Key Technologies Of Asynchronous Concurrent Multi-cipher Algorithm Operation

With the increasing popularization of cloud computing applications and the advancement of space-ground integration information network,the number of users and volume of business of various application systems have increased dramatically,making the data analysis,computing and storage face the challenge of big data processing.At the same time,it also puts forward need for business and data security.As a key infrastructure for providing cryptographic services for space-ground integration information network and cloud computing,the cryptographic computing capability provided by the high-performance integration cryptographic system affects the security performance of the entire network system.According to the characteristics of the integration information network,such as "open channels,dynamic changes in resources,multiple entity types and complex topology",the cryptographic processing system faces the function and performance requirements of random and diverse services,multiple security requirements,multiple cryptographic algorithms,dynamic changes of network resources,different link channel characteristics,and ever increasing cryptographic service capabilities.In this dissertation,the key technologies of asynchronous concurrent multi-cipher algorithm operation are studied in depth to meet the operational requirements of tens of millions of online concurrent cryptographic jobs on high-performance comprehensive cryptographic system.The problem of random cross encryption and decryption of multi-algorithm / multi-key / multi-data stream is solved from two aspects of system architecture and scheduling algorithm design.By using load balancing and multithreading technology,the bottleneck problem of throughput caused by IO queuing of cryptographic service is solved.Through the dynamic allocation of computing resources,the contradiction between static computing resources and dynamic cryptographic service requirements is solved,and the concurrent cryptographic service capability and high throughput cryptographic computing capability are improved.The main research work and results are as follows:(1)To study the operation characteristics of cryptographic algorithms and propose a heterogeneous multi-cryptographic algorithm core parallel processing architecture that supports hybrid cross-service high concurrent processing.This architecture divides the data processing into four stages: forwarding,preprocessing,operation and synchronous reorganization.Through the hierarchical processing mechanism based on data identification,the mapping and data processing between the job package and the algorithm IP core are realized.KSM memory and KSM access control logic are added to access the intermediate state of the associated job package under cross access,ensuring the full tracking of the algorithm operation state under the mixed operation mode.Synchronization queue synqueue and synchronization reorganization module syn are added to ensure synchronization between input and output data under cross-access.This four-stage parallel processing architecture(FSPP)solves the problem of random cross-over encryption and decryption of multi-cipher algorithms,multi-key,multi-ip cores,and multi-data streams in many-to-many communication efficiently.(2)According to the characteristics of massive service security requirements in highperformance integration information networks,the data flow scheduling algorithm is studied.Combining with the FSPP heterogeneous multi-core processing architecture mentioned above,a hierarchical hardware scheduling method HHS-ACDID with associated judgment control based on service identification is proposed.the allocation and execution of data flow job packages on algorithm clusters and processing nodes are completed through two-level scheduling.Considering the heterogeneity of the algorithm core,in order to improve the efficiency of parallel processing of multi-cipher algorithms,a load balancing job scheduling algorithm is designed based on HHS-ACDID,which consideres the storage capacity and processing speed of the algorithm processing nodes,and supports both non-associated and associated tasks,thus improving the throughput rate of multi-service asynchronous concurrent cipher processing.(3)Research on multitask concurrent synchronization technology.Aiming at the data processing situation of cross data flow,a synchronous processing scheme of multi-cipher algorithm and multi-data stream based on index table is proposed.Through the design of a special hardware synchronization circuit with low resource occupancy rate,the processing index table,blocking index table and processed index table are adopted to record the job package service index number BIN entering and exiting the algorithm core,thus realizing the flow control of the job package entering the processing unit,ensuring the oneness and continuity of the work of the processing unit,avoiding the problems of complicated programming and low reliability of the software synchronization scheme,and accelerating the processing speed of the cryptographic service.Based on the above research and design,the scheme is prototype implemented on XC7K325 T FPGA of Xilinx K7 series.Through the test of random cross-service stream cipher operation on the actual multi-core platform,the correctness and effectiveness of the asynchronous concurrent multi-cipher algorithm operation system architecture and scheduling algorithm proposed in this dissertation are verified,which meets the functional and performance requirements of high-performance comprehensive cipher system.