[go: up one dir, main page]

CN120832168A - An extended instruction processor architecture supporting the TESLA protocol - Google Patents

An extended instruction processor architecture supporting the TESLA protocol

Info

Publication number
CN120832168A
CN120832168A CN202510886370.8A CN202510886370A CN120832168A CN 120832168 A CN120832168 A CN 120832168A CN 202510886370 A CN202510886370 A CN 202510886370A CN 120832168 A CN120832168 A CN 120832168A
Authority
CN
China
Prior art keywords
instruction
source operand
operand
module
current
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202510886370.8A
Other languages
Chinese (zh)
Inventor
柴舒文
陈鹏
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Institute of Microelectronics of CAS
Original Assignee
Institute of Microelectronics of CAS
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Institute of Microelectronics of CAS filed Critical Institute of Microelectronics of CAS
Priority to CN202510886370.8A priority Critical patent/CN120832168A/en
Publication of CN120832168A publication Critical patent/CN120832168A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/30Arrangements for executing machine instructions, e.g. instruction decode
    • G06F9/30181Instruction operation extension or modification
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/30Arrangements for executing machine instructions, e.g. instruction decode
    • G06F9/30098Register arrangements
    • G06F9/3012Organisation of register space, e.g. banked or distributed register file
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/30Arrangements for executing machine instructions, e.g. instruction decode
    • G06F9/34Addressing or accessing the instruction operand or the result ; Formation of operand address; Addressing modes

Landscapes

  • Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Executing Machine-Instructions (AREA)

Abstract

The present disclosure provides an extended instruction processor architecture and electronic device supporting a TESLA protocol, where the architecture includes a fetch module, a decode module, an execution module, a memory access module, a write back module, a register file, an external module, and an AHB bus. The method and the device design the custom extended instruction aiming at two types of cryptographic algorithms related to the TESLA protocol, and set a hardware logic unit corresponding to the extended instruction in the execution module, so that the RISC-V can quickly, efficiently and simply realize a signature algorithm and a hash algorithm at the instruction level, the development difficulty of the TESLA protocol is effectively reduced, meanwhile, the navigation authentication process based on the TESLA protocol is completed by using less code quantity and less running time, and the execution efficiency of the navigation authentication process is effectively improved.

Description

Extended instruction processor architecture supporting TESLA protocol
Technical Field
The present disclosure relates to the field of processor design technology, and in particular, to a RISC-V processor architecture and electronic device supporting extended instructions of the TESLA protocol.
Background
Currently, the global satellite navigation system (GNSS) is mainly a GPS system in the united states, a GLONASS system in russia, a Galileo system in europe, and a BDS system in china, and has entered a stage of rapid development and application. However, in recent years, with the increasing progress of the fraud technology, the risk of being spoofed by GNSS is also increasing. For this reason, navigation authentication technology is becoming a research hotspot, and has been applied in GNSS basic systems. For example, the Galileo system E1-B1 frequency point has begun to formally provide free open signal navigation information authentication (OSNMA) service in 2023, GPS is testing an encryption spreading code authentication (CHIMERA) scheme applicable to the GPSL1C signal, and the japan QZSS system has also developed an on-orbit experiment for message authentication in the L1S frequency point.
OSNMA implementation of the authentication scheme is based on the TESLA protocol, a secure authentication protocol for streaming data, designed to improve unreliable broadcast channels, to deliver messages to multiple recipients in an efficient, highly secure manner, using a technique called "clock chaining" for message integrity and authenticity verification. And meanwhile, a symmetric key delay broadcasting technology is used for providing asymmetry of information in time.
The security and integrity of the TESLA protocol are ensured by two types of cryptographic algorithms, namely a signature algorithm and a hash algorithm, wherein the signature algorithm is mainly based on an ECDSA based on an elliptic curve and an SM2 algorithm in a national cryptographic standard, and the hash algorithm is mainly based on an SM3 algorithm of SHA256 and the national cryptographic standard. Because the TESLA protocol is used for the navigation authentication, the required data volume is large, the calculation is complicated, the software processing time is long only by using the general processor, the code volume is also very large, the execution efficiency of the navigation authentication algorithm is seriously influenced, and the time cost and the memory occupation cost are relatively high.
Disclosure of Invention
It is an aim of embodiments of the present disclosure to provide an extended instruction processor architecture and electronic device supporting the TESLA protocol to solve the problems in the prior art.
The embodiment of the disclosure adopts the following technical scheme that the extended instruction processor architecture supporting the TESLA protocol comprises an instruction fetching module, a decoding module, an execution module, a memory access module, a write-back module, a register file, an external module and an AHB bus, wherein the decoding module is configured to decode a current instruction fetched by the instruction fetching module to obtain an instruction type, an operand address and a write-back address, acquire an operand of the current instruction from the register file according to the operand address, and dispatch the operand to the execution module according to the instruction type, the instruction type comprises a general instruction and an extended instruction, the extended instruction comprises a signature algorithm instruction and a hash algorithm instruction, the execution module comprises a general unit, a signature algorithm unit and a hash algorithm unit, the general unit is configured to receive the operand and complete corresponding operation when the current instruction is the general instruction, the signature algorithm unit is configured to receive the operand and complete corresponding operation when the current instruction is the signature algorithm instruction, and the hash algorithm unit is configured to receive the operand and complete corresponding operation when the current instruction is the general instruction.
In some embodiments, the instruction length of the extended instruction is 32 bits, the least significant bit is 0 th bit and the most significant bit is 31 st bit, the instruction format of the extended instruction is that the 0 th bit to the 6 th bit are opcode fields and represent operation codes of the instruction, the 7 th bit to the 11 th bit are rd fields and represent destination register indexes of the instruction, the 12 th bit to the 14 th bit are funct3 fields, the 15 th bit to the 19 th bit are rs1 fields and represent register indexes of a first source operand, the 20 th bit to the 24 th bit are rs2 fields and represent register indexes of a second source operand, the 25 th bit to the 31 th bit are funct fields, and the 5 th bit of the funct field is the rs3 field and represents the register index of a third source operand.
In some embodiments, the signature algorithm instructions include finite field modulo addition operation instructions, finite field modulo subtraction operation instructions, finite field modulo multiplication operation instructions, and finite field modulo inverse operation instructions.
In some embodiments, the signature algorithm unit is configured to:
When the current instruction is the finite field modulo addition instruction, taking the first source operand as an addend, taking the second source operand as an addend, taking the third source operand as a modulus, executing finite field modulo addition operation, and writing an operation result into the register file according to the write-back address;
Under the condition that the current instruction is the finite field modular subtraction operation instruction, taking the first source operand as a reduction number, taking the second source operand as a reduced number, taking the third source operand as a modulus, executing finite field modular subtraction operation, and writing an operation result into the register file according to the write-back address;
When the current instruction is the finite field modular multiplication operation instruction, taking the first source operand as a multiplier, taking the second source operand as a multiplicand, taking the third source operand as a modulus, executing the finite field modular multiplication operation, and writing an operation result into the register file according to the write-back address;
And under the condition that the current instruction is the finite field modular inversion operation instruction, taking the second source operand as a modulus, performing finite field modular inversion operation on the first source operand, and writing an operation result into the register file according to the write-back address.
In some embodiments, the hash algorithm instructions include a first permutation instruction, a second permutation instruction, a first cyclic shift instruction, a second cyclic shift instruction, a first intermediate value calculation instruction, a second intermediate value calculation instruction, and a third intermediate value calculation instruction.
In some embodiments, the hash algorithm unit is configured to:
And under the condition that the current instruction is the first replacement instruction, performing operation on a first source operand according to the following formula (1), and writing an operation result into the register file according to the write-back address:
P0(X)=X⊕(X<<<9)⊕(X<<<17); (1)
Wherein X represents a first source operand of the current instruction, P 0 (X) represents an operation result of the current instruction, < < < represents a cyclic shift left operation, and a-bar represents an exclusive OR operation;
And under the condition that the current instruction is the second replacement instruction, performing operation on a first source operand according to the following formula (2), and writing an operation result into the register file according to the write-back address:
P1(X)=X⊕(X<<<15)⊕(X<<<23); (2)
when the current instruction is the first cyclic shift instruction, taking the first source operand as a to-be-shifted operand, taking the second source operand as a cyclic shift bit number n, performing n-bit cyclic right shift operation on the to-be-shifted operand, and writing a shift result into the register file according to the write-back address;
When the current instruction is the second cyclic shift instruction, taking the first source operand as a to-be-shifted operand, taking the second source operand as a cyclic shift bit number n, performing n-bit cyclic left shift operation on the to-be-shifted operand, and writing a shift result into the register file according to the write-back address;
And under the condition that the current instruction is the first intermediate value instruction, performing operation on the first source operand to the third source operand according to the following formula (3), and writing an operation result into the register file according to the write-back address:
Wherein FG j (X, Y, Z) represents the result of the operation, j represents the current round number, and 0≤j≤15, the box represents an exclusive OR operation, X represents the first source operand of the current instruction, Y represents the second source operand of the current instruction, Z represents the third source operand of the current instruction;
and under the condition that the current instruction is the second intermediate value instruction, performing operation on the first source operand to the third source operand according to the following formula (4), and writing an operation result into the register file according to the write-back address:
FFj(X,Y,Z)=(X&Y)|(X&Z)|(Y&Z); (4)
Wherein FF j (X, Y, Z) represents the result of the operation, j represents the current round number, and 16≤j≤63, & represents an exclusive OR operation, | represents a logical OR operation, X represents the first source operand of the current instruction, Y represents the second source operand of the current instruction, Z represents the third source operand of the current instruction;
and under the condition that the current instruction is the third intermediate value instruction, performing operation on the first source operand to the third source operand according to the following formula (5), and writing an operation result into the register file according to the write-back address:
GGj(X,Y,Z)=(X&Y)|(~X&Z); (5)
Wherein FF j (X, Y, Z) represents the result of the operation, j represents the current round number, and 16≤j≤63, & represents an exclusive OR operation, |represents a logical OR operation, & gt represents a logical NOT operation, X represents the first source operand of the current instruction, Y represents the second source operand of the current instruction, and Z represents the third source operand of the current instruction.
In some embodiments, the extended instructions are embedded in the C program insn pseudo instructions and packaged as interface functions for the application to call.
In some embodiments, the external module includes an instruction register, a data register, an AHB2APB synchronous bridge, and an external device connected to the AHB2APB synchronous bridge via an APB bus.
In some embodiments, a branch prediction module is also included, the branch prediction module coupled with the finger fetch module and the register file.
The embodiment of the disclosure also provides electronic equipment, which at least comprises an extended instruction processor architecture supporting the TESLA protocol.
The embodiment of the disclosure has the beneficial effects that the custom extended instruction is designed for two types of cryptographic algorithms related to the TESLA protocol, and the hardware logic unit corresponding to the extended instruction is arranged in the execution module, so that the RISC-V can quickly, efficiently and simply realize the signature algorithm and the hash algorithm at the instruction level, the development difficulty of the TESLA protocol is effectively reduced, the navigation authentication process based on the TESLA protocol is completed by using less code quantity and less running time, and the execution efficiency of the navigation authentication process is effectively improved.
Drawings
For a clearer description of one or more embodiments of the present description or of the solutions of the prior art, the drawings that are necessary for the description of the embodiments or of the prior art will be briefly described, it being apparent that the drawings in the description that follow are only some of the embodiments described in the description, from which, for a person skilled in the art, other drawings can be obtained without inventive faculty.
FIG. 1 is a schematic diagram of a processor architecture supporting extended instructions of the TESLA protocol in a first embodiment of the present disclosure.
Detailed Description
In order to enable a person skilled in the art to better understand the technical solutions in one or more embodiments of the present specification, the technical solutions in one or more embodiments of the present specification will be clearly and completely described below with reference to the drawings in one or more embodiments of the present specification, and it is obvious that the described embodiments are only some embodiments of the present specification, not all embodiments. All other embodiments, which can be made by one or more embodiments of the present disclosure without inventive faculty, are intended to be within the scope of the present disclosure.
Currently, the global satellite navigation system (GNSS) is mainly a GPS system in the united states, a GLONASS system in russia, a Galileo system in europe, and a BDS system in china, and has entered a stage of rapid development and application. However, in recent years, with the increasing progress of the fraud technology, the risk of being spoofed by GNSS is also increasing. For this reason, navigation authentication technology is becoming a research hotspot, and has been applied in GNSS basic systems. For example, the Galileo system E1-B1 frequency point has begun to formally provide free open signal navigation information authentication (OSNMA) service in 2023, GPS is testing an encryption spreading code authentication (CHIMERA) scheme applicable to the GPSL1C signal, and the japan QZSS system has also developed an on-orbit experiment for message authentication in the L1S frequency point.
OSNMA implementation of the authentication scheme is based on the TESLA protocol, a secure authentication protocol for streaming data, designed to improve unreliable broadcast channels, to deliver messages to multiple recipients in an efficient, highly secure manner, using a technique called "clock chaining" for message integrity and authenticity verification. And meanwhile, a symmetric key delay broadcasting technology is used for providing asymmetry of information in time.
The security and integrity of the TESLA protocol are ensured by two types of cryptographic algorithms, namely a signature algorithm and a hash algorithm, wherein the signature algorithm is mainly based on an ECDSA based on an elliptic curve and an SM2 algorithm in a national cryptographic standard, and the hash algorithm is mainly based on an SM3 algorithm of SHA256 and the national cryptographic standard. Because the TESLA protocol is used for the navigation authentication, the required data volume is large, the calculation is complicated, the software processing time is long only by using the general processor, the code volume is also very large, the execution efficiency of the navigation authentication algorithm is seriously influenced, and the time cost and the memory occupation cost are relatively high.
To solve the above-mentioned problems, a first embodiment of the present disclosure provides an extended instruction processor architecture supporting a TESLA protocol for implementing a rapid and efficient TESLA protocol-based navigation authentication algorithm. The processor architecture of the present embodiment is designed based on a five-stage pipeline architecture, including fetch, decode, execute, memory access, and write-back stages. The method comprises the steps of taking an instruction from an instruction register by using a value of the instruction register as an address and storing the instruction in the instruction register in an instruction fetching stage, decoding the instruction in a decoding stage, reading a register file according to the decoded value to obtain a source operand of the instruction, completing a calculation task according to the type of the instruction, such as completing arithmetic operation on the instruction of an arithmetic type, completing address calculation on the instruction of an access storage type, and the like in an execution stage, accessing a memory in the access stage and executing the instruction of the access memory type (mainly load/store instruction), and writing a final result of the instruction into the destination register in a write-back stage if the destination register exists in the instruction.
Fig. 1 shows a schematic diagram of a processor architecture of the present embodiment, which mainly includes an instruction fetching module 10, a decoding module 20, an executing module 30, a memory accessing module 40, a write-back module 50, a register file 60, an external module 70 and an AHB bus 80 according to a five-stage pipeline design, and for application of navigation authentication, the present embodiment performs a custom extended instruction design for a signature algorithm and a hash algorithm involved in the TESLA protocol through analysis of the TESLA protocol and the RISC-V processor, so that the decoding module 20 in the present embodiment is configured to decode a current instruction fetched by the value fetching module 10, obtain an instruction type, an operand address and a write-back address, obtain an operand of the current instruction from the register file according to the operand address, and send the operand to the executing module according to the instruction type, wherein the instruction type includes a general instruction and an extended instruction, and the extended instruction includes the signature algorithm instruction and the hash algorithm instruction. Correspondingly, the execution module 30 comprises a general purpose unit 31, a signature algorithm unit 32 and a hash algorithm unit 33, the general purpose unit 31 being configured to receive operands and complete corresponding operations if the current instruction is a general purpose instruction, the signature algorithm unit 32 being configured to receive operands and complete corresponding operations if the current instruction is a signature algorithm instruction, the hash algorithm unit 33 being configured to receive operands and complete corresponding operations if the current instruction is a hash algorithm instruction.
In actual operation, the decode and execute modules of the general purpose processor do not support the decoding and execution of custom extended instructions, and therefore require modification of the decoder at the decode stage of the processor pipeline described above, allowing it to provide input operands to subsequent execute, memory access and writeback modules. In the execution stage, a signature algorithm unit and a hash algorithm unit are added on the basis of a general function unit, operands corresponding to the instruction are distributed to one of the general unit, the signature algorithm unit and the hash algorithm unit according to decoder output of a decoding module, and the unit is gated to complete instruction execution operation.
The extended instruction in this embodiment is defined according to the instruction format with reference to the RISC-V instruction set architecture, where the extended instruction has an instruction length of 32 bits, a least significant bit of 0 th bit and a most significant bit of 31 th bit, where the 0 th bit to the 6 th bit are opcode fields, representing the operation code of the instruction, the 7 th bit to the 11 th bit are rd fields, representing the destination register index of the instruction, the 12 th bit to the 14 th bit are funct rd fields, the 15 th bit to the 19 th bit are rs1 fields, representing the register index of the first source operand, the 20 th bit to the 24 th bit are rs2 fields, representing the register index of the second source operand, the 25 th bit to the 31 th bit are funct field, and the 5 th bit of the funct field is the rs3 field, representing the register index of the third source operand. .
In particular, in the navigation authentication process by using the TESLA protocol, a signature algorithm and a hash algorithm are two important cryptographic algorithms for ensuring the safety and the integrity of the protocol, wherein the signature algorithm mainly comprises an ECDSA based on an elliptic curve and an SM2 algorithm in a national cryptographic standard, and two operations of point addition and point multiplication on the elliptic curve are completed, and the four operations of modulo addition, modulo subtraction, modulo multiplication and modulo Inverse on a finite field are required to be repeatedly called, so that signature algorithm instructions for an extended instruction mainly comprise a finite field modulo addition operation instruction FMADD (FINITE FIELD Mod Add), a finite field modulo subtraction operation instruction FMSUB (FINITE FIELD Mod sub-transform), a finite field modulo multiplication operation instruction FMMUL (FINITE FIELD Modmultiple) and a finite field Inverse operation instruction FMINV (FINITE FIELD ModInverse). The hash algorithm is mainly an SM3 algorithm of SHA256 and a national cipher standard, and has similar algorithm structures, after message filling, message expansion and iterative compression, a hash value with a length of 256 bits is output, wherein the operation is more complicated by 64 rounds of message expansion and 64 rounds of iterative compression algorithm, therefore, in the embodiment, the hash algorithm instruction performs instruction expansion on the repeatedly called cyclic shift operation, the replacement functions P0 and P1 and FF and GG functions for calculating intermediate values in 64 rounds of iterative compression, and mainly comprises seven custom instructions, namely a first replacement instruction PF0, a second replacement instruction PH1, a first cyclic shift instruction RORN, a second cyclic shift instruction ROLN, a first intermediate value calculation instruction FGL, a second intermediate value calculation instruction FFH and a third intermediate value calculation instruction GGH.
According to the above-mentioned customized extension instruction, in combination with the instruction format of the extension instruction, the extension instruction may be encoded, as shown in table 1:
TABLE 1
It should be noted that the opcode field characterizes the current instruction as a custom extended instruction, its corresponding 0101011 values are reserved in RISC-V for custom instruction coding, other custom coding may be used in practice, 0101011 is only an example in this embodiment, the func3 field is coded according to sequence, and meanwhile, the 2bit coding in the lower bit of func7 is combined to distinguish different types of instructions, the rest is different according to the number of operands, the instruction of one operand uses rs1 only, the instruction of two operands uses rs1 and rs2, and some instructions need 3 operands, and then the index value of a third operand rs3 except rs1 and rs2 will be represented by the high 5bit of the func7 field.
Corresponding to the extended instruction design described above, the signature algorithm unit 32 is specifically configured to perform operations within the corresponding finite field based on the received operands and the signature algorithm instruction. The method comprises the steps of executing finite field modular addition operation by taking a first source operand as an addition number, taking a second source operand as an added number, taking a third source operand as a modulus, executing finite field modular addition operation by taking the third source operand as a multiplicand, writing an operation result into a register file according to a write-back address, executing finite field modular subtraction operation by taking the first source operand as a reduction number, taking the second source operand as a subtracted number, taking the third source operand as a modulus, writing an operation result into the register file according to the write-back address, taking the first source operand as a multiplier, taking the second source operand as a multiplicand, executing finite field modular multiplication operation by taking the third source operand as a modulus, writing an operation result into the register file according to the write-back address, and executing finite field modular subtraction operation by taking the second source operand as a modulus, and writing the operation result into the register file according to the write-back address.
The hash algorithm unit 33 is specifically configured to perform multiple rounds of permutation, displacement and intermediate value calculation operations based on the received operands and hash algorithm instructions. Specifically, in the case where the current instruction is a first permutation instruction, the first source operand is operated according to the following formula (1), and the operation result is written to the register file according to the write-back address:
P0(X)=X⊕(X<<<9)⊕(X<<<17); (1)
Wherein X represents a first source operand of the current instruction, P 0 (X) represents an operation result of the current instruction, < < < represents a cyclic shift left operation, and a-bar represents an exclusive OR operation;
In the case that the current instruction is a second permutation instruction, the first source operand is operated according to the following formula (2), and the operation result is written into the register file according to the write-back address:
P1(X)=X⊕(X<<<15)⊕(X<<<23); (2)
Under the condition that the current instruction is a first cyclic shift instruction, taking a first source operand as a to-be-shifted operand, taking a second source operand as a cyclic shift bit number n, performing n-bit cyclic right shift operation on the to-be-shifted operand, and writing a shift result into a register file according to a write-back address;
under the condition that the current instruction is a second cyclic shift instruction, taking the first source operand as a to-be-shifted operand, taking the second source operand as a cyclic shift bit number n, performing n-bit cyclic left shift operation on the to-be-shifted operand, and writing a shift result into a register file according to a write-back address;
In the case that the current instruction is a first intermediate value instruction, the first to third source operands are operated according to the following formula (3), and the operation result is written into the register file according to the write-back address:
Wherein FG j (X, Y, Z) represents the result of the operation, j represents the current round number, and 0≤j≤15, the box represents an exclusive OR operation, X represents the first source operand of the current instruction, Y represents the second source operand of the current instruction, Z represents the third source operand of the current instruction;
in the case that the current instruction is a second intermediate value instruction, the first to third source operands are operated according to the following formula (4), and the operation result is written into the register file according to the write-back address:
FFj(X,Y,Z)=(X&Y)|(X&Z)|(Y&Z); (4)
Wherein FF j (X, Y, Z) represents the result of the operation, j represents the current round number, and 16≤j≤63, & represents an exclusive OR operation, | represents a logical OR operation, X represents the first source operand of the current instruction, Y represents the second source operand of the current instruction, Z represents the third source operand of the current instruction;
In the case that the current instruction is a third intermediate value instruction, the first to third source operands are operated according to the following formula (5), and the operation result is written into the register file according to the write-back address:
GGj(X,Y,Z)=(X&Y)|(~X&Z); (5)
Wherein FF j (X, Y, Z) represents the result of the operation, j represents the current round number, and 16≤j≤63, & represents an exclusive OR operation, |represents a logical OR operation, & gt represents a logical NOT operation, X represents the first source operand of the current instruction, Y represents the second source operand of the current instruction, and Z represents the third source operand of the current instruction.
The invoking of the user-defined instruction in the assembly code of RISC-V architecture is realized by pseudo-instruction insn, which has certain defects in practical portability, readability and maintainability, and the invoking of the user-defined extended instruction in this embodiment adopts C program embedded insn pseudo-instruction and is packaged as interface function mode, and the invoking is only required to be performed according to the rule of C language in the subsequent application program, so that the invoking mode is simplified, and the maintainability of the user-defined instruction is optimized.
In some embodiments, the peripheral module 70 in the processor architecture includes an instruction register 71, a data register 72, an AHB2APB synchronous bridge 73, and an external device 75 connected to the AHB2APB synchronous bridge through an APB bus 74, as shown in fig. 1, in the actual design, the data bus and the instruction bus of the processor are independent, and two AHB host interfaces can access the data memory and the instruction memory in the SoC, and can also access other AHB slave devices. To improve access performance, two tightly coupled memories (Tightly Coupled Memory, TCM) are designed inside the processor for storing instructions and data, respectively. The high-speed AHB bus is connected with the low-speed APB bus through an AHB2APB synchronous bridge, and the UART, the TIMER TIMER, the GPIO and other peripheral devices are accessed through the APB bus.
In addition, in order to improve performance, the processor architecture of the present embodiment may further include a branch prediction module, which is connected to the instruction fetching module and the register file, and supports a static branch prediction function, so as to improve instruction processing efficiency.
According to the embodiment, the custom extended instruction is designed aiming at two types of cryptographic algorithms related to the TESLA protocol, and the hardware logic unit corresponding to the extended instruction is arranged in the execution module, so that the RISC-V can quickly, efficiently and simply realize the signature algorithm and the hash algorithm at the instruction level, the development difficulty of the TESLA protocol is effectively reduced, meanwhile, the navigation authentication process based on the TESLA protocol is completed by using less code quantity and less running time, and the execution efficiency of the navigation authentication process is effectively improved.
Based on the same inventive concept, a second embodiment of the present disclosure provides an electronic device, where the electronic device at least includes a processor architecture supporting an extended instruction of a TESLA protocol of the first embodiment of the present disclosure, for executing a navigation authentication algorithm, so as to ensure safe and effective use of satellite navigation services.
Finally, it should be noted that the foregoing embodiments are merely for illustrating the technical solutions of the present disclosure, and not for limiting the same, and although the present disclosure has been described in detail with reference to the foregoing embodiments, it should be understood by those skilled in the art that the technical solutions described in the foregoing embodiments may be modified or some or all of the technical features may be equivalently replaced, and these modifications or replacements do not make the essence of the corresponding technical solutions deviate from the scope of the technical solutions of the embodiments of the present disclosure.

Claims (10)

1.一种支持TESLA协议的扩展指令处理器架构,包括:取指模块、译码模块、执行模块、访存模块、写回模块、寄存器堆、外部模块以及AHB总线,其特征在于,1. An extended instruction processor architecture supporting the TESLA protocol, comprising: an instruction fetch module, a decode module, an execution module, a memory access module, a write-back module, a register file, an external module, and an AHB bus, characterized in that: 所述译码模块被配置为对所述取指模块所取到的当前指令进行解码,得到指令类型、操作数地址和写回地址,并根据所述操作数地址从所述寄存器堆中获取当前指令的操作数,并将所述操作数根据所述指令类型派发到所述执行模块,其中,所述指令类型包括通用指令和扩展指令,所述扩展指令包括签名算法指令和杂凑算法指令;The decoding module is configured to decode the current instruction fetched by the instruction fetch module to obtain an instruction type, an operand address, and a write-back address, obtain an operand of the current instruction from the register file according to the operand address, and dispatch the operand to the execution module according to the instruction type, wherein the instruction type includes a general instruction and an extended instruction, and the extended instruction includes a signature algorithm instruction and a hash algorithm instruction; 所述执行模块包括通用单元、签名算法单元和杂凑算法单元,所述通用单元被配置为在当前指令为所述通用指令的情况下接收所述操作数并完成相应运算,所述签名算法单元被配置为在当前指令为所述签名算法指令的情况下接收所述操作数并完成相应运算,所述杂凑算法单元被配置为在当前指令为所述杂凑算法指令的情况下接收所述操作数并完成相应运算。The execution module includes a general unit, a signature algorithm unit and a hash algorithm unit. The general unit is configured to receive the operand and complete the corresponding operation when the current instruction is the general instruction. The signature algorithm unit is configured to receive the operand and complete the corresponding operation when the current instruction is the signature algorithm instruction. The hash algorithm unit is configured to receive the operand and complete the corresponding operation when the current instruction is the hash algorithm instruction. 2.根据权利要求1所述的处理器架构,其特征在于,所述扩展指令的指令长度为32比特,最低有效位为第0位,最高有效位为第31位,所述扩展指令的指令格式为:2. The processor architecture according to claim 1, wherein the instruction length of the extended instruction is 32 bits, the least significant bit is bit 0, and the most significant bit is bit 31, and the instruction format of the extended instruction is: 第0位到第6位为opcode字段,表示指令的操作码;第7位到第11位为rd字段,表示指令的目的寄存器索引;第12位到第14位为funct3字段;第15位到第19位为rs1字段,表示第一个源操作数的寄存器索引;第20位到第24位为rs2字段,表示第二个源操作数的寄存器索引;第25位到第31位为funct7字段,所述funct7字段的最高5比特作为rs3字段,表示第三个源操作数的寄存器索引。Bits 0 to 6 are the opcode field, indicating the operation code of the instruction; bits 7 to 11 are the rd field, indicating the destination register index of the instruction; bits 12 to 14 are the funct3 field; bits 15 to 19 are the rs1 field, indicating the register index of the first source operand; bits 20 to 24 are the rs2 field, indicating the register index of the second source operand; bits 25 to 31 are the funct7 field, and the highest 5 bits of the funct7 field are used as the rs3 field, indicating the register index of the third source operand. 3.根据权利要求2所述的处理器架构,其特征在于,所述签名算法指令包括:有限域模加运算指令、有限域模减运算指令、有限域模乘运算指令以及有限域模逆运算指令。3. The processor architecture according to claim 2, wherein the signature algorithm instructions include: finite field modular addition operation instructions, finite field modular subtraction operation instructions, finite field modular multiplication operation instructions, and finite field modular inverse operation instructions. 4.根据权利要求3所述的处理器架构,其特征在于,所述签名算法单元被配置为:4. The processor architecture according to claim 3, wherein the signature algorithm unit is configured to: 在所述当前指令为所述有限域模加运算指令的情况下,以所述第一个源操作数作为加数,所述第二个源操作数作为被加数,以所述第三个源操作数作为模数,执行有限域的模加运算,并将运算结果根据所述写回地址写入至所述寄存器堆;When the current instruction is the finite field modular addition instruction, performing a finite field modular addition operation with the first source operand as an addend, the second source operand as an augend, and the third source operand as a modulus, and writing the operation result to the register file according to the write-back address; 在所述当前指令为所述有限域模减运算指令的情况下,以所述第一个源操作数作为减数,以所述第二个源操作数作为被减数,以所述第三个源操作数作为模数,执行有限域的模减运算,并将运算结果根据所述写回地址写入至所述寄存器堆;When the current instruction is the finite field modular subtraction instruction, performing a finite field modular subtraction operation with the first source operand as a subtrahend, the second source operand as a minuend, and the third source operand as a modulus, and writing the operation result to the register file according to the write-back address; 在所述当前指令为所述有限域模乘运算指令的情况下,以所述第一个源操作数作为乘数,以所述第二个源操作数作为被乘数,以所述第三个源操作数作为模数,执行有限域的模乘运算,并将运算结果根据所述写回地址写入至所述寄存器堆;When the current instruction is the finite field modular multiplication instruction, performing a finite field modular multiplication operation with the first source operand as a multiplier, the second source operand as a multiplicand, and the third source operand as a modulus, and writing the operation result to the register file according to the write-back address; 在所述当前指令为所述有限域模逆运算指令的情况下,以所述第二个源操作数作为模数,对所述第一个源操作数进行有限域模逆运算,并将运算结果根据所述写回地址写入至所述寄存器堆。In the case where the current instruction is the finite field modular inverse operation instruction, a finite field modular inverse operation is performed on the first source operand using the second source operand as the modulus, and the operation result is written to the register file according to the write-back address. 5.根据权利要求2所述的处理器架构,其特征在于,所述杂凑算法指令包括:第一置换指令、第二置换指令、第一循环位移指令、第二循环位移指令、第一中间值计算指令、第二中间值计算指令以及第三中间值计算指令。5. The processor architecture according to claim 2, wherein the hash algorithm instruction comprises: a first permutation instruction, a second permutation instruction, a first circular shift instruction, a second circular shift instruction, a first intermediate value calculation instruction, a second intermediate value calculation instruction, and a third intermediate value calculation instruction. 6.根据权利要求5所述的处理器架构,其特征在于,所述杂凑算法单元被配置为:6. The processor architecture according to claim 5, wherein the hash algorithm unit is configured to: 在所述当前指令为所述第一置换指令的情况下,根据如下公式(1)对第一个源操作数进行运算,并将运算结果根据所述写回地址写入至所述寄存器堆:When the current instruction is the first replacement instruction, the first source operand is operated according to the following formula (1), and the operation result is written to the register file according to the write-back address: P0(X)=X⊕(X<<<9)⊕(X<<<17); (1)P 0 (X)=X⊕(X<<<9)⊕(X<<<17); (1) 其中,X表示当前指令的第一个源操作数,P0(X)表示当前指令的运算结果,<<<表示循环左移操作,⊕表示异或运算;Where X represents the first source operand of the current instruction, P 0 (X) represents the operation result of the current instruction, <<< represents a circular left shift operation, and ⊕ represents an exclusive OR operation; 在所述当前指令为所述第二置换指令的情况下,根据如下公式(2)对第一个源操作数进行运算,并将运算结果根据所述写回地址写入至所述寄存器堆:When the current instruction is the second permutation instruction, the first source operand is operated according to the following formula (2), and the operation result is written to the register file according to the write-back address: P1(X)=X⊕(X<<<15)⊕(X<<<23); (2)P 1 (X)=X⊕(X<<<15)⊕(X<<<23); (2) 在所述当前指令为所述第一循环位移指令的情况下,以所述第一个源操作数作为将进行位移的待操作数,以所述第二个源操作数作为循环移位的位数n,对所述待操作数进行n位的循环右移操作,并将位移结果根据所述写回地址写入至所述寄存器堆;When the current instruction is the first circular shift instruction, using the first source operand as the operand to be shifted, using the second source operand as the number of bits n of circular shift, performing a circular right shift operation of n bits on the operand to be shifted, and writing the shifted result to the register file according to the write-back address; 在所述当前指令为所述第二循环位移指令的情况下,以所述第一个源操作数作为将进行位移的待操作数,以所述第二个源操作数作为循环移位的位数n,对所述待操作数进行n位的循环左移操作,并将位移结果根据所述写回地址写入至所述寄存器堆;When the current instruction is the second circular shift instruction, using the first source operand as the operand to be shifted and the second source operand as the number of bits n of circular shift, performing a circular left shift operation of n bits on the operand to be shifted, and writing the shifted result to the register file according to the write-back address; 在所述当前指令为所述第一中间值指令的情况下,根据如下公式(3)对第一个源操作数至第三个源操作数进行运算,并将运算结果根据所述写回地址写入至所述寄存器堆:When the current instruction is the first intermediate value instruction, operations are performed on the first source operand to the third source operand according to the following formula (3), and the operation results are written to the register file according to the write-back address: FGj(X,Y,Z)=X⊕Y⊕Z; (3)FG j (X,Y,Z)=X⊕Y⊕Z; (3) 其中,FGj(X,Y,Z)表示运算结果,j表示当前循环轮数,并且0≤j≤15,⊕表示异或运算,X表示当前指令的第一个源操作数,Y表示当前指令的第二个源操作数,Z表示当前指令的第三个源操作数;Where FG j (X, Y, Z) represents the operation result, j represents the current loop number, and 0≤j≤15, ⊕ represents an exclusive-OR operation, X represents the first source operand of the current instruction, Y represents the second source operand of the current instruction, and Z represents the third source operand of the current instruction; 在所述当前指令为所述第二中间值指令的情况下,根据如下公式(4)对第一个源操作数至第三个源操作数进行运算,并将运算结果根据所述写回地址写入至所述寄存器堆:When the current instruction is the second intermediate value instruction, operations are performed on the first source operand to the third source operand according to the following formula (4), and the operation results are written to the register file according to the write-back address: FFj(X,Y,Z)=(X&Y)|(X&Z)|(Y&Z); (4)FF j (X,Y,Z)=(X&Y)|(X&Z)|(Y&Z); (4) 其中,FFj(X,Y,Z)表示运算结果,j表示当前循环轮数,并且16≤j≤63,&表示异或运算,|表示逻辑或运算,X表示当前指令的第一个源操作数,Y表示当前指令的第二个源操作数,Z表示当前指令的第三个源操作数;Wherein, FF j (X, Y, Z) represents the operation result, j represents the current loop number, and 16≤j≤63, & represents an exclusive-or operation, | represents a logical-or operation, X represents the first source operand of the current instruction, Y represents the second source operand of the current instruction, and Z represents the third source operand of the current instruction; 在所述当前指令为所述第三中间值指令的情况下,根据如下公式(5)对第一个源操作数至第三个源操作数进行运算,并将运算结果根据所述写回地址写入至所述寄存器堆:When the current instruction is the third intermediate value instruction, operations are performed on the first source operand to the third source operand according to the following formula (5), and the operation results are written to the register file according to the write-back address: GGj(X,Y,Z)=(X&Y)|(~X&Z); (5)GG j (X,Y,Z)=(X&Y)|(~X&Z); (5) 其中,FFj(X,Y,Z)表示运算结果,j表示当前循环轮数,并且16≤j≤63,&表示异或运算,|表示逻辑或运算,~表示逻辑非运算,X表示当前指令的第一个源操作数,Y表示当前指令的第二个源操作数,Z表示当前指令的第三个源操作数。Wherein, FF j (X, Y, Z) represents the operation result, j represents the current loop number, and 16≤j≤63, & represents an exclusive-or operation, | represents a logical-or operation, ~ represents a logical-not operation, X represents the first source operand of the current instruction, Y represents the second source operand of the current instruction, and Z represents the third source operand of the current instruction. 7.根据权利要求1所述的处理器架构,其特征在于,所述扩展指令采用C程序内嵌.insn伪指令并封装为接口函数的方式供应用程序进行调用。7. The processor architecture according to claim 1, wherein the extended instruction is embedded in a C program as an .insn pseudo-instruction and encapsulated as an interface function for application program to call. 8.根据权利要求1至7中任一项所述的处理器架构,其特征在于,所述外部模块包括:指令寄存器、数据寄存器、AHB2APB同步桥以及与所述AHB2APB同步桥通过APB总线连接的外接设备。8. The processor architecture according to any one of claims 1 to 7, wherein the external module comprises: an instruction register, a data register, an AHB2APB synchronization bridge, and an external device connected to the AHB2APB synchronization bridge via an APB bus. 9.根据权利要求8所述的处理器架构,其特征在于,还包括分支预测模块,所述分支预测模块与所述取指模块和所述寄存器堆连接。9 . The processor architecture according to claim 8 , further comprising a branch prediction module, wherein the branch prediction module is connected to the instruction fetch module and the register file. 10.一种电子设备,其特征在于,至少包括:如权利要求1至9中任一项所述支持TESLA协议的扩展指令处理器架构。10. An electronic device, characterized by comprising at least: an extended instruction processor architecture supporting the TESLA protocol according to any one of claims 1 to 9.
CN202510886370.8A 2025-06-30 2025-06-30 An extended instruction processor architecture supporting the TESLA protocol Pending CN120832168A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202510886370.8A CN120832168A (en) 2025-06-30 2025-06-30 An extended instruction processor architecture supporting the TESLA protocol

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202510886370.8A CN120832168A (en) 2025-06-30 2025-06-30 An extended instruction processor architecture supporting the TESLA protocol

Publications (1)

Publication Number Publication Date
CN120832168A true CN120832168A (en) 2025-10-24

Family

ID=97397712

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202510886370.8A Pending CN120832168A (en) 2025-06-30 2025-06-30 An extended instruction processor architecture supporting the TESLA protocol

Country Status (1)

Country Link
CN (1) CN120832168A (en)

Similar Documents

Publication Publication Date Title
CN108702286B (en) Advanced Cryptographic Standard Accelerator Processor Resistant to Power Side-Channel Attacks
US6968445B2 (en) Multithreaded processor with efficient processing for convergence device applications
TWI705352B (en) Keyed-hash message authentication code processors, methods, systems, and instructions
CN112543095B (en) System, device, method, processor, medium and electronic device for processing instructions
US10142098B2 (en) Optimized SHA-256 datapath for energy-efficient high-performance Bitcoin mining
US10129018B2 (en) Hybrid SM3 and SHA acceleration processors
CN107851170A (en) Supports configurable security levels for memory address ranges
TWI517037B (en) Conditional execution support for isa instructions using prefixes
JP4817189B2 (en) Method, system and computer program for executing message digest instructions
US20180004242A1 (en) Low clock-energy 3-phase latch-based clocking scheme
CN109565438B (en) Hardware accelerator for hybrid encryption algorithm and system thereof
US8707013B2 (en) On-demand predicate registers
TWI842912B (en) Processing system, system-on-chip and method for performing arithmetic operations
US10140458B2 (en) Parallelized authentication encoding
US9118482B2 (en) Fault tolerant apparatus and method for elliptic curve cryptography
EP4569725A1 (en) Hardware-based implementation of secure hash algorithms
CN119654617A (en) Hardware-based Galois multiplication
US9996708B2 (en) SMS4 acceleration processors having encryption and decryption mapped on a same hardware
CN101911011B (en) Determine the system and method for the address of the element in showing
JP2025528781A (en) Data processing method using hash function, processor
CN120832168A (en) An extended instruction processor architecture supporting the TESLA protocol
WO2025036099A1 (en) Method and system for processing task to be processed, and storage medium and electronic apparatus
CN108027866B (en) SMS4 acceleration processor with round constant generation
CN118860494B (en) Address generation system
CN113868603B (en) Protection method, device, equipment and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination