CN108632026A - A kind of data encrypting and deciphering device - Google Patents
A kind of data encrypting and deciphering device Download PDFInfo
- Publication number
- CN108632026A CN108632026A CN201710182586.1A CN201710182586A CN108632026A CN 108632026 A CN108632026 A CN 108632026A CN 201710182586 A CN201710182586 A CN 201710182586A CN 108632026 A CN108632026 A CN 108632026A
- Authority
- CN
- China
- Prior art keywords
- self
- key
- data
- encryption
- decryption
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/78—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Storage Device Security (AREA)
Abstract
A kind of data encrypting and deciphering device, including PUF key generators, the encryption coder coupled respectively with the PUF key generators, decryption encoder and self-desttruction equipment, and the encryption coder is mutually coupled with the decryption encoder, wherein:Encryption key is input to encryption coder, decruption key is input to decryption encoder by the PUF key generators suitable for generating the encryption key and decruption key that are mutually matched;The encryption coder is suitable for receiving initial data, and initial data is encrypted using encryption key;The decryption encoder is suitable for receiving the decruption key and the encrypted initial data, and the encrypted initial data is decrypted, and obtains the initial data;The self-desttruction equipment, suitable for when detecting the data encrypting and deciphering device by rogue attacks, destroying the working mechanism of the PUF key generators.The safe coefficient and protective efficacy of data can be improved using the above scheme.
Description
Technical field
The present invention relates to encryption and decryption technology field more particularly to a kind of data encrypting and deciphering devices.
Background technology
With the development of technology, the numerous areas such as fiscard and Internet of Things start to interconnect, and interconnection latter aspect is increasingly
Convenient current life, on the other hand but also information security issue is increasingly urgent.
In order to improve the safety of information, there are mainly two types of approach at present carries out encryption and decryption to data.One of which approach
It is that data are encrypted in the Encryption Algorithm based on mathematical operation, but this approach is faced with encryption reliability and operation efficiency
Contradiction, and theoretically key can be cracked, and the safe coefficient of data is relatively low.Another approach is setting self-desttruction equipment,
Before leakage of data, the physical support of data or overall format data are destroyed, but this approach needs additional energy
Supply, once power-off, then can not work.And entire self-destruction process takes longer.
Invention content
Problems solved by the invention is how to improve the safe coefficient and protective efficacy of data.
To solve the above problems, an embodiment of the present invention provides a kind of data encrypting and deciphering device, described device includes:PUF
Key generator, the encryption coder coupled respectively with the PUF key generators, decryption encoder and self-desttruction equipment, and institute
Encryption coder is stated to be mutually coupled with the decryption encoder, wherein:The PUF key generators are mutually matched suitable for generating
Encryption key and decruption key, the encryption key is input to the encryption coder, the decruption key is input to
The decryption encoder;The encryption coder is suitable for receiving initial data, and using the encryption key to the original number
According to being encrypted, encrypted initial data is input to the decryption encoder;The decryption encoder is suitable for described in reception
Decruption key and the encrypted initial data, and the encrypted initial data is solved using the decruption key
It is close, obtain the initial data;The self-desttruction equipment, suitable for detecting the data encrypting and deciphering device by rogue attacks
When, destroy the working mechanism of the PUF key generators.
Optionally, the self-desttruction equipment, suitable at least one attribute is broken as follows using the PUF key generators are destroyed
The working mechanism of the bad PUF key generators:Change the physical characteristic of the PUF key generators;Change the PUF keys
The randomness of generator;Destroy the PUF key generators entity.
Optionally, described device further includes:The storage being coupled between the encryption coder and the decryption encoder
Device is suitable for receiving the encrypted initial data from the encryption coder, and by the encrypted original data transmissions
To the decryption encoder.
Optionally, the memory is suitable for through signal wire, wireless or optical cable and the encryption coder and the decryption
Encoder couples.
Optionally, the self-desttruction equipment, suitable for destroying the PUF key generators by following at least one self-destruction mode
Working mechanism:Electricity self-destruction mode;Acoustics self-destruction mode;Optics self-destruction mode;Mechanics self-destruction mode;Chemically react self-destruction side
Formula;Thermodynamics changes self-destruction mode.
Compared with prior art, technical scheme of the present invention has the following advantages:
Above-mentioned scheme, since the key for data to be carried out with encryption and decryption is generated using PUF key generators,
And the key that PUF key generators are generated has uniqueness, randomness and non-reproduction, it is not easy to it is cracked, therefore can be with
Improve the safe coefficient of data.It, can be described in detecting and due to being additionally provided with self-desttruction equipment in data encrypting and deciphering device
When data encrypting and deciphering device is by rogue attacks, the working mechanism of the PUF key generators is destroyed, without destroying the object of data
Carrier entity is managed, therefore destructive process is not necessarily to more energy and longer duration, therefore the protection effect of data can also be improved
Rate.Moreover, the working mechanism of the PUF key generators after being destroyed changes, attacker can not use the PUF after being destroyed
Key generator initial data stored before cracking out, therefore the safe coefficient of data can also be further improved.
Further, further include being coupled to the encryption coder and the decryption encoder by the way that ciphering and deciphering device is arranged
Between memory, encrypted data can be made easy to carry, therefore the convenience of ciphering and deciphering device can be improved.
Further, since memory can be incited somebody to action by wirelessly conciliating the coupling of code device with encryption coder
Encryption coder, in two different places, increases the complexity that data person to be stolen steals data, therefore can from memory device
To improve the safe coefficient of data.
Description of the drawings
Fig. 1 is a kind of structural schematic diagram of data encrypting and deciphering device in the embodiment of the present invention;
Fig. 2 shows the structural schematic diagrams of another data encrypting and deciphering device in the embodiment of the present invention.
Specific implementation mode
As described above, there are mainly two types of approach at present carries out encryption and decryption to data.One of which approach is transported based on mathematics
Data are encrypted in the Encryption Algorithm of calculation, and this approach has higher confidentiality really, but this approach is faced with encryption
The contradiction of reliability and operation efficiency needs to compromise between the complexity and operation efficiency of encrypting and decrypting, most safe multiple
Miscellaneous password means rising violently for operation cost, and the encryption of low complex degree then means the risk being cracked.And theoretically
Key can be cracked, and the safe coefficient of data is relatively low.
And another approach is setting self-desttruction equipment, before leakage of data, which can be physically or mechanical
The upper physical support for destroying data either destroys the code software of system operation or overall format data, but this is on the way
Diameter needs the resources such as additional physics, machinery and time to protect coming into force for self-destruction process, and by after system cut-off, attacker
Handle that can be easy is got rid of with the relevant self-desttruction equipment of electric power, causes self-desttruction equipment that can not work.
To sum up, data encrypting and deciphering device in the prior art is asked there are the safe coefficient of data and protective efficacy are low
Topic.
To solve the above problems, use of the embodiment of the present invention can not copy function (Physically Unclonable
Function, PUF) key of the key generator generation for data to be carried out with encryption and decryption, and what PUF key generators were generated
Key has uniqueness, randomness and non-reproduction, it is not easy to be cracked, therefore can improve the safe coefficient of data.And
Due to being additionally provided with self-desttruction equipment in data encrypting and deciphering device, it can detect that the data encrypting and deciphering device is illegally attacked
When hitting, the working mechanism of the PUF key generators is destroyed, without destroying the physical support entity of data, therefore destructive process
Without more energy and longer duration, therefore the protective efficacy of data can also be improved.Moreover, the PUF after being destroyed is close
The working mechanism of key generator changes, institute before attacker can not use the PUF key generators after being destroyed to crack out
The initial data of storage, therefore the safe coefficient of data can also be further improved.
To make the above purposes, features and advantages of the invention more obvious and understandable, below in conjunction with the accompanying drawings to the present invention
Specific embodiment be described in detail.
Fig. 1 shows a kind of data encrypting and deciphering device in the embodiment of the present invention, adds solution to the data below with reference to Fig. 1
Close device describes in detail, and the ciphering and deciphering device may include:PUF key generators 11 are given birth to the PUF keys respectively
It grows up to be a useful person encryption coder 12, the decryption encoder 13 and self-desttruction equipment 14 of 11 couplings, and the encryption coder 12 and the solution
Code device 13 is mutually coupled.Wherein:The PUF key generators 11, suitable for generating the encryption key being mutually matched and decryption
The encryption key is input to the encryption coder 12 by key, and the decruption key is input to the decryption encoder
13。
The encryption coder 12, be suitable for receive initial data, and using the encryption key to the initial data into
Row encryption, the decryption encoder 13 is input to by encrypted initial data.
The decryption encoder 13 is suitable for receiving the decruption key and the encrypted initial data, and uses institute
It states decruption key the encrypted initial data is decrypted, obtains the initial data.
The self-desttruction equipment 14, suitable for when detecting the data encrypting and deciphering device by rogue attacks, described in destruction
The working mechanism of PUF key generators 11.
It can be seen from the above, the data encrypting and deciphering device in the embodiment of the present invention can utilize the generation of PUF technologies to have height
The encryption and decryption key of ground non-reproduction and random distribution, and then encrypted data encryption using the Crypted password.Once
It detects in the presence of the illegal attack to data ciphering and deciphering device, dedicated self-desttruction equipment can be utilized to destroy PUF close
The working mechanism of key generator.After PUF key generators are destroyed, original clear crytpographic key will not exist, even if may be used also
Newly to generate encryption key or encrypted data can be interpreted, the data deposited before can not also cracking, therefore can be true
Protect the safety of data.Also, what is destroyed in the process is the working mechanism of the PUF key generators, without destroying number
According to physical support entity, therefore destructive process is not necessarily to more energy and longer duration, but in the extremely fast time
It can be realized under low-down power consumption penalty, therefore the protective efficacy of data can also be improved.
Due to the difference of the operation principle of self-desttruction equipment 14, different PUF key generators 11 also show different categories
Property, when the attribute of PUF key generators 11 from it is different before when, you can confirm the working mechanisms of PUF key generators 11 by
It destroys.In specific implementation, the side of the attribute of a variety of destruction PUF key generators 11 may be used in the self-desttruction equipment 14
Method, to achieve the purpose that destroy the working mechanism of the PUF key generators 11.
It in an embodiment of the present invention, can be by changing the physical characteristics of the PUF key generators 11, to realize
The change of the working mechanism of PUF key generators 11.For example, the Formation and characteristics there are a kind of difference based on coating fine structure
Pattern constitute the PUF key generators of key, for this kind of PUF key generator, can increase near subtle coating
It adds and sets heating device and the larger material of coefficient of thermal expansion, give electric current and flow through heating device, heating device release heat makes
Thermal expansion material volume expansion is obtained, the fine structure of extrusion coating causes its fine structure to change, and then changes key
Physical characteristic, to realize the change of the working mechanism of PUF key generators.
It in an alternative embodiment of the invention, can be by changing the randomness of the PUF key generators 11, to realize
The change of the working mechanism of PUF key generators 11.It is to pass through laser for example, there are a kind of non-electronics major PUF key generators
The beam obtained speckle of irradiation microstructure constitutes key, can be by adjusting laser beam for this kind of PUF key generator
Direction change the shape of speckle, to destroy the randomness of PUF key generators, and then PUF key generators may be implemented
Working mechanism change.For another example, there are a kind of analog circuit class PUF key generators, operation principle is:Selection or
The threshold voltage vt h of one standard block is set as standard threshold voltage Vth, by the threshold voltage vt h of multiple units and institute
Standard threshold voltage Vth to be stated to compare, it is inconsistent that nuance mutual threshold voltage vt h may result in result of the comparison,
And then constitute the comparison result sequence with PUF characteristics.For this kind of analog circuit class PUF key generator, one can be utilized
A pulse current influences the threshold voltage vt h of standard block, that is, destroys the randomness of the key of above-mentioned PUF, and then realize PUF
The change of the working mechanism of key generator.
It in still another embodiment of the process, can also be by destroying 11 entity of PUF key generators, to realize PUF
The change of the working mechanism of key generator 11.It is understood that those skilled in the art can also use two above or
The method of the combination of the multiple embodiments of person destroys the working mechanism of PUF key generators 11.
Fig. 2 shows another data encrypting and deciphering devices in the embodiment of the present invention, as shown in Fig. 2, the data add solution
Close device can also include:The memory 25 being coupled between the encryption coder 22 and the decryption encoder 23, is suitable for
The encrypted initial data is received from the encryption coder 22, and by the encrypted original data transmissions to described
Decrypt encoder 23.Therefore, encrypted data can be made easy to carry, therefore the convenience of ciphering and deciphering device can be improved.
It should be noted that the encryption coder 22 in Fig. 2 is identical as the encryption coder 12 in Fig. 1, the decryption in Fig. 2
Encoder 23 is identical as the decryption encoder 13 in Fig. 1, and the self-desttruction equipment 24 in Fig. 2 is identical as the self-desttruction equipment 14 in Fig. 1, figure
PUF key generators 21 in 2 are identical as the PUF key generators 11 in Fig. 1.Those skilled in the art can be according to above-mentioned reality
The description to encryption coder 12, decryption encoder 13 and self-desttruction equipment 14 in example is applied, to implement encryption coder 22, decryption volume
Code device 23 and self-desttruction equipment 24, details are not described herein.
In specific implementation, normal data encrypting and deciphering flow can be that initial data is given birth to by PUF key generators 21
At encryption keys, be stored in later in memory 25, the decryption that legal access is generated using PUF key generators 21
Key pair encryption data deciphering, the data after being restored.
In specific implementation, the memory 25, can through a variety of ways with the encryption coder 22 and the solution
Code device 23 couples.Specifically, such as can by signal wire or optical cable by memory 25 and encryption coder 22 and
Encoder 23 is decrypted to couple.Entire ciphering and deciphering device can be considered as a chip, which is the signal wire of chip.Compare again
Such as, it can also be coupled by the way that memory 25 is wirelessly conciliate code device 23 with encryption coder 22, can will be encrypted in this way
Encoder 22 and memory 25 place that be placed in two different, increase the complexity that data person to be stolen steals data, therefore can
To improve the safe coefficient of data.
In specific implementation, the self-desttruction equipment 24 can destroy the PUF key generators by a variety of self-destruction modes
21 working mechanism, for example, electricity self-destruction mode, acoustics self-destruction mode, optics self-destruction mode, mechanics self-destruction side can be passed through
The one or more of which self-destruction modes such as formula, chemical reaction self-destruction mode and thermodynamics variation self-destruction mode carry out.Wherein, heating power
Learn the phase transition process that variation can refer to material.Such as a kind of PUF key generators for eFuse resistance, when it is crystal
As soon as resistance belongs to a range, when it is amorphous state, resistance changes in another different range, due to both states
Difference, therefore thermodynamics is used to change self-destruction mode this kind of PUF key generator of self-destruction, substantially it is exactly the frame mode of material
Change.In specific implementation, self-destructed means are not limited to electricity, can also be sound, light, power, chemistry and Thermodynamic effect machine
System, the dependence of the power supply unit to self-desttruction equipment 24 is avoided, therefore the safety of data can be improved.
Although present disclosure is as above, present invention is not limited to this.Any those skilled in the art are not departing from this
It in the spirit and scope of invention, can make various changes or modifications, therefore protection scope of the present invention should be with claim institute
Subject to the range of restriction.
Claims (5)
1. a kind of data encrypting and deciphering device, which is characterized in that including:PUF key generators are generated with the PUF keys respectively
Encryption coder, decryption encoder and the self-desttruction equipment of device coupling, and the encryption coder and the decryption encoder are mutual
Coupling, wherein:
The PUF key generators input the encryption key suitable for generating the encryption key and decruption key that are mutually matched
To the encryption coder, the decruption key is input to the decryption encoder;
The encryption coder is suitable for receiving initial data, and the initial data is encrypted using the encryption key,
Encrypted initial data is input to the decryption encoder;
The decryption encoder is suitable for receiving the decruption key and the encrypted initial data, and uses the decryption
Encrypted initial data described in key pair is decrypted, and obtains the initial data;
The self-desttruction equipment, suitable for when detecting the data encrypting and deciphering device by rogue attacks, destroying the PUF keys
The working mechanism of generator.
2. data encrypting and deciphering device as described in claim 1, which is characterized in that the self-desttruction equipment is suitable for using destruction institute
Stating PUF key generators, at least one attribute destroys the working mechanism of the PUF key generators as follows:
Change the physical characteristic of the PUF key generators;
Change the randomness of the PUF key generators;
Destroy the PUF key generators entity.
3. data encrypting and deciphering device as described in claim 1, which is characterized in that further include:It is coupled to the encryption coder
Memory between the decryption encoder,
Suitable for receiving the encrypted initial data from the encryption coder, and by the encrypted original data transmissions
To the decryption encoder.
4. data encrypting and deciphering device as claimed in claim 3, which is characterized in that the memory, suitable for passing through:
Signal wire, wireless or optical cable and the encryption coder and the decryption encoder couple.
5. data encrypting and deciphering device as described in claim 1, which is characterized in that the self-desttruction equipment, be suitable for by with down toward
A kind of few self-destruction mode destroys the working mechanism of the PUF key generators:
Electricity self-destruction mode;
Acoustics self-destruction mode;
Optics self-destruction mode;
Mechanics self-destruction mode;
Chemically react self-destruction mode;
Thermodynamics changes self-destruction mode.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710182586.1A CN108632026B (en) | 2017-03-24 | 2017-03-24 | Data encryption and decryption device |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710182586.1A CN108632026B (en) | 2017-03-24 | 2017-03-24 | Data encryption and decryption device |
Publications (2)
Publication Number | Publication Date |
---|---|
CN108632026A true CN108632026A (en) | 2018-10-09 |
CN108632026B CN108632026B (en) | 2021-06-08 |
Family
ID=63707791
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201710182586.1A Active CN108632026B (en) | 2017-03-24 | 2017-03-24 | Data encryption and decryption device |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN108632026B (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN114422145A (en) * | 2022-01-21 | 2022-04-29 | 上海交通大学 | Internet of things end-to-end dynamic identity authentication method based on PUF and Hash |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN201788500U (en) * | 2009-11-20 | 2011-04-06 | 西安奇维测控科技有限公司 | Electronic hard disk with functions of encryption and data self-destruction |
US20130254636A1 (en) * | 2012-03-22 | 2013-09-26 | Purdue Research Foundation | System on chip and method for cryptography using a physically unclonable function |
CN104346586A (en) * | 2013-07-25 | 2015-02-11 | 爱国者电子科技有限公司 | Self-destructive data protection storage device and self-destructive data protection method |
US20160197937A1 (en) * | 2014-01-07 | 2016-07-07 | Amazon Technologies, Inc. | Hardware secret usage limits |
-
2017
- 2017-03-24 CN CN201710182586.1A patent/CN108632026B/en active Active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN201788500U (en) * | 2009-11-20 | 2011-04-06 | 西安奇维测控科技有限公司 | Electronic hard disk with functions of encryption and data self-destruction |
US20130254636A1 (en) * | 2012-03-22 | 2013-09-26 | Purdue Research Foundation | System on chip and method for cryptography using a physically unclonable function |
CN104346586A (en) * | 2013-07-25 | 2015-02-11 | 爱国者电子科技有限公司 | Self-destructive data protection storage device and self-destructive data protection method |
US20160197937A1 (en) * | 2014-01-07 | 2016-07-07 | Amazon Technologies, Inc. | Hardware secret usage limits |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN114422145A (en) * | 2022-01-21 | 2022-04-29 | 上海交通大学 | Internet of things end-to-end dynamic identity authentication method based on PUF and Hash |
Also Published As
Publication number | Publication date |
---|---|
CN108632026B (en) | 2021-06-08 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN102904712B (en) | Information ciphering method | |
TWI463349B (en) | Method and system for secure data access among two devices | |
CN102422296B (en) | Method for authenticating access to a secured chip by a test device | |
CN101950347B (en) | Method and system for encrypting data | |
CN101800738B (en) | Realization system and method for safely visiting and storing intranet data by mobile equipment | |
RU2009117677A (en) | METHOD AND DEVICE FOR MUTUAL AUTHENTICATION | |
CN106533663B (en) | Data ciphering method, encryption method, apparatus and data decryption method, decryption method, apparatus | |
JP2012529580A5 (en) | ||
CN104866784B (en) | A kind of safe hard disk, data encryption and decryption method based on BIOS encryptions | |
US20120239926A1 (en) | Obfuscated authentication systems, devices, and methods | |
CN101001142A (en) | Encipher-decipher method based on iterative random number generator | |
CN104268447A (en) | Encryption method of embedded software | |
CN104243493A (en) | Network identity authentication method and system | |
JP2024511236A (en) | Computer file security encryption method, decryption method and readable storage medium | |
CN105262586B (en) | The method for distributing key and device of automobile burglar equipment | |
CN201518127U (en) | Encrypted mobile memory based on password authentication | |
Tahir et al. | A scheme for the generation of strong icmetrics based session key pairs for secure embedded system applications | |
CN112069515B (en) | Safe EFUSE burning method and system | |
CN108632026A (en) | A kind of data encrypting and deciphering device | |
CN103384233A (en) | Agency conversion method, device and system | |
CN1607511B (en) | Data protection method and system | |
Caballero-Gil et al. | Lightweight authentication for RFID used in VANETs | |
CN110855622B (en) | Method and device for protecting sensitive data transmission of distributed system | |
KR20230050464A (en) | Secure communication between known users | |
KR101793528B1 (en) | Certificateless public key encryption system and receiving terminal |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |