1261175 玫、發明說明: 發明所屬之技術領域 本發明是有關於一種用於通用序列匯流排(USB, Universal Serial Bus)裝置的認證(authentication)方法,且 特別是有關於一種用於通用序列匯流排〇TG (On-The-Go) 裝置的認證方法。 先前技術 不論在生活中或是在工作上,隨處可見各種電子產 品。在各種電子產品之間常常使用通用序列匯流排(USB, Universal Serial Bus)作為其資料傳輸之介面,例如將印表 機透過USB連接至個人電腦,或是將個人數位助理(PDA, Personal Digital Assistant)透過USB連接至個人電腦。在 各種USB裝置之應用中,必須由其中一個裝置擔任主機 (host)角色(例如前例中之個人電腦),而由另一個裝置擔任 周邊(peripheral)角色(例如前例中之印表機或是個人數位助 理)。前述主機係、負責主導USB之資料/訊號傳遞。 傳統USB裝置中何者擔任主機角色以及何者為周邊 角色通常是固定的。例如,數位相機以USB與個人電腦 連接而傳送相片(影像檔案)至個人電腦,此個人電腦擔任 USB主機,而數位相機則是USB周邊;個人電腦透過USB 與印表機連線以便將相片列印輸出。換句話說,USB周邊 裝置無法直接與另一 USB周邊裝置傳輸資料,必須經由 USB主機才能完成。所以,於USB 2.0規格書(specification) 中增加了 OTG (〇n-The-GO)補充規範,制定了以USB相 12823twf.doc 5 1261175 連接之二裝置間單入主機或周邊之決定機制。關於OTG 協定之詳細規範可參考USB 2.0規格書之〇TG補充規範 (On-The-Go Supplement to the USB 2.0 specification, Revision 1.0a) o 圖1是說明USB OTG的裝置進行對話請求協定(SRP, Session Request Protocol)及主機談判協定(HNP,Host Negotiation Protocol)的關係圖。請參照圖1,圖中裝置A 與裝置B皆具有USB介面且以此相互連接。方塊111與121 分別表示裝置A與裝置B皆處於暫停(suspend)狀態。裝置 A與裝置B經由OTG規範中的對話請求協定(SRP,Session Request Protocol) 130而決定主機與周邊,在此假設裝置 A擔任主機(方塊112)且裝置B為周邊(方塊122)。此時裝 置A即可透過USB向裝置B進行資料存取。因此,即克 服了傳統USB將主機/周邊角色固定之缺點。更甚者,裝 置A與裝置B更可進一步透過OTG規範中的主機談判協 定(HNP,Host Negotiation Protocol) 140 進行角色交換(role change),而使裝置A改成為周邊(方塊113)且裝置B改擔 任主機(方塊123)。因此,可提供USB裝置更彈性之連接 機制,例如,可使數位相機透過USB直接連接至隨身碟(儲 存相片)或是印表機(列印相片)而不再需要個人電腦協助傳 輸資料。 但是OTG規範中並未有認證(authentication)機制,而 且現今USB裝置通常是小型且容易攜帶的,因此容易受 非法使用者經由USB竊取/刪改裝置中的資料。 12823twf.doc 6 1261175 發明内容 本發明的目的就是在提供一種用於通用序列匯流排 (USB,Universal Serial Bus) OTG (On-The-Go)裝置的認證 (authentication)方法,於OTG規範中的主機談判協定(HNP, Host Negotiation Protocol)完成前即進行認證規則,以使 USB主機辨識USB周邊是否為合法裝置。當USB周邊不 是合法裝置時,USB主機即拒絕進行角色交換(role change)。因此,即可加強USB主機之資訊安全。 本發明的再一目的是提供一種用於通用序列匯流排 OTG裝置的認證方法,於OTG規範中USB主機進行設定 /存取USB周邊之前即進行認證規則,以使USB周邊辨識 USB主機是否為合法裝置。當USB主機不是合法裝置時, USB周邊即拒絕與USB主機進行資料存取。因此,即可 加強USB周邊之資訊安全。 本發明提出一種用於通用序列匯流排OTG裝置的認 證方法,包括提供第一裝置與第二裝置,第一裝置與第二 裝置之間以通用序列匯排流(USB)相互連接並且支持OTG 協定,其中第一裝置擔任主機(host)且第二裝置為周邊 (peripheral)。此主機以一認證規則辨識此周邊裝置是否為 合法裝置。當周邊裝置為合法裝置時,主機即傳送致能訊 號至周邊裝置以進行主機談判協定(HNP)而使第一裝置轉 換角色(role)為周邊,並且使第二裝置轉換角色為主機。 當周邊為不合法裝置時,主機即拒絕與周邊進行主機談判 協定。 12823twf.doc 7 1261175 依照本發明的較佳實施例所述用於通用序列匯流排 OTG裝置的認證方法,上述提供第一裝置與第二裝置之步 驟中,第一裝置以及第二裝置係經由對話請求協定(SRP, Session Request Protocol)而決定第一裝置擔任主機(h〇st)且 第二裝置為周邊(peripheral)。 依照本發明的較佳實施例所述用於通用序列匯流排 OTG裝置的認證方法,上述之認證規則譬如是共享金鑰辨 識法(Share Key Authentication)。 依照本發明的較佳實施例所述用於通用序列匯流排 OTG裝置的認證方法,上述主機以認證規則辨識周邊是否 為合法裝置之步驟中,包括此主機傳送明文(plaim ^^)至 此周邊裝置。而周邊裝置依金鑰將明文加密而獲得對應之 密文(ciphertext) ’並且將密文傳駐主機。魅機於接收 後依金鍮以及明文檢查密文是否正心若正確,則此周邊 為合法裝置;若不正確,則此周邊為不合法裝置。 依照本發明、的較佳實施例所述用於通料列匯流排 OTG裝置的認證方法,更包括當主機於傳送明文 預定時間内尚未獲得敎時,主機即拒 機 談判協定。 』故适仃主椒 OTG裝置的認證方法,更包括由、列匯流為 枯由周邊裝置傳送周i^署 料至主機。此主機依照周邊裝置資料 ’山 證規則,若不支持認證規則,主機 :否支持絮 談判協定。 p拒絕與周邊進行主招 12823twf.doc 8 1261175 依照本發明的較佳實施例所述用於通用序列匯流排 OTG裝置的認證方法,上述之周邊裝置資料包含一周邊裝 置識別資訊,而用於通用序列匯流排OTG裝置的認證方 法更包括於主機中建置裝置認證資訊表(device authentication info table),此裝置認證資訊表係用於記錄 周邊裝置識別資訊以及對應之認證失敗次數。當主機檢查 該密文之結果為不正確時,將與此周邊對應之周邊裝置識 別資訊儲存於裝置認證資訊表中,並且將此周邊之認證失 敗次數累加一次。由主機檢查周邊對應之認證失敗次數, 當認證失敗次數大於預設次數(例如三次)時,此主機即拒 絕與此周邊進行主機談判協定。 依照本發明的較佳實施例所述用於通用序列匯流排 OTG裝置的認證方法,更包括當主機檢查密文之結果為正 確時,將此周邊對應之認證失敗次數歸零。 本發明提出一種用於通用序列匯流排OTG裝置的認 證方法,包括提供第一裝置與第二裝置,此第一裝置與第 二裝置之間以通用序列匯排流(USB)相互連接並且支持 〇TG協定,其中第一裝置擔任主機(host)且第二裝置為周 邊(peripheral)。周邊裝置以認證規則辨識主機是否為合法 裝置。當此主機為合法裝置時,此周邊允許主機存取周邊 之資料。當主機為不合法裝置時,此周邊即拒絕與此主機 進行資料存取。 依照本發明的較佳實施例所述用於通用序列匯流排 OTG裝置的認證方法,上述周邊以認證規則辨識主機是否 12823twf.doc 9 1261175 :…置之步驟中,包括周邊傳送明文(piaint時主 機。而主機依金鑰將明文加密而獲得對應之密文⑷如 =)’㈣將密文傳送至周邊。周邊依金鍮以及明文檢查 在文疋否正痛’若是,則此主機為合法裝置;若否,則 此主機為不合法裝置。 又…、本毛明的較佳實施例所述用於通用序列匯流排 政置的…旦方法,更包括周邊裝置傳送周邊裝置資料 =機。此主機依周邊裝£資料判斷此周$是否支持/致 能前述之認證規則’若此周邊禁能/不支持認證規則,此 主機即可存取周邊之資料。 本發明因於OTG協定中加入認證機制,因此可以防 $ USB裝置中所存放的資料遭受非法存取,加強資訊安 全。本發明可保護USB裝置中擔任主機者之資訊安全, 防止非法使用者利用USB 〇TG協定將原刪主機轉換為 USB周邊而任意存取其資料。本發明亦可保護卩叩裝置 中擔任周邊者之資訊安全,於此欲保護之USB裝置(usb 周邊)被其他裝置(USB主機)存取資料之前提供一認證機 制’防止非法使用者透過USB任意存取其資料。 為讓本發明之上述和其他目的、特徵和優點能更明顯 易懂,下文特舉一較佳實施例,並配合所附圖式,作詳細 說明如下。 圖2是依照本發明一較佳實施例繪示的一種通用序列 匯排/瓜(USB) OTG裝置於角色交換(r〇le change)前之認證 12823twf.doc 10 1261175 程序流程圖。請參照圖2,在此假設已提供有第一裝置與 第二裝置(未繪示),而第一裝置與第二裝置之間以USB相 互連接並且皆支持OTG協定。於初時,假設第一裝置擔 任主機(host)的角色並且第二裝置為周邊(peripheral)角 色。於步驟S201中,第二裝置依OTG協定之資料結構將 周邊裝置資料傳送給第一裝置。此周邊裝置資料例如包含 裝置描述符(device descriptor)、結構描述符(configuration descriptor)以及認證描述符(authentication descriptor)。關 於裝置描述符與結構描述符可參考USB 2·0規格書與OTG 補充規範(On-The-Go Supplement to the USB 2.0 specification,Revision 1.0a),故不在此贅述。 步驟S202,第一裝置即從第二裝置所傳送而來的周邊 裝置資料中檢查是否有認證描述符。換句話說,步驟S202 即在檢測第二裝置是否支持認證程序,若第二裝置未支持 此認證程序,於本實施例中第一裝置譬如拒絕與第二裝置 進行主機談判協定(HNP,Host Negotiation Protocol),亦即 第一裝置拒絕與第二裝置進行角色轉換(role change)。 前述之認證描述符於本實施例中譬如為表1所示之資 料結構。於此範例中,認證描述符中的第一個位元組(byte) 用於說明此認證描述符之長度共占有多少位元組(在此為4 位元組)。認證描述符中的第二個位元組是記載此描述符 之形式碼,在此0x41例如代表本描述符為認證描述符。 認證描述符中的第三個位元組係說明所支持之認證規則為 何種演算法,在此僅以共享金输辨識法(Share Key 12823twf.doc 11 1261175BACKGROUND OF THE INVENTION 1. Field of the Invention This invention relates to an authentication method for a Universal Serial Bus (USB) device, and more particularly to a general-purpose serial bus. 〇 TG (On-The-Go) device authentication method. Prior Art A variety of electronic products can be found everywhere, whether in life or at work. A universal serial bus (USB) is often used as a data transmission interface between various electronic products, such as connecting a printer to a personal computer via USB, or a personal digital assistant (PDA, Personal Digital Assistant). ) Connect to a personal computer via USB. In the application of various USB devices, one of the devices must be in the host role (such as the personal computer in the previous example), and the other device acts as a peripheral role (such as the printer or the individual in the previous example). Digital assistant). The aforementioned host system is responsible for leading the USB data/signal transmission. Which of the traditional USB devices is the host role and which is the peripheral role is usually fixed. For example, a digital camera transmits a photo (image file) to a personal computer by connecting a USB to a personal computer. The personal computer functions as a USB host, and the digital camera is a USB peripheral; the personal computer is connected to the printer via USB to display the photo. Print output. In other words, the USB peripheral device cannot transfer data directly to another USB peripheral device and must be completed via a USB host. Therefore, the OTG (〇n-The-GO) supplemental specification has been added to the USB 2.0 specification, and the decision mechanism for the single-input host or peripheral between the two devices connected by the USB phase 12823twf.doc 5 1261175 has been established. For detailed specifications of the OTG protocol, refer to the On-The-Go Supplement to the USB 2.0 specification, Revision 1.0a. o FIG. 1 is a diagram illustrating a USB OTG device for a dialog request protocol (SRP, Session Request Protocol) and the Host Negotiation Protocol (HNP). Referring to FIG. 1, both device A and device B have a USB interface and are connected to each other. Blocks 111 and 121 respectively indicate that both device A and device B are in a suspended state. The device A and the device B determine the host and the periphery via the SRP (Session Request Protocol) 130 in the OTG specification, and assume that the device A is the host (block 112) and the device B is the periphery (block 122). At this time, device A can access data to device B via USB. Therefore, the disadvantage of the traditional USB to fix the host/peripheral role is overcome. Moreover, the device A and the device B can further perform role change through the Host Negotiation Protocol (HNP) 140 in the OTG specification, and change the device A to the periphery (block 113) and the device. B is changed to host (block 123). Therefore, a more flexible connection mechanism for the USB device can be provided. For example, the digital camera can be directly connected to the flash drive (storing photo) or the printer (printing photo) via USB without the need for a personal computer to assist in transferring the data. However, there is no authentication mechanism in the OTG specification, and today's USB devices are usually small and easy to carry, so they are vulnerable to unauthorized users to steal/delete data in the device via USB. 12823 twf.doc 6 1261175 SUMMARY OF THE INVENTION It is an object of the present invention to provide an authentication method for a Universal Serial Bus (OT) (On-The-Go) device, a host in the OTG specification. The authentication rule (HNP, Host Negotiation Protocol) is performed before the completion of the authentication rule, so that the USB host recognizes whether the USB peripheral is a legitimate device. When the USB peripheral is not a legitimate device, the USB host refuses to perform a role change. Therefore, the information security of the USB host can be enhanced. A further object of the present invention is to provide an authentication method for a universal serial bus OTG device. In the OTG specification, an authentication rule is performed before the USB host performs setting/accessing the USB periphery, so that the USB peripheral identifies whether the USB host is legal. Device. When the USB host is not a legitimate device, the USB peripheral refuses to access the data with the USB host. Therefore, the information security around USB can be enhanced. The present invention provides an authentication method for a universal serial bus OTG device, including providing a first device and a second device. The first device and the second device are interconnected by a universal serial bus (USB) and support an OTG protocol. Where the first device acts as a host and the second device is a peripheral. The host identifies whether the peripheral device is a legitimate device by an authentication rule. When the peripheral device is a legitimate device, the host transmits the enable signal to the peripheral device for Host Negotiation Agreement (HNP) to cause the first device to switch the role to the periphery and the second device to switch the role to the host. When the perimeter is an illegal device, the host refuses to negotiate a host agreement with the perimeter. 12823 twf.doc 7 1261175 The authentication method for a universal serial bus OTG device according to a preferred embodiment of the present invention, wherein the step of providing the first device and the second device, the first device and the second device are in a dialogue The SRP (Session Request Protocol) determines that the first device is the host (h〇st) and the second device is the peripheral. According to a preferred embodiment of the present invention, the authentication method for the universal sequence bus OTG device is, for example, a Share Key Authentication. According to a preferred embodiment of the present invention, in the method for authenticating a general-purpose serial bus OTG device, the host uses the authentication rule to identify whether the peripheral is a legitimate device, and includes the host transmitting a plaintext (plaim ^^) to the peripheral device. . The peripheral device encrypts the plaintext according to the key to obtain the corresponding ciphertext and transmits the ciphertext to the host. After receiving the ciphertext and checking whether the ciphertext is correct, the surrounding is a legal device; if it is not correct, the surrounding is an illegal device. According to the preferred embodiment of the present invention, the authentication method for the billing bus OTG device further includes the host negotiating the agreement when the host has not obtained the defect within the predetermined time of transmitting the plaintext. Therefore, it is suitable for the authentication method of the main pepper OTG device, including the distribution of the main stream and the sinking of the peripheral device to the host. This host is in accordance with the peripheral device data. If the authentication rules are not supported, the host: No support for the negotiation agreement. p refusal to make a main move with the periphery 12823 twf. doc 8 1261175 The authentication method for the universal serial bus OTG device according to the preferred embodiment of the present invention, the peripheral device data includes a peripheral device identification information, and is used for general purpose The authentication method of the serial bus OTG device further includes a device authentication info table in the host, and the device authentication information table is used for recording the peripheral device identification information and the corresponding number of authentication failures. When the result of checking the ciphertext by the host is incorrect, the peripheral device identification information corresponding to the periphery is stored in the device authentication information table, and the number of authentication failures in the periphery is accumulated once. The host checks the number of authentication failures corresponding to the periphery. When the number of authentication failures is greater than the preset number of times (for example, three times), the host rejects the host negotiation agreement with the periphery. The authentication method for the universal sequence bus OTG device according to the preferred embodiment of the present invention further includes zeroing the number of authentication failures corresponding to the periphery when the result of the host checking the ciphertext is correct. The present invention provides an authentication method for a universal serial bus OTG device, including providing a first device and a second device. The first device and the second device are connected to each other by a universal serial bus (USB) and support 〇 The TG protocol, where the first device acts as a host and the second device acts as a peripheral. The peripheral device uses the authentication rule to identify whether the host is a legitimate device. When the host is a legitimate device, the periphery allows the host to access peripheral data. When the host is an illegal device, the neighbor refuses to access the data with this host. According to a preferred embodiment of the present invention, the authentication method for the universal serial bus OTG device, wherein the peripheral uses the authentication rule to identify whether the host is 12823 twf.doc 9 1261175: ... in the step of including the surrounding plaintext (piaint host) The host encrypts the plaintext with the key to obtain the corresponding ciphertext (4) such as =) ' (4) to transfer the ciphertext to the periphery. Peripheral 鍮金鍮 and clear text check Nothing is wrong in the text. If yes, the host is a legal device; if not, the host is an illegal device. Further, the preferred embodiment of the present invention for the general-purpose serial bus arranging method includes a peripheral device transmitting peripheral device data = machine. The host judges whether the US$ supports/enables the aforementioned authentication rules according to the surrounding data. If the peripheral disables/does not support the authentication rules, the host can access the surrounding data. The invention incorporates an authentication mechanism in the OTG protocol, thereby preventing unauthorized access to data stored in the USB device and enhancing information security. The invention can protect the information security of the host in the USB device, and prevent the illegal user from using the USB 〇TG protocol to convert the original deleted host to the USB periphery and arbitrarily access the data. The invention can also protect the information security of the peripheral device in the device, and the USB device (surrounding usb) to be protected provides an authentication mechanism before the other device (USB host) accesses the data. Access their data. The above and other objects, features, and advantages of the present invention will become more apparent from the understanding of the appended claims. 2 is a flow chart of a general sequence sink/gut (USB) OTG device prior to role exchange according to a preferred embodiment of the present invention. 12823 twf.doc 10 1261175. Referring to Figure 2, it is assumed here that a first device and a second device (not shown) have been provided, and the first device and the second device are connected to each other by USB and both support the OTG protocol. At the beginning, it is assumed that the first device assumes the role of a host and the second device is a peripheral role. In step S201, the second device transmits the peripheral device data to the first device according to the data structure of the OTG protocol. The peripheral device data includes, for example, a device descriptor, a configuration descriptor, and an authentication descriptor. For the device descriptor and structure descriptor, refer to the USB 2.0 specification and the OTG supplement specification (On-The-Go Supplement to the USB 2.0 specification, Revision 1.0a), and therefore will not be described here. Step S202, the first device checks whether there is an authentication descriptor from the peripheral device data transmitted from the second device. In other words, step S202 is to detect whether the second device supports the authentication procedure. If the second device does not support the authentication procedure, in the embodiment, the first device refuses to negotiate a host with the second device (HNP, Host Negotiation). Protocol), that is, the first device refuses to perform a role change with the second device. The foregoing authentication descriptor is, for example, the data structure shown in Table 1 in this embodiment. In this example, the first byte (byte) in the authentication descriptor is used to indicate how many bytes (here 4 bits) the length of this authentication descriptor is. The second byte in the authentication descriptor is a formal code that describes the descriptor, where 0x41 represents, for example, the present descriptor as an authentication descriptor. The third byte in the authentication descriptor indicates which algorithm the supported authentication rule is. Here, only the shared gold input identification method (Share Key 12823twf.doc 11 1261175)
Authentication)為實施例。因此認證形式碼若為〇則譬如 表示不支持共享金鑰辨識法,當認證形式碼為1則譬如表 示支持共享金鑰辨識法。認證描述符中的第四個位元組係 指出目前之認證狀態(authentication status)係為致能(enable) 狀態(例如為1)亦或是禁能(disable)狀態(例如為0)。 表1依照本發明較佳實施例之認證描述符的資料結構 偏移量 内容 描述 1 長度(length) 4 2 描述符形式 (descriptor type) 0x41 認證形式 〇 :不支持 3 (authentication type) 1 ··支持共享金鑰辨識法 4 認證狀態 0 :禁能 1 :致能 當第二裝置所傳送而來的周邊裝置資料中具有認證描 述符時,即進一步從認證描述符中判斷第二裝置是否支持 預定之認證規則(步驟S203),本實施例中係採用共享金鑰 辨識法。若不支持預定之認證規則,第一裝置譬如拒絕與 第二裝置進行HNP。反之,當第二裝置支持預定之認證規 則時,即進行步驟S204。 為防止故意藉由OTG協定將第一裝置由主機角色轉 換成周邊以便於非法存取第一裝置的資料,本實施例於第 一裝置(主機)中建置一裝置認證資訊表(device authentication info table)。此裝置認證資訊表係用於記錄 12823twf.doc 12 1261175 曾經透過USB OTG而嘗試進行 及其認證失敗次數,其資料結構==之所有裳置資訊 一 1】如表2所不。其中第〇〜1 9 位元組係記載曾嘗試認證的裝 一/, 丹117之一,而第20〜39位 兀組則記載另一裝置的相關資 fL, 貝Λ,苐40位元組以下可以 此類推。以第〇〜19位元組為例 ^ ^ 弟〇位兀組記錄第〇〜19 位兀組之資料狀態,例如,當Α # 為〇時則表示為禁能狀態, 右為1時則表示致能狀態。第〗 乐1 1 8位兀組係記載嘗試認 證之裝置資訊’依此裝置資訊呈 不且貝Α具有唯一性(例如指出前述 之弟二裝置)。第19位元組則兮己粹士驶罢 〜圮綠此裝置(如第二裝置)的 認證失敗次數。 表2依照本發明較佳實施例之裝置認證資訊表的資料結 偏移量 内容 描述 0 資料致能A 0 :禁能 夂能 1-18 裝置描述符A 裝置描述符資訊 (Device Descriptor) (Device Descriptor Tnfn、 19 認證失敗計數器A 當認證失敗次數大於3即拒 絕進行認證 20 資料致能B 〇 :禁能 1 :致能 21-38 裝置描述符B —----- 裝置描述符資訊 (Device Descriptor) (Device Descriptor Info) 39 認證失敗計數器B -—-—. 當認證失敗次數大於3即拒 12823twf.doc 13 1261175 ------ 絕進行認證 -^ • · · ---- 乂驟S204,第-裝置(主機)依第二裝置(周邊)傳送來 之,置描述符於裝置認證資訊表中查找第二裝置的認證失 敗次數,若其認證失敗次數大於3次則第一裝置譬如拒絕 與第二裝置進行HNP,反之則進行步驟S2〇5。 ^第一裝置(主機)於步驟S205中將明文(plaimtext)傳送 給弟二裝置(周邊)。此明文内容可任意編寫(或是亂數產 生)仁第裝置須將此明文保留以便後續步驟使用。將 •明文傳送給第二裝置的資料結構可參考表3實施之。其中 第〇個位元組用於說明此明文描述符(plaintext descrip㈣ 之長度共占有多少位元組(在此例如A x+3位元組,X為 正整數)。第1個位元組是記載此描述符之形式碼,在此 例如代表本描述符為明文描述符。第2個位元組係指出所 使用之旱金餘編號(Share Key Number)。第3〜(X+2)個位 元組則記載明文内容。 偏移量 狂I抛例之明文描述符的資料钴槿 内容 描述 0 長度 X+3 1 描述符形式 0x42 2 狀態 共享金输之編號 3 〜(X+2) 明文 共X位元組之明文 鑰編號選用預定之加密金鑰,並且以此加密金鑰將明文加 12823twf.doc 14 1261175 =進而獲得密文(eipher text)。第二裝置產生密文後隨即將 松幻專送給第-裝置(步驟s禀)。將密文傳送給第一裝置 :貝=結構可參考表4實施之。其中第〇個位元組用於說 在抢文描述符(ciphertext descriptor)之長度共占有多少 位讀(在此例如為X + 3位dX為正整數)。第1個位 記载此描述符之形式瑪,在此㈣例如代表本描 述=密文描述符。第2個位元組係指出第二裝 (二V例如,…無密文、1表示加密尚未完成 則,己费L貝1^不已完成加密(οκ)。帛3〜(叫個位元組 則圮载密文内容。Authentication) is an embodiment. Therefore, if the authentication form code is 〇, for example, it means that the shared key identification method is not supported, and when the authentication form code is 1, it indicates that the shared key identification method is supported. The fourth byte in the authentication descriptor indicates that the current authentication status is either an enable state (e.g., 1) or a disable state (e.g., 0). Table 1 Data Structure Offset Content Description of Authentication Descriptor in accordance with a Preferred Embodiment of the Present Invention 1 Length 4 2 Descriptor type 0x41 Authentication form 〇: 3 (authentication type) 1 ·· Supporting shared key identification method 4 Authentication state 0: Disable 1: Enable when the authentication device is included in the peripheral device data transmitted by the second device, that is, further determine from the authentication descriptor whether the second device supports the reservation. The authentication rule (step S203) is a shared key identification method in this embodiment. If the predetermined authentication rule is not supported, the first device, for example, refuses to perform HNP with the second device. On the other hand, when the second device supports the predetermined authentication rule, step S204 is performed. In order to prevent the first device from being converted from the host role to the periphery by the OTG protocol, in order to illegally access the data of the first device, the embodiment establishes a device authentication information table in the first device (host) (device authentication info Table). This device authentication information sheet is used to record 12823twf.doc 12 1261175. It has been attempted through USB OTG and its number of authentication failures. The data structure == all the information of the placement 1] is not shown in Table 2. Among them, the first to the ninth digits record one of the ones that have tried to be certified, and one of the Dans 117, while the 20th to 39th 兀 group records the related assets of another device, fB, 苐40 元The following can be deduced. Taking the 〇~19 octet as an example ^ ^ The 〇 〇 兀 group records the data status of the 〇 19 19 兀 group, for example, when Α # is 〇, it is disabled, and when 右 is 1, it is Enable state. The first 〖1 8 8 系 记载 记载 记载 记载 记载 记载 记载 记载 记载 记载 记载 记载 记载 尝试 尝试 尝试 尝试 尝试 尝试 尝试 尝试 尝试 尝试 尝试 尝试 尝试 尝试 尝试 尝试 尝试 尝试 尝试 。 。 。 。 The 19th triad is the number of authentication failures of this device (such as the second device). Table 2: Data Delimitation Content Description of Device Authentication Information Table in accordance with a Preferred Embodiment of the Present Invention 0 Data Enable A 0 : Disabled Energy 1-18 Device Descriptor A Device Descriptor (Device Descriptor) Descriptor Tnfn, 19 Authentication Failure Counter A Reject authentication when the number of authentication failures is greater than 3 20 Data Enable B 〇: Disable 1: Enable 21-38 Device Descriptor B —----- Device Descriptor Information (Device Descriptor) (Device Descriptor Info) 39 Authentication Failure Counter B -—--. When the number of authentication failures is greater than 3, it is rejected. 12823twf.doc 13 1261175 ------ Absolute authentication -^ • · · ---- S204, the first device (host) transmits the second device (peripheral), and the descriptor is used to find the number of authentication failures of the second device in the device authentication information table. If the number of authentication failures is greater than 3 times, the first device is Rejecting the HNP with the second device, otherwise proceeding to step S2〇5. ^ The first device (host) transmits the plaintext to the second device (peripheral) in step S205. The plaintext content can be arbitrarily written. (or random number generation) The device must retain this plaintext for subsequent steps. The data structure for transmitting the plaintext to the second device can be implemented with reference to Table 3. The second byte is used to describe the plaintext. Descriptor (the length of the plaintext descrip (4) occupies a total of a number of bytes (here, for example, A x + 3 bytes, X is a positive integer). The first byte is the formal code that records this descriptor, here for example This descriptor is a plaintext descriptor. The second byte indicates the share key number used. The third to (X+2) bytes record the plaintext content. I of the plaintext descriptor of the lead example Cobalt 槿 content description 0 Length X+3 1 Descriptor form 0x42 2 Status shared gold input number 3 ~ (X+2) Clear text total X-byte group clear key number selected Encrypt the key, and use this encryption key to add the text to 12823twf.doc 14 1261175 = and then obtain the eipher text. The second device generates the ciphertext and then secretly delivers it to the device (step s禀). Transfer the ciphertext to the first device: shell = structure can be used It is implemented in test table 4. The third byte is used to say how many bits are read in the length of the ciphertext descriptor (here, for example, X + 3 bits dX is a positive integer). The first bit records the form of this descriptor, and here (4) represents, for example, the description = ciphertext descriptor. The second byte indicates that the second device (two V, for example, ... no ciphertext, 1 indicates that the encryption has not been completed, and the fee has not been completed (οκ). 帛 3 ~ (called a byte) Then load the ciphertext content.
--一,共 X 位 文 為防止第二裝置(周邊)加密耗時過久,可於步㈣ S206之間加入限時機制。圖3是依 之 :會示的-種USB主機等待USB =、: 請同時參照圖2與圖3,步驟伽中第_:/置之(; ^月文傳达給第二褒置(周邊)後,第二裝置隨即開始進 仃力m料第—裝置中之計時器亦開始計時。第一 12823twf.doc 15 1261175 裝置在等待接收密文的過程中,可隨時發送「接收要求 (Descnptor)給第二裝置以探詢加密狀況(步驟“ο 於步驟S302中,楚一壯艰 遍,否_亍牛驟;;裂置若已元成加密,則進行步驟 P心 3。當第二裝置尚未完成加密時, P又迗NAK訊息給第一裝置(步驟S3〇3)。第一 Μ後,若其計時器之計時結果尚未大於預定時_ "二各T為正整數)(步驟S304),即重複進行步驟83〇1。 =計,器之計時結果超過預定時間,第—裝置譬如拒絕與 弟一虞置進行HNP。 ’、 照圖2’於步驟隨中,第一裝置(主機)檢 測疋否完成接收密文。若無法完成接收密文時,第 譬=絕與第二裝置進行HNP。當完整接收密文後,隨即 S1則述之預定金鑰與明文檢查密文是否正確無誤(步驟 ㈣)。若檢查結果確屬正確,則第—褒置 俄 資訊表中關於第二裝置之切俄奏於A軚&十、衣罝 置之⑽祖失敗次數歸零(步驟S209)後 二裝置進行HNP(步驟S21G)。當完成卿後, 弟一裝置即由原先擔任主機角色改變為周邊裳置,而第二 裝置亦改變角色成為主機。關於HNp可 格書之⑽補充規範(〇n_The_GoSu咖emt〇the.= 2.0 spec丨ftcat圆,Revisi〇n ! 〇a),故不在此贅述。 若步驟S208之檢查結果顯示此密文不正確時,第一 裝置隨即將第二裝置之認證失敗次數累加一次(步驟 S川)。同時,將第二裝置的裝置描述符資訊及其認證失 敗次數處存在裝置認證資訊表中(步冑s2]2)。步驟S川 12823twf.doc 16 1261175 係判斷認證失敗次數是否超出預定次數(在此例如為3 次),當認證失敗次數已經超出預定次數時,第一裝置即 拒絕與第二裝置進行HNP。若認證失敗次數未超過預定次 數時,第一裝置將認證結果傳送給第二裝置(步驟S214)。 用於將認證結果傳送給第二裝置的資料結構可參考表5實 施之。其中第0個位元組用於說明此認證結果描述符 (authentication-result descriptor)之長度共占有多少位元組 (在此為3位元組)。第1個位元組是指出目前認證結果, 例如,0表示認證失敗,而1則表示認證成功。第2個位 元組則記載目前認證失敗次數。 表5依照本發明較佳實施例之認證結果描述符的資料結 構 偏移量 内容 描述 0 長度 3 1 目前認證結果 (Current Authentication Result) 0 :失敗(fail) 1 :成功(OK) 2 認證失敗計數器 (Authentication Fail Counter) 認證失敗次數 前述實施例係保護USB主機中之資訊安全,防止非 法使用者利用USB OTG協定將原USB主機轉換為USB 周邊而任意存取其資料。但是假設欲保護之裝置一開始即 擔任USB周邊裝置的角色,前述實施例即無法應用。為 12823twf.doc 17 1261175 能保護此種狀況,本發明再提出用於USB OTG裝置的另 一認證方法,當欲保護之USB裝置擔任周邊裝置角色時, 於此欲保護之USB裝置(USB周邊)被其他裝置(USB主機) 存取資料之前提供一認證機制,防止非法使用者透過USB 任意存取其資料。因此,以下再舉另一實施例以說明本發 明。 圖4是依照本發明另一較佳實施例繪示的一種用於通 用序列匯流排OTG裝置的認證方法流程圖。請參照圖4, 在此假設已提供有第一裝置與第二裝置(未繪示),而第一 裝置與第二裝置之間以USB相互連接並且皆支持OTG協 定。在此,假設第一裝置擔任主機(host)的角色並且第二 裝置為周邊(peripheral)角色。於步驟S401中,第二裝置 依OTG協定之資料結構將周邊裝置資料傳送給第一裝置。 此周邊裝置資料例如包含裝置描述符(device descriptor)、 結構描述符(configuration descriptor)以及認證描述符 (authentication descriptor)等。關於裝置描述符與結構描述 符請參考USB 2.0規格書與OTG補充規範(On-The-Go Supplement to the USB 2.0 specification,Revision 1.0a), 故不在此贅述。 步驟S402,第一裝置即從第二裝置所傳送而來的周邊 裝置資料中檢查是否有認證描述符。換句話說,步驟S402 即在檢測第二裝置是否支持認證程序,若第二裝置未支持 此認證程序,於本實施例中第一裝置即比照一般USB 0TG 裝置而與第二裝置進行資料存取;反之,當第二裝置支持 12823twf.doc 18 1261175 此認證程序,則進行步驟S403。本實施例中之認證描述符 於譬如為前—實施例中表1所示之資料結構,故不在此贅 述0 步驟S4G3,第—裝置即從第二裝置所傳送而來的認證 描述符中檢測其認證狀態是否致能(本實施例中譬如丨為 致能,〇為禁能)。若認證狀態=1,即進行步驟s4〇4;若 認證狀態=0,則第一裝置即比照一般USB 〇丁G裝置而與 弟一^裝置進行資料存取。 第一裝置(主機)將其裝置資訊傳送給第二 S405,第二裝置於收到第一裝置的裝置 步驟S404, 裝置(周邊)。步驟 資訊後隨即將明文(plaint text)傳送給第一裝置。此明文内 容可任意編寫(或是亂數產生),但第二裝置須將此明文保 留以便後續步驟使用。此傳送明文的資料結構可參考前實 施例的表3實施之,故不在此贅述。 步驟S4G6,第-裝置在收到明文後隨即進行加密處 理。此加密處理所需之加密金料本實_巾譬如由使用 者輸入之田第一裝置(主機)完成加密處理並獲得密文 ㈣he"⑽後,隨即將密文傳送給第二裝置(周邊)(步驟 S407)。當第二裝置完整接收密文後,隨即利用預設於第 二裝置中之預定金錄與前述之明文檢查此密文是否正確無 誤,並將認證結果傳送給第一裝置(步驟S4〇8)。 步驟S409,第一裝置依第二裝置所傳送回來的認證結 果判斷是否通過認證。若通過認證,則第一裝置便被允許 與第二裝置進行資料存取(步驟_)。反之,若未通過認 12823twf.doc 19 1261175 證,則第一裝置顯示一訊息告知使用者認證失敗(步驟 S411),並詢問使用者是否再輸入金鑰以再一次進行驗證(步 驟S412)。若選擇是,則重複進行步驟S405〜S412 ;反之, 則結束認證程序,亦即第二裝置拒絕第一裝置透過USB 與其進行資料存取。 雖然本發明已以較佳實施例揭露如上,然其並非用以 限定本發明,任何熟習此技藝者,在不脫離本發明之精神 和範圍内,當可作些許之更動與潤飾,因此本發明之保護 範圍當視後附之申請專利範圍所界定者為準。 【圖式簡單說明】 圖1是說明USB OTG的裝置進行對話請求協定(SRP, Session Request Protocol)及主機談判協定(HNP,Host Negotiation Protocol)的關係圖。 圖2是依照本發明一較佳實施例繪示的一種通用序列 匯排流(USB) OTG裝置於角色交換(role change)前之認證 程序流程圖。 、 圖3是依照本發明之較佳實施例繪示的一種USB主 機等待USB周邊傳回密文之流程圖。 圖4是依照本發明另一較佳實施例繪示的一種用於通 用序列匯流排OTG裝置的認證方法流程圖。 【圖式標示說明】 111 :第一裝置於暫停(suspend)狀態 112 :第一裝置擔任主機(host)角色 113 :第一裝置擔任周邊(peripheral)角色 12823twf.doc 20 1261175 121 :第二裝置於暫停(suspend)狀態 122 :第二裝置擔任主機(host)角色 123 :第二裝置擔任周邊(peripheral)角色 1 30 : — 對話請求協定(SRP,Session Request Protocol) 140 :主機談判協定(HNP,Host Negotiation Protocol) S201〜S214 :依照本發明較佳實施例所述的一種通用 序列匯排流(USB) OTG (On-The-Go)裝置於角色交換(role change)前之認證程序各步驟 S301〜S304 :依照本發明較佳實施例所述的一種USB 主機等待USB周邊傳回密文之各步驟 S401〜S412 :依照本發明另一較佳實施例所述的一種 用於USB OTG裝置的認證方法之各步驟 12823twf.doc 21-- One, a total of X bits In order to prevent the second device (peripheral) encryption from taking too long, a time-limited mechanism can be added between step (4) and S206. Figure 3 is based on: the type of USB host waiting for USB =,: Please refer to Figure 2 and Figure 3 at the same time, the step gamma in the _: / set (; ^ month to the second device (around After that, the second device starts to enter the force meter. The timer in the device also starts to count. The first 12823twf.doc 15 1261175 The device can send the "receiving request" (Descnptor) at any time while waiting to receive the ciphertext. The second device is queried for the encryption status (step "o" in step S302, Chu is a strong and hard, no _ 亍 骤;; if the splicing has been encrypted, then step P is performed. When the second device has not yet When the encryption is completed, P again sends a NAK message to the first device (step S3〇3). After the first time, if the timing result of the timer is not greater than the predetermined time, _ " each T is a positive integer) (step S304) , that is, repeat step 83 〇 1. = count, the timing of the device exceeds the predetermined time, the first device, for example, refuses to perform HNP with the device. ', according to Figure 2' in the step, the first device (host) Detect whether the ciphertext is received or not. If the ciphertext cannot be completed, the 譬= absolutely HNP with the second device When the ciphertext is completely received, then the S1 is described as the predetermined key and the plaintext check whether the ciphertext is correct (step (4)). If the check result is correct, then the second device is in the Russian information table. After the completion of the Qing (the step S209), the second device performs HNP (step S21G). When the completion of the Qing, the device is changed from the original host role to The surrounding device is set, and the second device also changes the role to become the host. Regarding the supplementary specification of HNp (10), the 规范n_The_GoSu coffee emt〇the.= 2.0 spec丨ftcat circle, Revisi〇n ! 〇a), it is not described here. If the result of the check in step S208 indicates that the ciphertext is incorrect, the first device then accumulates the number of authentication failures of the second device once (step S). At the same time, the device descriptor information of the second device and its authentication fail. The number of times exists in the device authentication information table (step s2] 2). Step Schuan 12823twf.doc 16 1261175 determines whether the number of authentication failures exceeds a predetermined number of times (here, for example, 3 times), when the number of authentication failures has exceeded the predetermined number of times. When the number of times, the first device refuses to perform HNP with the second device. If the number of authentication failures does not exceed the predetermined number of times, the first device transmits the authentication result to the second device (step S214). For transmitting the authentication result to the second device The data structure of the device can be implemented with reference to Table 5. The 0th byte is used to indicate how many bytes (here, 3-bit) of the length of the authentication-result descriptor. The first byte indicates the current authentication result. For example, 0 indicates that the authentication failed, and 1 indicates that the authentication is successful. The second byte records the current number of authentication failures. Table 5: Data Structure Offset Content Description of Authentication Result Descriptor in accordance with a Preferred Embodiment of the Present Invention 0 Length 3 1 Current Authentication Result 0: Fail 1 : Success (OK) 2 Authentication Failure Counter (Authentication Fail Counter) The number of authentication failures is to protect the information security in the USB host and prevent unauthorized users from using the USB OTG protocol to convert the original USB host to the USB peripheral and access its data arbitrarily. However, the foregoing embodiment cannot be applied, assuming that the device to be protected functions as a USB peripheral device from the beginning. 1823 twf.doc 17 1261175 can protect this situation, the present invention further proposes another authentication method for the USB OTG device, when the USB device to be protected acts as a peripheral device, the USB device (USB peripheral) to be protected here An authentication mechanism is provided before other devices (USB host) access data to prevent unauthorized users from accessing their data through USB. Therefore, another embodiment will be further described below to explain the present invention. 4 is a flow chart of an authentication method for a general-purpose serial bus OTG device according to another preferred embodiment of the present invention. Referring to FIG. 4, it is assumed here that a first device and a second device (not shown) are provided, and the first device and the second device are connected to each other by USB and both support the OTG protocol. Here, it is assumed that the first device assumes the role of a host and the second device is a peripheral role. In step S401, the second device transmits the peripheral device data to the first device according to the data structure of the OTG protocol. The peripheral device data includes, for example, a device descriptor, a configuration descriptor, an authentication descriptor, and the like. Please refer to the USB 2.0 specification and the OTG Supplemental Specification (On-The-Go Supplement to the USB 2.0 specification, Revision 1.0a) for device descriptors and structure descriptions. Step S402, the first device checks whether there is an authentication descriptor from the peripheral device data transmitted from the second device. In other words, step S402 is to detect whether the second device supports the authentication program. If the second device does not support the authentication program, in the embodiment, the first device performs data access with the second device according to the general USB 0TG device. Conversely, when the second device supports the 12823 twf.doc 18 1261175 authentication procedure, step S403 is performed. The authentication descriptor in this embodiment is, for example, the data structure shown in Table 1 in the previous embodiment, so the zero step S4G3 is not described here, and the first device is detected from the authentication descriptor transmitted from the second device. Whether the authentication status is enabled (in this embodiment, if it is enabled, it is disabled). If the authentication status is 1, the step s4〇4 is performed; if the authentication status is =0, the first device performs data access with the other device in comparison with the general USB device. The first device (host) transmits its device information to the second S405, and the second device receives the device of the first device, step S404, device (peripheral). Step Information is followed by the transmission of plain text to the first device. This plaintext content can be arbitrarily written (or generated indiscriminately), but the second device must retain this plaintext for subsequent steps. The data structure of the transmitted plaintext can be implemented by referring to Table 3 of the previous embodiment, and therefore will not be described here. In step S4G6, the first device performs encryption processing immediately after receiving the plaintext. The encrypted gold material required for the encryption processing is obtained by the first device (host) input by the user, and the ciphertext is transmitted to the second device (peripheral) after obtaining the ciphertext (4) he" (10). (Step S407). After the second device completely receives the ciphertext, it checks whether the ciphertext is correct by using the predetermined gold record preset in the second device and the foregoing plaintext, and transmits the authentication result to the first device (step S4〇8). . In step S409, the first device determines whether the authentication is passed according to the authentication result transmitted by the second device. If authenticated, the first device is allowed to access data with the second device (step _). On the other hand, if the certificate is not passed, the first device displays a message informing the user that the authentication has failed (step S411), and asks the user whether to re-enter the key to perform verification again (step S412). If yes, steps S405 to S412 are repeated; otherwise, the authentication procedure is ended, that is, the second device rejects the first device to access data through the USB. While the present invention has been described in its preferred embodiments, the present invention is not intended to limit the invention, and the present invention may be modified and modified without departing from the spirit and scope of the invention. The scope of protection is subject to the definition of the scope of the patent application. BRIEF DESCRIPTION OF THE DRAWINGS FIG. 1 is a diagram showing a relationship between a USB OTG device and a Session Request Protocol (SRP) and a Host Negotiation Protocol (HNP). 2 is a flow chart of an authentication procedure of a universal serial stream (USB) OTG device prior to a role change, in accordance with a preferred embodiment of the present invention. FIG. 3 is a flow chart of a USB host waiting for a USB peripheral to transmit back ciphertext according to a preferred embodiment of the present invention. 4 is a flow chart of an authentication method for a general-purpose serial bus OTG device according to another preferred embodiment of the present invention. [Illustration Description] 111: The first device is in a suspend state 112: the first device acts as a host role 113: the first device acts as a peripheral role 12823twf.doc 20 1261175 121: the second device is Suspend state 122: The second device acts as the host role 123: The second device acts as a peripheral role 1 30: - Session Request Protocol (SRP) 140: Host Negotiation Agreement (HNP, Host) Negotiation Protocol) S201~S214: Step S301 of the authentication procedure of the Universal Serial Streaming (USB) OTG (On-The-Go) device before the role change according to the preferred embodiment of the present invention S304: Steps S401 to S412 for a USB host to wait for a USB peripheral to return a ciphertext according to a preferred embodiment of the present invention: an authentication method for a USB OTG device according to another preferred embodiment of the present invention Each step 12823twf.doc 21