CN107343276A - A kind of guard method of the SIM card lock data of terminal and system - Google Patents

A kind of guard method of the SIM card lock data of terminal and system Download PDF

Info

Publication number
CN107343276A
CN107343276A CN201610280771.XA CN201610280771A CN107343276A CN 107343276 A CN107343276 A CN 107343276A CN 201610280771 A CN201610280771 A CN 201610280771A CN 107343276 A CN107343276 A CN 107343276A
Authority
CN
China
Prior art keywords
data
sim card
communication processor
unlocking tool
ciphertext
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201610280771.XA
Other languages
Chinese (zh)
Other versions
CN107343276B (en
Inventor
周磊
刘志勇
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Spreadtrum Communications Shanghai Co Ltd
Original Assignee
Spreadtrum Communications Shanghai Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Spreadtrum Communications Shanghai Co Ltd filed Critical Spreadtrum Communications Shanghai Co Ltd
Priority to CN201610280771.XA priority Critical patent/CN107343276B/en
Publication of CN107343276A publication Critical patent/CN107343276A/en
Application granted granted Critical
Publication of CN107343276B publication Critical patent/CN107343276B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/02Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W88/00Devices specially adapted for wireless communication networks, e.g. terminals, base stations or access point devices
    • H04W88/02Terminal devices

Abstract

A kind of guard method of the SIM card lock data of terminal and system, the terminal include communication processor, and methods described includes:By adding unlocking tool that the SIM card is locked into data transfer and storing to the first storage region of the communication processor.The security and versatility of SIM card lock data can be improved using such scheme.

Description

A kind of guard method of the SIM card lock data of terminal and system
Technical field
The present invention relates to guard method and the system of the communications field, more particularly to a kind of SIM card lock data of terminal.
Background technology
Operator passes through Global Subscriber identification card (Universal Subscriber Identity Module, USIM) Interior relevant information, to limit the country that can allow to use using the terminal of the USIM, register Network, subnet, group's network etc. configure, and its principle realized is:Pass through the phase that will be stored in USIM Close information to be compared with the relevant information stored in terminal, be to judge present terminal by comparison result It is no equipment for customizing and whether to allow to be active in current network.SIM card lock (SIM Lock) is a kind of For protecting the software locks of USIM relevant information, to ensure involved by this software locks of USIM Lock Data message security, it is necessary to SIM Lock data are related to key message (such as white list, Software lock status etc.) protect, to prevent being distorted by hacker by way of illegal software or brush machine.
At present, two methods protect the SIM Lock data:The first:It will be added with RSA private keys For SIM Lock data storages after close in CP sides, RSA public keys are hard-coded in AP sides, each subsystem Start, is passed to RSA public keys by boot loader (Universal Boot Loader, Uboot) CP, the verification to SIM Lock data is completed by CP.Second:By with after RSA private key encryptions SIM Lock data storages are in AP sides, in second of start process, by Uboot by SIM Lock numbers According to transmission to CP sides, and by CP sides re-encrypted and make further storage.
But the SIM Lock data are protected with the aforedescribed process if adopted, SIM Lock can be caused Information Security and the versatility of guard method are low.
The content of the invention
The present invention solves the problems, such as it is how to improve the security and versatility of SIM card lock data.
To solve the above problems, the embodiments of the invention provide the protection that a kind of SIM card of terminal locks data Method, the terminal include communication processor, and methods described includes:By adding unlocking tool by the SIM Clamping lock data transfer is simultaneously stored to the first storage region of the communication processor.
Alternatively, the SIM card is stored by hard coded mode or soft coded system and locks data.
Alternatively, before the SIM card is locked into data transfer to the communication processor, in addition to: Public key is transmitted and stored to the communication processor by described plus unlocking tool;The communication processor Described plus unlocking tool is authenticated and authenticated using the public key and is passed through.
Alternatively, the communication processor is authenticated using the public key to described plus unlocking tool, including: The communication processor detects the public key, and whether the private key held with described plus unlocking tool matches;When When determining that the public key matches with the private key that the source side of SIM card lock data is held, the communication Processor determines to pass through the authentication to the unlocking tool.
Alternatively, the SIM card lock data include static data.
Alternatively, described plus unlocking tool to the communication processor send the SIM card lock data it Before, in addition to:Described plus unlocking tool locks number by the private key with the public key match to the SIM card Static data in is encrypted, and generates the first ciphertext, and first ciphertext is sent to described logical Believe processor;First ciphertext is decrypted using the public key for the communication processor;Work as success After completing the decryption to first ciphertext, the communication processor generates the first encryption key, and utilizes First encryption key and the public key carry out double layer encryption, generation to first ciphertext after decryption Second ciphertext, and send to described plus unlocking tool;The SIM card is locked data by described plus unlocking tool In static data replace with second ciphertext.
Alternatively, the SIM card lock data include static data and dynamic data.
Alternatively, before the communication processor stores the SIM card lock data, in addition to:It is described Unlocking tool is added to be encrypted to the dynamic data using the private key and signed to the static data Name, and send to the communication processor;The communication processor is verified and to institute to the signature State dynamic data to be decrypted, and the signature after checking and the dynamic data after decryption are encrypted again And signature, and store.
Alternatively, described plus unlocking tool the dynamic data is encrypted using the private key and to institute State static data to be signed, and send to the communication processor;Including:The encryption and decryption instrument pair The 3rd ciphertext of generation is encrypted in the dynamic data, and the static data is signed, generation first Signature value, and by the 3rd ciphertext and carry the first signature value the static data send to The communication processor.
Alternatively, the communication processor is verified to the signature and the dynamic data is solved It is close, and the signature after checking and the dynamic data after decryption are encrypted and signed again, and store, Including:The communication processor is verified to the first signature value, and the 3rd ciphertext is carried out Decryption;When by the verification to the first signature value and after complete decryption to the 3rd ciphertext, institute State communication processor and generate the second encryption key, and signed using second encryption key to described first Value is encrypted, and generates the 4th ciphertext, and the dynamic data is carried out using second encryption key Signature, the second signature value is generated, store the static data after decryption, dynamic data, described second Signature value and the 4th ciphertext.
Alternatively, public key is transmitted and stored to before the communication processor by described plus unlocking tool, also Including:The communication processor determines the uniqueness with described plus unlocking tool data interaction.
Alternatively, the communication processor determines the uniqueness with described plus unlocking tool data interaction, bag Include:Random number is transmitted and stored to the second storage of the communication processor by described plus unlocking tool Region;Wherein:Data in second storage region can not be changed;The encryption and decryption instrument uses institute State random number and the public key carries out computing, obtain the first operation values, and first operation values are carried out Encryption obtains the first secret value, and first secret value and the public key are sent to the mailing address jointly Manage device;The public key is encrypted to obtain the second secret value for the communication processor, and judges described Whether one secret value and second secret value are identical;When first secret value and second secret value When identical, the communication processor determines unique with described plus unlocking tool data interaction.
Alternatively, the data in first storage region can be changed.
Alternatively, the terminal also includes application processor, the communication processor and described plus unblock work The data interaction of tool carries out transparent transmission by the application processor.
The embodiments of the invention provide a kind of protection system of SIM card lock data, the system includes:Add Unlocking tool and terminal coupled with it, wherein:The terminal, including:Communication processor is described logical Believe that processor is suitable to the SIM card lock data for receiving the transmission of described plus unlocking tool, and the SIM card is locked Data storage is to the first storage region;Described plus unlocking tool, suitable for the SIM card is locked into data transfer To the communication processor of the terminal.
Alternatively, the communication processor is suitable to store the SIM by hard coded mode or soft coded system Clamping lock data.
Alternatively, the SIM card is being locked data transfer to the communication processor by described plus unlocking tool Before, it is further adapted for transmitting public key and storing to the communication processor;
The communication processor is further adapted for described plus unlocking tool is authenticated and authenticated using the public key passing through.
Alternatively, the communication processor is adapted to detect for whether the public key is held with described plus unlocking tool Some private key matchings, when it is determined that the private key that the source side of the public key and SIM card lock data is held During matching, it is determined that passing through the authentication to the unlocking tool.
Alternatively, the SIM card lock data include static data.
Alternatively, described plus unlocking tool, it is further adapted for sending the SIM card to the communication processor Before locking data, the static data in data is locked to the SIM card by the private key with the public key match It is encrypted, generates the first ciphertext, and first ciphertext is sent to the communication processor;It is described Communication processor, it is further adapted for first ciphertext is decrypted using the public key;When successfully completing pair After the decryption of first ciphertext, the first encryption key is generated, and utilize first encryption key and institute State public key and double layer encryption is carried out to first ciphertext after decryption, generate the second ciphertext, and send to institute State and add unlocking tool, to cause the SIM card is locked the static data in data by described plus unlocking tool to replace It is changed to second ciphertext.
Alternatively, the SIM card lock data include static data and dynamic data.
Alternatively, described plus unlocking tool, it is further adapted for storing the SIM card lock in the communication processor Before data, the dynamic data is encrypted using the private key and the static data is signed Name, and send to the communication processor;The communication processor, it is further adapted for testing the signature Demonstrate,prove and the dynamic data is decrypted, and to the signature after checking and the dynamic data after decryption again It is encrypted and signs, and stores.
Alternatively, described plus unlocking tool, suitable for the dynamic data being encrypted the 3rd ciphertext of generation, The static data is signed, generates the first signature value, and by the 3rd ciphertext and carry The static data for stating the first signature value is sent to the communication processor.
Alternatively, the communication processor is further adapted for verifying the first signature value, and to described 3rd ciphertext is decrypted;When by the verification to the first signature value and complete to the 3rd ciphertext Decryption after, generate the second encryption key, and using second encryption key to the first signature value It is encrypted, generates the 4th ciphertext, and the dynamic data is signed using second encryption key Name, the second signature value is generated, the static data, dynamic data, second label after storage decryption Name value and the 4th ciphertext.
Alternatively, the communication processor, it is further adapted for public key is transmitted and stored in described plus unlocking tool To before the communication processor, it is determined that with described plus unlocking tool data interaction uniqueness.
Alternatively, the data in first storage region can be changed.
Alternatively, the terminal also includes application processor, suitable for the communication processor is added with described Data penetration transmission between unlocking tool.
Alternatively, the communication processor, be further adapted for transmitting by ciphertext with described plus unlocking tool described in The Identity Code data of terminal, and by the Identity Code data storage in first storage region.
Compared with prior art, technical scheme has advantages below:
From outside unlocking tool can be added to obtain SIM card lock data by communication processor, can disobeyed Rely application processor, and because data storage is in communication processor, so that this method can fit For products such as function machine and data cards, therefore the logical of the SIM Lock clamping lock data guard methods can be improved The property used.Also, the source code data of communication processor are not open content, that is to say, that communication processor In data be not easy to distort, therefore store data in communication processor, data protection can also be improved Security.
Further, receive before the SIM card lock data of unlocking tool are added, pass through in communication processor The communication processor is using public key pair plus unlocking tool authentication and by avoiding other unspecific plus solution Lock tool is modified the backward communication processor to SIM card lock data and transmitted, so as to enter Improve to one step the security of data.
Further, by communication processor before the data are received, with adding unlocking tool to interact, SIM card lock data inactivity data in described plus unlocking tool, which are replaced with described plus unlocking tool, to be known Other ciphertext, it can avoid modifying to the static data in described plus unblock, so as to further Improve the security of data in ground.
Further, add unlocking tool that public key is transmitted and stored to before the communication processor, pass through institute Communication processor determination and described plus unlocking tool data interaction uniqueness are stated, can be avoided to the public affairs The random setting of key, so as to further improve the security of data.
Brief description of the drawings
Fig. 1 is a kind of flow signal of the guard method of SIM card lock data in invention embodiment Figure;
Fig. 2 is a kind of structural representation of the protection system of SIM card lock data in the embodiment of the present invention;
Fig. 3 is a kind of in the embodiment of the present invention plus data interaction between unlocking tool and communication processor letter Order figure;
Fig. 4 is a kind of schematic flow sheet of the verification of terminal-pair SIM card lock data in the embodiment of the present invention.
Embodiment
Operator passes through Global Subscriber identification card (Universal Subscriber Identity Module, USIM) Interior relevant information, to limit the country that can allow to use using the terminal of the USIM, register Network, subnet, group's network etc. configure, and its principle realized is:Pass through the phase that will be stored in USIM Close information to be compared with the relevant information stored in terminal, be to judge present terminal by comparison result It is no equipment for customizing and whether to allow to be active in current network.
SIM card lock (SIM Lock) is a kind of software locks for being used for protecting USIM relevant information, is The security of the data message involved by this software locks of USIM Lock is ensured, it is necessary to by SIM Lock The key message (such as white list, software lock status) that data are related to protects, to prevent by hacker Distorted by way of illegal software or brush machine.
At present, two methods protect the SIM Lock data:The first:It will be added with RSA private keys For SIM Lock data storages after close in CP sides, RSA public keys are hard-coded in AP sides, each subsystem Start, CP is passed to by open source code (Universal Boot Loader, Uboot) by RSA public keys, Verification to SIM Lock data is completed by CP.Second:By with the SIM Lock after RSA private key encryptions Data storage is in AP sides, in second of start process, by Uboot by SIM Lock data send to CP sides, and by CP sides re-encrypted and make further storage.
But the SIM Lock data are protected with the aforedescribed process if adopted, SIM Lock can be caused Information Security and the versatility of guard method are low.
To solve the above problems, the embodiments of the invention provide terminal SIM card lock data guard method, By communication processor can from outside plus unlocking tool obtain SIM card lock data, can independent of should With processor, and because data storage is in communication processor, so that this method goes for The product such as function machine and data card, therefore the versatility of the SIM Lock clamping lock data guard methods can be improved, And the source code data of communication processor are not open content, that is to say, that the data in communication processor It is not easy to distort, therefore stores data in communication processor, the security of data protection can also be improved.
It is understandable to enable the above objects, features and advantages of the present invention to become apparent, below in conjunction with the accompanying drawings The specific embodiment of the present invention is described in detail.
A kind of guard method of the SIM card lock data of terminal in the embodiment of the present invention is the following provided, such as Shown in Fig. 1, the terminal includes communication processor, and methods described is carried out step by step below in conjunction with Fig. 1 It is discussed in detail:
S11:Unlocking tool is added to send SIM card lock data to communication processor.
Carried out in order to avoid the data interaction of arbitrary plus unlocking tool and terminal or to SIM card lock data Distort, to improve the security of data, in specific implementation, the SIM card is being locked into data transfer extremely Before the communication processor, public key can be transmitted and stored to described logical by described plus unlocking tool Believe processor, and then the communication processor is authenticated and authenticated to described plus unlocking tool using the public key Pass through.
Due to adding unlocking tool obtaining the public key simultaneously, the private key with the public key match can be got, Therefore in specific implementation, the communication processor can detect the public key whether with described plus unlocking tool The private key matching held, if it is determined that the public key and the source side of SIM card lock data are held Private key matching when, it may be determined that pass through the authentication to the unlocking tool.It is it should be noted that described Private key can be stored in described plus unlocking tool or softdog, also or client server, to strengthen private key Security, but no matter private key is stored in where, and described plus unlocking tool can obtain the private key. The position of the private key storage, does not form any restrictions to protection scope of the present invention.
In order to determine the uniqueness with described plus unlocking tool data interaction, in an embodiment of the present invention, Unlocking tool is added to transmit public key and store to before the communication processor when described, can be by described Add unlocking tool that random number is transmitted and encrypted to store to the second storage region of the communication processor;Its In:Data in second storage region can not be changed.
The encryption and decryption instrument carries out computing using the random number and the public key, obtains the first operation values, And first operation values are encrypted to obtain the first secret value, by first secret value and the public affairs Key is sent to the communication processor jointly;The public key is encrypted to obtain for the communication processor Two secret values, and judge whether first secret value and second secret value are identical;When described first When secret value is identical with second secret value, the communication processor determines and described plus unlocking tool number According to interactive uniqueness.
It should be noted that the communication processor has various ways to obtain the SIM at unlocking tool from adding Clamping lock data, for example the SIM card lock data can be directly obtained at described plus unlocking tool, so One, because the acquisition of data and the storage of data are independently completed at the communication processor, Therefore the dependence to other parts in terminal can be avoided, so as to improve the general of data guard method The security of property and data.
Also for example, the SIM card lock can also be obtained by the application processor that the terminal includes Data, and during the SIM card lock data are obtained, the application processor is one saturating The effect of biography, any processing is not done to the data obtained at described plus unlocking tool.So, The security of data can be improved.
The SIM card lock data include static data, and the static data is extremely important, in order to avoid people Changed for destruction or Malware, therefore in the bright embodiment of we, described plus unlocking tool leads to described , can also be by being handed over the communication processor before believing that processor sends the SIM card lock data Mutually, to cause the static data to be changed by described plus unlocking tool.
Specifically, add unlocking tool by the private key with the public key match to the SIM by described first Static data in clamping lock data is encrypted, generate the first ciphertext, and by first ciphertext send to The communication processor, then the communication processor first ciphertext is solved using the public key It is close, and then after the decryption to first ciphertext is successfully completed, the communication processor can generate One encryption key, and using first encryption key and the public key to first ciphertext after decryption Double layer encryption is carried out, generates the second ciphertext, and is sent to described plus unlocking tool, then described plus unblock The SIM card is locked the static data in data and replaces with second ciphertext by instrument.So, by It can not know first encryption key in described plus unlocking tool, and can not also know the static number According to encryption method, therefore the security of static data can be improved.
S12:The SIM card is locked data storage to the first storage region by communication processor.
In specific implementation, communication processor can have various ways that the SIM card received is locked into number According to being stored in first storage region.For example the SIM card lock can be stored by hard coded mode Data, the data can also be stored by soft coded system.
In order to improve the customizability of the SIM card lock data, that is, can be in SIM card lock Data reasonably changed, in an embodiment of the present invention, the data in first storage region It can be changed, that is to say, that first storage region, which can be one, repeatedly to be changed data Region.
Because SIM card lock data include static data and dynamic data, in order to consider data The efficiency of security and data transfer, in specific implementation, the SIM is stored in the communication processor Before clamping lock data, described plus unlocking tool can also be added using the private key to the dynamic data It is close and the static data is signed, and send to the communication processor, and then the mailing address Reason device verified to the signature and the dynamic data is decrypted, and to the signature after checking and Dynamic data after decryption is encrypted and signed again, and stores.
In an embodiment of the present invention, life can be encrypted to the dynamic data in the encryption and decryption instrument Into the 3rd ciphertext, the static data is signed, generates the first signature value, and it is close by the described 3rd The static data that is literary and carrying the first signature value is sent to the communication processor, to realize Encryption to the dynamic data and the signature to static data progress.
In an alternative embodiment of the invention, the communication processor is verified and to described to the signature Dynamic data is decrypted, and the signature after checking and the dynamic data after decryption are encrypted again and Signature, and store.
Detailed process can be followed successively by:The communication processor verifies to the first signature value first, And the 3rd ciphertext is decrypted, and if then pass through the verification to the first signature value and complete pair After the decryption of 3rd ciphertext, the second encryption key can be generated, and utilize second encryption key The first signature value is encrypted, generates the 4th ciphertext, and using second encryption key to institute State dynamic data to be signed, generate the second signature value, the static data, dynamic after storage decryption Data, the second signature value and the 4th ciphertext.
To cause those skilled in the art to more fully understand and realizing the present invention, the following provide of the invention real A kind of protection system of SIM card lock data in example is applied, as shown in Fig. 2 the system can include: Add unlocking tool 1 and terminal 2 coupled with it, wherein:
The terminal 2, including:Communication processor 21, the communication processor 21 are suitable to receive described add The SIM card lock data that unlocking tool 1 transmits, and the SIM card is locked into data storage to the first memory block Domain;
Described plus unlocking tool 1, suitable for the SIM card is locked into communication of the data transfer to the terminal 2 Processor 21.
In specific implementation, the communication processor 21 is suitable to deposit by hard coded mode or soft coded system Store up the SIM card lock data.
In specific implementation, described plus unlocking tool 1 is leading to SIM card lock data transfer to described Before believing processor 21, it is further adapted for transmitting public key and storing to the communication processor 21;The communication Processor 21 is further adapted for described plus unlocking tool 1 is authenticated and authenticated using the public key passing through.
In specific implementation, the communication processor 21 be adapted to detect for the public key whether with it is described plus unblock The private key matching that instrument 1 is held, when it is determined that the public key and the institute of source side of SIM card lock data During the private key matching held, it is determined that passing through the authentication to the unlocking tool.
In specific implementation, the SIM card lock data include static data.
In specific implementation, before the SIM card lock data are sent to the communication processor 21, institute State plus unlocking tool 1 is further adapted for locking in data the SIM card by the private key with the public key match Static data is encrypted, and generates the first ciphertext, and first ciphertext is sent to the communication process Device 21;
The communication processor 21 is further adapted for first ciphertext is decrypted using the public key;Treat as After work(completes the decryption to first ciphertext, the first encryption key is generated, and utilize the described first encryption Key and the public key carry out double layer encryption to first ciphertext after decryption, generate the second ciphertext, and Send to described plus unlocking tool 1, to cause described plus unlocking tool 1 to lock the SIM card in data Static data replace with second ciphertext.
In specific implementation, the SIM card lock data include static data and dynamic data.
It is described before the communication processor 21 stores the SIM card lock data in specific implementation Unlocking tool 1 is added to be further adapted for the dynamic data being encrypted and to the static number using the private key According to being signed, and send to the communication processor 21;The communication processor 21 is further adapted for described Sign and verified and the dynamic data is decrypted, and to dynamic after the signature after checking and decryption State data are encrypted and signed again, and store.
In specific implementation, described plus unlocking tool 1 is suitable to the dynamic data is encrypted generation the Three ciphertexts, the static data is signed, generates the first signature value, and by the 3rd ciphertext and The static data for carrying the first signature value is sent to the communication processor 21.
In specific implementation, the communication processor 21 is further adapted for verifying the first signature value, And the 3rd ciphertext is decrypted;When by the verification to the first signature value and complete to described After the decryption of 3rd ciphertext, the second encryption key is generated, and using second encryption key to described the One signature value is encrypted, and generates the 4th ciphertext, and using second encryption key to the dynamic number According to being signed, the second signature value, the static data, dynamic data after storage decryption, institute are generated State the second signature value and the 4th ciphertext.
In specific implementation, public key is transmitted and stored to the communication process in described plus unlocking tool 1 Before device 21, the communication processor 21 is further adapted for determining and the described plus data interaction of unlocking tool 1 Uniqueness.
In specific implementation, the communication processor 21 is further adapted for receiving from described plus unlocking tool 1 Random number, and store to the second storage region of the communication processor 21;Wherein:Second storage Data in region can not be changed.
The encryption and decryption instrument is further adapted for carrying out computing using the random number and the public key, obtains first Operation values, and first operation values are encrypted to obtain the first secret value, by first secret value And the public key is sent to the communication processor 21 jointly;The communication processor 21 is further adapted for described Public key is encrypted to obtain the second secret value, and judges that first secret value is with second secret value It is no identical;When first secret value is identical with second secret value, the communication processor 21 is true Fixed and described plus the data interaction of unlocking tool 1 uniqueness.
In specific implementation, the data in first storage region can be changed.
In specific implementation, the terminal 2 also includes application processor 22, the communication processor 21 with Described plus unlocking tool 1 data interaction carries out transparent transmission by the application processor 22.
To cause those skilled in the art to more fully understand and realizing the present invention, it is provided below of the invention real The signaling diagram of the data interaction a kind of plus between unlocking tool and communication processor in example is applied, as shown in figure 3, Below with reference to Fig. 3, the guard method for locking data to the SIM card in the embodiment of the present invention step by step is carried out It is discussed in detail:
S301:Random number N 1 is sent to communication processor 32.
It should be noted that present document relates to instrument can be plus unlocking tool 31, and in view of not With product form for the versatility requirement of method, described plus unlocking tool 31 can be in school in terminal The write-in of data is carried out under quasi-mode and under normal mode, so that the solution of the present invention can be complete Completed by the side of communication processor 32 in portion.
In specific implementation, described plus unlocking tool 31 can generate a pair of RSA (Ron by softdog Rivest, Adi Shamir, LeoN1ard Adleman) key, respectively public key (Public Key, PK) And private key (Secret Key, SK), the client that wherein SK is customized by SIM Lock preserve, PK can be with Transmit to communication processor 32 and store.
Because the PK is extremely important, in order to prevent PK random setting, ensure the uniqueness of the operation, Described plus unlocking tool 31 before PK transmissions, can firstly generate 128bit (or 256bit) with Machine number N1, and then the random number N 1 can be sent to communication processor 32.
It is understood that the byte number shared by the random number N 1, is not limited the invention, Those skilled in the art can also generate the random number N 1 of other byte numbers.
S302:The random number N 1 is stored in the hardware circuit of reprogrammable by communication processor 32.
In specific implementation, the random number N 1 can be stored in reprogrammable by communication processor 32 In hardware circuit.
In an embodiment of the present invention, the hardware circuit of the reprogrammable can be electrically programmable fuse (eFUSE).Data in the eFUSE can not be modified, by communication processor 32 will it is described with Machine number N1 is stored in eFUSE, can improve the security of data interaction.
If it is understood that the communication processor 32 is successfully received the random number N 1, meeting Sent to described plus unlocking tool 31 and confirm receive information, this process is repeated no more at this.
S303:(PK, M1) is sent to communication processor 32.
In specific implementation, described plus unlocking tool 31, can be right after random number N 1 is successfully transmitted The public key and random number N 1 perform the computing for asking hash and summation, obtain (HASH (PK)+N1), And then by the mode of Advanced Encryption Standard (Advanced Encryption Standard, AES) to described (HASH (PK)+N1) is encrypted, and (key of the AES encryption can be by by generation data M1 Communication processor 32 is with adding unlocking tool 31 to consult to arrange).Then described plus unlocking tool 31 can incite somebody to action (PK, M1) is sent to communication processor 32.
S304:M2 is generated, verifies M1, if after verification passes through, generating encryption data SPK, and preserve PK and SPK.
In specific implementation, communication processor 32 can store according to the AES key appointed and before Random number N 1, to be encrypted again to the PK received, and encryption data M2 is generated, then compared M1 and M2, if M1 is identical with M2, illustrate that PK is sent successfully, that is, ensure that communication process Device 32 and the uniqueness for adding the data interaction of unlocking tool 31.
And communication processor 32 is properly received after PK, the equipment mark of communication processor 32 can be passed through Know code (User Identification, UID), generate new AES passwords (Key), in this operation, Because the UID of each chips, that is, each communication processor 32 is theoretically what is differed, therefore just AES Key uniqueness is may insure, so as to also bring certain guarantee to PK security, then PK is encrypted by aes algorithm, encryption data SPK is generated, (PK, SPK) can be deposited Storage is got up.
In an embodiment of the present invention, (PK, SPK) N1V blocks region can be stored in by described in. Certainly, according to being actually needed, those skilled in the art can also store it in its of communication processor 32 Its region.
S305:Send authentication request.
In order to improve the security of data, in specific implementation, the communication processor 32 can be to described Unlocking tool 31 is added to be authenticated, therefore described plus unlocking tool 31 can send to communication processor 32 and reflect Power request.If described plus authentication of the unlocking tool 31 by communication processor 32, can enter line number According to read-write operation;If described plus unlocking tool 31, can not by the authentication of communication processor 32 Continue the data interaction between described plus unlocking tool 31, or do not receive from described plus unlocking tool 31 data.
S306:Random number N 2 is generated, is encrypted using PK, generation ciphertext M1.
In specific implementation, when communication processor 32 receive this from add unlocking tool 31 authentication please After asking, random number N 2 can be generated, then N2 is encrypted using the PK of storage, generation is close Literary M1.
S307:Ciphertext M1 is returned into instrument.
S308:M1 is decrypted by SK, obtains random number N 2, and N2 is encrypted with SK, it is raw Into ciphertext M2.
In specific implementation, unlocking tool 31 is added to pass through encryption after ciphertext M1 is had successfully received The SK matched with PK that dog is generated before getting, then ciphertext M1 is decrypted using SK, And the data N2 obtained after decryption is reused into SK encryptions, generation ciphertext M2.
S309:M2 is sent to communication processor 32.
S310:Decryption obtains N3, contrasts N2 and N3, confirms authenticating result.
In specific implementation, communication processor 32 can pass through the PK of storage after ciphertext M2 is received M2 is decrypted, reduction draws random number N 3, then to N3 compared with N2, according to comparing Results verification whether by pair plus unlocking tool 31 authentication.If N3 is identical with N2, can pass through To described plus unlocking tool 31 authentication, otherwise, do not pass through the authentication to described plus unlocking tool 31.
It should be noted that no matter whether the communication processor 32 is by described plus unlocking tool 31 Authentication, be notified that the described plus authenticating result of unlocking tool 31, the flow of notice do not done herein any Limit, therefore will not be repeated here.
It is understood that after described plus unlocking tool 31 has passed through the authentication of communication processor 32, S311 can be continued executing with;Conversely, the two does not continue to interact.
S311:Send ciphertext M3.
It should be noted that SIMLOCK data include two parts:Static data and dynamic data.Wherein Static data refers to the encryption data of such as PIN/PUK (please supplement), the signature of static segment of data, After terminal is dispatched from the factory, it will not theoretically change again, unless artificial destruction or Malware modification, and Static part data are to be set by device software exploitation or manufacturer by being stored in terminal after private key signature In standby, once data change, can directly result in start data check can not be by, and then can not normally make With the communication function of terminal, therefore static data can also be referred to as customization data.
Meanwhile dynamic data refers to during the use of mobile phone, it is necessary to the data content of dynamic change, The successively decreasing and recover of number, the change of SIMLock mode bit are such as unlocked, this partial data can claim again For user data.
In specific implementation, as the important component of SIMLock static datas, PIN/PUK number According to the most critical content for being also the whole data segments of SIM Lock, in order to prevent that the partial data from being write with a brush dipped in Chinese ink again, And cracking for SIM Lock data is ultimately resulted in, the processing to this partial data before configuration, can be with The partial data is encrypted and then given by communication processor 32 instrument processing.
In an embodiment of the present invention, add unlocking tool 31 can be by the PIN/PUK in SIM Lock data Data are encrypted by RSA SK, generate ciphertext M3, and then send to communication processor 32.
S312:Re-encrypted after being decrypted to M3, generate M4.
In specific implementation, communication processor 32 is correctly received after ciphertext M3, can pass through RSA Ciphertext M3 is decrypted PK, and after successful decryption, communication processor 32 can be generated by UID AES Key, AES and RSA PK double layer encryption is carried out to the PIN/PUK after decryption, generate ciphertext M4。
S313:M4 is returned into instrument.
S314:M4 is replaced into the static data in SIM Lock data.
In specific implementation, add unlocking tool 31 after ciphertext M4 is received, ciphertext M4 can be put The correspondence position of static data in SIM Lock data.So, due to adding unblock data can not Know the AES passwords, and cipher mode of the communication processor 32 to static data can not be known, then Any distort can not be carried out to static data.
S315:Static data is signed, obtains S1;Dynamic data is encrypted, generates M5.
In order to preferably protect SIM Lock static data, prevent from being maliciously tampered, in specific implementation, Can be before the write-in of SIM Lock data be carried out, using RSA SK for SIM Lock static datas Signed.
So, the signature can be verified before communication processor 32 every time start, once it is quiet State data are destroyed, and can directly result in signature check failure, then can not normal use terminal communication work( Energy.And because SIM Lock monoblocks data area is larger, if realizing ciphertext transmission, it is necessary to be divided Section encrypted transmission, in order to avoid the complexity that scheme caused by data splitting and reorganizing possibility is realized, specific In implementation, signature and ciphertext mixing sending method can be used to transmit the SIM Lock data.
In an embodiment of the present invention, unlocking tool 31 is added after PIN/PUK is configured by ciphertext, can be with SIMLock static datas are signed using RSA SK, generation signature S1, are then placed in S1 In SIMLock data, wait to be sent.Because dynamic data area is smaller in SIM Lock, therefore add unblock work Directly the partial data can be encrypted using RSA SK for tool 31, generation ciphertext M5.
S316:(SIMLock static datas, S1, M5) is sent to communication processor 32.
S317:M5 is decrypted and S1 is verified, if after successful decryption and verification, to S1 Re-encrypt, generate M6;Dynamic data is signed, generates S2.
In specific implementation, communication processor 32 is correctly received after data, can use RSA PK SIMLock dynamic datas M5 is decrypted, and S1 is verified.If communication processor 32 pairs of M5 successful decryptions and to S1 unsuccessful verifications after, can by UID generate AES Key, enter And SIMLock dynamic datas are signed, signature value S2 is generated, and carry out AES to S1 to re-encrypt, Generate M6.
Last communication processor 32 can by the SIMLock static datas after successful decryption, M6, NV correspondence positions are arrived in SIMLOCK dynamic datas and S2 renewals.Because the data on NV can be changed, , can be according to from S301-S317's if subsequent user needs to modify to the data in SIM Lock Flow again writes the data in NV, so as to improve the customizability of data.
In specific implementation, while SIM Lock data write, IMEI data are can also carry out Write-in.The process includes:Firstly generate ciphertext M7:Add unlocking tool 31 by RSA SK to IMEI Data are encrypted, and generate ciphertext M7, and M7 is transmitted directly into communication processor 32.
After communication processor 32 has successfully received M7, M7 is decrypted by RSA PK, and will IMEI data after decryption pass through AES re-encrypteds, generation ciphertext M8;AES Key are equally used UID is generated, and final communication processor 32, which can update M8, arrives NV correspondence positions.
If it is understood that when also including application processor in terminal, SIM Lock data it is whole Storage operation can all be completed in the side of communication processor 32, and application processor is only responsible for SIM Lock numbers According to transparent transmission.
It is also provided below to use this hair to cause those skilled in the art to more fully understand and realizing the present invention After the guard method of SIM card lock data in bright embodiment, when starting the next time of communication processor, eventually The involved safety verification step in end, as shown in Figure 4:
S41:RSA PK are obtained, and whether verify RSA PK effective.
In specific implementation, when communication processor is again started up, terminal can obtain RSA PK, and verify RSA PK validity.
When it is determined that RSA PK are effective, S42 can be performed;Conversely, perform S43.
S42:To SIM Lock data checks.
In specific implementation, the terminal can obtain SIMLock related datas, and pass through AES&RSA Algorithm, the key generated with reference to UID, to SIMLock data checks, whether to determine SIMLock It is tampered.
If the SIM Lock data have been tampered with, S43 can be performed;Conversely, S44 can be performed.
S43:The access right of limiting terminal.
In specific implementation, in order to avoid performing the peace of destructive operation or the information of user to terminal Entirely, can be with the access right of limiting terminal, for example simply allow using functions such as urgent calls.
S44:Continue to complete the starting procedure of protocol stack.
In specific implementation, if it is determined that PK and SIM Lock data are errorless, can be continued The starting procedure of protocol stack is completed, to cause terminal can be with normal use.
By above-mentioned starting procedure safety verification flow, locked using the SIM card in the embodiment of the present invention The guard method of data, when starting shooting every time, communication processor can lock data to SIM card and repeatedly be verified, Once the data occur, and to be tampered or occur distorting etc. for public key abnormal, can be with the use of limiting terminal Authority, therefore the guard method of the SIM card lock data in the embodiment of the present invention, can improve data protection Security.
One of ordinary skill in the art will appreciate that all or part of step in the various methods of above-described embodiment Suddenly it is that by program the hardware of correlation can be instructed to complete, the program can be stored in can with computer Read in storage medium, storage medium can include:ROM, RAM, disk or CD etc..
Although present disclosure is as above, the present invention is not limited to this.Any those skilled in the art, Without departing from the spirit and scope of the present invention, can make various changes or modifications, therefore the guarantor of the present invention Shield scope should be defined by claim limited range.

Claims (28)

1. a kind of guard method of the SIM card lock data of terminal, the terminal include communication processor, its feature It is, including:
By adding unlocking tool that the SIM card is locked into data transfer and storing to the first of the communication processor Storage region.
2. the guard method of the SIM card lock data of terminal according to claim 1, it is characterised in that pass through Hard coded mode or soft coded system store the SIM card lock data.
3. the guard method of the SIM card lock data of terminal according to claim 2, it is characterised in that Before the SIM card is locked into data transfer to the communication processor, in addition to:
Public key is transmitted and stored to the communication processor by described plus unlocking tool;
The communication processor, which is authenticated and authenticated to described plus unlocking tool using the public key, to be passed through.
4. the guard method of the SIM card lock data of terminal according to claim 3, it is characterised in that institute Communication processor is stated using the public key to described plus unlocking tool authentication, including:
The communication processor detects the public key, and whether the private key held with described plus unlocking tool matches;
It is described when it is determined that the public key matches with the private key that the source side of SIM card lock data is held Communication processor determines to pass through the authentication to the unlocking tool.
5. the guard method of the SIM card lock data of terminal according to claim 3, it is characterised in that institute Stating SIM card lock data includes static data.
6. the guard method of SIM card lock data according to claim 5, add unlocking tool to institute described Before stating the communication processor transmission SIM card lock data, in addition to:
Described plus unlocking tool locks the static state in data by the private key with the public key match to the SIM card Data are encrypted, and generate the first ciphertext, and first ciphertext is sent to the communication processor;
First ciphertext is decrypted using the public key for the communication processor;
After the decryption to first ciphertext is successfully completed, the communication processor generates the first encryption key, And double-deck add is carried out to first ciphertext after decryption using first encryption key and the public key It is close, the second ciphertext is generated, and send to described plus unlocking tool;
The SIM card is locked the static data in data and replaces with second ciphertext by described plus unlocking tool.
7. the guard method of the SIM card lock data of terminal according to claim 4, it is characterised in that institute Stating SIM card lock data includes static data and dynamic data.
8. the guard method of the SIM card lock data of terminal according to claim 7, it is characterised in that Before the communication processor stores the SIM card lock data, in addition to:
Described plus unlocking tool the dynamic data is encrypted using the private key and to the static data Signed, and sent to the communication processor;
The communication processor is verified to described sign and the dynamic data is decrypted, and to testing The dynamic data after signature and decryption after card is encrypted and signed again, and stores.
9. the guard method of the SIM card lock data of terminal according to claim 8, it is characterised in that institute State plus unlocking tool is encrypted to the dynamic data using the private key and the static data is entered Row signature, and send to the communication processor;Including:
The encryption and decryption instrument dynamic data is encrypted the 3rd ciphertext of generation, to the static data Signed, generate the first signature value, and by the 3rd ciphertext and carry the first signature value The static data send to the communication processor.
10. the guard method of the SIM card lock data of terminal according to claim 9, it is characterised in that institute Communication processor is stated to verify the signature and the dynamic data is decrypted, and to checking Dynamic data after rear signature and decryption is encrypted and signed again, and stores, including:
The communication processor is verified to the first signature value, and the 3rd ciphertext is decrypted;
It is described logical when by the verification to the first signature value and after complete decryption to the 3rd ciphertext Believe that processor generates the second encryption key, and using second encryption key to the first signature value It is encrypted, generates the 4th ciphertext, and the dynamic data is carried out using second encryption key Signature, the second signature value is generated, the static data, dynamic data after storage decryption, described the Two signature values and the 4th ciphertext.
11. the guard method of the SIM card lock data of terminal according to claim 3, it is characterised in that institute State plus public key is transmitted and stored to before the communication processor by unlocking tool, in addition to:It is described logical Believe that processor determines the uniqueness with described plus unlocking tool data interaction.
12. the guard method of the SIM card lock data of terminal according to claim 11, it is characterised in that
The communication processor determines the uniqueness with described plus unlocking tool data interaction, including:
Random number is transmitted and stored to the second memory block of the communication processor by described plus unlocking tool Domain;Wherein:Data in second storage region can not be changed;
The encryption and decryption instrument carries out computing using the random number and the public key, obtains the first operation values,
And first operation values are encrypted to obtain the first secret value, by first secret value and described Public key is sent to the communication processor jointly;
The public key is encrypted to obtain the second secret value for the communication processor, and judges that described first adds Whether close value is identical with second secret value;When first secret value and the second secret value phase Meanwhile the communication processor determines to add unlocking tool data interaction unique with described.
13. the guard method of the SIM card lock data of terminal according to claim 1, it is characterised in that institute Stating the data in the first storage region can change.
14. the guard method of the SIM card lock data of terminal according to claim 1, it is characterised in that institute Stating terminal also includes application processor, the communication processor and described plus unlocking tool data interaction Transparent transmission is carried out by the application processor.
A kind of 15. protection system of SIM card lock data, it is characterised in that including:Add unlocking tool and with its coupling The terminal connect, wherein:
The terminal, including:Communication processor, the communication processor are suitable to receive described plus unlocking tool The SIM card lock data of transmission, and the SIM card is locked into data storage to the first storage region;
Described plus unlocking tool, suitable for the SIM card is locked into data transfer to the communication processor of the terminal.
16. the protection system of SIM card lock data according to claim 15, it is characterised in that described logical Believe that processor is suitable to store the SIM card lock data by hard coded mode or soft coded system.
17. the protection system of SIM card lock data according to claim 16, it is characterised in that described to add Unlocking tool is further adapted for public affairs before the SIM card is locked into data transfer to the communication processor Key is transmitted and stored to the communication processor;
The communication processor is further adapted for described plus unlocking tool is authenticated and authenticated using the public key passing through.
18. the protection system of SIM card lock data according to claim 17, it is characterised in that described logical Letter processor is adapted to detect for the public key, and whether the private key held with described plus unlocking tool matches, when When determining that the public key matches with the private key that the source side of SIM card lock data is held, it is determined that logical Cross the authentication to the unlocking tool.
19. the protection system of SIM card lock data according to claim 17, it is characterised in that the SIM Clamping lock data include static data.
20. the protection system of SIM card lock data according to claim 19, it is characterised in that described to add Unlocking tool, it is further adapted for before the SIM card lock data are sent to the communication processor, passes through The static data in data is locked to the SIM card to be encrypted, generate with the private key of the public key match First ciphertext, and first ciphertext is sent to the communication processor;
The communication processor, it is further adapted for first ciphertext is decrypted using the public key;Work as success After completing the decryption to first ciphertext, the first encryption key is generated, and utilize the described first encryption Key and the public key carry out double layer encryption to first ciphertext after decryption, generate the second ciphertext,
And send to described plus unlocking tool, to cause described plus unlocking tool to lock the SIM card in data Static data replace with second ciphertext.
21. the protection system of SIM card lock data according to claim 18, it is characterised in that the SIM Clamping lock data include static data and dynamic data.
22. the protection system of SIM card lock data according to claim 21, it is characterised in that described to add Unlocking tool, it is further adapted for before the communication processor stores the SIM card lock data, using institute State private key the dynamic data is encrypted and signs to the static data, and send to institute State communication processor;
The communication processor, it is further adapted for verifying the signature and the dynamic data being decrypted, And the signature after checking and the dynamic data after decryption are encrypted and signed again, and store.
23. the protection system of SIM card lock data according to claim 22, it is characterised in that described to add Unlocking tool, suitable for the dynamic data being encrypted the 3rd ciphertext of generation, to the static data Signed, generate the first signature value, and by the 3rd ciphertext and carry the first signature value The static data send to the communication processor.
24. the protection system of SIM card lock data according to claim 23, it is characterised in that described logical Letter processor is further adapted for verifying the first signature value, and the 3rd ciphertext is decrypted;
When by the verification to the first signature value and after complete decryption to the 3rd ciphertext, generation the Two encryption keys, and the first signature value is encrypted using second encryption key, generate 4th ciphertext, and the dynamic data is signed using second encryption key, generation second Signature value, the static data, dynamic data after storage decryption, the second signature value and described 4th ciphertext.
25. the protection system of SIM card lock data according to claim 17, it is characterised in that described logical Believe processor, be further adapted for public key is transmitted and stored to the communication processor in described plus unlocking tool Before, it is determined that uniqueness with described plus unlocking tool data interaction.
26. the protection system of SIM card according to claim 15 lock data, it is characterised in that described the Data in one storage region can be changed.
27. the protection system of SIM card lock data according to claim 15, it is characterised in that the end End also includes application processor, suitable for by between the communication processor and described plus unlocking tool Data penetration transmission.
28. the protection system of SIM card lock data according to claim 15, it is characterised in that described logical Believe processor, be further adapted for the Identity Code for transmitting the terminal by ciphertext with described plus unlocking tool Data, and by the Identity Code data storage in first storage region.
CN201610280771.XA 2016-04-29 2016-04-29 Method and system for protecting SIM card locking data of terminal Active CN107343276B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610280771.XA CN107343276B (en) 2016-04-29 2016-04-29 Method and system for protecting SIM card locking data of terminal

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610280771.XA CN107343276B (en) 2016-04-29 2016-04-29 Method and system for protecting SIM card locking data of terminal

Publications (2)

Publication Number Publication Date
CN107343276A true CN107343276A (en) 2017-11-10
CN107343276B CN107343276B (en) 2020-01-07

Family

ID=60221952

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610280771.XA Active CN107343276B (en) 2016-04-29 2016-04-29 Method and system for protecting SIM card locking data of terminal

Country Status (1)

Country Link
CN (1) CN107343276B (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111431704A (en) * 2020-03-03 2020-07-17 百度在线网络技术(北京)有限公司 Method and device for generating and analyzing password
CN114598461A (en) * 2022-02-24 2022-06-07 广东天波信息技术股份有限公司 Online unlocking method of terminal equipment, terminal equipment and readable storage medium

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101018125A (en) * 2007-03-02 2007-08-15 中兴通讯股份有限公司 Radio terminal security network and card locking method based on the ellipse curve public key cipher
CN101860850A (en) * 2010-05-07 2010-10-13 中兴通讯股份有限公司 Method for realizing mobile terminal to lock network or card by utilizing driver
CN102752754A (en) * 2012-06-21 2012-10-24 华为终端有限公司 Method for security certificate of user identification card locking data and mobile terminal
US8752165B2 (en) * 2008-05-29 2014-06-10 Apple Inc. Provisioning secrets in an unsecured environment

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101018125A (en) * 2007-03-02 2007-08-15 中兴通讯股份有限公司 Radio terminal security network and card locking method based on the ellipse curve public key cipher
US8752165B2 (en) * 2008-05-29 2014-06-10 Apple Inc. Provisioning secrets in an unsecured environment
CN101860850A (en) * 2010-05-07 2010-10-13 中兴通讯股份有限公司 Method for realizing mobile terminal to lock network or card by utilizing driver
CN102752754A (en) * 2012-06-21 2012-10-24 华为终端有限公司 Method for security certificate of user identification card locking data and mobile terminal

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111431704A (en) * 2020-03-03 2020-07-17 百度在线网络技术(北京)有限公司 Method and device for generating and analyzing password
CN114598461A (en) * 2022-02-24 2022-06-07 广东天波信息技术股份有限公司 Online unlocking method of terminal equipment, terminal equipment and readable storage medium
CN114598461B (en) * 2022-02-24 2023-10-31 广东天波信息技术股份有限公司 Online unlocking method of terminal equipment, terminal equipment and readable storage medium

Also Published As

Publication number Publication date
CN107343276B (en) 2020-01-07

Similar Documents

Publication Publication Date Title
EP0043027B1 (en) Electronic signature verification method and system
RU2434352C2 (en) Reliable authentication method and device
CA2554300C (en) System and method for encrypted smart card pin entry
US7409552B2 (en) Method for securing communications between a terminal and an additional user equipment
US6073237A (en) Tamper resistant method and apparatus
CN112000975B (en) Key management system
US20120069991A1 (en) Method for authenticating access to a secured chip by test device
US20130072159A1 (en) Method for cryptographically verifiable identification of a physical unit in a public, wireless telecommunications network
WO1997023972A1 (en) Application level security system and method
CN106953732B (en) Key management system and method for chip card
CN109063523B (en) Radio frequency identification security authentication method and system
CN109035519B (en) Biological feature recognition device and method
CN107920052B (en) Encryption method and intelligent device
CN113114475B (en) PUF identity authentication system and protocol based on bit self-checking
CN112615824B (en) Anti-leakage one-time pad communication method and device
CN112311718A (en) Method, device and equipment for detecting hardware and storage medium
CN110176989B (en) Quantum communication service station identity authentication method and system based on asymmetric key pool
US20130166911A1 (en) Implementation process for the use of cryptographic data of a user stored in a data base
CN109495441A (en) Access authentication method, device, relevant device and computer readable storage medium
CN105873043B (en) Method and system for generating and applying network private key for mobile terminal
CN107343276A (en) A kind of guard method of the SIM card lock data of terminal and system
CN114297597B (en) Account management method, system, equipment and computer readable storage medium
CN103281188A (en) Method and system for backing up private key in electronic signature token
CN113239343B (en) Encryption method for internal authentication, smart card, internal authentication method and card reader
CN114297673A (en) Password verification method, solid state disk and upper computer

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
CB03 Change of inventor or designer information
CB03 Change of inventor or designer information

Inventor after: Zhou Lei

Inventor after: Liu Zhiyong

Inventor before: Zhou Lei

Inventor before: Liu Zhiyong