CN109697173B - Information security-oriented embedded computer SiP module design method and circuit - Google Patents

Information security-oriented embedded computer SiP module design method and circuit Download PDF

Info

Publication number
CN109697173B
CN109697173B CN201811511383.3A CN201811511383A CN109697173B CN 109697173 B CN109697173 B CN 109697173B CN 201811511383 A CN201811511383 A CN 201811511383A CN 109697173 B CN109697173 B CN 109697173B
Authority
CN
China
Prior art keywords
processor
application program
algorithm
security chip
data
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201811511383.3A
Other languages
Chinese (zh)
Other versions
CN109697173A (en
Inventor
楚要钦
高�浩
刘永强
陈川
吕浩
刘小剑
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Xian Aeronautics Computing Technique Research Institute of AVIC
Original Assignee
Xian Aeronautics Computing Technique Research Institute of AVIC
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Xian Aeronautics Computing Technique Research Institute of AVIC filed Critical Xian Aeronautics Computing Technique Research Institute of AVIC
Priority to CN201811511383.3A priority Critical patent/CN109697173B/en
Publication of CN109697173A publication Critical patent/CN109697173A/en
Application granted granted Critical
Publication of CN109697173B publication Critical patent/CN109697173B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/14Protection against unauthorised use of memory or access to memory
    • G06F12/1408Protection against unauthorised use of memory or access to memory by using cryptography
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/4401Bootstrapping
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D10/00Energy efficient computing, e.g. low power processors, power management or thermal management

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)

Abstract

The embodiment of the invention provides an information security-oriented embedded computer SiP module design method and a circuit, wherein the method comprises the following steps: executing a bootstrap program after the processor is powered on and started, and receiving an external command through an external bus interface; when an application program encryption instruction is received, receiving original data of an application program from an external bus interface, wherein the original data is not encrypted; the processor sends the original data to an algorithm security chip through an SPI bus; the algorithm security chip encrypts the original data through an SM4 algorithm coprocessor to form encrypted data of an application program, and solidifies an encryption key into a FLASH memory in the algorithm security chip; the processor receives the encrypted data through an SPI bus; the processor solidifies the encrypted data into the application program storage area in the connected FLASH.

Description

Information security-oriented embedded computer SiP module design method and circuit
Technical Field
The invention belongs to the technical field of information security of embedded computers, and particularly relates to an information security-oriented embedded computer SiP module design method and circuit.
Background
In the field of embedded computers, siP (System in Package system in package) technology is a core technology for achieving miniaturization of embedded computers. The SiP technology can reduce the volume and weight of avionic equipment by tens of times, improve the reliability by tens of times, greatly shorten the manufacturing period and remarkably reduce the manufacturing cost, and is an important technical means for integrating and miniaturizing avionic products.
Confidentiality of information security may prevent an adversary from decrypting confidential information in the system. Encryption technology is a key technology for guaranteeing information security, and common encryption technologies include: symmetric key encryption, public key encryption, hash function encryption, and the like. The published cryptographic algorithms include: SM1 symmetric algorithm, SM2 asymmetric algorithm, SM3 Hash (Hash) algorithm, SM4 block encryption algorithm.
The algorithm security chip is a special chip for providing security functions such as security configuration, data encryption, security storage, key management, digital signature and the like for the system. The internal integration of the chip has the technical advantages that the encryption and decryption speed is high, secret data is solidified in the chip, data operation is completed in the chip, the external world cannot perceive and acquire the secret data, and a defense mechanism is used for preventing the secret data from leakage.
Disclosure of Invention
The invention provides an information security-oriented embedded computer SiP module design method and a circuit, which aim to solve the problem that an embedded computer SiP module lacks security measures of information security and core data and key application codes are easy to steal.
The invention provides an information security-oriented embedded computer SiP module design method, which comprises the following steps:
executing a bootstrap program after the processor is powered on and started, and receiving an external command through an external bus interface;
when an application program encryption instruction is received, receiving original data of an application program from an external bus interface, wherein the original data is not encrypted;
the processor sends the original data to an algorithm security chip through an SPI bus;
the algorithm security chip encrypts the original data through an SM4 algorithm coprocessor to form encrypted data of an application program, and solidifies an encryption key into a FLASH memory in the algorithm security chip;
the processor receives the encrypted data through an SPI bus;
the processor solidifies the encrypted data into the application program storage area in the connected FLASH.
Optionally, the application program includes application program 1 and application program 2, and after the processor solidifies the encrypted data into the application program storage area in the connected FLASH, the method further includes:
the processor reads the encrypted data a of the application program 1 from the storage area of the application program 1 of the connected FLASH memory through an SPI interface or a local bus interface;
the processor sends the encrypted data a to a secure encryption chip through an SPI interface, generates a decryption key [ A2] and an encryption key B2 according to an SM2 algorithm, and sends the encryption key B2 to the secure encryption chip through the SPI interface;
the security chip reads the decryption key [ A ] from the FLASH chip of the security chip, decrypts the encrypted data a, encrypts the decrypted data a through the encryption key B2 to form an encrypted ciphertext [ a ], and sends the encrypted ciphertext [ a ] to the processor through the SPI interface;
the processor adopts a decryption key [ A2] to decrypt the encrypted ciphertext [ a ], generates decryption data A, and stores the decryption data A into the SRAM of the processor.
Optionally, after storing the decrypted data a in an SRAM of the own processor, the method further comprises:
the processor reads the encrypted data b of the application program 2 from the application program 2 storage area of the FLASH memory of the processor through an SPI interface or a local bus interface;
the processor sends the encrypted data b to the security encryption chip through an SPI interface;
the security chip reads a decryption key [ B ] from the FLASH chip of the security chip, decrypts the encrypted data B, generates decryption data B, and stores the decryption data B in an SRAM in the security chip.
Optionally, after storing the decrypted data B in an SRAM inside the secure chip, the method further includes:
the processor jumps to an application program 1 in the SRAM of the processor to execute, and sends an execution command of an application program 2 to the algorithm security chip;
when the algorithm security chip receives the execution command of the application program 2, the algorithm security chip jumps to the application program 2 in the SRAM of the algorithm security chip to execute and generates the running result of the application program 2;
and the running result of the application program 2 is obtained through a function interface of the application program 1 in the processor.
Optionally, the code segment of the bootstrap program, the code segment of the application program 1 and the code segment of the application program 2 are stored in segments in a FLASH connected to the processor.
Optionally, the algorithm security chip is used for storing the decryption key [ a ] and the decryption key [ B ], and the algorithm security chip is internally integrated with SM2 and SM4 algorithm coprocessors.
Optionally, the processor and the algorithm security chip are interconnected by adopting an SPI bus or an internal bus, and data on the SPI bus is encrypted and protected by adopting a public key cryptographic algorithm.
The invention provides an information security-oriented embedded computer SiP circuit, which comprises a processor (1), a FLASH memory (2) and a security chip (3), wherein the processor (1) is connected with the FLASH memory (2), and the processor (1) is connected with the security chip (3).
Optionally, the processor (1), the FLASH memory (2) and the security chip (3) are packaged in a cavity and interconnected through bonding wires, a ceramic substrate or a plastic substrate.
In summary, in the method, the secret key of the security data is stored in the algorithm security chip, and the decrypted partial data is also stored in the algorithm security chip, so that the purpose that the outside cannot detect the decryption is achieved; all bare chips are integrated in one package body and interconnected through bonding wires, ceramic substrates or plastic substrates, so that the difficulty of physical detection is increased, and the internal bus communication is an encryption channel, so that the aim of difficult cracking of bus data can be achieved.
Drawings
FIG. 1 is a schematic diagram of a system structure according to an embodiment of the present invention;
fig. 2 is a schematic diagram of program partition in a FLASH memory according to an embodiment of the present invention.
DETAILED DESCRIPTION OF EMBODIMENT (S) OF INVENTION
The invention discloses an information security-oriented embedded computer SiP module design method and a circuit. The SiP module comprises a packaging body, a processor bare chip, a FLASH memory bare chip and an algorithm security chip bare chip, wherein the bare chip is packaged in one packaging body; the FLASH memory realizes long-term storage of the safety data, the algorithm safety chip realizes encryption and decryption of the safety data and key storage, and the processor reads the encrypted data from the FLASH memory and sends the encrypted data to the algorithm safety chip; after the algorithm security chip decrypts the encrypted data, a part of data is stored in the SRAM in the algorithm security chip, and the other part of data is sent to the processor through a software encryption channel with the processor, and after the processor decrypts, the data is placed in the SRAM in the processor. The decrypted codes are operated in a distributed mode, main codes are operated in an SRAM of the processor, partial codes with low calculation performance requirements are operated on the security chip, and the main processor and the security chip communicate information through an internal bus of the SiP module.
In the method, the secret key of the safety data is stored in the algorithm safety chip, and the decrypted partial data is also stored in the algorithm safety chip, so that the aim that the outside cannot detect and decrypt is fulfilled; all bare chips are integrated in one package body and interconnected through bonding wires, ceramic substrates or plastic substrates, so that the difficulty of physical detection is increased, and the internal bus communication is an encryption channel, so that the aim of difficult cracking of bus data can be achieved.
The scheme can solve the information security of key data and program codes of the embedded computer SiP module, and achieves the purposes of protecting intellectual property rights and preventing data from being stolen.
An information security oriented embedded computer SiP module working schematic diagram is shown in figure 1. Embodiments of the present invention include the following:
(1) The hardware composition of the SiP module comprises: 1 processor (SoPC), 1 DDR3 memory, 1 SPI interface FLASH memory and 1 algorithm security chip. The SiP module package adopts a plastic package BGA480, and the system composition is shown in the figure. Performance index:
1. a processor: main frequency 600MHz, internal integrated floating point processor, on-chip SRAM capacity 256KB,1 way SPI interface.
2. DDR3: storage capacity 1Gb,16-bit bus width, data rate 1333Mb/s.
3. FLASH: 128Mbit is stored, four-port SPI is supported, and the maximum four-data-bit reading speed is achieved: 50MHz.
4. Algorithm security chip: the main frequency is 100MHz, the capacity of an on-chip SRAM is 256KB, the capacity of an on-chip ROM is 64KB, the capacity of an on-chip FLASH is 1MB, and a 1-path SPI interface is integrated into the system, and a public key algorithm engine, an SM2 asymmetric algorithm coprocessor, an SM3 Hash (Hash) algorithm coprocessor and an SM4 packet encryption algorithm coprocessor are integrated into the system.
(2) The encryption implementation steps are as follows:
step 101: the processor executes the boot program after power-on and receives external commands through an external bus interface (RS 232 or other serial bus interface).
Step 102: when receiving the encryption instruction of the application 1, the original data a (not encrypted) of the application 1 is received from the external bus interface.
Step 103: the processor sends the received original data A (not encrypted) of the application program 1 to the algorithm security chip through the SPI bus.
Step 104: the algorithm security chip encrypts the original data A of the application program 1 through an internal integrated SM4 algorithm coprocessor to form encrypted data a of the application program 1, and the decryption key [ A ] is solidified into a FLASH memory in the algorithm security chip.
Step 105: the processor receives the encrypted data a of the application program 1 encrypted by the algorithm security chip through the SPI bus.
Step 106: the processor solidifies the encrypted data a of the application 1 into the application 1 storage area (data encrypted) in the FLASH.
Step 107: and repeating the steps 102-106, receiving the data of the application program 2, encrypting and solidifying the data into a storage area (the data is encrypted) of the application program 2 in the FLASH, and solidifying the decryption key [ B ] into a FLASH memory in the algorithm security chip.
(3) Application 1 encrypted data decryption process:
step 201: the processor reads the encrypted data a of the application 1 from the application 1 storage area (encrypted) of the FLASH memory via the SPI interface or the local bus interface.
Step 202: the processor sends the encrypted data a to the secure encryption chip through the SPI interface, generates a decryption key [ A2] and an encryption key B2 according to an SM2 algorithm, and sends the encryption key B2 to the secure encryption chip through the SPI interface.
Step 203: the security chip reads the decryption key [ A ] from the internal FLASH chip, decrypts the encrypted data a, encrypts the decrypted data a through the encryption key B2 to form an encrypted ciphertext [ a ], and sends the encrypted ciphertext [ a ] to the processor through the SPI interface.
Step 204: the processor adopts the decryption key [ A2] to decrypt the encrypted ciphertext [ a ], and decrypted data A of the decrypted decryption application program 1 is put into the SRAM of the processor.
(4) Application 2 encrypted data decryption process:
step 301: the processor reads the encrypted data b of the application 2 from the application 2 storage area (encrypted) of the FLASH memory via the SPI interface or the local bus interface.
Step 302: the processor sends the encrypted data b to the secure encryption chip through the SPI interface.
Step 303: the security chip reads the decryption key [ B ] from the internal FLASH chip, decrypts the encrypted data B and stores the encrypted data B in the SRAM in the security chip.
(5) Application distributed execution process:
step 401: the processor jumps to the application 1 in the SRAM for execution and notifies the security chip to execute the application 2.
Step 402: the security chip receives the execution command of the processor application program 2 and jumps to the application program 2 in the SRAM inside the security chip for execution.
Step 403: the result of the running of the application 2 in the security chip is obtained by means of a function call by executing the application 1 in the processor.
The invention aims to solve the problems that the functional circuits integrated inside the miniature embedded computer SiP module are more and more, but in actual use, partial functional circuits are in conditional operation or non-operation, and the long-time power-up operation of the partial circuits can cause the SiP module to consume energy and increase heat.

Claims (4)

1. An information security-oriented embedded computer SiP module design method is characterized by comprising the following steps:
executing a bootstrap program after the processor is powered on and started, and receiving an external command through an external bus interface;
when an application program encryption instruction is received, receiving original data of an application program from an external bus interface, wherein the original data is not encrypted;
the processor sends the original data to an algorithm security chip through an SPI bus;
the algorithm security chip encrypts the original data through an SM4 algorithm coprocessor to form encrypted data of an application program, and solidifies a decryption key into a FLASH memory in the algorithm security chip; the algorithm security chip is used for storing a decryption key [ A ] and a decryption key [ B ], and SM2 and SM4 algorithm coprocessors are integrated inside the algorithm security chip;
the processor receives the encrypted data through an SPI bus;
the processor solidifies the encrypted data into an application program storage area in the connected FLASH;
the application program comprises an application program 1 and an application program 2, and after the processor solidifies the encrypted data into an application program storage area in the connected FLASH, the method further comprises:
the processor reads the encrypted data a of the application program 1 from the storage area of the application program 1 of the connected FLASH memory through an SPI interface or a local bus interface;
the processor sends the encrypted data a to an algorithm security chip through an SPI interface, generates a decryption key [ A2] and an encryption key B2 according to an SM2 algorithm, and sends the encryption key B2 to the algorithm security chip through the SPI interface;
the algorithm security chip reads a decryption key [ A ] from a FLASH chip of the algorithm security chip, decrypts the encrypted data a, encrypts the decrypted data a through an encryption key B2 to form an encrypted ciphertext [ a ], and sends the encrypted ciphertext [ a ] to the processor through an SPI interface;
the processor adopts a decryption key [ A2] to decrypt the encrypted ciphertext [ a ], generates decryption data A, and stores the decryption data A into an SRAM of the processor;
after storing the decrypted data a in the SRAM of the own processor, the method further comprises:
the processor reads the encrypted data b of the application program 2 from the application program 2 storage area of the FLASH memory of the processor through an SPI interface or a local bus interface;
the processor sends the encrypted data b to the algorithm security chip through an SPI interface;
the algorithm security chip reads a decryption key [ B ] from a FLASH chip of the algorithm security chip, decrypts the encrypted data B, generates decryption data B, and stores the decryption data B in an SRAM (static random access memory) in the algorithm security chip;
after storing the decrypted data B in the SRAM inside the secure chip, the method further comprises:
the processor jumps to an application program 1 in the SRAM of the processor to execute, and sends an execution command of an application program 2 to the algorithm security chip;
when the algorithm security chip receives the execution command of the application program 2, the algorithm security chip jumps to the application program 2 in the SRAM of the algorithm security chip to execute and generates the running result of the application program 2;
and the running result of the application program 2 is obtained through a function interface of the application program 1 in the processor.
2. The method of claim 1, wherein the code segments of the boot program, the code segments of the application program 1, and the code segments of the application program 2 are stored in segments in a FLASH connected to the processor.
3. The method of claim 1, wherein the processor and the algorithmic security chip are interconnected using an SPI bus or an internal bus, and data on the SPI bus is cryptographically protected using a public key cryptographic algorithm.
4. An information security-oriented embedded computer SiP module design circuit is characterized in that the information security-oriented embedded computer SiP module design circuit is applied to the information security-oriented embedded computer SiP module design method according to claim 1, and comprises a processor (1), a FLASH memory (2) and an algorithm security chip (3), wherein the processor (1) is connected with the FLASH memory (2), and the processor (1) is connected with the algorithm security chip (3); the processor (1), the FLASH memory (2) and the algorithm security chip (3) are packaged in a cavity and interconnected through bonding wires, a ceramic substrate or a plastic substrate.
CN201811511383.3A 2018-12-11 2018-12-11 Information security-oriented embedded computer SiP module design method and circuit Active CN109697173B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811511383.3A CN109697173B (en) 2018-12-11 2018-12-11 Information security-oriented embedded computer SiP module design method and circuit

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811511383.3A CN109697173B (en) 2018-12-11 2018-12-11 Information security-oriented embedded computer SiP module design method and circuit

Publications (2)

Publication Number Publication Date
CN109697173A CN109697173A (en) 2019-04-30
CN109697173B true CN109697173B (en) 2023-05-23

Family

ID=66230522

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811511383.3A Active CN109697173B (en) 2018-12-11 2018-12-11 Information security-oriented embedded computer SiP module design method and circuit

Country Status (1)

Country Link
CN (1) CN109697173B (en)

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110943914B (en) * 2019-11-28 2022-01-21 中国南方电网有限责任公司 Intelligent gateway of power distribution room and control method
CN110909391A (en) * 2019-12-04 2020-03-24 四川虹微技术有限公司 RISC-V based safe storage method
CN113206775B (en) * 2021-04-16 2023-04-07 中科开创(广州)智能科技发展有限公司 Terminal access equipment with CAN bus function, application method and device
CN113746642B (en) * 2021-11-08 2022-02-11 西安热工研究院有限公司 Method and system for communication between computers
CN114996725B (en) * 2022-05-06 2023-07-28 北京中科昊芯科技有限公司 Method for protecting development program and processor

Family Cites Families (19)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP3683031B2 (en) * 1996-04-17 2005-08-17 株式会社リコー Program protector
US7240218B2 (en) * 2000-02-08 2007-07-03 Algotronix, Ltd. Method of using a mask programmed key to securely configure a field programmable gate array
JP2005227995A (en) * 2004-02-12 2005-08-25 Sony Corp Information processor, information processing method and computer program
CN1331017C (en) * 2005-03-23 2007-08-08 联想(北京)有限公司 Safety chip
KR20080029687A (en) * 2006-09-29 2008-04-03 한국전자통신연구원 Apparatus and method for implementation of high performance data encryption system with secure memory
CN101772014A (en) * 2008-12-31 2010-07-07 深圳易拓科技有限公司 Method and mobile terminal for improving wireless data transmission security
JP5779434B2 (en) * 2011-07-15 2015-09-16 株式会社ソシオネクスト Security device and security system
US20140281587A1 (en) * 2013-03-14 2014-09-18 Ologn Technologies Ag Systems, methods and apparatuses for using a secure non-volatile storage with a computer processor
CN103617128B (en) * 2013-12-11 2016-08-17 长城信息产业股份有限公司 A kind of embedded system and the implementation method of SOS
US9654296B2 (en) * 2014-08-25 2017-05-16 Intel Corporation Handling sensor data
KR101684076B1 (en) * 2015-03-18 2016-12-20 문종섭 A secure Data Communication system between IoT smart devices and a Network gateway under Internet of Thing environment
US10230528B2 (en) * 2015-05-04 2019-03-12 Intel Corporation Tree-less integrity and replay memory protection for trusted execution environment
CN106301774B (en) * 2015-05-29 2019-08-06 辰芯科技有限公司 Safety chip, its encryption key generation method and encryption method
CN106507349B (en) * 2016-10-13 2019-12-10 山东康威通信技术股份有限公司 Software and hardware combined embedded terminal encryption system and encryption method
CN108011716B (en) * 2016-10-31 2021-04-16 航天信息股份有限公司 Cipher device and implementation method
CN206639797U (en) * 2017-03-29 2017-11-14 美的智慧家居科技有限公司 A kind of system in package chip
JP6636006B2 (en) * 2017-12-15 2020-01-29 キヤノン株式会社 Encryption / decryption system, control method thereof, and program
CN108243009A (en) * 2018-01-18 2018-07-03 郑州云海信息技术有限公司 A kind of TPCM boards based on FPGA and crypto chip
CN108491724A (en) * 2018-03-13 2018-09-04 山东超越数控电子股份有限公司 A kind of hardware based computer interface encryption device and method

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
嵌入式控制软件保密性设计研究与应用;戴计生;王成杰;李益;陈俊波;李程;;机车电传动(05);正文 *

Also Published As

Publication number Publication date
CN109697173A (en) 2019-04-30

Similar Documents

Publication Publication Date Title
CN109697173B (en) Information security-oriented embedded computer SiP module design method and circuit
Aga et al. Invisimem: Smart memory defenses for memory bus side channel
KR101735023B1 (en) Method and apparatus including architecture for protecting sensitive code and data
Suh et al. Aegis: A single-chip secure processor
US7657754B2 (en) Methods and apparatus for the secure handling of data in a microcontroller
CN106529308B (en) data encryption method and device and mobile terminal
US9251380B1 (en) Method and storage device for isolating and preventing access to processor and memory used in decryption of text
CN104012030B (en) For protecting the system and method for symmetric cryptographic key
US6345359B1 (en) In-line decryption for protecting embedded software
US9397834B2 (en) Scrambling an address and encrypting write data for storing in a storage device
CN101551784B (en) Method and device for encrypting data in ATA memory device with USB interface
CN109818745B (en) Internet of things information security chip
US9053317B2 (en) Nonvolatile memory device having authentication, and methods of operation and manufacture thereof
US10678924B2 (en) Hardware-based software-resilient user privacy exploiting ephemeral data retention of volatile memory
NL2029658B1 (en) System, method and apparatus for total storage encryption
CN110543764B (en) System-on-chip memory protection method, password acceleration engine and memory protection device
WO2008060733A2 (en) Bi-processor architecture for secure systems
Wong et al. SMARTS: secure memory assurance of RISC-V trusted SoC
US11829483B2 (en) Platform security mechanism
ES2929581T3 (en) Method to avoid attacks of data hijacking programs in computer systems
US20130198528A1 (en) Modifying a Length of an Element to Form an Encryption Key
WO2023133862A1 (en) Data processing method and system
CN107317925B (en) Mobile terminal
CN112257119B (en) Identity authentication method and protection method for ensuring security of encryption device
CN114584287A (en) Method and device for key management

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant