基于软硬件协同技术的嵌入式平台的可信性研究
发布时间:2018-08-25 07:26
【摘要】:随着物联网概念提出和其相关技术的应用以及近年来可信计算技术的发展和进步,可信计算将是未来物联网以及信息平台得以进行安全通信和信息交换的基础。国际可信计算组织TCG (Trusted Computing Group)针对目前的可信计算平台可能遇到的威胁与攻击提出了一套完整的可信计算平台的解决方案和规范化定义。TCG认为可信计算平台的基础是可信根,关键是以可信根为基础,通过逐级的认证和度量,形成一个安全可靠的可信链。TCG定义的可信根,通常被实现为一个可信平台模块TPM(Trusted Platform Module). TPM对嵌入式可信计算平台的可信提供核心支撑,而TPM的核心通常是能对加密算法的进行高效实现的加密引擎。通常,可信计算平台的TPM必须能够高效实现用软件实现效率较差的加密算法,以满足可信计算平台对TPM可信支撑的性能要求。TPM中最关键的加密算法是非对称公钥加密算法,通常是RSA公钥加密算法,其运算复杂度特别高,通常需要通过专门的硬件电路如ASIC实现协处理器以适应可信平台的性能要求,而传统的嵌入式设备通常无法满足未来物联网对嵌入式可信计算平台的性能要求。另一方面,嵌入式可信计算平台通常对成本、价格、系统的资源消耗、芯片面积等因素非常敏感,因此在嵌入式可信计算平台设计的TPM模块无法像传统的计算平台中通过增加硬件资源用专门硬件电路实现的协处理来实现。针对这个问题,本文采用了一种基于软硬件协同设计技术的专用指令处理器的的设计和实现方法,来加速RSA算法的运行效率。所谓专用指令处理,是在原有处理器的指令集的基础,针对具体的应用,设计和选取一些适合于该应用的核心指令,将这些自定义的专用指令纳入到原有的处理器的指令集中,从而通过较小的硬件资源的消耗,实现对特殊应用的执行效率的大幅提升,同时还能保证软件层面的灵活性和可扩展性。本文采用的这种针对具体应用的专用指令处理器的设计方法,对于基于其他具体应用的专用指令处理器的设计具有普遍的指导意义。 嵌入式可信计算平台的可信支撑的核心模块的TPM实现的关键是对RSA加密算法的高效实现,而传统的嵌入式系统的计算性能通常无法满足嵌入式的可信计算平台对性能的要求,所以,针对嵌入式可信计算平台中可信模块TPM中的RSA加密算法,本文通对RSA加密算法细节进行分析和实现,结合MM-Level专用指令选取算法选取可扩展优化自定义指令来扩展原有处理器的指令集的基础上,设计一款专用指令处理器RSA_ASIP。而专用指令的处理器的设计的核心,是专用指令的选取和设计。本文在研究大量的专用指令处理器中专用的指令的自动化选取方法之后,针对嵌入式可信计算平台中RSA专用指令的筛选和设计,总结了一套专用指令选取和设计方法。本文在全面分析RSA加密算法的基础上,针对RSA加密算法的核心部分,采用一种MM-Level指令选择算法,然后,针对嵌入式可信计算平台对系统的资源、面积、速度等因素的限制,采用了一种形式化量化的方法,将自定义指令的优选问题转化为一种整数线性规划ILP问题,最终将设计的专用处理器实现于FPGA平台。本文实现的RSA专用指令处理器采用了目前国际上比较流行的电子系统级ESL (Electronic System Level)的设计方法,使用专用的指令集架构语言LISA(Language for Instruction Set Architecture)语言对RSA算法中可优化的指令在原有的32位RISC处理器的基础上进行指令集的扩展,生成针对RSA算法的优化的专用指令处理器的设计模型,最终将生成的处理模型在FPGA上进行验证。
[Abstract]:With the introduction of the concept of Internet of Things and the application of its related technologies as well as the development and progress of trusted computing technology in recent years, trusted computing will be the basis for secure communication and information exchange between the Internet of Things and information platforms in the future. Threats and attacks present a complete set of solutions and standardized definitions for trusted computing platforms. TCG considers that trusted computing platforms are based on trusted roots, and the key is to form a secure and reliable trusted chain through step-by-step authentication and measurement. Trusted Platform Module (TPM). TPM provides the core support for the trustworthiness of embedded trusted computing platforms. The core of TPM is usually an encryption engine that can efficiently implement encryption algorithms. The key encryption algorithm in TPM is asymmetric public-key encryption algorithm, usually RSA public-key encryption algorithm. Its computational complexity is very high. It usually needs special hardware circuit such as ASIC to implement coprocessor to meet the performance requirements of trusted platform, while traditional embedded devices communicate with each other. On the other hand, embedded trusted computing platforms are usually sensitive to cost, price, system resource consumption, chip area and other factors, so TPM modules designed in embedded trusted computing platforms can not be as hard as traditional computing platforms by adding hardware. To solve this problem, this paper presents a design and implementation method of special instruction processor based on hardware and software co-design technology to speed up the running efficiency of RSA algorithm. The application, design and select some core instructions suitable for the application, and incorporate these customized special instructions into the instruction set of the original processor, so that the execution efficiency of the special application can be greatly improved by reducing the consumption of hardware resources. At the same time, the flexibility and scalability of the software level can be guaranteed. The design method of the special instruction processor for specific application adopted in this paper is of universal guiding significance for the design of special instruction processor based on other specific applications.
The key to the TPM implementation of the trusted core module of the embedded trusted computing platform is the efficient implementation of RSA encryption algorithm. However, the performance of the traditional embedded system usually can not meet the performance requirements of the embedded trusted computing platform. Therefore, RSA encryption in the trusted module TPM of the embedded trusted computing platform is proposed. This paper analyzes and implements the details of RSA encryption algorithm, and designs a special instruction processor RSA_ASIP based on the MM-Level special instruction selection algorithm to extend the instruction set of the original processor. The core of the design of special instruction processor is the selection of special instruction. In this paper, after researching the automatic selection method of special instructions in a large number of special instructions processors, a set of special instructions selection and design methods are summarized for the selection and design of RSA special instructions in embedded trusted computing platform. On the basis of comprehensive analysis of RSA encryption algorithm, this paper aims at the core of RSA encryption algorithm. In the center part, a MM-Level instruction selection algorithm is adopted. Then, aiming at the limitation of embedded trusted computing platform on system resources, area, speed and other factors, a formal quantization method is adopted to transform the optimization problem of custom instructions into an integer linear programming ILP problem. Finally, the special processor designed is implemented in F. PGA platform. The RSA special instruction processor implemented in this paper adopts the design method of electronic system level (ESL) which is popular in the world at present. The optimized instructions in RSA algorithm are processed by the original 32-bit RISC using the special instruction set architecture language LISA (Language for Instruction Set Architecture). On the basis of the processor, the instruction set is extended to generate the optimized design model of the special instruction processor for RSA algorithm, and the generated processing model is verified on the FPGA.
【学位授予单位】:山东大学
【学位级别】:硕士
【学位授予年份】:2013
【分类号】:TP368.1;TP309
本文编号:2202170
[Abstract]:With the introduction of the concept of Internet of Things and the application of its related technologies as well as the development and progress of trusted computing technology in recent years, trusted computing will be the basis for secure communication and information exchange between the Internet of Things and information platforms in the future. Threats and attacks present a complete set of solutions and standardized definitions for trusted computing platforms. TCG considers that trusted computing platforms are based on trusted roots, and the key is to form a secure and reliable trusted chain through step-by-step authentication and measurement. Trusted Platform Module (TPM). TPM provides the core support for the trustworthiness of embedded trusted computing platforms. The core of TPM is usually an encryption engine that can efficiently implement encryption algorithms. The key encryption algorithm in TPM is asymmetric public-key encryption algorithm, usually RSA public-key encryption algorithm. Its computational complexity is very high. It usually needs special hardware circuit such as ASIC to implement coprocessor to meet the performance requirements of trusted platform, while traditional embedded devices communicate with each other. On the other hand, embedded trusted computing platforms are usually sensitive to cost, price, system resource consumption, chip area and other factors, so TPM modules designed in embedded trusted computing platforms can not be as hard as traditional computing platforms by adding hardware. To solve this problem, this paper presents a design and implementation method of special instruction processor based on hardware and software co-design technology to speed up the running efficiency of RSA algorithm. The application, design and select some core instructions suitable for the application, and incorporate these customized special instructions into the instruction set of the original processor, so that the execution efficiency of the special application can be greatly improved by reducing the consumption of hardware resources. At the same time, the flexibility and scalability of the software level can be guaranteed. The design method of the special instruction processor for specific application adopted in this paper is of universal guiding significance for the design of special instruction processor based on other specific applications.
The key to the TPM implementation of the trusted core module of the embedded trusted computing platform is the efficient implementation of RSA encryption algorithm. However, the performance of the traditional embedded system usually can not meet the performance requirements of the embedded trusted computing platform. Therefore, RSA encryption in the trusted module TPM of the embedded trusted computing platform is proposed. This paper analyzes and implements the details of RSA encryption algorithm, and designs a special instruction processor RSA_ASIP based on the MM-Level special instruction selection algorithm to extend the instruction set of the original processor. The core of the design of special instruction processor is the selection of special instruction. In this paper, after researching the automatic selection method of special instructions in a large number of special instructions processors, a set of special instructions selection and design methods are summarized for the selection and design of RSA special instructions in embedded trusted computing platform. On the basis of comprehensive analysis of RSA encryption algorithm, this paper aims at the core of RSA encryption algorithm. In the center part, a MM-Level instruction selection algorithm is adopted. Then, aiming at the limitation of embedded trusted computing platform on system resources, area, speed and other factors, a formal quantization method is adopted to transform the optimization problem of custom instructions into an integer linear programming ILP problem. Finally, the special processor designed is implemented in F. PGA platform. The RSA special instruction processor implemented in this paper adopts the design method of electronic system level (ESL) which is popular in the world at present. The optimized instructions in RSA algorithm are processed by the original 32-bit RISC using the special instruction set architecture language LISA (Language for Instruction Set Architecture). On the basis of the processor, the instruction set is extended to generate the optimized design model of the special instruction processor for RSA algorithm, and the generated processing model is verified on the FPGA.
【学位授予单位】:山东大学
【学位级别】:硕士
【学位授予年份】:2013
【分类号】:TP368.1;TP309
【参考文献】
相关期刊论文 前1条
1 沈昌祥;张焕国;王怀民;王戟;赵波;严飞;余发江;张立强;徐明迪;;可信计算的研究与发展[J];中国科学:信息科学;2010年02期
,本文编号:2202170
本文链接:https://www.wllwen.com/kejilunwen/jisuanjikexuelunwen/2202170.html
