摘要
即将到来的第三代移动通信系统是一个能在全球范围无线接入并使用的网络系统,它除了传统的语音业务外,还提供无线高速的数据业务。在给人们的生活带来丰富多彩的移动应用的同时,也将带来信息安全问题。目前,第三代移动通信系统的安全技术已成为当前移动通信技术研究中的重点课题之一。作为信息安全中核心技术中的核心,相关密码算法密码芯片的研制,在第三代移动通信技术中,仍然占有重要的地位。
本论文根据目前我国GSM网络占主流的实际情况和国内外对第三代移动通信技术的研究现状,基于第三代伙伴关系计划标准化组织(3GPP)制定和实施的WCDMA标准,介绍了第三代移动通信系统的安全结构,就其核心算法KASUMI的应用背景、研究及硬件实现现状作了说明。论文同时分析了核心算法KASUMI的结构原理,对目前已经完成的算法分析进行了总结。
作者从一般密码算法硬件实现方法和技术分析入手,详细讨论了采用可编程逻辑门阵列(FPGA)进行KASUMI算法的硬件实现,并从实用性能角度出发,完成了算法芯片的研制。在此硬件实现的结果芯片基础上,设计了32位的基于PCI总线的KASUMI加密卡,编写了Windows2000/XP下的Windows驱动程序模型(WDM)驱动程序和链路加密应用程序,由此构成一个应用演示系统,作为研制结果的应用评估,为进一步进行第三代移动通信系统相关安全技术研究和开发提供了基础条件。
The 3rd Generation mobile radio system (3G) is an oncoming network system, which can be accessed wirelessly all the world. It will not only provide traditional communication service, but also provide the high-speed wireless data service. 3G makes the various mobile application available, at the same time, it also put forward the information security issues. Right now 3G security technology has become one of the key tasks of the Mobile Telecommunications technology. The development of cipher chips of some corresponding cipher algorithms-as a kernel of the core of information security-is very important in 3G Mobile Telecommunications technology.
Based on the fact that GSM network is widely used in China and the research actuality on 3G technology all over the world, aiming at WCDMA standard which was developed by the 3rd Generation Partner Project(3GPP), this paper introduces 3G security architecture, the application background of 3G security's core algorithm-KASUMI, and the progress on hardware implementation of KASUMI. Meanwhile the paper analyzes the structure of KASUMI and summarizes the analysis of KASUMI which has already been accomplished.
After the investigation of the general technology of hardware implementation, how to implement the KASUMI algorithm using Field Programmable Gate Array (FPGA) device is discussed in detail, and the author develops the Cipher Chip of KASUMI algorithm, the KASUMI Cipher Card based on 32-bits PCI bus, the WDM device driver that used in Windows2000/XP, and the software to demostrate encrypting data link. Finally, an application demostration is constructed with all the above implementation. As an evaluation of the result of the investigation and the development, this system can be used as the base platform for further investigation and test of 3G security technology.
引文
[1]吕述望.芯片密码年代—我们能做点什么.计算机安全.2003,No.2
[2]3GPP TS 33.102 version 4.0.0: 3G Security Architecture. ftp://ftp.3gpp.org/specs/2002-6/R2002/33_series/33102-370.zip
[3]3GPP TS 33.105 version 4.0.0: Cryptographic Algorithm Requirements. ftp://ftp. 3gpp. org/specs/2002-6/R2002/33_series/33105-360.zip
[4]3GPP TS 35.201 version 4.0.0: Specification of the 3GPP Confidentiality and Integrity Algorithms; Doucument 1:f8 and f9 Specification. http://www. etsi. org/dvbandca/3GPP/3gppspecs.htm.
[5]3GPP TS 35.202 version 4.0.0: Specification of the 3GPP Confidentiality and Integrity Algorithms; Doucument 2: KASUMI Specification. http://www.etsi.org/dvbandca/3GPP/3gppspecs.htm.
[6]3GPP TS 35.203 version 4.0.0: Report on the Evaluation of 3GPP Standard Confidentiality and Integrity Algorithms. http://www.etsi.org/dvbandca/3GPP/3gppspecs.htm.
[7]Mitsuru Matsui.New Block Encryption Algorithm MISTY, Proceedings of Fast Software Encryption'97 conference,in Lecture Notes in Computer Science 1267,Springer: pp.54-68
[8]Hans Donbbertin. Almost Perfect nonlinear Power Functions on GF(2~n).The Welch case, IEEE Transactions on Information Theory. 1999, Vol. 5, NO. 4
[9]S.Ar, R.J.Lipton, R.Rubinfeld, M.Sudan. Reconstructing algebraic functions from mixed data. SIAM J. of Computer.1998, Vol. 5, NO. 4: pp487-510
[10]Johan Wallen. Design Principles of the KASUMI Block Cipher. http://www.hut.fi
[11]王育民,何大可.保密学—基础与应用.西安:西安电子科技大学出版社,1990
[12]冯登国,裴定一.密码学导引.北京:科学出版社,1999
[13]冯登国,吴文玲.分组密码的设计和分析.北京:清华大学出版社,2000
[14]冯登国.密码分析学.北京:清华大学出版社,2000
[15]Steve Burnett,Stephen Pains.密码工程实践指南.冯登国等译.北京:清华大学出版社,2001
[16]V.Rijemn,J.Daemen. The block cipher Rijndael.http://www.nist.gov/aes.
[17]李广军,孟宪元.可编程ASIC设计及应用.成都:电子科技大学出版社,2000
[18]夏闻宇.复杂数字电路与系统的Verilog HDL设计技术.北京:北京航空航天大学出版社,1998:pp5-8
[19]Donald E.Thomsas等.硬件描述语言Verilog(第4版).刘明业等译.北京:清华大学出版社,2001
[20]Xilinx,Inc. The Programmable Logic Data Book 2002. http://www.xilinx. com/support/download/databook.pdf
[21]Xilinx, Inc. ISE 4 Tutorial. http://www.xilinx. com/support/download
[22]Xilinx, Inc. ISE 4 User Guide. http://www.xilinx. com/support/download
[23]刘大革等.FPGA布局布线的指导和调整.软件开发和应用.1995,NO.3
[24]余小游等.XC6200系列FPGA接口电路的设计方法.电子技术应用.1999,Vol.25,NO.1
[25]李世强.用FPGA实现DES算法的密钥简化算法.单片机与嵌入式系统应用.2002,NO.4
[26]Sami Maisnemi. Implementation of F8 and F9 Confidentiality and Integrity Algorithms. http://www.hut.fi
[27]陆浪如等.AES算法的FPGA实现.交通与计算机.2001,Vol.19,NO.5
[28]Benjamin Leperchey. FPGA implementation of the Rijndael algorithm. http://www.iacr.org
[29]Ramesh Karri. Field Programmable Gate Array Implemnetation of Advanced Encryption Standard Rijndael. http://www.cs.berkeley.edu/~iang/isaac/hardware/main.html
[30]陶军等.Serpent分组算法的FPGA快速实现.计算机应用研究.2000,NO.7
[31]李贵山等.PCI局部总线开发者指南.西安:西安电子科技大学出版社,1997
[32]PLX Technology, Inc. PCI 9052 Data Book. http://www.plxtech.com/dts/download.asp?f=9052/databook/9052db-20.pdf
[33]Microchip Technology,Inc. 93LC46 Data Book. http://www.microchip.com/download/93LC46_56_66.pdf
[34]Douglas R.Stinson.密码学原理与实践.冯登国译.北京:电子工业出版社,2003
[35]尤晋元,史美林.Windows操作系统原理.北京:机械工业出版社,2001
[36]Chris Cant.Windows WDM设备驱动程序开发指南.孙义等译.北京:机械工业出版社,2000
[37]郑伟绩.用DriverStudio开发PCI设备驱动程序.微型机与应用.2002,NO.9
[38]黄讯等.利用WinDriver开发PCI设备驱动程序.计算机应用.2001,NO.3
[39]Alan B.Marcovitz.逻辑电路设计基础.殷洪玺等译.北京:电子工业出版社,2002
[40]Man Young Rhee.CDMA蜂窝移动通信与网络安全.袁超伟等译.北京:电子工业出版社,2002
[41]刘明业等.专用集成电路高级综合理论.北京:北京理工大学出版社,2000
[42]刘丽华等.专用集成电路设计方法.北京:北京邮电大学出版社,2000
[43]王志华,邓仰东.数字集成系统的结构化设计高层次综合.北京:清华大学出版社,2000
[44]何斌,何大可.3-DES算法的FPGA高速实现.单片机与嵌入式应用系统.2003,NO.8
[45]孟宪元.可编程ASIC集成数字系统.北京:电子工业出版社,1998
[46]柯晓宇.可编程器件在密码算法实现上的应用.第7届通信保密与信息安全现状研讨会论文集,四川南坪,1999
[47]王健敏.密码模块的安全需求.第7届通信保密与信息安全现状研讨会论文集,四川南坪,1999
[48]Xavier Lagrange等.GSM网络与GPRS.顾肇基译.北京:电子工业出版社,2002
[49]Stefan Pütz, Roland Schmitz, Tobias Martin. Security Mechanisms in UMTS. Datenschutz und Datensicherheit. 2001, 25
[50]珍花.采用嵌入式可编程芯核进行SOC设计.电子产品世界.2002,NO.2
[51]石军,郑华.21世纪的系统设计展望.电子产品世界.2002,NO.4
[52]曹鹏,文灏,黄载禄.第三代移动通信系统安全.移动通信.2001,NO.1
[53]孙立新,尤肖虎等.第三代移动通信技术.北京:人民邮电出版社,2001.
