Search

CN-114386110-B - PUF circuit for security authentication of power data mobile client

CN114386110BCN 114386110 BCN114386110 BCN 114386110BCN-114386110-B

Abstract

The invention discloses a PUF circuit for safety certification of an electric power data mobile client, which comprises n2 input exclusive-OR gates, m AND gates and a D trigger, wherein an oscillating signal is divided into two paths, one path is directly led back to a first stage 2 input exclusive-OR gate, the other path is led to a data input end of the D trigger, the D trigger outputs a corresponding feedback signal under the action of a clock signal with lower frequency than the oscillating frequency, the feedback signal output by the D trigger is loaded to the other input end of the corresponding m first exclusive-OR gates after being subjected to phase inversion of m first excitation phases in n bit excitation input externally, the number of 1 in the m first excitation phases in the n bit excitation input externally is even, and the other n-m second excitation phases in the n bit excitation input externally are input to the other input end of the other n-m second exclusive-OR gates. The invention can greatly improve the safety of the mobile client.

Inventors

  • WANG FENG
  • WANG LIXIA
  • FU JIAYU
  • ZHAO DEWEI
  • JIANG YUANCHEN
  • YOU FENG
  • ZHAO GAOFENG
  • ZHANG WEI
  • LIANG MING
  • XU RUI
  • Ping Liusheng
  • TANG NING
  • ZHANG ZIQIAN
  • CHEN YU
  • TANG LIHE
  • Tian Dadong
  • YANG WEIDONG
  • ZHOU JUN
  • CUI YIJUN
  • CHEN YUNPENG
  • LI WEI

Assignees

  • 国网电力科学研究院有限公司
  • 国电南瑞科技股份有限公司
  • 南京航空航天大学
  • 国网辽宁省电力有限公司
  • 国家电网有限公司

Dates

Publication Date
20260508
Application Date
20211223

Claims (4)

  1. 1. The PUF circuit for the security authentication of the power data mobile client is characterized by comprising n 2-input exclusive-OR gates, m AND gates and a D trigger, wherein n and m are positive integers larger than 2, and n is larger than m; The n 2 input exclusive-OR gates are sequentially cascaded, the output end of each 2 input exclusive-OR gate is connected with one input end of the next 2 input exclusive-OR gate, and an oscillating signal is output at the output end of the last 2 input exclusive-OR gate; The output end of the D trigger is respectively connected with one input end of m AND gates, the other input end of the m AND gates is connected with an external excitation source, the output end of the m AND gates is connected with m first exclusive OR gates, the feedback signal output by the D trigger is loaded to the other input end of the corresponding m first exclusive OR gates after being subjected to m first excitation CI [ m-1:0 ] phase in n-bit excitation input from the outside and used as a control signal of the first exclusive OR gate, wherein the number of 1 in m first excitation CI [ m-1:0 ] in n-bit excitation input from the outside is even; The other n-m bit second excitation CII [ n-1: m ] in the externally input n bit excitation is input to the other input end of the remaining n-m second exclusive OR gates as the control signal of the second exclusive OR gate; The working method of the PUF circuit comprises the following steps: Inputting a clock signal to the D trigger, and sampling the output oscillation signal to enable the D trigger to output a cyclic random sequence signal as a feedback signal; And inputting n-bit external excitation, wherein m-bit first excitation CII [ m-1:0 ] and a cyclic random sequence signal phase output by a D trigger are loaded to corresponding m first exclusive OR gates as control signals of the first exclusive OR gates, and the remaining n-m-bit second excitation CII [ n-1:m ] is input to the remaining n-m second exclusive OR gates as control signals of the second exclusive OR gates, so that oscillation signals are continuously output.
  2. 2. The PUF circuit for power data mobile client security authentication of claim 1, wherein a display look-up table is employed to implement a 2-input exclusive or gate.
  3. 3. The PUF circuit for power data mobile client security authentication of claim 1, wherein the frequency of the clock signal of the D flip-flop is on the order of hundred megahz or less.
  4. 4. The PUF circuit for power data mobile client security authentication of claim 1, wherein one input B of each 2-input exclusive or gate is regarded as an input variable, the other input a is regarded as a control signal, when a is 0, the value of output Q is the same as input B, the logic function of the 2-input exclusive or gate is equivalent to a buffer, providing device delay, when a is 1, the value of output Q is opposite to input B, the 2-input exclusive or gate is equivalent to an inverter, and providing device delay.

Description

PUF circuit for security authentication of power data mobile client Technical Field The invention relates to a PUF circuit for security authentication of a power data mobile client, and belongs to the technical field of security authentication. Background With the progress of modeling attack means, the hardware security problem of the mobile client is getting more and more attention. Traditional software encryption methods are easy to be subject to physical attacks, such as channel test attacks and the like. Therefore, the Physical Unclonable Function (PUF) is favored by researchers as a low-power, lightweight hardware security encryption primitive. For example, chinese patent CN201710315266.9 with publication date 2017, 9 and 8 proposes a low-overhead RO PUF circuit structure based on FPGA, and the invention utilizes the structural feature that the dual-output LUT in FPGA is composed of two single-output LUTs, and the designed dual-output RO PUF circuit saves LUT resources by nearly half compared with the traditional RO PUF circuit. For example, chinese patent CN109167664a with publication date of 2019, 1 and 8 proposes a reconfigurable ring oscillator PUF circuit based on exclusive or gate, which has the characteristics of simplicity and easy implementation, high reliability, stability and randomness, less consumption of resources, multiple excitation pairs, and the like. However, with the foregoing technical solution, after knowing the circuit structure, an attacker can still pose a threat to the security of the mobile client through an efficient modeling manner. Disclosure of Invention The invention aims to overcome the defects in the prior art, and provides the PUF circuit for the security authentication of the power data mobile client, even if an attacker reads the circuit structure, the attacker cannot threat the security of the mobile client, so that the security of the mobile client is improved. The technical scheme adopted by the invention is as follows: a PUF circuit for safety authentication of a power data mobile client comprises n 2-input exclusive-OR gates, m AND gates and a D trigger, wherein n and m are positive integers larger than 2, and n is larger than m; the n 2 input exclusive-OR gates are sequentially cascaded, the output end of each 2 input exclusive-OR gate is connected with one input end of the next 2 input exclusive-OR gate, and an oscillating signal is output at the output end of the last 2 input exclusive-OR gate; The output end of the D trigger is respectively connected with one input end of m AND gates, the other input end of the m AND gates is connected with an external excitation source, the output end of the m AND gates is connected with m first exclusive OR gates, the feedback signal output by the D trigger is loaded to the other input end of the corresponding m first exclusive OR gates after being subjected to m first excitation CI [ m-1:0 ] phase in n-bit excitation input from the outside and used as a control signal of the first exclusive OR gate, wherein the number of 1 in m first excitation CI [ m-1:0 ] in n-bit excitation input from the outside is even; the other n-m bit second stimulus CII [ n-1: m ] of the externally inputted n bit stimulus is inputted to the other input terminal of the remaining n-m second exclusive-or gates as the control signal of the second exclusive-or gate. In order to optimize the technical scheme, the specific measures adopted further comprise: further, a display look-up table is employed to implement a 2-input exclusive-or gate. Further, the frequency of the clock signal of the D flip-flop is on the order of hundred megahz or less. Further, one input B of each 2-input exclusive-or gate is regarded as an input variable, and the other input a is regarded as a control signal. When A is 0, the value of the output Q is the same as that of the input B, the logic function of the 2-input exclusive-OR gate is equivalent to that of a buffer to provide device delay, and when A is 1, the value of the output Q is opposite to that of the input B, the 2-input exclusive-OR gate is equivalent to an inverter to provide device delay. Based on the PUF circuit, the invention also relates to a working method of the PUF circuit for the security authentication of the power data mobile client, which comprises the following steps: Inputting a clock signal to the D trigger, and sampling the output oscillation signal to enable the D trigger to output a cyclic random sequence signal as a feedback signal; And inputting n-bit external excitation, wherein m-bit first excitation CII [ m-1:0 ] and a cyclic random sequence signal phase output by a D trigger are loaded to corresponding m first exclusive OR gates as control signals of the first exclusive OR gates, and the remaining n-m-bit second excitation CII [ n-1:m ] is input to the remaining n-m second exclusive OR gates as control signals of the second exclusive OR gates, so that oscillation signals are continuously ou