【摘要】：隨著物聯(lián)網(wǎng)概念提出和其相關(guān)技術(shù)的應(yīng)用以及近年來可信計算技術(shù)的發(fā)展和進步,可信計算將是未來物聯(lián)網(wǎng)以及信息平臺得以進行安全通信和信息交換的基礎(chǔ)。國際可信計算組織TCG (Trusted Computing Group)針對目前的可信計算平臺可能遇到的威脅與攻擊提出了一套完整的可信計算平臺的解決方案和規(guī)范化定義。TCG認(rèn)為可信計算平臺的基礎(chǔ)是可信根,關(guān)鍵是以可信根為基礎(chǔ),通過逐級的認(rèn)證和度量,形成一個安全可靠的可信鏈。TCG定義的可信根,通常被實現(xiàn)為一個可信平臺模塊TPM(Trusted Platform Module). TPM對嵌入式可信計算平臺的可信提供核心支撐,而TPM的核心通常是能對加密算法的進行高效實現(xiàn)的加密引擎。通常,可信計算平臺的TPM必須能夠高效實現(xiàn)用軟件實現(xiàn)效率較差的加密算法,以滿足可信計算平臺對TPM可信支撐的性能要求。TPM中最關(guān)鍵的加密算法是非對稱公鑰加密算法,通常是RSA公鑰加密算法,其運算復(fù)雜度特別高,通常需要通過專門的硬件電路如ASIC實現(xiàn)協(xié)處理器以適應(yīng)可信平臺的性能要求,而傳統(tǒng)的嵌入式設(shè)備通常無法滿足未來物聯(lián)網(wǎng)對嵌入式可信計算平臺的性能要求。另一方面,嵌入式可信計算平臺通常對成本、價格、系統(tǒng)的資源消耗、芯片面積等因素非常敏感,因此在嵌入式可信計算平臺設(shè)計的TPM模塊無法像傳統(tǒng)的計算平臺中通過增加硬件資源用專門硬件電路實現(xiàn)的協(xié)處理來實現(xiàn)。針對這個問題,本文采用了一種基于軟硬件協(xié)同設(shè)計技術(shù)的專用指令處理器的的設(shè)計和實現(xiàn)方法,來加速RSA算法的運行效率。所謂專用指令處理,是在原有處理器的指令集的基礎(chǔ),針對具體的應(yīng)用,設(shè)計和選取一些適合于該應(yīng)用的核心指令,將這些自定義的專用指令納入到原有的處理器的指令集中,從而通過較小的硬件資源的消耗,實現(xiàn)對特殊應(yīng)用的執(zhí)行效率的大幅提升,同時還能保證軟件層面的靈活性和可擴展性。本文采用的這種針對具體應(yīng)用的專用指令處理器的設(shè)計方法,對于基于其他具體應(yīng)用的專用指令處理器的設(shè)計具有普遍的指導(dǎo)意義。 嵌入式可信計算平臺的可信支撐的核心模塊的TPM實現(xiàn)的關(guān)鍵是對RSA加密算法的高效實現(xiàn),而傳統(tǒng)的嵌入式系統(tǒng)的計算性能通常無法滿足嵌入式的可信計算平臺對性能的要求,所以,針對嵌入式可信計算平臺中可信模塊TPM中的RSA加密算法,本文通對RSA加密算法細(xì)節(jié)進行分析和實現(xiàn),結(jié)合MM-Level專用指令選取算法選取可擴展優(yōu)化自定義指令來擴展原有處理器的指令集的基礎(chǔ)上,設(shè)計一款專用指令處理器RSA_ASIP。而專用指令的處理器的設(shè)計的核心,是專用指令的選取和設(shè)計。本文在研究大量的專用指令處理器中專用的指令的自動化選取方法之后,針對嵌入式可信計算平臺中RSA專用指令的篩選和設(shè)計,總結(jié)了一套專用指令選取和設(shè)計方法。本文在全面分析RSA加密算法的基礎(chǔ)上,針對RSA加密算法的核心部分,采用一種MM-Level指令選擇算法,然后,針對嵌入式可信計算平臺對系統(tǒng)的資源、面積、速度等因素的限制,采用了一種形式化量化的方法,將自定義指令的優(yōu)選問題轉(zhuǎn)化為一種整數(shù)線性規(guī)劃ILP問題,最終將設(shè)計的專用處理器實現(xiàn)于FPGA平臺。本文實現(xiàn)的RSA專用指令處理器采用了目前國際上比較流行的電子系統(tǒng)級ESL (Electronic System Level)的設(shè)計方法,使用專用的指令集架構(gòu)語言LISA(Language for Instruction Set Architecture)語言對RSA算法中可優(yōu)化的指令在原有的32位RISC處理器的基礎(chǔ)上進行指令集的擴展,生成針對RSA算法的優(yōu)化的專用指令處理器的設(shè)計模型,最終將生成的處理模型在FPGA上進行驗證。
[Abstract]:With the introduction of the concept of Internet of Things and the application of its related technologies as well as the development and progress of trusted computing technology in recent years, trusted computing will be the basis for secure communication and information exchange between the Internet of Things and information platforms in the future. Threats and attacks present a complete set of solutions and standardized definitions for trusted computing platforms. TCG considers that trusted computing platforms are based on trusted roots, and the key is to form a secure and reliable trusted chain through step-by-step authentication and measurement. Trusted Platform Module (TPM). TPM provides the core support for the trustworthiness of embedded trusted computing platforms. The core of TPM is usually an encryption engine that can efficiently implement encryption algorithms. The key encryption algorithm in TPM is asymmetric public-key encryption algorithm, usually RSA public-key encryption algorithm. Its computational complexity is very high. It usually needs special hardware circuit such as ASIC to implement coprocessor to meet the performance requirements of trusted platform, while traditional embedded devices communicate with each other. On the other hand, embedded trusted computing platforms are usually sensitive to cost, price, system resource consumption, chip area and other factors, so TPM modules designed in embedded trusted computing platforms can not be as hard as traditional computing platforms by adding hardware. To solve this problem, this paper presents a design and implementation method of special instruction processor based on hardware and software co-design technology to speed up the running efficiency of RSA algorithm. The application, design and select some core instructions suitable for the application, and incorporate these customized special instructions into the instruction set of the original processor, so that the execution efficiency of the special application can be greatly improved by reducing the consumption of hardware resources. At the same time, the flexibility and scalability of the software level can be guaranteed. The design method of the special instruction processor for specific application adopted in this paper is of universal guiding significance for the design of special instruction processor based on other specific applications.
The key to the TPM implementation of the trusted core module of the embedded trusted computing platform is the efficient implementation of RSA encryption algorithm. However, the performance of the traditional embedded system usually can not meet the performance requirements of the embedded trusted computing platform. Therefore, RSA encryption in the trusted module TPM of the embedded trusted computing platform is proposed. This paper analyzes and implements the details of RSA encryption algorithm, and designs a special instruction processor RSA_ASIP based on the MM-Level special instruction selection algorithm to extend the instruction set of the original processor. The core of the design of special instruction processor is the selection of special instruction. In this paper, after researching the automatic selection method of special instructions in a large number of special instructions processors, a set of special instructions selection and design methods are summarized for the selection and design of RSA special instructions in embedded trusted computing platform. On the basis of comprehensive analysis of RSA encryption algorithm, this paper aims at the core of RSA encryption algorithm. In the center part, a MM-Level instruction selection algorithm is adopted. Then, aiming at the limitation of embedded trusted computing platform on system resources, area, speed and other factors, a formal quantization method is adopted to transform the optimization problem of custom instructions into an integer linear programming ILP problem. Finally, the special processor designed is implemented in F. PGA platform. The RSA special instruction processor implemented in this paper adopts the design method of electronic system level (ESL) which is popular in the world at present. The optimized instructions in RSA algorithm are processed by the original 32-bit RISC using the special instruction set architecture language LISA (Language for Instruction Set Architecture). On the basis of the processor, the instruction set is extended to generate the optimized design model of the special instruction processor for RSA algorithm, and the generated processing model is verified on the FPGA.
【學(xué)位授予單位】：山東大學(xué)
【學(xué)位級別】：碩士
【學(xué)位授予年份】：2013
【分類號】：TP368.1;TP309

【參考文獻】

相關(guān)期刊論文 前1條

1 沈昌祥;張煥國;王懷民;王戟;趙波;嚴(yán)飛;余發(fā)江;張立強;徐明迪;;可信計算的研究與發(fā)展[J];中國科學(xué):信息科學(xué);2010年02期

，

本文編號：2202170