摘要
针对信息安全业务对安全加密模块处理速率要求日益增高的现状,基于自主研发安全芯片提出一种通用串行总线(USB)加密卡设计方案。开发一个多层结构的高性能片上操作系统,并将USB加密卡配置为大容量存储设备,利用Bulk-Only协议与主机通信,使主机无需安装驱动,同时通过扩展的SCSI私有指令完成加解密操作,提高便捷性与安全性。此外,设计一种USB高速密码算法子系统,其中采用数据流控制单元以及USB直接内存存取、协处理器软件流水线、AHB-Lite总线等多种加速策略。测试结果表明,该方案设计的USB加密卡使用便捷,能够高速完成国密SM1的运算。
Aiming at the growing requirement of processing rate of encryption module in the realm of information security,this paper proposes a design scheme of Universal Serial Bus( USB) encryption card based on self-developed security chip. Firstly,a high-performance Chip Operation System( COS) of multilayered structure is developed which configures the USB encryption card to massive storage device, and Bulk-Only protocol is used to communicate with host without installing driver. Meanwhile,extended SCSI private commands are used to complete encryption and decryption operation,which improve convenience and security. Otherwise,a USB high-speed cryptographic algorithm subsystem is proposed which uses Flow Control Unit( FCU) as cooperator. In addition, some accelerating strategies are adopted, such as USB-DMA, software pipeline,AHB-Lite bus,etc. Test results show that the USB encryption card designed by the proposed scheme can realize high-speed SM1 operation,which is convenient to use.
出处
《计算机工程》
CAS
CSCD
北大核心
2017年第11期292-296,302,共6页
Computer Engineering
基金
"十二五"国家科技重大专项(2011ZX03004-004)
关键词
通用串行总线
加密卡
协处理器
免驱
片上操作系统
Universal Serial Bus ( USB )
encrypion card
coprocessor
driver-free
Chip Operation System ( COS )