CN-122018963-A - Deterministic recheckable hardware acceleration interface and version lifecycle management method, device and storage medium

Abstract

The invention discloses a method, a device and a storage medium for a vehicle-mounted terminal-oriented deterministic recheckable hardware acceleration interface. The terminal encapsulates a high-frequency basic operator (comprising at least one of abstract/hash, promise construction, finite field arithmetic or signature preprocessing) in verifiable calculation into a deterministic acceleration operator call, calls a field set which is input and referenced according to spec_ver (and optional codec_ver) to be normalized with coding rules and is bound with the referenced information of the policy_ver/spec_ver (and optional rule_ver/codec_ver), an acceleration unit outputs an acceleration result and consistency materials for rechecking, comprising a result abstract result and an optional execution track abstract trace, and a security component performs integrity protection operation on a binding field and the abstract to generate acceleration proof of a verifiable sign. The server side selects a rechecking caliber according to the version reference to execute consistency check on the result_digest and the trace_digest, so that the time delay and the energy consumption are reduced, and meanwhile, the cross-equipment consistency and rechecking performance are maintained. Preferably, the acceleration cell microcode or operator version acel_ver is lifecycle managed by trusted storage recording the permission list and binding with the anti-rollback counter, supporting revocation and grey scale switching.

Inventors

• HAO JUNLING

Assignees

• 郝彦博

Dates

Publication Date

20260512

Application Date

20260224

Claims (10)

1. 1. A deterministic recheckable hardware acceleration interface and version lifecycle management method is characterized by being executed by a vehicle-mounted terminal comprising a processor, a memory, a hardware acceleration unit and a safety component for providing a protected secret key, and comprises decomposing a task to be accelerated into at least one deterministic acceleration operator call, wherein input of the deterministic acceleration operator call is subjected to standardized coding according to a field set and coding rules referenced by a spec_ver (and optional codec_ver), a binding context is constructed before the hardware acceleration unit is invoked, the binding context at least comprises reference information of the policy_ver/spec_ver (and optional rule_ver/codec_ver), the hardware acceleration unit is invoked to execute the deterministic acceleration operator call to obtain an acceleration result, and consistency materials for rechecking are generated, the consistency materials at least comprise a result abstract and optionally comprise an execution track abstract digest, the safety component is triggered to execute the binding context to the binding context and the protective policy_ver/codec_ver, and the consistency acceleration operator is triggered to execute the consistency acceleration material to the corresponding document by the security component.
2. 2. A deterministic recheckable hardware acceleration interface and version lifecycle management apparatus comprising a processor, a memory, a hardware acceleration unit, and a security component, wherein the processor is configured to perform the method of claim 1.
3. 3. A computer readable storage medium having stored thereon a computer program which when executed by a processor implements the method of claim 1.
4. 4. The method of claim 1, wherein the deterministic acceleration operator call comprises at least one of digest/hash, merkle tree construction, commitment construction, finite field arithmetic, or signature preprocessing.
5. 5. The method of claim 1, wherein the consistency material further comprises an acceleration cell version identification acel_ver, and the acel_ver is incorporated with the binding context into the input of the integrity protection operation.
6. 6. The method of claim 1, wherein the hardware acceleration unit accepts only input from a controlled input buffer defined by a protected call interface or access control logic to prevent traffic side bypassing of a normalized code aperture, and the protected call interface includes deterministic scheduling and arbitration logic to drive accelerator calls in a fixed regular arbitration order, fixed timing and bounded queue management (and optional timeout semantics) to provide an predictable execution latency upper bound.
7. 7. The method of claim 1, wherein server-side consistency checking of the result_digest comprises at least inputting a recalculation digest of field sets and encoding rules referenced by the spec_ver (and optionally codec_ver) and checking consistency with the result_digest.
8. 8. The method of claim 1, wherein the trace_digest is a deterministic digest of an accelerated execution process and does not include a piece of data that can be used to restore original sensitive input.
9. 9. The method of claim 1, wherein to ensure server-side rechecking of the consistency material and cross-device consistency aperture, accelerating unit version lifecycle management at least includes maintaining an acel_ver permission list in trusted storage, binding acel_ver with anti-rollback counter reference information, and prohibiting generation of the result and/or trace_digest using the revoked acel_ver upon occurrence of a revocation event.
10. 10. The method of claim 1, wherein the terminal generates an exception audit record and writes failure_request and step_code when the version check fails or the consistency check fails, and triggers the security component to perform an integrity protection operation on the exception audit record digest to generate the audit credential.

Description

Deterministic recheckable hardware acceleration interface and version lifecycle management method, device and storage medium Technical Field The invention belongs to the field of verification computation and safe acceleration of vehicle-mounted terminals, and particularly relates to a deterministic recheckable hardware acceleration interface and version lifecycle management method, a device and a storage medium. Background In the scenes of evidence collection, gating, privacy protection audit, consistency review and the like of a vehicle-mounted terminal, high-frequency basic operators such as abstract/promise construction/finite field arithmetic/signature preprocessing and the like are often required to be executed. If the method is carried out by a general processor, time delay and energy consumption pressure can be brought, but if hardware acceleration is directly introduced and deterministic input and output caliber, version binding and rechecking materials are lacked, risks of inconsistent cross-equipment, difficult rechecking, falsified results of replaced modules and the like easily occur. Therefore, there is a need for a "fast and recheckable" acceleration interface that normalizes acceleration calls to a deterministic operator interface and outputs consistent material sufficient for rechecking, while implementing lifecycle management on the acceleration unit version to be revocable, gray-scale switchable and provided with anti-rollback constraints. Disclosure of Invention Object of the invention The deterministic recheckable hardware acceleration interface scheme is provided, so that the terminal can obtain acceleration benefits while still maintaining consistent caliber and rechecking performance across devices, and the replacement, degradation and rollback risks are restrained through version lifecycle management. (II) technical scheme The invention provides a deterministic rechecking hardware acceleration interface and version life cycle management method, which is executed by a vehicle-mounted terminal comprising a processor, a memory, a hardware acceleration unit and a safety component, as shown (schematically) in fig. 2, and comprises the following steps: 1) Decomposing a task to be accelerated into at least one deterministic acceleration operator call; 2) Normalized coding, namely performing normalized coding on input according to a field set and coding rules which are referenced by spec_ver (and optional codec_ver); 3) Version binding, namely constructing binding context at least comprising reference information of the policy_ver/spec_ver (and optional rule_ver/codec_ver); 4) The acceleration execution, namely calling a hardware acceleration unit to execute a deterministic operator, outputting an acceleration result, and generating a consistency material result_digest (and optional trace_digest); 5) Triggering a security component to execute integrity protection operation on the binding context and the consistency material to generate acceleration evidence capable of checking labels; 6) And (3) checking the server, namely selecting the checking caliber according to version quotation at the server side, performing consistency check on the consistency material, checking the signature, and outputting the receipt. (III) beneficial effects Compared with the prior art, the invention has at least the following technical effects: 1) The caliber drift caused by the difference of cross-equipment realization is reduced by binding a deterministic interface with a version; 2) The server side rechecking capability is enhanced through the output of consistency materials such as result_digest/trace_digest; 3) Performing integrity protection on the binding field and the abstract through the security component, and inhibiting falsification of the replacement module; 4) And long-term operability and controllability are improved through accel_ver life cycle management and rollback prevention constraint. Drawings For the purpose of illustrating the technical solutions of the invention, the drawings are for illustrative purposes and equivalent substitutions can be made by those skilled in the art without departing from the spirit of the invention. Fig. 1 is a schematic diagram of the overall structure of a deterministic recheckable hardware acceleration interface, fig. 2 is a schematic diagram of the acceleration operator call version binding and rechecking material output flow, and fig. 3 is a schematic diagram of deterministic scheduling and arbitration (bounded queue and timeout semantics) timing sequences. Detailed Description Embodiments of the present invention will be described in more detail below with reference to the accompanying drawings. 5.0 Terminology and definitions (examples) To facilitate alignment of the audit with engineering implementations, implementations such as "deterministic operator/canonical code/version lifecycle/consistency material/accelerated certification" referred to herein are p