CN117714042A - Key capacity expansion system and key interaction method thereof - Google Patents
Key capacity expansion system and key interaction method thereof Download PDFInfo
- Publication number
- CN117714042A CN117714042A CN202311707741.9A CN202311707741A CN117714042A CN 117714042 A CN117714042 A CN 117714042A CN 202311707741 A CN202311707741 A CN 202311707741A CN 117714042 A CN117714042 A CN 117714042A
- Authority
- CN
- China
- Prior art keywords
- key
- processor
- transmission
- ciphertext
- plaintext
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 40
- 230000003993 interaction Effects 0.000 title claims abstract description 24
- 230000005540 biological transmission Effects 0.000 claims abstract description 171
- 238000004891 communication Methods 0.000 claims abstract description 4
- 238000004364 calculation method Methods 0.000 claims description 16
- 238000012217 deletion Methods 0.000 claims description 9
- 230000037430 deletion Effects 0.000 claims description 9
- 238000001514 detection method Methods 0.000 claims description 6
- 230000006870 function Effects 0.000 description 7
- 230000002452 interceptive effect Effects 0.000 description 6
- 238000012986 modification Methods 0.000 description 5
- 230000004048 modification Effects 0.000 description 5
- 230000000644 propagated effect Effects 0.000 description 3
- 238000012546 transfer Methods 0.000 description 3
- 238000010586 diagram Methods 0.000 description 2
- 230000006872 improvement Effects 0.000 description 2
- 230000003287 optical effect Effects 0.000 description 2
- 238000012545 processing Methods 0.000 description 2
- 230000006978 adaptation Effects 0.000 description 1
- 238000003491 array Methods 0.000 description 1
- 238000013475 authorization Methods 0.000 description 1
- 238000004422 calculation algorithm Methods 0.000 description 1
- 238000004590 computer program Methods 0.000 description 1
- 239000000835 fiber Substances 0.000 description 1
- 230000014509 gene expression Effects 0.000 description 1
- 230000006855 networking Effects 0.000 description 1
- 230000008569 process Effects 0.000 description 1
- 238000004080 punching Methods 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 238000012795 verification Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0863—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving passwords or one-time passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/088—Usage controlling of secret information, e.g. techniques for restricting cryptographic keys to pre-authorized uses, different access levels, validity of crypto-period, different key- or password length, or different strong and weak cryptographic algorithms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/30—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computing Systems (AREA)
- Theoretical Computer Science (AREA)
- Storage Device Security (AREA)
Abstract
The invention provides a key capacity expansion system and a key interaction method thereof, wherein the key capacity expansion system comprises: the system comprises a secure processor and a general processor, wherein the secure processor is in communication connection with the general processor, the general processor comprises a trusted secure operation environment, a first application program and a replay protection memory block, the first application program and the replay protection memory block are located in the secure operation environment, the general processor stores a trusted environment public key, the first application program stores a trusted environment private key, the trusted environment public key and the trusted environment private key are asymmetric key pairs, and the replay protection memory block is used for storing a ciphertext main key and a target ciphertext transmission key required by the secure processor. The invention ensures that the security of the secret key meets the requirement and does not greatly influence the transaction speed.
Description
Technical Field
The invention mainly relates to the technical field of information security, in particular to a key capacity expansion system and a key interaction method thereof.
Background
The sales terminal POS (Point of Sale) is an electronic device that can perform cashless consumption, pre-authorization, balance inquiry, transfer, etc. by networking with a financial institution, and is typically installed at a merchant terminal. And intelligence POS (Smart Point of Sale) is compared with traditional POS, not only can realize the payment of punching the card of traditional POS, but also include the functions such as scanning two-dimensional code payment and verification membership card ticket.
Currently, the general architecture of the intelligent POS is to use a general purpose Processor (Application Processor, AP) to run the Android system and a Secure Processor (SP) to run the financial system. The key needed by the security processor is usually stored in the FLASH of the own chip, so that the requirements of traditional transaction and most of service scenes can be met, but if the key capacity is required to be expanded, the FLASH chip is expanded outside the SP, or a large-capacity SP chip is selected. Both of these solutions result in increased costs and involve software and hardware modifications.
Disclosure of Invention
The invention aims to solve the technical problem of providing a key capacity expansion system and a key interaction method thereof, and solves the problem that the key capacity is limited by an SP terminal FLASH memory.
In order to solve the above technical problems, the present invention provides a key capacity expansion system, including: the system comprises a secure processor and a general processor, wherein the secure processor is in communication connection with the general processor, the general processor comprises a trusted secure running environment, a first application program and a replay protection memory block, the first application program and the replay protection memory block are positioned in the secure running environment, the general processor stores a trusted environment public key, the first application program stores a trusted environment private key, the trusted environment public key and the trusted environment private key are asymmetric key pairs, and the replay protection memory block is used for storing a ciphertext master key and a target ciphertext transmission key required by the secure processor; the general purpose processor and the security processor are configured to interact using the following interaction method: the general processor receives an original ciphertext transmission key, acquires the ciphertext master key from the replay protection memory block, and sends the original ciphertext transmission key and the ciphertext master key to the secure processor; the security processor generates the target ciphertext transmission key according to the original ciphertext transmission key and the ciphertext master key, and sends the target ciphertext transmission key to the general processor; the general processor encrypts the obtained target ciphertext transmission key through the trusted environment public key to obtain a first transmission key, the first transmission key is transmitted to the first application program, the first application program decrypts the first transmission key through the trusted environment private key to obtain the target ciphertext transmission key, and the target ciphertext transmission key is stored in the replay protection memory block.
Optionally, the general purpose processor and the security processor are further configured to interact using the following interaction method: the secure processor receives a plaintext master key, generates a random key in a secure environment, encrypts the plaintext master key through the random key to obtain the ciphertext master key, and sends the ciphertext master key to the general processor; the general processor receives the ciphertext master key, encrypts the obtained ciphertext master key through the trusted environment public key to obtain a first master key, transmits the first master key to the first application program, decrypts the first master key through the trusted environment private key to obtain the ciphertext master key, and stores the ciphertext master key to the replay protection memory block.
Optionally, the secure processor is further configured to generate the target ciphertext transmission key using: the security processor decrypts the ciphertext master key through the random key to obtain the plaintext master key, decrypts the original ciphertext transmission key through the plaintext master key to obtain a plaintext transmission key, and encrypts the plaintext transmission key through the random key to obtain the target ciphertext transmission key.
Optionally, the secure processor is further configured to record an identification number of the plaintext transmission key in a local key index list after obtaining the plaintext transmission key.
Optionally, the general purpose processor and the secure processor are further configured to perform key self-checking by adopting the following method: the general processor reads all the target ciphertext transmission keys from the replay protection memory block and sends the target ciphertext transmission keys to the secure processor; the security processor decrypts one target ciphertext transmission key at a time through the random key to obtain the plaintext transmission key, judges whether the key checking value of the plaintext transmission key is correct, if so, records the identification number of the plaintext transmission key, then judges whether the key checking value of the next plaintext transmission key is correct, and if all the identification numbers of the plaintext transmission keys are consistent with the local key index list, sends a self-checking success signal to the general processor.
Optionally, the general purpose processor and the security processor are further configured to interact using the following interaction method: the general processor reads one target ciphertext transmission key from the replay protection memory block and sends the target ciphertext transmission key to the secure processor; the security processor decrypts the target ciphertext transmission key through the random key to obtain the plaintext transmission key, deletes the identification number of the plaintext transmission key in the local key index list after receiving a deletion instruction, and sends a deletion success signal to the general processor; and deleting the target ciphertext transmission key corresponding to the plaintext transmission key in the playback protection memory block according to the deletion success signal by the first application program in the general processor.
Optionally, the general purpose processor and the security processor are further configured to interact using the following interaction method: the general processor receives a calculation requirement, reads the target ciphertext transmission key corresponding to the calculation requirement from the replay protection memory block, and sends the target ciphertext transmission key and the calculation requirement to the secure processor; the secure processor decrypts the target ciphertext transmission key through the random key to obtain the plaintext transmission key, calculates the plaintext transmission key according to the calculation requirement, and sends a calculation result to the general processor.
Optionally, the general purpose processor and the secure processor are further configured to perform the same key data detection using the following method: after the secure processor obtains the plaintext transmission keys to be written, the general processor sends all the target ciphertext transmission keys in the replay protection memory block to the secure processor, the secure processor decrypts all the target ciphertext transmission keys, compares the plaintext transmission keys to be written with all the decrypted plaintext transmission keys, and deletes the plaintext transmission keys to be written if the plaintext transmission keys identical to the plaintext transmission keys to be written exist.
Optionally, the security processor is further configured to delete the random key when an attack signal is detected.
Optionally, the secure processor is further configured to send the attack signal to the general-purpose processor, and the general-purpose processor is further configured to notify the first application program to delete the data in the replay protection memory block after receiving the attack signal.
Optionally, the general processor is further configured to delete the trusted context public key upon receiving a factory set command.
Optionally, the general purpose processor is further configured to delete the trusted context public key upon receiving a delete the first application command.
In order to solve the technical problem, the present invention provides a key interaction method of a key capacity expansion system, where the key capacity expansion system includes a secure processor and a general processor, the general processor includes a trusted secure operating environment, a first application program, and a playback protection memory block, the general processor stores a trusted environment public key, the first application program stores a trusted environment private key, and the trusted environment public key and the trusted environment private key are asymmetric key pairs, and the key interaction method includes: the general processor receives an original ciphertext transmission key, acquires a ciphertext master key from the replay protection memory block, and sends the original ciphertext transmission key and the ciphertext master key to the secure processor; the security processor generates a target ciphertext transmission key according to the original ciphertext transmission key and the ciphertext master key, and sends the target ciphertext transmission key to the general processor; the general processor encrypts the obtained target ciphertext transmission key through the trusted environment public key to obtain a first transmission key, the first transmission key is transmitted to the first application program, the first application program decrypts the first transmission key through the trusted environment private key to obtain the target ciphertext transmission key, and the target ciphertext transmission key is stored in the replay protection memory block.
Compared with the prior art, the invention has the following advantages:
the key capacity expansion system of the invention has the advantages that the first application program and the replay protection memory block are positioned in the safe operation environment, the general processor stores the trusted environment public key, the first application program stores the trusted environment private key, and the target ciphertext transmission key is stored in the replay protection memory block of the general processor, so that the safety of the key is ensured to meet the requirement, and the problem that the key capacity is limited by the flash memory of the security processor is solved; the key interaction method of the key capacity expansion system ensures that the security of the key meets the requirement and does not have great influence on the transaction speed.
Drawings
The accompanying drawings, which are included to provide a further understanding of the application and are incorporated in and constitute a part of this application, illustrate embodiments of the application and together with the description serve to explain the principles of the invention. In the accompanying drawings:
fig. 1 is a system block diagram of a key capacity expansion system according to an embodiment of the present invention.
FIG. 2 is a flow chart of an interactive method of one embodiment of the key capacity expansion system of FIG. 1.
Fig. 3 is a flowchart of an embodiment of step S22 in fig. 2.
Fig. 4 is a flow chart of an interactive method of the key capacity expansion system of the preferred embodiment of fig. 2.
Fig. 5 is a flow chart of an interactive method of the key capacity expansion system of the preferred embodiment of fig. 2.
Detailed Description
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings that are used in the description of the embodiments will be briefly described below. It is apparent that the drawings in the following description are only some examples or embodiments of the present application, and it is obvious to those skilled in the art that the present application may be applied to other similar situations according to the drawings without inventive effort. Unless otherwise apparent from the context of the language or otherwise specified, like reference numerals in the figures refer to like structures or operations.
Currently, keys of the intelligent POS machine usually support hundreds of keys, are stored in a flash memory of an SP chip, and can meet most of application requirements, but if clients propose to support more keys, the current key capacity is expanded, and when the SP terminal does not plug-in the flash memory, the requirements cannot be met because the built-in flash memory of the SP terminal is very small (commonly 512KB/1 MKB).
The invention aims to solve the problem that the key capacity is limited by the SP-side flash memory capacity, and discloses a key capacity expansion system which stores a key in a trusted safe storage area of an AP side in an encrypted manner, and thoroughly discards the traditional mode of storing the key in the SP side, thereby freeing up more flash memory resources of the SP, meeting the safety requirement and not greatly influencing the transaction speed.
The following are meanings of some terms of art in this application:
the working key (Terminal Transmit Key, TTK), also known as the transmission key, is issued by the POS center to the POS machine each time the POS makes a check-in transaction. The working key must be encrypted with the master key in the online updated message, and transmitted after forming the ciphertext.
The master key (Terminal Master Key, TMK) is used to encrypt and decrypt the working key, enabling the working key to be transferred online.
P_ TMK (Plain TMK): plaintext master key
C_ TMK (Cipper TMK): ciphertext master key
P_ TTK (Plain TTK): plaintext transmission key
C_ TTK (Ciper TTK): cipher text transmission secret key
A_c_ TTK (AP Ciper TTK): target ciphertext transmission key stored in general purpose processor
teekeypub: trusted environment public key
teekeypri: trusted environment private key
Fig. 1 is a system block diagram of a key capacity expansion system according to an embodiment of the present invention. As shown in fig. 1, the key capacity expansion system 100 includes a general-purpose processor 11 and a secure processor 12. The general purpose processor 11 includes a trusted secure operating environment (Trusted execution environment, TEE) 111, a first application 112, and a replay protection memory block (Replay Protected Memory Block, RPMB) 113.TEE is a stand-alone processing environment with arithmetic and storage functions that provides security and integrity protection. The basic idea is to allocate an isolated memory for sensitive data in hardware separately, all the computation of sensitive data is performed in this memory, and other parts of the hardware, except for authorized interfaces, cannot access the information in this isolated memory. Thereby realizing privacy calculation of sensitive data. The playback-protected memory block 113 is readable and writable, but the reading and writing are access-controlled and playback-protected. The first application 112 and the replay protection memory block 113 are located in the secure operating environment 111. The general purpose processor 11 is communicatively coupled to the secure processor 12. Alternatively, the general-purpose processor 11 and the security processor 12 are connected through UART signal lines. The general processor 11 interacts with a first application 112 in the secure operating environment 111, and the secure operating environment 111 generates a trusted environment public key teekeypub and a trusted environment private key teekeypri, where the trusted environment public key and the trusted environment private key are asymmetric key pairs. The general purpose processor 11 stores a trusted context public key teekeypub and the first application 112 stores a trusted context private key teekeypri. The replay protection memory block 113 is configured to store a ciphertext master key c_tmk and a target ciphertext transfer key a_c_ttk required by the secure processor.
The key capacity expansion system of the invention has the advantages that the first application program and the replay protection memory block are positioned in the safe operation environment, the general processor stores the trusted environment public key, the first application program stores the trusted environment private key, and the target ciphertext transmission key is stored in the replay protection memory block of the general processor, so that the security of the key is ensured to meet the requirement, and the problem that the key capacity is limited by the flash memory of the security processor is solved.
FIG. 2 is a flow chart of an interactive method of one embodiment of the key capacity expansion system of FIG. 1. Wherein the general purpose processor (AP) and the Security Processor (SP) are configured to interact using the interaction method shown in fig. 2:
step S211: the general processor receives an original ciphertext transmission key C_TTK;
step S212: the ciphertext master key c_tmk is obtained from a replay protected memory block in a trusted secure operating environment (TEE). Illustratively, the first application program reads the ciphertext master key c_tmk from the replay protection memory block, encrypts the ciphertext master key c_tmk by the trusted environment private key teekeypri, sends the ciphertext master key c_tmk encrypted by the trusted environment private key teekeypri to the PayHardWareServiee, payHardWareServiee of the general processor, and decrypts the ciphertext master key c_tmk by the trusted environment public key teekeypub. The PayHardWareServie is an Android service of the general processor, is responsible for managing the security processor, abstracts the security processor functions, and provides related function interfaces for applications.
Step S213: transmitting the original ciphertext transmission key C_TTK and the ciphertext master key C_TMK to a secure processor;
optionally, in some embodiments, before step S211, further includes:
step S201: the security processor receives a plaintext master key P_TMK, generates a random key under a security environment, encrypts the plaintext master key P_TMK through the random key to obtain a ciphertext master key C_TMK, and sends the ciphertext master key C_TMK to the general processor;
step S202: the general processor receives a ciphertext main key C_TMK, encrypts the obtained ciphertext main key C_TMK through a trusted environment public key teekeypub to obtain a first main key, transmits the first main key to a first application program, decrypts the first main key through a trusted environment private key teekeypri to obtain the ciphertext main key C_TMK, and stores the ciphertext main key C_TMK into a replay protection memory block.
Step S22: the secure processor generates a target ciphertext transmission key A_C_TTK according to the original ciphertext transmission key C_TTK and the ciphertext master key C_TMK, and sends the target ciphertext transmission key A_C_TTK to the general processor.
Fig. 3 is a flowchart of an embodiment of step S22 in fig. 2. As shown in fig. 3, the secure processor generating the target ciphertext transmission key a_c_ttk from the original ciphertext transmission key c_ttk and the ciphertext master key c_tmk includes:
step S221: the secure processor decrypts the ciphertext master key C_TMK through the random key aprootkey to obtain a plaintext master key P_TMK;
step S222: the security processor decrypts the original ciphertext transmission key C_TTK through the plaintext master key P_TMK to obtain a plaintext transmission key P_TTK;
step S223: and encrypting the plaintext transmission key P_TTK through the random key aprotkey to obtain the target ciphertext transmission key A_C_TTK.
Optionally, the secure processor is further configured to record an identification number of the plaintext transmission key (plaintext transmission key ID) in the local key index list after obtaining the plaintext transmission key p_ttk.
Step S231: the general processor encrypts the acquired target ciphertext transmission key A_C_TTK through the trusted environment public key teekeypub to obtain a first transmission key, and transmits the first transmission key to the first application program;
step S232: the first application program decrypts the first transmission key through the trusted environment private key teekeypri to obtain a target ciphertext transmission key A_C_TTK, and the target ciphertext transmission key A_C_TTK is stored in the replay protection memory block.
Fig. 4 is a flow chart of an interactive method of the key capacity expansion system of the preferred embodiment of fig. 2. As shown in fig. 3, the interaction method 400 of the key capacity expansion system further includes:
step S411: the general purpose processor receives a computing demand. In this embodiment, the calculation requirement is to calculate the Message Authentication Code (MAC) of the target ciphertext transmission key a_c_ttk. The MAC generates a function value for K and m by taking as input a secret key K and a message m shared by both communication parties. The present application is not limited in the type of computational requirements.
Step S412: and reading the target ciphertext transmission key A_C_TTK corresponding to the calculation requirement from the replay protection memory block. Illustratively, the first application program reads the target ciphertext transmission key a_c_ttk from the replay protection memory block, encrypts the target ciphertext transmission key a_c_ttk through the trusted environment private key teekeypri, sends the target ciphertext transmission key a_c_ttk encrypted by the trusted environment private key teekeypri to the PayHardWareServiee, payHardWareServiee of the general processor, and decrypts the target ciphertext transmission key a_c_ttk through the trusted environment public key teekeypub. The PayHardWareServie is an Android service of the general processor, is responsible for managing the security processor, abstracts the security processor functions, and provides related function interfaces for applications.
Step S413: and sending the target ciphertext transmission key A_C_TTK and the calculation requirement to a secure processor.
Step S421: the secure processor decrypts the target ciphertext transmission key A_C_TTK through the random key aprootkey to obtain a plaintext transmission key P_TTK;
step S422: and calculating the plaintext transmission key P_TTK according to the calculation requirement, for example, calculating MAC data by using the plaintext transmission key P_TTK, and sending a calculation result to the general processor.
Fig. 5 is a flow chart of an interactive method of the key capacity expansion system of the preferred embodiment of fig. 2. As shown in fig. 5, the interaction method of the key capacity expansion system further includes performing a key self-check between a general processor (AP) and a Security Processor (SP), where the performing the key self-check between the general processor (AP) and the Security Processor (SP) includes:
step 51: the AP sends a secret key A_C_TTK to the SP by applying for extracting the secret key A_C_TTK from the TEE;
step 52: the SP checks whether a Key Check Value (KCV) of the Key A_C_TTK is correct or not, and transmits a Check result to the AP;
step 53: the AP judges a self-checking result, and if the KCV of the A_C_TTK is correct, further judges whether the key ciphertext list is completely transmitted or not; if not, resending the new key ciphertext to the SP, and if the sending is complete, entering the following steps:
step 54: the SP determines whether the self-checking key ID list and the local key index list are identical, and outputs the self-checking result to the AP.
Optionally, the interaction method of the key capacity expansion system further includes a key deletion operation, including:
1) The general processor reads an item of target ciphertext transmission key A_C_TTK from the replay protection memory block and sends the target ciphertext transmission key A_C_TTK to the security processor;
2) The security processor decrypts the target ciphertext transmission key A_C_TTK through the random key aprotkey to obtain a plaintext transmission key P_TTK, deletes the identification number of the plaintext transmission key in the local key index list after receiving a deletion instruction, and sends a 'deletion success signal' to the general processor;
3) And deleting the target ciphertext transmission key A_C_TTK corresponding to the plaintext transmission key P_TTK in the replay protection memory block by the first application program in the general processor according to the 'delete success signal'.
Optionally, the interaction method of the key capacity expansion system further includes the same key data detection, where the same key data detection includes: after the secure processor obtains the plaintext transmission keys to be written, the general processor sends all the target ciphertext transmission keys in the replay protection memory block to the secure processor, the secure processor decrypts all the target ciphertext transmission keys, compares the plaintext transmission keys to be written with all the decrypted plaintext transmission keys, and deletes the plaintext transmission keys to be written if the plaintext transmission keys identical to the plaintext transmission keys to be written exist. Wherein, judging whether the plaintext transmission key which is the same as the plaintext transmission key to be written exists or not includes judging whether the algorithm type, the key length and the key data are identical or not, if all are identical, judging that the same key exists. In other words, the plaintext transfer key to be written is already present in the replay protection memory block, and no duplicate writing is required.
Optionally, the interaction method of the key capacity expansion system further includes exception handling, and the exception handling includes:
(1) The secure processor is further configured to delete the random key upon detection of the attack signal, the ciphertext key stored by the general purpose processor losing the decryption key (random key) equivalent to the revocation.
(2) The secure processor is further configured to send an attack signal to the general purpose processor, the general purpose processor being further configured to notify the first application program to delete the data in the replay protected memory block after receiving the attack signal.
(3) The general purpose processor is further configured to delete the trusted context public key upon receiving the factory set command.
After the general lost trusted environment public key teerkeypub, the correct a_c_ttk key data cannot be obtained.
(4) The general purpose processor is further configured to delete the trusted context public key upon receipt of the delete first application command.
The key interaction method of the key capacity expansion system ensures that the security of the key meets the requirement and does not have great influence on the transaction speed.
While the basic concepts have been described above, it will be apparent to those skilled in the art that the above disclosure is by way of example only and is not intended to be limiting. Although not explicitly described herein, various modifications, improvements, and adaptations of the present application may occur to one skilled in the art. Such modifications, improvements, and modifications are intended to be suggested within this application, and are therefore within the spirit and scope of the exemplary embodiments of this application.
Meanwhile, the present application uses specific words to describe embodiments of the present application. Reference to "one embodiment," "an embodiment," and/or "some embodiments" means that a particular feature, structure, or characteristic is associated with at least one embodiment of the present application. Thus, it should be emphasized and should be appreciated that two or more references to "an embodiment" or "one embodiment" or "an alternative embodiment" in various positions in this specification are not necessarily referring to the same embodiment. Furthermore, certain features, structures, or characteristics of one or more embodiments of the present application may be combined as suitable.
Some aspects of the present application may be performed entirely by hardware, entirely by software (including firmware, resident software, micro-code, etc.) or by a combination of hardware and software. The above hardware or software may be referred to as a "data block," module, "" engine, "" unit, "" component, "or" system. The processor may be one or more Application Specific Integrated Circuits (ASICs), digital Signal Processors (DSPs), digital signal processing devices (DAPDs), programmable Logic Devices (PLDs), field Programmable Gate Arrays (FPGAs), processors, controllers, microcontrollers, microprocessors, or a combination thereof. Furthermore, aspects of the present application may take the form of a computer product, comprising computer-readable program code, embodied in one or more computer-readable media. For example, computer-readable media can include, but are not limited to, magnetic storage devices (e.g., hard disk, floppy disk, tape … …), optical disk (e.g., compact disk CD, digital versatile disk DVD … …), smart card, and flash memory devices (e.g., card, stick, key drive … …).
The computer readable medium may comprise a propagated data signal with the computer program code embodied therein, for example, on a baseband or as part of a carrier wave. The propagated signal may take on a variety of forms, including electro-magnetic, optical, etc., or any suitable combination thereof. A computer readable medium can be any computer readable medium that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. Program code located on a computer readable medium may be propagated through any suitable medium, including radio, cable, fiber optic cable, radio frequency signals, or the like, or a combination of any of the foregoing.
Likewise, it should be noted that in order to simplify the presentation disclosed herein and thereby aid in understanding one or more inventive embodiments, various features are sometimes grouped together in a single embodiment, figure, or description thereof. This method of disclosure, however, is not intended to imply that more features than are presented in the claims are required for the subject application. Indeed, less than all of the features of a single embodiment disclosed above.
As used in this application and in the claims, the terms "a," "an," "the," and/or "the" are not specific to the singular, but may include the plural, unless the context clearly dictates otherwise. In general, the terms "comprises" and "comprising" merely indicate that the steps and elements are explicitly identified, and they do not constitute an exclusive list, as other steps or elements may be included in a method or apparatus.
The relative arrangement of the components and steps, numerical expressions and numerical values set forth in these embodiments do not limit the scope of the present application unless it is specifically stated otherwise. Meanwhile, it should be understood that the sizes of the respective parts shown in the drawings are not drawn in actual scale for convenience of description. Techniques, methods, and apparatus known to one of ordinary skill in the relevant art may not be discussed in detail, but should be considered part of the specification where appropriate. In all examples shown and discussed herein, any specific values should be construed as merely illustrative, and not a limitation. Thus, other examples of the exemplary embodiments may have different values. It should be noted that: like reference numerals and letters denote like items in the following figures, and thus once an item is defined in one figure, no further discussion thereof is necessary in subsequent figures.
In addition, the terms "first", "second", etc. are used to define the components, and are merely for convenience of distinguishing the corresponding components, and unless otherwise stated, the terms have no special meaning, and thus should not be construed as limiting the scope of the present application. Furthermore, although terms used in the present application are selected from publicly known and commonly used terms, some terms mentioned in the specification of the present application may be selected by the applicant at his or her discretion, the detailed meanings of which are described in relevant parts of the description herein. Furthermore, it is required that the present application be understood, not simply by the actual terms used but by the meaning of each term lying within.
Flowcharts are used in this application to describe the operations performed by systems according to embodiments of the present application. It should be understood that the preceding or following operations are not necessarily performed in order precisely. Rather, the various steps may be processed in reverse order or simultaneously. At the same time, other operations are added to or removed from these processes.
While the present application has been described with reference to the present specific embodiments, those of ordinary skill in the art will recognize that the above embodiments are for illustrative purposes only, and that various equivalent changes or substitutions can be made without departing from the spirit of the present application, and therefore, all changes and modifications to the embodiments described above are intended to be within the scope of the claims of the present application.
Claims (13)
1. A key capacity expansion system, comprising: the system comprises a secure processor and a general processor, wherein the secure processor is in communication connection with the general processor, the general processor comprises a trusted secure running environment, a first application program and a replay protection memory block, the first application program and the replay protection memory block are positioned in the secure running environment, the general processor stores a trusted environment public key, the first application program stores a trusted environment private key, the trusted environment public key and the trusted environment private key are asymmetric key pairs, and the replay protection memory block is used for storing a ciphertext master key and a target ciphertext transmission key required by the secure processor;
the general purpose processor and the security processor are configured to interact using the following interaction method:
the general processor receives an original ciphertext transmission key, acquires the ciphertext master key from the replay protection memory block, and sends the original ciphertext transmission key and the ciphertext master key to the secure processor;
the security processor generates the target ciphertext transmission key according to the original ciphertext transmission key and the ciphertext master key, and sends the target ciphertext transmission key to the general processor;
the general processor encrypts the obtained target ciphertext transmission key through the trusted environment public key to obtain a first transmission key, the first transmission key is transmitted to the first application program, the first application program decrypts the first transmission key through the trusted environment private key to obtain the target ciphertext transmission key, and the target ciphertext transmission key is stored in the replay protection memory block.
2. The key capacity expansion system of claim 1, wherein the general purpose processor and the secure processor are further configured to interact using an interaction method of:
the secure processor receives a plaintext master key, generates a random key in a secure environment, encrypts the plaintext master key through the random key to obtain the ciphertext master key, and sends the ciphertext master key to the general processor;
the general processor receives the ciphertext master key, encrypts the obtained ciphertext master key through the trusted environment public key to obtain a first master key, transmits the first master key to the first application program, decrypts the first master key through the trusted environment private key to obtain the ciphertext master key, and stores the ciphertext master key to the replay protection memory block.
3. The key capacity expansion system of claim 2, wherein the secure processor is further configured to generate the target ciphertext transmission key using the method of:
the security processor decrypts the ciphertext master key through the random key to obtain the plaintext master key, decrypts the original ciphertext transmission key through the plaintext master key to obtain a plaintext transmission key, and encrypts the plaintext transmission key through the random key to obtain the target ciphertext transmission key.
4. The key capacity expansion system of claim 3, wherein the secure processor is further configured to record an identification number of the plaintext transmission key in a local key index list after obtaining the plaintext transmission key.
5. The key capacity expansion system of claim 4, wherein the general purpose processor and the secure processor are further configured to perform key self-checking using the following method:
the general processor reads all the target ciphertext transmission keys from the replay protection memory block and sends the target ciphertext transmission keys to the secure processor;
the security processor decrypts one target ciphertext transmission key at a time through the random key to obtain the plaintext transmission key, judges whether the key checking value of the plaintext transmission key is correct, if so, records the identification number of the plaintext transmission key, then judges whether the key checking value of the next plaintext transmission key is correct, and if all the identification numbers of the plaintext transmission keys are consistent with the local key index list, sends a self-checking success signal to the general processor.
6. The key capacity expansion system of claim 4, wherein the general purpose processor and the secure processor are further configured to interact using an interaction method of:
the general processor reads one target ciphertext transmission key from the replay protection memory block and sends the target ciphertext transmission key to the secure processor;
the security processor decrypts the target ciphertext transmission key through the random key to obtain the plaintext transmission key, deletes the identification number of the plaintext transmission key in the local key index list after receiving a deletion instruction, and sends a deletion success signal to the general processor;
and deleting the target ciphertext transmission key corresponding to the plaintext transmission key in the playback protection memory block according to the deletion success signal by the first application program in the general processor.
7. The key capacity expansion system of claim 3, wherein the general purpose processor and the secure processor are further configured to interact using an interaction method of:
the general processor receives a calculation requirement, reads the target ciphertext transmission key corresponding to the calculation requirement from the replay protection memory block, and sends the target ciphertext transmission key and the calculation requirement to the secure processor;
the secure processor decrypts the target ciphertext transmission key through the random key to obtain the plaintext transmission key, calculates the plaintext transmission key according to the calculation requirement, and sends a calculation result to the general processor.
8. The key capacity expansion system of claim 3, wherein the general purpose processor and the secure processor are further configured to perform identical key data detection using the following method:
after the secure processor obtains the plaintext transmission keys to be written, the general processor sends all the target ciphertext transmission keys in the replay protection memory block to the secure processor, the secure processor decrypts all the target ciphertext transmission keys, compares the plaintext transmission keys to be written with all the decrypted plaintext transmission keys, and deletes the plaintext transmission keys to be written if the plaintext transmission keys identical to the plaintext transmission keys to be written exist.
9. The key capacity expansion system of claim 3, wherein the secure processor is further configured to delete the random key upon detection of an attack signal.
10. The key capacity expansion system of claim 9, wherein the secure processor is further configured to send the attack signal to the general purpose processor, the general purpose processor further configured to notify the first application to delete data in the replay protected memory block upon receiving the attack signal.
11. The key capacity expansion system of claim 1, wherein the general purpose processor is further configured to delete the trusted context public key upon receiving a factory set command.
12. The key capacity expansion system of claim 1, wherein the general purpose processor is further configured to delete the trusted context public key upon receipt of a delete the first application command.
13. A key interaction method of a key capacity expansion system, the key capacity expansion system including a secure processor and a general purpose processor, the general purpose processor including a trusted secure operating environment, a first application program, and a playback protection memory block, the general purpose processor storing a trusted environment public key, the first application program storing a trusted environment private key, the trusted environment public key and the trusted environment private key being an asymmetric key pair, comprising:
the general processor receives an original ciphertext transmission key, acquires a ciphertext master key from the replay protection memory block, and sends the original ciphertext transmission key and the ciphertext master key to the secure processor;
the security processor generates a target ciphertext transmission key according to the original ciphertext transmission key and the ciphertext master key, and sends the target ciphertext transmission key to the general processor;
the general processor encrypts the obtained target ciphertext transmission key through the trusted environment public key to obtain a first transmission key, the first transmission key is transmitted to the first application program, the first application program decrypts the first transmission key through the trusted environment private key to obtain the target ciphertext transmission key, and the target ciphertext transmission key is stored in the replay protection memory block.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202311707741.9A CN117714042A (en) | 2023-12-12 | 2023-12-12 | Key capacity expansion system and key interaction method thereof |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202311707741.9A CN117714042A (en) | 2023-12-12 | 2023-12-12 | Key capacity expansion system and key interaction method thereof |
Publications (1)
Publication Number | Publication Date |
---|---|
CN117714042A true CN117714042A (en) | 2024-03-15 |
Family
ID=90147309
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202311707741.9A Pending CN117714042A (en) | 2023-12-12 | 2023-12-12 | Key capacity expansion system and key interaction method thereof |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN117714042A (en) |
-
2023
- 2023-12-12 CN CN202311707741.9A patent/CN117714042A/en active Pending
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN110992027B (en) | Efficient transaction method and device for realizing privacy protection in block chain | |
EP3395006B1 (en) | Method for managing a trusted identity | |
KR102205654B1 (en) | Authentication method in a distributed circumstance | |
US20230093581A1 (en) | Method for directly transferring electronic coin data sets between terminals, payment system, currency system and monitoring unit | |
JP3329432B2 (en) | Hierarchical electronic cash execution method and apparatus used therefor | |
US6954855B2 (en) | Integrated circuit devices with steganographic authentication, and steganographic authentication methods | |
CN104380652B (en) | Many publisher's safety element subregion frameworks for NFC enabled devices | |
WO2018223125A1 (en) | Methods and systems for ownership verification using blockchain | |
JP2019004474A (en) | Method and system for secure transmission of remote notification service messages to mobile devices without secure elements | |
CN113994357A (en) | Method for directly transmitting electronic coin data records between a terminal and a payment system | |
CN112215608A (en) | Data processing method and device | |
WO2019050527A1 (en) | System and method for generating trust tokens | |
JPH0242261B2 (en) | ||
CN107332671A (en) | A kind of safety mobile terminal system and method for secure transactions based on safety chip | |
CN103942896A (en) | System for money withdrawing without card on ATM | |
TWI622949B (en) | Know your customer (kyc) data marking dispute relief system with multiple secret key and method thereof | |
CN111709747B (en) | Intelligent terminal authentication method and system | |
KR20200116010A (en) | Encryption key management based on identity information | |
KR100785275B1 (en) | Method and system for providing contents using coupon | |
US20220374885A1 (en) | System, method, and computer program product for secure key management | |
CN117714042A (en) | Key capacity expansion system and key interaction method thereof | |
US20220138760A1 (en) | Dynamic Ledger Address Masking | |
KR20200134187A (en) | Authentication method in a distributed circumstance | |
KR101171798B1 (en) | System and method for electronic payment in electronic commerce, and recording medium used thereto | |
JP2020191552A (en) | Share distribution system and method |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination |