TWI476629B - Data security and security systems and methods - Google Patents

Description

Data security system and method

The invention relates to a system and method for security and confidentiality, in particular to a system and method for data security and confidentiality.

Today, with the increasing use of the Internet, various information transmission and exchanges can be achieved through the Internet, and network security issues are becoming increasingly important.

At present, most of the conventional methods for encrypting and signing digital data on the market use encryption or signature software. The software clears the document to a confidential document or signature, and then stores it in the storage device. Conversely, when the confidential document is read, the encrypted software installed in the computer is first decrypted into a plaintext file and then read in the computer. Software-based encryption or signature, message authentication, user identification and other passwords are designed to be simple, while avoiding complex hardware interfaces and communication with the surrounding, but using a pure software The confidentiality scheme can never be safe, especially for the thief, which is almost completely insecure. When designing some security and confidentiality mechanisms in pure software, the key that plays a key role in the security algorithm must exist in the form of clear code and can be intercepted during certain system operation periods. Developers of some software solutions claim that their products can achieve complete security protection in encrypted form, even if the key used for data encryption and decryption is not stored in the form of clear code, as long as the software can decrypt , hackers can also do it. So the hacker has enough clues to get the key, so no matter how much software vendors boast about how well their programs are written, or emphasize what great methods they use to encrypt and keep the keys in other places, they can't change. The fact that the pure software security scheme is not secure.

Complete protection is only possible with a secure security solution. Such cognition has led some operators of complex networks to use hardware-based security products as the necessary equipment when connecting with customers. Therefore, another conventional method is to use a security device designed in hardware form.

The design of the traditional hardware security device is mainly applied to the certificate management center (CA) which needs high protection and high-speed operation, or the encryption and decryption communication server, and can also cooperate with electronic documents, e-commerce and other applications, so the traditional hard The design of the physical security device is very complicated, and it is also very inconvenient to use and manage. It requires the management and maintenance of the system security personnel, and the cost of establishment and maintenance is high. Therefore, for individual or smaller network operators, due to It cannot be used because of insufficient funds or manpower shortage.

The traditional hardware security device uses password input or IC card identity authentication. Users often forget the password or the card is lost, and the security device cannot be used. And there is no mechanism for key recovery, so that the electronic file cannot be decrypted and read because the key is lost or damaged.

It can be seen that there are still many shortcomings in the above-mentioned methods of use, which is not a good design, but needs to be improved. In view of the shortcomings derived from the above-mentioned conventional methods, the inventor of the present invention succeeded in researching and developing the "data security and confidentiality system" of this article after painstaking research and development.

The main object of the present invention is to provide a data security and confidentiality system, which can improve the security vulnerabilities in data confidentiality when using software alone as a security solution; thereby improving the security of data confidentiality.

Another object of the present invention is to provide a data security and security system and method, which have the biometric (eg, fingerprint) identification function to improve the shortcomings of previous users who need to memorize passwords or lose passwords and IC cards, so that users can use confidentiality. The system is more convenient.

Another object of the present invention is to provide a data security and security system and method having a key recovery function for improving the situation in which an electronic file cannot be decrypted and read due to loss or damage of a key.

It is yet another object of the present invention to provide a personal security system and method that is inexpensive to implement and easy to manage and maintain, allowing individual users or smaller business units to purchase and use.

A data security system for achieving the above purposes includes a data security device and an external storage device, wherein the data security device includes a communication interface module for external data transmission interface; a key distribution and recovery mode The group provides a key to be held into n secondary keys, and replies the key according to the 次m sub-key; a random number generator module provides a random number required to produce the key a signature calculus module that provides a cryptographic algorithm to encrypt, decrypt, or sign the received data; a first storage module stores the m1 credits that are being held; a control module, Connecting the modules, controlling the data flow between the modules and calling each module to operate, the control module obtains the random number from the random number generator module, and generates the random number according to the random number The key is transmitted to the key distribution and reply module, and the key is divided into n secondary keys by the key distribution and reply module. The external storage device includes a second storage module and a biometric identification module, wherein the second storage module is responsible for storing the held m2 key, and the biometric module receives the match. The pre-recorded biometric information can be used to access the m2 key; wherein n>m, m1+m2≧m, n, m, m1, and m2 are positive integers, and the m1 and m2 keys are taken. From the n secondary keys, and the control module obtains m secondary keys, that is, using the key sharing and replying module to restore the m secondary keys to the key, the control module can Use the signature calculation module to encrypt or decrypt the data. Thus, when the user needs to encrypt or sign the data, the user inserts the personal external storage device into the data security device, and the individual is added by the m1 key in the data security device. The m2 key in the second storage module of the external storage device can be restored as long as the threshold value m is reached. Encryption or signature of the data.

The system further includes an external backup device, wherein the external backup device stores the nm key, and the data security device further includes a key recovery module, and the security device uses the signature calculation module. While the data is encrypted, decrypted or signed, the key recovery module may be used to generate a key recovery information ciphertext, which is stored in the external backup device, and the control module receives the first storage mode. The m1 credit of the group and the nm key of the backup device, or the m2 key of the external storage device and the nm key of the external backup device, and m1+(nm)≦m or M2+(nm)≦m, that is, the key recovery module is used to transmit the key recovery information ciphertext to a remote key recovery server for verification, and the key recovery information ciphertext is restored by the remote key When the verification is successful, the key recovery module restores the key.

Still another object of the present invention is to provide a data security method, which includes an encryption process and a decryption process.

The encryption process: a random number generator module of a data security device generates a random number, and provides the random number to a control module of the data security device to produce a key; the control module adds the gold The key is transmitted to a key distribution and reply module of the data security device to be divided into n secondary keys; the control module stores the held m1 key in one of the data security devices. a storage module; the control module stores the divided m2 keys in a second storage module of an external storage device; the control module will be divided into nm keys, Stored in an external backup device; a signature calculus module of the data security device can perform data encryption or signature according to the key distribution and reply module to restore m secondary keys to the key; The decryption process: the control module receives the total of m sub-keys from the first storage module m1 key and the second storage module m2 key, and transmits the key to the key Minute Holding and replying module; the key distribution and reply module replies to the key according to the m secondary keys; the signature calculation module recovers m secondary keys according to the key distribution and reply module The key can be decrypted or signed; wherein n>m, m1+m2=m, n, m, m1, and m2 are all positive integers, and the m1 and m2 keys are taken from the n times. Key.

The control module of the data security method transmits the key to the key distribution and recovery module to divide into n sub-keys, and further includes the control module being divided. The nm key is stored in an external backup device, and a key recovery information ciphertext is stored in the external backup device.

The data security method further includes a key recovery process, and the key recovery process includes the following steps: a. when the data security device produces the ciphertext file process, the key recovery module is generated together The key restores the information ciphertext and stores the restored information ciphertext to the external backup device; b. the user selects the file to be restored through the control module, and extracts the gold from the external backup device through the control module Key recovery information; c. After the key recovery module uses the legal public key to sign and encapsulate the application information, the control module uploads the application information of the key restoration to the key recovery server; d. The key recovery server parses and verifies the application information and its signature, confirms that the user identity is correct, and determines that the application is a legitimate request, decrypts the key recovery information ciphertext, and then encapsulates the new key information. Returning to the data security security device; e. The control module parses the received new key information through the key recovery module, and extracts the new key recovery information ciphertext, and cannot solve the original ciphertext A confidential file for file update operations.

The application information of the data security method includes the above-mentioned key recovery information ciphertext, an applicant's public key, a user ID information and a digital signature, and the key recovery information ciphertext format includes: A cryptographic algorithm random key, a ciphertext attribute information, and a user ID News.

Wherein, when the key recovery server of the data security method receives the application information, the operation step is: verifying the user identity: the user ID information of the application information and the key information in the key recovery message. Whether the user ID information is consistent; 2. Verify the digital signature: from the user ID information in the application information, find the corresponding certificate, and check the digital signature; 3. Recovery key: from the The key recovery information ciphertext is extracted from the application information, and then the call signature calculation module uses the private key of the key recovery server to unlock the key recovery ciphertext, and then uses the user in the application information. Public key, the encryption algorithm random key encryption is made into a new key encryption key information, and then the new information is transmitted back to the user end, and the user end uses the new information to the original The file that cannot be decrypted is updated with the key encryption key portion, that is, the job of completing the key recovery.

Referring to FIG. 1, it is an architectural diagram of the data security system of the present invention. The implementation manners of the included modules are respectively described as follows: a data security security device 1, comprising: a control module 11, which is responsible for processing

(1) The call communication interface module 12 receives and transmits data; (2) the call signature calculation module 16 performs security security operations including RSA, Triple DES, RC6, ECC, Diffie-Hellman, DSA, SHA-1, and prime number generation. The calculation result is sent to the control module 11 via the communication interface module 12 to the key restoration server 20 and the data source terminal 2; (3) managing the system memory; (4) The call random number generator module 14 generates a random number, and transmits the random number to the control module 11 to produce a key; (5) the call key distribution and recovery module 13 shares the number The key is n times the key; (6) processing the completed key data process and calling the first storage module 18 of the data security system, the second storage module 150 of the external storage device, and a The external backup device 19 stores m1 copies, m2 copies, and nm sub-keys, where n>m, m1+m2≧m, n, m, m1, and m2 are positive integers; wherein, the communication interface module 12: The communication interface adopts a USB transmission interface, which provides a user with quick and convenient use, and the accessed data is sent to the control module 11 to call the signature calculation module 16 to perform a security and confidential operation. Key distribution and reply module 13: After the control module 11 produces the key, the key is held by the key and the key component of the recovery module is n key, and a threshold m is set, and n >m, n, m are all positive integers; when the recovery key operation is performed, the control module stores the m2 key in the second storage module 150 of the external storage device and the first storage module 18 Adding the m1 key, or adding the m2 key to the nm key in the external backup device 19, or the m1 key plus the nm key, any of the above conditions When the threshold value m is reached, the key distribution and recovery module 13 can successfully recover the key; the random number generator module 14 provides the Random Noise of the White Noise-based hardware RNG and generates the Random number by the Johnson Noise phenomenon. The speed reaches 20,000 bits per second, does not require seed digits, and is compatible with the TTL I/O signal. The generated random number is transmitted to the control module 11 to generate the key, and then the key is transmitted to the key point. The holding and replying module 13 performs key sharing.

The second storage module 150 of the external storage device is responsible for storing the retained m2 key. When the external storage device is used, the user biometric (eg, fingerprint) is successfully matched to obtain the access m2. The key privilege can effectively protect the stored secondary key from being stolen.

The key recovery module 17: when the data security system creates the ciphertext file and encrypts the encryption key with the user's RSA public key, the key recovery module 17 simultaneously creates the key recovery information ciphertext. The key recovery ciphertext is stored in a second storage module 150 of the external backup device. The ciphertext file format completed by the data security system is:

The format of the key recovery information ciphertext is:

When the secondary key stored in the first storage module 18 or the second storage module 150 of the external storage device is lost or damaged, and after the external backup device is enabled, the control module determines to receive the first storage. The m1 credit of the module and the nm key of the external backup device, or the second storage module m2 key of the external storage device and the nm key of the external backup device, If the threshold value is not reached, and the key recovery operation cannot be performed to encrypt, decrypt, or sign the data, the authentication of the server 20 is restored by the key recovery server, and the key recovery server can perform the key recovery operation. To solve the problem that important files cannot be decrypted when the key is lost.

2 is a flowchart of a key recovery operation. After the user reads the key recovery information of the secret document through the control module (step 21), the control module further encapsulates the application information through the key recovery module. And the signature, and then uploading the application information to the server of the recovery module to perform authentication and authorization (step 22), wherein the format of the application information is as follows:

If the assembly upload is successful (step 23), the step (step 24) is performed, otherwise an error message is prompted and execution is terminated (step 23').

The key recovery server first parses the application information, and finds the relative credentials according to the user ID information therein to verify the correctness of the digital signature (step 24). If the signature is correct (step 25), proceed to step 26, otherwise return an error message and end (step 25'). Secondly, the key recovery ciphertext is taken out from the key, and the signature calculus module is called, and each key recovery ciphertext is solved by using the private key of the key recovery server (step 26), and then compared. Whether the user ID in the application information is consistent with the user ID in the restoration information to determine that the application is legal (step 27). If the application is legal (step 27), proceed to step 28, otherwise return an error message and end (step 25) '). And re-creating the encryption algorithm random key by using the user public key in the application information to become a new key encryption key information, and then transmitting it back to the data security system (step 28).

After the control module parses and retrieves the new key encryption key information, the control module sequentially updates the key encryption key portion of the file that cannot be decrypted, so that the key recovery operation is completed ( Step 29).

An example of the operation flow of the data security system and method of the present invention is as follows: The initial use of the data security device requires initialization, and the process is as shown in FIG. First, the initial state (step 31) is started, and then the control module of the data security device calls the random number generator module to generate a random number, and transmits the random number to the control module production key ( Step 32), the control module transmits the key to a key distribution and recovery module of the data security device to be divided into n secondary key distribution keys (step 33), and completes the secondary gold of the separation. The key stores the m1 key separately The first storage module of the data security system, the m2 key in the second storage module of the external storage device (step 34) and the nm key in an external backup device are stored The initialization setting is completed (step 35).

After the initial setting is completed, the encryption and decryption or signature function can be used. The flow is shown in Figure 4. Firstly, the encryption and signature function of the signature calculation module is started (step 41), and then inserted into the external storage device (step 42), the biometric identification module of the external storage device is used to verify the user biometrics (eg, : fingerprint) correctness (step 43), after the verification is passed, the control module can read the secondary key stored by the second storage module of the external storage device (step 44), and then check the first storage module. Whether the number of good keys plus the number of good keys in the external storage device reaches the threshold value (step 45), if the threshold is reached, the control module calls the key distribution and reply module to perform key reply. (Step 46), if the key is successfully restored, the control module can call the signature calculation module to perform encryption and decryption or signature operation (step 47), and complete the encryption, decryption or signature function.

The invention provides a novel data security and security system architecture and method. When compared with other conventional technologies, the invention has the following features and functions: (1) using an external storage device with a biometric feature to store and hold the storage. The secondary key is compared with the way that the password is generally stored in the personal computer, and the security is greatly improved. Compared with the traditional security device, the security officer needs to use the IC card authentication or the password input method to avoid the user forgetting the password. Or the IC card is lost, and the convenience is improved a lot; (2) using the key sharing method to store the key, the external storage device and the secondary key in the data security device are correct to recover the key, and the key is greatly reduced. (3) Double key damage protection mechanism, when the secondary key of the shared backup is partially damaged, if the secondary key in the external backup device is still greater than the threshold, the key recovery mechanism can be adopted. Respond to the key, if the sub-key is better than the threshold, the key recovery mechanism can be used to repair the key, which is important to reduce the loss or damage of the key. Unable to decrypt case scenario; (4) The key is stored in the external storage device and does not need to use the IC card, and the traditional security device needs to be designed to prevent the key from being stolen and compared with the IC card reading and writing module. The data security system structure of the case is greatly simplified. The cost and price can also be reduced; (5) using hardware encryption, compared with the software encryption method, can enhance the confidentiality and security; (6) compared with the traditional security device, the architecture is greatly simplified, small size Easy to store and carry, meet the needs of data security and portability in digital life, very suitable for personal data security protection; (7) can be applied to data encryption for multiple people, such as contract or shareholder business secrets, It is also suitable for small network business units to divide the above m2 keys into equal shares. (8) The present invention uses an advanced external storage device, and the stored secondary key passes through the external storage. Encryption of the biometric features (such as fingerprints) of the device, except for the biometric owner, cannot be opened by others, providing security protection for the stored secondary key, thereby preventing important data from being Dense risk of theft.

The above description is a practical example of the invention, and other equivalent implementations or modifications without departing from the spirit of the invention are included in the scope of the patent.

The invention is innovative in technology, and has many functions that are incomparable with the traditional methods, and has met the progressive and novel invention patent requirements, and you are requested to approve the invention patent application.

1‧‧‧ data security device

2‧‧‧Source

11‧‧‧Control module

12‧‧‧Communication interface module

13‧‧‧Key Sharing and Reply Module

14‧‧‧ random number generator module

15‧‧‧External storage device

150‧‧‧Second storage module for external storage

151‧‧‧Biometric Identification Module for External Storage Devices

16‧‧‧Signature Calculation Module

17‧‧‧Key Recovery Module

18‧‧‧First storage module

19‧‧‧External backup device

20‧‧‧Key Recovery Server

21‧‧‧Read key recovery information for secret documents

22‧‧‧Assembly application information, signature; upload to key recovery server

23‧‧‧Assembly upload successfully judged

23’‧‧‧Prompt error message, terminate execution

24‧‧‧Key recovery server parsing, verification signature

25‧‧‧ Signature judgment

25’‧‧‧Return the error message and end

26‧‧‧ Call signing calculus module decryption; check the legality of the application

27‧‧‧ Apply for legal judgment

28‧‧‧Encryption, package return

29‧‧‧Remove the new key encryption key information; update to the secret document; end

31‧‧‧ initial state

32‧‧‧Production Key

33‧‧‧share key

34‧‧‧Store the shared key to the second storage module of the external storage device

35‧‧‧Complete initial setting

41‧‧‧Enable encryption or signature function

42‧‧‧Insert external storage device

43‧‧‧Verify fingerprint correctness

44‧‧‧Read the key of the share

45‧‧‧The key number of the key reached the threshold value

46‧‧‧Key Reply

47‧‧‧Encryption or signature

48‧‧‧Complete the encryption, decryption or signature function

Figure 1 is a data security security system architecture diagram; Figure 2 is a key recovery operation flow chart; Figure 3 is a data security system initialization flow chart; Figure 4 is a data security system using encryption, decryption or signature function flow chart.

1‧‧‧ data security device

2‧‧‧Source

11‧‧‧Control module

12‧‧‧Communication interface module

13‧‧‧Key Sharing and Reply Module

14‧‧‧ random number generator module

15‧‧‧External storage device

150‧‧‧Second storage module for external storage

151‧‧‧Biometric Identification Module for External Storage Devices

16‧‧‧Signature Calculation Module

17‧‧‧Key Recovery Module

18‧‧‧First storage module

19‧‧‧External backup device

20‧‧‧Key Recovery Server

Claims (7)

A data security system includes: a data security device, comprising: a communication interface module for external data transmission interface; a key distribution and recovery module, providing a key to be held into n a secondary key, and replying to the key according to the 次m sub-key; a random number generator module providing a random number required to produce the key; a signature calculus module providing a cryptographic algorithm Encryption or signature of the data; a first storage module stores the m1 key after being divided; a control module connects the modules and controls the data flow between the modules And calling each module to operate, the control module obtains the random number from the random number generator module, and generates the key according to the random number, and then transmits the key to the key distribution and Responding to the module, and dividing the key into n sub-keys by the key distribution and recovery module; and an external storage device, the external storage device includes a second storage module and a biometric identification module, The second storage module is responsible for storing the retained m2 key, and the biometric The identification module receives the biometrics that meet the pre-recording before accessing the m2 key; wherein n>m, m1+m2≧m, n, m, m1, and m2 are positive integers, the m1 And the m2 key is obtained from the n secondary keys, and the control module obtains m secondary keys, that is, the m key is returned to the key by using the key sharing and replying module. The control module can use the signature calculation module to encrypt, decrypt, or sign the data. The data security system of claim 1, further comprising an external backup device, wherein the external backup device stores the nm key, and the security device further comprises a key recovery module. The security device can use the signature calculation module to encrypt, decrypt, or sign the data, and can also generate a key recovery information ciphertext by using the key recovery module, and store the information in the external backup device. The control module receives the m1 key of the first storage module and the nm key of the backup device, or receives the external storage device m2 key and the nm of the external backup device. The secondary key, and m1+(nm)≦m or m2+(nm)≦m, that is, the key recovery module is used to transmit the key recovery information ciphertext to a remote key recovery server for verification, the key When the recovery information ciphertext is successfully verified by the remote key recovery server, the key recovery module restores the key. A method for data security and confidentiality, the method comprising: an encryption process: a random number generator module of a data security device generates a random number, and provides the random number to a control module of the data security device to produce a key The control module transmits the key to a key distribution and recovery module of the data security device to be divided into n secondary keys; the control module will be divided into m1 keys and stored. a first storage module in the data security device; the control module stores the divided m2 keys in a second storage module of the external storage device; the control module is to be divided The finished nm key is stored in an external backup The device cryptographic module of the data security device can perform data encryption or signature according to the key distribution and reply module to restore the m-score key to the key; the decryption process: the control mode The group receives the total of m sub-keys from the first storage module m1 key and the second storage module m2 key, and transmits the key to the key distribution and recovery module; The key distribution and reply module replies to the key according to the m secondary keys; the signature calculation module restores the m secondary keys to the key according to the key distribution and reply module, ie Decryption or signature can be performed; wherein n>m, m1+m2=m, n, m, m1, and m2 are all positive integers, and the m1 and m2 credits are taken from the n secondary keys. For example, in the data security method of claim 3, wherein the control module passes the key to the key distribution and recovery module to be divided into n secondary keys, and may further include The control module stores the divided nm keys in an external backup device and stores a key recovery information ciphertext in the external backup device. For example, the data security method according to item 4 of the patent application scope further includes a key recovery process, and the key recovery process includes the following steps: a. when the data security device produces the ciphertext file process, The key recovery module generates a key recovery information ciphertext and stores the restored information ciphertext to the external backup device. b. The user selects the file to be restored through the control module, and transmits the control mode through the control module. Group from this The external backup device takes out the key restoration information; c. After the key recovery module uses the legal public key to perform the signature and encapsulation of the application information, the control module uploads the application information of the key restoration to the Key recovery module server key recovery server; d. The key recovery server resolves the application information and its signature, confirms that the user identity is correct and determines that the application is a legitimate request, and then performs the key recovery Decrypting the information ciphertext, and then encapsulating the new key information back to the data security device; e. The control module parses the received new key information through the key recovery module, and extracts the new key Restores the ciphertext of the information and updates the file that was previously unreadable. The data security method according to claim 5, wherein the application information includes the above-mentioned key recovery information ciphertext, an applicant's public key, a user ID information, and a digital signature. The key recovery ciphertext format includes: a cryptographic algorithm random key, a ciphertext attribute information, and a user ID information. For example, in the data security method according to claim 6, wherein the key recovery server receives the application information, and the operation step is: verifying the user identity: comparing the user ID information of the application information with Whether the user ID information in the key recovery ciphertext is consistent; verifying the digital signature: finding the corresponding vouchers from the user ID information in the application information, and checking the digital signature; Key: the key recovery information ciphertext is taken out from the application information, and then the call signature calculation module uses the key to restore the server's private key to unlock the above key recovery fund. The ciphertext, and then using the user public key in the application information, the encryption algorithm random key encryption is made into a new key encryption key information, and then the new information is transmitted back to the user end. The user end uses the new information to update the key encryption key portion of the file that could not be decrypted, that is, complete the key recovery operation.