CN101540191A - Real-time encrypted U disk and high speed encryption-decryption method - Google Patents

Real-time encrypted U disk and high speed encryption-decryption method Download PDF

Info

Publication number
CN101540191A
CN101540191A CN200910030684A CN200910030684A CN101540191A CN 101540191 A CN101540191 A CN 101540191A CN 200910030684 A CN200910030684 A CN 200910030684A CN 200910030684 A CN200910030684 A CN 200910030684A CN 101540191 A CN101540191 A CN 101540191A
Authority
CN
China
Prior art keywords
fifo buffer
buffer area
logical address
algorithm module
control bit
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN200910030684A
Other languages
Chinese (zh)
Other versions
CN101540191B (en
Inventor
王忠海
林雄鑫
肖佐楠
郑茳
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
CCore Technology Suzhou Co Ltd
Original Assignee
CCore Technology Suzhou Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by CCore Technology Suzhou Co Ltd filed Critical CCore Technology Suzhou Co Ltd
Priority to CN2009100306849A priority Critical patent/CN101540191B/en
Publication of CN101540191A publication Critical patent/CN101540191A/en
Application granted granted Critical
Publication of CN101540191B publication Critical patent/CN101540191B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Abstract

The invention relates to a real-time encrypted U disk and a high speed encryption-decryption method. The real time encrypted U disk comprises a USB interface (106), a flash memory (108), a flash memory controller (107), a cryptographic algorithm module (102), an internal memory (103), a CPU (104), an FIFO buffer and an FIFO controller (101). the invention utilizes the alternation enabling a second control bit (202) and a third control bit (203) in the FIFO controller (101) to switch over the logic addresses of the USB interface (106), the cryptographic algorithm module (102) and the flash memory controller (107) and the mapping relations between the physical addresses of a first FIFO buffer area (109), a second FIFO buffer area (110) and a third FIFO buffer area (111), so that the first FIFO buffer area (109), the second FIFO buffer area (110) and the third FIFO buffer area (111) take turns to concurrently work with the USB interface (106), the cryptographic algorithm module (110) and the flash memory controller (107) and transmit data batches between a host computer (20) and the flash memory (108), and therefore, the encryption-decryption speed of data is improved.

Description

Real-time encrypted U disk and high-speed encryption and decryption method
Technical field
The present invention relates to a kind of real-time encrypted U disk and high-speed encryption and decryption method, particularly the method for the design of deciphering chip and raising chip data encryption/decryption speed in the USB flash disk belongs to information security encryption technology field.
Background technology
Nowadays movable storage device is widely used, and USB flash disk also has generally use with its portable characteristics in the concerning security matters system.The data of movable storage device are encrypted the safety that can effectively ensure digital asset information, it is not obtained by the disabled user, this has become common recognition.
Nowadays, the exponential increase of the data volume of handling along with needs needs data quantity stored also increasing by on a year-on-year basis on the USB flash disk, and this proposes requirements at the higher level to the cryptographic means and the mode of USB flash disk on the one hand, also the encryption/decryption speed of USB flash disk has been proposed severe challenge simultaneously.At present, the slow-footed reason of USB flash disk data encryption is that mainly existing USB flash disk is encrypted in the parallel processing of not accomplishing data stream read-write process and encryption and decryption process on the system architecture, therefore is presented as that on the data line of USB flash disk flash memory data stream has the situation of " cutout ".On cipher mode and means, the available data encryption method biases toward method of managing software more, the shortcoming of method of managing software is to be kept at the really encryption or just process simple encryption of data on the USB flash disk flash memory, in case the USB flash disk flash memory is taken out, can read or crack top data content by technical method from USB flash disk.
Above problem is all had higher requirement to data encrypting and deciphering transmission speed, cryptographic means and the mode of encrypted U disk for big data quantity being stored into USB flash disk, need more adding close means and the more current demand of flexi mode.
Summary of the invention
The invention provides a kind of real-time encrypted U disk and high-speed encryption and decryption method, purpose is intended to solve technological deficiencies such as existing USB flash disk device data encryption/decryption speed is slow, the data encryption mode is simple, cryptographic means is limited.
For achieving the above object, the technical scheme that real-time encrypted U disk of the present invention adopts is: a kind of real-time encrypted U disk comprises:
USB interface, this interface are the USB interface that is used to connect main frame, realize writing data from the main frame sense data or to main frame;
Flash memory is used to store data;
Flash controller is used to control the interface signal of flash memory, realizes writing data from the flash memory sense data or to flash memory;
Internal storage, the firmware or the start boot (BootLoader) that are used to store described real-time encrypted U disk;
CPU is used to carry out the instruction of the firmware input that is stored on the internal storage, finishes control and management to described real-time encrypted U disk;
Enciphering algorithm module is used to encrypt the encrypt data that the original text data of reading from main frame and deciphering are read from flash memory, realizes the high-speed encryption and decryption of data stream;
The FIFO buffer, this buffer has a FIFO buffer area, the 2nd FIFO buffer area and the 3rd FIFO buffer area, when described real-time encrypted U disk initialization, the logical address of USB interface is distributed to a FIFO buffer area, the logical address of enciphering algorithm module is distributed to the 2nd FIFO buffer area, and the logical address of flash controller is distributed to the 3rd FIFO buffer area;
Fifo controller, constitute by register, this register is provided with three control bits, wherein, after enabling, first control bit make the logical address of USB interface and the logical address of flash controller exchange, make the logical address of USB interface and the logical address of enciphering algorithm module exchange after second control bit enables, make the logical address of flash controller and the logical address of enciphering algorithm module exchange after the 3rd control bit enables;
CPU is connected by bus with flash controller with enciphering algorithm module, fifo controller, internal storage, FIFO buffer, USB interface respectively.
For achieving the above object, the technical scheme that high-speed encryption and decryption method of the present invention adopts is: a kind of high-speed encryption and decryption method of real-time encrypted U disk, carry out in write operation or the read operation process to flash memory at main frame, that utilizes second control bit and the 3rd control bit in the fifo controller alternately enables to switch USB interface, the logical address of enciphering algorithm module and flash controller, with a FIFO buffer area, mapping relations between the physical address of the 2nd FIFO buffer area and the 3rd FIFO buffer area, make a FIFO buffer area, the 2nd FIFO buffer area and the 3rd FIFO buffer area are followed USB interface in turn, enciphering algorithm module and flash controller concurrent working, Data transmission batch between main frame and flash memory, wherein, alternately the enabling since second control bit of described second control bit and the 3rd control bit during write operation, described second control bit and the 3rd control bit alternately enables since the 3rd control bit during read operation.
Related content in the technique scheme is explained as follows:
1, in the such scheme, described " USB interface " is USB interface.The full name of USB is UniversalSerial Bus, and USB supports hot plug, and the advantage of plug and play is so USB interface has become a kind of interface mode of standard.USB has two standards, i.e. USB1.1 and USB2.0.USB 1.1 is present comparatively general USB standards, and the USB2.0 standard is developed by the USB1.1 standard.Its transfer rate has reached 480Mbps, converts to MB is 60MB/s, is enough to satisfy the rate requirement of most of peripheral hardwares.In the present invention, USB interface is used to connect main frame, and USB interface selects USB1.1 or USB2.0 all can use, and wherein USB2.0 is better.
2, in the such scheme, described " a kind of real-time encrypted U disk " can also be provided with communication I/O module, and communication I/O module is connected with described CPU is two-way by bus, and external communications equipment can be connected with real-time encrypted U disk is two-way by communication I/O module.The real-time encryption and decryption process fully can be according to requirement of actual application, by being kept at the information in the internal storage or controlling by communication I/O module by external communications equipment, information in the internal storage can be upgraded by communication I/O module by external communications equipment, has realized multiple and cryptographic means flexibly.
3, in the such scheme, described " FIFO buffer " is a kind of data-carrier store, is used to store data.FIFO is the abbreviation of English First In First Out, it is a kind of data buffer of first in first out, the difference of it and normal memory is not have the exterior read-write address wire, use very simple like this, but shortcoming can only write data exactly in proper order, the sense data of order, its data address add 1 automatically by inside read-write pointer to be finished, can not that works reads or write the address of certain appointment by the address wire decision as normal memory.
4, in the such scheme, described " firmware " is exactly to write E (Firmware) 2ROM or E 2Program among the PROM (programmable read only memory), popular understanding are exactly " software of curing ".Different fully with common software, it is the program code that is solidificated in IC interior, is responsible for the function of control and coordination integrated circuit.
5, in the such scheme, described " fifo controller " is to be used to manage the pairing FIFO buffer of USB interface, cryptographic algorithm tube module and flash controller, be a FIFO buffer area, the 2nd FIFO buffer area and the 3rd FIFO buffer area in the FIFO buffer, finish the transfer of data.Be provided with three control bits in the fifo controller, first control bit is used for transparent operation between main frame and the flash memory, promptly enable data flow operations between this control bit aft engine and the flash memory without encrypting or deciphering, but directly the data in the main frame are write flash memory, or direct sense data from flash memory.This control bit generally uses under the situation that data are encrypted not needing.When encrypting or decipher, the data of transmitting to use second control bit and the 3rd control bit between need be to main frame and flash memory.
6, in the such scheme, described " enciphering algorithm module " is the module that is used to encrypt original text data or decrypting ciphertext data.The algorithm that enciphering algorithm module adopts can comprise RSA, DES, 3DES, SHA etc. or self-defining code encoding/decoding mode.Cryptographic algorithm can also be replenished from the outside by communication I/O module.
In a word, real-time encrypted U disk of the present invention adopts the hardware encipher algoritic module that data stream is encrypted, and the space that has guaranteed secret key and storage data isolates and to the encryption fully of data in the flash memory; Adopt fifo controller to switch the logical address of USB interface, enciphering algorithm module and flash controller simultaneously, and the mapping relations between the physical address of a FIFO buffer area, the 2nd FIFO buffer area and the 3rd FIFO buffer area reach the parallel processing of USB interface, enciphering algorithm module, flash controller data stream.Need be when main frame be write flash memory when data, carry out real-time encryptedly, and data encrypted is write in the memory block of flash memory; When data need be read or use, will call corresponding decipherment algorithm module according to configuration the data that needs read will be carried out real time decrypting, send host side then to and use.
Because the technique scheme utilization, the present invention compared with prior art has following advantage and effect:
1, the present invention has overcome technological deficiencies such as data encrypting and deciphering speed is slow between existing main frame and the USB flash disk, the data encryption mode is simple, cryptographic means is limited.What particularly the present invention utilized second control bit and the 3rd control bit in the fifo controller in real-time encrypted U disk alternately enables to switch USB interface, the logical address of enciphering algorithm module and flash controller, with a FIFO buffer area, mapping relations between the physical address of the 2nd FIFO buffer area and the 3rd FIFO buffer area, make a FIFO buffer area, the 2nd FIFO buffer area and the 3rd FIFO buffer area are followed USB interface in turn, enciphering algorithm module and flash controller concurrent working, Data transmission batch between main frame and flash memory, thus the encryption/decryption speed of data improved.
2, the present invention can also set up the twice safety curtain when guaranteeing data encrypting and deciphering speed, and one is because the operating system of flash memory is also encrypted, and the person can think that USB flash disk is a blank panel by mistake to obtain the real-time encrypted U disk, and the information of depositing in can be hidden; Its two, even illegally obtain real-time encrypted U disk, if there is not key also can't read clear data in the USB flash disk.
3, can carry out communication with external unit owing to real-time encrypted U disk of the present invention has increased communication I/O module, and then, strengthen the confidentiality of data message for the safe handling mode of real-time encrypted U disk provides multiple possibility.
Description of drawings
Accompanying drawing 1 is the system principle block scheme of real-time encrypted U disk of the present invention;
Accompanying drawing 2 is the register principle schematic of fifo controller of the present invention;
Accompanying drawing 3 is fashionable for the data flow flash memory write in the real-time encrypted U disk of the present invention, and a FIFO buffer area, the 2nd FIFO buffer area and the 3rd FIFO buffer area are followed USB interface, enciphering algorithm module and flash controller concurrent working synoptic diagram in turn;
Accompanying drawing 4 for the data stream in the real-time encrypted U disk of the present invention when flash memory is read, a FIFO buffer area, the 2nd FIFO buffer area and the 3rd FIFO buffer area are followed USB interface, enciphering algorithm module and flash controller concurrent working synoptic diagram in turn.
In the above accompanying drawing: 10, real-time encrypted U disk; 20, main frame; 30, external communications equipment; 101, fifo controller; 102, enciphering algorithm module; 103, internal storage; 104, CPU; 105, communication I/O module; 106, USB interface; 107, flash controller; 108, flash memory; 109, a FIFO buffer area; 110, the 2nd FIFO buffer area; 111, the 3rd FIFO buffer area; 201, first control bit; 202, second control bit; 203, the 3rd control bit.
Embodiment
Below in conjunction with drawings and Examples the present invention is further described:
Embodiment: a kind of real-time encrypted U disk
When main frame 20 writes data to real-time encrypted U disk 10 are ciphering process, are decrypting processes from real-time encrypted U disk 10 sense datas.Concrete encryption and decryption process fully can be according to requirement of actual application, by being kept at the firmware in the internal storage 103 or being controlled by external communications equipment 30.
Fig. 1 is the system principle block scheme of real-time encrypted U disk of the present invention.As can be seen from Figure 1, real-time encrypted U disk of the present invention is made up of usb 1 06, flash controller 107, enciphering algorithm module 102, internal storage 103, CPU 104, FIFO buffer, fifo controller 101 and communication I/O module 105, and CPU 104 is connected by bus with enciphering algorithm module 102, fifo controller 101, internal storage 103, FIFO buffer, usb 1 06, flash controller 107 and communication I/O module 105 respectively.Wherein:
Usb 1 06 is used to connect main frame 20, realizes writing data from main frame 20 sense datas or to main frame 20.Usb 1 06 relative main frame 20 can be selected USB1.1 interface or USB2.0 interface for from establishing, but adopts the USB2.0 interface better in order to adapt to high-speed encryption and decryption.
Flash controller 107 is used to control the interface signal of flash memory 108, realizes writing data from flash memory 108 sense datas or to flash memory 108.
Enciphering algorithm module 102 is used to encrypt the encrypt data that the original text data of reading from main frame 20 and deciphering are read from flash memory 108.This part content can adopt prior art, and in present embodiment, enciphering algorithm module 102 comprises:
1) algoritic module group.This algoritic module group is made up of at least a algoritic module, and each algoritic module is used for data are carried out the encryption and decryption computing of algorithms of different, and wherein algorithm can comprise RSA, DES, 3DES, SHA etc. or self-defining code encoding/decoding mode.
2) control/status register group.This control/status register group is made up of control register and status register, and status register is used to reflect the status information of enciphering algorithm module 102; Control register is used to define following content:
Which kind of algoritic module A, definition select carry out the encryption and decryption computing;
B, definition encryption and decryption data amount;
C, interrupt configuration is set;
D, definition starting algorithm module are encrypted and are separated enabling of computing.
3) algoritic module controller.This algoritic module controller is used to control the encryption and decryption process and the control data read-write operation of selected algoritic module, after finishing data encrypting and deciphering, sends look-at-me to interruptable controller.Described algoritic module controller is connected with control/the status register group is two-way with the algoritic module group respectively, and control/status register group is with system bus or peripheral bus is two-way is connected.
Internal storage 103 is used to store the firmware or the start boot (BootLoader) of described real-time encrypted U disk 10.
CPU 105 is used to carry out the firmware that is stored on the internal storage 103 as embedded central processing unit or carries out from the instruction of communication I/O module 105 inputs, finishes control and management to real-time encrypted U disk 10.
The FIFO buffer is that corresponding usb 1 06, flash controller 107 and enciphering algorithm module 102 set data-carrier stores are used to store data, and FIFO is the data-carrier store from a fixed address read-write.The FIFO buffer has a FIFO buffer area 109, the 2nd FIFO buffer area 110 and the 3rd FIFO buffer area 111 among the present invention.When real-time encrypted U disk 10 initialization, the logical address of usb 1 06 is distributed to a FIFO buffer area 109, the logical address of enciphering algorithm module 102 is distributed to the 2nd FIFO buffer area 110, and the logical address of flash controller 107 is distributed to the 3rd FIFO buffer area 111.
Fifo controller 101 is used to manage usb 1 06, flash controller 107 and enciphering algorithm module 102 pairing FIFO buffers, be a FIFO buffer area 109, the 2nd FIFO buffer area 110 and the 3rd FIFO buffer area 111 in the FIFO buffer, finish the transfer of data.Fifo controller 101 is made of register, referring to shown in Figure 2, this register is provided with three control bits, wherein, after enabling, first control bit 201 make the logical address of usb 1 06 and the logical address of flash controller 107 exchange, make the logical address of usb 1 06 and the logical address of enciphering algorithm module 102 exchange after second control bit 202 enables, make the logical address of flash controller 107 and the logical address of enciphering algorithm module 102 exchange after the 3rd control bit 203 enables.First control bit 201 is used for transparent operation between main frame 20 and the flash memory 108, promptly enable data flow operations between first control bit, 201 aft engines 20 and the flash memory 108 without encrypting or deciphering, the but directly data in the main frame 20 are write flash memory 108, or direct sense data from flash memory 108.This control bit generally uses under the situation that data are encrypted not needing.Need use second control bit 202 and the 3rd control bit 203 when the data of transmission are encrypted or deciphered between need be to main frame 20 and flash memory 108.
Communication I/O module 107 is used for the communication with external communications equipment 30, realizes obtaining instruction or data download from external communications equipment 30.
The high-speed encryption and decryption method of present embodiment real-time encrypted U disk is: carry out in write operation or the read operation process to flash memory 108 at main frame 20, that utilizes second control bit 202 and the 3rd control bit 203 in the fifo controller 101 alternately enables to switch usb 1 06, the logical address of enciphering algorithm module 102 and flash controller 107, with a FIFO buffer area 109, mapping relations between the physical address of the 2nd FIFO buffer area 110 and the 3rd FIFO buffer area 111, make a FIFO buffer area 109, the 2nd FIFO buffer area 110 and the 3rd FIFO buffer area 111 are followed usb 1 06 in turn, enciphering algorithm module 102 and flash controller 107 concurrent workings, Data transmission batch between main frame 20 and flash memory 108, wherein, alternately the enabling since second control bit 202 of described second control bit 202 and the 3rd control bit 203 during write operation, described second control bit 202 and the 3rd control bit 203 alternately enables since the 3rd control bit 203 during read operation.
A FIFO buffer area 109, the 2nd FIFO buffer area 110 and the 3rd FIFO buffer area 111 were followed usb 1 06, enciphering algorithm module 102 and flash controller 107 concurrent working synoptic diagram in turn when Fig. 3 and Fig. 4 provided data stream respectively and write and read.To be described respectively Fig. 3 and Fig. 4 below:
As shown in Figure 3, when real-time encrypted U disk 10 initialization, the one FIFO buffer area 109 points to the logical address of usb 1 06, and the 2nd FIFO buffer area 110 points to the logical address of enciphering algorithm module 102, and the 3rd FIFO buffer area 111 points to the logical address of flash controller 107.The one FIFO buffer area 109, the 2nd FIFO buffer area 110 and the 3rd FIFO buffer area 111 all are empty (using " blank " expression among the figure respectively).
When main frame 20 carries out work according to the following steps when real-time encrypted U disk 10 carries out write operation:
Step 1: main frame 20 is imported first original text data (a FIFO buffer area 109 is become " filling oblique line " among the figure by " blank ") by usb 1 06 to a FIFO buffer area 109; Enciphering algorithm module 102 inoperation, the 2nd FIFO buffer area 110 are empty (representing with " blank " among the figure); Flash controller 107 inoperation, the 3rd FIFO buffer area 111 are empty (representing with " blank " among the figure).
Step 2: second control bit 202 enables, make the logical address of usb 1 06 and the logical address of enciphering algorithm module 102 exchange, at this moment, the one FIFO buffer area 109 points to enciphering algorithm module 102, the 2nd FIFO buffer area 110 points to usb 1 06, to the 2nd FIFO buffer area 110 input second batch of original text data (the 2nd FIFO buffer area 110 is become " filling oblique line " among the figure by " blank "), encrypt and obtain first encrypt data (a FIFO buffer area 109 becomes " filling black " by " filling oblique line " among the figure) simultaneously by first original text data in 102 pairs the one FIFO buffer areas 109 of enciphering algorithm module by usb 1 06 for main frame 20 then.Flash controller 107 inoperation, the 3rd FIFO buffer area 111 are empty (representing with " blank " among the figure).
Step 3: the 3rd control bit 203 enables earlier, make the logical address of flash controller 107 and the logical address of enciphering algorithm module 102 exchange, then second control bit 202 enables again, make the logical address of usb 1 06 and the logical address of enciphering algorithm module 102 exchange, at this moment, the one FIFO buffer area 109 points to flash controller 107, the 2nd FIFO buffer area 110 points to enciphering algorithm module 102, the 3rd FIFO buffer area 111 points to usb 1 06, main frame 20 is imported the 3rd batch of original text data (the 3rd FIFO buffer area 111 is become " filling oblique line " among the figure by " blank ") by usb 1 06 to the 3rd FIFO buffer area 111 then, second batch of original text data in 102 pairs the 2nd FIFO buffer areas 110 of enciphering algorithm module are encrypted and are obtained second batch of encrypt data (the 2nd FIFO buffer area 110 becomes " filling black " by " filling oblique line " among the figure), and a FIFO buffer area 109 is exported first encrypt datas (a FIFO buffer area 109 becomes " blank " by " filling black " among the figure) by flash controller 107 to flash memory 108 simultaneously.
Step 4: the 3rd control bit 203 enables earlier, make the logical address of flash controller 107 and the logical address of enciphering algorithm module 102 exchange, then second control bit 202 enables again, make the logical address of usb 1 06 and the logical address of enciphering algorithm module 102 exchange, at this moment, the one FIFO buffer area 109 points to usb 1 06, the 2nd FIFO buffer area 110 points to flash controller 107, the 3rd FIFO buffer area 111 points to enciphering algorithm module 102, main frame 20 is imported the 4th batch of original text data (a FIFO buffer area 109 is become " filling oblique line " among the figure by " blank ") by usb 1 06 to a FIFO buffer area 109 then, the 3rd batch of original text data in 102 pairs the 3rd FIFO buffer areas 111 of enciphering algorithm module are encrypted and are obtained the 3rd batch of encrypt data (the 3rd FIFO buffer area 111 becomes " filling black " by " filling oblique line " among the figure), and the 2nd FIFO buffer area 110 is exported second batch of encrypt data (the 2nd FIFO buffer area 110 becomes " blank " by " filling black " among the figure) by flash controller 107 to flash memory 108 simultaneously.
Step 5: the 3rd control bit 203 enables earlier, make the logical address of flash controller 107 and the logical address of enciphering algorithm module 102 exchange, then second control bit 202 enables again, make the logical address of usb 1 06 and the logical address of enciphering algorithm module 102 exchange, at this moment, the one FIFO buffer area 109 points to enciphering algorithm module 102, the 2nd FIFO buffer area 110 points to usb 1 06, the 3rd FIFO buffer area 111 points to flash controller 107, main frame 20 is imported the 5th batch of original text data (the 2nd FIFO buffer area 110 is become " filling oblique line " among the figure by " blank ") by usb 1 06 to the 2nd FIFO buffer area 110 then, the 4th batch of original text data in 102 pairs the one FIFO buffer areas 109 of enciphering algorithm module are encrypted and are obtained the 4th batch of encrypt data (a FIFO buffer area 109 becomes " filling black " by " filling oblique line " among the figure), and the 3rd FIFO buffer area 111 is exported the 3rd batch of encrypt datas (the 3rd FIFO buffer area 111 becomes " blank " by " filling black " among the figure) by flash controller 107 to flash memory 108 simultaneously; Turn back to step 3 then, constitute circulation, till the to the last a collection of encrypt data output with this.
As shown in Figure 4, when real-time encrypted U disk 10 initialization, the one FIFO buffer area 109 points to the logical address of usb 1 06, and the 2nd FIFO buffer area 110 points to the logical address of enciphering algorithm module 102, and the 3rd FIFO buffer area 111 points to the logical address of flash controller 107.The one FIFO buffer area 109, the 2nd FIFO buffer area 110 and the 3rd FIFO buffer area 111 all are empty (using " blank " expression among the figure respectively).
When main frame 20 carries out work according to the following steps when real-time encrypted U disk 10 carries out read operation:
Step 1: flash memory 108 is imported first encrypt datas (the 3rd FIFO buffer area 111 is become " filling black " among the figure by " blank ") by flash controller 107 to the 3rd FIFO buffer area 111; Enciphering algorithm module 102 inoperation, the 2nd FIFO buffer area 110 are empty (representing with " blank " among the figure); Usb 1 06 inoperation, a FIFO buffer area 109 are empty (representing with " blank " among the figure).
Step 2: the 3rd control bit 203 enables, make the logical address of flash controller 107 and the logical address of enciphering algorithm module 102 exchange, at this moment, the 2nd FIFO buffer area 110 points to flash controller 107, the 3rd FIFO buffer area 111 points to enciphering algorithm module 102, to the 2nd FIFO buffer area 110 input second batch of encrypt data (the 2nd FIFO buffer area 110 is become " filling black " among the figure by " blank "), first encrypt data in 102 pairs the 3rd FIFO buffer areas 111 of enciphering algorithm module is decrypted and obtains first original text data (the 3rd FIFO buffer area 111 becomes " filling oblique line " by " filling black " among the figure) flash memory 108 simultaneously by flash controller 107 then.Usb 1 06 inoperation, a FIFO buffer area 109 are empty (representing with " blank " among the figure).
Step 3: second control bit 202 enables earlier, make the logical address of usb 1 06 and the logical address of enciphering algorithm module 102 exchange, then the 3rd control bit 203 enables again, make the logical address of flash controller 107 and the logical address of enciphering algorithm module 102 exchange, at this moment, the one FIFO buffer area 109 points to flash controller 107, the 2nd FIFO buffer area 110 points to enciphering algorithm module 102, the 3rd FIFO buffer area 111 points to usb 1 06, flash memory 108 is imported the 3rd batch of encrypt datas (a FIFO buffer area 109 is become " filling black " among the figure by " blank ") by flash controller 107 to a FIFO buffer area 109 then, second batch of encrypt data in 102 pairs the 2nd FIFO buffer areas 110 of enciphering algorithm module is decrypted and obtains second batch of original text data (the 2nd FIFO buffer area 110 becomes " filling oblique line " by " filling black " among the figure), and the 3rd FIFO buffer area 111 is exported first original text data (the 3rd FIFO buffer area 111 becomes " blank " by " filling oblique line " among the figure) by usb 1 06 to main frame 20 simultaneously.
Step 4: second control bit 202 enables earlier, make the logical address of usb 1 06 and the logical address of enciphering algorithm module 102 exchange, then the 3rd control bit 203 enables again, make the logical address of flash controller 107 and the logical address of enciphering algorithm module 102 exchange, the one FIFO buffer area 109 points to enciphering algorithm module 102, the 2nd FIFO buffer area 110 points to usb 1 06, the 3rd FIFO buffer area 111 points to flash controller 107, flash memory 108 is imported the 4th batch of encrypt datas (the 3rd FIFO buffer area 111 is become " filling black " among the figure by " blank ") by flash controller 107 to the 3rd FIFO buffer area 111 then, the 3rd batch of encrypt data in 102 pairs the one FIFO buffer areas 109 of enciphering algorithm module is decrypted and obtains the 3rd batch of original text data (a FIFO buffer area 109 becomes " filling oblique line " by " filling black " among the figure), and the 2nd FIFO buffer area 110 is exported second batch of original text data (the 2nd FIFO buffer area 110 becomes " blank " by " filling oblique line " among the figure) by usb 1 06 to main frame 20 simultaneously.
Step 5: second control bit 202 enables earlier, make the logical address of usb 1 06 and the logical address of enciphering algorithm module 102 exchange, then the 3rd control bit 203 enables again, make the logical address of flash controller 107 and the logical address of enciphering algorithm module 102 exchange, at this moment, the one FIFO buffer area 109 points to usb 1 06, the 2nd FIFO buffer area 110 points to flash controller 107, the 3rd FIFO buffer area 111 points to enciphering algorithm module 102, flash memory 108 is imported the 5th batch of encrypt datas (the 2nd FIFO buffer area 110 is become " filling black " among the figure by " blank ") by flash controller 107 to the 2nd FIFO buffer area 110 then, the 4th batch of encrypt data in 102 pairs the 3rd FIFO buffer areas 111 of enciphering algorithm module is decrypted and obtains the 4th batch of original text data (the 3rd FIFO buffer area 111 becomes " filling oblique line " by " filling black " among the figure), and a FIFO buffer area 109 is exported the 3rd batch of original text data (a FIFO buffer area 109 becomes " blank " by " filling oblique line " among the figure) by usb 1 06 to main frame 20 simultaneously; Turn back to step 3 then, constitute circulation, till the to the last a collection of original text data output with this.
The foregoing description only is explanation technical conceive of the present invention and characteristics, and its purpose is to allow the personage who is familiar with this technology can understand content of the present invention and enforcement according to this, can not limit protection scope of the present invention with this.All equivalences that spirit is done according to the present invention change or modify, and all should be encompassed within protection scope of the present invention.

Claims (4)

1, a kind of real-time encrypted U disk comprises:
USB interface (106), this interface is realized writing data from main frame (20) sense data or to main frame (20) for being used to connect the USB interface of main frame (20);
Flash memory (108) is used to store data;
Flash controller (107) is used to control the interface signal of flash memory (108), realizes writing data from flash memory (108) sense data or to flash memory (108);
Internal storage (103), the firmware or the start boot (BootLoader) that are used to store described real-time encrypted U disk (10);
CPU (104) is used for carrying out the instruction of the firmware input that is stored on the internal storage (103), finishes control and management to described real-time encrypted U disk (10);
It is characterized in that also comprising:
Enciphering algorithm module (102) is used for encrypting the encrypt data that the original text data of reading from main frame (20) and deciphering are read from flash memory (108), realizes the high-speed encryption and decryption of data stream;
The FIFO buffer, this buffer has a FIFO buffer area (109), the 2nd FIFO buffer area (110) and the 3rd FIFO buffer area (111), when described real-time encrypted U disk (10) initialization, the logical address of USB interface (106) is distributed to a FIFO buffer area (109), the logical address of enciphering algorithm module (102) is distributed to the 2nd FIFO buffer area (110), and the logical address of flash controller (107) is distributed to the 3rd FIFO buffer area (111);
Fifo controller (101), constitute by register, this register is provided with three control bits, wherein, after enabling, first control bit (201) make the logical address of USB interface (106) and the logical address of flash controller (107) exchange, make the logical address of USB interface (106) and the logical address of enciphering algorithm module (102) exchange after second control bit (202) enables, make the logical address of flash controller (107) and the logical address of enciphering algorithm module (102) exchange after the 3rd control bit (203) enables;
CPU (104) is connected by bus with enciphering algorithm module (102), fifo controller (101), internal storage (103), FIFO buffer, USB interface (106) and flash controller (107) respectively.
2, real-time encrypted U disk according to claim 1 is characterized in that also comprising: communication I/O module (105), communication I/O module (105) is connected with described CPU (104) by bus.
3, high-speed encryption and decryption method according to the described real-time encrypted U disk of claim 1, it is characterized in that: carry out in write operation or the read operation process to flash memory (108) at main frame (20), that utilizes second control bit (202) and the 3rd control bit (203) in the fifo controller (101) alternately enables to switch USB interface (106), the logical address of enciphering algorithm module (102) and flash controller (107), with a FIFO buffer area (109), mapping relations between the physical address of the 2nd FIFO buffer area (110) and the 3rd FIFO buffer area (111), make a FIFO buffer area (109), the 2nd FIFO buffer area (110) and the 3rd FIFO buffer area (111) are followed USB interface (106) in turn, enciphering algorithm module (102) and flash controller (107) concurrent working, Data transmission batch between main frame (20) and flash memory (108), wherein, alternately the enabling since second control bit (202) of described second control bit (202) and the 3rd control bit (203) during write operation, described second control bit (202) and the 3rd control bit (203) alternately enables since the 3rd control bit (203) during read operation.
4, high-speed encryption and decryption method according to claim 3 is characterized in that:
When described real-time encrypted U disk (10) initialization, a FIFO buffer area (109), the 2nd FIFO buffer area (110) and the 3rd FIFO buffer area (111) all are empty;
When main frame (20) carries out work according to the following steps when flash memory (108) carries out write operation:
Step 1: main frame (20) is imported first original text data by USB interface (106) to a FIFO buffer area (109);
Step 2: second control bit (202) enables, make the logical address of USB interface (106) and the logical address of enciphering algorithm module (102) exchange, to second batch of original text data of the 2nd FIFO buffer area (110) input, encrypt first original text data in the FIFO buffer area (109) and obtain first encrypt data simultaneously by enciphering algorithm module (102) by USB interface (106) for main frame (20) then;
Step 3: the 3rd control bit (203) enables earlier, make the logical address of flash controller (107) and the logical address of enciphering algorithm module (102) exchange, then second control bit (202) enables again, make the logical address of USB interface (106) and the logical address of enciphering algorithm module (102) exchange, main frame (20) is imported the 3rd batch of original text data by USB interface (106) to the 3rd FIFO buffer area (111) then, enciphering algorithm module (102) is encrypted second batch of original text data in the 2nd FIFO buffer area (110) and is obtained second batch of encrypt data, and a FIFO buffer area (109) is exported first encrypt data by flash controller (107) to flash memory (108) simultaneously;
Step 4: the 3rd control bit (203) enables earlier, make the logical address of flash controller (107) and the logical address of enciphering algorithm module (102) exchange, then second control bit (202) enables again, make the logical address of USB interface (106) and the logical address of enciphering algorithm module (102) exchange, main frame (20) is imported the 4th batch of original text data by USB interface (106) to a FIFO buffer area (109) then, enciphering algorithm module (102) is encrypted the 3rd batch of original text data in the 3rd FIFO buffer area (111) and is obtained the 3rd batch of encrypt data, and the 2nd FIFO buffer area (110) is exported second batch of encrypt data by flash controller (107) to flash memory (108) simultaneously;
Step 5: the 3rd control bit (203) enables earlier, make the logical address of flash controller (107) and the logical address of enciphering algorithm module (102) exchange, then second control bit (202) enables again, make the logical address of USB interface (106) and the logical address of enciphering algorithm module (102) exchange, main frame (20) is imported the 5th batch of original text data by USB interface (106) to the 2nd FIFO buffer area (110) then, enciphering algorithm module (102) is encrypted the 4th batch of original text data in the FIFO buffer area (109) and is obtained the 4th batch of encrypt data, and the 3rd FIFO buffer area (111) is exported the 3rd batch of encrypt data by flash controller (107) to flash memory (108) simultaneously; Turn back to step 3 then, constitute circulation, till the to the last a collection of encrypt data output with this;
When main frame (20) carries out work according to the following steps when flash memory (108) carries out read operation:
Step 1: flash memory (108) is imported first encrypt data by flash controller (107) to the 3rd FIFO buffer area (111);
Step 2: the 3rd control bit (203) enables, make the logical address of flash controller (107) and the logical address of enciphering algorithm module (102) exchange, to second batch of encrypt data of the 2nd FIFO buffer area (110) input, enciphering algorithm module (102) is decrypted first encrypt data in the 3rd FIFO buffer area (111) and obtains first original text data flash memory (108) simultaneously by flash controller (107) then;
Step 3: second control bit (202) enables earlier, make the logical address of USB interface (106) and the logical address of enciphering algorithm module (102) exchange, then the 3rd control bit (203) enables again, make the logical address of flash controller (107) and the logical address of enciphering algorithm module (102) exchange, flash memory (108) is imported the 3rd batch of encrypt data by flash controller (107) to a FIFO buffer area (109) then, enciphering algorithm module (102) is decrypted second batch of encrypt data in the 2nd FIFO buffer area (110) and obtains second batch of original text data, and the 3rd FIFO buffer area (111) is exported first original text data by USB interface (106) to main frame (20) simultaneously;
Step 4: second control bit (202) enables earlier, make the logical address of USB interface (106) and the logical address of enciphering algorithm module (102) exchange, then the 3rd control bit (203) enables again, make the logical address of flash controller (107) and the logical address of enciphering algorithm module (102) exchange, flash memory (108) is imported the 4th batch of encrypt data by flash controller (107) to the 3rd FIFO buffer area (111) then, enciphering algorithm module (102) is decrypted the 3rd batch of encrypt data in the FIFO buffer area (109) and obtains the 3rd batch of original text data, and the 2nd FIFO buffer area (110) is exported second batch of original text data by USB interface (106) to main frame (20) simultaneously;
Step 5: second control bit (202) enables earlier, make the logical address of USB interface (106) and the logical address of enciphering algorithm module (102) exchange, then the 3rd control bit (203) enables again, make the logical address of flash controller (107) and the logical address of enciphering algorithm module (102) exchange, flash memory (108) is imported the 5th batch of encrypt data by flash controller (107) to the 2nd FIFO buffer area (110) then, enciphering algorithm module (102) is decrypted the 4th batch of encrypt data in the 3rd FIFO buffer area (111) and obtains the 4th batch of original text data, and a FIFO buffer area (109) is exported the 3rd batch of original text data by USB interface (106) to main frame (20) simultaneously; Turn back to step 3 then, constitute circulation, till the to the last a collection of original text data output with this.
CN2009100306849A 2009-04-21 2009-04-21 Real-time encrypted U disk and high speed encryption-decryption method Active CN101540191B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN2009100306849A CN101540191B (en) 2009-04-21 2009-04-21 Real-time encrypted U disk and high speed encryption-decryption method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN2009100306849A CN101540191B (en) 2009-04-21 2009-04-21 Real-time encrypted U disk and high speed encryption-decryption method

Publications (2)

Publication Number Publication Date
CN101540191A true CN101540191A (en) 2009-09-23
CN101540191B CN101540191B (en) 2010-10-13

Family

ID=41123331

Family Applications (1)

Application Number Title Priority Date Filing Date
CN2009100306849A Active CN101540191B (en) 2009-04-21 2009-04-21 Real-time encrypted U disk and high speed encryption-decryption method

Country Status (1)

Country Link
CN (1) CN101540191B (en)

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102023936A (en) * 2010-11-19 2011-04-20 苏州国芯科技有限公司 Method for decrypting encrypted data in USB (universal serial bus) storage device
CN101710270B (en) * 2009-11-27 2012-05-23 西安奇维测控科技有限公司 High-speed mass memory based on flash memory and chip data management method
CN103793333A (en) * 2012-10-30 2014-05-14 北京兆易创新科技股份有限公司 Nonvolatile memory encrypting method and device and nonvolatile memory
CN107967225A (en) * 2017-11-21 2018-04-27 深圳市统先科技股份有限公司 Data transmission method, device, computer-readable recording medium and terminal device
CN108021817A (en) * 2017-12-20 2018-05-11 北京遥感设备研究所 A kind of encryption and decryption memory access interface realizes system and method
WO2020118583A1 (en) * 2018-12-12 2020-06-18 深圳市汇顶科技股份有限公司 Data processing method, circuit, terminal device storage medium
CN113420339A (en) * 2021-07-02 2021-09-21 广东全芯半导体有限公司 Encrypted USB flash disk and authorization method
CN113742753A (en) * 2021-09-15 2021-12-03 北京宏思电子技术有限责任公司 Data stream encryption and decryption method, electronic equipment and chip system

Cited By (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101710270B (en) * 2009-11-27 2012-05-23 西安奇维测控科技有限公司 High-speed mass memory based on flash memory and chip data management method
CN102023936A (en) * 2010-11-19 2011-04-20 苏州国芯科技有限公司 Method for decrypting encrypted data in USB (universal serial bus) storage device
CN102023936B (en) * 2010-11-19 2012-12-26 苏州国芯科技有限公司 Method for decrypting encrypted data in USB (universal serial bus) storage device
CN103793333A (en) * 2012-10-30 2014-05-14 北京兆易创新科技股份有限公司 Nonvolatile memory encrypting method and device and nonvolatile memory
CN103793333B (en) * 2012-10-30 2017-02-08 北京兆易创新科技股份有限公司 Nonvolatile memory encrypting method and device and nonvolatile memory
CN107967225A (en) * 2017-11-21 2018-04-27 深圳市统先科技股份有限公司 Data transmission method, device, computer-readable recording medium and terminal device
CN107967225B (en) * 2017-11-21 2021-04-27 深圳市统先科技股份有限公司 Data transmission method and device, computer readable storage medium and terminal equipment
CN108021817A (en) * 2017-12-20 2018-05-11 北京遥感设备研究所 A kind of encryption and decryption memory access interface realizes system and method
WO2020118583A1 (en) * 2018-12-12 2020-06-18 深圳市汇顶科技股份有限公司 Data processing method, circuit, terminal device storage medium
CN113420339A (en) * 2021-07-02 2021-09-21 广东全芯半导体有限公司 Encrypted USB flash disk and authorization method
CN113742753A (en) * 2021-09-15 2021-12-03 北京宏思电子技术有限责任公司 Data stream encryption and decryption method, electronic equipment and chip system
CN113742753B (en) * 2021-09-15 2023-09-29 北京宏思电子技术有限责任公司 Data stream encryption and decryption method, electronic equipment and chip system

Also Published As

Publication number Publication date
CN101540191B (en) 2010-10-13

Similar Documents

Publication Publication Date Title
CN101540191B (en) Real-time encrypted U disk and high speed encryption-decryption method
CN101510245B (en) High speed encryption and decryption USB bridging chip and chip high speed encryption and decryption method
CN1878055B (en) Separation type mass data encryption/decryption device and implementing method therefor
CN101551784B (en) Method and device for encrypting data in ATA memory device with USB interface
CN101196855B (en) Mobile encrypted memory device and cipher text storage area data encrypting and deciphering processing method
CN202650015U (en) System for access of encrypted memory
CN101561751A (en) USB encryption and decryption bridging chip
CN101561888B (en) Real-time encryption SD card and high-speed encryption/decryption method
CN102947836B (en) Memory device, main process equipment and use dual encryption scheme transmit the method for password between the first and second memory devices
CN1734475B (en) Semiconductor integrated circuit and information processing apparatus
WO2013012437A1 (en) Cryptographic information association to memory regions
KR20110032249A (en) Storage system including cryptography key selection device and selection method for cryptography key
CN105243344A (en) Chipset with hard disk encryption function and host computer controller
CN107256363A (en) A kind of high-speed encryption and decryption device being made up of encryption/decryption module array
CN103824032A (en) Methods and apparatus for the secure handling of data in a microcontroller
CN101685425A (en) Mobile storage device and method of encrypting same
CN108075882A (en) Cipher card and its encipher-decipher method
CN112329038B (en) Data encryption control system and chip based on USB interface
CN108011716A (en) A kind of encryption apparatus and implementation method
CN107092835A (en) The computer data enciphering device and method of a kind of virtual memory disk
CN105354503A (en) Data encryption/decryption method for storage apparatus
CN106991061A (en) A kind of SATA hard disc crypto module and its method of work
CN102201044A (en) Universal serial bus (USB) security key
CN203930840U (en) A kind of hardware encryption card
CN103077362B (en) There is the GPIO IP kernel of security mechanism

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
EE01 Entry into force of recordation of patent licensing contract

Assignee: Tongfang Co., Ltd.

Assignor: C*Core Technology (Suzhou) Co., Ltd.

Contract record no.: 2011110000009

Denomination of invention: Real-time encrypted U disk and high speed encryption-decryption method

Granted publication date: 20101013

License type: Common License

Open date: 20090923

Record date: 20110221

CP01 Change in the name or title of a patent holder

Address after: Room C2031, Suzhou Pioneer Park, 209 Zhuyuan Road, Suzhou High-tech Zone, Jiangsu Province

Patentee after: Suzhou Guoxin Technology Co., Ltd.

Address before: Room C2031, Suzhou Pioneer Park, 209 Zhuyuan Road, Suzhou High-tech Zone, Jiangsu Province

Patentee before: C*Core Technology (Suzhou) Co., Ltd.

CP01 Change in the name or title of a patent holder