CN115296808B - Key replacing method, device, computer equipment and storage medium - Google Patents
Key replacing method, device, computer equipment and storage medium Download PDFInfo
- Publication number
- CN115296808B CN115296808B CN202211231527.6A CN202211231527A CN115296808B CN 115296808 B CN115296808 B CN 115296808B CN 202211231527 A CN202211231527 A CN 202211231527A CN 115296808 B CN115296808 B CN 115296808B
- Authority
- CN
- China
- Prior art keywords
- offset
- target
- key
- original
- data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0891—Revocation or update of secret information, e.g. encryption key update or rekeying
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0894—Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
- H04L9/0897—Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage involving additional devices, e.g. trusted platform module [TPM], smartcard or USB
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/08—Randomization, e.g. dummy operations or using noise
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/12—Details relating to cryptographic hardware or logic circuitry
Abstract
The application relates to a key exchange method, a key exchange device, a computer device, a storage medium and a computer program product. The method comprises the following steps: receiving a target offset sent by a server; the target offset is the offset obtained by modifying the original offset by the server; updating the original offset stored in the security chip into a target offset; the security chip also stores random data; when data communication is carried out with the server, a target key in the random data is searched according to the target offset, and a target encryption communication channel is established based on the searched target key and the target key stored by the server. By adopting the method, the actual target key information can be transmitted without using a communication channel, the preset random data is stored in the security chip, and the security chip has the black box characteristic, so that the random data can be protected from being read easily, and the original key can be changed remotely on the premise of ensuring the security. Even if the original secret key has the highest grade, the secret key can be replaced by the scheme.
Description
Technical Field
The present application relates to the field of digital information transmission, and in particular, to a method, an apparatus, a computer device, a storage medium, and a computer program product for replacing a key.
Background
With the development of network security technology, more and more devices communicate with each other by using data encrypted by a secret key, so as to ensure the security of information transmission. However, after the equipment is shipped, the keys in the equipment may need to be replaced for various reasons.
The process of replacing the key according to the conventional technology is to establish a higher-level communication channel according to the key with a higher security level, and transmit the replaced target key by using the higher-level communication channel. However, in the case of key leakage and the like, there is a certain safety risk in using a key of a higher security level.
Disclosure of Invention
In view of the above, it is necessary to provide a key exchange method, an apparatus, a computer device, a storage medium, and a computer program product, which can improve security of information transmission.
In a first aspect, the present application provides a key exchange method. Applied to a secure chip, the method comprising:
receiving a target offset sent by a server; the target offset is an offset obtained by modifying the original offset by the server;
updating the original offset stored by the security chip to the target offset; the security chip also stores random data;
and when data communication is carried out with the server, searching a target key in the random data according to the target offset, and establishing a target encryption communication channel based on the searched target key and the target key stored by the server.
In one embodiment, the searching for the target key in the random data according to the target offset includes:
determining a starting position in the random data according to the target offset;
searching data corresponding to the target offset in the random data according to the initial position;
and taking the data corresponding to the target offset as a target key.
In one embodiment, the searching for data corresponding to the target offset according to the starting position in the random data includes:
searching data of the key length in the random data according to the initial position;
and taking the data of the key length as the data corresponding to the target offset.
In one embodiment, the receiving the target offset sent by the server includes:
determining an original offset stored by the security chip;
searching an original secret key in the random data according to the original offset stored in the security chip;
establishing an original encryption communication channel based on the searched original secret key and the original secret key stored by the server;
and receiving the target offset sent by the server based on the original encrypted communication channel.
In one embodiment, before updating the original offset stored in the secure chip to the target offset, the method further includes:
and searching an original key in the random data according to the original offset, and establishing an original encryption communication channel based on the searched original key and the original key stored by the server so that the security chip and the server perform data communication based on the original encryption communication channel.
In a second aspect, the present application provides a key exchange method. Applied to a server, the method comprising:
acquiring random data and original offset corresponding to the security chip;
modifying the original offset to obtain a target offset;
searching a target secret key in the random data according to the target offset, and storing the target secret key;
sending the target offset to a security chip so that the security chip updates the stored original offset to the target offset;
and when the security chip communicates with the server, an encrypted communication channel is established based on the stored target key and the updated target key searched by the target offset.
In one embodiment, the sending the target offset to a secure chip includes:
establishing an original encryption communication channel based on the original secret key stored by the server and the original secret key searched by the security chip;
and sending the target offset to a security chip based on the original encrypted communication channel.
In a third aspect, the present application further provides a secret key replacing device, which is applied to a secure chip, and the device includes:
the offset acquisition module is used for receiving the target offset sent by the server; the target offset is an offset obtained by modifying an original offset by the server;
the offset updating module is used for updating the original offset stored in the security chip into the target offset; the security chip also stores random data;
and the communication module is used for searching a target key in the random data according to the target offset when carrying out data communication with the server, and establishing a target encryption communication channel based on the searched target key and the target key stored by the server.
In a fourth aspect, the present application further provides a key exchange apparatus, applied to a server, where the apparatus includes:
the data acquisition module is used for acquiring random data and original offset corresponding to the security chip;
the offset modifying module is used for modifying the original offset to obtain a target offset;
the secret key generating module is used for searching a target secret key in the random data according to the target offset and storing the target secret key;
the secret key sending module is used for sending the target offset to a security chip so that the security chip updates the stored original offset into the target offset;
and the communication module is used for establishing an encryption communication channel based on the stored target key and the updated target key searched by the target offset when the security chip is communicated with the server.
In a fifth aspect, the present application further provides a computer device. The computer device comprises a memory and a processor, wherein the memory stores a computer program, and the processor implements the key exchange steps in any of the above embodiments when executing the computer program.
In a sixth aspect, the present application further provides a storage medium. The storage medium having stored thereon a computer program which, when executed by a processor, performs the steps of key exchange in any of the embodiments described above.
In a seventh aspect, the present application further provides a computer program product. The computer program product comprising a computer program that when executed by a processor performs the steps of key exchange in any of the embodiments described above.
The key replacing method, the key replacing device, the computer equipment, the storage medium and the computer program product receive the target offset sent by the server; the target offset is obtained by modifying the original offset by the server, and the original offset stored by the security chip is updated to be the target offset; the security chip also stores random data; because actual target key information cannot appear in the communication channel, the security chip stores preset random data, and the security chip has a black box characteristic and can protect the random data from being read easily, a third party cannot obtain the random data and cannot deduce a target key based on target offset, so that remote replacement of an original key between the terminal and the server can be realized, and the security is high. Further, when data communication is performed with the server, a target key in the random data is searched for according to the target offset, and a target encryption communication channel is established based on the searched target key and the target key stored in the server. By adopting the method, the actual target key information can be transmitted without using a communication channel, the preset random data is stored in the security chip, and the security chip has the black box characteristic, so that the random data can be protected from being read easily, and the original key can be replaced remotely on the premise of ensuring the security. Even if the original secret key has the highest grade, the secret key can be replaced by the scheme.
Drawings
FIG. 1 is a diagram of an exemplary environment in which a method for key exchange is implemented;
FIG. 2 is a flowchart illustrating a key exchange method according to an embodiment;
FIG. 3 is a flowchart illustrating a key exchange method according to another embodiment;
FIG. 4 is a diagram of an application environment of another embodiment of a key exchange method;
FIG. 5 is a diagram of an application environment of a key exchange method in one embodiment;
FIG. 6 is a diagram of an application environment of another embodiment of a key exchange method;
FIG. 7 is a block diagram showing the structure of a key exchange device according to an embodiment;
fig. 8 is a block diagram showing the structure of a key exchange device according to another embodiment;
FIG. 9 is a diagram illustrating an internal structure of a computer according to an embodiment.
Detailed Description
In order to make the objects, technical solutions and advantages of the present application more apparent, the present application is described in further detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the present application and are not intended to limit the present application.
The key exchange method provided by the embodiment of the application can be applied to the application environment shown in fig. 1. Wherein the terminal 102 communicates with the server 104 via a network. The data storage system may store data that the server 104 needs to process. The data storage system may be integrated on the server 104, or may be located on the cloud or other network server.
The terminal 102 may be, but is not limited to, various intelligent chairs with security chips installed therein, and computer devices such as control devices externally connected to the intelligent chairs. The server 104 may be implemented by an independent server, a server cluster composed of a plurality of servers, or an internet of things platform. The scheme provided by the embodiment of the application is cooperatively realized by the terminal 102 and the server 104.
In one embodiment, the security chip is an embedded data security chip for intellectual property protection and data protection. The safety chip stores the secret key and the check information, and can store the user-defined data and operate the user-defined algorithm. In one embodiment, the custom data and algorithm stored in the security chip cannot be read and analyzed by the outside world, so that the data security is guaranteed. The security chip can be a chip represented by a chip with a built-in smart card core, the chips support downloading and running of a custom algorithm, and have functions of resisting various attacks, such as differential attack, power consumption analysis and fragmentation attack, on a chip hardware level. When the security level of the chip is the bank card level, and the self-defined data and the self-defined algorithm stored in the chip are considered as a black box, the outside cannot acquire the information, and the analysis and the cloning of the internal algorithm cannot be performed. The secure chip may be specifically SMEC90ST of giant industry in shenzhen, LKT4306 of Ling Kexin ann in beijing, or the like.
In one embodiment, the server may be a cloud server. The cloud server is arranged in a special machine room, and a secret key modification algorithm is operated on the cloud server. In this embodiment, it can be considered that the key modification algorithm and the interaction logic operated in the cloud server cannot be read and analyzed by the outside.
In one embodiment, as shown in fig. 2, a key exchange method is provided, which is described by taking the method as an example applied to the terminal 102 with the secure chip installed in fig. 1, and includes the following steps:
step 202, receiving a target offset sent by a server; the target offset is the offset that the server modifies from the original offset.
The original offset is an offset of the original key, which is an offset address with respect to random data stored by the secure chip. The original key can be determined based on the original offset and the random data stored by the security chip, because the address of the original offset in the random data is the starting address of the original key, the random data is selected according to the starting address of the original key, so that the security chip can obtain the original key, and a communication channel between the terminal and the server is established through the original key.
In one embodiment, the random data stored in the security chip may be determined before the security chip or the computer device is shipped. Illustratively, before the intelligent furniture equipment is produced in mass production and delivered from a factory, a designated person generates a random number, which is denoted as RandData, and the random number can be a pseudo-random number meeting safety conditions or a true random number generated based on hardware, and the security of the true random number is higher.
In one embodiment, before the security chip or the computer device leaves the factory, the server generates the original offset in the corresponding random data based on the encryption algorithm corresponding to the security chip. Illustratively, the value of the original offset is generated according to an encryption algorithm of the security chip; after initialization of the pointer to the original offset, an offset address between the pointer and the start address of the random data is determined based on the value of the original offset, the offset address being the original offset. After the random data and the original offset stored in the security chip are determined, an original starting position in the random data is determined by using the pointer of the original offset, and data with a key length is selected from the original starting position and is used for generating an original key.
The server stores the original offset, the random data and the original key corresponding to the security chip; and for the original offset and the random data corresponding to the security chip, the original offset and the random data corresponding to the security chip are corresponding to the original offset and the random data stored in the security chip, and the original offset and the random data corresponding to the security chip are stored in the server. Illustratively, the original offset and the random data corresponding to the secure chip are the same as those stored by the secure chip, and are stored in the server. The archive of the original offset and the random data stored by the security chip is recorded as ArchiveData, the archive of the security chip has a high security level, and communication is performed only under special conditions.
In one embodiment, before updating the original offset stored in the secure chip to the target offset, the method includes: and searching an original key in the random data according to the original offset, and establishing an original encryption communication channel based on the searched original key and the original key stored by the server so that the security chip and the server perform data communication based on the original encryption communication channel.
Searching an original key in random data according to an original offset, comprising: determining an original starting position of the original offset in the random data, determining data corresponding to the original offset in the random data according to the original starting position, and generating an original key based on the data corresponding to the original offset. The original key may be data corresponding to the original offset, or may be an original key generated by performing some encryption based on the data corresponding to the original offset.
Establishing an original encrypted communication channel based on the searched original key and an original key stored by a server, comprising: the terminal determines a communication channel, encrypts the communication channel based on the searched original secret key and instructs the server to encrypt the communication channel based on the original secret key stored in the server, so that the original encrypted communication channel is obtained, and the security chip and the server perform data communication based on the original encrypted communication channel.
The communication channel determined by the terminal may be a preset communication channel or a dynamically selected communication channel. This communication channel enables operations such as line analysis and protocol analysis by unauthorized parties. Optionally, the communication channel may be a channel in which the security chip performs wired communication such as a serial port or SPI with the general MCU, the MCU may perform wired communication with the wireless communication modules such as Wi-Fi or 4G modules, and the wireless communication module may perform wireless communication with the cloud server.
In one embodiment, when the replacement condition of the original key is satisfied, the original key is the key to be replaced, and the data for replacing the original offset is the target offset sent by the server. Optionally, when the terminal detects that an original key of the terminal is leaked, sending a key replacing instruction to the server to modify the original offset into a target offset by the server, and then sending the target offset to the terminal, so that the terminal receives the target offset sent by the server; when the server detects that an original secret key of a certain security chip is leaked, the server modifies the original offset into a target offset and then sends the target offset to the terminal, so that the terminal receives the target offset sent by the server.
In one embodiment, the original key is the key with the highest security level between the terminal and the server; when the original secret key is leaked, the encrypted communication channels established between the terminal and the server through the preset secret keys with any security level are unsafe, and in this case, data transmitted through the unsafe encrypted communication channels are at risk of leakage, so that the target secret key is not suitable for direct transmission. Based on this, the original offset stored in the security chip is updated to the target offset sent by the server, even if the target offset is leaked, the random data stored in the security chip is stored in the security chip of the offline product in advance, and the random data can be protected from being read easily due to the fact that the security chip has the black box characteristic, so that an intruder cannot obtain the random data and cannot deduce a target key based on the target offset, so that remote replacement of the key can be achieved, and the security is high. Wherein the encrypted communication channel generated by the high security level key may be used to replace the low security level key, and the high security level key may be used to replace the key according to any embodiment of the invention.
In one embodiment, the server modifies the original offset to obtain the target offset, including: generating a value of a target offset according to an encryption algorithm of the security chip; and after the pointer of the target offset is initialized, calculating an offset address between the pointer and the start address of the random data based on the value of the target offset, wherein the offset address is the target offset, and modifying the original offset into the target offset. And after the target offset is generated, the server sends the target offset to the terminal. When the target offset sent to the terminal is encrypted and confused, the difficulty of reverse analysis of the target offset is increased, and the security of key replacement is increased.
In one embodiment, receiving the target offset sent by the server includes: determining an original offset stored by a security chip; searching an original secret key in random data according to an original offset stored in a security chip; establishing an original encryption communication channel based on the searched original secret key and an original secret key stored by the server; the target offset sent by the server is received based on the original encrypted communication channel.
The original offset stored by the security chip is filed in a certain preset area of the security chip, and the filed in the preset area has higher confidentiality.
Searching an original secret key in random data according to an original offset stored in a security chip, comprising: and the terminal determines a communication channel, encrypts the communication channel based on the searched original secret key and instructs the server to encrypt the communication channel based on the original secret key stored by the server to obtain the original encrypted communication channel.
Receiving a target offset sent by a server based on an original encrypted communication channel, wherein the target offset comprises: when the target offset sent by the server is subjected to asymmetric encryption, decrypting according to a corresponding private key to obtain a decrypted target offset, wherein the decrypted target offset is the received target offset; when the target offset sent by the server is not encrypted, the unencrypted target offset is the received target offset.
The target offset is an offset of the target key; the target offset is an offset address relative to the random data stored in advance, the target offset is different from the original offset, the target offset is sent to the terminal by the server, and the target offset is not stored in the security chip in advance. The address of the target offset in the random data is the address of the target key, which enables the secure chip to look up the target key. And the target key is generated based on random data, the target key is still a random number, and the key strength is higher.
Step 204, updating the original offset stored in the security chip into a target offset; the secure chip also stores random data.
The random data stored in the security chip is preset data stored in the security chip, and the preset data can be burned into the security chip in the production process of the security chip. The preset data is the value range of the target secret key, the data volume of the preset data is increased, the probability of repetition among different secret keys can be reduced, and the security of the secret key can be kept high enough after the secret key is replaced for multiple times. Optionally, the preset data is determined based on the storage space of the chip and the value range of the key, so that the value range is as large as possible under the condition that the storage space allows, after the value range is increased, the key can be updated for many times, and different keys can be obtained each time as long as the random data is long enough and the number of updating times is almost not limited. Illustratively, the data amount of the preset data is 512 bytes.
In one embodiment, in the process of updating the original offset stored in the security chip to the target offset, the pointer of the target offset may be updated with the pointer of the original offset stored in the security chip, and the value of the target offset may replace the value of the original offset; it is also possible to keep a pointer to the original offset and set the pointer to the original offset according to the value of the target offset.
Step 206, when data communication is performed with the server, a target key in the random data is searched according to the target offset, and a target encryption communication channel is established based on the searched target key and the target key stored by the server.
In one embodiment, finding a target key in random data according to a target offset includes: determining an initial position in the random data according to the target offset; searching data corresponding to the target offset in the random data according to the initial position; and taking the data corresponding to the target offset as a target key.
Optionally, in the process of determining the starting position in the random data according to the target offset, the starting position is calculated according to a starting position determination rule for determining the starting position of the key, and the algorithm complexity of the starting position determination rule is positively correlated with the security. When the algorithm complexity of the initial position determination rule increases, the possibility that the original key and the target key are overlapped is reduced, and the possibility that the initial position determination rule is cracked is increased.
The starting position determination rule is used to determine a relationship between the offset and at least part of the data of the random data. The relationship may be one or more of: the security chip can determine the initial position in the random data according to the address difference between the target offset and the initial address of the random data; the security chip can also determine the initial position in the random data according to the address difference between the target offset and the initial address of the original offset; the security chip may also determine a starting position in the random data according to certain data to which the target offset is mapped.
In one embodiment, searching for data corresponding to the target offset according to the starting position in the random data includes: in the random data, searching data of the key length according to the initial position; and taking the data of the key length as the data corresponding to the target offset.
The key length is the data size of the data corresponding to the target offset; the key length is related to the data amount of the target key, and the key length may be the data amount of the target key; it will be appreciated that the key length may also be the data size of the original key. The key length may be preset, or may be generated according to a preset mapping rule according to data such as an identification number of a secure chip and a terminal.
In one embodiment, the data corresponding to the target offset is used as the target key according to a key data lookup rule. The algorithm complexity and the security of the key data searching rule are positively correlated. When the algorithm complexity of the key data search rule increases, the possibility of overlapping the original key and the target key is reduced, and the possibility of cracking the key data search rule is reduced. Illustratively, the key data search rule may be that data of different addresses are sequentially selected according to an address sequence of random data until data of a key length is obtained; the key data search rule may also be that according to some data selection rules, data of different addresses are sequentially selected according to the address sequence of random data until data of the key length is obtained. The data selection rule may be to sequentially select data of different addresses according to a preset address interval.
The data corresponding to the target offset may be data of a key length, data generated by mapping according to a certain mapping table, or data generated by performing asymmetric encryption again based on the selected data.
In the key replacing method, a target offset sent by a server is received; the target offset is obtained by modifying the original offset by the server, and the original offset stored by the security chip is updated to be the target offset; the security chip also stores random data; because actual target key information can not appear in the communication channel, only the terminal random data prestoring and target offset transmission are involved, but the safety key can be replaced, the safe replacement of the key is realized, the method can be used for the remote safe replacement of the highest-level communication key, and even if the target offset is leaked, the method can not cause too much influence.
And the security chip stores preset random data, has a black box characteristic, and can protect the random data from being easily read, so that a third party cannot obtain the random data and cannot deduce a target key based on a target offset, and therefore, remote replacement of an original key between the terminal and the server can be realized, and the security is high. Further, when performing data communication with the server, a target key in the random data is searched for according to the target offset, and a target encrypted communication channel is established based on the searched target key and the target key stored in the server. The method can remotely replace the original secret key on the premise of ensuring the safety, and the secret key can be replaced by the scheme when the grade of the original secret key is the highest.
In one embodiment, as shown in fig. 3, a communication authentication method for a computer device is provided, which is described by taking the method as an example applied to the server 104 in fig. 1, and includes the following steps:
step 302, obtaining random data and original offset corresponding to the security chip.
The random data and the original offset corresponding to the security chip are the same as those stored in the security chip, and the random data and the original offset corresponding to the security chip are stored in the server. It is understood that when the original key is replaced due to leakage of the original key or a related reason, the original encrypted communication channel generated by the original key is unreliable, and thus, data stored in the secure chip is not transmitted to the server.
And step 304, modifying the original offset to obtain a target offset.
In one embodiment, modifying the original offset to obtain the target offset includes: generating a value of a target offset according to an encryption algorithm of the security chip; and after the pointer of the target offset is initialized, calculating an offset address between the pointer and the start address of the random data based on the value of the target offset, wherein the offset address is the target offset, and modifying the original offset into the target offset. And after the target offset is generated, the server sends the target offset to the terminal. When the target offset sent to the terminal is encrypted and confused, the difficulty of reverse analysis of the target offset is increased, and the security of key replacement is increased.
The range of modification to the original offset is determined based on the address range to which the random data corresponding to the security chip belongs. Optionally, when the modified value of the original offset is in the address of the random data, the address can be selected as the target offset; when the modified value of the original offset is outside the address of the random data, some operation may be performed to generate the target offset based on the modified value. Alternatively, the target offset may be asymmetrically encrypted and then sent to the security chip.
Step 306, searching the target key in the random data according to the target offset, and storing the target key.
In one embodiment, the server searches the random data for the target key according to the target offset, including: the server determines an initial position in random data corresponding to the security chip according to the target offset; in the random data, the server searches data corresponding to the target offset according to the initial position; and taking the data corresponding to the target offset as a target key. It should be understood that there is no order between step 306 and step 308, and that both steps may be in parallel or in series.
And 308, sending the target offset to the secure chip so that the secure chip updates the stored original offset to the target offset.
In one embodiment, the server sends the target offset to the security chip, including: the server establishes an original encryption communication channel based on an original secret key stored by the server and an original secret key searched by the security chip; the target offset is sent to the security chip based on the original encrypted communication channel.
Specifically, the server establishes an original encryption communication channel based on an original key stored by the server and an original key searched by the security chip, and the method includes: after the terminal determines a communication channel and encrypts the communication channel based on the searched original secret key, the server encrypts the communication channel based on the original secret key stored by the server in response to the instruction of the terminal to obtain the original encrypted communication channel. Therefore, although the original encryption communication channel has the possibility of leakage, certain reliability can be improved, the possibility of leakage of the target offset in transmission is reduced, and the safety of data transmission is guaranteed.
Step 310, when the security chip communicates with the server, an encrypted target communication channel is established based on the stored target key and the target key searched by the updated target offset.
The stored target key is a target key in the server, and the target key searched by the updated target offset is a target key searched by the terminal based on the updated target offset. The target encrypted communication channel has higher security and can contribute to the secure transmission of data.
In the secret key replacing method, random data and original offset corresponding to the security chip are obtained; modifying the original offset to obtain a target offset; searching a target secret key in the random data according to the target offset, and storing the target secret key; sending the target offset to a security chip so that the security chip updates the stored original offset to the target offset; because actual target key information cannot appear in a communication channel, the security chip and the server both store preset random data, and the security chip and the server both have black box characteristics, the respective random data can be protected from being easily read, so that a third party cannot obtain the random data, and cannot deduce the target key based on target offset, thereby realizing remote replacement of an original key between the terminal and the server, and having higher security. Furthermore, when the security chip communicates with the server, a target encryption communication channel is established based on the stored target key and the target key searched by the updated target offset, so that the original key can be remotely replaced on the premise of ensuring security, the grade of the original key is the highest, and the key can be replaced by the scheme.
In one embodiment, the complete process before and after key exchange is discussed in a more complete embodiment, which is discussed by taking the communication channel between the secure chip 402 and the cloud server 404 in fig. 4 as an example.
As shown in fig. 5, before the intelligent furniture device leaves the factory, a set of 512-byte random data is burned into the security chip to obtain random data stored in the security chip, and the random data is recorded as RandData. The value of the original offset (offset value) is determined with respect to the start address of the random data, and the pointer (Ptr) of the original offset is set, thereby obtaining the original offset (offset). The security chip and the cloud server use data pointed by a pointer (Ptr) of an original offset as a starting position, take data with a key length (such as data amount of N bytes) as an original key, use the data as a highest-level communication key KeyTop, and record the original offset, random data (RandData) and the original key corresponding to the security chip in the cloud server. Meanwhile, the original offset and the random data (RandData) corresponding to the security chip are encrypted and stored in a relatively secure environment, and are not randomly started, and the file is recorded as ArchiveData. Wherein the security chip also has the same archive (ArchiveData).
Before replacing the original key, a communication channel between the secure chip and the cloud server is encrypted based on the original offset and random data (RandData). Specifically, the security chip reads the stored original offset amount (offset), and sets the original offset amount (offset) as the offset amount of the pointer (Ptr) of the original offset amount. Taking the offset of a pointer (Ptr) of the original offset as an initial position, and taking N bytes of data to obtain an original key (KeyTop); and the original secret key (KeyTop) is already stored in the cloud server, so a secure encrypted communication channel can be established between the secure chip and the cloud server for communication. The conditions for replacing the original key are: for some reason, the original key (KeyTop) is revealed, and the archive ArchiveData is not revealed.
The appointed person unseals an archive (ArchiveData) in the security chip or the cloud server, acquires random data (RandData) and an original Offset (Offset) from the archive, and the cloud server modifies the original Offset (Offset) into a new value and records the new value as a target Offset (Offset). The cloud server determines the initial position in the random data (RandData) area by the target Offset (Offset), then takes the data of N bytes as the target key (KeyTop) after replacement, records the target key (KeyTop) in the cloud server, and at the same time, the cloud server updates Offset to Offset in Archivedata, and records the new archive as Archivedata, and encrypts and archives the archive again as the original key for the next key replacement.
After the cloud server generates the target key, the cloud server transmits a key modification instruction to the security chip. Specifically, the cloud server and the security chip establish a communication channel by using the leaked original key, and the cloud server sends the target Offset (Offset) to the security chip through the communication channel which is not secured.
As shown in fig. 6, after receiving the target Offset (Offset), the security chip sets the pointer (Ptr) of the original Offset based on the target Offset (Offset), so that the pointer (Ptr) of the original Offset points to the start position corresponding to the target Offset, so as to obtain data corresponding to the target Offset, thereby implementing key exchange.
After the secret key is replaced, the security chip searches a target secret key in the random data (RandData) according to the target Offset (Offset), and establishes a target encryption communication channel based on the searched target secret key (KeyTop) and the target secret key (KeyTop) stored in the cloud server for communication. Because the target encryption communication channel uses the target key which is not leaked, the channel is safe, and can safely transmit information for replacing other sub-keys or relative low-level keys, and even if the outside obtains the target Offset (Offset) through line monitoring, the outside cannot know the specific new key.
Therefore, when the key with the highest grade is modified according to the scheme, actual target key information does not appear in a communication channel, the communication channel is monitored by an unauthorized third party, the security of modifying the key is not influenced, and the key leakage risk is avoided; the key interaction logic is generated between the security chip and the cloud server, and the two parts can be completely regarded as black boxes, and the possibility of malicious cracking and reverse analysis by a third party is almost 0; and the process logic of replacing the secret key is simple, complex encryption and decryption algorithms and processes are not needed, and the method has better universality and feasibility of mass production. In addition, the updated target secret key is still an irregular random number, the secret key strength is guaranteed, and as long as the random data is long enough, the limit of the updating times is almost eliminated, the secret key can be updated for many times, different secret keys can be obtained each time, and the safety is further guaranteed.
It should be understood that, although the steps in the flowcharts related to the embodiments as described above are sequentially displayed as indicated by arrows, the steps are not necessarily performed sequentially as indicated by the arrows. The steps are not performed in the exact order shown and described, and may be performed in other orders, unless explicitly stated otherwise. Moreover, at least a part of the steps in the flowcharts related to the embodiments described above may include multiple steps or multiple stages, which are not necessarily performed at the same time, but may be performed at different times, and the execution order of the steps or stages is not necessarily sequential, but may be rotated or alternated with other steps or at least a part of the steps or stages in other steps.
Based on the same inventive concept, the embodiment of the present application further provides a key exchange device for implementing the key exchange method described above. The implementation scheme for solving the problem provided by the device is similar to the implementation scheme described in the above method, so specific limitations in one or more embodiments of the key exchange device provided below can be referred to the above limitations on the key exchange method, and are not described herein again.
In one embodiment, as shown in fig. 7, there is provided a key exchange apparatus applied to a secure chip, the apparatus including: an offset acquisition module 702, an offset update module 704, and a communication module 706, wherein:
an offset obtaining module 702, configured to receive a target offset sent by a server; the target offset is an offset obtained by modifying an original offset by the server;
an offset updating module 704, configured to update an original offset stored in the security chip to the target offset; the security chip also stores random data;
a communication module 706, configured to, when performing data communication with the server, search for a target key in the random data according to the target offset, and establish a target encryption communication channel based on the searched target key and the target key stored by the server.
In one embodiment, the communication module 706 is configured to:
determining an initial position in the random data according to the target offset;
searching data corresponding to the target offset in the random data according to the initial position;
and taking the data corresponding to the target offset as a target key.
In one embodiment, the communication module 706 is specifically configured to:
searching data of the key length in the random data according to the initial position;
and taking the data of the key length as the data corresponding to the target offset.
In one embodiment, the offset obtaining module 702 is configured to:
determining an original offset stored by the security chip;
searching an original secret key in the random data according to the original offset stored in the security chip;
establishing an original encryption communication channel based on the searched original secret key and the original secret key stored by the server;
and receiving the target offset sent by the server based on the original encrypted communication channel.
In one embodiment, the communication module 706 is further configured to:
and searching an original key in the random data according to the original offset, and establishing an original encryption communication channel based on the searched original key and the original key stored by the server, so that the security chip and the server perform data communication based on the original encryption communication channel.
In one embodiment, as shown in fig. 8, the present application further provides a key exchange apparatus applied to a server, the apparatus including: a data acquisition module 802, an offset modification module 804, a key generation module 806, a key sending module 808, and a communication module 810, wherein:
a data obtaining module 802, configured to obtain random data and an original offset corresponding to the security chip;
an offset modification module 804, configured to modify the original offset to obtain a target offset;
a key generating module 806, configured to search a target key in the random data according to the target offset, and store the target key;
a key sending module 808, configured to send the target offset to a security chip, so that the security chip updates a stored original offset to the target offset;
a communication module 810, configured to establish a target encryption communication channel based on the stored target key and the updated target key searched for by the target offset when the security chip communicates with the server.
In one embodiment, the communication module 810 is further configured to: before the original offset stored in the secure chip is updated to the target offset, an original key in the random data is searched according to the original offset, and an original encryption communication channel is established based on the searched original key and the original key stored in the server, so that the secure chip and the server perform data communication based on the original encryption communication channel.
The modules in the key exchange device may be implemented in whole or in part by software, hardware, or a combination thereof. The modules can be embedded in a hardware form or independent from a processor in the computer device, and can also be stored in a memory in the computer device in a software form, so that the processor can call and execute operations corresponding to the modules.
In one embodiment, a computer device is provided, which may be a terminal, and its internal structure diagram may be as shown in fig. 9. The computer apparatus includes a processor, a memory, an input/output interface, a communication interface, a display unit, and an input device. The processor, the memory and the input/output interface are connected by a system bus, and the communication interface, the display unit and the input device are connected by the input/output interface to the system bus. Wherein the processor of the computer device is configured to provide computing and control capabilities. The memory of the computer device comprises a nonvolatile storage medium and an internal memory. The non-volatile storage medium stores an operating system and a computer program. The internal memory provides an environment for the operation of an operating system and computer programs in the non-volatile storage medium. The input/output interface of the computer device is used for exchanging information between the processor and an external device. The communication interface of the computer device is used for carrying out wired or wireless communication with an external terminal, and the wireless communication can be realized through WIFI, a mobile cellular network, NFC (near field communication) or other technologies. The computer program is executed by a processor to implement a key exchange method. The display unit of the computer equipment is used for forming a visual and visible picture, and can be a display screen, a projection device or a virtual reality imaging device, the display screen can be a liquid crystal display screen or an electronic ink display screen, the input device of the computer equipment can be a touch layer covered on the display screen, a key, a track ball or a touch pad arranged on the shell of the computer equipment, and can also be an external keyboard, a touch pad or a mouse and the like.
Those skilled in the art will appreciate that the architecture shown in fig. 9 is merely a block diagram of some of the structures associated with the disclosed aspects and is not intended to limit the computing devices to which the disclosed aspects apply, as particular computing devices may include more or less components than those shown, or may combine certain components, or have a different arrangement of components.
In an embodiment, a computer device is further provided, which includes a memory and a processor, the memory stores a computer program, and the processor implements the steps of the above method embodiments when executing the computer program.
In one embodiment, a storage medium is provided, which is a computer-readable storage medium, and the storage medium stores a computer program, which when executed by a processor, implements the steps in the above-described method embodiments.
In an embodiment, a computer program product is provided, comprising a computer program which, when being executed by a processor, carries out the steps of the above-mentioned method embodiments.
It should be noted that, the user information (including but not limited to user equipment information, user personal information, etc.) and data (including but not limited to data for analysis, stored data, displayed data, etc.) referred to in the present application are information and data authorized by the user or sufficiently authorized by each party, and the collection, use and processing of the related data need to comply with the relevant laws and regulations and standards of the relevant country and region.
It will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above may be implemented by hardware instructions of a computer program, which may be stored in a non-volatile computer-readable storage medium, and when executed, may include the processes of the embodiments of the methods described above. Any reference to memory, database, or other medium used in the embodiments provided herein may include at least one of non-volatile and volatile memory. The nonvolatile Memory may include Read-Only Memory (ROM), magnetic tape, floppy disk, flash Memory, optical Memory, high-density embedded nonvolatile Memory, resistive Random Access Memory (ReRAM), magnetic Random Access Memory (MRAM), ferroelectric Random Access Memory (FRAM), phase Change Memory (PCM), graphene Memory, and the like. Volatile Memory can include Random Access Memory (RAM), external cache Memory, and the like. By way of illustration and not limitation, RAM can take many forms, such as Static Random Access Memory (SRAM) or Dynamic Random Access Memory (DRAM), among others. The databases referred to in various embodiments provided herein may include at least one of relational and non-relational databases. The non-relational database may include, but is not limited to, a block chain based distributed database, and the like. The processors referred to in the embodiments provided herein may be general purpose processors, central processing units, graphics processors, digital signal processors, programmable logic devices, quantum computing based data processing logic devices, etc., without limitation.
All possible combinations of the technical features in the above embodiments may not be described for the sake of brevity, but should be considered as being within the scope of the present disclosure as long as there is no contradiction between the combinations of the technical features.
The above-mentioned embodiments only express several embodiments of the present application, and the description thereof is more specific and detailed, but not construed as limiting the scope of the present application. It should be noted that, for a person skilled in the art, several variations and modifications can be made without departing from the concept of the present application, and these are all within the scope of protection of the present application. Therefore, the protection scope of the present application shall be subject to the appended claims.
Claims (11)
1. A secret key replacing method is applied to a security chip, and the method comprises the following steps:
receiving a target offset sent by a server; the target offset is an offset obtained by modifying an original offset by the server;
updating the original offset stored in the security chip to the target offset; the security chip also stores random data; the random data stored by the security chip is preset data stored by the security chip, and the preset data is determined based on the storage space of the chip and the value range of the secret key;
when data communication is carried out with the server, searching data corresponding to the target offset in the random data according to the target offset, and selecting data from the data corresponding to the target offset according to a key data searching rule to obtain a target key;
establishing a target encryption communication channel based on the searched target secret key and the target secret key stored by the server; wherein the target key is a random number generated based on the random data.
2. The method according to claim 1, wherein the searching for the data corresponding to the target offset in the random data according to the target offset, and selecting the data corresponding to the target offset according to a key data search rule to obtain a target key comprises:
determining an initial position in the random data according to the target offset;
selecting data corresponding to the target offset from an initial position in the random data according to a key data searching rule;
and taking the data corresponding to the target offset as a target key.
3. The method according to claim 2, wherein the searching for the data corresponding to the target offset from the start position in the random data according to a key data search rule includes:
sequentially selecting data of different addresses at the initial position of the random data according to a preset address interval until data of a key length is obtained;
and taking the data of the key length as the data corresponding to the target offset.
4. The method of claim 1, wherein receiving the target offset sent by the server comprises:
determining an original offset stored by the security chip;
searching an original secret key in the random data according to the original offset stored in the security chip;
establishing an original encryption communication channel based on the searched original secret key and the original secret key stored by the server;
and receiving the target offset sent by the server based on the original encrypted communication channel.
5. The method of claim 1, wherein before updating the original offset stored by the secure chip to the target offset, the method further comprises:
and searching an original key in the random data according to the original offset, and establishing an original encryption communication channel based on the searched original key and the original key stored by the server so that the security chip and the server perform data communication based on the original encryption communication channel.
6. A key exchange method is applied to a server, and the method comprises the following steps:
acquiring random data and original offset corresponding to the security chip; the random data corresponding to the security chip is the same as the preset data stored in the security chip and is determined based on the storage space of the chip and the value range of the secret key;
modifying the original offset to obtain a target offset;
searching data corresponding to the target offset according to the target offset, selecting data from the data corresponding to the target offset according to a key data searching rule to obtain a target key, and storing the target key; wherein the target key is a random number generated based on the random data;
sending the target offset to a security chip so that the security chip updates the stored original offset to the target offset;
and when the security chip communicates with the server, establishing a target encryption communication channel based on the stored target key and the updated target key searched by the target offset.
7. The method of claim 6, wherein sending the target offset to a secure chip comprises:
establishing an original encryption communication channel based on an original secret key stored by the server and an original secret key searched by the security chip;
and sending the target offset to a security chip based on the original encrypted communication channel.
8. A key exchange device applied to a secure chip, the device comprising:
the offset acquisition module is used for receiving the target offset sent by the server; the target offset is an offset obtained by modifying an original offset by the server;
the offset updating module is used for updating the original offset stored in the security chip into the target offset; the security chip also stores random data; the random data stored by the security chip is preset data stored by the security chip, and the preset data is determined based on the storage space of the chip and the value range of the secret key;
the communication module is used for searching data corresponding to the target offset according to the target offset when data communication is carried out with the server, and selecting the data corresponding to the target offset according to a key data searching rule to obtain a target key; establishing a target encryption communication channel based on the searched target secret key and the target secret key stored by the server; wherein the target key is a random number generated based on the random data.
9. A key exchange apparatus applied to a server, the apparatus comprising:
the data acquisition module is used for acquiring random data and original offset corresponding to the security chip; the random data corresponding to the security chip is the same as the preset data stored in the security chip and is determined based on the storage space of the chip and the value range of the secret key;
the offset modifying module is used for modifying the original offset to obtain a target offset;
the key generation module is used for searching data corresponding to the target offset according to the target offset, selecting data from the data corresponding to the target offset according to a key data searching rule to obtain a target key, and storing the target key; wherein the target key is a random number generated based on the random data;
the secret key sending module is used for sending the target offset to a security chip so that the security chip updates the stored original offset into the target offset;
and the communication module is used for establishing a target encryption communication channel based on the stored target key and the target key searched by the updated target offset when the security chip is communicated with the server.
10. A computer device comprising a memory and a processor, the memory storing a computer program, characterized in that the processor, when executing the computer program, implements the steps of the method of any of claims 1 to 7.
11. A storage medium having a computer program stored thereon, the computer program, when being executed by a processor, realizing the steps of the method of any one of claims 1 to 7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211231527.6A CN115296808B (en) | 2022-10-10 | 2022-10-10 | Key replacing method, device, computer equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211231527.6A CN115296808B (en) | 2022-10-10 | 2022-10-10 | Key replacing method, device, computer equipment and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN115296808A CN115296808A (en) | 2022-11-04 |
| CN115296808B true CN115296808B (en) | 2023-03-10 |
Family
ID=83819307
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202211231527.6A Active CN115296808B (en) | 2022-10-10 | 2022-10-10 | Key replacing method, device, computer equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115296808B (en) |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105933318A (en) * | 2016-05-26 | 2016-09-07 | 乐视控股(北京)有限公司 | Data secret-keeping method, device and system |
| CN106302379A (en) * | 2015-06-26 | 2017-01-04 | 比亚迪股份有限公司 | The authentication method of vehicle mounted electrical apparatus, system and its apparatus |
| CN112383897A (en) * | 2020-10-19 | 2021-02-19 | 东软集团股份有限公司 | Information transmission method, device, medium and electronic equipment based on intelligent network connection |
| CN112651034A (en) * | 2020-12-21 | 2021-04-13 | 山东山大鸥玛软件股份有限公司 | One-time pad replaceable encryption algorithm, assembly and equipment based on codebook |
Family Cites Families (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP1693982A3 (en) * | 1999-03-11 | 2006-08-30 | TECSEC, Inc. | Method for establishing a secure communication channel |
| US7471795B2 (en) * | 2003-09-12 | 2008-12-30 | Victor Company Of Japan, Ltd. | Information transmission system |
| US20170012949A1 (en) * | 2006-04-25 | 2017-01-12 | Stephen Laurence Boren | Dynamic identity verification and authentication continuous, dynamic one-time-pad/one-time passwords and dynamic distributed key infrastructure for secure communications with a single key for any key-based network security controls |
| US8578473B2 (en) * | 2009-03-25 | 2013-11-05 | Lsi Corporation | Systems and methods for information security using one-time pad |
| US9128876B2 (en) * | 2011-12-06 | 2015-09-08 | Honeywell International Inc. | Memory location specific data encryption key |
| US10540504B2 (en) * | 2015-05-12 | 2020-01-21 | Datrium, Inc. | Distributed data method for encrypting data |
| CN109104276B (en) * | 2018-07-31 | 2021-10-22 | 如般量子科技有限公司 | Cloud storage security control method and system based on key pool |
-
2022
- 2022-10-10 CN CN202211231527.6A patent/CN115296808B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106302379A (en) * | 2015-06-26 | 2017-01-04 | 比亚迪股份有限公司 | The authentication method of vehicle mounted electrical apparatus, system and its apparatus |
| CN105933318A (en) * | 2016-05-26 | 2016-09-07 | 乐视控股(北京)有限公司 | Data secret-keeping method, device and system |
| CN112383897A (en) * | 2020-10-19 | 2021-02-19 | 东软集团股份有限公司 | Information transmission method, device, medium and electronic equipment based on intelligent network connection |
| CN112651034A (en) * | 2020-12-21 | 2021-04-13 | 山东山大鸥玛软件股份有限公司 | One-time pad replaceable encryption algorithm, assembly and equipment based on codebook |
Also Published As
| Publication number | Publication date |
|---|---|
| CN115296808A (en) | 2022-11-04 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US20210099287A1 (en) | Cryptographic key generation for logically sharded data stores | |
| KR102432299B1 (en) | Systems and methods for encryption and decryption based on quantum key distribution | |
| CN105760764B (en) | Encryption and decryption method and device for embedded storage device file and terminal | |
| CN113346998B (en) | Key updating and file sharing method, device, equipment and computer storage medium | |
| CA3066678A1 (en) | Processing data queries in a logically sharded data store | |
| CN109471844A (en) | File sharing method, device, computer equipment and storage medium | |
| CN104331408A (en) | Chunk-level client side encryption in hierarchical content addressable storage systems | |
| US10454910B2 (en) | Management apparatus, computer program product, system, device, method, information processing apparatus, and server | |
| KR20130064701A (en) | Privacy-preserving collaborative filtering | |
| CN113691502B (en) | Communication method, device, gateway server, client and storage medium | |
| CN103841099A (en) | System for encrypting content name | |
| CN102138300A (en) | Message authentication code pre-computation with applications to secure memory | |
| MX2007014237A (en) | Implementation of an integrity-protected secure storage. | |
| CN103310169A (en) | SD (Secure Digital) card data protection method and protection system thereof | |
| CN112738051B (en) | Data information encryption method, system and computer readable storage medium | |
| CN105117635A (en) | Local data security protection system and method | |
| CN105721156A (en) | General Encoding Functions For Modular Exponentiation Encryption Schemes | |
| WO2018017168A2 (en) | System and method for encryption and decryption based on quantum key distribution | |
| CN101345624A (en) | Document access system and method | |
| CN107872315B (en) | Data processing method and intelligent terminal | |
| CN112073444A (en) | Data set processing method and device and server | |
| CN114491637A (en) | Data query method and device, computer equipment and storage medium | |
| CN112822010B (en) | Removable storage medium management method based on quantum key and block chain | |
| CN115296808B (en) | Key replacing method, device, computer equipment and storage medium | |
| CN117041956A (en) | Communication authentication method, device, computer equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |