DITES: A Lightweight and Flexible Dual-Core Isolated Trusted Execution SoC Based on RISC-V,Sensors

当前位置： X-MOL 学术 › Sensors › 论文详情

Our official English website, www.x-mol.net, welcomes your feedback! (Note: you will need to create a separate account there.)

DITES: A Lightweight and Flexible Dual-Core Isolated Trusted Execution SoC Based on RISC-V
Sensors ( IF 3.4 ) Pub Date : 2022-08-10 , DOI: 10.3390/s22165981
Yuehai Chen ₁ , Huarun Chen ₁ , Shaozhen Chen ₁ , Chao Han _{1,

2} , Wujian Ye _{1,

2} , Yijun Liu _{1,

2} , Huihui Zhou ₃

Affiliation

A Trusted Execution Environment (TEE) is an efficient way to secure information. To obtain higher efficiency, the building of a dual-core system-on-chip (SoC) with TEE security capabilities is the hottest topic. However, TEE SoCs currently commonly use complex processor cores such as Rocket, resulting in high resource usage. More importantly, the cryptographic unit lacks flexibility and ignores secure communication in dual cores. To address the above problems, we propose DITES, a dual-core TEE SoC based on a Reduced Instruction Set Computer-V (RISC-V). At first, we designed a fully isolated multi-level bus architecture based on a lightweight RISC-V processor with an integrated crypto core supporting Secure Hashing Algorithm-1 (SHA1), Advanced Encryption Standard (AES), and Rivest–Shamir–Adleman (RSA), among which RSA can be configured to five key lengths. Then, we designed a secure boot based on Chain-of-Trust (CoT). Furthermore, we propose a hierarchical access policy to improve the security of inter-core communication. Finally, DITES is deployed on a Kintex 7 Field-Programmable-Gate-Array (FPGA) with a power consumption of 0.297 W, synthesized using TSMC 90 nm. From the results, the acceleration ratios of SHA1 and RSA1024 decryption/encryption can reach 75 and 1331/1493, respectively. Compared to exiting TEE SoCs, DITES has lower resource consumption, higher flexibility, and better security.

中文翻译：

DITES：基于RISC-V的轻量级灵活双核隔离可信执行SoC

可信执行环境 (TEE) 是一种保护信息的有效方法。为了获得更高的效率，构建具有 TEE 安全能力的双核片上系统 (SoC) 是最热门的话题。然而，TEE SoC目前普遍使用Rocket等复杂的处理器内核，导致资源使用率高。更重要的是，加密单元缺乏灵活性，忽略了双核中的安全通信。为了解决上述问题，我们提出了 DITES，这是一种基于精简指令集计算机-V (RISC-V) 的双核 TEE SoC。起初，我们设计了一个基于轻量级 RISC-V 处理器的完全隔离的多级总线架构，该处理器具有支持安全散列算法 1 (SHA1)、高级加密标准 (AES) 和 Rivest-Shamir-Adleman ( RSA), 其中 RSA 可以配置为五种密钥长度。然后，我们设计了一个基于信任链（CoT）的安全启动。此外，我们提出了一种分层访问策略来提高内核间通信的安全性。最后，DITES 部署在 Kintex 7 现场可编程门阵列 (FPGA) 上，功耗为 0.297 W，使用 TSMC 90 nm 合成。从结果来看，SHA1和RSA1024解密/加密的加速比分别可以达到75和1331/1493。与现有的 TEE SoC 相比，DITES 具有更低的资源消耗、更高的灵活性和更好的安全性。DITES 部署在 Kintex 7 现场可编程门阵列 (FPGA) 上，功耗为 0.297 W，使用 TSMC 90 nm 合成。从结果来看，SHA1和RSA1024解密/加密的加速比分别可以达到75和1331/1493。与现有的 TEE SoC 相比，DITES 具有更低的资源消耗、更高的灵活性和更好的安全性。DITES 部署在 Kintex 7 现场可编程门阵列 (FPGA) 上，功耗为 0.297 W，使用 TSMC 90 nm 合成。从结果来看，SHA1和RSA1024解密/加密的加速比分别可以达到75和1331/1493。与现有的 TEE SoC 相比，DITES 具有更低的资源消耗、更高的灵活性和更好的安全性。

更新日期：2022-08-10

点击分享查看原文

点击收藏

公开下载

阅读更多本刊最新论文本刊介绍/投稿指南11