Design And Research Of SM4 National Secret Algorithm Data Encryption Card Based On PCIe

With the advent of the era of industry 4.0 intelligent manufacturing,more and more digital information technology is applied to the field of industrial control system,the data scale of industrial control system is growing,and the performance requirements for encryption and decryption data protection equipment are also getting higher and higher.However,the hardware resources of industrial control system are limited and the computing power is weak,so it becomes very important to complete the secure transmission of data on the hardware platform with limited resources.The traditional password card design can not meet the high throughput data service in terms of speed and security.In order to ensure the security of data communication in industrial control system,this paper designs a peripheral coprocessor-password card based on PCIe bus and takes field Programmable gate array(FPGA)as the main control chip of the system,and proposes the throughput and security optimization scheme of SM4 algorithm in the password card.The cryptographic card can provide automatic high-speed processing data encryption and decryption services to ensure the real-time and security of information transmission in industrial control system.The specific work content and results are as follows:(1)Hardware design of the overall structure of the system,Zynq-7020 is selected as the core of the entire system control and data processing,and its characteristics of collaboration between hardware and software are applied to achieve fast encryption and decryption.In the aspect of data communication,PCIe bus is selected as the transmission channel,which is conducive to the advantage of high-speed encryption and decryption.Dual-end RAM is designed between Zynq and PCIe interface to serve as data cache area,so that data can be transmitted bidirectional between industrial control systems and read-write competition is avoided.(2)In view of the insufficient throughput of the basic cyclic structure of the state secret SM4 algorithm,this paper optimizes the pipeline series structure of the encryption iterative function by inserting 32 registers,and designs a 32-level pipeline architecture.The analysis results show that when the pipeline structure is used to process multi-group data encryption,the throughput is 30.8 times of the basic cyclic iteration structure.Then,aiming at the security problem of fixed parameters involved in x OR operation in the key extension module of SM4 algorithm,the pseudo-random sequence generated by lightweight Henon chaos algorithm is proposed to optimize the assignment of fixed parameters involved in key extension.After comparing the information entropy of each round of round key generated by SM4-Henon hybrid algorithm with the original round key generated by SM4,the analysis shows that the uncertainty of round key generated by SM4-Henon hybrid algorithm is stronger,and the optimization further increases the security of the algorithm.(3)Transplant the Linux embedded Processing System in the PS(Processing System)of Zynq-7020,map the hardware encrypted IP core to the system-on-chip with ARM+FPGA structure,write PCIe drivers in Linux environment,and combine the characteristics of the coordination between software and hardware of Zynq-7000.Realize the function of automatic high-speed encryption and decryption.The cryptographic card takes full advantage of hardware encryption speed and PCIe transmission speed,provides secure and efficient data encryption and decryption services,and can be widely used in system integration and industrial control systems.It can not only encrypt the information security communication system from end to end,but also can be used as the basic password module of trusted environment construction,which has a wide range of application potential.