| CPC G06F 11/261 (2013.01) [G06F 11/277 (2013.01)] | 6 Claims |
|
1. A high-spatial-accuracy electromagnetic fault injection method for a cryptographic chip, being used for a safety test of the cryptographic chip, comprising the following steps:
inputting a plaintext into a cryptographic chip to be tested to obtain a first ciphertext output by the cryptographic chip to be tested;
selecting a target bit in the first ciphertext;
determining sensitive position data capable of inverting a value of the target bit, wherein the sensitive position data are three-dimensional coordinates of placing the electromagnetic probe as well as a horizontal angle with the cryptographic chip to be tested when the electromagnetic probe is placed;
setting the electromagnetic probe according to the sensitive position data, transmitting an electromagnetic pulse to the cryptographic chip to be tested, obtaining a second ciphertext output by the cryptographic chip to be tested, and monitoring the value of the target bit;
entering a next step if the value of the target bit is inverted, and re-determining the sensitive position data if the value of the target bit is not inverted;
saving a data vector comprising the first ciphertext and the second ciphertext, changing the plaintext input, selecting a next target bit, repeating all the above operations, and entering a next step if each bit in the second ciphertext has been traversed; and
analyzing the saved data vector by a differential fault analysis algorithm and cracking key information of the cryptographic chip to be tested to complete the safety test of the cryptographic chip;
wherein before the step of inputting the plaintext into the cryptographic chip to be tested to obtain the first ciphertext output by the cryptographic chip to be tested, the method further comprises:
preparing an electromagnetic fault injection experimental apparatus specifically comprising an upper computer, an electromagnetic pulse generator, an electromagnetic probe, an XYZ-direction three-axis displacement platform and the cryptographic chip to be tested, wherein the upper computer is configured to control and operate each device in the electromagnetic fault injection experimental apparatus and use a serial port to communicate with the cryptographic chip to be tested, the pulse generator is configured to generate an electromagnetic pulse signal, the electromagnetic probe is configured to generate a high-voltage transient electromagnetic field, and the XYZ-direction three-axis displacement platform is configured to adjust relative positions of the electromagnetic probe and the cryptographic chip to be tested; and
fixing the cryptographic chip to be tested on the XYZ-direction three-axis displacement platform;
wherein a method for confirming X and Y coordinates of the three-dimensional coordinates of placing the electromagnetic probe comprises:
performing gridding division on the cryptographic chip to be tested, and taking each bit in the ciphertext at each grid as a target to perform the following operations:
setting the coordinates of the current grid as (X, Y), placing the electromagnetic probe at a position with a height H (H>0) above the grid, transmitting the electromagnetic pulse to the cryptographic chip to be tested at the same angle, repeating the transmitting process several times, and counting the number of times of inversion only occurring on the value of the target bit after each transmission;
calculating the probability P1 of inversion of the value of the target bit according to the number of times of inversion; and
determining that the X and Y values of the coordinates of the current grid are X and Y coordinate values of the sensitive position data of the target bit if the probability P1 is greater than a preset value P10, otherwise, performing the operation of the two steps of setting the coordinates of the current grid and calculating the probability P1 on a next grid until determining the X and Y coordinate values of the sensitive position data corresponding to each bit in the ciphertext.
|