IP (Internet Protocol) core for measuring BIOS (Basic Input Output System) and measurement method

Abstract

The invention discloses an IP (Internet Protocol) core for measuring BIOS (Basic Input Output System) and a measurement method. The IP core comprises an LPC (Low Pin Count) interface module, a high-speed asynchronous FIFO (First-In, First-Out) module, a hash operation module, a measurement value comparison module and an Avalon interface module. The iterative time of a hash algorithm adopted for measuring the BIOS in the four-round iteration process is consistent; and the measurement value comparison module is responsible for comparing the hash result obtained by the hash operation module with an expectant hash value and informing the comparison result of a safety chip main processor through the Avalon interface. The measurement method is operated in parallel by two layers, wherein one layer is in input parallel and the other layer is in hash parallel. The BIOS measurement module disclosed by the invention can be used for processing tasks together with the safety chip, thus the multi-task processing capacity of the system is improved; compared with the prior art, the IP core adopts the streamline design, further has stronger data processing capacity and multi-task processing capacity and can be used for greatly reducing the influence on the system caused by BIOS measurement in the start process of the system.

Description

technical field [0001] The invention relates to a BIOS measurement IP core, in particular to a trusted computing-oriented BIOS measurement IP core. Background technique [0002] On a trusted platform, the chain of trust is a one-way transmission chain. Any problem with any node, especially the root of trust, will lead to the failure of the establishment of the entire trust environment. In a common trusted platform, the BIOS, as the root of trusted measurement, becomes the focus of attacks. At present, many new attack methods, such as kernel BIOS Rootkit, mainly insert malicious codes into the expansion modules in the BIOS, start with the operation of the BIOS, and obtain the control right of the system. With the gradual application of more scalable UEFI BIOS, BIOS Rootkit will also have more changes, making it more difficult to detect and prevent. These attack methods and methods are very hidden and difficult to find. If malicious codes enter the kernel or BIOS and obtain ...

AI Technical Summary

Problems solved by technology

With the gradual application of more scalable UEFI BIOS, BIOS Rootkit will also have more changes, making it more difficult to detect and prevent

These attack methods and methods are very hidden and difficult to find. If malicious code enters the kernel or BIOS and obtains system management rights, it will not be able to prevent damage to the system or steal information stored in the system.

Images