节点文献
一种抗非入侵式攻击的安全RISC-V处理器研究
Research on A Secure RISC-V Processor against Non-invasive Attacks
【作者】 刘斌;
【作者基本信息】 天津大学 , 集成电路工程, 2020, 硕士
【摘要】 近年来,随着技术和需求的相互发展,集成电路逐渐被应用到国计民生的各个领域,而其本身的硬件安全问题也越来越受到人们的重视。非入侵式攻击中的功耗分析攻击和故障注入攻击凭借攻击效果显著、成本低廉等优势严重威胁着集成电路的信息安全,针对它们的防御策略是当下的研究热点。最初,对集成电路的安全防护主要集中在加密算法的硬件实现上,针对不同的密码芯片需要设计不同的解决方案,缺乏灵活性且增加了经济成本。为了解决上述问题,本文直接在RTL层对通用处理器进行安全防护,使其适配多种软件算法。在此之前,本文首先为一款RISC-V处理器核搭建了完整的仿真平台,以作为后续研究的基础。为了消除功耗分析攻击的威胁,同时保证处理器的低功耗和高性能,本文提出了一种安全RISC-V处理器的实现方法。此安全处理器支持两种工作模式:安全模式和普通模式,分别用来处理需要保护的敏感数据和可以公开的非敏感数据。安全模式的实现方法是在RTL层对处理器的所有数据通路应用DOM掩码技术,数据通路位宽由32位扩展到64位。同时,通过可配置架构设计,实现了普通工作模式,在此模式下处理器同时支持RV32IMC和RV64IMC指令集。通过两种工作模式的转换,处理器既可以有效保护敏感数据,又可以降低功耗。为了评估处理器的安全性,基于仿真平台搭建了功耗分析攻击平台。当采集2百万条功耗曲线进行DPA攻击时,安全模式可以有效保护敏感数据;采用Welch’s t-test对安全模式的抗功耗分析攻击能力进行评估,结果表明在99.99%的置信度下,处理器不会泄露敏感信息。为了在不使用额外设备的前提下抵御故障注入攻击,本文提出了一种基于故障检测技术的安全RISC-V处理器实现方法。对译码单元应用三模冗余技术,对外部存储器和通用寄存器应用ECC校验技术,对ALU应用字节奇偶校验技术。使用基于扫描链的故障注入模拟技术对安全处理器进行验证,实验结果显示:ECC校验的总故障检测率为90.83%,字节奇偶校验的总故障检测率为91.62%。
【Abstract】 In recent years,with the development of technology and demand,integrated circuits have gradually been applied to various fields of national economy and people’s livelihood,and its own hardware security issues have also received more and more attention.Power analysis attacks and fault injection attacks in non-invasive attacks seriously threaten the information security of integrated circuits by virtue of their significant effects and low cost.The research on their defense strategies has also become a current research hotspot.Initially,the security protection of integrated circuits was mainly focused on the hardware implementation of encryption algorithms,and different solutions were required for different cryptographic chips,which lacked flexibility and increased economic costs.To solve the above problems,this paper directly protects the general-purpose processor at the RTL layer to adapt it to a variety of software algorithms.Before,this paper first built a complete simulation platform for a RISC-V processor core as the basis for subsequent research.A secure RISC-V processor implementation method is proposed in order to eliminate the threat of power analy-sis attacks whilst ensuring low power consumption and high processor performance.This security processor supports two working modes:secure mode and normal mode,used to process sensitive data that needs to be pro-tected and non-sensitive data that can be disclosed,respectively.The implementation of the secure mode is to apply DOM scheme to all the data paths of the processor at the RTL level,and the data path width is expanded from 32 to 64 bits.At the same time,through the configurable architecture design,a normal working mode is realized,in which the processor supports the RV32 IMC and RV64 IMC instruction sets.Through the conversion of the two working modes,the processor can effectively protect sensitive data and reduce power consumption.To evaluate the security of the processor,a power analysis attacks platform was built based on the simulation platform.In the case of collecting 2 million power traces for DPA attacks,the secure mode can effectively protect sensitive data;In addition,the Welch’s t-test is used to evaluate the ability of secure mode to against power analysis attacks.The results show that with a 99.99%confidence level,the processor will not leak sensitive information.In order to against fault injection attacks without using additional equipment,this paper proposes a secure RISC-V processor implementation method based on fault detection technology.Triple modular redundancy is applied to the decoder,ECC check is applied to the external memory and general registers,and byte parity check is applied to the ALU.The secure processor is verified using fault injection simulation technology based on scan chain.The experimental results show that the total fault detection rate of ECC check is 90.83%,and that of byte parity check is 91.62%.
【Key words】 Integrated circuit security; DOM; Fault detection; RISC-V;