CN211630190U - Terminal equipment safety encryption and decryption system based on safety chip - Google Patents
Terminal equipment safety encryption and decryption system based on safety chip Download PDFInfo
- Publication number
- CN211630190U CN211630190U CN201922217641.3U CN201922217641U CN211630190U CN 211630190 U CN211630190 U CN 211630190U CN 201922217641 U CN201922217641 U CN 201922217641U CN 211630190 U CN211630190 U CN 211630190U
- Authority
- CN
- China
- Prior art keywords
- encryption
- terminal
- safety
- decryption
- mcu
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D30/00—Reducing energy consumption in communication networks
- Y02D30/70—Reducing energy consumption in communication networks in wireless communication networks
Landscapes
- Small-Scale Networks (AREA)
Abstract
The utility model discloses a terminal equipment safety encryption and decryption system based on safety chip, including terminal, safety gateway and main website, the terminal includes stand-by power supply, stand-by power supply's input is connected with outside power supply electricity, MCU's output is connected with information storage module, MCU's output and communication module are connected, communication module and antenna connection, MCU and encryption and decryption module are connected. According to the terminal equipment safety encryption and decryption system based on the safety chip, an encryption and decryption design scheme based on an SC1161Y chip is adopted by equipment, a safety encryption and decryption design method of external terminal equipment based on the safety chip is provided, a safety encryption and decryption design method of embedded terminal equipment based on the safety chip is provided, a communication function between the terminal equipment and main station equipment is achieved by adopting a digital authentication technology of SM2, and the safety and reliability of data transmission are ensured by adopting a mode of carrying out hardware encryption and decryption by adopting an SM1 algorithm for transmission of the main station and the terminal equipment.
Description
Technical Field
The utility model relates to a security protection system technical field specifically is a terminal equipment safety encryption and decryption system based on safety chip.
Background
At present, most manufacturers of terminal equipment of the internet of things mostly consider the factors such as the performance characteristics of the equipment, resource overhead required by SM2 algorithm operation, performance requirements of automated services and the like, and realize the safety protection upgrade and reconstruction of the intelligent terminal by replacing the original CPU main control board with the CPU main control board capable of running the SM2 algorithm. However, in the era of rapid development of information technology, such a terminal security protection means cannot resist various more complex attack means, so that research on a terminal encryption and decryption technology and development of an intelligent terminal with higher security performance become a significant and urgent subject faced by the current internet of things.
Generally, the existing terminal equipment of the internet of things has achieved a lot of achievements in the aspects of information security, false data injection attack defense, intelligent terminal equipment protection and the like, but a comprehensive defense system under different dimensions and a multi-layer secret protection design for the terminal equipment are not provided by a system. Therefore, a multidimensional defense system is constructed, information security encryption and decryption are integrated under the system, an integrated terminal multidimensional protection scheme is finally formed, and new technology and product-level support is provided for equipment security, operation and maintenance operation security and information communication security of the terminal in all directions.
SUMMERY OF THE UTILITY MODEL
Technical problem to be solved
The utility model provides a not enough to prior art, the utility model provides a terminal equipment safety encryption and decryption system based on safety chip has solved above-mentioned problem.
(II) technical scheme
In order to realize the purpose of the system, the utility model provides a following technical scheme: the utility model provides a terminal equipment safety encryption and decryption system based on safety chip, includes terminal, security gateway and main website, the terminal includes stand-by power supply, stand-by power supply's input is connected with external power supply, MCU's output is connected with information storage module, MCU's output and communication module are connected, communication module and antenna connection, MCU and encryption and decryption module are connected, MCU and pilot lamp circuit connection, MCU is connected with the button module, MCU is connected with wireless transceiver module, MCU is connected with ethernet module and RS485/RS232 communication module.
Preferably, the communication module is an 2/3/4G communication module.
Preferably, the method includes the following steps that the master station sends a request for connection with the terminal, the security gateway receives information of the master station, the security gateway is connected with the TCP of the terminal and performs bidirectional identity authentication, the bidirectional identity authentication between the terminal and the security gateway is successful, and the security gateway returns the authentication success between the master station and the terminal.
Preferably, the master station directly connects to the terminal to initiate a bidirectional identity authentication request, the terminal receives a signal to complete bidirectional authentication with the master station, the master station reads a chip serial number of the terminal, and the terminal returns the chip serial number.
Preferably, the master station acquires the key version of the terminal, the terminal returns the current key version, and the master station and the terminal start service handover (III)
Compared with the prior art, the utility model provides a terminal equipment safety encryption and decryption system based on safety chip possesses following beneficial effect:
1. according to the terminal equipment safety encryption and decryption system based on the safety chip, an encryption and decryption design scheme based on an SC1161Y chip is adopted by equipment, a safety encryption and decryption design method of external terminal equipment based on the safety chip is provided, a safety encryption and decryption design method of embedded terminal equipment based on the safety chip is provided, a communication function between the terminal equipment and main station equipment is achieved by adopting a digital authentication technology of SM2, and the safety and reliability of data transmission are ensured by adopting a mode of carrying out hardware encryption and decryption by adopting an SM1 algorithm for transmission of the main station and the terminal equipment.
Drawings
Fig. 1 is a schematic diagram of a hardware structure of a terminal device security encryption and decryption apparatus based on a security chip according to the present invention;
fig. 2 is a schematic view of a communication mode of the terminal device security encryption and decryption system based on the security chip according to the present invention;
fig. 3 is a schematic diagram of an embodiment of a terminal device security encryption and decryption system based on a security chip according to the present invention;
fig. 4 is a schematic diagram of an external encryption/decryption embodiment of a terminal device security encryption/decryption system based on a security chip according to the present invention;
fig. 5 is a schematic diagram of an embodiment of the embedded encryption and decryption in the terminal device security encryption and decryption system based on the security chip.
Detailed Description
The technical solutions in the embodiments of the present invention will be described clearly and completely with reference to the accompanying drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only some embodiments of the present invention, not all embodiments. Based on the embodiments in the present invention, all other embodiments obtained by a person skilled in the art without creative work belong to the protection scope of the present invention.
Referring to fig. 1-2, a terminal device safety encryption and decryption system based on a safety chip comprises a terminal, a safety gateway and a main station, wherein the terminal comprises a standby power supply, an input end of the standby power supply is connected with an external power supply, an output end of an MCU is connected with an information storage module, an output end of the MCU is connected with a communication module, the communication module is connected with an antenna, the MCU is connected with an encryption and decryption module, the MCU is connected with an indicator light circuit, the MCU is connected with a key module, the MCU is connected with a wireless transceiver module, and the MCU is connected with an Ethernet module and an RS485/RS232 communication module.
The communication module is an 2/3/4G communication module.
The method comprises the following steps that a main station sends a request for connecting with a terminal, a security gateway receives information of the main station, the security gateway is connected with a TCP of the terminal and conducts bidirectional identity authentication, the bidirectional identity authentication of the terminal and the security gateway is successful, and the security gateway returns the authentication success of the main station and the terminal.
The master station is directly connected with the terminal to initiate a bidirectional identity authentication request, the terminal receives a signal to complete bidirectional authentication with the master station, the master station reads a chip serial number of the terminal, and the terminal returns the chip serial number.
And the master station acquires the key version of the terminal, the terminal returns the current key version, and the master station and the terminal start service handover.
The utility model discloses use encryption and decryption technique as the core, adopt embedded safe chip, modular design theory, satisfy terminal communication safety requirement. The functions of data standardization analysis and encapsulation, communication service control management, bidirectional identity authentication, data encryption protection, terminal certificate management and the like are supported, the communication data safety between the terminal and the master station can be realized, and the standard communication protocol and information safety protection requirements of an automatic system are met.
Terminal equipment mainly is applied to data communication encryption and decryption system, and the equipment mainly communicates main website or other equipment through the form of RS485/RS232 and ethernet to the communication down, and the equipment mainly adopts 4G network communication technique to the communication of going up, is connected to high in the clouds service, issues the main website, accomplishes authentication and data encryption and decryption communication.
1. The MCU module is a 32-processor MCU of the device, and is mainly used for controlling peripheral circuits such as Ethernet, 4G communication and encryption/decryption chips SC 1161Y.
2. And the lower communication module supports RS485/RS232 and Ethernet communication, so that the communication connection between the master station and the terminal equipment is completed.
3. For the upper communication, a 4G network communication technology is adopted to realize the remote communication service between the terminal equipment and the main station.
4. The power supply module has the function of converting 220V or 9-36V direct current of input alternating current into 5V stable direct current power supply for equipment to work.
5. The indicating lamp circuit has the main functions of indicating the working state of data transmission and displaying system abnormity.
6. The information storage module has the main functions of storing important parameters, storing important data in time when power failure occurs and recovering the power failure state before the circuit is connected.
As shown in fig. 3, the intermediate link between the master station and the terminal in the automatic system of the internet of things is a core device for data communication and command control in the communication network. According to the actual environment, the safety encryption and decryption device is communicated with the main station and the terminal through the industrial Ethernet/serial port. The device can analyze and verify the ciphertext issued by the main station, determine whether to transmit the original data to the terminal according to the verification result, encrypt and decrypt the data uploaded by the terminal, and transmit the data to the main station in the form of the ciphertext or the plaintext. The security encryption and decryption device is provided with an encryption and decryption unit, an identity authentication unit, a network communication unit, a serial port communication unit and the like, a special encryption and decryption chip is embedded in the security encryption and decryption device, and an encryption and decryption algorithm and a communication module are integrated to realize encryption and decryption of data and transmission and communication of external data. And a national password symmetric cryptographic algorithm and an asymmetric cryptographic algorithm are supported, and the requirement of bidirectional identity authentication is met. The safety encryption and decryption device has strong safety, rich interfaces, high encryption and decryption speed, low power consumption and extremely high cost performance.
Data encryption and decryption requirements are considered for data communication between the equipment terminal and the main station, and data transmission between the equipment terminals needs to be encrypted and decrypted to realize safety protection on data transmission.
From the practical and industrialization angle, the safe encryption and decryption need be developed into embedded and external two kinds, and embedded part is used for the partly of new security terminal, and external part satisfies the demand of different scenes as having terminal equipment's transformation.
As shown in fig. 4, data is transmitted from the terminal device to the master station, encrypted by a secure encryption device and transmitted to the master station via a data transmission channel, and the master station decrypts the received data by software means. The channel of data transmission can use interfaces such as Ethernet, 4G and the like.
As shown in fig. 5, the security encryption and decryption module may be embedded in the terminal device, the security prevention and control framework, the terminal device reserves a structural space during design, and the security encryption and decryption module is embedded in the terminal device and connected through an RS485/RS232 interface. In the terminal equipment, the acquired data is encrypted by the security encryption module and then output, and then enters the master station system through the network. Otherwise, the data of the main station is encrypted by the internal software and then sent to the terminal equipment through the network.
In summary, the device adopts an encryption and decryption design scheme based on the SC1161Y chip, proposes a security encryption and decryption design method for an external terminal device based on a security chip, proposes a security encryption and decryption design method for an embedded terminal device based on a security chip, adopts the digital authentication technology of SM2 to realize the communication function between the terminal device and the master station device, and adopts the SM1 algorithm to perform hardware encryption and decryption for transmission between the master station and the terminal device to ensure the security and reliability of data transmission.
It is noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, the use of the verb "comprise a" to define an element does not exclude the presence of another, same element in a process, method, article, or apparatus that comprises the element.
Although embodiments of the present invention have been shown and described, it will be appreciated by those skilled in the art that changes, modifications, substitutions and alterations can be made in these embodiments without departing from the principles and spirit of the invention, the scope of which is defined in the appended claims and their equivalents.
Claims (3)
1. The utility model provides a terminal equipment safety encryption and decryption system based on safety chip, a serial communication port, including terminal, security gateway and main website, the terminal includes stand-by power supply, stand-by power supply's input is connected with external power supply, and MCU's output is connected with information storage module, MCU's output and communication module are connected, communication module and antenna connection, MCU is connected with encryption and decryption module, MCU and pilot lamp circuit connection, MCU is connected with the button module, MCU is connected with wireless transceiver module, MCU is connected with ethernet module and RS485/RS232 communication module, MCU is SC1161Y chip.
2. The terminal device security encryption and decryption system based on the security chip according to claim 1, wherein: the communication module is an 2/3/4G communication module.
3. The terminal device security encryption and decryption system based on the security chip according to claim 1, wherein: and the master station acquires the key version of the terminal, the terminal returns the current key version, and the master station and the terminal start service handover.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201922217641.3U CN211630190U (en) | 2019-12-11 | 2019-12-11 | Terminal equipment safety encryption and decryption system based on safety chip |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201922217641.3U CN211630190U (en) | 2019-12-11 | 2019-12-11 | Terminal equipment safety encryption and decryption system based on safety chip |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN211630190U true CN211630190U (en) | 2020-10-02 |
Family
ID=72628862
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201922217641.3U Active CN211630190U (en) | 2019-12-11 | 2019-12-11 | Terminal equipment safety encryption and decryption system based on safety chip |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN211630190U (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115174145A (en) * | 2022-05-30 | 2022-10-11 | 青岛海尔科技有限公司 | Equipment control method and edge gateway equipment |
-
2019
- 2019-12-11 CN CN201922217641.3U patent/CN211630190U/en active Active
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115174145A (en) * | 2022-05-30 | 2022-10-11 | 青岛海尔科技有限公司 | Equipment control method and edge gateway equipment |
| CN115174145B (en) * | 2022-05-30 | 2023-12-19 | 青岛海尔科技有限公司 | Equipment control method and edge gateway equipment |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN205490665U (en) | Thing networking systems's communication device | |
| CN103490234B (en) | Intelligent ZigBee power socket and network communicating system thereof | |
| WO2021012728A1 (en) | Channel encryption method for fieldbus in water management automation control system | |
| CN106656960B (en) | hilscher-based credible data acquisition system and method | |
| CN111711686A (en) | Safety protection method based on power distribution terminal | |
| CN211396994U (en) | NB-IoT (NB-IoT) safety communication intelligent door control device | |
| CN112270020B (en) | Terminal equipment safety encryption device based on safety chip | |
| CN104320419A (en) | Encryption remote control system of power distribution network | |
| CN112541990A (en) | Door lock opening method and system of intelligent cabinet | |
| CN103441850A (en) | Wireless security router, power distribution network data transmission system and operating method thereof | |
| CN115079648A (en) | Intelligent industrial control system | |
| CN211630190U (en) | Terminal equipment safety encryption and decryption system based on safety chip | |
| CN103441849B (en) | Wireless security router, power distribution network data transmission system and method for work thereof | |
| CN203352292U (en) | Power distribution network monitoring automation system having encryption function | |
| CN103326858A (en) | NFC dynamic password chip based on time mode and working method of NFC dynamic password chip | |
| CN207083082U (en) | A kind of electric power wireless communication terminal based on Micro USB interfaces | |
| CN106027258A (en) | TPM (Trusted Platform Module)-based household appliance remote control method | |
| CN100585575C (en) | System and method for ensuring safety use of storage device | |
| CN109246131B (en) | Safety reinforcing method and system for electricity consumption information acquisition terminal | |
| CN111181956A (en) | Wireless multi-service data encryption system and method applied to relay protection device | |
| CN111065091B (en) | Wireless data acquisition system and data transmission method based on lora | |
| CN103647654B (en) | A kind of power distribution terminal key management method based on trust computing | |
| CN203038378U (en) | Encryption type DTU module capable of performing external programming | |
| CN205721117U (en) | A kind of wrist-watch of built-in electronic identity card | |
| CN105162253A (en) | Wireless communication system for intellectualization of primary equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| PE01 | Entry into force of the registration of the contract for pledge of patent right | ||
| PE01 | Entry into force of the registration of the contract for pledge of patent right |
Denomination of utility model: A secure encryption and decryption system for terminal equipment based on security chip Effective date of registration: 20211029 Granted publication date: 20201002 Pledgee: China Construction Bank Corporation Nanjing Xinjiekou sub branch Pledgor: Jiangsu chuangbo Information Technology Co.,Ltd. Registration number: Y2021980011538 |
|
| PC01 | Cancellation of the registration of the contract for pledge of patent right | ||
| PC01 | Cancellation of the registration of the contract for pledge of patent right |
Date of cancellation: 20220126 Granted publication date: 20201002 Pledgee: China Construction Bank Corporation Nanjing Xinjiekou sub branch Pledgor: Jiangsu chuangbo Information Technology Co.,Ltd. Registration number: Y2021980011538 |
|
| PE01 | Entry into force of the registration of the contract for pledge of patent right | ||
| PE01 | Entry into force of the registration of the contract for pledge of patent right |
Denomination of utility model: A secure encryption and decryption system for terminal equipment based on security chip Effective date of registration: 20220218 Granted publication date: 20201002 Pledgee: China Construction Bank Corporation Nanjing Xinjiekou sub branch Pledgor: Jiangsu chuangbo Information Technology Co.,Ltd. Registration number: Y2022980001672 |
|
| PC01 | Cancellation of the registration of the contract for pledge of patent right | ||
| PC01 | Cancellation of the registration of the contract for pledge of patent right |
Date of cancellation: 20230203 Granted publication date: 20201002 Pledgee: China Construction Bank Corporation Nanjing Xinjiekou sub branch Pledgor: Jiangsu chuangbo Information Technology Co.,Ltd. Registration number: Y2022980001672 |