Research Of Secure Processor Architecture Based On Stream Cipher

Recently, pervasive networks have led to widespread use of embedded systems, like cell phones, PDAs, RFIDs etc., in increasingly diverse applications. People use embedded system applications to handle sensitive data (e.g., credit card information on a mobile phone/PDA) or perform critical functions (e.g., medical devices or automotive electronics) in daily life。Once the sensitive data stored in the embedded systems is disclosed, it will lead to a great damage. Therefore, the research on the security issues of embedded systems is getting more necessary and urgent.Due to strict restrictions and strong requirements (e.g. performance, cost and power consumption), only special software applications can be used in security-critical systems. Some mature security mechanisms in desktop computer are unfit for embedded systems. Typically embedded systems have low computing power and finite energy supply based on a battery, and these factors are at odds with the computationally intensive nature of the cryptographic algorithms underlying many embedded processors. In addition, embedded systems are vulnerable to attacks, like physical tampering, malware and side-channel attacks. Thus, design of secure embedded systems is guided by the following factors: small form factor, good performance, low energy consumption (and, thus, longer battery life), and robustness to attacks.The embedded processor is the core of the whole embedded system, links all the peripherals, manages the data communication and processing. The use of secure run-time mechanism in embedded processors will effectively improve the security of embedded systems. Secure processor architecture enables tamper-proof protection on software application that addresses many difficult security problems such as reverse-engineering prevention, trusted computing,digital right protection by providing a secure computing environment that is resistant to both physical tampering and software exploits. Two essential features offered by a secure processor: software encryption for protecting software privacy and integrity verification for preventing tampering of the protected software. Secure processors aim to maintain confidentiality, integrity and authentication of applications and provide a private and tamper-proof execution environment. The thesis mainly includes the following some aspects:Firstly, the security threats facing embedded systems are analyzed. The malicious attacks from software, system and chip levels are discussed in detail respectively. The features of these attacks are carefully analyzed. The system-level attack is summarized as the most common and most feasible attack that threats the embedded processor. The design rules for secure embedded processors are introduced to counter this attack.Secondly, the techniques of secure processor are discussed. The thesis studies the currently mainstream techniques of the confidentiality and integrity protection of applications and analyzes the advantages and disadvantages of these technologies respectively. In addition, the threat model assumption for the design of secure processor architecture is proposed.Thirdly, the thesis proposes the lightweight secure processor architecture based on stream cipher. The stream cipher mechanism and the Hash verification mechanism are added to processor. The code and data of applications are encrypted and verified respectively. Basic block is the minimum unit of encryption and verification for code; data block is the minimum unit of encryption and verification for data. The chained Hash of instruction stream is used to verify the integrity of basic block.Finally, the result of the simulation of secure processor in a run-time HEC virtual machine show the feasibility of the secure processor architecture based on stream cipher.