CN105162578A - Encryption circuit applied to universal digital signal processor - Google Patents
Encryption circuit applied to universal digital signal processor Download PDFInfo
- Publication number
- CN105162578A CN105162578A CN201510614192.XA CN201510614192A CN105162578A CN 105162578 A CN105162578 A CN 105162578A CN 201510614192 A CN201510614192 A CN 201510614192A CN 105162578 A CN105162578 A CN 105162578A
- Authority
- CN
- China
- Prior art keywords
- nextport
- digital signal
- signal processor
- encryption
- universal digital
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Landscapes
- Storage Device Security (AREA)
Abstract
The invention discloses an encryption circuit applied to a universal digital signal processor. The encryption circuit is capable of enabling the universal digital signal processor to operate in an encryption mode and switch to a universal mode, and the time sequence in the encryption mode is consistent with that in the universal mode. The encryption circuit comprises the universal digital signal processor, an encryption module, a decryption module, a program memory and a data memory. Program codes (a cleartext) completely developed based on the universal digital signal processor are encrypted using a key into ciphertext codes for writing in the program memory; when the encryption circuit operates, the ciphertex codes or data in the program memory and the data memory can be converted into cleartext codes or data via the decryption module for taking part in program operation, and intermediate data is encrypted by the encryption circuit and then stored in the data memory. The encryption circuit strictly protects programs operating in the universal processor so that the program codes must be read in a chip dissection mode, and therefore, board copying is effectively prevented and the security of application codes is guaranteed.
Description
Technical field
The present invention relates to a kind of encrypted circuit being applied to nextport universal digital signal processor NextPort, specifically become to have the dedicated digital signal processor of encryption function by general purpose signal processor through Encryption Design.
Background technology
Digital signal processor conventional on the market at present does not all possess encryption function, in application process, its program code is all outer at sheet or the ROM that is placed in sheet often, and exist with form expressly, rival can pass through the direct program code read of simulator very easily, cannot obtain effective guarantee for core algorithm, communication protocol in code.
At civil area, the copying of hardware circuit of product is very easily, key is just program code, does not possess the nextport universal digital signal processor NextPort of encryption function as fruit product uses, and all technology of the acquisition new product that rival can be very cheap are also converted into oneself product.
In Military Application field, once the code in processor is read, the lighter, enemy can copy your weapon; Your weapon of severe one no longer there is secret, enemy can according to the control logic obtained from code, and disturb or control your other weapons, consequence is very serious.At military field particularly those weapons for exporting, the encryption requirements for nextport universal digital signal processor NextPort is very urgent.
Therefore no matter be at military or civil area, be all badly in need of a kind of encrypted circuit or encryption method is encrypted nextport universal digital signal processor NextPort.
Summary of the invention
The object of the invention is to overcome the deficiencies in the prior art, a kind of encrypted circuit being applied to nextport universal digital signal processor NextPort is provided, encrypted circuit and nextport universal digital signal processor NextPort are carried out relevant design, guarantee that sequential is consistent with primary circuit, the dedicated digital signal processor encrypted can be realized, solve the problem of now typical number word signal processor security performance disappearance.
According to technical scheme provided by the invention, the described encrypted circuit being applied to nextport universal digital signal processor NextPort comprises:
A nextport universal digital signal processor NextPort;
An encrypting module;
A deciphering module;
One or more program storage, is connected with deciphering module with described encrypting module;
One or more data storage, is connected with deciphering module with described encrypting module;
Described encrypting module is connected with nextport universal digital signal processor NextPort with deciphering module;
The program code developed based on nextport universal digital signal processor NextPort forms ciphertext program code and solidifies in described program storage after the encryption of host computer encryption software, the key agreement of the additional space of host computer encryption software key and deciphering module; Encrypted circuit mode of operation is divided into encryption mode, common-mode, and encryption mode is consistent with common-mode sequential;
When encryption mode works, solidify ciphertext code in program storage and after deciphering module deciphering, form the plaintext code that nextport universal digital signal processor NextPort can identify perform; The existing plaintext of intermediate data in circuit running also has ciphertext, and cipher text part adopts different keys according to different pieces of information space, encrypt data sends into general-purpose digital signal process after deciphering module deciphering, and encrypting module is deposited in needing the data of encryption in data storage according to data space after corresponding secret key encryption.
Wherein, to be integrated in encrypted circuit inner or be placed in encrypted circuit outside and hang on the external bus that is connected with encrypting module for described program storage, data storage.
Described nextport universal digital signal processor NextPort is with external bus, the processor with outside addressing space.
Program storage, data storage to be connected with described nextport universal digital signal processor NextPort by parallel bus and to communicate by described encrypting module, deciphering module.
What nextport universal digital signal processor NextPort external bus interface transmitted in an encrypted mode is encrypt data.If program storage is integrated in encrypted circuit inside, ciphertext program code need solidify code-point when circuit design.
When working under encryption mode, described nextport universal digital signal processor NextPort is transformed into through deciphering module the program that to bring into operation after plaintext code by the ciphertext code in data, address bus fetch program memory.
Described encrypting module is for the data space encryption in data storage, and encryption key is determined according to address field, to the different key of the data acquisition of different address field; Described deciphering module is responsible for the deciphering of the program space, data space, and the program space of program storage adopts unique key, and data space adopts the key corresponding with during encryption; The employing of multiple key is determined according to the bus chip selection signal of nextport universal digital signal processor NextPort and address signal decoding by encrypting module, deciphering module.
Further, encryption, decipherment algorithm engine adopt DES algorithm, and key solidifies in the circuit of encrypting module, deciphering module when algorithm circuit design, and the change of key must be realized by change circuit design.
Select encrypted circuit mode of operation of the present invention by external hardware circuit, in encrypted circuit design process, increase a circuit port, realize mode of operation by the level changing this port and switch; Under common-mode, user carries out code debugging by jtag port, and program codes all under common-mode, data are all expressly, cannot perform ciphertext code; Under encryption mode, jtag port will lose efficacy, and encrypted circuit cannot be debugged circuit by jtag port, and all program codes are all considered to ciphertext code, if wrong cipher key, program cannot normally be run.
Advantage of the present invention is: the dedicated digital signal processor becoming to have encryption function by general purpose signal processor through Encryption Design; forbid that rival is by the direct program code read of bus interface; tight protection has been carried out to the program run in general processor; must by dissecting the mode ability program code read of chip; effectively prevent flight, ensure the fail safe of application code.
Accompanying drawing explanation
Fig. 1 is circuit structure block diagram of the present invention.
Fig. 2 is contrast before and after streamline is optimized.
Fig. 3 is the implementing procedure figure of encrypted circuit.
Embodiment
Below in conjunction with drawings and Examples, the invention will be further described.
The technical solution used in the present invention is reverse Development of Universal digital signal processor, encryption algorithm engine adopts DES algorithm, Top-Down Design algorithm logic, advancing addresses decoding function optimization primary circuit pipeline organization is adopted to guarantee the consistency of sequential before and after circuit encrypts, form special circuit after experience logical design, emulation, layout design, plate-making, flow, test package, thus nextport universal digital signal processor NextPort is upgraded to cryptographic digital signal processor circuit.
The present invention is based on nextport universal digital signal processor NextPort to design and develop, nextport universal digital signal processor NextPort is upgraded to the dedicated encrypted digital signal processor that sequential is consistent with primary circuit.Nextport universal digital signal processor NextPort can be Reverse Development, Top-Down Design encryption, deciphering module, and encryption, decipherment algorithm adopt DES algorithm.As shown in Figure 1, circuit structure of the present invention comprises: nextport universal digital signal processor NextPort, encrypting module, deciphering module, described encrypting module is connected with nextport universal digital signal processor NextPort with deciphering module, and described encrypting module and deciphering module are also connected one or more program storage and one or more data storage by bus.
Program, data storage can be ROM, E of being integrated in encrypted circuit inside
2the memories such as PROM, Flash can be equally also the various types of memory hanging over sheet external bus, and the code solidified in the program space is the ciphertext code after encryption.
The program space can be the MASKROM of inside circuit, and the program space also can expand in the sheet external space), data space can be positioned at outside sheet or sheet.Program storage, data storage to be connected with digital signal processor circuit by parallel bus and to communicate by encryption, deciphering module.Digital signal processor can carry out selection and switch between common-mode and encryption mode, and sequential is consistent, and can be debugged circuit by jtag port under common-mode, under private encryption mode, JTAG is unavailable.
Consult Fig. 2, in order to ensure to encrypt consistency that is rear and universal circuit sequential, improving the streamline of nextport universal digital signal processor NextPort, adopting advancing addresses decoded mode, guarantee bus reading speed.The work of beat 3 be advanced in beat 2 and carry out, the beat 3 after optimization is for deciphering, beat 1,4 constant, and encryption, deciphering are all arranged in beat 3.
Consult Fig. 3, the method for designing of encrypted circuit of the present invention comprises the steps:
S1: the domain logic obtaining nextport universal digital signal processor NextPort, understands the bus interface, the bus timing that confirm general processor;
S2: determine encipherment scheme, encryption space, cryptographic algorithm, encryption key;
S3: design and develop encryption, deciphering module;
S4: according to determining cryptographic algorithm and key, exploitation host computer encryption software;
S5: logic checking, layout design, emulation;
S6: flow is verified;
S7: the program code developed according to general processor is used encryption software encryption;
S8: if the program space is the ROM in sheet, ciphertext program code need solidify code-point when circuit design.
The encrypted circuit being applied to nextport universal digital signal processor NextPort that the present invention proposes and implementation method thereof, through actual verification, dependable performance is a kind of scheme nextport universal digital signal processor NextPort being upgraded to dedicated encrypted digital signal processor of good performance.
For dropping into limited project, adopting the scheme of special chip to drop into comparatively large, based on this method, this cryptographic algorithm designed and produced into dedicated encrypted algorithm logic circuit or this algorithm realized in the programmable logic device be also feasible.
Claims (10)
1. be applied to the encrypted circuit of nextport universal digital signal processor NextPort, it is characterized in that, comprising:
A nextport universal digital signal processor NextPort;
An encrypting module;
A deciphering module;
One or more program storage, is connected with deciphering module with described encrypting module;
One or more data storage, is connected with deciphering module with described encrypting module;
Described encrypting module is connected with nextport universal digital signal processor NextPort with deciphering module;
The program code developed based on nextport universal digital signal processor NextPort forms ciphertext program code and solidifies in described program storage after the encryption of host computer encryption software, the key agreement of the additional space of host computer encryption software key and deciphering module; Encrypted circuit mode of operation is divided into encryption mode, common-mode, and encryption mode is consistent with common-mode sequential;
When encryption mode works, solidify ciphertext code in program storage and after deciphering module deciphering, form the plaintext code that nextport universal digital signal processor NextPort can identify perform; The existing plaintext of intermediate data in circuit running also has ciphertext, and cipher text part adopts different keys according to different pieces of information space, encrypt data sends into general-purpose digital signal process after deciphering module deciphering, and encrypting module is deposited in needing the data of encryption in data storage according to data space after corresponding secret key encryption.
2. be applied to the encrypted circuit of nextport universal digital signal processor NextPort as claimed in claim 1, it is characterized in that, it is inner or be placed in encrypted circuit outside and hang on the external bus that is connected with encrypting module that described program storage, data storage are integrated in encrypted circuit.
3. be applied to the encrypted circuit of nextport universal digital signal processor NextPort as claimed in claim 2, it is characterized in that, what nextport universal digital signal processor NextPort external bus interface transmitted in an encrypted mode is encrypt data.
4. be applied to the encrypted circuit of nextport universal digital signal processor NextPort as claimed in claim 2, it is characterized in that, if program storage is integrated in encrypted circuit inside, ciphertext program code need solidify code-point when circuit design.
5. be applied to the encrypted circuit of nextport universal digital signal processor NextPort as claimed in claim 1, it is characterized in that, described nextport universal digital signal processor NextPort is with external bus, the processor with outside addressing space.
6. be applied to the encrypted circuit of nextport universal digital signal processor NextPort as claimed in claim 1, it is characterized in that, when working under encryption mode, described nextport universal digital signal processor NextPort is transformed into through deciphering module the program that to bring into operation after plaintext code by the ciphertext code in data, address bus fetch program memory.
7. be applied to the encrypted circuit of nextport universal digital signal processor NextPort as claimed in claim 1, it is characterized in that, described encrypting module is for the data space encryption in data storage, and encryption key is determined according to address field, to the different key of the data acquisition of different address field; Described deciphering module is responsible for the deciphering of the program space, data space, and the program space of program storage adopts unique key, and data space adopts the key corresponding with during encryption; The employing of multiple key is determined according to the bus chip selection signal of nextport universal digital signal processor NextPort and address signal decoding by encrypting module, deciphering module.
8. be applied to the encrypted circuit of nextport universal digital signal processor NextPort as claimed in claim 1, it is characterized in that, encryption, decipherment algorithm engine adopt DES algorithm, key solidifies in the circuit of encrypting module, deciphering module when algorithm circuit design, and the change of key must be realized by change circuit design.
9. be applied to the encrypted circuit of nextport universal digital signal processor NextPort as claimed in claim 1, it is characterized in that, by external hardware circuit Choice encryption circuit operating pattern, in encrypted circuit design process, increase a circuit port, realize mode of operation by the level changing this port and switch; Under common-mode, user carries out code debugging by jtag port, and program codes all under common-mode, data are all expressly, cannot perform ciphertext code; Under encryption mode, jtag port will lose efficacy, and encrypted circuit cannot be debugged circuit by jtag port, and all program codes are all considered to ciphertext code, if wrong cipher key, program cannot normally be run.
10. be applied to the encrypted circuit of nextport universal digital signal processor NextPort as claimed in claim 1, it is characterized in that, program storage, data storage to be connected with described nextport universal digital signal processor NextPort by parallel bus and to communicate by described encrypting module, deciphering module.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510614192.XA CN105162578B (en) | 2015-09-23 | 2015-09-23 | Encrypted circuit applied to nextport universal digital signal processor NextPort |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510614192.XA CN105162578B (en) | 2015-09-23 | 2015-09-23 | Encrypted circuit applied to nextport universal digital signal processor NextPort |
Publications (2)
Publication Number | Publication Date |
---|---|
CN105162578A true CN105162578A (en) | 2015-12-16 |
CN105162578B CN105162578B (en) | 2018-05-01 |
Family
ID=54803343
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201510614192.XA Active CN105162578B (en) | 2015-09-23 | 2015-09-23 | Encrypted circuit applied to nextport universal digital signal processor NextPort |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN105162578B (en) |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106203181A (en) * | 2016-08-22 | 2016-12-07 | 武汉芯泰科技有限公司 | A kind of multicomputer system based on crypto bus |
WO2018035655A1 (en) * | 2016-08-22 | 2018-03-01 | 武汉芯泰科技有限公司 | Multiprocessor system based on encrypted bus |
CN109492418A (en) * | 2018-11-22 | 2019-03-19 | 中国电子科技集团公司第五十八研究所 | A kind of safe encrypting and deciphering system of general dsp based on aes algorithm |
CN109656840A (en) * | 2018-12-21 | 2019-04-19 | 成都海光集成电路设计有限公司 | A kind of device of data encrypting and deciphering, method, storage medium and data-storage system |
CN111046444A (en) * | 2019-12-06 | 2020-04-21 | 合肥市卓怡恒通信息安全有限公司 | Storage encryption system based on domestic chip platform, mode switching method thereof and computer |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6453415B1 (en) * | 1997-09-16 | 2002-09-17 | Safenet, Inc. | Method of communicating securely between an application program and a secure kernel |
CN201435083Y (en) * | 2009-05-08 | 2010-03-31 | 四川赛狄信息技术有限公司 | Privacy device for microprocessor and program thereof |
-
2015
- 2015-09-23 CN CN201510614192.XA patent/CN105162578B/en active Active
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6453415B1 (en) * | 1997-09-16 | 2002-09-17 | Safenet, Inc. | Method of communicating securely between an application program and a secure kernel |
CN201435083Y (en) * | 2009-05-08 | 2010-03-31 | 四川赛狄信息技术有限公司 | Privacy device for microprocessor and program thereof |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106203181A (en) * | 2016-08-22 | 2016-12-07 | 武汉芯泰科技有限公司 | A kind of multicomputer system based on crypto bus |
WO2018035655A1 (en) * | 2016-08-22 | 2018-03-01 | 武汉芯泰科技有限公司 | Multiprocessor system based on encrypted bus |
CN109492418A (en) * | 2018-11-22 | 2019-03-19 | 中国电子科技集团公司第五十八研究所 | A kind of safe encrypting and deciphering system of general dsp based on aes algorithm |
CN109656840A (en) * | 2018-12-21 | 2019-04-19 | 成都海光集成电路设计有限公司 | A kind of device of data encrypting and deciphering, method, storage medium and data-storage system |
CN111046444A (en) * | 2019-12-06 | 2020-04-21 | 合肥市卓怡恒通信息安全有限公司 | Storage encryption system based on domestic chip platform, mode switching method thereof and computer |
Also Published As
Publication number | Publication date |
---|---|
CN105162578B (en) | 2018-05-01 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
EP3403185B1 (en) | Memory operation encryption | |
CN104156642B (en) | A kind of security password input system and method based on safe touch screen control chip | |
CN105162578A (en) | Encryption circuit applied to universal digital signal processor | |
EP3355232B1 (en) | Input/output data encryption | |
US20220197825A1 (en) | System, method and apparatus for total storage encryption | |
US10261854B2 (en) | Memory integrity violation analysis method and apparatus | |
CN103136458B (en) | A kind of (SuSE) Linux OS dynamic base code protection method and device thereof | |
KR20140019599A (en) | Method of managing key for secure storage of data, and and apparatus there-of | |
US10536264B2 (en) | Efficient cryptographically secure control flow integrity protection | |
CN105701410B (en) | The method, apparatus and system of information in a kind of acquisition source code | |
CN101004719A (en) | Embedded system and method for increasing embedded system security | |
CN104680039A (en) | Data protection method and device of application installation package | |
CN107315966B (en) | Solid state disk data encryption method and system | |
US20170046280A1 (en) | Data processing device and method for protecting a data processing device against attacks | |
EP2987086A2 (en) | Secure computing | |
CN111130784B (en) | Key generation method and device, CPU chip and server | |
CN109492418A (en) | A kind of safe encrypting and deciphering system of general dsp based on aes algorithm | |
CN103347017A (en) | Data processing method and system on chip | |
US10474844B2 (en) | Cryptographic program diversification | |
US11121867B2 (en) | Encryption methods based on plaintext length | |
Khelif et al. | A versatile emulator of mitm for the identification of vulnerabilities of iot devices, a case of study: smartphones | |
KR20180059217A (en) | Apparatus and method for secure processing of memory data | |
CN111125791B (en) | Memory data encryption method and device, CPU chip and server | |
CN102855439A (en) | Executable file self-checking method and device | |
EP2674892B1 (en) | A method, a device and a computer program support for execution of encrypted computer code |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |