【作者】 张亮；

【导师】 邹雪城； 戴葵；

【作者基本信息】 华中科技大学 ， 软件工程， 2015， 硕士

【摘要】 近年来,随着互联网的飞速发展,移动终端设备的广泛使用,人们越来越关注网络安全和信息安全问题。作为防护网络资源的第一道关口,身份认证对信息系统的安全保护具有重要意义。因此,身份认证系统尤其是密码芯片往往成为攻击目标,而攻击手段和方式更是层出不穷,常见的有包括旁路攻击、错误注入等在内的非破坏性攻击和包括反向工程、微探测攻击等在内的破坏性攻击。为此,本文设计了一种安全身份认证芯片,提出了安全的身份认证芯片的体系结构,从理论上证明了芯片的安全性,完成了基于AES的加密内核设计与实现,并采取多种抗攻击措施进行安全防护。基于随机时钟的功耗平衡技术实现了时钟扰乱,使得外部探测到的功耗平滑化,从而抵御了一般的旁路攻击;基于延时的硅物理不可克隆函数PUF通过提取芯片制造过程中产生的差异,可以形成金属保护网以抵御物理攻击,并解决敏感信息的存储问题;基于一次性口令认证技术OTP通过加入不确定因素,提高了认证的安全性。芯片采用标准的ASIC设计流程,基于HJTC 0.18um、3.3V工艺,规模为3万6千逻辑门,平均功耗为1.8mW,在FOUNDRY制成后送到甘肃天水进行封装,采用SSOP20L(0.65-D1.5)封装;同时并搭建了基于ATmega1280单片机的测试平台,对样片进行了完整的性能测试。测试结果表明芯片达到了预期的设计目标,身份认证方案安全性较高,应用场合更加广泛。更多还原

【Abstract】 Nowadays with the rapid development of the internet and the widespread use of mobile terminal devices, people pay more attention to the problem of information security. As the first pass protection of network assets, identity authentication has important significance for the security of information system. Therefore, the identity authentication system, especially the password chip, often becomes the target of different kinds of attack like non-destructive attacks which includes Side Channel Attacks, and Error Injection Attacks and destructive attacks which includes Reverse Engineering attacks and micro-probing attacks, etc.Because of this, a security authentication chip is designed and a system structure of safety authentication chip is proposed. In this paper, the safety of the chip is proved, and the design and realization of encryption kernel based on AES has also been completed by using various kinds of measures for safety protection against attack. Power balance technology based on random clock can disturb the clock and make the power consumption detected by external smooth, therefore resisting the commonly Side Channel Attacks; Silicon Physical Unclonable Functions based on delay cell mainly utilizes the inevitable differences in chip manufacturing process to solve the problem of sensitive information storage, and they can use a protective metal meshes to resist physical anatomy; The one-time password authentication technology can effectively improve the security of authentication by adding uncertainty.This chip is designed by the standard design flow of ASIC using HJTC 0.18μm. It has 36000 logic gates and the average power dissipation is 1.8mW with 3.3V supply voltage. This chip is implemented in FOUNDRY and then sent to the Gansu Tianshui company for package, the package is SSOP20L(0.65-D1.5). Moreover, the test platform based on ATmega1280 single chip microcomputer is built to test the samples. The measured results of samples test verify that the chip has achieved the expected demand, with its high security identity authentication scheme, application is more extensive.更多还原