CN108933790A - The encryption method of the OTA firmware updating of high safety grade - Google Patents

The encryption method of the OTA firmware updating of high safety grade Download PDF

Info

Publication number
CN108933790A
CN108933790A CN201810732760.XA CN201810732760A CN108933790A CN 108933790 A CN108933790 A CN 108933790A CN 201810732760 A CN201810732760 A CN 201810732760A CN 108933790 A CN108933790 A CN 108933790A
Authority
CN
China
Prior art keywords
firmware
data
block
mac
encryption
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201810732760.XA
Other languages
Chinese (zh)
Other versions
CN108933790B (en
Inventor
樊燕红
付勇
王继志
杨英
陈丽娟
陈振娅
文立强
穆超
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shandong Computer Science Center National Super Computing Center in Jinan
Shandong Computer Science Center
Original Assignee
Shandong Computer Science Center
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shandong Computer Science Center filed Critical Shandong Computer Science Center
Priority to CN201810732760.XA priority Critical patent/CN108933790B/en
Publication of CN108933790A publication Critical patent/CN108933790A/en
Application granted granted Critical
Publication of CN108933790B publication Critical patent/CN108933790B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/08Configuration management of networks or network elements
    • H04L41/0803Configuration setting
    • H04L41/0813Configuration setting characterised by the conditions triggering a change of settings
    • H04L41/082Configuration setting characterised by the conditions triggering a change of settings the condition being updates or upgrades of network functionality
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/123Applying verification of the received information received data contents, e.g. message integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/34Network arrangements or protocols for supporting network services or applications involving the movement of software or configuration parameters 
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/002Countermeasures against attacks on cryptographic mechanisms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0618Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
    • H04L9/0631Substitution permutation network [SPN], i.e. cipher composed of a number of stages or rounds each involving linear and nonlinear transformations, e.g. AES algorithms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • H04L9/3242Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving keyed hash functions, e.g. message authentication codes [MACs], CBC-MAC or HMAC

Abstract

The encryption method of the OTA firmware updating of high safety grade of the invention, PC machine generates firmware upgrade data step are as follows: authentication code MAC is generated using firmware head data and n block firmware data, using the firmware head data of unencryption, the MAC of encryption and n block firmware data as firmware upgrade data;The verifying of IOT terminal device and upgrade step are as follows: IOT terminal device recovers the value of MAC using received data, and whether the MAC value for judging that itself is calculated is equal with received MAC value, and updating operation is only just executed in the case where equal.The encryption method of OTA firmware updating of the invention, it is difficult to analyze head Encryption Algorithm by the inclusion of a variety of methods including the Multiple Channel Analysis of side, fundamentally prevent the downloading of malice firmware, unauthorized person is prevented to pass through side channelization codes analysis method, the principle of firmware upgrade algorithm is recovered, security level in firmware upgrade process is further improved.

Description

The encryption method of the OTA firmware updating of high safety grade
Technical field
The present invention relates to a kind of methods of firmware upgrade, more specifically, more particularly to a kind of high safety grade OTA liter The encryption method of grade firmware.
Background technique
Internet of Things (Internet of things, abbreviation IOT) has penetrated into the every aspect of all trades and professions at present, and It is connected to a large amount of equipment.Internet of Things scale deployment is faced with numerous challenges.When numerous internet of things equipment needs function more New or repairing loophole, over the air (Over-the-Air Technology, abbreviation OTA) are that radio firmware upgrading mentions A time saving, convenient and fast approach is supplied, OTA firmware upgrade has become the indispensable composition portion of internet of things equipment Point.
Internet of things equipment is during firmware upgrade, the security threat of presence service Authority Verification.In firmware upgrade side Face, the firmware updating of many internet of things equipment do not encrypt and integrity verification processing.If hacker obtains firmware upgrade Command format, the malice firmware write download in internet-of-things terminal equipment, so that it may fully control the equipment and execute Illegal operation.2013, the cash inspecting machine of certain brand was studied by IOActive security firm, found it in firmware upgrade not Signature verification process is done, researcher is downloaded to malice firmware in cash inspecting machine using the loophole, and cash inspecting machine is by a hand-written vacation Paper money is identified as genuine notes.2017, the researcher of cryptosecurity studied Philips Hue intelligent lamp, has cracked intelligence The encrypted/authenticated key of lamp radio firmware upgrading, downloads to the malice firmware of generation in intelligent lamp according to key, intelligent lamp exists Do not stop to flash under the control of malice firmware.
During firmware upgrade, internet of things equipment needs to improve firmware by the attack of malice firmware in order to prevent Security level in escalation process.The generation of firmware updating and downloading process need to have plus enciphering/deciphering, authentication operation, for solid The secrecy and integrated authentication of number of packages evidence, prevent firmware data to be maliciously tampered and restore;And enciphering/deciphering, authentication operation will have There is certain complexity, so as to support the attack of the relevant cryptanalytic methods such as preventing side-channel.
Summary of the invention
The present invention in order to overcome the shortcomings of the above technical problems, provides a kind of OTA firmware updating of high safety grade Encryption method.
The encryption method of the OTA firmware updating of high safety grade of the invention, the system of OTA firmware updating is by PC machine, cloud Server-side, controlling terminal and IOT terminal device composition, PC machine generate firmware updating data and are uploaded to cloud server terminal, control Terminal control IOT terminal device processed receives the data of cloud server terminal and completes to upgrade;If firmware updating includes n block data; It is characterized in that, the encryption method of the OTA firmware updating includes that PC machine generation firmware upgrade data step and IOT terminal are set Standby verifying and upgrade step, PC machine generate firmware upgrade data step are as follows: take m block data as firmware head data, utilize M block firmware head data and n block firmware data are by Encryption Algorithm generation authentication code MAC, by the m of unencryption Block firmware head data, encrypted MAC, encrypted n block firmware data are uploaded together as firmware upgrade data To cloud server terminal;
The verifying of IOT terminal device and upgrade step are as follows: operation is decrypted to received data first in IOT terminal device, Then the value of MAC is calculated using n block firmware data after received m block firmware head data, decryption, and judged Whether the MAC value itself calculated is equal with received MAC value, and updating operation is only just executed in the case where equal.
The encryption method of the OTA firmware updating of high safety grade of the invention, if the size of 1 block is 16 bytes, Firmware head data are 3 block sizes, and the initialization vector stored in PC machine and IOT terminal device is IV, encryption key is k;N block firmware data is respectively Pf1、Pf2、…、Pfn
The PC machine generates firmware upgrade data step and realizes especially by following steps:
A) data encryptions, if 3 block firmware head data are respectively Ph1、Ph2、Ph3, it is encrypted after data difference For P 'h1、P′h2、P′h3
B) generates the processing of the header data of MAC, is carried out using following algorithm to the header data for generating authentication code MAC Cryptographic operation:
Wherein, EkE in () indicates that the aes algorithm function used, k are encryption code key, and the parameter list in bracket shows text Data,For XOR operation;
C) seeks identifying code, generates identifying code MAC by following calculation method:
For i=1 to n
J=i+3
Authentication code are as follows:
MAC=CBC (n+3);
D) encryption, to authentication code MAC, n block firmware data Pf1、Pf2、…、Pfn, using following AES- CTR is encrypted:
For i=1 to n
Wherein, ctri=Nonce | | counteri, Nonce is the constant value set by user externally to maintain secrecy, is stored in PC In machine and IOT terminal device, Nonce is 14 byte datas, counteriFor 2 byte datas, counter0=0, counter1= 1 ..., counteri=i ..., countern=n;" | | " indicate connection operation;
E) formed firmware upgrade data, using 3 block firmware head data of unencryption, encrypted authentication code MAC, Encrypted n block firmware data composition upgrading data Fall:
Fall=Ph1||Ph2||Ph3||EMAC||Ef1||Ef2...||Efn||。
The encryption method of the OTA firmware updating of high safety grade of the invention, with the following method to 3 in step a) Block firmware head data Ph1、Ph2、Ph3It is encrypted:
P′h1=Ek(Ph2)
P′h2=Ph2·Ph1
Wherein operator indicates multiplication operation.
The encryption method of the OTA firmware updating of high safety grade of the invention, the IOT terminal device verifying and upgrading Step is realized especially by following steps:
1) Verification, IOT terminal device save the firmware upgrade data of downloading into external FLASH memory, and Preceding 3 block firmware head data are read, judge whether the parameter in firmware head data is legal, if legal, thens follow the steps 2);If illegal, then follow the steps 7);
2) encrypt head data, using with identical Encryption Algorithm in step a), to 3 block firmware head data of acquisition It is encrypted, if encrypted head data are respectively P 'H1、P′H2、P′H3
3) generates the processing of the header data of MAC, is carried out using following algorithm to the header data for generating authentication code MAC Cryptographic operation:
Wherein, EkE in () indicates that the aes algorithm function used, k are encryption code key, and the parameter list in bracket shows text Data,For XOR operation;
4) decrypts firmware and seeks authentication code, decrypts n block encrypted firmware by following calculation method and seeks recognizing Demonstrate,prove code:
For i=1 to n
J=i+3
Wherein: ctri=Nonce | | counteri, P 'f1、P′f2、…、P′fnN after the decryption obtained for IOT terminal device A block firmware data;
The authentication code that IOT terminal is sought:
MACb=CBC ' (n+3);
5) whether examines authentication code legal, and IOT terminal device carries out cryptographic operation to the authentication code MACb of acquisition:
Then the E that will be soughtMACbWith the E in received firmware dataMACIt is compared, judges EMACbWith EMACValue whether It is identical, if identical, it is verified, executes step 6);If it is different, then executing step 7);
6) firmware upgrade, the firmware data P ' for the decryption that IOT terminal device obtainsf1、P′f2、…、P′fnAs PC machine is raw At legal firmware data Pf1、Pf2、…、Pfn, firmware data is stored into inside FLASH and completes to upgrade;
7) upgrading failure, IOT terminal device return to the answer signal of firmware upgrade failure
The encryption method of the OTA firmware updating of high safety grade of the invention, with the following method to 3 in step 2) Block firmware head data are encrypted:
P′H1=Ek(PH2)
P′H2=PH2·PH1
Wherein, PH1、PH2、PH3The data of preceding 3 block in the firmware upgrade data obtained for IOT terminal device.
The beneficial effects of the present invention are: the present invention provides a kind of encryption method of the OTA firmware updating of high safety grade, It can guarantee that encrypting authenticated firmware has high safety grade, which uses AES-CCM mode, is used for firmware data Secrecy and integrated authentication, prevent during firmware upgrade, firmware data is maliciously tampered and restores.
Side channelization codes analysis method can carry out firmware upgrade process in IOT terminal device, analyze firmware and add/solve Then key used in close, identifying algorithm deduces firmware enciphering/deciphering, authentication principles by plaintext correlation analysis again. Principle Method by inference generates the malice firmware that IOT terminal device is approved, and is downloaded in internal FLASH, unauthorized person So as to arbitrarily control IOT terminal device.The downloading of malice firmware in order to prevent, use in this method to header data into Row encryption processing operation, which has certain complexity, and in the state of black box, the simple method by side Multiple Channel Analysis is very Difficulty analyzes the specific implementation of head Encryption Algorithm.Unauthorized person is difficult to speculate the specific implementation side of head Encryption Algorithm Formula, once head Encryption Algorithm malfunctions, it will and cause the malice firmware generated that can not fundamentally prevent by authenticating link The downloading of malice firmware, this kind of method prevents unauthorized person by side channelization codes analysis method, by firmware upgrade algorithm Principle recovers, and the loophole then attacked internet of things equipment downloading malice firmware further improves firmware upgrade Security level in the process.
Detailed description of the invention
Fig. 1 is the schematic diagram of OTA firmware upgrade system in the present invention;
Fig. 2 is the functional block diagram that PC machine generates encryption authenticated firmware in the present invention;;
Program flow diagram when Fig. 3 is IOT terminal device firmware upgrade in the present invention;
Fig. 4, Fig. 5 are the schematic diagram of fastener heads data operation and Encryption Algorithm in the present invention.
Specific embodiment
The invention will be further described with embodiment with reference to the accompanying drawing.
As shown in Figure 1, the schematic diagram of OTA firmware upgrade system in the present invention is given, the firmware of IOT terminal device OTA Upgrade-system is made of PC machine, cloud server terminal, controlling terminal and IOT terminal device, and the major function of PC machine is: to firmware updating Data are encrypted, authentication operation, are generated encryption authenticated firmware and are uploaded to cloud server terminal.The major function of cloud server terminal is: depositing The firmware updating for storing up latest edition, interacts with controlling terminal, receives upgrade request instruction, and firmware upgrade information is returned Control terminal;The information of firmware updating is downloaded in IOT terminal device, and the firmware upgrade that sends over of receiving terminal apparatus Reply data.IOT terminal device carries out legitimacy to the parameter of firmware data first and tests after receiving firmware upgrade data Card, then again authenticates the integrality of firmware, downloading then is decrypted in firmware data, after decryption downloading under The firmware data for being loaded onto internal FLASH is verified, and after verification passes through, returns to the successful answer signal of firmware upgrade.
As shown in Fig. 2, giving the functional block diagram for generating encryption authenticated firmware in PC machine, come as follows real It is existing:
(1), the setting of fastener heads data information, fastener heads data are Ph1、Ph2、Ph3, the content of value is by producer's root It is configured according to the specific configuration parameter of product;
(2), the firmware updating storage path for needing to encrypt, the routing information of setting encryption authenticated firmware storage are chosen;
(3), PC machine encrypted, authentication operation, first by the data P on headh1、Ph2、Ph3It does the encryption process, obtains number According to P 'h1、P′h2、P′h3
(4), the firmware data P of n block of firmware updating is readf1、Pf2、…、Pfn
(5), authentication code is generated using AES-CBC algorithm.The header data cryptographic operation for generating certification MAC is as follows:
EkE in () indicates that the aes algorithm function used, k indicate that key, the parameter list in bracket show clear data, For XOR operation.
(6), the firmware data cryptographic operation for generating certification MAC is as follows:
For i=1 to n
J=i+3
(7), MAC=CBC (n+3);, wherein MAC is the authentication code of firmware;
(8), to MACn block firmware data Pf1、Pf2、…、Pfn, it is encrypted:
For i=1 to n
Wherein: ctri=Nonce | | counteriWherein Nonce is constant value set by user, is externally secrecy.Its In, Nonce is 14 byte datas, counteriFor 2 byte datas, counter0=0, counter1=1 ..., counteri =i ..., countern=n.
(9), the total composition of encryption authenticated firmware is as follows:
Fall=Ph1||Ph2||Ph3||EMAC||Ef1||Ef2...||Efn(| | indicate connection operation).
As shown in figure 3, program flow diagram when IOT terminal device firmware upgrade in the present invention is given, by as follows Step is realized:
A. the relevant parameter that the header data of firmware includes is read, relevant parameter is verified, whether parameter is legal, such as Fruit is legal, executes step b;If illegal, k is thened follow the steps;
B. call header data encryption Processing Algorithm, is encrypted header data;What if IOT terminal device obtained The data of preceding 3 block are P in firmware upgrade dataH1、PH2、PH3, encrypted data are P 'H1、P′H2、P′H3, use 3 block firmware head data are encrypted in following method:
P′H1=Ek(PH2)
P′H2=PH2·PH1
C. AES-CBC mode is utilized, header data is encrypted to treated, finally generation CBC ' 3, at encryption Adjustment method is as follows:
CBC ' 3 is used as next block initialization vector, is transmitted to next encryption function;
D. it to the encrypted firmware of n block, is decrypted to obtain in plain text using AES-CTR, utilizes AES-CBC mould Formula handles clear data, finally generates MAC, and concrete methods of realizing is as follows:
For i=1 to n
J=i+3
Wherein, ctri=Nonce | | counteri, P 'f1、P′f2、…、P′fnN obtained for the decryption of IOT terminal Block firmware data;
E. the authentication code MACb=CBC ' (n+3) that authentication code MACb, the IOT terminal of firmware is sought is sought, is utilized AES-CTR carries out encryption to MACb and obtains EMACb:
F. the E that will be soughtMACbWith the E in received firmware dataMACIt is compared, judges EMACbWith EMACValue whether phase Together, if it is identical, it is verified, executes step e;If it is different, then executing step k;
G.IOT terminal device is decrypted encrypted firmware using AES-CTR, the firmware data P ' of acquisitionf1、P′f2、…、 P′fnThe as legal firmware data P of PC machine generationf1、Pf2、…、Pfn, firmware data is stored into inside FLASH.
After the firmware data downloading of h.n block, firmware data is verified, if verification passes through, under explanation The firmware data being loaded onto internal FLASH is errorless, thens follow the steps i, if verification is not by executing step k;
I. the successful answer signal of firmware upgrade is returned to, and by firmware upgrade flag bit clear 0;
J. the region Application executing application is jumped to;
K. the answer signal of firmware upgrade failure, and software restarting IOT terminal device are returned.
As shown in Figure 4 and Figure 5, the schematic diagram of header data encryption algorithm is given.Fig. 4 is shown to 3 The header data P of blockh1、Ph2、Ph3It is encrypted to obtain P 'h1、P′h2、P′h3Method, Fig. 5 are shown P 'h1、 P′h2、P′h3, IV and key k be input in AES-CBC Encryption Algorithm, open the operation for calculating certification MAC.
To the header data P of 3 blockh1、Ph2、Ph3It is encrypted to obtain P 'h1、P′h2、P′h3Method method is used Expression formula is expressed as follows:
P′h1=Ek(Ph2)
P′h2=Ph2×Ph1
By P 'h1、P′h2、P′h3, IV and key k be input to AES-CBC Encryption Algorithm, be expressed as follows with expression formula:
When attacker is attacked using side Multiple Channel Analysis method, the energy mark or electricity of the encryption algorithm are acquired first Magnetic radiation waveform, the black box the case where, the method that attacker can use plaintext correlation analysis, to determine the position for participating in calculating in plain text It sets, the clear data for participating in cryptographic calculation is then speculated according to waveform.Header data encryption algorithm, for header data Plaintext correlation analysis plays the role of obscuring, even if having higher correlation in some position and plaintext, but joins at this time Data with calculating are not known-plaintexts.Therefore header data encryption algorithm makes firmware updating have preventing side-channel The ability of attack, to exclude the one of Internet of Things (IOT:Internet of things) terminal device presence service Authority Verification A security breaches further improve security level in firmware upgrade process.

Claims (5)

1. a kind of encryption method of the OTA firmware updating of high safety grade, the system of OTA firmware updating by PC machine, cloud server terminal, Controlling terminal and IOT terminal device composition, PC machine generate firmware updating data and are uploaded to cloud server terminal, controlling terminal control IOT terminal device processed receives the data of cloud server terminal and completes to upgrade;If firmware updating includes n block data;Its feature exists In, the encryption method of the OTA firmware updating include PC machine generate firmware upgrade data step and the verifying of IOT terminal device and Upgrade step, PC machine generate firmware upgrade data step are as follows: take m block data as firmware head data, utilize m block Firmware head data and n block firmware data are by Encryption Algorithm generation authentication code MAC, by m block firmware of unencryption Head data, encrypted MAC, encrypted n block firmware data are uploaded to cloud service together as firmware upgrade data End;
The verifying of IOT terminal device and upgrade step are as follows: operation is decrypted to received data first in IOT terminal device, then The value of MAC is calculated using n block firmware data after received m block firmware head data, decryption, and judges itself Whether the MAC value of calculating is equal with received MAC value, and updating operation is only just executed in the case where equal.
2. the encryption method of the OTA firmware updating of high safety grade according to claim 1, which is characterized in that set 1 The size of block is 16 bytes, and firmware head data are 3 block sizes, and what is stored in PC machine and IOT terminal device is first Beginningization vector is IV, encryption key k;N block firmware data is respectively Pf1、Pf2、…、Pfn
The PC machine generates firmware upgrade data step and realizes especially by following steps:
A) data encryptions, if 3 block firmware head data are respectively Ph1、Ph2、Ph3, it is encrypted after data be respectively P ′h1、P′h2、P′h3
B) generates the processing of the header data of MAC, is encrypted using following algorithm to the header data for generating authentication code MAC Operation:
Wherein, EkE in () indicates that the aes algorithm function used, k are encryption code key, and the parameter list in bracket shows clear data,For XOR operation;
C) seeks identifying code, generates identifying code MAC by following calculation method:
For i=1 to n
J=i+3
Authentication code are as follows:
MAC=CBC (n+3);
D) encryption, to authentication code MAC, n block firmware data Pf1、Pf2、…、Pfn, using following AES-CTR into Row encryption:
For i=1 to n
Wherein, ctri=Nonce | | counteri, Nonce be the constant value set by user externally to maintain secrecy, be stored in PC machine and In IOT terminal device, Nonce is 14 byte datas, counteriFor 2 byte datas, counter0=0, counter1= 1 ..., counteri=i ..., countern=n;" | | " indicate connection operation;
E) forms firmware upgrade data, utilizes 3 block firmware head data of unencryption, encrypted authentication code MAC, encryption N block firmware data composition upgrading data F afterwardsall:
Fall=Ph1||Ph2||Ph3||EMAC||Ef1||Ef2...||Efn||。
3. the encryption method of the OTA firmware updating of high safety grade according to claim 2, which is characterized in that step a) In with the following method to 3 block firmware head data Ph1、Ph2、Ph3It is encrypted:
P′h1=Ek(Ph2)
P′h2=Ph2·Ph1
Wherein operator indicates multiplication operation.
4. the encryption method of the OTA firmware updating of high safety grade according to claim 2, which is characterized in that described The verifying of IOT terminal device and upgrade step are realized especially by following steps:
1) Verification, IOT terminal device saves the firmware upgrade data of downloading into external FLASH memory, and reads Preceding 3 block firmware head data, judge whether the parameter in firmware head data is legal, if legal, thens follow the steps 2);Such as Fruit is illegal, thens follow the steps 7);
2) encrypts head data, using with identical Encryption Algorithm in step a), 3 block firmware head data of acquisition are carried out Encryption, if encrypted head data are respectively P 'H1、P′H2、P′H3
3) generates the processing of the header data of MAC, is encrypted using following algorithm to the header data for generating authentication code MAC Operation:
Wherein, EkE in () indicates that the aes algorithm function used, k are encryption code key, and the parameter list in bracket shows clear data,For XOR operation;
4) decrypts firmware and seeks authentication code, decrypts n block encrypted firmware by following calculation method and seeks authentication code:
For i=1 to n
J=i+3
Wherein: ctri=Nonce | | counteri, P 'f1、P′f2、…、P′fnN after the decryption obtained for IOT terminal device Block firmware data;
The authentication code that IOT terminal is sought:
MACb=CBC ' (n+3);
5) whether examines authentication code legal, and IOT terminal device carries out cryptographic operation to the authentication code MACb of acquisition:
Then the E that will be soughtMACbWith the E in received firmware dataMACIt is compared, judges EMACbWith EMACValue it is whether identical, If identical, it is verified, executes step 6);If it is different, then executing step 7);
6) firmware upgrade, the firmware data P ' that the decryption of IOT terminal device obtainsf1、P′f2、…、P′fnThe as conjunction of PC machine generation Method firmware data Pf1、Pf2、…、Pfn, firmware data is stored into inside FLASH and completes to upgrade;
7) upgrading failure, IOT terminal device return to the answer signal of firmware upgrade failure.
5. the encryption method of the OTA firmware updating of high safety grade according to claim 4, which is characterized in that step 2) In 3 block firmware head data are encrypted with the following method:
P′H1=Ek(PH2)
P′H2=PH2·PH1
Wherein, PH1、PH2、PH3The data of preceding 3 block in the firmware upgrade data obtained for IOT terminal device.
CN201810732760.XA 2018-07-05 2018-07-05 Encryption method for OTA (over the air) upgrade firmware with high security level Active CN108933790B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810732760.XA CN108933790B (en) 2018-07-05 2018-07-05 Encryption method for OTA (over the air) upgrade firmware with high security level

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810732760.XA CN108933790B (en) 2018-07-05 2018-07-05 Encryption method for OTA (over the air) upgrade firmware with high security level

Publications (2)

Publication Number Publication Date
CN108933790A true CN108933790A (en) 2018-12-04
CN108933790B CN108933790B (en) 2020-12-22

Family

ID=64447080

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810732760.XA Active CN108933790B (en) 2018-07-05 2018-07-05 Encryption method for OTA (over the air) upgrade firmware with high security level

Country Status (1)

Country Link
CN (1) CN108933790B (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109889334A (en) * 2019-01-30 2019-06-14 深圳市高端无人机有限公司 Embedded firmware encrypting method, apparatus, wifi equipment and storage medium
CN111966058A (en) * 2020-07-20 2020-11-20 四川虹美智能科技有限公司 Control method, device and system of intelligent equipment

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105279441A (en) * 2014-07-21 2016-01-27 恩智浦有限公司 Methods and architecture for encrypting and decrypting data
US20160036814A1 (en) * 2014-07-30 2016-02-04 Master Lock Company Llc Wireless firmware updates
CN105812570A (en) * 2016-04-21 2016-07-27 深圳市旭子科技有限公司 Terminal firmware updating method and device
CN105897748A (en) * 2016-05-27 2016-08-24 飞天诚信科技股份有限公司 Symmetric secrete key transmission method and device
CN107368744A (en) * 2016-04-11 2017-11-21 恩德莱斯和豪瑟尔分析仪表两合公司 For updating the method and the equipment of measurement and control technology of fastener components
CN108196867A (en) * 2018-03-08 2018-06-22 深圳市文鼎创数据科技有限公司 Device for upgrading firmware, equipment and its firmware upgrade method of equipment

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105279441A (en) * 2014-07-21 2016-01-27 恩智浦有限公司 Methods and architecture for encrypting and decrypting data
US20160036814A1 (en) * 2014-07-30 2016-02-04 Master Lock Company Llc Wireless firmware updates
CN107368744A (en) * 2016-04-11 2017-11-21 恩德莱斯和豪瑟尔分析仪表两合公司 For updating the method and the equipment of measurement and control technology of fastener components
CN105812570A (en) * 2016-04-21 2016-07-27 深圳市旭子科技有限公司 Terminal firmware updating method and device
CN105897748A (en) * 2016-05-27 2016-08-24 飞天诚信科技股份有限公司 Symmetric secrete key transmission method and device
CN108196867A (en) * 2018-03-08 2018-06-22 深圳市文鼎创数据科技有限公司 Device for upgrading firmware, equipment and its firmware upgrade method of equipment

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109889334A (en) * 2019-01-30 2019-06-14 深圳市高端无人机有限公司 Embedded firmware encrypting method, apparatus, wifi equipment and storage medium
CN111966058A (en) * 2020-07-20 2020-11-20 四川虹美智能科技有限公司 Control method, device and system of intelligent equipment
CN111966058B (en) * 2020-07-20 2021-06-29 四川虹美智能科技有限公司 Control method, device and system of intelligent equipment

Also Published As

Publication number Publication date
CN108933790B (en) 2020-12-22

Similar Documents

Publication Publication Date Title
US10652015B2 (en) Confidential communication management
CN109802825A (en) A kind of data encryption, the method for decryption, system and terminal device
US10797868B2 (en) Shared secret establishment
US20090249492A1 (en) Fabrication of computer executable program files from source code
CN106454528A (en) Service processing method based on trusted execution environment and client side
EP3476078B1 (en) Systems and methods for authenticating communications using a single message exchange and symmetric key
CN113268715A (en) Software encryption method, device, equipment and storage medium
CN108595198B (en) Safe firmware updating method
CN107092816B (en) Android application program reinforcing method
CN108199847B (en) Digital security processing method, computer device, and storage medium
CN102572595A (en) IPTV upgrade package structure, upgrading method and startup calibration method
CN114662087B (en) Multi-terminal verification security chip firmware updating method and device
CN104135531B (en) A kind of upgrade method and device of Web softwares
CN111614467B (en) System backdoor defense method and device, computer equipment and storage medium
CN108933790A (en) The encryption method of the OTA firmware updating of high safety grade
US8281407B2 (en) In-line decryption device for securely printing documents
CN109194467A (en) A kind of safe transmission method and system of encryption data
WO2018033017A1 (en) Terminal state conversion method and system for credit granting
WO2023284691A1 (en) Account opening method, system, and apparatus
CN114329522A (en) Private key protection method, device, system and storage medium
CN109981264B (en) Application key generation method and cipher machine equipment assembly
CN108235807B (en) Software encryption terminal, payment terminal, software package encryption and decryption method and system
CN108985079B (en) Data verification method and verification system
CN112597449B (en) Software encryption method, device, equipment and storage medium
US11706015B2 (en) Side channel timing attack mitigation in securing data in transit

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant