TWI774986B - Key storage system and key storage method - Google Patents
Key storage system and key storage method Download PDFInfo
- Publication number
- TWI774986B TWI774986B TW108132366A TW108132366A TWI774986B TW I774986 B TWI774986 B TW I774986B TW 108132366 A TW108132366 A TW 108132366A TW 108132366 A TW108132366 A TW 108132366A TW I774986 B TWI774986 B TW I774986B
- Authority
- TW
- Taiwan
- Prior art keywords
- key
- accelerator
- processor
- key storage
- access
- Prior art date
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/30—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
- H04L9/3006—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy underlying computational problems or public-key parameters
- H04L9/302—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy underlying computational problems or public-key parameters involving the integer factorization problem, e.g. RSA or quadratic sieve [QS] schemes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0618—Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
- H04L9/0631—Substitution permutation network [SPN], i.e. cipher composed of a number of stages or rounds each involving linear and nonlinear transformations, e.g. AES algorithms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0643—Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0894—Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/30—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
- H04L9/3066—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves
Abstract
Description
本揭露是關於一種儲存系統及儲存方法,特別是關於一種金鑰儲存系統及金鑰儲存方法。The present disclosure relates to a storage system and a storage method, and more particularly, to a key storage system and a key storage method.
一般而言,智慧金鑰儲存中心(Intelligent Key Storage Center, IKSC)的自動化管理金鑰機制,可以讓使用者輕鬆儲存金鑰、使用金鑰以及清除金鑰。但在加解密加速器執行運算時,若有修改金鑰之情形,而同一時間使用者仍可讀取金鑰內容,此種方式可能會導致使用者以為金鑰已被汙染、攻擊,甚至誤用已被修改的金鑰當作原本的金鑰,使得其後續運算出錯。修改金鑰時的保護方式例如為,RSA旁道攻擊保護(side-channel attack protection),此演算法會做金鑰的混淆(key/exponent blinding)來防止攻擊。Generally speaking, the automated key management mechanism of an Intelligent Key Storage Center (IKSC) allows users to easily store, use, and clear keys. However, when the encryption/decryption accelerator performs operations, if the key is modified, and the user can still read the key content at the same time, this method may lead the user to think that the key has been contaminated, attacked, or even misused the key. The modified key is regarded as the original key, which makes the subsequent operation error. The protection method when modifying the key is, for example, RSA side-channel attack protection. This algorithm will perform key/exponent blinding to prevent attacks.
然而,此演算法是將私鑰進行數值混淆以避開第三人的攻擊,使用者亦可能誤拿到被混淆後的金鑰當作原本的金鑰使得其後續運算出錯。因此,如何在修改金鑰的同時,避免使用者對金鑰誤認或誤用,以成為本領域待解決的問題之一。However, in this algorithm, the private key is numerically obfuscated to avoid third-party attacks, and the user may mistakenly obtain the obfuscated key as the original key, causing errors in subsequent operations. Therefore, how to avoid misidentification or misuse of the key by the user while modifying the key has become one of the problems to be solved in the art.
為了解決上述的問題,本揭露內容之一態樣提供了一種金鑰儲存系統,金鑰儲存系統包含一金鑰加解密加速器以及一金鑰儲存裝置。一金鑰加解密加速器包含一第一加速器。第一加速器用以發送至少一特定指令。一金鑰儲存裝置包含一第一金鑰儲存器、一仲裁器以及一核心。第一金鑰儲存器用以儲存一第一金鑰。仲裁器用以接收並判斷此至少一特定指令的一發送端。核心用以判斷此至少一特定指令對應到第一金鑰儲存器。其中,當第一加速器欲讀取第一金鑰以進行修改第一金鑰的一特定運算時,第一加速器傳送至少一特定指令到該仲裁器,至少一特定指令包含對應於第一金鑰的一阻擋存取訊號及一第一金鑰編號訊號。In order to solve the above problems, one aspect of the present disclosure provides a key storage system. The key storage system includes a key encryption/decryption accelerator and a key storage device. A key encryption/decryption accelerator includes a first accelerator. The first accelerator is used for sending at least one specific instruction. A key storage device includes a first key storage, an arbiter and a core. The first key storage is used for storing a first key. The arbiter is used for receiving and judging a sender of the at least one specific command. The core is used for determining that the at least one specific command corresponds to the first key storage. Wherein, when the first accelerator wants to read the first key to perform a specific operation of modifying the first key, the first accelerator transmits at least one specific instruction to the arbiter, and the at least one specific instruction includes the corresponding first key a blocking access signal and a first key number signal.
本發明之另一態樣係於提供一種金鑰儲存方法,包含:藉由一金鑰儲存裝置中的一第一金鑰儲存器儲存一第一金鑰;藉由一金鑰加解密加速器發送至少一特定指令;以及藉由金鑰儲存裝置判斷此至少一特定指令對應到的第一金鑰儲存器。其中,當金鑰加解密加速器欲讀取第一金鑰,以進行修改第一金鑰的一特定運算時,第一加速器傳送此至少一特定指令到金鑰儲存裝置,此至少一特定指令包含對應於第一金鑰的一阻擋存取訊號及一第一金鑰編號訊號。Another aspect of the present invention is to provide a key storage method, comprising: storing a first key by a first key storage in a key storage device; sending a key by a key encryption/decryption accelerator at least one specific command; and determining the first key storage corresponding to the at least one specific command by the key storage device. Wherein, when the key encryption/decryption accelerator wants to read the first key to perform a specific operation of modifying the first key, the first accelerator transmits the at least one specific instruction to the key storage device, and the at least one specific instruction includes A blocking access signal and a first key number signal corresponding to the first key.
藉由本案所述之金鑰儲存系統及金鑰儲存方法,在加速器欲進行涉及修改金鑰的情況下,加速器傳送特定指令到金鑰儲存裝置,特定指令用以指示金鑰儲存裝置阻擋處理器對金鑰進行存取,藉此避免處理器讀取到被修改過的金鑰的可能性,所產生的錯誤運算。With the key storage system and key storage method described in this case, when the accelerator is about to modify the key, the accelerator transmits a specific instruction to the key storage device, and the specific instruction is used to instruct the key storage device to block the processor. Access to the key, thereby avoiding the possibility of the processor reading the modified key, resulting in erroneous operations.
以下說明係為完成發明的較佳實現方式,其目的在於描述本發明的基本精神,但並不用以限定本發明。實際的發明內容必須參考之後的權利要求範圍。The following descriptions are preferred implementations for completing the invention, and are intended to describe the basic spirit of the invention, but are not intended to limit the invention. Reference must be made to the scope of the following claims for the actual inventive content.
必須了解的是,使用於本說明書中的”包含”、”包括”等詞,係用以表示存在特定的技術特徵、數值、方法步驟、作業處理、元件以及/或組件,但並不排除可加上更多的技術特徵、數值、方法步驟、作業處理、元件、組件,或以上的任意組合。It must be understood that words such as "comprising" and "including" used in this specification are used to indicate the existence of specific technical features, values, method steps, operation processes, elements and/or components, but do not exclude possible Plus more technical features, values, method steps, job processes, elements, components, or any combination of the above.
於請求項中使用如”第一”、"第二"、"第三"等詞係用來修飾權利要求中的元件,並非用來表示之間具有優先權順序,先行關係,或者是一個元件先於另一個元件,或者是執行方法步驟時的時間先後順序,僅用來區別具有相同名字的元件。The use of words such as "first", "second", "third", etc. in the claim is used to modify the elements in the claim, and is not used to indicate that there is a priority order, antecedent relationship, or an element Prior to another element, or chronological order in which method steps are performed, is only used to distinguish elements with the same name.
請參照第1A~1B、2圖,第1A圖係依照本發明一實施例繪示金鑰儲存系統100之方塊圖。第1B圖係依照本發明一實施例繪示金鑰儲存系統150之方塊圖。第2圖係根據本發明之一實施例繪示一種金鑰儲存方法200之流程圖。Please refer to FIGS. 1A-1B and 2. FIG. 1A is a block diagram illustrating a
於一實施例中,金鑰儲存系統100可以由電路實現於一晶片上。於一實施例中,金鑰儲存系統100可以是晶片上的一個模組。於第1A圖中,金鑰儲存系統100包含一金鑰加解密加速器10及一金鑰儲存裝置20。In one embodiment, the
於一實施例中,金鑰加解密加速器10中包含一進階加密標準(Advanced Encryption Standard,AES)加速器12、一雜湊訊息認證碼(Hash Message Authentication Code,HMAC)加速器14、一橢圓曲線密碼學(Elliptic Curve Cryptography, ECC)加速器16及/或一RSA(由發明者Rivest、Shmir和Adleman姓氏首字母縮寫而來)加速器18。In one embodiment, the key encryption/
其中,AES加密演算法是美國聯邦政府採用的一種區段加密標準,AES加速器12用硬體電路實作此演算法,故可加速運算。Among them, the AES encryption algorithm is a segment encryption standard adopted by the federal government of the United States. The AES accelerator 12 implements this algorithm with a hardware circuit, so it can accelerate the operation.
其中,HMAC加密演算法是含有金鑰雜湊函式演算法,基於雜湊函式的訊息認證碼,它需要一個加密用雜湊函式(例如是MD5或者SHA-1)和一個金鑰以計算訊息認證碼,並在此基礎上加上了金鑰,HMAC加速器14用硬體電路實作此演算法,故可加速運算。Among them, the HMAC encryption algorithm is a hash function algorithm with a key, a message authentication code based on a hash function, which requires an encryption hash function (such as MD5 or SHA-1) and a key to calculate the message authentication code The
其中,ECC加密演算法是一種基於橢圓曲線數學的公開密鑰加密演算法,ECC加速器16用硬體電路實作此演算法,故可加速運算。Among them, the ECC encryption algorithm is a public key encryption algorithm based on elliptic curve mathematics. The
其中,RSA加密演算法是一種非對稱加密演算法,在公開金鑰加密和電子商業中被廣泛使用,RSA加速器18用硬體電路實作此演算法,故可加速運算。Among them, the RSA encryption algorithm is an asymmetric encryption algorithm, which is widely used in public key encryption and electronic commerce. The
於一實施例中,金鑰儲存裝置20可以是晶片中的一模組,以電路實現。於一實施例中,金鑰儲存裝置20包含一或多個金鑰儲存器S1~Sn、一仲裁器22及一核心24。In one embodiment, the
於一實施例中,金鑰儲存裝置20可由電路實現。於一實施例中,可被實作為唯讀記憶體、快閃記憶體、軟碟、硬碟、光碟、隨身碟、磁帶、可由網路存取之資料庫或熟悉此技藝者可輕易思及具有相同功能之儲存媒體。In one embodiment, the
於一實施例中,金鑰儲存裝置20中的金鑰儲存器S1用以儲存金鑰K1。In one embodiment, the key storage S1 in the
於一實施例中,金鑰儲存裝置20中包含多個金鑰儲存器S1~Sn用以分別儲存金鑰K1~Kn。例如金鑰儲存裝置20中包含金鑰儲存器S1以儲存金鑰K1、金鑰儲存器S2以儲存金鑰K2、金鑰儲存器S3以儲存金鑰K3及/或金鑰儲存器Sn以儲存金鑰Kn。於一實施例中,金鑰K1~Kn可以各別由相同或不同的對稱式加密演算法或非對稱式加密演算法以產生。對稱式加密演算法或非對稱式加密演算法可以採用現有的演算法,故此處不贅述之。In one embodiment, the
於一實施例中,金鑰K1~Kn可以在晶片出廠前預先寫入金鑰儲存系統100中。In one embodiment, the keys K1 to Kn can be pre-written into the
於一實施例中,仲裁器22用以接收並判斷至少一特定指令的一發送端。In one embodiment, the
於一實施例中,仲裁器22判斷特定指令的發送端為AES加速器12、HMAC加速器14、ECC加速器16及/或RSA加速器18之其中一者。例如,仲裁器22判斷特定指令的發送端為RSA加速器18。In one embodiment, the
於一實施例中,AES加速器12、HMAC加速器14、ECC加速器16及RSA加速器18彼此之間不能讀取彼此對應的金鑰。例如,假設RSA加速器18對應到金鑰K1,則AES加速器12、HMAC加速器14及ECC加速器16無法對金鑰K1進行存取。In one embodiment, the AES accelerator 12 , the
於一實施例中,核心24用以判斷至少一特定指令對應到的金鑰儲存器(例如金鑰儲存器S1)。In one embodiment, the
於一實施例中,AES加速器12、HMAC加速器14、ECC加速器16及RSA加速器18可以存取對各自對應的金鑰,以進行特定運算。In one embodiment, the AES accelerator 12, the
特定運算例如為,但不限於,RSA旁道攻擊保護(side-channel attack protection) 演算法,此RSA旁道攻擊保護演算法會做金鑰的混淆(key/exponent blinding)來防止攻擊。The specific operation is, for example, but not limited to, the RSA side-channel attack protection algorithm. The RSA side-channel attack protection algorithm performs key/exponent blinding to prevent attacks.
於一實施例中,當RSA加速器18將金鑰K1代入RSA旁道攻擊保護演算法時,此過程中,RSA加速器18會將金鑰K1經由運算後偽裝成混淆金鑰K1’,避免在後續的其他運算或傳送程序中讓第三方拿到真正的金鑰K1;然而,若此時處理器30(如第1B圖所示)存取金鑰儲存器S1,則會讀取到混淆金鑰K1’,導致處理器30後續運算錯誤。In one embodiment, when the
為了避免此問題,在RSA加速器18欲進行特定運算(涉及修改金鑰K1為混淆金鑰K1’的運算)的情況下,RSA加速器18傳送至少一特定指令到金鑰儲存裝置20,此至少一特定指令包含一阻擋存取訊號(例如訊號Block_cpu_read)及一金鑰編號訊號(例如對應金鑰K1的金鑰編號訊號可表示為Block_key_num==K1)。其中,阻擋存取訊號Block_cpu_read用以指示金鑰儲存裝置20阻擋處理器30對金鑰K1進行存取,藉此避免處理器30讀取到混淆金鑰K1’ 的可能性(在特定運算的過程中,金鑰K1被修改成混淆金鑰K1’),所產生的錯誤運算。In order to avoid this problem, when the
於一實施例中,金鑰加解密加速器10及金鑰儲存裝置20之間可建立電路,以傳送邊帶(sideband)訊號,藉由邊帶訊號以傳送特定指令。以下為更具體的描述細節。In one embodiment, a circuit can be established between the key encryption/
於一實施例中,當RSA加速器18欲讀取金鑰K1以進行修改此金鑰K1的一特定運算時,此RSA加速器18傳送至少一特定指令到仲裁器22,至少一特定指令包含對應於金鑰(例如金鑰K1)的阻擋存取訊號(例如訊號Block_cpu_read)及金鑰編號訊號(例如對應金鑰K1的金鑰編號訊號可表示為Block_key_num==K1)。In one embodiment, when the
於一實施例中,當AES加速器12欲讀取金鑰K2以進行修改此金鑰K2的特定運算時,此AES加速器12傳送至少一特定指令到仲裁器22,至少一特定指令包含對應於金鑰K2的阻擋存取訊號(例如訊號Block_cpu_read)及金鑰編號訊號(例如對應金鑰K2的金鑰編號訊號可表示為Block_key_num==K2)。In one embodiment, when the AES accelerator 12 wants to read the key K2 to perform a specific operation of modifying the key K2, the AES accelerator 12 transmits at least one specific command to the
於一實施例中,當HMAC加速器14欲讀取金鑰K3以進行修改此金鑰K3的特定運算時,此HMAC加速器14傳送至少一特定指令到仲裁器22,至少一特定指令包含對應於金鑰K3的阻擋存取訊號(例如訊號Block_cpu_read)及金鑰編號訊號(例如對應金鑰K3的金鑰編號訊號可表示為Block_key_num==K3)。In one embodiment, when the
於一實施例中,當ECC加速器16欲讀取金鑰Kn以進行修改此金鑰Kn的特定運算時,此ECC加速器16傳送至少一特定指令到仲裁器22,至少一特定指令包含對應於金鑰Kn的一阻擋存取訊號(例如訊號Block_cpu_read)及金鑰編號訊號(例如對應金鑰Kn的金鑰編號訊號可表示為Block_key_num==Kn)。In one embodiment, when the
請參閱第1B圖,第1B圖中的處理器30可以被實施為微控制單元(microcontroller)、微處理器(microprocessor)、數位訊號處理器(digital signal processor)、特殊應用積體電路(application specific integrated circuit,ASIC)或一邏輯電路。Please refer to FIG. 1B, the
於一實施例中,處理器30用以存取金鑰儲存裝置20中的金鑰K1~Kn之其中至少之一者。In one embodiment, the
於一實施例中,處理器30可以存取金鑰K1~Kn的任一者,例如,處理器30發送金鑰K1的請求存取訊號Read_K1到仲裁器22,仲裁器22得知請求存取訊號Read_K1來自處理器30後,通知核心24將金鑰K1從金鑰儲存器S1中讀出,並傳送到處理器30。In one embodiment, the
於一實施例中,當RSA加速器18欲讀取金鑰K1以進行修改此金鑰K1的一特定運算時,此RSA加速器18傳送對應於金鑰K1的阻擋存取訊號Block_cpu_read及金鑰編號訊號Block_key_num==K1到仲裁器22,代表阻擋金鑰K1被處理器30存取。In one embodiment, when the
換言之,當處理器30欲存取的金鑰K1~Kn之其中至少之一者(例如為金鑰K1)的一當前金鑰編號訊號(例如為Block_key_num==K1)與對應於金鑰的金鑰編號訊號(例如為Block_key_num==K1)相同,且金鑰儲存裝置20已事先收到對應於金鑰K1的阻擋存取訊號Block_cpu_read及金鑰編號訊號Block_key_num==K1時,處理器30接收一存取失敗訊號Read_Fail。In other words, when the
於一實施例中,當加速器(例如RSA加速器18)欲讀取金鑰(例如為金鑰K1)以進行修改金鑰K1的特定運算時,RSA加速器18傳送的阻擋存取訊號號Block_cpu_read包含一第一標識(例如為1),當加速器(例如RSA加速器18)完成特定運算並復原金鑰K1時, RSA加速器18傳送的阻擋存取訊號Block_cpu_read包含一第二標識(例如為0)。In one embodiment, when the accelerator (eg, the RSA accelerator 18 ) wants to read the key (eg, the key K1 ) to perform a specific operation of modifying the key K1 , the block access signal Block_cpu_read transmitted by the
更具體而言,當第一標識為1時,代表當金鑰儲存裝置20判斷處理器30欲存取金鑰(例如為金鑰K1)時,金鑰儲存裝置20的核心24將阻擋存取訊號號Block_cpu_read傳送至仲裁器22,仲裁器22將阻擋存取訊號號Block_cpu_read傳送至處理器30,包含第一標識的阻擋存取訊號Block_cpu_read用以阻擋處理器30存取金鑰(例如為金鑰K1);當第二標識為0時,代表當金鑰儲存裝置20判斷處理器30欲存取金鑰(例如為金鑰K1)時,金鑰儲存裝置20的核心24將阻擋存取訊號Block_cpu_read傳送至仲裁器22,仲裁器22將阻擋存取訊號Block_cpu_read傳送到處理器30,包含第二標識的阻擋存取訊號Block_cpu_read 不阻擋處理器30存取金鑰(例如為金鑰K1)。More specifically, when the first identifier is 1, it means that when the
於一實施例中,如第1B圖所示,RSA加速器18在任何時間都可以傳送請求存取訊號Read_K1,此請求存取訊號Read_K1代表RSA加速器18欲存取讀取金鑰K1,金鑰儲存裝置20回傳一允許存取訊號Read_Ok給RSA加速器18,允許存取訊號Read_Ok代表接著將金鑰K1傳送給RSA加速器18。In one embodiment, as shown in FIG. 1B , the
於一實施例中,如第1B圖所示,處理器30用以存取金鑰儲存裝置20中的多個金鑰K1~Kn之其中至少之一者(例如為金鑰K1),當對應於處理器30欲存取的此些金鑰K1~Kn之其中至少之一者(例如為金鑰K1)的一當前金鑰編號訊號(例如為Block_key_num==K1)與對應於金鑰K1的第一金鑰編號訊號(例如為Block_key_num==K1)相同,且金鑰儲存裝置20已事先收到對應於金鑰K1的阻擋存取訊號Block_cpu_read包含一第一標識(例如為1)時,代表加速器(例如為RSA加速器18)已將修改後的混淆金鑰K1’,金鑰儲存裝置20的核心24將一存取失敗訊號Read_Fail傳送至仲裁器22,仲裁器22將存取失敗訊號Read_Fail傳送到處理器30,使處理器30無法存取金鑰K1,避免處理器30誤取到混淆金鑰K1’,而導致處理器30運算錯誤。In one embodiment, as shown in FIG. 1B , the
於一實施例中,當對應於處理器30欲存取的此些金鑰之其中至少之一者(例如為金鑰K1)的一當前金鑰編號訊號(例如為Block_key_num==K1)與對應於金鑰K1的第一金鑰編號訊號(例如為Block_key_num==K1)相同,且金鑰儲存裝置20已事先收到對應於金鑰K1的阻擋存取訊號Block_cpu_read包含第二標識(例如為0)時,代表加速器(例如為RSA加速器18)已將修改後的混淆金鑰K1’再度改回原本的金鑰K1(例如RSA加速器18已經完成需要混淆金鑰K1’的運算),不會影響處理器30的後續運算,因此,金鑰儲存裝置20的核心24將允許存取訊號Read_Ok傳送至仲裁器22,仲裁器22將允許存取訊號Read_Ok傳送到處理器30,允許存取訊號Read_Ok代表允許處理器20存取金鑰K1。In one embodiment, when a current key number signal (eg Block_key_num==K1 ) corresponding to at least one of the keys (eg, key K1 ) to be accessed by the
請參照第2圖,於步驟210中,藉由一金鑰儲存裝置20中的一第一金鑰儲存器儲存一第一金鑰。於步驟220中,藉由金鑰儲存裝置20判斷至少一特定指令對應到的第一金鑰儲存器,一第一加速器判斷是否欲改寫第一金鑰儲存器中的第一金鑰,以進行修改第一金鑰的一特定運算;若第一加速器判斷欲改寫第一金鑰儲存器中的第一金鑰,則傳送至少一特定指令到金鑰儲存裝置20,並進入步驟230;若第一加速器判斷不需改寫第一金鑰儲存器中的第一金鑰,則進入於步驟235。於步驟235中,藉由處理器30或第一加速器傳送一讀取請求,用以請求讀取第一金鑰。於步驟240中,藉由金鑰儲存裝置20回傳允許存取訊號。於步驟230中,藉由金鑰儲存裝置20判斷讀取請求是否來自允許存取第一金鑰的第一加速器,在此步驟中,金鑰儲存裝置20亦可以判斷讀取請求來自處理器30或何者加速器;若金鑰儲存裝置20判斷讀取請求來自處理器30,則進入步驟250;若金鑰儲存裝置20判斷讀取請求來自允許存取第一金鑰的第一加速器,則進入步驟240。於步驟250中,藉由金鑰儲存裝置20回傳存取失敗訊號。Referring to FIG. 2 , in
藉由本案所述之金鑰儲存系統及金鑰儲存方法,在加速器欲進行涉及修改金鑰的情況下,加速器傳送特定指令到金鑰儲存裝置,特定指令用以指示金鑰儲存裝置阻擋處理器對金鑰進行存取,藉此避免處理器讀取到被修改過的金鑰的可能性,所產生的錯誤運算。With the key storage system and key storage method described in this case, when the accelerator is about to modify the key, the accelerator transmits a specific instruction to the key storage device, and the specific instruction is used to instruct the key storage device to block the processor. Access to the key, thereby avoiding the possibility of the processor reading the modified key, resulting in erroneous operations.
雖然本案已以實施例揭露如上,然其並非用以限定本案,任何熟習此技藝者,在不脫離本案之精神和範圍內,當可作各種之更動與潤飾,因此本案之保護範圍當視後附之申請專利範圍所界定者為準。Although this case has been disclosed above with examples, it is not intended to limit this case. Anyone who is familiar with this technique can make various changes and modifications without departing from the spirit and scope of this case. Therefore, the scope of protection in this case should be regarded as The scope of the attached patent application shall prevail.
100、150:金鑰儲存系統
10:金鑰加解密加速器
20:金鑰儲存裝置
30:處理器
S1~Sn:金鑰儲存器
K1~Kn:金鑰
22:仲裁器
24:核心
Block_cpu_read:阻擋存取訊號
Block_key_num:金鑰編號訊號
200:金鑰儲存方法
210~250:步驟
Read_Fail:存取失敗訊號
Read_K1:請求存取訊號
Read_Ok:允許存取訊號100, 150: Key storage system
10:Key encryption and decryption accelerator
20:Key storage device
30: Processor
S1~Sn: key storage
K1~Kn: key
22: Arbiter
24: Core
Block_cpu_read: block access signal
Block_key_num: key number signal
200:
第1A圖係依照本發明一實施例繪示金鑰儲存系統之方塊圖。 第1B圖係依照本發明一實施例繪示金鑰儲存系統之方塊圖。 第2圖係根據本發明之一實施例繪示一種金鑰儲存方法之流程圖。FIG. 1A is a block diagram illustrating a key storage system according to an embodiment of the present invention. FIG. 1B is a block diagram illustrating a key storage system according to an embodiment of the present invention. FIG. 2 is a flowchart illustrating a method for storing a key according to an embodiment of the present invention.
200:金鑰儲存方法200:Key storage method
210~250:步驟210~250: Steps
Claims (9)
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
TW108132366A TWI774986B (en) | 2019-09-09 | 2019-09-09 | Key storage system and key storage method |
CN201911364960.5A CN112468299B (en) | 2019-09-09 | 2019-12-26 | Key storage system and key storage method |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
TW108132366A TWI774986B (en) | 2019-09-09 | 2019-09-09 | Key storage system and key storage method |
Publications (2)
Publication Number | Publication Date |
---|---|
TW202111581A TW202111581A (en) | 2021-03-16 |
TWI774986B true TWI774986B (en) | 2022-08-21 |
Family
ID=74807673
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
TW108132366A TWI774986B (en) | 2019-09-09 | 2019-09-09 | Key storage system and key storage method |
Country Status (2)
Country | Link |
---|---|
CN (1) | CN112468299B (en) |
TW (1) | TWI774986B (en) |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8218770B2 (en) * | 2005-09-13 | 2012-07-10 | Agere Systems Inc. | Method and apparatus for secure key management and protection |
US20160350077A1 (en) * | 2014-08-08 | 2016-12-01 | Texas Instruments Incorporated | Cryptographic Accelerator |
TWI567579B (en) * | 2010-11-30 | 2017-01-21 | 英特爾公司 | Method and apparatus for key provisioning of hardware devices |
TW201717003A (en) * | 2015-11-12 | 2017-05-16 | 英特爾公司 | Hybrid SM3 and SHA acceleration processors |
Family Cites Families (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6157721A (en) * | 1996-08-12 | 2000-12-05 | Intertrust Technologies Corp. | Systems and methods using cryptography to protect secure computing environments |
CN101741553B (en) * | 2008-11-04 | 2012-07-25 | 翊杰科技股份有限公司 | Method and system for secretly data storing and responding |
TWI444030B (en) * | 2011-06-21 | 2014-07-01 | Univ Nat Chiao Tung | Method for keys generation, member authentication and security communication in a dynamic group |
US8751804B1 (en) * | 2011-06-30 | 2014-06-10 | Decho Corporation | Controlling access to data within encrypted copies of files using salt parameters |
KR20150081022A (en) * | 2014-01-03 | 2015-07-13 | 삼성전자주식회사 | Image processing apparatus and control method thereof |
-
2019
- 2019-09-09 TW TW108132366A patent/TWI774986B/en active
- 2019-12-26 CN CN201911364960.5A patent/CN112468299B/en active Active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8218770B2 (en) * | 2005-09-13 | 2012-07-10 | Agere Systems Inc. | Method and apparatus for secure key management and protection |
TWI567579B (en) * | 2010-11-30 | 2017-01-21 | 英特爾公司 | Method and apparatus for key provisioning of hardware devices |
US20160350077A1 (en) * | 2014-08-08 | 2016-12-01 | Texas Instruments Incorporated | Cryptographic Accelerator |
TW201717003A (en) * | 2015-11-12 | 2017-05-16 | 英特爾公司 | Hybrid SM3 and SHA acceleration processors |
Also Published As
Publication number | Publication date |
---|---|
CN112468299A (en) | 2021-03-09 |
TW202111581A (en) | 2021-03-16 |
CN112468299B (en) | 2023-07-04 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US9740639B2 (en) | Map-based rapid data encryption policy compliance | |
CN109313690B (en) | Self-contained encrypted boot policy verification | |
CN111506901B (en) | Block chain-based data processing method, terminal and storage medium | |
US10284372B2 (en) | Method and system for secure management of computer applications | |
US6993648B2 (en) | Proving BIOS trust in a TCPA compliant system | |
WO2021003980A1 (en) | Blacklist sharing method and apparatus, computer device and storage medium | |
US8161285B2 (en) | Protocol-Independent remote attestation and sealing | |
WO2018086469A1 (en) | Data storage method utilized in non-volatile storage space in integrated circuit, and trusted integrated circuit | |
WO2021036086A1 (en) | Transaction data processing method, apparatus and system, and computer-readable storage medium | |
KR20040094724A (en) | Multi-token seal and unseal | |
WO2020042798A1 (en) | Cryptographic operation and working key creation method and cryptographic service platform and device | |
CN111367834A (en) | Self-encrypting driver (SED) | |
KR20200020627A (en) | SECURE BOOT METHOD OF IoT DEVICE USING AN INTEGRATED SECURITY SoC | |
CN111177709A (en) | Execution method and device of terminal trusted component and computer equipment | |
CN112733180A (en) | Data query method and device and electronic equipment | |
WO2022001944A1 (en) | Method for modifying linux kernel, and terminal device and storage medium | |
TWI774986B (en) | Key storage system and key storage method | |
CN107223322A (en) | The method, apparatus and system of signature verification | |
US20200396210A1 (en) | Data security tool | |
WO2020010831A1 (en) | Data acquisition method, data acquisition system, terminal, and diagnostic tool | |
US11811948B2 (en) | Flexible security enclave for protecting data at rest and in motion | |
US20200364376A1 (en) | Security display method and device, and security terminal | |
CN110874225A (en) | Data verification method and device, embedded equipment and storage medium | |
CN110378110A (en) | Software cryptography processing method, software verification method and device | |
EP4206966A1 (en) | Computer system for failing a secure boot in a case tampering event |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
GD4A | Issue of patent certificate for granted invention patent |