CN102184144A - Hardware-encryption mobile hard disk drive and application method thereof - Google Patents

Hardware-encryption mobile hard disk drive and application method thereof Download PDF

Info

Publication number
CN102184144A
CN102184144A CN2011101065809A CN201110106580A CN102184144A CN 102184144 A CN102184144 A CN 102184144A CN 2011101065809 A CN2011101065809 A CN 2011101065809A CN 201110106580 A CN201110106580 A CN 201110106580A CN 102184144 A CN102184144 A CN 102184144A
Authority
CN
China
Prior art keywords
hard disk
controller
fingerprint sensor
fingerprint
instruction
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN2011101065809A
Other languages
Chinese (zh)
Inventor
梁刚
魏运发
刘怡昕
章�宁
李连顺
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
NANJING COLLEGE OF ARTILLERY ACADEMY OF PLA
Original Assignee
NANJING COLLEGE OF ARTILLERY ACADEMY OF PLA
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by NANJING COLLEGE OF ARTILLERY ACADEMY OF PLA filed Critical NANJING COLLEGE OF ARTILLERY ACADEMY OF PLA
Priority to CN2011101065809A priority Critical patent/CN102184144A/en
Publication of CN102184144A publication Critical patent/CN102184144A/en
Pending legal-status Critical Current

Links

Abstract

The invention provides a hardware-encryption mobile hard disk drive which comprises a hard disk drive box and a hard disk drive body, and also comprises a controller, a display, a keyboard and a fingerprint sensor, wherein the display, the keyboard and the fingerprint sensor are arranged on the surface of an upper cover body of the hard disk drive box; the controller is respectively connected with the display, the keyboard, the fingerprint sensor and the hard disk drive body and used for generating and storing a secret key, encrypting and decrypting hard disk drive data, and checking an input password and fingerprint information. The invention also provides an application method of the hardware-encryption mobile hard disk drive, which comprises the steps of: firstly, carrying out password handshaking on the fingerprint sensor and the controller, then carrying out fingerprint recognition operation, and carrying out real-time encryption and decryption during data reading and storing. In the invention, whole disk hardware encryption of hard disk drive data, fingerprint recognition and user management capability are combined, and thus management of hardware-based user authentication information is realized.

Description

A kind of hardware encryption portable hard drive and application process thereof
Technical field
The present invention relates to a kind of portable hard drive, relate in particular to a kind of overall hardware encryption portable hard drive and application management method thereof.
Background technology
Deepen continuously along with informationalized, electronic storage device has obtained application more and more widely, and big data to national Important Project are preserved, little storage to personal information, and people's daily production and life have be unable to do without various electronic memories.Portable hard drive particularly, small and exquisite because of its profile, power consumption is low, memory space is big, easy to carry, be subjected to people's favor, in unit and individual's field of data storage, occupy important one seat.But, to preserve by means of portable hard drive usually and use in the process of data people, the accident of portable hard drive is lost and the frequent appearance of the situation used without approval, makes the safety of data problem seem and becomes increasingly conspicuous.For this reason, polytype encryption portable hard drive has appearred.
Up to now, having that the technical scheme of encryption portable hard drive is common is following several:
1, merely rights of using is controlled, and hard disk body and data thereof are not handled.Before each the use, the user is carried out authentication, the data of hard disk own are not encrypted.This scheme has based on hardware with based on two kinds of technological approaches of software, and common specific implementation form has:
A, for the user is provided with PIN code, before each the use, carry out the checking of PIN code, the data of hard disk own are not encrypted;
B, for the user is provided with IC-card slot or card reader, carry out reading of IC-card before each the use, the data of hard disk own are not encrypted;
C, fingerprint reading device is set, carries out the authentication of fingerprint before each the use, the data of hard disk own are not encrypted.
2, by in advance the partition table of hard disk being removed and is destroyed the mode of former partition table content, some subregion of hard disk is set to encrypted partition, when using portable hard drive at every turn, carry out authentification of user earlier, after passing through, authentication, again partition table is removed after finishing using again with the partition table reduction at every turn.
3, combine with certain authentification of user means, the data that write hard disk are encrypted totally.
In above three kinds of common encryption portable hard drive schemes, good and bad fairly obvious.
Encrypting the portable hard drive scheme for first kind, figuratively speaking is " having given on the gate in room a lock, thing in the room or former state ", in other words, needs only hard disk is taken out, and changes just sense data, therefore just " pseudo-encryption " in the same old way of a hard-disk cartridge.
The problem of the second way is, encrypt if forget again after sudden power or user are using in the middle of using, hard disk will be in the state of not encrypting so, anyone can directly read its data, in addition, though,, therefore still can see raw data by some tool software that can directly read the hard disk total data because data are not encrypted because the subregion on the hard disk is handled.
The third scheme is just different, even mobile hard disc box is destroyed, the hard disk body is directly taken away, because the data on the dish are what to be encrypted, so need only key and does not lose, and the disabled user still can't reading of data so, and the third security is higher.
The difference of the technological means of totally encrypting with regard to hard disc data, encryption can be divided into two kinds of soft encryption and hardware encryptions again totally, and from security, this dual mode is more approaching, but from the speed of encryption and decryption, and hardware encryption will be won and one be raised.
Summary of the invention
Technical matters to be solved by this invention is that the overall hardware encryption with portable hard drive combines with novel and reliable user authentication management method, and a kind of hardware encryption portable hard drive and application process thereof are provided.
The present invention adopts following technical scheme for solving the problems of the technologies described above:
A kind of hardware encryption portable hard drive comprises hard-disk cartridge, hard disk body; Described hard-disk cartridge comprises two lids that complement one another up and down, and the hard disk body is arranged in the hard-disk cartridge; Also comprise display, the keyboard that is used to import, be used to gather the fingerprint sensor of fingerprint and be used for controller hard disc data real-time encryption and decryption and identifying user identity;
Wherein, described display, keyboard and fingerprint sensor are arranged on the surface of the upper cover body of hard-disk cartridge;
Described controller is connected with display, keyboard, fingerprint sensor, hard disk body respectively.
Preferably, hardware encryption portable hard drive of the present invention, controller adopts the SSX45 safety chip.
Preferably, hardware encryption portable hard drive of the present invention, fingerprint sensor adopts the fingerprint sensor of radio frequency living body finger print recognition technology.
A kind of application process of hardware encryption portable hard drive may further comprise the steps:
Steps A, system powers on, and enters user authentication status: adopt fingerprint sensor and controller to shake hands, shake hands by after, enter next step; Otherwise continue to shake hands, withdraw from until outage;
Step B carries out user fingerprints identification, after the fingerprint recognition success, carries out that USB enumerates, the identification of connection, hard disk; Unsuccessful when fingerprint recognition, then continue to carry out fingerprint recognition, withdraw from until outage;
Step C, controller is judged the operation that computer carries out, automatic distinguishing instruction and data part according to the type of the instruction that host computer is sent:
C-1, when the instruction of sending when host computer was " writing " instruction, controller carried out the data that receive real-time encrypted and writes in the hard disk;
C-2, when the instruction of sending when host computer was " reading " instruction, controller went out data corresponding in the hard disk according to information extraction in the instruction, sends to host computer behind the real time decrypting again;
C-3 when not belonging to the type of C-1, C-2, judges whether that the entrance management employee makes state, when the result is not, then enters holding state; When the result for being the then person's of managing authentication;
C-3-1 is when keeper's authentication success, then entrance management person's subroutine;
C-3-2, unsuccessful when keeper's authentication, verify again that then checking number of times, the failure of stipulating are locked until surpassing.
Further, the application process of hardware encryption portable hard drive of the present invention, step C-1 middle controller carries out extracting among real-time encrypted, the step C-2 data certain in the hard disk to the data that receive, and to carry out real time decrypting be that the method for following USB2.0 agreement and SCSI instruction set realizes.
Further, the application process of hardware encryption portable hard drive of the present invention, controller described in each step adopts the SSX45 safety chip.
Further, the application process of hardware encryption portable hard drive of the present invention, the described fingerprint sensor of steps A adopts the fingerprint sensor of radio frequency living body finger print recognition technology.
The present invention adopts technique scheme to have following beneficial effect:
Fingerprint management of the present invention has partly adopted and has not relied on computer software and in conjunction with administrator password's hardware implementation mode, this is its topmost unique distinction, this array mode is brought following benefit: the ancillary cost that takies special purpose computer that 1, does not have software administration to bring only needs power supply can finish management work; 2, got rid of in the software administration process of fingerprint, the problem that the fingerprint storage that may bring is revealed easily, security is better.
The present invention rolls into one the overall hardware encryption of hard disc data, fingerprint recognition and subscriber management capabilities, and particularly the function with user management has been integrated on the hard disk with hardware mode.For domestic consumer, using method and general fingerprint recognition are encrypted portable hard drive totally and are as good as, but simultaneously, with regard to the management method of finger print information, compare with the user management mode that the fingerprint recognition of present existence is encrypted portable hard drive totally and adopted based on software, integrated level is higher, better reliability, do not have the possibility that user fingerprints information reveals through software and do not rely on computer and can independently realize management, has improved security greatly.Compared with prior art, its biggest advantage just is to have realized the management of hardware based authentification of user data.
Description of drawings
Fig. 1 is a functional structure chart of the present invention.
Fig. 2 is a workflow diagram of the present invention.
Specific embodiments
Be described in further detail below in conjunction with the enforcement of accompanying drawing technical scheme.
Portable hard drive involved in the present invention comprises following components from a structural point:
Hard-disk cartridge, controller, display, keyboard, fingerprint sensor, hard disk body.
Wherein, hard-disk cartridge comprises two lids that complement one another up and down, and described display, keyboard and fingerprint sensor are arranged on the surface of the upper cover body of hard-disk cartridge; Controller is connected with display, keyboard, fingerprint sensor, hard disk body respectively, is used for generation and storage, data encrypting and deciphering, checking input password and the finger print information of key.
Display is used for display working condition, user authentication information, information etc.
Keyboard is used for input manager person's password, the keeper manages the selection of function menu, the input of new password etc.
Fingerprint sensor is used for gathering user fingerprints information, to be used for initial fingerprint collection or authenticating user identification.Fingerprint sensor of the present invention specially refers to adopt the fingerprint sensor of radio frequency living body finger print recognition technology, has the good advantage of anti-counterfeiting performance.
Display, keyboard and fingerprint sensor are connected with controller by flexible cord, have improved shock resistance.
As shown in Figure 1, " IO interface " is used for being connected between host computer and the controller, and fingerprint sensor is used to gather fingerprint.If use first, then when powering on, controller can generate a true random number and be stored in wherein, key during as encryption and deciphering, then, enter the initial user fingerprint typing stage automatically, the typing of initial user fingerprint promptly can enter following normal workflow after finishing.
As shown in Figure 2, normal workflow of the present invention: earlier the USB line is connected with hard disk and computer, at this moment, system powers on, and at first enter user authentication status, " the user fingerprints authentication section " of this encryption portable hard drive can at first be shaken hands with controller, shake hands by after, promptly enter the user fingerprints acquisition phase, the user need streak fingerprint sensor with the finger of gathering fingerprint so that carry out authentication, when authenticating user identification by after promptly carry out normal USB and enumerate, connect, work such as the identification of hard disk, after this, system enters " domestic consumer " duty.
In " domestic consumer " duty, difference according to the instruction of host computer, can be divided into " reading " and " writing " two states, the type of the instruction that controller can be sent according to host computer judges that computer wants the operation of carrying out, and energy automatic distinguishing instruction and data part, this is that the method for following USB2.0 agreement and SCSI instruction set realizes.
When the instruction of sending is " writing " instruction time, " controller " can let slip steering order, and carries out the data of sending real-time encrypted and write in the hard disk, and the data that write hard disk this moment are the ciphertexts of having encrypted; When the instruction of sending when host computer is " reading " instruction, controller can go out data corresponding in the hard disk according to information extractions such as the magnetic head of indicating in the instruction, cylinder, sectors, and the key that will generate previously again participates in real time decrypting after send to host computer by " IO interface ".
When " switching " key of in use supressing on the keyboard, it is entrance management person's authentication password input state, if the password input is correct, then system enters " admin state " and demonstration manager's menu item, after the keeper executes relevant function, press " switching " key once more, system will come back to " domestic consumer " duty.If the continuous input error of administrator's password, and import number of times above stipulated number, then hard disk enters locking state, and the user can't start hard disk voluntarily.
Certain administrator authentication mode of the present invention is not limited to the cipher authentication mode, and other safety certification mode is suitable for too, such as IC-card plug-in card mode authenticate, radio-frequency card authentication or the like.
Controller of the present invention has two kinds of common types to adopt at present, a kind of is special-purpose safety chip, the unit that this kind safety chip needs safety product research and development qualification could buy, sell simultaneously and also need corresponding qualification, another realizes that by means of general-purpose chip such as FPGA, encryption DSP etc. this kind scheme is not subjected to the restriction of relevant qualification.
On reliability, special-purpose safety chip is a better choice.The inner structure compactness of special-purpose safety chip, stable and extremely difficulty crack, be the first-selection of making safety and password product, the controller among the present invention has just adopted special-purpose safety chip.Special-purpose safety chip has different external interfaces and inner structure and cryptographic algorithm according to the difference of its application, safety chip can be realized cryptographic algorithm such as RSA, SHA-1, DES, AES with hardware usually, the part safety chip has more been optimized structure at the application scenario of high amount of traffic amount, this type of chip such as SSX45 etc.
As the encryption mobile memory of a finger print identifying, its security is guaranteed by following several respects:
1, finger print identifying part will at first be carried out password with " controller " and shaken hands before work, shake hands by after can carry out next step fingerprint collecting work, this has just got rid of the risk that illegally reads that artificial replacing user fingerprints authentication section is brought.
2, the data that write hard disk are all to encrypt, and key is kept at " controller " lining, and the prerequisite that reads key to be authentification of user pass, even therefore in use outage or hard disk also needn't be worried safety of data problem on the hard disk by the people for removing.
3, operations such as the interpolation of fingerprint, deletion are to finish on the hardware with dish, and when managing operation, the keeper need be by the input of the keyboard on hard disk password, after password passes through, can carry out the management of fingerprint to this hard disk, and if the number of times of administrator error input password surpass No. 5 hard disks with locked, even re-power, the user also can't start this hard disk voluntarily, and this has been avoided by the possibility of illegal user from malicious probe management password.
By above three collaborative works that the aspect is close, hard disk of the present invention has just had very high security.

Claims (7)

1. a hardware encryption portable hard drive comprises hard-disk cartridge, hard disk body; Described hard-disk cartridge comprises two lids that complement one another up and down, and the hard disk body is arranged in the hard-disk cartridge; It is characterized in that: also comprise display, the keyboard that is used to import, be used to gather the fingerprint sensor of fingerprint and be used for controller hard disc data real-time encryption and decryption and identifying user identity;
Wherein, described display, keyboard and fingerprint sensor are arranged on the surface of the upper cover body of hard-disk cartridge;
Described controller is connected with display, keyboard, fingerprint sensor, hard disk body respectively.
2. hardware encryption portable hard drive according to claim 1 is characterized in that: described controller adopts the SSX45 safety chip.
3. hardware encryption portable hard drive according to claim 1 is characterized in that: described fingerprint sensor adopts the fingerprint sensor of radio frequency living body finger print recognition technology.
4. the application process of a hardware encryption portable hard drive is characterized in that, may further comprise the steps:
Steps A, system powers on, and enters user authentication status: adopt fingerprint sensor and controller to shake hands, shake hands by after, enter next step; Otherwise continue to shake hands, withdraw from until outage;
Step B carries out user fingerprints identification, after the fingerprint recognition success, carries out that USB enumerates, the identification of connection, hard disk; Unsuccessful when fingerprint recognition, then continue to carry out fingerprint recognition, withdraw from until outage;
Step C, controller is judged the operation that computer carries out, automatic distinguishing instruction and data part according to the type of the instruction that host computer is sent:
C-1, when the instruction of sending when host computer was " writing " instruction, controller carried out the data that receive real-time encrypted and writes in the hard disk;
C-2, when the instruction of sending when host computer was " reading " instruction, controller went out data corresponding in the hard disk according to information extraction in the instruction, sends to host computer behind the real time decrypting again;
C-3 when not belonging to the type of C-1, C-2, judges whether that the entrance management employee makes state, when the result is not, then enters holding state; When the result for being the then person's of managing authentication;
C-3-1 is when keeper's authentication success, then entrance management person's subroutine;
C-3-2, unsuccessful when keeper's authentication, verify again that then checking number of times, the failure of stipulating are locked until surpassing.
5. the application process of hardware encryption portable hard drive according to claim 4, it is characterized in that step C-1 middle controller carries out extracting among real-time encrypted, the step C-2 data certain in the hard disk to the data that receive, and to carry out real time decrypting be that the method for following USB2.0 agreement and SCSI instruction set realizes.
6. the application process of hardware encryption portable hard drive according to claim 4 is characterized in that, controller described in each step adopts the SSX45 safety chip.
7. the application process of hardware encryption portable hard drive according to claim 4 is characterized in that: the described fingerprint sensor of steps A adopts the fingerprint sensor of radio frequency living body finger print recognition technology.
CN2011101065809A 2011-04-27 2011-04-27 Hardware-encryption mobile hard disk drive and application method thereof Pending CN102184144A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN2011101065809A CN102184144A (en) 2011-04-27 2011-04-27 Hardware-encryption mobile hard disk drive and application method thereof

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN2011101065809A CN102184144A (en) 2011-04-27 2011-04-27 Hardware-encryption mobile hard disk drive and application method thereof

Publications (1)

Publication Number Publication Date
CN102184144A true CN102184144A (en) 2011-09-14

Family

ID=44570324

Family Applications (1)

Application Number Title Priority Date Filing Date
CN2011101065809A Pending CN102184144A (en) 2011-04-27 2011-04-27 Hardware-encryption mobile hard disk drive and application method thereof

Country Status (1)

Country Link
CN (1) CN102184144A (en)

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104951689A (en) * 2015-07-17 2015-09-30 王景春 Bridge type encryption and decryption chip card
CN105930737A (en) * 2016-05-18 2016-09-07 王爱华 U-port mobile hard disk used for data encryption and decryption of network and external storage and realizing method thereof
CN108154043A (en) * 2016-12-05 2018-06-12 中标软件有限公司 The safety protecting method of software cryptography solid state disk
CN109074147A (en) * 2016-04-01 2018-12-21 微软技术许可有限责任公司 Keyset fingerprint sensor
CN109976649A (en) * 2017-12-27 2019-07-05 宇瞻科技股份有限公司 Touch-control disk partition zone control system and method
CN111045962A (en) * 2019-12-18 2020-04-21 湖南国科微电子股份有限公司 SD card data security method, system, equipment and computer medium

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN2819314Y (en) * 2005-04-08 2006-09-20 董培德 Enciphered fingerprint memory
CN1991800A (en) * 2005-12-31 2007-07-04 联想(北京)有限公司 Fingerprint identification storage device and fingerprint identification method
CN101562040A (en) * 2008-04-15 2009-10-21 航天信息股份有限公司 High-security mobile memory and data processing method thereof

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN2819314Y (en) * 2005-04-08 2006-09-20 董培德 Enciphered fingerprint memory
CN1991800A (en) * 2005-12-31 2007-07-04 联想(北京)有限公司 Fingerprint identification storage device and fingerprint identification method
CN101562040A (en) * 2008-04-15 2009-10-21 航天信息股份有限公司 High-security mobile memory and data processing method thereof

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104951689A (en) * 2015-07-17 2015-09-30 王景春 Bridge type encryption and decryption chip card
CN104951689B (en) * 2015-07-17 2018-05-18 王景春 Bridge-type deciphering chip card
CN109074147A (en) * 2016-04-01 2018-12-21 微软技术许可有限责任公司 Keyset fingerprint sensor
CN105930737A (en) * 2016-05-18 2016-09-07 王爱华 U-port mobile hard disk used for data encryption and decryption of network and external storage and realizing method thereof
CN108154043A (en) * 2016-12-05 2018-06-12 中标软件有限公司 The safety protecting method of software cryptography solid state disk
CN109976649A (en) * 2017-12-27 2019-07-05 宇瞻科技股份有限公司 Touch-control disk partition zone control system and method
CN109976649B (en) * 2017-12-27 2022-03-11 宇瞻科技股份有限公司 Control system and method for touch control disk partition area
CN111045962A (en) * 2019-12-18 2020-04-21 湖南国科微电子股份有限公司 SD card data security method, system, equipment and computer medium

Similar Documents

Publication Publication Date Title
CN101650693B (en) Security control method for mobile hard disk and security mobile hard disk
CN201408535Y (en) Trusted hard disk facing to trusted computation cryptograph supporting platform
CN103886234B (en) A kind of fail-safe computer based on encryption hard disk and data security control method thereof
CN102184144A (en) Hardware-encryption mobile hard disk drive and application method thereof
CN101082884A (en) Finger print safety storage U disk
CN102664036A (en) Fingerprint encryption intelligent digital U disk
CN105809070A (en) USB flash disk fingerprint authentication encryption method
CN101082883A (en) Storage apparatus having multiple layer encrypting protection
CN102932140A (en) Key backup method for enhancing safety of cipher machine
CN103345601A (en) Identity recording and verification system based on radio frequency
CN2927179Y (en) Fingerprint safety storage USB disk
CN101930521A (en) File protecting method and device thereof
CN201590091U (en) Encryption type memory card read/write device based on password authentication
CN1333348C (en) Method for protecting portable cryptographic storage device of containing biological identification and stored data
CN103927803A (en) Active radio frequency identification (RFID)-based power door lock control system
CN102024115A (en) Computer with user security subsystem
CN102385673B (en) Human body lock
CN101127013A (en) Enciphered mobile storage apparatus and its data access method
CN202058159U (en) USB key
CN202838313U (en) Encrypted mobile hard disk of integrated NFC technology
CN106855923A (en) A kind of electronic installation based on biological identification technology
CN201993769U (en) Encryption card supporting USB intelligent secret keys
CN101968773A (en) Data storage system with biometric protection and method thereof
CN201199439Y (en) Mobile storage apparatus
CN102215108A (en) Encryption card certification and authority method adopting USB intelligent secret key and encryption card

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C02 Deemed withdrawal of patent application after publication (patent law 2001)
WD01 Invention patent application deemed withdrawn after publication

Application publication date: 20110914