CN101853220A - Mobile storage device with key removal and storage mechanism - Google Patents
Mobile storage device with key removal and storage mechanism Download PDFInfo
- Publication number
- CN101853220A CN101853220A CN200910081325A CN200910081325A CN101853220A CN 101853220 A CN101853220 A CN 101853220A CN 200910081325 A CN200910081325 A CN 200910081325A CN 200910081325 A CN200910081325 A CN 200910081325A CN 101853220 A CN101853220 A CN 101853220A
- Authority
- CN
- China
- Prior art keywords
- storage device
- data
- movable storage
- key
- unit
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Storage Device Security (AREA)
Abstract
The invention relates to a mobile storage device with a key removal and storage mechanism, which belongs to the technical field of a mobile storage device. The mobile storage device comprises an interface unit, a control processing unit, a cryptography service unit and a data storage unit, a decryption key used by the mobile storage device is formed by directly piecing up two or more data slots or through a corresponding algorithm, and each data slot is provided with different storage forms and access mechanisms. Compared with the prior art, the key removal and storage mechanism realizes multiple protection of the mobile storage device, increases the difficulty in stealing the key of the mobile storage device, and has the advantage of high security.
Description
Technical field
The present invention relates to the movable storage device technical field, particularly have the movable storage device of key removal and storage mechanism.
Background technology
Current era, along with networking and fast development of information technology, the importance of information security is particularly outstanding, and hidden danger that the information security leak brings and threat are also increasing.All relate to the information safety protection problem in every field such as finance, IT, digital publishing rights, ecommerce, E-Government, these fields need also to use that some memory devices are stored or the transfer confidential information.But this memory device often is in unsafe applied environment, and the confidential information of storing in the memory device is easy to be stolen by other people, and is used for illegal purposes, causes immeasurable loss.In recent years, on the market memory devices that have encryption and decryption functions that adopt more.The data encrypting and deciphering process is exactly by certain enciphering and deciphering algorithm, utilizes correct key to realize operation such as read-write, revision, deletion, protection to confidential data.After memory device is lost or is stolen, obtain the key that is used to decipher if steal the people, also can be easy to steal the confidential information that is stored on the memory device.
In the prior art, the key modes that adopt single storage more, stealing the people can expose the memory device chip internal structure by Brute Force, again by determining decruption key to chip research, also can derive decruption key by the data stream of measuring the encryption and decryption processing.Enter the China national stage patent No. and be the technical scheme that 00817950.6 invention " has by key and divides the portable data storage medium that carries out access protection again "; the means that key is broken are disclosed; but wherein the source of key partition exists with identical file layout, also can directly cause the potential safety hazard of movable storage device.
Summary of the invention
In order to solve above-mentioned the deficiencies in the prior art, the purpose of this invention is to provide a kind of movable storage device with key removal and storage mechanism.It adopts key removal and storage mechanism is that movable storage device is provided with multiple protective, has increased the difficulty that data are revealed in the movable storage device, has safe characteristics.
In order to reach the foregoing invention purpose, technical scheme of the present invention realizes as follows:
A kind of movable storage device with key removal and storage mechanism, its design feature is that it comprises:
Interface unit---be used to provide the interface of movable storage device and external unit communication;
Controlled processing unit---interconnect with interface unit, be used to provide data processing, control data transmission service and call the cryptography service unit data slot generating solution decryption key;
The cryptography service unit---interconnect with controlled processing unit, be used to provide the cryptography service, select to have the cryptographic algorithm and the service of different security intensities according to security and confidentiality grade;
Data storage cell---interconnect with controlled processing unit, be used to store data;
Partial data on the described movable storage device or total data adopt the form of encrypting to store, and decruption key is directly slapped together by the data slot more than two sections or two sections or generates through corresponding algorithm.
In above-mentioned movable storage device, the part of described data slot can directly be stored in the storage unit of movable storage device, another part of data slot can be generated by the corresponding algorithm of the information via of different file layouts, and the information of different file layouts transfers in the movable storage device by interface unit or in the movable storage device internal transmission.
In above-mentioned movable storage device, described different file layouts have human brain file layout, memory device, stores form, external unit file layout, biological characteristic file layout, processor generation form and Long-distance Control file layout.
In above-mentioned movable storage device, the information of described different file layouts has the data that are used to generate data slot, fingerprint, iris and the remote control terminal instruction of storing in user password and the movable storage device.
The present invention has been owing to adopted said structure, and the movable storage device that adopts key removal and storage mechanism only could the generating solution decryption key under the situation that the information of various file layouts all possesses.Decruption key just dynamically generates when movable storage device uses, and finishes just destruction immediately of decruption key in case use, and can not retain in memory device.Therefore, when stealing, increased and stolen the difficulty that the people steals key when the memory device loss or by the people; In addition, key removal and storage mechanism is that movable storage device is provided with multiple protective, thus the favourable data of storing in the memory device of having protected.The present invention has remedied simultaneously and has not utilized software encryption and decryption reliability high and utilize the slower deficiency of hardware chip encryption/decryption speed merely merely.
The invention will be further described below in conjunction with accompanying drawing and concrete embodiment.
Description of drawings
Fig. 1 is the structural representation of the embodiment of the invention;
Fig. 2 is the information generating solution decryption key synoptic diagram of different file layouts in the embodiment of the invention.
Embodiment
Referring to Fig. 1, the present invention includes:
Interface unit---be used to provide the interface of movable storage device and external unit communication, the information of different file layouts also can transfer in the movable storage device by this interface;
Controlled processing unit---interconnect with interface unit, be used to provide data processing, control data transmission, control data read-write and deletion and call the cryptography service unit data slot generating solution decryption key;
The cryptography service unit---interconnect with controlled processing unit, be used to provide the cryptography service, select to have the cryptographic algorithm and the service of different security intensities according to security and confidentiality grade; Cryptographic algorithm can adopt the symmetric encipherment algorithm of DES algorithm, 3DES algorithm, IDEA algorithm and homemade autonomous cryptographic algorithm SMS4 algorithm, SSF33 algorithm and SCB2 algorithm etc., also can adopt the rivest, shamir, adelman of RSA Algorithm, ECC algorithm etc.;
Data storage cell---interconnect with controlled processing unit, be used to store data, simultaneously can be according to actual conditions, selectively storage is used for the data slot of generating solution decryption key.
Referring to Fig. 2, the decruption key in the movable storage device of the present invention is directly slapped together by the data slot more than two sections or two sections or generates through corresponding algorithm.Part data slot directly is stored in the data storage cell, and another part data slot is generated by the corresponding algorithm of the information via of different file layouts.Different file layouts have human brain file layout, memory device, stores form, external unit file layout, biological characteristic file layout, processor generation form and Long-distance Control file layout.The information of different file layouts can be identical or different information, and it comprises the data that are used to generate data slot, fingerprint, iris and the remote control terminal instruction of storing in user password, the movable storage device.
When the present invention used, the data slot that adopts three partition storages to generate came common generating solution decryption key.The password information that information 1 is used for the user, file layout 1 is user's a human brain file layout.The user is when using movable storage device, the input user password information, by interface unit with information transmission to memory device inside, call the correlation function module by controlled processing unit, judge whether user password information is correct, if correct, user password information obtains data slot 1 after doing XOR through the hash algorithm.Information 2 is for being stored in the particular data in the memory device, and file layout 2 is the movable storage device file layout, and information 2 generates data slot 2 through certain algorithm or directly uses as data slot 2.Information 3 is user's finger print information, and file layout 3 is biological characteristic storage form.After the user imported fingerprint, movable storage device judged whether the fingerprint of input is legal, if legal, information 3 generates data slot 3 through certain algorithm and uses.Need to increase the fingerprint sensor that is used to read finger print information in the memory device in the present embodiment.Data slot 1, data slot 2 and data slot 3 are directly pieced together jointly and are generated the used decruption key of movable storage device.In the present embodiment,, all can not constitute the decruption key of actual use if any one data slot generates failure, mistake or disappearance.This decruption key is the key of 128bit, and the form of employing is for directly to be slapped together by data slot 1,2,3, so the length summation of data slot 1, data slot 2 and data slot 3 is 128bit.
Among the present invention, in order to strengthen the protection of canned data, can be according to the demand of reality use, the module that the appropriate change memory device comprises is provided with the data slot that a plurality of fractionations are stored.
Should be noted that: above embodiment is only in order to illustrate technical scheme of the present invention, but not limit it, also can adopt the iris information of utilizing biological characteristic file layout storage in the above-described embodiments, the multiple information of utilizing the command information of Long-distance Control file layout storage, the multiple file layouts such as key information (as USBKey) of utilizing the external unit file layout to exist to exist generates the desired data fragment.The algorithm that generates data slot in the above-described embodiments also can adopt any particular algorithms.Data slot can directly scrabble up the decruption key of actual use among the embodiment, also can the data slot calculation be generated the actual decruption key that uses by certain algorithm.
Although the present invention has been done detailed explanation with reference to above embodiment; those of ordinary skill in the art is to be understood that: make amendment according to the technical scheme that the foregoing description is put down in writing; or part technical characterictic wherein is equal to replacement; do not make the essence of appropriate technical solution break away from the technical thought of technical scheme of the present invention, all belong to protection scope of the present invention.
Claims (4)
1. movable storage device with key removal and storage mechanism is characterized in that it comprises:
Interface unit---be used for providing the interface of movable storage device correlation module or movable storage device and external unit communication;
Controlled processing unit---interconnect with interface unit, be used to provide data processing, control data transmission service and call the cryptography service unit data slot generating solution decryption key;
The cryptography service unit---interconnect with controlled processing unit, be used to provide the cryptography service, select to have the cryptographic algorithm and the service of different security intensities according to security and confidentiality grade;
Data storage cell---interconnect with controlled processing unit, be used to store data;
Partial data on the described movable storage device or total data adopt the form of encrypting to store, and decruption key is directly slapped together by the data slot more than two sections or two sections or generates through corresponding algorithm.
2. the movable storage device with key removal and storage mechanism according to claim 1, it is characterized in that, the part of described data slot can directly be stored in the storage unit of movable storage device, another part of data slot can be generated by the corresponding algorithm of the information via of different file layouts, and the information of different file layouts transfers in the movable storage device by interface unit or in the movable storage device internal transmission.
3. the movable storage device with key removal and storage mechanism according to claim 1 and 2, it is characterized in that described different file layouts have human brain file layout, memory device, stores form, external unit file layout, biological characteristic file layout, processor generation form and Long-distance Control file layout.
4. the movable storage device with key removal and storage mechanism according to claim 3, it is characterized in that the information of described different file layouts has the data that are used to generate data slot, fingerprint, iris and the remote control terminal instruction of storing in user password and the movable storage device.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN200910081325A CN101853220A (en) | 2009-04-02 | 2009-04-02 | Mobile storage device with key removal and storage mechanism |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN200910081325A CN101853220A (en) | 2009-04-02 | 2009-04-02 | Mobile storage device with key removal and storage mechanism |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN101853220A true CN101853220A (en) | 2010-10-06 |
Family
ID=42804721
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN200910081325A Pending CN101853220A (en) | 2009-04-02 | 2009-04-02 | Mobile storage device with key removal and storage mechanism |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101853220A (en) |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102143167A (en) * | 2011-01-24 | 2011-08-03 | 郭君艳 | Electronic hole card verification method |
| CN105760789A (en) * | 2016-02-19 | 2016-07-13 | 山东超越数控电子有限公司 | Protection method for encryption key in encrypted mobile solid-state disk |
| WO2017101122A1 (en) * | 2015-12-18 | 2017-06-22 | 深圳市振华微电子有限公司 | Computer encryption lock having separating management and use |
| WO2020174307A1 (en) * | 2019-02-25 | 2020-09-03 | International Business Machines Corporation | Move data and set storage key based on key function control |
| US10831480B2 (en) | 2019-02-25 | 2020-11-10 | International Business Machines Corporation | Move data and set storage key instruction |
| WO2022003449A1 (en) * | 2020-07-02 | 2022-01-06 | International Business Machines Corporation | Secure secret recovery |
-
2009
- 2009-04-02 CN CN200910081325A patent/CN101853220A/en active Pending
Cited By (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102143167A (en) * | 2011-01-24 | 2011-08-03 | 郭君艳 | Electronic hole card verification method |
| WO2012100661A1 (en) * | 2011-01-24 | 2012-08-02 | Guo Junyan | Method for electronic blind card verification |
| CN102143167B (en) * | 2011-01-24 | 2014-05-07 | 郭君艳 | Electronic hole card verification method |
| WO2017101122A1 (en) * | 2015-12-18 | 2017-06-22 | 深圳市振华微电子有限公司 | Computer encryption lock having separating management and use |
| US10523436B2 (en) | 2015-12-18 | 2019-12-31 | Shenzhen Zhenhua Microelectronics Co., Ltd | Security locking device of computers |
| CN105760789A (en) * | 2016-02-19 | 2016-07-13 | 山东超越数控电子有限公司 | Protection method for encryption key in encrypted mobile solid-state disk |
| WO2020174307A1 (en) * | 2019-02-25 | 2020-09-03 | International Business Machines Corporation | Move data and set storage key based on key function control |
| US10831480B2 (en) | 2019-02-25 | 2020-11-10 | International Business Machines Corporation | Move data and set storage key instruction |
| GB2595835A (en) * | 2019-02-25 | 2021-12-08 | Ibm | Move data and set storage key based on key function control |
| GB2595835B (en) * | 2019-02-25 | 2022-04-13 | Ibm | Move data and set storage key based on key function control |
| WO2022003449A1 (en) * | 2020-07-02 | 2022-01-06 | International Business Machines Corporation | Secure secret recovery |
| GB2611966A (en) * | 2020-07-02 | 2023-04-19 | Ibm | Secure secret recovery |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108345806B (en) | Hardware encryption card and encryption method | |
| CN101196855B (en) | Mobile encrypted memory device and cipher text storage area data encrypting and deciphering processing method | |
| US9304941B2 (en) | Self-encrypting flash drive | |
| US8683232B2 (en) | Secure user/host authentication | |
| US11308241B2 (en) | Security data generation based upon software unreadable registers | |
| CN101430747B (en) | Movable equipment based on credible embedded platform and its security storage method | |
| US8700908B2 (en) | System and method for managing secure information within a hybrid portable computing device | |
| EP3667535B1 (en) | Storage data encryption and decryption device and method | |
| JP2020535693A (en) | Storage data encryption / decryption device and method | |
| CN103440462A (en) | Embedded control method for improving security and secrecy performance of security microprocessor | |
| CN101853220A (en) | Mobile storage device with key removal and storage mechanism | |
| US20120284534A1 (en) | Memory Device and Method for Accessing the Same | |
| CN102236756A (en) | File encryption method based on TCM (trusted cryptography module) and USBkey | |
| WO2008092167A2 (en) | Protecting secrets in an untrusted recipient | |
| US20140108818A1 (en) | Method of encrypting and decrypting session state information | |
| CN101770559A (en) | Data protecting device and data protecting method | |
| CN104346586B (en) | The method of the storage device and type self-destroyed protection data of type self-destroyed protection data | |
| CN201408416Y (en) | Mobile storage device with key splitting and storing mechanism | |
| CN102662874A (en) | Double-interface encryption memory card and management method and system of data in double-interface encryption memory card | |
| CN102480353A (en) | Method of password authentication and secret key protection | |
| US20150200777A1 (en) | Data securing method, data securing system and data carrier | |
| CN109995508B (en) | Encryption and decryption device and method for FPGA code stream | |
| CN102270182B (en) | Encrypted mobile storage equipment based on synchronous user and host machine authentication | |
| KR101318668B1 (en) | Portable memory card having information security function | |
| CN101727557B (en) | Secrecy isolation hard disk and secrecy method thereof |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Open date: 20101006 |