A method for secure booting of embedded systems

Abstract

The invention discloses a safe booting method of an embedded system, relates to the field of booting security of the embedded system, and in particular relates to a cryptography-based method for verifying an image and assisting the realization of the method through hardware design. During chip design, a secure system firmware is provided inside the chip, and asymmetric encryption technology is used to sign the image to be loaded, so as to ensure the credibility and integrity of the image, and at the same time, the image can be updated. The invention guarantees security based on the hardware, but does not need to add additional hardware, greatly simplifies the hardware design difficulty and overhead, and reduces the development difficulty on the premise of ensuring the integrity of the secure startup.

Description

technical field

[0001] The invention relates to the field of start-up security of an embedded system, in particular to a method for verifying a mirror image based on cryptography and assisting the realization of the method through hardware design. Background technique

[0002] The rapid development of information technology has brought unprecedented prosperity to the information industry; however, incidents that endanger information security continue to occur, and the situation of information security is becoming increasingly severe. The current popular system security technologies include mandatory access control technology and encryption technology, but these are all running on the upper layer of the system. The premise that they can realize the security mechanism is that the system itself is safe. If it is tampered with by a malicious program and enters an untrusted state, the application program and upper layer security mechanism based on this system are untrustworthy. ...

Images