DE10056989A1 - Application-specific integrated circuit for encoding and decoding data streams has PCMCIA interface connectable to card storing key information - Google Patents

Abstract

The ASIC has a CPU possibly with a coprocessor, and a hardware implemented encoding algorithm. A PCMCIA interface (4) is operatively connected to a PCMCIA card formed as a database storing key information. The ASIC may comprise an RS232 interface (5). The ASIC may comprise a connection to a smartcard reader for reading key data from the smartcard.

Description

The invention relates to an application-specific integrated circuit (ASIC) for supply and Decryption of data streams with a CPU and possibly a coprocessor and a hardware implemented encryption algorithm.

Such ASICs are known as so-called Clipper chip or as another hardware-based Encryption process in the form of the so-called Me chip Leipzig company ESD known.

At the moment, two classes in particular find cryptographic Procedure application: symmetrical and asymmetrical.

The first class is called symmetrical because it uses the same key for encryption and decryption. The weak point of symmetric cryptography is the secure exchange of the shared secret key of both parties. No suitable way could be found for this. This task was finally solved by developers through the use of asymmetric cryptography. In this method, a key pair exists for each user, in which one key is provided for encryption (private or secret key) and the other for decryption (public key). Asymmetric cryptographic methods are based on mathematical problems that are not or only extremely difficult to calculate. This is why the asymmetrical methods have a significantly lower data throughput than comparable safe symmetrical methods. Execution times and security are in a tough competitive situation. Larger numbers correspond to higher security and lower data throughput. Processes are therefore required that guarantee a high level of safety with a shorter length. This is particularly important when these methods are used on devices that have a low computing capacity or when a large number of signatures have to be stored in a very limited memory. (See Funkschau 2000 , Issue 18, pp. 52-54)

The object of the invention is therefore a Generic ASIC to create a high Has security and at the same time high Data throughput guaranteed.

This object is achieved in a generic ASIC in that it has a PCMCIA interface with an active connection to a PCMCIA card ( 26 ) which is designed as a database memory of key information. A fast availability of many keys is required for server systems. Security requires that these are in the memory of the ASIC and are not accessible to the host system. So that these keys are not lost in the event of a system failure, the key database is saved on a PCMCIA card. In the event of a system failure, the card can be easily inserted into a new system, so that no complex recovery actions have to be carried out.

In a further embodiment, the Invention provided that the ASIC an RS232 interface having. The RS232 interface enables reading of key data stored on smart cards, directly into the ASIC. This is an essential point in the Security concept that thus spies on Key data prevented by Trojans on the PC becomes. There is no way to get the key dates over read a PC from the ASIC.  

So far in this application on certain bus systems these are preferred Configurations. However, the protection area should also extend to technically equivalent bus systems.

In a further advantageous embodiment of the Invention is provided that the ASIC a Active connection to a smart card for reading in Has key data from the smart card. To one Corruption or unauthorized reading (sniffing) of the secret key data coming from the smart card the smartcard can be made impossible directly with the ASIC via the RS232 interface and a reader connected and is therefore not connected to the host system connected. This interface is also on the ASIC implemented itself. To the RS232 interface can also be a smart card terminal with integrated (PIN) Keyboard can be connected so that inputs such as Passwords do not run through the host system.

In a further advantageous embodiment provided that the ASIC has a PCI interface. The Data traffic is handled via this PCI interface, which is also on the ASIC. The interface can according to the current, valid standard of 32 bit / 33 MHz up to 64 bit / 66 MHz can be configured further as a master able to make transfers on the PCI Initiate a host bus.

In an advantageous embodiment of the invention provided that the ASIC be a serial Has high-speed interface, in particular to match the same design with other ASICs communicate.

In a further advantageous embodiment of the Invention is further provided that it is embedded  Flash option. This flash option is necessary to create non-volatile memory directly on the ASIC for the operating system and the software. This has the advantage that no external memory is required, which could be read out. So are the integrated program sequences are protected.

For this purpose, another is advantageous Design provided that in particular that Operating system and / or the preparation of random numbers and / or a serial number and / or a Certification key and / or storage for Initialization parameters for the analog circuits are write-protected.

In a further advantageous embodiment of the Invention is provided that the ASIC is a module for has an intrusion detection. Once a unauthorized intervention in the structure takes place this was recognized and the system reset so that the read data are of no use to the attacker.

In a further advantageous embodiment of the Invention is provided that the ASIC is a module for Generation of physical effects based Has random numbers. Advantage is further provided that the ASIC an analog Amplifier circuit, an acyclic ring oscillator, a highly clocked linear feedback Shift register chain for generating random numbers having. These circuits are for generating Random numbers provided. The circuits deliver based on physical effects using data streams unpredictable bit strings. To do this, several Procedures applied that are combined. This is to ensure that the system great yield of high quality random numbers  is available. Two are used Amplifier circuits in the overdrive range acyclic ring oscillator and a highly clocked linear feedback shift register chain. The analog generated numbers are in the shift register chain fed in so that this aperiodic and no longer becomes predictable. To be a good statistical To achieve equal distribution of the numbers, these will be then through a software algorithm edited. A low-level subroutine monitors the Random number generation and activated for critical ones Environmental influences (physical attacks) an emergency Program.

In a further advantageous embodiment of the Invention is provided that the ASIC working independently Contains encryption and decryption units (VE) that can be operated in parallel, in particular with unlocked VEs. A VE is a self-sufficient Unit that encrypt and decrypt a data block can. The parallel operation can Processing performance increased many times over become.

Further advantageous configurations are in the Subclaims 11 to 26 described.

In a further advantageous embodiment of the Invention is provided that the ASIC to a Host system has an active connection, in particular with software for a password and Key management. This configuration is special for an entry-level variant in the form of a PCI Plug-in card interesting, where it is configured is that only one VE is unlocked. With this The system becomes the password and key management completely via software running on the host system  regulated. The product range is then scalable up to Server systems with several PCI- Cards, each with a 64 bit / 66 MHz PCI Interface, all VEs, smart card connection and one PCMCIA back-up card are equipped.

In an advantageous embodiment of the invention provided that the ASIC be a module for key management and / or a module for generating random noise and / or a module for intrusion detection and / or a module for a digital signature and / or a Module for certification and / or module for asymmetric encryption and / or for a Key exchange protocol and / or a module for one One-way function (hash algorithm) and / or for one Standard algorithm on a symmetrical basis. The ASIC according to the invention connects within one physical-technical unit a high speed implementation of the encryption algorithm together with a module for key management, Random noise and intrusion detection. Its full Efficiency and full coverage the ASIC acquires possible encryption tasks through its additionally separately integrated modules for the digital signature and the certification that asymmetric encryption and through Key exchange protocols, through one-way functions (Hash algorithms) as well as standard algorithms symmetrical base. The presence of Standard algorithms enable the use of ASICs within heterogeneous communication landscapes and This ensures compatibility with others Products.

The properties develop particularly advantageously of the ASIC when it is part of a stand-alone system is provided.  

For this purpose it is envisaged that several PCI cards are connected in parallel with one ASIC each together an active connection to the smart card and the PCMCIA backup card. Such a PCI card is particularly suitable for online encryption of with high bandwidth communication channels in the Internet and in company intranets. In particular VPN applications (Virtual Private Network) on gateways and routers are given the basis. Especially The card is also suitable for securing Storage media (hard drives, backup systems,...) And encryption of database applications.

Advantageously, at least one VF has one of them different VEs different keys. On the ASIC are placed multiple VEs, each capable of is to perform encryption or decryption. A VE consists of an input memory that Processing logic, a key store and one Output memory. It receives the data block as input as well as various parameters and modes, and delivers as Return a processed data block. After this the VE has started, it works independently Data off and signals the CPU that it is working. Each VE uses its own memory, in the key, passwords and the like temporarily are saved. This offers the possibility of several VE to operate in parallel and thus the Increase processing speed. Anyone can VE use a different key. Will one Setting chosen that of a normally safe Corresponds to encryption, a VE reaches one Data throughput of, for example, 40 Mbytes per second.

Especially in connection with an embodiment, at which the program memory with a non-deactivatable Write protection is provided, in particular that  Operating system and / or the preparation of random numbers and / or a serial number and / or a Certification key and / or storage for Initialization parameters for the analog circuits are write-protected, there is a particularly high security. That on the integrated CPU running operating system including software managed and controls all processes on the ASIC. Therefore, none is allowed Give the possibility to read out or to this data manipulate. This would be the case with external memory chips Possibility exists, however, so that the system dispenses with it and the entire software directly stores the ASIC. This becomes a 256 KByte Flash memory used on which the operating system, Initialization and configuration data and others Software is stored permanently. It is possible in Afterwards customized software in the system memory to accommodate a higher performance at the To achieve end use. Part of the memory is with write protection that cannot be deactivated. Parts of the Operating system, the random number preparation, the ASIC serial number, specific Certification key (e.g. from trust centers) as well different initialization parameters for the analog Circuits. On the ASIC itself is a 32 bit RISC Integrated processor. This is also with a Co Multiplication and division arithmetic processor fitted. The processor has the control function across the entire ASIC. He also takes over various other tasks, such as the preparation of the Random numbers, the formation of hash functions as well as the Processing of customer-specific algorithms. It there is also the possibility of complex Implement network protocols on the processor, which gives the opportunity to use the ASIC together with  to operate a network ASIC and thus one by one Host system independent standalone system (Network router with encryption function) realize.

Finally, in an advantageous embodiment Invention provided that for key management Diffie-Hellmann key exchange protocol provided is. The PCI card with the ASIC can be activated the corresponding functionalities also on key Generation server are used. It is possible a complex key hierarchy with partial, group and build general keys. Have the keys a length of 1683 bits and are prioritized on Smart cards saved. The smart cards have a own operating system, which is secured Data transfers using public key cryptography allows. The statistical and personalized or keys uniquely assigned to certain servers are mainly used for authentication one communication partner and to the next one Connection establishment used. The encryption of the actual data packets to be exchanged take place with dynamic keys instead of what online on the chip to be generated. The key match between the Communication partners takes place according to the Diffie-Hellman Key exchange protocol instead. This ensures that the keys never leave the hardware. To Use the dynamic key for one This will not be an encryption session reconstructable from the memory of the corresponding Encryption unit deleted. Because the keys too at no other time is one Compromise is therefore not possible.

The invention is in a preferred embodiment described with reference to a drawing, wherein  further advantageous details of the figures of the Drawing can be seen. Functionally the same Parts are provided with the same reference numerals.

The drawings show in detail:

Fig. 1 shows the schematic structure of the ASIC according to the invention,

Fig. 2 shows the schematic block diagram of an ASIC on a PCI card and

Fig. 3 shows the use of the ASIC in PCI cards.

In Fig. 1, the structure of the ASIC 2 of the invention is illustrated. The modules for the CPU 9 , a RISC processor, possibly a mathematical coprocessor, a flash memory 10 and the circuit module for the random number generation 11 are arranged on its surface. The software modules for key management, digital signature, certification, asymmetrical encryption and key exchange protocols, one-way functions and standard algorithms as well as the generated keys are permanently stored in the flash memory 10 .

The ASIC has more for intrusion detection Circuit modules, namely one or more power-on Reset modules, a temperature detection module and a Clock Detections module.

An RS232 interface 5 and a PCMCIA interface 4 are provided for password entry and key storage. In addition, a PCI module 3 is integrated on the ASIC.

The keys generated by the RISC processor are forwarded to one to 15 freely configurable encryption and decryption units (VEs) 12 . These are also arranged on the physical unit of the ASIC. These receive the incoming data packets intended for encryption or decryption and use them to generate the encrypted or decrypted data packets intended for output. The data packet exchange takes place via a PCI interface to and from the VEs.

A VE essentially consists of one Data input line over which the data packets in one Input memory can be saved. A Processing logic processes those in the input memory cached data packets with the help of keys stored in a key store an algorithm. The processed data words are the Processing logic to the output memory. Of there they can be accessed via the data output line become. The parameters required for processing and the processing logic receives modes commands via a further management.

In FIG. 2, the configuration of the ASIC 2 on a PCI card 1 is shown, which can be inserted a host system in a PCI slot. The ASIC communicates via the PCI bus present in the host system by means of the PCI module 3 provided on the ASIC 2 as an interface. In addition, data exchange with the PCMCIA card 6 via the PCMCIA module 4 is possible. The RS232 module 5 manages the data exchange with the SmartCard reader 7 and the SmartCard 8 . The SmartCard reader 7 can be designed as a terminal with a PIN keyboard.

FIG. 3 shows a parallel arrangement of a plurality of PCI cards 1 and 14 , each equipped with an ASIC 2. The three PCI cards 14 shown communicate via the common PCI bus 15 with a host system (not shown). Regardless of the host system, each ASIC 2 is connected by means of the PCMCIA interface 4 provided thereon to a PCMCIA card 6 serving as back-up memory and via the RS232 interface 5 also provided on the ASIC 2 to a password input keyboard 7 , in which a smart card 8 with reader is integrated as a smart card terminal, connected via the RS232 bus 16 .

In this way, an extremely secure connection and Decryption system with high data throughput realized.  

LIST OF REFERENCE NUMBERS

1

PCI plug-in board

2

ASIC

3

PCI module

4

PCMCIA module

5

RS232 module

6

PCMCIA card

7

Smart card reader or smart card terminal with keyboard

8th

Smart Card

9

CPU

10

Flash

11

Random number generator

12

Encryption and decryption unit

13

data storage

14

Card PCI

15

PCI bus

16

RS 232 bus

Claims (26)

1. Application-specific integrated circuit (ASIC) for encrypting and decrypting data streams with a CPU and possibly a coprocessor and at least one hardware-implemented encryption algorithm, characterized in that it has a PCMCIA interface ( 4 ) with an active connection to a PCMCIA card ( 6 ), which is designed as a database memory of key information. 2. ASIC according to claim 1, characterized in that it has an RS232 interface ( 5 ). 3. ASIC according to claim 1 or 2, characterized in that it has an active connection to a smart card reader ( 7 ) for reading key data from the smart card ( 8 ). 4. ASIC according to claim 1, 2 or 3, characterized in that it has a PCI interface ( 3 ). 5. ASIC according to claim 1, 2, 3 or 4, characterized characterized that he was a serial Has high-speed interface, especially around the same with other ASICs Design to communicate. 6. ASIC according to at least one of the preceding claims, characterized in that it has an embedded flash option ( 10 ), the embedded flash option preferably being provided with a write protection mechanism. 7. ASIC according to at least one of the previous ones Claims, characterized in that especially the operating system and / or the Random number preparation and / or one Serial number and / or a Certification key and / or a store for initialization parameters for the analog Circuits are write-protected. 8. ASIC according to at least one of the previous ones Claims, characterized in that it is a Has module for intrusion detection. 9. ASIC according to at least one of the preceding claims, characterized in that it has a module ( 11 ) for the generation of random numbers based on physical effects. 10. ASIC according to at least one of the preceding claims, characterized in that it contains autonomously working encryption and decryption units (VB) ( 12 ) which can be operated in parallel, in particular with 1 to 15 VEs enabled. 11. ASIC according to at least one of the preceding claims, characterized in that the encryption and decryption units ( 12 ) can be operated with different and non-static keys. 12. ASIC according to at least one of the preceding claims, characterized in that a program memory ( 13 ) for the operating system including software is formed as part of the ASIC ( 2 ), which is preferably designed as a flash memory ( 10 ). 13. ASIC according to at least one of the preceding claims, characterized in that it contains a long number arithmetic module ( 9 ). 14. ASIC according to at least one of the previous ones Claims, characterized in that it is a Module for the generation of cryptographic contains usable prime numbers. 15. ASIC according to at least one of the previous ones Claims, characterized in that it is a Has a module for a key management. 16. ASIC according to at least one of the previous ones Claims, characterized in that it is a Administration module that contains the reading of Preventing key data from the ASIC is trained. 17. ASIC according to at least one of the previous ones Claims, characterized in that it is a Has module for a digital signature. 18. ASIC according to at least one of the previous ones Claims, characterized in that he module for key certification contains. 19. ASIC according to at least one of the preceding Claims, characterized in that he has at least one module for an asymmetric Encryption and / or for a Has key exchange protocol. 20. ASIC according to at least one of the preceding Claims, characterized in that at least one module for key exchange, especially on one  Key exchange protocol based, is provided. 21. ASIC according to at least one of the previous ones Claims, characterized in that he has at least one module for education has cryptographic hash values. 22. ASIC according to at least one of the preceding Claims, characterized in that at least one module for symmetrical Encryption, especially for keys with at least 1024 bits in length, preferably with the Possibility to form cryptographic Check bits. 23. ASIC according to at least one of the previous ones Claims, characterized in that it is intended as part of a stand-alone system is. 24. ASIC according to at least one of the preceding claims, characterized in that it is arranged on a PCI card ( 1 ) and for this purpose has an interface ( 3 ) for a PCI bus. 25. ASIC according to at least one of the previous ones Claims, characterized in that it too has an active connection to a host system, especially with software for one Password and key management. 26. ASIC according to at least one of the preceding claims, characterized in that the CPU ( 9 ) and / or the PCI interface ( 3 ) are integrated in the standard cell structure of the ASIC ( 2 ).