CN1121697C - Mass storage enciphered storage chip - Google Patents

Mass storage enciphered storage chip Download PDF

Info

Publication number
CN1121697C
CN1121697C CN 99100367 CN99100367A CN1121697C CN 1121697 C CN1121697 C CN 1121697C CN 99100367 CN99100367 CN 99100367 CN 99100367 A CN99100367 A CN 99100367A CN 1121697 C CN1121697 C CN 1121697C
Authority
CN
China
Prior art keywords
circuit
data
pin
chip
input
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
CN 99100367
Other languages
Chinese (zh)
Other versions
CN1229254A (en
Inventor
李文军
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Minghuaauhan Science & Technology Co Ltd Shenzhen City
Original Assignee
Minghuaauhan Science & Technology Co Ltd Shenzhen City
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Minghuaauhan Science & Technology Co Ltd Shenzhen City filed Critical Minghuaauhan Science & Technology Co Ltd Shenzhen City
Priority to CN 99100367 priority Critical patent/CN1121697C/en
Publication of CN1229254A publication Critical patent/CN1229254A/en
Application granted granted Critical
Publication of CN1121697C publication Critical patent/CN1121697C/en
Anticipated expiration legal-status Critical
Expired - Fee Related legal-status Critical Current

Links

Images

Landscapes

  • Storage Device Security (AREA)

Abstract

The present invention relates to an enciphered storage chip with high capacity, which is matched with a terminal. The structure of the enciphered storage chip comprises a power management circuit, an input-output interface circuit, an identification circuit, a data transmission circuit, a cryptographic check circuit, a reset response circuit, a random number generator and a data memory, wherein the memory which is a two-wire serial EEPROM carries out addressing by byte and can be split into a system setting area and eight application areas. The present invention has the advantages of flexible structure, high safety and low cost.

Description

Mass storage enciphered storage chip
The present invention relates to a kind of integrated circuit (IC) chip, particularly a kind of mass storage enciphered storage chip.
At present, most widely used at home non-encrypted chip is 24C01A/02/04/08/16/32/64, and encryption chip is SLE4442, SLE4428, AT88SC102 etc.The chip storage capacity difference of series is not divided application area.Simple to operate, the user is easy to grasp, and still, because it does not have cryptoguard, can only be used to gather, inquires about, the not high occasion of security requirements such as identification; The memory capacity of AT88SC102 is 1KBIT, is divided into two application area, user cipher is arranged, wipe cryptoguard; can be used for stored value card, prepayment electric expense table, gas meter, the dining room higher occasion of security requirements such as have dinner; but its application area is divided fixing, uses underaction, and is convenient.
The objective of the invention is on existing technical foundation, the demand at each big application of China provides a kind of mass storage enciphered storage chip, and memory capacity is big, and cryptoguard is effective, is adapted at field widespread uses such as the tax, medical insurance, traffic administration.
Technical scheme of the present invention is as follows:
A kind of mass storage enciphered storage chip, be used with terminating machine, verify mutually with certain agreement between chip and the terminating machine, just can be after being proved to be successful to chip operation, its structure comprises electric power management circuit, input/output interface circuit, authentication circuit, data transmission circuit, cryptographic check circuit, the response circuit that resets, tandom number generator and data-carrier store composition; Input/output interface circuit is connected with authentication circuit, data transmission circuit, cryptographic check circuit, the response circuit that resets respectively, authentication circuit is connected with tandom number generator, data transmission circuit respectively, and data transmission circuit is connected with cryptographic check circuit, the response circuit that resets, data-carrier store respectively; Draw eight pins altogether, be respectively power pins V CC, pin GND, reset pin RST, clock input pin SCL, data pin SDA; V CCPin, GND pin are drawn by electric power management circuit, and SCL pin, SDA pin, RST pin are drawn by input/output interface circuit.
Chip is by V CCAfter obtaining the input information process input/output interface circuit processing of RST, by the legitimacy of authentication circuit and tandom number generator verification terminal, if authentication correctly then can be carried out the reading and writing operation; Data when output, first check read password, export by SDA from the storage unit reading of data address that provides according to input/output interface circuit then; In like manner, data are imported by SDA, write cryptographic check and write corresponding storage unit after correct.
Data-carrier store is two-wire serial EEPROM, byte addressing; EEPROM can be divided into a system setting area and 8 application area; Have eight cover passwords to be used for each application area, two groups in every cover is protected the reading and writing operation respectively; The wrong number of times restriction of every cover password; All be assigned a byte as the authority storer at each application area in the system setting area, the access features of each application area is provided with by the authority storer.
High capacity storage chip of the present invention can be provided with number of partitions arbitrarily, adjusts and respectively distinguishes memory space, and structure is flexible.Adopt authentication protocol, adopt ciphertext to transmit on data line, and each verify data is all different, it is safe.Structurally do not adopt central processing unit, authentication and cryptographic check are all undertaken by hardware logic, and cost is low.
The present invention is further detailed explanation below in conjunction with drawings and Examples:
Fig. 1 is a principle of work block diagram of the present invention;
Fig. 2 is the storage node composition of 8 application area of data-carrier store of the present invention;
Fig. 3 is the storage node composition of the system setting area of data-carrier store of the present invention;
Fig. 4 is the figure that is provided with of the fuse cell of data-carrier store of the present invention;
Fig. 5 is the process characterization diagram of the present invention under different fuse states;
Fig. 6 is the figure that is provided with of the authority storer in the system of the present invention setting area;
Fig. 7 is the identifying procedure figure of chip of the present invention and terminating machine.
The described a kind of mass storage enciphered storage chip of Fig. 1, be used with terminating machine, verify mutually with certain agreement between chip and the terminating machine, just can be after being proved to be successful to chip operation, its structure comprises electric power management circuit, input/output interface circuit, authentication circuit, data transmission circuit, cryptographic check circuit, the response circuit that resets, tandom number generator and data-carrier store composition; Input/output interface circuit is connected with authentication circuit, data transmission circuit, cryptographic check circuit, the response circuit that resets respectively, authentication circuit is connected with tandom number generator, data transmission circuit respectively, and data transmission circuit is connected with cryptographic check circuit, the response circuit that resets, data-carrier store respectively; Draw eight pins altogether, be respectively power pins V CC, pin GND, reset pin RST, clock input pin SCL, data pin SDA; V CCPin, GND pin are drawn by electric power management circuit, and SCL pin, SDA pin, RST pin are drawn by input/output interface circuit.Chip is by V CCAfter obtaining the input information process input/output interface circuit processing of RST, by the legitimacy of authentication circuit and tandom number generator verification terminal, if authentication correctly then can be carried out the reading and writing operation; Data when output, first check read password, export by SDA from the storage unit reading of data address that provides according to input/output interface circuit then; In like manner, data are imported by SDA, write cryptographic check and write corresponding storage unit after correct.
Data-carrier store is two-wire serial EEPROM, and capacity is 16K, and it is a system setting area and 8 application area that byte addressing: EEPROM is divided into; Have eight cover passwords to be used for each application area, two groups in every cover is protected the reading and writing operation respectively; The wrong number of times restriction of every cover password, number of times is 8 times; All be assigned a byte as the authority storer at each application area in the system setting area, the access features of each application area is provided with by the authority storer.
Fig. 2 represents 8 application area of storer, and eight application area respectively account for 256 bytes.If the password in several application district belongs to same set of password, then this several application district just can be combined into a big application area, and the user can divide application area according to the application of oneself.
Fig. 3 represents the storage organization of system setting area.The setting area is used to deposit manufacturer code, publisher's code, identifier, password and wrong inferior information.The AAC unit is the authentication error counter.The PAC unit is the password error counter.The ARO-7 unit is the access features register of each application area, and its value of setting is different, and the access features of each application area is just different.The lot number unit is used to deposit the information on chip manufacturing date, can not change.Chip manufacturer's code is deposited in the manufacturer code unit, can not change.Chip unit Nc, ciphertext unit Ci, password unit Gc deposit the password of using when confirming mutually between chip and the terminating machine.Read password, write password and must verify and just can carry out the reading and writing operation to each subregion after correct, the password errors number can not surpass 8 times, otherwise the application area self-locking.
The address that Fig. 4 is illustrated in the system setting area is that the byte place of 0X80 preserves three fuse bit: FAB and represents to be fused by chip manufacturer; CMA represents to be fused by chip packaging factory; PER represents to be fused by the chip publisher.
Fig. 5 represents the operating characteristic of chip under different fuse states.
Fig. 6 represents the access features setting of authority storer, and WPE is for writing the password enable bit, can carry out write operation if WPE=0 then checks to the application corresponding district after writing password, if WPE=1 then can arbitrarily write in the response application district; RPE if RPE=0 then only correctly checks and reads password or write password, just can read respective application district data for reading the password enable bit, if the then random reading of data of RPE=1; ATE is the authentication enable bit, if ATE=0 is then only correctly by can correspondingly operating with the district after the authentication, if ATE=1 then need not be by authentication; PW2, PW1, three these districts of decision of PW0 use where overlap password, and each district can point to same password simultaneously, is equivalent to 8 districts are merged into a district; MDF is provided with the position for forbidding that application area is revised, if MDF=0 then at any time forbids the application area data are made amendment, otherwise as if MDF=1 then; PGD is that application area programming is provided with the position, if PG0=0 then application area only can carry out write operation, erase operation is under an embargo, if PG0=1 is then random.The user is according to the security requirements of oneself, the authority storer that operating characteristic is provided with each subregion.
Fig. 7 represents the protocol authentication between chip and the terminating machine, be two-way authentication, have only after chip and the mutual authentication correctly of terminating machine and just can carry out the reading and writing operation, in the verification process on the data line data transmit with the ciphertext form, and the data of each authentication are all different, and this has improved the confidentiality of system greatly.

Claims (1)

1, a kind of mass storage enciphered storage chip, be used with terminating machine, verify mutually with certain agreement between chip and the terminating machine, just can chip operation be is characterized in that after being proved to be successful: its structure comprises electric power management circuit, input/output interface circuit, authentication circuit, data transmission circuit, cryptographic check circuit, the response circuit that resets, tandom number generator and data-carrier store composition; Input/output interface circuit is connected with authentication circuit, data transmission circuit, cryptographic check circuit, the response circuit that resets respectively, authentication circuit is connected with tandom number generator, data transmission circuit respectively, and data transmission circuit is connected with cryptographic check circuit, the response circuit that resets, data storage circuitry respectively; Draw eight pins altogether, be respectively power pins (V CC), pin (GND), reset pin (RST), clock input pin (SCL), data pin (SDA); Power pins (V CC), pin (GND) draw by electric power management circuit, clock input pin (SCL), data pin (SDA), reset pin (RST) are drawn by input/output interface circuit; Chip is by V CCAfter obtaining the input information process input/output interface circuit processing of RST, by the legitimacy of authentication circuit and tandom number generator verification terminal, if authentication correctly then can be carried out the reading and writing operation; Data when output, first check read password, export by SDA from the storage unit reading of data address that provides according to input/output interface circuit then; In like manner, data are imported by SDA, write cryptographic check and write corresponding storage unit after correct; Described data-carrier store is two-wire serial EEPROM, byte addressing; EEPROM can be divided into a system setting area and 8 application area; Have eight cover passwords to be used for each application area, two groups in every cover is protected the reading and writing operation respectively; The wrong number of times restriction of every cover password; All be assigned a byte as the authority storer at each application area in the system setting area, the access features of each application area is provided with by the authority storer.
CN 99100367 1998-01-25 1999-01-25 Mass storage enciphered storage chip Expired - Fee Related CN1121697C (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN 99100367 CN1121697C (en) 1998-01-25 1999-01-25 Mass storage enciphered storage chip

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
CN98200933 1998-01-25
CN98200933.X 1998-01-25
CN 99100367 CN1121697C (en) 1998-01-25 1999-01-25 Mass storage enciphered storage chip

Publications (2)

Publication Number Publication Date
CN1229254A CN1229254A (en) 1999-09-22
CN1121697C true CN1121697C (en) 2003-09-17

Family

ID=25744806

Family Applications (1)

Application Number Title Priority Date Filing Date
CN 99100367 Expired - Fee Related CN1121697C (en) 1998-01-25 1999-01-25 Mass storage enciphered storage chip

Country Status (1)

Country Link
CN (1) CN1121697C (en)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
AU7395500A (en) * 2000-09-13 2002-03-26 Silverbrook Res Pty Ltd A camera exchange system and method
CN1332522C (en) * 2003-12-25 2007-08-15 电子科技大学 Method for making cipher chip having security protection function
CN103336919A (en) * 2013-07-17 2013-10-02 东风电子科技股份有限公司 System and method for achieving instrument encryption verification control function
CN110457947A (en) * 2019-08-09 2019-11-15 内蒙古自治区计量测试研究院 A kind of greenhouse gas emission evidence-gathering and tracing terminal

Also Published As

Publication number Publication date
CN1229254A (en) 1999-09-22

Similar Documents

Publication Publication Date Title
CN1140880C (en) Secure memory having anti-wire tapping
EP1873728B1 (en) Method for configuring an IC Card in order to receive personalization commands
CA1287919C (en) Security file system for a portable data carrier
CN1218249C (en) Secure memory having multiple security levels
CA1293325C (en) System for a portable data carrier
CN1053509C (en) A secure application card for sharing application data and procedures among a plurality of microprocessors
EP0984404A2 (en) Storing data objects in a smart card memory
EP0270571B1 (en) Arrangement for a portable data carrier having multiple application files
CN101950342A (en) Device and method for managing access control permission of integrated circuit card
CN1121697C (en) Mass storage enciphered storage chip
MXPA05013842A (en) Method for carrying out update writing and allocating a memory used for file writing on a memory carrier in the form of a chip card.
CN100570633C (en) The disposal route of CPU and logical encrypt double-purpose smart card and critical data thereof
CN100361165C (en) Update management for encoded data in memory
CN101089830B (en) Memory device and its operation method
CN101493875B (en) USB interface hardware storage apparatus with log off function when missed and implementing method
CN101996339B (en) Data perturbation with solve upset method and storage media controller thereof and stocking system
CN1229253A (en) Mass storage enciphered storage chip
Kose et al. A SECURE DESIGN ON MIFARE CLASSIC CARDS FOR ENSURING CONTACTLESS PAYMENT AND CONTROL SERVICES
CN2512045Y (en) IC distinguishable memory device with extending interface
CN207965867U (en) A kind of New Bus driver with store function parallel series cascade data
CN2660576Y (en) Computer system control lock for purchase guarantee
Kose et al. ADVANCES IN CYBER-PHYSICAL SYSTEMS Vol. 7, Num. 1, 2022 A SECURE DESIGN ON MIFARE CLASSIC CARDS FOR ENSURING CONTACTLESS PAYMENT AND CONTROL SERVICES
CN102486933A (en) Enciphered data storage chip for heart electric recording instrument

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
C19 Lapse of patent right due to non-payment of the annual fee
CF01 Termination of patent right due to non-payment of annual fee