CN106326753B - Encryption Hub device realized based on EMMC interface - Google Patents
Encryption Hub device realized based on EMMC interface Download PDFInfo
- Publication number
- CN106326753B CN106326753B CN201610712026.8A CN201610712026A CN106326753B CN 106326753 B CN106326753 B CN 106326753B CN 201610712026 A CN201610712026 A CN 201610712026A CN 106326753 B CN106326753 B CN 106326753B
- Authority
- CN
- China
- Prior art keywords
- emmc
- data
- encryption
- module
- host
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/606—Protecting data by securing the transmission between two devices or processes
Abstract
The invention provides an encryption Hub device realized based on an EMMC interface, which comprises a Hub encryption and decryption module consisting of a main controller, a Flash module, an encryption and decryption algorithm module and a USB-KEY module; the Hub encryption and decryption module is connected with the EMMC-host through a data bus, and the main controller is connected with the port controller; the EMMC forwarding module is provided with a plurality of EMMC expansion interfaces; the data to be written by the PC host is encrypted by a Hub encryption and decryption module and then written into an EMMC memory connected to a corresponding EMMC expansion interface; and the Hub encryption and decryption module is used for decrypting the encrypted data on the EMMC memory and transmitting the decrypted data to the PC host. Management of a plurality of devices; meanwhile, aiming at the risk of intercepting the data on the transmission channel, a special hardware encryption and decryption module and a USB-KEY module are added into the Hub, so that the interaction with the user is completed, the encryption on the EMMC data transmission channel is realized, and the safety of the data and the flexibility of the user use are greatly improved.
Description
Technical Field
The invention relates to the field of data transmission safety, in particular to an encryption Hub device realized based on an EMMC interface.
Background
In the era of high-speed development of electronic information, people pay more and more attention to information security, the range of information security is wide, the information security reaches national military and political secrets, the information security reaches enterprise secrets and personal information, and any security hole can cause information leakage. The information is transmitted in various ways, and the information is stored, processed and exchanged, so that the possibility of disclosure or interception, eavesdropping, tampering and counterfeiting exists. The single security measure is also difficult to ensure the security of communication and information, and the protection of three links of information source, signal and information must be realized by comprehensively applying various levels of security measures.
In the field of EMMC storage, one-to-one communication is usually realized through an EMMC interface, and management of multiple EMMC devices cannot be realized at the same time, so that people have higher and higher expanding requirements on the EMMC interface. In addition, people usually choose to implant an encryption module in the EMMC master control to realize ciphertext storage of data, but the possibility that the data is intercepted on a transmission channel still exists, so that the risk of data leakage is high, special requirements of users cannot be met, and the flexibility is poor.
Disclosure of Invention
In view of the above drawbacks, the present invention is directed to solving the problem of data leakage occurring in a data transmission channel through the EMMC standard.
In order to solve the problems, the invention provides an encryption Hub Device realized based on an EMMC interface, which is characterized by comprising a main Controller, a Flash module, an encryption and decryption algorithm module, a USB-KEY module, an EMMC-Device and a Port Controller; the Hub encryption and decryption module is connected with the EMMC-Device and is connected with an external PC (personal computer) supporting the EMMC through the EMMC-Device; the Hub encryption and decryption module is connected with the EMMC-host through a data bus, and the main controller is connected with the Port-controller; the EMMC forwarding module is provided with a plurality of EMMC expansion interfaces; the data to be written by the PC host is encrypted by a Hub encryption and decryption module and then written into an EMMC memory connected to a corresponding EMMC expansion interface; and the Hub encryption and decryption module is used for decrypting the encrypted data on the EMMC memory and transmitting the decrypted data to the PC host.
The encryption Hub device realized based on the EMMC interface is characterized in that the encryption and decryption of data by the Hub encryption and decryption module comprises 2-level control, and the authentication of the user identity is realized by the first layer of encryption through the USB-KEY module; the second layer of encryption is encrypted or decrypted through a hardware encryption and decryption module in the encryption and decryption algorithm module.
The invention completes the expansion of the EMMC interface based on the encryption Hub of the EMMC interface, namely realizes the management of a plurality of devices; meanwhile, aiming at the risk of intercepting the data on the transmission channel, a special hardware encryption and decryption module and a USB-KEY module are added into the Hub, so that the interaction with the user is completed, the encryption on the EMMC data transmission channel is realized, and the safety of the data and the flexibility of the user use are greatly improved.
Drawings
FIG. 1 is a schematic diagram of an encrypted Hub device connection implemented based on an EMMC interface;
FIG. 2 is a schematic flow chart of a write operation;
FIG. 3 is a flow chart of a read operation.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
FIG. 1 is a schematic diagram of an encrypted Hub device connection implemented based on an EMMC interface; the encryption Hub Device is characterized by comprising a main Controller, a Flash module, an encryption and decryption algorithm module, a USB-KEY module, an EMMC transmission module EMMC-Device and a Port Controller Port-Controller; the Hub encryption and decryption module is connected with the EMMC-Device and is connected with an external PC (personal computer) supporting the EMMC through the EMMC-Device; the Hub encryption and decryption module is connected with the EMMC-host through a data bus, and the main controller is connected with the Port-controller; the EMMC forwarding module is provided with a plurality of EMMC expansion interfaces; the data to be written by the PC host is encrypted by a Hub encryption and decryption module and then written into an EMMC memory connected to a corresponding EMMC expansion interface; and the Hub encryption and decryption module is used for decrypting the encrypted data on the EMMC memory and transmitting the decrypted data to the PC host.
FIG. 2 is a schematic flow chart of a write operation; the process of writing the encryption Hub device to the EMMC memory by the PC host through the EMMC interface comprises the following steps:
step 3.1: the PC host sends a write operation request to perform write operation on the connected EMMC;
step 3.2: after receiving the write-in operation request, the main controller starts a USB-KEY module to authenticate the user identity; the main controller obtains a correct user serial number from the Flash user data; meanwhile, a verification requirement is sent to the user through the USB-KEY module, the user is required to input a PIN code and perform authentication, and a user-defined serial number is obtained and fed back to the main controller after the authentication is passed;
step 3.3: after receiving the self-defined serial number, the main controller verifies whether the serial number is correct or not; if the user information is correct, the user information is obtained from the database; the main controller starts specific operation to obtain an internal abstract; meanwhile, a verification requirement is sent to the USB-KEY module, corresponding operation is carried out in the USB-KEY module to obtain a verification abstract, and the verification abstract is sent back to the main controller;
step 3.4: verifying the internal abstract and the verification abstract, and returning the data write failure of the PC host when the verification fails; when the verification is successful, allowing the user to write data into the EMMC;
step 3.5: the main controller and the PC host software automatically confirm whether the EMMC memory equipment is normally accessed; if yes, allowing the PC host to allocate an address to the EMMC memory device, and initializing the EMMC memory device through a Port controller Port-controller;
step 3.6: the data of the PC host is transmitted to an EMMC-Device through an EMMC interface, and the data is stored in a high-speed data cache region;
step 3.7: the master controller encrypts data through an encryption and decryption algorithm module to form a ciphertext, the ciphertext is transmitted to a corresponding EMMC-Port through a bus, and the EMMC master controller checks an address in a data packet; and if the verification is successful, writing the encrypted ciphertext into the EMMC memory equipment accessed by the EMMC-Port of the EMMC Port to finish the data writing of the EMMC.
The user input authentication key can realize the input of user authentication data in a mode that a user inserts the U shield.
FIG. 3 is a schematic flow chart of a read operation; the process of reading the EMMC memory by the encryption Hub device realized by the PC host through the EMMC interface comprises the following steps:
step 4.1: the PC host sends a read operation request to read the connected EMMC;
step 4.2: after receiving the reading operation request, the main controller starts a USB-KEY module to authenticate the user identity; the main controller obtains a correct user serial number from the Flash user data; meanwhile, a verification requirement is sent to the user through the USB-KEY module, the user is required to input a PIN code and perform authentication, and a user-defined serial number is obtained and fed back to the main controller after the authentication is passed;
step 4.3: after receiving the self-defined serial number, the main controller verifies whether the serial number is correct or not; if the user information is correct, the user information is obtained from the database; the main controller starts specific operation to obtain an internal abstract; meanwhile, a verification requirement is sent to the USB-KEY module, corresponding operation is carried out in the USB-KEY module to obtain a verification abstract, and the verification abstract is sent back to the main controller;
step 4.4: verifying the internal abstract and the verification abstract, and returning the data reading failure of the PC host when the verification fails; when the verification is successful, allowing the user to read the data of the EMMC;
step 4.5: the main controller and the PC host software automatically confirm whether the EMMC memory equipment is normally accessed; if yes, allowing the PC host to allocate an address to the EMMC memory device, and initializing the EMMC memory device through a Port controller Port-controller; the EMMC sends data to the data bus through the EMMC-Port;
step 4.6: the main controller carries out decryption operation on the data through the encryption and decryption algorithm module, transmits the decrypted data to the EMMC transmission module EMMC-Device and stores the data into the high-speed data cache region;
step 4.7: and finally, the data is read out to the PC host through the EMMC interface circuit.
While the invention has been described with reference to a particular embodiment, it will be understood by those skilled in the art that various changes in form and details may be made therein without departing from the spirit and scope of the invention as defined by the appended claims.
Claims (1)
1. An encryption Hub Device realized based on an EMMC interface is characterized by comprising a main Controller, a Flash module, an encryption and decryption algorithm module, a USB-KEY module, an EMMC transmission module EMMC-Device and a Port Controller Port-Controller; the Hub encryption and decryption module is connected with the EMMC-Device and is connected with an external PC (personal computer) supporting the EMMC through the EMMC-Device; the Hub encryption and decryption module is connected with the EMMC-host through a data bus, and the main controller is connected with the Port-controller; the EMMC forwarding module is provided with a plurality of EMMC expansion interfaces; the data to be written by the PC host is encrypted by a Hub encryption and decryption module and then written into an EMMC memory connected to a corresponding EMMC expansion interface; the Hub encryption and decryption module is used for decrypting the encrypted data on the EMMC memory and transmitting the decrypted data to the PC host; the Hub encryption and decryption module performs data encryption and decryption by 2-level control, and the first layer of encryption realizes the authentication of the user identity through the USB-KEY module; the second layer of encryption is encrypted or decrypted through a hardware encryption and decryption module in the encryption and decryption algorithm module; the PC host performs writing operation according to the following steps:
step 3.1: the PC host sends a write operation request to perform write operation on the connected EMMC;
step 3.2: after receiving the write-in operation request, the main controller sends a verification request to the user through the USB-KEY module, the user is required to input a PIN code and carry out authentication, and a self-defined serial number is obtained and fed back to the main controller after the authentication is passed;
step 3.3: after receiving the self-defined serial number, the main controller verifies whether the serial number is correct or not; if the user information is correct, the user information is obtained from the database; the main controller starts specific operation to obtain an internal abstract; meanwhile, a verification requirement is sent to the USB-KEY module, corresponding operation is carried out in the USB-KEY module to obtain a verification abstract, and the verification abstract is sent back to the main controller;
step 3.4: verifying the internal abstract and the verification abstract, and returning the data write failure of the PC host when the verification fails; when the verification is successful, allowing the user to write data into the EMMC;
step 3.5: the main controller and the PC host software automatically confirm whether the EMMC memory equipment is normally accessed;
if yes, allowing the PC host to allocate an address to the EMMC memory device, and initializing the EMMC memory device through a Port controller Port-controller;
step 3.6: the data of the PC host is transmitted to an EMMC-Device through an EMMC interface, and the data is stored in a high-speed data cache region;
step 3.7: the master controller encrypts data through an encryption and decryption algorithm module to form a ciphertext, the ciphertext is transmitted to a corresponding EMMC-Port through a bus, and the EMMC master controller checks an address in a data packet; if the verification is successful, writing the encrypted ciphertext into EMMC memory equipment accessed by an EMMC-Port of the EMMC Port to finish the data writing of the EMMC;
the PC host performs reading operation according to the following steps:
step 4.1: the PC host sends a read operation request to read the connected EMMC;
step 4.2: after receiving the reading operation request, the main controller sends a verification request to the user through the USB-KEY module, the user is required to input a PIN code and carry out authentication, and a self-defined serial number is obtained and fed back to the main controller after the authentication is passed;
step 4.3: after receiving the self-defined serial number, the main controller verifies whether the serial number is correct or not; if the user information is correct, the user information is obtained from the database; the main controller starts specific operation to obtain an internal abstract; meanwhile, a verification requirement is sent to the USB-KEY module, corresponding operation is carried out in the USB-KEY module to obtain a verification abstract, and the verification abstract is sent back to the main controller;
step 4.4: verifying the internal abstract and the verification abstract, and returning the data reading failure of the PC host when the verification fails; when the verification is successful, allowing the user to read the data of the EMMC;
step 4.5: the main controller and the PC host software automatically confirm whether the EMMC memory equipment is normally accessed; if yes, allowing the PC host to allocate an address to the EMMC memory device, and initializing the EMMC memory device through a Port controller Port-controller; the EMMC sends data to the data bus through the EMMC-Port;
step 4.6: the main controller carries out decryption operation on the data through the encryption and decryption algorithm module, transmits the decrypted data to the EMMC transmission module EMMC-Device and stores the data into the high-speed data cache region;
step 4.7: and finally, the data is read out to the PC host through the EMMC interface circuit.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610712026.8A CN106326753B (en) | 2016-08-23 | 2016-08-23 | Encryption Hub device realized based on EMMC interface |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610712026.8A CN106326753B (en) | 2016-08-23 | 2016-08-23 | Encryption Hub device realized based on EMMC interface |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN106326753A CN106326753A (en) | 2017-01-11 |
| CN106326753B true CN106326753B (en) | 2020-04-28 |
Family
ID=57742548
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201610712026.8A Active CN106326753B (en) | 2016-08-23 | 2016-08-23 | Encryption Hub device realized based on EMMC interface |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN106326753B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108021817A (en) * | 2017-12-20 | 2018-05-11 | 北京遥感设备研究所 | A kind of encryption and decryption memory access interface realizes system and method |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101980235A (en) * | 2010-10-27 | 2011-02-23 | 中国航天科工集团第二研究院七○六所 | Safe computing platform |
| CN103809920A (en) * | 2014-02-13 | 2014-05-21 | 杭州电子科技大学 | Realizing method of ultra-large capacity solid state disk |
| CN104461977A (en) * | 2013-09-18 | 2015-03-25 | 瑞昱半导体股份有限公司 | memory card access device, control method thereof and memory card access system |
| CN204595860U (en) * | 2015-05-12 | 2015-08-26 | 浙江诸暨奇创电子科技有限公司 | A kind of memory device encryption bridge |
Family Cites Families (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US9465771B2 (en) * | 2009-09-24 | 2016-10-11 | Iii Holdings 2, Llc | Server on a chip and node cards comprising one or more of same |
| US8510494B2 (en) * | 2009-12-24 | 2013-08-13 | St-Ericsson Sa | USB 3.0 support in mobile platform with USB 2.0 interface |
-
2016
- 2016-08-23 CN CN201610712026.8A patent/CN106326753B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101980235A (en) * | 2010-10-27 | 2011-02-23 | 中国航天科工集团第二研究院七○六所 | Safe computing platform |
| CN104461977A (en) * | 2013-09-18 | 2015-03-25 | 瑞昱半导体股份有限公司 | memory card access device, control method thereof and memory card access system |
| CN103809920A (en) * | 2014-02-13 | 2014-05-21 | 杭州电子科技大学 | Realizing method of ultra-large capacity solid state disk |
| CN204595860U (en) * | 2015-05-12 | 2015-08-26 | 浙江诸暨奇创电子科技有限公司 | A kind of memory device encryption bridge |
Non-Patent Citations (1)
| Title |
|---|
| FC加密卡密钥管理与Linux下的驱动程序设计;杜春梅;《中国优秀硕士学位论文全文数据库 信息科技辑》;20091115(第11期);第15-18,52-57页 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN106326753A (en) | 2017-01-11 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN106789052B (en) | Remote key issuing system based on quantum communication network and use method thereof | |
| US8239681B2 (en) | Information processing device and method, recording medium, program and information processing system | |
| US8627100B2 (en) | Separate type mass data encryption/decryption apparatus and implementing method therefor | |
| CN106295374B (en) | A kind of encryption Hub device for supporting multiple UFS equipment | |
| US20180293407A1 (en) | Secure data storage device with security function implemented in a data security bridge | |
| CN100437618C (en) | Portable information safety device | |
| US10425821B2 (en) | Mobile data storage device with access control functionality | |
| CN106295373B (en) | A kind of data transmission encryption device realized based on M-PHY interface | |
| CN103684786A (en) | Method and system for storing digital certificate and binding digital certificate to hardware carrier | |
| CN106372516B (en) | A kind of encryption Hub device realized based on M-PHY interface | |
| US10541994B2 (en) | Time based local authentication in an information handling system utilizing asymmetric cryptography | |
| CN106384054B (en) | A kind of encryption Hub device realized based on PCIE interface | |
| TWI476629B (en) | Data security and security systems and methods | |
| CN106326754B (en) | A kind of data transmission encryption device realized based on PCIE interface | |
| CN109766731A (en) | Encryption data processing method, device and computer equipment based on solid state hard disk | |
| CN105516136A (en) | Authority management method, device and system | |
| CN106295372B (en) | A kind of encryption Hub device realized based on EMMC interface | |
| CN109960935B (en) | Method, device and storage medium for determining trusted state of TPM (trusted platform Module) | |
| CN106529261A (en) | UKey and method used for synchronization of offline business data | |
| CN106326753B (en) | Encryption Hub device realized based on EMMC interface | |
| CN113449349A (en) | Platform security mechanism | |
| TWI789291B (en) | Module and method for authenticating data transfer between a storage device and a host device | |
| CN107967432B (en) | Safe storage device, system and method | |
| CN112149167B (en) | Data storage encryption method and device based on master-slave system | |
| CN106301771B (en) | A kind of data transmission encryption device realized based on EMMC interface |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |