CN106156618A - A kind of safety chip, mobile terminal and the method realizing mobile terminal system safety - Google Patents

A kind of safety chip, mobile terminal and the method realizing mobile terminal system safety Download PDF

Info

Publication number
CN106156618A
CN106156618A CN201510185569.4A CN201510185569A CN106156618A CN 106156618 A CN106156618 A CN 106156618A CN 201510185569 A CN201510185569 A CN 201510185569A CN 106156618 A CN106156618 A CN 106156618A
Authority
CN
China
Prior art keywords
public key
program
verification public
mobile terminal
checking
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201510185569.4A
Other languages
Chinese (zh)
Inventor
翟岳辉
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Nationz Technologies Inc
Original Assignee
Nationz Technologies Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nationz Technologies Inc filed Critical Nationz Technologies Inc
Priority to CN201510185569.4A priority Critical patent/CN106156618A/en
Publication of CN106156618A publication Critical patent/CN106156618A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/567Computer malware detection or handling, e.g. anti-virus arrangements using dedicated hardware
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/03Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
    • G06F2221/034Test or assess a computer or a system

Abstract

The invention provides a kind of safety chip to include: memory cell, be used for storing verification public key;According to verification public key, judging unit, for verifying whether application program has correct private key signature.It is to have in the mobile terminal of TrustZone framework that this safety chip is applied to application processor, and the mode of operation of application processor includes normal mode and safe mode, and safety chip connects application processor;When application processor switches from normal mode to safe mode, it is judged that whether unit judges application program has correct private key signature, so that it is determined that whether the program initiating handover request is credible;When credible, application processor switches from normal mode to safe mode, and when insincere, application processor does not perform normal mode and switches to safe mode, can be prevented effectively from malicious application and access the trusted application in credible execution environment.Present invention also offers corresponding mobile terminal and realize the method for mobile terminal system safety.

Description

A kind of safety chip, mobile terminal and the method realizing mobile terminal system safety
Technical field
The present invention relates to communication technique field, particularly relate to a kind of safety chip, mobile terminal and realization and move The method of terminal system safety.
Background technology
Mobile terminal has developed into the Freeware platform that can download various large-scale application program from Internet. These application programs generally are carried out verifying to guarantee quality by equipment OEM, but not can carry out all functions Test, and assailant is constantly creating more and more malicious code with this kind equipment as target.Meanwhile, The demand that mobile device processes critical services increases day by day, from surfing the web, download viewing video, arrives Mobile phone remote Pay Bill and management bank's account can be passed through.These development trends cause mobile phone etc. to move eventually End becomes next software attacks target of the viruses such as malicious code, wooden horse and rootkit.
In order to improve the security of mobile terminal system, (ARM Holdings is world-leading half to ARM Conductor intellectual property (IP) provider) company develops TrustZone technology.TrustZone is by application process Device kernel is divided into two kinds of mode of operations, and one is normal mode, can perform rich instruction, in traditional sense Mobile terminal operating system such as Android, iOS all operate in this pattern, referred to as REE environment (Rich Execution Environment), another kind of pattern is exactly safe mode, can only perform trusted instruction, be referred to as TEE environment (Trusted Execution Environment).And guarantee TEE by special bus design The resource in border will not be accessed by REE border.TrustZone technology by original in REE border perform relate to The operation of safety and key are transferred in TEE environment, if the client application (Client in REE environment Application, CA) need to access trusted application in corresponding TEE environment (Trusted Application, TA), as long as (it is relatively difficult that Session translates directly into Chinese, is typically all translated into time domain by session. In computer major term, Session referred between the time that a terminal use communicates with interactive system Every being often referred to from registration entrance system to logging off elapsed time system.And the need to If, may also have certain operating space.) set up the unique channel between CA and TA, due to TEE Environment, to application processor, screen, the exclusivity of keyboard, can ensure in TEE environment largely Process information will not be stolen by other CA, and by the unique channel of CA and TA by anti-for TA result Feed CA, thus improves the security of system.
This mode ensure that uniqueness and a certain degree of security of TEE environment of CA and TA channel, But the shortcoming of yet suffering from: cannot be avoided the malice access to TA for the CA, there is huge potential safety hazard.
Content of the invention
It is an object of the invention to provide a kind of can be prevented effectively from malice CA TA is accessed safety chip, Mobile terminal and the method realizing mobile terminal system safety.
The present invention is achieved through the following technical solutions:
A kind of safety chip, comprising: memory cell, is used for storing verification public key;Judging unit, is used for root According to verification public key checking application program, whether there is correct private key signature.
Preferably, memory cell is stored with the verification public key of more than 2, each application program have one close Code numbering, each verification public key corresponding password numbering, application program is numbered according to password and is gone coupling correspondence Verification public key.
Preferably, verification public key includes: (bootstrap is being for the verification public key of application program, Bootloader One section of program that first system runs after powering on.) verification public key and ROM program (refer to be stored in read-only storage System program in device, generally system bios program, Driver program, embedded system kernel program etc., " system program " is in general unification.BIOS is the initialism of English " Basic Input Output System ", directly After translating, Chinese is exactly " basic input output system ".Driver program, driver).Checking PKI.
Preferably, also including performance element, verification public key includes the verification public key of Bootloader;Judge single Unit passes through public key algorithm and verification public key, the integrality of checking Bootloader;Integrality as Bootloader During by checking, performance element drives Bootloader to pass through public key algorithm and verification public key, verifies ROM journey The credibility of sequence;When the credibility of ROM program is by checking, performance element drives ROM program to pass through Built-in public key algorithm and verification public key, the credibility of checking application program.
Preferably, BootLoader is exactly the one section of small routine running before operating system nucleus runs.Logical Cross this section of small routine, we can with initiating hardware equipment, set up memory headroom mapping graph, thus by system Hardware environment take a proper states to, in order to be ready to correct for final call operation system kernel Environment.
Preferably, also including performance element, verification public key includes the verification public key of ROM program;Judging unit By public key algorithm and verification public key, the credibility of checking ROM program;When the credibility of ROM program is led to When crossing checking, performance element drives ROM program to pass through built-in public key algorithm and verification public key, checking application The credibility of program.
Present invention also offers a kind of mobile terminal, including safety chip.
Preferably, safety chip includes: memory cell, is used for storing verification public key;Judging unit, is used for Verify whether application program has correct private key signature according to verification public key.
Preferably, memory cell is stored with the verification public key of more than 2, each application program have one close Code numbering, each verification public key corresponding password numbering, application program is numbered according to password and is gone coupling correspondence Verification public key.
Preferably, verification public key includes: the verification public key of application program, the verification public key of Bootloader and The verification public key of ROM program.
Preferably, also including performance element, verification public key includes the verification public key of Bootloader;Judge single Unit passes through public key algorithm and verification public key, the integrality of checking Bootloader;Integrality as Bootloader During by checking, performance element drives Bootloader to pass through public key algorithm and verification public key, verifies ROM journey The credibility of sequence;When the credibility of ROM program is by checking, performance element drives ROM program to pass through Built-in public key algorithm and verification public key, the credibility of checking application program.
Preferably, BootLoader is exactly the one section of small routine running before operating system nucleus runs.Logical Cross this section of small routine, we can with initiating hardware equipment, set up memory headroom mapping graph, thus by system Hardware environment take a proper states to, in order to be ready to correct for final call operation system kernel Environment.
In the present embodiment, also including performance element, verification public key includes the verification public key of ROM program;Judge Unit passes through public key algorithm and verification public key, the credibility of checking ROM program;Credible when ROM program Property by checking when, performance element drive ROM program pass through built-in public key algorithm and verification public key, checking The credibility of application program.
Present invention also offers a kind of method realizing mobile terminal system safety.
A kind of method realizing mobile terminal system safety, the method comprises the steps: step A. normal mode When program under formula needs the service providing under safe mode, program or application processor initiate handover request, Handover request is that the application processor of mobile terminal switches from normal mode to safe mode;The safe core of step B. Whether piece has correct private key signature by signature algorithm and verification public key proving program, and by the result Notice application processor;When private key signature is correct, step C;Otherwise, D is performed;Step C. is applied Processor switches to safe mode from normal mode;Step D. application processor refusal performs handover request.
Preferably, before step A, also include: the trust authentication of step E.ROM program, Bootloader By public key algorithm and verification public key, the credibility of checking ROM program.
Preferably, before step E, also include: the integrity verification of step F.Bootloader: safe core Piece passes through public key algorithm and verification public key, the integrality of checking Bootloader.
Preferably, also include after step C: step G. safety chip by signature algorithm and chip private key is Program provides chip signature.
Preferably, also include before step A: step H. safety chip is by corresponding for private key PKI and chip Numbering is sent to third-party platform;Also include after step G: step I. third-party platform is according to PKI and core Whether piece numbering proofing chip signature is correct.
Preferably, third-party platform is the remote server that Alipay, wealth pay logical or wechat payment etc..
The invention have the benefit that a kind of safety chip includes: memory cell, be used for storing verification public key; According to verification public key, judging unit, for verifying whether application program has correct private key signature.This safety Chip application is to have in the mobile terminal of TrustZone framework in application processor, the work of application processor Pattern includes normal mode and safe mode, and safety chip is individual secure chip, and safety chip connects application Processor;When application processor switches from normal mode to safe mode, safety chip is judged single by it Unit judges whether application program has correct private key signature, so that it is determined that whether the program of initiation handover request Credible;When credible, application processor switches from normal mode to safe mode, when insincere, and application Processor does not perform normal mode and switches to safe mode, can be prevented effectively from malicious application and access credible Perform the trusted application in environment.
Brief description
In order to become apparent from, effectively illustrate the embodiment of the present invention technical scheme, make required in embodiment Accompanying drawing be briefly described, it is implicit that, the accompanying drawing in describing below is only some of the present invention Embodiment, from the point of view of those skilled in the art, it is not necessary on the premise of paying creative work, Other accompanying drawings can also be made according to these accompanying drawings.
Fig. 1 is the structural representation of a kind of safety chip of the present invention.
Fig. 2 is the workflow diagram of a kind of safety chip of the present invention.
Fig. 3 is the flow chart of a kind of method realizing mobile terminal system safety of the present invention.
Fig. 4 is the stream setting up process of the trust chain of a kind of method realizing mobile terminal system safety of the present invention Cheng Tu.
Detailed description of the invention
The invention provides a kind of safety chip, mobile terminal and the method realizing mobile terminal system safety, In order to make, those of skill in the art are clearer understands the present invention program, and make the above-mentioned purpose of the present invention, Feature, beneficial effect can will be apparent from, understandable, below in conjunction with the accompanying drawings 1~4 and detailed description of the invention to this Invention is described in further detail.
The invention provides a kind of safety chip.
Embodiment one
A kind of safety chip, comprising: memory cell 1, is used for storing verification public key;Judging unit 2, is used for Verify whether application program has correct private key signature according to verification public key.
In the present embodiment, memory cell 1 is stored with the verification public key of more than 2, and each application program has One password numbering, each verification public key corresponding password numbering, application program is numbered according to password and is gone Join corresponding verification public key.
In the present embodiment, verification public key includes: the verification public key of application program, Bootloader (bootstrap, First the one section of program run upon power-up of the system.) verification public key and ROM program (refer to be stored in read-only System program in memory, generally system bios program, Driver program, embedded system kernel journey Sequences etc., " system program " is in general unification.BIOS is the breviary of English " Basic Input Output System " Word, literally rear Chinese is exactly " basic input output system ".Driver program, driver). Verification public key.
In the present embodiment, also including performance element 3, verification public key includes the verification public key of Bootloader;Sentence Disconnected unit 2 passes through public key algorithm and verification public key, the integrality of checking Bootloader;Work as Bootloader Integrality by checking when, performance element 3 drives Bootloader to pass through public key algorithm and verification public key, The credibility of checking ROM program;When the credibility of ROM program is by checking, performance element 3 drives ROM program passes through built-in public key algorithm and verification public key, the credibility of checking application program.This process The complete procedure set up for trust chain.
In the present embodiment, also include trust chain sets up process, it is adaptable to (App is all of APP The abbreviation of application, generally refers exclusively to the application software on mobile phone, or claims cell-phone customer terminal.).Trust chain The process of foundation includes: judging unit 2 passes through public key algorithm and verification public key, and checking Bootloader's is complete Property;When the integrality of Bootloader is by checking, performance element 3 drives Bootloader to be calculated by PKI Method and verification public key, the credibility of checking ROM program;When the credibility of ROM program is by checking, Performance element 3 drives ROM program to pass through built-in public key algorithm and verification public key, checking APP (application journey Sequence) credibility.
Safety chip is directly responsible for the integrity verification to Bootloader.Assailant may be by entering to equipment The row modification Bootloader of hardware programming again, can brush the Rom into third-party invalidated afterwards, and the 3rd The Rom of side there may be trojan horse, thus causes potential safety hazard.After in this programme, application processor powers up Firstly the need of request safety chip by preset RSA Algorithm (RSA public key encryption algorithm be 1977 by Peter Lonard Lee Vista (Ron Rivest), A Di Shamir (Adi Shamir) and Leonard A Deman (Leonard Adleman) proposes together.) and preset verification public key, the integrality of checking Bootloader, Bootloader is avoided to be tampered.
That time that APP installs i.e. carry out complete trust chain set up process.Meaning is to ensure environment side , i.e. there is not other APP in other illegal acts such as eavesdroppings in the security in face.But to need in the present invention The APP wanting TEE to service unifies specially treated, rises to the height the same with Bootloader, cuts in request Changing and carrying out the certification to APP for the safety chip that time, verification process is identical with Bootloader.Meaning is Verify this APP initiating itself through Certificate Authority.
Safety element is for chip attack technology through specialized designs, and such as described in this programme, safety chip adds Enter active defense layer, when detecting that the external world takes intrusive mood to attack, the data of storage inside can have been destroyed; Carry out instruction power-consumption balance process in design, effectively prevented extraneous by side-channel attacks hands such as power consumption analysis Section cracks chip.It and application processor is different due to application direction, is to make these protection Designs above-mentioned 's.That is application processor will not carry out the process of power-consumption balance in TEE pattern, it is impossible to avoid by Physical arrangement within the acquisition such as physical probe.
Safety chip is individual secure chip, and safety chip is used exclusively for carrying out the core that safety stores and calculates Piece, can effectively protect the attack that violences such as disassembling chip is read;Pass through the built-in peace of safety chip simultaneously The credible metric datas such as full strategy, confidence level quantity algorithm, root key, verification public key are for access TEE environment The identity of CA verify, initiate switching by the verification public key checking of the built-in equipment vendors of safety chip Whether the program of request has the private key signature of equipment vendors, can be prevented effectively from malice CA in the same way Access TA, substantially increase the security of mobile terminal system.
It is to have in the mobile terminal of TrustZone framework that this safety chip is applied to application processor, answers use The mode of operation of reason device includes normal mode and safe mode, and safety chip is individual secure chip, safe core Piece connects application processor;When application processor switches from normal mode to safe mode, safety chip leads to Cross its judging unit and judge whether application program has correct private key signature, so that it is determined that initiate handover request Program whether credible;When credible, application processor switches from normal mode to safe mode, when can not During letter, application processor does not perform normal mode and switches to safe mode, can be prevented effectively from malicious application journey Sequence accesses the trusted application in credible execution environment.
In the present embodiment, normal mode is referred to as rich INSTRUCTIONS ENVIRONMENT, and safe mode is referred to as credible execution environment, can Letter performs environment can only perform credit instruction;When the client application requests under rich INSTRUCTIONS ENVIRONMENT accesses credible holding During trusted application under row environment, safety chip is verified by built-in safe authentication procedure and verification public key and is sent out Whether the client application playing request carries correct private key signature;If carrying correct private key signature, then By checking, application processor switches to safe mode from normal mode, and client application starts to access credible Application;If not carrying private key signature or the private key signature carried being incorrect, then verify and do not pass through, answer use Reason device refusal switches to safe mode from normal mode, and client application can not access trusted application.
In the present embodiment, the verification public key of safety chip built-in device manufacturer and proving program, safety chip leads to Whether the program of the verification public key checking initiation handover request crossing built-in equipment vendors has the private of equipment vendors Key is signed, if private key signature is correctly, judges that the program initiating handover request is believable, if private key label Name is wrong or does not has private key signature then to judge that the program initiating handover request is incredible.Safety chip is going out The proving program of the application program that just will need during factory, Bootloader, Rom program etc. and its corresponding factory The verification public key of business is inserted wherein, and follow-up no longer permission is changed, or is just allowed modification by special certification, Substantially increase the security of verification public key and proving program.
Embodiment two
A kind of safety chip, comprising: memory cell 1, is used for storing verification public key;Judging unit 2, is used for Verify whether application program has correct private key signature according to verification public key.
In the present embodiment, memory cell 1 is stored with the verification public key of more than 2, and each application program has One password numbering, each verification public key corresponding password numbering, application program is numbered according to password and is gone Join corresponding verification public key.
In the present embodiment, also including performance element 3, verification public key includes the verification public key of ROM program;Sentence Disconnected unit 2 passes through public key algorithm and verification public key, the credibility of checking ROM program;When ROM program When credibility is by checking, performance element 3 drives ROM program to pass through built-in public key algorithm and verification public key, The credibility of checking application program.
Public key algorithm include RSA Algorithm (RSA public key encryption algorithm be 1977 by Peter Lonard Lee Vista (Ron Rivest), A Di Shamir (Adi Shamir) and Leonard A Deman (Leonard Adleman) Propose together.), (ECC (Elliptic Curves Cryptography) AES is ECC territory public key algorithm A kind of public key encryption algorithm, compared with the RSA Algorithm of main flow, ECC algorithm can use shorter key to reach To identical safe coefficient.) etc..
Present invention also offers a kind of mobile terminal.
A kind of mobile terminal, including safety chip.
Safety chip includes: memory cell 1, is used for storing verification public key;Judging unit 2, tests for basis Whether card public key verifications application program has correct private key signature.
In the present embodiment, memory cell 1 is stored with the verification public key of more than 2, and each verification public key is corresponding One key ID, application program mates corresponding verification public key according to key ID.
In the present embodiment, safety chip also includes performance element 3, and verification public key includes the checking of ROM program PKI;Judging unit 2 passes through public key algorithm and verification public key, the credibility of checking ROM program;Work as ROM When the credibility of program is by checking, performance element 3 drives ROM program by built-in public key algorithm and to test Card PKI, the credibility of checking application program.
In the present embodiment, also including application processor, application processor is connected with safety chip.This safe core It is to have in the mobile terminal of TrustZone framework that piece is applied to application processor, the Working mould of application processor Formula includes normal mode and safe mode, and safety chip is individual secure chip, and safety chip connects answers use Reason device;When application processor switches from normal mode to safe mode, safety chip passes through its judging unit Judge whether application program has correct private key signature, so that it is determined that the program initiating handover request whether may be used Letter;When credible, application processor switches from normal mode to safe mode, when insincere, answers use Reason device does not perform normal mode and switches to safe mode, can be prevented effectively from malicious application and access credible holding Trusted application in row environment.
Present invention also offers a kind of method realizing mobile terminal system safety
A kind of method realizing mobile terminal system safety, comprising:
When program under step 101. normal mode needs the service providing under safe mode, program or answer use Handover request initiated by reason device, and handover request is that the application processor of mobile terminal is from normal mode to safe mode Switching.
Whether step 102. safety chip has correct private key by signature algorithm and verification public key proving program Signature, and the result is notified application processor;When private key signature is correct, step step 103;Send out Rise handover request program do not possess private key signature or private key signature incorrect when, step 104.
Step 103. application processor switches to safe mode from normal mode.
Program is all being run under normal mode and safe mode, and after switching to safe mode, program can be in peace Running under syntype, being disposed can return result to normal mode and (switched back into normally by safe mode here Pattern) under program.
If such as Alipay uses mode above, as accessed the safety chip service of asking for an autograph, that is signed This section of program of name service is carried out in the secure mode, returns result to the program under normal mode, so After be dealt into the remote server-third-party platform of Alipay in the normal mode and carry out sign test process.
Step 104. application processor refusal performs handover request.
In the present embodiment, when initiating the program of handover request and remote third party platform interacts, step Also include after 103: safety chip provides signature by built-in signature algorithm and chip private key for program.Peace Full built-in chip type signature algorithm and chip private key;After application processor switches from normal mode to safe mode, Initiate program and the remote third party platform of handover request carry out sensitive mutual when, safety chip is by built-in Signature algorithm and chip private key provide data signature service for program.Safety chip built-in one and safety chip Root key one to one.This key is mainly used in encryption and decryption operation, self signature, certification self to external world Legitimacy.Sensitivity includes relating to financial sector, private data transmission etc. alternately.
In the present embodiment, before step 101, also include:
The trust authentication of step 100.ROM program: Bootloader passes through public key algorithm and verification public key, The credibility of checking ROM program.
In the present embodiment, before step 100, also include:
The integrity verification of step 000.Bootloader: safety chip passes through public key algorithm and verification public key, The integrality of checking Bootloader.
In the present embodiment, also include after step 103: safety chip by signature algorithm and chip private key is Program provides chip signature.Also included safety chip by corresponding for private key PKI and chip before step 000 Numbering is sent to third-party platform.After safety chip provides chip signature for program, also include: third party puts down Whether platform signs correct according to PKI and chip number proofing chip.
The Digital signature service that safety chip provides is a kind of service, and program can be signed when this service of needs Name request.Including registration and use two steps of signature.
The application scenarios of Digital signature service includes paying scene.For example, include under paying scene: user registers, Corresponding for chip private key PKI and chip number are sent to user needs to use the third-party platform of Digital signature service (third-party platform is the remote server that Alipay, wealth pay logical or wechat payment etc.)), use after agreement This PKI carries out sign test.When user has payment demand, payment data is sent in safety chip, please draw lots before idols Name service, safety chip uses signature algorithm and private key to sign payment data.Payment data and signature Data are sent to third-party platform.Third-party platform is taken after signed data according to chip number (uniquely) Whether find corresponding PKI, it is legal to be signed by corresponding signature algorithm and public key verifications.
Here more complicated scheme can also be used: signature does not use the root key of safety chip, but often notes A kind of Digital signature service (such as Alipay, wealth are paid logical) of volume, it is desirable to safety chip generates pair of secret keys to (PKI And private key) and cipher key number, and PKI therein and cipher key number are sent to third-party platform;Safe core Piece leaves corresponding private key and cipher key number;There is provided Digital signature service by described private key and cipher key number, pass through The corresponding PKI being sent to third-party platform carries out signature authentication.
Optionally, it is also possible to be the verification method using PKI and root key.One be For the PKI of checking when Bootloader loads, inserted when producing by equipment vendors, only through instrument factory The Bootloader of the corresponding private key signature that business provides could pass through certification, and verification process and storage are all in peace Full chip internal completes, it is therefore prevented that the person of being hacked distorts.Another kind is root key, and root key refers to safe core The private key being used for encryption and signature with safety chip one to one of storage in piece.In encryption and decryption scene: Application processor will treat that under TEE pattern encryption and decryption data is transferred to safety chip, and safety chip is with preset Enciphering and deciphering algorithm and root key carry out respective handling, and return result to application processor;This process is complete Safety chip is carried out.
When being applied to pay scene: certain wallet APP is through examination & verification (can provide manufacturer's private key signature) quilt Approval uses the security function in this programme, and this APP becomes legal CA, can access TEE;Entering When row pays this sensitive operation, TEE pattern accesses the self-authentication function that safety chip provides, Such as payment data needs the privately owned root key in safety chip to sign, and pays third-party platform and just can recognize It is legal for this payment data.The signature process of safety chip will not come out, and only provides result, Further increase security of system.
Describe the know-why of the present invention above in association with specific embodiment.These describe and are intended merely to explain this The principle of invention, and limiting the scope of the invention can not be construed to by any way.Based on herein Explaining, those skilled in the art does not needs to pay other tools that performing creative labour can associate the present invention Body embodiment, these modes fall within protection scope of the present invention.

Claims (10)

1. a safety chip, it is characterised in that include:
Memory cell (1), is used for storing verification public key;
According to described verification public key, judging unit (2), for verifying whether application program has correct private key signature.
2. safety chip as claimed in claim 1, it is characterized in that, described memory cell (1) is stored with the verification public key of more than 2, each application program has a password numbering, each described verification public key corresponding described password numbering, described application program is numbered according to described password and is gone to mate corresponding verification public key.
3. safety chip as claimed in claim 2, it is characterised in that described verification public key includes: the verification public key of the verification public key of application program, the verification public key of Bootloader and ROM program.
4. safety chip as claimed in claim 2, it is characterised in that described safety chip also includes performance element (3);
Described verification public key includes the verification public key of Bootloader;Described judging unit (2) passes through public key algorithm and described verification public key, the integrality of checking Bootloader;When the integrality of described Bootloader is by checking, described performance element (3) drives described Bootloader to pass through public key algorithm and verification public key, the credibility of checking ROM program;When the credibility of described ROM program is by checking, described performance element (3) drives described ROM program to pass through built-in public key algorithm and verification public key, the credibility of checking application program;Or, described verification public key includes the verification public key of ROM program;Described judging unit (2) passes through public key algorithm and described verification public key, the credibility of checking ROM program;When the credibility of described ROM program is by checking, described performance element (3) drives described ROM program to pass through built-in public key algorithm and verification public key, the credibility of checking application program.
5. a mobile terminal, it is characterised in that include the safety chip described in any one of claim 1 ~ 4.
6. the method realizing mobile terminal system safety, it is characterised in that the method comprises the steps:
When program under step A. normal mode needs the service providing under safe mode, described program or application processor initiate handover request, and described handover request is that the application processor of mobile terminal switches from normal mode to safe mode;
By signature algorithm and verification public key, step B. safety chip verifies whether described program has correct private key signature, and described the result is notified described application processor;When described private key signature is correct, step C;Otherwise, described D is performed;
Described in step C., application processor switches to safe mode from normal mode;
Described in step D., application processor refusal performs described handover request.
7. realize the method for mobile terminal system safety as claimed in claim 6, it is characterised in that before described step A, also include:
The trust authentication of step E. ROM program, Bootloader passes through public key algorithm and verification public key, the credibility of checking ROM program.
8. realize the method for mobile terminal system safety as claimed in claim 7, it is characterised in that before described step E, also include:
Step F. The integrity verification of Bootloader: safety chip passes through public key algorithm and verification public key, the integrality of checking Bootloader.
9. realize the method for mobile terminal system safety as claimed in claim 6, it is characterised in that also include after described step C:
Safety chip described in step G. passes through signature algorithm and chip private key provides chip signature for described program.
10. realize the method for mobile terminal system safety as claimed in claim 9, it is characterised in that also include before described step A:
Corresponding for private key PKI and chip number are sent to third-party platform by safety chip described in step H.;
Also include after described step G:
According to described PKI and chip number, third-party platform described in step I. verifies whether described chip signature is correct.
CN201510185569.4A 2015-04-17 2015-04-17 A kind of safety chip, mobile terminal and the method realizing mobile terminal system safety Pending CN106156618A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201510185569.4A CN106156618A (en) 2015-04-17 2015-04-17 A kind of safety chip, mobile terminal and the method realizing mobile terminal system safety

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201510185569.4A CN106156618A (en) 2015-04-17 2015-04-17 A kind of safety chip, mobile terminal and the method realizing mobile terminal system safety

Publications (1)

Publication Number Publication Date
CN106156618A true CN106156618A (en) 2016-11-23

Family

ID=58058530

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201510185569.4A Pending CN106156618A (en) 2015-04-17 2015-04-17 A kind of safety chip, mobile terminal and the method realizing mobile terminal system safety

Country Status (1)

Country Link
CN (1) CN106156618A (en)

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107103251A (en) * 2017-04-26 2017-08-29 杭州中天微系统有限公司 The processor of containment mapping access interface
CN108242997A (en) * 2016-12-26 2018-07-03 联芯科技有限公司 The method and apparatus of secure communication
CN108270569A (en) * 2016-12-30 2018-07-10 航天信息股份有限公司 A kind of method and system that Electronic Signature is carried out by safe interface
CN108599938A (en) * 2018-04-23 2018-09-28 北京数字认证股份有限公司 The method and system of mobile terminal private data are protected by credible performing environment
CN109450620A (en) * 2018-10-12 2019-03-08 阿里巴巴集团控股有限公司 The method and mobile terminal of security application are shared in a kind of mobile terminal
CN109962785A (en) * 2018-04-28 2019-07-02 李京海 A kind of system and its electric signing system including TEE
CN111459869A (en) * 2020-04-14 2020-07-28 中国长城科技集团股份有限公司 Data access method, device, equipment and storage medium
CN112632514A (en) * 2020-12-15 2021-04-09 北京握奇数据股份有限公司 Method and device for preventing driver component from being tampered based on USBKey
WO2023071040A1 (en) * 2021-10-29 2023-05-04 苏州浪潮智能科技有限公司 System starting method, system starting device, server, and readable storage medium

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1553349A (en) * 2003-05-29 2004-12-08 联想(北京)有限公司 Safety chip and information safety processor and processing method
CN101527024A (en) * 2008-03-06 2009-09-09 同方股份有限公司 Safe web bank system and realization method thereof
US8504097B1 (en) * 2012-05-03 2013-08-06 Sprint Communications Company L.P. Alternative hardware and software configuration for near field communication
CN103514414A (en) * 2012-06-26 2014-01-15 上海盛轩网络科技有限公司 Encryption method and encryption system based on ARM TrustZone
US8839455B1 (en) * 2009-09-23 2014-09-16 Parallels IP Holdings GmbH Security domain in virtual environment
CN104318182A (en) * 2014-10-29 2015-01-28 中国科学院信息工程研究所 Intelligent terminal isolation system and intelligent terminal isolation method both based on processor safety extension

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1553349A (en) * 2003-05-29 2004-12-08 联想(北京)有限公司 Safety chip and information safety processor and processing method
CN101527024A (en) * 2008-03-06 2009-09-09 同方股份有限公司 Safe web bank system and realization method thereof
US8839455B1 (en) * 2009-09-23 2014-09-16 Parallels IP Holdings GmbH Security domain in virtual environment
US8504097B1 (en) * 2012-05-03 2013-08-06 Sprint Communications Company L.P. Alternative hardware and software configuration for near field communication
CN103514414A (en) * 2012-06-26 2014-01-15 上海盛轩网络科技有限公司 Encryption method and encryption system based on ARM TrustZone
CN104318182A (en) * 2014-10-29 2015-01-28 中国科学院信息工程研究所 Intelligent terminal isolation system and intelligent terminal isolation method both based on processor safety extension

Cited By (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108242997B (en) * 2016-12-26 2020-12-22 联芯科技有限公司 Method and apparatus for secure communication
CN108242997A (en) * 2016-12-26 2018-07-03 联芯科技有限公司 The method and apparatus of secure communication
CN108270569A (en) * 2016-12-30 2018-07-10 航天信息股份有限公司 A kind of method and system that Electronic Signature is carried out by safe interface
CN107103251B (en) * 2017-04-26 2020-04-21 杭州中天微系统有限公司 Processor including a mapping access interface
CN107103251A (en) * 2017-04-26 2017-08-29 杭州中天微系统有限公司 The processor of containment mapping access interface
CN108599938A (en) * 2018-04-23 2018-09-28 北京数字认证股份有限公司 The method and system of mobile terminal private data are protected by credible performing environment
CN109962785A (en) * 2018-04-28 2019-07-02 李京海 A kind of system and its electric signing system including TEE
CN109450620A (en) * 2018-10-12 2019-03-08 阿里巴巴集团控股有限公司 The method and mobile terminal of security application are shared in a kind of mobile terminal
CN109450620B (en) * 2018-10-12 2020-11-10 创新先进技术有限公司 Method for sharing security application in mobile terminal and mobile terminal
CN111459869A (en) * 2020-04-14 2020-07-28 中国长城科技集团股份有限公司 Data access method, device, equipment and storage medium
CN111459869B (en) * 2020-04-14 2022-04-29 中国长城科技集团股份有限公司 Data access method, device, equipment and storage medium
CN112632514A (en) * 2020-12-15 2021-04-09 北京握奇数据股份有限公司 Method and device for preventing driver component from being tampered based on USBKey
WO2023071040A1 (en) * 2021-10-29 2023-05-04 苏州浪潮智能科技有限公司 System starting method, system starting device, server, and readable storage medium

Similar Documents

Publication Publication Date Title
CN106156618A (en) A kind of safety chip, mobile terminal and the method realizing mobile terminal system safety
CN109313690B (en) Self-contained encrypted boot policy verification
US8127146B2 (en) Transparent trust validation of an unknown platform
US9514300B2 (en) Systems and methods for enhanced security in wireless communication
Garriss et al. Trustworthy and personalized computing on public kiosks
JP5510550B2 (en) Hardware trust anchor
US10771264B2 (en) Securing firmware
CN105718807B (en) Android system and its authentic authentication system based on soft TCM and credible software stack and method
US20100083002A1 (en) Method and System for Secure Booting Unified Extensible Firmware Interface Executables
EP2839403B1 (en) Secure zone for secure purchases
KR20150028837A (en) Measuring platform components with a single trusted platform module
JP2006179007A (en) Secure license management
AU2015390172B2 (en) Usage control method and system for medical detection device and medical detection device
CN111371726B (en) Authentication method and device for security code space, storage medium and processor
CN106161028A (en) Safety chip, communication terminal and the method improving communication security
EP2997692A1 (en) Procedure for platform enforced secure storage in infrastructure clouds
Nyman et al. Citizen electronic identities using TPM 2.0
Gallery et al. Trusted computing: Security and applications
Zhang et al. Trusttokenf: A generic security framework for mobile two-factor authentication using trustzone
Fournaris et al. Hardware security for critical infrastructures-the cipsec project approach
KR20190128534A (en) Method for combining trusted execution environments for functional extension and method for applying fido u2f for supporting business process
Feng Trusted Computing: Principles and Applications
KR101350438B1 (en) Digital signature system for using se(secure element) inside mobile unit and method therefor
Futral et al. Fundamental principles of intel® txt
CN113966510A (en) Trusted device and computing system

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20161123

RJ01 Rejection of invention patent application after publication