CN108933790B - Encryption method for OTA (over the air) upgrade firmware with high security level - Google Patents

Encryption method for OTA (over the air) upgrade firmware with high security level Download PDF

Info

Publication number
CN108933790B
CN108933790B CN201810732760.XA CN201810732760A CN108933790B CN 108933790 B CN108933790 B CN 108933790B CN 201810732760 A CN201810732760 A CN 201810732760A CN 108933790 B CN108933790 B CN 108933790B
Authority
CN
China
Prior art keywords
firmware
data
block
mac
upgrading
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201810732760.XA
Other languages
Chinese (zh)
Other versions
CN108933790A (en
Inventor
樊燕红
付勇
王继志
杨英
陈丽娟
陈振娅
文立强
穆超
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shandong Computer Science Center National Super Computing Center in Jinan
Original Assignee
Shandong Computer Science Center National Super Computing Center in Jinan
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shandong Computer Science Center National Super Computing Center in Jinan filed Critical Shandong Computer Science Center National Super Computing Center in Jinan
Priority to CN201810732760.XA priority Critical patent/CN108933790B/en
Publication of CN108933790A publication Critical patent/CN108933790A/en
Application granted granted Critical
Publication of CN108933790B publication Critical patent/CN108933790B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/08Configuration management of networks or network elements
    • H04L41/0803Configuration setting
    • H04L41/0813Configuration setting characterised by the conditions triggering a change of settings
    • H04L41/082Configuration setting characterised by the conditions triggering a change of settings the condition being updates or upgrades of network functionality
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/123Applying verification of the received information received data contents, e.g. message integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/34Network arrangements or protocols for supporting network services or applications involving the movement of software or configuration parameters 
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/002Countermeasures against attacks on cryptographic mechanisms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0618Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
    • H04L9/0631Substitution permutation network [SPN], i.e. cipher composed of a number of stages or rounds each involving linear and nonlinear transformations, e.g. AES algorithms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • H04L9/3242Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving keyed hash functions, e.g. message authentication codes [MACs], CBC-MAC or HMAC

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Power Engineering (AREA)
  • Stored Programmes (AREA)

Abstract

The invention relates to an encryption method for OTA (over the air) upgrade firmware with high security level, which comprises the following steps that a PC (personal computer) generates firmware upgrade data: generating an authentication code MAC by utilizing the firmware header data and the n block firmware data, and taking the unencrypted firmware header data, the encrypted MAC and the n block firmware data as firmware upgrading data; the IOT terminal equipment verification and upgrade steps are as follows: the IOT terminal equipment recovers the MAC value by using the received data, judges whether the MAC value calculated by the IOT terminal equipment is equal to the received MAC value or not, and executes upgrading operation only under the condition of equality. According to the OTA firmware upgrading encryption method, the head encryption algorithm is difficult to analyze through various methods including side channel analysis, malicious firmware downloading is fundamentally prevented, illegal personnel are prevented from recovering the principle of the firmware upgrading algorithm through a side channel password analysis method, and the safety level in the firmware upgrading process is further improved.

Description

Encryption method for OTA (over the air) upgrade firmware with high security level
Technical Field
The invention relates to a firmware upgrading method, in particular to an encryption method for upgrading firmware of an OTA (over the air) with a high security level.
Background
At present, the Internet of things (IOT) has penetrated all the aspects of the industries and is connected with a large number of devices. The large-scale deployment of the internet of things faces a lot of challenges. When a plurality of internet of things devices need function updating or bug repairing, an Over-the-Air Technology (OTA for short) provides a time-saving and convenient way for wireless firmware upgrading, and OTA firmware upgrading becomes an indispensable component of the internet of things devices.
In the firmware upgrading process of the internet of things equipment, the security threat of service authority verification exists. In terms of firmware upgrade, the upgraded firmware of many internet of things devices has no encryption and integrity verification processing. If a hacker obtains a command format of firmware upgrading, malicious firmware written by the hacker is downloaded into the terminal equipment of the Internet of things, the equipment can be completely controlled, and illegal operation can be executed. In 2013, an IOactive security company researches a money detector of a certain brand, and finds that signature verification processing is not performed when firmware is upgraded, researchers download malicious firmware into the money detector by using the bug, and the money detector identifies a handwritten counterfeit money as a genuine money. In 2017, researchers of password security study Philips Hue intelligent lamps, the encryption/authentication key for upgrading the wireless firmware of the intelligent lamps is broken, the generated malicious firmware is downloaded into the intelligent lamps according to the key, and the intelligent lamps flicker continuously under the control of the malicious firmware.
In the firmware upgrading process, in order to prevent the internet of things device from being attacked by malicious firmware, the security level in the firmware upgrading process needs to be improved. Encryption/decryption and authentication operations are required in the generation and downloading processes of the upgrade firmware, and are used for confidentiality and integrity authentication of firmware data to prevent the firmware data from being maliciously tampered and restored; and the encryption/decryption and authentication operations are required to have certain complexity so as to resist the attack of the relevant cryptanalysis methods such as side channels and the like.
Disclosure of Invention
In order to overcome the defects of the technical problems, the invention provides an encryption method for OTA (over the air) upgrade firmware with high security level.
The invention relates to an encryption method of OTA (over the air) upgrade firmware with high security level.A system for upgrading the firmware by the OTA is composed of a PC (personal computer), a cloud service end, a control terminal and an IOT (operation input/output) terminal device, wherein the PC generates upgrade firmware data and uploads the upgrade firmware data to the cloud service end, and the control terminal controls the IOT terminal device to receive the data of the cloud service end and complete the upgrade; setting an upgrading firmware to contain n block data; the encryption method for the OTA upgrade firmware is characterized by comprising a step of generating firmware upgrade data by a PC (personal computer) and a step of verifying and upgrading IOT (internet of things) terminal equipment, wherein the step of generating the firmware upgrade data by the PC comprises the following steps: taking m block data as fixed element head data, generating an authentication code MAC by using the m block fixed element head data and the n block firmware data through an encryption algorithm, taking the m block fixed element head data which are not encrypted, the encrypted MAC and the n encrypted block firmware data as firmware upgrading data, and uploading the firmware upgrading data to a cloud service end;
the IOT terminal equipment verification and upgrade steps are as follows: the IOT terminal equipment firstly decrypts the received data, then calculates the MAC value by using the received m block firmware header data and the decrypted n block firmware data, judges whether the calculated MAC value is equal to the received MAC value or not, and executes the upgrading operation only under the condition of being equal.
The encryption method for the OTA upgrade firmware with high security level of the invention is characterized in that the size of 1 block is 16 bytes, the size of the firmware head data is 3 blocks, the initialization vector stored in the PC and the IOT terminal equipment is IV, and the encryption key is k; the n block firmware data are respectively Pf1、Pf2、…、Pfn
The step of generating the firmware upgrading data by the PC is realized by the following steps:
a) encrypting the head data, and setting the head data of 3 block fasteners as Ph1、Ph2、Ph3The encrypted data are each P'h1、P′h2、P′h3
b) Processing of generating header data of the MAC, performing an encryption operation on the header data of the generated authentication code MAC using the following algorithm:
Figure BDA0001721320270000021
Figure BDA0001721320270000022
Figure BDA0001721320270000023
wherein E isk() E in (a) represents the AES algorithm function employed, k is the encryption key, the parameter in parentheses represents the plaintext data,
Figure BDA0001721320270000031
is an exclusive or operation;
c) solving the verification code, and generating the verification code MAC by the following calculation method:
for i=1 to n
j=i+3
Figure BDA0001721320270000032
the authentication code is:
MAC=CBC(n+3);
d) encrypting the authentication code MAC, n block firmware data Pf1、Pf2、…、PfnThe following AES-CTR is adopted for encryption processing:
Figure BDA0001721320270000033
for i=1 to n
Figure BDA0001721320270000034
wherein ctri=Nonce||counteriThe Nonce is a constant value of external security set by the user and stored in the PC and the IOT terminal device, and the Nonce is 14-byte data, counteriFor 2-byte data, counter0=0,counter1=1,…,counteri=i,…,counternN; "|" represents a join operation;
e) forming firmware upgrading data, and forming upgrading data F by using unencrypted 3 block firmware header data, encrypted authentication code MAC and encrypted n block firmware dataall
Fall=Ph1||Ph2||Ph3||EMAC||Ef1||Ef2...||Efn||。
The encryption method for OTA (over the air) upgrade firmware with high security level adopts the following method to carry out encryption on 3 block firmware header data P in the step a)h1、Ph2、Ph3And (3) encryption:
P′h1=Ek(Ph2)
P′h2=Ph2·Ph1
Figure BDA0001721320270000035
where operator denotes a multiplication operation.
The encryption method for the OTA upgrade firmware with high security level of the invention is characterized in that the verification and upgrade steps of the IOT terminal device are realized by the following steps:
1) the IOT terminal equipment stores the downloaded firmware upgrading data into an external FLASH memory, reads the first 3 blocks of firmware header data, judges whether the parameters in the firmware header data are legal or not, and if so, executes the step 2); if not, executing step 7);
2) encrypting the header data, and encrypting the obtained 3 block solid piece header data by adopting the same encryption algorithm as that in the step a), wherein the encrypted header data are respectively P'H1、P′H2、P′H3
3) Processing of generating header data of the MAC, performing an encryption operation on the header data of the generated authentication code MAC using the following algorithm:
Figure BDA0001721320270000041
Figure BDA0001721320270000042
Figure BDA0001721320270000043
wherein E isk() E in (a) represents the AES algorithm function employed, k is the encryption key, the parameter in parentheses represents the plaintext data,
Figure BDA0001721320270000044
is an exclusive or operation;
4) decrypting the firmware and solving for the authentication code, decrypting the n block encrypted firmware and solving for the authentication code by the following calculation method:
for i=1 to n
Figure BDA0001721320270000045
j=i+3
Figure BDA0001721320270000046
wherein: ctri=Nonce||counteri,P′f1、P′f2、…、P′fnAcquiring the decrypted n block firmware data for the IOT terminal equipment;
the authentication code obtained by the IOT terminal equipment side is as follows:
MACb=CBC′(n+3);
5) checking whether the authentication code is legal or not, and carrying out encryption operation on the acquired authentication code MACb by the IOT terminal equipment:
Figure BDA0001721320270000047
then will find EMACbAnd E in the received firmware dataMACComparing and judging EMACbAnd EMACIf yes, the verification is passed, and step 6) is executed; if not, executing step 7);
6) firmware upgrade, decrypted firmware data P 'acquired by IOT terminal device'f1、P′f2、…、P′fnI.e. legal firmware data P generated by PCf1、Pf2、…、PfnStoring the firmware data into an internal FLASH and completing upgrading;
7) failed upgrade, IOT terminal device returns response signal of failed firmware upgrade
The encryption method for the OTA upgrade firmware with high security level adopts the following method to encrypt the data of 3 block firmware heads in the step 2):
P′H1=Ek(PH2)
P′H2=PH2·PH1
Figure BDA0001721320270000051
wherein, PH1、PH2、PH3And updating the data of the first 3 blocks in the firmware updating data acquired by the IOT terminal equipment.
The invention has the beneficial effects that: the invention provides an encryption method of OTA (over-the-air technology) upgrading firmware with high security level, which can ensure that the encryption authentication firmware has high security level.
The side channel password analysis method can analyze the key used in the encryption/decryption and authentication algorithms of the firmware in the firmware upgrading process of the IOT terminal equipment, and then presume the encryption/decryption and authentication principles of the firmware through plaintext correlation analysis. And generating malicious firmware approved by the IOT terminal equipment according to the presumed principle method, and downloading the malicious firmware into an internal FLASH, so that illegal personnel can control the IOT terminal equipment at will. In order to prevent the downloading of malicious firmware, the method adopts the encryption processing operation on the head data, the operation has certain complexity, and the specific implementation mode of the head encryption algorithm is difficult to analyze by a side channel analysis method in a black box state. The method prevents illegal personnel from recovering the principle of the firmware upgrading algorithm through a side channel password analysis method, then attacks the malicious firmware downloaded by the equipment of the Internet of things, and further improves the security level in the firmware upgrading process.
Drawings
FIG. 1 is a schematic diagram of an OTA firmware upgrade system according to the present invention;
FIG. 2 is a schematic block diagram of a PC generating an encrypted authentication firmware according to the present invention; (ii) a
FIG. 3 is a flowchart of the procedure for upgrading the firmware of the IOT terminal device according to the present invention;
fig. 4 and 5 are schematic diagrams of firmware header data operation and encryption algorithm according to the present invention.
Detailed Description
The invention is further described with reference to the following figures and examples.
As shown in fig. 1, a schematic diagram of the OTA firmware upgrade system in the present invention is given, the OTA firmware upgrade system of the IOT terminal device is composed of a PC, a cloud service end, a control terminal and an IOT terminal device, and the PC has the main functions of: and encrypting and authenticating the upgraded firmware data to generate encrypted authentication firmware and uploading the encrypted authentication firmware to the cloud server. The cloud server has the main functions of: storing the latest version of the upgrade firmware, interacting with the control terminal, receiving an upgrade request instruction, and returning the firmware upgrade information to the control terminal; and downloading the firmware upgrading information to the IOT terminal equipment, and receiving response data of firmware upgrading sent by the terminal equipment. And after receiving the firmware upgrading data, the IOT terminal equipment firstly verifies the legality of the parameters of the firmware data, then authenticates the integrity of the firmware, decrypts and downloads the firmware data, verifies the firmware data downloaded to the internal FLASH after the decryption and downloading are finished, and returns a response signal of successful firmware upgrading after the verification is passed.
As shown in fig. 2, a schematic block diagram of generating encrypted authentication firmware on a PC is provided, which is implemented by the following steps:
(1) setting firmware header data information, wherein the firmware header data is Ph1、Ph2、Ph3The content of the value is set by a manufacturer according to the specific configuration parameters of the product;
(2) selecting an upgrade firmware storage path needing to be encrypted, and setting path information for storing encryption authentication firmware;
(3) the PC machine performs encryption and authentication operations, and firstly, the data P of the head part is processedh1、Ph2、Ph3Encrypted to obtain data P'h1、P′h2、P′h3
(4) Reading firmware data P of n blocks of upgraded firmwaref1、Pf2、…、Pfn
(5) And generating the authentication code by using an AES-CBC algorithm. The header data encryption operation to generate the authentication MAC is as follows:
Figure BDA0001721320270000061
Figure BDA0001721320270000071
Figure BDA0001721320270000072
Ek() Where E denotes the AES algorithm function employed, k denotes the key, the parameter in parentheses denotes the plaintext data,
Figure BDA0001721320270000073
is an exclusive or operation.
(6) The firmware data encryption operation for generating the authentication MAC is as follows:
for i=1 to n
j=i+3
Figure BDA0001721320270000074
(7) MAC ═ CBC (n + 3); wherein the MAC is an authentication code of the firmware;
(8) for MACn block firmware data Pf1、Pf2、…、PfnAnd performing encryption processing:
Figure BDA0001721320270000075
for i=1 to n
Figure BDA0001721320270000076
wherein: ctri=Nonce||counteriThe Nonce is a constant value set by the user and is secret to the outside. Wherein, Nonce is 14 bytes data, counteriFor 2-byte data, counter0=0,counter1=1,…,counteri=i,…,countern=n。
(9) The encryption authentication firmware comprises the following components in general:
Fall=Ph1||Ph2||Ph3||EMAC||Ef1||Ef2...||Efn(| | denotes a join operation).
As shown in fig. 3, a flowchart of a procedure for upgrading the firmware of the IOT terminal device in the present invention is provided, which is implemented by the following steps:
a. reading related parameters contained in the head data of the firmware, verifying whether the related parameters are legal or not, and if the related parameters are legal, executing the step b; if not, executing step k;
b. calling a head data encryption processing algorithm to encrypt the head data; setting data of first 3 blocks in firmware upgrading data acquired by IOT terminal equipment as PH1、PH2、PH3The encrypted data is P'H1、P′H2、P′H3The method comprises the following steps of encrypting the data of 3 block firmware heads by adopting the following method:
P′H1=Ek(PH2)
P′H2=PH2·PH1
Figure BDA0001721320270000081
c. and (3) encrypting the processed head data by using an AES-CBC mode to finally generate CBC' 3, wherein an encryption processing algorithm is as follows:
Figure BDA0001721320270000082
Figure BDA0001721320270000083
Figure BDA0001721320270000084
the CBC' 3 is used as a next block initialization vector and is transmitted to a next encryption function;
d. the encryption firmware of n blocks is decrypted by using AES-CTR to obtain plaintext, the plaintext data is processed by using AES-CBC mode to finally generate MAC, and the specific implementation method is as follows:
for i=1 to n
Figure BDA0001721320270000085
j=i+3
Figure BDA0001721320270000086
wherein ctri=Nonce||counteri,P′f1、P′f2、…、P′fnDecrypting the acquired n block firmware data for the IOT terminal equipment end;
e. obtaining an authentication code MACb of the firmware, obtaining the authentication code MACb of the IOT terminal equipment end as CBC' (n +3), and encrypting the MACb by using AES-CTR to obtain EMACb
Figure BDA0001721320270000087
f. Will find EMACbAnd E in the received firmware dataMACComparing and judging EMACbAnd EMACIf yes, the verification is passed, and step e is executed; if not, executing step k;
the IOT terminal equipment decrypts the encrypted firmware by using AES-CTR to obtain firmware data P'f1、P′f2、…、P′fnI.e. legal firmware data P generated by PCf1、Pf2、…、PfnAnd storing the firmware data into the internal FLASH.
After the firmware data of h.n blocks are downloaded, verifying the firmware data, if the verification is passed, indicating that the firmware data downloaded to the internal FLASH is correct, executing the step i, and if the verification is not passed, executing the step k;
i. returning a response signal that the firmware is upgraded successfully, and clearing the firmware upgrading zone bit to 0;
j. jumping to an Application area to execute an Application program;
k. and returning a response signal of firmware upgrading failure, and restarting the IOT terminal equipment by the software.
As shown in fig. 4 and 5, a schematic diagram of a header data encryption processing algorithm is given. FIG. 4 shows header data P for 3 blocksh1、Ph2、Ph3Is subjected to encryption treatment to obtain P'h1、P′h2、P′h3Process, FIG. 5 shows P'h1、P′h2、P′h3IV and the key k are input into an AES-CBC encryption algorithm, and the operation of calculating the authentication MAC is started.
For header data P of 3 blocksh1、Ph2、Ph3Is subjected to encryption treatment to obtain P'h1、P′h2、P′h3The method comprises the following steps of:
P′h1=Ek(Ph2)
P′h2=Ph2×Ph1
Figure BDA0001721320270000091
prepared from P'h1、P′h2、P′h3IV and the key k are input into an AES-CBC encryption algorithm, and the following expression is expressed:
Figure BDA0001721320270000092
Figure BDA0001721320270000093
Figure BDA0001721320270000094
when an attacker attacks by using a side channel analysis method, firstly, energy traces or electromagnetic radiation waveforms of the encryption processing algorithm are collected, and under the condition of a black box, the attacker adopts a plaintext correlation analysis method to determine the position where plaintext participates in calculation, and then, plaintext data participating in encryption operation is presumed according to the waveforms. The header data encryption processing algorithm plays a role of confusion on the plaintext correlation analysis of the header data, and even if the correlation with the plaintext is high at a certain position, the data participating in the calculation at the moment is not known plaintext. Therefore, the head data encryption processing algorithm enables the upgraded firmware to have the capability of resisting side channel attack, thereby eliminating a security hole of service authority verification of the Internet of things (IOT) terminal equipment and further improving the security level in the firmware upgrading process.

Claims (4)

1. A high security level OTA upgrades the encryption method of the firmware, OTA upgrades the system of the firmware and is made up of PC, cloud server, control terminal and IOT terminal installation, PC produces and upgrades the firmware data and uploads to the cloud server, the control terminal controls IOT terminal installation to receive the data of the cloud server and finish upgrading; setting an upgrading firmware to contain n block data; the encryption method for the OTA upgrade firmware is characterized by comprising a step of generating firmware upgrade data by a PC (personal computer) and a step of verifying and upgrading IOT (internet of things) terminal equipment, wherein the step of generating the firmware upgrade data by the PC comprises the following steps: taking m block data as fixed element head data, generating an authentication code MAC by using the m block fixed element head data and the n block firmware data through an encryption algorithm, taking the m block fixed element head data which are not encrypted, the encrypted MAC and the n encrypted block firmware data as firmware upgrading data, and uploading the firmware upgrading data to a cloud service end;
the IOT terminal equipment verification and upgrade steps are as follows: the IOT terminal equipment firstly decrypts the received data, then calculates the MAC value by using the received m block firmware header data and the decrypted n block firmware data, judges whether the calculated MAC value is equal to the received MAC value or not, and executes the upgrading operation only under the condition of the equality;
setting the size of 1 block as 16 bytes, setting the data of a firmware header as 3 blocks, and setting an initialization vector stored in a PC (personal computer) and IOT (internet of things) terminal equipment as IV and an encryption key as k; the n block firmware data are respectively Pf1、Pf2、…、Pfn
The step of generating the firmware upgrading data by the PC is realized by the following steps:
a) encrypting the head data, and setting the head data of 3 block fasteners as Ph1、Ph2、Ph3The encrypted data are each P'h1、P′h2、P′h3
b) Processing of generating header data of the MAC, performing an encryption operation on the header data of the generated authentication code MAC using the following algorithm:
Figure FDA0002695380720000011
Figure FDA0002695380720000012
Figure FDA0002695380720000013
wherein E isk() E in (a) represents the AES algorithm function employed, k is the encryption key, the parameter in parentheses represents the plaintext data,
Figure FDA0002695380720000014
is an exclusive or operation;
c) obtaining an authentication code, and generating an authentication code MAC by the following calculation method:
for i=1 to n
j=i+3
Figure FDA0002695380720000021
the authentication code is:
MAC=CBC(n+3);
d) encrypting the authentication code MAC, n block firmware data Pf1、Pf2、…、PfnThe following AES-CTR is adopted for encryption processing:
Figure FDA0002695380720000022
for i=1 to n
Figure FDA0002695380720000023
wherein ctri=Nonce||counteriThe Nonce is a constant value of external security set by the user and stored in the PC and the IOT terminal device, and the Nonce is 14-byte data, counteriFor 2-byte data, counter0=0,counter1=1,…,counteri=i,…,counternN; "|" represents a join operation;
e) forming firmware upgrading data, and forming upgrading data F by using unencrypted 3 block firmware header data, encrypted authentication code MAC and encrypted n block firmware dataall
Fall=Ph1||Ph2||Ph3||EMAC||Ef1||Ef2...||Efn||。
2. The encryption method for upgrading firmware of OTA with high security level according to claim 1, characterized in that the following method is adopted in step a) to carry out the encryption method on 3 block firmware header data Ph1、Ph2、Ph3And (3) encryption:
P′h1=Ek(Ph2)
P′h2=Ph2·Ph1
Figure FDA0002695380720000024
where operator denotes a multiplication operation.
3. The encryption method for the OTA upgrade firmware with high security level according to claim 1, wherein the steps of the validation and upgrade of the IOT terminal device are specifically implemented by the following steps:
1) the IOT terminal equipment stores the downloaded firmware upgrading data into an external FLASH memory, reads the first 3 blocks of firmware header data, judges whether the parameters in the firmware header data are legal or not, and if so, executes the step 2); if not, executing step 7);
2) encrypting the header data, and encrypting the obtained 3 block solid piece header data by adopting the same encryption algorithm as that in the step a), wherein the encrypted header data are respectively P'H1、P′H2、P′H3
3) Processing of generating header data of the MAC, performing an encryption operation on the header data of the generated authentication code MAC using the following algorithm:
Figure FDA0002695380720000031
Figure FDA0002695380720000032
Figure FDA0002695380720000033
wherein E isk() E in (a) represents the AES algorithm function employed, k is the encryption key, the parameter in parentheses represents the plaintext data,
Figure FDA0002695380720000034
is an exclusive or operation;
4) decrypting the firmware and solving for the authentication code, decrypting the n block encrypted firmware and solving for the authentication code by the following calculation method:
for i=1 to n
Figure FDA0002695380720000035
j=i+3
Figure FDA0002695380720000036
wherein: ctri=Nonce||counteri,P′f1、P′f2、…、P′fnAcquiring the decrypted n block firmware data for the IOT terminal equipment;
the authentication code obtained by the IOT terminal equipment side is as follows:
MACb=CBC′(n+3);
5) checking whether the authentication code is legal or not, and carrying out encryption operation on the acquired authentication code MACb by the IOT terminal equipment:
Figure FDA0002695380720000037
then will find EMACbAnd E in the received firmware dataMACComparing and judging EMACbAnd EMACIf yes, the verification is passed, and step 6) is executed; if not, executing step 7);
6) firmware upgrade, IOT terminal device decrypts the acquired firmware data P'f1、P′f2、…、P′fnI.e. legal firmware data P generated by PCf1、Pf2、…、PfnStoring the firmware data into the internal FLASH and completing the upgrade;
7) And when the upgrading fails, returning a response signal of the firmware upgrading failure by the IOT terminal equipment.
4. The encryption method for the OTA upgrade firmware with high security level according to claim 3, wherein the following method is adopted in step 2) to encrypt the 3 block firmware header data:
P′H1=Ek(PH2)
P′H2=PH2·PH1
Figure FDA0002695380720000041
wherein, PH1、PH2、PH3And updating the data of the first 3 blocks in the firmware updating data acquired by the IOT terminal equipment.
CN201810732760.XA 2018-07-05 2018-07-05 Encryption method for OTA (over the air) upgrade firmware with high security level Active CN108933790B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810732760.XA CN108933790B (en) 2018-07-05 2018-07-05 Encryption method for OTA (over the air) upgrade firmware with high security level

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810732760.XA CN108933790B (en) 2018-07-05 2018-07-05 Encryption method for OTA (over the air) upgrade firmware with high security level

Publications (2)

Publication Number Publication Date
CN108933790A CN108933790A (en) 2018-12-04
CN108933790B true CN108933790B (en) 2020-12-22

Family

ID=64447080

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810732760.XA Active CN108933790B (en) 2018-07-05 2018-07-05 Encryption method for OTA (over the air) upgrade firmware with high security level

Country Status (1)

Country Link
CN (1) CN108933790B (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109889334A (en) * 2019-01-30 2019-06-14 深圳市高端无人机有限公司 Embedded firmware encrypting method, apparatus, wifi equipment and storage medium
CN111966058B (en) * 2020-07-20 2021-06-29 四川虹美智能科技有限公司 Control method, device and system of intelligent equipment

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105279441A (en) * 2014-07-21 2016-01-27 恩智浦有限公司 Methods and architecture for encrypting and decrypting data
CN105812570A (en) * 2016-04-21 2016-07-27 深圳市旭子科技有限公司 Terminal firmware updating method and device
CN105897748A (en) * 2016-05-27 2016-08-24 飞天诚信科技股份有限公司 Symmetric secrete key transmission method and device
CN107368744A (en) * 2016-04-11 2017-11-21 恩德莱斯和豪瑟尔分析仪表两合公司 For updating the method and the equipment of measurement and control technology of fastener components
CN108196867A (en) * 2018-03-08 2018-06-22 深圳市文鼎创数据科技有限公司 Device for upgrading firmware, equipment and its firmware upgrade method of equipment

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9894066B2 (en) * 2014-07-30 2018-02-13 Master Lock Company Llc Wireless firmware updates

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105279441A (en) * 2014-07-21 2016-01-27 恩智浦有限公司 Methods and architecture for encrypting and decrypting data
CN107368744A (en) * 2016-04-11 2017-11-21 恩德莱斯和豪瑟尔分析仪表两合公司 For updating the method and the equipment of measurement and control technology of fastener components
CN105812570A (en) * 2016-04-21 2016-07-27 深圳市旭子科技有限公司 Terminal firmware updating method and device
CN105897748A (en) * 2016-05-27 2016-08-24 飞天诚信科技股份有限公司 Symmetric secrete key transmission method and device
CN108196867A (en) * 2018-03-08 2018-06-22 深圳市文鼎创数据科技有限公司 Device for upgrading firmware, equipment and its firmware upgrade method of equipment

Also Published As

Publication number Publication date
CN108933790A (en) 2018-12-04

Similar Documents

Publication Publication Date Title
KR101261674B1 (en) Method and apparatus for mutual authentication in downloadable conditional access system
US20180082050A1 (en) Method and a system for secure login to a computer, computer network, and computer website using biometrics and a mobile computing wireless electronic communication device
CN107743067B (en) Method, system, terminal and storage medium for issuing digital certificate
US20080189695A1 (en) Updating of Data Instructions
CN113545006A (en) Remote authorized access locked data storage device
EP3025235B1 (en) Anti-piracy protection for software
CN108595198B (en) Safe firmware updating method
CN113268715A (en) Software encryption method, device, equipment and storage medium
CN107423626B (en) Method for updating trust chain of BIOS (basic input output System) based on continuous Hash value
EP4322464A1 (en) Information transmission method, storage medium and electronic device
CN102509047A (en) Method and system for verifying program code in set-top box
CN111401901B (en) Authentication method and device of biological payment device, computer device and storage medium
CN114662087B (en) Multi-terminal verification security chip firmware updating method and device
WO2013185724A2 (en) Mobile terminal and software upgrade method thereof
US20170353315A1 (en) Secure electronic entity, electronic apparatus and method for verifying the integrity of data stored in such a secure electronic entity
CN108933790B (en) Encryption method for OTA (over the air) upgrade firmware with high security level
CN114637987A (en) Security chip firmware downloading method and system based on platform verification
CN113557689A (en) Initializing data storage devices with manager devices
CN110838919B (en) Communication method, storage method, operation method and device
CN104135531A (en) Method and device of upgrading Web software
WO2021259310A1 (en) Over-the-air updating method, update server, terminal device, and internet of things system
CN114175574A (en) Wireless security protocol
CN113545021A (en) Registration of pre-authorized devices
CN115203708B (en) Method and system for deploying application data to coprocessor
KR101973578B1 (en) Method and apparatus for verification of integrity of application program

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant