A hardware-based embedded system confidentiality protection method

Abstract

The invention relates to a hardware-based embedded system confidentiality protection method, which comprises the following steps: 1, generating an object code; 2, encrypting that object code and storing the object code into a non-volatile storage; 3, power-on resetting; 4, executing a program, such as a cache miss or a data cache write-back, and executing step 5; otherwise, executing step 4 untilthe program ends; 5, if that out memory is written, executing step 6; otherwise, executing step 8; 6, carrying out truncating and filling, generating pad with hardware encryption logic, and generating ciphertext with data of exclusive OR cache line; 7, writing that ciphertext into the external memory, and executing the step 4; 8, truncating and filling that physical address corresponding to the cache line, generating the pad by the hardware encryption logic, and exclusively or reading the ciphertext from the external memory to obtain instructions or data; 9, sending instructions or data intothat processor and write corresponding cache lines, and executing step 4. Through the above steps, the method can realize the confidentiality protection of the embedded system with lower performance cost and implementation cost.

Description

technical field [0001] The present invention provides a hardware-based embedded system confidentiality protection method, which is a confidentiality protection method for embedded systems, and the method is applied to program and data encryption and decryption and security protection stored in the embedded system. Can improve the robustness of the embedded system. The invention belongs to the technical field of embedded system information security. Background technique [0002] Embedded devices have been widely used in people's daily life. More and more embedded terminals and increasingly expanding online interconnection make the security of embedded systems attract extensive attention. At present, common attack methods against embedded systems include hardware attacks represented by hardware Trojan horses, chip reverse, sideband attacks, memory chip unsoldering analysis, malicious code injection, buffer overflow, data or code tampering, instruction Software attacks repres...

AI Technical Summary

Problems solved by technology

[0005] (1) Using a coprocessor or software to encrypt and decrypt the program code and data of the embedded system wastes the limited system resources of the embedded system and causes a large loss of system performance;

[0006] (2) The common hardware-based confidentiality protection method needs to implement the hardware encryption module and the hardware decryption module at the same time, which consumes more on-chip hardware resources;

[0007] (3) Common confidentiality protection methods serially operate access to external memory and password calculation, that is, it is necessary to read data from the memory and then decrypt it, or encrypt the data and then store it in the memory. Large system performance loss;

[0008] (4) The common hardware-based confidentiality protection method connects the hardware encryption and decryption logic in the memory controller or memory chip. For an embedded system with multiple memories, it is necessary to instantiate the encryption engine one by one in the controller or memory chip, resulting in waste of system resources

Images