the dragon lizard conference discussed security ecology, and haiguang cpu showed three trump cards
2024-09-10
한어Русский языкEnglishFrançaisIndonesianSanskrit日本語DeutschPortuguêsΕλληνικάespañolItalianoSuomalainenLatina
recently, the dragon lizard conference security closed-door meeting was officially held in beijing, where more than 40 security experts from the industry gathered to discuss the construction of software and hardware security ecosystem. at the meeting, haiguang fully demonstrated its cpu cryptographic security technology, successfully breaking the "impossible triangle" of computational encryption with its advantages of low cost, high security, and high efficiency, and once again refreshed the security level of domestic hardware.
"in the past, we mainly used solutions such as soft encryption or dedicated encryption equipment in the process of information processing." he liangjie, an information security technology expert at haiguang, pointed out that these two encryption methods each have their advantages, but there is also a contradiction between cost, security and efficiency.
for example, when using a soft encryption solution, the procurement cost is relatively low, but it is difficult to meet the security and operating efficiency standards; when using special equipment such as encryption cards and encryption machines, the cost becomes very high, and there will also be bottlenecks in cryptographic operations and the inability to achieve elastic expansion, making it difficult to directly apply it in cloud computing scenarios.
"so we introduced a new solution in cpu security design," he liangjie revealed that the haiguang cpu has an integrated cryptography coprocessor (ccp) inside, and the underlying c86 instruction set can support cryptographic instructions. at the same time, through technologies such as cryptographic operation acceleration, key management and hct, it brings more advanced solutions to scenarios such as cloud and big data encryption.
according to he liangjie, compared with traditional encryption methods, haiguang cpu's cryptographic technology has six core advantages:
first, strong applicability. haiguang has rich experience in technical application in the field of information and innovation security, and has comprehensively upgraded the national encryption and other technical capabilities during the project promotion process, which makes haiguang cpu adaptable to the needs of all scenarios of information and innovation;
second, excellent performance. the performance of the signature verification function of the haiguang trusted cryptographic module is about three times that of traditional encryption cards, and has obvious computing advantages in algorithm scenarios such as sm3 and sm4;
third, safe and stable. traditional encryption cards are mostly plug-in-type, which may cause stability problems in some scenarios. the haiguang trusted cryptographic module is directly built into the cpu, making the use process safer and more stable.
fourth, good compatibility. haiguang cpu supports deployment scenarios such as containers and virtual machines, and is compatible with cloud platform management tools such as k8s and openstack, which can achieve fast and flexible dynamic expansion;
fifth, the software ecosystem is good. haiguang cpu provides a standard sdf interface and encapsulates the user interface of the cryptographic coprocessor through the hct engine, which can support mainstream cryptographic suites and achieve seamless migration;
sixth, the procurement cost is low. haiguang cpu users can make full use of the existing national secret computing resources, without the need to purchase additional basic hardware such as password cards, and can directly upgrade the solution.
according to feedback from the industry, the application value of haiguang's cryptographic technology solutions has not only been fully demonstrated in user scenarios, but has also been widely recognized by upstream and downstream industries.
at the conference, the representative of geer software also shared the commercial cryptographic applications and practices based on the haiguang platform. he introduced that through the perfect compatibility of haiguang cpu and domestic operating system, both parties achieved high security standards in the project and demonstrated excellent performance advantages. the overall operation effect was well received by the customer team.
at present, haiguang cpu has been widely used in major mainstream industries such as transportation, internet, finance, energy and communications due to its comprehensive advantages in security, performance, ecology, etc., and its shipment share ranks first in the market.
it is reported that as a member unit of the longxi community security alliance, haiguang will focus on participating in hardware cooperation plans in the future to contribute to driving industry innovation and development and jointly building a hardware security ecosystem.
