CN117353920A - Key derivation method, processor and related equipment - Google Patents
Key derivation method, processor and related equipment Download PDFInfo
- Publication number
- CN117353920A CN117353920A CN202311639265.1A CN202311639265A CN117353920A CN 117353920 A CN117353920 A CN 117353920A CN 202311639265 A CN202311639265 A CN 202311639265A CN 117353920 A CN117353920 A CN 117353920A
- Authority
- CN
- China
- Prior art keywords
- key
- domain
- isolation domain
- isolation
- key derivation
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000009795 derivation Methods 0.000 title claims abstract description 160
- 238000000034 method Methods 0.000 title claims abstract description 49
- 238000002955 isolation Methods 0.000 claims abstract description 339
- 238000012795 verification Methods 0.000 claims description 24
- 230000015654 memory Effects 0.000 claims description 16
- 230000004044 response Effects 0.000 claims description 8
- 230000001172 regenerating effect Effects 0.000 claims description 2
- 238000004590 computer program Methods 0.000 description 5
- 238000004891 communication Methods 0.000 description 4
- 238000005516 engineering process Methods 0.000 description 4
- 230000008859 change Effects 0.000 description 2
- 230000007246 mechanism Effects 0.000 description 2
- 230000008569 process Effects 0.000 description 2
- 239000000243 solution Substances 0.000 description 2
- 230000001360 synchronised effect Effects 0.000 description 2
- 238000010586 diagram Methods 0.000 description 1
- 238000002347 injection Methods 0.000 description 1
- 239000007924 injection Substances 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000005192 partition Methods 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/40—Network security protocols
Abstract
The application discloses a key derivation method, a processor and related equipment, wherein the key derivation method is applied to the processor, the processor is provided with at least one execution environment, the execution environment comprises a plurality of isolation domains, and the key derivation method comprises the following steps: receiving a key derivation request sent by an upper isolation domain, adding state information of a local isolation domain into the key derivation request, wherein the state information comprises software state information and/or hardware state information, responding to the key derivation request, generating a derived key based on the state information, or sending the key derivation request with the state information to a lower isolation domain, so that the lower isolation domain responds to the key derivation request to generate the derived key, and therefore the derived key cannot be correctly reproduced under the condition that equipment is attacked or maliciously accessed, important data of the equipment can be guaranteed not to be leaked, and safety of the equipment can be improved.
Description
Technical Field
The present disclosure relates to the field of processor technologies, and in particular, to a key derivation method, a processor, and related devices.
Background
Key derivation techniques refer to techniques that generate one or more derived keys from a base key or root key. For example, on a computer device such as a mobile phone, a desktop computer or a server using a processor chip, a hardware unique key (Hand ware Unique Key, HUK) can be used as a base key to derive a derivative key such as a secure storage key (Secure Storage Key, SSK) and a trusted application storage key (Trusted Application Storage Key, TSK), and the security of important data stored by the device can be ensured through the derivative keys such as the SSK and the TSK. Although the correct reproduction of the derived key is the basis for ensuring the security of the device, if the derived key is still correctly reproduced under the condition that the device is attacked or maliciously accessed, important data is leaked, and the security of the device is affected.
Disclosure of Invention
The application discloses a key derivation method, a processor and related equipment, so as to avoid correct reproduction of a derived key under the condition that the equipment is attacked or maliciously accessed.
In a first aspect, the present application discloses a key derivation method, applied to a processor, where the processor is loaded with at least one execution environment, the execution environment includes a plurality of isolation domains, and the key derivation method includes: receiving a key derivation request sent by an upper isolation domain; adding the state information of the isolation domain of the layer into the key derivation request, wherein the state information comprises the software state information and/or hardware state information of the isolation domain of the layer; and generating a derivative key based on the state information in response to the key derivation request, or sending the key derivation request with the state information to a lower quarantine domain, so that the lower quarantine domain generates the derivative key in response to the key derivation request.
In some optional examples, the adding the state information of the layer isolation domain to the key derivation request includes: adding the state information of the layer isolation domain into the path information of the key derivation request; the generating a derived key based on the state information includes: a derivative key is generated based on the path information having the state information.
In some alternative examples, the software state information includes stack information, software version information, software lifecycle information, software developer information, or software authorization information; the hardware state information includes a device security period state.
In some optional examples, the key derivation request includes a state mask of the upper layer quarantine domain, and before adding state information to the key derivation request, further includes: and determining the state information of the local isolation domain based on the state mask of the upper isolation domain and the state mask of the local isolation domain, wherein the state mask of the upper isolation domain and the state mask of the local isolation domain are respectively used for indicating at least one state information of the local isolation domain.
In some optional examples, the layer isolation domain is a derivative root isolation domain, the key derivation request includes a session key ciphertext and an algorithm information ciphertext, and generating the derivative key based on the state information includes: decrypting the session key ciphertext based on the private key of the derivative root isolation domain to obtain a session key; decrypting the algorithm information ciphertext based on the session key to obtain algorithm information; and generating a derivative key based on the state information and the algorithm information.
In some alternative examples, further comprising: receiving an information acquisition request sent by the upper isolation domain; and responding to the information acquisition request, returning the public key of the derivative root isolation domain to the upper isolation domain so that the applicant isolation domain acquires the public key of the derivative root isolation domain from the upper isolation domain, encrypting the session key based on the public key of the derivative root isolation domain, wherein the session key comprises a key randomly generated by the applicant isolation domain.
In some alternative examples, the generating a derived key based on the state information and the algorithm information includes: and generating a derivative key based on the state information, the algorithm information and the identity of the derivative root isolation domain.
In some optional examples, after generating the derivative key based on the state information, the method further includes: generating a verification code of the derivative key based on the session key; and encrypting the derivative key and the verification code by using the session key to obtain a derivative key ciphertext, and returning the derivative key ciphertext to the upper isolation domain so that the applicant isolation domain can obtain the derivative key ciphertext from the upper isolation domain.
In some alternative examples, the key derivation request includes an identity of the upper quarantine domain and a digital signature generated based on a private key of the upper quarantine domain and data to be signed, and before responding to the key derivation request, further includes: acquiring a public key of the upper isolation domain from a shared space of the plurality of isolation domains based on the identity of the upper isolation domain, wherein the public key of the upper isolation domain is bound with the identity of the upper isolation domain and stored in the shared space; verifying the digital signature based on the public key of the upper layer isolation domain; and if the verification is passed, responding to the key derivation request.
In some optional examples, before the sending the key derivation request with the state information to the lower isolation domain, the method further includes: regenerating a digital signature based on the private key of the isolation domain of the layer and the data to be signed; and adding the identity mark of the layer isolation domain and the regenerated digital signature into the key derivation request.
In some optional examples, before the sending the key derivation request with the state information to the lower isolation domain, the method further includes: and adding the state mask of the layer isolation domain to the key derivation request.
In a second aspect, the present application discloses a processor configured to perform the key derivation method as set forth in any one of the preceding claims.
In a third aspect, the present application discloses a computer device comprising: a memory for storing instructions; a processor for performing the key derivation method of any one of the above claims in accordance with instructions stored in the memory.
In a fourth aspect, the present application discloses a computer-readable storage medium having stored thereon instructions for performing the key derivation method of any one of the above.
According to the key derivation method, the processor and the related equipment disclosed by the application, under the condition that the equipment is attacked or maliciously accessed, the state information of the isolation domain, namely the software state information and/or the hardware state information, is changed, so that the derived key generated based on the state information under the condition that the equipment is attacked or maliciously accessed is different from the derived key generated based on the state information under the condition that the equipment is not attacked or maliciously accessed, that is, the derived key cannot be correctly reproduced under the condition that the equipment is attacked or maliciously accessed, important data of the equipment can not be revealed, and the safety of the equipment can be improved.
Drawings
In order to more clearly describe the technical solutions in the embodiments or the background of the present application, the following description will describe the drawings that are required to be used in the embodiments or the background of the present application.
Fig. 1 is a flowchart of a key derivation method disclosed in an embodiment of the present application.
Fig. 2 is a flow chart of another key derivation method disclosed in an embodiment of the present application.
Fig. 3 is a flow chart of another key derivation method disclosed in an embodiment of the present application.
Fig. 4 is a flowchart of another key derivation method disclosed in an embodiment of the present application.
Fig. 5 is a flow chart of another key derivation method disclosed in an embodiment of the present application.
Fig. 6 is a schematic structural diagram of a computer device according to an embodiment of the present application.
Detailed Description
The technical solutions in the embodiments of the present application will be described below with reference to the drawings in the embodiments of the present application. All other embodiments, which can be made by one of ordinary skill in the art without undue burden from the present disclosure, are within the scope of the present disclosure.
As security requirements increase, more and more security technologies are gradually applied to various computer devices. In some applications of security technologies, the derivative key is generated by taking the HUK as a basic key, so that the derivative key is bound with equipment where the HUK is located, the equipment where the derivative key leaves the HUK cannot be restored, the security of data is further improved, and various different derivative keys can be generated based on one HUK and various different derivative algorithms, so that the key requirements of various application scenes are met, and various acceptance and use modes of generating the derivative key by taking the HUK as the basic key are obtained.
However, at present, a derivative key is generated using a fixed parameter as a derivative algorithm parameter, for example, a HUK is often used as a base key, a fixed parameter such as a chip identifier and a key string is used as an algorithm parameter to obtain an SSK, and a fixed parameter such as a universal unique identifier (Universally Unique Identifier, UUID) of a trusted application is often used as a base key to obtain a TSK. Although the correct reproduction of the derived key is an objective requirement for normal use of the device, the fixed parameter is used as an algorithm parameter, and thus, under the condition that the device is attacked or maliciously accessed, for example, under the condition that the software environment of the device is attacked and an alarm occurs, an attacker is prevented from correctly reproducing the derived key, and further, the important data stored in the device cannot be prevented from being revealed.
Based on the above, the application discloses a key derivation scheme, which ensures that a derived key cannot be correctly reproduced under the condition that the software environment changes due to attack or malicious access by adding parameters such as software state information and/or hardware state information which change along with the change of the software environment of computer equipment into algorithm parameters.
As an optional implementation of the disclosure, an embodiment of the present application discloses a key derivation method, which is applied to a processor, where the processor is loaded with at least one execution environment, and the execution environment includes a plurality of isolation domains.
The processor may be equipped with one execution environment, for example, a Trusted execution environment (Trusted ExecutionEnvironment, TEE), or may be equipped with a plurality of execution environments, for example, a Trusted execution environment, a general execution environment (Rich Execution Environment, REE), and a system control processor core (System Control Processor, SCP) execution environment.
Each execution environment may be further divided into kernel-mode, user-mode, service, process, thread, etc., which may be collectively referred to as isolation domain (partition). That is, each execution environment may be further divided into kernel mode, user mode isolation domain, service isolation domain, process isolation domain, thread isolation domain, etc. Each isolation domain has a certain logic boundary, or an isolation mechanism is arranged between the isolation domains, and the isolation domains can only interact through a defined interface.
Each quarantine domain may have a key derivation requirement, for example, a device attestation service in SCP, a secure storage service in TEE, a key warehouse service at a Trusted Application (TA) level, etc. may have a key derivation requirement, and a REE side client Application (Client Application, CA) may also use a cryptographic derivation service provided by a REE side TA, so that it needs to ensure that the derived key of each quarantine domain cannot be correctly reproduced in the case that the device is attacked or maliciously accessed, so as to ensure security of the key derivation and data that needs encryption of the derived key.
As shown in fig. 1, a key derivation method disclosed in an embodiment of the present application includes:
s101: receiving a key derivation request sent by an upper isolation domain;
in some embodiments of the present application, a base key, such as a HUK, is stored in a trusted isolation domain of a trusted execution environment, hereinafter referred to as a derived root isolation domain, that is, an isolation domain where the derived root isolation domain generates a derived key. When other quarantine domains have a key derivation requirement, for example, when other quarantine domain applications have a key derivation requirement, a key derivation request may be sent to the root quarantine domain, where the root quarantine domain may generate a corresponding derivative key based on a base key, such as a HUK, in response to the key derivation request, and feed back the generated derivative key to the quarantine domain having the key derivation requirement, which is hereinafter referred to as an applicant quarantine domain.
It can be understood that when the applicant isolation domain sends a key derivation request to the derived root isolation domain, the applicant isolation domain is an upper isolation domain of the derived root isolation domain and an intermediate isolation domain therebetween, and the isolation domain receiving the key derivation request is a present isolation domain, i.e. the present isolation domain is a lower isolation domain of the applicant isolation domain. It should be noted that, the present layer of isolation domain may be a derivative root isolation domain, or may be an intermediate isolation domain between the applicant isolation domain and the derivative root isolation domain, where the intermediate isolation domain is used for forwarding a request or data between the applicant isolation domain and the derivative root isolation domain on a communication path between the applicant isolation domain and the derivative root isolation domain.
S102: adding state information of the isolation domain of the layer into a key derivation request, wherein the state information comprises software state information and/or hardware state information;
after receiving a key derivation request sent by an upper layer isolation domain, the local layer isolation domain adds state information of the local layer isolation domain to the key derivation request, wherein the state information comprises software state information and/or hardware state information, so that a derived root isolation domain generates a derived key according to the state information in the key derivation request, or so that the derived root isolation domain generates the derived key by taking the state information in the key derivation request as an algorithm parameter.
S103: in response to the key derivation request, a derived key is generated based on the state information, or the key derivation request with the state information is sent to the lower quarantine domain, so that the lower quarantine domain generates the derived key in response to the key derivation request.
In some embodiments, as shown in fig. 2, in the case where the present layer of quarantine domain is a derivative root quarantine domain, after the derivative root quarantine domain adds its state information to the key derivation request, a derivative key is generated based on the state information in response to the key derivation request, and the derivative key is returned to the applicant quarantine domain. Of course, the present application is not limited thereto, and in other embodiments, as shown in fig. 3, in the case where the present isolation domain is an intermediate isolation domain, after the intermediate isolation domain adds its state information to the key derivation request, the key derivation request with the state information is sent to the lower isolation domain.
It can be understood that the lower isolation domain may be a derivative root isolation domain or an intermediate isolation domain, after receiving a key derivative request sent by the present isolation domain, the lower isolation domain converts the present isolation domain into an upper isolation domain, and the lower isolation domain converts the present isolation domain into the present isolation domain, and then repeatedly adds state information of the present isolation domain into the key derivative request, responds to the key derivative request, and generates a derivative key based on the state information, or sends the key derivative request with the state information to the lower isolation domain until the derivative key is generated.
It should be noted that, in fig. 3, only an example is shown in which a layer of intermediate isolation domain is provided between the applicant isolation domain and the derivative root isolation domain, but the application is not limited thereto, and in other embodiments, a plurality of layers of intermediate isolation domains may be provided between the applicant isolation domain and the derivative root isolation domain, which is not described herein again.
Because the software execution environment of the computer device is changed from a normal state to a fault or alarm state under the condition that the device is attacked or maliciously accessed, and the state information of the isolation domain under the normal state and the fault or alarm state, namely, the software state information and/or the hardware state information, are different, the derived key generated based on the state information under the condition that the device is attacked or maliciously accessed is different from the derived key generated based on the state information under the condition that the device is not attacked or maliciously accessed, that is, the derived key cannot be correctly reproduced under the condition that the device is attacked or maliciously accessed, so that not only the security of key derivation can be ensured, but also the important data of the device can be ensured not to be revealed, and the security of the device can be improved.
In some embodiments of the present application, software state information and/or hardware state information that varies with software environment changes may be added as state information to the key derivation request. The software state information may include stack information, software version information, software lifecycle information, software developer information, or software authorization information, etc., and the hardware state information may include device security cycle state, etc. The device safety period state may include an assembly state, an injection state, a safety state, a debug state, a discard state, and the like.
For example, assuming that the state information is stack information, in the case that the device is not attacked or maliciously accessed, the software execution environment of the device is in a normal state, the state information of the layer isolation domain acquired by the layer isolation domain is the first stack information a, the derivative key uses a as an algorithm parameter to generate a key, in the case that the device is attacked or maliciously accessed, the software execution environment of the device is in a fault or alarm state, the state information of the layer isolation domain acquired by the layer isolation domain is the second stack information B, and the derivative key uses B as an algorithm parameter to generate a key. Because the algorithm parameters are different, the generated derivative keys are different, so the derivative keys generated based on A are different from the derivative keys generated based on B, and therefore, the derivative keys cannot be reproduced correctly under the condition that the equipment is attacked or accessed maliciously.
In some embodiments of the present application, the derivative key may be generated based only on the state information of the derivative root quarantine domain. However, the present application is not limited thereto, and in other embodiments, the derivative key may be generated based on the state information of the derivative root isolation domain and the state information of each intermediate isolation domain.
In some embodiments, adding the state information of the layer isolation domain to the key derivation request includes: adding the state information of the isolation domain of the layer into the path information of the key derivation request; generating the derived key based on the state information of the layer isolation domain includes: a derived key is generated based on path information having state information of the layer isolation domain.
It can be understood that the path information of the key derivation request includes information of each layer of isolation domains on the communication path of the applicant isolation domain and the derivative root isolation domain, each layer of isolation domain adds its state information to the information corresponding to the layer of isolation domain in the path information after receiving the key derivation request, so that after the derivative root isolation domain receives the key derivation request, the path information of the key derivation request has the state information of each layer of isolation domain except the applicant isolation domain on the communication path thereof, and the derivative root isolation domain can generate the derivative key according to the path information including the state information of each layer of isolation domain except the applicant isolation domain, so that the derivative key cannot be correctly reproduced under the condition that any intermediate isolation domain or the derivative root isolation domain is attacked, thereby further ensuring the security of key derivation.
In some embodiments of the present application, before adding the state information of the present layer isolation domain to the key derivation request, the present layer isolation domain may determine the state information of the present layer isolation domain based on the state mask of the present layer isolation domain, for example, the present layer isolation domain may determine that the state information of the present layer isolation domain is stack information based on the state mask of the present layer isolation domain. However, the present application is not limited thereto, and in other embodiments, in order to further ensure the security of the key derivation, before adding the state information of the present layer isolation domain to the key derivation request, the present layer isolation domain may determine the state information of the present layer isolation domain based on the state mask of the upper layer isolation domain and the state mask of the present layer isolation domain.
Wherein the state mask of the upper layer isolation domain and the state mask of the present layer isolation domain are respectively used for indicating at least one state information of the present layer isolation domain. Assuming that the state information indicated by the state mask of the upper isolation domain is software lifecycle information and the state information indicated by the state mask of the present isolation domain is stack information, it may be determined that the state information of the present isolation domain is software lifecycle information and stack information. The state mask of the upper layer isolation domain is a preset intrinsic parameter of the upper layer isolation domain, and the state mask of the own layer isolation domain is a preset intrinsic parameter of the own layer isolation domain.
It should be noted that, the key derivation request received by the present layer quarantine domain includes a state mask of the upper layer quarantine domain, that is, the state mask of the upper layer quarantine domain is added to the key derivation request before the upper layer quarantine domain sends the key derivation request to the present layer quarantine domain. Similarly, before the local isolation domain sends the key derivation request with the state information to the lower isolation domain, the state mask of the local isolation domain is further added to the key derivation request, so that the lower isolation domain determines the state information of the lower isolation domain based on the state mask and the state mask of the local isolation domain.
Specifically, before the applicant isolation domain sends the key derivation request, the state mask of the applicant isolation domain is added to the key derivation request, and before any intermediate isolation domain sends the key derivation request, the state mask of its own isolation domain is added to the key derivation request, so that any intermediate isolation domain or derivative root isolation domain can determine its state information according to its own state mask and the state mask of its upper isolation domain.
In some embodiments of the present application, in addition to using the state information as an algorithm parameter, algorithm information needs to be specified as an algorithm parameter, where the algorithm information may be a chip identifier, a key string, etc., and the algorithm information may be specified by an applicant isolation domain.
Before the applicant isolation domain sends the key derivation request to the derivation root isolation domain, the applicant isolation domain adds the algorithm information appointed by the applicant isolation domain to the key derivation request, and in order to ensure the security of the algorithm information, the applicant isolation domain encrypts the algorithm information based on a symmetric encryption technology. Specifically, the applicant isolation domain generates a session key, and encrypts algorithm information based on the session key to generate an algorithm information ciphertext. The session key comprises a key randomly generated by the applicant isolation domain. In some embodiments, the algorithm information ciphertext further includes a time stamp at the beginning of encryption to determine from the time stamp whether the encrypted service has not been responded to for a long time, and if so, to identify that the encrypted service has failed.
In order to ensure that the derivative root isolation domain can decrypt the algorithm information ciphertext to obtain the algorithm information, the applicant isolation domain encrypts the session key based on the public key of the derivative root isolation domain to generate a session key ciphertext, and sends a key derivation request comprising the session key ciphertext and the algorithm information ciphertext to the derivative root isolation domain.
In some embodiments, before the applicant isolation domain sends a key derivation request to the derivative root isolation domain, the applicant isolation domain may query the public key of the derivative root isolation domain through the relevant interface. Specifically, the applicant quarantine domain sends an information acquisition request to the derivative root quarantine domain to acquire a public key of the derivative root quarantine domain.
Based on this, in the case that the present layer of isolation domain is the derivative root isolation domain, the present layer of isolation domain decrypts the session key ciphertext based on the private key of the present layer of isolation domain, that is, the private key of the derivative root isolation domain, to obtain the session key, decrypts the algorithm information ciphertext based on the session key to obtain the algorithm information, and generates the derivative key based on the state information and the algorithm information.
It should be noted that, in some embodiments of the present application, when each quarantine domain is established, each quarantine domain generates its own asymmetric key through an asymmetric cryptographic technique, where the asymmetric key includes a public key and a private key. After the public key of any isolation domain is used for encryption, the private key of the isolation domain can be used for decryption, and after the private key of any isolation domain is used for generating a digital signature, the public key of the isolation domain can be used for verifying the digital signature. It can be appreciated that the public key and the private key are generated autonomously by the quarantine domain, so that no additional key storage mechanism, no infrastructure such as certificates, etc. are required, and the private key cannot be known by a third party such as an attacker, so that the security of the key derivation can be further ensured.
When the isolation domain of the layer is the derivative root isolation domain, after receiving the information acquisition request sent by the upper isolation domain, the isolation domain of the layer responds to the information acquisition request and returns the public key of the isolation domain of the layer, namely the public key of the derivative root isolation domain, to the upper isolation domain, so that the applicant isolation domain acquires the public key of the derivative root isolation domain from the upper isolation domain, and encrypts the session key based on the public key of the isolation domain of the layer, namely the public key of the derivative root isolation domain. The upper isolation domain may be an applicant isolation domain or an intermediate isolation domain, and in the case that the upper isolation domain is the intermediate isolation domain, the upper isolation domain forwards the public key of the derivative root isolation domain to the applicant isolation domain.
In some embodiments, the derived root quarantine domain also returns a digital signature generated based on its private key to the applicant quarantine domain, which can verify the received public key of the derived root quarantine domain based on the digital signature.
In some embodiments, when the applicant isolation domain receives the public key returned by the derivative root isolation domain, path information between the applicant isolation domain and the derivative root isolation domain is also obtained. The applicant isolation domain stores the path information obtained for the first time, compares the path information with the path information obtained for the first time after the path information is obtained each time, if the path information is consistent with the path information obtained for the first time, the applicant isolation domain sends a key derivation request to the derived root isolation domain, and if the path information is inconsistent with the path information, the applicant isolation domain does not send the key derivation request to the derived root isolation domain.
In some embodiments of the present application, in order to further ensure security of key derivation, not only may a derived key be generated based on state information and algorithm information, but also a derived key may be generated based on state information, algorithm information, and an identity of a local layer isolation domain, that is, a derived root isolation domain, so as to distinguish the derived keys of different derived root isolation domains. Because the identity of the quarantine domain also serves as an algorithm parameter for key derivation, the paths taken in obtaining the derived key must be identical to each other in order to reproduce the derived key. Of course, in other embodiments, the derivative key may also be generated based on other information, which is not described herein.
In some embodiments of the present application, when the present layer isolation domain is a derivative root isolation domain, after generating a derivative key based on state information of the present layer isolation domain, a verification code of the derivative key is generated based on a session key, and the derivative key and the verification code are encrypted by using the session key to obtain a derivative key ciphertext, and the derivative key ciphertext is returned to the upper layer isolation domain, so that the applicant isolation domain obtains the derivative key ciphertext from the upper layer isolation domain. The verification code may be an HMAC message authentication code generated by using an HMAC algorithm, and the algorithm key of the HMAC algorithm may be a hash value of the algorithm information. Of course, the present application is not limited to this, and in other embodiments, the derivative key ciphertext may also be obtained by directly encrypting the derivative key based on the session key, which is not described herein.
After the derived root isolation domain returns the derived key ciphertext to the applicant isolation domain, the applicant isolation domain can decrypt the derived key ciphertext according to the session key stored by the applicant isolation domain to obtain a derived key and a verification code, then generate the verification code according to the session key stored by the applicant isolation domain, compare the verification code with the verification code, and if the verification code is consistent with the verification code, the session key verification is passed, and encryption operation and the like can be performed based on the obtained derived key.
In some embodiments of the present application, in order to further ensure security of key derivation, identity of the applicant's quarantine domain is authenticated. As shown in fig. 4, before the applicant isolation domain sends the key derivation request to the derivative root isolation domain, a digital signature is generated based on the private key of the applicant isolation domain and the data to be signed, and the digital signature and the identity of the applicant isolation domain are added to the key derivation request. The data to be signed can be data such as algorithm information which needs to be carried by the key derivation request. After receiving the key derivation request, the root isolation domain is dispatched to acquire the public key of the applicant isolation domain from the shared space of the plurality of isolation domains based on the identity of the applicant isolation domain, wherein the public key of the applicant isolation domain is bound with the identity of the applicant isolation domain and stored in the shared space of the plurality of isolation domains, then the digital signature of the applicant isolation domain is verified based on the public key of the applicant isolation domain, if the verification is passed, the identity authentication of the applicant isolation domain is passed, the root isolation domain is derived to respond to the key derivation request, if the verification is not passed, the identity authentication of the applicant isolation domain is failed, and the root isolation domain is derived to not respond to the key derivation request.
Of course, the present application is not limited to this, and in other embodiments, in order to further ensure the security of the key derivation, the identity of each layer of isolation domain on the communication path between the applicant isolation domain and the derived root isolation domain is verified, so as to ensure that the attacker cannot impersonate the identity on the same path. Before any upper isolation domain sends a key derivation request to the own isolation domain, the identity of the upper isolation domain is added to the key derivation request, a digital signature is generated based on the private key of the upper isolation domain and the data to be signed, and the digital signature is added to the key derivation request. Based on the information, no matter which isolation domains are arranged between the applicant isolation domain and the derivative root isolation domain, a third party, namely an attacker, cannot break the confidentiality of the information, and cannot impersonate the derivative root isolation domain to generate a derivative key.
In some embodiments, as shown in fig. 5, before the applicant quarantine domain sends the key derivation request to the root quarantine domain, a digital signature is generated based on the private key of the applicant quarantine domain and the data to be signed, and the digital signature and the identity of the applicant quarantine domain are added to the key derivation request. After receiving the key derivation request, the intermediate isolation domain obtains the public key of the applicant isolation domain from the shared space of a plurality of isolation domains based on the identity of the applicant isolation domain, then verifies the digital signature of the applicant isolation domain based on the public key of the applicant isolation domain, if the verification is not passed, the identity authentication of the applicant isolation domain fails, the intermediate isolation domain does not forward the key derivation request, if the verification is passed, the identity authentication of the applicant isolation domain is passed, the intermediate isolation domain regenerates the digital signature based on the private key of the intermediate isolation domain and the data to be signed, the digital signature, the state information and the identity of the intermediate isolation domain are added into the key derivation request, and the key derivation request is sent to the derived root isolation domain. After receiving the key derivation request, the root isolation domain obtains the public key of the intermediate isolation domain from the shared space of the plurality of isolation domains based on the identity of the intermediate isolation domain, wherein the public key of the intermediate isolation domain is bound with the identity of the intermediate isolation domain and stored in the shared space of the plurality of isolation domains, then the digital signature of the intermediate isolation domain is verified based on the public key of the intermediate isolation domain, if the verification is not passed, the identity authentication of the intermediate isolation domain fails, the derivative root isolation domain does not respond to the key derivation request, if the verification is passed, the identity authentication of the intermediate isolation domain passes, the derivative root isolation domain adds the state information thereof to the key derivation request, responds to the key derivation request, generates a derivative key based on the state information, and returns the derivative key to the applicant isolation domain.
It should be noted that, in some embodiments of the present application, after each isolation domain generates its own asymmetric key, the public key and the identity are bound and stored in the shared space, but the present application is not limited thereto, in other embodiments, the public key of each intermediate isolation domain may be bound to its identity and stored in the shared space in the initial stage, and in the key derivation stage, the applicant isolation domain binds its public key to its identity and stores in the shared space. After the applicant isolation domain obtains the derived key fed back by the derived root isolation domain, the applicant isolation domain can clear its public key and identity from the shared space.
On the basis, before a key derivation request with the state information of the isolation domain of the layer is sent to the isolation domain of the lower layer, the isolation domain of the layer also regenerates a digital signature based on the private key of the isolation domain of the layer and the data to be signed, and adds the identity of the isolation domain of the layer and the regenerated digital signature into the key derivation request. That is, before the applicant's quarantine domain or any intermediate quarantine domain sends a key derivation request, a digital signature is regenerated, and its identity and the regenerated digital signature are added to the key derivation request, so that its lower quarantine domain performs identity verification on the digital signature by verifying it.
Under the condition that an attacker impersonates a key applicant, the attacker cannot obtain the private key of the isolation domain of the layer, or the private key provided by the attacker cannot be matched with the public key of the isolation domain of the layer obtained from the shared space by the lower isolation domain based on the identity of the isolation domain of the layer, so that the digital signature cannot pass verification, a derivative key cannot be generated, the derivative key can be prevented from being obtained by the attacker, and the safety of equipment can be improved.
As an alternative implementation of the present disclosure, embodiments of the present application disclose a processor configured to perform the key derivation method as disclosed in any of the embodiments above. The processor may be a general-purpose processor, such as a general-purpose Central Processing Unit (CPU), an application-specific integrated circuit (ASIC), one or more integrated circuits configured to control program execution in the present application, a Digital Signal Processor (DSP), an application-specific integrated circuit (ASIC), an off-the-shelf programmable gate array (FPGA) or other programmable logic device, a discrete gate or transistor logic device, a discrete hardware component, or the like.
As an alternative implementation of the disclosure, embodiments of the present application disclose a computer device. As shown in fig. 6, the computer device may include one or more processors 20 and one or more memories 30. It is to be understood that the computer device may include other components as desired.
The computer device may be loaded and thus include one or more applications. These applications are sets of instructions (e.g., computer program code) that, when read by the one or more processors 20, control the operation of a computer device. To this end, the one or more memories 30 may include instructions/data executable by the one or more processors 20, whereby the computer device may perform a method in accordance with at least one embodiment of the present disclosure.
As an alternative implementation of the present disclosure, embodiments of the present application disclose a computer program product comprising computer program instructions which, when executed by a processor, cause the processor to perform the key derivation method as disclosed in any of the embodiments above.
The computer program product may be written in any combination of one or more programming languages, including an object oriented programming language such as python, c++ or the like and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computing device, partly on the user's device, as a stand-alone software package, partly on the user's computing device, partly on a remote computing device, or entirely on the remote computing device or server.
As an alternative implementation of the present disclosure, embodiments of the present application disclose a computer-readable storage medium having instructions stored thereon for performing the key derivation method as disclosed in any of the embodiments above.
Those skilled in the art will appreciate that implementing all or part of the above-described methods in accordance with the embodiments may be accomplished by way of a computer program stored on a non-transitory computer readable storage medium, which when executed may comprise the steps of the embodiments of the methods described above. Any reference to memory, storage, database, or other medium used in the embodiments provided herein may include non-volatile and/or volatile memory. The nonvolatile memory can include Read Only Memory (ROM), programmable ROM (PROM), electrically Programmable ROM (EPROM), electrically Erasable Programmable ROM (EEPROM), or flash memory. Volatile memory can include Random Access Memory (RAM) or external cache memory. By way of illustration and not limitation, RAM is available in a variety of forms such as Static RAM (SRAM), dynamic RAM (DRAM), synchronous DRAM (SDRAM), double Data Rate SDRAM (DDRSDRAM), enhanced SDRAM (ESDRAM), synchronous Link DRAM (SLDRAM), memory bus direct RAM (RDRAM), direct memory bus dynamic RAM (DRDRAM), and memory bus dynamic RAM (RDRAM), among others.
The technical features of the above embodiments may be arbitrarily combined, and all possible combinations of the technical features in the above embodiments are not described for brevity of description, however, as long as there is no contradiction between the combinations of the technical features, they should be considered as the scope of the description.
The above examples only represent a few embodiments of the present specification, which are described in more detail and are not to be construed as limiting the scope of the claims. It should be noted that it will be apparent to those skilled in the art that several variations and modifications can be made without departing from the spirit of the present description, which is within the scope of the present description. Accordingly, the protection scope of the patent should be determined by the appended claims.
Claims (14)
1. A key derivation method, applied to a processor, where the processor is loaded with at least one execution environment, the execution environment includes a plurality of isolation domains, the key derivation method includes:
receiving a key derivation request sent by an upper isolation domain;
adding state information of the isolation domain of the layer to the key derivation request, wherein the state information comprises software state information and/or hardware state information;
and generating a derivative key based on the state information in response to the key derivation request, or sending the key derivation request with the state information to the lower quarantine domain, so that the lower quarantine domain generates the derivative key in response to the key derivation request.
2. The key derivation method of claim 1, wherein the adding state information of the layer-isolated domain to the key derivation request comprises: adding the state information of the layer isolation domain into the path information of the key derivation request;
the generating a derived key based on the state information includes: a derivative key is generated based on the path information having the state information.
3. The key derivation method of claim 1, wherein the software state information comprises stack information, software version information, software lifecycle information, software developer information, or software authorization information; the hardware state information includes a device security period state.
4. The key derivation method of claim 1, wherein the key derivation request comprises a state mask of the upper layer quarantine domain, and wherein before adding state information of a present layer quarantine domain to the key derivation request, further comprises:
and determining the state information of the local isolation domain based on the state mask of the upper isolation domain and the state mask of the local isolation domain, wherein the state mask of the upper isolation domain and the state mask of the local isolation domain are respectively used for indicating at least one state information of the local isolation domain.
5. The key derivation method of claim 1, wherein the layer isolation domain is a derivative root isolation domain, the key derivation request comprises a session key ciphertext and an algorithm information ciphertext, and the generating a derivative key based on the state information comprises:
decrypting the session key ciphertext based on the private key of the derivative root isolation domain to obtain a session key;
decrypting the algorithm information ciphertext based on the session key to obtain algorithm information;
and generating a derivative key based on the state information and the algorithm information.
6. The key derivation method of claim 5, further comprising:
receiving an information acquisition request sent by the upper isolation domain;
and responding to the information acquisition request, returning the public key of the derivative root isolation domain to the upper isolation domain so that the applicant isolation domain acquires the public key of the derivative root isolation domain from the upper isolation domain, encrypting the session key based on the public key of the derivative root isolation domain, wherein the session key comprises a key randomly generated by the applicant isolation domain.
7. The key derivation method of claim 5, wherein the generating a derived key based on the state information and the algorithm information comprises:
and generating a derivative key based on the state information, the algorithm information and the identity of the derivative root isolation domain.
8. The key derivation method of claim 5, further comprising, after generating a derived key based on the state information:
generating a verification code of the derivative key based on the session key;
and encrypting the derivative key and the verification code by using the session key to obtain a derivative key ciphertext, and returning the derivative key ciphertext to the upper isolation domain so that the applicant isolation domain can obtain the derivative key ciphertext from the upper isolation domain.
9. The key derivation method of claim 1, wherein the key derivation request comprises an identity of the upper quarantine domain and a digital signature generated based on a private key of the upper quarantine domain and data to be signed, and wherein the responding to the key derivation request further comprises, prior to:
acquiring a public key of the upper isolation domain from a shared space of the plurality of isolation domains based on the identity of the upper isolation domain, wherein the public key of the upper isolation domain is bound with the identity of the upper isolation domain and stored in the shared space;
verifying the digital signature based on the public key of the upper layer isolation domain;
and if the verification is passed, responding to the key derivation request.
10. The key derivation method according to claim 1 or 9, characterized by further comprising, before the sending the key derivation request with the state information to the lower quarantine domain:
regenerating a digital signature based on the private key of the isolation domain of the layer and the data to be signed;
and adding the identity mark of the layer isolation domain and the regenerated digital signature into the key derivation request.
11. The key derivation method according to claim 1 or 4, characterized by further comprising, before the sending the key derivation request with the state information to the lower quarantine domain:
and adding the state mask of the layer isolation domain to the key derivation request.
12. A processor configured to perform the key derivation method of any one of claims 1-11.
13. A computer device, comprising:
a memory for storing instructions;
a processor configured to execute the key derivation method according to any one of claims 1 to 11, according to the instructions stored in the memory.
14. A computer readable storage medium having stored thereon instructions for performing the key derivation method of any one of claims 1-11.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311639265.1A CN117353920B (en) | 2023-12-04 | 2023-12-04 | Key derivation method, processor and related equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311639265.1A CN117353920B (en) | 2023-12-04 | 2023-12-04 | Key derivation method, processor and related equipment |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN117353920A true CN117353920A (en) | 2024-01-05 |
| CN117353920B CN117353920B (en) | 2024-03-01 |
Family
ID=89366961
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202311639265.1A Active CN117353920B (en) | 2023-12-04 | 2023-12-04 | Key derivation method, processor and related equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN117353920B (en) |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20100161966A1 (en) * | 2008-12-22 | 2010-06-24 | Electronics And Telecommunications Research Institute | Mutual authentication apparatus and method in downloadable conditional access system |
| CN111082934A (en) * | 2019-12-31 | 2020-04-28 | 支付宝(杭州)信息技术有限公司 | Cross-domain secure multiparty computing method and device based on trusted execution environment |
| WO2021052086A1 (en) * | 2019-09-17 | 2021-03-25 | 华为技术有限公司 | Information processing method and apparatus |
| CN113821835A (en) * | 2021-11-24 | 2021-12-21 | 飞腾信息技术有限公司 | Key management method, key management device and computing equipment |
| US20220343029A1 (en) * | 2022-06-30 | 2022-10-27 | Intel Corporation | Stateless and low-overhead domain isolation using cryptographic computing |
| CN115706981A (en) * | 2021-08-12 | 2023-02-17 | 荣耀终端有限公司 | Key negotiation method and electronic equipment |
| CN116566705A (en) * | 2023-05-24 | 2023-08-08 | 北京泰尔英福科技有限公司 | Authentication method, system, client and server based on key derivation function |
-
2023
- 2023-12-04 CN CN202311639265.1A patent/CN117353920B/en active Active
Patent Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20100161966A1 (en) * | 2008-12-22 | 2010-06-24 | Electronics And Telecommunications Research Institute | Mutual authentication apparatus and method in downloadable conditional access system |
| WO2021052086A1 (en) * | 2019-09-17 | 2021-03-25 | 华为技术有限公司 | Information processing method and apparatus |
| CN112596802A (en) * | 2019-09-17 | 2021-04-02 | 华为技术有限公司 | Information processing method and device |
| CN111082934A (en) * | 2019-12-31 | 2020-04-28 | 支付宝(杭州)信息技术有限公司 | Cross-domain secure multiparty computing method and device based on trusted execution environment |
| CN115706981A (en) * | 2021-08-12 | 2023-02-17 | 荣耀终端有限公司 | Key negotiation method and electronic equipment |
| CN113821835A (en) * | 2021-11-24 | 2021-12-21 | 飞腾信息技术有限公司 | Key management method, key management device and computing equipment |
| US20220343029A1 (en) * | 2022-06-30 | 2022-10-27 | Intel Corporation | Stateless and low-overhead domain isolation using cryptographic computing |
| CN116566705A (en) * | 2023-05-24 | 2023-08-08 | 北京泰尔英福科技有限公司 | Authentication method, system, client and server based on key derivation function |
Non-Patent Citations (1)
| Title |
|---|
| 王慧文等: "面向车内异构网络的身份认证和密钥协商协议", 《第38次全国计算机安全学术交流会论文集》 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN117353920B (en) | 2024-03-01 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| WO2021013245A1 (en) | Data key protection method and system, electronic device and storage medium | |
| CN109886040B (en) | Data processing method, data processing device, storage medium and processor | |
| US9281949B2 (en) | Device using secure processing zone to establish trust for digital rights management | |
| CN110750803B (en) | Method and device for providing and fusing data | |
| US8281115B2 (en) | Security method using self-generated encryption key, and security apparatus using the same | |
| US11042652B2 (en) | Techniques for multi-domain memory encryption | |
| US20210143986A1 (en) | Method for securely sharing data under certain conditions on a distributed ledger | |
| US11146554B2 (en) | System, method, and apparatus for secure identity authentication | |
| US20200344075A1 (en) | Secure provisioning of keys | |
| CN110781140B (en) | Method, device, computer equipment and storage medium for signing data in blockchain | |
| WO2012126729A1 (en) | Electronic device with flash memory component | |
| CN113438205A (en) | Block chain data access control method, node and system | |
| CN110837643B (en) | Activation method and device of trusted execution environment | |
| CN115242471B (en) | Information transmission method, information transmission device, electronic equipment and computer readable storage medium | |
| CN117692134A (en) | Key update management system and key update management method | |
| CN117353920B (en) | Key derivation method, processor and related equipment | |
| CN110971610A (en) | Control system identity verification method and device, computer equipment and storage medium | |
| CN115828290A (en) | Encryption and decryption method and device based on distributed object storage | |
| KR102282788B1 (en) | Blockchain system for supporting change of plain text data included in transaction | |
| CN114239000A (en) | Password processing method, device, computer equipment and storage medium | |
| CN117544319A (en) | Identity authentication method, processor and related equipment | |
| CN114024702A (en) | Information security protection method and computing device | |
| CN111385266A (en) | Data sharing method and device, computer equipment and storage medium | |
| US20240078315A1 (en) | Secure booting system and operation method thereof | |
| CN116566744B (en) | Data processing method and security verification system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |