CN110135187A - A kind of file encryption-decryption system and encipher-decipher method based on PUF - Google Patents
A kind of file encryption-decryption system and encipher-decipher method based on PUF Download PDFInfo
- Publication number
- CN110135187A CN110135187A CN201910306449.3A CN201910306449A CN110135187A CN 110135187 A CN110135187 A CN 110135187A CN 201910306449 A CN201910306449 A CN 201910306449A CN 110135187 A CN110135187 A CN 110135187A
- Authority
- CN
- China
- Prior art keywords
- encryption
- decryption
- file
- module
- microcontroller
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 24
- 238000004891 communication Methods 0.000 claims abstract description 29
- 230000005540 biological transmission Effects 0.000 claims description 6
- 238000004422 calculation algorithm Methods 0.000 claims description 4
- 238000004364 calculation method Methods 0.000 claims description 3
- 238000010367 cloning Methods 0.000 claims 1
- 230000005611 electricity Effects 0.000 claims 1
- 230000005284 excitation Effects 0.000 abstract 1
- 238000010586 diagram Methods 0.000 description 4
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6209—Protecting access to data via a platform, e.g. using keys or access control rules to a single file or object, e.g. in a secure envelope, encrypted and accessed using a key, or with access control rules appended to the object itself
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
Abstract
The file encryption-decryption system based on PUF that the invention discloses a kind of, including encryption and decryption slave computer and PC host computer, the encryption and decryption slave computer includes physics unclonable function module, microcontroller, encryption/decryption module and communication module, the PC host computer includes microcomputer, control module, the microcomputer is stored with to encryption and decryption file, wherein: password being arranged by the control module and triggers excitation physics unclonable function module, physics unclonable function module carries out operation and generates the unique ID of hardware and be sent into microcontroller storage;It is described to be sent to the microcontroller to encryption and decryption file and store;By the unique ID of hardware and encryption/decryption module is sent to encryption and decryption file carrying out encryption and decryption, for the unique ID of the hardware as key, the file after encryption and decryption is simultaneously transmitted back to PC host computer by file after obtaining encryption and decryption.The unlimited file format of the present invention, encryption/decryption speed is fast, and use process is easy.
Description
Technical field
The present invention relates to computer safety fields, more particularly, to a kind of file encryption-decryption system based on PUF and add
Decryption method.
Background technique
There are two types of currently a popular file encrypting methods: one is the encryption functions by software itself to carry out to file
Encryption, such as the softwares such as Word, Excel, Adobe, Access, WPS all carrying encryption functions.This cipher mode is easy behaviour
Make, is currently used file encryption mode, but the disadvantage is that division format file can only be encrypted.Second is to pass through
The encryption function of specific software encrypts file, if WinZip, WinRaR and script software encrypt file, this
The enciphering rate of kind cipher mode is obviously relatively slow, and use process is more troublesome.
With the rapid development of modem computer systems, information attack means even more complex and intelligence, conventional security are protected
Maintaining method is insufficiently resistant to advanced attack tool and threatens private data message file bring, is based purely on the peace of system software
Full strategy can not comprehensively protect the safety of private information file.
Summary of the invention
The present invention is directed to solve above-mentioned technical problem at least to a certain extent.
Primary and foremost purpose of the invention is to provide a kind of file encryption system based on PUF, guarantees that file transmission is safe and hidden
Private protection.
The further object of the present invention is a kind of encryption method of file encryption system based on PUF.
Third object of the present invention is a kind of decryption method of file encryption system based on PUF.
In order to solve the above technical problems, technical scheme is as follows:
A kind of file encryption-decryption system based on PUF, including encryption and decryption slave computer and PC host computer, the encryption and decryption are the next
Machine includes physics unclonable function module (PUF module), microcontroller, encryption/decryption module and communication module, the PC upper
Machine includes microcomputer, control module, and the microcomputer is stored with to encryption and decryption file, in which:
The encryption and decryption slave computer is powered by the PC host computer, and the encryption and decryption slave computer powers on rear automatic running;
Password is set by the control module, which is that the triggering of physics unclonable function module motivates, physics
Operation is carried out after the triggering of unclonable function module and generates the unique ID of hardware, and the unique ID of the hardware is sent into microcontroller and is deposited
Storage;
It is described that the microcontroller is sent to by communication module to encryption and decryption file and is stored;
The microcontroller is sent to encryption/decryption module progress encryption and decryption by the unique ID of hardware and to encryption and decryption file, described
Key of the unique ID of hardware as encryption/decryption module, the file after encryption and decryption is simultaneously back to micro- by file after obtaining encryption and decryption
Controller, and PC host computer is transmitted back to by communication module;
In above scheme, physics unclonable function module, i.e. PUF module, due to inevitable in the fabrication process
Physical difference causes each physics unclonable function module arithmetic result not identical and unique, and the program ensures file security
The uniqueness of the encryption and decryption key of system, enable the system encryption file and be only capable of on identical hardware device be decrypted
Come, while ensuring that encryption file is stolen in PC host computer can not all be decrypted just original document.
Preferably, the physics unclonable function module includes delay path and the arbitration that is set to after delay path
Device, the input of delay path are the skip signal automatically generated after encryption and decryption slave computer powers on, and skip signal is in delay path
Transmission controlled by control signal preset in microcontroller, moderator receives skip signal after delay path, and output is hard
The unique ID of part.
Preferably, the delay path includes n node, and each node includes the multiple selector of two alternatives.
Preferably, the n control signals, one of control signal one node of corresponding control, same node are shared
The multiple selector of two alternatives share a control signal, when the corresponding control signal of the node is high level, this
Two alternatives for exporting direct parallel transmission to the node of the multiple selector of two alternatives of a upper node for node
Multiple selector output.
Preferably, the moderator receives the output of the multiple selector of two alternatives of the last one node, and defeated
The unique ID of n hardware out.
Preferably, the encryption/decryption module carries out encryption and decryption using international cryptography algorithm AES.
Preferably, the communication module is RS232 communication module.
A kind of encryption method of the file encryption-decryption system according to above-mentioned based on PUF, comprising the following steps:
S10: password is arranged by control module in initialization encryption and decryption slave computer;
S20: it is transmitted after being compressed to original document and by communication module to encryption and decryption slave computer, original document is deposited
Storage is in the microcontroller;
S30: physics unclonable function module generates the unique ID of hardware and is transmitted to microcontroller simultaneously as encryption key
Storage;
S40: reading original document and encryption key is transmitted to encryption/decryption module and carries out cryptographic calculation, obtains encryption file;
S50: it after encryption file returns to microcontroller, is transmitted by communication module to PC host computer;
S60: encryption file is stored in PC host computer.
A kind of decryption method of the file encryption-decryption system according to above-mentioned based on PUF, comprising the following steps:
S01: password is arranged by control module in initialization encryption and decryption slave computer;
S02: it is transmitted after being compressed to encryption file and by communication module to encryption and decryption slave computer, encryption file is deposited
Storage is in the microcontroller;
S03: physics unclonable function module generates the unique ID of hardware and is transmitted to microcontroller simultaneously as decruption key
Storage;
S04: reading encryption file and decruption key is transmitted to encryption/decryption module and operation is decrypted, and obtains original document;
S05: it after original document returns to microcontroller, is transmitted by communication module to PC host computer;
S06: original document is stored in PC host computer.
Compared with prior art, the beneficial effect of technical solution of the present invention is:
The present invention provides a kind of file encryption-decryption system and encipher-decipher method based on PUF, which can not by physics
It clones function module and generates the unique unique ID of hardware and be used as key, using having used international cryptography algorithm AES progress encryption and decryption
Encryption/decryption module encryption and decryption is carried out to original, file after encryption and decryption is returned on PC finally by RS232 communication module
Position machine storage, the unlimited file format of the encrypting and deciphering system, encryption/decryption speed is fast, and use process is easy.
Detailed description of the invention
Fig. 1 is a kind of file encryption-decryption system structure diagram based on PUF.
Fig. 2 is the structural schematic diagram of physics unclonable function module.
Fig. 3 is a kind of file encryption-decryption system encrypted method flow diagram based on PUF.
Fig. 4 is a kind of file encryption-decryption system decryption method flow diagram based on PUF.
Specific embodiment
The attached figures are only used for illustrative purposes and cannot be understood as limitating the patent;
In order to better illustrate this embodiment, the certain components of attached drawing have omission, zoom in or out, and do not represent actual product
Size;
To those skilled in the art, it is to be understood that certain known features and its explanation, which may be omitted, in attached drawing
's.
The following further describes the technical solution of the present invention with reference to the accompanying drawings and examples.
Embodiment 1
The file encryption-decryption system based on PUF that the present embodiment provides a kind of, on such as Fig. 1, including encryption and decryption slave computer and PC
Position machine, the encryption and decryption slave computer includes physics unclonable function module, microcontroller, encryption/decryption module and communication module,
The PC host computer includes microcomputer, control module, and the microcomputer is stored with to encryption and decryption file, in which:
The encryption and decryption slave computer is powered by the PC host computer, and the encryption and decryption slave computer powers on rear automatic running;
Password is set by the control module, which is that the triggering of physics unclonable function module motivates, physics
Operation is carried out after the triggering of unclonable function module and generates the unique ID of hardware, and the unique ID of the hardware is sent into microcontroller and is deposited
Storage;
It is described that the microcontroller is sent to by communication module to encryption and decryption file and is stored;
The microcontroller is sent to encryption/decryption module progress encryption and decryption by the unique ID of hardware and to encryption and decryption file, described
Key of the unique ID of hardware as encryption/decryption module, the file after encryption and decryption is simultaneously back to micro- by file after obtaining encryption and decryption
Controller, and the storage of the microcomputer in PC host computer is transmitted back to by communication module;
Such as Fig. 2, the physics unclonable function module includes delay path and the moderator that is set to after delay path,
The input of delay path is the skip signal automatically generated after encryption and decryption slave computer powers on, biography of the skip signal in delay path
Defeated to be controlled by control signal preset in microcontroller, moderator receives the skip signal after delay path, and output hardware is only
One ID.The delay path includes n node, and each node includes the multiple selector of two alternatives.The shared n controls
Signal processed, one of control signal one node of corresponding control, the multiple selector of two alternatives of same node share
One control signal, when the corresponding control signal of the node is high level, two alternatives of a upper node for the node
The output of the multiple selector of two alternative of the direct parallel transmission of output of multiple selector to the node.The moderator
The unique ID of hardware for receiving the output of the multiple selector of two alternatives of the last one node, and exporting n.
The encryption/decryption module carries out encryption and decryption using international cryptography algorithm AES.
The communication module is RS232 communication module.
In the specific implementation process, the encryption method of the file encryption-decryption system according to above-mentioned based on PUF, such as Fig. 3, packet
Include following steps:
S10: password is arranged by control module in initialization encryption and decryption slave computer;
S20: it is transmitted after being compressed to original document and by communication module to encryption and decryption slave computer, original document is deposited
Storage is in the microcontroller;
S30: physics unclonable function module generates the unique ID of hardware and is transmitted to microcontroller simultaneously as encryption key
Storage;
S40: reading original document and encryption key is transmitted to encryption/decryption module and carries out cryptographic calculation, obtains encryption file;
S50: it after encryption file returns to microcontroller, is transmitted by communication module to PC host computer;
S60: encryption file is stored in PC host computer.
According to the decryption method of the above-mentioned file encryption-decryption system based on PUF, such as Fig. 4, comprising the following steps:
S01: password is arranged by control module in initialization encryption and decryption slave computer;
S02: it is transmitted after being compressed to encryption file and by communication module to encryption and decryption slave computer, encryption file is deposited
Storage is in the microcontroller;
S03: physics unclonable function module generates the unique ID of hardware and is transmitted to microcontroller simultaneously as decruption key
Storage;
S04: reading encryption file and decruption key is transmitted to AES encryption/decryption module and operation is decrypted, and obtains original text
Part;
S05: it after original document returns to microcontroller, is transmitted by communication module to PC host computer;
S06: original document is stored in PC host computer.
The same or similar label correspond to the same or similar components;
The terms describing the positional relationship in the drawings are only for illustration, should not be understood as the limitation to this patent;
Obviously, the above embodiment of the present invention be only to clearly illustrate example of the present invention, and not be pair
The restriction of embodiments of the present invention.For those of ordinary skill in the art, may be used also on the basis of the above description
To make other variations or changes in different ways.There is no necessity and possibility to exhaust all the enbodiments.It is all this
Made any modifications, equivalent replacements, and improvements etc., should be included in the claims in the present invention within the spirit and principle of invention
Protection scope within.
Claims (9)
1. a kind of file encryption-decryption system based on PUF, which is characterized in that described including encryption and decryption slave computer and PC host computer
Encryption and decryption slave computer includes physics unclonable function module, microcontroller, encryption/decryption module and communication module, and the PC is upper
Machine includes microcomputer, control module, and the microcomputer is stored with to encryption and decryption file, in which:
The encryption and decryption slave computer is powered by the PC host computer, and the encryption and decryption slave computer powers on rear automatic running;
Password is set by the control module, which is that the triggering of physics unclonable function module motivates, and physics can not
The operation generation unique ID of hardware is carried out after cloning function module triggering, the unique ID of the hardware is sent into microcontroller and is stored;
It is described that the microcontroller is sent to by communication module to encryption and decryption file and is stored;
The microcontroller is sent to encryption/decryption module progress encryption and decryption by the unique ID of hardware and to encryption and decryption file, and described is hard
File after encryption and decryption is simultaneously back to microcontroller by key of the unique ID of part as encryption/decryption module, file after obtaining encryption and decryption
Device, and the storage of the microcomputer in PC host computer is transmitted back to by communication module.
2. the file encryption-decryption system according to claim 1 based on PUF, which is characterized in that the physics is unclonable
Function module includes delay path and the moderator that is set to after delay path, and the input of delay path is on encryption and decryption slave computer
The skip signal automatically generated after electricity, transmission of the skip signal in delay path is by control signal control preset in microcontroller
System, moderator receive the skip signal after delay path, the unique ID of output hardware.
3. the file encryption-decryption system according to claim 2 based on PUF, which is characterized in that the delay path includes n
A node, each node include the multiple selector of two alternatives.
4. the file encryption-decryption system according to claim 3 based on PUF, which is characterized in that the shared n control letters
Number, one of control signal one node of corresponding control, the multiple selector of two alternatives of same node shares one
Signal is controlled, when the corresponding control signal of the node is high level, the multichannel of two alternatives of a upper node for the node
The output of the multiple selector of two alternative of the direct parallel transmission of output of selector to the node.
5. the file encryption-decryption system according to claim 4 based on PUF, which is characterized in that the moderator receives most
The output of the multiple selector of two alternatives of the latter node, and the unique ID of hardware for exporting n.
6. the file encryption-decryption system according to claim 5 based on PUF, which is characterized in that the encryption/decryption module makes
Encryption and decryption is carried out with international cryptography algorithm AES.
7. the file encryption-decryption system according to claim 6 based on PUF, which is characterized in that the communication module is
RS232 communication module.
8. a kind of file encrypting method, the encryption method is based on its feature of file encryption-decryption system described in claim 1 and exists
In, comprising the following steps:
S10: password is arranged by control module in initialization encryption and decryption slave computer;
S20: it is transmitted after being compressed to original document and by communication module to encryption and decryption slave computer, original document is stored in
In microcontroller;
S30: physics unclonable function module generates the unique ID of hardware and is transmitted to microcontroller as encryption key and stores;
S40: reading original document and encryption key is transmitted to encryption/decryption module and carries out cryptographic calculation, obtains encryption file;
S50: it after encryption file returns to microcontroller, is transmitted by communication module to PC host computer;
S60: encryption file is stored in PC host computer.
9. a kind of file decryption method, the decryption method is based on file encryption-decryption system described in claim 1, and feature exists
In, comprising the following steps:
S01: password is arranged by control module in initialization encryption and decryption slave computer;
S02: it is transmitted after being compressed to encryption file and by communication module to encryption and decryption slave computer, encryption file is stored in
In microcontroller;
S03: physics unclonable function module generates the unique ID of hardware and is transmitted to microcontroller as decruption key and stores;
S04: reading encryption file and decruption key is transmitted to encryption/decryption module and operation is decrypted, and obtains original document;
S05: it after original document returns to microcontroller, is transmitted by communication module to PC host computer;
S06: original document is stored in PC host computer.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910306449.3A CN110135187A (en) | 2019-04-16 | 2019-04-16 | A kind of file encryption-decryption system and encipher-decipher method based on PUF |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910306449.3A CN110135187A (en) | 2019-04-16 | 2019-04-16 | A kind of file encryption-decryption system and encipher-decipher method based on PUF |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN110135187A true CN110135187A (en) | 2019-08-16 |
Family
ID=67570055
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910306449.3A Pending CN110135187A (en) | 2019-04-16 | 2019-04-16 | A kind of file encryption-decryption system and encipher-decipher method based on PUF |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN110135187A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114584297A (en) * | 2022-03-01 | 2022-06-03 | 广东工业大学 | Encryption and decryption system and encryption and decryption method based on physical unclonable technology |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2013107593A1 (en) * | 2012-01-16 | 2013-07-25 | Gemalto Sa | Electronic device generating an identifier based on physical unclonable functions |
| US20140189890A1 (en) * | 2012-12-28 | 2014-07-03 | Patrick Koeberl | Device authentication using a physically unclonable functions based key generation system |
| CN208539929U (en) * | 2018-06-12 | 2019-02-22 | 广东工业大学 | A kind of cloud platform client data encrypting and deciphering system based on national secret algorithm |
-
2019
- 2019-04-16 CN CN201910306449.3A patent/CN110135187A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2013107593A1 (en) * | 2012-01-16 | 2013-07-25 | Gemalto Sa | Electronic device generating an identifier based on physical unclonable functions |
| US20140189890A1 (en) * | 2012-12-28 | 2014-07-03 | Patrick Koeberl | Device authentication using a physically unclonable functions based key generation system |
| CN104838385A (en) * | 2012-12-28 | 2015-08-12 | 英特尔公司 | Device authentication using physically unclonable function based key generation system |
| CN208539929U (en) * | 2018-06-12 | 2019-02-22 | 广东工业大学 | A kind of cloud platform client data encrypting and deciphering system based on national secret algorithm |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114584297A (en) * | 2022-03-01 | 2022-06-03 | 广东工业大学 | Encryption and decryption system and encryption and decryption method based on physical unclonable technology |
| CN114584297B (en) * | 2022-03-01 | 2024-02-27 | 广东工业大学 | Encryption and decryption system and encryption and decryption method based on physical unclonable technology |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111541725B (en) | Block chain all-in-one machine, password acceleration card thereof, and key management method and device | |
| CN101401105B (en) | Encryption apparatus and method for providing an encrypted file system | |
| CN107453880B (en) | Cloud data secure storage method and system | |
| CN102185694A (en) | Electronic file encrypting method and system based on fingerprint information | |
| CN104253694A (en) | Encrypting method for network data transmission | |
| CN110650010A (en) | Method, device and equipment for generating and using private key in asymmetric key | |
| CN103378971A (en) | Data encryption system and method | |
| CN103580855A (en) | Usbkey management plan based on sharing technology | |
| CN103152322A (en) | Method of data encryption protection and system thereof | |
| CN104270242A (en) | Encryption and decryption device used for network data encryption transmission | |
| JP2019068413A (en) | Method and system fo transferring data safely | |
| CN104866784A (en) | BIOS encryption-based safety hard disk, and data encryption and decryption method | |
| TWI597960B (en) | Key splitting | |
| CN113408017A (en) | Method, device, equipment and storage medium for protecting data in OTP (one time programmable) memory | |
| EP3292654B1 (en) | A security approach for storing credentials for offline use and copy-protected vault content in devices | |
| CN112257121A (en) | Encryption method, decryption method, electronic device, and storage medium | |
| CN113326518B (en) | Data processing method and device | |
| CN110135187A (en) | A kind of file encryption-decryption system and encipher-decipher method based on PUF | |
| EP3556046B1 (en) | Method for secure management of secrets in a hierarchical multi-tenant environment | |
| Karthik et al. | Hybrid cryptographic technique using OTP: RSA | |
| CN110750326A (en) | Disk encryption and decryption method and system for virtual machine | |
| CN112149166B (en) | Unconventional password protection method and intelligent bank machine | |
| Smid | Integrating the Data Encryption Standard into computer networks | |
| CN114329390A (en) | Financial institution database access password protection method and system | |
| GB2579884A (en) | Methods and systems of securely transferring data |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20190816 |
|
| RJ01 | Rejection of invention patent application after publication |