CN102591804A - Flash (flash memory) data encryption protection method - Google Patents

Flash (flash memory) data encryption protection method Download PDF

Info

Publication number
CN102591804A
CN102591804A CN201110009592XA CN201110009592A CN102591804A CN 102591804 A CN102591804 A CN 102591804A CN 201110009592X A CN201110009592X A CN 201110009592XA CN 201110009592 A CN201110009592 A CN 201110009592A CN 102591804 A CN102591804 A CN 102591804A
Authority
CN
China
Prior art keywords
data
flash
circuit
address
Prior art date
Application number
CN201110009592XA
Other languages
Chinese (zh)
Inventor
薛平
Original Assignee
上海华虹集成电路有限责任公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 上海华虹集成电路有限责任公司 filed Critical 上海华虹集成电路有限责任公司
Priority to CN201110009592XA priority Critical patent/CN102591804A/en
Publication of CN102591804A publication Critical patent/CN102591804A/en

Links

Abstract

A flash (flash memory) data encryption protection method is used for encrypting input data of a flash by additionally arranging a scrambling circuit and an operational circuit in a circuit design. The data scrambling circuit is used for scrambling the input data by bits, so that addresses of data stored in the flash are disordered, and a fixed mapping relation exists between target data addresses and the original data addresses. The data operational circuit is used for logical operation of the disordered data by bits, and the transmitted data are encrypted. When read out, the data are processed according to the same logical operation rule and the data mapping rule, so that data output accuracy is guaranteed. By the aid of content of the method, when the flash is cracked by people, the data in the flash can be completely protected.

Description

ー种flash数据加密保护的方法 The method of data encryption flash ー protected species

技术领域 FIELD

[0001] 本发明涉及ー种数据保护方法,尤其涉及ー种flash数据加密保护的实现方法。 [0001] The present invention relates to a method for data protection ー species, in particular implementations of cryptographic protection of the data related to flash ー species. 背景技术 Background technique

[0002] Flash (全称flash memory,快速闪存)是ー种非易失性存储体,在没有电流供应的条件下也能够长久地保持数据。 [0002] Flash (full name flash memory, fast flash) is a kind of nonvolatile memory ー thereof, the data can be maintained for a long time in the absence of current supply. Flash分为NOR(或非)型和NAND(与非)型,NOR型flash主要集成于芯片内部,用于存储程序或数据。 Flash into the NOR (NOR) type and the NAND (NAND) type, NOR-type flash main integrated chip, used to store programs or data. NAND型flash主要用于大数据量的数据存储,如U盘或存储卡等。 NAND-type flash mainly for large amounts of data storage, such as a U-disk or a memory card. Flash技术以其大数据量存储及数据长久保存的特性得到了广泛的应用。 Flash technology for its large amount of data storage and data long-term preservation of the properties has been widely used.

[0003] 目前的智能卡内部普遍集成了NOR型flash,用来存储用户数据以及代替R0M(只读存储器)存储程序。 [0003] Current common internal smart card integrated NOR type flash, and to store data instead of user R0M (Read Only Memory) storing the program. 如今的智能卡应用范围很广,涉及通信、金融、社保等多个行业,因此智能卡内数据安全性就成为重要的问题。 Today, a wide range of smart card applications, involving a number of industries communications, finance, social security, etc., so the smart card data security has become an important issue. 不但需要智能卡在正常应用环境下保证数据安全,而且在受到恶意攻击时也能保证数据的安全性。 Not only need a smart card in a normal application environment to ensure data security, but also when subjected to malicious attacks also ensures the security of data.

[0004] 通常应用中flash设计,容易被破译分析,破解者可能从flash中获取重要的用户数据,给用户造成信息安全的威胁。 [0004] usually used in flash design, analyze easily cracked, cracker may get important user data from the flash, resulting in information security threat to the user. 如何提供ー种flash数据的保护方法,对flash内数据进行加密保护,使得即使flash遭到破译时其内数据也不会被破解,为本发明所要解决的技术问题。 How to provide ー kinds of flash data protection methods for encrypting data within the flash protection, so that its internal data will not be cracked even when flash was deciphered, technical problems to be solved by the present invention.

发明内容 SUMMARY

[0005] 本发明目的提供ー种flash数据加密保护的方法,采用在电路设计中增设扰码电路和运算电路的实现方式,对flash的输入数据进行加密处理,实现数据保护的目的。 Objective [0005] The present invention provides a method of data encryption flash ー protected species, and the use of additional scrambling circuit operation circuit in the circuit design implementations, the flash input data is encrypted, to achieve the purpose of data protection.

[0006] ー种flash数据加密保护的方法,设立数据地址扰码电路和数据运算电路,包含以下内容: [0006] Species ー flash data encryption method of protection, the establishment of the address data scrambling circuit and a data calculating circuit, comprising the following:

[0007] 电路中处理器CPU发出的数据信号经数据地址扰码电路按位进行重新排列,使得输出的目标数据地址与处理器发出的原始数据地址产生固定的映射关系,数据读出时按照相同的地址映射规则进行处理。 [0007] The data signal processor circuit data address issued by the CPU scrambler bit rearrangement circuit, so that the original data address target data address issued by the processor to produce a fixed output mapping relationships, data read out in the same address mapping rules are processed.

[0008] 对电路中经扰码电路处理后的数据按位进行逻辑运算,使得输出数据与经扰码后的数据产生固定的逻辑运算关系。 [0008] The scrambled data processing circuit performs a logic operation circuit by bit, so that the output data of the scrambled data to produce a fixed relationship logical operation. 在数据读出时,采用相同的逻辑规则进行处理。 When the data is read out, using logic rules for processing the same.

[0009] 数据扰码电路对输入数据进行按位扰码处理,使得flash中存储的数据地址产生乱序,并使得目标数据地址与原始数据地址间存在固定的映射关系。 [0009] The data scrambler circuit for processing input data bit scrambling code, so that the address data stored in the flash generating scrambled, and so there is a fixed mapping between the address data and target address of the original data. 乱序后的数据经数据运算电路按位进行逻辑运算,对传输数据进行加密处理。 The data scrambled by the operation circuit performs a logic operation of data bits, the transmission data is encrypted. 在数据读出时,按照上述相同的逻辑运算规则和数据映射规则进行处理,保证数据输出的准确性。 When data is read out, the processing operation according to the above rules and the same logical data mapping rules to ensure the accuracy of the data output.

[0010] 本发明提供的内容,能够对flash内的数据进行加密保护,当flash遭到破解破坏吋,flash内数据因加密保护而不会被破译,从而实现对其数据的保护。 [0010] The present invention provides, you can encrypt data within the flash, flash when being destroyed inch crack, due to encrypt data within the flash will not be deciphered, so as to achieve protection of their data.

附图说明[0011] 图1本发明提供的flash数据保护的方法数据流向示意图具体实施方式 BRIEF DESCRIPTION OF flash Data [0011] Figure 1 of the present invention provides a method of protecting data flow schematic DETAILED DESCRIPTION

[0012] 以下结合附图,举例对本发明提供的内容进行详细的描述。 [0012] conjunction with the drawings, illustrative of the present invention provides a detailed description.

[0013] 假设数据如表1中所示,将flash内数据从高位至低位顺序颠倒,原始数据0、1、2、 3被乱序为0、8、4、12。 [0013] Suppose the data as shown in Table 1, the flash in the data inverted from the high to the low order, the raw data 1, 2, 3 are out of order as 0,8,4,12. 此时写入flash的数据为0、8、4、12,读出时做相同规则的扰码处理后重新排序,则可以得到原始数据0、1、2、3。 At this time, the data is written to the flash 0,8,4,12, after rearrangement rules do the same when the read-out scrambling, the original data can be obtained 0,1,2,3. 表1中详细列出了数据经扰码电路处理后的内容。 Table 1 details the scrambled content data processing circuit.

[0014] [0014]

Figure CN102591804AD00041

[0015] 表1 [0015] TABLE 1

[0016] 经逻辑运算电路将flash内第0和第2位异或写入第2位,第1和第3位异或写入第3位,第0和第1位不变,则原始数据0、1、2、3运算后为0、5、10、15,写入flash的数据为0、5、10、15。 [0016] The flash circuit operation through a logic 0 and the second XOR of two bits is written, a second and a third XOR write bit 3, bit 0 and 1 unchanged, the raw data after the operation is a 0,1,2,3 0,5,10,15, 0,5,10,15 data write to the flash. 读出时按照相同的逻辑运算规则,可以得到原始数据0、1、2、3,如表2中所不。 Reading out the logical operation in accordance with the same rules, 0,1,2,3 original data can be obtained, as shown in Table 2 are not.

[0017] [0017]

Figure CN102591804AD00042

[0018]表 2 [0018] TABLE 2

[0019] 在具体实施过程中,可根据需要设定数据地址扰码映射规则和逻辑运算规则,设计不同的加密保护电路,从而实现硬件上对flash数据的加密保护。 [0019] In a specific implementation, the address data may be set as required scrambling mapping rules and logic operation rules, different encryption protection circuit design, thereby achieving encryption of data on the flash hardware.

Claims (4)

1. ー种flash数据加密保护的方法,其特征在于设立数据地址扰码电路和数据运算电路对数据进行加密。 1. ー flash data encryption method, which is characterized by the establishment of a data address arithmetic circuit and a data scrambler circuit encrypts the data.
2.如权利要求1所述的ー种flash数据加密保护方法,其特征在于所述数据地址扰码电路对输入数据地址进行按位进行扰码处理,flash中存储的数据地址产生乱序,目标数据地址与原始数据地址间存在固定的映射关系。 2. ー species flash protection data encryption method according to claim 1, wherein said address data input data scrambling circuit for scrambling address bit, address data stored in the flash generating disorder, certain between the original data and the address data there is a fixed address mappings.
3.如权利要求1所述的ー种flash数据加密保护方法,其特征在于所述数据运算电路对经扰码电路处理后的数据按位进行逻辑运算,使输出数据与经扰码后的数据产生固定的逻辑运算关系。 3. ー species flash protection data encryption method according to claim 1, wherein said arithmetic circuit data scrambled data processing circuit bitwise logical operation, the output data of the scrambled data logic operation results in a fixed relationship.
4.如权利要求1所述的ー种flash数据加密保护方法,其特征在于数据读出时按照相同的逻辑运算规则和映射规则进行处理,输出原始传输数据。 4. ー species flash protection data encryption method according to claim 1, characterized in that the data is read out according to the same rules and mapping rules logic operation, and outputting the original transmission data.
CN201110009592XA 2011-01-17 2011-01-17 Flash (flash memory) data encryption protection method CN102591804A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201110009592XA CN102591804A (en) 2011-01-17 2011-01-17 Flash (flash memory) data encryption protection method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201110009592XA CN102591804A (en) 2011-01-17 2011-01-17 Flash (flash memory) data encryption protection method

Publications (1)

Publication Number Publication Date
CN102591804A true CN102591804A (en) 2012-07-18

Family

ID=46480490

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201110009592XA CN102591804A (en) 2011-01-17 2011-01-17 Flash (flash memory) data encryption protection method

Country Status (1)

Country Link
CN (1) CN102591804A (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1720507A (en) * 2002-12-04 2006-01-11 皇家飞利浦电子股份有限公司 Address encryption method for flash memories
CN1771483A (en) * 2004-11-15 2006-05-10 山口育男 Semiconductor memory device
CN101114257A (en) * 2006-07-25 2008-01-30 索尼株式会社 Memory access control apparatus and method, and communication apparatus
CN101241758A (en) * 2007-01-04 2008-08-13 三星电子株式会社 Memory system and method using scrambled address data
CN101556560A (en) * 2008-04-09 2009-10-14 群联电子股份有限公司 Storage device, controller and data access method thereof

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1720507A (en) * 2002-12-04 2006-01-11 皇家飞利浦电子股份有限公司 Address encryption method for flash memories
CN1771483A (en) * 2004-11-15 2006-05-10 山口育男 Semiconductor memory device
CN101114257A (en) * 2006-07-25 2008-01-30 索尼株式会社 Memory access control apparatus and method, and communication apparatus
CN101241758A (en) * 2007-01-04 2008-08-13 三星电子株式会社 Memory system and method using scrambled address data
CN101556560A (en) * 2008-04-09 2009-10-14 群联电子股份有限公司 Storage device, controller and data access method thereof

Similar Documents

Publication Publication Date Title
US6820177B2 (en) Protected configuration space in a protected environment
Ren et al. Design space exploration and optimization of path oblivious RAM in secure processors
CN103210396B (en) Comprise the method and apparatus of the framework for the protection of sensitive code and data
US9483422B2 (en) Access to memory region including confidential information
US7876894B2 (en) Method and system to provide security implementation for storage devices
EP2726991B1 (en) Method and apparatus for memory encryption with integrity check and protection against replay attacks
US9742563B2 (en) Secure provisioning of secret keys during integrated circuit manufacturing
US20090187771A1 (en) Secure data storage with key update to prevent replay attacks
Sadeghi et al. Towards hardware-intrinsic security
US8862901B2 (en) Memory subsystem and method therefor
JP2011070664A (en) Storage system including encryption key selecting device, and encryption key selecting method
TWI631482B (en) Method and apparatus of encryption of executables in computational memory
Young et al. DEUCE: Write-efficient encryption for non-volatile memories
US20130145177A1 (en) Memory location specific data encryption key
US20150294123A1 (en) System and method for sharing data securely
CN101673251B (en) Device with privileged memory and applications thereof
US9792063B2 (en) Deduplication-based data security
Henson et al. Memory encryption: A survey of existing techniques
Elbaz et al. Hardware mechanisms for memory authentication: A survey of existing techniques and engines
US9021272B2 (en) Systems and methods for managing cryptographic keys in a secure microcontroller
US7519830B2 (en) Secure storage of data
WO2002025410A3 (en) Protect by data chunk address as encryption key
DE102013108394A1 (en) A method of managing a secure data store key and apparatus therefor
US20140208109A1 (en) Method and system for protecting memory information in a platform
US20060015753A1 (en) Internal RAM for integrity check values

Legal Events

Date Code Title Description
C06 Publication
C10 Entry into substantive examination
C05 Deemed withdrawal (patent law before 1993)