CN110704359A - High-safety low-power-consumption communication method of dual-core chip - Google Patents
High-safety low-power-consumption communication method of dual-core chipDownload PDFInfo
- Publication number
- CN110704359A CN110704359ACN201910748054.9ACN201910748054ACN110704359ACN 110704359 ACN110704359 ACN 110704359ACN 201910748054 ACN201910748054 ACN 201910748054ACN 110704359 ACN110704359 ACN 110704359A
- Authority
- CN
- China
- Prior art keywords
- core
- cpu core
- data
- dual
- performance
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F15/00—Digital computers in general; Data processing equipment in general
- G06F15/16—Combinations of two or more digital computers each having at least an arithmetic unit, a program unit and a register, e.g. for a simultaneous processing of several programs
- G06F15/163—Interprocessor communication
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Computer Security & Cryptography (AREA)
- Storage Device Security (AREA)
Abstract
Description
Technical Field
The invention relates to the technical field of Internet of things and smart cards, in particular to a safety solution for dual-core communication.
Background
With the rapid development of the internet of things, edge computing and high-end smart cards, the security problem of the terminal is increasingly highlighted; in order to avoid the potential safety hazard in the network and in the complex application scenarios, the demands for solutions involving low power consumption, high security, high performance, and low cost in different application scenarios are stronger.
At present, the safety understanding of people is continuously improved, the dual-core chip system is continuously popularized, and the invention provides a flexible and variable safety method capable of meeting the safety and performance requirements of different levels by combining the differentiation of safety requirement levels of various industries.
The dual-core communication system combines the safety mechanisms such as identity authentication, data encryption and decryption, data integrity and the like with the dual-core communication items, can meet the requirements of different industries on safety and performance through different algorithms and safety mechanism selection, and can effectively reduce the hardware cost; the dual-core structure is also beneficial to protecting respective intellectual property rights of safe application and non-safe application, and the development process can be synchronously carried out, thereby reducing the development period.
Disclosure of Invention
The hardware system of the method mainly comprises a safe CPU core 1, a high-performance CPU core 2, a safe algorithm module and a data access control system, and is characterized in that:
the safety CPU core 1 has lower dominant frequency, low power consumption and higher safety level; the method is mainly used for application processing of the security data;
the high-performance CPU core 2 has higher main frequency and larger power consumption and is mainly used for application processing of the user end to the non-secure data;
the security algorithm module can quickly carry out the operation of symmetric and asymmetric algorithms and can effectively defend illegal attacks;
the data access control system can configure the resource range which can be accessed by the high-performance CPU core 2, and effectively control the diffusion range of the non-secure data of the high-performance core.
In the following description, the secure CPU core 1 is simply referred to as core 1, and the high-performance CPU core 2 is simply referred to as core 2.
In view of the differentiation of the current safety requirements, the invention mainly provides a flexible method which can meet the safety requirements of multiple industries; certain requirements are met in the aspects of low power consumption, safety level, performance requirements and the like, and the subsequent safety level expansion is facilitated, wherein the main process is as follows:
1) security mechanism of the boot process: before a CPU core (any core of a safe CPU core 1 or a high-performance CPU core 2) works, the integrity and identity authentication of a code of the working core are firstly carried out, and the code is ensured not to be tampered and the legality of the code identity; the access range of the high-performance core is strictly limited, and the safety information is prevented from being leaked; monitoring in the running of the code is increased.
After the chip is powered on, the core 1 is started firstly, the boot in the ROM of the core 1 finishes the verification and verification of the code of the core 1, after the verification is passed, the core 1 is started and the code of the core 2 is verified and confirmed, after the verification is successful, the accessible resource of the core 2 is configured, and the code of the core 2 is started; after the core 2 code is started, the core 1 may choose to authenticate the core 2.
2) Communication process security mechanism: the dual-core communication process is added with an identity authentication process, and data information is encrypted and data abstract processing is carried out, so that the authenticity, confidentiality and integrity of data are ensured.
The core 1 controls related resources of the security peripheral, and when the core 2 is required to perform high-speed operation or the core 2 is required to process, or when the core 2 processes non-security information and the authorization of the core 1 is required to process, instruction data can be transmitted to the other side in a shared memory (RAM) mode; in the transmission process, according to different safety and performance requirements, the command data can be signed, encrypted, subjected to data summarization, added with a transmission sequence number (random number factor) and the like, the data can be protected and subjected to identity anti-counterfeiting, and a symmetric algorithm and an asymmetric algorithm can be selected as related algorithms.
In the communication process, the related key can be a process session key or a fixed key, which depends on the application scene, and the root keys are stored in respective protection areas; the core 1 and the core 2 can choose to perform identity authentication irregularly and perform one-time updating on the session key of the used process; the core 1 monitors the running process of the core 2 and verifies the code integrity of the core 2.
When each core sends data, splicing transmitted instruction data, adding a transmission serial number (random number factor), performing data summarization on whole frame data, encrypting the data, and performing data summarization and data signature processing on a ciphertext; after data is acquired, firstly verifying signature data, then verifying the integrity of the data, decrypting the data, then verifying the integrity of the decrypted data, and checking a transmission sequence number (random number factor); by the mechanisms, the integrity and confidentiality of data can be ensured; and safety risks such as identity anti-counterfeiting, data playback and the like are avoided.
The return of the instruction data execution result is consistent with the safety mechanism of the instruction data processing process.
3) And (4) judging a safety result: and (3) combining a security mechanism, adding an auxiliary result verification value (mask value) to the data processing return result, and improving the anti-attack capability of the code.
Although the core 1 executes partial data processing through the core 2, the final judgment result and the key data operation are given by the core 1, and sensitive information leakage is avoided; when the core 2 needs authorization, the core 1 gives a result through the most authorization processing; the result of the key instruction processing generates a return mask value according to the transmitted data, and the execution result is jointly judged according to the return result and the mask value, so that the difficulty of being attacked is increased;
and (3) algorithm selection: the invention is not limited to which algorithm is used for completing the corresponding function, and can select a proper algorithm according to the application requirement.
4) And (3) low-power consumption processing: and a flexible low-power consumption processing mode is set by combining the dual-core time-sharing processing condition in some scenes.
The smart card and the Internet of things node have certain requirements on low power consumption in some application scenes, and the power consumption can be effectively configured in a time-sharing processing mode through the dual cores; when the core 1 is in the processing process, the core 2 is in a deep low power consumption mode; when core 2 is in process, core 1 is in low power mode; the whole power consumption can be balanced under certain conditions, and the performance can also be considered; the dual-core main frequency and the power consumption processing method such as the enabling of the peripheral interface can be adjusted according to different application scenes.
Drawings
FIG. 1 is a system configuration diagram of the present invention
FIG. 2 is a security mechanism of the boot process in the present invention
FIG. 3 illustrates a communication process security mechanism in the present invention
FIG. 4 is a process of the safety determination result in the present invention
FIG. 5 is a power consumption processing flow of the core 1 processing data by the core 2 in the present invention
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Fig. 1 is a chip system structure diagram of the present invention, which includes two CPU cores, a resource access controller, a security algorithm module, a shared memory area, and the like.
Fig. 2 is a security mechanism of the boot process proposed based on the chip system of fig. 1 in the present invention:
instep 201, when the chip is powered on, the boot code in the ROM of the core 1 is executed first.
Fig. 3 is a security mechanism description of the communication process in the present invention:
in step 301, the communication initiator organizes fields such as execution action, data content, transmission sequence number (random number factor) in the instruction data, and the random factor can be implemented by negotiation between the two parties and is used for preventing replay attack.
Step 302, performing summary calculation on the data organized in step 301 once, wherein a specific algorithm is flexibly selected according to an application scene; adding the abstract calculation result into a corresponding field of the instruction data; for ensuring the integrity of the plaintext.
Step 303 is to encrypt the data generated in step 302 and place the encrypted data into the data field of the instruction data.
Step 304 is to perform digest calculation on the ciphertext data, and put the digest calculation into a field corresponding to the instruction data to ensure the integrity of the ciphertext.
Step 305, signature processing is performed on the whole instruction data, and a specific algorithm is flexibly selected according to an application scene; the method is used for effectively preventing the instruction data from being forged.
Step 306 is to notify the other party that an instruction arrives through a chip signal or a shared RAM.
Step 307 begins processing the instruction data after the notification is obtained for the other party.
Step 308 shows that the signature validity of the instruction data is verified, after the identity is determined, step 309 is performed to process, otherwise, the data is discarded if the exception is processed.
Step 309 is to check the integrity of the ciphertext to ensure that the ciphertext has not been tampered or lost; after the integrity is passed, step 310 is entered, otherwise the exception is handled and the data is discarded.
In step 310, the ciphertext data is decrypted to obtain plaintext data.
Step 311 is to check the integrity of the plaintext data to ensure that the plaintext is not tampered or lost; after the integrity is passed, step 312 is entered, otherwise the exception is handled and the data is discarded.
Step 312 illustrates the action processing of the instruction after the instruction data is verified.
The example is a one-way transmission process, and after the instruction action is processed, the same processing mode is adopted to return the instruction execution result to the instruction sender; the algorithms in the process can be flexibly selected; this process describes a security mechanism process, not limited to the case described in this example, but also should include security mechanisms related to integrity, confidentiality, and identification.
FIG. 4 is an implementation and decision mechanism for returning results in the present invention:
After the instruction result is correct instep 403, checking whether the mask value is matched with the correct result, if so, enteringstep 405, and determining that the final result is correct; otherwise, go tostep 406 for exception handling.
Step 406 is described as a case where the data is abnormal, and a case where an attack may occur should be considered.
Fig. 5 is an example of a method for dual-core power consumption control according to the present invention, where the core 1 processes a data power consumption processing flow by means of the core 2, and the similar processing flow for processing data power consumption by means of the core 1 of the core 2 is the same, except that the communication roles of the following cores 1 and 2 are reversed:
step 501 shows that both core 1 and core 2 are in a low power consumption mode during the process of no event processing, and the low power consumption mode may enter different low power consumption modes according to specific scenes, and also includes a power-down mode.
step 504 is described as wake core 2;
instep 509, after the core 1 is awakened and the core 2 data notification is received, the data is finally processed;
step 510 completes the event data processing for core 1.
Claims (7)
1. A communication method of high security and low power consumption of a dual-core chip is based on a dual-core system of a security CPU core 1 and a high-performance CPU core 2, and is characterized in that the method mainly comprises the following steps:
1) before any one of the safe CPU core 1 or the high-performance CPU core 2 works, the integrity and the identity authentication are firstly carried out on the code of the core; the secure CPU core 1 configures the access range of the high-performance CPU core 2; increasing monitoring in the running of the code;
2) the safety mechanism of dual-core communication is as follows: an identity authentication process is added, and data information is encrypted and subjected to data summarization;
3) combining with 2) a safety mechanism of dual-core communication, adding an auxiliary result verification value (mask value) to a data processing return result;
4) based on the condition of dual-core time-sharing processing, a flexible low-power consumption processing mode is set.
2. The communication method according to claim 1, wherein 1) before any one of the secure CPU core 1 or the high-performance CPU core 2 operates, integrity and identity authentication is performed on the code of the core: the safe CPU core 1 is started firstly, boot in the ROM of the safe CPU core 1 completes verification and verification of the code of the safe CPU core 1, after the verification is passed, the safe CPU core 1 is started and verifies and confirms the code of the high-performance CPU core 2, and after the verification is successful, the subsequent process is executed.
3. The communication method according to claims 1 and 2, wherein the secure CPU core 1 communicates with a secure peripheral through a chip interface and guarantees the integrity and security of data; the high-performance CPU core 2 completes data processing and operation and communication with a non-secure peripheral; after the secure CPU core 1 is started, the access range of the high-performance CPU core 2 is configured, and the security of the whole system is improved by limiting the access range of the high-performance CPU core 2; in the running process of the high-performance CPU core 2, the safe CPU core 1 can regularly or randomly verify the code and the identity of the high-performance CPU core 2, monitor the running environment of the high-performance CPU core 2 and ensure the safety in running.
4. The communication method according to claim 1, wherein the 2) security mechanism of dual core communication transmits instruction data to the other side by means of a shared memory area (RAM) when the secure CPU core 1 needs to operate at high speed by means of the high performance CPU core 2, or when the high performance CPU core 2 processes non-secure information and requires an authorization process by the secure CPU core 1; the dual-core communication security mechanism can increase signature authentication, data encryption and data summary information to ensure the authenticity, confidentiality and integrity of data according to different security requirements.
5. The communication method according to claims 1 and 4, characterized in that, in the dual-core communication security mechanism, the secure CPU core 1 completes identity authentication to the high-performance CPU core 2 at first access or at power-on, randomly and irregularly, determines validity of both sides' identity, and the identity authentication algorithm may use a symmetric algorithm or an asymmetric algorithm; when data transmission is carried out by sharing RAM (storage), according to different safety requirements, executing data signature, data encryption and data summarization of execution action, data content, transmission serial number (random number factor) and the like of instruction data, and the two parties firstly confirm the validity of the data and then use the data, wherein the signature algorithm can use a symmetric algorithm or an asymmetric algorithm, a key can be regularly negotiated and replaced by a new key, and the generated key is stored in a protection area of each kernel.
6. The communication method according to claim 1, wherein 2) in combination with the security mechanism of dual core communication in 3), the secure CPU core 1 gives a final data processing or authentication processing result according to the operation result of the high performance CPU core 2 or the authentication request of the high performance CPU core 2; and when the returned result and the mask value are both correct, judging that the execution result is correct.
7. The communication method according to claim 1, wherein 4) a flexible low power consumption processing mode is set based on the dual core time-sharing processing, and the high performance CPU core 2 is set to a low power consumption mode while the secure CPU core 1 is in the process; when the high-performance CPU core 2 is in the processing process, the safe CPU core 1 is set to be in a low power consumption mode; adjusting the dominant frequency of the dual cores, the enabling of the peripheral interfaces and the like according to different application scenes to realize the regulation and control of power consumption and performance; the whole power consumption can be balanced under certain conditions, and the performance can also be considered.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910748054.9ACN110704359A (en) | 2019-08-14 | 2019-08-14 | High-safety low-power-consumption communication method of dual-core chip |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910748054.9ACN110704359A (en) | 2019-08-14 | 2019-08-14 | High-safety low-power-consumption communication method of dual-core chip |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN110704359Atrue CN110704359A (en) | 2020-01-17 |
Family
ID=69193820
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910748054.9APendingCN110704359A (en) | 2019-08-14 | 2019-08-14 | High-safety low-power-consumption communication method of dual-core chip |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN110704359A (en) |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111949989A (en)* | 2020-07-27 | 2020-11-17 | 首都师范大学 | Safety control device and method of multi-core processor |
| CN112702327A (en)* | 2020-12-21 | 2021-04-23 | 北京中电华大电子设计有限责任公司 | Security service design method of main control chip |
| CN114003869A (en)* | 2020-07-28 | 2022-02-01 | 联发科技股份有限公司 | System and method for improving protection multi-content processing efficiency |
| CN114357465A (en)* | 2021-12-31 | 2022-04-15 | 湖南国科微电子股份有限公司 | Safety control method and device for multi-core CPU |
| CN118584891A (en)* | 2023-03-01 | 2024-09-03 | 比亚迪股份有限公司 | Equipment management system and equipment management method based on sensor device |
Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1076534A (en)* | 1992-02-26 | 1993-09-22 | 国际商业机器公司 | Personal computer system with safety protection feature and its realization method |
| US6883121B1 (en)* | 2000-09-11 | 2005-04-19 | Rockwell Collins | Method and system for monitoring microprocessor integrity |
| CN101308536A (en)* | 2007-05-16 | 2008-11-19 | 许丰 | Control method and apparatus for binuclear safety |
| WO2013082144A1 (en)* | 2011-11-29 | 2013-06-06 | Rutgers, The State University Of New Jersey | Ensuring system integrity using limited local memory |
| US20140257604A1 (en)* | 2011-07-04 | 2014-09-11 | Knorr-Bremse Rail Systems (Uk) Limited | Braking system |
| WO2016131553A1 (en)* | 2015-02-16 | 2016-08-25 | IAD Gesellschaft für Informatik, Automatisierung und Datenverarbeitung mbH | Autonomously booting system with a security module |
| CN107766724A (en)* | 2017-10-17 | 2018-03-06 | 华北电力大学 | A kind of construction method of trusted computer platform software stack function structure |
| CN108460282A (en)* | 2017-02-22 | 2018-08-28 | 北京大学 | A kind of computer safety start method based on multi-core chip |
- 2019
- 2019-08-14CNCN201910748054.9Apatent/CN110704359A/enactivePending
Patent Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1076534A (en)* | 1992-02-26 | 1993-09-22 | 国际商业机器公司 | Personal computer system with safety protection feature and its realization method |
| US6883121B1 (en)* | 2000-09-11 | 2005-04-19 | Rockwell Collins | Method and system for monitoring microprocessor integrity |
| CN101308536A (en)* | 2007-05-16 | 2008-11-19 | 许丰 | Control method and apparatus for binuclear safety |
| US20140257604A1 (en)* | 2011-07-04 | 2014-09-11 | Knorr-Bremse Rail Systems (Uk) Limited | Braking system |
| WO2013082144A1 (en)* | 2011-11-29 | 2013-06-06 | Rutgers, The State University Of New Jersey | Ensuring system integrity using limited local memory |
| WO2016131553A1 (en)* | 2015-02-16 | 2016-08-25 | IAD Gesellschaft für Informatik, Automatisierung und Datenverarbeitung mbH | Autonomously booting system with a security module |
| CN108460282A (en)* | 2017-02-22 | 2018-08-28 | 北京大学 | A kind of computer safety start method based on multi-core chip |
| CN107766724A (en)* | 2017-10-17 | 2018-03-06 | 华北电力大学 | A kind of construction method of trusted computer platform software stack function structure |
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111949989A (en)* | 2020-07-27 | 2020-11-17 | 首都师范大学 | Safety control device and method of multi-core processor |
| CN114003869A (en)* | 2020-07-28 | 2022-02-01 | 联发科技股份有限公司 | System and method for improving protection multi-content processing efficiency |
| US12253960B2 (en) | 2020-07-28 | 2025-03-18 | Mediatek Inc. | Method and system for improving the efficiency of protecting a multi-content process |
| CN114003869B (en)* | 2020-07-28 | 2025-05-02 | 联发科技股份有限公司 | System and method for improving the efficiency of protecting multiple content processing |
| CN112702327A (en)* | 2020-12-21 | 2021-04-23 | 北京中电华大电子设计有限责任公司 | Security service design method of main control chip |
| CN112702327B (en)* | 2020-12-21 | 2023-03-14 | 北京中电华大电子设计有限责任公司 | Security service design method of main control chip |
| CN114357465A (en)* | 2021-12-31 | 2022-04-15 | 湖南国科微电子股份有限公司 | Safety control method and device for multi-core CPU |
| CN118584891A (en)* | 2023-03-01 | 2024-09-03 | 比亚迪股份有限公司 | Equipment management system and equipment management method based on sensor device |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110704359A (en) | High-safety low-power-consumption communication method of dual-core chip | |
| CN113014539B (en) | Internet of things equipment safety protection system and method | |
| EP2372597B1 (en) | Methods and systems for secure remote wake, boot, and login to a computer from a mobile device | |
| CN100447763C (en) | A security chip and an information security processing device and method based on the chip | |
| US6092202A (en) | Method and system for secure transactions in a computer system | |
| CN104811455B (en) | A kind of cloud computing identity identifying method | |
| CN101350723B (en) | USB Key equipment and method for implementing verification thereof | |
| US8700908B2 (en) | System and method for managing secure information within a hybrid portable computing device | |
| CN111835689B (en) | Identity authentication method, terminal device and medium of digital key | |
| US5974550A (en) | Method for strongly authenticating another process in a different address space | |
| CN106464488A (en) | Information transmission method and mobile device | |
| CN110401640B (en) | Trusted connection method based on trusted computing dual-system architecture | |
| CN116362747A (en) | Block chain digital signature system | |
| CN101072100A (en) | Authenticating system and method utilizing reliable platform module | |
| CN110941809A (en) | File encryption and decryption method and device, fingerprint password device and readable storage medium | |
| KR20160081255A (en) | A mobile terminal for providing one time password and methed thereof | |
| KR102543267B1 (en) | Method and apparatus for white box cryptography | |
| US9323911B1 (en) | Verifying requests to remove applications from a device | |
| CN117081736A (en) | Key distribution method, key distribution device, communication method, and communication device | |
| CN115550002B (en) | A smart home remote control method and related device based on TEE | |
| CN102857913A (en) | Method and device for authenticating in safety channel establishing process as well as intelligent card and terminal | |
| CN108734826A (en) | A kind of bluetooth automatic unlocking verification method of mixed mode | |
| US20130133035A1 (en) | System and method for mutual authentication | |
| CN100407088C (en) | Circuit and method for identifying and/or authenticating hardware and/or software in a device and in a data carrier cooperating with the device | |
| CN105516182B (en) | A kind of mutual authentication method and its system between smart card and reader |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | Application publication date:20200117 | |
| RJ01 | Rejection of invention patent application after publication |