CN108959982A - A kind of mobile terminal document encrypting and deciphering system and method based on hardware encryption TF card - Google Patents

A kind of mobile terminal document encrypting and deciphering system and method based on hardware encryption TF card Download PDF

Info

Publication number
CN108959982A
CN108959982A CN201810736052.3A CN201810736052A CN108959982A CN 108959982 A CN108959982 A CN 108959982A CN 201810736052 A CN201810736052 A CN 201810736052A CN 108959982 A CN108959982 A CN 108959982A
Authority
CN
China
Prior art keywords
card
encryption
hardware
file
key
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201810736052.3A
Other languages
Chinese (zh)
Other versions
CN108959982B (en
Inventor
周军
张李秋
刘铮
喻鑫
马兴荣
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Jiangsu North Bow Intelligent Technology Co Ltd
Original Assignee
Jiangsu North Bow Intelligent Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Jiangsu North Bow Intelligent Technology Co Ltd filed Critical Jiangsu North Bow Intelligent Technology Co Ltd
Priority to CN201810736052.3A priority Critical patent/CN108959982B/en
Publication of CN108959982A publication Critical patent/CN108959982A/en
Application granted granted Critical
Publication of CN108959982B publication Critical patent/CN108959982B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/78Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
    • G06F21/79Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data in semiconductor storage media, e.g. directly-addressable memories
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • G06F21/72Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in cryptographic circuits
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2107File encryption

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Physics & Mathematics (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Mathematical Physics (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Storage Device Security (AREA)
  • Telephone Function (AREA)

Abstract

The present invention provides a kind of mobile terminal document encrypting and deciphering systems and method based on hardware encryption TF card, are related to field of information security technology.File encryption-decryption method is applied to file encryption-decryption system, the system comprises: TF card system is encrypted for the operating system basic-level support frame of hardware encryption TF card, hardware encryption TF card monitoring system service, application layer registration, hardware;It is described this method comprises: hardware encrypt TF card according to the equipment DevID of mobile terminal, the IMEI of SIM card, the SN of storage chip, hardware encryption TF card SN as parameter, AES encryption, which is carried out, as key using the true random number generated in hardware encryption TF card generates hardware encryption TF card root key, this root key is the key with mobile device binding, is responsible for mobile terminal document head information and carries out encryption and decryption.Information security has been effectively ensured in file encryption-decryption method provided in an embodiment of the present invention and system, ensures that user data and privacy are not leaked.

Description

A kind of mobile terminal document encrypting and deciphering system and method based on hardware encryption TF card
Technical field
The present invention relates to field of information security technology, especially design a kind of mobile terminal text based on hardware encryption TF card Part encrypting and deciphering system and method.
Background technique
With popularizing for mobile terminal device (mobile phone, plate etc.), function is more and more abundant, content security and sensitivity Property also increasingly obtain the attention of people, personal a variety of privacy informations are stored in intelligent terminal, due to most mobile terminals Use open Mobile operating system, it is easy to the malicious codes such as wooden horse, virus are implanted, userspersonal information is stolen, Great challenge is proposed to safety.
Most of mobile terminal and unused hardware encryption chip progress data protection currently on the market, mainly also by pure Pure software application is encrypted and decrypted for some files.Usual implementation method is: one security password of setting, for using Family login authentication;After certification passes through, so that it may enter private space, can carry out adding/solution to specified file in private space It is close.But there are two large problems for this method: (1) performance issue of enciphering/deciphering, and software enciphering/deciphering occupies more terminal device Cpu performance.(2) safety issue, encryption software currently on the market often only has one layer of secret, and it is opposite to encrypt key It is fixed, still there is more security risk.
If security requirements are higher, software enciphering method cannot be met the requirements.And disclosed hardware encrypts TF card phase The patent CN103559453A of pass comes also with the SN of the DevID of mobile terminal device, the IMEI of SIM card, storage chip As the parameter for generating encryption key, but its file enciphering/deciphering generated be generated by fixed underground formula, once Leakage can be cracked.And this patent encrypts the real random number generator in TF card using hardware, with mobile terminal device DevID, the IMEI of SIM card, the SN of storage chip, hardware encryption TF card SN combine in a certain way after hardware encryption TF card The random key encryption that inside is generated by aes algorithm by real random number generator obtains root key, then by root key to not Key information with file encryption encrypts (as described in summary of the invention), so that the key of file encryption can not almost be broken Solution.And the present invention " hardware encrypts TF card monitoring system service " has been built in the system layer of mobile terminal operating system can be to encryption Chip carries out face specialized management, registers in certain equipment once hardware encrypts TF card, is taken other mobile whole The system service can prompt this hardware of user to encrypt TF card in end equipment or when replacing original mobile terminal device related hardware It was registered not on current device, the function that hardware encrypts TF card can be disabled (as described in summary of the invention).
Summary of the invention
The present invention is to meet the needs of mobile terminal encrypts hardware, realizes a kind of movement based on hardware encryption TF card Terminal document encrypting and deciphering system and method ensure that information security, ensure that user data of mobile terminal and privacy are not leaked The features such as.
The present invention provides a kind of mobile terminal document encryption system and method based on hardware encryption TF card, technical solution tool Body are as follows:
(1) a kind of mobile terminal document encrypting and deciphering system based on hardware encryption TF card, including adaptive hardware encrypt TF card Mobile terminal operating system module and hardware encrypt TF card system module, adaptive hardware encrypt TF card mobile terminal operate system System module includes that the supporting frame of operating system first floor system, hardware encryption TF card monitoring system service and application layer are registered, firmly It includes encryption TF card internal file enciphering/deciphering key storage area, root key memory block, true random number that part, which encrypts TF card system module, The mobile terminal operating system module of generator, encryption chip CPU, adaptive hardware encryption TF card mainly completes bottom to hardware TF card driving layer, hardware abstraction layer, encryption TF card funcall system library adaptation are encrypted, building adaptive hardware encryption TF card System-level support of the mobile terminal operating system module to hardware encryption TF card system module:
Adaptive hardware encryption TF card mobile terminal operating system module include:
The supporting frame of operating system first floor system is (including system library Libraries, the hardware abstraction layer in Fig. 1 Hardware Abstraction Layer, driving Driver, hardware Hardware): it is used for mobile terminal operating system bottom Support to hardware encryption TF card, hardware encrypt TF card and access mobile terminal with standard TF packing forms, and mobile terminal drives layer Read-write operation is realized therewith using the driving of standard TF card, and hardware is added in Mobile operating system and encrypts TF card C code enciphering/deciphering Function API dynamic base tf.so (tf.so is in system library layer Libraries), the interface function in this library utilize standard TF card to drive The dynamic enciphering/deciphering logic control realized to hardware encryption TF card, utilizes in application framework layer Application Framework JNI will encrypt interface function of the TF in the function API dynamic base tf.so that system library layer Libraries is realized and be encapsulated as Java The API of code form, system application layer code use Java language, and the API of Java code encapsulation can be directly for application layer It calls, the bottom characteristic that hardware encrypts TF card can hide application developer, system application level function is facilitated to develop;
Hardware encrypts TF card monitoring system service (the application framework layer Application Framework in Fig. 1): using It is managed in the hardware encryption TF card operating status in insertion mobile terminal, " hardware can be started automatically when device power-up Encrypt TF card and monitor system service ", service adjoint system operation, the detection hardware encryption access state of TF card, login state, Matching status, by encrypting TF using the hardware of JNI encapsulation described in calling " supporting frame of operating system first floor system " Card Java code API realizes that the system service provides related API upwards simultaneously for application layer, calls for system application layer;
Application layer registers (the application layer Application in Fig. 1): it is registered to use for providing encryption TF card as user, Hardware encryption TF card monitoring system service successively detection can encrypt the access state of TF card, registration shape after mobile terminal-opening State, matching status, if detect this encryption TF card it is not registered, can prompt user by application layer encryption TF card register software into Row is registered, and operating system can call registration relevant interface by each level of system in registration process, until encrypting TF card with hardware In CPU communication, so that it is generated root key inside TF card, complete registration, it is only registered on the mobile terminal device plus Its hardware enciphering and deciphering algorithm algorithm interface just can be used in close TF card;
Hardware encrypts TF card system module
Root key memory block: for store according to mobile terminal device DevID, the IMEI of SIM card, storage chip SN (SN1), hardware encryption TF card SN (SN2) is used as parameter, the root key for using " root key source data generates interface function " to generate Source data key1, hardware encrypts real random number generator inside TF card and generates root key random number k ey2, raw by root key Key1 is subjected to the root key key_root that encryption obtains encryption TF card with key2 for AES symmetric key at interface function;
Real random number generator: generating true random number when for generating key in chip, so that encryption TF card Encryption Algorithm Key used has more randomness, safety;
Encrypt TF card internal file enciphering/deciphering key storage area: used adding solves when encrypting for storing to file Close key structure and file enciphering/deciphering mark corresponding thereto, a pair of of encryption and decryption key knot can be generated during file encryption Structure and corresponding thereto file enciphering/deciphering mark, be stored in encryption TF card internal file enciphering/deciphering key storage area in, text It can be identified by file enciphering/deciphering in part decrypting process to inquire key structure used in corresponding file encryption, thus to phase File is answered to be decrypted;
Encryption chip CPU: for specifically executing the various enciphering and deciphering algorithms supported in chip, with the driving of standard TF card Form and mobile terminal system carry out data, instruction interaction.
(2) it further limits, the supporting frame of operating system first floor system makes mobile terminal operating system driving layer benefit It is driven with standard TF card, the control to hardware encryption TF card can be realized, it only need to be in mobile terminal operating system Framework layers of Application and Layer layers of Hardware Abstraction do adaptation work, and the method is convenient Increase hardware encrypting for mobile terminal device, does not need to make the modification on any hardware, the hardware encryption TF card tool used There is independent core processor, be not take up the cpu resource of system, improves the performance of encryption and decryption.
(3) it further limits, hardware encryption TF card monitoring system service starts in each device power-up, while detecting hard Whether part encrypts the fixed signal position in TF card root key memory block, to determine hardware encryption TF card in certain mobile terminal On complete registration, mobile terminal device DevID in registration process, the IMEI of SIM card, storage chip SN (SN1), hardware add Close TF card SN (SN2) can be passed into hardware encryption TF card, and encryption chip CPU calls internal " root key source data generation interface Function " generate root key source data key1=code (DevID, IMEI, SN1, SN2), while hardware encryption TF card inside very with Machine number generator generates root key random number k ey2, and generating one AES symmetric key of interface function generation by root key, (root is close Key key_root), while root key key_root and key1, key2 are stored in the root key memory block that hardware encrypts TF card, So that mobile terminal device and hardware encryption TF card binding.
(4) it further limits, " root key source data generates interface function " called and " root key generation interface letter Number " all realizes that inside hardware encryption TF card, DevID, IMEI, SN1, SN2 value drive simply by standard TF card and in movements The hardware of Hardware Abstraction Layer, Application Framework layers of realization of terminal operating system adds Close TF card API is passed in hardware encryption TF card, and key_root, key1, key2, key_current of generation are sealed up for safekeeping in hardware It encrypts in TF card, ensure that the safety of key, " hardware encrypts TF card and monitors system service " can replace weight in the terminal Hardware encryption TF card encryption and decryption correlation function can be detected and disabled after wanting hardware (such as SIM card, storage chip) in time, is guaranteed Hardware encryption TF card after registration can only use on the terminal device that it is registered.
(5) a kind of mobile terminal document encipher-decipher method based on hardware encryption TF card, encryption method include following step It is rapid:
Step 1: application layer Application is hard by the mobile terminal operating system module that adaptive hardware encrypts TF card Part encrypts each layer API that TF card provides, and is streamed to hardware by the file data that standard TF card interface will encrypt and encrypts TF Card, hardware encrypt TF card and generate corresponding " file enciphering/deciphering according to required specific Encryption Algorithm (symmetric encipherment algorithm) Mark " and " the encryption and decryption key structure of the corresponding mark ", or randomly select one and are stored in " file enciphering/deciphering key storage The encryption key structure of the existing Encryption Algorithm in space ";
Step 2: " file enciphering/deciphering mark " by the data structure of encryption and decryption file, (it records file and adds for indexing Encryption Algorithm used and used encryption key structure type when close), when file decryption, this file enciphering/deciphering identifies meeting It is encrypted by root key key_root with aes algorithm, and is spliced to encrypted top of file;
Step 3: encrypted document data flow can be output to application layer designated storage location, complete hardware encryption process;
Its decryption method includes the following steps:
Step 1: application layer chooses the file to be decrypted, and the mobile terminal operating system mould of TF card is encrypted by adaptive hardware Block is each layer API that hardware encrypts that TF card provides, the top of file fixed byte data that will be encrypted by standard TF card interface Hardware encryption TF card is intercepted and is transmitted to, hardware encrypts TF card meeting foundation root key key_root with aes algorithm to decrypted text The header data of part is decrypted, then parses to the data decrypted;
Step 2: detect be decrypted file header data whether include represent this document be this hardware encryption TF card added by Close " magic number ", whether the type for judging to be decrypted file is the encrypted file of Current hardware encryption TF card, if not working as The encrypted file of preceding hardware encryption TF card, returns to error message, if the file that Current hardware encryption TF card is encrypted, continues Execute following steps;
Step 3: detect be decrypted file header data whether include represent this document be Current hardware encryption TF card institute " the file enciphering/deciphering mark " in " file enciphering/deciphering code key memory space " is encrypted, such as comprising can then find " corresponding mark The encryption and decryption key structure of knowledge ", then carry out subsequent decryption step;If the header data that inspection does not measure decrypted file includes to represent This document is that Current hardware encrypts in TF card encrypted " file enciphering/deciphering code key memory space " " file enciphering/deciphering mark ", " the encryption and decryption key structure of the corresponding mark " can not be then found, error message is returned;
Step 4: searching after being encrypted the corresponding encryption and decryption code key structure of file, start incoming decrypted file except head is believed Place is decrypted using the decryption secret key pair data flow in the encryption and decryption code key structure stored in chip in data flow after breath Reason, decrypted document data flow will be output to application layer designated storage location, complete hardware decryption process.
(6) it further limits, all keys are all by hardware encryption TF card unified management, using " file enciphering/deciphering mark Know " with " the enciphering/deciphering key structure of the corresponding mark " associated storage mode, can choose when being encrypted to file Hardware, which encrypts, generates new key in TF card, or directly randomly selects one and be stored in " file enciphering/deciphering key storage sky Between " in the existing Encryption Algorithm encryption key, after determining encryption key, hardware encrypt TF card can using aes algorithm use Root key key_root encrypts corresponding " file enciphering/deciphering mark ", and by encrypted " file enciphering/deciphering mark " File header of the ciphertext as file after encryption, i.e. Head_ciphertext, encrypted file are read into hardware encryption TF card, benefit It is encrypted with the encryption and decryption key-pair file data of selected Encryption Algorithm, obtains Data_ciphertext, export Head_ Ciphertext+Data_ciphertext, the file after being as encrypted, this file header have just indicated entrained by this file Hardware encryption information (encryption algorithm types used, in hardware encryption TF card corresponding " file enciphering/deciphering mark "), When file is decrypted by hardware encryption TF card, hardware encrypts TF card and standard is decrypted to decrypted file by this File header information Standby work.
(7) it further limits, all keys are all by hardware encryption TF card unified management, using " file enciphering/deciphering mark Knowledge " intercepts decrypted file with " the enciphering/deciphering key structure of the corresponding mark " associated storage mode, decryption interface automatically Regular length head information, be passed to secret chip, be decrypted using key_root with aes algorithm, obtain be decrypted file Head information Head_ciphertext plaintext Head_plaintext, according to head information plaintext Head_plaintext judge This file whether be Current hardware encryption TF card encryption gained and judgement " file enciphering/deciphering key storage space " whether also with head Information plaintext Head_plaintext corresponding " file enciphering/deciphering mark ", decrypted file are read into hardware encryption TF card, It is decrypted using the Encryption Algorithm and encryption and decryption key-pair file data that inquire, obtains Data_plaintext, exported Data_plaintext, as decryption file.
Compared to the prior art, the present invention provide it is a kind of based on hardware encryption TF card mobile terminal document encryption system and Method specifically have it is following the utility model has the advantages that
1. the present invention provides a kind of mobile terminal document encrypting and deciphering system and method based on hardware encryption TF card, the hair The bright device id for using mobile terminal, SIM card IMEI, storage chip SN, hardware encrypt TF card SN and add as parameter generation hardware The root key of close chip can be such that hardware encryption TF and mobile terminal device height binds, and hardware encryption TF card is detached from this equipment will It cannot use.
2. the hardware encryption TF card monitoring system service and application layer that are provided in present system for hardware encryption TF card Registering functional can effectively supervise hardware encryption TF card operating status, login state, guarantee that hardware encryption TF card is stablized Operation.
3. the encryption chip is using TF packing forms, and system can drive identification and be used by standard TF card and is somebody's turn to do Chip can be directly used in the mobile terminal with TF card slot, saved mobile terminal cost of hardware design and driven soft Part is adapted to cost.
4. encipher-decipher method provided by the invention effectively can carry out quick encryption and decryption to by encryption and decryption file, and guarantee to add The safety of decruption key, significant increase mobile terminal device security level.
Detailed description of the invention
To describe the technical solutions in the embodiments of the present invention more clearly, used in being described below to embodiment Attached drawing is briefly described, it should be apparent that, drawings in the following description are only some embodiments of the invention, for ability For the those of ordinary skill of domain, without creative efforts, it can also be obtained according to these attached drawings other attached Figure, in which:
Fig. 1 is to interact schematic diagram between hardware encryption TF card and each level of mobile terminal operating system;
Fig. 2 is to carry out register flow path to hardware element encryption TF card in mobile terminal operating system;
Fig. 3 is the hardware encryption TF card monitoring system service realized in the system services layer of mobile terminal operating system Service procedure;
Fig. 4 is the file solution of the mobile terminal document encryption method and system based on hardware encryption TF card shown in the present invention Close process schematic;
Fig. 5 is primary structure schematic diagram in hardware encryption TF card of the invention;
Fig. 6 is that the file of the mobile terminal document encryption method and system based on hardware encryption TF card shown in the present invention adds Close process schematic.
Specific embodiment
Following will be combined with the drawings in the embodiments of the present invention, to the design sheets scheme in the embodiment of the present invention carry out it is clear, It is fully described by, it is clear that described embodiment is only a part of the embodiment of present system, rather than whole implementation Example.
As shown in Figure 1, a kind of mobile terminal document encrypting and deciphering system based on hardware encryption TF card is proposed, wherein moving Terminal operating system (supporting frame, hardware encryption TF card monitoring system for the operating system first floor system of hardware encryption TF card Unite the registration of service and application floor) and hardware encryption TF card system (it is close to encrypt TF card internal file enciphering/deciphering key storage area, root Key memory block, real random number generator, encryption chip CPU);
Mobile terminal operating system refers to the adaptation for implementing the systemic hierarchial of hardware encryption TF card in the system of terminal, TF card application layer capable of being encrypted for hardware, the API that hiding hardware encrypts TF card hardware attributes is provided;In mobile terminal operating system The i.e. controllable hardware encryption TF card of the driving of the TF card in system kernel still can be used in inner nuclear layer;In mobile terminal operating system Hardware abstraction layer does related amendments, encrypts TF card with adaptive hardware;Related add is added in mobile terminal operating system dynamic base The C code function library of close TF card, to support the various encryption and decryption interfaces of encryption TF card to call;In mobile terminal operating system application Java code functional interface, JNI code and hardware the encryption TF card monitoring system clothes of associated encryption TF card are added in ccf layer Business, to support system application layer to call the various encryption and decryption interfaces of encryption TF card;
Hardware encryption TF card system includes that encryption chip CPU, real random number generator, standard TF card interface, root key are deposited Storage area and file enciphering/deciphering key storage area encrypt TF card with hardware by the standard TF card slot on mobile terminal and are counted According to interaction;This, simplifies the hardware designs of mobile terminal, facilitate the use of hardware encryption TF card.
As shown in Fig. 2, encrypting TF card for the first time using the manipulation of registration for hardware for mobile terminal device shown in the present invention Process mainly comprises the steps that
(1) when application layer program implements hardware encryption TF card registration, obtain the current DevID of equipment, SIM card IMEI, SN1, the hardware of storage chip encrypt TF card SN2, raw using " root key source data generates interface " inside hardware encryption TF card At current root key data source key1;Meanwhile true random number is generated by the real random number generator inside hardware encryption TF card key2。
(2) root key key_root is generated by " root key generation interface function " by key1 and key2, by key_root, Key1, key2 are stored in " the root key memory block " of hardware encryption TF card.
As shown in figure 3, the manipulation process of TF card is encrypted when being switched on for mobile terminal device shown in the present invention for hardware, It mainly comprises the steps that
(1) system starting " hardware encrypts TF card and monitors system service " after being switched on, this service can be transported in system background always Row;
(2) it first detects whether to insert hardware encryption TF card, if being not inserted into hardware encryption TF card, exits detection, and Prompt user is not inserted into hardware encryption TF card, such as inserts hardware encryption TF card, then whether to detect this hardware encryption TF card It completes and uses preceding registration;User is prompted to be registered (such as Fig. 2) to hardware encryption TF card if unregistered, as the hardware adds Close TF card be it is registered, then enter next step;
(3) " hardware encryption TF card monitors system service " continues to obtain equipment current DevID, IMEI, SN1, SN2, benefit Current root key data source key1_current is generated with the root key source data generation module inside hardware encryption TF card, is adjusted It is generated and saved in when being registered before hardware encryption TF card intrinsic function comparison key1_current and hardware encryption TF card Key1 value in " root key memory block " (such as Fig. 1);If key1_current and key1 value be not identical, prompt that " this movement is set Equipment when the standby encryption TF card registration with hardware is not inconsistent, and hardware encryption TF card function is prohibited!If " key1_current and key1 Be worth it is identical, then open hardware encryption TF card institute it is functional, hardware encrypt TF card can normal use.
As shown in figure 4, to encrypt the file of the mobile terminal document encryption method of TF card and system the present invention is based on hardware Decrypting process schematic diagram, main composition part is encryption chip CPU, root key memory block, real random number generator, file add/ Decruption key memory block;Occur in root key memory block comprising root key key_root, root key source data key1, true random number The true random number key2 that device generates;File enciphering/deciphering key storage area includes that file enciphering/deciphering identifies N (Head_ ) and the encryption and decryption key structure N of the corresponding mark plaintextN;Encrypted clear text file (Data_plaintext) passes through Hardware encryption TF card encryption function interface is conveyed into card, exports cryptograph files (Head_ciphertext+ after encrypted Data_ciphertext);Decrypted cryptograph files (Head_ciphertext+Data_ciphertext) are added by hardware Close TF card decryption function interface is conveyed into card, exports cryptograph files (Data_plaintext) after encrypted.
As shown in figure 5, mainly including following for the method that mobile terminal device shown in the present invention is directed to the encryption of file hardware Step:
(1) application layer encrypts each layer API that TF card provides by mobile terminal operating system for hardware, passes through standard TF card Interface will encrypting order, encryption file data be streamed to hardware encryption TF card;Hardware encrypts the encryption in TF card Chip CPU parses incoming instruction, to determine whether according to required specific Encryption Algorithm (symmetric encipherment algorithm) Generate corresponding " file enciphering/deciphering mark " and " the encryption and decryption key structure of the corresponding mark ";Or randomly select a preservation The encryption key structure of the existing Encryption Algorithm in " file enciphering/deciphering key storage space ";
(2) if file encryption does not generate new key in hardware encryption TF card thus for selection, but one is randomly selected It is stored in the encryption key of the existing Encryption Algorithm in " file enciphering/deciphering key storage area ", is judged first in " file The encryption key that this algorithm whether can be found in enciphering/deciphering key storage area ", if can find, this this file encryption will Use this key;If searching less than can be back to file encryption thus and generate new key;
(3) if file encryption generates new key in hardware encryption TF is opened thus for selection, judge first " file adds/ Whether there are also remaining spaces for decruption key memory block " to store new key, " literary inside hardware encryption TF card if prompting without if Part enciphering/deciphering key storage space " is insufficient, can not create new key, returns to error message;If still there is remaining space, Hardware encrypts TF card inner utilization associated encryption algorithm interface and generates enciphering/deciphering key, and is furnished with corresponding encryption and decryption key mark Know symbol;
(4) " file enciphering/deciphering mark " (Head_plaintext) can be encrypted by root key key_root with aes algorithm, And using the ciphertext of encrypted " file enciphering/deciphering mark " as the file header Head_ciphertext of file after encryption;Added Ciphertext part (Data_plaintext) is read into hardware encryption TF card, utilizes the encryption and decryption key-pair file of selected Encryption Algorithm Data are encrypted, and Data_ciphertext is obtained;
(5) application layer designated storage location can be output to by being encrypted document data flow, export Head_ciphertext+ Data_ciphertext, the file after being as encrypted, completes hardware encryption process.
As shown in fig. 6, mainly including following for the method that mobile terminal device shown in the present invention is directed to the encryption of file hardware Step:
(1) application layer chooses the file to be decrypted, is each layer API that hardware encrypts that TF card provides by system, passes through mark Top of file fixed byte data cutout that quasi- TF card interface will encrypt simultaneously is transmitted to hardware encryption TF card, and hardware encrypts TF card It can be decrypted according to root key key_root with header data of the aes algorithm to decrypted file, then to the data decrypted It is parsed;
(2) firstly, whether the header data for detecting the decrypted file decrypted includes that represent this document be this hardware Encryption TF card is encrypted " magic number ", judges that this is decrypted whether the type of file is encrypted by this hardware encryption TF card with this Encrypt file;If not the encryption file that this hardware encryption TF card is encrypted, returns to error message;If this hardware encrypts TF The encryption file that card encryption is crossed, continues to execute following steps.
(3) secondly, detect be decrypted file header data whether include represent this document be this hardware encryption TF card " file enciphering/deciphering mark " in encrypted " file enciphering/deciphering code key memory block ", it can find " the corresponding mark Encryption and decryption key structure " can carry out subsequent decryption step;If inspection does not measure whether the header data of decrypted file includes generation Table this document is that this hardware encrypts in TF card encrypted " file enciphering/deciphering code key memory space " " file enciphering/deciphering mark ", " the encryption and decryption key structure of the corresponding mark " cannot be found, error message is returned;
(4) after finding the encrypted corresponding encryption and decryption code key structure of file, start incoming decrypted file except head Data flow (Data_ciphertext) after information utilizes the decryption code key in the encryption and decryption code key structure stored in chip Decryption processing is carried out to data stream, the specified storage of application layer can be output to by being decrypted document data flow (Data_plaintext) Hardware decryption process is completed in position.
The above description is only an embodiment of the present invention, is not intended to limit the scope of the invention, all to utilize this hair Equivalent structure or equivalent flow shift made by bright description is applied directly or indirectly in other relevant technology necks Domain similarly includes within scope of patent protection of the invention.

Claims (7)

1. a kind of mobile terminal document encrypting and deciphering system based on hardware encryption TF card, which is characterized in that including adaptive hardware plus The mobile terminal operating system module and hardware of close TF card encrypt TF card system module, and adaptive hardware encrypts the mobile terminal of TF card Operating system module includes the supporting frame of operating system first floor system, hardware encryption TF card monitoring system service and application layer note Volume, hardware encrypt TF card system module include encryption TF card internal file enciphering/deciphering key storage area, it is root key memory block, true The mobile terminal operating system module of randomizer, encryption chip CPU, adaptive hardware encryption TF card mainly completes bottom pair Hardware encrypts TF card driving layer, hardware abstraction layer, encryption TF card funcall system library adaptation, and building adaptive hardware encrypts TF card Mobile terminal operating system module to hardware encryption TF card system module system-level support:
Adaptive hardware encryption TF card mobile terminal operating system module include:
The supporting frame of operating system first floor system is (including system library Libraries, the hardware abstraction layer Hardware in Fig. 1 Abstraction Layer, driving Driver, hardware Hardware): hardware is encrypted for mobile terminal operating system bottom The support of TF card, hardware encrypt TF card and access mobile terminal with standard TF packing forms, and mobile terminal drives layer to use standard TF Read-write operation is realized in card driving therewith, and it is dynamic that hardware encryption TF card C code enciphering/deciphering function API is added in Mobile operating system State library tf.so (tf.so is in system library layer Libraries), the interface function in this library are realized using the driving of standard TF card to hard Part encrypts the enciphering/deciphering logic control of TF card, will encrypt TF using JNI in application framework layer Application Framework Interface function in the function API dynamic base tf.so that system library layer Libraries is realized is encapsulated as Java code form API, system application layer code use Java language, and the API of Java code encapsulation can be called directly for application layer, can will be hard The bottom characteristic that part encrypts TF card hides application developer, and system application level function is facilitated to develop;
Hardware encrypts TF card monitoring system service (the application framework layer Application Framework in Fig. 1): for slotting The hardware encryption TF card operating status entered in mobile terminal is managed, and can start " hardware encryption TF automatically when device power-up Card monitoring system service ", service adjoint system operation, access state, login state, the matching shape of detection hardware encryption TF card State, by encrypting TF card Java using the hardware of JNI encapsulation described in calling " supporting frame of operating system first floor system " Code API realizes that the system service provides related API upwards simultaneously for application layer, calls for system application layer;
Application layer registers (the application layer Application in Fig. 1): registering to use, is moving for providing encryption TF card as user After dynamic terminal booting hardware encryption TF card monitoring system service can successively the access state, login state of detection encryption TF card, With state, if detecting, this encryption TF card is not registered, and user can be prompted to register software by application layer encryption TF card and infused Copy, operating system can call registration relevant interface by each level of system in registration process, until with hardware encryption TF card CPU communication, makes it generate root key inside TF card, completes registration, the encryption TF only registered on the mobile terminal device Its hardware enciphering and deciphering algorithm algorithm interface just can be used in card;
Hardware encrypts TF card system module
Root key memory block: for store according to mobile terminal device DevID, the IMEI of SIM card, storage chip SN (SN1), Hardware encrypts TF card SN (SN2) and is used as parameter, the root key source data for using " root key source data generates interface function " to generate Key1, hardware encrypt real random number generator inside TF card and generate root key random number k ey2, generate interface letter by root key Key1 is that AES symmetric key carries out encrypting the root key key_root for obtaining encryption TF card with key2 by number;
Real random number generator: generating true random number when for generating key in chip, so that used in encryption TF card Encryption Algorithm Key have more randomness, safety;
Encrypt TF card internal file enciphering/deciphering key storage area: encryption and decryption used is close when encrypting for storing to file Key structure and file enciphering/deciphering mark corresponding thereto, can generate during file encryption a pair of of encryption and decryption key structure and File enciphering/deciphering mark corresponding thereto, is stored in encryption TF card internal file enciphering/deciphering key storage area, file solution It can be identified by file enciphering/deciphering during close to inquire key structure used in corresponding file encryption, thus to corresponding text Part is decrypted;
Encryption chip CPU: for specifically executing the various enciphering and deciphering algorithms supported in chip, in the form of standard TF card driving Data, instruction interaction are carried out with mobile terminal system.
2. a kind of mobile terminal document encrypting and deciphering system based on hardware encryption TF card according to claim 1, feature It is, the supporting frame of operating system first floor system drives mobile terminal operating system driving layer using standard TF card, i.e., Can be achieved to hardware encryption TF card control, only need to mobile terminal operating system Framework layers of Application and Layer layers of Hardware Abstraction are done adaptation work, and the method is conveniently that mobile terminal device increases hardware encryption Function does not need to make the modification on any hardware, and the hardware that uses encryption TF card has independent core processor, is not take up and is The cpu resource of system improves the performance of encryption and decryption.
3. a kind of mobile terminal document encrypting and deciphering system based on hardware encryption TF card according to claim 1, feature It is, hardware encryption TF card monitoring system service starts in each device power-up, while detecting hardware encryption TF card root key It is infused with determining whether hardware encryption TF card completes registration on certain mobile terminal fixed signal position in memory block Mobile terminal device DevID, the IMEI of SIM card, the SN (SN1) of storage chip, hardware encrypt TF card SN (SN2) meeting during volume It is passed into hardware encryption TF card, encryption chip CPU calls internal " root key source data generates interface function " to generate root key Source data key1=code (DevID, IMEI, SN1, SN2), while real random number generator generates root inside hardware encryption TF card Key random number k ey2 generates interface function by root key and generates an AES symmetric key (root key key_root), simultaneously Root key key_root and key1, key2 are stored in the root key memory block of hardware encryption TF card, so that mobile terminal device With hardware encryption TF card binding.
4. a kind of mobile terminal document encrypting and deciphering system based on hardware encryption TF card according to claim 3, feature It is, " root key source data generates interface function " called all is realized with " root key generation interface function " to be encrypted in hardware Inside TF card, DevID, IMEI, SN1, SN2 value drive simply by standard TF card and in mobile terminal operating systems The hardware encryption TF card API of Hardware Abstraction Layer, Application Framework layers of realization is incoming hard Part encrypts in TF card, and key_root, key1, key2, key_current of generation are sealed up for safekeeping in hardware encryption TF card, guarantees The safety of key, " hardware encryption TF card monitors system service " can replace in the terminal important hardware (such as SIM card, Storage chip) after can detect in time and disable hardware encryption TF card encryption and decryption correlation function, guarantee registration after hardware encryption TF card can only use on the terminal device that it is registered.
5. a kind of mobile terminal document encipher-decipher method based on hardware encryption TF card, which is characterized in that its encryption method includes Following steps:
Step 1: application layer Application is added by the mobile terminal operating system module that adaptive hardware encrypts TF card for hardware Each layer API that close TF card provides is streamed to hardware by the file data that standard TF card interface will encrypt and encrypts TF card, firmly Part encrypt TF card according to required specific Encryption Algorithm (symmetric encipherment algorithm) generate corresponding " file enciphering/deciphering mark " and " the encryption and decryption key structure of the corresponding mark ", or randomly select one and be stored in " file enciphering/deciphering key storage space " The encryption key structure of the existing Encryption Algorithm;
Step 2: " file enciphering/deciphering mark " is used to index the data structure by encryption and decryption file (when it records file encryption Encryption Algorithm and used encryption key structure type used), when file decryption, this file enciphering/deciphering mark can be by root Key key_root is encrypted with aes algorithm, and is spliced to encrypted top of file;
Step 3: encrypted document data flow can be output to application layer designated storage location, complete hardware encryption process;
Its decryption method includes the following steps:
Step 1: application layer chooses the file to be decrypted, is by the mobile terminal operating system module that adaptive hardware encrypts TF card Hardware encrypts each layer API that TF card provides, the top of file fixed byte data cutout that will be encrypted by standard TF card interface And it is transmitted to hardware encryption TF card, hardware encrypts TF card meeting foundation root key key_root with aes algorithm to decrypted file Header data is decrypted, then parses to the data decrypted;
Step 2: detect be decrypted file header data whether include represent this document be this hardware encryption TF card it is encrypted " evil spirit Number ", whether the type for judging to be decrypted file is the encrypted file of Current hardware encryption TF card, if not Current hardware Encrypt the encrypted file of TF card, return to error message, if the file that Current hardware encryption TF card is encrypted, continue to execute with Lower step;
Step 3: detect be decrypted file header data whether include represent this document be Current hardware encryption TF card it is encrypted " file enciphering/deciphering mark " in " file enciphering/deciphering code key memory space ", such as comprising can then find " the corresponding mark Encryption and decryption key structure " then carries out subsequent decryption step;If the header data that inspection does not measure decrypted file includes to represent this article Part is in Current hardware encryption TF card encrypted " file enciphering/deciphering code key memory space " " file enciphering/deciphering mark ", then not " the encryption and decryption key structure of the corresponding mark " can be found, error message is returned;
Step 4: search after being encrypted the corresponding encryption and decryption code key structure of file, start incoming decrypted file except header information it Data flow afterwards is decrypted, quilt using the decryption secret key pair data flow in the encryption and decryption code key structure stored in chip Decrypted file data stream will be output to application layer designated storage location, complete hardware decryption process.
6. a kind of mobile terminal document encipher-decipher method based on hardware encryption TF card according to claim 5, all Key all by hardware encryption TF card unified management, using " file enciphering/deciphering mark " with " enciphering/deciphering of the corresponding mark is close Key structure " associated storage mode can choose when encrypting to file and generate new key in hardware encryption TF card, Or directly to randomly select the encryption that one is stored in the existing Encryption Algorithm in " file enciphering/deciphering key storage space " close Key, after determining encryption key, hardware, which encrypts TF card, to use root key key_root to accordingly " file adds/solves using aes algorithm Secret mark is known " it is encrypted, and using the ciphertext of encrypted " file enciphering/deciphering mark " as the file header of file after encryption, i.e., Head_ciphertext, encrypted file are read into hardware encryption TF card, utilize the encryption and decryption key pair text of selected Encryption Algorithm Number of packages obtains Data_ciphertext according to being encrypted, and exports Head_ciphertext+Data_ciphertext, as quilt Encrypted file, this file header just indicated hardware encryption information entrained by this file (encryption algorithm types used, In hardware encryption TF card corresponding " file enciphering/deciphering mark "), when file is decrypted by hardware encryption TF card, hardware encryption Preparation is decrypted to decrypted file by this File header information in TF card.
7. a kind of mobile terminal document encipher-decipher method based on hardware encryption TF card according to claim 5, all Key all by hardware encryption TF card unified management, using " file enciphering/deciphering mark " with " enciphering/deciphering of the corresponding mark is close The associated storage mode of key structure ", decryption interface intercept the head information for being decrypted the regular length of file automatically, are passed to secret Chip is decrypted using key_root with aes algorithm, and the bright of the head information Head_ciphertext for being decrypted file is obtained Literary Head_plaintext judges whether this file is Current hardware encryption TF card according to head information plaintext Head_plaintext Obtained by encryption and whether judgement " file enciphering/deciphering key storage space " is also corresponding with head information plaintext Head_plaintext " file enciphering/deciphering mark ", decrypted file is read into hardware encryption TF card, close using the Encryption Algorithm and encryption and decryption that inquire File data is decrypted in key, obtains Data_plaintext, exports Data_plaintext, as decryption file.
CN201810736052.3A 2018-07-06 2018-07-06 Mobile terminal file encryption and decryption system and method based on hardware encryption TF card Active CN108959982B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810736052.3A CN108959982B (en) 2018-07-06 2018-07-06 Mobile terminal file encryption and decryption system and method based on hardware encryption TF card

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810736052.3A CN108959982B (en) 2018-07-06 2018-07-06 Mobile terminal file encryption and decryption system and method based on hardware encryption TF card

Publications (2)

Publication Number Publication Date
CN108959982A true CN108959982A (en) 2018-12-07
CN108959982B CN108959982B (en) 2021-08-24

Family

ID=64484374

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810736052.3A Active CN108959982B (en) 2018-07-06 2018-07-06 Mobile terminal file encryption and decryption system and method based on hardware encryption TF card

Country Status (1)

Country Link
CN (1) CN108959982B (en)

Cited By (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109934024A (en) * 2019-03-12 2019-06-25 深圳忆联信息系统有限公司 A kind of flash data encryption and decryption optimization method and its system
CN110380854A (en) * 2019-08-12 2019-10-25 南京芯驰半导体科技有限公司 For root key generation, partition method and the root key module of multiple systems
CN110619224A (en) * 2019-08-28 2019-12-27 深圳市元征科技股份有限公司 Data processing method and related device
CN110929252A (en) * 2019-11-22 2020-03-27 福建金密网络安全测评技术有限公司 Algorithm and random number detection system
CN111143784A (en) * 2019-12-12 2020-05-12 合肥大唐存储科技有限公司 Copyright protection realization method and copyright protection storage device
CN111523154A (en) * 2020-03-20 2020-08-11 北京元心科技有限公司 Method and system for obtaining hardware unique identifier and corresponding computer equipment
CN111541723A (en) * 2020-07-07 2020-08-14 飞天诚信科技股份有限公司 Method and terminal for processing key data
CN111988133A (en) * 2020-08-18 2020-11-24 浪潮商用机器有限公司 System SM4 encryption and decryption verification method, device, equipment and storage medium
CN112418415A (en) * 2019-08-22 2021-02-26 联发科技股份有限公司 Method and apparatus for improving neural network model confidentiality protection
CN113901529A (en) * 2021-10-09 2022-01-07 上海盛本智能科技股份有限公司 Equipment safety management method based on encryption hardware
CN114662135A (en) * 2022-05-19 2022-06-24 深圳市航顺芯片技术研发有限公司 Data access method, computer device and readable storage medium
CN114697082A (en) * 2022-03-09 2022-07-01 中易通科技股份有限公司 Production and application method of encryption and decryption device in server-free environment
CN114826696A (en) * 2022-04-08 2022-07-29 中国电子科技集团公司第三十研究所 File content hierarchical sharing method, device, equipment and medium

Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102129532A (en) * 2011-03-23 2011-07-20 阮晓迅 Method and system for digital copyright protection
CN102279908A (en) * 2010-06-08 2011-12-14 安凯(广州)微电子技术有限公司 Method and system for protecting digital contents
CN102361481A (en) * 2011-07-07 2012-02-22 上海凯卓信息科技有限公司 Method for binding hardware encryption trans-flash (TF) card with mobile phone subscriber identity module (SIM) card
CN102438239A (en) * 2011-11-21 2012-05-02 上海凯卓信息科技有限公司 Mobile terminal compound information protecting method based on intelligent security card
CN103067160A (en) * 2013-01-14 2013-04-24 江苏智联天地科技有限公司 Method and system of generation of dynamic encrypt key of encryption secure digital memory card (SD)
CN103559453A (en) * 2013-05-23 2014-02-05 深圳市中易通网络技术有限公司 Hardware encryption protection method and system for cellphone data
CN103678994A (en) * 2013-12-05 2014-03-26 中国科学院数据与通信保护研究教育中心 USB encrypted storage method and USB encrypted storage system with environment control function
US20140136841A1 (en) * 2012-06-14 2014-05-15 Kabushiki Kaisha Toshiba Device
CN105760790A (en) * 2016-01-29 2016-07-13 中国联合网络通信集团有限公司 Mobile terminal memory card security certification method and device

Patent Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102279908A (en) * 2010-06-08 2011-12-14 安凯(广州)微电子技术有限公司 Method and system for protecting digital contents
CN102129532A (en) * 2011-03-23 2011-07-20 阮晓迅 Method and system for digital copyright protection
CN102361481A (en) * 2011-07-07 2012-02-22 上海凯卓信息科技有限公司 Method for binding hardware encryption trans-flash (TF) card with mobile phone subscriber identity module (SIM) card
CN102438239A (en) * 2011-11-21 2012-05-02 上海凯卓信息科技有限公司 Mobile terminal compound information protecting method based on intelligent security card
US20140136841A1 (en) * 2012-06-14 2014-05-15 Kabushiki Kaisha Toshiba Device
CN103067160A (en) * 2013-01-14 2013-04-24 江苏智联天地科技有限公司 Method and system of generation of dynamic encrypt key of encryption secure digital memory card (SD)
CN103559453A (en) * 2013-05-23 2014-02-05 深圳市中易通网络技术有限公司 Hardware encryption protection method and system for cellphone data
CN103678994A (en) * 2013-12-05 2014-03-26 中国科学院数据与通信保护研究教育中心 USB encrypted storage method and USB encrypted storage system with environment control function
CN105760790A (en) * 2016-01-29 2016-07-13 中国联合网络通信集团有限公司 Mobile terminal memory card security certification method and device

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
樊志成: "基于C2x0嵌入式加密卡设计", 《中国优秀硕士学位论文全文数据库 信息科技辑》 *
汪永好 等: "基于加密卡的JCE的研究与实现", 《计算机工程与设计》 *

Cited By (19)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109934024A (en) * 2019-03-12 2019-06-25 深圳忆联信息系统有限公司 A kind of flash data encryption and decryption optimization method and its system
CN110380854A (en) * 2019-08-12 2019-10-25 南京芯驰半导体科技有限公司 For root key generation, partition method and the root key module of multiple systems
CN112418415A (en) * 2019-08-22 2021-02-26 联发科技股份有限公司 Method and apparatus for improving neural network model confidentiality protection
CN110619224A (en) * 2019-08-28 2019-12-27 深圳市元征科技股份有限公司 Data processing method and related device
CN110929252B (en) * 2019-11-22 2021-10-26 福建金密网络安全测评技术有限公司 Algorithm and random number detection system
CN110929252A (en) * 2019-11-22 2020-03-27 福建金密网络安全测评技术有限公司 Algorithm and random number detection system
CN111143784A (en) * 2019-12-12 2020-05-12 合肥大唐存储科技有限公司 Copyright protection realization method and copyright protection storage device
CN111523154A (en) * 2020-03-20 2020-08-11 北京元心科技有限公司 Method and system for obtaining hardware unique identifier and corresponding computer equipment
CN111541723A (en) * 2020-07-07 2020-08-14 飞天诚信科技股份有限公司 Method and terminal for processing key data
CN111541723B (en) * 2020-07-07 2020-10-13 飞天诚信科技股份有限公司 Method and terminal for processing key data
CN111988133A (en) * 2020-08-18 2020-11-24 浪潮商用机器有限公司 System SM4 encryption and decryption verification method, device, equipment and storage medium
CN111988133B (en) * 2020-08-18 2023-05-16 浪潮商用机器有限公司 System SM4 encryption and decryption verification method, device, equipment and storage medium
CN113901529A (en) * 2021-10-09 2022-01-07 上海盛本智能科技股份有限公司 Equipment safety management method based on encryption hardware
CN113901529B (en) * 2021-10-09 2023-03-24 上海盛本智能科技股份有限公司 Equipment safety management method based on encryption hardware
CN114697082A (en) * 2022-03-09 2022-07-01 中易通科技股份有限公司 Production and application method of encryption and decryption device in server-free environment
CN114697082B (en) * 2022-03-09 2023-11-07 中易通科技股份有限公司 Production and application method of encryption and decryption device in server-free environment
CN114826696A (en) * 2022-04-08 2022-07-29 中国电子科技集团公司第三十研究所 File content hierarchical sharing method, device, equipment and medium
CN114826696B (en) * 2022-04-08 2023-05-09 中国电子科技集团公司第三十研究所 File content hierarchical sharing method, device, equipment and medium
CN114662135A (en) * 2022-05-19 2022-06-24 深圳市航顺芯片技术研发有限公司 Data access method, computer device and readable storage medium

Also Published As

Publication number Publication date
CN108959982B (en) 2021-08-24

Similar Documents

Publication Publication Date Title
CN108959982A (en) A kind of mobile terminal document encrypting and deciphering system and method based on hardware encryption TF card
LU101903B1 (en) System and method for storing and accessing private data of Hyperledger Fabric blockchain
CN104331644B (en) A kind of transparent encipher-decipher method of intelligent terminal file
US8639940B2 (en) Methods and systems for assigning roles on a token
US20160197889A1 (en) Device and System for Facilitating Communication and Networking Within A Secure Mobile Environment
CN104252605B (en) A kind of file transparent encrypting and deciphering system of Android platform and method
US8621189B2 (en) System and method for hardware strengthened passwords
CN106980794A (en) TrustZone-based file encryption and decryption method and device and terminal equipment
US20210067326A1 (en) Cryptographic operation method, method for creating working key, cryptographic service platform, and cryptographic service device
CN102781001A (en) Method for encrypting built-in file of mobile terminal and mobile terminal
CN106997439A (en) TrustZone-based data encryption and decryption method and device and terminal equipment
CN103888429B (en) Virtual machine starts method, relevant device and system
CN108965222A (en) Identity identifying method, system and computer readable storage medium
CN106992851A (en) TrustZone-based database file password encryption and decryption method and device and terminal equipment
TW201245956A (en) Memory card and its access, data encryption, golden key generation and changing method
CN109697370A (en) Database data encipher-decipher method, device, computer equipment and storage medium
CN104717643B (en) A kind of mobile device Secure Communication Environment
Kremer et al. Security for key management interfaces
CN104955043B (en) A kind of intelligent terminal security protection system
CN108399341B (en) Windows dual file management and control system based on mobile terminal
CN106709362A (en) File encryption method and device and file decryption method and device
CN106503580A (en) A kind of guard method of private data and terminal
EP2469441A1 (en) System and method for hardware strenghtened passwords
FI120174B (en) Saving data with the device
CN110830252B (en) Data encryption method, device, equipment and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant