首页 | 本学科首页   官方微博 | 高级检索  
相似文献
 共查询到18条相似文献,搜索用时 169 毫秒
1.
为了解决集成电路设计中多方合作的成员信息泄漏问题,该文提出一种基于正交混淆的多硬件IP核安全防护方案。该方案首先利用正交混淆矩阵产生正交密钥数据,结合硬件特征的物理不可克隆函数(PUF)电路,产生多硬件IP核的混淆密钥;然后,在正交混淆状态机的基础上,实现多硬件IP核的正交混淆安全防护算法;最后,利用ISCAS-85基准电路和密码算法,验证正交混淆方法的有效性。在台湾积体电路制造股份有限公司(TSMC) 65 nm工艺下测试正交混淆的多硬件IP核方案,正确密钥和错误密钥下的Toggle翻转率小于5%,在较大规模的测试电路中面积和功耗开销占比小于2%。实验结果表明,采用正交混淆的方式能够提高多硬件IP核的安全性,可以有效防御成员信息泄漏、状态翻转率分析等攻击。  相似文献   

2.
一种有效缩减AES算法S盒面积的组合逻辑优化设计   总被引:1,自引:1,他引:0       下载免费PDF全文
王沁  梁静  齐悦 《电子学报》2010,38(4):939-0942
 通过对AES算法S盒构造原理的研究,利用其中仿射变换的系数具有循环移位的周期性特点对电路结构进行改进,提出一种面积优化的AES算法S盒组合逻辑电路设计方法。该方法基于流水线技术,采用倍频复用的电路结构,较传统结构减少了逻辑资源的使用。经过EDA工具综合仿真和实际系统验证,该方法比Wolkerstorfer和Satoh的S盒有限域实现的硬件规模分别缩减了47.53%和41.49%,比Morioka的S盒真值表实现的硬件规模缩减了21.43%。该设计方案已成功用于一种基于FPGA实现的密码专用处理器设计中。  相似文献   

3.
针对嵌入式设备,基于128位AES加密算法提出了一种基于软件的轻量化实现方案,利用T型查找表存储方案,将AES加密算法中字节替代、行移位和列混合操作转化成查表操作,并优化内存访问机制,使AES加密算法能够在有限的处理器速度、代码空间、能源使用的环境中运行。在Firefly-RK3399嵌入式开发板上进行了硬件实现,基于TCP/IP的套接字通讯方案,设计了轻量级AES加密通讯系统。采用32字节报文内容、128位的时间动态密钥,进行系统实验,结果表明较传统AES加密算法,在环境因素相同的情况下,所提方法在不降低安全性的同时,加解密速度可提升15.02%。  相似文献   

4.
传统硬件混淆从物理级、逻辑级、行为级等进行单层次混淆,没有发挥多级协同优势,存在安全隐患。该文通过对物理版图、电路逻辑和状态跳变行为的关系研究,提出多级协同混淆的硬件IP核防护方法。该方案首先在自下而上协同混淆中,采用虚拟孔设计版图级伪装门的方式进行物理-逻辑级混淆,采用过孔型物理不可克隆函数(PUF)控制状态跳变的方式实现物理-行为级混淆;然后,在自上而下协同混淆中,利用密钥控制密钥门进行行为-逻辑级混淆,利用并行-支路混淆线的方法完成行为-物理级混淆;最后提出混淆电路在网表的替换机制,设计物理-逻辑-行为的3级协同混淆,实现多级协同混淆的IP核安全防护。ISCAS-89基准电路测试结果表明,在TSMC 65 nm工艺下,多级协同混淆IP核在较大规模测试电路中的面积开销占比平均为11.7%,功耗开销占比平均为5.1%,正确密钥和错误密钥下的寄存器翻转差异低于10%,所提混淆方案可有效抵御暴力攻击、逆向工程、SAT等攻击。  相似文献   

5.
为了提高AES抵抗故障注入攻击的能力,各种各样的抵抗措施相继被提出。很多嵌入式系统中,都使用AES来提高系统的安全性。然而,自然和恶意注入故障降低了AES算法的鲁棒性,并且还可能导致私人信息泄漏。对并发的故障检测方案进行了研究,用以实现可靠的AES算法,进而提出了一种基于改进型AES结构的故障检测方案。将轮变换拆分成2部分,并且在这2部分中间加入了流水设计。仿真结果显示,其错误覆盖率达到了98.54%。此外,该方案和前人所提出的方案都在最新款的Xilinx Virtex系列FPGA芯片上得到了实现。对这些方案的硬件开销、频率及吞吐量进行比较,结果显示,该方案要优于前人所提出的方案。  相似文献   

6.
一种小面积低功耗串行AES硬件加解密电路   总被引:1,自引:0,他引:1  
通过分析AES算法的基本原理,对AES算法中的子模块SubBytes和Mixcolumns的硬件电路实现方法进行优化,提出一种新的key硬件电路实现方式,并在key的实现电路中采用低功耗设计.与目前的大多数实现电路相比,该电路可以有效减小芯片面积,降低电路功耗.采用串行AES加密/解密电路结构,经综合仿真后,芯片面积为8 054门,最高工作频率为77.4 MHz,对128位数据加密的速率为225 Mbps,解密速率达到183 Mbps,可满足目前大部分无线传感网络数据交换速率的需求.  相似文献   

7.
针对AES算法,提出了一种新颖的AES算法的硬件实现.与传统的硬件实现方法不同,首先分析了AES算法的结构,并通过修改解密流程,在加解密流程中采用结构共享,节省了芯片的面积;其次在字节代换中采用了复合域中的运算,使得不可减小的时间延迟变得最小;最后通过仔细分析电路中各部分的时间延迟,采用8级流水线结构,最大程度地提高了数据处理的速度.文中提出的硬件结构适用于芯片面积资源紧张、芯片处理速度要求较快的场合.  相似文献   

8.
戴强  戴紫彬  李伟 《电子学报》2018,46(11):2650-2659
为使AES S盒的多奇偶校验故障检测方案具备预期故障检测能力,提出了由预期故障覆盖率确定预测奇偶总数的参数计算模型.根据模型确定的预测奇偶总数,为基于冗余有限域算术的S盒定制了两种多分块多奇偶校验的故障检测方案.推导优化了各分块预测奇偶计算公式,并通过穷举搜索找到了使整个电路结构最优的多项式系数与映射矩阵.仿真结果表明两种方案的随机多故障覆盖率均约为97%,验证了参数计算模型的有效性,突发故障覆盖率分别约为61.8%、76.3%,优于已有文献中大部分故障检测方案.综合结果表明,对比于已有文献中具有相似故障检测能力的故障检测S盒电路,所设计电路的面积-延时积最小.  相似文献   

9.
传统硬件混淆从物理级、逻辑级、行为级等进行单层次混淆,没有发挥多级协同优势,存在安全隐患.该文通过对物理版图、电路逻辑和状态跳变行为的关系研究,提出多级协同混淆的硬件IP核防护方法.该方案首先在自下而上协同混淆中,采用虚拟孔设计版图级伪装门的方式进行物理-逻辑级混淆,采用过孔型物理不可克隆函数(PUF)控制状态跳变的方式实现物理-行为级混淆;然后,在自上而下协同混淆中,利用密钥控制密钥门进行行为-逻辑级混淆,利用并行-支路混淆线的方法完成行为-物理级混淆;最后提出混淆电路在网表的替换机制,设计物理-逻辑-行为的3级协同混淆,实现多级协同混淆的IP核安全防护.ISCAS-89基准电路测试结果表明,在TSMC 65 nm工艺下,多级协同混淆IP核在较大规模测试电路中的面积开销占比平均为11.7%,功耗开销占比平均为5.1%,正确密钥和错误密钥下的寄存器翻转差异低于10%,所提混淆方案可有效抵御暴力攻击、逆向工程、SAT等攻击.  相似文献   

10.
AES算法中S-box和列混合单元的优化及FPGA实现   总被引:1,自引:0,他引:1  
由于AES算法的硬件实现较为复杂,在此提出一种优化算法中S-box和列混合单元的方法.其中S-box通过组合和有限域映射的方法进行优化,列混合单元使用算式重组的方法进行优化.这些优化设计通过组合逻辑实现,经过仿真并在Xilinx Spartan 3系列FPGA上进行综合验证,可以将结构简化,使AES电路面积得到优化,明显节约硬件资源.  相似文献   

11.
该文在高级加密标准(AES)快速算法的基础上,设计了一组基于可配置处理器NiosⅡ上的扩展指令,用于IEEE802.15.4标准媒体访问控制层中基于AES算法的计数器模式和密码分组链接消息验证码(AES-CCM)协议的硬件加速.该文首先推导出快速算法中用于轮变换的查找表与S盒的逻辑关系,然后通过复合域变换方法用硬件电路实现S盒的计算,从而消除了支撑扩展指令集的硬件逻辑对片上存储空间的消耗.同时给出该协议基于查表法的扩展指令集和协处理器的设计方案,并在EP2C35芯片上进行实现和对比.该方案仅消耗223个逻辑单元(LE),吞吐量为668.7 kbps,时钟周期数比软件算法加速174.6倍,芯片面积仅为协处理器方案的9.5%,显著降低了无线传感网节点设备的成本和功耗.  相似文献   

12.
In this article, a high-speed and highly restricted encryption algorithm is proposed to cipher high-definition (HD) images based on the modified advanced encryption standard (AES) algorithm. AES is a well-known block cipher algorithm and has several advantages, such as high-level security and implementation ability. However, AES has some drawbacks, including high computation costs, pattern appearance, and high hardware requirements. The aforementioned problems become more complex when the AES algorithm ciphers an image, especially HD images. Three modifications are proposed in this paper to improve AES algorithm performance through, decreasing the computation costs, decreasing the hardware requirements, and increasing the security level. First, modification was conducted using MixColumn transformation in 5 rounds instead of 10 rounds in the original AES-128 to decrease the encryption time. Security is enhanced by improving the key schedule operation by adding MixColumn transformation to this operation as second modification. In addition, to decrease the hardware requirements, S-box and Inv. S-box in the original AES are replaced by one simple S-box used for encryption and decryption in the proposed method. The proposed AES version conducts one of the ciphering modes to solve the appearance pattern problem. Experimental results indicate that the proposed modifications to the AES algorithm made the algorithm more compatible with HD image encryption.  相似文献   

13.
随着集成电路(IC)产业进入后摩尔时代,芯片一次性工程成本愈发高昂,而以逆向工程技术为代表的知识产权窃取手段,越来越严重地威胁着芯片信息安全。为了抵抗逆向工程攻击,该文提出一种基于遗传算法的自动化逻辑混淆方法,通过分析网表寄存器的拓扑网络结构,筛选逻辑节点并创建冗余连接,从而混淆词级寄存器的相似性特征,在低开销下防止逆向攻击恢复寄存器传输级的词级变量、控制逻辑与数据通路。基于SM4国密算法基准电路开展验证实验,结果表明:经该文方法混淆后,逆向结果与设计真实情况的标准化互信息相关度下降了46%,拓扑复杂度提升61.46倍,面积额外开销为0.216%;同时相较于随机混淆,该混淆方法效率提升为2.718倍,面积额外开销降低70.8%。  相似文献   

14.
Logic locking has emerged as a prominent technique to protect an integrated circuit from piracy, overbuilding, and hardware Trojans. Most of the well-known logic locking techniques are vulnerable to satisfiability (SAT) based attack. Though several SAT-resistant logic locking techniques such as Anti-SAT block (ASB) are reported that increase the time to decipher the secret key, the existing techniques are either vulnerable to signal probability skew (SPS) based removal attack or require significant design overhead. Therefore, a new lightweight ASB design and obfuscation technique is proposed that effectively integrate and obfuscates the ASB in the design to thwart removal attack. We first propose a new ASB design/integration approach that effectively thwarts the structural/functional analysis based removal attack with minimum overhead. Further, we also propose an ASB obfuscation approach that shifts the inverter deep in the circuit using De Morgan's law and replaces an ASB gate with a key-gate to thwart SPS based removal attack. Moreover, a new algorithm is proposed that inserts the ASB in the locked design to achieve desired output corruptibility. Finally, a new INV/BUFF key-gate is proposed that constructs the ASB with reduced overhead over the XOR/XNOR. Experimental evaluation on ISCAS-85 benchmarks shows that our ASB design and obfuscation approaches, on an average, reduce area overhead by 25.5% and 22% respectively, and effectively prevent removal attack without reducing any security.  相似文献   

15.
程序在动态执行过程中泄露了大量的路径分支信息,这些路径分支信息是其内部逻辑关系的二进制表示.符号执行技术可以自动地收集并推理程序执行过程所泄露的路径信息,可用于逆向工程并可削弱代码混淆的保护强度.哈希函数可以有效保护基于等于关系的路径分支信息,但是难以保护基于上下边界判断的不等关系的路径分支信息.将保留前缀算法与哈希函数相结合提出了一种新的路径分支混淆技术,将符号执行推理路径分支信息的难度等价到逆向推理哈希函数的难度.该路径分支混淆方法在SPECint-2006程序测试集上进行了实验,试验结果表明该混淆方法能有效保护程序路径分支信息,具有实用性.  相似文献   

16.
This paper presents a high level error detection and correction method called HVD code to tolerate multiple bit upsets (MBUs) occurred in memory cells. The proposed method uses parity codes in four directions in a data part to assure the reliability of memories. The proposed method is very powerful in error detection while its error correction coverage is also acceptable considering its low computing latency. HVD code is useful for applications whose high error detection coverage is very important such as memory systems. Of course, this code can be used in combination with other protection codes which have high correction coverage and low detection coverage. The proposed method is evaluated using more than one billion multiple fault injection experiments. Multiple bit flips were randomly injected in different segments of a memory system and the fault detection and correction coverages are calculated. Results show that 100% of the injected faults can be detected. We proved that, this method can correct up to three bit upsets. Some hardware implementation issues are investigated to show tradeoffs between different implementation parameters of HVD method.  相似文献   

17.
为提高算法的效率,降低密钥运算的复杂度,提升密钥抵抗强力攻击和时间攻击能力,提出一种AES的算法方案。阐述了AES算法原理及片上系统执行AES的工作流程,基于8051软核AES算法IP原理、设计流程以及硬件模块的实现方案,并给出了效率分析及在硬件平台上的验证结果。仿真结果显示,用查表法实现AES,其IP核具有高效性,并可为密码SoC产品的开发体统算法引擎支持。相比较于以往的算法模型,该方案用少量面积换取速度,大幅提高了算法的效率,因此具备良好的应用价值。  相似文献   

18.
With the development of system-on-chip (SoC) chips, more and more design houses are cooperating with each other's. How to achieve benefit sharing and key management for multiple intellectual properties (IPs) has become an emergency problem. This work proposes an orthogonal obfuscation method to protect multiple IPs. The proposed method permits cooperators to control the project using different security keys, protects the patterns with an orthogonal key, and be convenient for the user to manage the key. For reasons of increased security, the proposed method hides the original keys to prevent information leakage. Multi-port Physical Unclonable Function (MPUF) circuit is used as the additional orthogonal key to cluster membership. It protects the IPs from hardware attacks such as brute-force attack, member leakage attack, reverse engineering and so on. The security analyzes results show that the proposed method reduces the key retrieval time by 36.3% over the baseline. The proposed obfuscation methods have been successfully applied to ISCAS′89 benchmark circuits and cryptographic algorithms. Experimental results indicate that the orthogonal obfuscation only increases the area by 3.43% and consumes 2.77% more power than the baseline.  相似文献   

设为首页 | 免责声明 | 关于勤云 | 加入收藏

Copyright©北京勤云科技发展有限公司  京ICP备09084417号