CN116707885A - Secure and trusted starting method and system for generating random key based on TPCM - Google Patents
Secure and trusted starting method and system for generating random key based on TPCM Download PDFInfo
- Publication number
- CN116707885A CN116707885A CN202310628035.9A CN202310628035A CN116707885A CN 116707885 A CN116707885 A CN 116707885A CN 202310628035 A CN202310628035 A CN 202310628035A CN 116707885 A CN116707885 A CN 116707885A
- Authority
- CN
- China
- Prior art keywords
- tpcm
- key
- kernel
- program
- bootstrap
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 24
- JBWKIWSBJXDJDT-UHFFFAOYSA-N triphenylmethyl chloride Chemical compound C=1C=CC=CC=1C(C=1C=CC=CC=1)(Cl)C1=CC=CC=C1 JBWKIWSBJXDJDT-UHFFFAOYSA-N 0.000 title claims description 53
- 238000012795 verification Methods 0.000 claims description 12
- 230000002787 reinforcement Effects 0.000 claims description 8
- 230000005540 biological transmission Effects 0.000 abstract description 4
- 238000010586 diagram Methods 0.000 description 9
- 238000004590 computer program Methods 0.000 description 6
- 238000005516 engineering process Methods 0.000 description 5
- 230000006870 function Effects 0.000 description 5
- 230000003014 reinforcing effect Effects 0.000 description 4
- 238000005259 measurement Methods 0.000 description 3
- 238000012545 processing Methods 0.000 description 3
- 238000001514 detection method Methods 0.000 description 2
- 230000007246 mechanism Effects 0.000 description 2
- 241000700605 Viruses Species 0.000 description 1
- 230000002159 abnormal effect Effects 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 230000009977 dual effect Effects 0.000 description 1
- 230000036039 immunity Effects 0.000 description 1
- 238000002347 injection Methods 0.000 description 1
- 239000007924 injection Substances 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0442—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
- H04L9/3239—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving non-keyed hash functions, e.g. modification detection codes [MDCs], MD5, SHA or RIPEMD
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/72—Signcrypting, i.e. digital signing and encrypting simultaneously
Abstract
The invention discloses a safe and reliable starting method and a safe and reliable starting system based on a random key generated by TPCM (trusted platform control) in the technical field of network security, which aim to solve the problems that an embedded system rarely considers the safety problem of the system and has larger potential safety hazards and the like in the prior art, adopts a trusted 3.0 concept TPCM trusted module and a main board to form a double-system architecture, establishes a system trusted root on the basis of TPCM hardware, establishes a trust chain from the hardware itself, a bootstrap program, an operating system and an application program, and ensures that the former starting entity is trusted when each entity is started, and ensures the reliability of the whole system through the transmission of the trust chain before the hierarchy. The invention can effectively improve the safety of the embedded system and has wide application prospect in the field of the safety of the embedded system.
Description
Technical Field
The invention relates to a secure and trusted starting method and system for generating a random key based on TPCM, belonging to the technical field of network security.
Background
There are a variety of technologies for securing systems, such as security firewalls, system access control and intrusion detection technologies, which all have a common feature of improving the security of the application layer of the system. A system that can operate safely and stably is premised on that the system itself is secure, and if tampered with or broken before the system is started, any security policies and mechanisms established based on the system cannot ensure that the system is trusted. Many embedded systems in traditional safety devices rarely consider the safety problem of the system, have great potential safety hazards, and an intruder can interfere the normal operation of the system by means of tampering with the system, implanting viruses and the like, so that serious loss and damage are possibly brought to users.
The trusted computing technology is one of important means for solving the problems of unreliable computing environment, lack of deep guarantee of information security and the like, and the trusted computing can perform security protection while operating, so that the system can be provided with security immunity.
The reliability of the system is enhanced by the mechanisms such as backup, and the like, and the reliability is realized by adding redundancy into the system and then realizing a layer of fault-tolerant algorithm. The trusted 2.0 realizes a passive component combining software and hardware based on a trusted root such as a Trusted Platform Module (TPM) and the like, provides a trusted call interface for system hardware, an operating system and applications, and can use the interfaces to realize specific trusted functions; the remote entity can be trusted.
These two trusted technologies have two drawbacks: first, passive trusted, trusted components are callees, and there are many limitations; second, the data that is verified is insufficient to ensure that all known, trusted entities are verified.
Disclosure of Invention
The invention aims to overcome the defects in the prior art and provides a safe and reliable starting method and a safe and reliable starting system for generating a random key based on TPCM, which take a solidified COS in the TPCM as a hardware trusted root, measure a starting program step by step, establish a trusted environment of a full chain through the transmission of trust chains among layers, and ensure that the starting file is not tampered and destroyed, thereby ensuring the safety and the reliability of the whole system.
In order to achieve the above purpose, the invention is realized by adopting the following technical scheme:
in one aspect, the present invention provides a secure trusted starting method for generating a random key based on a TPCM, including:
after the system is powered on, a reset signal is output to the CPU and used for clamping the CPU;
reading a bootstrap program stored in the main board by using the asymmetric key, and checking the bootstrap program; the asymmetric key is a pre-stored asymmetric key when the bootstrap program is reinforced safely;
if the bootstrap program passes the signature verification, outputting a release reset signal to the CPU, and performing the signature verification on the kernel image stored in the memory; the kernel mirror image stored in the memory is read from the main board by the bootstrap program;
if the kernel image passes the verification, decrypting the kernel image;
if the kernel image is successfully decrypted, the kernel image is started to enter the system, and an application program is operated.
Furthermore, the system needs to be deployed before the system is powered on, which comprises the step of sequentially carrying out security reinforcement on the bootstrap program and the kernel mirror image.
Further, the security reinforcement for the bootstrap program includes:
carrying out hash operation on the bootstrap program through an external tool to obtain a hash value, and generating a group of asymmetric keys;
signing the hash value of the bootstrap program by using the asymmetric key to obtain a signature value;
and re-linking the signature value and the bootstrap source file to form a package to generate a safely reinforced bootstrap program, and burning the safely reinforced bootstrap program into the main board.
Further, the public key portion of the asymmetric key is solidified in the nonvolatile region of the TPCM module.
Further, the security reinforcement for the kernel image includes:
randomly generating a group of symmetric keys K1 and two groups of asymmetric keys K2 and K3;
symmetrically encrypting the kernel image by using a symmetric key K1 to obtain a ciphertext E1 (A), and recording the actual Size of the kernel image as Size (A);
carrying out Hash operation on the ciphertext E1 (A) to obtain a Hash value Hash (A);
signing the Hash value Hash (a) by using the asymmetric key K3 to obtain a signature value Sig [ Hash (a) ];
encrypting the symmetric key K1 by using the asymmetric key K2 to obtain a ciphertext E2 (K1);
and re-linking Size (A), sig [ Hash (A) ], E2 (K1) and E1 (A) to generate a safe and reinforced kernel mirror image, and burning the safe and reinforced kernel mirror image into a main board.
Further, the verifying the kernel image stored in the memory includes: carrying out Hash operation on the ciphertext E1 (A) to obtain a Hash value, and carrying out signature verification on the Hash value and the signature value Sig [ Hash (A) ] by using a public key part of the asymmetric key K3;
decrypting the kernel image includes: and decrypting the ciphertext E2 (K1) to obtain a symmetric key K1, and decrypting the ciphertext E1 (A) by using the symmetric key K1 to obtain an original image.
Further, the method also comprises the steps of updating and upgrading the bootstrap program and the kernel image, and comprises the following steps:
the method comprises the steps that an external tool utilizes a private key used by a bootstrap signature to safely strengthen a bootstrap to be updated, an updated bootstrap is generated, and the updated bootstrap is burnt into a main board;
encrypting a kernel image to be updated by using a symmetric key K1 'randomly generated by an external tool to obtain a ciphertext, calculating a hash value of the ciphertext, signing the hash value by using an asymmetric key K3, encrypting the K1' by using a public key part of an asymmetric key K2, re-linking the obtained data to generate the updated kernel image, and burning the updated kernel image into a main board.
On the other hand, the invention also provides a safe and reliable starting system for generating the random key based on the TPCM, which is used for realizing the safe and reliable starting method for generating the random key based on the TPCM.
Optionally, the CPU reset signal is controlled by the TPCM module and the reset chip of the main board together.
The TPCM module is integrated with an algorithm engine unit, a key management unit and a PCR register, wherein the algorithm engine unit is used for producing random and unique keys, the key management unit is used for analyzing and checking a bootstrap program and a kernel mirror image by using the keys, and the PCR register is used for storing hash values of the bootstrap program and ciphertext.
Optionally, the bootstrap program sets a secure user mode and a normal user mode, the bootstrap program and the kernel mirror image are securely reinforced in the secure mode, and the security reinforcing instruction is filtered in the normal user mode.
Compared with the prior art, the invention has the beneficial effects that:
the system is embedded with the TPCM module, the TPC module and the main board form a safe double-system framework, random and unique secret keys are generated by the TPCM module to strengthen system files when the system is deployed, the solidified COS in the TPCM is used as a hardware trusted root when the system is started, a starting program is measured step by step, a full-chain trusted environment is established through the transmission of trust chains among the layers, and the starting files are ensured not to be tampered and destroyed, so that the safety and the reliability of the whole system are ensured.
The invention solves the problems that security firewalls, system access control, intrusion detection technologies and the like in the field of embedded systems can only improve the unilateral performance of the security of the application layer of the system, can ensure the security and reliability of the system, can detect whether the system file is tampered or destroyed before the system is started, and simultaneously, the kernel encryption key is random and unique to further improve the security of the system, thereby having wide application prospect in the field of the security of the embedded system.
Drawings
FIG. 1 is a schematic diagram of a dual architecture system hardware architecture based on a TPCM module in an embodiment of the invention;
FIG. 2 is a schematic diagram of a reinforcement flow of a boot program of a secure trusted boot method for generating a random key based on a TPCM in one embodiment of the invention;
FIG. 3 is a schematic diagram of a reinforcement flow of kernel images of a secure trusted boot method for generating random keys based on TPCM in one embodiment of the present invention;
fig. 4 is a schematic diagram of a secure trusted boot process of an embedded system according to an embodiment of the present invention.
Description of the embodiments
The invention is further described below with reference to the accompanying drawings. The following examples are only for more clearly illustrating the technical aspects of the present invention, and are not intended to limit the scope of the present invention.
Examples
The embodiment of the invention provides a secure and reliable starting method for generating a random key based on TPCM, which is divided into a system deployment stage and a secure and reliable starting stage.
The system deployment stage comprises the steps of safely reinforcing a bootstrap program and safely reinforcing a kernel mirror image, and the specific steps are as follows:
as shown in fig. 2, the bootstrap program is securely strengthened:
and carrying out hash operation on the bootstrap program through an external tool to obtain a hash value, generating a group of asymmetric keys at the same time, and solidifying the public key part of the asymmetric keys generated randomly in the nonvolatile area of the TPCM module.
And signing the hash value of the bootstrap program by using the asymmetric key to obtain a signature value. The signature value is re-linked with the bootstrap source file to form a group package to generate the consolidated bootstrap.
As shown in fig. 3, the kernel image is securely reinforced:
and burning the reinforced boot program into the main board, and using the TPCM module to safely reinforce the kernel mirror image in the safe user mode of the boot program.
The TPCM module randomly generates a group of symmetric keys K1 and two groups of asymmetric keys K2, K3, and public key parts of K2 and K3 which are stored in an external full life cycle management system and are in one-to-one correspondence with each embedded system ID for upgrading the kernel image in the later stage. Because the used secret keys are randomly generated by the TPCM module and are unique, each system is different, and the security and the reliability of the system can be further improved.
And symmetrically encrypting the kernel image (A) by using the symmetric key K1 to obtain a ciphertext E1 (A), and recording the actual Size of the kernel image as Size (A). Hash operation is carried out on the ciphertext E1 (A) by using a Hash algorithm to obtain Hash (A), signature is carried out on the Hash (A) by using an asymmetric key K3 to obtain Sig [ Hash (A) ], and encryption is carried out on the symmetric key K1 by using an asymmetric key K2 to obtain ciphertext E2 (K1).
And re-linking Size (A), sig [ Hash (A) ], E2 (K1) and E1 (A) to generate a new kernel mirror image, and burning the new kernel mirror image into a main board storage medium.
The safe and reliable starting stage can be divided into three stages, wherein the first stage is a TPCM module active measurement bootstrap program; the second stage is the kernel mirror image of the measurement kernel of the bootstrap program; the third stage is decryption of the kernel image, and the specific steps are as follows:
as shown in fig. 4, after the system is powered on, the TPCM module is started as a master device in preference to the CPU, and simultaneously sends a reset signal to the CPU to clamp the CPU.
The first stage: the TPCM module uses the public key part of the asymmetric key solidified in the nonvolatile area to read the bootstrap program, analyzes and checks the bootstrap program, if the verification is successful, the reset signal is released, the bootstrap program is started, and the next stage is entered; if the signature verification fails, stopping the system starting.
And a second stage: reading and analyzing the kernel image file, performing Hash operation on the ciphertext E1 (A) by using the TPCM module, inputting a Hash value and a signature value Sig [ Hash [ A ] as parameters into the TPCM module, and performing signature verification by using a public key part of the asymmetric key K3, entering the next stage, and stopping system starting if the signature verification fails.
And a third stage: decrypting E2 (K1) by using a TPCM module to obtain a symmetric key K1, decrypting E1 (A) by using K1 to obtain an original image, and starting a kernel to enter a system if the decryption is successful; if decryption is abnormal, the content of the kernel image is incomplete, and system start is stopped.
After entering the system, the application is also verified according to the set security policy, but is not within the scope of the invention.
Examples
Based on the implementation 1, this embodiment describes how to update the boot program or the kernel image, and the specific steps are as follows:
update boot program: and (3) by writing an external tool, the private key used by the signature of the bootstrap program is utilized to carry out security reinforcement on the bootstrap program to be updated, and the bootstrap program is burnt.
Updating the kernel image: and randomly generating a symmetric key K1 'by using an external tool, encrypting a kernel image to be updated, calculating a ciphertext hash value of the kernel image, signing the hash value by using K3, encrypting the K1' by using a K2 public key part, re-linking obtained data to generate a new updated kernel image, and burning and updating. Where K1', K2 and K3 are random and unique.
Examples
Based on the same inventive concept as other embodiments, this embodiment introduces a secure trusted starting system for generating a random key based on a TPCM, which includes a TPCM module and a motherboard, where the TPCM module supports SPI, EMMC, QSPI multiple interface protocols to communicate with the motherboard, and has strong adaptability.
The TPCM module and the main board form a double-system hardware architecture based on the TPCM module. The TPCM module outputs a reset signal and the main board reset chip jointly controls the CPU reset signal.
The boot program in the main board storage medium comprises a safe user mode and a normal user mode, the boot program and the kernel mirror image can be reinforced under the safe user mode, and all safe reinforcing instructions are filtered under the normal user mode.
The TPCM module is internally integrated with an algorithm engine unit and a key management unit, has the functions of cryptographic algorithm service, key management and the like, and supports the check and monitoring of a kernel, a safe operating system and an application program; and a PCR register is integrated for storing hash values of related files.
In summary, the invention adopts the idea of trusted 3.0 that the TPCM trusted module and the motherboard form a dual-system architecture, establishes a system trusted root based on TPCM hardware, and establishes a trust chain from the hardware itself, the bootstrap program, the operating system and the application program, and each time an entity is started, the trust of the former starting entity is ensured, and the reliability of the whole system is ensured through the transmission of the trust chain before the hierarchy.
The invention builds the active measurement trust chain based on TPCM, realizes the step-by-step guidance based on the hardware trusted root, reduces the risks of reverse and malicious code injection of terminal firmware, and thoroughly eliminates the novel unknown malicious attack faced in the embedded equipment from the structure.
It will be appreciated by those skilled in the art that embodiments of the present invention may be provided as a method, system, or computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
Claims (10)
1. A secure trusted boot method for generating a random key based on a TPCM, comprising:
after the system is powered on, a reset signal is output to the CPU and used for clamping the CPU;
reading a bootstrap program stored in the main board by using the asymmetric key, and checking the bootstrap program; the asymmetric key is a pre-stored asymmetric key when the bootstrap program is reinforced safely;
if the bootstrap program passes the signature verification, outputting a release reset signal to the CPU, and performing the signature verification on the kernel image stored in the memory; the kernel mirror image stored in the memory is read from the main board by the bootstrap program;
if the kernel image passes the verification, decrypting the kernel image;
if the kernel image is successfully decrypted, the kernel image is started to enter the system, and an application program is operated.
2. The method for securely and trusted starting up a system based on TPCM generation of random keys according to claim 1, wherein the system is deployed before powering up the system, comprising securing the boot program and the kernel image in sequence.
3. The secure trusted boot method for generating random keys based on TPCM of claim 2, wherein the secure reinforcement of the boot program comprises:
carrying out hash operation on the bootstrap program through an external tool to obtain a hash value, and generating a group of asymmetric keys;
signing the hash value of the bootstrap program by using the asymmetric key to obtain a signature value;
and re-linking the signature value and the bootstrap source file to form a package to generate a safely reinforced bootstrap program, and burning the safely reinforced bootstrap program into the main board.
4. A secure trusted boot method for generating random keys based on TPCM as claimed in claim 3, wherein the public key portion of said asymmetric key is solidified in the non-volatile area of the TPCM module.
5. The secure trusted boot method for generating random keys based on TPCM of claim 2, wherein the secure reinforcement of the kernel image comprises:
randomly generating a group of symmetric keys K1 and two groups of asymmetric keys K2 and K3;
symmetrically encrypting the kernel image by using a symmetric key K1 to obtain a ciphertext E1 (A), and recording the actual Size of the kernel image as Size (A);
carrying out Hash operation on the ciphertext E1 (A) to obtain a Hash value Hash (A);
signing the Hash value Hash (a) by using the asymmetric key K3 to obtain a signature value Sig [ Hash (a) ];
encrypting the symmetric key K1 by using the asymmetric key K2 to obtain a ciphertext E2 (K1);
and re-linking Size (A), sig [ Hash (A) ], E2 (K1) and E1 (A) to generate a safe and reinforced kernel mirror image, and burning the safe and reinforced kernel mirror image into a main board.
6. The method for securely and trusted boot-up based on TPCM generation of random keys of claim 5, wherein signing the kernel image stored in the memory comprises: carrying out Hash operation on the ciphertext E1 (A) to obtain a Hash value, and carrying out signature verification on the Hash value and the signature value Sig [ Hash (A) ] by using a public key part of the asymmetric key K3;
decrypting the kernel image includes: and decrypting the ciphertext E2 (K1) to obtain a symmetric key K1, and decrypting the ciphertext E1 (A) by using the symmetric key K1 to obtain an original image.
7. The method for securely and trusted boot-up based on TPCM generation of random keys of claim 1, further comprising updating the boot program and the kernel image, comprising:
the method comprises the steps that an external tool utilizes a private key used by a bootstrap signature to safely strengthen a bootstrap to be updated, an updated bootstrap is generated, and the updated bootstrap is burnt into a main board;
encrypting a kernel image to be updated by using a symmetric key K1 'randomly generated by an external tool to obtain a ciphertext, calculating a hash value of the ciphertext, signing the hash value by using an asymmetric key K3, encrypting the K1' by using a public key part of an asymmetric key K2, re-linking the obtained data to generate the updated kernel image, and burning the updated kernel image into a main board.
8. A secure trusted boot system for generating a random key based on a TPCM, wherein the system is configured to implement the secure trusted boot method for generating a random key based on a TPCM according to any one of claims 1 to 7.
9. The TPCM-based random key generation secure trusted starting system according to claim 8, comprising a TPCM module and a motherboard, wherein the TPCM module communicates with the motherboard via an SPI interface, and is capable of outputting a reset signal to prevent CPU reset together with a reset chip of the motherboard;
the TPCM module is integrated with an algorithm engine unit, a key management unit and a PCR register, wherein the algorithm engine unit is used for producing random and unique keys, the key management unit is used for analyzing and checking a bootstrap program and a kernel mirror image by using the keys, and the PCR register is used for storing hash values of the bootstrap program and ciphertext.
10. The TPCM-based random key generation secure trusted boot system of claim 9, wherein the boot program sets a secure user mode in which the boot program, the kernel image, is securely hardened and a normal user mode in which the security hardened instructions are filtered.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310628035.9A CN116707885A (en) | 2023-05-31 | 2023-05-31 | Secure and trusted starting method and system for generating random key based on TPCM |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310628035.9A CN116707885A (en) | 2023-05-31 | 2023-05-31 | Secure and trusted starting method and system for generating random key based on TPCM |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN116707885A true CN116707885A (en) | 2023-09-05 |
Family
ID=87823173
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202310628035.9A Pending CN116707885A (en) | 2023-05-31 | 2023-05-31 | Secure and trusted starting method and system for generating random key based on TPCM |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN116707885A (en) |
-
2023
- 2023-05-31 CN CN202310628035.9A patent/CN116707885A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109313690B (en) | Self-contained encrypted boot policy verification | |
| JP4664398B2 (en) | Incremental code signing method and apparatus | |
| KR101476948B1 (en) | System and method for tamper-resistant booting | |
| CN102646077B (en) | A kind of method of the full disk encryption based on credible password module | |
| CN101421739B (en) | System containing BIOS and method used for BIOS | |
| JP4912879B2 (en) | Security protection method for access to protected resources of processor | |
| KR101768583B1 (en) | Secure battery authentication | |
| CN110688660B (en) | Method and device for safely starting terminal and storage medium | |
| CN111160879A (en) | Hardware wallet and security improving method and device thereof | |
| CN112511306A (en) | Safe operation environment construction method based on mixed trust model | |
| CN111597560B (en) | Safe and reliable module starting method and system | |
| CN116707885A (en) | Secure and trusted starting method and system for generating random key based on TPCM | |
| CN112733126B (en) | Product license authentication method and system | |
| CN112968774A (en) | Method, device storage medium and equipment for encrypting and decrypting configuration file | |
| CN111723379A (en) | Trusted protection method, system, equipment and storage medium for trusted platform zone intelligent terminal | |
| CN114816549B (en) | Method and system for protecting bootloader and environment variable thereof | |
| CN112449143B (en) | Implementation method and implementation system of secure video | |
| CN109598150B (en) | Key using method | |
| CN114722413A (en) | Method, device, server and medium for establishing security trust chain | |
| CN114357385A (en) | Software protection and authorization method, system and device | |
| CN117131522A (en) | File processing method and device and electronic equipment | |
| CN116089967A (en) | Data rollback prevention method and electronic equipment | |
| KR20070017455A (en) | Secure protection method for access to protected resources in a processor |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |