[go: up one dir, main page]

CN109635599A - Data ciphering method, decryption method, protective device, on-chip memory and chip - Google Patents

Data ciphering method, decryption method, protective device, on-chip memory and chip Download PDF

Info

Publication number
CN109635599A
CN109635599A CN201811493479.1A CN201811493479A CN109635599A CN 109635599 A CN109635599 A CN 109635599A CN 201811493479 A CN201811493479 A CN 201811493479A CN 109635599 A CN109635599 A CN 109635599A
Authority
CN
China
Prior art keywords
data
group
linear conversion
key
algorithm
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201811493479.1A
Other languages
Chinese (zh)
Other versions
CN109635599B (en
Inventor
王大永
周玉洁
朱念好
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
SHANGHAI AISINO CHIP ELECTRONIC TECHNOLOGY Co Ltd
Original Assignee
SHANGHAI AISINO CHIP ELECTRONIC TECHNOLOGY Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by SHANGHAI AISINO CHIP ELECTRONIC TECHNOLOGY Co Ltd filed Critical SHANGHAI AISINO CHIP ELECTRONIC TECHNOLOGY Co Ltd
Priority to CN201811493479.1A priority Critical patent/CN109635599B/en
Publication of CN109635599A publication Critical patent/CN109635599A/en
Application granted granted Critical
Publication of CN109635599B publication Critical patent/CN109635599B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/78Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
    • G06F21/79Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data in semiconductor storage media, e.g. directly-addressable memories
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2107File encryption

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Storage Device Security (AREA)

Abstract

A kind of data ciphering method before n-bit data is stored in on-chip memory, is first divided into n/4 group for n-bit data every 4 for one group, encrypts to each group of data, then encryption data is stored in on-chip memory: converting to each group of data;Transformed each group of data is converted by the non-linear conversion algorithm of corresponding group, obtains nonlinear object data;N intermediate keys are generated after n-bit data key and on-chip memory address are handled;N intermediate keys are subjected to transformation and carry out being converted to nonlinear object key by the non-linear conversion algorithm of corresponding group;Nonlinear object data and nonlinear object key are subjected to exclusive or and obtain encryption data.The present invention is based on data of the encryption method of nonlinear change to memory to carry out the processing such as non-linear conversion, key generation, data transformation, exclusive or, makes the data ciphertext of memory, increases the difficulty of memory attack.

Description

Data ciphering method, decryption method, protective device, on-chip memory and chip
Technical field
The present invention relates to IC chip fields, and in particular to a kind of data ciphering method, decryption method, protection dress It sets, on-chip memory and chip.
Background technique
As information-based is constantly progressive, information security becomes the important words lived concerning national security and people Chip is inscribed as the infrastructure in electronics and IT products, is serviced with providing operation, control, safety etc. as major function, it is more next The wider every field applied to information system.
Generally comprised in chip it is one or more based on integrated circuit technique nonvolatile memory (such as RAM, EEPROM, FLASH) saving the personal sensitive information of user, including individual subscriber identity information, for identification and logical Interrogate the key etc. of secrecy.How to protect these sensitive informations not to be illegally accessed is protection user's right, ensures corresponding information system The basic demand for normal operation of uniting.
Currently, the method for memory attack mainly has half intrusive mood and intrusive attack, by directly using scanning Electronic Speculum (SEM) is observed, and is attempted to distinguish the unit of different storage states from image and is positioned single memory unit position It sets or direct detection memory data delivery outlet data, pad (PAD) signal is detected to read in memory by probe Hold.
Summary of the invention
For the attack means of memory, the present invention makes the number entered in memory by designing special protective device According to being all encrypted, the data in such memory are all ciphertexts, even if these ciphertexts are illegally obtained by attacker, these Encrypted data can not decrypt for attacker, and attack is made to lose meaning.More specifically, the invention proposes one Encryption method of the kind based on nonlinear change, is handled by non-linear conversion, key generation, data transformation, exclusive or etc., makes to store The data of device are ciphertext, increase the difficulty of attack in this way to substantially increase the safety of chip.The present invention realizes data Encryption, the technical solution of decryption are as follows.
According in a first aspect, provide a kind of data ciphering method in a kind of embodiment,
Each group of data is converted;
Transformed each group of data is converted by the non-linear conversion algorithm of corresponding group, obtains nonlinear object number According to;
N intermediate keys are generated after n-bit data key and on-chip memory address are handled;
It is divided into n/4 group for one group by n intermediate keys every 4, each group intermediate key is converted, after transformation Intermediate key carry out being converted to nonlinear object key by the non-linear conversion algorithm of corresponding group;
Nonlinear object data and nonlinear object key are subjected to exclusive or and obtain encryption data.
It is described to be turned transformed each group of data by the non-linear conversion algorithm of corresponding group in a kind of embodiment It changes, specifically: in n-bit data, different types of non-linear conversion is respectively adopted in each group corresponding to low data [n/2-1:0] Different types of non-linear conversion algorithm is respectively adopted in algorithm, each group corresponding to high position data [n-1:n/2].
In a kind of embodiment, the non-linear conversion algorithm is 4 non-linear conversion algorithms.
In a kind of embodiment, the n is 32.
In a kind of embodiment, the type of the non-linear conversion algorithm is 4 kinds, respectively the first non-linear conversion, second Non-linear conversion, third non-linear conversion and the 4th non-linear conversion.
In a kind of embodiment, each group corresponding to high 16 data and low 16 data of 32 data is respectively adopted non-thread Property transfer algorithm type are as follows: low [3:0] position data and the high position [19:16] data are all made of the first non-linear conversion, low [7:4] Position data and high position [23:20] data are all made of the second non-linear conversion, and low [11:8] position data and high position [27:24] data are equal Using third non-linear conversion, low [15:12] position data and high position [31:28] data are all made of the 4th non-linear conversion.
According to second aspect, a kind of decryption method that above-mentioned encryption method is decrypted is provided in a kind of embodiment, Comprising steps of
N ciphertext data and nonlinear object key are carried out exclusive or behaviour by the position the n ciphertext data for reading on-chip memory Make, obtains n xor datas;
It is divided into n/4 group for one group by n xor datas every 4, each group of data is passed through into the nonlinear inverse of corresponding group Transfer algorithm carries out data inverse conversion, obtains inverse conversion data;
The progress inverse transformation of inverse conversion data is obtained into ciphertext data.
It is described that each group of data is subjected to data reverse by the nonlinear inverse transfer algorithm of corresponding group in a kind of embodiment It changes, specifically: in n xor datas, each group corresponding to low data [n/2-1:0] is respectively adopted different types of non-linear Scaling method is reversed, different types of nonlinear inverse transfer algorithm is respectively adopted in each group corresponding to high position data [n-1:n/2].
In a kind of embodiment, the nonlinear inverse transfer algorithm is 4 nonlinear inverse transfer algorithms.
In a kind of embodiment, the n is 32.
In a kind of embodiment, the type of the nonlinear inverse transfer algorithm is 4 kinds, respectively first against non-linear conversion, Second against non-linear conversion, third against non-linear conversion and the 4th against non-linear conversion.
In a kind of embodiment, what each group corresponding to high 16 data and low 16 data of 32 xor datas was respectively adopted The type of nonlinear inverse transfer algorithm are as follows: low [3:0] position data and high position [19:16] data are all made of first against non-linear turn It changes, low [7:4] position data and high position [23:20] data are all made of second against non-linear conversion, low [11:8] position data and height The position [27:24] data are all made of third against non-linear conversion, and low [15:12] position data and high position [31:28] data are all made of the Four against non-linear conversion.
According to the third aspect, provide a kind of protective device of on-chip memory in a kind of embodiment, including encryption unit and Decryption unit;
The encryption unit first encrypts n-bit data using above-mentioned non-linear encryption method, then by encryption data It is stored in on-chip memory;
The decryption unit is decrypted the position the n ciphertext data for reading on-chip memory using above-mentioned decryption method.
According to fourth aspect, a kind of on-chip memory is provided in a kind of embodiment, including above-mentioned protective device, the guarantor Protection unit is used to that the data entered in on-chip memory to be encrypted, and for the ciphertext read in on-chip memory Data are decrypted.
According to the 5th aspect, a kind of chip is provided in a kind of embodiment, including above-mentioned one or more on-chip memories, To store sensitive information.
The present invention carries out non-linear conversion, close by data of the encryption method based on nonlinear change to write-in memory The processing such as key generation, data transformation, exclusive or, makes the data ciphertext of memory, increases the difficulty of memory attack.
Detailed description of the invention
Fig. 1 is the encryption schematic diagram of embodiment one;
Fig. 2 is the decryption schematic diagram of embodiment two;
Fig. 3 is the on-chip memory schematic illustration of example IV.
Specific embodiment
Below by specific embodiment combination attached drawing, invention is further described in detail.
Embodiment one:
This example provides a kind of data ciphering method, and n-bit data is stored in front of on-chip memory by the encryption method First the n-bit data is encrypted, in this way, the data in on-chip memory are all ciphertexts, even if these ciphertexts are attacked Person illegally obtains, these encrypted data can not decrypt for attacker, and attack is made to lose meaning.
The data ciphering method that this example provides first is divided into n/4 group for n-bit data every 4 for one group, to each group of data It is encrypted, then encryption data is stored in on-chip memory, wherein encryption is carried out to each group of data and is included the following steps:
S1: each group of data is converted.
S2: transformed each group of data is converted by the non-linear conversion algorithm of corresponding group, is obtained non-linear defeated Data out.
Wherein, during transformed each group of data being converted by the non-linear conversion algorithm of corresponding group, needle To n-bit data, different types of non-linear conversion algorithm is respectively adopted in each group corresponding to low data [n/2-1:0], high-order Different types of non-linear conversion algorithm is respectively adopted in each group corresponding to data [n-1:n/2], wherein non-linear conversion algorithm For 4 non-linear conversion algorithms.
S3: n intermediate keys are generated after n-bit data key and on-chip memory address are handled.
S4: it is divided into n/4 group for one group by n intermediate keys every 4, each group intermediate key is converted, will be become Intermediate key after changing carries out being converted to nonlinear object key by the non-linear conversion algorithm of corresponding group.
S5: nonlinear object data and nonlinear object key are subjected to exclusive or and obtain encryption data.
It is below 32 processes for illustrating above-mentioned steps S1-S5 specific implementation with n, encryption schematic diagram is as shown in Figure 1.
It is encrypted accordingly for unit for 8 for 32 digits, then 32 data are divided into 4 big groups: [7:0], [15:8], [23:16] and [31:24], then again that is to say data in every group with 4 for one group, and 32 data every 4 are drawn for one group It is divided into 8 groups, each group of data is encrypted, detailed process is as follows.
Step 1: each group of data being converted, each group of data passes through map function T1, map function T2, change in the step The conversion process for changing operation T3 and map function T4 is as follows:
Because of 32 data wdata [31:0], every four are one group, are divided into 8 groups, wherein each map function is corresponding The transformation of two groups of data, transformation is as follows, and transformed data are denoted as si [31:0]:
The conversion process of map function T1 is as follows:
Si [3:0]={ wdata [0], wdata [3] ^wdata [6], wdata [5], wdata [2] };
Si [7:4]={ wdata [5] ^wdata [1], wdata [7], wdata [4], wdata [6] };
The conversion process of map function T2 is as follows:
Si [11:8]={ wdata [9], wdata [12], wdata [13], wdata [15] ^wdata [10] };
Si [15:12]={ wdata [14], wdata [8] ^wdata [13], wdata [10], wdata [11] };
The conversion process of map function T3 is as follows:
Si [19:16]={ wdata [18] ^wdata [22], wdata [20], wdata [23], wdata [17] };
Si [23:20]={ wdata [19], wdata [16], wdata [21] ^wdata [17], wdata [22] };
The conversion process of map function T4 is as follows:
Si [27:24]={ wdata [26], wdata [27], wdata [30] ^wdata [25], wdata [29] };
Si [31:28]={ wdata [25], wdata [24] ^wdata [29], wdata [28], wdata [31] };
Step 2: transformed each group of data being converted by the non-linear conversion algorithm of corresponding group, is obtained non-linear Output data.
This example devises 4 non-linear conversion algorithms, and in order to improve the intensity of encryption, this example devises 4 of 4 seed types Non-linear conversion algorithm, respectively the first non-linear conversion, the second non-linear conversion, third non-linear conversion and the 4th are non-linear Conversion.
Wherein, the first non-linear conversion (S1), the second non-linear conversion (S2), third non-linear conversion (S3) and the 4th are non- Each corresponding non-linear conversion algorithm table difference of linear transformation (S4) is as follows:
S1
S2
S3
S4
The process that transformed each group of data is converted by the non-linear conversion algorithm of corresponding group, 32 of this example The type for the non-linear conversion algorithm that each group corresponding to high 16 data and low 16 data of data is respectively adopted are as follows: low [3: 0] position data and high position [19:16] data are all made of the first non-linear conversion, low [7:4] position data and high position [23:20] data It is all made of the second non-linear conversion, low [11:8] position data and high position [27:24] data are all made of third non-linear conversion, low [15:12] position data and high position [31:28] data are all made of the 4th non-linear conversion.
Input data si [31:0] corresponding 8 groups output after non-linear conversion is so [31:0], it may be assumed that
Si [3:0] is so [3:0] by S1 final output;
Si [7:4] is so [7:4] by S2 final output;
Si [11:8] is so [11:8] by S3 final output;
Si [15:12] is so [15:12] by S4 final output;
Si [19:16] is so [19:16] by S1 final output;
Si [23:20] is so [23:20] by S2 final output;
Si [27:24] is so [27:24] by S3 final output;
Si [31:28] is so [31:28] by S4 final output.
In order to guarantee that same plaintext address difference obtains ciphertext difference, this example is generated close by following steps 3 and step 4 Key.
Step 3: 32 intermediate key key_ are generated after 32 data keys and on-chip memory address are handled temp。
Specifically, input key_i [31:0] is close with 32 centres of address addr_in [16:0] progress respective handling generation Key key_temp, wherein the address addr [18:2] in the corresponding memory of address addr_in [16:0], processing method is as follows:
Key_temp [7]=key_i [6] ^key_i [0] ^addr_in [10];
Key_temp [6]=key_i [1] ^addr_in [9] ^addr_in [11];
Key_temp [5]=key_i [3] ^addr_in [8] ^addr_in [7];
Key_temp [4]=key_i [7] ^addr_in [6] ^addr_in [5];
Key_temp [3]=key_i [4] ^key_i [2] ^addr_in [2];
Key_temp [2]=key_i [0] ^addr_in [3] ^addr_in [12];
Key_temp [1]=key_i [5] ^addr_in [4] ^addr_in [13];
Key_temp [0]=key_i [2] ^addr_in [1] ^addr_in [0];
Key_temp [15]=key_i [13] ^addr_in [0] ^addr_in [9];
Key_temp [14]=key_i [11] ^key_i [9] ^addr_in [8] ^addr_in [10];
Key_temp [13]=key_i [10] ^addr_in [3] ^addr_in [14];
Key_temp [12]=key_i [8] ^addr_in [4] ^addr_in [7];
Key_temp [11]=key_i [9] ^addr_in [2] ^addr_in [15];
Key_temp [10]=key_i [12] ^key_i [8] ^addr_in [5];
Key_temp [9]=key_i [15] ^addr_in [6] ^addr_in [16];
Key_temp [8]=key_i [14] ^addr_in [1] ^addr_in [11];
Key_temp [23]=key_i [16] ^addr_in [10] ^addr_in [13];
Key_temp [22]=key_i [17] ^addr_in [4] ^addr_in [8];
Key_temp [21]=key_i [19] ^key_i [21] ^addr_in [2] ^addr_in [6];
Key_temp [20]=key_i [18] ^addr_in [3] ^addr_in [7];
Key_temp [19]=key_i [20] ^addr_in [5] ^addr_in [16];
Key_temp [18]=key_i [22] ^addr_in [1] ^addr_in [14];
Key_temp [17]=key_i [23] ^key_i [18] ^addr_in [0];
Key_temp [16]=key_i [21] ^addr_in [9] ^addr_in [10];
Key_temp [31]=key_i [24] ^addr_in [1] ^addr_in [4];
Key_temp [30]=key_i [28] ^addr_in [7] ^addr_in [5];
Key_temp [29]=key_i [27] ^addr_in [3] ^addr_in [2];
Key_temp [28]=key_i [25] ^key_i [31] ^addr_in [0] ^addr_in [6];
Key_temp [27]=key_i [31] ^addr_in [8] ^addr_in [12];
Key_temp [26]=key_i [26] ^addr_in [9] ^addr_in [11];
Key_temp [25]=key_i [30] ^addr_in [10] ^addr_in [15];
Key_temp [24]=key_i [29] ^key_i [24] ^addr_in [5] ^addr_in [16].
Step 4: 8 groups are divided into for one group by 32 intermediate keys every 4, each group intermediate key is converted, it will Transformed intermediate key ki [31:0] carries out being converted to nonlinear object key by the non-linear conversion algorithm of corresponding group Key_o[31:0]。
Wherein, above-mentioned 32 intermediate key key_temp [31:0] every four are one group, are divided into 8 groups, carry out data change The process for getting transformed intermediate key ki [31:0] in return is as follows:
Ki [3:0]={ key_temp [0], key_temp [7], key_temp [5], key_temp [2] };
Ki [7:4]={ key_temp [1], key_temp [3], key_temp [4], key_temp [6] };
Ki [11:8]={ key_temp [9], key_temp [11], key_temp [13], key_temp [15] };
Ki [15:12]={ key_temp [14], key_temp [8], key_temp [10], key_temp [12] };
Ki [19:16]={ key_temp [18], key_temp [20], key_temp [22], key_temp [17] };
Ki [23:20]={ key_temp [19], key_temp [16], key_temp [21], key_temp [23] };
Ki [27:24]={ key_temp [26], key_temp [24], key_temp [30], key_temp [29] };
Ki [31:28]={ key_temp [25], key_temp [27], key_temp [28], key_temp [31] }.
Ki [31:0] corresponding 8 groups output after non-linear conversion is Key_o [31:0], it may be assumed that
Ki [3:0] is Key_o [3:0] by S1 final output;
Ki [7:4] is Key_o [7:4] by S2 final output;
Ki [11:8] is Key_o [11:8] by S3 final output;
Ki [15:12] is Key_o [15:12] by S4 final output;
Ki [19:16] is Key_o [19:16] by S1 final output;
Ki [23:20] is Key_o [23:20] by S2 final output;
Ki [27:24] is Key_o [27:24] by S3 final output;
Ki [31:28] is Key_o [31:28] by S4 final output.
Step 5: nonlinear object data so [31:0] and nonlinear object key Key_o [31:0] progress exclusive or is obtained Encryption data wdata_i [31:0], it may be assumed that wdata_i [31:0]=so [31:0] ^Key_o [31:0].
Embodiment two:
Based on embodiment one, this example provides the decryption method that the encryption method of a kind of pair of embodiment one is decrypted, specifically Include the following steps, corresponding flow chart is as shown in Figure 2.
S100: reading the position the n ciphertext data of on-chip memory, and n ciphertext data and the progress of nonlinear object key are different Or operation, obtain n xor datas.
In this step, the generating process of nonlinear object key please refers to the step S3 and step S4 of embodiment one, herein It does not repeat.
S200: being divided into n/4 group for n xor datas every 4 for one group, and each group of data is passed through the non-thread of corresponding group Sex reversal scaling method carries out data inverse transformation, obtains inverse transformation data.
In this step, each group of data is carried out to the process of data inverse transformation by the nonlinear inverse transfer algorithm of corresponding group In, in n xor datas, different types of nonlinear inverse transfer algorithm is respectively adopted in each group corresponding to low data, high-order Different types of nonlinear inverse transfer algorithm is respectively adopted in each group corresponding to data, wherein nonlinear inverse transfer algorithm is 4 Nonlinear inverse transfer algorithm.
S300: inverse conversion data are converted to obtain ciphertext data.
Likewise, this example is 32 detailed processes for illustrating decryption with n.
Step 1: 32 ciphertext data of on-chip memory are read, 32 ciphertext data and the progress of nonlinear object key are different Or operation, 32 xor datas are obtained, detailed process is as follows:
Ri [7:0]=rdata_o [7:0] ^Key_o [7:0];
Ri [15:8]=rdata_o [15:8] ^Key_o [15:8];
Ri [23:16]=rdata_o [23:16] ^Key_o [23:16];
Ri [31:24]=rdata_o [31:24] ^Key_o [31:24];
Wherein, rdata_o [31:0] is the ciphertext data read, and Key_o [31:0] is non-linear defeated in embodiment one Key out, ri [31:0] are xor data.
2::32 xor datas of step every 4 are divided into n/4 group for one group, and each group of data is passed through the non-of corresponding group Linear inverse transfer algorithm carries out data inverse conversion, obtains inverse conversion data.
For 4 non-linear conversion algorithms of 4 seed types of embodiment one, this example also provide 4 seed types 4 are non-linear Reverse scaling method, respectively first against non-linear conversion, second against non-linear conversion, third against non-linear conversion and the 4th against non- Linear transformation.
Wherein, first against non-linear conversion (S1INV), second against non-linear conversion (S2INV), third against non-linear conversion (S3INV) and the 4th is as follows against each corresponding non-linear conversion inverse conversion algorithm table difference of non-linear conversion (S4INV):
S1INV
S2INV
S3INV
S4INV
Each group corresponding to high 16 data and low 16 data of 32 xor datas of this example is respectively adopted non-linear Reversing the type of scaling method are as follows: low [3:0] position data and the high position [19:16] data are all made of first against non-linear conversion, low [7: 4] position data and high position [23:20] data are all made of second against non-linear conversion, low [11:8] position data and high [27:24] digit The the 4th against non-linear turn is all made of against non-linear conversion, low [15:12] position data and high position [31:28] data according to third is all made of It changes.
Xor data ri [31:0] every 4 are one group, and after nonlinear inverse transfer algorithm, corresponding 8 inverse non-linear The inverse conversion data ro [31:0] of conversion output is as follows respectively:
Ri [3:0] is ro [3:0] by S1INV final output;
Ri [7:4] is ro [7:4] by S2INV final output;
Ri [11:8] is ro [11:8] by S3INV final output;
Ri [15:12] is ro [15:12] by S4INV final output;
Ri [19:16] is ro [19:16] by S1INV final output;
Ri [23:20] is ro [23:20] by S2INV final output;
Ri [27:24] is ro [27:24] by S3INV final output;
Ri [31:28] is ro [31:28] by S4INV final output.
Step 4: inverse conversion data progress Transform operations are obtained into ciphertext data.
In the step, 32 data ro [31:0], every 8 are one group, are divided into 4 groups, each group of data is grasped by inverse transformation Make T1INV, Transform operations T2INV, Transform operations T3INV and Transform operations T4INV to be converted, obtains ciphertext data Rdata [31:0], process is as follows:
Transform operations T1INV process is as follows:
Rdata [7:0]={ ro [6], ro [4], ro [2], ro [5], ro [2] ^ro [4], ro [0], ro [7] ^ro [1], ro [3]};
Transform operations T2INV process is as follows:
Rdata [15:8]=ro [8] ^ro [13], ro [15], ro [9], ro [10], ro [12], ro [13], ro [10], ro[14]^ro[9]};
Transform operations T3INV process is as follows:
Rdata [23:16]={ ro [17], ro [20], ro [21] ^ro [16], ro [18], ro [23], ro [19] ^ro [20],ro[16],ro[22]};
Transform operations T4INV process is as follows:
Rdata [31:24]={ ro [28], ro [25] ^ro [31], ro [24], ro [29], ro [26], ro [27], ro [31],ro[30]^ro[24]}。
Embodiment three:
Based on embodiment one and embodiment two, this example provides a kind of protective device of on-chip memory, the protective device packet Include encryption unit and decryption unit, wherein encryption unit first adds n-bit data using encryption method described in embodiment one It is close, then encryption data is stored in on-chip memory;Decryption unit is using decryption method described in embodiment two to reading piece The position the n ciphertext data of built-in storage are decrypted;The specific ciphering process of the encryption unit of this example please refers to embodiment one, this example The decrypting process of decryption unit please refer to embodiment two, this example does not repeat.
Example IV:
Based on embodiment three, this example provides a kind of on-chip memory, which includes the protection dress of embodiment three Set, schematic diagram as shown in figure 3, by the protective device to the data entered in on-chip memory when row encryption and right The ciphertext data for reading on-chip memory are decrypted;The data ciphertext for making memory by protective device, increases Attack the difficulty of memory.
Based on the on-chip memory that this example provides, this example also provides a kind of chip, which is based on including one or more The on-chip memory of integrated circuit technique, sensitive information of the on-chip memory to store user, e.g., individual subscriber identity letter It ceases, for identification and the key of communication security etc., since the data of on-chip memory are ciphertext, to substantially increase core The safety of piece.
Use above specific case is illustrated the present invention, is merely used to help understand the present invention, not to limit The system present invention.For those skilled in the art, according to the thought of the present invention, can also make several simple It deduces, deform or replaces.

Claims (11)

1. a kind of data ciphering method, which is characterized in that
Before n-bit data is stored in on-chip memory, it first is divided into n/4 group for one group by n-bit data every 4, to each group Data are encrypted, then encryption data is stored in on-chip memory, wherein carrying out encryption to each group of data includes following step It is rapid:
Each group of data is converted;
Transformed each group of data is converted by the non-linear conversion algorithm of corresponding group, obtains non-linear conversion output number According to;
N intermediate keys are generated after n-bit data key and on-chip memory address are handled;
It is divided into n/4 group for one group by n intermediate keys every 4, each group intermediate key is converted, in transformed Between key carry out being converted to non-linear conversion by the non-linear conversion algorithm of corresponding group and export key;
Non-linear conversion output data and non-linear conversion output key are carried out exclusive or and obtain encryption data.
2. encryption method as described in claim 1, which is characterized in that described that transformed each group of data is passed through corresponding group Non-linear conversion algorithm is converted, specifically: in n-bit data, each group corresponding to low data [n/2-1:0] is respectively adopted Different types of non-linear conversion algorithm, each group corresponding to high position data [n-1:n/2] are respectively adopted different types of non-thread Property transfer algorithm.
3. encryption method as claimed in claim 2, which is characterized in that the non-linear conversion algorithm is 4 non-linear conversions Algorithm, the type of 4 non-linear conversion algorithms are 4 kinds, and respectively the first non-linear conversion, the second non-linear conversion, third are non- Linear transformation and the 4th non-linear conversion.
4. encryption method as claimed in claim 3, which is characterized in that the n is high 16 data of 32,32 data and low The type for the non-linear conversion algorithm that each group corresponding to 16 data is respectively adopted are as follows: low [3:0] position data and high position [19:16] Data are all made of the first non-linear conversion, and low [7:4] position data and high position [23:20] data are all made of the second non-linear conversion, Low [11:8] position data and the high position [27:24] data are all made of third non-linear conversion, low [15:12] position data and it is high [31: 28] position data are all made of the 4th non-linear conversion.
5. the decryption method of a kind of pair of described in any item encryption methods of claim 1-4, which is characterized in that comprising steps of
N ciphertext data and non-linear conversion output key are carried out exclusive or behaviour by the position the n ciphertext data for reading on-chip memory Make, obtains n xor datas;
It is divided into n/4 group for one group by n xor datas every 4, each group of data is converted by the nonlinear inverse of corresponding group Algorithm carries out data inverse conversion, obtains inverse conversion data;
The progress inverse transformation of inverse conversion data is obtained into ciphertext data.
6. decryption method as claimed in claim 5, which is characterized in that described that each group of data is passed through the nonlinear inverse of corresponding group Transfer algorithm carries out data inverse conversion, specifically: in n xor datas, the difference of each group corresponding to low data [n/2-1:0] Using different types of nonlinear inverse transfer algorithm, different type is respectively adopted in each group corresponding to high position data [n-1:n/2] Nonlinear inverse transfer algorithm.
7. decryption method as claimed in claim 6, which is characterized in that the nonlinear inverse transfer algorithm is 4 nonlinear inverses Transfer algorithm is 4 kinds for the type of 4 nonlinear inverse transfer algorithms, and respectively first against non-linear conversion, second against non-linear Conversion, third are against non-linear conversion and the 4th against non-linear conversion.
8. decryption method as claimed in claim 7, which is characterized in that the n is high 16 data of 32,32 xor datas The type for the nonlinear inverse transfer algorithm being respectively adopted with each group corresponding to low 16 data are as follows: low [3:0] position data and height The position [19:16] data are all made of first and are all made of second against non-linear conversion, low [7:4] position data and high position [23:20] data Inverse non-linear conversion, low [11:8] position data and high position [27:24] data are all made of third against non-linear conversion, low [15:12] Position data and high position [31:28] data are all made of the 4th against non-linear conversion.
9. a kind of protective device of on-chip memory, which is characterized in that including encryption unit and decryption unit;
The encryption unit first encrypts n-bit data using the described in any item encryption methods of claim 1-4, then will add Ciphertext data is stored in on-chip memory;
The decryption unit is using the described in any item decryption methods of claim 5-8 to the position the n ciphertext for reading on-chip memory Data are decrypted.
10. a kind of on-chip memory, which is characterized in that including protective device as claimed in claim 9, the protective device is used for The data entered in on-chip memory are encrypted, and for being solved to the ciphertext data read in on-chip memory Close processing.
11. a kind of chip, which is characterized in that including one or more on-chip memories described in any one of claim 10, to store Sensitive information.
CN201811493479.1A 2018-12-07 2018-12-07 Data encryption method, decryption method, protection device, on-chip memory and chip Active CN109635599B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811493479.1A CN109635599B (en) 2018-12-07 2018-12-07 Data encryption method, decryption method, protection device, on-chip memory and chip

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811493479.1A CN109635599B (en) 2018-12-07 2018-12-07 Data encryption method, decryption method, protection device, on-chip memory and chip

Publications (2)

Publication Number Publication Date
CN109635599A true CN109635599A (en) 2019-04-16
CN109635599B CN109635599B (en) 2024-01-09

Family

ID=66071695

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811493479.1A Active CN109635599B (en) 2018-12-07 2018-12-07 Data encryption method, decryption method, protection device, on-chip memory and chip

Country Status (1)

Country Link
CN (1) CN109635599B (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116956321A (en) * 2023-07-12 2023-10-27 兆讯恒达科技股份有限公司 Method, device and system for encrypting chip data
CN119788281A (en) * 2025-03-10 2025-04-08 北京国旭网络科技有限公司 IPv6 encryption-based address generation algorithm

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100226493A1 (en) * 2006-01-17 2010-09-09 Sony Corporation Encryption/decryption device, encryption/decryption method, and computer program
CN107800534A (en) * 2017-10-16 2018-03-13 北京连山时代科技有限公司 A kind of data ciphering method and decryption method based on multi-chain circuit transmission
CN108768620A (en) * 2018-03-26 2018-11-06 海光信息技术有限公司 A kind of data processing method and device

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100226493A1 (en) * 2006-01-17 2010-09-09 Sony Corporation Encryption/decryption device, encryption/decryption method, and computer program
CN107800534A (en) * 2017-10-16 2018-03-13 北京连山时代科技有限公司 A kind of data ciphering method and decryption method based on multi-chain circuit transmission
CN108768620A (en) * 2018-03-26 2018-11-06 海光信息技术有限公司 A kind of data processing method and device

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116956321A (en) * 2023-07-12 2023-10-27 兆讯恒达科技股份有限公司 Method, device and system for encrypting chip data
CN119788281A (en) * 2025-03-10 2025-04-08 北京国旭网络科技有限公司 IPv6 encryption-based address generation algorithm

Also Published As

Publication number Publication date
CN109635599B (en) 2024-01-09

Similar Documents

Publication Publication Date Title
US6691921B2 (en) Information processing device
CN202650015U (en) System for access of encrypted memory
CN106850221B (en) Information encryption and decryption method and device
KR100837270B1 (en) Smart card and its data security method
US8094816B2 (en) System and method for stream/block cipher with internal random states
US7284133B2 (en) Information processing unit
KR102383829B1 (en) Cryptographic method for securely exchanging messages and device and system for implementing this method
CN108475237A (en) Storage operation is encrypted
CN102970132B (en) Protection method for preventing power analysis and electromagnetic radiation analysis on grouping algorithm
SE1350203A1 (en) Device encryption process and process for unsafe environments
US10565381B2 (en) Method and apparatus for performing firmware programming on microcontroller chip, and associated microcontroller chip
CN103595539A (en) Method for encrypting format-preserved numeric type personally identifiable information
CN107579813A (en) information encryption and decryption method and device
CN106487497B (en) DPA protection for RIJNDAEL algorithm
CN106534124A (en) Integration encrypted storage tamper-proofing method and system
CN108494546A (en) A kind of whitepack encryption method, device and storage medium
CN109478995A (en) Implementation of white box encryption algorithm
CN107257279A (en) A kind of clear data encryption method and equipment
CN101425895A (en) Cipher generating device, ciphering and deciphering method for electronic equipment software
US9602281B2 (en) Parallelizable cipher construction
CN106487499A (en) The protection of Rijndael algorithm
CN109635599A (en) Data ciphering method, decryption method, protective device, on-chip memory and chip
CN103746796A (en) Coprocessor for realizing intelligent card SM4 password algorithm
WO2002086846A1 (en) Enciphering / deciphering device, enciphering / deciphering method, data enciphering method, and ic card
CN106656471A (en) Method and system for protecting user sensitive information

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
CB02 Change of applicant information

Address after: 200233 Room 704, Building 2, No. 2570 Hechuan Road, Minhang District, Shanghai

Applicant after: Shanghai Hangxin Electronic Technology Co.,Ltd.

Address before: Room 5058, building B, 555 Dongchuan Road, Minhang District, Shanghai

Applicant before: SHANGHAI AISINOCHIP ELECTRONIC TECHNOLOGY Co.,Ltd.

CB02 Change of applicant information
GR01 Patent grant
GR01 Patent grant