CN-121997316-A - Method for supporting concurrent execution of multiple trusted execution environments based on RISC-V

Abstract

The invention discloses a method for supporting concurrent execution of multiple trusted execution environments based on RISC-V, which comprises the following steps of firstly, creating a trusted execution environment, building a Group, building a master-slave relationship, proving that the self-executed calculation process of each participating trusted execution environment accords with the expectations by a security monitor before joining the Group, calculating a Group Key in the security monitor by a master Enslave through an HMAC security algorithm, and distributing the Group Key to a slave Enslave, secondly, building a master-slave trust framework, wherein the master trusted execution environment is responsible for coordinating data distribution, aggregation and access control strategy management, and the rest slave trusted execution environments are used as cooperative nodes to execute specific data processing tasks, and thirdly, adopting a trusted shared memory mechanism supported by the Keystone-Enslave as a communication channel when the master Enslave performs data interaction. The invention obviously improves the data processing performance and the system throughput, and has the characteristics of high performance, high throughput, strong safety and high expandability.

Inventors

• ZHU CHANGPENG
• HAN BO
• YANG XIN
• BAI HAO

Assignees

• 重庆理工大学
• 西交网络空间安全研究院

Dates

Publication Date

20260508

Application Date

20251219

Claims (9)

1. 1. A method for supporting concurrent execution of a RISC-V based multi-trusted execution environment, comprising the steps of; Before a collaboration task is initiated among a plurality of Keystone-Enclave trusted execution environments, a security engine sequentially creates the trusted execution environments, establishes a Group, and establishes a master-slave relationship, wherein the Group is provided with a unique creation engine identification (engine id); The master Enclave calculates a Group Key in a security monitor through an HMAC security algorithm, and distributes the Group Key to the slave Enclave; only the slave trusted execution environment party that passes identity authentication and holds the valid Group Key distributed by the master enclaspe during the creation phase can participate in subsequent data interactions; After the establishment of the security Group is completed, establishing a master-slave trust architecture, wherein a master trusted execution environment is responsible for coordinating data distribution, aggregation and access control policy management, and the rest slave trusted execution environments are used as cooperative nodes to execute specific data processing tasks; And thirdly, when data interaction is carried out between the master Enclave and the slave Enclave, adopting a trusted shared memory mechanism supported by the Keystone-Enclave as a communication channel, and exchanging all data transmitted across the Enclave through a memory area.
2. 2. The method for supporting concurrent execution of multiple trusted execution environments based on RISC-V according to claim 1, wherein in the first step, the calculation process executed by the apparatus proves to be expected, and the specific flow is as follows: First, a slave trusted execution environment desiring to join a Group will generate a cryptographic proof report; Second, the master trusted execution environment in the Group is verified in the security monitor with the cryptographic proof report to verify that the metric value does originate from a real trusted execution environment and meets the requirements of the slave trusted execution environment; Finally, the security monitor will add to the Group from the trusted execution environment.
3. 3. The method of claim 2, wherein the initial content of the generated cryptographic proof report is a metric value of the slave trusted execution environment, an id of the security engine, and a random number, the generated cryptographic proof report contains a hash metric value of the initial code and data thereof and is signed by the underlying security hardware using a platform private key, and the security monitor verifies the report by: The platform public key is used for checking the authenticity of the signature, then the measurement value in the generated cryptology demonstration report is compared and is completely matched with a pre-registered legal trusted reference value, and finally, only the trusted execution environment which passes the verification can be judged by the SM to run the correct code which accords with the expectation, thereby obtaining the qualification of joining the Group.
4. 4. A method of supporting concurrent execution of a RISC-V based multi-trusted execution environment as claimed in claim 3, wherein the HMAC security algorithm is calculated as: HMAC(K, m) = H( (K ⊕ opad) || H( (K ⊕ ipad) || m ) ); Where H is a hash function, K is a key, m is an input message, ipad and opad are fixed padding constants.
5. 5. The method for supporting concurrent execution of multiple trusted execution environments based on RISC-V according to claim 4, wherein in IPFS data uploading scene, the master enclaspe receives original plaintext data, completes encryption processing in Keystone-enclaspe and externally sends ciphertext data into an inter-process shared memory, and in IPFS data downloading scene, the master enclaspe uniformly receives ciphertext data blocks from a IPFS network, distributes the ciphertext data blocks to the slave enclaspes through the trusted shared memory for parallel decryption to obtain plaintext data, and finally completes secure plaintext data aggregation by the master enclaspe through the trusted shared memory.
6. 6. The method for supporting concurrent execution of multiple trusted execution environments based on RISC-V according to claim 5, wherein in the second step, the main trusted execution environment is responsible for coordinating data distribution, aggregation and access control policy management, which comprises the following specific steps: The method comprises the steps that a master Enclave is used as a coordination core, data distribution is firstly carried out, ciphertext data blocks are distributed according to a preset strategy, data are distributed to slave Enclaves through a trusted memory buffer zone, and after the data blocks are distributed to slave trusted execution environments, the master trusted execution environment also processes one ciphertext block; finally, according to a preset plaintext using mode, clearing the plaintext immediately after the use of the plaintext is finished; the specific task executed from the trusted execution environment is encryption and decryption calculation, ciphertext data block acquisition and plaintext data block submission operation.
7. 7. The method for supporting concurrent execution of multiple trusted execution environments based on RISC-V according to claim 6, wherein the specific method steps for decrypting ciphertext data blocks in the trusted execution environment are as follows: When the system acquires all corresponding ciphertext data blocks { C 1 , C 2 , ..., C n } from IPFS networks according to the target root CID_root, and transmits the ciphertext data blocks { C 1 , C 2 , ..., C n } into a Keystone-energy trusted execution environment, the system uses a safely stored secret key k to decrypt the ciphertext through P i = Decrypt(k, C i ) in the trusted execution environment, and uses the ciphertext data blocks immediately after aggregation and recombination into an original plaintext file, and after the use is completed, safety erasure is performed on all plaintext data and the temporary secret key immediately, so that no information residue is ensured.
8. 8. The method for supporting concurrent execution of multiple trusted execution environments based on RISC-V according to claim 7, wherein in the third step, the flow of the specific interaction of data is as follows: When the master enclaspe acquires the ciphertext data, the data blocks are distributed from the trusted shared buffer area to the slave enclaspes according to load balancing, the slave enclaspes return the plaintext data from the trusted shared buffer area to the master enclaspes after decryption is completed, and the master enclaspes acquire the plaintext data and aggregate the plaintext data.
9. 9. A method of supporting concurrent execution of a RISC-V based multi-trusted execution environment as set forth in claim 8, The master Enclave puts a ciphertext data BLOCK into the STM through set_stm_en (block_id, en_block_content), at the same time, notifies the slave Enclave that the ciphertext data is acquired from the STM through get_stm_en (), acquires the ciphertext data BLOCK from the STM through get_stm_en (), and has been taken by the master Enclave ciphertext data, after obtaining plaintext through decryption, puts the plaintext into the STM using set_stm_de (block_id, de_block_content), and notifies the master Enclave that the plaintext data is ready, and the master Enclave takes the plaintext data BLOCK through get_stm_de (block_id).

Description

Method for supporting concurrent execution of multiple trusted execution environments based on RISC-V Technical Field The invention relates to the technical field of data transmission, in particular to a method for supporting concurrent execution of a multi-trusted execution environment based on RISC-V. Background Keystone-Enclave is a framework for constructing a trusted execution environment based on a RISC-V (reduced instruction set) architecture, and is used for dividing, protecting and controlling access to memory areas through a hardware-supported isolation mechanism, so that a highly trusted execution environment is provided, and an application running in the trusted execution environment has independent memory areas which are inaccessible to external codes, thereby preventing memory leakage and data tampering. IPFS (INTERPLANETARY FILE SYSTEM, interstellar file system) is a content-addressable, point-to-point, distributed file system. With the continuous development of computing technology, data security and privacy protection become a key issue. The use of Keystone-enclaspe and IPFS fusion techniques to upload/download IPFS files of the storage network enhances its security with the purpose of preventing tampering with the uploaded source file or downloaded file from being tampered with maliciously. However, the method depends on the computing power of the trusted execution environment, and the computing power of the single trusted execution environment is weaker, so that the performance is improved. From the aspects of performance enhancement and safety guarantee, the performance of the system is improved by using a multiple trusted execution environment concurrence of Keystone-Enclave. The Keystone-Enclave trusted execution environment has the capability of multiple trusted execution environments to concurrently interact with data, and the existing technology of Keystone-Enclave can only ensure the trusted environment of the Keystone-Enclave trusted execution environment, the data security in the trusted environment and the data interaction security, but does not ensure the data source, the security of the whole data process and the mutual trust proof among the trusted execution environments. Disclosure of Invention In order to overcome the defects in the prior art, the invention provides a method for supporting concurrent execution of multiple trusted execution environments based on RISC-V, which remarkably improves data processing performance and system throughput by the concurrent execution of the multiple trusted execution environments based on RISC-V and has the characteristics of high performance and throughput, strong safety and high expandability. In order to achieve the above purpose, the technical scheme adopted by the invention is as follows: A method for supporting concurrent execution of a RISC-V based multi-trusted execution environment, comprising the steps of; Before initiating a cooperation task among a plurality of Keystone-Enclave trusted execution environments, firstly, creating the trusted execution environments in sequence by a security engine, building a Group, and establishing a master-slave relationship, wherein the Group is provided with a unique creation engine identifier (engine id); Only the slave trusted execution environment party passing identity authentication and holding the valid Group Key distributed by the master Enclave in the creation stage can participate in subsequent data interaction, thereby ensuring that each Enclave participating in IPFS data processing is legal and trusted; After the establishment of the security Group is completed, establishing a master-slave trust architecture, wherein a master trusted execution environment (MASTER ENCLAVE) is responsible for coordinating data distribution, aggregation and access control policy management, and the rest slave trusted execution environments (SLAVE ENCLAVE) are used as cooperative nodes for executing specific data processing tasks; In the IPFS data downloading scene, the master encyclove uniformly receives ciphertext data blocks from IPFS networks, distributes the ciphertext data blocks to the slave encycloves through a trusted shared memory for parallel decryption to obtain plaintext data, and finally completes safe plaintext data aggregation through the master encyclove through the trusted shared memory; And thirdly, when data interaction is carried out between the master Enclave and the slave Enclave, adopting a trusted shared memory (Shared Trusted Memory) mechanism supported by Keystone-Enclave as a communication channel, wherein all data transmitted across the Enclave are exchanged through a protected memory area, and the protected memory area can ensure safe plaintext data transmission. In the first step, the calculation process executed by the self is proved to be expected, and the specific flow is as follows: First, a slave trusted execution environment (prover) desiring to join the Group will