CN103916243A - Dynamic encryption method and encryption system of controller - Google Patents
Dynamic encryption method and encryption system of controller Download PDFInfo
- Publication number
- CN103916243A CN103916243A CN201210591224.5A CN201210591224A CN103916243A CN 103916243 A CN103916243 A CN 103916243A CN 201210591224 A CN201210591224 A CN 201210591224A CN 103916243 A CN103916243 A CN 103916243A
- Authority
- CN
- China
- Prior art keywords
- controller
- count value
- current count
- dynamic
- key
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Abstract
The invention discloses a dynamic encryption method of a controller. The method includes the following steps: the controller begins to work and starts counting; the controller receives an external access request sent by a request device; the controller stores a current count number and sends the current count number to the request device and at the same time, the controller continues to count; the request device generates an input key according to an encryption algorithm stored by the request device and the current count number; the controller verifies an input key according to an encryption algorithm saved by the controller and the current count number; and if the controller passes the verification of the input key, the controller dismisses self protection. The dynamic encryption method of the controller realizes dynamic change of the key with the change of a counting time through the count number so that an external matching key changes with time and thus the method has the advantages of being high in protection strength and capable of ensuring effectively the security of the controller and preventing crack. The invention also proposes a dynamic encryption system of the controller.
Description
Technical field
The present invention relates to controller encipherment protection technical field, particularly a kind of dynamic encrypting method of controller and encryption system.
Background technology
At current MCU(Micro Controller Unit, micro-control unit) series of products memory bank encrypt or memory bank protection field in, utilize the form that key mechanism is protected to be widely used.Its implementation has: MCU hardware logic design fixed key value; or the program curing in MCU in memory bank comprises key value; after hardware logic or software algorithm program match, remove MCU encrypted state or guard mode at outside Input matching key and internal key.The method can realize for every money MCU chip or different application scenarios, has unique external key to provide.External key only can obtain this MCU legal authorization side, and third party will not provide, and prophylactic procedures is cracked, and effectively stops copy right piracy, reaches the object of product protection.Above-mentioned key implementation, its MCU internal key is by internal key value curing in hardware designs, or exists programmed value in read-only memory bank to determine, it is fixing after MCU global design completes, and has uniqueness.For meeting and the mating of internal key, when prior art utilizes key mechanism to realize MCU protection, the coupling key of outside input, in time with MCU work variation and change, does not have stationarity, uniqueness.
In existing scheme this uniqueness not in time or the operation of MCU and changing, no matter when or MCU whether in work, the value of external key always immobilizes.This causes the unification of MCU cryptographic key protection, very likely utilizes in time and successively attempts or exhaustive method, unique key is cracked, thereby cause program to be leaked, and product development person is caused to very big loss.
Summary of the invention
Object of the present invention is intended at least solve one of described technological deficiency.
For this reason, one object of the present invention is to propose the dynamic encrypting method at a kind of controller, and the method has overcome the deficiency of traditional secrete key protection stationarity and uniqueness, concept of time is mapped on hardware counter, thereby realizes the dynamic key that changes.
Another object of the present invention is to propose a kind of dynamic ciphering system of controller.
For reaching above-mentioned purpose, the embodiment of a first aspect of the present invention has proposed a kind of dynamic encrypting method of controller, comprises the following steps: controller is started working and started counting; Controller receives the external reference request that request unit sends; Described controller storage current count value is also sent to described request device by described current count value, and simultaneously described controller continues counting; Described request device generates input key according to the cryptographic algorithm of described request device self storage and described current count value; Described controller is verified described input key according to cryptographic algorithm and the described current count value of described controller self storage; And if described controller is by the checking that described input key is passed through, described controller remove himself protection.
According to the dynamic encrypting method of the controller of the embodiment of the present invention, realizing key by count value changes with the variation of gate time dynamically, make outside coupling key temporal evolution, there is changeability, and the processing sequence of the cryptographic calculation logic of hardware designs changes with the variation of count value simultaneously, there is changeability, thereby improve the fail safe of encrypting.In addition, low, the protection of the method cost grows exponentially.
The embodiment of second aspect present invention has proposed a kind of dynamic ciphering system of controller, comprise: controller and request unit, wherein, described controller starts counting after starting, and after receiving external reference request, storage current count value is also sent to described request device by described current count value, and continue to count, and according to the cryptographic algorithm of described controller self storage and described current count value, input key is verified, and after described controller passes through the checking of described input key, remove the protection of himself, described request device is for sending external reference request to described controller, and after receiving the described current count value sending from described controller, generate described input key according to cryptographic algorithm and the described current count value of described request device self storage.
According to the dynamic ciphering system of the controller of the embodiment of the present invention; realizing key by count value changes with the variation of gate time dynamically; make outside coupling key temporal evolution; there is changeability; and the processing sequence of the cryptographic calculation logic of hardware designs changes with the variation of count value simultaneously; have changeability, thereby improve the fail safe of encrypting, protection is strong.
The aspect that the present invention is additional and advantage in the following description part provide, and part will become obviously from the following description, or recognize by practice of the present invention.
Brief description of the drawings
Of the present invention and/or additional aspect and advantage will become obviously and easily from the following description of the accompanying drawings of embodiments to be understood, wherein:
Fig. 1 is according to the flow chart of the dynamic encrypting method of the controller of the embodiment of the present invention;
Fig. 2 is according to the interface schematic diagram of the dynamic key logic of the controller of the embodiment of the present invention;
Fig. 3 is according to the schematic diagram of the dynamic encrypting method of the controller of the embodiment of the present invention;
Fig. 4 is the concrete process chart according to the dynamic encrypting method of the controller of the embodiment of the present invention; And
Fig. 5 is the schematic diagram of the dynamic ciphering system of controller according to an embodiment of the invention.
Embodiment
Describe embodiments of the invention below in detail, the example of described embodiment is shown in the drawings, and wherein same or similar label represents same or similar element or has the element of identical or similar functions from start to finish.Be exemplary below by the embodiment being described with reference to the drawings, only for explaining the present invention, and can not be interpreted as limitation of the present invention.
Disclosing below provides many different embodiment or example to be used for realizing different structure of the present invention.Of the present invention open in order to simplify, hereinafter the parts to specific examples and setting are described.Certainly, they are only example, and object does not lie in restriction the present invention.In addition, the present invention can be in different examples repeat reference numerals and/or letter.This repetition is in order to simplify and object clearly, itself do not indicate the relation between discussed various embodiment and/or setting.In addition, the various specific technique the invention provides and the example of material, but those of ordinary skill in the art can recognize the property of can be applicable to of other techniques and/or the use of other materials.In addition, First Characteristic described below Second Characteristic it " on " structure can comprise that the first and second Characteristics creations are the direct embodiment of contact, also can comprise the embodiment of other Characteristics creation between the first and second features, such the first and second features may not be direct contacts.
In description of the invention, it should be noted that, unless otherwise prescribed and limit, term " installation ", " being connected ", " connection " should be interpreted broadly, for example, can be mechanical connection or electrical connection, also can be the connection of two element internals, can be to be directly connected, and also can indirectly be connected by intermediary, for the ordinary skill in the art, can understand as the case may be the concrete meaning of above-mentioned term.
With reference to description and accompanying drawing below, these and other aspects of embodiments of the invention will be known.In these descriptions and accompanying drawing, specifically disclose some specific implementations in embodiments of the invention, represent some modes of the principle of implementing embodiments of the invention, but should be appreciated that the scope of embodiments of the invention is not limited.On the contrary, embodiments of the invention comprise all changes, amendment and the equivalent within the scope of spirit and the intension that falls into additional claims.
Below with reference to accompanying drawing, encryption method and the encryption system of the controller proposing according to the embodiment of the present invention are described.
Fig. 1 shows the flow process of the encryption method of the controller of embodiment of the present invention proposition, in its middle controller, there is tally function, tally function can be realized by software, also can be realized by the hardware counter being integrated in controller, in an example of the present invention, be chosen as 32 hardware counters and count.Be understandable that, only for illustrative purposes, the embodiment of the present invention is not limited to this to the figure place of described counter.Figure place is more, and key is more complicated.The flow process of the encryption method of the controller that the embodiment of the present invention proposes has cooperated jointly by multiple executive agents of the dynamic key logic shown in Fig. 2.
Particularly, multiple executive agents comprise: protection counter, latch, arithmetic and logical unit.Above-mentioned modules and controller and external reference request unit carry out information interaction, so that the key of external reference request unit input is mated to checking with latched value, thereby complete the ciphering process of controller.
Step S101: controller is started working and started counting.
Step S102: controller receives the external reference request that request unit sends.
Wherein, controller can be MCU, when MCU normally starts work; counter is synchronizeed and is started with controller; be that count value is synchronizeed and started with controller, that is to say, in the time that controller starts; counter starts counting; and the counting clock of count value is synchronizeed and started with described controller, particularly, hardware protection counter starts to count from original upload value INIT_NUM according to the master clock MCLK of MCU; master clock MCLK can not carry out gate, and MCU could allow external request after normally starting a period of time.When MCU normally started after a period of time, when external reference request unit sends access request, MCU receives access request mark, and now MCU receives the external reference request EXT_REQ that request unit sends.
Step S103: controller storage current count value, and current count value is sent to request unit, continue counting with Time Controller.
Particularly; in the time that inter access request EXT_REQ is sent to MCU in outside, 32 protection counters are got currency, and this value CUR_VALUE1 is latched in 32 bit register LATCH_REG; if CUR_VALUE1 is 33 after calculating, gives up so highest order and realize count cycle.Hardware algorithm logic according in LATCH_REG 32 different 0 or 1, realize different hardware arithmetic logics.Wherein, in 32 figure places, each 0 or 1 all represent to close or open a kind of arithmetic logic based on CUR_VALUE1.Particularly, MCU is stored to the current count value CUR_VALUE1 of counter among latch, and current count value CUR_VALUE1 is sent to request unit.In addition, controller is sent into the value of current this hardware counter in the process of latch, still maintenance counting of this hardware counter while.
Step S104: request unit generates input key according to the cryptographic algorithm of request unit self storage and current count value.
Particularly, after execution of step S103, request unit generates input key according to the cryptographic algorithm of request unit self storage and count value CUR_VALUE1, and is input in arithmetic and logical unit.
Step S105: controller is verified input key according to the cryptographic algorithm of controller self storage and current count value.
Particularly, the cryptographic algorithm that MCU stores according to self and current count value CUR_VALUE1 verify input key.
Step S106: if controller passes through the checking to input key, controller is removed the protection of himself.
Particularly, after execution of step S105, after 32 coupling key MATCH_KEY of the outside input of MCU judgement match with the count value CUR_VALUE1 of latch before, MCU system is by de-preservation, and MCU internal repository can normally be accessed.
In one embodiment of the invention, also comprise: if controller judgement input key does not pass through checking, controller is reset to the current count value of counter.
Particularly, if when 32 coupling key MATCH_KEY of the outside input of MCU judgement do not mate with the count value CUR_VALUE1 of latch before, protection system will continue to stop the outside access to MCU.Because counter is all the time at counting, until access request is sent next time, protection logic continues current count value latch, and informs MCU outside, needs outside that another coupling key is provided.For this reason, after each false request, controller need to be reset to the current count value of counter.
In further embodiment of the present invention, controller is reset and is comprised current count value: after current count value and default prime number are added, as the current count value after resetting.Wherein, default prime number can be all the other all prime numbers except 2, and this prime number is that external user is unknowable.Particularly, for example this prime number is 7, counter heavily loaded RELOAD_VALUE after each false request is current latched value+7, and the solicited message of the last relevant access request of removing, wait for access request next time, do not continue on the basis of count value last time to continue counting, thereby effectively prevent from outsidely with fixed cycle circulation form, some or certain several fixing latched value being cracked.
Because having, prime number can not be removed 1 and the characteristic that divides exactly of number itself by any, so in the time adding a prime number on the basis in count value, this 32 digit counter write all over one take turns after (32 powers of 2) can upset outside original order that cracks, 4,8,12 effectively avoid each to take turns and in counting, fix that several count values crack or the multiple value of certain value cracks (for example:, such the cracking order and just cannot normally carry out after inside has added 7 of 16....).In this way, in the time informing outside occurrence at every turn, the coupling key at every turn needing will constantly change after the electrifying startup with MCU, for the counter of 32, total key reaches 32 powers of 2 in theory, and corresponding coupling key is also 32 powers of 2, changes in time, consider that in theory, for the cracking of each correct key, the difficulty that cracks of this dynamic key grows exponentially; Rolling counters forward value difference, the processing sequence of hardware encipher arithmetic logic also can change thereupon, ensures the dynamic characteristic of key.
In the time that inter access request EXT_REQ is sent to MCU again in outside; 32 protection counters are got currency; and this value CUR_VALUE2 is latched in 32 bit register LATCH_REG, if CUR_VALUE2 is 33 after calculating, gives up so highest order and realize count cycle.
Hardware algorithm logic according in LATCH_REG 32 different 0 or 1, realize different hardware arithmetic logics.32 figure places, each 0 or 1 all represents to close or open a kind of arithmetic logic based on CUR_VALUE2.
After input 32 coupling key MATCH_KEY in outside are correct, MCU system is by de-preservation; When after 32 coupling key MATCH_KEY mistakes of outside input, MCU system will keep guard mode; Heavy duty current count value RELOAD_VALU2, and the solicited message of the last relevant access request of removing, wait for access request next time.
So repeatedly, utilize counter and relevant protection arithmetic logic to realize the dynamic key that MCU is variable, without software program operation, effectively strengthen Key protection dynamics.
Below in conjunction with Fig. 3 and Fig. 4 with concrete example to being described according to the implementation procedure of the encryption method of controller of the present invention.
Fig. 3 shows the principle of the encryption method of the controller of embodiment of the present invention proposition, wherein, using MCLK as rolling counters forward clock, INIT_NUM is counter initial count value, latch LATCH_REG is for latch current count value and export to MCU outside, latched value and input key value are carried out matching judgment by arithmetic and logical unit, after it fails to match, counter will continue counting after automatic heavily loaded RELOAD_VALUE, RELOAD_VALUE=CUR_VALUE+7, crack for fixing several CUR_VALUE with fixed count interval and full count cycle for avoiding outside.
Fig. 4 shows the flow process of the concrete operations processing of the encryption method of the controller of the embodiment of the present invention.Wherein, invention implementation environment of the present invention and instrument are: design mode computer, EDA and FPGA implementation tool, verilog language, Windows XP and (SuSE) Linux OS.The principle that the flow process of concrete operations processing provides in conjunction with Fig. 3 is carried out the enforcement of the encryption method of controller.Concrete steps are:
Step S201, MCU starts.
Step S202, counter load initial value INIT_NUM.
After execution of step S201, i.e. after the normal startup of MCU, protection counter load initial count value, wherein, and load initial count value INIT_NUM, count value INIT_NUM is but is not limited to: 32`h2080_f0f0.
Step S203, rolling counters forward.
Particularly, after protection counter load initial count value, counter starts counting, and counting clock is MCLK.
Step S204, judges whether EXT_REQ puts 1, and, in the time that EXT_REQ puts 1, request unit sends external reference request to controller.If execution step S205, otherwise return to step S203.
Step S205, latch current count value.
Particularly, when the request of input external reference, i.e. EXT_REQ=1, current count value is 32`h3713_db14, and MCU is latched into current count value in latch LATCH_REG, and the value of CUR_VALUE is 32`h3713_db14.
Step S206, latched value output.
Particularly, after execution of step S205, current latched value CUR_VALUE is sent to request unit by MCU.
Step S207, according to latched value input key.
Particularly, request unit generates input key MATCH_KEY according to the cryptographic algorithm of request unit self storage and current latched value CUR_VALUE, and is input in arithmetic and logical unit.
Step S208, key computing.
Particularly, current latched value CUR_VALUE and input key value MATCH_KEY are carried out matching operation by arithmetic and logical unit.Wherein, the cryptographic algorithm of controller self can realize by cryptographic calculation unit as shown in Figure 5, the corresponding position that its example arithmetic logic is CUR_VALUE is carried out corresponding bit arithmetic with the corresponding position of INIT_NUM according to 0 or 1 of the corresponding position of CUR_VALUE, for example: CUR_VALUE=32`h3713_db14 now, and CUR_VALUE[31]=0, INIT_NUM=32`h2080_f0f0, can obtain CUR_VALUE[31 through tabling look-up so] corresponding position is the arithmetic logic of 0 o'clock, be MATCH_KEY[31]=CUR_VALUE[31] ^INIT_NUM[31], CUR_VALUE[30]=0, can obtain CUR_VALUE[30 through tabling look-up so] corresponding position is the arithmetic logic of 0 o'clock, be MATCH_KEY[30]=CUR_VALUE[30] ^INIT_NUM[30], CUR_VALUE[29]=1, can obtain CUR_VALUE[30 through tabling look-up so] corresponding position is the arithmetic logic of 1 o'clock, i.e. MATCH_KEY[29]=CUR_VALUE[29] ~ INIT_NUM[29], for negate computing, MATCH_KEY[x]=~ CUR_VALUE[x].Successively according to as table 1, computing draws: MATCH_KEY=32`h149133e0.
| The corresponding position of CUR_VALUE | Corresponding position is the arithmetic logic of 1 o'clock | Corresponding position is the arithmetic logic of 0 o'clock |
| 31 | + | ^ |
| 30 | - | ^ |
| 29 | ~ | ^ |
| 28 | | | ^ |
| 27 | & | ^ |
| 26 | ^ | ^ |
| 25 | ^~ | ^ |
| 24 | & | ^ |
| 23 | - | ^ |
| 22 | | | ^ |
| 21 | ^ | ^ |
| 20 | + | ^ |
| 19 | & | ^ |
| 18 | ^~ | ^ |
| 17 | ~ | ^ |
| 16 | | | ^ |
| 15 | ^ | ^ |
| 14 | + | ^ |
| 13 | ~ | ^ |
| 12 | & | ^ |
| 11 | ^~ | ^ |
| 10 | - | ^ |
| 9 | | | ^ |
| 8 | ^ | ^ |
| 7 | ~ | ^ |
| 6 | | | ^ |
| 5 | ^ | ^ |
| 4 | + | ^ |
| 3 | - | ^ |
| 2 | & | ^ |
| 1 | ^~ | ^ |
| 0 | ^ | ^ |
Table 1
Step S209, judges whether that the match is successful.If the match is successful, perform step S210, otherwise execution step S212.
Particularly, if input request key MATCH_KEY=32`h1491_33e0, system correct judgment coupling, performs step S210; If input request key MATCH_KEY=32`h1234_5469, but the real outside coupling key of system is MATCH_KEY=32`h1491_33e0, and system judges matching error, denied access, execution step S212.
Step S210, de-preservation.
Particularly, when system correct judgment coupling, MCU protects releasing.
Step S211, MCU can be by outside normal access.
After execution of step S210, i.e. MCU protection is removed, and now can normally access MCU internal repository.
Step S212, removes request flag last time.Particularly, when system judges matching error, after the request making a mistake, remove request flag last time.
Step S213, loads RELOAD_VALUE, and returns to step S203.
After execution of step S212, automatic heavily loaded RELOAD_VALUE=CUR_VALUE+7=32`h3713_db1b is to counter for controller protection logic, and returns to step S203, and counter continues to count from RELOAD_VALUE.
Particularly, when again sending access request EXT_REQ=1 to MCU, check that in LATCH_REG, CUR_VALUE value is 32`h4a60_2c44, INIT_NUM=32`h2080_f0f0, CUR_VALUE and INIT_NUM with carry out corresponding position according to 0 or 1 of the corresponding position of CUR_VALUE and carry out bit arithmetic, as above table 1 of bit arithmetic logic, CUR_VALUE[31] corresponding position is 0, i.e. MATCH_KEY[31]=CUR_VALUE[31] ^INIT_NUM[31]; CUR_VALUE[30] corresponding position is 1, i.e. MATCH_KEY[30]=CUR_VALUE[30]-INIT_NUM[30]; In like manner, MATCH_KEY[29]=CUR_VALUE[29] ^INIT_NUM[29]; According to table 1 computing, draw MATCH_KEY=32`h60e0_d4f0 successively.After input 32 coupling key MATCH_KEY in outside are correct, MCU system is by de-preservation; When after 32 coupling key MATCH_KEY mistakes of outside input, MCU system will keep guard mode; Heavy duty current count value RELOAD_VALUE, and the solicited message of the last relevant access request of removing, wait for access request next time.
So repeatedly, utilize counter and relevant protection arithmetic logic to realize the dynamic key that MCU is variable, without software program operation, effectively strengthen Key protection dynamics.
It is the encryption method of the controller of embodiment according to the present invention, realizing key by hardware counter changes with the variation of gate time dynamically, make outside coupling key temporal evolution, and the processing sequence of the cryptographic calculation logic of hardware designs changes with the variation of rolling counters forward simultaneously, has changeability.In addition, the method cost is low, protection grows exponentially, greatly the reinforcement of degree utilize the protection MCU memory bank access of key mechanism, more effectively prevented cracking based on key mechanism protection design MCU.
In addition, on this protection counter of design, can utilize existing logical circuit of counter in MCU (for example: multiplexing house dog logic) completely, without increasing additional counters, chip cost further be reduced.
Fig. 5 is the schematic diagram of the dynamic ciphering system of controller according to an embodiment of the invention.As shown in Figure 5, the dynamic ciphering system 500 of this controller comprises: controller 510 and request unit 520.Wherein, controller 510 starts counting after starting; and after receiving external reference request; storage current count value is also sent to request unit 520 by current count value; and continue to count; and according to the cryptographic algorithm of controller 510 self storage and current count value, input key is verified, and at controller 510 by after to the checking of input key, remove the protection of himself.Request unit 520 is for sending external reference request to controller 510, and after receiving the current count value that self-controller 510 sends, and generates input key according to cryptographic algorithm and the current count value of request unit 520 self storage.
Further, controller 510 also, for after judgement input key is not by checking, is reset to current count value.Particularly, the mode that controller 510 is reset to current count value is: after current count value and default prime number are added, as the current count value after resetting.In this example, this prime number is not 2.
In one embodiment of the invention, have tally function at controller 510, count value is synchronizeed startup with controller 510, that is to say, in starting controller 510, starts counting, and further, the counting clock of count value is synchronizeed startup with controller 510.In one embodiment of the invention, tally function can realize by the hardware counter being integrated in controller 510, for example, adopt 32 hardware counters.
It is the encryption system of the controller of embodiment according to the present invention, can realize key by hardware counter changes with the variation of gate time dynamically, make outside coupling key temporal evolution, and the processing sequence of the cryptographic calculation logic of hardware designs changes with the variation of rolling counters forward simultaneously, has changeability.Greatly the reinforcement of degree utilize the protection controller memory bank access of key mechanism, avoid controller to be cracked.
In the description of this specification, the description of reference term " embodiment ", " some embodiment ", " example ", " concrete example " or " some examples " etc. means to be contained at least one embodiment of the present invention or example in conjunction with specific features, structure, material or the feature of this embodiment or example description.In this manual, the schematic statement of described term is not necessarily referred to identical embodiment or example.And specific features, structure, material or the feature of description can be with suitable mode combination in any one or more embodiment or example.In the present invention, term " multiple " refers to two or more.
Although illustrated and described embodiments of the invention, for the ordinary skill in the art, be appreciated that without departing from the principles and spirit of the present invention and can carry out multiple variation, amendment, replacement and modification to these embodiment, scope of the present invention is by claims and be equal to and limit.
Claims (10)
1. a dynamic encrypting method for controller, is characterized in that, comprises the following steps:
Controller is started working and is started counting;
Controller receives the external reference request that request unit sends;
Described controller storage current count value is also sent to described request device by described current count value, and simultaneously described controller continues counting;
Described request device generates input key according to the cryptographic algorithm of described request device self storage and described current count value;
Described controller is verified described input key according to cryptographic algorithm and the described current count value of described controller self storage; And
If described controller is by the checking to described input key, described controller is removed the protection of himself.
2. the dynamic encrypting method of controller as claimed in claim 1, is characterized in that, described count value is synchronizeed and started with described controller.
3. the dynamic encrypting method of controller as claimed in claim 2, is characterized in that, the counting clock of described count value is synchronizeed and started with described controller.
4. the dynamic encrypting method of controller as claimed in claim 1, is characterized in that, also comprises:
If described controller judges that described input key is not by checking, described controller is reset to current count value.
5. the dynamic encrypting method of controller as claimed in claim 4, is characterized in that, the described step that current count value is reset, specifically comprises:
After described current count value and default prime number are added, as the current count value after resetting.
6. a dynamic ciphering system for controller, is characterized in that, comprising: controller and request unit, wherein,
Described controller starts counting after starting; and after receiving external reference request; storage current count value is also sent to described request device by described current count value; and continue to count; and according to the cryptographic algorithm of described controller self storage and described current count value, input key is verified; and after described controller passes through the checking of described input key, remove the protection of himself
Described request device is for sending external reference request to described controller, and after receiving the described current count value sending from described controller, generate described input key according to cryptographic algorithm and the described current count value of described request device self storage.
7. the dynamic ciphering system of controller as claimed in claim 6, is characterized in that, described count value is synchronizeed and started with described controller.
8. the dynamic ciphering system of controller as claimed in claim 7, is characterized in that, the counting clock of described count value is synchronizeed and started with described controller.
9. the dynamic ciphering system of controller as claimed in claim 6, is characterized in that, described controller also, for after judging that described input key is not by checking, is reset to current count value.
10. the dynamic ciphering system of controller as claimed in claim 9, is characterized in that, the mode that described controller is reset to current count value is:
After described current count value and default prime number are added, as the current count value after resetting.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210591224.5A CN103916243B (en) | 2012-12-30 | 2012-12-30 | The dynamic encrypting method and encryption system of a kind of controller |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210591224.5A CN103916243B (en) | 2012-12-30 | 2012-12-30 | The dynamic encrypting method and encryption system of a kind of controller |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN103916243A true CN103916243A (en) | 2014-07-09 |
| CN103916243B CN103916243B (en) | 2018-06-26 |
Family
ID=51041664
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201210591224.5A Active CN103916243B (en) | 2012-12-30 | 2012-12-30 | The dynamic encrypting method and encryption system of a kind of controller |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103916243B (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104202295A (en) * | 2014-07-25 | 2014-12-10 | 苏州寻息电子科技有限公司 | Beacon node based safeguard system and implementation method thereof |
| CN107215292A (en) * | 2017-07-31 | 2017-09-29 | 北京新能源汽车股份有限公司 | A kind of control method of vehicle control device, vehicle control device and automobile |
| CN110851754A (en) * | 2018-07-27 | 2020-02-28 | 北京京东尚科信息技术有限公司 | Webpage access method and system, computer system and computer readable storage medium |
| CN110968263A (en) * | 2018-10-01 | 2020-04-07 | 爱思开海力士有限公司 | Memory system |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US5802176A (en) * | 1996-03-22 | 1998-09-01 | Activcard | System for controlling access to a function, using a plurality of dynamic encryption variables |
| CN101266638A (en) * | 2008-04-16 | 2008-09-17 | 北京飞天诚信科技有限公司 | Software protection method and system |
| CN101620656A (en) * | 2009-07-29 | 2010-01-06 | 深圳国微技术有限公司 | Safety JTAG module and method for protecting safety of information inside chip |
-
2012
- 2012-12-30 CN CN201210591224.5A patent/CN103916243B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US5802176A (en) * | 1996-03-22 | 1998-09-01 | Activcard | System for controlling access to a function, using a plurality of dynamic encryption variables |
| CN101266638A (en) * | 2008-04-16 | 2008-09-17 | 北京飞天诚信科技有限公司 | Software protection method and system |
| CN101620656A (en) * | 2009-07-29 | 2010-01-06 | 深圳国微技术有限公司 | Safety JTAG module and method for protecting safety of information inside chip |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104202295A (en) * | 2014-07-25 | 2014-12-10 | 苏州寻息电子科技有限公司 | Beacon node based safeguard system and implementation method thereof |
| CN104202295B (en) * | 2014-07-25 | 2018-05-01 | 苏州寻息电子科技有限公司 | Security protection system and its implementation based on beaconing nodes |
| CN107215292A (en) * | 2017-07-31 | 2017-09-29 | 北京新能源汽车股份有限公司 | A kind of control method of vehicle control device, vehicle control device and automobile |
| CN107215292B (en) * | 2017-07-31 | 2019-07-12 | 北京新能源汽车股份有限公司 | A kind of control method of vehicle control device, vehicle control device and automobile |
| CN110851754A (en) * | 2018-07-27 | 2020-02-28 | 北京京东尚科信息技术有限公司 | Webpage access method and system, computer system and computer readable storage medium |
| CN110968263A (en) * | 2018-10-01 | 2020-04-07 | 爱思开海力士有限公司 | Memory system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN103916243B (en) | 2018-06-26 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| KR102469232B1 (en) | Cryptographic ASIC with Unique Internal Identifier | |
| Zhang et al. | Recent attacks and defenses on FPGA-based systems | |
| US11233650B2 (en) | Verifying identity of a vehicle entering a trust zone | |
| US11361660B2 (en) | Verifying identity of an emergency vehicle during operation | |
| Owusu et al. | OASIS: On achieving a sanctuary for integrity and secrecy on untrusted platforms | |
| US9418026B2 (en) | Transition between states in a processor | |
| Eldib et al. | Formal verification of software countermeasures against side-channel attacks | |
| US9129536B2 (en) | Circuit for secure provisioning in an untrusted environment | |
| US11329833B2 (en) | Programmable device key provisioning | |
| JP6854285B2 (en) | Device, license verification system, system and license verification method | |
| CN112042151A (en) | Secure distribution of secret keys using monotonic counters | |
| US8427193B1 (en) | Intellectual property core protection for integrated circuits | |
| CN103038745A (en) | Extending an integrity measurement | |
| US9984193B1 (en) | System to combat design-time vulnerability | |
| WO2009080700A1 (en) | Secure end-of-life handling of electronic devices | |
| CN103916243A (en) | Dynamic encryption method and encryption system of controller | |
| CN102509046A (en) | Globally valid measured operating system launch with hibernation support | |
| de Oliveira Nunes et al. | Pure: Using verified remote attestation to obtain proofs of update, reset and erasure in low-end embedded systems | |
| WO2019012952A1 (en) | Electronic control device, program tampering detection method, program for program tampering detection method, and computer readable permanent tangible recording medium | |
| US20200134235A1 (en) | Physical and logical attack resilient polymorphic hardware | |
| WO2023001624A1 (en) | Securely executing software based on cryptographically verified instructions | |
| KR20150020017A (en) | Secured computing system with asynchronous authentication | |
| Mohammad et al. | Required policies and properties of the security engine of an SoC | |
| CN104298897A (en) | Embedded copyright authentication method based on chaos technology and special processor | |
| KR20140112837A (en) | Embedded system, authentication system comprising the same, method of authenticating the system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20191230 Address after: 518119 1 Yanan Road, Kwai Chung street, Dapeng New District, Shenzhen, Guangdong Patentee after: SHENZHEN BYD MICROELECTRONICS Co.,Ltd. Address before: BYD 518118 Shenzhen Road, Guangdong province Pingshan New District No. 3009 Patentee before: BYD Co.,Ltd. |
|
| TR01 | Transfer of patent right | ||
| CP01 | Change in the name or title of a patent holder |
Address after: 518119 No.1 Yan'an Road, Kuiyong street, Dapeng New District, Shenzhen City, Guangdong Province Patentee after: BYD Semiconductor Co.,Ltd. Address before: 518119 No.1 Yan'an Road, Kuiyong street, Dapeng New District, Shenzhen City, Guangdong Province Patentee before: BYD Semiconductor Co.,Ltd. Address after: 518119 No.1 Yan'an Road, Kuiyong street, Dapeng New District, Shenzhen City, Guangdong Province Patentee after: BYD Semiconductor Co.,Ltd. Address before: 518119 No.1 Yan'an Road, Kuiyong street, Dapeng New District, Shenzhen City, Guangdong Province Patentee before: SHENZHEN BYD MICROELECTRONICS Co.,Ltd. |
|
| CP01 | Change in the name or title of a patent holder |