CN201518127U - Encrypted mobile memory based on password authentication - Google Patents
Encrypted mobile memory based on password authentication Download PDFInfo
- Publication number
- CN201518127U CN201518127U CN200920246377XU CN200920246377U CN201518127U CN 201518127 U CN201518127 U CN 201518127U CN 200920246377X U CN200920246377X U CN 200920246377XU CN 200920246377 U CN200920246377 U CN 200920246377U CN 201518127 U CN201518127 U CN 201518127U
- Authority
- CN
- China
- Prior art keywords
- module
- password
- data
- processing unit
- authentication
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Lifetime
Links
Images
Landscapes
- Storage Device Security (AREA)
Abstract
An encrypted mobile memory based on password authentication comprises a central processing unit, a data interface, a keyboard, a memory module, a data encryption module, a key management module and an identity authentication module, wherein the central processing unit is used for realizing central management control; the data interface is used for realizing data input and output; the keyboard is used for inputting operation commands and passwords; the memory module is connected with the central processing unit and comprises an encrypted partition for storing encrypted message of input data; the data encryption module is connected with the central processing unit and used for encrypting and decrypting data; the key management module is connected with the central processing unit and used for performing the key management functions including generating, storing, dispensing, updating and destroying; and the identity authentication module is connected with the central processing unit, the key management module and the keyboard and used for authenticating the identity authentication information of a user. The password authentication is performed by the user through the keyboard; the storage medium is read, written and controlled; and the working key is generated by a true random Number generator in the equipment and stored in the form of encrypted messages.
Description
Technical field
The utility model relates to a kind of data storage device, particularly be a kind of mobile memory of high security.
Background technology
In recent years, adopt the high capacity movable storage device of USB interface all to obtain using widely in all trades and professions, characteristics such as it has highly versatile, portable, easy use, capacity is big, the life-span is long have been substituted early stage 3.5 inches and 5.25 inches flexible plastic disc.But these high capacity movable storage devices have also brought great potential safety hazard when bringing convenience to the user, and for example user's identity can't authenticate, the data stored in clear is easily leaked this two big safety issue.In case user's movable storage device is lost or by illegal possessor's visit, will cause the leakage of inner confidential data, causes immeasurable loss can for user and even country.
In order to improve the security performance of movable storage device, some manufacturer has taked some safety practices one after another on movable storage device, has released safe mobile memory apparatus separately.
Some movable storage device has installed mechanical gear additional and has locked the visit of limited subscriber to equipment, and this means have no security concerning the professional person.
It is simple data guard technology that the movable storage device that has has used, and for example adopts hidden partition, does not adopt data encryption technology, and data easily are cracked, and security is lower.
The movable storage device that has adopts client software to realize data encrypting and deciphering, needs during use in client encryption and decryption software piece to be installed earlier, and inconvenient operation the more important thing is that software cryptography makes key and encipheror easily be cracked, and security is very low.
Some movable storage device needs software interface of operation earlier when inserting PC, the user enters password on this interface, and PC is issued movable storage device again with this password and come verification.This mode makes password lack reliable safeguard protection means, is easily intercepted or intercepts and captures on PC.
This shows the safety issue that the safety practice that these safe mobile memory apparatus are taked can't thoroughly solve ordinary mobile storage and faced.
Summary of the invention
The purpose of this utility model is, solves the technical matters that existing movable storage device need use a computer or other aid is encrypted.
For achieving the above object, the utility model provides a kind of ciphering type mobile memory based on password authentication, comprising:
One central processing unit is in order to realize central management control;
One data-interface is in order to realize the output and the input of data;
One keyboard is in order to input operation order and password;
One memory module is connected with described central processing unit, comprises an encrypted partition, and described encrypted partition is in order to the ciphertext of storage input data;
One data encryption module is connected with described central processing unit, is used for data are carried out encryption and decryption;
One key management module is connected with described central processing unit, realizes key management functions on the sheet, comprises generation, storage, distribution, the renewal of key;
One identity authentication module is connected with described central processing unit, key management module and keyboard respectively, and user's ID authentication information is authenticated.
Preferably, described key management module has a true Random Number Generator, and week produces working key.
Preferably, described authentication module stores first ciphertext of the password information that shows user identity.
Preferably, described authentication module uses the password of keyboard input to carry out producing second ciphertext after the computations user, and first ciphertext and second ciphertext are compared.
Preferably, described key management module obtains the protection key from first ciphertext, utilize described protection secret key encryption working key, is stored in the key management module with the ciphertext form.
Preferably, also comprise a box body, described central processing unit, memory module, data encryption module, key management module and authentication module are arranged in the described box body, and described keyboard and described data-interface are arranged on described box surface.
Preferably, also comprise a LCD display, be arranged on described box surface, the operation information of store status and execution is shown.
Preferably, described data-interface is a USB interface.
Preferably, but described memory module be the re-reading non-voltile memory of writing, flash memory, electric program read-only memory and micro hard disk, NAND flash one of them.
The beneficial effects of the utility model are, can directly on memory device, enter password, and has a key management functions on data encryption feature and the sheet, safe, capacity is big, the highly versatile that also keeps ordinary mobile storage simultaneously and had, need not to drive, be easy to carry, advantage such as easy to use, reliable; The user can change user password by keyboard, and is easy to operate; In case of emergency, the user can guarantee data security by the data destroying of initialization operation with storage; Encrypted partition and non-encrypted partition size can be adjusted voluntarily by the user, and be easy to use.
Description of drawings
Figure 1 shows that the functional block diagram of the utility model based on the ciphering type mobile memory of password authentication;
Figure 2 shows that the subregion synoptic diagram of memory module;
Figure 3 shows that the process flow diagram of user password verification;
Figure 4 shows that the process flow diagram of change user password;
Figure 5 shows that the process flow diagram of release user password;
Figure 6 shows that the process flow diagram that reinitializes;
Figure 7 shows that the process flow diagram of readjusting subregion.
Description of reference numerals:
1-ciphering type mobile memory; The 11-box body; The 12-authentication module; The 13-display screen; The 14-keyboard; The 15-central processing unit; The 16-data encryption module; The 17-memory module; The 171-encrypted partition; The non-encrypted subregion of 172-; The read-only subregion of 173-; The 18-key management module; The 19-data-interface.
Embodiment
Below in conjunction with accompanying drawing, be described in more detail with other technical characterictic and advantage the utility model is above-mentioned.
See also shown in Figure 1ly, it is the functional block diagram of the utility model based on the ciphering type mobile memory 1 of password authentication.Described ciphering type mobile memory 1 comprises box body 11, authentication module 12, display screen 13, keyboard 14, central processing unit 15, data encryption module 16, memory module 17, key management module 18 and data-interface 19.
The utility model adopts password to realize authentication.Adopt two kinds of passwords, comprise user password and super password.The authority that user password provides is the enciphered data in the read-write ciphering type mobile memory 1, and the change user password; The authority that super password provides is for separating lock password, and initialization ciphering type mobile memory 1.
Introduce the function of each module below in detail:
See also shown in Figure 2ly, memory module 17 comprises encrypted partition 171, non-encrypted subregion 172 and read-only subregion 173.
The input data are stored in the encrypted partition 171 with the ciphertext form after data encryption module 16 is encrypted, to its visit palpus authenticated password; 172 pairs of non-encrypted subregions are any addressable per capita, carry out data read and storage; Read-only subregion 173 internal memories contain a tool software, and the user moves this tool software on computers by behind the password authentication, can readjust the size of encrypted partition 171 and non-encrypted subregion 172.
Described first ciphertext is first eap-message digest that authentication module 12 is carried out digest algorithm SHA-1 calculating back generation with the password of system's setting, and its length is 160 bits.The password that described system is provided with can be user password, the super password of system default, user password, super password that also can the person of being to use oneself setting.
In use; when the user passes through password authentication; key management module 18 adopts described protection key that the working key ciphertext of its storage inside is decrypted; thereby obtain the plaintext of working key; again working key is expressly sent to central processing unit 15, be transmitted to data encryption module 16 to carry out encryption and decryption by central processing unit 15.
Data-interface 19 carries out data communication in order to realize the utility model and subscriber's main station, realizes the input and output of data, and it can be existing data-interface, as USB interface;
Described central processing unit 15, data encryption module 16, memory module 17, key management module 18 and authentication module 12 are arranged in the box body 11, and described display screen 13, keyboard 14 and data-interface 19 are arranged on box body 11 surfaces.
The utility model is integrated with display screen 13 and keyboard 14, on mobile memory of the present utility model, can carry out operations such as password input, release, change password, the user is under the prompting of display screen 13, on this keyboard 14, enter password, need not by computing machine, thereby avoid password on calculating, to be intercepted and intercept and capture.
The user imports user password by the keyboard on the equipment 14, finishes the password verification in authentication module 12, and verification demonstrates corresponding status information by the LCD display on the equipment 13 after finishing.In the whole process of password authentication, password can not appear at device external, effectively protects the safety of password; And the storage and the verification of password realized in password with the form of ciphertext in authentication module.
See also shown in Figure 3ly, be the process flow diagram of the utility model user password verification, the step 30 of user password verification comprises:
After above-mentioned steps 304 was finished, authentication module 12 allowed the user that the data in the encrypted partition 171 are conducted interviews, and the user can be by the data in the interface 19 read-write encrypted partitions 171.After above-mentioned steps 304 was finished, the user can also change user password.
The flow process of the utility model super password verification and the checking process of user password are similar.
See also shown in Figure 4ly, for the user changes the process flow diagram of user password, it step that comprises is:
Step 402 is carried out the step 30 of user password verification, and is passed through password authentication;
The flow process of the utility model change super password is similar with the flow process of change user password.
See also shown in Figure 5ly, be the process flow diagram of release user password, it step that comprises is:
Step 502 is carried out the super password verification, and by authentication;
See also shown in Figure 6ly, be initialized process flow diagram again, it step that comprises is:
Step 602 is carried out the super password verification, and by authentication;
In initialized process, key management module 18 produces new working key, and the ciphertext that was stored in originally in the encrypted partition 171 can not be deciphered with new working key, so the user can promptly destroy the data of storage by initialization operation; If the user wishes to keep the data of original storage, then need before initialization operation, former storage data be derived, reinitialize.
See also shown in Figure 7ly, for readjusting the process flow diagram of subregion, it step that comprises is:
Step 701 is connected ciphering type mobile memory 1 with computing machine;
Step 703 is moved the tool software in the read-only subregion 173 on computers, and the user regulates the capacity of encrypted partition 171 and non-encrypted subregion 172 in this software interface, carry out sectoring function then;
The utility model also has password authentication, data encryption, key management functions except having the data Mobile Storage Function MSF.The user has only by password authentication, just can carry out reading and writing control to the storage medium encrypted partition.After encrypting, store with the ciphertext form again the encrypting module of data on the storage medium encrypted partition in writing the fashionable equipment of process earlier.Data on the storage medium encrypted partition after needing to decipher through encrypting module in the equipment earlier, are read by the user with the plaintext form when reading again.Possess key management functions on the sheet, used key is produced by real random number generator in the equipment, and is unpredictable and renewable, and is stored in the ciphertext form in the safety barrier of inaccessible.This equipment can effectively prevent the risk of the data leak that brings because of device losses or by illegal possessor's visit, satisfies the requirement of user to the data safe storage, effectively protects the safety of various sensitivities, important information.This equipment integration has keyboard and LCD, and the user enters password on this keyboard under the prompting of LCD, need not by computing machine, thereby avoids password to be intercepted and intercept and capture on computers.The storage medium of this equipment can be divided into encrypted partition and non-encrypted subregion, the visit of encrypted partition needs the user to carry out password authentication, and non-encrypted area need not password authentication, and is any addressable per capita, and encrypted partition and non-encrypted partition size can be adjusted voluntarily by the user, and be easy to use.
More than be illustrative to description of the present utility model; and it is nonrestrictive; those skilled in the art is understood, and can carry out many modifications, variation or equivalence to it within spirit that claim limits and scope, but they will fall in the protection domain of the present utility model all.
Claims (9)
1. the ciphering type mobile memory based on password authentication is characterized in that, comprising:
One central processing unit is in order to realize central management control;
One data-interface is in order to realize the output and the input of data;
One keyboard is in order to input operation order and password;
One memory module is connected with described central processing unit, comprises an encrypted partition, and described encrypted partition is in order to the ciphertext of storage input data;
One data encryption module is connected with described central processing unit, is used for data are carried out encryption and decryption;
One key management module is connected with described central processing unit, realizes key management functions on the sheet, comprises generation, storage, distribution, renewal, the destruction of key;
One identity authentication module is connected with described central processing unit, key management module and keyboard respectively, and user's ID authentication information is authenticated.
2. the ciphering type mobile memory based on password authentication as claimed in claim 1 is characterized in that described key management module has a true Random Number Generator, is used for producing working key.
3. the ciphering type mobile memory based on password authentication as claimed in claim 1 is characterized in that described authentication module stores first ciphertext of the password information that shows user identity.
4. the ciphering type mobile memory based on password authentication as claimed in claim 3, it is characterized in that, described authentication module uses the password of keyboard input to carry out producing second ciphertext after the computations user, and first ciphertext and second ciphertext are compared.
5. the ciphering type mobile memory based on password authentication as claimed in claim 4; it is characterized in that; described key management module obtains the protection key from first ciphertext, utilize described protection secret key encryption working key, is stored in the key management module with the ciphertext form.
6. the ciphering type mobile memory based on password authentication as claimed in claim 1, it is characterized in that, also comprise a box body, described central processing unit, memory module, data encryption module, key management module and authentication module are arranged in the described box body, and described keyboard and described data-interface are arranged on described box surface.
7. the ciphering type mobile memory based on password authentication as claimed in claim 1 is characterized in that, also comprises a LCD display, is arranged on described box surface, and the operation information of store status and execution is shown.
8. the ciphering type mobile memory based on password authentication as claimed in claim 1 is characterized in that described data-interface is a USB interface.
9. the ciphering type mobile memory based on password authentication as claimed in claim 1, it is characterized in that, described memory module be the re-reading non-voltile memory of writing, flash memory, electric programmable read only memory and micro hard disk, NAND flash one of them.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN200920246377XU CN201518127U (en) | 2009-10-13 | 2009-10-13 | Encrypted mobile memory based on password authentication |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN200920246377XU CN201518127U (en) | 2009-10-13 | 2009-10-13 | Encrypted mobile memory based on password authentication |
Publications (1)
Publication Number | Publication Date |
---|---|
CN201518127U true CN201518127U (en) | 2010-06-30 |
Family
ID=42498850
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN200920246377XU Expired - Lifetime CN201518127U (en) | 2009-10-13 | 2009-10-13 | Encrypted mobile memory based on password authentication |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN201518127U (en) |
Cited By (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102387150A (en) * | 2011-10-31 | 2012-03-21 | 北京天地融科技有限公司 | Access control method and system of mobile memory and mobile memory |
CN102426555A (en) * | 2011-10-31 | 2012-04-25 | 北京天地融科技有限公司 | Mobile memory, and access control method and system thereof |
CN102902903A (en) * | 2012-10-10 | 2013-01-30 | 山东中孚信息产业股份有限公司 | Electronic commerce intelligent password key with button and implementation method for electronic commerce intelligent password key |
CN104639332A (en) * | 2015-02-25 | 2015-05-20 | 山东超越数控电子有限公司 | Protective method for solid-state disk encryption key |
CN110059469A (en) * | 2019-04-09 | 2019-07-26 | 广东电网有限责任公司 | A kind of safe U disc system and its application method |
CN112148791A (en) * | 2020-09-15 | 2020-12-29 | 张立旭 | Distributed data dynamic adjustment storage method and system |
CN112580115A (en) * | 2020-12-23 | 2021-03-30 | 湖南国科微电子股份有限公司 | Safety management method, device and equipment of NVME equipment and readable storage medium |
CN113408016A (en) * | 2021-05-24 | 2021-09-17 | 荣耀终端有限公司 | Method and device for storing ciphertext |
-
2009
- 2009-10-13 CN CN200920246377XU patent/CN201518127U/en not_active Expired - Lifetime
Cited By (11)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102387150A (en) * | 2011-10-31 | 2012-03-21 | 北京天地融科技有限公司 | Access control method and system of mobile memory and mobile memory |
CN102426555A (en) * | 2011-10-31 | 2012-04-25 | 北京天地融科技有限公司 | Mobile memory, and access control method and system thereof |
CN102426555B (en) * | 2011-10-31 | 2015-12-02 | 天地融科技股份有限公司 | The access control method of a kind of mobile memory, mobile memory and system |
CN102902903A (en) * | 2012-10-10 | 2013-01-30 | 山东中孚信息产业股份有限公司 | Electronic commerce intelligent password key with button and implementation method for electronic commerce intelligent password key |
CN102902903B (en) * | 2012-10-10 | 2016-03-30 | 中孚信息股份有限公司 | A kind of ecommerce intelligent code key with button and its implementation |
CN104639332A (en) * | 2015-02-25 | 2015-05-20 | 山东超越数控电子有限公司 | Protective method for solid-state disk encryption key |
CN110059469A (en) * | 2019-04-09 | 2019-07-26 | 广东电网有限责任公司 | A kind of safe U disc system and its application method |
CN112148791A (en) * | 2020-09-15 | 2020-12-29 | 张立旭 | Distributed data dynamic adjustment storage method and system |
CN112148791B (en) * | 2020-09-15 | 2024-05-24 | 张立旭 | Distributed data dynamic adjustment storage method and system |
CN112580115A (en) * | 2020-12-23 | 2021-03-30 | 湖南国科微电子股份有限公司 | Safety management method, device and equipment of NVME equipment and readable storage medium |
CN113408016A (en) * | 2021-05-24 | 2021-09-17 | 荣耀终端有限公司 | Method and device for storing ciphertext |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN201518127U (en) | Encrypted mobile memory based on password authentication | |
CN101562040B (en) | Data processing method of high-security mobile memory | |
CN101196855B (en) | Mobile encrypted memory device and cipher text storage area data encrypting and deciphering processing method | |
CN101650693B (en) | Security control method for mobile hard disk and security mobile hard disk | |
CN102156843B (en) | Data encryption method and system as well as data decryption method | |
CN201590091U (en) | Encryption type memory card read/write device based on password authentication | |
CN106533663B (en) | Data ciphering method, encryption method, apparatus and data decryption method, decryption method, apparatus | |
CN102163267A (en) | Solid state disk as well as method and device for secure access control thereof | |
CN103684786A (en) | Method and system for storing digital certificate and binding digital certificate to hardware carrier | |
CN106101150A (en) | The method and system of AES | |
TW201608408A (en) | Wireless authentication system and method for USB storage device | |
CN110401538A (en) | Data ciphering method, system and terminal | |
CN103544453A (en) | USB (universal serial bus) KEY based virtual desktop file protection method and device | |
CN103294969A (en) | File system mounting method and file system mounting device | |
CN201185082Y (en) | Mobile memory with high safety | |
CN104268447A (en) | Encryption method of embedded software | |
CN101770559A (en) | Data protecting device and data protecting method | |
CN201716734U (en) | Usb safe storage encryption device | |
CN103606223A (en) | Card authentication method and device | |
CN101127013A (en) | Enciphered mobile storage apparatus and its data access method | |
CN102270182B (en) | Encrypted mobile storage equipment based on synchronous user and host machine authentication | |
CN1607511B (en) | Data protection method and system | |
CN105681023A (en) | Dynamic encrypted communication method of upper computer and single chip computer | |
CN105426705A (en) | Encryption control system for accounting software | |
CN111815821B (en) | IC card security algorithm applied to intelligent door lock |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C14 | Grant of patent or utility model | ||
GR01 | Patent grant | ||
CX01 | Expiry of patent term | ||
CX01 | Expiry of patent term |
Granted publication date: 20100630 |