CN107343276A - A kind of guard method of the SIM card lock data of terminal and system - Google Patents
A kind of guard method of the SIM card lock data of terminal and system Download PDFInfo
- Publication number
- CN107343276A CN107343276A CN201610280771.XA CN201610280771A CN107343276A CN 107343276 A CN107343276 A CN 107343276A CN 201610280771 A CN201610280771 A CN 201610280771A CN 107343276 A CN107343276 A CN 107343276A
- Authority
- CN
- China
- Prior art keywords
- data
- sim card
- communication processor
- unlocking tool
- ciphertext
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/02—Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W88/00—Devices specially adapted for wireless communication networks, e.g. terminals, base stations or access point devices
- H04W88/02—Terminal devices
Abstract
A kind of guard method of the SIM card lock data of terminal and system, the terminal include communication processor, and methods described includes:By adding unlocking tool that the SIM card is locked into data transfer and storing to the first storage region of the communication processor.The security and versatility of SIM card lock data can be improved using such scheme.
Description
Technical field
The present invention relates to guard method and the system of the communications field, more particularly to a kind of SIM card lock data of terminal.
Background technology
Operator passes through Global Subscriber identification card (Universal Subscriber Identity Module, USIM)
Interior relevant information, to limit the country that can allow to use using the terminal of the USIM, register
Network, subnet, group's network etc. configure, and its principle realized is:Pass through the phase that will be stored in USIM
Close information to be compared with the relevant information stored in terminal, be to judge present terminal by comparison result
It is no equipment for customizing and whether to allow to be active in current network.SIM card lock (SIM Lock) is a kind of
For protecting the software locks of USIM relevant information, to ensure involved by this software locks of USIM Lock
Data message security, it is necessary to SIM Lock data are related to key message (such as white list,
Software lock status etc.) protect, to prevent being distorted by hacker by way of illegal software or brush machine.
At present, two methods protect the SIM Lock data:The first:It will be added with RSA private keys
For SIM Lock data storages after close in CP sides, RSA public keys are hard-coded in AP sides, each subsystem
Start, is passed to RSA public keys by boot loader (Universal Boot Loader, Uboot)
CP, the verification to SIM Lock data is completed by CP.Second:By with after RSA private key encryptions
SIM Lock data storages are in AP sides, in second of start process, by Uboot by SIM Lock numbers
According to transmission to CP sides, and by CP sides re-encrypted and make further storage.
But the SIM Lock data are protected with the aforedescribed process if adopted, SIM Lock can be caused
Information Security and the versatility of guard method are low.
The content of the invention
The present invention solves the problems, such as it is how to improve the security and versatility of SIM card lock data.
To solve the above problems, the embodiments of the invention provide the protection that a kind of SIM card of terminal locks data
Method, the terminal include communication processor, and methods described includes:By adding unlocking tool by the SIM
Clamping lock data transfer is simultaneously stored to the first storage region of the communication processor.
Alternatively, the SIM card is stored by hard coded mode or soft coded system and locks data.
Alternatively, before the SIM card is locked into data transfer to the communication processor, in addition to:
Public key is transmitted and stored to the communication processor by described plus unlocking tool;The communication processor
Described plus unlocking tool is authenticated and authenticated using the public key and is passed through.
Alternatively, the communication processor is authenticated using the public key to described plus unlocking tool, including:
The communication processor detects the public key, and whether the private key held with described plus unlocking tool matches;When
When determining that the public key matches with the private key that the source side of SIM card lock data is held, the communication
Processor determines to pass through the authentication to the unlocking tool.
Alternatively, the SIM card lock data include static data.
Alternatively, described plus unlocking tool to the communication processor send the SIM card lock data it
Before, in addition to:Described plus unlocking tool locks number by the private key with the public key match to the SIM card
Static data in is encrypted, and generates the first ciphertext, and first ciphertext is sent to described logical
Believe processor;First ciphertext is decrypted using the public key for the communication processor;Work as success
After completing the decryption to first ciphertext, the communication processor generates the first encryption key, and utilizes
First encryption key and the public key carry out double layer encryption, generation to first ciphertext after decryption
Second ciphertext, and send to described plus unlocking tool;The SIM card is locked data by described plus unlocking tool
In static data replace with second ciphertext.
Alternatively, the SIM card lock data include static data and dynamic data.
Alternatively, before the communication processor stores the SIM card lock data, in addition to:It is described
Unlocking tool is added to be encrypted to the dynamic data using the private key and signed to the static data
Name, and send to the communication processor;The communication processor is verified and to institute to the signature
State dynamic data to be decrypted, and the signature after checking and the dynamic data after decryption are encrypted again
And signature, and store.
Alternatively, described plus unlocking tool the dynamic data is encrypted using the private key and to institute
State static data to be signed, and send to the communication processor;Including:The encryption and decryption instrument pair
The 3rd ciphertext of generation is encrypted in the dynamic data, and the static data is signed, generation first
Signature value, and by the 3rd ciphertext and carry the first signature value the static data send to
The communication processor.
Alternatively, the communication processor is verified to the signature and the dynamic data is solved
It is close, and the signature after checking and the dynamic data after decryption are encrypted and signed again, and store,
Including:The communication processor is verified to the first signature value, and the 3rd ciphertext is carried out
Decryption;When by the verification to the first signature value and after complete decryption to the 3rd ciphertext, institute
State communication processor and generate the second encryption key, and signed using second encryption key to described first
Value is encrypted, and generates the 4th ciphertext, and the dynamic data is carried out using second encryption key
Signature, the second signature value is generated, store the static data after decryption, dynamic data, described second
Signature value and the 4th ciphertext.
Alternatively, public key is transmitted and stored to before the communication processor by described plus unlocking tool, also
Including:The communication processor determines the uniqueness with described plus unlocking tool data interaction.
Alternatively, the communication processor determines the uniqueness with described plus unlocking tool data interaction, bag
Include:Random number is transmitted and stored to the second storage of the communication processor by described plus unlocking tool
Region;Wherein:Data in second storage region can not be changed;The encryption and decryption instrument uses institute
State random number and the public key carries out computing, obtain the first operation values, and first operation values are carried out
Encryption obtains the first secret value, and first secret value and the public key are sent to the mailing address jointly
Manage device;The public key is encrypted to obtain the second secret value for the communication processor, and judges described
Whether one secret value and second secret value are identical;When first secret value and second secret value
When identical, the communication processor determines unique with described plus unlocking tool data interaction.
Alternatively, the data in first storage region can be changed.
Alternatively, the terminal also includes application processor, the communication processor and described plus unblock work
The data interaction of tool carries out transparent transmission by the application processor.
The embodiments of the invention provide a kind of protection system of SIM card lock data, the system includes:Add
Unlocking tool and terminal coupled with it, wherein:The terminal, including:Communication processor is described logical
Believe that processor is suitable to the SIM card lock data for receiving the transmission of described plus unlocking tool, and the SIM card is locked
Data storage is to the first storage region;Described plus unlocking tool, suitable for the SIM card is locked into data transfer
To the communication processor of the terminal.
Alternatively, the communication processor is suitable to store the SIM by hard coded mode or soft coded system
Clamping lock data.
Alternatively, the SIM card is being locked data transfer to the communication processor by described plus unlocking tool
Before, it is further adapted for transmitting public key and storing to the communication processor;
The communication processor is further adapted for described plus unlocking tool is authenticated and authenticated using the public key passing through.
Alternatively, the communication processor is adapted to detect for whether the public key is held with described plus unlocking tool
Some private key matchings, when it is determined that the private key that the source side of the public key and SIM card lock data is held
During matching, it is determined that passing through the authentication to the unlocking tool.
Alternatively, the SIM card lock data include static data.
Alternatively, described plus unlocking tool, it is further adapted for sending the SIM card to the communication processor
Before locking data, the static data in data is locked to the SIM card by the private key with the public key match
It is encrypted, generates the first ciphertext, and first ciphertext is sent to the communication processor;It is described
Communication processor, it is further adapted for first ciphertext is decrypted using the public key;When successfully completing pair
After the decryption of first ciphertext, the first encryption key is generated, and utilize first encryption key and institute
State public key and double layer encryption is carried out to first ciphertext after decryption, generate the second ciphertext, and send to institute
State and add unlocking tool, to cause the SIM card is locked the static data in data by described plus unlocking tool to replace
It is changed to second ciphertext.
Alternatively, the SIM card lock data include static data and dynamic data.
Alternatively, described plus unlocking tool, it is further adapted for storing the SIM card lock in the communication processor
Before data, the dynamic data is encrypted using the private key and the static data is signed
Name, and send to the communication processor;The communication processor, it is further adapted for testing the signature
Demonstrate,prove and the dynamic data is decrypted, and to the signature after checking and the dynamic data after decryption again
It is encrypted and signs, and stores.
Alternatively, described plus unlocking tool, suitable for the dynamic data being encrypted the 3rd ciphertext of generation,
The static data is signed, generates the first signature value, and by the 3rd ciphertext and carry
The static data for stating the first signature value is sent to the communication processor.
Alternatively, the communication processor is further adapted for verifying the first signature value, and to described
3rd ciphertext is decrypted;When by the verification to the first signature value and complete to the 3rd ciphertext
Decryption after, generate the second encryption key, and using second encryption key to the first signature value
It is encrypted, generates the 4th ciphertext, and the dynamic data is signed using second encryption key
Name, the second signature value is generated, the static data, dynamic data, second label after storage decryption
Name value and the 4th ciphertext.
Alternatively, the communication processor, it is further adapted for public key is transmitted and stored in described plus unlocking tool
To before the communication processor, it is determined that with described plus unlocking tool data interaction uniqueness.
Alternatively, the data in first storage region can be changed.
Alternatively, the terminal also includes application processor, suitable for the communication processor is added with described
Data penetration transmission between unlocking tool.
Alternatively, the communication processor, be further adapted for transmitting by ciphertext with described plus unlocking tool described in
The Identity Code data of terminal, and by the Identity Code data storage in first storage region.
Compared with prior art, technical scheme has advantages below:
From outside unlocking tool can be added to obtain SIM card lock data by communication processor, can disobeyed
Rely application processor, and because data storage is in communication processor, so that this method can fit
For products such as function machine and data cards, therefore the logical of the SIM Lock clamping lock data guard methods can be improved
The property used.Also, the source code data of communication processor are not open content, that is to say, that communication processor
In data be not easy to distort, therefore store data in communication processor, data protection can also be improved
Security.
Further, receive before the SIM card lock data of unlocking tool are added, pass through in communication processor
The communication processor is using public key pair plus unlocking tool authentication and by avoiding other unspecific plus solution
Lock tool is modified the backward communication processor to SIM card lock data and transmitted, so as to enter
Improve to one step the security of data.
Further, by communication processor before the data are received, with adding unlocking tool to interact,
SIM card lock data inactivity data in described plus unlocking tool, which are replaced with described plus unlocking tool, to be known
Other ciphertext, it can avoid modifying to the static data in described plus unblock, so as to further
Improve the security of data in ground.
Further, add unlocking tool that public key is transmitted and stored to before the communication processor, pass through institute
Communication processor determination and described plus unlocking tool data interaction uniqueness are stated, can be avoided to the public affairs
The random setting of key, so as to further improve the security of data.
Brief description of the drawings
Fig. 1 is a kind of flow signal of the guard method of SIM card lock data in invention embodiment
Figure;
Fig. 2 is a kind of structural representation of the protection system of SIM card lock data in the embodiment of the present invention;
Fig. 3 is a kind of in the embodiment of the present invention plus data interaction between unlocking tool and communication processor letter
Order figure;
Fig. 4 is a kind of schematic flow sheet of the verification of terminal-pair SIM card lock data in the embodiment of the present invention.
Embodiment
Operator passes through Global Subscriber identification card (Universal Subscriber Identity Module, USIM)
Interior relevant information, to limit the country that can allow to use using the terminal of the USIM, register
Network, subnet, group's network etc. configure, and its principle realized is:Pass through the phase that will be stored in USIM
Close information to be compared with the relevant information stored in terminal, be to judge present terminal by comparison result
It is no equipment for customizing and whether to allow to be active in current network.
SIM card lock (SIM Lock) is a kind of software locks for being used for protecting USIM relevant information, is
The security of the data message involved by this software locks of USIM Lock is ensured, it is necessary to by SIM Lock
The key message (such as white list, software lock status) that data are related to protects, to prevent by hacker
Distorted by way of illegal software or brush machine.
At present, two methods protect the SIM Lock data:The first:It will be added with RSA private keys
For SIM Lock data storages after close in CP sides, RSA public keys are hard-coded in AP sides, each subsystem
Start, CP is passed to by open source code (Universal Boot Loader, Uboot) by RSA public keys,
Verification to SIM Lock data is completed by CP.Second:By with the SIM Lock after RSA private key encryptions
Data storage is in AP sides, in second of start process, by Uboot by SIM Lock data send to
CP sides, and by CP sides re-encrypted and make further storage.
But the SIM Lock data are protected with the aforedescribed process if adopted, SIM Lock can be caused
Information Security and the versatility of guard method are low.
To solve the above problems, the embodiments of the invention provide terminal SIM card lock data guard method,
By communication processor can from outside plus unlocking tool obtain SIM card lock data, can independent of should
With processor, and because data storage is in communication processor, so that this method goes for
The product such as function machine and data card, therefore the versatility of the SIM Lock clamping lock data guard methods can be improved,
And the source code data of communication processor are not open content, that is to say, that the data in communication processor
It is not easy to distort, therefore stores data in communication processor, the security of data protection can also be improved.
It is understandable to enable the above objects, features and advantages of the present invention to become apparent, below in conjunction with the accompanying drawings
The specific embodiment of the present invention is described in detail.
A kind of guard method of the SIM card lock data of terminal in the embodiment of the present invention is the following provided, such as
Shown in Fig. 1, the terminal includes communication processor, and methods described is carried out step by step below in conjunction with Fig. 1
It is discussed in detail:
S11:Unlocking tool is added to send SIM card lock data to communication processor.
Carried out in order to avoid the data interaction of arbitrary plus unlocking tool and terminal or to SIM card lock data
Distort, to improve the security of data, in specific implementation, the SIM card is being locked into data transfer extremely
Before the communication processor, public key can be transmitted and stored to described logical by described plus unlocking tool
Believe processor, and then the communication processor is authenticated and authenticated to described plus unlocking tool using the public key
Pass through.
Due to adding unlocking tool obtaining the public key simultaneously, the private key with the public key match can be got,
Therefore in specific implementation, the communication processor can detect the public key whether with described plus unlocking tool
The private key matching held, if it is determined that the public key and the source side of SIM card lock data are held
Private key matching when, it may be determined that pass through the authentication to the unlocking tool.It is it should be noted that described
Private key can be stored in described plus unlocking tool or softdog, also or client server, to strengthen private key
Security, but no matter private key is stored in where, and described plus unlocking tool can obtain the private key.
The position of the private key storage, does not form any restrictions to protection scope of the present invention.
In order to determine the uniqueness with described plus unlocking tool data interaction, in an embodiment of the present invention,
Unlocking tool is added to transmit public key and store to before the communication processor when described, can be by described
Add unlocking tool that random number is transmitted and encrypted to store to the second storage region of the communication processor;Its
In:Data in second storage region can not be changed.
The encryption and decryption instrument carries out computing using the random number and the public key, obtains the first operation values,
And first operation values are encrypted to obtain the first secret value, by first secret value and the public affairs
Key is sent to the communication processor jointly;The public key is encrypted to obtain for the communication processor
Two secret values, and judge whether first secret value and second secret value are identical;When described first
When secret value is identical with second secret value, the communication processor determines and described plus unlocking tool number
According to interactive uniqueness.
It should be noted that the communication processor has various ways to obtain the SIM at unlocking tool from adding
Clamping lock data, for example the SIM card lock data can be directly obtained at described plus unlocking tool, so
One, because the acquisition of data and the storage of data are independently completed at the communication processor,
Therefore the dependence to other parts in terminal can be avoided, so as to improve the general of data guard method
The security of property and data.
Also for example, the SIM card lock can also be obtained by the application processor that the terminal includes
Data, and during the SIM card lock data are obtained, the application processor is one saturating
The effect of biography, any processing is not done to the data obtained at described plus unlocking tool.So,
The security of data can be improved.
The SIM card lock data include static data, and the static data is extremely important, in order to avoid people
Changed for destruction or Malware, therefore in the bright embodiment of we, described plus unlocking tool leads to described
, can also be by being handed over the communication processor before believing that processor sends the SIM card lock data
Mutually, to cause the static data to be changed by described plus unlocking tool.
Specifically, add unlocking tool by the private key with the public key match to the SIM by described first
Static data in clamping lock data is encrypted, generate the first ciphertext, and by first ciphertext send to
The communication processor, then the communication processor first ciphertext is solved using the public key
It is close, and then after the decryption to first ciphertext is successfully completed, the communication processor can generate
One encryption key, and using first encryption key and the public key to first ciphertext after decryption
Double layer encryption is carried out, generates the second ciphertext, and is sent to described plus unlocking tool, then described plus unblock
The SIM card is locked the static data in data and replaces with second ciphertext by instrument.So, by
It can not know first encryption key in described plus unlocking tool, and can not also know the static number
According to encryption method, therefore the security of static data can be improved.
S12:The SIM card is locked data storage to the first storage region by communication processor.
In specific implementation, communication processor can have various ways that the SIM card received is locked into number
According to being stored in first storage region.For example the SIM card lock can be stored by hard coded mode
Data, the data can also be stored by soft coded system.
In order to improve the customizability of the SIM card lock data, that is, can be in SIM card lock
Data reasonably changed, in an embodiment of the present invention, the data in first storage region
It can be changed, that is to say, that first storage region, which can be one, repeatedly to be changed data
Region.
Because SIM card lock data include static data and dynamic data, in order to consider data
The efficiency of security and data transfer, in specific implementation, the SIM is stored in the communication processor
Before clamping lock data, described plus unlocking tool can also be added using the private key to the dynamic data
It is close and the static data is signed, and send to the communication processor, and then the mailing address
Reason device verified to the signature and the dynamic data is decrypted, and to the signature after checking and
Dynamic data after decryption is encrypted and signed again, and stores.
In an embodiment of the present invention, life can be encrypted to the dynamic data in the encryption and decryption instrument
Into the 3rd ciphertext, the static data is signed, generates the first signature value, and it is close by the described 3rd
The static data that is literary and carrying the first signature value is sent to the communication processor, to realize
Encryption to the dynamic data and the signature to static data progress.
In an alternative embodiment of the invention, the communication processor is verified and to described to the signature
Dynamic data is decrypted, and the signature after checking and the dynamic data after decryption are encrypted again and
Signature, and store.
Detailed process can be followed successively by:The communication processor verifies to the first signature value first,
And the 3rd ciphertext is decrypted, and if then pass through the verification to the first signature value and complete pair
After the decryption of 3rd ciphertext, the second encryption key can be generated, and utilize second encryption key
The first signature value is encrypted, generates the 4th ciphertext, and using second encryption key to institute
State dynamic data to be signed, generate the second signature value, the static data, dynamic after storage decryption
Data, the second signature value and the 4th ciphertext.
To cause those skilled in the art to more fully understand and realizing the present invention, the following provide of the invention real
A kind of protection system of SIM card lock data in example is applied, as shown in Fig. 2 the system can include:
Add unlocking tool 1 and terminal 2 coupled with it, wherein:
The terminal 2, including:Communication processor 21, the communication processor 21 are suitable to receive described add
The SIM card lock data that unlocking tool 1 transmits, and the SIM card is locked into data storage to the first memory block
Domain;
Described plus unlocking tool 1, suitable for the SIM card is locked into communication of the data transfer to the terminal 2
Processor 21.
In specific implementation, the communication processor 21 is suitable to deposit by hard coded mode or soft coded system
Store up the SIM card lock data.
In specific implementation, described plus unlocking tool 1 is leading to SIM card lock data transfer to described
Before believing processor 21, it is further adapted for transmitting public key and storing to the communication processor 21;The communication
Processor 21 is further adapted for described plus unlocking tool 1 is authenticated and authenticated using the public key passing through.
In specific implementation, the communication processor 21 be adapted to detect for the public key whether with it is described plus unblock
The private key matching that instrument 1 is held, when it is determined that the public key and the institute of source side of SIM card lock data
During the private key matching held, it is determined that passing through the authentication to the unlocking tool.
In specific implementation, the SIM card lock data include static data.
In specific implementation, before the SIM card lock data are sent to the communication processor 21, institute
State plus unlocking tool 1 is further adapted for locking in data the SIM card by the private key with the public key match
Static data is encrypted, and generates the first ciphertext, and first ciphertext is sent to the communication process
Device 21;
The communication processor 21 is further adapted for first ciphertext is decrypted using the public key;Treat as
After work(completes the decryption to first ciphertext, the first encryption key is generated, and utilize the described first encryption
Key and the public key carry out double layer encryption to first ciphertext after decryption, generate the second ciphertext, and
Send to described plus unlocking tool 1, to cause described plus unlocking tool 1 to lock the SIM card in data
Static data replace with second ciphertext.
In specific implementation, the SIM card lock data include static data and dynamic data.
It is described before the communication processor 21 stores the SIM card lock data in specific implementation
Unlocking tool 1 is added to be further adapted for the dynamic data being encrypted and to the static number using the private key
According to being signed, and send to the communication processor 21;The communication processor 21 is further adapted for described
Sign and verified and the dynamic data is decrypted, and to dynamic after the signature after checking and decryption
State data are encrypted and signed again, and store.
In specific implementation, described plus unlocking tool 1 is suitable to the dynamic data is encrypted generation the
Three ciphertexts, the static data is signed, generates the first signature value, and by the 3rd ciphertext and
The static data for carrying the first signature value is sent to the communication processor 21.
In specific implementation, the communication processor 21 is further adapted for verifying the first signature value,
And the 3rd ciphertext is decrypted;When by the verification to the first signature value and complete to described
After the decryption of 3rd ciphertext, the second encryption key is generated, and using second encryption key to described the
One signature value is encrypted, and generates the 4th ciphertext, and using second encryption key to the dynamic number
According to being signed, the second signature value, the static data, dynamic data after storage decryption, institute are generated
State the second signature value and the 4th ciphertext.
In specific implementation, public key is transmitted and stored to the communication process in described plus unlocking tool 1
Before device 21, the communication processor 21 is further adapted for determining and the described plus data interaction of unlocking tool 1
Uniqueness.
In specific implementation, the communication processor 21 is further adapted for receiving from described plus unlocking tool 1
Random number, and store to the second storage region of the communication processor 21;Wherein:Second storage
Data in region can not be changed.
The encryption and decryption instrument is further adapted for carrying out computing using the random number and the public key, obtains first
Operation values, and first operation values are encrypted to obtain the first secret value, by first secret value
And the public key is sent to the communication processor 21 jointly;The communication processor 21 is further adapted for described
Public key is encrypted to obtain the second secret value, and judges that first secret value is with second secret value
It is no identical;When first secret value is identical with second secret value, the communication processor 21 is true
Fixed and described plus the data interaction of unlocking tool 1 uniqueness.
In specific implementation, the data in first storage region can be changed.
In specific implementation, the terminal 2 also includes application processor 22, the communication processor 21 with
Described plus unlocking tool 1 data interaction carries out transparent transmission by the application processor 22.
To cause those skilled in the art to more fully understand and realizing the present invention, it is provided below of the invention real
The signaling diagram of the data interaction a kind of plus between unlocking tool and communication processor in example is applied, as shown in figure 3,
Below with reference to Fig. 3, the guard method for locking data to the SIM card in the embodiment of the present invention step by step is carried out
It is discussed in detail:
S301:Random number N 1 is sent to communication processor 32.
It should be noted that present document relates to instrument can be plus unlocking tool 31, and in view of not
With product form for the versatility requirement of method, described plus unlocking tool 31 can be in school in terminal
The write-in of data is carried out under quasi-mode and under normal mode, so that the solution of the present invention can be complete
Completed by the side of communication processor 32 in portion.
In specific implementation, described plus unlocking tool 31 can generate a pair of RSA (Ron by softdog
Rivest, Adi Shamir, LeoN1ard Adleman) key, respectively public key (Public Key, PK)
And private key (Secret Key, SK), the client that wherein SK is customized by SIM Lock preserve, PK can be with
Transmit to communication processor 32 and store.
Because the PK is extremely important, in order to prevent PK random setting, ensure the uniqueness of the operation,
Described plus unlocking tool 31 before PK transmissions, can firstly generate 128bit (or 256bit) with
Machine number N1, and then the random number N 1 can be sent to communication processor 32.
It is understood that the byte number shared by the random number N 1, is not limited the invention,
Those skilled in the art can also generate the random number N 1 of other byte numbers.
S302:The random number N 1 is stored in the hardware circuit of reprogrammable by communication processor 32.
In specific implementation, the random number N 1 can be stored in reprogrammable by communication processor 32
In hardware circuit.
In an embodiment of the present invention, the hardware circuit of the reprogrammable can be electrically programmable fuse
(eFUSE).Data in the eFUSE can not be modified, by communication processor 32 will it is described with
Machine number N1 is stored in eFUSE, can improve the security of data interaction.
If it is understood that the communication processor 32 is successfully received the random number N 1, meeting
Sent to described plus unlocking tool 31 and confirm receive information, this process is repeated no more at this.
S303:(PK, M1) is sent to communication processor 32.
In specific implementation, described plus unlocking tool 31, can be right after random number N 1 is successfully transmitted
The public key and random number N 1 perform the computing for asking hash and summation, obtain (HASH (PK)+N1),
And then by the mode of Advanced Encryption Standard (Advanced Encryption Standard, AES) to described
(HASH (PK)+N1) is encrypted, and (key of the AES encryption can be by by generation data M1
Communication processor 32 is with adding unlocking tool 31 to consult to arrange).Then described plus unlocking tool 31 can incite somebody to action
(PK, M1) is sent to communication processor 32.
S304:M2 is generated, verifies M1, if after verification passes through, generating encryption data SPK, and preserve
PK and SPK.
In specific implementation, communication processor 32 can store according to the AES key appointed and before
Random number N 1, to be encrypted again to the PK received, and encryption data M2 is generated, then compared
M1 and M2, if M1 is identical with M2, illustrate that PK is sent successfully, that is, ensure that communication process
Device 32 and the uniqueness for adding the data interaction of unlocking tool 31.
And communication processor 32 is properly received after PK, the equipment mark of communication processor 32 can be passed through
Know code (User Identification, UID), generate new AES passwords (Key), in this operation,
Because the UID of each chips, that is, each communication processor 32 is theoretically what is differed, therefore just
AES Key uniqueness is may insure, so as to also bring certain guarantee to PK security, then
PK is encrypted by aes algorithm, encryption data SPK is generated, (PK, SPK) can be deposited
Storage is got up.
In an embodiment of the present invention, (PK, SPK) N1V blocks region can be stored in by described in.
Certainly, according to being actually needed, those skilled in the art can also store it in its of communication processor 32
Its region.
S305:Send authentication request.
In order to improve the security of data, in specific implementation, the communication processor 32 can be to described
Unlocking tool 31 is added to be authenticated, therefore described plus unlocking tool 31 can send to communication processor 32 and reflect
Power request.If described plus authentication of the unlocking tool 31 by communication processor 32, can enter line number
According to read-write operation;If described plus unlocking tool 31, can not by the authentication of communication processor 32
Continue the data interaction between described plus unlocking tool 31, or do not receive from described plus unlocking tool
31 data.
S306:Random number N 2 is generated, is encrypted using PK, generation ciphertext M1.
In specific implementation, when communication processor 32 receive this from add unlocking tool 31 authentication please
After asking, random number N 2 can be generated, then N2 is encrypted using the PK of storage, generation is close
Literary M1.
S307:Ciphertext M1 is returned into instrument.
S308:M1 is decrypted by SK, obtains random number N 2, and N2 is encrypted with SK, it is raw
Into ciphertext M2.
In specific implementation, unlocking tool 31 is added to pass through encryption after ciphertext M1 is had successfully received
The SK matched with PK that dog is generated before getting, then ciphertext M1 is decrypted using SK,
And the data N2 obtained after decryption is reused into SK encryptions, generation ciphertext M2.
S309:M2 is sent to communication processor 32.
S310:Decryption obtains N3, contrasts N2 and N3, confirms authenticating result.
In specific implementation, communication processor 32 can pass through the PK of storage after ciphertext M2 is received
M2 is decrypted, reduction draws random number N 3, then to N3 compared with N2, according to comparing
Results verification whether by pair plus unlocking tool 31 authentication.If N3 is identical with N2, can pass through
To described plus unlocking tool 31 authentication, otherwise, do not pass through the authentication to described plus unlocking tool 31.
It should be noted that no matter whether the communication processor 32 is by described plus unlocking tool 31
Authentication, be notified that the described plus authenticating result of unlocking tool 31, the flow of notice do not done herein any
Limit, therefore will not be repeated here.
It is understood that after described plus unlocking tool 31 has passed through the authentication of communication processor 32,
S311 can be continued executing with;Conversely, the two does not continue to interact.
S311:Send ciphertext M3.
It should be noted that SIMLOCK data include two parts:Static data and dynamic data.Wherein
Static data refers to the encryption data of such as PIN/PUK (please supplement), the signature of static segment of data,
After terminal is dispatched from the factory, it will not theoretically change again, unless artificial destruction or Malware modification, and
Static part data are to be set by device software exploitation or manufacturer by being stored in terminal after private key signature
In standby, once data change, can directly result in start data check can not be by, and then can not normally make
With the communication function of terminal, therefore static data can also be referred to as customization data.
Meanwhile dynamic data refers to during the use of mobile phone, it is necessary to the data content of dynamic change,
The successively decreasing and recover of number, the change of SIMLock mode bit are such as unlocked, this partial data can claim again
For user data.
In specific implementation, as the important component of SIMLock static datas, PIN/PUK number
According to the most critical content for being also the whole data segments of SIM Lock, in order to prevent that the partial data from being write with a brush dipped in Chinese ink again,
And cracking for SIM Lock data is ultimately resulted in, the processing to this partial data before configuration, can be with
The partial data is encrypted and then given by communication processor 32 instrument processing.
In an embodiment of the present invention, add unlocking tool 31 can be by the PIN/PUK in SIM Lock data
Data are encrypted by RSA SK, generate ciphertext M3, and then send to communication processor 32.
S312:Re-encrypted after being decrypted to M3, generate M4.
In specific implementation, communication processor 32 is correctly received after ciphertext M3, can pass through RSA
Ciphertext M3 is decrypted PK, and after successful decryption, communication processor 32 can be generated by UID
AES Key, AES and RSA PK double layer encryption is carried out to the PIN/PUK after decryption, generate ciphertext
M4。
S313:M4 is returned into instrument.
S314:M4 is replaced into the static data in SIM Lock data.
In specific implementation, add unlocking tool 31 after ciphertext M4 is received, ciphertext M4 can be put
The correspondence position of static data in SIM Lock data.So, due to adding unblock data can not
Know the AES passwords, and cipher mode of the communication processor 32 to static data can not be known, then
Any distort can not be carried out to static data.
S315:Static data is signed, obtains S1;Dynamic data is encrypted, generates M5.
In order to preferably protect SIM Lock static data, prevent from being maliciously tampered, in specific implementation,
Can be before the write-in of SIM Lock data be carried out, using RSA SK for SIM Lock static datas
Signed.
So, the signature can be verified before communication processor 32 every time start, once it is quiet
State data are destroyed, and can directly result in signature check failure, then can not normal use terminal communication work(
Energy.And because SIM Lock monoblocks data area is larger, if realizing ciphertext transmission, it is necessary to be divided
Section encrypted transmission, in order to avoid the complexity that scheme caused by data splitting and reorganizing possibility is realized, specific
In implementation, signature and ciphertext mixing sending method can be used to transmit the SIM Lock data.
In an embodiment of the present invention, unlocking tool 31 is added after PIN/PUK is configured by ciphertext, can be with
SIMLock static datas are signed using RSA SK, generation signature S1, are then placed in S1
In SIMLock data, wait to be sent.Because dynamic data area is smaller in SIM Lock, therefore add unblock work
Directly the partial data can be encrypted using RSA SK for tool 31, generation ciphertext M5.
S316:(SIMLock static datas, S1, M5) is sent to communication processor 32.
S317:M5 is decrypted and S1 is verified, if after successful decryption and verification, to S1
Re-encrypt, generate M6;Dynamic data is signed, generates S2.
In specific implementation, communication processor 32 is correctly received after data, can use RSA PK
SIMLock dynamic datas M5 is decrypted, and S1 is verified.If communication processor
32 pairs of M5 successful decryptions and to S1 unsuccessful verifications after, can by UID generate AES Key, enter
And SIMLock dynamic datas are signed, signature value S2 is generated, and carry out AES to S1 to re-encrypt,
Generate M6.
Last communication processor 32 can by the SIMLock static datas after successful decryption, M6,
NV correspondence positions are arrived in SIMLOCK dynamic datas and S2 renewals.Because the data on NV can be changed,
, can be according to from S301-S317's if subsequent user needs to modify to the data in SIM Lock
Flow again writes the data in NV, so as to improve the customizability of data.
In specific implementation, while SIM Lock data write, IMEI data are can also carry out
Write-in.The process includes:Firstly generate ciphertext M7:Add unlocking tool 31 by RSA SK to IMEI
Data are encrypted, and generate ciphertext M7, and M7 is transmitted directly into communication processor 32.
After communication processor 32 has successfully received M7, M7 is decrypted by RSA PK, and will
IMEI data after decryption pass through AES re-encrypteds, generation ciphertext M8;AES Key are equally used
UID is generated, and final communication processor 32, which can update M8, arrives NV correspondence positions.
If it is understood that when also including application processor in terminal, SIM Lock data it is whole
Storage operation can all be completed in the side of communication processor 32, and application processor is only responsible for SIM Lock numbers
According to transparent transmission.
It is also provided below to use this hair to cause those skilled in the art to more fully understand and realizing the present invention
After the guard method of SIM card lock data in bright embodiment, when starting the next time of communication processor, eventually
The involved safety verification step in end, as shown in Figure 4:
S41:RSA PK are obtained, and whether verify RSA PK effective.
In specific implementation, when communication processor is again started up, terminal can obtain RSA PK, and verify
RSA PK validity.
When it is determined that RSA PK are effective, S42 can be performed;Conversely, perform S43.
S42:To SIM Lock data checks.
In specific implementation, the terminal can obtain SIMLock related datas, and pass through AES&RSA
Algorithm, the key generated with reference to UID, to SIMLock data checks, whether to determine SIMLock
It is tampered.
If the SIM Lock data have been tampered with, S43 can be performed;Conversely, S44 can be performed.
S43:The access right of limiting terminal.
In specific implementation, in order to avoid performing the peace of destructive operation or the information of user to terminal
Entirely, can be with the access right of limiting terminal, for example simply allow using functions such as urgent calls.
S44:Continue to complete the starting procedure of protocol stack.
In specific implementation, if it is determined that PK and SIM Lock data are errorless, can be continued
The starting procedure of protocol stack is completed, to cause terminal can be with normal use.
By above-mentioned starting procedure safety verification flow, locked using the SIM card in the embodiment of the present invention
The guard method of data, when starting shooting every time, communication processor can lock data to SIM card and repeatedly be verified,
Once the data occur, and to be tampered or occur distorting etc. for public key abnormal, can be with the use of limiting terminal
Authority, therefore the guard method of the SIM card lock data in the embodiment of the present invention, can improve data protection
Security.
One of ordinary skill in the art will appreciate that all or part of step in the various methods of above-described embodiment
Suddenly it is that by program the hardware of correlation can be instructed to complete, the program can be stored in can with computer
Read in storage medium, storage medium can include:ROM, RAM, disk or CD etc..
Although present disclosure is as above, the present invention is not limited to this.Any those skilled in the art,
Without departing from the spirit and scope of the present invention, can make various changes or modifications, therefore the guarantor of the present invention
Shield scope should be defined by claim limited range.
Claims (28)
1. a kind of guard method of the SIM card lock data of terminal, the terminal include communication processor, its feature
It is, including:
By adding unlocking tool that the SIM card is locked into data transfer and storing to the first of the communication processor
Storage region.
2. the guard method of the SIM card lock data of terminal according to claim 1, it is characterised in that pass through
Hard coded mode or soft coded system store the SIM card lock data.
3. the guard method of the SIM card lock data of terminal according to claim 2, it is characterised in that
Before the SIM card is locked into data transfer to the communication processor, in addition to:
Public key is transmitted and stored to the communication processor by described plus unlocking tool;
The communication processor, which is authenticated and authenticated to described plus unlocking tool using the public key, to be passed through.
4. the guard method of the SIM card lock data of terminal according to claim 3, it is characterised in that institute
Communication processor is stated using the public key to described plus unlocking tool authentication, including:
The communication processor detects the public key, and whether the private key held with described plus unlocking tool matches;
It is described when it is determined that the public key matches with the private key that the source side of SIM card lock data is held
Communication processor determines to pass through the authentication to the unlocking tool.
5. the guard method of the SIM card lock data of terminal according to claim 3, it is characterised in that institute
Stating SIM card lock data includes static data.
6. the guard method of SIM card lock data according to claim 5, add unlocking tool to institute described
Before stating the communication processor transmission SIM card lock data, in addition to:
Described plus unlocking tool locks the static state in data by the private key with the public key match to the SIM card
Data are encrypted, and generate the first ciphertext, and first ciphertext is sent to the communication processor;
First ciphertext is decrypted using the public key for the communication processor;
After the decryption to first ciphertext is successfully completed, the communication processor generates the first encryption key,
And double-deck add is carried out to first ciphertext after decryption using first encryption key and the public key
It is close, the second ciphertext is generated, and send to described plus unlocking tool;
The SIM card is locked the static data in data and replaces with second ciphertext by described plus unlocking tool.
7. the guard method of the SIM card lock data of terminal according to claim 4, it is characterised in that institute
Stating SIM card lock data includes static data and dynamic data.
8. the guard method of the SIM card lock data of terminal according to claim 7, it is characterised in that
Before the communication processor stores the SIM card lock data, in addition to:
Described plus unlocking tool the dynamic data is encrypted using the private key and to the static data
Signed, and sent to the communication processor;
The communication processor is verified to described sign and the dynamic data is decrypted, and to testing
The dynamic data after signature and decryption after card is encrypted and signed again, and stores.
9. the guard method of the SIM card lock data of terminal according to claim 8, it is characterised in that institute
State plus unlocking tool is encrypted to the dynamic data using the private key and the static data is entered
Row signature, and send to the communication processor;Including:
The encryption and decryption instrument dynamic data is encrypted the 3rd ciphertext of generation, to the static data
Signed, generate the first signature value, and by the 3rd ciphertext and carry the first signature value
The static data send to the communication processor.
10. the guard method of the SIM card lock data of terminal according to claim 9, it is characterised in that institute
Communication processor is stated to verify the signature and the dynamic data is decrypted, and to checking
Dynamic data after rear signature and decryption is encrypted and signed again, and stores, including:
The communication processor is verified to the first signature value, and the 3rd ciphertext is decrypted;
It is described logical when by the verification to the first signature value and after complete decryption to the 3rd ciphertext
Believe that processor generates the second encryption key, and using second encryption key to the first signature value
It is encrypted, generates the 4th ciphertext, and the dynamic data is carried out using second encryption key
Signature, the second signature value is generated, the static data, dynamic data after storage decryption, described the
Two signature values and the 4th ciphertext.
11. the guard method of the SIM card lock data of terminal according to claim 3, it is characterised in that institute
State plus public key is transmitted and stored to before the communication processor by unlocking tool, in addition to:It is described logical
Believe that processor determines the uniqueness with described plus unlocking tool data interaction.
12. the guard method of the SIM card lock data of terminal according to claim 11, it is characterised in that
The communication processor determines the uniqueness with described plus unlocking tool data interaction, including:
Random number is transmitted and stored to the second memory block of the communication processor by described plus unlocking tool
Domain;Wherein:Data in second storage region can not be changed;
The encryption and decryption instrument carries out computing using the random number and the public key, obtains the first operation values,
And first operation values are encrypted to obtain the first secret value, by first secret value and described
Public key is sent to the communication processor jointly;
The public key is encrypted to obtain the second secret value for the communication processor, and judges that described first adds
Whether close value is identical with second secret value;When first secret value and the second secret value phase
Meanwhile the communication processor determines to add unlocking tool data interaction unique with described.
13. the guard method of the SIM card lock data of terminal according to claim 1, it is characterised in that institute
Stating the data in the first storage region can change.
14. the guard method of the SIM card lock data of terminal according to claim 1, it is characterised in that institute
Stating terminal also includes application processor, the communication processor and described plus unlocking tool data interaction
Transparent transmission is carried out by the application processor.
A kind of 15. protection system of SIM card lock data, it is characterised in that including:Add unlocking tool and with its coupling
The terminal connect, wherein:
The terminal, including:Communication processor, the communication processor are suitable to receive described plus unlocking tool
The SIM card lock data of transmission, and the SIM card is locked into data storage to the first storage region;
Described plus unlocking tool, suitable for the SIM card is locked into data transfer to the communication processor of the terminal.
16. the protection system of SIM card lock data according to claim 15, it is characterised in that described logical
Believe that processor is suitable to store the SIM card lock data by hard coded mode or soft coded system.
17. the protection system of SIM card lock data according to claim 16, it is characterised in that described to add
Unlocking tool is further adapted for public affairs before the SIM card is locked into data transfer to the communication processor
Key is transmitted and stored to the communication processor;
The communication processor is further adapted for described plus unlocking tool is authenticated and authenticated using the public key passing through.
18. the protection system of SIM card lock data according to claim 17, it is characterised in that described logical
Letter processor is adapted to detect for the public key, and whether the private key held with described plus unlocking tool matches, when
When determining that the public key matches with the private key that the source side of SIM card lock data is held, it is determined that logical
Cross the authentication to the unlocking tool.
19. the protection system of SIM card lock data according to claim 17, it is characterised in that the SIM
Clamping lock data include static data.
20. the protection system of SIM card lock data according to claim 19, it is characterised in that described to add
Unlocking tool, it is further adapted for before the SIM card lock data are sent to the communication processor, passes through
The static data in data is locked to the SIM card to be encrypted, generate with the private key of the public key match
First ciphertext, and first ciphertext is sent to the communication processor;
The communication processor, it is further adapted for first ciphertext is decrypted using the public key;Work as success
After completing the decryption to first ciphertext, the first encryption key is generated, and utilize the described first encryption
Key and the public key carry out double layer encryption to first ciphertext after decryption, generate the second ciphertext,
And send to described plus unlocking tool, to cause described plus unlocking tool to lock the SIM card in data
Static data replace with second ciphertext.
21. the protection system of SIM card lock data according to claim 18, it is characterised in that the SIM
Clamping lock data include static data and dynamic data.
22. the protection system of SIM card lock data according to claim 21, it is characterised in that described to add
Unlocking tool, it is further adapted for before the communication processor stores the SIM card lock data, using institute
State private key the dynamic data is encrypted and signs to the static data, and send to institute
State communication processor;
The communication processor, it is further adapted for verifying the signature and the dynamic data being decrypted,
And the signature after checking and the dynamic data after decryption are encrypted and signed again, and store.
23. the protection system of SIM card lock data according to claim 22, it is characterised in that described to add
Unlocking tool, suitable for the dynamic data being encrypted the 3rd ciphertext of generation, to the static data
Signed, generate the first signature value, and by the 3rd ciphertext and carry the first signature value
The static data send to the communication processor.
24. the protection system of SIM card lock data according to claim 23, it is characterised in that described logical
Letter processor is further adapted for verifying the first signature value, and the 3rd ciphertext is decrypted;
When by the verification to the first signature value and after complete decryption to the 3rd ciphertext, generation the
Two encryption keys, and the first signature value is encrypted using second encryption key, generate
4th ciphertext, and the dynamic data is signed using second encryption key, generation second
Signature value, the static data, dynamic data after storage decryption, the second signature value and described
4th ciphertext.
25. the protection system of SIM card lock data according to claim 17, it is characterised in that described logical
Believe processor, be further adapted for public key is transmitted and stored to the communication processor in described plus unlocking tool
Before, it is determined that uniqueness with described plus unlocking tool data interaction.
26. the protection system of SIM card according to claim 15 lock data, it is characterised in that described the
Data in one storage region can be changed.
27. the protection system of SIM card lock data according to claim 15, it is characterised in that the end
End also includes application processor, suitable for by between the communication processor and described plus unlocking tool
Data penetration transmission.
28. the protection system of SIM card lock data according to claim 15, it is characterised in that described logical
Believe processor, be further adapted for the Identity Code for transmitting the terminal by ciphertext with described plus unlocking tool
Data, and by the Identity Code data storage in first storage region.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610280771.XA CN107343276B (en) | 2016-04-29 | 2016-04-29 | Method and system for protecting SIM card locking data of terminal |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610280771.XA CN107343276B (en) | 2016-04-29 | 2016-04-29 | Method and system for protecting SIM card locking data of terminal |
Publications (2)
Publication Number | Publication Date |
---|---|
CN107343276A true CN107343276A (en) | 2017-11-10 |
CN107343276B CN107343276B (en) | 2020-01-07 |
Family
ID=60221952
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201610280771.XA Active CN107343276B (en) | 2016-04-29 | 2016-04-29 | Method and system for protecting SIM card locking data of terminal |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN107343276B (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111431704A (en) * | 2020-03-03 | 2020-07-17 | 百度在线网络技术(北京)有限公司 | Method and device for generating and analyzing password |
CN114598461A (en) * | 2022-02-24 | 2022-06-07 | 广东天波信息技术股份有限公司 | Online unlocking method of terminal equipment, terminal equipment and readable storage medium |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101018125A (en) * | 2007-03-02 | 2007-08-15 | 中兴通讯股份有限公司 | Radio terminal security network and card locking method based on the ellipse curve public key cipher |
CN101860850A (en) * | 2010-05-07 | 2010-10-13 | 中兴通讯股份有限公司 | Method for realizing mobile terminal to lock network or card by utilizing driver |
CN102752754A (en) * | 2012-06-21 | 2012-10-24 | 华为终端有限公司 | Method for security certificate of user identification card locking data and mobile terminal |
US8752165B2 (en) * | 2008-05-29 | 2014-06-10 | Apple Inc. | Provisioning secrets in an unsecured environment |
-
2016
- 2016-04-29 CN CN201610280771.XA patent/CN107343276B/en active Active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101018125A (en) * | 2007-03-02 | 2007-08-15 | 中兴通讯股份有限公司 | Radio terminal security network and card locking method based on the ellipse curve public key cipher |
US8752165B2 (en) * | 2008-05-29 | 2014-06-10 | Apple Inc. | Provisioning secrets in an unsecured environment |
CN101860850A (en) * | 2010-05-07 | 2010-10-13 | 中兴通讯股份有限公司 | Method for realizing mobile terminal to lock network or card by utilizing driver |
CN102752754A (en) * | 2012-06-21 | 2012-10-24 | 华为终端有限公司 | Method for security certificate of user identification card locking data and mobile terminal |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111431704A (en) * | 2020-03-03 | 2020-07-17 | 百度在线网络技术(北京)有限公司 | Method and device for generating and analyzing password |
CN114598461A (en) * | 2022-02-24 | 2022-06-07 | 广东天波信息技术股份有限公司 | Online unlocking method of terminal equipment, terminal equipment and readable storage medium |
CN114598461B (en) * | 2022-02-24 | 2023-10-31 | 广东天波信息技术股份有限公司 | Online unlocking method of terminal equipment, terminal equipment and readable storage medium |
Also Published As
Publication number | Publication date |
---|---|
CN107343276B (en) | 2020-01-07 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
EP0043027B1 (en) | Electronic signature verification method and system | |
RU2434352C2 (en) | Reliable authentication method and device | |
CA2554300C (en) | System and method for encrypted smart card pin entry | |
US7409552B2 (en) | Method for securing communications between a terminal and an additional user equipment | |
US6073237A (en) | Tamper resistant method and apparatus | |
CN112000975B (en) | Key management system | |
US20120069991A1 (en) | Method for authenticating access to a secured chip by test device | |
US20130072159A1 (en) | Method for cryptographically verifiable identification of a physical unit in a public, wireless telecommunications network | |
WO1997023972A1 (en) | Application level security system and method | |
CN106953732B (en) | Key management system and method for chip card | |
CN109063523B (en) | Radio frequency identification security authentication method and system | |
CN109035519B (en) | Biological feature recognition device and method | |
CN107920052B (en) | Encryption method and intelligent device | |
CN113114475B (en) | PUF identity authentication system and protocol based on bit self-checking | |
CN112615824B (en) | Anti-leakage one-time pad communication method and device | |
CN112311718A (en) | Method, device and equipment for detecting hardware and storage medium | |
CN110176989B (en) | Quantum communication service station identity authentication method and system based on asymmetric key pool | |
US20130166911A1 (en) | Implementation process for the use of cryptographic data of a user stored in a data base | |
CN109495441A (en) | Access authentication method, device, relevant device and computer readable storage medium | |
CN105873043B (en) | Method and system for generating and applying network private key for mobile terminal | |
CN107343276A (en) | A kind of guard method of the SIM card lock data of terminal and system | |
CN114297597B (en) | Account management method, system, equipment and computer readable storage medium | |
CN103281188A (en) | Method and system for backing up private key in electronic signature token | |
CN113239343B (en) | Encryption method for internal authentication, smart card, internal authentication method and card reader | |
CN114297673A (en) | Password verification method, solid state disk and upper computer |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
CB03 | Change of inventor or designer information | ||
CB03 | Change of inventor or designer information |
Inventor after: Zhou Lei Inventor after: Liu Zhiyong Inventor before: Zhou Lei Inventor before: Liu Zhiyong |