基于FPGA数据采集的USBKey安全评估系统设计与实现

USBKey具有硬件加密功能,目前广泛应用在软件版权保护、网银支付、智能家居等重要场所,因此,对其安全性能的评估是十分重要的。基于FPGA数据采集的评估系统正是实现USBkey的安全性能评估的,同时在一定程度上弥补了现有的USBKey安全性能评估方法的缺点。该系统使用USBHUB连接PC机和USBkey,同时采用FPGA采集并解析USB数据包,这不但能够精确地捕获USBKey在进行算法调用时产生的功耗波形图,还能实现启动攻击设备和功耗采集设备时间和USB进行安全运算的时间的精确匹配,从而实现高效率地评估USBKey的安全性能。该系统已在实验室进行了验证,结果表明该系统的评估效果好,成功率高。

Design and Implementation of a USBkey Equipment Security Evaluation System Based on Real-time Acquisition of FPGA

USBKey has hardware security encryption function and is widely used in important places such as software copyright , online banking payment and Intelligent home system Therefore, the hardware security capability is an important evaluation index. The USBKey Equipment Security Evaluation System Based on Real-time Acquisition of FPGA is designed for evaluating the security capability, which also partly coversStheSshortages of currently existing methods. The system uses USBHUB to connect the PC and the USBKey and the FPGA to collect and analyze USB data packets, which can not only accurately capture the power waveforms that generated by the USBKey while running algorithms and also exactly matches the time interval between the time of turning on the attack equipment and the power -measurementSequipments and the time of starting to run algorithms. Thus the system can evaluate the security capability of the USBKey efficiently. The system was verified in the laboratory, and the result show that the effect is good and the success rate is high.