高级搜索

留言板

尊敬的读者、作者、审稿人, 关于本刊的投稿、审稿、编辑和出版的任何问题, 您可以本页添加留言。我们将尽快给您答复。谢谢您的支持!

姓名
邮箱
手机号码
标题
留言内容
验证码

基于正交混淆的多硬件IP核安全防护设计

张跃军 王佳伟 潘钊 张晓伟 汪鹏君

张跃军, 王佳伟, 潘钊, 张晓伟, 汪鹏君. 基于正交混淆的多硬件IP核安全防护设计[J]. 电子与信息学报, 2019, 41(8): 1847-1854. doi: 10.11999/JEIT180898
引用本文: 张跃军, 王佳伟, 潘钊, 张晓伟, 汪鹏君. 基于正交混淆的多硬件IP核安全防护设计[J]. 电子与信息学报, 2019, 41(8): 1847-1854. doi: 10.11999/JEIT180898
Yuejun ZHANG, Jiawei WANG, Zhao PAN, Xiaowei ZHANG, Pengjun WANG. Hardware Security for Multi IPs Protection Based on Orthogonal Obfuscation[J]. Journal of Electronics & Information Technology, 2019, 41(8): 1847-1854. doi: 10.11999/JEIT180898
Citation: Yuejun ZHANG, Jiawei WANG, Zhao PAN, Xiaowei ZHANG, Pengjun WANG. Hardware Security for Multi IPs Protection Based on Orthogonal Obfuscation[J]. Journal of Electronics & Information Technology, 2019, 41(8): 1847-1854. doi: 10.11999/JEIT180898

基于正交混淆的多硬件IP核安全防护设计

doi: 10.11999/JEIT180898
基金项目: 国家自然科学基金(61871244, 61874078, 61704094),浙江省自然科学基金(LY18F040002),浙江省科技厅公益技术应用研究(2016C31078),亿像素视频加密与IP加密算法与硬件开发横向项目(HK2017000135),浙江省大学生新苗人才计划(2018R405071),宁波大学王宽诚幸福基金
详细信息
    作者简介:

    张跃军:男,1982年生,副教授,研究方向为信息安全芯片理论和设计

    王佳伟:男,1994年生,硕士生,研究方向为硬件安全和混淆设计

    潘钊:男,1993年生,硕士生,研究方向为混淆状态机的设计与实现

    张晓伟:男,1987年生,讲师,研究方向为稀土掺杂硅基薄膜发光材料与光电子器件研究

    汪鹏君:男,1966年生,教授,研究方向为低功耗、高信息密度集成电路理论和设计、安全芯片理论和设计、多媒体技术及相关理论

    通讯作者:

    汪鹏君 wangpengjun@nbu.edu.cn

  • 中图分类号: TP331

Hardware Security for Multi IPs Protection Based on Orthogonal Obfuscation

Funds: The National Natural Science Foundation of China (61871244, 61874078, 61704094),The Natural Science Foundation of Zhejiang Provincial (LY18F040002), The S&T Plan of Zhejiang Provincial Science and Technology Department (2016C31078), Algorithms and Hardware Development of Billion Pixels Video Encryption and IP Encryption (HK2017000135), Fresh Student Talents Program of Zhejiang Province (2018R405071), The K.C. Wong Magna Fund in Ningbo University
  • 摘要: 为了解决集成电路设计中多方合作的成员信息泄漏问题,该文提出一种基于正交混淆的多硬件IP核安全防护方案。该方案首先利用正交混淆矩阵产生正交密钥数据,结合硬件特征的物理不可克隆函数(PUF)电路,产生多硬件IP核的混淆密钥;然后,在正交混淆状态机的基础上,实现多硬件IP核的正交混淆安全防护算法;最后,利用ISCAS-85基准电路和密码算法,验证正交混淆方法的有效性。在台湾积体电路制造股份有限公司(TSMC) 65 nm工艺下测试正交混淆的多硬件IP核方案,正确密钥和错误密钥下的Toggle翻转率小于5%,在较大规模的测试电路中面积和功耗开销占比小于2%。实验结果表明,采用正交混淆的方式能够提高多硬件IP核的安全性,可以有效防御成员信息泄漏、状态翻转率分析等攻击。
  • 图  1  正交混淆方法结构框图

    图  2  IC设计团队、芯片公司以及用户的正交混淆交互协议

    图  3  正交混淆的电路实现

    图  4  正交混淆功能仿真图

    图  5  正交混淆的面积开销

    图  6  正交混淆的功耗开销

    图  7  不同加密方法在成员泄密时的安全性曲线

    图  8  Toggle仿真结果

    表  1  正交混淆算法伪代码

     正交混淆算法
     输入:Kuser
     输出:{p1,p2,···,pn}
      (1) 初始化正交模块
      (2) 重置功能IP核
      (3) 对各功能IP核分配权重
      (4) for i←0 to N-1
         for ji+1 to N-1 {
         do vector_j←vector_j-(vector_j[i]/vector_i[i])×
         vector_i
        }
      (5) for i←0 to N-1
        for ji+1 to N-1 {
        do vector_i←vector_i-(vector_i[N-i]/vector_j[N-i])×
        vector_j
       }
      (6) 矩阵O←{vector_1,vector_2,···,vector_N}T
      (7) 向量pO×Kuser
    下载: 导出CSV

    表  2  基准电路中硬件开销情况

    基准电路
    面积(μm2)
    测试模块
    面积(μm2)
    混淆面积
    开销(μm2)
    面积开销
    占比(%)
    基准电路
    功耗(mW)
    测试模块
    功耗(mW)
    混淆功耗
    开销(mW)
    功耗开销
    占比(%)
    混淆模块
    延时(ns)
    A16457.687391.68934.0012.600.31290.43920.126328.801.12
    A1+A216851.9617866.121014.165.703.39283.55170.15894.501.12
    A1+A2+A332561.6433618.801057.163.107.52217.70170.17962.301.15
    A1+A2+A3+A449888.0851038.761150.682.3011.579611.76260.18301.601.20
    注:表中A1, A2, A3和A4分别表示密码算法TDEA, SEED_3clk, MISTY1_3clk和AES中的EncCore部分。
    下载: 导出CSV

    表  3  本文设计与文献[812]对比情况

    文献混淆方法工艺(mm)基准电路面积(μm2)功耗(mW)速度(GHz)混淆IP核数量MILA
    文献[8]状态映射混淆65AES-ENC25983.000.7558单个
    文献[9]DUP65SEED_3clk17506.083.21711.38单个
    文献[10]ISO65SEED_3clk17450.643.28301.72单个
    文献[11]HARPOON65S3858422995.406.38831.14单个
    文献[12]Dynamic State-Deflection65S3858421835.006.92620.86单个
    本文正交混淆65SEED_3clk17114.603.28150.98多个
    AES-ENC17326.444.05750.95
    s3858420159.006.74560.83
    下载: 导出CSV
  • FYRBIAK M, ROKICKI S, BISSANTZ N, et al. Hybrid obfuscation to protect against disclosure attacks on embedded microprocessors[J]. IEEE Transactions on Computers, 2018, 67(3): 307–321. doi: 10.1109/TC.2017.2649520
    JAEHA K and PARK K T. EE6: Can artificial intelligence replace my job? The dawn of a new IC industry with AI[C]. 2018 IEEE International Solid-State Circuits Conference, San Francisco, USA, 2018: 531–533.
    WERNER M, UNTERLUGGAUER T, SCHAFFENRATH D, et al. Sponge-based control-flow protection for IoT devices[C]. 2018 IEEE European Symposium on Security and Privacy, London, UK, 2018: 214–226.
    许天燊. 万物互联驱动IC产业创新与合作[J]. 软件和集成电路, 2015(6): 16–20.

    XU Tianshen. All things interconnection drives innovation and cooperation in IC industry[J]. Software and Integrated Circuits, 2015(6): 16–20.
    HONG C, KIM S H, KIM J H, et al. A linear-mode LiDAR sensor using a multi-channel CMOS transimpedance amplifier array[J]. IEEE Sensors Journal, 2018, 18(17): 7032–7040. doi: 10.1109/JSEN.2018.2852794
    BUSE D S, SOMMER C, and DRESSLER F. Demo abstract: Integrating a driving simulator with city-scale VANET simulation for the development of next generation ADAS systems[C]. The IEEE INFOCOM 2018 - IEEE Conference on Computer Communications Workshops, Honolulu, USA, 2018: 1–2.
    VIJAYAKUMAR A, PATIL V C, HOLCOMB D E, et al. Physical design obfuscation of hardware: A comprehensive Investigation of device and logic-level techniques[J]. IEEE Transactions on Information Forensics and Security, 2017, 12(1): 64–77. doi: 10.1109/TIFS.2016.2601067
    张跃军, 潘钊, 汪鹏君, 等. 基于状态映射的AES算法硬件混淆设计[J]. 电子与信息学报, 2018, 40(3): 750–757. doi: 10.11999/JEIT170556

    ZHANG Yuejun, PAN Zhao, WANG Pengjun, et al. Design of hardware obfuscation AES based on state deflection strategy[J]. Journal of Electronics &Information Technology, 2018, 40(3): 750–757. doi: 10.11999/JEIT170556
    KOUSHANFAR F. Provably secure active IC metering techniques for piracy avoidance and digital rights management[J]. IEEE Transactions on Information Forensics and Security, 2012, 7(1): 51–63. doi: 10.1109/TIFS.2011.2163307
    CHAKRABORTY R S and BHUNIA S. RTL hardware IP protection using key-based control and data flow obfuscation[C]. International Conference on VLSI Design, Bangalore, India, 2010: 405–410.
    CHAKRABORTY R S and BHUNIA S. HARPOON: An obfuscation-based soc design methodology for hardware protection[J]. IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems, 2009, 28(10): 1493–1502. doi: 10.1109/TCAD.2009.2028166
    DOFE J and YU Qiaoyan. Novel dynamic state-deflection method for gate-level design obfuscation[J]. IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems, 2018, 37(2): 273–285. doi: 10.1109/TCAD.2017.2697960
    CANETTI R, ROTHBLUM G N, and VARIA M. Theory of Cryptography[M]. Berlin, Heidelberg: Springer, 2010: 72–89.
    CAO Yuan, ZHANG Le, CHANG C H, et al. A low-power hybrid RO PUF with improved thermal stability for lightweight applications[J]. IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems, 2015, 34(7): 1143–1147. doi: 10.1109/TCAD.2015.2424955
    ZHANG Jiliang, LIN Yaping, LYU Yongqiang, et al. A PUF-FSM binding scheme for FPGA IP protection and pay-per-device licensing[J]. IEEE Transactions on Information Forensics and Security, 2015, 10(6): 1137–1150. doi: 10.1109/TIFS.2015.2400413
    张元达. 有限群构造[M]. 北京: 科学出版社, 1982: 203–206.

    ZHANG Yuanda. Finite Group Construction[M]. Beijing: Science Press, 1982: 203–206.
    LAO Yingjie and PARHI K K. Statistical analysis of MUX-based physical unclonable functions[J]. IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems, 2014, 33(5): 649–662. doi: 10.1109/TCAD.2013.2296525
    BOŠNJAK L, SREŠ J, and BRUMEN B. Brute-force and dictionary attack on hashed real-world passwords[C]. The 41st International Convention on Information and Communication Technology, Electronics and Microelectronics, Opatija, Croatia, 2018: 1161–1166.
  • 加载中
图(8) / 表(3)
计量
  • 文章访问数:  1926
  • HTML全文浏览量:  961
  • PDF下载量:  73
  • 被引次数: 0
出版历程
  • 收稿日期:  2018-09-18
  • 修回日期:  2019-03-14
  • 网络出版日期:  2019-04-13
  • 刊出日期:  2019-08-01

目录

    /

    返回文章
    返回