Design And Implementation Of Security Authentication Negotiation System Based On Zyno AMP

With the rapid development of information technology,cryptographic technology to ensure communication security has also made great progress.As an important guarantee for communication security,the security of the key has received increasing attention.Authentication key agreement(AKA)is an important means to ensure the security of keys,and the research on its protocols is becoming more and more mature.On the other hand,the rapid development of embedded systems has provided a basis for software and hardware to work together to achieve a secure authentication negotiation system.Because the hardware encryption implemented in embedded systems has the advantages of fast encryption and high security,especially when the asymmetric multi-processing(AMP)architecture of embedded systems provides more CPU resources for the design of systems,the efficiency and stability of the security authentication negotiation system are guaranteed.Therefore,the design and implementation of a peer-to-peer security authentication negotiation system under the Zynq AMP architecture proposed in this paper is not only a new perspective,but also has good practical significance.This paper firstly introduces the domestic and international research status of the authentication key agreement protocol and the AMP architecture of the embedded systems,and explains the research significance of implementing the security authentication negotiation system by combining the authentication key agreement protocol and the AMP architecture of the embedded systems.Next,the relevant theories of security authentication negotiation and the national secret SM2 elliptic curve encryption algorithm are introduced.On this basis,the authentication key negotiation protocol related to the national secret SM2 algorithm is studied and analyzed,and a new non-central SM2 authentication key agreement protocol is proposed.And then based on this protocol,with the support of the dual-core AMP architecture of the embedded Zynq-7000 platform,the security authentication negotiation system was designed for each module function and communication,and the specific system implementation work was carried out according to the design plan.Finally,a test environment was built on the Zynq-7000 platform.A test plan was designed and a functional test of the entire system was completed.The security analysis and performance analysis of the system were carried out according to the test results.The work that this paper focuses on is as follows:(1)Taking the system of the Diffie-Hellman key agreement as an example,analyze the general model and module design requirements of the two-party authentication key agreement system,pointing out that the most important part in the design of the security authentication negotiation system is the design of the encryption authentication module.And then the theoretical basis of the SM2 key exchange protocol and the Zynq-7000 platform are introduced;(2)Explain the design requirements of the authentication negotiation system,and analyze the common SM2 authentication key agreement protocol based on certificates,indicating that there are security issues in the certificate authority(CA)center and problem about pressure of certificate management,and then propose a non-central SM2 authentication key agreement protocol,and conducte a security analysis.The protocol uses a temporary key exchange method to ensure the security of long-term keys,and confirms the key by negotiating the key signature value,so it has a good security guarantee.(3)Design the overall framework,module functions and interface configuration of the authentication negotiation system,mainly designing the functions of the Zynq module,encryption authentication module and key management module,and the interface configuration of each module.After that,the serial communication protocol between the Zynq module and the encryption authentication module was designed,including the message format and message number processing regulations.For the communication between the two parties,the EMIO interface of the Zynq module is used to map the serial port,and the data packet format of"packet header+packet length+ message+check+packet tail" based on the message format of the communication between the Zynq module and the encryption authentication module is used for communication;(4)Introduce the specific implementation process of the authentication negotiation system,including the function realization of the CPU0 and CPU1 and the realization of inter-core communication of the Zynq module;the realization of the related message processing,the communication realization with the Zynq module and the realization of the data interaction with key management module of the encryption authentication module;realization of reading and writing functions of the key management module,etc.After that,a test environment is set up to complete the final test of the system.The test results show that the system is stable and the authentication negotiation data packets interact correctly.Finally,the security and performance of the system are analyzed according to the test results.