Haiguang Integrates Security Function Modules into General-Purpose CPUs for Better Replacement of External Encryption Cards

Click the blue text to follow us

  In 2022, facing the rapid evolution of global changes and the impact of the COVID-19 pandemic, under the strong leadership of the Party Central Committee with Xi Jinping at its core, various regions and departments efficiently coordinated epidemic prevention and control with economic and social development, increasing macro-control efforts to respond to unexpected factors. Overall, industrial production remained stable throughout the year, and new growth drivers continued to develop, providing a solid guarantee for maintaining stability in the economic and social landscape.   

Recently, Haiguang Information Technology Co., Ltd. (hereinafter referred to as “Haiguang”) updated the security functions of its CPUs by integrating security function modules into its general-purpose processors. Users can update the security functions of Haiguang by downloading the root certificate from the official Haiguang website, thereby activating certain security module functions within the CPU.

 In application scenarios such as data transfer and storage, there are high encryption requirements for data transmission and management. In such cases, encryption management of information requires a combination of software and hardware encryption technologies. Due to the higher reliability of hardware encryption, leading international CPU manufacturers like Intel and AMD have designed hardware encryption functions into their products. In data center scenarios, some users configure additional encryption cards in servers to meet the encryption application level required in these scenarios. This approach can lead to a certain degree of loss in the data computation and transmission efficiency of the server itself.

 At a recent industry exchange event, Haiguang’s information security technology expert He Liangjie shared their achievements and latest progress in chip security performance. He Liangjie introduced that Haiguang’s CPU design includes an independent security processor, where the CCP computing unit acts as a cryptographic acceleration engine, enhancing encryption capabilities through hardware true random number generation. The security processor has higher security privileges for implementing chip security management. At the same time, the separate security processor core within the CPU can reduce the consumption of CPU main core computing resources for cryptographic operations, thereby improving the overall computing speed of the CPU.

 It is understood that Haiguang’s processor security computing architecture CSCA (C86 Security Computing Architecture) encompasses 11 security technologies, including secure keys, security processors, secure boot, secure storage, key management and usage, dynamic measurement protection, memory encryption, confidential computing, cryptographic computation, support for trusted computing standards, and chip security protection. Experts state that the comprehensive selection of these technologies can achieve overall security from the underlying firmware to the upper application software, thereby replacing the external encryption cards originally used by server vendors.

 Among these, the secure key technology refers to the need for secure keys within the processor to implement some very important security functions, such as secure boot. The secure boot function uses the built-in keys of the chip to verify and decrypt the firmware, ensuring that only legitimate firmware can run on the chip. The secure keys of the chip are managed by the chip manufacturer, and it is essential to ensure that these keys are not leaked or stolen. Haiguang processors implement functions such as secure boot through secure keys within the chip, ensuring that unauthorized firmware cannot run on Haiguang chips. Through secure key injection and management processes, it ensures that the secure keys of the chip are not leaked or stolen at various stages of programming and usage.

 Secure storage is a security technology that leading CPU companies currently pay great attention to. The core of information system security is data security. Technologies such as memory encryption and confidential computing ensure the safety of data in memory. When large amounts of data are processed and stored on external media such as hard drives, their security must also be guaranteed, so that even if unauthorized users gain access to the hard drive, they cannot obtain the data within. Haiguang CPUs adopt the industry mainstream solution based on Trusted Platform Module (TPM) to store data encryption keys, binding the usable state of the keys to the trusted state of the system. The keys can only be used when the system is unaltered and in a trusted state, ensuring the security of the keys.

 Dynamic measurement protection technology is a relative improvement over traditional static measurement technology. Static measurement technology can protect the security of a program at startup but cannot ensure that the program remains secure during execution. External tampering attacks on the program during runtime pose significant security risks to the system. The dynamic measurement protection function provided by Haiguang CPUs can continuously monitor the program during execution, taking timely security measures when anomalies are detected. The organic combination of static and dynamic measurement can provide comprehensive protection for the system.

 Author: Ji Xiaoting Source: China Electronics News, Electronic Information Industry Network

Haiguang Integrates Security Function Modules into General-Purpose CPUs for Better Replacement of External Encryption CardsChina Electronics Enterprise Association http://www.ceea.org.cn recommends reading this association’s public account, which currently has a member information column. We welcome all member units to actively submit articles. Please submit articles in Word document format along with photo materials, showcasing brand characteristics, value concepts, service content, recent technological innovations, major technological breakthroughs, industry honors, major activities, public welfare projects, excellent cases, successful experiences, etc.; send to the association’s email for review and scheduling. We look forward to your submissions! Email: [email protected]

Related posts

  1. ACROVIEW Programmer Supports ChipSea’s 32-bit Microcontroller CS32G051KCU
  2. ARM’s Open Licensing Strategy: A Necessary Shift Amidst Client Departures
  3. Japanese Netizen Disassembles SD Card: Instant Shock..
  4. Technical Return – Exploring the Principles of AES Encryption Algorithm
  5. Basic Introduction to Siemens S7-1200 Storage Card
  6. Practical Guide to Integrating and Applying the National Encryption Algorithm SM4 in Financial Systems
  7. Understanding Encryption Algorithms Through Number Theory
  8. Industrial IoT System Integration: Application of S7-1500 in Smart Factories
  9. Envisioning the New Territory of the Future
  10. Daily Cool: Bluetooth Calling Gloves
  11. STM32 vs Arduino: Why Won’t Your LED Light Up?
  12. Homomorphic Encryption Algorithms and Engineering Computation (Machine Learning, Privacy Computing)
  13. Understanding the if Statement: A Deep Dive into C Language Control Structures
  14. Application and Practice of Siemens S7-1500 PLC in Recipe Control Systems
  15. Automotive Grade Testing of ECUs: DV Testing (Part 13: EMC Standards and Testing – 8)
  16. Practical Java Encryption and Decryption Algorithms: Applications of AES, RSA, and ECC in Protecting Sensitive Data – Essential Security Knowledge for Architects
  17. Complete Guide to Installing Nginx on Rocky Linux 9
  18. First Public Disclosure of Water-Damaged Vehicle Circuit Board Disassembly: 85% of Hidden Hazards Can Be Fatal
  19. Detailed Explanation of Simple Encryption Algorithms

Leave a Comment