Research On Trusted Computing Hardware Security Mechanisms In Embedded Systems

With the development of computer technology, information security gets more and more attention. Computing platform security, which has become the key issues affecting the information security and information society development. With the development of Internet technology in particular, showing a distributed computing platform, diversified development trend, so ensure the safety of computing platforms, realization of trusted computing is to build information security foundation, worthy of our further study. As the basis for computing platforms operating mechanism to work properly, the hardware security mechanisms to protect the core of the normal operation of computing hardware platforms, as well as the source computing platform security.Trusted Computing in security on computing platforms play an important role. Based on trusted computing platform building with trusted computing theory, Trusted Platform Module and other standards and norms, is the guiding standard of many trusted computing security products in generic computer-based computer security played an important role. As with a general-purpose computer architecture similar to embedded systems, with the development of integrated circuits, the amount used and the application range is expanded. Therefore, security issues for embedded computing systems should arouse our attention, which is the vertical subject of this thesis.By studying the characteristics of embedded systems computing in order to achieve the goal of embedded computing system security, in this thesis we research how to implement the trusted computing platform and enforcement mechanisms in terms of embedded hardware security mechanisms. Thesis work mainly in the following aspects: 1. Trusted Computing as an effective mechanism to safeguard the security of computing platforms, in general-purpose computing platform has played an important role. Thesis studied the theory of trusted computing and related norms, through the analysis of what the current lack of trusted computing platform, combining the characteristics of embedded computing systems, we gives a trusted computing system architecture implementation in the embedded computing platform. In the thesis we design architecture combined on FPGA hardware design and embedded systems design, which in many ways the performance of hardware systems to the feasibility of secure computing system architecture of security mechanisms were studied, and several important hardware security mechanisms to ensure that computing platform security architecture of the system is analyzed and described. 2. This thesis analysis the relevant theory and working mechanism of trusted computing chain of trust. To establish a chain of trust in the dynamic embedded computing platform for the purpose, we set up a trust chain structure of dynamic integrity measurement model(DIMM) combined with the star module. With this measurement model as a guide, we study the dynamics of trust chain built in embedded systems hardware implementation mechanisms. We use the hardware-based Dynamic Reconfigurable FPGA design methods applied to build up a dynamic chain of trust, that the implementation is novel. At the same time, establish a mechanism for dynamic trust chain, we have designed a system for dynamic measurement verification mechanism has been verified.3. By studying the current encryption algorithm and implementation mechanisms that TPM architecture cryptography system used, combined with an embedded computing platform in the application, we proposed a structure of embedded Trusted Platform Module--ETCM. In cryptography system of the architecture, we proposed ECC elliptic curve encryption algorithms to replace RSA asymmetric cryptographic algorithm; SMS4 cryptographic algorithm to compensate for the lack of TPM specification for symmetric ciphers are not explicitly configured. We designed and optimized the two-encryption algorithms from the perspective of hardware in this thesis, at the same time we implement the simulation and synthesis about the design. Hardware design for the primary encryption algorithm is an important hardware security mechanisms to protect the embedded system efficiently complete trusted computing, while the implementation and design can be applied to a variety of different architectures embedded computing terminal platform.This thesis has important implications for improving the overall security of embedded systems based on research computing platform hardware security mechanisms for follow-up and implementation of further research provides reliable embedded systems with some useful suggestions. This thesis uses FPGA hardware design methods for the design and verification, which method also is an important way for the current IC system design and verification approach. Research work of this thesis put forward with the embedded processor, ASIC, FPGA and other high-performance integrated circuits safety requirements in design and manufacture.