摘要
针对可重构计算平台的远程比特流更新中如何防止信息被篡改和重放攻击的问题,提出了可重构计算平台中的远程比特流安全更新方案.该方案在远程更新配置端采用部分加密策略加密比特流并计算MAC值,通过以太网将信息发往可重构计算平台,经控制单元验证其完整性后,将加密的比特流和MAC值放入安全配置器中,最后FPGA加电并向控制单元请求获取比特流,从而完成远程比特流的安全更新.分析表明,该方案能够保证更新比特流的完整性和机密性,并能防止重放攻击.
Although FPGA-based reconfiguration computing platform has been shown as a promising technique in high productivity computing field, it may suffer security threats during its bitstream remote update process. A secure scheme is proposed in this paper to prevent tamper and replay attacks during the process of remote bitstream update on reconfigurable computing platform, which encrypts the bitstream partially and calculates the value of MAC when making the configuration at the Remote Updating Configuration End. And then these data is sent to the distributed Control Units on reconfigurable computing platform via network. , The encrypted bitstream will be put into security configurator after its integrity was verified by the value of MAC,. At the end of the secure update process, FPGAs will makes the requirements to its Control Unit and get the secure bitstream after it is restart. Analysis shows that the scheme proposed can guarantee the integrity and the confidentiality of the bitstream for remote updating and also has the abilitv of protecting the updating process from replay attacks.
出处
《微电子学与计算机》
CSCD
北大核心
2013年第12期64-68,共5页
Microelectronics & Computer
基金
国家"八六三"计划重点项目(2009AA012201)
关键词
信息安全
FPGA
可重构技术
远程比特流更新
information security
FPGA
reconfigurable technology
remote bitstream update
