CN112054895A - Trusted root construction method and application - Google Patents

Trusted root construction method and application Download PDF

Info

Publication number
CN112054895A
CN112054895A CN202010793729.4A CN202010793729A CN112054895A CN 112054895 A CN112054895 A CN 112054895A CN 202010793729 A CN202010793729 A CN 202010793729A CN 112054895 A CN112054895 A CN 112054895A
Authority
CN
China
Prior art keywords
file
public key
hash value
industrial control
control terminal
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202010793729.4A
Other languages
Chinese (zh)
Inventor
刘苇
陶洪铸
祁龙云
王治华
杨维永
魏兴慎
周劼英
汪明
张晓�
朱世顺
吕小亮
闫珺
王海清
王晔
叶金波
金明辉
高峰
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
State Grid Corp of China SGCC
Nari Technology Co Ltd
Nari Information and Communication Technology Co
Original Assignee
State Grid Corp of China SGCC
Nari Technology Co Ltd
Nari Information and Communication Technology Co
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by State Grid Corp of China SGCC, Nari Technology Co Ltd, Nari Information and Communication Technology Co filed Critical State Grid Corp of China SGCC
Priority to CN202010793729.4A priority Critical patent/CN112054895A/en
Publication of CN112054895A publication Critical patent/CN112054895A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0863Generation of secret information including derivation or calculation of cryptographic keys or passwords involving passwords or one-time passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0643Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3066Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/12Details relating to cryptographic hardware or logic circuitry

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Theoretical Computer Science (AREA)
  • Computing Systems (AREA)
  • General Physics & Mathematics (AREA)
  • Mathematical Analysis (AREA)
  • Mathematical Optimization (AREA)
  • Mathematical Physics (AREA)
  • Pure & Applied Mathematics (AREA)
  • Algebra (AREA)
  • Physics & Mathematics (AREA)
  • Power Engineering (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses a hardware trusted root construction method based on a fusing mechanism and a TPM chip and application thereof, wherein the hardware trusted root construction method comprises the following steps: 1. generating a first public key according to a public key cryptographic algorithm; 2. performing hash operation on the first public key to obtain a hash value of the first public key; 3. burning the hash value of the first public key into a fusing area of the chip; 4. splicing a kernel mirror image of a chip operating system and an initial file system to generate a first spliced file, calculating a hash value of the first spliced file, and signing the hash value of the first spliced file by using a first private key to generate a signature file; 5. and splicing the first spliced file, the first public key and the signature file into a second spliced file, and burning the second spliced file into a chip as a system mirror image. The method can solve the problem of construction of the trusted root of the industrial control terminal hardware, and guarantee the security and the credibility of the trusted computing of the whole industrial control terminal.

Description

Trusted root construction method and application
Technical Field
The invention belongs to the technical field of industrial control safety trusted computing, and particularly relates to a fusing mechanism and TPM chip-based trusted root construction method and application thereof.
Background
The industrial control system is used as a main attack target of network battles and is always positioned at the front edge of network attack damage. The existing safety protection of industrial control systems represented by electric power in China mainly focuses on boundary protection, the safety protection means of an industrial control system body is insufficient, various high-hidden APT attacks which are continuously emergent cannot be effectively responded, and the application of new technologies such as the Internet of things further expands the attack range. Meanwhile, a network security method and a level protection 2.0 put new requirements on autonomous controllability, safety and credibility. Therefore, there is a need to develop active protection technology research adapted to industrial control systems.
In the field of network security protection, active defense technology represented by trusted computing has been developed to some extent, but in the field of embedded industrial control, it faces many challenges: (1) the existing schemes such as TPM (trusted Platform Module) and TrustZone lack an active measurement mechanism, the trusted root is not completely constructed, belongs to slave equipment called by a CPU (Central processing Unit), does not solve the problem of constructing the hardware trusted root, and once the hardware trusted root is not established, the whole subsequent trusted mechanism is difficult to guarantee, so the hardware trusted root construction is the basis of trusted computing. The scheme of trusted computing represented by TPCM is complete, but only adapts to a newly designed hardware master edition, and the problem of establishing a hardware trusted root of an industrial control terminal which is in a large amount of stock and does not support TPCM cannot be solved; (2) hardware resources of an industrial control system are deficient, an embedded operating system is only several megabytes in size, and a traditional trusted computing scheme TSS (trusted Software Stack) is too large to be implemented in the embedded operating system.
Disclosure of Invention
The purpose of the invention is as follows: the invention aims to provide a hardware trusted root construction method, which is based on a hardware fusing mechanism and a TPM trusted chip, can solve the problem of construction of the hardware trusted root of an industrial control terminal and guarantee the safety and the credibility of the trusted computing of the whole industrial control terminal.
The technical scheme is as follows: the invention discloses a hardware trusted root construction method on one hand, which comprises the following steps:
a1, generating a first public key according to a public key cryptographic algorithm;
a2, performing hash operation on the first public key to obtain a hash value of the first public key;
a3, burning the hash value of the first public key into the fusing area of the chip;
a4, splicing the kernel mirror image of the chip operating system and the initial file system to generate a first spliced file; calculating a hash value of the first spliced file, and signing the hash value of the first spliced file by using a first private key to generate a signature file; the first public key and the first private key are mutually decrypted key pairs;
a5, splicing the first spliced file, the first public key and the signature file into a second spliced file, and burning the second spliced file into a chip as a system mirror image.
Specifically, the public key cryptographic algorithm is a national secret SM2 elliptic curve algorithm.
Specifically, the first public key is subjected to a hash operation by using an SM3 hash algorithm.
The invention also discloses a TPM chip, which adopts the method to construct a hardware trusted root.
The invention also discloses an embedded industrial control terminal, and the TPM chip on the industrial control terminal mainboard adopts the method to construct the hardware trusted root.
On the other hand, the invention also discloses a starting method of the industrial control terminal, wherein the starting is executed by a system on a chip of the TPM chip of the industrial control terminal, and the starting method comprises the following steps:
b1, reading the hash value of the first public key from the TPM chip fusing area, reading the first public key from the system mirror image, and verifying the validity of the first public key; if the first public key verification result is illegal, the industrial control terminal is prevented from being started;
b2, if the first public key verification result is legal, verifying the signature file in the system mirror image, and if the verification fails, preventing the industrial control terminal from starting;
b3, if the signature file in the system image passes the verification, the credible verification passes, and the kernel image and the initial file system acquire the control right.
Specifically, the step of verifying the validity of the first public key includes:
calculating a hash value of the first public key read from the system image; comparing the hash value with the hash value of the first public key read from the fusing area; if the first public key is legal, otherwise, it is illegal.
Specifically, the step of verifying the signature file in the system image is as follows:
decrypting the signature file in the system image by using the first public key to obtain hash-cal;
calculating a hash value of a first splicing file and a first public key in a system mirror image;
if the calculation result is consistent with the hash-cal, the verification is passed; otherwise, the verification is not passed.
On the other hand, the invention also discloses a credible signature checking method of the industrial control terminal, wherein the credible signature checking is executed by an operating system operated by an application program of the industrial control terminal; firstly, a static measurement is used for preventing important files from being tampered in an external memory, and comprises the following steps:
c1, when the industrial control terminal operates the important file, acquiring a second public key which is pre-configured in the TPM chip; the operation important file comprises: starting an executable program, loading a library file, opening a configuration file or executing a script file;
c2, decrypting the signature file corresponding to the important file by adopting the second public key to obtain hash-cal-2; the signature file is generated after a hash value of an important file is signed by a second private key, and the signature file and the important file are issued to the industrial control terminal;
the second public key and the second private key are mutually decrypted key pairs;
c3, calculating the hash value of the important file to be operated, and if the calculation result is consistent with the hash-cal-2, the credible signature passes; otherwise, the trusted signature verification fails.
Secondly, dynamic measurement is carried out, and dynamic memory attack is prevented, wherein the dynamic measurement comprises the following steps:
c4, after the executable program is started, calculating the hash value of the code segment, the read-only data segment or the sensitive data segment corresponding to the executable program file in the memory at the initialization stage;
and C5, when the executable program has file operation in the running process, recalculating the hash value of the code segment, the read-only data segment or the sensitive data segment corresponding to the executable program file in the memory, comparing the hash value with the hash value calculated in the initialization stage, and if the hash value is not consistent with the hash value calculated in the initialization stage, tampering with the memory corresponding to the executable program.
The invention also discloses a computer readable storage medium on which a computer program is stored, which program, when executed by a processor, implements the steps of the above-described method for trusted root construction.
Has the advantages that: the hardware trusted root construction method disclosed by the invention can ensure that the public key is not tampered by utilizing the characteristic that the hardware fusing mechanism is written in for multiple times, solves the problem of construction of the hardware trusted root of the industrial control terminal, and can realize step-by-step active trusted verification from a chip to system startup.
Drawings
FIG. 1 is a flow chart of a hardware root of trust construction method;
FIG. 2 is a diagram of the content area in the TPM chip;
FIG. 3 is a flowchart of industrial control terminal start-up;
fig. 4 is a flow chart of trusted signature verification of the industrial control terminal.
Detailed Description
The invention is further elucidated with reference to the drawings and the detailed description.
The first embodiment is as follows:
the embedded industrial control terminals mostly adopt RM, POWERPC and other instruction architectures and corresponding hardware, and currently, mainstream embedded chips provide a fusing mechanism, so that the fusing area of the chip can be ensured to be written in only once and read for many times, and further, the written value is ensured not to be tampered randomly. Based on that, the system on chip located in the ROM inside the chip can perform active verification when the chip is started up each time, this embodiment discloses a method for constructing a hardware root of trust, which includes the following steps as shown in fig. 1:
a1, generating a first public key according to a public key cryptographic algorithm; in the embodiment, the first public key SM2 is generated by adopting a national secret SM2 elliptic curve algorithmPUB-KEY769 bytes in size;
a2, performing hash operation on the first public key to obtain a hash value of the first public key;
in this embodiment, the SM3 hash algorithm is used to perform a hash operation on the first public key, that is, the hash value of the first public key is: SM3(SM 2)PUB-KEY) Size is 64 bytes:
a3, burning a hash value of a first public key into a fusing area of a chip based on a fusing area access interface provided by a chip manufacturer; burning the hash value of the first public key into the fusing area instead of the first public key per se based on the consideration of occupied size;
a4, splicing the kernel mirror image of the chip operating system and the initial file system to generate a first spliced file; calculating a hash value of the first spliced file, and signing the hash value of the first spliced file by using a first private key to generate a signature file; the first public key and the first private key are mutually decrypted key pairs;
if the first spliced file is a Linux system, the kernel image of the Linux system is a vmlinux.img file, and the initial file system is an initrd.img file, the first spliced file is vmlinux-new.img { vmlinz.img | initrd.img }; wherein "|" represents a file splicing operation; signing the vmlinux-new.img to generate a signature file; the signature method comprises the following steps: sig ═ SM2(SM3 (vmlinux-new. img), SM2PRI-KEY);
Wherein SM2PRI-KEYRepresenting the SM2 private key, i.e. with the first public key SM2PUB-KEYA corresponding first private key;
a5, splicing the first spliced file, the first public key and the signature file into a second spliced file, and burning the second spliced file into a chip as a system mirror image;
namely: will { vmlinux-new. img | SM2PUB-KEYAnd | vmlinux-new.img.sig } is burnt into the chip as a system mirror image. The content stored in the chip for constructing the hardware root of trust by using the method is shown in fig. 2, wherein M1 is a fusing area which cannot be changed once written, M2-M5 is an area for storing system image files, and M6 is an area where a system on chip is located.
In this embodiment, a computer-readable storage medium is further provided, on which a computer program is stored, and when the computer program is executed by a processor, the steps of the above-mentioned root-of-trust construction method are implemented.
Example two:
as shown in fig. 3, the startup process of the industrial control terminal is as follows, when the TPM chip on the motherboard of the embedded industrial control terminal executes steps a1-a5 in the first embodiment:
b1, the industrial control terminal is powered on, the system on chip of the TPM chip reads the hash value of the first public key from the fusing area, reads the first public key from the system mirror image, and verifies the validity of the first public key, the verifying step is:
calculating a hash value of the first public key read from the system image; comparing the hash value with the hash value of the first public key read from the fusing area; equal to each other, the first public key SM2PUB-KEYIf not, the first public key verification result is illegal, and the industrial control terminal is prevented from being started;
b2, if the first public key verification result is legal, verifying the signature file in the system image, the verification steps are:
decrypting the signature file in the system image by using the first public key to obtain hash-cal:
hash-cal=SM2(vmlinuz-new.img.sig,SM2PUB-KEY);
calculating a hash value of a first splicing file and a first public key in a system mirror image;
hash=SM3({vmlinz.img|initrd.img|SM2PUB-KEY})
if the calculation result is consistent with the hash-cal, the verification is passed; otherwise, the kernel mirror image, the initial file system and the public key in the system mirror image are tampered, the signature file is not verified, and the industrial control terminal is prevented from being started;
b3, if the signature file in the system image passes the verification, the credible verification passes, and the kernel image and the initial file system acquire the control right.
B1 and B2 perform two-stage credibility verification based on the credible root to ensure the safety and reliability of the started system. In the later maintenance stage of the industrial control terminal, when the system needs to be upgraded, the steps A4 and A5 are repeated as long as the public key and the private key are not changed, and the upgraded system mirror image is burnt again. Because the public key is unchanged, the credible verification can still pass when the industrial control terminal is started, so the scheme disclosed by the invention can conveniently support system updating.
Example three:
and through the starting step of the second embodiment, the operating system operated by the application program of the industrial control terminal is started to operate. Because the hardware resources of the embedded industrial control system are deficient, the size of the embedded operating system is only several megabytes, and the traditional TPM trusted computing scheme TSS (trusted Software Stack) adapts to various application scenes such as a PC, virtualization and cloud big object movement and supports various typical service applications on a traditional PC server, so that the size of the TPM trusted computing scheme is over 100 megabytes, too large and difficult to implement in the embedded system.
Based on the reasons, the embodiment discloses a method for performing trusted signature verification in an embedded operating system, which realizes the functions of static measurement and dynamic measurement, wherein the static measurement is performed when important files are operated on an industrial control terminal, so that the files are prevented from being tampered in an external memory; the dynamic measurement is to dynamically check the key memory area and place memory attacks. In this embodiment, taking a Linux system as an example, a trusted signature check judgment is added to two functions bprm _ check _ Security and inode _ permission in a kernel-based LSM (Linux Security Modules) framework, as shown in fig. 4, the steps are as follows:
c1, when the industrial control terminal operates the important file, acquiring a second public key which is pre-configured in the TPM chip; the operation important file comprises: starting an executable program, loading a library file, opening a configuration file or executing a script file;
in this embodiment, the second public key needs to be configured in the storage area of the TPM chip before the important file is operated, and is configured through the TPM interface after the installation of the operating system of the industrial control terminal is completed, so that the second public key can be acquired through the TPM interface when the important file is operated.
C2, decrypting the signature file corresponding to the important file by adopting the second public key to obtain hash-cal-2; the signature file is generated after a software developer signs a hash value of an important file by using a second private key, and the signature file and the important file are issued to the industrial control terminal;
for example, a.bin, a.so and a.conf all have signature files a.bin.sig, a.so.sig and a.conf.sig corresponding to the signature files; the second public key and the second private key are mutually decrypted key pairs;
c3, calculating the hash value of the important file to be operated, and if the calculation result is consistent with the hash-cal-2, the credible signature passes; otherwise, the trusted signature verification fails.
Steps C1-C3 are static measurements, and the trusted checkmark indicates that the file has not been tampered in the external memory such as a disk, and the operation on the important file can be continuously executed, otherwise, the operation is terminated.
The dynamic measurement comprises the following steps:
c4, after the executable program is started, calculating the hash value of the code segment, the read-only data segment or the sensitive data segment corresponding to the executable program file in the memory at the initialization stage;
and C5, when the executable program has file operation in the running process, calling an inode _ permission function to recalculate the hash value of the code segment, the read-only data segment or the sensitive data segment corresponding to the executable program file in the memory, comparing the hash value with the hash value calculated in the initialization stage, and if the hash value is not consistent with the hash value calculated in the initialization stage, tampering with the memory corresponding to the executable program.
As will be appreciated by one skilled in the art, embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present application is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the application. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
The foregoing descriptions of specific exemplary embodiments of the present invention have been presented for purposes of illustration and description. It is not intended to limit the invention to the precise form disclosed, and obviously many modifications and variations are possible in light of the above teaching. The exemplary embodiments were chosen and described in order to explain certain principles of the invention and its practical application to enable one skilled in the art to make and use various exemplary embodiments of the invention and various alternatives and modifications as are suited to the particular use contemplated. It is intended that the scope of the invention be defined by the claims and their equivalents.

Claims (10)

1. The trusted root construction method is characterized by comprising the following steps of:
a1, generating a first public key according to a public key cryptographic algorithm;
a2, performing hash operation on the first public key to obtain a hash value of the first public key;
a3, burning the hash value of the first public key into the fusing area of the chip;
a4, splicing the kernel mirror image of the chip operating system and the initial file system to generate a first spliced file; calculating a hash value of the first spliced file, and signing the hash value of the first spliced file by using a first private key to generate a signature file; the first public key and the first private key are mutually decrypted key pairs;
a5, splicing the first spliced file, the first public key and the signature file into a second spliced file, and burning the second spliced file into a chip as a system mirror image.
2. The method for constructing the trusted root according to claim 1, wherein the public key cryptographic algorithm is a national secret SM2 elliptic curve algorithm.
3. A TPM chip that constructs a hardware root of trust using the method of claim 1 or 2.
4. The terminal is an embedded industrial control terminal, and is characterized in that a TPM chip on a mainboard of the industrial control terminal adopts the method as claimed in claim 1 or 2 to construct a hardware trusted root.
5. The industrial control terminal starting method according to claim 4, wherein the starting is executed by a system on a chip of a TPM chip of the industrial control terminal, and the method comprises the following steps:
b1, reading the hash value of the first public key from the TPM chip fusing area, reading the first public key from the system mirror image, and verifying the validity of the first public key; if the first public key verification result is illegal, the industrial control terminal is prevented from being started;
b2, if the first public key verification result is legal, verifying the signature file in the system mirror image, and if the verification fails, preventing the industrial control terminal from starting;
b3, if the signature file in the system image passes the verification, the credible verification passes, and the kernel image and the initial file system acquire the control right.
6. The industrial control terminal starting method according to claim 5, wherein the step of verifying the validity of the first public key comprises:
calculating a hash value of the first public key read from the system image; comparing the hash value with the hash value of the first public key read from the fusing area; if the first public key is legal, otherwise, it is illegal.
7. The industrial control terminal starting method according to claim 5, wherein the step of verifying the signature file in the system image is as follows:
decrypting the signature file in the system image by using the first public key to obtain hash-cal;
calculating a hash value of a first splicing file and a first public key in a system mirror image;
if the calculation result is consistent with the hash-cal, the verification is passed; otherwise, the verification is not passed.
8. The trusted checkmark method of an industrial control terminal according to claim 4, wherein the trusted checkmark is executed by an operating system run by an application program of the industrial control terminal; it is characterized by comprising:
c1, when the industrial control terminal operates the important file, acquiring a second public key which is pre-configured in the TPM chip; the operation important file comprises: starting an executable program, loading a library file, opening a configuration file or executing a script file;
c2, decrypting the signature file corresponding to the important file by adopting the second public key to obtain hash-cal-2; the signature file is generated after a hash value of an important file is signed by a second private key, and the signature file and the important file are issued to the industrial control terminal;
the second public key and the second private key are mutually decrypted key pairs;
c3, calculating the hash value of the important file to be operated, and if the calculation result is consistent with the hash-cal-2, the credible signature passes; otherwise, the trusted signature verification fails.
9. The trusted signature verification method of claim 8, further comprising:
c4, after the executable program is started, calculating the hash value of the code segment, the read-only data segment or the sensitive data segment corresponding to the executable program file in the memory at the initialization stage;
and C5, when the executable program has file operation in the running process, recalculating the hash value of the code segment, the read-only data segment or the sensitive data segment corresponding to the executable program file in the memory, comparing the hash value with the hash value calculated in the initialization stage, and if the hash value is not consistent with the hash value calculated in the initialization stage, tampering with the memory corresponding to the executable program.
10. A computer-readable storage medium, on which a computer program is stored, which, when being executed by a processor, carries out the steps of the method for root-of-trust construction according to any one of claims 1 to 3.
CN202010793729.4A 2020-08-10 2020-08-10 Trusted root construction method and application Pending CN112054895A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010793729.4A CN112054895A (en) 2020-08-10 2020-08-10 Trusted root construction method and application

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010793729.4A CN112054895A (en) 2020-08-10 2020-08-10 Trusted root construction method and application

Publications (1)

Publication Number Publication Date
CN112054895A true CN112054895A (en) 2020-12-08

Family

ID=73601998

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010793729.4A Pending CN112054895A (en) 2020-08-10 2020-08-10 Trusted root construction method and application

Country Status (1)

Country Link
CN (1) CN112054895A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113467404A (en) * 2021-07-27 2021-10-01 中国电子信息产业集团有限公司第六研究所 Thermal power plant intelligent cloud control system and method based on safe and credible wireless communication

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105224875A (en) * 2015-11-13 2016-01-06 上海斐讯数据通信技术有限公司 A kind of secure startup system of terminal and method
US20160350537A1 (en) * 2015-05-25 2016-12-01 Via Alliance Semiconductor Co., Ltd. Central processing unit and method to verify mainboard data
CN109245899A (en) * 2018-09-06 2019-01-18 成都三零嘉微电子有限公司 One kind being based on the novel trust chain design method of SM9 cryptographic algorithm

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20160350537A1 (en) * 2015-05-25 2016-12-01 Via Alliance Semiconductor Co., Ltd. Central processing unit and method to verify mainboard data
CN105224875A (en) * 2015-11-13 2016-01-06 上海斐讯数据通信技术有限公司 A kind of secure startup system of terminal and method
CN109245899A (en) * 2018-09-06 2019-01-18 成都三零嘉微电子有限公司 One kind being based on the novel trust chain design method of SM9 cryptographic algorithm

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113467404A (en) * 2021-07-27 2021-10-01 中国电子信息产业集团有限公司第六研究所 Thermal power plant intelligent cloud control system and method based on safe and credible wireless communication

Similar Documents

Publication Publication Date Title
EP3805968B1 (en) Technologies for secure hardware and software attestation for trusted i/o
US11861372B2 (en) Integrity manifest certificate
CN109710315B (en) BIOS (basic input output System) flash writing method and BIOS mirror image file processing method
US10771264B2 (en) Securing firmware
WO2020063001A1 (en) Method and device for managing basic input and output system firmware, and server
CN111630513B (en) Authenticating the authenticity of stored codes and code updates
US20110246778A1 (en) Providing security mechanisms for virtual machine images
CN103793654A (en) Server active management technology (AMT) assisted secure boot
US20240104213A1 (en) Securing node groups
CN108345805B (en) Method and device for verifying firmware
US10255438B2 (en) Operating system agnostic validation of firmware images
JP2022517056A (en) Trusted computing methods and servers
CN111125725A (en) Encryption and decryption method, equipment and medium for mirror image verification
KR20170089352A (en) Firmware integrity verification for performing the virtualization system
CN112148314A (en) Mirror image verification method, device, equipment and storage medium of embedded system
WO2022100014A1 (en) Method and apparatus for controlling system startup, device and readable storage medium
CN112054895A (en) Trusted root construction method and application
JP7439067B2 (en) File system verification and installation
CN106372523B (en) Modem file security protection method and system
CN111400771A (en) Target partition checking method and device, storage medium and computer equipment
CN108228219B (en) Method and device for verifying BIOS validity during in-band refreshing of BIOS
CN113360914A (en) BIOS updating method, system, equipment and medium
CN116956364B (en) Virtualized product integrity verification method, device and system and electronic equipment
US20230229777A1 (en) Cloud based boot integrity
KR20190118894A (en) A secure boot method for secure usb device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20201208