阅读说明：本技术 一种基于sram puf的硬件ip的实现结构 (SRAM PUF-based hardware IP implementation structure ) 是由 毛高亮 吴有余 王宇峰 于 2020-03-31 设计创作，主要内容包括：本发明公开了一种基于SRAM PUF的硬件IP的实现结构,实现方法如下：利用TRNG产生的随机数,进行压缩,产生根密钥/特征值；由于随机数的熵密度较高,为得到同样的256bit根密钥/特征值,可以大大减少SM3压缩的数据源的数量；SRAM的初始值用作产生Help Data,进行秘密分享；通过关联模块,将Help Data的值和不同的芯片相关联；Help Data的存储不需要保密,其用于恢复出256bit根密钥/特征值；本发明的有益效果是：确保了PUF软件的实现,提高了数据的安全；通过关联模块,将Help Data的值和不同的芯片相关联；控制该反馈信号,实现模块的重新上电操作,有助于保证系统的稳定性。(The invention discloses a hardware IP realization structure based on SRAM PUF, the realization method is as follows: compressing by using a random number generated by TRNG to generate a root key/characteristic value; because the entropy density of the random number is higher, the number of data sources compressed by SM3 can be greatly reduced in order to obtain the same 256-bit root key/characteristic value; the initial value of the SRAM is used for generating Help Data to carry out secret sharing; associating the value of Help Data with different chips through an association module; the Help Data is stored without confidentiality and is used for recovering a 256-bit root key/characteristic value; the invention has the beneficial effects that: the realization of PUF software is ensured, and the data security is improved; associating the value of Help Data with different chips through an association module; the feedback signal is controlled, the module is powered on again, and the stability of the system is guaranteed.)

1. An implementation structure of hardware IP based on SRAM PUF is characterized in that: the implementation method comprises the following steps:

the method comprises the following steps: compressing by using a random number generated by TRNG to generate a root key/characteristic value;

step two: the initial value of SRAM is used to generate Help Data for secret sharing.

2. The architecture for implementing hardware IP based on SRAM PUF according to claim 1, wherein: the number of data sources compressed by SM3 is reduced, resulting in the same 256-bit root key/feature value.

3. The architecture for implementing hardware IP based on SRAM PUF according to claim 2, wherein: SM3 was used for HASH value calculation.

4. The architecture for implementing hardware IP based on SRAM PUF according to claim 1, wherein: an association module is also included for associating the value of Help Data with a different chip.

5. The architecture for implementing hardware IP based on SRAM PUF according to claim 1, wherein: the storage of HelpData does not require privacy, it is used to recover the 256-bit root key/feature value.

6. The architecture for implementing hardware IP based on SRAM PUF according to claim 1, wherein: the TRNG is used as a random number source for the PUF during the enrolment phase and is available for external use during the normal operation phase.

7. The architecture for implementing hardware IP based on SRAM PUF according to claim 1, wherein: the device also comprises a feedback module which is used for the feedback of the signal.

Technical Field

The invention belongs to the technical field of information security, and particularly relates to a hardware IP implementation structure based on an SRAM PUF.

Background

With the development of information technology, the world of everything interconnection is now entered: the comprehensive intercommunication and interconnection between people, objects and people are started. In all application fields of interconnection, how to ensure the security and uniqueness of data has become the most important and urgent problem.

Currently, the method for solving the problem in the industry is mainly authorized by a root certificate center, but any root certificate is generated by human algorithm operation, and a plurality of risks such as hacking, leakage in the operation process and the like exist from the source.

The PUF technology can solve the problem of data uniqueness from a root of trust source, and is the best method for solving the problem of data information security. Specific scene application of some PUF technologies appears in the market, but the PUF technologies are used as bottom layer technologies, and security modules are formed through different algorithms and embedded into chips, so that large-scale application of terminal scenes does not appear at home and abroad.

The puf (physical Unclonable function) is a short term for "physical Unclonable technology", and is a unique "fingerprint" information of a chip generated by using random process deviations of processes such as injection, illumination and the like in the chip manufacturing process, and the unique fingerprint "information can be used as unique identification information of the chip after being extracted by a special technology. The mark is automatically generated in the manufacturing process, so that a designer, a manufacturer and a producer of the chip can not control the mark, and the physical uncloneable characteristic of the anti-counterfeiting chip is ensured.

PUF technology allows each piece of data to have a unique, uncopyable "fingerprint"! Is gradually and widely applied to the security fields of identity authentication, key generation, fingerprint identification, defense technology and the like.

In order to solve the problem of data information security, a hardware IP implementation structure based on an SRAM PUF is provided for the purpose.

Disclosure of Invention

The invention aims to provide a hardware IP implementation structure based on an SRAM PUF, which solves the problem of data information safety.

In order to achieve the purpose, the invention provides the following technical scheme: an implementation structure of hardware IP based on SRAM PUF comprises the following steps:

the method comprises the following steps: compressing by using a random number generated by TRNG to generate a root key/characteristic value;

step two: the initial value of SRAM is used to generate Help Data for secret sharing.

As a preferred solution of the present invention, the number of data sources compressed by SM3 is reduced to obtain the same 256-bit root key/feature value.

In a preferred embodiment of the present invention, SM3 is used for calculating the HASH value.

The invention further comprises an association module, which is used for associating the value of HelpData with different chips.

As a preferred technical scheme of the invention, the storage of Help Data does not need to be kept secret, and the Help Data is used for recovering a 256-bit root key/characteristic value.

As a preferred solution of the present invention, the TRNG is used as a random number source for the PUF during the enrollment phase, and is available for external use during the normal operation phase.

As a preferred technical solution of the present invention, the apparatus further includes a feedback module, and the feedback module is used for feedback of the signal.

Compared with the prior art, the invention has the beneficial effects that:

(1) the realization of PUF software is ensured, and the data security is improved;

(2) associating the value of Help Data with different chips through an association module;

(3) the feedback signal is controlled, the module is powered on again, and the stability of the system is guaranteed.

Drawings

FIG. 1 is a flow chart of the registration phase of the present invention;

FIG. 2 is a flow chart of the recovery phase of the present invention;

FIG. 3 is a block hardware architecture diagram of the present invention;

FIG. 4 is a first diagram of the power supply feedback control of the present invention;

FIG. 5 is a schematic diagram of a second configuration of the power feedback control scheme of the present invention;

FIG. 6 is a flowchart illustrating the operation of the registration phase in the logic flow control of the present invention;

FIG. 7 is a flowchart illustrating the recovery phase operation in logic flow control according to the present invention.

Detailed Description

The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.