当前位置:主页 > 科技论文 > 计算机论文 >

片外存储器的加密与完整性保护研究

发布时间:2018-05-20 12:21

  本文选题:嵌入式系统安全 + 硬件攻击 ; 参考:《华中科技大学》2013年硕士论文


【摘要】:随着嵌入式系统的广泛应用,嵌入式系统的安全问题逐渐引起人们的重视。其中,片外存储器的安全问题是整个嵌入式系统安全问题中不可忽视的一部分。尤其在SOC系统中,攻击者很容易通过对片外存储器与SOC芯片之间的连线进行搭线侦听,达到篡改或窃取片外存储器中数据的目的,从而造成信息泄露,威胁到嵌入式系统的安全。目前已经存在很多关于片外存储安全方面的研究,这些研究一般是在片上微处理器和片外的存储器之间增加安全防御模块(硬件)。但是,在嵌入式系统中增加存储器安全防御模块(硬件)无疑会对整个系统的性能、存储器开销、SOC面积开销等造成一定的负面影响。 本论文首先深入分析了嵌入式系统面临的安全威胁,其中,重点分析了针对嵌入式系统片外存储器的硬件攻击模型。然后分析了保护片外存储器的安全防御策略,即对片外存储器进行机密性和完整性保护,并介绍了对机密性和完整性保护的措施。在此基础上,提出了一种基于AES-GCM的片外存储器加密与完整性保护的方法。本方法提出了双层加解密机制,第一层对数据进行加解密,第二层对第一层产生的tag进行加解密。本方法对片外存储器同时提供数据机密性和完整性保护,可以防御一系列典型的恶意攻击,如欺骗攻击、重放攻击等。通过两层加解密机制的配合,本方法在保证较高安全性的前提下,片内存储器开销只有7.81%,而且性能损失比较小。 本论文对所提出的片外存储器加密与完整性保护方法进行了硬件实现,并且将其放入LEON3系统中,构建了仿真平台。仿真结果表明,片外存储器加密与完整性保护方法的功能正确。对针对片外存储器的恶意攻击,可以有效地给出报警信号,从而达到保护片外存储器安全的目的。
[Abstract]:With the wide application of embedded system, people pay more and more attention to the security of embedded system. The security of out-of-chip memory is one of the most important problems in embedded system. Especially in SOC system, it is easy for an attacker to tamper with or steal the data in the out-of-chip memory by listening to the connection between the out-of-chip memory and the SOC chip, thus causing information disclosure. It threatens the security of embedded system. At present, there are many researches on the security of off-chip storage. These researches generally add the security defense module (hardware) between the on-chip microprocessor and the off-chip memory. However, adding memory security defense module (hardware) to embedded system will undoubtedly have a negative impact on the performance of the whole system, memory overhead and SOC area overhead. In this paper, the security threats faced by embedded system are analyzed in depth, and the hardware attack model of embedded system off-chip memory is analyzed. Then, the security defense strategy to protect the off-chip memory is analyzed, that is, the confidentiality and integrity of the off-chip memory are protected, and the measures to protect the confidentiality and integrality are introduced. On the basis of this, a method of encryption and integrity protection of off-chip memory based on AES-GCM is proposed. The method proposes a double layer encryption and decryption mechanism. The first layer encrypts and decrypts the data, and the second layer encrypts the tag generated by the first layer. The method provides both data confidentiality and integrity protection to off-chip memory and can protect against a series of typical malicious attacks such as spoofing attacks replay attacks and so on. With the cooperation of the two-layer encryption and decryption mechanism, the in-chip memory overhead is only 7.81, and the performance loss is relatively small under the premise of high security. In this paper, the proposed method of off-chip memory encryption and integrity protection is implemented in hardware, and the simulation platform is constructed by putting it into LEON3 system. The simulation results show that the functions of the encryption and integrity protection method are correct. In order to protect the security of off-chip memory, the alarm signal can be effectively given to the malicious attack against off-chip memory.
【学位授予单位】:华中科技大学
【学位级别】:硕士
【学位授予年份】:2013
【分类号】:TP333

【参考文献】

相关期刊论文 前8条

1 郭春霞,裘雪红;嵌入式系统安全的研究与设计[J];电子科技;2005年08期

2 吴景红;李朋;刘柳柳;;SPARC处理器启动代码的分析与编程[J];机电产品开发与创新;2008年06期

3 许俊贤;张祥;李童;;SPARC体系结构[J];计算机研究与发展;1990年11期

4 侯方勇,王志英,刘真;基于Hash树热点窗口的存储器完整性校验方法[J];计算机学报;2004年11期

5 胡荣群;罗杰;;嵌入式系统的安全分析[J];计算机与现代化;2007年02期

6 李洪;毛志刚;;PLRU替换算法在嵌入式系统cache中的实现[J];微处理机;2010年01期

7 李子磊;刘政林;霍文捷;邹雪城;;高吞吐率XTS-AES加密算法的硬件实现[J];微电子学与计算机;2011年04期

8 龚永红;梅卫平;蒋晓华;唐芳福;黄琳;颜军;;32位嵌入式处理器S698的SPARC V8指令集[J];电子元器件应用;2007年11期



本文编号:1914601

资料下载
论文发表

本文链接:https://www.wllwen.com/kejilunwen/jisuanjikexuelunwen/1914601.html


Copyright(c)文论论文网All Rights Reserved | 网站地图 |

版权申明:资料由用户6eb31***提供,本站仅收录摘要或目录,作者需要删除请E-mail邮箱bigeng88@qq.com