CN109284638A - A kind of means of defence and system of safety chip running environment - Google Patents
A kind of means of defence and system of safety chip running environment Download PDFInfo
- Publication number
- CN109284638A CN109284638A CN201811058445.XA CN201811058445A CN109284638A CN 109284638 A CN109284638 A CN 109284638A CN 201811058445 A CN201811058445 A CN 201811058445A CN 109284638 A CN109284638 A CN 109284638A
- Authority
- CN
- China
- Prior art keywords
- safety chip
- main controller
- fpga main
- fpga
- decryption
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
- G06F21/72—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in cryptographic circuits
Landscapes
- Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- Computer Hardware Design (AREA)
- Theoretical Computer Science (AREA)
- Mathematical Physics (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses the means of defences and system of a kind of safety chip running environment, which comprises the routine call that the data for needing encryption and decryption and encryption and decryption operate is transferred to FPGA main controller by system communication by primary processor;Routine call is decomposed into serial subprocess by FPGA main controller, to the operation of safety chip part is related to, generates corresponding command calls sequence and data grouping;FPGA main controller sends corresponding command calls to safety chip and operation result is fed back to FPGA main controller by relevant data, safety chip;FPGA main controller completes the corresponding subprocess of routine call, while collecting the operation result from safety chip, and final operation result is sent to primary processor.The present invention sends command calls to safety chip by FPGA main controller, and collects the operation result from safety chip, and final operation result is sent to primary processor, greatly improves the security protection ability for safety chip.
Description
Technical field
The present invention relates to the means of defence of safety chip technical field more particularly to a kind of safety chip running environment and it is
System.
Background technique
Safety chip, which refers to, realizes one or more cryptographic algorithms, is directly or indirectly protected using cryptographic technique close
The IC chip of key and sensitive information.As the bottom safety guarantee of intelligent terminal, the application of safety chip can be effective
Ground prevents hacker attack and cracks, and improves the safety of intelligent terminal, protects userspersonal information and applies data safety.Mesh
Before, safety chip is just increasingly being applied in intelligent terminal, provides reliable guarantee for financial payment, online identity certification.
Safety chip is exactly trusted console module, is the device that can independently carry out key generation, encryption and decryption, internal
Possess independent processor and storage unit, key and characteristic can be stored, provides encryption and Security Authentication Service for computer,
It is encrypted with safety chip, key is stored in hardware, and stolen data can not decrypt, to protect business privacy sum number
According to safety.
The usage scenario of traditional safety chip, as shown in Figure 1, safety chip is as the external from setting of system primary processor
It is standby, command calls are sent from primary processor to safety chip, safety chip obtains and explains related command, then executes corresponding
Operation result, is finally fed back to primary processor by encryption and decryption operation and safe handling.
This existing structure in Fig. 1 has the following problems:
For the relay attack of safety chip, due on primary processor operating system and application program may be by Malware
Invasion, the command calls that such safety chip is received may be illegal command transmitted by Malware, safety chip
After encryption and decryption operation result is returned to primary processor, Malware can be done using these results and further assume another's name to recognize
The illegal operations such as card, malice payment, relay attack (Relay Attack) mould of such case aiming at conventional security chip
Formula.
The hardware deficiency of primary processor itself leads to the security protection environmental degradation of safety chip.Since primary processor exists
Defect in initial design, such as Intel chip and ARM chip largely use in micro-architecture design to most seek high-performance
The design methods such as arithmetic unit is shared, Cache is shared, branch prediction, so that existing in CPU and entire processor system a large amount of
The side channel of information leakage exists, these information leakage side channels are referred to as " cancer " in modern advanced processor, easily by
To the attack of the Malware of " ghost " and " fusing " type.
The security breaches of the operating system and application program that run on primary processor lead to the security protection ring of safety chip
Border deteriorates.Operating system is huge due to its code size, although software maintenance staff has paid significant effort, operating system
Upgrading and the publication of patch become normality, but Malware can always take advantage of a weak point, and obtain system permission.System application journey
The weakness of sequence under fire the case where it is also similar with operating system.
Safety chip own hardware and software processing capability it is low, cause the security protection ability of safety chip that can not mention
It rises.It is poor in order to cope with the physical attacks such as grinding, laser and the intrusive attack of electromagnetic signal injection half for safety chip
Divide the attack of the non-intrusion types such as amperometry, is all added on the CPU core, encryption and decryption circuit, memory module and bus in safety chip
A large amount of protection designs, the system dominant frequency and processing capacity for leading to safety chip are only capable of operation letter all in low middling level
Single operating system and application program, the processing capacity and protective capacities of software are weaker.
That is, in the prior art there is the deficiency of security protection ability in safety chip running environment.
Therefore, the existing technology needs to be improved and developed.
Summary of the invention
The technical problem to be solved in the present invention is that the present invention provides a kind of safety chip fortune for prior art defect
The means of defence and system of row environment, it is intended to by increasing FPGA main controller between primary processor and safety chip, pass through
FPGA main controller sends command calls to safety chip, and collects the operation result from safety chip, by final operation knot
Fruit is sent to primary processor, greatly improves the security protection ability for safety chip.
The technical proposal for solving the technical problem of the invention is as follows:
A kind of means of defence of safety chip running environment, wherein the means of defence of the safety chip running environment includes:
The routine call that the data for needing encryption and decryption and encryption and decryption operate is transferred to FPGA master by system communication by primary processor
Control device;
Routine call is decomposed into serial subprocess by FPGA main controller, to the operation of safety chip part is related to, is generated corresponding
Command calls sequence and data grouping;
FPGA main controller sends corresponding command calls to safety chip and relevant data, safety chip feed back operation result
Give FPGA main controller;
FPGA main controller completes the corresponding subprocess of routine call, while collecting the operation result from safety chip, will be final
Operation result be sent to primary processor.
The means of defence of the safety chip running environment, wherein the primary processor will be needed by system communication
The routine call of data and the encryption and decryption operation of encryption and decryption is transferred to before FPGA main controller further include:
It is arranged one between the primary processor and the safety chip in advance for carrying out the FPGA main controller of data processing.
The means of defence of the safety chip running environment, wherein the primary processor will be needed by system communication
The routine call of data and the encryption and decryption operation of encryption and decryption is transferred to FPGA main controller and specifically includes:
The data for needing encryption and decryption are transferred to FPGA main controller by system communication by primary processor, and FPGA main controller receives related
Data are simultaneously cached;
Primary processor sends the routine call that encryption and decryption operates to FPGA main controller.
The means of defence of the safety chip running environment, wherein the FPGA main controller to safety chip send pair
Operation result is fed back to FPGA main controller and specifically included by the command calls and relevant data answered, safety chip:
FPGA main controller sends corresponding command calls to safety chip and relevant data, safety chip obtain and explain correlation
Order;
Safety chip executes corresponding encryption and decryption operation and safe handling, and operation result is fed back to FPGA main controller.
The means of defence of the safety chip running environment, wherein when the high safety grade for needing to call safety chip
Application program when, executed by FPGA main controller.
The means of defence of the safety chip running environment, wherein added the configuration code file of fpga chip
Privacy protection, while disabling the scan chain in fpga chip.
The means of defence of the safety chip running environment, wherein pass through between FPGA main controller and primary processor and be
System communication constitutes the distributed variable-frequencypump relationship of equity with routine call.
The means of defence of the safety chip running environment, wherein FPGA main controller is realized by the way of soft core
CPU core, and CPU core is designed using double-core helical structure, in double-core helical structure, two identical CPU of logic function
Core executes identical instruction, and the implementing result and CPU state that instruct are compared.
The means of defence of the safety chip running environment, wherein FPGA main controller is realized by the way of soft core
CPU core, and CPU core is designed using three core redundancy structures, in three core redundancy structures, three identical CPU of logic function
Core executes identical instruction, and the implementing result and CPU state that instruct are compared.
A kind of guard system of safety chip running environment, wherein the guard system packet of the safety chip running environment
It includes:
Primary processor, for being transferred to the routine call that the data for needing encryption and decryption and encryption and decryption operate by system communication
FPGA main controller;
FPGA main controller, to the operation of safety chip part is related to, generates pair for routine call to be decomposed into serial subprocess
The command calls sequence answered and data grouping send corresponding command calls and relevant data to safety chip, and will be safe
The operation result of chip feedback is sent to primary processor;
Safety chip executes corresponding encryption and decryption operation and safe handling, by operation result for obtaining and explaining related command
Feed back to FPGA main controller.
The invention discloses the means of defences and system of a kind of safety chip running environment, which comprises main process task
The routine call that the data for needing encryption and decryption and encryption and decryption operate is transferred to FPGA main controller by system communication by device;FPGA master
It controls device and routine call is decomposed into serial subprocess, to the operation of safety chip part is related to, generate corresponding command calls sequence
Column and data grouping;FPGA main controller sends corresponding command calls and relevant data to safety chip, and safety chip will be transported
It calculates result and feeds back to FPGA main controller;FPGA main controller completes the corresponding subprocess of routine call, while collecting from safe core
Final operation result is sent to primary processor by the operation result of piece.The present invention by primary processor and safety chip it
Between increase FPGA main controller, command calls are sent to safety chip by FPGA main controller, and collect the fortune from safety chip
It calculates as a result, final operation result is sent to primary processor, greatly improves the security protection ability for safety chip.
Detailed description of the invention
Fig. 1 is the schematic illustration of the usage scenario of traditional safety chip;
Fig. 2 is the flow chart of the preferred embodiment of the means of defence of safety chip running environment of the present invention;
Fig. 3 is the flow chart of step S10 in the preferred embodiment of the means of defence of safety chip running environment of the present invention;
Fig. 4 is the flow chart of step S30 in the preferred embodiment of the means of defence of safety chip running environment of the present invention;
Fig. 5 is the structure principle chart of the preferred embodiment of the guard system of safety chip running environment of the present invention.
Specific embodiment
To make the objectives, technical solutions, and advantages of the present invention clearer and more explicit, right as follows in conjunction with drawings and embodiments
The present invention is further described.It should be appreciated that the specific embodiments described herein are merely illustrative of the present invention, and do not have to
It is of the invention in limiting.
The means of defence of safety chip running environment described in present pre-ferred embodiments, as shown in Fig. 2, the safe core
The means of defence of piece running environment the following steps are included:
Step S10, primary processor is transmitted the routine call of the data for needing encryption and decryption and encryption and decryption operation by system communication
Give FPGA main controller.
Specifically, setting one is used to carry out data processing between the primary processor and the safety chip in advance
FPGA main controller.For FPGA main controller as an independent processor, it passes through system communication and program between primary processor
It calls, the distributed variable-frequencypump relationship of equity is constituted, without master-slave.Safety chip is as FPGA main controller from setting
It is standby, command calls are sent from FPGA main controller to safety chip, safety chip obtains and explains related command, then executes correspondence
Encryption and decryption operation and safe handling, operation result is finally fed back to FPGA main controller, in the present invention, FPGA main controller+peace
Full chip constitutes an enhanced secure operating environment.
Detailed process is referring to Fig. 3, it is the flow chart of step S10 in network switching control method provided by the invention.
As shown in figure 3, the step S10 includes:
The data for needing encryption and decryption are transferred to FPGA main controller by system communication by S11, primary processor, and FPGA main controller receives
Related data is simultaneously cached;
S12, primary processor send the routine call that encryption and decryption operates to FPGA main controller.
Step S20, routine call is decomposed into serial subprocess by FPGA main controller, to being related to the behaviour of safety chip part
Make, generates corresponding command calls sequence and data grouping.
Specifically, FPGA main controller is parsed to the routine call for carrying out host processor and is decomposed into serial subprocess,
For being related to the operation of safety chip part, FPGA main controller generates corresponding command calls sequence and data grouping.
Step S30, FPGA main controller sends corresponding command calls and relevant data to safety chip, and safety chip will
Operation result feeds back to FPGA main controller.
Detailed process is referring to Fig. 4, it is the flow chart of step S30 in network switching control method provided by the invention.
As shown in figure 4, the step S30 includes:
S31, FPGA main controller send corresponding command calls to safety chip and relevant data, safety chip are obtained and explained
Related command;
S32, safety chip execute corresponding encryption and decryption operation and safe handling, and operation result is fed back to FPGA main controller.
Step S40, FPGA main controller completes the corresponding subprocess of routine call, while collecting the operation from safety chip
As a result, final operation result is sent to primary processor.
Further, it when needing to call the application program of high safety grade of safety chip, is executed by FPGA main controller,
Evade influence caused by security breaches on primary processor.For example, since the modern times advanced cpu chip of Intel and ARM is in micro- frame
The defects of structure design, information leakage side channel is that these chips are not eliminable " cancer ", and due to these CPU primary processors
Large-scale application, by these chips in a short time completely replacement be impossible.Security protection is of less demanding
It is executed on original primary processor using remaining in, and high safety application is transferred on FPGA main controller and is executed, it can be with
Effectively there are the negative influences in the security protection caused by security breaches on alleviation primary processor.
Further, FPGA main controller can use the stronger new design of function of safety protection, eliminate information leakage side letter
Security threat caused by road, FPGA main controller can neatly realize CPU core by the way of soft core, and set in micro-architecture
Information leakage side channel is effectively eliminated using stringenter time and space isolation in meter, enhances the peace of FPGA main controller
Full protection ability.
Wherein, FPGA main controller can be designed using CPU core double-core helical structure, enhance the detection to unknown malware
And protective capacities.FPGA main controller can neatly realize CPU core by the way of soft core, and can adopt in CPU core design
It is designed with double-core helical structure, in double-core helical structure, the identical CPU core of two logic functions executes identical finger
It enables, and the implementing result and CPU state that instruct will do it and compare.This executive mode not only realizes the function of duplication redundancy,
And it can be used to detect the attack of unknown Malware.Attack of the Malware to CPU program only can modify one of them
Instruction stream/data flow/system mode of CPU, while instruction stream/data flow/system mode of two CPU is modified, and modify knot
Fruit is identical to be difficult to realize.Therefore CPU core is designed using double-core helical structure, can effectively be enhanced to unknown malware
Detection and protective capacities.Such structure can be conveniently realized in the form of soft core on FPGA main controller, and at main place
Such modification can not be carried out on reason device.
Wherein, FPGA main controller can be designed using three core redundancy structure of CPU core, enhance the detection to unknown malware
And protective capacities.FPGA main controller can neatly realize CPU core by the way of soft core, and can adopt in CPU core design
It is designed with three core redundancy structures, in three core redundancy structures, the identical CPU core of three logic functions executes identical finger
It enables, and the implementing result and CPU state that instruct will do it and compare.This executive mode not only realizes the function of triplication redundancy,
And it can be used to detect the attack of unknown Malware.Attack of the Malware to CPU program only can modify one of them
Instruction stream/data flow/system mode of CPU, while instruction stream/data flow/system mode of three CPU is modified, and modify knot
Fruit is identical to be difficult to realize.Therefore CPU core is designed using three core redundancy structures, can effectively be enhanced to unknown malware
Detection and protective capacities.Such structure can be conveniently realized in the form of soft core on FPGA main controller, and at main place
Such modification can not be carried out on reason device.
Further, FPGA main controller can (micro-kernel be to provide operation using the higher micro-kernel of security protection ability
The compact version of the kernel of system core function, it is designed to increase transplantability in the memory headroom of very little, provides modularization
Design, so that the different interface of user installation), promote the security protection ability of software systems.Due to main on FPGA main controller
The application program of high safety grade is executed, program quantity and scale are relatively small, and it is also less to the constraint of operating system, in this way
It can be using security level be higher, the smaller safe micro-kernel of code size, to further promote software on FPGA main controller
The security protection ability of system.
CPU core and other function module in FPGA main controller can be directed to the needs of security protection and combine currently most
The design of CPU core and other function module is neatly modified in main hardware and software Attack Scenarios and threat, adjusts CPU core
Instruction set, to enhance the security protection ability of whole system.
In addition, due to safety concerns, the configuration code file needs of fpga chip encrypt, while disabling FPGA
(scan chain is a kind of realization technology of Testability Design to scan chain in chip, it is by implantation shift register, so that surveying
Examination personnel can be externally controlled and observe the signal value of circuit internal trigger) it is the base that FPGA main controller chip secure is run
This requirement.
FPGA is a kind of way of realization of circuit function, is adjusted in the circuit function of FPGA main controller by practical application
After sizing, whole circuit functions in FPGA main controller can be converted to asic chip realization, to further promote chip
Performance reduces power consumption and saves cost.
As shown in figure 5, the means of defence based on above-mentioned safety chip running environment, the present invention further correspondingly provide a kind of peace
The guard system of full chip running environment, the guard system of the safety chip running environment include:
Primary processor 101, for being transmitted the routine call of the data for needing encryption and decryption and encryption and decryption operation by system communication
To FPGA main controller 102;FPGA main controller 102, for routine call to be decomposed into serial subprocess, to being related to safety chip
The operation of 103 parts generates corresponding command calls sequence and data grouping, sends corresponding order to safety chip 103 and adjusts
With with relevant data, and the operation result that safety chip 103 is fed back is sent to primary processor 101;Safety chip 103 is used
In obtaining and explaining related command, corresponding encryption and decryption operation and safe handling are executed, operation result is fed back into FPGA master control
Device 102.
FPGA main controller+safety chip framework proposed by the present invention constitutes an enhanced secure operating environment, pole
The earth improves the security protection ability for safety chip, can efficiently solve the relay attack that traditional scheme is faced and ask
It inscribes and primary processor is since malware attacks lead to the problem of running environment of safety chip is by security threat.
In conclusion the present invention provides the means of defence and system of a kind of safety chip running environment, which comprises
The routine call that the data for needing encryption and decryption and encryption and decryption operate is transferred to FPGA main controller by system communication by primary processor;
Routine call is decomposed into serial subprocess by FPGA main controller, to the operation of safety chip part is related to, generates corresponding order
Calling sequence and data grouping;FPGA main controller sends corresponding command calls and relevant data, safe core to safety chip
Operation result is fed back to FPGA main controller by piece;FPGA main controller completes the corresponding subprocess of routine call, while collecting and coming from
Final operation result is sent to primary processor by the operation result of safety chip.The present invention passes through in primary processor and safety
Increase FPGA main controller between chip, command calls is sent to safety chip by FPGA main controller, and collect from safe core
Final operation result is sent to primary processor by the operation result of piece, and the safety greatly improved for safety chip is prevented
Shield ability.
Certainly, those of ordinary skill in the art will appreciate that realizing all or part of the process in above-described embodiment method,
It is that related hardware (such as processor, controller etc.) can be instructed to be automatically performed by computer program, the program can
It is stored in a computer-readable storage medium, described program may include the stream such as above-mentioned each method embodiment when being executed
Journey.Wherein the storage medium can be memory, magnetic disk, CD etc..
It should be understood that the application of the present invention is not limited to the above for those of ordinary skills can
With improvement or transformation based on the above description, all these modifications and variations all should belong to the guarantor of appended claims of the present invention
Protect range.
Claims (10)
1. a kind of means of defence of safety chip running environment, which is characterized in that the protection side of the safety chip running environment
Method includes:
The routine call that the data for needing encryption and decryption and encryption and decryption operate is transferred to FPGA master by system communication by primary processor
Control device;
Routine call is decomposed into serial subprocess by FPGA main controller, to the operation of safety chip part is related to, is generated corresponding
Command calls sequence and data grouping;
FPGA main controller sends corresponding command calls to safety chip and relevant data, safety chip feed back operation result
Give FPGA main controller;
FPGA main controller completes the corresponding subprocess of routine call, while collecting the operation result from safety chip, will be final
Operation result be sent to primary processor.
2. the means of defence of safety chip running environment according to claim 1, which is characterized in that the primary processor is logical
It crosses system communication the routine call that the data for needing encryption and decryption and encryption and decryption operate is transferred to before FPGA main controller further include:
It is arranged one between the primary processor and the safety chip in advance for carrying out the FPGA main controller of data processing.
3. the means of defence of safety chip running environment according to claim 1 or 2, which is characterized in that the main process task
The routine call that the data for needing encryption and decryption and encryption and decryption operate is transferred to FPGA master control implement body packet by system communication by device
It includes:
The data for needing encryption and decryption are transferred to FPGA main controller by system communication by primary processor, and FPGA main controller receives related
Data are simultaneously cached;
Primary processor sends the routine call that encryption and decryption operates to FPGA main controller.
4. the means of defence of safety chip running environment according to claim 1 or 2, which is characterized in that the FPGA master
Control device sends corresponding command calls to safety chip and operation result is fed back to FPGA master control by relevant data, safety chip
Implement body includes:
FPGA main controller sends corresponding command calls to safety chip and relevant data, safety chip obtain and explain correlation
Order;
Safety chip executes corresponding encryption and decryption operation and safe handling, and operation result is fed back to FPGA main controller.
5. the means of defence of safety chip running environment according to claim 1, which is characterized in that safe when needing to call
When the application program of the high safety grade of chip, executed by FPGA main controller.
6. the means of defence of safety chip running environment according to claim 1, which is characterized in that by matching for fpga chip
It sets code file to encrypt, while disabling the scan chain in fpga chip.
7. the means of defence of safety chip running environment according to claim 1, which is characterized in that FPGA main controller and master
The distributed variable-frequencypump relationship of equity is made up of between processor system communication and routine call.
8. the means of defence of safety chip running environment according to claim 7, which is characterized in that FPGA main controller uses
The mode of soft core realizes CPU core, and CPU core designed using double-core helical structure, in double-core helical structure, two logic function
The identical CPU core of energy executes identical instruction, and the implementing result and CPU state that instruct are compared.
9. the means of defence of safety chip running environment according to claim 7, which is characterized in that FPGA main controller uses
The mode of soft core realizes CPU core, and CPU core designed using three core redundancy structures, in three core redundancy structures, three logic function
The identical CPU core of energy executes identical instruction, and the implementing result and CPU state that instruct are compared.
10. a kind of guard system of safety chip running environment, which is characterized in that the protection system of the safety chip running environment
System includes:
Primary processor, for being transferred to the routine call that the data for needing encryption and decryption and encryption and decryption operate by system communication
FPGA main controller;
FPGA main controller, to the operation of safety chip part is related to, generates pair for routine call to be decomposed into serial subprocess
The command calls sequence answered and data grouping send corresponding command calls and relevant data to safety chip, and will be safe
The operation result of chip feedback is sent to primary processor;
Safety chip executes corresponding encryption and decryption operation and safe handling, by operation result for obtaining and explaining related command
Feed back to FPGA main controller.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811058445.XA CN109284638B (en) | 2018-09-11 | 2018-09-11 | Protection method and system for operating environment of security chip |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811058445.XA CN109284638B (en) | 2018-09-11 | 2018-09-11 | Protection method and system for operating environment of security chip |
Publications (2)
Publication Number | Publication Date |
---|---|
CN109284638A true CN109284638A (en) | 2019-01-29 |
CN109284638B CN109284638B (en) | 2020-08-04 |
Family
ID=65181224
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201811058445.XA Active CN109284638B (en) | 2018-09-11 | 2018-09-11 | Protection method and system for operating environment of security chip |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN109284638B (en) |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1342007A (en) * | 2000-09-05 | 2002-03-27 | 深圳市中兴集成电路设计有限责任公司 | New scrambler |
CN101854243A (en) * | 2010-04-30 | 2010-10-06 | 株洲南车时代电气股份有限公司 | Circuit system design encryption circuit and encryption method thereof |
CN201665226U (en) * | 2009-11-02 | 2010-12-08 | 北京全路通信信号研究设计院 | Train control center main processing equipment |
CN102799819A (en) * | 2012-07-04 | 2012-11-28 | 北京京航计算通讯研究所 | Embedded software safety protection system |
CN103544417A (en) * | 2012-06-20 | 2014-01-29 | 微软公司 | Managing use of a field programmable gate array with reprogrammable cryptographic operations |
CN104298936A (en) * | 2014-10-31 | 2015-01-21 | 成都朗锐芯科技发展有限公司 | FPGA encryption and parameter configuration system based on CPLD chip |
-
2018
- 2018-09-11 CN CN201811058445.XA patent/CN109284638B/en active Active
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1342007A (en) * | 2000-09-05 | 2002-03-27 | 深圳市中兴集成电路设计有限责任公司 | New scrambler |
CN201665226U (en) * | 2009-11-02 | 2010-12-08 | 北京全路通信信号研究设计院 | Train control center main processing equipment |
CN101854243A (en) * | 2010-04-30 | 2010-10-06 | 株洲南车时代电气股份有限公司 | Circuit system design encryption circuit and encryption method thereof |
CN103544417A (en) * | 2012-06-20 | 2014-01-29 | 微软公司 | Managing use of a field programmable gate array with reprogrammable cryptographic operations |
CN102799819A (en) * | 2012-07-04 | 2012-11-28 | 北京京航计算通讯研究所 | Embedded software safety protection system |
CN104298936A (en) * | 2014-10-31 | 2015-01-21 | 成都朗锐芯科技发展有限公司 | FPGA encryption and parameter configuration system based on CPLD chip |
Also Published As
Publication number | Publication date |
---|---|
CN109284638B (en) | 2020-08-04 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Yuce et al. | Fault attacks on secure embedded software: Threats, design, and evaluation | |
US20230128711A1 (en) | Technologies for trusted i/o with a channel identifier filter and processor-based cryptographic engine | |
Zhang et al. | VeriTrust: Verification for hardware trust | |
Krieg et al. | Malicious LUT: A stealthy FPGA Trojan injected and triggered by the design flow | |
CN109255259B (en) | High-security encryption and decryption computing capability expansion method and system | |
Benhani et al. | The security of ARM TrustZone in a FPGA-based SoC | |
CN110210190A (en) | A kind of Code obfuscation method based on secondary compilation | |
La et al. | Denial-of-service on FPGA-based cloud infrastructures—attack and defense | |
Meng et al. | Security-first architecture: deploying physically isolated active security processors for safeguarding the future of computing | |
Palumbo et al. | A lightweight security checking module to protect microprocessors against hardware trojan horses | |
Kumar et al. | A comprehensive survey on hardware-assisted malware analysis and primitive techniques | |
Hunt et al. | Isolation and beyond: Challenges for system security | |
CN109190407B (en) | High-performance encryption and decryption operation capability expansion method and system | |
Ye et al. | HISA: Hardware isolation-based secure architecture for CPU-FPGA embedded systems | |
Rahimi et al. | Trends and challenges in ensuring security for low-power and high-performance embedded SoCs | |
Qui et al. | Voltjockey: Abusing the processor voltage to break arm trustzone | |
Mohd et al. | Run-time monitoring and validation using reverse function (RMVRF) for hardware trojans detection | |
Ahmed et al. | Multi-tenant cloud FPGA: A survey on security | |
Shila et al. | FIDES: Enhancing trust in reconfigurable based hardware systems | |
Rosero-Montalvo et al. | A survey of trusted computing solutions using FPGAS | |
CN109284638A (en) | A kind of means of defence and system of safety chip running environment | |
Shila et al. | Unraveling the security puzzle: A distributed framework to build trust in FPGAs | |
Farag et al. | Smart employment of circuit redundancy to effectively counter trojans (SECRET) in third-party IP cores | |
Cheng et al. | An attack-immune trusted architecture for supervisory aircraft hardware | |
Islam et al. | SafeController: efficient and transparent control-flow integrity for RTL design |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |