CN100559355C - IDE hard disc physical enciphering system based on MEMS coded lock and double FPGA - Google Patents
IDE hard disc physical enciphering system based on MEMS coded lock and double FPGA Download PDFInfo
- Publication number
- CN100559355C CN100559355C CNB2008100381826A CN200810038182A CN100559355C CN 100559355 C CN100559355 C CN 100559355C CN B2008100381826 A CNB2008100381826 A CN B2008100381826A CN 200810038182 A CN200810038182 A CN 200810038182A CN 100559355 C CN100559355 C CN 100559355C
- Authority
- CN
- China
- Prior art keywords
- fpga
- coded lock
- module
- mems
- mems coded
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Images
Abstract
A kind of IDE hard disc physical enciphering system of field of information security technology based on MEMS coded lock and double FPGA.Among the present invention, driving of MEMS coded lock and authentication module and be used for the FPGA personality board communication of physical certifying, pci controller is converted into FPGA internal bus end instruction to the instruction on the pci bus, drive the decoding of MEMS coded lock by I/O signal extension chip output control word to MEMS coded lock driving circuit, produce key signal simultaneously, the key handling module reads key signal and judges whether correctly, if it is correct, send key to the FPGA, the one FPGA at first gives effective enable signal of the 2nd FPGA, make its operate as normal, then key is passed to encrypting-decrypting module, a FPGA gives rreturn value of main frame simultaneously, starts to connect and the scanning hardware module, and encipher hard disc is identified; If mistake is carried out MEMS coded lock homing action, pass to the information of main frame bad password simultaneously.
Description
Technical field
What the present invention relates to is a kind of system of field of information security technology, and specifically, what relate to is a kind of IDE hard disc physical enciphering system based on MEMS (MEMS (micro electro mechanical system)) coded lock and double FPGA (field programmable gate array).
Background technology
Information security has extremely important meaning for departments such as enterprise, government, national defence.General existing hard disk encryption method is all preserved key by storage medium, uses comparer comparison input key correctness, and the method confidentiality is poor, is easy to crack.And hard disc enciphering system does not have authentication function mostly, and the disabled user that can enter system still can read hard disk information, and the safe and secret effect of system reduces greatly.
Find through literature search prior art, Chinese patent " a kind of encrypting computer hard disc device ", the patent No. 99113164.9, February 5 2003 Granted publication day, by the encrypted circuit that encryption chip is formed, encryption chip is by control unit circuit, encryption/decryption element circuit, and RAM storer and gauge tap K form, to the data stream hardware encipher optionally of turnover hard disk, thereby realize that medium encrypts.But use the key of the mode of user's input information in this patent, and judge by the key comparative device whether key is correct as HD encryption.This method by storer preservation key is easy to be cracked by the disabled user, and confidentiality is poor.Also find in the retrieval, Chinese patent " based on the hard disc enciphering system of MEMS coded lock ", publication number CN1838289, open September 27 2006 date, adopt MEMS coded lock encrypted card driving and authentication module and PCI coded lock to encrypt personality board, the signal that utilizes the operation of MEMS coded lock to be fed back produces the key that is used for the hard disk encryption and decryption, reaches the purpose by the physical method encipher hard disc, and is safe.Though but the IDE hard disk that this patent also is to use, it must need to restart computing machine after opening encryption and decryption module connection hard disk and computing machine could discern hard disk.
Summary of the invention
The objective of the invention is to overcome the deficiencies in the prior art, a kind of IDE hard disc physical enciphering system based on MEMS coded lock and double FPGA personality board is provided, make it reach the purpose that produces secret key encryption/deciphering hard disk by physical method.Connection of the present invention and scanning hardware module, and PCI coded lock hard disk encryption card improved, with the MEMS control module, encrypting-decrypting module is solidificated in respectively on two FPGA personality board, and they are cooperated mutually, in conjunction with MEMS coded lock and hard disc enciphering system, machinery has solidified 32 passwords in the MEMS coded lock, with this key as FPGA fixed disk data enciphering/deciphering module, after physical certifying passes through, this key is transferred to encrypting-decrypting module among another FPGA by first FPGA, and the data in the IDE hard disk of being encrypted just can correctly be read and write.
The present invention is achieved by the following technical solutions, the present invention includes: driving of MEMS coded lock and authentication module, connection and scanning hardware module, the FPGA personality board that is used for physical certifying, the FPGA personality board that is used for data encryption/decryption and MEMS coded lock and IDE encipher hard disc.
The described FPGA personality board that is used for physical certifying comprises: a FPGA, pci controller, EEPROM PCI configuring chip, an erasable ROM, MEMS coded lock driving circuit, MEMS control module, key handling module.
The described FPGA personality board that is used for data encryption/decryption comprises: the 2nd FPGA, can wipe the 2nd ROM, two IDE expansion interfaces, encrypting-decrypting module.
Driving of above-mentioned MEMS coded lock and authentication module, connection and scanning hardware module are installed in the operating system hard disk of main frame, an end that is used for the FPGA personality board of physical certifying links to each other with main frame by pci bus, the other end connects with the MEMS coded lock, be subjected to the control of main frame, an end that is used for the FPGA personality board of data encryption/decryption connects the main frame mainboard by ide interface, other end connection ID E encipher hard disc, and the 2nd FPGA connects with a FPGA, is subjected to the control of a FPGA.Wherein:
Described MEMS coded lock drives and authentication module carries out communication with PCI agreement communication modes and a FPGA and coded lock driving circuit;
There is storer described EEPROM PCI configuring chip inside, has the PCI driver, makes the pci controller can operate as normal;
Described pci controller is made of the PCI control chip, is the bridge that connects pci bus and PCI local bus, and an end is connected with the main frame pci bus, and the other end connects a FPGA;
Described I/O extended chip drives the decoding of MEMS coded lock according to local bus instruction output control word to MEMS coded lock driving circuit, and the MEMS coded lock produces key signal in the time of decoding;
Described key handling module reads the key signal that the MEMS coded lock is sent, and the correct judgment key or the arriving of false key if obtain 32 correct keys, send it to a FPGA;
A described FPGA receives 32 correct keys, give effective enable signal of the 2nd FPGA, make the 2nd FPGA operate as normal, a FPGA passes to the encrypting-decrypting module that links to each other with the 2nd FPGA to 32 correct keys then, give rreturn value of main frame by pci controller simultaneously, host-initiated is connected and the scanning hardware module, and the IDE encipher hard disc is by system identification; If the misjudgment key arrives, send phase place to the FPGA that resets by the key handling module and carry out MEMS coded lock homing action, simultaneously a wrong signal instruction of expression is passed to main frame;
A described ROM links to each other with a FPGA, and its inside solidification has the MEMS control module, and after system powered on, this module made a FPGA operate as normal, controlled the operation as requested of MEMS coded lock;
Described the 2nd ROM links to each other with the 2nd FPGA, and its inside solidification has encrypting-decrypting module, and after system powered on, this module was moved automatically, makes the 2nd FPGA operate as normal, and can be to the data based aes algorithm encrypt/decrypt through the 2nd FPGA;
Described two IDE expansion interfaces are the common ATA protocol of I DE interfaces that meet, and first is directly to be connected with the main frame mainboard, and another is a connection ID E encipher hard disc.
The described FPGA personality board that is used for physical certifying all is to be core with the fpga chip with the FPGA personality board that is used for data encryption/decryption, the FPGA personality board that is used for physical certifying is used for encrypted physical, the FPGA personality board that is used for data encryption/decryption is used for the encrypt/decrypt of data, two personality board both linked to each other by main frame, be subjected to host computer control, two personality board link to each other with the 2nd FPGA by a FPGA again, and a FPGA controls the 2nd FPGA.
A described FPGA one end links to each other with pci controller, and an end and MEMS driving circuit join, and it carries out data transmission under the PIO mode.
The two ends of described the 2nd FPGA link to each other with two IDE expansion interfaces on the FPGA personality board that is used for data encryption/decryption respectively, and data are to transmit with parallel ATA agreement in the 2nd FPGA inside, and the 2nd FPGA works under the DMA pattern.
A described FPGA controls the 2nd FPGA by giving effective enable signal of the 2nd FPGA after receiving 32 correct keys, make its operate as normal.
Described encrypting-decrypting module adopts classical AES-128 cryptographic algorithm to carry out encrypt/decrypt, this module stores is in the 2nd ROM, simultaneously, the 2nd FPGA that links to each other with the 2nd ROM is connected between two IDE expansion interfaces, makes that data are to transmit with parallel ATA agreement in the 2nd FPGA.
Described IDE encipher hard disc is invisible before physical certifying, after physical certifying passes through, the one FPGA receives after 32 correct keys, when the one FPGA gives the effective enable signal of one of the 2nd FPGA, the one FPGA feeds back to rreturn value of main frame by pci controller, after host-initiated connection and the scanning hardware module, system could discern encrypted hard disk.
Described key handling module is a microcontroller, the one end links to each other with MEMS coded lock key output line and is used to receive key signal, the other end links to each other with a FPGA, after 32 keys all receive, pass to a FPGA, send by FPGA encrypting-decrypting module in a FPGA; The other end connect the PCI local bus be used at the MEMS coded lock locked, i.e. during password authentification failure, the output MEMS coded lock phase place that resets.
Described MEMS coded lock drives and authentication module is stored in the operating system hard disk of main frame, is used for driving under operating system environment the FPGA personality board that is used for physical certifying.And authentication function is provided, if authentication is passed through, can read this hard disk information; If the authentication error failure, the MEMS coded lock that resets resets to initial position, continues authentication next time.
Described connection and scanning hardware module are on the operating system hard disk that is installed in main frame under the non-encrypted state, and this module is to utilize the form of enumerating to detect the explorer memory field one by one, if there is hardware to change, just makes main frame correctly identify these changes.
Described pci controller mainly is made of the PCI control chip, is the bridge that connects pci bus and PCI local bus, and an end is connected with the main frame pci bus, and the other end connects a FPGA.
Described EEPROM PCI configuring chip directly links to each other with pci controller, is used for the PCI allocation interface controller, makes its operate as normal.
Described MEMS control module is cured among the continuous ROM of a FPGA, be used for receiving the password that main frame transmits by pci bus, then password is converted to the control signal that to control the coded lock operation, exports to the coded lock driving circuit by a FPGA then.
Described MEMS coded lock driving circuit is made up of 4 L6234 motor drive ics.Every L6234 drives a micromotor.
The described ROM that wipes is general erasable read-only memory with wiping the 2nd ROM, wherein a ROM connects with a FPGA, be used to solidify the MEMS control module, the 2nd ROM connects with the 2nd FPGA, be used to solidify encrypting-decrypting module, they dispose FPGA automatically after system powers on, make two fpga chip operate as normal.
Described IDE expansion interface is the IDE hard disk that connects the host id E interface and encrypted, and the realization data are followed IDE host-host protocol parallel transmission.
Described MEMS coded lock is a kind of encrypted physical device, and it solidifies 32 binary passwords with counter-intervention gear collection.On the axle of two mirror sign indicating number motors coupling mechanism is housed all.Designed the breach corresponding on its coupling disc with the hard disc enciphering system key.In its decode procedure, coupling mechanism produces a string signal, and the signal that produces in the mode of this physics is as the key of hard disc enciphering system.
The present invention uses the distinctive physical construction of MEMS coded lock to produce the key of HD encryption, participates in hard disc enciphering system with this key.Two hard disks are housed in the computing machine, and one is Primary Hard Drive, and operating system wherein is housed, and data are not done encryption, can directly read.Another piece is the IDE hard disk that will encrypt, and it links to each other with the mainboard ide interface by the FPGA personality board that is used for data encryption/decryption.This hard disk need be by the authentication of MEMS coded lock, if authentication is passed through, produce a string legitimate secret, the one FPGA of the FPGA personality board of this key by being used for physical certifying passes to the 2nd FPGA, and a FPGA gives effective enable signal of the 2nd FPGA, make the 2nd FPGA operate as normal, a FPGA gives rreturn value of main frame by pci controller simultaneously, main frame comes the rreturn value of FPGA feedback is judged, if rreturn value represents that password is correct, main frame is opened and is connected and the scanning hardware module, and encrypted like this IDE hard disk can be finished the encrypt/decrypt work to data just by system identification.
Compared with prior art, the invention has the beneficial effects as follows: MEMS coded lock and hard disc enciphering system are combined greatly strengthened security intensity.Wherein the MEMS coded lock adopts special physics password, and the probability that cracks one of has only 20,000,000 fens; The medium method of encrypting has been used in HD encryption, even hard disk is stolen, also can only be thought not formative hard disk by system on other machines, can't read correct information wherein.Simultaneously, the present invention adopts the personality board of two fpga chips for the basis, a responsible physical certifying, the encryption and decryption of responsible data, and remove to control another piece with a FPGA, between two chips effectively communication cooperate, improved message transmission rate.
Description of drawings
Fig. 1 is a structured flowchart of the present invention
Embodiment
Below in conjunction with accompanying drawing embodiments of the invention are elaborated: present embodiment is being to implement under the prerequisite with the technical solution of the present invention, provided detailed embodiment and concrete operating process, but protection scope of the present invention is not limited to following embodiment.
As shown in Figure 1, present embodiment comprises: driving of MEMS coded lock and authentication module, connection and scanning hardware module, the FPGA personality board that is used for physical certifying, the FPGA personality board that is used for data encryption/decryption and MEMS coded lock.
The described FPGA personality board that is used for physical certifying comprises: a FPGA, pci controller, EEPROM PCI configuring chip, an erasable ROM, MEMS coded lock driving circuit, MEMS control module, key handling module.
The described FPGA personality board that is used for data encryption/decryption comprises: the 2nd FPGA, can wipe the 2nd ROM, two IDE expansion interfaces, encrypting-decrypting module.
Driving of described MEMS coded lock and authentication module, connection and scanning hardware module are installed in the operating system hard disk of main frame, respectively by pci bus and SATA bus and two FPGA personality board connections.FPGA personality board one end that is used for physical certifying links to each other with the pci bus of main frame, and the other end connects with the MEMS coded lock, is subjected to the control of main frame; Be used for the ide interface on the FPGA personality board one termination main frame mainboard of encrypt/decrypt, another termination IDE hard disk, and the 2nd FPGA and a FPGA connect, and is subjected to the control of a FPGA.
MEMS coded lock encrypted card drive and authentication module with PCI agreement communication modes by a pci controller and a FPGA communication, EEPROM PCI configuring chip needs correct PCI allocation interface controller, EEPROM PCI configuring chip EEPROM PCI configuring chip is transferred to the MEMS control module with the control signal that the MEMS coded lock drives and authentication module sends, MEMS control module output control word drives the decoding of MEMS coded lock to MEMS coded lock driving circuit then, the MEMS coded lock produces key signal in the time of decoding, the MEMS coded lock produces key signal in the time of decoding, key handling module among the one FPGA reads the key signal that the MEMS coded lock is sent, correct judgment sign indicating number or error code, if obtain 32 correct sign indicating numbers, send key to the FPGA, the one FPGA gives effective enable signal of the 2nd FPGA, make the 2nd FPGA operate as normal, then key is passed to encrypting-decrypting module among the 2nd FPGA, a FPGA feeds back to rreturn value of main frame through pci controller simultaneously, host-initiated connects and the scanning hardware module, encrypted ide interface hard disk is by system identification, and hard disk information can correctly be read and write through encrypting-decrypting module; Error code arrives if misdeem, and sends phase place to the FPGA that resets by the key handling module, carries out MEMS coded lock homing action.
Described MEMS coded lock driving circuit is to be controlled by a FPGA, according to pass the PCI instruction of coming from pci controller, control the strong chain of MEMS that the back links to each other, MEMS coded lock driving circuit is made up of 4 L6234 motor drive ics, and every L6234 drives a micromotor.Wherein two is mirror sign indicating number motor, and sign indicating number reflects; Two other is the motor that resets, and is used for resetting of password mistake rear motor.
Described pci controller mainly is made of the PCI control chip, is the bridge that connects pci bus and PCI local bus, and an end is connected with the main frame pci bus, and the other end connects a FPGA.It is the passage of main frame and FPGA data and signal transmission, after powering on, has EEPROM PCI configuring chip that it is configured, and makes it can operate as normal.
A described FPGA and the 2nd FPGA are the cores of two personality board.The one FPGA connects pci controller and MEMS driving circuit, and it is responsible for physical certifying.Because the transmission quantity of data is little in the physical certifying, it is with the mode work of PIO; The 2nd FPGA two ends connect two IDE expansion interfaces being used on the encrypt/decrypt FPGA personality board, simultaneously storage encryption/deciphering module wipe the 2nd ROM and a FPGA also links with it, the 2nd ROM is responsible for controlling the encrypt/decrypt to reading and writing data.The one FPGA be responsible for when authentication by after to effective enable signal of the 2nd FPGA, make its operate as normal, and 32 keys that obtained passed to encrypting-decrypting module among the 2nd FPGA.Because the volume of transmitted data of this moment is bigger, this chip is worked under the DMA pattern.
Described EEPROM PCI configuring chip directly links to each other with a FPGA, is used for the PCI allocation interface controller, makes its operate as normal.
Described key handling module is a microcontroller, receives the key signal that coded lock key output line sends.The one end links to each other with coded lock key output line and is used to receive key signal; One end links to each other with a FPGA, after 32 keys all receive the key handling module, it passes to a FPGA to these 32 keys, the one FPGA gives effective enable signal of the 2nd FPGA, make the 2nd FPGA operate as normal, by a FPGA key is passed to second encrypting-decrypting module in the personality board then.Simultaneously, a FPGA, passes through if rreturn value is represented authentication to rreturn value of main frame feedback by pci controller, just starts to connect and the scanning hardware module, and the IDE hard disk that is used to encrypt is optionally carried out encrypt/decrypt work by system identification.
The described ROM that wipes is general erasable read-only memory with wiping the 2nd ROM, wherein a ROM connects with a FPGA, be used to solidify the MEMS control module, the 2nd ROM connects with the 2nd FPGA, be used to solidify encrypting-decrypting module, they dispose FPGA automatically after system powers on, make two fpga chip operate as normal.
Described data encryption/decryption module is solidificated among the 2nd ROM, after the 2nd FPGA obtains enable signal, the execution of acquiescence is kept at the module among the 2nd ROM, it adopts classical AES-128 cryptographic algorithm, to the data stream of main frame, carry out encryption/decryption process in the data transmission of read-write encrypt/decrypt IDE hard disk.When encipher hard disc was carried out write operation, main frame was passed to encrypting module to data by the 2nd FPGA, and after it being encrypted by the AES-128 cryptographic algorithm through the clear data of encrypting, being stored on the encipher hard disc is encrypt data.And when encipher hard disc is carried out read operation, be stored in the encrypt data on the encipher hard disc, and at first it is deciphered by the AES-128 algorithm, send main frame to by the 2nd FPGA again, the data that obtain this moment are through the clear data after the deciphering.The data stream of host side all is clear data all the time, so the data encryption/decryption module is transparent for main frame.
Described MEMS coded lock is a kind of encrypted physical device, it solidifies 32 binary passwords with counter-intervention gear collection, on the axle of two mirror sign indicating number motors coupling mechanism is housed all, designed the breach corresponding on its coupling disc with the hard disc enciphering system key, in its decode procedure, coupling mechanism produces a string signal, and the signal that produces in the mode of this physics is as the key of hard disc enciphering system.
Described MEMS coded lock drives and authentication module is stored in the operating system hard disk of main frame, is used for driving under operating system environment the FPGA personality board that is used for physical certifying.It is to use the MFC program of VC exploitation, debugging successfully the back is being installed under the non-encrypted environment on the main frame on the unencrypted operating system hard disk, after system opens, desktop can initiatively be jumped out a dialog box that requires the input password, behind the password input validation, main frame is passed to a FPGA with password by pci controller, provides authentication function under FPGA control, if authentication is passed through, can read this hard disk information; If the authentication error failure, the MEMS coded lock that resets resets to initial position, continues authentication next time.
Described connection and scanning hardware module stores are in the operating system hard disk of main frame, it is a MFC program of utilizing VC to write, whether module starts the back has hardware to change by the quick retrieve resources manager of the mode of enumerating memory field, if find to have new installed hardware, just start it and start working, the function of this module is that mode with software has realized " the scanning detection hardware is changed " in the manual click explorer in fact.Be used for after physical certifying passes through to the continuous effective enable signal of IDE expansion interface of main frame, make it operate as normal, scan the new installed hardware of main frame simultaneously, make and after system is by physical certifying, refresh explorer timely, the hard disk that system identification is encrypted, the stability of increase system.
When the present invention works, write driving of MEMS coded lock and authentication module and connection and scanning hardware module, under non-encrypted hard disk operation system environments, be loaded in the main frame, write simultaneously among the ROM and the 2nd ROM that MEMS control module and encrypting-decrypting module be cured to two personality board respectively, before carrying out the authentication of MEMS coded lock, the 2nd FPGA Enable Pin position is low, cisco unity malfunction, so encipher hard disc is invisible, after having only authentication procedure to pass through authentication, the one FPGA gives effective signal of Enable Pin of the 2nd FPGA, make the 2nd FPGA operate as normal, when main frame is received correct rreturn value, start connection and scanning hardware module, could in explorer, see the encipher hard disc drive, and read wherein data.Authentication procedure at first pop-up window requires the input password, behind the input password confirming, driving of MEMS coded lock and authentication module are with PCI agreement communication modes and the FPGA personality board communication that is used for physical certifying, EEPROM PCI configuring chip PCI allocation chip, make the pci bus instruction to be sent to the MEMS control module, carry out the action of mirror sign indicating number in order to drive the MEMS coded lock by MEMS coded lock driving circuit by the PCI chip.In the mirror sign indicating number, produce key signal by MEMS coded lock physical construction and transfer to FPGA key handling module.FPGA key handling module is when receiving a key signal, this key is preserved, and counter counts from zero, arrive next key signal arriving back zero clearing, and preserve, restart counting with preceding several keys, the key of these preservations and MEMS coded lock to walk the sign indicating number position consistent, overtime that time explanation runs into the dislocation sign indicating number when counter, can make the MEMS coded lock reset to initial position this moment according to the key that is write down.After the key handling module receives 32 passwords, illustrate that the key that obtains is correct.The key handling module is passed to key in the one FPGA, the one FPGA makes effective enable signal of the 2nd FPGA, make the 2nd FPGA operate as normal, a FPGA passes to the encrypting-decrypting module that the 2nd FPGA links to each other to 32 correct keys simultaneously, the one FPGA is when passing the 2nd FPGA key, give rreturn value of main frame by pci controller, host-initiated is connected and the scanning hardware module, the IDE hard disk of being encrypted is by system identification, the data encryption/decryption module is according to this secret key decryption hard disk information among the 2nd ROM that the 2nd FPGA links to each other, can correctly read data and accurately writing data thus; Also do not receive next key signal arriving if rolling counters forward exceeds the maximal value of setting, it is locked to illustrate that the MEMS coded lock runs into dislocation.At this moment the MEMS coded lock need reset, and the key handling module is according to the password position of being write down, and the output reset signal is to the MEMS control module, and the MEMS coded lock is oppositely walked sign indicating number and reset to initial phase, and the result is fed back to authentication module by pci controller.Authentification failure need be inputed password once more, authenticates again.When encipher hard disc uses first, after passing through, authentication also needs subregion and disk format under operating system environment, and make its partition table also do encryption, then could reading writing information.
Claims (8)
1, a kind of IDE hard disc physical enciphering system based on MEMS coded lock and double FPGA, comprise: driving of MEMS coded lock and authentication module, connection and scanning hardware module, the FPGA personality board that is used for physical certifying, the FPGA personality board that is used for data encryption/decryption and MEMS coded lock and IDE encipher hard disc is characterized in that:
The described FPGA personality board that is used for physical certifying comprises: a FPGA, pci controller, EEPROM PCI configuring chip, an erasable ROM, MEMS coded lock driving circuit, MEMS control module, key handling module;
The described FPGA personality board that is used for data encryption/decryption comprises: the 2nd FPGA, can wipe the 2nd ROM, two IDE expansion interfaces, encrypting-decrypting module;
Driving of above-mentioned MEMS coded lock and authentication module, connection and scanning hardware module are installed in the operating system hard disk of main frame, an end that is used for the FPGA personality board of physical certifying links to each other with main frame by pci bus, the other end connects with the MEMS coded lock, be subjected to the control of main frame, an end that is used for the FPGA personality board of data encryption/decryption connects the main frame mainboard by ide interface, other end connection ID E encipher hard disc, and the 2nd FPGA connects with a FPGA, is subjected to the control of a FPGA;
Described MEMS coded lock drives and authentication module carries out communication with PCI agreement communication modes and a FPGA and MEMS coded lock driving circuit;
There is storer described EEPROM PCI configuring chip inside, has the PCI driver, makes the pci controller can operate as normal;
Described pci controller is made of the PCI control chip, is the bridge that connects pci bus and PCI local bus, and an end is connected with the main frame pci bus, and the other end connects a FPGA;
EEPROM PCI configuring chip is transferred to the MEMS control module with the control signal that the MEMS coded lock drives and authentication module sends, MEMS control module output control word drives the decoding of MEMS coded lock to MEMS coded lock driving circuit then, and the MEMS coded lock produces key signal in the time of decoding;
Described key handling module reads the key signal that the MEMS coded lock is sent, and the correct judgment key or the arriving of false key if obtain 32 correct keys, send it to a FPGA;
A described FPGA receives 32 correct keys, give effective enable signal of the 2nd FPGA, make the 2nd FPGA operate as normal, a FPGA passes to the encrypting-decrypting module that links to each other with the 2nd FPGA to 32 correct keys then, give rreturn value of main frame by pci controller simultaneously, host-initiated is connected and the scanning hardware module, and the IDE encipher hard disc is by system identification; If the misjudgment key arrives, send phase place to the FPGA that resets by the key handling module and carry out MEMS coded lock homing action, simultaneously a wrong signal instruction of expression is passed to main frame;
A described ROM links to each other with a FPGA, and its inside solidification has the MEMS control module, and after system powered on, this module made a FPGA operate as normal, controlled the operation as requested of MEMS coded lock;
Described the 2nd ROM links to each other with the 2nd FPGA, and its inside solidification has encrypting-decrypting module, and after system powered on, this module was moved automatically, makes the 2nd FPGA operate as normal, and can be to the data based aes algorithm encrypt/decrypt through the 2nd FPGA;
Described two IDE expansion interfaces are the common ATA protocol of I DE interfaces that meet, and first is directly to be connected with the main frame mainboard, and another is a connection ID E encipher hard disc.
2, the IDE hard disc physical enciphering system based on MEMS coded lock and double FPGA according to claim 1, it is characterized in that, the described FPGA personality board that is used for physical certifying all is to be core with the fpga chip with the FPGA personality board that is used for data encryption/decryption, the FPGA personality board that is used for physical certifying is used for encrypted physical, the FPGA personality board that is used for data encryption/decryption is used for the encrypt/decrypt of data, two personality board both linked to each other by main frame, be subjected to host computer control, two personality board link to each other with the 2nd FPGA by a FPGA again, and a FPGA controls the 2nd FPGA.
3, the IDE hard disc physical enciphering system based on MEMS coded lock and double FPGA according to claim 1 and 2, it is characterized in that, a described FPGA one end links to each other with pci controller, and an end and MEMS driving circuit join, and it carries out data transmission under the PIO mode.
4, the IDE hard disc physical enciphering system based on MEMS coded lock and double FPGA according to claim 1 and 2, it is characterized in that, the two ends of described the 2nd FPGA link to each other with two IDE expansion interfaces on the FPGA personality board that is used for data encryption/decryption respectively, data are to transmit with parallel ATA agreement in the 2nd FPGA inside, and the 2nd FPGA works under the DMA pattern.
5, the IDE hard disc physical enciphering system based on MEMS coded lock and double FPGA according to claim 1, it is characterized in that, described encrypting-decrypting module adopts classical AES-128 cryptographic algorithm to carry out encrypt/decrypt, this module stores is in the 2nd ROM, simultaneously, the 2nd FPGA that links to each other with the 2nd ROM is connected between two IDE expansion interfaces, makes that data are to transmit with parallel ATA agreement in the 2nd FPGA.
6, the IDE hard disc physical enciphering system based on MEMS coded lock and double FPGA according to claim 1, it is characterized in that, described IDE encipher hard disc is invisible before physical certifying, after physical certifying passes through, the one FPGA receives after 32 correct keys, when the one FPGA gives the effective enable signal of one of the 2nd FPGA, the one FPGA feeds back to rreturn value of main frame by pci controller, after host-initiated connection and the scanning hardware module, system could discern encrypted hard disk.
7, according to claim 1 or 7 described IDE hard disc physical enciphering systems based on MEMS coded lock and double FPGA, it is characterized in that, described connection and scanning hardware module, be on the operating system hard disk that is installed in main frame under the non-encrypted state, this module is to utilize the form of enumerating to detect the explorer memory field one by one, if have hardware to change, just make main frame correctly identify these changes.
8, the IDE hard disc physical enciphering system based on MEMS coded lock and double FPGA according to claim 1, it is characterized in that, described key handling module is a microcontroller, and the one end links to each other with MEMS coded lock key output line and is used to receive key signal, and the other end links to each other with a FPGA.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB2008100381826A CN100559355C (en) | 2008-05-29 | 2008-05-29 | IDE hard disc physical enciphering system based on MEMS coded lock and double FPGA |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB2008100381826A CN100559355C (en) | 2008-05-29 | 2008-05-29 | IDE hard disc physical enciphering system based on MEMS coded lock and double FPGA |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101281503A CN101281503A (en) | 2008-10-08 |
| CN100559355C true CN100559355C (en) | 2009-11-11 |
Family
ID=40013986
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNB2008100381826A Expired - Fee Related CN100559355C (en) | 2008-05-29 | 2008-05-29 | IDE hard disc physical enciphering system based on MEMS coded lock and double FPGA |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN100559355C (en) |
Families Citing this family (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101699915B (en) * | 2009-10-13 | 2015-01-28 | 中兴通讯股份有限公司 | Mainboard, method for realizing network locking/ card locking function and mobile terminal |
| CN102279916A (en) * | 2011-09-08 | 2011-12-14 | 深圳市中威讯安科技开发有限公司 | Safety tablet computer |
| US9779262B2 (en) * | 2015-04-20 | 2017-10-03 | Qualcomm Incorporated | Apparatus and method to decrypt file segments in parallel |
| CN110113147A (en) * | 2019-04-11 | 2019-08-09 | 深圳市致宸信息科技有限公司 | A kind of digital encryption device and method |
| CN116597874A (en) * | 2023-05-13 | 2023-08-15 | 汇钜电科(东莞)实业有限公司 | Mobile hard disk with built-in static discharge sheet and method for preventing static accumulation |
-
2008
- 2008-05-29 CN CNB2008100381826A patent/CN100559355C/en not_active Expired - Fee Related
Non-Patent Citations (2)
| Title |
|---|
| 基于FPGA芯片的硬盘数据加密设计与实现. 张新家等.西北工业大学学报,第22卷第2期. 2004 |
| 基于FPGA芯片的硬盘数据加密设计与实现. 张新家等.西北工业大学学报,第22卷第2期. 2004 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN101281503A (en) | 2008-10-08 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101281502B (en) | SATA hard disc physical enciphering system based on MEMS enciphered lock and double FPGA | |
| CN102110319B (en) | Wireless code hopping system, device and method for remote control door lock | |
| US7861015B2 (en) | USB apparatus and control method therein | |
| CN100559355C (en) | IDE hard disc physical enciphering system based on MEMS coded lock and double FPGA | |
| CN107563213B (en) | Safety secrecy control device for preventing data extraction of storage equipment | |
| CN107332671A (en) | A kind of safety mobile terminal system and method for secure transactions based on safety chip | |
| CN102831346B (en) | A kind of file protecting system carries out the method for file encryption-decryption | |
| CN102959554A (en) | Storage device and method for storage state recovery | |
| US20150278552A1 (en) | Information handling of access security | |
| CN101291244B (en) | Network security management method and system thereof | |
| CN104123769A (en) | Locking and unlocking control method of safe smart lock | |
| CN101770559A (en) | Data protecting device and data protecting method | |
| CN116070241A (en) | Mobile hard disk encryption control method | |
| CN101398790A (en) | Merging external nvram with full disk encryption | |
| CN100552649C (en) | Hard disc enciphering system based on MEMS coded lock and FPGA | |
| CN100394502C (en) | Hard disk encryption system based on MEMS cipher lock | |
| WO2007094763A2 (en) | Data security including real-time key generation | |
| CN101788957A (en) | Encrypting device and method of storage equipment | |
| CN104346586A (en) | Self-destructive data protection storage device and self-destructive data protection method | |
| CN101883357A (en) | Method, device and system for mutual authentication between terminal and intelligent card | |
| CN101127013A (en) | Enciphered mobile storage apparatus and its data access method | |
| CN100573479C (en) | Mobile hard disc enciphering system based on strong chain of MEMS and FPGA technology | |
| CN101281499B (en) | Mobile hard disc enciphering system of FPGA control MEMS strong chain | |
| CN114340051B (en) | Portable gateway based on high-speed transmission interface | |
| CN100583061C (en) | Mobile hard disc enciphering system of SCM controlling MEMS strong chain |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| C17 | Cessation of patent right | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20091111 Termination date: 20120529 |