【摘要】：隨著物聯(lián)網(wǎng)概念提出和其相關(guān)技術(shù)的應(yīng)用以及近年來(lái)可信計(jì)算技術(shù)的發(fā)展和進(jìn)步,可信計(jì)算將是未來(lái)物聯(lián)網(wǎng)以及信息平臺(tái)得以進(jìn)行安全通信和信息交換的基礎(chǔ)。國(guó)際可信計(jì)算組織TCG (Trusted Computing Group)針對(duì)目前的可信計(jì)算平臺(tái)可能遇到的威脅與攻擊提出了一套完整的可信計(jì)算平臺(tái)的解決方案和規(guī)范化定義。TCG認(rèn)為可信計(jì)算平臺(tái)的基礎(chǔ)是可信根,關(guān)鍵是以可信根為基礎(chǔ),通過(guò)逐級(jí)的認(rèn)證和度量,形成一個(gè)安全可靠的可信鏈。TCG定義的可信根,通常被實(shí)現(xiàn)為一個(gè)可信平臺(tái)模塊TPM(Trusted Platform Module). TPM對(duì)嵌入式可信計(jì)算平臺(tái)的可信提供核心支撐,而TPM的核心通常是能對(duì)加密算法的進(jìn)行高效實(shí)現(xiàn)的加密引擎。通常,可信計(jì)算平臺(tái)的TPM必須能夠高效實(shí)現(xiàn)用軟件實(shí)現(xiàn)效率較差的加密算法,以滿足可信計(jì)算平臺(tái)對(duì)TPM可信支撐的性能要求。TPM中最關(guān)鍵的加密算法是非對(duì)稱公鑰加密算法,通常是RSA公鑰加密算法,其運(yùn)算復(fù)雜度特別高,通常需要通過(guò)專門的硬件電路如ASIC實(shí)現(xiàn)協(xié)處理器以適應(yīng)可信平臺(tái)的性能要求,而傳統(tǒng)的嵌入式設(shè)備通常無(wú)法滿足未來(lái)物聯(lián)網(wǎng)對(duì)嵌入式可信計(jì)算平臺(tái)的性能要求。另一方面,嵌入式可信計(jì)算平臺(tái)通常對(duì)成本、價(jià)格、系統(tǒng)的資源消耗、芯片面積等因素非常敏感,因此在嵌入式可信計(jì)算平臺(tái)設(shè)計(jì)的TPM模塊無(wú)法像傳統(tǒng)的計(jì)算平臺(tái)中通過(guò)增加硬件資源用專門硬件電路實(shí)現(xiàn)的協(xié)處理來(lái)實(shí)現(xiàn)。針對(duì)這個(gè)問(wèn)題,本文采用了一種基于軟硬件協(xié)同設(shè)計(jì)技術(shù)的專用指令處理器的的設(shè)計(jì)和實(shí)現(xiàn)方法,來(lái)加速RSA算法的運(yùn)行效率。所謂專用指令處理,是在原有處理器的指令集的基礎(chǔ),針對(duì)具體的應(yīng)用,設(shè)計(jì)和選取一些適合于該應(yīng)用的核心指令,將這些自定義的專用指令納入到原有的處理器的指令集中,從而通過(guò)較小的硬件資源的消耗,實(shí)現(xiàn)對(duì)特殊應(yīng)用的執(zhí)行效率的大幅提升,同時(shí)還能保證軟件層面的靈活性和可擴(kuò)展性。本文采用的這種針對(duì)具體應(yīng)用的專用指令處理器的設(shè)計(jì)方法,對(duì)于基于其他具體應(yīng)用的專用指令處理器的設(shè)計(jì)具有普遍的指導(dǎo)意義。 嵌入式可信計(jì)算平臺(tái)的可信支撐的核心模塊的TPM實(shí)現(xiàn)的關(guān)鍵是對(duì)RSA加密算法的高效實(shí)現(xiàn),而傳統(tǒng)的嵌入式系統(tǒng)的計(jì)算性能通常無(wú)法滿足嵌入式的可信計(jì)算平臺(tái)對(duì)性能的要求,所以,針對(duì)嵌入式可信計(jì)算平臺(tái)中可信模塊TPM中的RSA加密算法,本文通對(duì)RSA加密算法細(xì)節(jié)進(jìn)行分析和實(shí)現(xiàn),結(jié)合MM-Level專用指令選取算法選取可擴(kuò)展優(yōu)化自定義指令來(lái)擴(kuò)展原有處理器的指令集的基礎(chǔ)上,設(shè)計(jì)一款專用指令處理器RSA_ASIP。而專用指令的處理器的設(shè)計(jì)的核心,是專用指令的選取和設(shè)計(jì)。本文在研究大量的專用指令處理器中專用的指令的自動(dòng)化選取方法之后,針對(duì)嵌入式可信計(jì)算平臺(tái)中RSA專用指令的篩選和設(shè)計(jì),總結(jié)了一套專用指令選取和設(shè)計(jì)方法。本文在全面分析RSA加密算法的基礎(chǔ)上,針對(duì)RSA加密算法的核心部分,采用一種MM-Level指令選擇算法,然后,針對(duì)嵌入式可信計(jì)算平臺(tái)對(duì)系統(tǒng)的資源、面積、速度等因素的限制,采用了一種形式化量化的方法,將自定義指令的優(yōu)選問(wèn)題轉(zhuǎn)化為一種整數(shù)線性規(guī)劃ILP問(wèn)題,最終將設(shè)計(jì)的專用處理器實(shí)現(xiàn)于FPGA平臺(tái)。本文實(shí)現(xiàn)的RSA專用指令處理器采用了目前國(guó)際上比較流行的電子系統(tǒng)級(jí)ESL (Electronic System Level)的設(shè)計(jì)方法,使用專用的指令集架構(gòu)語(yǔ)言LISA(Language for Instruction Set Architecture)語(yǔ)言對(duì)RSA算法中可優(yōu)化的指令在原有的32位RISC處理器的基礎(chǔ)上進(jìn)行指令集的擴(kuò)展,生成針對(duì)RSA算法的優(yōu)化的專用指令處理器的設(shè)計(jì)模型,最終將生成的處理模型在FPGA上進(jìn)行驗(yàn)證。
[Abstract]:With the introduction of the concept of Internet of Things and the application of its related technologies as well as the development and progress of trusted computing technology in recent years, trusted computing will be the basis for secure communication and information exchange between the Internet of Things and information platforms in the future. Threats and attacks present a complete set of solutions and standardized definitions for trusted computing platforms. TCG considers that trusted computing platforms are based on trusted roots, and the key is to form a secure and reliable trusted chain through step-by-step authentication and measurement. Trusted Platform Module (TPM). TPM provides the core support for the trustworthiness of embedded trusted computing platforms. The core of TPM is usually an encryption engine that can efficiently implement encryption algorithms. The key encryption algorithm in TPM is asymmetric public-key encryption algorithm, usually RSA public-key encryption algorithm. Its computational complexity is very high. It usually needs special hardware circuit such as ASIC to implement coprocessor to meet the performance requirements of trusted platform, while traditional embedded devices communicate with each other. On the other hand, embedded trusted computing platforms are usually sensitive to cost, price, system resource consumption, chip area and other factors, so TPM modules designed in embedded trusted computing platforms can not be as hard as traditional computing platforms by adding hardware. To solve this problem, this paper presents a design and implementation method of special instruction processor based on hardware and software co-design technology to speed up the running efficiency of RSA algorithm. The application, design and select some core instructions suitable for the application, and incorporate these customized special instructions into the instruction set of the original processor, so that the execution efficiency of the special application can be greatly improved by reducing the consumption of hardware resources. At the same time, the flexibility and scalability of the software level can be guaranteed. The design method of the special instruction processor for specific application adopted in this paper is of universal guiding significance for the design of special instruction processor based on other specific applications.
The key to the TPM implementation of the trusted core module of the embedded trusted computing platform is the efficient implementation of RSA encryption algorithm. However, the performance of the traditional embedded system usually can not meet the performance requirements of the embedded trusted computing platform. Therefore, RSA encryption in the trusted module TPM of the embedded trusted computing platform is proposed. This paper analyzes and implements the details of RSA encryption algorithm, and designs a special instruction processor RSA_ASIP based on the MM-Level special instruction selection algorithm to extend the instruction set of the original processor. The core of the design of special instruction processor is the selection of special instruction. In this paper, after researching the automatic selection method of special instructions in a large number of special instructions processors, a set of special instructions selection and design methods are summarized for the selection and design of RSA special instructions in embedded trusted computing platform. On the basis of comprehensive analysis of RSA encryption algorithm, this paper aims at the core of RSA encryption algorithm. In the center part, a MM-Level instruction selection algorithm is adopted. Then, aiming at the limitation of embedded trusted computing platform on system resources, area, speed and other factors, a formal quantization method is adopted to transform the optimization problem of custom instructions into an integer linear programming ILP problem. Finally, the special processor designed is implemented in F. PGA platform. The RSA special instruction processor implemented in this paper adopts the design method of electronic system level (ESL) which is popular in the world at present. The optimized instructions in RSA algorithm are processed by the original 32-bit RISC using the special instruction set architecture language LISA (Language for Instruction Set Architecture). On the basis of the processor, the instruction set is extended to generate the optimized design model of the special instruction processor for RSA algorithm, and the generated processing model is verified on the FPGA.
【學(xué)位授予單位】：山東大學(xué)
【學(xué)位級(jí)別】：碩士
【學(xué)位授予年份】：2013
【分類號(hào)】：TP368.1;TP309

【參考文獻(xiàn)】

相關(guān)期刊論文 前1條

1 沈昌祥;張煥國(guó);王懷民;王戟;趙波;嚴(yán)飛;余發(fā)江;張立強(qiáng);徐明迪;;可信計(jì)算的研究與發(fā)展[J];中國(guó)科學(xué):信息科學(xué);2010年02期

，

本文編號(hào)：2202170