CN111125789A - A chip key management method with multiple hardware IP cores - Google Patents

Abstract

The invention discloses a chip key management method with multiple hardware IP cores, including an encryption process and a decryption process. In the encryption process, a built-in multi-port physical unclonable function is introduced to perform a function on a preset feature vector in the hardware IP core. Update, and then construct an orthogonal confusion matrix based on the updated feature vector and encrypt each hardware IP core separately. When the chip user decrypts the authorized hardware IP core, the chip user enters the 128-bit binary code of the chip provided by the chip manufacturer. Secret key, when the input 128-bit binary secret key matches the decryption secret key of the authorized hardware IP core in the chip, the authorized hardware IP core can be unlocked; the advantage is that each hardware IP core in the chip can be independently Provide protection to prevent each independent hardware IP core inside the chip from being attacked by side-channel attacks and chip probes, with good flexibility and high protection performance.

Description

Chip key management method with multiple hardware IP cores

Technical Field

The invention relates to a chip key management method, in particular to a chip key management method with a plurality of hardware IP cores.

Background

In recent years, the integrated circuit industry has been rapidly developed, the chip scale is increased due to continuously updated integrated circuit process nodes, more and more examples of chips are cooperatively designed by multiple teams, and meanwhile, the hardware threat caused by internal information leakage among teams is increased.

The existing typical chip encryption method usually adopts an encryption mode of directly matching keys, and the principle is that a string of binary data sequence with the length of 16/32/64bit is prestored in a chip by using a ROM, an external input key is received, and only when the input key of the chip is equal to the binary data sequence prestored in the chip, a hardware IP core in the chip can normally work, so that the encryption of the hardware IP core is realized.

The current encryption method for directly matching the key uses an explicit key, a designer needs to set a chip key independently, and the explicit key in the multi-party cooperative design means that the designer can directly obtain hardware IP cores of all parties through the key, which is not beneficial to the common benefits of multi-party teams. In addition, the existence of the explicit key needs to set a ROM array or a register file in a chip as hardware support, an attacker can easily obtain the chip key through a chip probe and other modes, the protection effect is poor, the simple key matching method mainly aims at the protection of the whole chip, but each internal independent hardware IP core is easily attacked by a side channel attack, a chip probe and other modes, and the safety performance is low.

Disclosure of Invention

The technical problem to be solved by the invention is to provide a chip key management method with a plurality of hardware IP cores, which can independently protect each hardware IP core in a chip, avoid the attack of each independent hardware IP core in the chip by a side channel attack, a chip probe and the like, and has good flexibility and high protection performance.

The technical scheme adopted by the invention for solving the technical problems is as follows: a chip key management method with a plurality of hardware IP cores comprises an encryption process and a decryption process, wherein each hardware IP core is respectively encrypted in the encryption process, and each hardware IP core is respectively decrypted in the decryption process;

the encryption process specifically comprises the following steps:

①, acquiring the total number of hardware IP cores in the chip, recording the total number as N, wherein N is an integer less than or equal to 50, sorting the N hardware IP cores according to the weight of each hardware IP core set by a hardware IP core designer from large to small, wherein the 1 st hardware IP core is the hardware IP core with the largest weight, the 2 nd hardware IP core is the hardware IP core with the second largest weight, and so on, the Nth hardware IP core is the hardware IP core with the smallest weight, and recording the serial number of the ith hardware IP core as IPi, i is 1, 2, …, N;

② presetting a feature vector in each hardware IP core, each feature vector comprises N-1 binary numbers of 8 bits, and recording the feature vector preset in the ith hardware IP core as K_IPi，K_IPi＝[a_i1a_i2…a_i(N-2)a_i(N-1)]Wherein a is_ijFor the preset characteristic vector K in the ith hardware IP core_IPiThe j-th 8-bit binary number, j is 1, 2, …, N-1;

③ embedding a multi-port physical unclonable function in a chip, wherein the multi-port physical unclonable function is used for providing 2N 8-bit binary numbers, the 2N 8-bit binary numbers provided by the multi-port physical unclonable function are randomly divided into N groups of 8-bit binary numbers, each group of 8-bit binary numbers respectively comprises two 8-bit binary numbers, and the two 8-bit binary numbers in the i-th group of 8-bit binary numbers are respectively marked as e_i1And e_i2；

Respectively updating the feature vectors preset in the 1 st to Nth hardware IP cores, wherein the specific mode is as follows: adding two 8-bit binary numbers in the ith group of 8-bit binary numbers to the feature vector K of the ith hardware IP core_IPiIn, to K_IPiUpdating, the updated K_IPiExpressed by formula (1):

K_IPi＝[a_i1a_i2…a_i(N-2)a_i(N-1)e_i1e_i2](1)

④, constructing an orthogonal confusion matrix by using the current feature vectors of the 1 st to Nth hardware IP cores, and marking the orthogonal confusion matrix as O, wherein the orthogonal confusion matrix O is expressed by adopting an expression (2):

⑤ set K_IPiThe simplified feature vector variable of (2) is,it is denoted as K'_IPiSetting fixed point number, and recording the fixed point number as p, to K'_IPiAnd the orthogonal confusion matrix O is respectively and sequentially updated for the first time, the first updating process comprises N-1 rounds, and the method specifically comprises the following steps:

s1, setting a first updating round variable and recording the first updating round variable as T;

s2, setting an updating frequency variable and recording the updating frequency variable as t;

s3, carrying out initialization assignment on T, and enabling T to be 1;

s4, initializing T, and enabling T to be T;

s5, entering into the Tth round and the T-th update: using the formula p ═ a_(t+1)1÷a₁₁Updating the fixed point number p for the t time, reserving two decimal places for the obtained p, and then adopting a formula K'_IP(t+1)＝K_IP(t+1)-K_IP1X p to K'_IP(t+1)Updating for the t 'th time, adopting K'_IP(t+1)Updated value pair K_IP(t+1)Is updated, and then the orthogonal confusion matrix O is updated again to ensure that K is in the orthogonal confusion matrix O_IP(t+1)Is the latest value, p and K are calculated each time in the updating process_IP(t+1)、K_IP1、a_(t+1)1And a₁₁All the values of (A) are the current latest values;

s6, judging whether the current value of T is equal to N-1, if not, adopting the sum of the current value of T plus 1 to update the value of T, returning to the step S5 to carry out the next update, if so, judging whether the current value of T is equal to N-1, if not, adopting the sum of the current value of T plus 1 to update the value of T, returning to the step S4 to carry out the next update, if so, ending the first update, and entering the step ⑥.

⑥ to K'_IPiAnd respectively and sequentially updating the orthogonal confusion matrix O again, wherein the updating process comprises N-1 rounds, and the specific steps are as follows:

A. setting a re-updating round variable, marking the re-updating round variable as G, and setting an intermediate parameter H;

B. setting an updating frequency variable and recording the updating frequency variable as g;

C. carrying out initialization assignment on H, and enabling H to be N-1;

D. assigning G, and enabling G to be N-H;

E. initializing G rows, and enabling G to be G;

F. entering the G-th update of the G-th round:

using the formula p ═ a_HN÷a_NNUpdating the fixed point number p, keeping two decimal places for p, and adopting a formula K'_IPH＝K_IPH-K_IPNX p to K'_IPHUpdating is carried out, K 'is adopted'_IPHUpdated value pair K_IPHUpdating the orthogonal confusion matrix O to K_IPHIs the latest value, p and K in the formula are calculated each time in the updating process_IPH、K_IPN、a_HNAnd a_NNAre all their current latest values;

G. judging whether the current value of G is equal to N-1, if not, adopting the sum of the current value of G plus 1 to update the value of G, returning to the step F to carry out next updating, if so, judging whether the current value of G is equal to N-1, if not, adopting the difference of the current value of H minus 1 to update the value of H, returning to the step D to carry out next updating, if so, ending the updating again, and entering the step ⑦;

⑦ after the first N-1 update and the second N-1 update in steps ⑤ and ⑥, the orthogonal confusion matrix O obtained at this time is represented by equation (3):

⑧ the encryption process ends.

The decryption process specifically comprises the following steps:

① when a user of the chip needs to decrypt one or several hardware IP cores in the chip authorized by the chip manufacturer, the user inputs the 128-bit binary key of the chip provided by the chip manufacturer into the chip, the 1 st bit to the 16 th bit of the 128-bit binary key are configuration bits of the chip manufacturer, wherein the 1 st bit to the 4 th bit are all 0, the 6 th bit binary data composed of the 5 th bit to the 10 th bit is the number of the hardware IP cores authorized by the chip manufacturer, the 11 th bit isThe 16 th bit is a word length bit, the 6-bit binary data composed of the 11 th bit to the 16 th bit is a word length bit data, the word length bit data is denoted as W, and the value of W satisfies the condition: (N +1) × W is less than or equal to 112, the 17 th bit to the 128 th bit of the 128-bit binary key are set as chip manufacturer secret key positions, binary data selection is carried out from the 17 th bit of the 128-bit binary key according to the rule of once selecting every W-bit binary data until N + 1W-bit binary data are selected, and the W-bit binary data selected at the f-th time is recorded as k_fAnd f is 1, 2, …, N +1, and a matrix is constructed by adopting the selected N + 1W-bit binary numbers, and the matrix is K_user，K_userExpressed by formula (4):

K_user＝[k₁,k₂,…,k_N,k_N+1]^T(4)

wherein, the superscript T in the formula (4) represents the transposition of the matrix;

② calculation of O and K_userAnd (3) recording the calculated matrix as P, wherein the matrix P is expressed by an equation (5):

in the formula (5), p_sThe element representing the s-th row in the matrix P, s ═ 1, 2, …, N;

③ determination of p_sAnd if not, unlocking the s-th hardware IP core incorrectly, wherein the s-th hardware IP core is not authorized by the chip manufacturer and is not unlocked.

Compared with the prior art, the invention has the advantages that the invention updates the preset feature vector in the hardware IP core by introducing the embedded multi-port physical unclonable function in the encryption process, then encrypts each hardware IP core respectively after constructing the orthogonal confusion matrix based on the updated feature vector, when the chip user decrypts the authorized hardware IP core of the chip manufacturer, the chip user inputs the 128-bit binary key of the chip provided by the chip manufacturer, when the input 128-bit binary key is matched with the decryption key of the authorized hardware IP core, the unlocking of the hardware IP cores can be realized, thereby the invention can independently protect each hardware IP core in the chip, avoid the independent hardware IP cores in the chip from being attacked by the side channel attack, the chip probe and other modes, and has good flexibility, and the protective performance is high.

Detailed Description

The present invention will be described in further detail with reference to examples.

Example (b): a chip key management method with a plurality of hardware IP cores comprises an encryption process and a decryption process, wherein each hardware IP core is respectively encrypted in the encryption process, and each hardware IP core is respectively decrypted in the decryption process;

the encryption process specifically comprises the following steps:

①, acquiring the total number of hardware IP cores in the chip, recording the total number as N, wherein N is an integer less than or equal to 50, sorting the N hardware IP cores according to the weight of each hardware IP core set by a hardware IP core designer from large to small, wherein the 1 st hardware IP core is the hardware IP core with the largest weight, the 2 nd hardware IP core is the hardware IP core with the second largest weight, and so on, the Nth hardware IP core is the hardware IP core with the smallest weight, and recording the serial number of the ith hardware IP core as IPi, i is 1, 2, …, N;

② presetting a feature vector in each hardware IP core, each feature vector comprises N-1 binary numbers of 8 bits, and recording the feature vector preset in the ith hardware IP core as K_IPi，K_IPi＝[a_i1a_i2…a_i(N-2)a_i(N-1)]Wherein a is_ijFor the preset characteristic vector K in the ith hardware IP core_IPiThe j-th 8-bit binary number, j is 1, 2, …, N-1;

③ embedding a multi-port physically unclonable function in a chip, the multi-port physically unclonable function providing 2N 8-bit binary numbers, providing 2N 8-bit binary numbers using the multi-port physically unclonable function, and embedding the multi-port physically unclonable function in the chip2N 8-bit binary numbers provided by the unclonable function are randomly and equally divided into N groups of 8-bit binary numbers, each group of 8-bit binary numbers respectively comprise two 8-bit binary numbers, and two 8-bit binary numbers in the i-th group of 8-bit binary numbers are respectively marked as e_i1And e_i2；

Respectively updating the feature vectors preset in the 1 st to Nth hardware IP cores, wherein the specific mode is as follows: adding two 8-bit binary numbers in the ith group of 8-bit binary numbers to the feature vector K of the ith hardware IP core_IPiIn, to K_IPiUpdating, the updated K_IPiExpressed by formula (1):

K_IPi＝[a_i1a_i2…a_i(N-2)a_i(N-1)e_i1e_i2](1)

④, constructing an orthogonal confusion matrix by using the current feature vectors of the 1 st to Nth hardware IP cores, and marking the orthogonal confusion matrix as O, wherein the orthogonal confusion matrix O is expressed by adopting an expression (2):

⑤ set K_IPiIs denoted as K'_IPiSetting fixed point number, and recording the fixed point number as p, to K'_IPiAnd the orthogonal confusion matrix O is respectively and sequentially updated for the first time, the first updating process comprises N-1 rounds, and the method specifically comprises the following steps:

s1, setting a first updating round variable and recording the first updating round variable as T;

s2, setting an updating frequency variable and recording the updating frequency variable as t;

s3, carrying out initialization assignment on T, and enabling T to be 1;

s4, initializing T, and enabling T to be T;

s5, entering into the Tth round and the T-th update: using the formula p ═ a_(t+1)1÷a₁₁Updating the fixed point number p for the t time, reserving two decimal places for the obtained p, and then adopting a formula K'_IP(t+1)＝K_IP(t+1)-K_IP1X p to K'_IP(t+1)Updating for the t 'th time, adopting K'_IP(t+1)Updated value pair K_IP(t+1)Is updated, and then the orthogonal confusion matrix O is updated again to ensure that K is in the orthogonal confusion matrix O_IP(t+1)Is the latest value, p and K are calculated each time in the updating process_IP(t+1)、K_IP1、a_(t+1)1And a₁₁All the values of (A) are the current latest values;

s6, judging whether the current value of T is equal to N-1, if not, adopting the sum of the current value of T plus 1 to update the value of T, returning to the step S5 to carry out the next update, if so, judging whether the current value of T is equal to N-1, if not, adopting the sum of the current value of T plus 1 to update the value of T, returning to the step S4 to carry out the next update, if so, ending the first update, and entering the step ⑥.

⑥ to K'_IPiAnd respectively and sequentially updating the orthogonal confusion matrix O again, wherein the updating process comprises N-1 rounds, and the specific steps are as follows:

A. setting a re-updating round variable, marking the re-updating round variable as G, and setting an intermediate parameter H;

B. setting an updating frequency variable and recording the updating frequency variable as g;

C. carrying out initialization assignment on H, and enabling H to be N-1;

D. assigning G, and enabling G to be N-H;

E. initializing G rows, and enabling G to be G;

F. entering the G-th update of the G-th round:

using the formula p ═ a_HN÷a_NNUpdating the fixed point number p, keeping two decimal places for p, and adopting a formula K'_IPH＝K_IPH-K_IPNX p to K'_IPHUpdating is carried out, K 'is adopted'_IPHUpdated value pair K_IPHUpdating the orthogonal confusion matrix O to K_IPHIs the latest value, p and K in the formula are calculated each time in the updating process_IPH、K_IPN、a_HNAnd a_NNAre all their current latest values;

G. judging whether the current value of G is equal to N-1, if not, adopting the sum of the current value of G plus 1 to update the value of G, returning to the step F to carry out next updating, if so, judging whether the current value of G is equal to N-1, if not, adopting the difference of the current value of H minus 1 to update the value of H, returning to the step D to carry out next updating, if so, ending the updating again, and entering the step ⑦;

⑦ after the first N-1 update and the second N-1 update in steps ⑤ and ⑥, the orthogonal confusion matrix O obtained at this time is represented by equation (3):

⑧ the encryption process ends.

The decryption process specifically comprises the following steps:

① when a chip user needs to decrypt one or several hardware IP cores in the chip authorized by the chip manufacturer, the chip user inputs the 128 bit binary key of the chip provided by the chip manufacturer into the chip, the 1 st bit to the 16 th bit of the 128 bit binary key are configuration bits of the chip manufacturer, wherein the 1 st bit to the 4 th bit are all 0, the 6 bit binary data formed by the 5 th bit to the 10 th bit is the number of the hardware IP cores authorized by the chip manufacturer, the 11 th bit to the 16 th bit are word length bits, the 6 bit binary data formed by the 11 th bit to the 16 th bit is word length data, the value of the word length data is marked as W, the value of the W satisfies the conditions that (N +1) W is not more than 112, the 17 th bit to the 128 th bit of the 128 bit binary key are set as the chip manufacturer key, the binary data is selected once from the 17 th bit of the 128 bit binary key according to the rule of binary data selection once per W bit until the binary data with N + 1W is selected, the f bit of the binary data is marked as k_fAnd f is 1, 2, …, N +1, and a matrix is constructed by adopting the selected N + 1W-bit binary numbers, and the matrix is K_user，K_userExpressed by formula (4):

K_user＝[k₁,k₂,…,k_N,k_N+1]^T(4)

wherein, the superscript T in the formula (4) represents the transposition of the matrix;

② calculation of O and K_userAnd (3) recording the calculated matrix as P, wherein the matrix P is expressed by an equation (5):

in the formula (5), p_sThe element representing the s-th row in the matrix P, s ═ 1, 2, …, N;

③ determination of p_sAnd if not, unlocking the s-th hardware IP core incorrectly, wherein the s-th hardware IP core is not authorized by the chip manufacturer and is not unlocked.

Claims (1)

1. A chip key management method with a plurality of hardware IP cores comprises an encryption process and a decryption process, and is characterized in that each hardware IP core is respectively encrypted in the encryption process, and each hardware IP core is respectively decrypted in the decryption process;

the encryption process specifically comprises the following steps:

①, acquiring the total number of hardware IP cores in the chip, recording the total number as N, wherein N is an integer less than or equal to 50, sorting the N hardware IP cores according to the weight of each hardware IP core set by a hardware IP core designer from large to small, wherein the 1 st hardware IP core is the hardware IP core with the largest weight, the 2 nd hardware IP core is the hardware IP core with the second largest weight, and so on, the Nth hardware IP core is the hardware IP core with the smallest weight, and recording the serial number of the ith hardware IP core as IPi, i is 1, 2, …, N;

② presetting a feature vector in each hardware IP core, each feature vector comprises N-1 binary numbers of 8 bits, and recording the feature vector preset in the ith hardware IP core as K_IPi，K_IPi＝[a_i1a_i2…a_i(N-2)a_i(N-1)]Wherein a is_ijFor the preset characteristic vector K in the ith hardware IP core_IPiThe j-th 8-bit binary number, j is 1, 2, …, N-1;

③ embedding a multi-port physical unclonable function in a chip, wherein the multi-port physical unclonable function is used for providing 2N 8-bit binary numbers, the 2N 8-bit binary numbers provided by the multi-port physical unclonable function are randomly divided into N groups of 8-bit binary numbers, each group of 8-bit binary numbers respectively comprises two 8-bit binary numbers, and the two 8-bit binary numbers in the i-th group of 8-bit binary numbers are respectively marked as e_i1And e_i2；

Respectively updating the feature vectors preset in the 1 st to Nth hardware IP cores, wherein the specific mode is as follows: adding two 8-bit binary numbers in the ith group of 8-bit binary numbers to the feature vector K of the ith hardware IP core_IPiIn, to K_IPiUpdating, the updated K_IPiExpressed by formula (1):

K_IPi＝[a_i1a_i2…a_i(N-2)a_i(N-1)e_i1e_i2](1)

④, constructing an orthogonal confusion matrix by using the current feature vectors of the 1 st to Nth hardware IP cores, and marking the orthogonal confusion matrix as O, wherein the orthogonal confusion matrix O is expressed by adopting an expression (2):

⑤ set K_IPiIs denoted as K'_IPiSetting fixed point number, and recording the fixed point number as p, to K'_IPiAnd the orthogonal confusion matrix O is respectively and sequentially updated for the first time, the first updating process comprises N-1 rounds, and the method specifically comprises the following steps:

s1, setting a first updating round variable and recording the first updating round variable as T;

s2, setting an updating frequency variable and recording the updating frequency variable as t;

s3, carrying out initialization assignment on T, and enabling T to be 1;

s4, initializing T, and enabling T to be T;

s5, entering into the Tth round and the T-th update: using the formula p ═ a_(t+1)1÷a₁₁Updating the fixed point number p for the t time, reserving two decimal places for the obtained p, and then adopting a formula K'_IP(t+1)＝K_IP(t+1)-K_IP1X p to K'_IP(t+1)Updating for the t 'th time, adopting K'_IP(t+1)Updated value pair K_IP(t+1)Is updated, and then the orthogonal confusion matrix O is updated again to ensure that K is in the orthogonal confusion matrix O_IP(t+1)Is the latest value, p and K are calculated each time in the updating process_IP(t+1)、K_IP1、a_(t+1)1And a₁₁All the values of (A) are the current latest values;

s6, judging whether the current value of T is equal to N-1, if not, adopting the sum of the current value of T plus 1 to update the value of T, returning to the step S5 to carry out the next update, if so, judging whether the current value of T is equal to N-1, if not, adopting the sum of the current value of T plus 1 to update the value of T, returning to the step S4 to carry out the next update, if so, ending the first update, and entering the step ⑥.

⑥ to K'_IPiAnd respectively and sequentially updating the orthogonal confusion matrix O again, wherein the updating process comprises N-1 rounds, and the specific steps are as follows:

A. setting a re-updating round variable, marking the re-updating round variable as G, and setting an intermediate parameter H;

B. setting an updating frequency variable and recording the updating frequency variable as g;

C. carrying out initialization assignment on H, and enabling H to be N-1;

D. assigning G, and enabling G to be N-H;

E. initializing G rows, and enabling G to be G;

F. entering the G-th update of the G-th round:

using the formula p ═ a_HN÷a_NNUpdating the fixed point number p, keeping two decimal places for p, and adopting a formula K'_IPH＝K_IPH-K_IPNX p to K'_IPHUpdating is carried out, K 'is adopted'_IPHUpdated value pair K_IPHUpdating the orthogonal confusion matrix O to K_IPHIs the most importantNew value, p, K in formula at each calculation in the updating process_IPH、K_IPN、a_HNAnd a_NNAre all their current latest values;

G. judging whether the current value of G is equal to N-1, if not, adopting the sum of the current value of G plus 1 to update the value of G, returning to the step F to carry out next updating, if so, judging whether the current value of G is equal to N-1, if not, adopting the difference of the current value of H minus 1 to update the value of H, returning to the step D to carry out next updating, if so, ending the updating again, and entering the step ⑦;

⑦ after the first N-1 update and the second N-1 update in steps ⑤ and ⑥, the orthogonal confusion matrix O obtained at this time is represented by equation (3):

⑧ the encryption process ends.

The decryption process specifically comprises the following steps:

① when a chip user needs to decrypt one or several hardware IP cores in the chip authorized by the chip manufacturer, the chip user inputs the 128 bit binary key of the chip provided by the chip manufacturer into the chip, the 1 st bit to the 16 th bit of the 128 bit binary key are configuration bits of the chip manufacturer, wherein the 1 st bit to the 4 th bit are all 0, the 6 bit binary data formed by the 5 th bit to the 10 th bit is the number of the hardware IP cores authorized by the chip manufacturer, the 11 th bit to the 16 th bit are word length bits, the 6 bit binary data formed by the 11 th bit to the 16 th bit is word length data, the value of the word length data is marked as W, the value of the W satisfies the conditions that (N +1) W is not more than 112, the 17 th bit to the 128 th bit of the 128 bit binary key are set as the chip manufacturer key, the binary data is selected once from the 17 th bit of the 128 bit binary key according to the rule of binary data selection once per W bit until the binary data with N + 1W is selected, the f bit of the binary data is marked as k_fAnd f is 1, 2, …, N +1, and a matrix is constructed by adopting the selected N + 1W-bit binary numbers, and the matrix is K_user，K_userExpressed by formula (4):

K_user＝[k₁,k₂,…,k_N,k_N+1]^T(4)

wherein, the superscript T in the formula (4) represents the transposition of the matrix;

② calculation of O and K_userAnd (3) recording the calculated matrix as P, wherein the matrix P is expressed by an equation (5):

in the formula (5), p_sThe element representing the s-th row in the matrix P, s ═ 1, 2, …, N;

③ determination of p_sAnd if not, unlocking the s-th hardware IP core incorrectly, wherein the s-th hardware IP core is not authorized by the chip manufacturer and is not unlocked.