Design Of Trusted Computing Chip Based On RISC-? Soft-Core Processor

With the information technology developing at a rapid speed,the problem of information safety begin to loom large over the time.At the initial stage of CPU design,designers tend to give priority to the amelioration of performance and pay little attention to the safety.Traditional safety mechanism,including the firewalls,can hardly withstand the attacks that are directed at the logical defects.The safety protection measures do not suffice to guarantee the safety on the terminal devices.In order to cope with the external threats,Trusted Computing 3.0 puts forward the concept of proactive defense.As the basic chips that support the proactive defense system,Trusted Computing chips can provide external devices with some functions,such as attestation of integrity,data encryption,data decryption and so on.Such chips are based on the national secret algorithms.In an effort to realize the computing function of cryptography algorithm,we have introduced microprocessors as arithmetic control units.Among various CPU frameworks,RISC-? is an open-sourced one and its auxiliary ecological policies exist in profusion.Furthermore,RISC-? has the function of modular instruction sets,which enables users to freely choose different modules in accordance with their needs.HDL-based soft-core microprocessor has the advantages of low cost,strong transplantability,which means that function units can be customized to meet the users' needs.Therefore,it is of great significance to develop the trusted computing chips that are based on RISC-? soft-core processors.We use a self-designed 32-bit RISC-? soft-core processor as the microprocessor in Trusted Computing Chips,which adopts a five-grade pipeline structure and can support RV32 IM instruction set.Using AXI as the bus system,and using intellectual property core to design the UART?SPI?GPIO and other peripherals,and are integrated with true random number generators.At the level of hardware,we ensure the unpredictability of random number.The RTThread operating system is transplanted into our products,and the policies for trusted software are implemented on the basis of this operating system.In the Trusted Software Base,SM2 and SM3 cryptography algorithms are implemented in the form of software and serve as trusted cryptography modules.The Trusted Software Base obtain the information about core components from external devices,calculates the hash value in the method of SM3 hash algorithm,and emits power supply and reset signals in accordance with the comparison results.By combining the public key of SM2 cryptography algorithm with true random number to encrypt data,we improve the security of encryption results.our products can deduce the plain text from the encrypted text and private key so as to finish the decryption process.After we simulated the function of processor cores,the results showed that everything can function normally at each stage of the pipeline structure.After the Coremark/MHz was operated at the clock frequency of 50 MHz,we got a score of 2.48.We burned the processor to Xilinx XC7A100 T FPGA so as to verify the results by means of Vivado software.By checking the hash value,we verified the information of core components in Feiteng D2000 motherboard,which were extracted from BIOS.As for the attestation of integrity,the results were printed through serial port,power and reset signals were successfully exported.The plain text can be encrypted by combining 32 Byte true random numbers and the public key of SM2 algorithms,and the encrypted text can be deciphered by using the private key of algorithms.As is shown by the results,the chips can attest the integrity of host computer,encrypt data and decrypt data,which means that the chips can be used as the terminal control units of trusted devices.