摘要
随着”云计算”概念的提出以来,云计算及其相关的应用现在已经取得了蓬勃发展。云计算的核心思想是将网络连接的计算资源由”云”的提供商统一管理和调度,根据用户的需求来分配计算力,存储空间等服务。基于此,面向云计算的安全终端需要能够提供大数据量加解密的能力,另外,由于”云”具有超强的计算能力,对当前现有的安全密码强度是一个巨大的挑战,安全终端也需要提高各种密码算法现有的安全强度,增大密钥的长度,使其能够具有很好的灵活性去处理更长密钥的算法。然而作为终端,除了达到所必须的性能要求外,功耗也是设计考虑中非常重要的因素,以延长终端工作的时间。
本论文通过对云计算终端进行需求分析,从两方面入手,提出相应的解决方案:本文首先设计了一个应用于安全领域ASIP,进而对此ASIP进行扩展提出了VLIW结构的高性能安全处理器SophSEC,用于支持常见的当前三大类密码算法:对称,哈希和公钥算法。然后,本论文分析了当前常见的多核互联架构,提出了共享总线的SoC安全平台和基于片上网络的NoC安全平台。其中SoC平台集成了MIPS,数据封装处理器PP及多个安全处理器SophSEC,采用AMBATMAHB总线进行互联,以达到较高性能与较小的面积功耗开销,适用于较小型的安全终端,如手持终端或移动终端等;而NoC平台应用Mesh互联网络集成多个MIPS及SophSEC处理器以达到高性能密码算法处理的要求,适用于较大型的安全终端,如家庭网关,无线AP等。
为了验证本论文所设计的安全终端,安全处理器SophSEC及SoC平台已经过SMIC 0.13μm CMOS工艺流片,NoC平台经过Mentor公司的硬件仿真仪进行实现和验证,并采用synopsys公司的Design Compiler进行了逻辑综合。经测试表明,所设计的SoC平台面积为321.5K等效与非门,对AES-128, SMS4,SHA-1,RSA-1024算法以及CCMP协议的性能分别达到了564Mbps,212Mbps, 256Mbps,19Kbps和131Mbps,功耗为325mW@100M Hz。NoC平台面积为3.08M等效与非门,对AES-128, SMS4, SHA-1和RSA-1024算法的性能分别为3.54Gbps,2.08Gbps,1.64Gbps和66.7KbpS。所设计的平台达到了预期的指标,在实现高性能的数据加解密处理的前提下,同时具有性能功耗可配置且便于扩展的优点,十分适用于面向云计算的安全终端,具有很好的应用前景。
Along with concept of the "Cloud Computing", Cloud computing and its relative applications has achieved vigorous development. The key thought of the cloud computing is that a good deal of computing resource connected by network is managed and dispatched uniformly by provider, and distribute the computing resource according to users' demand. Based on this thought, cloud computing-oriented security terminals must have the ability to encrypt and decrypt massive data. In addition, current safe cryptography intensity confronts a big challenge because of the strong computing ability of cloud. The cloud computing-oriented termainals need to improve the current security intensity for various cryptography algorithms, and increase the key-length, which demands the high-level security calcation for terminals. What's more, as a terminal, especial for a mobile one, power comsuption is very important factor in the design except for the performance requirement. Security terminals must try to reduce the power consumption to extend the working hours.
Based on the analysis of cloud computing-oriented terminals requirements, our paper proposes a high efficiency hardware design to support the demands of the security terminals. Firstly, we propose a security domain application specific instruction set processor (ASIP), and based on this ASIP, we give an extended VLIW AS IP, SophSEC, with high performance, and it can support three main types of ciphters, symmetric-key algorithms, hash functions, and public-key algorithms. At the same time, we analyze the characteristic of popular multi-core platform:the SoC based on system bus and NoC Platform, and present the hardware design of high efficienty SoC and NoC platform. Here, SoC Platform integrates MIPS, PP and multiple SophSEC, and cores are connected by AMBATM AHB Bus. The SoC Platfomr is used for minitype terminals with reasonable performance and low area cost or power consumption, such as handheld and mobile terminals. And NoC Platfomr integrates multiple MIPSs and SophSECs, and achieves high performance of cryptography algorithms. This platform is used for large-scale terminals, such as domestic gateway or wireless AP.
In order to verify the proposed security terminals, the proposed cryptography ASIP, SophSEC, and SoC Platform are implemented into chip by the SMIC 0.13μm standard CMOS technology, and the NoC array is also synthesized by Mentor's Veloce Solo Emulater and Design Compiler. The testing results indicates that, the SoC platform area is 321.5K equivalent XOR gates, the throughput are 564Mbps, 212Mbps,256Mbps,19Kbps和131Mbps for AES-128, SMS4, SHA-1, RSA-1024 and CCMP respectively, and the chip's power consumption is 325mW@100M Hz。The NoC area is 3.08M gates, and the throughtput are 3.54Gbps,2.08Gbps,1.64Gbps, and 66.7Kbps for AES-128, SMS4, SHA-1, RSA-1024 respectively。Both platform achieve the target of performance, area and power consumption, and have the ability to support the encryption and decryption for massive data, and has the advantage of performance & power scalability and easy to extend. Our proposed Platforms are very suitable for the cloud computing-oriented security terminal, and also have a good prospective for applications.
引文
[1]Peter Mell, Tim Grance, The NIST definition of Cloud Computing,2010-07-09, Ver sion 15. [Online]. Available:http://csrc.nist.gov/groups/SNS/cloud-computing
[2]Luis M. Vaquero, Luis Rodero-Merino, Juan Caceres, Maik Lindner, "A Break in t he Clouds:Towards a Cloud Definition", ACM SIGCOMM Computer Communicat ion Review, Volume 39, No.1, Jan 2009.
[3]Frank Gens, SVP & Chief Analyst, Cloud Computing in the Enterprise, Enterprise IT in the Cloud Computing Era New IT Models for Business Growth & Innovati on, IDC.
[4]R.L. Rivest, A.Shamir and L. Adleman, "A method for obtaining digital signatures and public-key cryptosystems", Common.ACM, Feb 1978, page(s):120-126。
[5]IEEE Standard for Information technology — Telecommunications and information e xchange between systems — Local and metropolitan area network — Specific re quirements. Part 11:Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications. IEEE std 802.11TM—2007, http://ieeexplore.ieee.org
[6]Zhao Hui Tang, Li Xu, Zhide Chen, Fuchun Guo, "On the Security of WAPI Prot ocol in the Third Version of WAPI", Intelligent Information Hiding and Multimedi a Signal Processing, ⅡHMSP'08 International Conference,2008, Page(s):516-519
[7]Craig Gentry, "Fully Homomorphic Encryption Using Ideal Lattices",41st ACM Sy mposium on theory of computing, STOC,2009.
[8]A.J. Menezes, P.C. Van Oorschot, and S.A. Vanstone, Handbook of Applied Crypto graphy, CRC Press, Oct.1996.
[9]William Stallings,杨明,胥光辉,齐望东等译,“密码编码学与网络安全:原理与实践(第二版)”,电子工业出版社,2001年4月第2版.
[10]National Institute of Standards and Technology (NIST), Data Encryption Standard (DES), FIPS Publication 46-3, Oct.1999. [Online]. Available:http://csrc.nist.gov/pu blications/fips/fips46-3/fips46-3.pdf.
[11]Joan Daemen, Vincent Rijmen, The Design of Rijndael:AES-The Advanced En cryption Standard, Copyright (?)Sringer-Verlag Berlin Heidelberg,2002.
[12]Office of State Commercial Administration of China, "SMS4 cipher for WLAN p roducts",2006. [Online]. Available:http://www.oscca.gov.cn/UpFile/20062101642319 7990.pdf
[13]R.L.Rivest, A.Shamir and L.Adleman, "A method for obtaining digital signatures and public-key cryptosystems", Commun.ACM, pp.120-126, Feb.1978.
[14]Diffie W., and Hellman M., "New Directions in Cryptography", IEEE Transaction s on Information Theory, Nov.1976.
[15]D.Hankerson A.M., and S.Vanstone, Guide to Elliptic Curve Cryptography, Spring er-Verlag New York, Inc.2004
[16]D.E. Knuth, The Art of Computer Programming:Seminumerical Algorithm, vol.2, Addison-Wesley,2nd edition,1981.
[17]G.R. Blakley, "A computer algorithm for calculating the product AB modulo M", IEEE Transaction.Computers, pp.497-500, May 1983.
[18]P.L. Montgomery, "Modular multiplication without trial division", Mathematics of Computation, vol.44, pp.519-521, April 1985.
[19]M.S. Kang and F.J. Kurdahi, "A novel systolic VLSI architecture for fast RSA modular multiplication", ASIC IEEE Asia-Pacific Conference, pp.81-84, Aug.2002.
[20]R. Rivest, RFC1321, The MD5 Message Digest Algorithm, MIT Laboratory for C omputer Science and RSA Data Security Inc, Apr.1992.
[21]Secure Hash Standard, Federal Information Processing Standards Publication 180-2, Aug.2002
[22]The Keyed-Hash Message Authentication Code (HMAC), Federal Information Proc essing Standards Publication FIPS PUB-198, March.2002.
[23]Mao-Yin Wang, Chih-Pin Su, Chia-Lung Horng, Cheng-Wen Wu, Chih-Tsun Huan g, "Single-and Multi-core Configurable AES Architecture for Flexible Security", V ery Large Scale Integration (VLSI) Systems, IEEE Transaction on,2010, Vol:18, N o.4, Page(s):541-552.
[24]Sivakumar C., Vermurugan A., "High Speed VLSI Design CCMP AES Cipher fo r WLAN (IEEE 802.11i)", Signal Processing, Communications and Networking,20 07, ICSCN 07. International Conference on Feb.2007, Page(s):398-403
[25]Good T., Benaissa M., "692-nW Advanced Encryption Standard (AES) on a 0.13-um CMOS". Very Large Scale Integration (VLSI) Systems, IEEE Transaction on, 2010, Vol.18, No.12, Page(s):1753-1757
[26]M.D. Shieh, J.H. Chen, H.S. Wu. and W.C. Lin, "A new modular exponentiation architecture for efficient design of RSA cryptosystem", IEEE Trans. Very Large S caie Integr.Syst, Vol.16, No.9, pp.1151-1161,2008
[27]Shoufan A., Wink T., Molter H.G, Huss S.A., Kohnerc E., "A novel Cryptoproce ssor Architecture for the McEliece Public-key Cryptosystem", Computers, IEEE Tra nsactions on, Vol.59, Issue.11,2010, Page(s):1533-1546
[28]Jun-Hong Chen, Ming-Der Shieh, Wen-Ching Lin, "A High Performance Unified-Field Reconfigurable Cryptography Processor", Very Large Scale Integration (VLSI) Systems, IEEE Transaction on,2010, Vol:18, No.8, Page(s):1145-1158
[29]J. Goodman, and A.P. Chandrakason, "An energy-efficient reconfigurable public-ke y cryptography processor", IEEE Journal Solid-State Circuits, vol.36, no.11, pp.18 08-1820,2001
[30]D. Carlson, D. Brasili, A. Hughes, A. jain ant etc., "A high performance SSL IP SC protocol aware security processor", in IEEE International Solid-State Circuits C onference (ISSCC),2003
[31]Chen-Hsing Wang, Jen-Chieh Yeh, Chin-Tsun Huang, Chen-Wen Wu, "Scalable S ecurity Processor Design and Its Implementation", Asian Solid-State Circuit Confer ence, ASSCC 2005, Page(s):513-516
[32]Howon Kim, Sunggu Lee, "Design and Implementation of a Private and Public-k ey Crypto Proecssor and Its Application to a Security System", IEEE Transactions on Consumer Electronics, Vol.50, No.l,2004
[33]Chen-hsing Wang, Chih-Yen Lo, Min-Sheng Lee, Jeh-Chieh Yeh, Chih-Tsun Huan g, Cheng-Wen Wu, Shi-yu Huang, "A network security processor design based on an integrated SoC design and test platform", IEEE/ACM Design Automation Confe rence,2006, Page(s):490-495
[34]A. Murat Fiskiran,"Instruction set architecture for accelerating cryptographic proce ssing in wireless computing devices", the dissertation of Princeton university,2005
[35]Eslami Y, Sheikholeslami A., Gulak P.G., Masui S., Mukaida K., "An area-efficie nt universal cryptography processor for smart cards", Very Large Scale Integration (VLSI) Systems, IEEE Transaction on Vol.14, Issue.1, Page(s):43-56
[36]Wei Huang, Jun Han, Shuai Wang, Xiaoyang Zeng, "A low-complexity heterogen eous multi-core platform for security SoC", Solid-State Circuits Conference (A-SSC C),2010 IEEE Asian, Page(s):1-4.
[37]Kondo H., Nakajima M., etc., "Design and Implementation of a configurable Het erogeneous Mulit-core SoC with Nine CPUs and Two Matrix processors", Solid-St ate Circuits, IEEE Journal of, Vol.43, no.4,2008, pp.892-901
[38]M.Y Wang, C.W. Wu, "A Mesh-Structured Scalable IPsec Processor", IEEE Trans, on Very Large Scale Integration (VLSI) Systems, Vol.18, no.5,2010, pp.725-731
[39]Nowka K.J., Crapenter G.D., MacDonald E.W., Ngo H.C., Brock B.C., Ishii K.I., Nguyen T.Y., "A 32-bit PowerPC system-on-chip with support for dynamic voltag e scaling and dynamic frequency scaling", Solid-State Circuits, IEEE Journal of, V ol.37, Issue.11,2002, Page(s):1441-1447.
[40][Online]. Available:http://www.safenet-inc.com
[41]Intel IXP2800 Network Processor, Hardware Reference Manual, Intel Corporation, August 2004
[42]Broadcom SiByte, [Online]. Available:http://zh-cn.broadcom.com/products/brands/Si Byte,Broadcom Inc.
[43][Online]. Available:http://www.caviumnetworks.com.
[44]MIPS32(?)4KE User Manual. [Online]. Available:http://www.mips/com/products/cor es/32-64-bit-cores/mips32-4ke/#resources
[45]J.A Fisher, "Very long instruction word architectures and the ELI-512", in Proc.1 0th Annu. Int.Symp. Computer Architecture, Stockholm, Sweden, June 13-17,1983.
[46]A. Terechko, E.L. Thenaff, M. Garg, J.V Eiljndhoven, Henk, "Inter-cluster Comm unication Models for clustered VLIW processor", Proceeding of the 9th Internationa 1 Symposium on High-Performance Computer Architecture (HPCA-9'03) 2002.
[47]Murat Fiskran A., Lee R.B, "Fast parallel table lookups to accelerate symmetric-k ey cryptography", in information Technology:Coding and Computing. International Conference on Vol.1, April 2005, Page(s):526-531
[48]N.Takagi, "A VLSI Algorithm for Modular Division Based on the Binary GCD a lgorithm", IEICE Trans.fundamentals, vol.E81-A, No.5, pp.724-728, May.1998.
[49]Makoto IHSIKAWA et al, "A 4500 MIPS/W,86u Resume-Standby, 11uA Ultra-St andby Application Processor for 3G Cellular Phones", IEICE Transactions 2005, o n Electronics Vol.4 pp.528-535
[50]S.Kent and R.Atkinson, "Security Architecture for the Internet Protocol-RFC24 01", IETF RFC,1998.
[51]H. Jiang, Marek-Sadowska, etc., "Benefits and Costs of Power-Gating Technique", IEEE International Conference on Computer Design:VLSI in Computers and Pro cessors,2005.
[52]Singh H., Agarwal K., Sylvester D., Nowka K.J., "Enhanced Leakage Reduction Teniques Using Intermediate Strength Power Gating". IEEE Transaction on Very L arge Scale Integration (VLSI) Systems,2007, Page(s):1215-1224
[53]D.C. Juan, Y.T. Chen, M.C. Lee, S.C. Chang, "An Efficient Wake-Up Strategy C onsidering Spurious Glitches Phenomenon for Power Gating Designs", IEEE Trans. on Very Large Scale (VLSI) Systems,2010, vol.18, no.2, pp.246-255
[54]William J. Dally, "Route Packets, Not wires:On-Chip Interconnection Networks", DAC'01. Proceedings of Design Automation Conference,2001.
[55]ARM Ltd. AMBATM Specification [S]. ARM Ltd, May 1999;
[56]Rechard Herveille, WISHBONE System-on-Chip (SoC) Interconnection Architectur-e for Portable IP Cores [S]. OpenCores organization,2002.
[57]P.P. Pande, Cristian Grecu, Michael Jones, Andre Ivanov, Resve Saleh, "Performa nce Evalation and Design Trade-Offs for Network-on-Chip Interconnect Architectur es", IEEE Transaction on Computers, Vol.54, no.8, Aug 2005. Page(s):1025-1040
[58]Jean J. Labrosse著,邵贝贝等译.嵌入式实时的操作系统uc/OS-II[M].北京:航空航天大学出版社,2007.
[59]Dimitris T., Alexandros S., Dionisis P., "Ccproc:A Custom VLIW Cryptography Co-processor for Symmetric-Key Ciphers", Reconfigurable Computing:Architecture, Tools and Applications 2009, Page(s):318-323
[60]Lisa Wu, Chris Weaver, and Todd Austin, "CryptoManiac:A Fast Flexible Archit ecture for Secure Communication",28th Annual International Symposium on Comp uter Architecture (ISCA),2001
[61]Rainer Buchty, Nevin Heintze, Dino Oliva, "Cryptonite:A Programmable Crypto Processor Architecture for High-Bandwidth Applications", Organic and Pervasive C omputing ARCS 2004, Page(s):184-198
[62]Haixin Wang, Guoqiang Bai, Hongyi Chen, "Zodiac:System Architecture Implem entation for a High-Performance Network Security Processor",19th IEEE Internatio nal Conference on Application-Specific Systems, Architecture and Processors,2008, Page(s):91-96
[63]Sreedharan D, Akoglu A, "A hybrid processing element based reconfigurable arch itecture for hash algorithms", IEEE International Symposium on Parallel and Distri buted processing 2008, Page(s):1-8
[64]N. Smyth, M. McLoone, and J. McCanny, "WLAN security processor", IEEE Tra nsactions on Circuits and Systems,2006, pp.1506-1520
[65]O'Melia S., and Elbirt A.J., "Enhancing the Performance of Symmetric-Key Cryp tography via Instruction Set Extensions", Very Large Scale Integration (VLSI) Syst ems, IEEE Transactions on Vol.18 Nov.2010, on Page(s):1505