TWI774986B - Key storage system and key storage method - Google Patents

Key storage system and key storage method Download PDF

Info

Publication number
TWI774986B
TWI774986B TW108132366A TW108132366A TWI774986B TW I774986 B TWI774986 B TW I774986B TW 108132366 A TW108132366 A TW 108132366A TW 108132366 A TW108132366 A TW 108132366A TW I774986 B TWI774986 B TW I774986B
Authority
TW
Taiwan
Prior art keywords
key
accelerator
processor
key storage
access
Prior art date
Application number
TW108132366A
Other languages
Chinese (zh)
Other versions
TW202111581A (en
Inventor
陳冠華
Original Assignee
新唐科技股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 新唐科技股份有限公司 filed Critical 新唐科技股份有限公司
Priority to TW108132366A priority Critical patent/TWI774986B/en
Priority to CN201911364960.5A priority patent/CN112468299B/en
Publication of TW202111581A publication Critical patent/TW202111581A/en
Application granted granted Critical
Publication of TWI774986B publication Critical patent/TWI774986B/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3006Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy underlying computational problems or public-key parameters
    • H04L9/302Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy underlying computational problems or public-key parameters involving the integer factorization problem, e.g. RSA or quadratic sieve [QS] schemes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0618Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
    • H04L9/0631Substitution permutation network [SPN], i.e. cipher composed of a number of stages or rounds each involving linear and nonlinear transformations, e.g. AES algorithms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0643Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0894Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3066Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves

Abstract

A key storage method includes: storing a first key by a first key storage in a key storage device; transmitting at least one specific instruction by a key encryption and decryption accelerator; and determining, by the key storage device, the first key storage corresponding to the at least one specific instruction. When the key encryption and decryption accelerator wants to read the first key to perform a specific operation for modifying the first key, the first accelerator transmits the at least one specific instruction to the key storage device, and the at least one specific instruction includes a blocking access signal of the first key and a first key number signal of the first key.

Description

金鑰儲存系統及金鑰儲存方法Key storage system and key storage method

本揭露是關於一種儲存系統及儲存方法,特別是關於一種金鑰儲存系統及金鑰儲存方法。The present disclosure relates to a storage system and a storage method, and more particularly, to a key storage system and a key storage method.

一般而言,智慧金鑰儲存中心(Intelligent Key Storage Center, IKSC)的自動化管理金鑰機制,可以讓使用者輕鬆儲存金鑰、使用金鑰以及清除金鑰。但在加解密加速器執行運算時,若有修改金鑰之情形,而同一時間使用者仍可讀取金鑰內容,此種方式可能會導致使用者以為金鑰已被汙染、攻擊,甚至誤用已被修改的金鑰當作原本的金鑰,使得其後續運算出錯。修改金鑰時的保護方式例如為,RSA旁道攻擊保護(side-channel attack protection),此演算法會做金鑰的混淆(key/exponent blinding)來防止攻擊。Generally speaking, the automated key management mechanism of an Intelligent Key Storage Center (IKSC) allows users to easily store, use, and clear keys. However, when the encryption/decryption accelerator performs operations, if the key is modified, and the user can still read the key content at the same time, this method may lead the user to think that the key has been contaminated, attacked, or even misused the key. The modified key is regarded as the original key, which makes the subsequent operation error. The protection method when modifying the key is, for example, RSA side-channel attack protection. This algorithm will perform key/exponent blinding to prevent attacks.

然而,此演算法是將私鑰進行數值混淆以避開第三人的攻擊,使用者亦可能誤拿到被混淆後的金鑰當作原本的金鑰使得其後續運算出錯。因此,如何在修改金鑰的同時,避免使用者對金鑰誤認或誤用,以成為本領域待解決的問題之一。However, in this algorithm, the private key is numerically obfuscated to avoid third-party attacks, and the user may mistakenly obtain the obfuscated key as the original key, causing errors in subsequent operations. Therefore, how to avoid misidentification or misuse of the key by the user while modifying the key has become one of the problems to be solved in the art.

為了解決上述的問題,本揭露內容之一態樣提供了一種金鑰儲存系統,金鑰儲存系統包含一金鑰加解密加速器以及一金鑰儲存裝置。一金鑰加解密加速器包含一第一加速器。第一加速器用以發送至少一特定指令。一金鑰儲存裝置包含一第一金鑰儲存器、一仲裁器以及一核心。第一金鑰儲存器用以儲存一第一金鑰。仲裁器用以接收並判斷此至少一特定指令的一發送端。核心用以判斷此至少一特定指令對應到第一金鑰儲存器。其中,當第一加速器欲讀取第一金鑰以進行修改第一金鑰的一特定運算時,第一加速器傳送至少一特定指令到該仲裁器,至少一特定指令包含對應於第一金鑰的一阻擋存取訊號及一第一金鑰編號訊號。In order to solve the above problems, one aspect of the present disclosure provides a key storage system. The key storage system includes a key encryption/decryption accelerator and a key storage device. A key encryption/decryption accelerator includes a first accelerator. The first accelerator is used for sending at least one specific instruction. A key storage device includes a first key storage, an arbiter and a core. The first key storage is used for storing a first key. The arbiter is used for receiving and judging a sender of the at least one specific command. The core is used for determining that the at least one specific command corresponds to the first key storage. Wherein, when the first accelerator wants to read the first key to perform a specific operation of modifying the first key, the first accelerator transmits at least one specific instruction to the arbiter, and the at least one specific instruction includes the corresponding first key a blocking access signal and a first key number signal.

本發明之另一態樣係於提供一種金鑰儲存方法,包含:藉由一金鑰儲存裝置中的一第一金鑰儲存器儲存一第一金鑰;藉由一金鑰加解密加速器發送至少一特定指令;以及藉由金鑰儲存裝置判斷此至少一特定指令對應到的第一金鑰儲存器。其中,當金鑰加解密加速器欲讀取第一金鑰,以進行修改第一金鑰的一特定運算時,第一加速器傳送此至少一特定指令到金鑰儲存裝置,此至少一特定指令包含對應於第一金鑰的一阻擋存取訊號及一第一金鑰編號訊號。Another aspect of the present invention is to provide a key storage method, comprising: storing a first key by a first key storage in a key storage device; sending a key by a key encryption/decryption accelerator at least one specific command; and determining the first key storage corresponding to the at least one specific command by the key storage device. Wherein, when the key encryption/decryption accelerator wants to read the first key to perform a specific operation of modifying the first key, the first accelerator transmits the at least one specific instruction to the key storage device, and the at least one specific instruction includes A blocking access signal and a first key number signal corresponding to the first key.

藉由本案所述之金鑰儲存系統及金鑰儲存方法,在加速器欲進行涉及修改金鑰的情況下,加速器傳送特定指令到金鑰儲存裝置,特定指令用以指示金鑰儲存裝置阻擋處理器對金鑰進行存取,藉此避免處理器讀取到被修改過的金鑰的可能性,所產生的錯誤運算。With the key storage system and key storage method described in this case, when the accelerator is about to modify the key, the accelerator transmits a specific instruction to the key storage device, and the specific instruction is used to instruct the key storage device to block the processor. Access to the key, thereby avoiding the possibility of the processor reading the modified key, resulting in erroneous operations.

以下說明係為完成發明的較佳實現方式,其目的在於描述本發明的基本精神,但並不用以限定本發明。實際的發明內容必須參考之後的權利要求範圍。The following descriptions are preferred implementations for completing the invention, and are intended to describe the basic spirit of the invention, but are not intended to limit the invention. Reference must be made to the scope of the following claims for the actual inventive content.

必須了解的是,使用於本說明書中的”包含”、”包括”等詞,係用以表示存在特定的技術特徵、數值、方法步驟、作業處理、元件以及/或組件,但並不排除可加上更多的技術特徵、數值、方法步驟、作業處理、元件、組件,或以上的任意組合。It must be understood that words such as "comprising" and "including" used in this specification are used to indicate the existence of specific technical features, values, method steps, operation processes, elements and/or components, but do not exclude possible Plus more technical features, values, method steps, job processes, elements, components, or any combination of the above.

於請求項中使用如”第一”、"第二"、"第三"等詞係用來修飾權利要求中的元件,並非用來表示之間具有優先權順序,先行關係,或者是一個元件先於另一個元件,或者是執行方法步驟時的時間先後順序,僅用來區別具有相同名字的元件。The use of words such as "first", "second", "third", etc. in the claim is used to modify the elements in the claim, and is not used to indicate that there is a priority order, antecedent relationship, or an element Prior to another element, or chronological order in which method steps are performed, is only used to distinguish elements with the same name.

請參照第1A~1B、2圖,第1A圖係依照本發明一實施例繪示金鑰儲存系統100之方塊圖。第1B圖係依照本發明一實施例繪示金鑰儲存系統150之方塊圖。第2圖係根據本發明之一實施例繪示一種金鑰儲存方法200之流程圖。Please refer to FIGS. 1A-1B and 2. FIG. 1A is a block diagram illustrating a key storage system 100 according to an embodiment of the present invention. FIG. 1B is a block diagram illustrating a key storage system 150 according to an embodiment of the present invention. FIG. 2 is a flowchart illustrating a key storage method 200 according to an embodiment of the present invention.

於一實施例中,金鑰儲存系統100可以由電路實現於一晶片上。於一實施例中,金鑰儲存系統100可以是晶片上的一個模組。於第1A圖中,金鑰儲存系統100包含一金鑰加解密加速器10及一金鑰儲存裝置20。In one embodiment, the key storage system 100 may be implemented by circuitry on a chip. In one embodiment, the key storage system 100 may be a module on a chip. In FIG. 1A , the key storage system 100 includes a key encryption/decryption accelerator 10 and a key storage device 20 .

於一實施例中,金鑰加解密加速器10中包含一進階加密標準(Advanced Encryption Standard,AES)加速器12、一雜湊訊息認證碼(Hash Message Authentication Code,HMAC)加速器14、一橢圓曲線密碼學(Elliptic Curve Cryptography, ECC)加速器16及/或一RSA(由發明者Rivest、Shmir和Adleman姓氏首字母縮寫而來)加速器18。In one embodiment, the key encryption/decryption accelerator 10 includes an Advanced Encryption Standard (AES) accelerator 12, a Hash Message Authentication Code (HMAC) accelerator 14, and an elliptic curve cryptography (Elliptic Curve Cryptography, ECC) accelerator 16 and/or an RSA (from the initials of inventors Rivest, Shmir and Adleman) accelerator 18.

其中,AES加密演算法是美國聯邦政府採用的一種區段加密標準,AES加速器12用硬體電路實作此演算法,故可加速運算。Among them, the AES encryption algorithm is a segment encryption standard adopted by the federal government of the United States. The AES accelerator 12 implements this algorithm with a hardware circuit, so it can accelerate the operation.

其中,HMAC加密演算法是含有金鑰雜湊函式演算法,基於雜湊函式的訊息認證碼,它需要一個加密用雜湊函式(例如是MD5或者SHA-1)和一個金鑰以計算訊息認證碼,並在此基礎上加上了金鑰,HMAC加速器14用硬體電路實作此演算法,故可加速運算。Among them, the HMAC encryption algorithm is a hash function algorithm with a key, a message authentication code based on a hash function, which requires an encryption hash function (such as MD5 or SHA-1) and a key to calculate the message authentication code The HMAC accelerator 14 uses the hardware circuit to implement the algorithm, so it can speed up the operation.

其中,ECC加密演算法是一種基於橢圓曲線數學的公開密鑰加密演算法,ECC加速器16用硬體電路實作此演算法,故可加速運算。Among them, the ECC encryption algorithm is a public key encryption algorithm based on elliptic curve mathematics. The ECC accelerator 16 implements this algorithm with a hardware circuit, so it can accelerate the operation.

其中,RSA加密演算法是一種非對稱加密演算法,在公開金鑰加密和電子商業中被廣泛使用,RSA加速器18用硬體電路實作此演算法,故可加速運算。Among them, the RSA encryption algorithm is an asymmetric encryption algorithm, which is widely used in public key encryption and electronic commerce. The RSA accelerator 18 implements this algorithm with a hardware circuit, so it can accelerate the operation.

於一實施例中,金鑰儲存裝置20可以是晶片中的一模組,以電路實現。於一實施例中,金鑰儲存裝置20包含一或多個金鑰儲存器S1~Sn、一仲裁器22及一核心24。In one embodiment, the key storage device 20 may be a module in a chip, implemented in a circuit. In one embodiment, the key storage device 20 includes one or more key storages S1 ˜Sn, an arbiter 22 and a core 24 .

於一實施例中,金鑰儲存裝置20可由電路實現。於一實施例中,可被實作為唯讀記憶體、快閃記憶體、軟碟、硬碟、光碟、隨身碟、磁帶、可由網路存取之資料庫或熟悉此技藝者可輕易思及具有相同功能之儲存媒體。In one embodiment, the key storage device 20 may be implemented by a circuit. In one embodiment, it can be implemented as read-only memory, flash memory, floppy disk, hard disk, optical disk, pen drive, tape, network accessible database, or can be easily conceived by those skilled in the art. A storage medium with the same function.

於一實施例中,金鑰儲存裝置20中的金鑰儲存器S1用以儲存金鑰K1。In one embodiment, the key storage S1 in the key storage device 20 is used to store the key K1.

於一實施例中,金鑰儲存裝置20中包含多個金鑰儲存器S1~Sn用以分別儲存金鑰K1~Kn。例如金鑰儲存裝置20中包含金鑰儲存器S1以儲存金鑰K1、金鑰儲存器S2以儲存金鑰K2、金鑰儲存器S3以儲存金鑰K3及/或金鑰儲存器Sn以儲存金鑰Kn。於一實施例中,金鑰K1~Kn可以各別由相同或不同的對稱式加密演算法或非對稱式加密演算法以產生。對稱式加密演算法或非對稱式加密演算法可以採用現有的演算法,故此處不贅述之。In one embodiment, the key storage device 20 includes a plurality of key storages S1 ˜Sn for storing the keys K1 ˜Kn respectively. For example, the key storage device 20 includes a key storage S1 for storing the key K1, a key storage S2 for storing the key K2, the key storage S3 for storing the key K3 and/or the key storage Sn for storing Key Kn. In one embodiment, the keys K1 to Kn may be generated by the same or different symmetric encryption algorithms or asymmetric encryption algorithms. The symmetric encryption algorithm or the asymmetric encryption algorithm can adopt the existing algorithm, so it is not repeated here.

於一實施例中,金鑰K1~Kn可以在晶片出廠前預先寫入金鑰儲存系統100中。In one embodiment, the keys K1 to Kn can be pre-written into the key storage system 100 before the chips are shipped.

於一實施例中,仲裁器22用以接收並判斷至少一特定指令的一發送端。In one embodiment, the arbiter 22 is used to receive and determine a sender of at least one specific command.

於一實施例中,仲裁器22判斷特定指令的發送端為AES加速器12、HMAC加速器14、ECC加速器16及/或RSA加速器18之其中一者。例如,仲裁器22判斷特定指令的發送端為RSA加速器18。In one embodiment, the arbiter 22 determines that the sender of the specific command is one of the AES accelerator 12 , the HMAC accelerator 14 , the ECC accelerator 16 and/or the RSA accelerator 18 . For example, the arbiter 22 determines that the sender of the specific command is the RSA accelerator 18 .

於一實施例中,AES加速器12、HMAC加速器14、ECC加速器16及RSA加速器18彼此之間不能讀取彼此對應的金鑰。例如,假設RSA加速器18對應到金鑰K1,則AES加速器12、HMAC加速器14及ECC加速器16無法對金鑰K1進行存取。In one embodiment, the AES accelerator 12 , the HMAC accelerator 14 , the ECC accelerator 16 and the RSA accelerator 18 cannot read keys corresponding to each other. For example, if the RSA accelerator 18 corresponds to the key K1, the AES accelerator 12, the HMAC accelerator 14 and the ECC accelerator 16 cannot access the key K1.

於一實施例中,核心24用以判斷至少一特定指令對應到的金鑰儲存器(例如金鑰儲存器S1)。In one embodiment, the core 24 is used to determine the key storage (eg, the key storage S1 ) corresponding to at least one specific instruction.

於一實施例中,AES加速器12、HMAC加速器14、ECC加速器16及RSA加速器18可以存取對各自對應的金鑰,以進行特定運算。In one embodiment, the AES accelerator 12, the HMAC accelerator 14, the ECC accelerator 16, and the RSA accelerator 18 can access the corresponding keys for performing certain operations.

特定運算例如為,但不限於,RSA旁道攻擊保護(side-channel attack protection) 演算法,此RSA旁道攻擊保護演算法會做金鑰的混淆(key/exponent blinding)來防止攻擊。The specific operation is, for example, but not limited to, the RSA side-channel attack protection algorithm. The RSA side-channel attack protection algorithm performs key/exponent blinding to prevent attacks.

於一實施例中,當RSA加速器18將金鑰K1代入RSA旁道攻擊保護演算法時,此過程中,RSA加速器18會將金鑰K1經由運算後偽裝成混淆金鑰K1’,避免在後續的其他運算或傳送程序中讓第三方拿到真正的金鑰K1;然而,若此時處理器30(如第1B圖所示)存取金鑰儲存器S1,則會讀取到混淆金鑰K1’,導致處理器30後續運算錯誤。In one embodiment, when the RSA accelerator 18 substitutes the key K1 into the RSA side-channel attack protection algorithm, in this process, the RSA accelerator 18 will disguise the key K1 as the obfuscated key K1' after the operation to avoid subsequent operations. In other operations or transmission procedures, the third party can obtain the real key K1; however, if the processor 30 (as shown in FIG. 1B ) accesses the key storage S1 at this time, the obfuscated key will be read. K1', resulting in the subsequent operation error of the processor 30.

為了避免此問題,在RSA加速器18欲進行特定運算(涉及修改金鑰K1為混淆金鑰K1’的運算)的情況下,RSA加速器18傳送至少一特定指令到金鑰儲存裝置20,此至少一特定指令包含一阻擋存取訊號(例如訊號Block_cpu_read)及一金鑰編號訊號(例如對應金鑰K1的金鑰編號訊號可表示為Block_key_num==K1)。其中,阻擋存取訊號Block_cpu_read用以指示金鑰儲存裝置20阻擋處理器30對金鑰K1進行存取,藉此避免處理器30讀取到混淆金鑰K1’ 的可能性(在特定運算的過程中,金鑰K1被修改成混淆金鑰K1’),所產生的錯誤運算。In order to avoid this problem, when the RSA accelerator 18 wants to perform a specific operation (an operation involving modifying the key K1 to the obfuscated key K1'), the RSA accelerator 18 transmits at least one specific instruction to the key storage device 20, and the at least one The specific command includes a blocking access signal (eg, the signal Block_cpu_read) and a key number signal (eg, the key number signal corresponding to the key K1 can be represented as Block_key_num==K1). The block access signal Block_cpu_read is used to instruct the key storage device 20 to block the processor 30 from accessing the key K1, thereby preventing the processor 30 from reading the possibility of confusing the key K1' (during a specific operation process). , the key K1 is modified into the obfuscated key K1'), resulting in an incorrect operation.

於一實施例中,金鑰加解密加速器10及金鑰儲存裝置20之間可建立電路,以傳送邊帶(sideband)訊號,藉由邊帶訊號以傳送特定指令。以下為更具體的描述細節。In one embodiment, a circuit can be established between the key encryption/decryption accelerator 10 and the key storage device 20 to transmit a sideband signal, and a specific command is transmitted through the sideband signal. The following are more specific description details.

於一實施例中,當RSA加速器18欲讀取金鑰K1以進行修改此金鑰K1的一特定運算時,此RSA加速器18傳送至少一特定指令到仲裁器22,至少一特定指令包含對應於金鑰(例如金鑰K1)的阻擋存取訊號(例如訊號Block_cpu_read)及金鑰編號訊號(例如對應金鑰K1的金鑰編號訊號可表示為Block_key_num==K1)。In one embodiment, when the RSA accelerator 18 wants to read the key K1 to perform a specific operation that modifies the key K1, the RSA accelerator 18 sends at least one specific command to the arbiter 22, the at least one specific command includes a The block access signal (eg, the signal Block_cpu_read) of the key (eg, the key K1 ) and the key number signal (eg, the key number signal corresponding to the key K1 can be expressed as Block_key_num==K1 ).

於一實施例中,當AES加速器12欲讀取金鑰K2以進行修改此金鑰K2的特定運算時,此AES加速器12傳送至少一特定指令到仲裁器22,至少一特定指令包含對應於金鑰K2的阻擋存取訊號(例如訊號Block_cpu_read)及金鑰編號訊號(例如對應金鑰K2的金鑰編號訊號可表示為Block_key_num==K2)。In one embodiment, when the AES accelerator 12 wants to read the key K2 to perform a specific operation of modifying the key K2, the AES accelerator 12 transmits at least one specific command to the arbiter 22, and the at least one specific command includes an instruction corresponding to the key K2. The blocking access signal (eg, the signal Block_cpu_read) of the key K2 and the key number signal (eg, the key number signal corresponding to the key K2 can be expressed as Block_key_num==K2).

於一實施例中,當HMAC加速器14欲讀取金鑰K3以進行修改此金鑰K3的特定運算時,此HMAC加速器14傳送至少一特定指令到仲裁器22,至少一特定指令包含對應於金鑰K3的阻擋存取訊號(例如訊號Block_cpu_read)及金鑰編號訊號(例如對應金鑰K3的金鑰編號訊號可表示為Block_key_num==K3)。In one embodiment, when the HMAC accelerator 14 wants to read the key K3 to perform a specific operation of modifying the key K3, the HMAC accelerator 14 transmits at least one specific command to the arbiter 22, and the at least one specific command includes a specific command corresponding to the key K3. The blocking access signal (eg, the signal Block_cpu_read) of the key K3 and the key number signal (eg, the key number signal corresponding to the key K3 can be represented as Block_key_num==K3).

於一實施例中,當ECC加速器16欲讀取金鑰Kn以進行修改此金鑰Kn的特定運算時,此ECC加速器16傳送至少一特定指令到仲裁器22,至少一特定指令包含對應於金鑰Kn的一阻擋存取訊號(例如訊號Block_cpu_read)及金鑰編號訊號(例如對應金鑰Kn的金鑰編號訊號可表示為Block_key_num==Kn)。In one embodiment, when the ECC accelerator 16 wants to read the key Kn to perform a specific operation of modifying the key Kn, the ECC accelerator 16 transmits at least one specific command to the arbiter 22, and the at least one specific command includes an instruction corresponding to the key Kn. A blocking access signal (eg, the signal Block_cpu_read) of the key Kn and the key number signal (eg, the key number signal corresponding to the key Kn can be represented as Block_key_num==Kn).

請參閱第1B圖,第1B圖中的處理器30可以被實施為微控制單元(microcontroller)、微處理器(microprocessor)、數位訊號處理器(digital signal processor)、特殊應用積體電路(application specific integrated circuit,ASIC)或一邏輯電路。Please refer to FIG. 1B, the processor 30 in FIG. 1B can be implemented as a microcontroller, a microprocessor, a digital signal processor, an application specific integrated circuit integrated circuit, ASIC) or a logic circuit.

於一實施例中,處理器30用以存取金鑰儲存裝置20中的金鑰K1~Kn之其中至少之一者。In one embodiment, the processor 30 is configured to access at least one of the keys K1 ˜Kn in the key storage device 20 .

於一實施例中,處理器30可以存取金鑰K1~Kn的任一者,例如,處理器30發送金鑰K1的請求存取訊號Read_K1到仲裁器22,仲裁器22得知請求存取訊號Read_K1來自處理器30後,通知核心24將金鑰K1從金鑰儲存器S1中讀出,並傳送到處理器30。In one embodiment, the processor 30 can access any one of the keys K1 to Kn. For example, the processor 30 sends the access request signal Read_K1 of the key K1 to the arbiter 22, and the arbiter 22 learns that the access request is requested. After the signal Read_K1 comes from the processor 30 , the core 24 is notified to read the key K1 from the key storage S1 and transmit it to the processor 30 .

於一實施例中,當RSA加速器18欲讀取金鑰K1以進行修改此金鑰K1的一特定運算時,此RSA加速器18傳送對應於金鑰K1的阻擋存取訊號Block_cpu_read及金鑰編號訊號Block_key_num==K1到仲裁器22,代表阻擋金鑰K1被處理器30存取。In one embodiment, when the RSA accelerator 18 wants to read the key K1 to perform a specific operation of modifying the key K1, the RSA accelerator 18 transmits the block access signal Block_cpu_read and the key number signal corresponding to the key K1 Block_key_num==K1 to the arbiter 22, representing the blocking key K1 being accessed by the processor 30.

換言之,當處理器30欲存取的金鑰K1~Kn之其中至少之一者(例如為金鑰K1)的一當前金鑰編號訊號(例如為Block_key_num==K1)與對應於金鑰的金鑰編號訊號(例如為Block_key_num==K1)相同,且金鑰儲存裝置20已事先收到對應於金鑰K1的阻擋存取訊號Block_cpu_read及金鑰編號訊號Block_key_num==K1時,處理器30接收一存取失敗訊號Read_Fail。In other words, when the processor 30 wants to access at least one of the keys K1 to Kn (eg, the key K1 ), a current key number signal (eg, Block_key_num==K1 ) and the key corresponding to the key When the key number signal (for example, Block_key_num==K1) is the same, and the key storage device 20 has previously received the block access signal Block_cpu_read and the key number signal Block_key_num==K1 corresponding to the key K1, the processor 30 receives a Access failure signal Read_Fail.

於一實施例中,當加速器(例如RSA加速器18)欲讀取金鑰(例如為金鑰K1)以進行修改金鑰K1的特定運算時,RSA加速器18傳送的阻擋存取訊號號Block_cpu_read包含一第一標識(例如為1),當加速器(例如RSA加速器18)完成特定運算並復原金鑰K1時, RSA加速器18傳送的阻擋存取訊號Block_cpu_read包含一第二標識(例如為0)。In one embodiment, when the accelerator (eg, the RSA accelerator 18 ) wants to read the key (eg, the key K1 ) to perform a specific operation of modifying the key K1 , the block access signal Block_cpu_read transmitted by the RSA accelerator 18 includes a The first flag (eg, 1), when the accelerator (eg, the RSA accelerator 18 ) completes a specific operation and restores the key K1, the blocking access signal Block_cpu_read sent by the RSA accelerator 18 includes a second flag (eg, 0).

更具體而言,當第一標識為1時,代表當金鑰儲存裝置20判斷處理器30欲存取金鑰(例如為金鑰K1)時,金鑰儲存裝置20的核心24將阻擋存取訊號號Block_cpu_read傳送至仲裁器22,仲裁器22將阻擋存取訊號號Block_cpu_read傳送至處理器30,包含第一標識的阻擋存取訊號Block_cpu_read用以阻擋處理器30存取金鑰(例如為金鑰K1);當第二標識為0時,代表當金鑰儲存裝置20判斷處理器30欲存取金鑰(例如為金鑰K1)時,金鑰儲存裝置20的核心24將阻擋存取訊號Block_cpu_read傳送至仲裁器22,仲裁器22將阻擋存取訊號Block_cpu_read傳送到處理器30,包含第二標識的阻擋存取訊號Block_cpu_read 不阻擋處理器30存取金鑰(例如為金鑰K1)。More specifically, when the first identifier is 1, it means that when the key storage device 20 determines that the processor 30 wants to access the key (eg, the key K1 ), the core 24 of the key storage device 20 will block the access The signal Block_cpu_read is sent to the arbiter 22, and the arbiter 22 sends the blocking access signal Block_cpu_read to the processor 30. The blocking access signal Block_cpu_read including the first identifier is used to block the processor 30 from accessing the key (for example, the key K1); when the second identifier is 0, it means that when the key storage device 20 determines that the processor 30 wants to access the key (eg, the key K1), the core 24 of the key storage device 20 will block the access signal Block_cpu_read The arbiter 22 transmits the blocking access signal Block_cpu_read to the processor 30. The blocking access signal Block_cpu_read including the second identifier does not block the processor 30 from accessing the key (eg, the key K1).

於一實施例中,如第1B圖所示,RSA加速器18在任何時間都可以傳送請求存取訊號Read_K1,此請求存取訊號Read_K1代表RSA加速器18欲存取讀取金鑰K1,金鑰儲存裝置20回傳一允許存取訊號Read_Ok給RSA加速器18,允許存取訊號Read_Ok代表接著將金鑰K1傳送給RSA加速器18。In one embodiment, as shown in FIG. 1B , the RSA accelerator 18 can transmit a request access signal Read_K1 at any time. The request access signal Read_K1 indicates that the RSA accelerator 18 wants to access the read key K1 and the key storage The device 20 returns an access permission signal Read_Ok to the RSA accelerator 18 , and the access permission signal Read_Ok represents the subsequent transfer of the key K1 to the RSA accelerator 18 .

於一實施例中,如第1B圖所示,處理器30用以存取金鑰儲存裝置20中的多個金鑰K1~Kn之其中至少之一者(例如為金鑰K1),當對應於處理器30欲存取的此些金鑰K1~Kn之其中至少之一者(例如為金鑰K1)的一當前金鑰編號訊號(例如為Block_key_num==K1)與對應於金鑰K1的第一金鑰編號訊號(例如為Block_key_num==K1)相同,且金鑰儲存裝置20已事先收到對應於金鑰K1的阻擋存取訊號Block_cpu_read包含一第一標識(例如為1)時,代表加速器(例如為RSA加速器18)已將修改後的混淆金鑰K1’,金鑰儲存裝置20的核心24將一存取失敗訊號Read_Fail傳送至仲裁器22,仲裁器22將存取失敗訊號Read_Fail傳送到處理器30,使處理器30無法存取金鑰K1,避免處理器30誤取到混淆金鑰K1’,而導致處理器30運算錯誤。In one embodiment, as shown in FIG. 1B , the processor 30 is used to access at least one of the plurality of keys K1 ˜Kn in the key storage device 20 (for example, the key K1 ), when the corresponding A current key number signal (eg, Block_key_num==K1 ) of at least one of the keys K1 to Kn to be accessed by the processor 30 (eg, the key K1 ) and a signal corresponding to the key K1 When the first key number signal (for example, Block_key_num==K1) is the same, and the key storage device 20 has previously received the block access signal Block_cpu_read corresponding to the key K1 including a first identifier (for example, 1), it means The accelerator (for example, the RSA accelerator 18) has sent the modified obfuscated key K1', the core 24 of the key storage device 20 sends an access failure signal Read_Fail to the arbiter 22, and the arbiter 22 sends the access failure signal Read_Fail to the processor 30 , so that the processor 30 cannot access the key K1 , so as to prevent the processor 30 from fetching the confusing key K1 ′ by mistake, resulting in an operation error of the processor 30 .

於一實施例中,當對應於處理器30欲存取的此些金鑰之其中至少之一者(例如為金鑰K1)的一當前金鑰編號訊號(例如為Block_key_num==K1)與對應於金鑰K1的第一金鑰編號訊號(例如為Block_key_num==K1)相同,且金鑰儲存裝置20已事先收到對應於金鑰K1的阻擋存取訊號Block_cpu_read包含第二標識(例如為0)時,代表加速器(例如為RSA加速器18)已將修改後的混淆金鑰K1’再度改回原本的金鑰K1(例如RSA加速器18已經完成需要混淆金鑰K1’的運算),不會影響處理器30的後續運算,因此,金鑰儲存裝置20的核心24將允許存取訊號Read_Ok傳送至仲裁器22,仲裁器22將允許存取訊號Read_Ok傳送到處理器30,允許存取訊號Read_Ok代表允許處理器20存取金鑰K1。In one embodiment, when a current key number signal (eg Block_key_num==K1 ) corresponding to at least one of the keys (eg, key K1 ) to be accessed by the processor 30 corresponds to The first key number signal (for example, Block_key_num==K1) of the key K1 is the same, and the key storage device 20 has previously received the block access signal Block_cpu_read corresponding to the key K1 including the second identifier (for example, 0). ), it means that the accelerator (for example, the RSA accelerator 18) has changed the modified obfuscated key K1' back to the original key K1 (for example, the RSA accelerator 18 has completed the operation that requires the obfuscated key K1'), which will not affect In the subsequent operations of the processor 30, the core 24 of the key storage device 20 transmits the access permission signal Read_Ok to the arbiter 22, and the arbiter 22 transmits the access permission signal Read_Ok to the processor 30. The access permission signal Read_Ok represents The processor 20 is allowed to access the key K1.

請參照第2圖,於步驟210中,藉由一金鑰儲存裝置20中的一第一金鑰儲存器儲存一第一金鑰。於步驟220中,藉由金鑰儲存裝置20判斷至少一特定指令對應到的第一金鑰儲存器,一第一加速器判斷是否欲改寫第一金鑰儲存器中的第一金鑰,以進行修改第一金鑰的一特定運算;若第一加速器判斷欲改寫第一金鑰儲存器中的第一金鑰,則傳送至少一特定指令到金鑰儲存裝置20,並進入步驟230;若第一加速器判斷不需改寫第一金鑰儲存器中的第一金鑰,則進入於步驟235。於步驟235中,藉由處理器30或第一加速器傳送一讀取請求,用以請求讀取第一金鑰。於步驟240中,藉由金鑰儲存裝置20回傳允許存取訊號。於步驟230中,藉由金鑰儲存裝置20判斷讀取請求是否來自允許存取第一金鑰的第一加速器,在此步驟中,金鑰儲存裝置20亦可以判斷讀取請求來自處理器30或何者加速器;若金鑰儲存裝置20判斷讀取請求來自處理器30,則進入步驟250;若金鑰儲存裝置20判斷讀取請求來自允許存取第一金鑰的第一加速器,則進入步驟240。於步驟250中,藉由金鑰儲存裝置20回傳存取失敗訊號。Referring to FIG. 2 , in step 210 , a first key is stored by a first key storage in a key storage device 20 . In step 220, the key storage device 20 determines the first key storage corresponding to at least one specific instruction, and a first accelerator determines whether to rewrite the first key in the first key storage, so as to perform the operation. Modifying a specific operation of the first key; if the first accelerator determines that the first key in the first key storage is to be rewritten, it transmits at least one specific instruction to the key storage device 20, and proceeds to step 230; When an accelerator determines that it is not necessary to rewrite the first key in the first key storage, the process proceeds to step 235 . In step 235, a read request is sent by the processor 30 or the first accelerator for requesting to read the first key. In step 240 , an access permission signal is returned by the key storage device 20 . In step 230, the key storage device 20 determines whether the read request comes from the first accelerator that allows access to the first key. In this step, the key storage device 20 can also determine that the read request comes from the processor 30. or any accelerator; if the key storage device 20 determines that the read request is from the processor 30, then go to step 250; if the key storage device 20 determines that the read request is from the first accelerator that allows access to the first key, then go to step 250 240. In step 250 , an access failure signal is returned by the key storage device 20 .

藉由本案所述之金鑰儲存系統及金鑰儲存方法,在加速器欲進行涉及修改金鑰的情況下,加速器傳送特定指令到金鑰儲存裝置,特定指令用以指示金鑰儲存裝置阻擋處理器對金鑰進行存取,藉此避免處理器讀取到被修改過的金鑰的可能性,所產生的錯誤運算。With the key storage system and key storage method described in this case, when the accelerator is about to modify the key, the accelerator transmits a specific instruction to the key storage device, and the specific instruction is used to instruct the key storage device to block the processor. Access to the key, thereby avoiding the possibility of the processor reading the modified key, resulting in erroneous operations.

雖然本案已以實施例揭露如上,然其並非用以限定本案,任何熟習此技藝者,在不脫離本案之精神和範圍內,當可作各種之更動與潤飾,因此本案之保護範圍當視後附之申請專利範圍所界定者為準。Although this case has been disclosed above with examples, it is not intended to limit this case. Anyone who is familiar with this technique can make various changes and modifications without departing from the spirit and scope of this case. Therefore, the scope of protection in this case should be regarded as The scope of the attached patent application shall prevail.

100、150:金鑰儲存系統 10:金鑰加解密加速器 20:金鑰儲存裝置 30:處理器 S1~Sn:金鑰儲存器 K1~Kn:金鑰 22:仲裁器 24:核心 Block_cpu_read:阻擋存取訊號 Block_key_num:金鑰編號訊號 200:金鑰儲存方法 210~250:步驟 Read_Fail:存取失敗訊號 Read_K1:請求存取訊號 Read_Ok:允許存取訊號100, 150: Key storage system 10:Key encryption and decryption accelerator 20:Key storage device 30: Processor S1~Sn: key storage K1~Kn: key 22: Arbiter 24: Core Block_cpu_read: block access signal Block_key_num: key number signal 200:Key storage method 210~250: Steps Read_Fail: access failure signal Read_K1: request access signal Read_Ok: allow access to the signal

第1A圖係依照本發明一實施例繪示金鑰儲存系統之方塊圖。 第1B圖係依照本發明一實施例繪示金鑰儲存系統之方塊圖。 第2圖係根據本發明之一實施例繪示一種金鑰儲存方法之流程圖。FIG. 1A is a block diagram illustrating a key storage system according to an embodiment of the present invention. FIG. 1B is a block diagram illustrating a key storage system according to an embodiment of the present invention. FIG. 2 is a flowchart illustrating a method for storing a key according to an embodiment of the present invention.

200:金鑰儲存方法200:Key storage method

210~250:步驟210~250: Steps

Claims (9)

一種金鑰儲存系統,包含:一金鑰加解密加速器,包含:一第一加速器,用以發送至少一特定指令;以及一金鑰儲存裝置,包含:一第一金鑰儲存器,用以儲存一第一金鑰;一仲裁器,用以接收並判斷該至少一特定指令的一發送端;一核心,用以判斷該至少一特定指令對應到該第一金鑰儲存器;以及一處理器;其中,當該第一加速器欲讀取該第一金鑰以進行修改該第一金鑰的一特定運算時,該第一加速器傳送該至少一特定指令到該仲裁器,該至少一特定指令包含對應於該第一金鑰的一阻擋存取訊號及一第一金鑰編號訊號;其中,該處理器用以存取該金鑰儲存裝置中的複數個金鑰之其中至少之一者;其中,當該處理器欲存取的該些金鑰之其中至少之一者的一當前金鑰編號訊號與對應於該第一金鑰的該第一金鑰編號訊號相同,且該金鑰儲存裝置已事先收到對應於該第一金鑰的該阻擋存取訊號及該金鑰編號訊號時,該處理器接收一存取失敗訊號。 A key storage system, comprising: a key encryption and decryption accelerator, including: a first accelerator for sending at least one specific instruction; and a key storage device, including: a first key storage for storing a first key; an arbiter for receiving and determining a sender of the at least one specific command; a core for determining that the at least one specific command corresponds to the first key storage; and a processor ; wherein, when the first accelerator wants to read the first key to perform a specific operation of modifying the first key, the first accelerator transmits the at least one specific instruction to the arbiter, the at least one specific instruction including a blocking access signal and a first key number signal corresponding to the first key; wherein the processor is used to access at least one of a plurality of keys in the key storage device; wherein , when a current key number signal of at least one of the keys to be accessed by the processor is the same as the first key number signal corresponding to the first key, and the key storage device When the blocking access signal and the key number signal corresponding to the first key have been received in advance, the processor receives an access failure signal. 如申請專利範圍第1項所述之金鑰儲存系統,其中該仲裁器判斷該特定指令的該發送端為該第一加速器。 The key storage system as described in claim 1, wherein the arbiter determines that the sender of the specific command is the first accelerator. 如申請專利範圍第1項所述之金鑰儲存系統,其中當 該第一加速器欲讀取該第一金鑰以進行修改該第一金鑰的該特定運算時,該第一加速器傳送的該阻擋存取訊號包含一第一標識,當該第一加速器完成該特定運算並復原該第一金鑰時,該第一加速器傳送的該阻擋存取訊號包含一第二標識。 The key storage system as described in item 1 of the scope of the application, wherein when When the first accelerator wants to read the first key to perform the specific operation of modifying the first key, the blocking access signal transmitted by the first accelerator includes a first identifier. When the first accelerator completes the The blocking access signal transmitted by the first accelerator includes a second identifier when the first key is specifically calculated and recovered. 如申請專利範圍第3項所述之金鑰儲存系統,其中該第一標識為1,代表當該金鑰儲存裝置判斷該處理器欲存取該第一金鑰時,該金鑰儲存裝置的該核心將該阻擋存取訊號傳送至該仲裁器,該仲裁器將該阻擋存取訊號傳送到該處理器,包含該第一標識的該阻擋存取訊號用以阻擋該處理器存取該第一金鑰;其中該第二標識為0,代表當該金鑰儲存裝置判斷該處理器欲存取該第一金鑰時,該金鑰儲存裝置的該核心將該阻擋存取訊號傳送至該仲裁器,該仲裁器將該阻擋存取訊號傳送到該處理器,包含該第二標識的該阻擋存取訊號不阻擋該處理器存取該第一金鑰。 The key storage system as described in claim 3, wherein the first identifier is 1, indicating that when the key storage device determines that the processor wants to access the first key, the key storage device has The core transmits the blocking access signal to the arbiter, the arbiter transmits the blocking access signal to the processor, and the blocking access signal including the first identifier is used to block the processor from accessing the first a key; wherein the second identifier is 0, indicating that when the key storage device determines that the processor wants to access the first key, the core of the key storage device transmits the blocking access signal to the an arbiter that transmits the blocking access signal to the processor, and the blocking access signal including the second identification does not block the processor from accessing the first key. 如申請專利範圍第3項所述之金鑰儲存系統,更包含:其中,當對應於該處理器欲存取的該些金鑰之其中至少之一者的該當前金鑰編號訊號與對應於該第一金鑰的該第一金鑰編號訊號相同,且該金鑰儲存裝置已事先收到對應於該第一金鑰的該阻擋存取訊號包含一第一標識時,該金鑰儲存裝置的該核心將該存取失敗訊號傳送至該仲裁器,該仲裁器將該存取失敗訊號傳送到該處理器,使該處理器無法存取該第一金鑰。 The key storage system according to item 3 of the scope of the application, further comprising: wherein, when the current key number signal corresponding to at least one of the keys to be accessed by the processor is associated with a signal corresponding to When the first key number signal of the first key is the same, and the key storage device has previously received that the blocking access signal corresponding to the first key includes a first identifier, the key storage device The core of the arbiter transmits the access failure signal to the arbiter, and the arbiter transmits the access failure signal to the processor so that the processor cannot access the first key. 如申請專利範圍第3項所述之金鑰儲存系統,更包含:其中,當對應於該處理器欲存取的該些金鑰之其中至少之一者所的該當前金鑰編號訊號與對應於該第一金鑰的該第一金鑰編號訊號相同,且該金鑰儲存裝置已事先收到對應於該第一金鑰的該阻擋存 取訊號包含該第二標識時,該金鑰儲存器的該核心將一允許存取訊號傳送至該仲裁器,該仲裁器將該允許存取訊號傳送到該處理器,該允許存取訊號代表允許該處理器存取該第一金鑰。 The key storage system according to item 3 of the scope of the application, further comprising: wherein the current key number signal corresponding to at least one of the keys to be accessed by the processor corresponds to The first key number signal of the first key is the same, and the key storage device has previously received the block storage corresponding to the first key When the fetch signal contains the second identifier, the core of the key storage sends an access-allowed signal to the arbiter, and the arbiter sends the access-allowed signal to the processor, the access-allowed signal representing the The processor is allowed to access the first key. 如申請專利範圍第1項所述之金鑰儲存系統,其中該金鑰加解密加速器更包含一第二加速器,該第二加速器無法存取該第一金鑰儲存器中所儲存的該第一金鑰。 The key storage system as described in claim 1, wherein the key encryption/decryption accelerator further comprises a second accelerator, and the second accelerator cannot access the first key stored in the first key storage key. 如申請專利範圍第1項所述之金鑰儲存系統,其中該金鑰儲存裝置更包含一第二金鑰儲存器,用以儲存一第二金鑰。 The key storage system of claim 1, wherein the key storage device further comprises a second key storage for storing a second key. 一種金鑰儲存方法,包含:藉由一金鑰儲存裝置中的一第一金鑰儲存器儲存一第一金鑰;藉由一金鑰加解密加速器發送至少一特定指令;藉由該金鑰儲存裝置判斷該至少一特定指令對應到的該第一金鑰儲存器;以及藉由一處理器用以存取該金鑰儲存裝置中的複數個金鑰之其中至少之一者;其中,當該金鑰加解密加速器欲讀取該第一金鑰,以進行修改該第一金鑰的一特定運算時,該第一加速器傳送該至少一特定指令到該金鑰儲存裝置,該至少一特定指令包含對應於該第一金鑰的一阻擋存取訊號及一第一金鑰編號訊號;其中,當該處理器欲存取的該些金鑰之其中至少之一者的一當前金鑰編號訊號與對應於該第一金鑰的該第一金鑰編號訊號相同,且該金鑰儲存裝置已事先收到對應於該第一金鑰的該阻擋存取訊號及該金鑰編號訊號時,該處理器接收一存取失敗訊號。 A key storage method, comprising: storing a first key by a first key storage in a key storage device; sending at least one specific instruction by a key encryption and decryption accelerator; using the key The storage device determines the first key storage corresponding to the at least one specific instruction; and is used by a processor to access at least one of a plurality of keys in the key storage device; wherein, when the When the key encryption/decryption accelerator wants to read the first key to perform a specific operation of modifying the first key, the first accelerator sends the at least one specific instruction to the key storage device, the at least one specific instruction including a blocking access signal and a first key number signal corresponding to the first key; wherein, when the processor wants to access at least one of the keys a current key number signal When the first key number signal corresponding to the first key is the same, and the key storage device has previously received the blocking access signal and the key number signal corresponding to the first key, the The processor receives an access failure signal.
TW108132366A 2019-09-09 2019-09-09 Key storage system and key storage method TWI774986B (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
TW108132366A TWI774986B (en) 2019-09-09 2019-09-09 Key storage system and key storage method
CN201911364960.5A CN112468299B (en) 2019-09-09 2019-12-26 Key storage system and key storage method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
TW108132366A TWI774986B (en) 2019-09-09 2019-09-09 Key storage system and key storage method

Publications (2)

Publication Number Publication Date
TW202111581A TW202111581A (en) 2021-03-16
TWI774986B true TWI774986B (en) 2022-08-21

Family

ID=74807673

Family Applications (1)

Application Number Title Priority Date Filing Date
TW108132366A TWI774986B (en) 2019-09-09 2019-09-09 Key storage system and key storage method

Country Status (2)

Country Link
CN (1) CN112468299B (en)
TW (1) TWI774986B (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8218770B2 (en) * 2005-09-13 2012-07-10 Agere Systems Inc. Method and apparatus for secure key management and protection
US20160350077A1 (en) * 2014-08-08 2016-12-01 Texas Instruments Incorporated Cryptographic Accelerator
TWI567579B (en) * 2010-11-30 2017-01-21 英特爾公司 Method and apparatus for key provisioning of hardware devices
TW201717003A (en) * 2015-11-12 2017-05-16 英特爾公司 Hybrid SM3 and SHA acceleration processors

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6157721A (en) * 1996-08-12 2000-12-05 Intertrust Technologies Corp. Systems and methods using cryptography to protect secure computing environments
CN101741553B (en) * 2008-11-04 2012-07-25 翊杰科技股份有限公司 Method and system for secretly data storing and responding
TWI444030B (en) * 2011-06-21 2014-07-01 Univ Nat Chiao Tung Method for keys generation, member authentication and security communication in a dynamic group
US8751804B1 (en) * 2011-06-30 2014-06-10 Decho Corporation Controlling access to data within encrypted copies of files using salt parameters
KR20150081022A (en) * 2014-01-03 2015-07-13 삼성전자주식회사 Image processing apparatus and control method thereof

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8218770B2 (en) * 2005-09-13 2012-07-10 Agere Systems Inc. Method and apparatus for secure key management and protection
TWI567579B (en) * 2010-11-30 2017-01-21 英特爾公司 Method and apparatus for key provisioning of hardware devices
US20160350077A1 (en) * 2014-08-08 2016-12-01 Texas Instruments Incorporated Cryptographic Accelerator
TW201717003A (en) * 2015-11-12 2017-05-16 英特爾公司 Hybrid SM3 and SHA acceleration processors

Also Published As

Publication number Publication date
CN112468299A (en) 2021-03-09
TW202111581A (en) 2021-03-16
CN112468299B (en) 2023-07-04

Similar Documents

Publication Publication Date Title
US9740639B2 (en) Map-based rapid data encryption policy compliance
CN109313690B (en) Self-contained encrypted boot policy verification
CN111506901B (en) Block chain-based data processing method, terminal and storage medium
US10284372B2 (en) Method and system for secure management of computer applications
US6993648B2 (en) Proving BIOS trust in a TCPA compliant system
WO2021003980A1 (en) Blacklist sharing method and apparatus, computer device and storage medium
US8161285B2 (en) Protocol-Independent remote attestation and sealing
WO2018086469A1 (en) Data storage method utilized in non-volatile storage space in integrated circuit, and trusted integrated circuit
WO2021036086A1 (en) Transaction data processing method, apparatus and system, and computer-readable storage medium
KR20040094724A (en) Multi-token seal and unseal
WO2020042798A1 (en) Cryptographic operation and working key creation method and cryptographic service platform and device
CN111367834A (en) Self-encrypting driver (SED)
KR20200020627A (en) SECURE BOOT METHOD OF IoT DEVICE USING AN INTEGRATED SECURITY SoC
CN111177709A (en) Execution method and device of terminal trusted component and computer equipment
CN112733180A (en) Data query method and device and electronic equipment
WO2022001944A1 (en) Method for modifying linux kernel, and terminal device and storage medium
TWI774986B (en) Key storage system and key storage method
CN107223322A (en) The method, apparatus and system of signature verification
US20200396210A1 (en) Data security tool
WO2020010831A1 (en) Data acquisition method, data acquisition system, terminal, and diagnostic tool
US11811948B2 (en) Flexible security enclave for protecting data at rest and in motion
US20200364376A1 (en) Security display method and device, and security terminal
CN110874225A (en) Data verification method and device, embedded equipment and storage medium
CN110378110A (en) Software cryptography processing method, software verification method and device
EP4206966A1 (en) Computer system for failing a secure boot in a case tampering event

Legal Events

Date Code Title Description
GD4A Issue of patent certificate for granted invention patent