CN117556430B - Safe starting method, device, equipment and storage medium - Google Patents
Safe starting method, device, equipment and storage medium Download PDFInfo
- Publication number
- CN117556430B CN117556430B CN202410045851.1A CN202410045851A CN117556430B CN 117556430 B CN117556430 B CN 117556430B CN 202410045851 A CN202410045851 A CN 202410045851A CN 117556430 B CN117556430 B CN 117556430B
- Authority
- CN
- China
- Prior art keywords
- encrypted data
- digital signature
- hash value
- encrypted
- random number
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 58
- 238000012795 verification Methods 0.000 claims abstract description 36
- 238000004364 calculation method Methods 0.000 claims description 21
- 238000012545 processing Methods 0.000 claims description 13
- 238000004590 computer program Methods 0.000 claims description 12
- 230000000977 initiatory effect Effects 0.000 claims 1
- 239000007858 starting material Substances 0.000 claims 1
- 230000008569 process Effects 0.000 abstract description 22
- 230000000694 effects Effects 0.000 abstract description 6
- 230000006870 function Effects 0.000 description 11
- 238000010586 diagram Methods 0.000 description 9
- 238000004422 calculation algorithm Methods 0.000 description 5
- 238000005516 engineering process Methods 0.000 description 4
- 238000012986 modification Methods 0.000 description 4
- 230000004048 modification Effects 0.000 description 4
- 238000004806 packaging method and process Methods 0.000 description 3
- 230000004075 alteration Effects 0.000 description 2
- 230000003287 optical effect Effects 0.000 description 2
- 230000003068 static effect Effects 0.000 description 2
- 238000004891 communication Methods 0.000 description 1
- 230000000295 complement effect Effects 0.000 description 1
- 230000006835 compression Effects 0.000 description 1
- 238000007906 compression Methods 0.000 description 1
- 238000002955 isolation Methods 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 238000005259 measurement Methods 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 230000006386 memory function Effects 0.000 description 1
- 230000002265 prevention Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/575—Secure boot
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Signal Processing (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computer Networks & Wireless Communication (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Storage Device Security (AREA)
Abstract
The embodiment of the application provides a secure starting method, a secure starting device, secure starting equipment and a secure starting storage medium, which relate to the technical field of integrated circuits, wherein in the secure starting process, first encrypted data are obtained by encrypting a first digital signature, so that the confidentiality of the digital signature is improved; even if a malicious user adopts the leaked public key to successfully sign the first digital signature, only the first hash value can be obtained, and the plaintext information can not be obtained, so that the leakage of the plaintext information in the signing and signing verification processes is avoided. Secondly, converting the firmware into ciphertext, generating first encrypted data through a trust root and storing the first encrypted data in a cloud server; in the starting process, downloading first encrypted data and decrypting to obtain a first digital signature; verifying the first digital signature to obtain a first hash value; when the locally generated second hash value is consistent with the first hash value, the trusted environment in the secure starting system is started, the advantages of secure starting, trusted starting and encrypted starting are combined, and the effect of secure starting is improved.
Description
Technical Field
The embodiment of the application relates to the technical field of integrated circuits, in particular to a safe starting method, a safe starting device, safe starting equipment and a storage medium.
Background
Secure Boot refers to a trusted platform Boot flow established for Secure applications. At the start-up of a computer, each component in the start-up process must be verified by a digital signature to ensure that they are issued by a trusted issuer and have not been tampered with or replaced. If any component fails to verify, the Secure Boot will prevent the computer from continuing to Boot. This helps prevent malware and unauthorized operating systems from running at the time of computer startup.
Under the related technology, in the safe starting process, plaintext data in Flash is encrypted in a symmetrical encryption mode, and the encrypted data is verified, so that the validity of the component in the starting process is verified. However, when the public key is leaked, the above scheme can decrypt the plaintext data through the public key, and forge the plaintext data to bypass the verification of the secure boot, thereby affecting the security of the secure boot.
Disclosure of Invention
The embodiment of the application provides a secure boot method, a device, equipment and a storage medium, wherein the secure digest, the random number and the security for improving the secure boot are provided.
In one aspect, an embodiment of the present application provides a secure startup method, including:
downloading first encrypted data associated with the current version of encrypted firmware from a cloud server, decrypting the first encrypted data to obtain a first digital signature, wherein the first encrypted data is generated by executing a trust root in a read-only memory and is uploaded to the cloud server by taking the obtained random number, a secret key and the current version of encrypted firmware as inputs when the first encrypted data is started for the first time;
the public key is adopted to carry out signature verification on the first digital signature, and if the signature verification is successful, a first hash value is obtained;
performing hash calculation on the locally stored safe abstract and random number of the current version of encrypted firmware to obtain a second hash value;
and if the first hash value is consistent with the second hash value, safely starting a trusted environment in the system.
Optionally, the method further comprises:
generating a secure digest based on the random number, the key, and the current version of the encrypted firmware upon first boot-up;
carrying out hash calculation on the random number and the safety abstract to obtain a first hash value;
signing the first hash value by adopting a private key to obtain a first digital signature;
encrypting the first digital signature to obtain first encrypted data, and uploading the first encrypted data to a cloud server.
Optionally, after generating the security digest based on the random number, the key and the current version of the encrypted firmware, the method further includes:
and storing the safe digest, the random number and the current version of encrypted firmware in a local flash memory.
Optionally, encrypting the first digital signature to obtain first encrypted data includes:
encrypting the first digital signature by adopting a symmetric key to obtain first encrypted data;
the decrypting the first encrypted data to obtain a first digital signature includes:
and decrypting the first encrypted data by adopting the symmetric key to obtain a first digital signature.
Optionally, the uploading the first encrypted data to a cloud server includes:
uploading the first encrypted data and version information of the current version of the encrypted firmware to the cloud server, so that the cloud server adds the version information of the current version of the encrypted firmware to a white list.
Optionally, after the secure booting the trusted environment in the system, the method further includes:
and verifying the digital signature of the un-trusted environment in the system through the trusted environment, and safely starting the un-trusted environment in the system when verification passes.
Optionally, the method further comprises:
if the signature verification fails, the system is started safely and fails;
if the first hash value is inconsistent with the second hash value, the system is failed to be started safely.
In one aspect, an embodiment of the present application provides a safety starting device, including:
the download module is used for downloading first encrypted data associated with the current version of encrypted firmware from the cloud server, decrypting the first encrypted data to obtain a first digital signature, and executing trust root generation in a read-only memory and uploading the first encrypted data to the cloud server by taking the obtained random number, the key and the current version of encrypted firmware as inputs when the first encrypted data is started for the first time;
the signature verification module is used for verifying the first digital signature by adopting a public key, and if the signature verification is successful, a first hash value is obtained;
the encryption module is used for carrying out hash calculation on the locally stored safe abstract and the random number of the current version of the encryption firmware to obtain a second hash value;
and the processing module is used for safely starting a trusted environment in the system if the first hash value is consistent with the second hash value.
Optionally, the encryption module is specifically configured to:
generating a secure digest based on the random number, the key, and the current version of the encrypted firmware upon first boot-up;
carrying out hash calculation on the random number and the safety abstract to obtain a first hash value;
signing the first hash value by adopting a private key to obtain a first digital signature;
encrypting the first digital signature to obtain first encrypted data, and uploading the first encrypted data to a cloud server.
Optionally, the encryption module is further configured to:
and after generating a security digest based on the random number, the secret key and the current version of the encrypted firmware, storing the security digest, the random number and the current version of the encrypted firmware in a local flash memory.
Optionally, the encryption module is specifically configured to:
encrypting the first digital signature by adopting a symmetric key to obtain first encrypted data;
the decrypting the first encrypted data to obtain a first digital signature includes:
and decrypting the first encrypted data by adopting the symmetric key to obtain a first digital signature.
Optionally, the encryption module is specifically configured to:
uploading the first encrypted data and version information of the current version of the encrypted firmware to the cloud server, so that the cloud server adds the version information of the current version of the encrypted firmware to a white list.
Optionally, the processing module is further configured to:
after the trusted environment in the system is started up safely, verifying the digital signature of the untrusted environment in the system through the trusted environment, and starting up the untrusted environment in the system safely when the verification is passed.
Optionally, the processing module is further configured to:
if the signature verification fails, the system is started safely and fails;
if the first hash value is inconsistent with the second hash value, the system is failed to be started safely.
In one aspect, embodiments of the present application provide a computer device including a memory, a processor, and a computer program stored on the memory and executable on the processor, the processor implementing the steps of the secure boot method described above when the program is executed.
In one aspect, embodiments of the present application provide a computer-readable storage medium storing a computer program executable by a computer device, which when run on the computer device, causes the computer device to perform the steps of the secure boot method described above.
In the embodiment of the application, in the process of safe starting, the first encrypted data stored in the cloud server is obtained after the first digital signature is encrypted, so that the confidentiality of the digital signature is improved; further, even if the public key for signature verification is accidentally leaked, after the malicious user successfully verifies the first digital signature by adopting the leaked public key, only the first hash value can be obtained, but the plaintext information can not be obtained, so that the integrity and the source credibility of the content are ensured in the signing and signature verification process, and meanwhile, the leakage of the plaintext information is avoided. Secondly, encrypting firmware in the flash memory; generating first encrypted data through a trust root based on the random number, the secret key and the current version of encrypted firmware, and storing the first encrypted data in a cloud server; in the starting process, decrypting the first encrypted data to obtain a first digital signature; signing the first digital signature by adopting the public key to obtain a first hash value; carrying out hash calculation on the locally stored safe digest and the random number to obtain a second hash value; when the first hash value is consistent with the second hash value, the trusted environment in the secure starting system is started, the advantages of secure starting, trusted starting and encrypted starting are combined, and the security and the effect of secure starting are improved.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings that are needed in the description of the embodiments will be briefly described below, it will be apparent that the drawings in the following description are only some embodiments of the present invention, and that other drawings can be obtained according to these drawings without inventive effort for a person skilled in the art.
Fig. 1 is a schematic flow chart of a method for secure startup according to an embodiment of the present application;
fig. 2 is a schematic flow chart of a method for secure startup according to an embodiment of the present application;
fig. 3 is a schematic structural diagram of a safety starting device according to an embodiment of the present application;
fig. 4 is a schematic structural diagram of a computer device according to an embodiment of the present application.
Detailed Description
In order to make the objects, technical solutions and advantageous effects of the present invention more apparent, the present invention will be further described in detail with reference to the accompanying drawings and examples. It should be understood that the specific embodiments described herein are for purposes of illustration only and are not intended to limit the scope of the invention.
For ease of understanding, the terms involved in the embodiments of the present invention are explained below.
Secure Boot (Secure Boot): during the system start-up process, the former component verifies the digital signature of the latter component, and after verification, the latter component is operated, otherwise the system is stopped or reset. It is thus a means of tamper-proofing. The enablement of Secure Boot is achieved through a set of hardware fuses (fuses) that must be signed by a trusted entity identified by the hardware fuses for code to be executed to run on the Secure Boot enabled device.
Trusted Boot (Trusted Boot): during system start-up, the previous component measures (computes the HASH value) the next component (typically after the next component is signature verified), and then securely saves the measure. After the subsequent access to the platform, the measurement value of the component is reported to the cloud, the cloud is provided with a trusted white list, and if the version information of a certain component is not in the white list, the component is considered to be untrusted, because the component may be a signed but BUG version. Trusted boot is a means of managing trusted versions.
To realize trusted starting, firstly, cpu support is required, secondly, a trusted platform module (Trusted Platform Module, abbreviated as TPM) chip is required, and the TPM has two functions, namely: support of encryption and decryption algorithms is provided, and the effect is two: the symmetric key and the private key are stored. A one-time programmable memory (One Time Programmable, OTP) chip may also be needed for a partially embedded product.
Encryption starting: the firmware stored in flash memory (flash) is ciphertext, which is decrypted during boot-up.
eFuses: one-time programmable memory.
Digital signature: the public key digital signature is a section of digital symbol string which can not be forged by others only generated by the sender of the information, and is also a valid proof for the authenticity of the information sent by the sender of the information. It is a method for authenticating digital information that resembles a common physical signature written on paper, but is implemented using techniques in the field of public key cryptography. A set of digital signatures typically defines two complementary operations, one for signing and the other for verification. Digital signature is the application of asymmetric key encryption technology and digital digest technology. Digital signature technology is mostly implemented based on hash digests and asymmetric key cryptosystems.
Digital signature and verification based on hash algorithm: the hash function is a "compression function" by which an input of arbitrary length can be transformed via a hash function algorithm into an output of fixed length, the hash value of which is a digest, also known as a digital digest.
In the formal digital signature, a sender firstly adopts a hash algorithm to a sent file to obtain a Message Digest (Message Digest) with a fixed length; and signing the message digest by using the private key of the user to form a digital signature of the sender. The digital signature is sent to the receiver as a team member together with the original text; the receiver firstly decrypts the digital signature by using the public key of the sender to obtain a digital digest of the sender, then uses the same hash function to perform hash calculation on the original text to obtain a new message digest, and finally compares the message digest with the received message digest.
Referring to fig. 1, a process of a secure boot method is provided for an embodiment of the present application, where the process of the method is performed by a computer device, and includes the following steps:
step S101, downloading first encrypted data associated with the current version of encrypted firmware from the cloud server.
And when the cloud server is started for the first time, taking the obtained random number, the key and the current version of encryption firmware as inputs, executing a trust root in a read-only memory, generating first encryption data and uploading the first encryption data to the cloud server. And the trust root does not need to be repeatedly executed during the subsequent starting.
In each starting process, the computer equipment needs to download the first encrypted data associated with the current version of encrypted firmware from the cloud server.
Specifically, the first start may be the first start after firmware version update, the first start after factory shipment, the first start after system power-up, and the like. The trusted root code system is always a trusted source, and because Read Only Memory (ROM) is read only, based on this feature, the trusted root code can be cured in ROM as the starting point for secure booting. This piece of code cannot be easily replaced, so that the trustworthiness of the first piece of code can be ensured each time it is started.
In some embodiments, when executing the root of trust, specifically comprising the steps of:
generating a security digest based on the random number, the key and the current version of the encrypted firmware when first started; then carrying out hash calculation on the random number and the safe abstract to obtain a first hash value; signing the first hash value by adopting a private key to obtain a first digital signature; and encrypting the first digital signature to obtain first encrypted data, and uploading the first encrypted data to the cloud server.
Specifically, a key is obtained from eFuses and a random number is obtained from a true random number generator. The current version of the encrypted firmware refers to: the current version of firmware in Flash encrypted by a symmetric encryption method.
And calculating the random number, the secret key and the current version of encrypted firmware by adopting a hash algorithm to obtain a safe abstract. And packaging the safe digest and the random number, and performing hash calculation to obtain a first hash value. And then signing the first hash value by adopting the private key to obtain a first digital signature. And encrypting the first digital signature by adopting a symmetrical encryption mode or an asymmetrical encryption mode to obtain first encrypted data, and uploading the first encrypted data to a cloud server.
In the embodiment of the application, the confidentiality of the firmware is improved by changing the firmware in the plaintext form in Flash into the ciphertext form. When the security digest is generated, a random number is added, thereby effectively preventing replay attacks. And carrying out hash calculation on the safe digest and the random number to obtain a first hash value, and then signing the first hash value to obtain a first digital signature. Thus, even if the public key of the signature verification is revealed and the signature verification is successful on the first digital signature, only the first hash value can be obtained, but the safety abstract of the plaintext cannot be obtained, so that the confidentiality of the safety abstract is improved. After the first digital signature is generated, the digital signature is further encrypted, so that confidentiality of the digital signature is improved.
In some embodiments, the secure digest, the random number, and the current version of the encrypted firmware are stored in local flash memory.
In some embodiments, the first encrypted data and version information of the current version of the encrypted firmware are uploaded to the cloud server, such that the cloud server adds the version information of the current version of the encrypted firmware in the whitelist.
By establishing the white list function in the cloud server, a software version rollback prevention mechanism is realized, the bug of a trusted old version is avoided, and meanwhile, man-in-the-middle attack can be avoided.
It should be noted that, the computer device downloads the first encrypted data associated with the current version of the encrypted firmware from the cloud server, and may also be encrypted data that has been tampered with, which is not specifically limited in this application.
Step S102, decrypting the first encrypted data to obtain a first digital signature.
Specifically, when the first digital signature is encrypted by adopting a symmetric key in the trust root to obtain first encrypted data; correspondingly, when the secure boot is performed, the symmetric key is adopted to decrypt the first encrypted data, and the first digital signature is obtained. When the digital signature is encrypted by adopting a symmetrical encryption mode, the safe starting speed can be effectively improved, and the safe starting time is reduced.
When the first digital signature is encrypted by adopting a private key in the trust root to obtain first encrypted data; correspondingly, when the secure boot is started, the first encrypted data is decrypted by adopting the corresponding public key, and the first digital signature is obtained. When the digital signature is encrypted by adopting an asymmetric encryption mode, the security of the digital signature can be effectively improved.
Step S103, the public key is adopted to carry out signature verification on the first digital signature, and if the signature verification is successful, a first hash value is obtained.
If the signature verification fails, the system is started safely and fails.
Step S104, hash calculation is carried out on the locally stored safe digest of the current version of the encrypted firmware and the random number, and a second hash value is obtained.
Specifically, a secure digest and a random number of the current version of the encrypted firmware are obtained from the local flash memory, and then the secure digest and the random number of the encrypted firmware are packaged and then subjected to hash calculation to obtain a second hash value.
Step S105, if the first hash value is consistent with the second hash value, the trusted environment in the system is safely started.
If the first hash value is inconsistent with the second hash value, the system is failed to be started safely.
In the embodiment of the application, in the process of safe starting, the first encrypted data stored in the cloud server is obtained after the first digital signature is encrypted, so that the confidentiality of the digital signature is improved; further, even if the public key for signature verification is accidentally leaked, after the malicious user successfully verifies the first digital signature by adopting the leaked public key, only the first hash value can be obtained, but the plaintext information can not be obtained, so that the integrity and the source credibility of the content are ensured in the signing and signature verification process, and meanwhile, the leakage of the plaintext information is avoided. Secondly, encrypting firmware in the flash memory; generating first encrypted data through a trust root based on the random number, the secret key and the current version of encrypted firmware, and storing the first encrypted data in a cloud server; in the starting process, decrypting the first encrypted data to obtain a first digital signature; signing the first digital signature by adopting the public key to obtain a first hash value; carrying out hash calculation on the locally stored safe digest and the random number to obtain a second hash value; when the first hash value is consistent with the second hash value, the trusted environment in the secure starting system is started, the advantages of secure starting, trusted starting and encrypted starting are combined, and the effect of secure starting is improved.
In some embodiments, a digital signature of an untrusted environment (Normal world) in the system is verified by a trusted environment (Security world), and upon verification pass, the untrusted environment in the system is securely booted.
In the method, the safe starting of the trusted environment (Security world) and the untrusted environment (Normal world) is distinguished, so that the isolation of safe data and unsafe data is ensured, and the safety of the system is improved.
For better explaining the embodiments of the present application, a method for secure booting provided in the embodiments of the present application is described below in conjunction with a specific implementation scenario, where a flow of the method may be executed by a computer device, and includes the following steps, as shown in fig. 2:
in step 201, a security digest is calculated.
Specifically, a key is obtained from eFuses, a random number is obtained from a true random number generator, and symmetrically encrypted firmware is obtained from Flash. And carrying out hash calculation on the key, the random number and the encrypted firmware to obtain a security digest.
Step 202, packaging and storing the security digest, the random number and the encrypted firmware in Flash.
And 203, packaging the safe digest and the random data to perform hash function calculation to obtain a hash value.
And 204, signing the hash value by adopting a private key to obtain a digital signature.
Step 205, symmetrically encrypting the digital front to obtain encrypted data.
And step 206, uploading the encrypted data to a cloud server.
Step 207, downloading the encrypted data from the cloud server.
And step 208, symmetrically decrypting the encrypted data to obtain a digital signature.
Step 209, signing the digital signature by using the public key.
Step 210, judging whether the signature verification is successful, if yes, executing step 211, otherwise executing step 216.
Step 211, the tag is checked to obtain a first hash value.
Step 212, hash calculation is performed on the secure digest and the random number in Flash to obtain a second hash value.
Step 213, determining whether the first hash value is equal to the second hash value, if so, executing step S214, otherwise executing step 216.
Step 214, securely booting the trusted environment in the system.
Step 215, securely booting an untrusted environment in the system.
In step 216, the system fails to start safely.
It should be noted that, when the first start is performed, the steps 201 to 216 are performed, and when the first start is not performed, the steps 207 to 216 are performed.
Based on the same technical concept, the embodiment of the present application provides a schematic structural diagram of a safety starting device, as shown in fig. 3, the safety starting device 300 includes:
the downloading module 301 is configured to download, from a cloud server, first encrypted data associated with a current version of encrypted firmware, and decrypt the first encrypted data to obtain a first digital signature, where the first encrypted data is input with the obtained random number, a key, and the current version of encrypted firmware, and execute a trust root in a read-only memory to generate and upload to the cloud server;
the signature verification module 302 is configured to verify the first digital signature by using a public key, and if the signature verification is successful, obtain a first hash value;
an encryption module 303, configured to perform hash computation on the locally stored secure digest of the current version of the encrypted firmware and the random number, to obtain a second hash value;
and the processing module 304 is configured to securely start a trusted environment in the system if the first hash value is consistent with the second hash value.
Optionally, the encryption module 303 is specifically configured to:
generating a secure digest based on the random number, the key, and the current version of the encrypted firmware upon first boot-up;
carrying out hash calculation on the random number and the safety abstract to obtain a first hash value;
signing the first hash value by adopting a private key to obtain a first digital signature;
encrypting the first digital signature to obtain first encrypted data, and uploading the first encrypted data to a cloud server.
Optionally, the encryption module 303 is further configured to:
and after generating a security digest based on the random number, the secret key and the current version of the encrypted firmware, storing the security digest, the random number and the current version of the encrypted firmware in a local flash memory.
Optionally, the encryption module 303 is specifically configured to:
encrypting the first digital signature by adopting a symmetric key to obtain first encrypted data;
the decrypting the first encrypted data to obtain a first digital signature includes:
and decrypting the first encrypted data by adopting the symmetric key to obtain a first digital signature.
Optionally, the encryption module 303 is specifically configured to:
uploading the first encrypted data and version information of the current version of the encrypted firmware to the cloud server, so that the cloud server adds the version information of the current version of the encrypted firmware to a white list.
Optionally, the processing module 304 is further configured to:
after the trusted environment in the system is started up safely, verifying the digital signature of the untrusted environment in the system through the trusted environment, and starting up the untrusted environment in the system safely when the verification is passed.
Optionally, the processing module 304 is further configured to:
if the signature verification fails, the system is started safely and fails;
if the first hash value is inconsistent with the second hash value, the system is failed to be started safely.
In the embodiment of the application, in the process of safe starting, the first encrypted data stored in the cloud server is obtained after the first digital signature is encrypted, so that the confidentiality of the digital signature is improved; further, even if the public key for signature verification is accidentally leaked, after the malicious user successfully verifies the first digital signature by adopting the leaked public key, only the first hash value can be obtained, but the plaintext information can not be obtained, so that the integrity and the source credibility of the content are ensured in the signing and signature verification process, and meanwhile, the leakage of the plaintext information is avoided. Secondly, encrypting firmware in the flash memory; generating first encrypted data through a trust root based on the random number, the secret key and the current version of encrypted firmware, and storing the first encrypted data in a cloud server; in the starting process, decrypting the first encrypted data to obtain a first digital signature; signing the first digital signature by adopting the public key to obtain a first hash value; carrying out hash calculation on the locally stored safe digest and the random number to obtain a second hash value; when the first hash value is consistent with the second hash value, the trusted environment in the secure starting system is started, the advantages of secure starting, trusted starting and encrypted starting are combined, and the effect of secure starting is improved.
Based on the same technical concept, the embodiment of the present application provides a computer device, as shown in fig. 4, including at least one processor 401 and a memory 402 connected to the at least one processor, where a specific connection medium between the processor 401 and the memory 402 is not limited in the embodiment of the present application, and in fig. 4, the processor 401 and the memory 402 are connected by a bus, for example. The buses may be divided into address buses, data buses, control buses, etc.
In the embodiment of the present application, the memory 402 stores instructions executable by the at least one processor 401, and the at least one processor 401 may perform the steps of the above-described secure booting method by executing the instructions stored in the memory 402.
Where the processor 401 is a control center of a computer device, various interfaces and lines may be utilized to connect various portions of the computer device, enabling secure booting by running or executing instructions stored in the memory 402 and invoking data stored in the memory 402. Alternatively, the processor 401 may include one or more processing units, and the processor 401 may integrate an application processor and a modem processor, wherein the application processor mainly processes an operating system, a user interface, an application program, etc., and the modem processor mainly processes wireless communication. It will be appreciated that the modem processor described above may not be integrated into the processor 401. In some embodiments, processor 401 and memory 402 may be implemented on the same chip, and in some embodiments they may be implemented separately on separate chips.
The processor 401 may be a general purpose processor such as a Central Processing Unit (CPU), digital signal processor, application specific integrated circuit (Application Specific Integrated Circuit, ASIC), field programmable gate array or other programmable logic device, discrete gate or transistor logic, discrete hardware components, which may implement or perform the methods, steps, and logic blocks disclosed in the embodiments of the present application. The general purpose processor may be a microprocessor or any conventional processor or the like. The steps of a method disclosed in connection with the embodiments of the present application may be embodied directly in a hardware processor for execution, or in a combination of hardware and software modules in the processor for execution.
Memory 402 is a non-volatile computer-readable storage medium that can be used to store non-volatile software programs, non-volatile computer-executable programs, and modules. The Memory 402 may include at least one type of storage medium, which may include, for example, flash Memory, hard disk, multimedia card, card Memory, random access Memory (Random Access Memory, RAM), static random access Memory (Static Random Access Memory, SRAM), programmable Read-Only Memory (Programmable Read Only Memory, PROM), read-Only Memory (ROM), charged erasable programmable Read-Only Memory (Electrically Erasable Programmable Read-Only Memory), magnetic Memory, magnetic disk, optical disk, and the like. Memory 402 is any other medium that can be used to carry or store desired program code in the form of instructions or data structures and that can be accessed by a computer device, but is not limited to such. The memory 402 in the present embodiment may also be circuitry or any other device capable of implementing a memory function for storing program instructions and/or data.
Based on the same inventive concept, embodiments of the present application provide a computer-readable storage medium storing a computer program executable by a computer device, which when run on the computer device, causes the computer device to perform the steps of the above-described secure boot method.
It will be appreciated by those skilled in the art that embodiments of the present invention may be provided as a method, or as a computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer device or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer device or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer device or other programmable apparatus to produce a computer device implemented process such that the instructions which execute on the computer device or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
While preferred embodiments of the present invention have been described, additional variations and modifications in those embodiments may occur to those skilled in the art once they learn of the basic inventive concepts. It is therefore intended that the following claims be interpreted as including the preferred embodiments and all such alterations and modifications as fall within the scope of the invention.
It will be apparent to those skilled in the art that various modifications and variations can be made to the present invention without departing from the spirit or scope of the invention. Thus, it is intended that the present invention also include such modifications and alterations insofar as they come within the scope of the appended claims or the equivalents thereof.
Claims (9)
1. A method of secure initiation comprising:
downloading first encrypted data associated with the current version of encrypted firmware from a cloud server, decrypting the first encrypted data to obtain a first digital signature, wherein the first encrypted data is generated by executing a trust root in a read-only memory and is uploaded to the cloud server by taking the obtained random number, a secret key and the current version of encrypted firmware as inputs when the first encrypted data is started for the first time;
the public key is adopted to carry out signature verification on the first digital signature, and if the signature verification is successful, a first hash value is obtained;
performing hash calculation on the locally stored safe abstract and random number of the current version of encrypted firmware to obtain a second hash value;
if the first hash value is consistent with the second hash value, a trusted environment in the system is safely started;
generating a secure digest based on the random number, the key, and the current version of the encrypted firmware upon first boot-up;
carrying out hash calculation on the random number and the safety abstract to obtain a first hash value;
signing the first hash value by adopting a private key to obtain a first digital signature;
encrypting the first digital signature to obtain first encrypted data, and uploading the first encrypted data to a cloud server.
2. The method of claim 1, wherein after generating the secure digest based on the random number, the key, and the current version of the encrypted firmware, further comprising:
and storing the safe digest, the random number and the current version of encrypted firmware in a local flash memory.
3. The method of claim 1, wherein encrypting the first digital signature to obtain first encrypted data comprises:
encrypting the first digital signature by adopting a symmetric key to obtain first encrypted data;
the decrypting the first encrypted data to obtain a first digital signature includes:
and decrypting the first encrypted data by adopting the symmetric key to obtain a first digital signature.
4. The method of claim 1, wherein the uploading the first encrypted data to a cloud server comprises:
uploading the first encrypted data and version information of the current version of the encrypted firmware to the cloud server, so that the cloud server adds the version information of the current version of the encrypted firmware to a white list.
5. The method of claim 1, further comprising, after securely booting a trusted environment in the system:
and verifying the digital signature of the un-trusted environment in the system through the trusted environment, and safely starting the un-trusted environment in the system when verification passes.
6. The method as recited in claim 1, further comprising:
if the signature verification fails, the system is started safely and fails;
if the first hash value is inconsistent with the second hash value, the system is failed to be started safely.
7. A safety starter device, comprising:
the download module is used for downloading first encrypted data associated with the current version of encrypted firmware from the cloud server, decrypting the first encrypted data to obtain a first digital signature, and executing trust root generation in a read-only memory and uploading the first encrypted data to the cloud server by taking the obtained random number, the key and the current version of encrypted firmware as inputs when the first encrypted data is started for the first time;
the signature verification module is used for verifying the first digital signature by adopting a public key, and if the signature verification is successful, a first hash value is obtained;
the encryption module is used for carrying out hash calculation on the locally stored safe abstract and the random number of the current version of the encryption firmware to obtain a second hash value;
the processing module is used for safely starting a trusted environment in the system if the first hash value is consistent with the second hash value;
the encryption module is specifically used for:
generating a secure digest based on the random number, the key, and the current version of the encrypted firmware upon first boot-up;
carrying out hash calculation on the random number and the safety abstract to obtain a first hash value;
signing the first hash value by adopting a private key to obtain a first digital signature;
encrypting the first digital signature to obtain first encrypted data, and uploading the first encrypted data to a cloud server.
8. A computer device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, characterized in that the processor implements the steps of the method of any of claims 1-6 when the program is executed by the processor.
9. A computer readable storage medium, characterized in that it stores a computer program executable by a computer device, which when run on the computer device causes the computer device to perform the steps of the method of any of claims 1-6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202410045851.1A CN117556430B (en) | 2024-01-12 | 2024-01-12 | Safe starting method, device, equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202410045851.1A CN117556430B (en) | 2024-01-12 | 2024-01-12 | Safe starting method, device, equipment and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN117556430A CN117556430A (en) | 2024-02-13 |
| CN117556430B true CN117556430B (en) | 2024-03-29 |
Family
ID=89823701
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202410045851.1A Active CN117556430B (en) | 2024-01-12 | 2024-01-12 | Safe starting method, device, equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN117556430B (en) |
Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110134424A (en) * | 2019-05-16 | 2019-08-16 | 上海东软载波微电子有限公司 | Firmware upgrade method and system, server, smart machine, readable storage medium storing program for executing |
| CN113239363A (en) * | 2021-06-01 | 2021-08-10 | 长江存储科技有限责任公司 | Firmware updating method, device, equipment, readable storage medium and memory system |
| CN113779645A (en) * | 2021-11-12 | 2021-12-10 | 南京大学 | Quantum digital signature and quantum digital signature encryption method |
| CN115168813A (en) * | 2022-06-29 | 2022-10-11 | 海光信息技术股份有限公司 | Firmware signature and processor boot method and apparatus |
| CN115296800A (en) * | 2022-06-09 | 2022-11-04 | 郑州信大捷安信息技术股份有限公司 | Verification method and system for cipher module firmware |
| CN115859267A (en) * | 2022-11-24 | 2023-03-28 | 深圳安捷力特新技术有限公司 | Method for safely starting application program, storage control chip and electronic equipment |
| CN115879111A (en) * | 2021-09-28 | 2023-03-31 | 华为技术有限公司 | Method, device and system for safe starting |
| WO2023071040A1 (en) * | 2021-10-29 | 2023-05-04 | 苏州浪潮智能科技有限公司 | System starting method, system starting device, server, and readable storage medium |
| CN116484379A (en) * | 2023-03-27 | 2023-07-25 | 阿里巴巴(中国)有限公司 | System starting method, system comprising trusted computing base software, equipment and medium |
-
2024
- 2024-01-12 CN CN202410045851.1A patent/CN117556430B/en active Active
Patent Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110134424A (en) * | 2019-05-16 | 2019-08-16 | 上海东软载波微电子有限公司 | Firmware upgrade method and system, server, smart machine, readable storage medium storing program for executing |
| CN113239363A (en) * | 2021-06-01 | 2021-08-10 | 长江存储科技有限责任公司 | Firmware updating method, device, equipment, readable storage medium and memory system |
| CN115879111A (en) * | 2021-09-28 | 2023-03-31 | 华为技术有限公司 | Method, device and system for safe starting |
| WO2023071040A1 (en) * | 2021-10-29 | 2023-05-04 | 苏州浪潮智能科技有限公司 | System starting method, system starting device, server, and readable storage medium |
| CN113779645A (en) * | 2021-11-12 | 2021-12-10 | 南京大学 | Quantum digital signature and quantum digital signature encryption method |
| CN115296800A (en) * | 2022-06-09 | 2022-11-04 | 郑州信大捷安信息技术股份有限公司 | Verification method and system for cipher module firmware |
| CN115168813A (en) * | 2022-06-29 | 2022-10-11 | 海光信息技术股份有限公司 | Firmware signature and processor boot method and apparatus |
| CN115859267A (en) * | 2022-11-24 | 2023-03-28 | 深圳安捷力特新技术有限公司 | Method for safely starting application program, storage control chip and electronic equipment |
| CN116484379A (en) * | 2023-03-27 | 2023-07-25 | 阿里巴巴(中国)有限公司 | System starting method, system comprising trusted computing base software, equipment and medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN117556430A (en) | 2024-02-13 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109313690B (en) | Self-contained encrypted boot policy verification | |
| AU2009233685B2 (en) | Method and apparatus for incremental code signing | |
| EP2659373B1 (en) | System and method for secure software update | |
| US8250373B2 (en) | Authenticating and verifying an authenticable and verifiable module | |
| JP4501349B2 (en) | System module execution device | |
| US8392724B2 (en) | Information terminal, security device, data protection method, and data protection program | |
| CN112507328B (en) | File signature method, computing device and storage medium | |
| CN112784278B (en) | Trusted starting method, device and equipment of computer system | |
| CN110688660B (en) | Method and device for safely starting terminal and storage medium | |
| CN109657479B (en) | Data leakage prevention method and computer readable storage medium | |
| CN109814934B (en) | Data processing method, device, readable medium and system | |
| JP6387908B2 (en) | Authentication system | |
| EP3224721A1 (en) | Method and device for providing verifying application integrity | |
| CN112632562B (en) | Device starting method, device management method and embedded device | |
| CN112511306A (en) | Safe operation environment construction method based on mixed trust model | |
| CN111327429B (en) | Terminal starting processing method and device | |
| CN116561734A (en) | Verification method, verification device, computer and computer configuration system | |
| CN117556430B (en) | Safe starting method, device, equipment and storage medium | |
| CN116484379A (en) | System starting method, system comprising trusted computing base software, equipment and medium | |
| CN110610079A (en) | Safe starting method, device and system | |
| CN108242997B (en) | Method and apparatus for secure communication | |
| CN114329522A (en) | Private key protection method, device, system and storage medium | |
| CN114024702A (en) | Information security protection method and computing device | |
| EP4030322A1 (en) | Method for protecting integrity of software in apparatus for continuity scenario | |
| CN115694790B (en) | Digital asset evidence-storing method, device, equipment and medium based on quantum security |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |