according to the attribute information of the sensitive operation.
In another embodiment, determining the electromagnetic noise control strategy based on the attribute information of the sensitive operation if the electromagnetic radiator is in the operational state comprises:
when the electromagnetic radiator is in a running state, acquiring attribute information of sensitive operation, and acquiring the type of the sensitive operation from the attribute information;
and determining an electromagnetic noise control strategy according to the type of the sensitive operation, wherein the type of the sensitive operation and the electromagnetic noise control strategy have a corresponding relation.
In one embodiment, the issuing, by the electromagnetic radiator, corresponding electromagnetic noise based on the electromagnetic noise control strategy to prevent electromagnetic radiation attack includes:
calling a preset high-speed random number generator to generate a high-speed random number sequence corresponding to a sequence number in an electromagnetic noise control strategy;
the high-speed random number sequence is converted into electromagnetic noise through the electromagnetic radiator, and the electromagnetic noise is transmitted to prevent electromagnetic radiation attack.
In one embodiment, invoking a preset high-speed random number generator to generate a high-speed random number sequence corresponding to a sequence number in an electromagnetic noise control strategy comprises:
acquiring a first clock frequency of a preset high-speed random number generator, and reading a first coefficient in an electromagnetic noise control strategy;
calculating a first running speed of a preset high-speed random number generator according to the first clock frequency and the first coefficient;
and running a preset high-speed random number generator based on the first running speed to generate a high-speed random number sequence corresponding to the sequence number in the electromagnetic noise control strategy.
In one embodiment, the method further comprises the steps of running a preset high-speed random number generator based on the first running speed, and generating a high-speed random number sequence corresponding to a serial number in the electromagnetic noise control strategy;
calculating a second running speed of the sensitive operation according to a second clock frequency of the sensitive operation in the attribute information and a second coefficient in the electromagnetic noise control strategy;
judging whether the first operation speed is the same as the second operation speed or not;
if the first running speed is the same as the second running speed, running a preset high-speed random number generator based on the first running speed to generate a high-speed random number sequence corresponding to the sequence number in the electromagnetic noise control strategy;
and if the first operation speed is different from the second operation speed, adjusting the first operation speed to ensure that the adjusted first operation speed is the same as the second operation speed, operating a preset high-speed random number generator based on the adjusted first operation speed, and generating a high-speed random number sequence corresponding to the sequence number in the electromagnetic noise control strategy.
In one embodiment, if the first operating rate is different from the second operating rate, adjusting the first operating rate such that the adjusted first operating rate is the same as the second operating rate comprises:
if the first operating rate is different from the second operating rate, determining whether the first operating rate is greater than the second operating rate;
if the first operation speed is greater than the second operation speed, the first operation speed is reduced so that the adjusted first operation speed is the same as the second operation speed;
if the first operation speed is smaller than the second operation speed, the first operation speed is increased, so that the adjusted first operation speed is the same as the second operation speed.
Embodiments of the present application further provide a computer-readable storage medium, where a computer program is stored on the computer-readable storage medium, where the computer program includes program instructions, and a method implemented when the program instructions are executed may refer to the embodiments of the electromagnetic radiation attack prevention method in the present application.
The computer-readable storage medium may be the chip, or an internal storage unit of the system on chip described in the foregoing embodiments, for example, a hard disk or a memory of the chip. The computer readable storage medium may also be an external storage device of the chip, such as a plug-in hard disk provided on the chip, a Smart Media Card (SMC), a Secure Digital (SD) Card, a Flash memory Card (Flash Card), and the like.
The present invention is described in connection with the accompanying drawings, but the present invention is not limited to the above embodiments, which are only illustrative and not restrictive, and those skilled in the art can make various changes without departing from the spirit and scope of the invention as defined by the appended claims, and all changes that come within the meaning and range of equivalency of the specification and drawings that are obvious from the description and the attached claims are intended to be embraced therein.
Claims (10)
1. A method of protecting against electromagnetic radiation attacks, comprising:
determining whether the current operation is a sensitive operation;
if the current operation is determined to be sensitive operation, determining whether a preset electromagnetic radiator is in a running state or not according to the current value of a preset register;
if the electromagnetic radiator is in the running state, determining an electromagnetic noise control strategy according to the attribute information of the sensitive operation;
sending out corresponding electromagnetic noise based on the electromagnetic noise control strategy through the electromagnetic radiator to prevent electromagnetic radiation attack;
and if the current operation is determined not to be the sensitive operation and the electromagnetic radiator is in the running state, closing the electromagnetic radiator.
2. The method of claim 1, wherein if the current operation is determined to be a sensitive operation, determining whether the preset electromagnetic radiator is in a running state according to the current value of the preset register comprises:
if the current operation is determined to be sensitive operation, reading the current value of a preset register;
when the current value of the preset register is read to be a preset first threshold value, the electromagnetic radiator is judged to be in a closed state;
and when the current value of the preset register is read to be a preset second threshold value, the electromagnetic radiator is judged to be in the running state.
3. The method of preventing electromagnetic radiation attack as claimed in claim 2, wherein after determining that the electromagnetic radiator is in an off state when the current value of the preset register is read to be a preset first threshold value, further comprising:
and if the electromagnetic radiator is in a closed state, the electromagnetic radiator is opened, and an electromagnetic noise control strategy is determined according to the attribute information of the sensitive operation.
4. The method of preventing electromagnetic radiation attacks according to any one of claims 1-3, wherein determining an electromagnetic noise control strategy based on the operational attribute information if the electromagnetic radiator is in an operational state comprises:
when the electromagnetic radiator is in a running state, acquiring attribute information of the sensitive operation, and acquiring the type of the sensitive operation from the attribute information;
and determining an electromagnetic noise control strategy according to the type of the sensitive operation, wherein the type of the sensitive operation and the electromagnetic noise control strategy have a corresponding relation.
5. The method of claim 4, wherein the issuing of the corresponding electromagnetic noise by the electromagnetic radiator based on the electromagnetic noise control strategy to prevent electromagnetic radiation attack comprises:
calling a preset high-speed random number generator to generate a high-speed random number sequence corresponding to the sequence number in the electromagnetic noise control strategy;
and converting the high-speed random number sequence into electromagnetic noise through the electromagnetic radiator, and transmitting the electromagnetic noise to prevent electromagnetic radiation attack.
6. The method of claim 5, wherein the invoking a preset high-speed random number generator to generate a sequence of high-speed random numbers corresponding to the sequence number in the electromagnetic noise control strategy comprises:
acquiring a first clock frequency of the preset high-speed random number generator, and reading a first coefficient in the electromagnetic noise control strategy;
calculating a first running speed of the preset high-speed random number generator according to the first clock frequency and the first coefficient;
and running the preset high-speed random number generator based on the first running speed to generate a high-speed random number sequence corresponding to the serial number in the electromagnetic noise control strategy.
7. The method of preventing electromagnetic radiation attack as recited in claim 6, wherein before the operating the preset high-speed random number generator based on the first operating speed to generate the high-speed random number sequence corresponding to the sequence number in the electromagnetic noise control strategy, further comprising:
calculating a second running speed of the sensitive operation according to a second clock frequency of the sensitive operation in the attribute information and a second coefficient in the electromagnetic noise control strategy;
judging whether the first operation speed is the same as the second operation speed or not;
if the first operation speed is the same as the second operation speed, operating the preset high-speed random number generator based on the first operation speed to generate a high-speed random number sequence corresponding to the serial number in the electromagnetic noise control strategy;
if the first operation speed is different from the second operation speed, adjusting the first operation speed to enable the adjusted first operation speed to be the same as the second operation speed, and operating the preset high-speed random number generator based on the adjusted first operation speed to generate a high-speed random number sequence corresponding to a sequence number in the electromagnetic noise control strategy.
8. The method of claim 7, wherein if the first operating speed is different from the second operating speed, adjusting the first operating speed such that the adjusted first operating speed is the same as the second operating speed comprises:
if the first operating rate is different from the second operating rate, determining whether the first operating rate is greater than the second operating rate;
if the first operation speed is greater than the second operation speed, reducing the first operation speed so that the adjusted first operation speed is the same as the second operation speed;
if the first operation speed is smaller than the second operation speed, the first operation speed is increased, so that the adjusted first operation speed is the same as the second operation speed.
9. A chip, wherein the chip comprises: an electromagnetic radiator for emitting electromagnetic noise, and a memory, a processor and a computer program stored on the memory and executable on the processor, the computer program, when executed by the processor, implementing the steps of the method of preventing electromagnetic radiation attacks according to any one of claims 1 to 8.
10. A computer-readable storage medium, having stored thereon a computer program which, when being executed by a processor, carries out the steps of the method of shielding against electromagnetic radiation attacks according to any one of claims 1 to 8.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910758725.XA CN112395649B (en) | 2019-08-16 | 2019-08-16 | Method, chip and computer readable storage medium for preventing electromagnetic radiation attack |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910758725.XA CN112395649B (en) | 2019-08-16 | 2019-08-16 | Method, chip and computer readable storage medium for preventing electromagnetic radiation attack |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN112395649A true CN112395649A (en) | 2021-02-23 |
| CN112395649B CN112395649B (en) | 2024-01-26 |
Family
ID=74602060
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910758725.XA Active CN112395649B (en) | 2019-08-16 | 2019-08-16 | Method, chip and computer readable storage medium for preventing electromagnetic radiation attack |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112395649B (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114760003A (en) * | 2022-06-14 | 2022-07-15 | 北京密码云芯科技有限公司 | Encryption protection device for electromagnetic perception attack and use method |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20040002644A1 (en) * | 2002-07-01 | 2004-01-01 | Axis-Shield Poc As | Method and apparatus for digitizing electromagnetic radiation measurements by shutter speed control |
| CN102970131A (en) * | 2011-08-31 | 2013-03-13 | 北京中电华大电子设计有限责任公司 | Circuit structure for preventing power attacks on grouping algorithm |
| CN108490281A (en) * | 2018-01-31 | 2018-09-04 | 中国人民解放军陆军工程大学 | Method for predicting random noise electromagnetic radiation effect of frequency equipment and terminal equipment |
| CN108521325A (en) * | 2018-03-27 | 2018-09-11 | 林喆昊 | A kind of anti-side-channel attack algorithm suitable for system data Life cycle |
| CN108830089A (en) * | 2018-05-16 | 2018-11-16 | 哈尔滨工业大学 | The Initiative Defence System that electromagnetic radiation information leaks in high frequency data transfer |
-
2019
- 2019-08-16 CN CN201910758725.XA patent/CN112395649B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20040002644A1 (en) * | 2002-07-01 | 2004-01-01 | Axis-Shield Poc As | Method and apparatus for digitizing electromagnetic radiation measurements by shutter speed control |
| CN102970131A (en) * | 2011-08-31 | 2013-03-13 | 北京中电华大电子设计有限责任公司 | Circuit structure for preventing power attacks on grouping algorithm |
| CN108490281A (en) * | 2018-01-31 | 2018-09-04 | 中国人民解放军陆军工程大学 | Method for predicting random noise electromagnetic radiation effect of frequency equipment and terminal equipment |
| CN108521325A (en) * | 2018-03-27 | 2018-09-11 | 林喆昊 | A kind of anti-side-channel attack algorithm suitable for system data Life cycle |
| CN108830089A (en) * | 2018-05-16 | 2018-11-16 | 哈尔滨工业大学 | The Initiative Defence System that electromagnetic radiation information leaks in high frequency data transfer |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114760003A (en) * | 2022-06-14 | 2022-07-15 | 北京密码云芯科技有限公司 | Encryption protection device for electromagnetic perception attack and use method |
Also Published As
| Publication number | Publication date |
|---|---|
| CN112395649B (en) | 2024-01-26 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Krautter et al. | FPGAhammer: Remote voltage fault attacks on shared FPGAs, suitable for DFA on AES | |
| EP3316177B1 (en) | Attack prevention method, apparatus and chip for cipher engine | |
| US9792229B2 (en) | Protecting a memory | |
| US20080155275A1 (en) | Systems and methods for distinguishing between actual data and erased/blank memory with regard to encrypted data | |
| CN103903043B (en) | A kind of smart card Trinity preventing side-channel attack means of defence and system | |
| US10326586B2 (en) | Encryption/decryption apparatus and power analysis protecting method thereof | |
| CN114239082A (en) | Anti-attack Internet of things security chip, method and device integrating national cryptographic algorithm | |
| US20130185567A1 (en) | Method or process for securing computers or mobile computer devices with a contact or dual-interface smart card | |
| US20160335433A1 (en) | Intrusion detection system in a device comprising a first operating system and a second operating system | |
| EP3271828A1 (en) | Cache and data organization for memory protection | |
| CN114528602B (en) | Security chip operation method and device based on attack detection behavior | |
| US9401802B2 (en) | Side channel power attack defense with pseudo random clock operation | |
| CN112395649B (en) | Method, chip and computer readable storage medium for preventing electromagnetic radiation attack | |
| CN111767586A (en) | Microprocessor and safety chip with built-in hardware cryptographic algorithm coprocessor | |
| US20030154389A1 (en) | Method and arrangement for increasing the security of circuits against unauthorized access | |
| CN102110206B (en) | Method for defending attack and device with attack defending function | |
| CN109891823B (en) | Method, system, and non-transitory computer readable medium for credential encryption | |
| CN110932853B (en) | Key management device and key management method based on trusted module | |
| CN111386513B (en) | Data processing method, device and system chip | |
| KR100987845B1 (en) | IC Card For Protecting Power Monitoring Attack | |
| CN111373404B (en) | Cipher key security | |
| CN108121917B (en) | Method and system for circuit protection | |
| Sunkavilli et al. | Dpredo: Dynamic partial reconfiguration enabled design obfuscation for fpga security | |
| Gross et al. | CPU to FPGA Power Covert Channel in FPGA-SoCs | |
| CN109284638B (en) | Protection method and system for operating environment of security chip |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |