Design And Verification Of RISC-V SOC Chip To Support Safe Boot

The rapid development of integrated circuit technology has promoted a substantial increase in processor performance and boosted the advance of the electronic information industry.However,this trend has subsequently led to a series of security issues.For example,the destruction of computing platforms would cause the leakage and tampering of personal information,and even the theft and threats of confidential government data.The maintenance and update of information security has become a huge challenge facing people.Implementing hardware encryption and decryption algorithms by designing a dedicated chip is the mainstream method in the field of information security.For the processor,if the startup file enters an untrusted state due to tampering or destruction,no operation based on the system can ensure its credibility.Therefore,the safe boot of the processor is a prerequisite to guarantee the follow-up work of the entire chip.In order to solve the above problems,this paper proposes a SOC hardware structure based on RISC-V single-core processor and supporting secure boot by studying trusted computing.The structure uses symmetric encryption technology,asymmetric encryption technology and digital digest technology to enhance the confidentiality and integrity of data transmission.Also,this structure implements hardware-level encryption and decryption operations to achieve the function of security verification before the system startup,and enhances the reliability and security of the overall system.The specific implementation plan is divided into four stages.In the first stage,the information,including the initial register configuration state and important parameters of the system,is collected when the system kernel is in the reset idle state.In the second stage,information is sequentially passed through the AES symmetric algorithm,and the RSA asymmetric algorithm completes two-layer encryption based on different keys and different algorithms.After that,the ciphertext is subjected to SHA256 hash operation for subsequent credibility verification.In the third stage,the PULPino coprocessor receives the ciphertext and hash value through the AXI bus protocol,and passes the ciphertext through the same digest algorithm to determine whether the data has been tampered with during transmission.The second decryption operation of the ciphertext is performed until the hash check is consistent.In the fourth stage,the decrypted plaintext is verified with the correct value pre-stored in the PULPino processor.If the values are identical,the system to be started will complete the secure boot.This paper uses VCS tools for RTL simulation testing,and DC tools for logic synthesis.Under the conditions of the TSMC 28nm process library,the highest frequency of AES finally obtained by DC is 3.2GHz,the area is 0.21mm~2,and the throughput is 409Gbps.The highest frequency of RSA is 1.94GHz,the area is 0.14mm~2,and the efficiency is18.76Mb/s.The highest frequency of SHA is 2.85GHz and the area is 0.29mm~2.In addition,the highest frequency of encryption part of this SOC chip in this article is 1.75GHz,which consumes a total area of 0.619mm~2.The highest frequency of decryption part is 1.69GHz,which consumes a total area of 0.624mm~2.Because there is no asynchronous processing between the various algorithm modules,the maximum operating frequency is up to1.69GHz in this SOC design,and the time required to complete the security check before the system startup is 130?s,which achieves the expected design goal and exhibits an excellent performance.