CN101996155A - Processor supporting a plurality of command systems - Google Patents
Processor supporting a plurality of command systems Download PDFInfo
- Publication number
- CN101996155A CN101996155A CN200910161369XA CN200910161369A CN101996155A CN 101996155 A CN101996155 A CN 101996155A CN 200910161369X A CN200910161369X A CN 200910161369XA CN 200910161369 A CN200910161369 A CN 200910161369A CN 101996155 A CN101996155 A CN 101996155A
- Authority
- CN
- China
- Prior art keywords
- instruction
- processor
- information
- protocol
- security
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 230000006870 function Effects 0.000 claims description 85
- 238000004891 communication Methods 0.000 claims description 73
- 238000000034 method Methods 0.000 claims description 73
- 238000003860 storage Methods 0.000 claims description 36
- 238000013475 authorization Methods 0.000 claims description 35
- 230000008569 process Effects 0.000 claims description 34
- 230000005540 biological transmission Effects 0.000 claims description 32
- 238000013461 design Methods 0.000 claims description 30
- 230000008859 change Effects 0.000 claims description 29
- 238000002347 injection Methods 0.000 claims description 25
- 239000007924 injection Substances 0.000 claims description 25
- 238000012360 testing method Methods 0.000 claims description 21
- 238000012545 processing Methods 0.000 claims description 19
- 101000911390 Homo sapiens Coagulation factor VIII Proteins 0.000 claims description 18
- 102000057593 human F8 Human genes 0.000 claims description 18
- 229940047431 recombinate Drugs 0.000 claims description 18
- 238000012546 transfer Methods 0.000 claims description 18
- 238000004364 calculation method Methods 0.000 claims description 7
- 230000002452 interceptive effect Effects 0.000 claims description 4
- NISOCYUAQBTSBZ-UHFFFAOYSA-N n-methyl-n-(2-phenylethyl)prop-2-yn-1-amine Chemical compound C#CCN(C)CCC1=CC=CC=C1 NISOCYUAQBTSBZ-UHFFFAOYSA-N 0.000 claims description 4
- 230000008676 import Effects 0.000 claims description 3
- 238000003892 spreading Methods 0.000 claims description 3
- 230000007480 spreading Effects 0.000 claims description 3
- 230000003068 static effect Effects 0.000 description 19
- 230000008521 reorganization Effects 0.000 description 14
- 238000012544 monitoring process Methods 0.000 description 8
- 238000012795 verification Methods 0.000 description 5
- 238000004519 manufacturing process Methods 0.000 description 4
- 238000005516 engineering process Methods 0.000 description 3
- 230000005055 memory storage Effects 0.000 description 3
- 239000000203 mixture Substances 0.000 description 3
- 101100217298 Mus musculus Aspm gene Proteins 0.000 description 2
- 230000008901 benefit Effects 0.000 description 2
- 230000003139 buffering effect Effects 0.000 description 2
- 230000001149 cognitive effect Effects 0.000 description 2
- 238000010586 diagram Methods 0.000 description 2
- 230000000977 initiatory effect Effects 0.000 description 2
- 230000004044 response Effects 0.000 description 2
- 230000001360 synchronised effect Effects 0.000 description 2
- 101000823108 Equus caballus Alpha-1-antiproteinase 3 Proteins 0.000 description 1
- 101000823103 Equus caballus Alpha-1-antiproteinase 4 Proteins 0.000 description 1
- 230000005856 abnormality Effects 0.000 description 1
- 101150055569 arc4 gene Proteins 0.000 description 1
- 238000006243 chemical reaction Methods 0.000 description 1
- 238000005056 compaction Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000009977 dual effect Effects 0.000 description 1
- 238000000605 extraction Methods 0.000 description 1
- 239000012467 final product Substances 0.000 description 1
- 239000004615 ingredient Substances 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 230000007774 longterm Effects 0.000 description 1
- 239000003550 marker Substances 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000006855 networking Effects 0.000 description 1
- 238000012856 packing Methods 0.000 description 1
- 230000002093 peripheral effect Effects 0.000 description 1
- 230000001256 tonic effect Effects 0.000 description 1
Images
Landscapes
- Storage Device Security (AREA)
Abstract
The invention relates to a processor which is characterized in that at least part of the processor can be restructured. The processor comprises a first command system decoder and a second command system decoder, wherein the first command system decoder is used for decoding commands of a first command system which comprises a plurality of commands related to a safety protocol; and the second command system decoder is used for decoding commands of a second command system which comprises a plurality of commands related to a configuration file. The processor also comprises a third command system decoder used for decoding commands of a third command system which is different from the first command system and the second command system.
Description
Technical field
The present invention relates to processor, concrete, relate to the processor of supporting multiple instruction system, more specifically, relate to the processor of supported protocol instruction system, configuration-direct system and conventional instruction system.
Background technology
Along with fast development of information technology, in field of processors, the design of can recombinating has obtained original many more concerns.
Typically, the logic of can recombinating is made up of three parts: reorganization element, controllable node and the connection network between them.The reorganization element is used to realize the basic operation composition of various algorithms, is that the logic of can recombinating is used to make up the fundamental element of various algorithms.Connection network between the reorganization element is used to various algorithms to set up required data transmission path.Obviously, reorganization element and connection network thereof must could be realized different algorithms under the control of controllable node.
Utilization can be recombinated and be designed the processor design that can provide flexible and efficient.
On the other hand, for the safety of information, it is common means that information is carried out encrypted transmission.Traditional data ciphering method has two kinds, and a kind of is software enciphering method, promptly realizes encryption/decryption algorithm with software, finishes the data encryption/decryption operation on multi-purpose computer; Another is the hardware encipher method, promptly realizes certain encryption/decryption algorithm with hardware fully, produces the asic chip at certain encryption/decryption algorithm, and the encrypt/decrypt of data is realized on the encryption chip of special use.Software enciphering method is comparatively flexible, but speed is slower; And the enciphering/deciphering speed of special encryption chip is very fast, but since its at special algorithm, very flexible.
In addition, from a security perspective, above-mentioned two kinds of encryption methods all have great potential safety hazard.For software enciphering method, the assailant can not know anyone with various trace tools secret modification algorithm.To the special purpose system chip, in case after chip production was come out, the cryptographic algorithm of its realization was unmodifiable, yet any algorithm all might be broken the therefore long-term safety of using a kind of special purpose system chip to be difficult to guarantee information.And can not adapt to other cryptographic algorithm at the special purpose system chip of certain special algorithm.In addition, the algorithm that the special purpose system chip is realized is known in design phase and production phase, the hidden danger that exists algorithm to divulge a secret.
Therefore, make crypto chip can realize multiple different cryptographic algorithm flexibly, apace, then the architecture of crypto chip must have dirigibility to a certain degree, and for example can recombinate (being also referred to as restructural), thus can realize different cryptographic algorithms.And those skilled in the relevant art will understand, and claim that a system or circuit etc. are can recombinate or reconfigurablely be meant that parts in this system or the circuit etc. or element can reconfigure and realize similar and different function.
Crypto chip can change algorithm at any time easily or destroy algorithm owing to can recombinate, and prevents algorithm leakage or cryptographic attack effectively; The crypto chip of can recombinating also can be selected the various configurations file of each algorithm, prevents that effectively algorithmic code is broken.
On the other hand, in the prior art, usually be to realize by software systems by general processor (for example CPU) to the support of security protocol.Thereby when utilizing security protocol to carry out security protocol communication continually or in large quantities (for example, in router applications), utilizing software systems to carry out security protocol communication is not convenient ground, may take but inefficiency of a large amount of system resource.
At the problems referred to above, the present inventor has proposed the processor of a kind of multiple instruction system, one or more during it can overcome or address the above problem.
Summary of the invention
A kind of " white nude film " design that does not contain any algorithm of processor adopting of the present invention does not relate to cryptographic algorithm, only comprises and supports recombinating and configuration of IP of cryptographic algorithm realization, makes chip can not reveal the information of any cryptographic algorithm in design and production run.
According to one aspect of the invention, the invention provides a kind of processor, it is characterized in that: this processor is supported first instruction system, this first instruction system comprises a plurality of instructions relevant with security protocol.It can also support second instruction system relevant with configuration file, and other instruction systems.
According to one aspect of the invention, the invention provides a kind of processor, it is characterized in that this processor is supported first instruction system, this first instruction system comprises a plurality of instructions relevant with security protocol, this processor comprises:
System administration manager is used for system is managed, and it can the executive system initialization, original injection and error-logic control;
The kernel computing module is used to realize each basic function of protocol instructions system;
The agreement code translator can be controlled the kernel computing module and realize agreement;
Interface module is used for processor and is connected with interface between the external unit and controls; And
Memory module is used for required various data, program, the configuration file of storage of processor operation.
Description of drawings
Introduce exemplary embodiment below in conjunction with accompanying drawing and introduce various scheme of the present invention, characteristics, advantage and application, wherein:
Fig. 1 shows the exemplary safety equipment that comprise according to the processor of one embodiment of the present invention;
Fig. 2 shows an example architecture of treatment in accordance with the present invention device;
Fig. 3 shows the system assumption diagram of processor according to another embodiment of the invention;
Fig. 4 shows another example architecture of treatment in accordance with the present invention device.
Embodiment
It will be understood by those skilled in the art that following specifying only is exemplary, is in order to be illustrated more clearly in general conception of the present invention, thought, structure, and is not to be restriction to claim.
Processor of the present invention is a kind of safe processor, and it may be embodied as security coprocessor (safety chip), or the combination of security coprocessor and MCU (MCPU), or has the general processor of safe handling kernel.
Processor of the present invention can the supported protocol instruction system, and described protocol instructions system comprises a plurality of instructions relevant with security protocol, thereby realizes every function of security protocol, for example authentication, encryption and decryption or the like.Processor of the present invention can also be supported the instruction of other instruction systems except that the supported protocol instruction system.
Processor of the present invention can adopt overlength macro body architecture (MISC), and the instruction of this overlength macro instruction system can be elongated or fixed length.Although preferably adopt macroinstruction system and architecture in the present invention, other order set and architecture (for example complicated order system and framework thereof etc.) also are feasible.
The processor support of the present invention design of can recombinating is particularly for the cryptographic algorithm module.Because multiple cryptographic algorithm often has a lot of same or analogous basic operation compositions, the pairing hardware resource of these basic operation compositions just can be shared by multiple different cryptographic algorithm institute, therefore utilize the design philosophy of the logic of can recombinating, can construct reconstitutable cryptologic circuit with less circuit scale and realize multiple algorithm, thereby implementation algorithm can be recombinated.Can be by the reusable parts of different cryptographic algorithms (being called reusable component) inner or between the connection network in controllable node is set, by changing the control coding of these controllable node, can change the inner structure and the interconnected relationship of reusable component, thereby realize different logic functions, realize different cryptographic algorithms.Utilize macroinstruction system and architecture that algorithm resource IP is provided module, make the user to design self-defining algorithm, and can load self-defining algorithm by the configuration file of the logic that is used for to recombinate according to the algorithm application demand.
Yet, recombinated design among the present invention is not limited to the cryptographic algorithm module, system configuration etc. also can be reconstitutable, for example, interrupt priority level can be recombinated, the synchronous and asynchronous mode of storer can reorganization, bus specification and big or small endian data structure manifestation mode can be recombinated, data path can be recombinated or the like.The logical OR modules configured file that is used for recombinating can inject by original manufacturer, also can provide by other modes, for example provides by instruction.
According to one aspect of the invention, processor of the present invention can also be supported the configuration file instruction system, and described configuration file instruction system can comprise the instruction relevant with configuration file.According to an implementation of the present invention, processor of the present invention can be supported the configuration file instruction based on the MISC instruction system.
The control of logical unit of can recombinating is divided into function control and path control dual mode and static state and dynamic two kinds of coding forms.The static coding of static resource coding unit, the function reorganization and the operative relationship of control algolithm.The static coding of dynamic resource coding unit, the data transmission of control algolithm and operation steps.
The static configuration file is the initialization codes that explicit hardware control unit realizes the architecture reorganization, this coding indexed resource take and resource between annexation.And the dynamic-configuration file is the execution coding of explicit hardware control unit realization architecture operation reorganization, and this coding directive system structure realizes the operation of macro instruction.The static configuration file of macro instruction can be loaded among the architecture when initialization, is used to identify the reorganization of architecture resources and annexation.The dynamic-configuration file hierarchy of control structure operation in commission relation of macro instruction realizes the macro instruction function.
In the algorithm implementation, the value that the coding of the resource code unit of use remains unchanged is called static resource coding or static coding; Only need get final product the function and the operative relationship reorganization of control algolithm with the coding disposable loading of static resource coding unit before algorithm begins to carry out.In the algorithm implementation, the coding of the resource code unit of use is called the dynamic resource coding by the value that the cycle changes; Before beginning to carry out, algorithm, also is called static coding to the coding initialize of dynamic resource.
Coding static, the dynamic resource coding unit is arranged in respectively in the implicit expression coded format and explicit coded format of configuration file; Load respectively, decipher respectively, control jointly.
Coding static, the dynamic resource coding unit can carry its part coding by explicit coded format control and be loaded in the inner backup coded format, when the decoded execution in dynamic coding unit, by the coding control of explicit coded format, but coding and decoding and control in the executed in parallel backup coded format.
Latent, explicit coding scheme can have independently code translator, this code translator can be deciphered implicit expression and explicit order number respectively, directly carry out control, can control by implied format by the decision of the coding in the explicit commands form again coding unit.
Explicit commands can come from the memory storage (FLASH, RAM etc.) or outside injection of processor inside, and implicit instructions then can be injected by the outside.
Processor of the present invention can also be supported except that above-mentioned protocol instructions system and the instruction the configuration file instruction system.In an implementation of the present invention, processor of the present invention is implemented as security coprocessor, and it can support other instructions except that protocol instructions system and configuration file instruction system, such as logical operation, transfer instruction or the like.In another implementation of the present invention, processor of the present invention has been implemented as security coprocessor integrated and the processor of MCU (or MCPU) function, wherein security coprocessor can be used for supported protocol instruction and configuration file instruction, and MCU can be used to carry out other instructions, also can support the configuration file instruction, that is to say that MCU also can be reconstitutable.According to a further aspect in the invention, processor of the present invention can be a general processor.The general processor of being realized (for example can have security kernel, it can have the key algorithm module, and can support security protocol) and be used to support the processing kernel (MCU, MCPU or CPU) of other conventional processing/instructions (for example supporting the universal cpu instruction).And according to another embodiment of the invention, general processor of the present invention also can be supported conventional processing and need not independently to handle kernel.That is to say, this general processor can instruct and the configuration file instruction by supported protocol, can also support the routine instruction of common universal cpu, for example even can utilize software to realize cryptographic algorithm, and not realize via the cryptographic algorithm module in the processor by these conventional instructions.
The processor adopting of the present invention design of can recombinating can realize different cryptographic algorithms, different security protocol and security strategy by configuration file, and can realize recombinating and expanding of cryptographic algorithm, security protocol and security strategy.
For example, processor of the present invention can be by configuration file (for example, be injected into the configuration file in the processor), utilize macro instruction programmed chips operating system COS to support other algorithms, and for example (for example by suitable program, be injected into the protocol procedure in the processor), realize multiple security protocol (such as, IPsec, SSL/TSL agreement, MPPE agreement or user-defined security protocol or the like).
In an implementation of the present invention, the security protocol that is adopted can be DSL security protocol (a 11.20a version).
The DSL security protocol
Each version of DSL security protocol 11.20a is made up of certificate, authorities conducting the examination on the ministry's authorization (authorization center, administrative center, network management center), protocol information, safety equipment (subscriber card), ciphered data information.
The DSL security protocol has comprised sets up communication link, the user applies registration is authorized, the mandate of authorization center user key certificate information, administrative center's user security entropy key information mandate, network management center's subscriber card auxiliary key information mandate, authorization center user key certificate management, administrative center and network management center's key information management, the private key for user storage, authentication, data authentication, key agreement, key generates, key change, cipher system is selected, bright ciphertext adds DecryptDecryption and handles, the algorithm expansion, algorithm is selected, certificate, key updating and management, and functions such as user and security of system entropy reorganization design.Wherein safe entropy can be used as a kind of security strategy.
DSL security protocol (11.20a version) is to be based upon under the system of a plurality of authorities conducting the examination on the ministry's authorizations (by authorization center and/or administrative center and/or network management center) difference or common implementing safety equipment certificate registration mandate networking, realizes secure communication.When registration is authorized: by authorization center to each safety equipment authorized user key certificate information or with authorized user key certificate information stores in subscriber card; By administrative center to each safety equipment authorized user safety entropy key certificate information or with authorized user safety entropy key certificate information stores in subscriber card; By the subscriber card mandate auxiliary key certificate information of network management center to each safety equipment use.
Have authorized user key certificate information or and authorized user safety entropy key certificate information or and authorize the safety equipment of auxiliary key certificate information or the user of subscriber card, could equipment safe in utilization or and subscriber card net in coded communication between the user.
DSL security protocol 11.20a major function comprises:
1. set up communication link: user and authorities conducting the examination on the ministry's authorization are set up to set up between communication link, the user between communication link, safety equipment and the subscriber card card and are set up communication link between communication link, safety chip and the safety equipment terminal.
2. the user applies registration is authorized: the user applies for registration of mandate first, mandate is applied for registration of in change.
3. user key generates: the key when the user applies registration is authorized generates; Key during the protection authorization message generates; Key when the coded communication one-time pad requires generates.
4. user key protection: use the Chinese remainder theorem computation model to user's master key system protection.
5. user key calculates: use the Chinese remainder theorem computation model to recover user key
6. user key storage: divide storage to user's master key system protection information.
7. authorization center mandate: authorize, change mandate first, upgrade and authorize.
8. the public key certificate and certificate of authority management: authorization center is used the key certificate management of user key to authorization center and user to client public key certificate management, user.
9. authentication: both sides' authentication information is calculated, the user security entropy is recombinated designing and calculating, the security of system entropy is recombinated designing and calculating, authentication, extraction secret information.
10. key agreement: key agreement information calculations, public keys calculate.
11. key change.
12. authorization message storage.
13. add the DecryptDecryption operation: data add the DecryptDecryption transmission by data summarization algorithm authentication control.
14. more new key and more scaling method: renewal adds DecryptDecryption cipher controlled, expansion algorithm, algorithm selection.
15. security strategy design.
16. system management operation (as, the chip operating system (MCOS) of employing macro instruction system): realize that initialization control, instruction manipulation control, agreement control and safety monitoring, data-interface control, algorithm expansion are connected control with other agreement.
In one embodiment of the invention, the MCOS system can realize security strategy design, the realization of control DSL security protocol, management data interface, implement key, authentication data transmission; Control key generation, compatible secure rank and unencryped word, encrypted word operation and monitoring active attack (cut and change, redial, monitor).
In the DSL security protocol, can mainly comprise four big flow processs:
1. chip initiation flow process: at first will be behind each chip power to chip initiation, initialization operation is divided into logic initialization and program initialization operation.
2. application authorization flow: authorization location and user carry out alternately, by authorization location to the user side certificate of authority.
3. renewal authorization flow: after the user applies mandate, the effective authentication of meeting need be upgraded mandate or renewal mandate under the situation that the user needs when user certificate is expired.
4. secret communication flow process: caller or the called secure communications links of setting up, enter the secret communication flow process, make both sides can carry out secret communication.
The DSL security protocol is also supported the multiple mode of setting up communication link:
The user first or change when applying for registration of, the speech communication link of foundation;
2. when authorization center is upgraded the authorized user key information, the speech communication link of foundation;
3. user network is applied for registration of or authorization center network when upgrading authorized user key information personal data safety system (PDSS) mode, the network communication link of foundation.
After setting up the mandate communication link, have first registration, change registration and upgrade the authorization of authorizing.The authorization that change registration and renewal are authorized need be carried out both sides' authentication, key agreement, cipher key calculation, encrypted transmission.
Main more specifically flow process is as shown in the table:
Initialization operation
Apply for registration of and Authorized operation
Upgrade Authorized operation
Set up and authorize communication link
Set up the encryption communication link
The key updating operation
Algorithm upgrades operation
The security protocol order set
DSL security protocol order set comprises: initialization directive, inner input and output instruction, outside input and output instruction and control operation instruction.Initialization directive is safety chip carries out security control to the security strategy design of safety equipment (or system), to safety card a supervisory instruction; Inner input and output instruction is the steering order that safety chip and safety equipment are set up link; The MCOS system that outside input and output instruction is a safety chip carries out the steering order of security protocol; Control operation instruction is the MCOS system of safety chip when carrying out security protocol, the steering order of supervisory system duty.
Initialization directive
Initialization directive when being used for initialization, after setting up the control information table and setting up communication link, is transmitted the device initialize information command with the storage of password form.Initialization directive comprises: level of security instruction, use-pattern instruction, the instruction of compatible performance and cipher key spreading instruction.Level of security instruction indication level of security.The use-pattern of use-pattern instruction indication safety equipment and subscriber card is as independent use, be used, use jointly etc.Compatible performance instruction can be indicated the compatibility between the different security level.And the key algorithm extended instruction can be indicated key card expansion, safety card expansion, protocol extension etc.
The initialization directive form comprises: instruction of initialization security information and the instruction of initialization compatible information.The application target of initialization directive be for communicating pair when the system initialization, set up safety information table.Be mainly used in the coded communication both sides and determine safe level of confidentiality, compatible information, use-pattern, key and the algorithm extend information of safety equipment.
Inner input instruction
Inner input instruction is the steering order that safety equipment and safety chip are set up the link relation.Inner input instruction comprises:
Enabled instruction: after safety equipment are set up communication link,, send the steering order that starts safety chip according to the link establishment feature, its can comprise be used for administrative center for example upgrade authorize, instruction that the user authorized or changed mandate first;
END instruction: safety equipment monitoring communications Link State, after opening circuit, send the steering order of termination of security chip operation;
The user data information input instruction: by safety equipment, input user profile (for example, password information, algorithm information, summary info, key information etc.);
The management information input instruction: by safety equipment, input user or system's shuffling information (for example, password information, user security entropy, security of system entropy, key information etc.).
Inner output order
Inner output order is the steering order that safety chip and safety equipment are set up the output information relation.Inner output order comprises: transfer instruction is the instruction that safety chip notice safety equipment are transmitted data message, and safety equipment are transmitted the data message of safety chip according to the requirement of this instruction; Operational order is a safety chip according to the operation control of security protocol, produces prompting user information, and in the steering order of safety equipment display message.Described operational order is suitable for indicating one or more of transmission information, communication mode, level of security, use-pattern, compatible performance, cipher key spreading, injection licensing status, error message.Described transport packet is drawn together one or more in following: certificate information, identity information, negotiation information, authorization message, password information, key information, algorithm information, summary info, user security entropy, security of system entropy, insert card, can extract card.
The function and the director data standard of traffic operation between inner input and output instruction form reflection safety chip and the safety equipment.
Outside (agreement) user input and output instruction
The external user input and output instruction is used to apply for the operation control of communication link between certificate registration, foundation and administrative center and the user.Instruction mirror operation function and as the start mark of operation information.Wherein:
The user shakes hands and instructs is in the process that agreement is carried out, and when the link both sides began to carry out feature operation or end operation, mutual authentication was carried out the interactive information instruction of correctness;
The certificate registering instruction is user when carrying out certificate registration and authorizing, and sends the operation start mark control before the user certificate information;
Data transfer instruction is when carrying out the transmission encrypting information function, sends the preceding operation start mark control of enciphered message;
The authentication instruction is when carrying out identity authentication function, the operation start mark control before transmission authentication information and the authentication safety entropy information;
The key agreement instruction is when carrying out public keys calculating or key-switch function, sends the preceding operation start mark control of cipher key calculation information;
The data authentication instruction is when carrying out transmission data and data summarization authentification of message function, sends the preceding operation start mark control of data summarization information;
When safe entropy instruction was safety equipment execution initialization operation, the link both sides needed the consistent operation of determining common entropy for authentication.Control as sending the preceding operation start mark of safe entropy information during execution.
The input and output instruction of outside (agreement) administrative center
Administrative center's input and output instruction is used for the operation control of communication link between the registration of authorized user certificate, foundation and the effective family.Instruction mirror operation function and as the start mark of operation information, wherein:
Administrative center shakes hands and instructs is in the process that agreement is carried out, and when the link both sides began to carry out feature operation or end operation, mutual authentication was carried out the interactive information instruction of correctness;
Authorized order is when carrying out user certificate registration authorization function, sends the preceding operation start mark control of authorized user certificate information;
Data transfer instruction is when carrying out the transmission encrypting information function, sends the preceding operation start mark control of enciphered message;
The authentication instruction is when carrying out identity authentication function, the operation start mark control before transmission authentication information and the authentication safety entropy information;
The key agreement instruction is when carrying out public keys calculating or key-switch function, sends the preceding operation start mark control of cipher key calculation information;
The data authentication instruction is when carrying out transmission data and data summarization authentification of message function, sends the preceding operation start mark control of data summarization information;
When safe entropy instruction was safety equipment execution initialization operation, the link both sides needed the consistent operation of determining common entropy for authentication, controlled as sending the preceding operation start mark of safe entropy information during execution.
The system operation steering order
The system operation steering order is divided into two parts: the instruction of the instruction of protocol operation control and system operation control.Wherein, the instruction of protocol operation control is used for realizing the fault processing and the end process function of protocol implementation; And the instruction of system operation control is used to realize MCOS system supplymentary agreement implementation operating function, and the state of protocol instructions is handled, and comprising: program scheduler, data processing, interface initialization, function management etc.
Agreement steering order form is the important component part of security protocol instruction system.All instruction classifications in the control of reflection agreement, command function, instruction semantic, data requirement and semanteme.Agreement steering order form relates to: communication class instruction form, and it is used to apply for registration of or changes registration and authorize, change mandate, renewal mandate, communicating pair handshaking information first; The function command form, it is used for data transfer instruction, authentication instruction, key agreement instruction and data authentication instruction, and the length of algorithm system, key and the digest algorithm deal with data used in determining to carry out; And safe entropy instruction form, it is used for the relevant instruction of safe entropy.
Operation steering order form comprises two ingredients: protocol operation control and system operation control.
The safety equipment internal data format
The safety equipment internal data format is the data manipulation that safety equipment and safety chip are set up correspondence.Safety equipment control is meant that safety chip and safety equipment set up the mutual instruction manipulation and the data manipulation of correspondence.
Start
After safety equipment were set up communication link, the identification user makes a call or administrative center makes a call.And discern: authorities conducting the examination on the ministry's authorization telephone number or sign according to the safety equipment recorded information; User encryption communication telephone number or sign; Produce enabled instruction, by safety equipment and the instruction of safety chip interface transmission start.
Input instruction
When user's equipment safe in utilization needed to import user profile by hand, safety equipment produced the user profile input instruction, by safety equipment and safety chip interface transmitting subscriber information input instruction; When user's equipment safe in utilization needed manual importing management information, safety equipment produced the management information input instruction, by safety equipment and safety chip interface transmit management information input instruction.
Transfer instruction
When safety chip is carried out security protocol, set up correspondence by sending transfer instruction to safety equipment; Safety equipment are according to the data transmission length requirement of transfer instruction, computational data end of transmission (EOT).The correspondence of safety chip and safety equipment must be the mark of control data transmission with the instruction manipulation.After transfer instruction sent, safety equipment began counting, and until DTD, new instruction begins.
Operational order
Safety chip produces operational order and replys safety equipment according to the processing of safety equipment input instruction, by the interface transmission operational order of safety equipment and safety chip.Safety chip is all set up the handshake authentication relation by operational order to the protocol instructions of safety equipment.
END instruction
Safety equipment monitoring communications link, identification connects communications link condition, if chain rupture produces END instruction, by safety equipment and the instruction of safety chip interface end of transmission (EOT).
The management system internal data format
The management system internal data format is the data manipulation that management system and safety chip are set up correspondence.
Start
After management system was set up communication link, the identification user makes a call or administrative center makes a call.And according to user security equipment records information Recognition: subscriber directory number or sign; Authorize or unauthorized information; Management system feature operation demand and mandate or unauthorized information; Produce enabled instruction, by management system and the instruction of safety chip interface transmission start.
Management system control
Management system control is meant the correspondence that management system and safety chip are set up.Management system is mutual instruction manipulation and the data manipulation that chip safe in utilization sends.The interface of data manipulation is set up with system call mode or other modes.
Input instruction
When management system distributing user key information, set up user profile tables of data (stream), management system produces the user profile input instruction, by management system and safety chip interface transmitting subscriber information input instruction and user profile tables of data;
When management system distributing user management information, set up customer management information tables of data (stream), management system produces the user profile input instruction, by management system and safety chip interface transmit management information input instruction and customer management information tables of data;
Transfer instruction
When safety chip is carried out security protocol, set up correspondence by sending transfer instruction to management system; Management system is according to the data transmission length requirement of safety chip transfer instruction, computational data end of transmission (EOT).The correspondence of safety chip and management system must be the mark of control data transmission with the instruction manipulation.After transfer instruction sent, management system began counting, and until DTD, new instruction begins.
Operational order
Safety chip produces operational order and replys management system according to the processing of management system input instruction, by the interface transmission operational order of management system and safety chip.Safety chip is all set up the handshake authentication relation by operational order to the input instruction of management system.
END instruction
The management system monitors communication link, identification connects communications link condition, if chain rupture produces END instruction, by management system and the instruction of safety chip interface end of transmission (EOT).
Set up communication link between the user
Data layout is to set up communication link between the user between safety equipment and the safety equipment, realizes the data manipulation that user's i safety chip and user j safety chip are set up correspondence.
Initialization control
After the Secure Equipment System initialization, set up the normal operating conditions of equipment, having comprised: interface initialization, initial information calculating etc.Setting up communication link, finishing safety equipment internal control operation back: both sides send user's instruction of shaking hands, and set up correspondence; Both sides send initialization directive, the duty of these instruction reflection safety equipment, both sides finish the work of Secure Equipment System initialization operation and set up safety information table according to initialization directive information, set up security information such as unified level of security, compatible performance, use-pattern, key and algorithm; Both sides send user's instruction of shaking hands, and the data communication of authentication both sides security of system agreement begins.
Agreement control
Both sides send before the protocol instructions information, all need be by the transfer instruction authentication of safety equipment; Both sides send authentication information instruction and authentication information; Both sides send user's instruction of shaking hands, the authentication both sides.
Set up between the user communication link and also relate to operation control and finishing control.
Major function, flow process, instruction system, instruction form and the form of the DSL security protocol that is adopted in embodiment of the present invention below diagrammatically have been described.Yet the flow process of listing here, instruction etc. only are exemplary, it will be understood by those skilled in the art that can its numerous variations not exceeded scope of the present invention.For other security protocol, can the corresponding program of similar structure, instruction waits and realize its function.More of the present invention below with reference to description of drawings
Specific embodiments.
Fig. 1 shows the exemplary safety equipment that comprise according to the processor of one embodiment of the present invention.In Fig. 1, the safety chip shown in processor of the present invention is implemented as, it can support DSL security protocol and other security protocols, as IPsec, SSL/TSL, user-defined security protocol or the like.In some embodiments of the present invention, can realize each function of security protocol by COS (chip operating system) or MCOS (macro instruction chip operating system) in conjunction with protocol instructions and security protocol program (macro instruction).
In safety equipment shown in Figure 1, processor of the present invention is implemented as safety chip (security coprocessor), and it is connected with the main control MCU interface of safety equipment.Wherein main control MCU be responsible for carrying out link establishment, with the mutual and control of input-output apparatus and safety chip between data and the communicating by letter of instruction.According to this embodiment, processor of the present invention can be cooperated with MCU and speech processor and be realized secure voice/data communication.These safety equipment can also be connected to exterior terminal (for example computing machine, facsimile recorder etc.), for it sets up the secret communication link.
Yet, in other implementation of the present invention, processor of the present invention may be implemented as the processor with security kernel, wherein security kernel can be realized the repertoire of the safety chip in the above-mentioned embodiment, and processor can realize that the repertoire of main control MCU in the above-mentioned embodiment is (for example by being integrated with processing kernel (as MCU/MCPU or CPU core), even can be implemented as not have and handle the kernel general processor, but still can realize the repertoire of described safety chip and main control MCU and can realize the instruction (or its function) of conventional CPU.
To understand, under this implementation, the inside input and output instruction described in the DSL agreement will become processor of the present invention inside in order to set up the steering order of link; And described outside input and output instruction will become processor of the present invention to carry out the steering order of security protocol.On this meaning, can abbreviate described inner input and output instruction and described outside input and output instruction as built-in command and external command respectively.That is to say, built-in command can be regarded as in order to set up the steering order of link, and external command is regarded the steering order that is used to carry out security protocol as.
According to one embodiment of the invention, a kind of " white nude film " design that does not contain any algorithm of processor adopting of the present invention, do not relate to cryptographic algorithm, only comprise and support recombinating and configuration of IP of cryptographic algorithm realization, make chip in design and production run, can not reveal the information of any cryptographic algorithm.
Fig. 2 shows an example architecture of treatment in accordance with the present invention device.Wherein, processor of the present invention is implemented as security coprocessor, and it mainly comprises kernel, agreement code translator, system administration manager, interface module, memory module.This processor can with the master cpu co-operating that is connected with its interface.Processor of the present invention is supported the user side and the authorization location operation of DSL security protocol.The architecture of this processor can be supported the embedding control of communication protocol in equipment, and for example, function and operation that can control interface be selected; Can control the design and the variation of security strategy; Can control algolithm and the replacing of key; Can control many certificates system first with upgrade Authorized operation; And reorganization that can control algolithm etc.
Interface module is used for that interface between safety chip and the main control processor (for example MCU, MCPU or CPU) connects and control, be connected and control, be connected and control with interface between the subscriber card (key card) with interface between other external units (for example speech coder and decoder device, authorization location etc.).In implementations more of the present invention, interface is implemented as the RS232 interface, but interface is not limited to this, for example, according to different application, interface can adopt HPI interface, PCI (PCI-X, PCI-E) interface, USB interface, EMI interface, DMA interface, SPI (SPI3, SPI4) interface or the like.Interface module can comprise a plurality of interfaces, and for example, in an implementation of the present invention, interface A is used for processor peripheral and links to each other, and for example links to each other with vocoder (when being used for secure voice communication) or with the PC that is used to authorize and finishes voice or mandate; Interface B is used for linking to each other with main control MCU (MCPU) and finishes telex network; Interface C is used for linking to each other with card card equipment and finishes communicating by letter or the data confidential communication of subscriber card and main frame.
Memory module is used for the required various data of storage of processor operation, program, configuration file etc.In an implementation of the present invention, memory module can be divided into two independent sectors: FLASH storer and common storage.FLASH is the data resource that is used for system administration manager, and common storage is the data resource that all parts are shared.It will be understood by those skilled in the art that the memory module that can realize different frameworks, for example can be an integral body, for example also can adopt other volatibility or nonvolatile memory according to the needs of practical application.
In an implementation of the present invention, FLASH comprises that as the secure storage section of information and data block of information and main storage area (data field) are respectively applied for storage area facility information (for example raw information, certificate, key) and general data.Raw information can comprise: static data, by injecting the original injection data (facility information, algorithm, protocol procedure, public key information) that office realizes; Dynamic data, by the authorities conducting the examination on the ministry's authorization mandate first, change or data (key certificate, application private key certificate, authentication private key certificate, facility information, public key information etc.) that upgrade to inject; And the generation data, the data that generate at random by safety equipment or obtain at random (Device keys, random key, branch storage key, algorithm information, data etc.).
The user equipment information district is consistent with the authorisation device block of information, can comprise following content key random number (by the equipment self-generating), white nude film injection mark and authorization flag word, checking clock, security monitoring record, a plurality of (as first to the 3rd) machine-operated injection information or the like.Wherein can indicate algorithm routine address, (user) protocol procedure address and DSL protocol procedure address and relevant password, check code etc. in the injection information of different offices.
The data field can comprise following components:
The PKI argument section is used to store the parameter relevant with PKI;
The Device keys part, wherein equipment (user) key is generated by programmed control, and signature key is consistent with the storage format of application key, and parameter position and specification are determined by system program;
Subscriber equipment reserve part (or authorisation device authentication certificate position), be used to store the authorisation device authentication certificate, wherein authorisation device authentication certificate parameter is arranged by program and is determined, authorizes sign to be filled in by program, and authentication certificate is mainly used in carries out authentication for subscriber authorisation the time;
The KI part is used to store KI (certificate of authority is a kind of at that time), dynamic loading when equipment state is authorisation device, and parameter position and specification are determined when original injection;
The algorithm routine part is used for the storage algorithm program, and the algorithm routine space is by virtual protection; When security strategy designs,, set up the algorithm attribute according to the strategy coding;
DSL protocol procedure part, be used to store the DSL protocol procedure, it can comprise initialize routine, user input instruction, management input instruction, application mandate interface instruction, upgrade and authorize interface instruction, more new communication interfaces instruction, coded communication interface instruction, interface to inject instruction, and some programs by the interface instruction startup;
The User Agreement program part is used to store the User Agreement program, can be similar to DSL protocol procedure part; And
One or more (as first to the 3rd authorities conducting the examination on the ministry's authorization) authorized user public key certificate part is used to store a plurality of authorities conducting the examination on the ministry's authorization authorized user public key certificate.
In addition, can provide a plurality of RAM as common storage.For example, can provide 8 RAM to use, be used to store data and result, also can be used for the storage of the relevant operation of system administration manager simultaneously for the configuration of IP and the IP that can recombinate.Special-purpose storer can also be provided, for example be used for counting greatly computing.In addition, can also provide a plurality of RAM to be used for the macro instruction operation, the RAM application program that is used for the macro instruction operation is uncontrollable.According to one embodiment of present invention, the partial RAM in the common storage can also be used for the storage of the static coding of configuration of IP.
Implementation according to the present invention, kernel can comprise command decoder, configuration of IP, the IP that can recombinate, count arithmetic unit, random number parts etc. greatly.Kernel can be operated according to security protocol, thereby realizes the multiple basic function of security protocol.Described kernel can be used for symmetry algorithm and asymmetric arithmetic and agreement and calculate.Described random number parts can produce random number (for example Kuo Zhan random number).Kernel can be supported AES, DES, 3DES, PES, FEAL, Geffe, IDEA, Gifford, Geffe, ARC4, Chinese AES scheduling algorithm, hashing algorithm MD5 and SHA1 scheduling algorithm, national algorithm SM1-SM3 etc., and desirable any algorithm.According to the present invention, can expand algorithm.
According to an aspect of the present invention, kernel can realize that key generation, private key calculating, authentication, digital signature, digital encryption, cryptographic key protection, key storage, key replacing, random number generate, count greatly a basic function such as computings.By the combination operation of these basic functions, can realize security protocol (comprising DSL agreement, ssl protocol, user-defined agreement or the like).These functions can be called or realize by security protocol program (or security protocol programmed instruction).Described program can be stored in the memory storage of processor, can call these programs by protocol instructions.
It will be appreciated by those skilled in the art that, method, algorithm that realizes these basic functions etc. can be diversified, be used to accordingly realize or call these functional programs or instruction also can be multiple, plant specific method, algorithm, program or instruction and be not limited to certain or some.For example, the user can freely be provided with the method or the algorithm of these functions of realization of its expectation, and form appropriate users protocol procedure and/or configuration file in view of the above, thereby can be by being stored in the User Defined security protocol program of FLASH, in conjunction with kernel module, realize the self-defining security protocol of user.
According to an embodiment of the invention, the configuration of IP of can recombinating can comprise MMUL16A1IN, SFPMT128, LFSR8_16, LFSR128, GF2MUL15, SBOX8_1, HMWEIGHT, CMP, LOGA, and coarseness IP can comprise 3DES, IDEA, AES, MD5, SHA1 or the like.Specify and see the following form.
Above-mentioned configuration of IP and coarseness IP only are examples, rather than restrictive.Those skilled in the art can increase or minimizing configuration of IP and coarseness IP according to its needs, and can change its bit wide, and the change of carrying out other.To the operation of these IP and the mode of data processing is diversified.In one embodiment of the invention, the IP design all adopts the ESOC technology to design, wherein the logical design granularity of IP resource is a fine granularity, IP resource specification has 8,16,32,64,128 and even the more operation of long number, and the function of IP resource, specification and control can be recombinated by static controllable node or dynamic controllable node.
Needed static coding can unify to leave in storer (for example among the RAM) among the configuration of IP and the IP that can recombinate.Can provide the address of static configuration by macro instruction.Also can provide the dynamic coding of configuration file dynamically to change configuration of IP and the IP that can recombinate by the configuration file instruction.
The agreement code translator can be controlled kernel, and for example, the combination of basic function by the control kernel realizes concrete security protocol.For example, by the state machine description control realize user's initialization operation, authorize first, change/upgrade feature operations such as mandate, telex network.Implementation according to the present invention, the agreement code translator will be according to the decode results of protocol instructions, receive the data query program address table that instruction is carried, load the macro instruction address register, the desired macroinstruction fetch routine of call instruction function waits for that protocol procedure (macroinstruction fetch routine) execution finishes or execute exception (instruction of returning the operation of agreement code translator of macro instruction).The agreement code translator can be carried out, and for example: the command status test comprises input/output state, instruction injection test; Instruction decode is as macro instruction scheduling, fault processing, macro instruction I/O operation etc.; And the communications status test, as level of confidentiality, the test of mandate system.
Functions such as system administration manager of the present invention can the injection of realization information, system initialization, self check.Concrete, the function that system administration manager can be realized comprises: interface initialization, white nude film test, injection, self check, control information table are set up (IDI register), software initialization program scheduler, error-logic control etc.Be described more specifically each function of system administration manager of the present invention below.
Interface initialization: after system powers on, send the interface initialization signal, the initialization of executive's interface.
White nude film test: after interface initialization finishes, send white nude film test enable signal and start white nude film testing process, finish FLASH initialization, white nude film test, authorize test, modified logo register value etc.
Inject: realize injection FLASH block of information and data field data.
Self check: hardware does not have the self check flow process, checks when the verification of storage and only public change are injected and uses, and can realize user-defined self-checking function by the software initialization flow process;
The control information table is set up: this function is finished (injects complete, and authorized) and is sent the status register enable signal afterwards and come the drive controlling information table to set up in white nude film test, and the control information table can be used in for example safety communication monitoring legitimacy to be operated;
The software initialization program scheduler: the processor system function of initializing can be divided into two parts in this implementation, a part is finished by hardware logic, comprise above-mentioned white nude film test, the foundation of control information table etc., a part is finished by macroinstruction fetch routine, realize user-defined function of initializing, as: the test of certificate granting sign; Auxiliary device (subscriber card) online verification, self check, initialization data calculate (comprising private key for user calculating, the storage of user key certificate, user key calculating, user key protection, user key storage, authentication information calculating etc.).
In an implementation of the present invention, hardware does not have the self check flow process, the verification of storage and check when only injecting for change and use.Can realize user-defined self-checking function by the software initialization flow process.In addition, system administration manager of the present invention can also be realized security monitoring.
In a specific embodiment of the present invention, inject instruction and can come from any interface.The driving of injection logic derives from the decode results indication of agreement code translator.Decode results can be indicated following information: inject office, inject that still change is injected first, block of information data or data field data, message length, when the data field is injected headed by piece or subsequent block etc.
When change is injected, need at first check password and check code.Receive when injecting data and need carry out verification.
Described control information table can comprise: white nude film identification-state register, be used for discrimination instruction legitimacy (as, upgrade, inject first or authorize; Can not carry out the coded communication instruction before the unauthorized; White nude film injects only can carry out when imperfect and injects instruction), the foundation of this status register is finished in white nude film testing process; The device identification status register is used for the identification equipment type, sets up in the process at safety chain and uses, and device identification idi is the ciphertext storage with the random number secret key encryption when injecting; The address control table comprises argument address table and executive address table.In fact, the argument address table embodies by domain of instruction, and executive address is by the truth table embodiment of circuit signal.
In an implementation of the present invention, the part of idi need read when setting up initialization control information table, after the deciphering, is stored in the device identification status register, and the wait safety chain is set up the protocol procedure visit.This process is set up in the flow process at the control information table and is finished by the call macroinstruction program.And the use of remainder is deciphered during use immediately fully by program scheduler.That is to say that the operation that needs in the control information surface low journey to realize only is the deciphering of a part of data of idi, and it is deposited in the identification-state register.
According to the present invention, the software initialization program can be injected by the 3rd office (or DSL agreement).According to one embodiment of present invention, the certificate granting sign is read in the certificate position of software initialization program amenable to process regulation and certificates identified design, sets up authorities conducting the examination on the ministry's authorization certificate of authority identification-state register; Send non-operation instruction to valid interface, wait for Application of Interface end answer non-operation instruction,, show that each Application of Interface is ready if contrast is correct.
In a specific embodiment of the present invention, authorization flow is realized by protocol procedure (for example, it can be a macro instruction).For example, the hardware logic function of authorized order can comprise:
1. instruction legitimate verification.The certificate of authority identification-state register of three authorities conducting the examination on the ministry's authorizations of inquiry (setting up) by the software initialization program,
Can not the request for utilization authorized order when a) having authorized; Can not use during unauthorized and upgrade or change directive.
B) the first certificate unauthorized complete before, can not carry out the Authorized operation of follow-up certificate.
2. inquire about white nude film marker register,, visit the 3rd machine-operated address data area table, read the authoring program entry address, load the macro instruction address register, and send the macro instruction code translator and enable if the 3rd machine-operated user definition protocol procedure injects; If the 3rd machine-operated user definition protocol procedure do not inject, the DSL protocol procedure is injected, then visits DSL protocol data regional address table, reads DSL agreement authoring program entry address, loads the macro instruction address register, and sends command decoder and enable.
3. send and return the agreement decoder instructions when the macro instruction code translator, and the abnormality position is 0 when invalid, show that mandate finishes.The agreement code translator keeps the wait command status.
If this instruction is inquired about the IDI device status register for applying for authorized order, the operation that puts rules into practice or expect according to the difference of authorizing system (for example, single mandate, two mandate, many mandates etc.).
In an implementation of the present invention, the processor system operation may further comprise the steps:
1. hardware initialization is provided with white nude film statement status register, checks white nude film sign and authorizes sign;
2. when authorizing, the IDI device status register is set, when unauthorized, jumps directly to 4;
3. call the software initialization program;
4. the command request of response interface;
5. execution command validity test, if correctly then carry out, if mistake sends miscue to B interface,
A) during white nude film, only can receive corresponding injection instruction; When non-white nude film and unauthorized, only can receive authorized order;
B) when software initialization is finished, can decipher the instruction of carrying out renewal, change, coded communication, the enabled instruction of Application of Interface end and directly carrying out by hardware;
6. when the call macroinstruction code translator is controlled, according to instructing the DSL agreement or the corresponding program address of User Defined agreement selective addressing of carrying, load the macroinstruction fetch routine address register, return the agreement decoder instructions by macro instruction and return the control of agreement code translator, carried out for the 4th step; When the hardware executing instruction operations, returned for the 4th step behind the EO again.
From the said system operating process as can be seen, the agreement code translator is the bridge that is connected Application of Interface side's operational requirements and processor macroinstruction fetch routine operation response.From the angle of agreement code translator, the instruction that the instruction that needs decoding to handle is only sent to processor for Application of Interface.
According to one embodiment of present invention, the agreement code translator can have two kinds of modes of operation:
1. derive from interface instruction.Interface instruction described here is meant the operational order that the Application of Interface end sends chip.Under this pattern, the macro instruction code translator does not start as yet.The agreement code translator is at first verified the instruction legitimacy, by after, according to the command source interface status register corresponding positions is set, the macroinstruction fetch routine original execution address of carrying out this instruction is read in fixing value position partially from the FLASH data field, with this address macro instruction address control unit of packing into, and send macro instruction code translator enable signal.
2. derive from the protocol instructions of communication counterpart.Under this pattern, the macro instruction code translator is in running order.At first by macro instruction the node expecting instruction is loaded into corresponding registers (loading value register as protocol node instruction comparer) by protocol procedure, what the receiving interface of startup agreement code translator instructed enables.The instruction that the agreement code translator will receive is loaded into protocol node instruction comparer and receives value register.If receive, the command reception status register that finishes is changed to 1; If instruction is more correct, will instructing relatively, the correct status register is changed to 1.In the protocol procedure implementation,, then carry out the expection operation earlier if before receiving instruction, operation is arranged; When the expection EO finishes, when needing the XM instruction, check at first whether the command reception status register that finishes is 1; If 1, reexamine instruction and compare whether the correct status register is 1; If be 1 still, show that the instruction that receives is the expection right instructions, then branch's expection node subroutine; If instruction relatively correct status register is 0, show that the instruction and the expection that receive are not inconsistent, program continues to load other possible instructions and compares.During end, carry out and return the agreement decoder instructions.Under non-encrypted communications status (safety chain is set up in the process), the data that the agreement code translator is received all deposit buffer area in, and first address is a zero-address.
In an implementation of the present invention, the agreement code translator can correspondingly have the interface instruction decoding logic and at the decoding logic of the protocol instructions that derives from the other side.
Under first kind of operator scheme of agreement code translator (the Application of Interface end sends the instruction of operation requests to chip), the agreement code translator needs at first to finish judgement to the instruction legitimacy according to interface source and chip status, when instruction is legal, can carry out.The instruction validity test comprises following related content: sign etc. is injected in white nude film identification-state register, device identification status register, command source interface, the first machine-operated data field.
According to one embodiment of the invention, the agreement code translator can all need instruct legitimacy to differentiate to all instructions.But, so long as under the control of macro instruction code translator, the validity checking of just not executing instruction.When white nude film, only receive original injection instruction, if not " white nude film " then replied in original injection instruction; And when authorizing, only receive the application authorized order, not then to reply " unauthorized ".
After instruction was differentiated by legitimacy, the operation of instruction was divided into following a few class: under non-macroinstruction fetch routine state of a control, load the macroinstruction fetch routine address register, the call macroinstruction operation; Under non-macroinstruction fetch routine state of a control, receive data to buffer area, load the macroinstruction fetch routine address register, the call macroinstruction operation; Under the macroinstruction fetch routine state of a control, the loading instruction comparand register; Under the macroinstruction fetch routine state of a control, the loading instruction comparand register receives data to buffer area; And system hardware operation.
Before starting macroinstruction fetch routine, the agreement code translator can only receive and handle (comprise hardware by oneself, start macroinstruction fetch routine processing etc.) to give an order:
1. instruction, operation right instructions, operating mistake instruction are finished in operation.The inoperation of agreement code translator.
2. inject instruction, interface initialization instruction, non-operation instruction, read authority telephone order, read the initialization information instruction, use user definition entropy communication instruction.Hardware is carried out fixing operation.
3. application authorized order, renewal authorized order, renewal are authorized and are injected instruction, coded communication instruction, user input instruction, management input instruction, User Defined enabled instruction.After the instruction validity checking is passed through, start macroinstruction fetch routine and carry out.
Other instructions are false command, reply the operating mistake instruction.
In a kind of implementation, the agreement code translator can comprise main control module and instruction control module.Main control module is to the management of agreement code translator function of tonic chord domain of instruction (for example, the upper byte of instruction).After the hardware initialization self check finishes,, enter master control module controls according to enable signal.Main control module drive software initialization control flow software initialization process when injection is complete, scheduling initialization macroinstruction fetch routine.Instruction control module is used for injecting instruction, non-operation instruction and interface initialization instruction, read initialization information instruction and the parameter instruction of read authority office, software initialization instruction, coded communication instruction, User Defined enabled instruction and user/management input instruction, upgrade and authorize, apply for authorizing and upgrade to authorize and inject the instruction decode and the control of instructing, and be used for expansion, synchronous serial interface control etc. under the macro instruction state.
In one embodiment of the invention, the macro instruction code translator is driven by the agreement code translator.The command source of macro instruction code translator has: agreement code translator, system administration manager, three modules of instruction queue register.The function of macro instruction code translator mainly is that macro instruction is deciphered, and controls the IP that can recombinate, configuration of IP, counts parts, random number module etc. greatly by decode results, realizes command function, and wait routine is finished or occurs returning the agreement code translator unusually.According to one embodiment of the invention, the macro instruction code translator can also be deciphered the instruction in the configuration file instruction system, thereby according to configuration file can recombinate IP and configuration of IP are carried out dynamic-configuration, thereby realize the function (as different algorithms) of expectation.
According to one embodiment of the invention, protocol procedure (macro instruction) is stored in the specialized range zone of FLASH data field when the 3rd office or the injection of DSL agreement.Inject data and comprise protocol node program address table and protocol procedure.Wherein protocol node program address table is stored in the confirmable position of hardware logic according to permanent order, indicates the initial entry address of each protocol node program in the protocol procedure.
In one embodiment of the invention, DSL protocol procedure (macro instruction) can be that original manufacturer injects, and user-defined protocol procedure (macro instruction) can be injected by the 3rd office.Select DSL agreement or User Defined agreement if indicate, then indicate invocation protocol according to instruction; If the territory is not selected in instruction, if the 3rd office does not inject and the DSL agreement is injected so, then call DSL protocol node program address table in the operating process, and, then call the user-defined protocol node program address table that the 3rd office injects in the operating process if the 3rd office injects (no matter whether the DSL agreement is injected).
The main function components of the safe processor of embodiments of the invention more than has been described.Except that above-mentioned parts, processor of the present invention also has impact damper (memory buffer) alternatively, and it can be used for the buffering of FLASH and I/O data, intermediate result in also can the storage system calculating process etc.Processor of the present invention also has some input and output bufferings that are used for interface alternatively.In addition, processor of the present invention also has some FIFO alternatively, and the converter that it can be used as interaction data between FLASH and impact damper and the common storage also can be used as general-purpose register and uses.In addition, decoding and execution for the ease of instruction, processor of the present invention also have some relevant register (as status register and circulating register etc.) and storehouse etc. alternatively so that the instruction operation, this also is within those skilled in the art's cognitive range.
In addition, the said structure of processor of the present invention or configuration only are exemplary.For example, system administration manager of the present invention can be that various ways realizes its function by the COS/MCOS technical design.
Above according to description of drawings the concrete processor of one embodiment of the invention realize.Processor of the present invention can be realized the level of security selection, the password of can realizing once communicating by letter, password of a bag.Can also implementation algorithm dynamic random or static the selection.Can also support many certificates system, support certificate to select.
It will be understood by those skilled in the art that above-mentioned implementation as just example, can thought of instructing according to the present invention differently design processor of the present invention.For example, can design the agreement code translator different with above-mentioned agreement code translator for the DSL agreement comes protocol instructions is deciphered.Again for example, for other security protocol, can realize that also the agreement code translator of carrying out similar functions or other security protocol special functions comes protocol instructions is deciphered, this is in those skilled in the art's cognitive range.Not not equal according to the difference of the security protocol that is adopted, the applied environment of processor, respectively the forming assembly etc. and can carry out suitable change of processor of the present invention, and these changes are also within the scope of the invention.For example, network interface can be MODEM, and it can connect the PSTN network, also can be the Internet inlet, as router, radio reception device etc.
Foregoing, in the present invention, can realize each function of security protocol in conjunction with security protocol program (instruction) by COS (chip operating system) or MCOS.In above-mentioned embodiment of the present invention, the order set of processor of the present invention can comprise that protocol instructions and (agreement) programmed instruction, protocol instructions finish communicating by letter of chip and MCU and the other side, and programmed instruction is finished the execution and the data encrypting and deciphering of security protocol.Programmed instruction can be a macro instruction.It can also be used to control macro operation and static coding loading this macro instruction.Configuration file can be controlled the dynamic coding of IP, can be by the system administration manager uniform dispatching.
According to one embodiment of the invention, in the order set of processor of the present invention, instruction semantic and pragmatic context have close related, and in some cases, semanteme will change according to pragmatic context.For example, instruction under agreement code translator control with under the control of macro instruction code translator, can have different semantemes and pragmatic.
According to one embodiment of the invention, the protocol instructions system can comprise one or more in following: the instruction that is used to set up communication link, be used for the instruction that the user applies registration is authorized, be used for the instruction that user key generates, be used for the instruction that user key calculates, be used for the instruction of user key storage, be used for the instruction of authorization center mandate, be used for the instruction of authentication, be used for the instruction of key agreement, be used for the instruction of key change, be used for the instruction of authorization message storage, be used to add the instruction of DecryptDecryption operation, be used for more new key and the more instruction of scaling method, be used for the instruction of security strategy design, be used for instruction of system operation or the like.These instructions can comprise that separately one or more instruction is to realize desired function.
In addition, according to the difference of employed security protocol, the instruction in the protocol instructions system also can be distinguished to some extent.The described instruction that is used for setting up communication link comprises following one or more: be used for user and authorities conducting the examination on the ministry's authorization set up the instruction of communication link, be used for setting up between the user communication link instruction, be used for setting up between safety equipment and the subscriber card card communication link instruction, be used for the instruction of communication link between safety chip and the safety equipment terminal.
Describedly be used for instruction that user applies registration authorizes and can comprise following one or more: be used for instruction that the user applies for registration of mandate first, be used to change the instruction of applying for registration of mandate.
The described instruction that is used for the user key storage can comprise: key divides the storage instruction.
The described instruction that is used for the authorization center mandate can comprise following one or more: the instruction that is used for authorizing first, be used to change mandate instruction, be used to upgrade the instruction of mandate.
The described instruction that is used for authentication can comprise following one or more: the instruction that be used to obtain the instruction of both sides' authentication information, the instruction that is used for user security entropy reorganization design, the instruction that is used for security of system entropy reorganization design, authentication instruction, is used to extract secret information.
The described instruction that is used for key agreement can comprise following one or more: be used for the key agreement information calculations instruction, be used for the instruction that public keys calculates.
Described be used for new key more and more the instruction of scaling method can comprise following one or more: be used to upgrade the instruction, the instruction that is used for expansion algorithm that add the DecryptDecryption key, be used for the instruction that algorithm is selected.
The described instruction that is used for system operation can comprise following one or more: be used for initialization control instruction, be used for instruction manipulation control instruction, be used for agreement control instruction, be used to attack monitoring instruction, be used for the instruction of data-interface control.
Specifically list the title of instruction, non-operation instruction can be arranged, read the device initialize information command, read the clock instruction, the EO instruction, wrap wrong indicator, the packet loss instruction, the instruction that the indication expansion is encrypted, the instruction of indication expansion deciphering, the instruction of telltable clock mistake and return clock instruction, the interface initialization instruction, return the initialization information instruction, the coded communication instruction, the application authorized order, upgrade authorized order, the read authority telephone order, authorize to upgrade and inject instruction, the protocol data instruction, the voice encryption data command, application checking registering instruction, the authentication instruction, the instruction of grant a certificate digital signature, the sign entitlement instruction, the key agreement instruction, the user definition enabled instruction, read the key instruction, the " return " key" instruction, key divides the storage instruction, the key change instruction, digest instructions, the encrypt data instruction, the digital signature instruction, instruction is injected in the block of information, the data field is injected, read the authentication certificate instruction, the expired authentication certificate instruction in return authorization center, the data encryption instruction, the data decryption instruction, return the enciphered data instruction, return the enciphered data instruction, the instruction of key assignments data decryption, the language data process instruction, the bag false command, instruction is finished in operation, the operation right instructions, the operating mistake instruction, use user definition entropy communication instruction or the like, and the error reporting under security protocol (returning) instruction etc.In the table shown in this instructions is aforementioned, the form of most instructions and explanation etc. have been listed.The title of most instruction has promptly reflected its function.
In one embodiment of the invention, the instruction form of processor can have multiple, and for example 8,16,24,32 and 40 bit instruction forms also can be provided with higher or lower bit instruction form as required.Instruction can comprise: format field is used in reference to the directive command form; Experimental process functional domain and functional domain are used in reference to the directive command function.
In one embodiment of the invention, the data that are stored among the FLASH all are to encrypt storage, and the random number key with the block of information before each injection, the sense data takes out, and the data that write or read are carried out encryption and decryption.In addition, the key internal random produces, can not be by memory scanning mode acquisition algorithm information.Chip application person's command interface does not provide the read-write operation to FLASH, need can implement by the approval of former algorithm the upgrading of algorithm information, so the assailant can't distort the algorithm information of injection.
According to the present invention, configuration file can be pre-configured in the processor by the original manufacturer of processor, also can be injected by instruction (for example, when authorizing) by the processor user, or obtain (for example, obtaining the subscriber card after upgrading) by other modes.
In one embodiment of the invention, processor of the present invention can also comprise the card management module, is used for the associative operation of the subscriber card of management and its (for example, passing through interface) connection.Described subscriber card can comprise safety card and key card.
According to one aspect of the invention, described safety card can embed with good grounds processor of the present invention, thereby safety card can independently use or be used with safety equipment or make jointly with safety equipment and be used for realizing security protocol.Key card can stores key information and operating part algorithm, can not independently carry out security protocol.According to the present invention, can realize the selection of key card algorithm and safety chip algorithm, key card can be preferential.According to an aspect of the present invention, the card management module of processor of the present invention and subscriber card thereof are supported the associative operation of security protocol.
Fig. 3 shows the system assumption diagram of processor according to another embodiment of the invention.The processor of this embodiment can comprise security kernel, and this security kernel comprises safe COS device and can recombinate logic and profile module.This security kernel can also comprise the security measure module.The logic of can recombinating makes it possible to achieve different cryptographic algorithms with configuration file, can realize different security protocols in conjunction with safe COS device and other IP parts, as DSL agreement, IPsec agreement or user-defined other security protocols or the like.The security measure module can be carried out security measure to system.
This processor also comprises three-dimensional code translator and can recombinate register file and other IP parts.The notion of three-dimensional decoding is to go to realize the parallel of instruction level at utmost with different order set and overlapping decoding system.For example, acquired part instruction can be stored in the impact damper or register relevant with implicit expression code translator and backup code translator.Another advantage of three-dimensional code translator is data and the instruction flow that implicit expression code translator and backup code translator can be used to relax explicit code translator.The concurrency that also can be used to increase source program of three-dimensional code translator.Compare with a code translator, various combination and collocation between explicit, implicit expression and three code translators of backup can provide source program bigger concurrency in operation.
This processor can also be supported the configuration file instruction system.For example by three-dimensional code translator or can carry out instruction in the configuration file system by the code translator in the safety COS device.Although the configuration file instruction can utilize implicit expression and code displaying, the instruction that implicit expression and code displaying were suitable for is not limited to the configuration file instruction.This processor can also support the universal cpu instruction to realize its function.
This processor can also be supported the instruction except that protocol instructions and configuration file instruction, for example, realizes the function of instructing in the conventional order set of general processor in the prior art.Note, in this implementation,, wherein do not exist to be used to realize conventional order set processing kernel (as MCU or CPU nuclear) although realized to realize the general processor of conventional order set.
For example, after definite MISC instruction operator set and order format, sourse instruction (for example RISC instruction) (for example can be converted into the employed MISC instruction of processor of the present invention, by binary code converting member or program), MISC instruction after the conversion is explained execution through after the code compaction by the MISC processor.Wherein the RISC instruction only is as example, goes for other universal cpu instructions equally.Thereby, can realize the instruction of universal cpu by macro instruction.
According to one aspect of the invention, can instruct the instruction that comprises these three kinds of order set in (fixed length or elongated) at MISC.For example, can utilize operator control domain and operator that instruction is encapsulated in the macro instruction with the instruction of three kinds of order set as operator.For example, can be in MISC instruction to the instruction of three kinds of order set sort, delay time, replacement and assembly unit, thereby further improve concurrency and efficient.
According to the present invention, be not specifically limited for the code translator of different instruction system.For example, can come the instruction of three kinds of instruction systems is deciphered, also can come the separately decoding of these three kinds of instruction systems by more than one code translator by a code translator.
In a preferred implementation of the present invention, three kinds of instruction systems are encoded respectively.Independently protocol instructions code translator, configuration file command decoder and conventional command decoder are provided, be respectively applied for protocol instructions decoding, configuration file instruction decode and other instructions (comprising conventional universal cpu instruction etc.) decoding, make that three kinds of code translators only are that designer for its pairing instruction system is visible, and for the designer of other instruction systems, be sightless.Thereby make a kind of system interface of instruction system only can reflect the set and the hardware resource situation of the function that the hardware of this system can be finished, and can not reflect the set and the hardware resource situation of the function that the hardware of other instruction systems can be finished.
For example, the designer of conventional instruction system does not know the design of cryptographic algorithm and security protocol system, and the designer of cryptographic algorithm and security protocol system does not know how to be provided with and to be provided with which kind of cryptographic algorithm and security strategy in the configuration file, thereby makes processor be enhanced greatly in controllability and security.
According to the present invention, processor of the present invention can also be realized other security protocols, as IPsec agreement, SSL/TSL agreement and user-defined communication protocol.
Fig. 4 shows the processor according to another implementation of the present invention, and it can realize IPsec agreement and other agreements.According to the present invention, kernel can also comprise the IPsec protocol process module, for example the AH/ESP processing module.Can also comprise for example MPPE protocol process module.Certainly these modules also can utilize the configuration of IP and the IP that can recombinate to realize by configuration file, perhaps, can also exist as the coarseness IP among the IP that can recombinate.For the not special restriction of the implementation of these modules.
According to the present invention, the IPsec protocol procedure can be loaded in the memory module (FLASH), for example, injects and is stored in processor as User Defined security protocol or alternative DSL protocol procedure.Can obtain pending bag by interface module.Interface module can also be connected to outside (for example main frame, router or other devices) (for example to obtain instruction, protocol instructions, it can comprise the processing control information (for example indicating the address of SA etc.) etc. to bag), security association (SA is as the control information that bag is handled); Perhaps, be connected to external memory storage or internal memory to obtain SA; Perhaps, SA also can be stored in the storer in the processor, is for example injected or the original injection of manufacturer by authorities conducting the examination on the ministry's authorization.Storer in the accompanying drawings only is as example, must not be comprised in the COS device, as long as provide safeguard protection by COS control or by other steering logics.And COS device of the present invention also is not limited thereto, but can comprise much other functions.
According to one aspect of the invention, the agreement code translator is deciphered protocol instructions, receives data and scheduling protocol and instructs desired program (for example, relevant IPsec protocol procedure instruction) also to carry out.Command decoder can be deciphered programmed instruction, and obtain relevant SA and data via interface, and handle according to the setting among the SA, for example carry out that AH and/or ESP packet header bag tail is handled, encrypting and decrypting is handled, the HASH encryption and decryption is handled, MPPE handles or the like.
According to one aspect of the invention, can provide corresponding configuration file, with the function of logic that configuration of IP, the IP that can recombinate is reassembled as expectation to realize expecting.
Similarly, the present invention also can support multiple security protocols such as SSL/TSL, and user-defined security protocol.
According to an aspect of the present invention, the agreement code translator can be deciphered the protocol instructions of multiple security protocol, also can comprise a plurality of code translators.To be respectively applied for different security protocols.Agreement code translator of the present invention also can be reconstitutable, is suitable for different security protocols thereby can recombinate according to configuration file.
According to one aspect of the invention, further improve security thereby processor of the present invention is can supported protocol nested.For example, not only support the DSL agreement but also support other security protocols simultaneously, as IPsec agreement, ssl protocol or the like, thereby for example, nested DSL agreement on agreements such as IPsec.That is to say; IPsec can provide secure communications links; the DSL agreement can IPsec provide ground safety chain the basis on security further is provided; for example authenticating user identification, further secure package etc.; even make the security mechanism of IPsec lose efficacy (for example being attacked), DSL still provides other safeguard protection.Thereby greatly strengthened security.Certainly, also can be nested other security protocol, perhaps nested more security protocol is not as long as conflict between the security protocol.
Therefore, the security protocol that the present invention supported and the mode of support can be diversified.
The above embodiments and embodiment only are used for exemplarily illustrating principle of the present invention, rather than the scope of restriction claim.Above-mentioned each embodiment and embodiment can freely make up arbitrarily, and do not depart from the scope of the present invention.
It will be appreciated by those skilled in the art that, above specify in the name, bit wide or the like of name, form, form bit wide and register of said instruction only be for purposes of illustration, the designer can give other title, form and form, but as long as its still realize with the present invention in identical functions, it is still within the scope of the invention.
Claims (25)
1. processor is characterized in that:
This processor to small part is reconstitutable, and this processor comprises the first instruction system code translator, is used for the instruction of first instruction system is deciphered, and this first instruction system comprises a plurality of instructions relevant with security protocol.
2. processor as claimed in claim 1 is characterized in that:
This processor also comprises the second instruction system code translator, is used for the instruction of second instruction system is deciphered, and this second instruction system comprises a plurality of instructions relevant with configuration file.
3. processor as claimed in claim 2 is characterized in that:
This processor also comprises the 3rd instruction system code translator, is used for the instruction of second instruction system is deciphered, and described the 3rd instruction system is different from described first instruction system and second instruction system.
4. processor as claimed in claim 3 is characterized in that:
The described first instruction system code translator, the second instruction system code translator and the 3rd instruction system code translator three are independent of each other.
5. as each described processor among the claim 1-3, it is characterized in that:
The macroinstruction system of utilizing described processor realizes described first, second or the 3rd instruction system.
6. processor as claimed in claim 1 is characterized in that:
Described security protocol comprises IPsec agreement, SSL/TSL agreement, MPPE agreement, DSL agreement and user-defined security protocol.
7. processor as claimed in claim 1 is characterized in that:
Described first instruction system comprises initialization directive, and described initialization directive is a processor to the security strategy design of safety equipment, to the supervisory instruction that safety card carries out security control, comprises in following one or more:
The level of security instruction is used to indicate level of security;
Use-pattern is instructed, and is used to indicate the use-pattern of safety equipment and subscriber card;
Compatible performance is instructed, and is used to indicate the compatibility of level of security; With
The key algorithm extended instruction is used to indicate the extended mode of key algorithm.
8. processor as claimed in claim 1 is characterized in that:
Described first instruction system comprises inner input instruction, and described inner input instruction is the steering order that is used to set up the link relation, and wherein, described inner input instruction comprises one or more in following:
Enabled instruction, it is the steering order that is used to start processor;
END instruction, it is the steering order that is used for the operation of end process device;
The user profile input instruction is used to import user profile; And
The management information input instruction is used to import user or system's shuffling information.
9. processor as claimed in claim 1 is characterized in that:
Described inner input instruction also comprises one or more in following: non-operation instruction, read the device initialize information command, read the clock instruction, the EO instruction, wrap wrong indicator, packet loss instruction.
10. processor as claimed in claim 1 is characterized in that:
Described first instruction system comprises described inner output order, and described inner output order is the steering order that is used to set up the output information relation, and wherein, described inner output order comprises one or more in the following instruction:
Transfer instruction is the instruction that processor notice safety equipment are transmitted data message;
Operational order is a processor according to the operation control of security protocol, produce prompting user information and in the steering order of safety equipment display message.
11. processor as claimed in claim 10 is characterized in that:
Described operational order is suitable for indicating one or more of transmission information, communication mode, level of security, use-pattern, compatible performance, cipher key spreading, injection licensing status, error message.
12. processor as claimed in claim 11 is characterized in that:
Described transport packet is drawn together one or more in following: certificate information, identity information, negotiation information, authorization message, password information, key information, algorithm information, summary info, user security entropy, security of system entropy, insert card, can extract card.
13. processor as claimed in claim 11 is characterized in that:
Described injection licensing status comprises following one or more: white nude film, the white nude film of second office, the white nude film of the 3rd office, authorize finish, the first machine-operated unauthorized, the second machine-operated unauthorized, the 3rd machine-operated unauthorized, permission inject.
14. processor as claimed in claim 1 is characterized in that:
Described first instruction system comprises external user I/O instruction, and described external user I/O instruction is used to apply for that the operation of communication link between certificate registration, foundation and administrative center and the user controls, and comprises in following one or more:
User's instruction of shaking hands is in the process that agreement is carried out, and when the link both sides began to carry out feature operation or end operation, mutual authentication was carried out the interactive information instruction of correctness;
The certificate registering instruction is user when carrying out certificate registration and authorizing, and sends the operation start mark control before the user certificate information;
Data transfer instruction is when carrying out the transmission encrypting information function, sends the preceding operation start mark control of enciphered message;
The authentication instruction is when carrying out identity authentication function, the operation start mark control before transmission authentication information and the authentication safety entropy information;
The key agreement instruction is when carrying out public keys calculating or key-switch function, sends the preceding operation start mark control of cipher key calculation information;
The data authentication instruction is when carrying out transmission data and data summarization authentification of message function, sends the preceding operation start mark control of data summarization information; And
Safe entropy instruction, when being safety equipment execution initialization operation, the link both sides need the consistent operation of determining common entropy for authentication.Control as sending the preceding operation start mark of safe entropy information during execution.
15. processor as claimed in claim 1 is characterized in that:
Described first instruction system comprises administrative center I/O instruction, and the I/O instruction of described administrative center is used for the operation of communication link between the registration of authorized user certificate, foundation and the effective family to be controlled, and comprises in following one or more:
Administrative center's instruction of shaking hands is in the process that agreement is carried out, and when the link both sides began to carry out feature operation or end operation, mutual authentication was carried out the interactive information instruction of correctness;
Authorized order is when carrying out user certificate registration authorization function, sends the preceding operation start mark control of authorized user certificate information;
Data transfer instruction is when carrying out the transmission encrypting information function, sends the preceding operation start mark control of enciphered message;
The authentication instruction is when carrying out identity authentication function, the operation start mark control before transmission authentication information and the authentication safety entropy information;
The key agreement instruction is when carrying out public keys calculating or key-switch function, sends the preceding operation start mark control of cipher key calculation information;
The data authentication instruction is when carrying out transmission data and data summarization authentification of message function, sends the preceding operation start mark control of data summarization information;
Safe entropy instruction, when being safety equipment execution initialization operation, the link both sides need the consistent operation of determining common entropy for authentication, control as sending the preceding operation start mark of safe entropy information during execution.
16. processor as claimed in claim 1 is characterized in that:
Described first instruction system comprises the control operation instruction, and described operation steering order comprises the instruction of protocol operation control and the instruction of system operation control, wherein
The instruction of described protocol operation control is used for realizing the instruction of the fault processing and the end process function of protocol implementation;
The instruction of described system operation control is used to realize auxiliary agreement implementation operating function, the instruction that the state of protocol instructions is handled.
17. processor as claimed in claim 16 is characterized in that:
The instruction of described system operation control comprises the instruction that is used for following one or more processing of processing: program scheduler, data processing, interface initialization, function management.
18. processor as claimed in claim 16 is characterized in that:
Described protocol operation steering order comprises one or more in following: communication instruction, and it comprises and is used to apply for registration of, change registration, authorizes, changes mandate first, upgrades and authorize or the instruction of communicating pair handshaking information; Function command, it comprises data transfer instruction, authentication instruction, key agreement instruction or data authentication instruction; And safe entropy instruction.
19. a processor is characterized in that this processor to small part is reconstitutable, this processor is supported first instruction system, and described first instruction system comprises a plurality of instructions relevant with security protocol, and this processor comprises:
System administration manager is used for system is managed, and it can the executive system initialization, injection and error-logic control;
The kernel computing module can be operated according to security protocol;
The agreement code translator can be controlled the kernel computing module and realize agreement;
Interface module is used for processor and is connected with interface between the external unit and controls; And
Memory module is used for required information and the data of storage of processor operation.
20. processor as claimed in claim 19 is characterized in that, described kernel computing module further comprises:
Macro instruction code translator, configuration of IP, the IP that can recombinate, several greatly arithmetic unit, random number arithmetic unit,
Wherein said macro instruction code translator is used for protocol procedure instruction is deciphered, and controls configuration of IP, the IP that can recombinate, counts arithmetic unit, random number arithmetic unit greatly by decode results, realizes command function.
21. processor as claimed in claim 20 is characterized in that, described agreement code translator is deciphered protocol instructions, and according to the decode results of protocol instructions, receive the data that protocol instructions is carried, the desired protocol procedure of invocation protocol command function drives the macro instruction code translator.
22. processor as claimed in claim 19 is characterized in that, described agreement code translator is suitable for carrying out in following one or multinomial: the command status test comprises the input/output state test; Test is injected in instruction; Instruction decode comprises macro instruction scheduling, fault processing, macro instruction I/O operation; And the communications status test, comprise level of confidentiality, authorize the system test.
23. processor as claimed in claim 19 is characterized in that, described injection comprises information relevant with security protocol and data is injected into memory module block of information and data field, wherein
Described memory module comprises block of information and data field, described block of information is used for storage security information, and described data field is used for storage of public keys parameter, Device keys, authorisation device authentication certificate, KI, algorithm routine, protocol procedure, authorized user public key certificate.
24. processor as claimed in claim 19 is characterized in that, described macro instruction code translator also is used for second instruction system is deciphered, and this second instruction system comprises a plurality of instructions relevant with configuration file.
25. processor as claimed in claim 24 is characterized in that, described macro instruction code translator also is used for the 3rd instruction system is deciphered, and described the 3rd instruction system is different from described first and second instruction systems.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN200910161369.XA CN101996155B (en) | 2009-08-10 | 2009-08-10 | Processor supporting a plurality of command systems |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN200910161369.XA CN101996155B (en) | 2009-08-10 | 2009-08-10 | Processor supporting a plurality of command systems |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101996155A true CN101996155A (en) | 2011-03-30 |
| CN101996155B CN101996155B (en) | 2014-01-29 |
Family
ID=43786326
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN200910161369.XA Active CN101996155B (en) | 2009-08-10 | 2009-08-10 | Processor supporting a plurality of command systems |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101996155B (en) |
Cited By (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104507085A (en) * | 2015-01-13 | 2015-04-08 | 重庆邮电大学 | Wireless body area network data encryption method |
| CN105721451A (en) * | 2016-01-27 | 2016-06-29 | 深圳市盛弘电气股份有限公司 | Extensible Modbus protocol analyzing method and device |
| CN105760137A (en) * | 2016-01-28 | 2016-07-13 | 上海新储集成电路有限公司 | Configurable microcontroller core and using method thereof |
| CN107358124A (en) * | 2017-06-14 | 2017-11-17 | 北京多思技术服务有限公司 | A kind of processor |
| CN107358125A (en) * | 2017-06-14 | 2017-11-17 | 北京多思科技工业园股份有限公司 | A kind of processor |
| CN107729772A (en) * | 2017-06-14 | 2018-02-23 | 北京多思科技工业园股份有限公司 | A kind of processor |
| CN109871695A (en) * | 2019-03-14 | 2019-06-11 | 沈昌祥 | A kind of credible calculating platform of calculating and the parallel dual Architecture of protection |
| CN110659507A (en) * | 2019-08-02 | 2020-01-07 | 北京多思安全芯片科技有限公司 | Safety processor |
| CN110750233A (en) * | 2019-09-19 | 2020-02-04 | 太原理工大学 | A Random Number Generator Based on Two-Input Two-Output Logic Gate Asymmetric Autonomous Boolean Network |
| CN111209037A (en) * | 2018-11-22 | 2020-05-29 | 深圳市中兴微电子技术有限公司 | RISC processor architecture and its realizing method |
Family Cites Families (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1234079C (en) * | 2002-10-31 | 2005-12-28 | 浙江大学 | High-speed information safety processor |
| CN1332522C (en) * | 2003-12-25 | 2007-08-15 | 电子科技大学 | Method for making cipher chip having security protection function |
| CN1635732A (en) * | 2003-12-27 | 2005-07-06 | 海信集团有限公司 | Instruction system with reconfigurable password coprocessor |
| CN1635731A (en) * | 2003-12-27 | 2005-07-06 | 海信集团有限公司 | Reconfigurable password coprocessor circuit |
| US7441224B2 (en) * | 2006-03-09 | 2008-10-21 | Motorola, Inc. | Streaming kernel selection for reconfigurable processor |
-
2009
- 2009-08-10 CN CN200910161369.XA patent/CN101996155B/en active Active
Cited By (14)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104507085A (en) * | 2015-01-13 | 2015-04-08 | 重庆邮电大学 | Wireless body area network data encryption method |
| CN105721451B (en) * | 2016-01-27 | 2019-03-05 | 深圳市盛弘电气股份有限公司 | A kind of prolongable Modbus protocol analysis method and device |
| CN105721451A (en) * | 2016-01-27 | 2016-06-29 | 深圳市盛弘电气股份有限公司 | Extensible Modbus protocol analyzing method and device |
| CN105760137A (en) * | 2016-01-28 | 2016-07-13 | 上海新储集成电路有限公司 | Configurable microcontroller core and using method thereof |
| CN107358124A (en) * | 2017-06-14 | 2017-11-17 | 北京多思技术服务有限公司 | A kind of processor |
| CN107729772A (en) * | 2017-06-14 | 2018-02-23 | 北京多思科技工业园股份有限公司 | A kind of processor |
| CN107358125A (en) * | 2017-06-14 | 2017-11-17 | 北京多思科技工业园股份有限公司 | A kind of processor |
| CN107358124B (en) * | 2017-06-14 | 2020-05-22 | 北京多思安全芯片科技有限公司 | Processor |
| CN107358125B (en) * | 2017-06-14 | 2020-12-08 | 北京多思科技工业园股份有限公司 | Processor |
| CN111209037A (en) * | 2018-11-22 | 2020-05-29 | 深圳市中兴微电子技术有限公司 | RISC processor architecture and its realizing method |
| CN109871695A (en) * | 2019-03-14 | 2019-06-11 | 沈昌祥 | A kind of credible calculating platform of calculating and the parallel dual Architecture of protection |
| CN110659507A (en) * | 2019-08-02 | 2020-01-07 | 北京多思安全芯片科技有限公司 | Safety processor |
| CN110659507B (en) * | 2019-08-02 | 2023-02-21 | 北京多思安全芯片科技有限公司 | Safety processor |
| CN110750233A (en) * | 2019-09-19 | 2020-02-04 | 太原理工大学 | A Random Number Generator Based on Two-Input Two-Output Logic Gate Asymmetric Autonomous Boolean Network |
Also Published As
| Publication number | Publication date |
|---|---|
| CN101996155B (en) | 2014-01-29 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101996155B (en) | Processor supporting a plurality of command systems | |
| US20240031158A1 (en) | Secure unlock systems for locked devices | |
| CN101996154B (en) | General processor supporting reconfigurable safety design | |
| CN113014539B (en) | Internet of things equipment safety protection system and method | |
| CN101997834B (en) | Device for supporting high-performance safety protocol | |
| US11886574B2 (en) | Using a trusted execution environment for a cryptographic key wrapping scheme that verifies remote device capabilities | |
| Owusu et al. | OASIS: On achieving a sanctuary for integrity and secrecy on untrusted platforms | |
| US7457960B2 (en) | Programmable processor supporting secure mode | |
| US20210374232A1 (en) | Data distribution using a trusted execution environment in an untrusted device | |
| US20040093505A1 (en) | Open generic tamper resistant CPU and application system thereof | |
| US11520878B2 (en) | Using a trusted execution environment for a proof-of-work key wrapping scheme that restricts execution based on device capabilities | |
| CN109992987B (en) | Script file protection method and device based on Nginx and terminal equipment | |
| CN101908112B (en) | Test method and system of security chip | |
| CN101114326A (en) | Systems and methods for computer device authentication | |
| US20210374233A1 (en) | Data distribution across multiple devices using a trusted execution environment in a mobile device | |
| CN113014444A (en) | Internet of things equipment production test system and safety protection method | |
| Ozkan et al. | Security analysis of mobile authenticator applications | |
| CN114697113A (en) | Hardware accelerator card-based multi-party privacy calculation method, device and system | |
| CN116614269A (en) | Intelligent database encryption system, method, equipment and medium of front-end proxy | |
| Khan et al. | Secure local configuration of intellectual property without a trusted third party | |
| Drimer et al. | Protecting multiple cores in a single FPGA design | |
| CN115941279A (en) | Encryption and decryption method, system and equipment for user identification in data | |
| WO2020107025A2 (en) | A security-enabled microprocessor for a security-enabled computing system | |
| CN106919846B (en) | Message middleware processing method and system | |
| Künnemann | Foundations for analyzing security APIs in the symbolic and computational model |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| ASS | Succession or assignment of patent right |
Owner name: NANSI SCIENCE AND TECHNOLOGY DEVELOPMENT CO LTD, B Free format text: FORMER OWNER: BEIJING WISDOM TECHNOLOGY DEVELOPMENT CO., LTD. Effective date: 20141009 |
|
| C41 | Transfer of patent application or patent right or utility model | ||
| COR | Change of bibliographic data |
Free format text: CORRECT: ADDRESS; FROM: 100080 HAIDIAN, BEIJING TO: 100091 HAIDIAN, BEIJING |
|
| TR01 | Transfer of patent right |
Effective date of registration: 20141009 Address after: 100091, Beijing Haidian District red mountain Yamaguchi 3 maintenance group new building 189, a layer Patentee after: Nansi Science and Technology Development Co., Ltd., Beijing Address before: 100080, Beijing, Zhongguancun Haidian District South Avenue, building 56, B801 Patentee before: Beijing Duosi Technology Development Co., Ltd. |
|
| C41 | Transfer of patent application or patent right or utility model | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20160223 Address after: 100095, room 108, building G, quiet core garden, No. 25, North Hollywood Road, Beijing, Haidian District Patentee after: Beijing Duosi security chip technology Co. Ltd. Address before: 100091, Beijing Haidian District red mountain Yamaguchi 3 maintenance group new building 189, a layer Patentee before: Nansi Science and Technology Development Co., Ltd., Beijing |
|
| DD01 | Delivery of document by public notice |
Addressee: Zhou Yan Document name: Notification of Passing Examination on Formalities |
|
| C41 | Transfer of patent application or patent right or utility model | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20160713 Address after: 100195, room 106, building G, quiet core garden, No. 25, North Hollywood Road, Beijing, Haidian District Patentee after: Beijing tianhongyi Network Technology Co., Ltd. Address before: 100195, room 108, building G, quiet core garden, No. 25, North Hollywood Road, Beijing, Haidian District Patentee before: Beijing Duosi security chip technology Co. Ltd. |
|
| C41 | Transfer of patent application or patent right or utility model | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20160720 Address after: 100195, room 109, block G, Beijing quiet garden, 25 North Road, North Hollywood village, Beijing, Haidian District Patentee after: Beijing Duosi technical services Co. Ltd. Address before: 100195, room 106, building G, quiet core garden, No. 25, North Hollywood Road, Beijing, Haidian District Patentee before: Beijing tianhongyi Network Technology Co., Ltd. |
|
| CP02 | Change in the address of a patent holder | ||
| CP02 | Change in the address of a patent holder |
Address after: 100192 no.814, 8th floor, building 26, yard 1, Baosheng South Road, Haidian District, Beijing Patentee after: BEIJING DUOSI TECHNICAL SERVICE Co.,Ltd. Address before: 100195 room 109, block G, Beijing static core garden 25, North Wu Village, Haidian District, Beijing. Patentee before: BEIJING DUOSI TECHNICAL SERVICE Co.,Ltd. |