CN103647654B - A kind of power distribution terminal key management method based on trust computing - Google Patents

A kind of power distribution terminal key management method based on trust computing Download PDF

Info

Publication number
CN103647654B
CN103647654B CN201310726584.6A CN201310726584A CN103647654B CN 103647654 B CN103647654 B CN 103647654B CN 201310726584 A CN201310726584 A CN 201310726584A CN 103647654 B CN103647654 B CN 103647654B
Authority
CN
China
Prior art keywords
key
etm
distribution terminal
power distribution
identity
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201310726584.6A
Other languages
Chinese (zh)
Other versions
CN103647654A (en
Inventor
徐震
于爱民
汪丹
周启惠
王志皓
赵保华
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
State Grid Corp of China SGCC
State Grid Zhejiang Electric Power Co Ltd
China Electric Power Research Institute Co Ltd CEPRI
Global Energy Interconnection Research Institute
Institute of Information Engineering of CAS
Original Assignee
State Grid Corp of China SGCC
State Grid Zhejiang Electric Power Co Ltd
China Electric Power Research Institute Co Ltd CEPRI
Institute of Information Engineering of CAS
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by State Grid Corp of China SGCC, State Grid Zhejiang Electric Power Co Ltd, China Electric Power Research Institute Co Ltd CEPRI, Institute of Information Engineering of CAS filed Critical State Grid Corp of China SGCC
Priority to CN201310726584.6A priority Critical patent/CN103647654B/en
Publication of CN103647654A publication Critical patent/CN103647654A/en
Application granted granted Critical
Publication of CN103647654B publication Critical patent/CN103647654B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Landscapes

  • Mobile Radio Communication Systems (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

本发明涉及一种基于可信计算的配电终端密钥管理方法,所述方法包括:(1)根据配电终端构建ETM密钥结构;(2)生成基于ETM密钥的配电终端身份证书;(3)基于ETM密钥存储并管理配电终端数据;(4)基于ETM密钥远程证明配电终端状态。本发明配电终端所涉及的密钥都存储在电力可信模块ETM中,ETM为密钥提供硬件级别的保护,密钥的安全进一步保证了密钥操作结果的安全;基于配电终端身份密钥签名的终端完整性状态,可实现电网通信中配电终端的身份与状态认证,进一步增强电网通信安全。

The present invention relates to a trusted computing-based power distribution terminal key management method, the method comprising: (1) constructing an ETM key structure according to the power distribution terminal; (2) generating a power distribution terminal identity certificate based on the ETM key ; (3) Store and manage power distribution terminal data based on ETM key; (4) Remotely prove the status of power distribution terminal based on ETM key. The keys involved in the power distribution terminal of the present invention are all stored in the power trusted module ETM, which provides hardware-level protection for the key, and the security of the key further ensures the security of the key operation result; based on the identity encryption of the power distribution terminal The terminal integrity status of the key signature can realize the identity and status authentication of the power distribution terminal in the grid communication, and further enhance the security of the grid communication.

Description

一种基于可信计算的配电终端密钥管理方法A Key Management Method for Distribution Terminals Based on Trusted Computing

技术领域technical field

本发明一种电力系统管理方法,具体讲涉及一种基于可信计算的配电终端密钥管理方法。The invention relates to a power system management method, in particular to a trusted computing-based power distribution terminal key management method.

背景技术Background technique

作为未来电网发展趋势的智能电网,正日益成为世界各国发展的重点,建立在集成的、高速双向通信网络的基础上的智能电网,应用通过先进的传感和测量技术、先进的控制方法以及先进的决策支持系统技术来实现电网的可靠、安全、经济、高效、环境友好和使用安全的目标。智能电网的一个重要特色是配电自动化。As the development trend of the future power grid, the smart grid is increasingly becoming the focus of the development of countries all over the world. The smart grid based on the integrated, high-speed two-way communication network is applied through advanced sensing and measurement technologies, advanced control methods and advanced Decision support system technology to achieve the reliability, safety, economy, high efficiency, environmental friendliness and safe use of the power grid. An important feature of the smart grid is distribution automation.

配电自动化中的配电终端具有检测和监控配电线的运行功能。由于所处环境的复杂性和不确定性,其面临的安全问题比PC系统的更加复杂。配电终端可能会遭到如物理破坏、病毒木马威胁以及来自移动互联网的安全威胁。因此,针对这些威胁,配电终端一般有如下安全需求,诸如数据完整性,数据加密,不可否认性等。为了提升配电终端的安全,利用OpenSSL加密开发包对配电终端的安全防护能力进行测试的方法,以及运用散列运算和非对称加密技术实现命令完整性检验和对配电网主站的身份验证。和配电终端利用非对称加密技术对配电主站进行单向身份认证以及报文完整性保护等方法,并且提出了外置安全模块的思路,以减少对配电终端设备的改造。上述安全方案虽然在一定程度上可以提高配电终端的安全,但这些方案都没有考虑密钥的安全管理,一旦密钥被泄露或窃取,再强的安全方案也将不能发挥作用。The distribution terminal in the distribution automation has the function of detecting and monitoring the operation of the distribution line. Due to the complexity and uncertainty of the environment, the security problems it faces are more complicated than those of the PC system. Power distribution terminals may be subject to threats such as physical damage, virus Trojan horses, and security threats from the mobile Internet. Therefore, in response to these threats, power distribution terminals generally have the following security requirements, such as data integrity, data encryption, and non-repudiation. In order to improve the security of power distribution terminals, the method of using OpenSSL encryption development kit to test the security protection ability of power distribution terminals, and the use of hash operation and asymmetric encryption technology to realize the integrity check of commands and the identity of the master station of distribution network verify. And the power distribution terminal uses asymmetric encryption technology to perform one-way identity authentication and message integrity protection for the power distribution master station, and puts forward the idea of external security module to reduce the transformation of power distribution terminal equipment. Although the above security schemes can improve the security of power distribution terminals to a certain extent, none of these schemes consider the security management of keys. Once the keys are leaked or stolen, no matter how strong the security scheme is, it will not be effective.

发明内容Contents of the invention

针对现有技术的不足,本发明提供一种基于可信计算的配电终端密钥管理方法,该方法设计了电力可信模块ETM(Electrical Trusted Module),包括ETM的密钥结构,以及基于ETM密钥的配电终端身份证书生成、数据安全存储和状态认证。在密钥的安全管理方面,可信计算是一种很好的解决方案。可信计算是一种信息系统安全新技术。其主要思路是在计算机硬件平台架构上引入安全芯片来提高终端系统的安全性。在可信计算中,密钥是以树形结构存储的,SRK作为一级密钥(也称主密钥),存储在安全区域,其余的密钥是由它直接或间接地进行保护的,其保护方式为父密钥加密子密钥。可信计算对比传统安全的优点是:外部不能任意得到具有安全功能的硬件芯片中的信息。Aiming at the deficiencies of the prior art, the present invention provides a key management method for power distribution terminals based on trusted computing. The method designs an electric trusted module ETM (Electrical Trusted Module), including the key Key distribution terminal identity certificate generation, data security storage and state authentication. In terms of key security management, trusted computing is a good solution. Trusted computing is a new technology for information system security. The main idea is to introduce a security chip into the computer hardware platform architecture to improve the security of the terminal system. In trusted computing, keys are stored in a tree structure, SRK is used as a primary key (also known as the master key) and stored in a secure area, and the rest of the keys are directly or indirectly protected by it. Its protection method is that the parent key encrypts the child key. The advantage of trusted computing over traditional security is that the outside world cannot arbitrarily obtain information in hardware chips with security functions.

本发明的目的是采用下述技术方案实现的:The object of the present invention is to adopt following technical scheme to realize:

一种基于可信计算的配电终端密钥管理方法,其改进之处在于,所述方法包括:A key management method for power distribution terminals based on trusted computing, the improvement of which is that the method includes:

(1)根据配电终端构建ETM密钥结构;(1) Construct the ETM key structure according to the power distribution terminal;

(2)生成基于ETM密钥的配电终端身份证书;(2) Generate a distribution terminal identity certificate based on the ETM key;

(3)基于ETM密钥存储并管理配电终端数据;(3) Store and manage power distribution terminal data based on ETM keys;

(4)基于ETM密钥远程证明配电终端状态。(4) Remotely prove the status of the power distribution terminal based on the ETM key.

优选的,所述步骤(1)中ETM密钥固化ETM密钥槽,其密钥槽存储绑定密钥句柄包括:ETM_IDENTITY_KEY_PRIV-身份密钥私钥句柄、ETM_IDENTITY_KEY_PUB-身份密钥公钥句柄、ETM_SMS4_KEY_1-SMS4-对称密钥句柄1、ETM_SMS4_KEY_2-SMS4-对称密钥句柄2、ETM_SMS4_KEY_3-SMS4-对称密钥句柄3和ETM_SMS4_KEY_4-SMS4对称密钥句柄4。Preferably, in the step (1), the ETM key solidifies the ETM key slot, and the key slot storage binding key handle includes: ETM_IDENTITY_KEY_PRIV-identity key private key handle, ETM_IDENTITY_KEY_PUB-identity key public key handle, ETM_SMS4_KEY_1 - SMS4 - Symmetric key handle 1, ETM_SMS4_KEY_2 - SMS4 - Symmetric key handle 2, ETM_SMS4_KEY_3 - SMS4 - Symmetric key handle 3 and ETM_SMS4_KEY_4 - SMS4 Symmetric key handle 4.

优选的,所述步骤(2)包括基于电力CA系统生成配电终端安全芯片ETM的身份证书。Preferably, the step (2) includes generating the identity certificate of the power distribution terminal security chip ETM based on the power CA system.

进一步地,所述电力CA系统包括三级认证模型;第一层为国网总根CA;第二层为国网总根CA签发的二级CA,用于网省级单位;第三层为二级CA签发的三级CA,用于地市级单位。Further, the electric power CA system includes a three-level authentication model; the first layer is the national network root CA; the second layer is the secondary CA issued by the national network root CA, which is used for network provincial units; the third layer is The third-level CA issued by the second-level CA is used for prefecture-level units.

优选的,所述步骤(2)包括Preferably, said step (2) includes

(2.1)芯片厂商生产ETM时产生一对公私钥,向2级CA的注册中心发出证书生成请求;(2.1) The chip manufacturer generates a pair of public and private keys when producing ETM, and sends a certificate generation request to the registration center of the level 2 CA;

(2.2)注册中心将ETM信息录入数据库,转发证书请求至认证中心;(2.2) The registration center enters the ETM information into the database and forwards the certificate request to the certification center;

(2.3)认证中心通过加密卡设备使用该CA私钥签发数字证书;(2.3) The certification center uses the CA private key to issue a digital certificate through the encrypted card device;

(2.4)认证中心将数字证书存入证书数据库备份,向注册中心返回数字证书;(2.4) The certification center stores the digital certificate in the certificate database for backup, and returns the digital certificate to the registration center;

(2.5)注册中心向芯片厂商返回数字证书及该CA的公钥证书;(2.5) The registration center returns the digital certificate and the public key certificate of the CA to the chip manufacturer;

(2.6)芯片厂商将之前生成的私钥及注册中心返回的两个证书存入ETM芯片。(2.6) The chip manufacturer stores the previously generated private key and the two certificates returned by the registration center into the ETM chip.

优选的,所述步骤(3)包括存储并管理生成的密钥和数据加解密。Preferably, the step (3) includes storing and managing the generated keys and data encryption and decryption.

进一步地,所述密钥生成包括ETM支持的密码算法有非对称密码算法SM2,用于身份密钥的生成;和对称密码算法SMS4,用于数据加解密。Further, the key generation includes cryptographic algorithms supported by ETM, including asymmetric cryptographic algorithm SM2 for generating identity keys; and symmetric cryptographic algorithm SMS4 for data encryption and decryption.

进一步地,配电终端涉及的数据在芯片内部进行加密和解密操作,用于确保密钥操作的安全性。Furthermore, the data involved in the power distribution terminal is encrypted and decrypted inside the chip to ensure the security of the key operation.

优选的,所述步骤(4)包括Preferably, said step (4) includes

(4.1)配电终端使用身份密钥对PCR签名;(4.1) The power distribution terminal uses the identity key to sign the PCR;

(4.2)根据签发身份证书的不同CA,配电终端向远程方发送的证书也不同;(4.2) According to different CAs that issue identity certificates, the certificates sent by the power distribution terminal to the remote party are also different;

(4.3)远程方验证身份证书,身份证书验证通过,则继续用身份证书验证PCR签名,PCR签名验证通过,则将PCR值与参考值比较,一致则表明终端状态证明成功;否则证明失败,该终端状态不可信。(4.3) The remote party verifies the identity certificate. If the identity certificate is verified, continue to use the identity certificate to verify the PCR signature. If the PCR signature is verified, compare the PCR value with the reference value. If they are consistent, it indicates that the terminal status verification is successful; otherwise, the verification fails and the The terminal state is not trusted.

与现有技术比,本发明的有益效果为:Compared with the prior art, the beneficial effects of the present invention are:

1)配电终端所涉及的密钥都存储在电力可信模块ETM中,ETM为密钥提供硬件级别的保护,密钥的安全进一步保证了密钥操作结果的安全;1) The keys involved in the power distribution terminal are all stored in the power trusted module ETM, which provides hardware-level protection for the keys, and the security of the keys further ensures the security of the key operation results;

2)ETM的使用可以保障配电终端设备的完整性,对抗恶意软件和用户的恶意行为;2) The use of ETM can guarantee the integrity of power distribution terminal equipment and resist malicious software and malicious behavior of users;

3)ETM是针对配电终端设备的特点而设计的,其使用不影响配电终端的正常功能,也不会给配电终端造成大的额外负载;3) ETM is designed for the characteristics of power distribution terminal equipment, its use will not affect the normal function of power distribution terminal, and will not cause large additional load to power distribution terminal;

4)基于配电终端身份密钥的身份证书都是由国网CA系统签发的,实现了与现有国网CA架构的无缝结合,便于统一部署与管理;4) The identity certificate based on the identity key of the power distribution terminal is issued by the State Grid CA system, which realizes seamless integration with the existing State Grid CA architecture and facilitates unified deployment and management;

5)基于配电终端身份密钥签名的终端完整性状态,可实现电网通信中配电终端的身份与状态认证,进一步增强电网通信安全。5) Based on the terminal integrity status signed by the identity key of the distribution terminal, the identity and status authentication of the distribution terminal in the grid communication can be realized, and the security of the grid communication can be further enhanced.

附图说明Description of drawings

图1为本发明提供的一种基于可信计算的配电终端密钥管理方法流程图。Fig. 1 is a flow chart of a key management method for power distribution terminals based on trusted computing provided by the present invention.

图2为本发明提供的一种基于可信计算的配电终端密钥管理方法身份证书流程图。Fig. 2 is a flowchart of an identity certificate based on trusted computing-based power distribution terminal key management method provided by the present invention.

图3为本发明提供的一种基于可信计算的配电终端密钥管理方法远程证明流程图。Fig. 3 is a flow chart of remote attestation of a trusted computing-based power distribution terminal key management method provided by the present invention.

具体实施方式detailed description

下面结合附图对本发明的具体实施方式作进一步的详细说明。The specific implementation manners of the present invention will be further described in detail below in conjunction with the accompanying drawings.

本发明一种基于可信计算的配电终端密钥管理方法,具体如下:The present invention provides a key management method for power distribution terminals based on trusted computing, specifically as follows:

(1)根据配电终端的具体特点设计电力可信模块ETM的密钥结构;(1) Design the key structure of the power trusted module ETM according to the specific characteristics of the power distribution terminal;

考虑到应用在配电终端的电力可信模块ETM中密钥空间的有限性以及密钥使用的简单性,与TPM/TCM芯片繁琐的密钥管理体系不同,ETM直接固化几个密钥槽,提供相应的密钥生成、加解密、签名等密码操作。Considering the limited key space and the simplicity of key use in the power trusted module ETM used in power distribution terminals, unlike the cumbersome key management system of TPM/TCM chips, ETM directly solidifies several key slots, Provide corresponding cryptographic operations such as key generation, encryption and decryption, and signature.

与TPM/TCM不同,ETM公钥操作都是在ETM内完成的,因此ETM需要提供公钥加密、签名验证等命令操作,以及公钥证书导入、生成等配套命令。Different from TPM/TCM, ETM public key operations are all completed in ETM, so ETM needs to provide command operations such as public key encryption and signature verification, as well as supporting commands such as public key certificate import and generation.

电力可信模块ETM类似于可信计算安全芯片TPM/TCM,部署在电力行业设备诸如配电终端之上,芯片内部具有密码运算能力、安全存储能力,对外提供与TPM/TCM类似的可信计算功能,如硬件身份标识、完整性度量与存储、远程证明等。The power trusted module ETM is similar to the trusted computing security chip TPM/TCM. It is deployed on power industry equipment such as power distribution terminals. The chip has cryptographic computing capabilities and secure storage capabilities, and provides trusted computing similar to TPM/TCM externally. Capabilities such as hardware identification, integrity measurement and storage, remote attestation, etc.

ETM的密钥槽对应的密钥句柄包括:ETM_IDENTITY_KEY_PRIV(身份密钥私钥句柄)、ETM_IDENTITY_KEY_PUB(身份密钥公钥句柄)、ETM_SMS4_KEY_1(SMS4对称密钥句柄1)、ETM_SMS4_KEY_2(SMS4对称密钥句柄2)、ETM_SMS4_KEY_3(SMS4对称密钥句柄3)、ETM_SMS4_KEY_4(SMS4对称密钥句柄4)。The key handles corresponding to the key slots of ETM include: ETM_IDENTITY_KEY_PRIV (identity key private key handle), ETM_IDENTITY_KEY_PUB (identity key public key handle), ETM_SMS4_KEY_1 (SMS4 symmetric key handle 1), ETM_SMS4_KEY_2 (SMS4 symmetric key handle 2 ), ETM_SMS4_KEY_3 (SMS4 symmetric key handle 3), ETM_SMS4_KEY_4 (SMS4 symmetric key handle 4).

(2)基于ETM密钥的配电终端身份证书的生成与管理;(2) Generation and management of distribution terminal identity certificates based on ETM keys;

为了保障更高级别的安全和便于统一管理,配电终端安全芯片ETM涉及的各类证书如身份证书都是基于电力CA系统生成的。In order to ensure a higher level of security and facilitate unified management, various certificates such as identity certificates involved in the power distribution terminal security chip ETM are generated based on the power CA system.

电力CA系统基于三级认证模型。第一层是国网总根CA,第二层是由国网总根CA签发的二级CA,用于网省级单位;第三层是二级CA签发的三级CA,用于地市级单位。电力系统的国网总根CA是所有证书认证的源,因此,每个ETM在出厂时,都会在芯片内部预置总根CA的证书。The Power CA system is based on a three-level authentication model. The first layer is the general root CA of the State Grid, the second layer is the secondary CA issued by the national network general root CA, which is used for network provincial units; the third layer is the tertiary CA issued by the secondary CA, which is used for prefectures and cities level unit. The general root CA of the State Grid of the power system is the source of all certificate authentications. Therefore, each ETM will preset the certificate of the general root CA inside the chip when it leaves the factory.

如图2所示,ETM身份证书的生成有赖于芯片厂商向电力CA系统发出相应的请求。根据配电终端适用环境的不同,颁发身份证书的CA也不同。若该配电终端是由网省公司部署使用,则ETM芯片厂商需要向电力系统的2级CA递交申请。As shown in Figure 2, the generation of the ETM identity certificate depends on the chip manufacturer sending a corresponding request to the power CA system. Depending on the applicable environment of the power distribution terminal, the CA that issues the identity certificate is also different. If the power distribution terminal is deployed and used by the network provincial company, the ETM chip manufacturer needs to submit an application to the level 2 CA of the power system.

1)芯片厂商在生产ETM时利用ETM产生一对公私钥,向2级CA的注册中心发出证书生成请求;1) Chip manufacturers use ETM to generate a pair of public and private keys when producing ETM, and send a certificate generation request to the registration center of level 2 CA;

2)注册中心将ETM信息录入数据库,转发证书请求至认证中心;2) The registration center enters the ETM information into the database, and forwards the certificate request to the certification center;

3)认证中心利用加密卡设备使用该CA私钥签发数字证书;3) The certification center uses the encryption card device to use the CA private key to issue a digital certificate;

4)认证中心将数字证书存入证书数据库备份,向注册中心返回数字证书;4) The certification center stores the digital certificate in the certificate database for backup, and returns the digital certificate to the registration center;

5)注册中心向芯片厂商返回数字证书及该CA的公钥证书;5) The registration center returns the digital certificate and the public key certificate of the CA to the chip manufacturer;

6)芯片厂商将之前生成的私钥及注册中心返回的两个证书存入ETM芯片。6) The chip manufacturer stores the previously generated private key and the two certificates returned by the registration center into the ETM chip.

(3)基于ETM密钥的配电终端数据存储管理;(3) Data storage management of distribution terminals based on ETM keys;

基于ETM密钥的配电终端数据存储管理包括:Data storage management of power distribution terminals based on ETM keys includes:

1)密钥生成,包括ETM内部支持的密码算法的密钥生成过程;1) Key generation, including the key generation process of the cryptographic algorithm supported by ETM;

2)数据加解密,包括ETM内部支持的数据加解密过程。2) Data encryption and decryption, including the data encryption and decryption process supported by ETM.

ETM支持的密码算法有非对称密码算法SM2和对称密码算法SMS4,SM2密钥主要用于身份密钥的生成,SMS4密钥用于数据加解密。The cryptographic algorithms supported by ETM include the asymmetric cryptographic algorithm SM2 and the symmetric cryptographic algorithm SMS4. The SM2 key is mainly used for identity key generation, and the SMS4 key is used for data encryption and decryption.

ETM密钥生成过程为在ETM内部固化有四个密钥槽,存放四个SMS4密钥,分别对应固定的密钥句柄方便应用层使用。生成密钥时,必须指定对应的密钥句柄。内部硬件根据接收到的指令生成新密钥,同时将其与相应的密钥句柄绑定并置入对应的密钥槽中。The ETM key generation process is that there are four key slots inside the ETM to store four SMS4 keys, which correspond to fixed key handles for the convenience of the application layer. When generating a key, the corresponding key handle must be specified. The internal hardware generates a new key according to the received instruction, and at the same time binds it with the corresponding key handle and puts it into the corresponding key slot.

ETM数据加解密的优势为可以硬件保证密码操作的安全,配电终端涉及的数据都只能在芯片内部加密和解密。The advantage of ETM data encryption and decryption is that the hardware can guarantee the security of cryptographic operations, and the data involved in power distribution terminals can only be encrypted and decrypted inside the chip.

ETM数据加解密过程为向ETM芯片发出使用对称密码算法进行加密的指令,指定加密密钥句柄,给定待加密的数据,芯片内部完成加密之后返回加密后的数据。解密与之类似。The ETM data encryption and decryption process is to issue an instruction to the ETM chip to encrypt using a symmetric cryptographic algorithm, specify the encryption key handle, and given the data to be encrypted, the chip will return the encrypted data after the encryption is completed inside the chip. Decryption is similar.

(4)基于ETM密钥的配电终端状态远程证明;(4) Remote proof of power distribution terminal status based on ETM key;

在配电终端启动运行过程中,ETM的平台配置寄存器PCR(PlatformConfiguration Register)记录了终端状态,基于ETM身份密钥签名的PCR即可向远程方证明终端状态。During the start-up and operation of the power distribution terminal, the platform configuration register PCR (PlatformConfiguration Register) of ETM records the terminal status, and the PCR based on the ETM identity key signature can prove the terminal status to the remote party.

ETM的PCR存储的是终端所有运行部件的完整性度量值,按照部件启动运行顺序依次累计扩展至PCR中,不能自主更改,真实的反映了终端的运行状态。The PCR of the ETM stores the integrity measurement values of all operating components of the terminal, which are accumulated and extended to the PCR according to the order in which the components start and run. They cannot be changed independently, and truly reflect the operating status of the terminal.

如图3所示,配电终端使用身份密钥对PCR签名;根据签发身份证书的CA的不同,配电终端向远程方发送的证书也不同,若身份证书由2级CA发布,则配电终端将身份证书、2级CA证书随同签名的PCR一并发给远程方;远程方验证身份证书,若验证通过,则继续用身份证书验证PCR签名,若验证通过,则将PCR值与参考值比较,若一致则表明终端状态证明成功,否则证明失败,该终端状态不可信。As shown in Figure 3, the power distribution terminal uses the identity key to sign the PCR; depending on the CA that issues the identity certificate, the certificate sent by the power distribution terminal to the remote party is also different. If the identity certificate is issued by a level 2 CA, the power distribution The terminal sends the identity certificate, level 2 CA certificate together with the signed PCR to the remote party; the remote party verifies the identity certificate, if the verification is passed, it will continue to use the identity certificate to verify the PCR signature, and if the verification is passed, compare the PCR value with the reference value , if they are consistent, it means that the proof of the terminal state is successful, otherwise the proof fails, and the terminal state is not credible.

最后应当说明的是:以上实施例仅用以说明本发明的技术方案而非对其限制,尽管参照上述实施例对本发明进行了详细的说明,所属领域的普通技术人员应当理解:依然可以对本发明的具体实施方式进行修改或者等同替换,而未脱离本发明精神和范围的任何修改或者等同替换,其均应涵盖在本发明的权利要求范围当中。Finally, it should be noted that the above embodiments are only used to illustrate the technical solutions of the present invention and not to limit them. Although the present invention has been described in detail with reference to the above embodiments, those of ordinary skill in the art should understand that: the present invention can still be Any modification or equivalent replacement that does not depart from the spirit and scope of the present invention shall be covered by the scope of the claims of the present invention.

Claims (8)

1. a kind of power distribution terminal key management method based on trust computing, it is characterised in that methods described includes:
(1) electric power trusted module ETM key structures are built according to distribution terminal;
(2) the distribution terminal letter of identity based on ETM keys is generated;
(3) ETM key storages are based on and distribution terminal data are managed;
(4) distribution terminal state is proved based on ETM secret key remotes;
The step (2) includes:
(2.1) a pair of public and private keys are produced during chip manufacturer production ETM, certificates constructing request is sent to two grades of CA registration center; Two grades of CA net total root CA by state and signed and issued, for netting provincial unit;
(2.2) ETM Data Enter databases are forwarded certificate request to authentication center by registration center;
(2.3) digital certificate is signed and issued by encrypting card apparatus using the CA private keys by authentication center;
(2.4) digital certificate is stored in certificate data library backup by authentication center, and digital certificate is returned to registration center;
(2.5) registration center returns to digital certificate and the public key certificate of the CA to chip manufacturer;
(2.6) two certificates that the private key generated before and registration center return are stored in ETM chips by chip manufacturer.
2. a kind of power distribution terminal key management method based on trust computing as claimed in claim 1, it is characterised in that described ETM keys are solidificated in ETM key grooves in step (1), and its key groove storage Binding key handle includes:ETM_IDENTITY_ KEY_PRIV- identity key private keys handle, ETM_IDENTITY_KEY_PUB- identity key public keys handle, ETM_SMS4_KEY_ 1-SMS4- symmetric keys handle 1, ETM_SMS4_KEY_2-SMS4- symmetric keys handle 2, ETM_SMS4_KEY_3-SMS4- pairs Claim key handles 3 and ETM_SMS4_KEY_4-SMS4 symmetric keys handle 4.
3. a kind of power distribution terminal key management method based on trust computing as claimed in claim 1, it is characterised in that described Step (2) includes generating distribution terminal safety chip ETM letter of identity based on electric power CA systems.
4. a kind of power distribution terminal key management method based on trust computing as claimed in claim 3, it is characterised in that described Electric power CA systems include three-level authentication model;First layer is that total root CA nets in state;The second layer is that two grades of CA that total root CA is signed and issued net in state, For netting provincial unit;Third layer is the three-level CA that two grades of CA are signed and issued, for prefecture-level unit.
5. a kind of power distribution terminal key management method based on trust computing as claimed in claim 1, it is characterised in that described Step (3) includes storing and managing the key and data encrypting and deciphering of generation.
6. a kind of power distribution terminal key management method based on trust computing as claimed in claim 5, it is characterised in that ETM The cryptographic algorithm of support has asymmetric cryptographic algorithm SM2 and symmetric cryptographic algorithm SMS4, SM2 to be used for the generation of identity key, SMS4 is used for data encrypting and deciphering.
7. a kind of power distribution terminal key management method based on trust computing as claimed in claim 5, it is characterised in that distribution Operation is encrypted and decrypted in chip internal in the data that terminal is related to, the security for ensuring cipher key operation.
8. a kind of power distribution terminal key management method based on trust computing as claimed in claim 1, it is characterised in that described Step (4) includes:
(4.1) distribution terminal is signed using identity key to platform configuration register PCR;
(4.2) according to the different CA for signing and issuing letter of identity, the certificate that distribution terminal is sent to remote parties is also different;
(4.3) remote parties checking letter of identity, letter of identity is verified, then continuation letter of identity checking PCR signatures, PCR Signature verification passes through, then is compared PCR value with reference value, unanimously then shows that the SOT state of termination is proved successfully;Otherwise failure is proved, should The SOT state of termination is insincere.
CN201310726584.6A 2013-12-25 2013-12-25 A kind of power distribution terminal key management method based on trust computing Active CN103647654B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201310726584.6A CN103647654B (en) 2013-12-25 2013-12-25 A kind of power distribution terminal key management method based on trust computing

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201310726584.6A CN103647654B (en) 2013-12-25 2013-12-25 A kind of power distribution terminal key management method based on trust computing

Publications (2)

Publication Number Publication Date
CN103647654A CN103647654A (en) 2014-03-19
CN103647654B true CN103647654B (en) 2017-07-14

Family

ID=50252815

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201310726584.6A Active CN103647654B (en) 2013-12-25 2013-12-25 A kind of power distribution terminal key management method based on trust computing

Country Status (1)

Country Link
CN (1) CN103647654B (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105187453A (en) * 2015-10-22 2015-12-23 宁波三星医疗电气股份有限公司 Security encryption communication method of fault indicator
CN114268643B (en) * 2021-11-26 2024-04-16 许继集团有限公司 Active identification technology-based power distribution Internet of things terminal and management method

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101216915A (en) * 2008-01-21 2008-07-09 深圳市路通网络技术有限公司 A secured mobile payment method
CN101888383A (en) * 2010-06-30 2010-11-17 北京交通大学 An Extensible Realization Method of Trusted SSH
CN102035838A (en) * 2010-12-07 2011-04-27 中国科学院软件研究所 Trust service connecting method and trust service system based on platform identity
CN102065003A (en) * 2010-08-24 2011-05-18 吉林大学 Method, system and equipment for realizing trusted secure routing of vehicular information system
CN102427449A (en) * 2011-11-04 2012-04-25 北京工业大学 Trusted mobile storage method based on security chips

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP4596256B2 (en) * 2005-08-02 2010-12-08 ソニー株式会社 Transmission / reception system and method, transmission device and method, reception device and method, and program

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101216915A (en) * 2008-01-21 2008-07-09 深圳市路通网络技术有限公司 A secured mobile payment method
CN101888383A (en) * 2010-06-30 2010-11-17 北京交通大学 An Extensible Realization Method of Trusted SSH
CN102065003A (en) * 2010-08-24 2011-05-18 吉林大学 Method, system and equipment for realizing trusted secure routing of vehicular information system
CN102035838A (en) * 2010-12-07 2011-04-27 中国科学院软件研究所 Trust service connecting method and trust service system based on platform identity
CN102427449A (en) * 2011-11-04 2012-04-25 北京工业大学 Trusted mobile storage method based on security chips

Also Published As

Publication number Publication date
CN103647654A (en) 2014-03-19

Similar Documents

Publication Publication Date Title
TWI487359B (en) Secure key generation
CN105144626B (en) The method and apparatus of safety is provided
US20140270179A1 (en) Method and system for key generation, backup, and migration based on trusted computing
EP3497878B1 (en) Apparatus and methods for distributed certificate enrollment
CN104580250A (en) System and method for authenticating credible identities on basis of safety chips
WO2020192406A1 (en) Method and apparatus for data storage and verification
CN102111265A (en) Method for encrypting embedded secure access module (ESAM) of power system acquisition terminal
TW202101165A (en) Secure smart unlocking
CN104468562B (en) A kind of data security protecting portable terminal transparent towards Mobile solution
CN105528239B (en) The key management method of virtual credible platform module based on credible root server
CN113383335B (en) Secure logging of data storage device events
WO2012072001A1 (en) Safe method for card issuing, card issuing device and system
CN113545021B (en) Registration of pre-authorized devices
CN102231729A (en) Method for supporting various CA (Certification Authority) identity authentications
CN111435390B (en) Safety protection method for operation and maintenance tool of power distribution terminal
CN111241492A (en) Product multi-tenant secure credit granting method, system and electronic equipment
CN114553557B (en) Key calling method, device, computer equipment and storage medium
CN111435389B (en) A safety protection system for power distribution terminal operation and maintenance tools
CN113872986B (en) Power distribution terminal authentication method and device and computer equipment
CN103944721A (en) Method and device for protecting terminal data security on basis of web
CN103647654B (en) A kind of power distribution terminal key management method based on trust computing
CN104917616B (en) Network equipment identification method in a kind of software defined network based on smart card
CN117938509A (en) A method for encrypting and storing data of traditional Chinese medicine production line based on Hyperledger Fabric alliance chain
CN105426705A (en) Encryption control system for accounting software
CN115834149A (en) Numerical control system safety protection method and device based on state cryptographic algorithm

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
TR01 Transfer of patent right

Effective date of registration: 20171020

Address after: 100031 Xicheng District West Chang'an Avenue, No. 86, Beijing

Co-patentee after: China Electric Power Research Institute

Patentee after: State Grid Corporation of China

Co-patentee after: GLOBAL ENERGY INTERCONNECTION RESEARCH INSTITUTE

Co-patentee after: Institute of Information Engineering, Gas

Co-patentee after: State Grid Zhejiang Electric Power Company

Address before: 100031 Xicheng District West Chang'an Avenue, No. 86, Beijing

Co-patentee before: China Electric Power Research Institute

Patentee before: State Grid Corporation of China

Co-patentee before: Institute of Information Engineering, Gas

Co-patentee before: State Grid Zhejiang Electric Power Company

TR01 Transfer of patent right