CN103647654A - Trusted computing based power distribution terminal key management method - Google Patents
Trusted computing based power distribution terminal key management method Download PDFInfo
- Publication number
- CN103647654A CN103647654A CN201310726584.6A CN201310726584A CN103647654A CN 103647654 A CN103647654 A CN 103647654A CN 201310726584 A CN201310726584 A CN 201310726584A CN 103647654 A CN103647654 A CN 103647654A
- Authority
- CN
- China
- Prior art keywords
- key
- etm
- distribution terminal
- identity
- management method
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Landscapes
- Mobile Radio Communication Systems (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The invention relates to a trusted computing based power distribution terminal key management method. The trusted computing based power distribution terminal key management method comprises step 1, building an ETM (Electrical Trusted Module) key structure according to a power distribution terminal; step 2, generating a power distribution terminal identity certificate based on an ETM key; step 3, storing and managing power distribution terminal data based on the ETM key; step 4, performing remote proving on the state of the power distribution terminal based on the ETM key. The related key of the power distribution terminal is stored in an ETM which provides the hardware level of protection for the key and the security of the key operating result is further guaranteed due to the security of the key. The identity and state certification of the power distribution terminal in power grid communication can be achieved based on the terminal integrity state of a power distribution terminal identity key signature and accordingly the security of the power grid communication can be further enhanced.
Description
Technical field
A kind of electric-power system management method of the present invention, specifically relates to a kind of distribution terminal key management method based on credible calculating.
Background technology
Intelligent grid as following power network development trend, just day by day become the emphasis of countries in the world development, be based upon the intelligent grid on basis integrated, high-speed bidirectional communication network, application realizes the target of reliable, the safety, economy of electrical network, efficient, environmental friendliness and use safety by advanced sensing and measuring technique, advanced control method and advanced DSS technology.A valuable feature of intelligent grid is power distribution automation.
Distribution terminal in power distribution automation has the operation function of examination and controlling distribution wire.Due to complexity and the uncertainty of environment of living in, its safety problem facing is more complicated than PC system.Distribution terminal may suffer to threaten and from the security threat of mobile Internet as physical damage, viral wooden horse.Therefore, for these, threaten, distribution terminal generally has following demand for security, such as data integrity, and data encryption, non-repudiation etc.In order to promote the safety of distribution terminal, utilize OpenSSL to encrypt the method that kit is tested the security protection ability of distribution terminal, and use hash computing and asymmetric encryption techniques to realize order integrity check and the authentication to distribution network master station.Utilize asymmetric encryption techniques distribution main website to be carried out to the methods such as unidirectional authentication and message integrity protection with distribution terminal, and proposed the thinking of external security module, to reduce the transformation to distribution terminal equipment.Although above-mentioned safety approach can improve the safety of distribution terminal to a certain extent, these schemes are not all considered the safety management of key, once key is revealed or stolen, stronger safety approach also can not play a role.
Summary of the invention
For the deficiencies in the prior art, the invention provides a kind of distribution terminal key management method based on credible calculating, the method has designed electric power trusted module ETM(Electrical Trusted Module), the key structure that comprises ETM, and the distribution terminal letter of identity based on ETM key generates, data security is stored and state authentication.Aspect the safety management of key, credible calculating is a kind of good solution.Credible calculating is a kind of information system security new technology.Its main thought is on computer hardware platforms framework, to introduce the fail safe that safety chip improves terminal system.In credible calculating, key is with tree structure storage, and SRK, as one-level key (also claiming master key), is stored in safety zone, and remaining key is protected directly or indirectly by it, and its protected mode is father's secret key encryption sub-key.The advantage of credible calculating contrast conventional security is: outside can not obtain arbitrarily having the information in the hardware chip of safety function.
The object of the invention is to adopt following technical proposals to realize:
A distribution terminal key management method based on credible calculating, its improvements are, described method comprises:
(1) according to distribution terminal, build ETM key structure;
(2) generate the distribution terminal letter of identity based on ETM key;
(3) based on ETM key storage and manage distribution terminal data;
(4) based on ETM secret key remote proof distribution terminal state.
Preferably, in described step (1), ETM key solidifies ETM key groove, and its key groove storage Binding key handle comprises: ETM_IDENTITY_KEY_PRIV-identity key private key handle, ETM_IDENTITY_KEY_PUB-identity key PKI handle, ETM_SMS4_KEY_1-SMS4-symmetric key handle 1, ETM_SMS4_KEY_2-SMS4-symmetric key handle 2, ETM_SMS4_KEY_3-SMS4-symmetric key handle 3 and ETM_SMS4_KEY_4-SMS4 symmetric key handle 4.
Preferably, described step (2) comprises the letter of identity that generates distribution terminal safety chip ETM based on electric power CA system.
Further, described electric power CA system comprises three grades of authentication models; Ground floor is that total root CA nets in state; The second layer is that the secondary CA that total root CA signs and issues nets in state, for netting provincial unit; The 3rd layer of three grades of CA signing and issuing for secondary CA, for prefecture-level unit.
Preferably, described step (2) comprises
(2.1) produce a pair of public and private key during chip manufacturers produce ETM, to the registration center of 2 grades of CA, send certificates constructing request;
(2.2) registration center, by ETM Data Enter database, forwards certificate request to authentication center;
(2.3) authentication center is used this CA private key to sign and issue digital certificate by encrypted card equipment;
(2.4) authentication center deposits digital certificate in certificate data library backup, to registration center, returns to digital certificate;
(2.5) registration center returns to the public key certificate of digital certificate and this CA to chip manufacturer;
(2.6) two certificates that chip manufacturer returns to the private key generating before and registration center deposit ETM chip in.
Preferably, described step (3) comprises key and the data encrypting and deciphering of storing and manage generation.
Further, described key generates and comprises that the cryptographic algorithm that ETM supports has asymmetric cryptographic algorithm SM2, for the generation of identity key; With symmetric cryptographic algorithm SMS4, for data encrypting and deciphering.
Further, the data that distribution terminal relates to are encrypted and decryption oprerations at chip internal, for guaranteeing the fail safe of cipher key operation.
Preferably, described step (4) comprises
(4.1) distribution terminal is used identity key to sign to PCR;
(4.2), according to the different CA that sign and issue letter of identity, the certificate that distribution terminal sends to remote parties is also different;
(4.3) remote parties identity verification certificate, letter of identity is verified, and continues the signature with letter of identity checking PCR, and PCR signature verification is passed through, and by PCR value and reference value comparison, unanimously shows that SOT state of termination proves successfully; Otherwise prove unsuccessfully, this SOT state of termination is insincere.
Compared with the prior art, beneficial effect of the present invention is:
1) the related key of distribution terminal is all stored in electric power trusted module ETM, and ETM provides the protection of hardware-level for key, and the safety of key has further guaranteed the safety of cipher key operation result;
2) use of ETM can ensure the integrality of distribution terminal equipment, antagonism Malware and user's malicious act;
3) ETM designs for the feature of distribution terminal equipment, and it uses the normal function that does not affect distribution terminal, also can not cause large extra load to distribution terminal;
4) net of the letter of identity Dou Shiyou state based on distribution terminal identity key CA system is signed and issued, and has realized the seamless combination of netting CA framework with existing state, is convenient to unified plan and management;
5) the Endpoint integrity state based on distribution terminal identity key signature, can realize identity and the state authentication of distribution terminal in the communication system of power grids, further strengthens communication system of power grids safety.
Accompanying drawing explanation
Fig. 1 is a kind of distribution terminal key management method flow chart based on credible calculating provided by the invention.
Fig. 2 is a kind of distribution terminal key management method letter of identity flow chart based on credible calculating provided by the invention.
Fig. 3 is a kind of distribution terminal key management method remote proving flow chart based on credible calculating provided by the invention.
Embodiment
Below in conjunction with accompanying drawing, the specific embodiment of the present invention is described in further detail.
A kind of distribution terminal key management method based on credible calculating of the present invention, specific as follows:
(1) according to the key structure of the concrete feature design electric power trusted module ETM of distribution terminal;
Consider the finiteness of key space in the electric power trusted module ETM that is applied in distribution terminal and the simplicity that key is used, different from the key management system that TPM/TCM chip is loaded down with trivial details, ETM directly solidifies several key grooves, and the Password Operations such as corresponding key generation, encryption and decryption, signature are provided.
Different from TPM/TCM, ETM public key operation all completes in ETM, so ETM need to provide the command operations such as public key encryption, signature verification, and the supporting order such as public key certificate importing, generation.
Electric power trusted module ETM is similar to credible computationally secure chip TPM/TCM, be deployed in power industry equipment such as on distribution terminal, chip internal has crypto-operation ability, safe storage ability, externally provide the similar credible computing function with TPM/TCM, as hardware identity sign, integrity measurement and storage, remote proving etc.
Key handle corresponding to key groove of ETM comprises: ETM_IDENTITY_KEY_PRIV(identity key private key handle), ETM_IDENTITY_KEY_PUB(identity key PKI handle), ETM_SMS4_KEY_1(SMS4 symmetric key handle 1), ETM_SMS4_KEY_2(SMS4 symmetric key handle 2), ETM_SMS4_KEY_3(SMS4 symmetric key handle 3), ETM_SMS4_KEY_4(SMS4 symmetric key handle 4).
(2) generation and the management of the distribution terminal letter of identity based on ETM key;
In order to ensure the safety of higher level and to be convenient to unified management, all kinds of certificates that distribution terminal safety chip ETM relates to as letter of identity be all to generate based on electric power CA system.
Electric power CA system is based on three grades of authentication models.Ground floor is that total root CA nets in state, and the secondary CA that total root CA signs and issues nets in second layer Shi You state, for netting provincial unit; The 3rd layer is three grades of CA that secondary CA signs and issues, for prefecture-level unit.The source that total root CA is all certificate verifications is netted by the state of electric power system, and therefore, each ETM, can be at the certificate of the preset total root CA of chip internal when dispatching from the factory.
As shown in Figure 2, the generation of ETM letter of identity depends on chip manufacturer and sends corresponding request to electric power CA system.According to the difference of distribution terminal suitable environment, the CA that issues letter of identity is also different.If this distribution terminal Shi Youwangsheng company disposes, use, ZeETM chip manufacturer need to send in one's application to 2 grades of CA of electric power system.
1) chip manufacturer utilizes ETM to produce a pair of public and private key when producing ETM, to the registration center of 2 grades of CA, sends certificates constructing request;
2) registration center, by ETM Data Enter database, forwards certificate request to authentication center;
3) authentication center utilizes encrypted card equipment to use this CA private key to sign and issue digital certificate;
4) authentication center deposits digital certificate in certificate data library backup, to registration center, returns to digital certificate;
5) registration center returns to the public key certificate of digital certificate and this CA to chip manufacturer;
6) two certificates that chip manufacturer returns to the private key generating before and registration center deposit ETM chip in.
(3) the distribution terminal data storage management based on ETM key;
Distribution terminal data storage management based on ETM key comprises:
1) key generates, and comprises the key generative process of the cryptographic algorithm of ETM internal support;
2) data encrypting and deciphering, comprises the data encrypting and deciphering process of ETM internal support.
The cryptographic algorithm that ETM supports has asymmetric cryptographic algorithm SM2 and symmetric cryptographic algorithm SMS4, and SM2 key is mainly used in the generation of identity key, and SMS4 key is for data encrypting and deciphering.
ETM key generative process, for to have four key grooves at ETM inside solidification, is deposited four SMS4 keys, and corresponding fixing key handle facilitates application layer to use respectively.While generating key, must specify corresponding key handle.Internal hardware generates new key according to the instruction receiving, and it is bound and is inserted in corresponding key groove with corresponding key handle simultaneously.
The advantage of ETM data encrypting and deciphering is the safety that can hardware guarantees Password Operations, and the data that distribution terminal relates to all can only be in chip internal encryption and decryption.
The instruction that ETM data encrypting and deciphering process is encrypted for send use symmetric cryptographic algorithm to ETM chip, specify encryption keys handle, given data to be encrypted, chip internal returns to the data after encryption after completing and encrypting.Decipher similar with it.
(4) the distribution terminal status remote based on ETM key proves;
At distribution terminal, start in running the platform configuration register PCR(Platform Configuration Register of ETM) recorded SOT state of termination, the PCR based on ETM identity key signature can prove SOT state of termination to remote parties.
What the PCR of ETM stored is the integrity measurement value of all operation parts of terminal, starts operation order totally extend to successively in PCR according to parts, can not independently change, and has reflected really the running status of terminal.
As shown in Figure 3, distribution terminal is used identity key to sign to PCR; According to the difference of signing and issuing the CA of letter of identity, the certificate that distribution terminal sends to remote parties is also different, if letter of identity is issued by 2 grades of CA, distribution terminal is issued remote parties by letter of identity, 2 grades of CA certificates in the lump in company with the PCR signing; Remote parties identity verification certificate, if be verified, continues the signature with letter of identity checking PCR, if be verified, by PCR value and reference value comparison, if unanimously show, SOT state of termination proves successfully, otherwise proves unsuccessfully, and this SOT state of termination is insincere.
Finally should be noted that: above embodiment is only in order to illustrate that technical scheme of the present invention is not intended to limit, although the present invention is had been described in detail with reference to above-described embodiment, those of ordinary skill in the field are to be understood that: still can modify or be equal to replacement the specific embodiment of the present invention, and do not depart from any modification of spirit and scope of the invention or be equal to replacement, it all should be encompassed in the middle of claim scope of the present invention.
Claims (9)
1. the distribution terminal key management method based on credible calculating, is characterized in that, described method comprises:
(1) according to distribution terminal, build ETM key structure;
(2) generate the distribution terminal letter of identity based on ETM key;
(3) based on ETM key storage and manage distribution terminal data;
(4) based on ETM secret key remote proof distribution terminal state.
2. a kind of distribution terminal key management method based on credible calculating as claimed in claim 1, it is characterized in that, in described step (1), ETM key solidifies ETM key groove, its key groove storage Binding key handle comprises: ETM_IDENTITY_KEY_PRIV-identity key private key handle, ETM_IDENTITY_KEY_PUB-identity key PKI handle, ETM_SMS4_KEY_1-SMS4-symmetric key handle 1, ETM_SMS4_KEY_2-SMS4-symmetric key handle 2, ETM_SMS4_KEY_3-SMS4-symmetric key handle 3 and ETM_SMS4_KEY_4-SMS4 symmetric key handle 4.
3. a kind of distribution terminal key management method based on credible calculating as claimed in claim 1, is characterized in that, described step (2) comprises the letter of identity that generates distribution terminal safety chip ETM based on electric power CA system.
4. a kind of distribution terminal key management method based on credible calculating as claimed in claim 3, is characterized in that, described electric power CA system comprises three grades of authentication models; Ground floor is that total root CA nets in state; The second layer is that the secondary CA that total root CA signs and issues nets in state, for netting provincial unit; The 3rd layer of three grades of CA signing and issuing for secondary CA, for prefecture-level unit.
5. a kind of distribution terminal key management method based on credible calculating as claimed in claim 1, is characterized in that, described step (2) comprises
(2.1) produce a pair of public and private key during chip manufacturers produce ETM, to the registration center of 2 grades of CA, send certificates constructing request;
(2.2) registration center, by ETM Data Enter database, forwards certificate request to authentication center;
(2.3) authentication center is used this CA private key to sign and issue digital certificate by encrypted card equipment;
(2.4) authentication center deposits digital certificate in certificate data library backup, to registration center, returns to digital certificate;
(2.5) registration center returns to the public key certificate of digital certificate and this CA to chip manufacturer;
(2.6) two certificates that chip manufacturer returns to the private key generating before and registration center deposit ETM chip in.
6. a kind of distribution terminal key management method based on credible calculating as claimed in claim 1, is characterized in that, described step (3) comprises stores and manage key and the data encrypting and deciphering generating.
7. a kind of distribution terminal key management method based on credible calculating as claimed in claim 6, is characterized in that, described key generates and comprises that the cryptographic algorithm that ETM supports has asymmetric cryptographic algorithm SM2, for the generation of identity key; With symmetric cryptographic algorithm SMS4, for data encrypting and deciphering.
8. a kind of distribution terminal key management method based on credible calculating as claimed in claim 6, is characterized in that, the data that distribution terminal relates to are encrypted and decryption oprerations at chip internal, for guaranteeing the fail safe of cipher key operation.
9. a kind of distribution terminal key management method based on credible calculating as claimed in claim 1, is characterized in that, described step (4) comprises
(4.1) distribution terminal is used identity key to sign to PCR;
(4.2), according to the different CA that sign and issue letter of identity, the certificate that distribution terminal sends to remote parties is also different;
(4.3) remote parties identity verification certificate, letter of identity is verified, and continues the signature with letter of identity checking PCR, and PCR signature verification is passed through, and by PCR value and reference value comparison, unanimously shows that SOT state of termination proves successfully; Otherwise prove unsuccessfully, this SOT state of termination is insincere.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310726584.6A CN103647654B (en) | 2013-12-25 | 2013-12-25 | A kind of power distribution terminal key management method based on trust computing |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310726584.6A CN103647654B (en) | 2013-12-25 | 2013-12-25 | A kind of power distribution terminal key management method based on trust computing |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN103647654A true CN103647654A (en) | 2014-03-19 |
| CN103647654B CN103647654B (en) | 2017-07-14 |
Family
ID=50252815
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201310726584.6A Active CN103647654B (en) | 2013-12-25 | 2013-12-25 | A kind of power distribution terminal key management method based on trust computing |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103647654B (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105187453A (en) * | 2015-10-22 | 2015-12-23 | 宁波三星医疗电气股份有限公司 | Security encryption communication method of fault indicator |
| CN114268643A (en) * | 2021-11-26 | 2022-04-01 | 许继集团有限公司 | Power distribution internet of things terminal based on active identification technology and management method |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20070033399A1 (en) * | 2005-08-02 | 2007-02-08 | Sony Corporation | Transmitting/receiving system and method, transmitting apparatus and method, receiving apparatus and method, and program used therewith |
| CN101216915A (en) * | 2008-01-21 | 2008-07-09 | 深圳市路通网络技术有限公司 | A secured mobile payment method |
| CN101888383A (en) * | 2010-06-30 | 2010-11-17 | 北京交通大学 | Method for implementing extensible trusted SSH |
| CN102035838A (en) * | 2010-12-07 | 2011-04-27 | 中国科学院软件研究所 | Trust service connecting method and trust service system based on platform identity |
| CN102065003A (en) * | 2010-08-24 | 2011-05-18 | 吉林大学 | Method, system and equipment for realizing trusted secure routing of vehicular information system |
| CN102427449A (en) * | 2011-11-04 | 2012-04-25 | 北京工业大学 | Trusted mobile storage method based on security chips |
-
2013
- 2013-12-25 CN CN201310726584.6A patent/CN103647654B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20070033399A1 (en) * | 2005-08-02 | 2007-02-08 | Sony Corporation | Transmitting/receiving system and method, transmitting apparatus and method, receiving apparatus and method, and program used therewith |
| CN101216915A (en) * | 2008-01-21 | 2008-07-09 | 深圳市路通网络技术有限公司 | A secured mobile payment method |
| CN101888383A (en) * | 2010-06-30 | 2010-11-17 | 北京交通大学 | Method for implementing extensible trusted SSH |
| CN102065003A (en) * | 2010-08-24 | 2011-05-18 | 吉林大学 | Method, system and equipment for realizing trusted secure routing of vehicular information system |
| CN102035838A (en) * | 2010-12-07 | 2011-04-27 | 中国科学院软件研究所 | Trust service connecting method and trust service system based on platform identity |
| CN102427449A (en) * | 2011-11-04 | 2012-04-25 | 北京工业大学 | Trusted mobile storage method based on security chips |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105187453A (en) * | 2015-10-22 | 2015-12-23 | 宁波三星医疗电气股份有限公司 | Security encryption communication method of fault indicator |
| CN114268643A (en) * | 2021-11-26 | 2022-04-01 | 许继集团有限公司 | Power distribution internet of things terminal based on active identification technology and management method |
| CN114268643B (en) * | 2021-11-26 | 2024-04-16 | 许继集团有限公司 | Active identification technology-based power distribution Internet of things terminal and management method |
Also Published As
| Publication number | Publication date |
|---|---|
| CN103647654B (en) | 2017-07-14 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102111265B (en) | Method for encrypting secure chip of power system acquisition terminal | |
| CN105144626B (en) | The method and apparatus of safety is provided | |
| CN103795534B (en) | Authentication method and apparatus for carrying out the method based on password | |
| CN102594558B (en) | Anonymous digital certificate system and verification method of trustable computing environment | |
| CN103503366B (en) | Manage the data for authenticating device | |
| US20140270179A1 (en) | Method and system for key generation, backup, and migration based on trusted computing | |
| CN110050437A (en) | The device and method of distributed certificate registration | |
| WO2011149214A3 (en) | Three-factor user authentication method for generating otp using iris information and secure mutual authentication system using otp authentication module of wireless communication terminal | |
| CN103457739B (en) | Method and device for acquiring dynamic token parameters | |
| CN106471768A (en) | Method and apparatus for setting up secure communication channel | |
| CN103679062A (en) | Intelligent electric meter main control chip and security encryption method | |
| CN107948156A (en) | The closed key management method and system of a kind of identity-based | |
| TW201334493A (en) | Secure key generation | |
| CN103902915B (en) | Trustable industrial control terminal and establishing method thereof | |
| CN108123795A (en) | Distributing method, application process, publishing platform and the system of quantum key chip | |
| CN101610150B (en) | Third-party digital signature method and data transmission system | |
| CN103051455A (en) | Method for realizing delegation of cipher function of TCM (trusted cryptographic module) under cloud computing environment | |
| CN111435390B (en) | Safety protection method for operation and maintenance tool of power distribution terminal | |
| CN112839041B (en) | Block chain-based power grid identity authentication method, device, medium and equipment | |
| CN109460639A (en) | A kind of license authentication control method, device, terminal and storage medium | |
| CN109150528A (en) | A kind of ammeter data access method, device, equipment and readable storage medium storing program for executing | |
| KR101344074B1 (en) | Smart grid data transaction scheme for privacy | |
| CN105281910A (en) | Internet of things lock with CA digital certificate serving as network access identity identifier and network access identity identification method | |
| CN109361520A (en) | Based on the internet of things equipment dynamic encrypting method for logging in serial number | |
| CN104954137A (en) | Method of virtual machine security certification based on domestic password technique |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20171020 Address after: 100031 Xicheng District West Chang'an Avenue, No. 86, Beijing Co-patentee after: China Electric Power Research Institute Patentee after: State Grid Corporation of China Co-patentee after: GLOBAL ENERGY INTERCONNECTION RESEARCH INSTITUTE Co-patentee after: Institute of Information Engineering, Gas Co-patentee after: State Grid Zhejiang Electric Power Company Address before: 100031 Xicheng District West Chang'an Avenue, No. 86, Beijing Co-patentee before: China Electric Power Research Institute Patentee before: State Grid Corporation of China Co-patentee before: Institute of Information Engineering, Gas Co-patentee before: State Grid Zhejiang Electric Power Company |