防安全芯片中私钥泄露的硬件木马防御研究

项目名称： 防安全芯片中私钥泄露的硬件木马防御研究

项目编号： No.61202481

项目类型： 青年科学基金项目

立项/批准年度： 2013

项目学科： 计算机科学学科

项目作者： 童元满

作者单位： 中国人民解放军国防科学技术大学

项目金额： 24万元

中文摘要： 硬件木马会对信息生态系统构成致命安全威胁，且芯片被植入木马的风险也逐渐提高。针对木马检测无法保证100%检出率，率先提出能容忍隐藏木马的安全芯片中私钥保护这一重要研究命题，从基础理论与物理实现两个角度重点研究5大关键科学问题：研究基于私钥传输网络的私钥泄露风险分析问题，确定所有可能导致私钥泄露的安全漏洞；以WDDL行波流水为基础，利用其旁路信息的良好可鉴别性，研究无参考芯片情况下关键数据通路的高分辨率指纹产生与运行时自验证问题；研究基于关键部件行为模式与传输通路PUF的物理签名与认证问题；研究私钥作用范围锁定与防扩散问题，形成以PUF物理加解密、数据通路实时指纹校验、制造极限数据流量为核心的解决方案；研究安全加固电路自保护问题，基于强冗余高加扰方式提高其生存能力，采用逻辑电路与安全规则物理实现时分离运行时耦合的原则隐藏设计意图。在一定合理化假设前提下，实现可形式化证明的防私钥泄漏安全目标。

中文关键词： 硬件木马；反熔丝；数据加密；合法性鉴别；

英文摘要： Hardware trojan becomes the fatal threat to current information ecosystem. The risk of implanting hardware trojan in largely manufactured chips is increasing because of the globalization trend of ASIC manufacture. Since it is impossible to achieve 100% detection, this project firstly presents the research topic to prevent private key leakage with the hidden torjan tolerant ability in secure chip. From the point view of basic theory and physical implementation, five key problems are chosen to be studied. According to the private key transmission network, the leakage risk is formally and fully analyzed. Based on WDDL (Wave Dynamic Differential Logic) wave-pipeline technique, high resolution fingerprint with self-reference ability and runtime dynamic authentication of key data path is researched. Using the behavior model of involved block and transmission channel PUF (physically unclonable function), physical signature and authentication of a block is researched. For the private key impact scope locking and scatter preventing, PUF based physical cryptography, key data path fingerprint authentication, and ultra-large data flow generation are proposed to achieve this target. To protect the security enhancement circuit, high redundancy and obfuscation based scheme is proposed to improve the viability. And the logical

英文关键词： Hardware Trojan；anti fuse；data encryption；authentication；