CN109840431A - Secure network chip and Safety net card and network-termination device - Google Patents
Secure network chip and Safety net card and network-termination device Download PDFInfo
- Publication number
- CN109840431A CN109840431A CN201711215142.XA CN201711215142A CN109840431A CN 109840431 A CN109840431 A CN 109840431A CN 201711215142 A CN201711215142 A CN 201711215142A CN 109840431 A CN109840431 A CN 109840431A
- Authority
- CN
- China
- Prior art keywords
- network
- data packet
- termination device
- chip
- data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000006243 chemical reaction Methods 0.000 claims abstract description 4
- 238000005215 recombination Methods 0.000 claims abstract description 4
- 230000006798 recombination Effects 0.000 claims abstract description 4
- 238000012545 processing Methods 0.000 claims description 17
- 238000000034 method Methods 0.000 claims description 14
- 238000012550 audit Methods 0.000 claims description 12
- 238000001629 sign test Methods 0.000 claims description 10
- 230000008569 process Effects 0.000 claims description 9
- 238000007689 inspection Methods 0.000 claims description 4
- 238000012795 verification Methods 0.000 claims description 4
- 238000013524 data verification Methods 0.000 claims description 3
- 230000004044 response Effects 0.000 claims description 3
- 238000010586 diagram Methods 0.000 description 8
- 230000006870 function Effects 0.000 description 8
- 238000004891 communication Methods 0.000 description 7
- 230000003993 interaction Effects 0.000 description 5
- 230000006399 behavior Effects 0.000 description 3
- 238000005516 engineering process Methods 0.000 description 3
- 238000011144 upstream manufacturing Methods 0.000 description 3
- 230000008859 change Effects 0.000 description 2
- 238000005538 encapsulation Methods 0.000 description 2
- 230000002452 interceptive effect Effects 0.000 description 2
- 230000016571 aggressive behavior Effects 0.000 description 1
- 229910002056 binary alloy Inorganic materials 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000005242 forging Methods 0.000 description 1
- 230000008520 organization Effects 0.000 description 1
- 238000007711 solidification Methods 0.000 description 1
- 230000008023 solidification Effects 0.000 description 1
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses a kind of secure network chip and Safety net card and network-termination device, secure network chip is applied to network-termination device, comprising: envelope/solution arrangement, enciphering/deciphering component and MAC chip;Envelope/solution arrangement, the first data packet that network-termination device generates is reassembled as second data packet with one or more features data, and the second data packet for being sent to network-termination device is reassembled as to lack the first data packet of one or more of characteristics;Enciphering/deciphering component is encrypted the data segment of the second data packet obtained after recombination, and before reassembling into the first data packet, the data segment for the second data packet for being sent to the network-termination device is decrypted;MAC chip realizes the conversion of the data frame and data packet between network-termination device and network side.The present invention reconstructs data packet and encryption by increasing characteristic, and routine data packet is transformed into dedicated packet, dedicated packet is avoided to flow through the safety issue in journey in network.
Description
Technical field
The invention belongs to field of information security technology more particularly to a kind of secure network chip and network interface card and the network terminal to set
It is standby.
Background technique
Network (cable network and wireless network) is to calculate to carry out most attaching most importance to for data interaction between equipment in modern technologies
Channel is wanted, in order to guarantee the safety of interaction data, encryption software is mostly used to carry out the mode of security strategy processing in the market, this
Kind mode is affected to the interactive performance of computer, and processing speed is slow, and CPU overhead is bigger, in addition current security strategy
Spininess processes (such as encryption) to anti-information leakage aspect, in the prior art shortage while compatible anti-network attack and anti-net
The technology that network is divulged a secret.
Summary of the invention
In view of this, it is an object of the present invention to propose a kind of secure network core on network-termination device
Piece, to solve the problems, such as the safety of prior art interaction data, interactive device.
In some illustrative embodiments, the secure network chip on network-termination device, is applied to network
Terminal device, comprising: envelope/solution arrangement, enciphering/deciphering component and MAC chip;The envelope/solution arrangement is used for the network
The first data packet that terminal device generates is reassembled as second data packet with one or more features data, and will be sent to institute
The second data packet for stating network-termination device is reassembled as lacking the first data packet of one or more of characteristics;It is described
Enciphering/deciphering component is encrypted for the data segment to the second data packet obtained after recombination, and is reassembling into
Before first data packet, the data segment for the second data packet for being sent to the network-termination device is decrypted;The MAC
Chip, for realizing the conversion of data frame and data packet between the network-termination device and network side.
In some preferred embodiments, the secure network chip, further includes: audit component, for reassembling into the
Before two data packets, the IP head for the first data packet that the network-termination device generates is audited, and to the second number
Before being decrypted according to the data segment of packet, the IP head for the second data packet for being sent to the network-termination device is examined
Core.
In some preferred embodiments, the characteristic is following one or more: customized nonstandard protocol number;
Sequence number value and the sequence number field for storing sequence number value;The verification of data field and and storage verification sum inspection field.
In some preferred embodiments, the envelope/solution arrangement is also used to before reassembling into the first data packet, according to
The characteristic carries out legitimacy certification to the second data packet after decryption processing.
In some preferred embodiments, the enciphering/deciphering component, comprising: randomizer, for responding the first letter
Number to generating unpredictable encoded radio;Burning unit, for executing the behaviour of the burned OTP memory cell of the encoded radio
Make;OTP memory cell, for solidifying the encoded radio using as private key;Cryptologic unit, for respond second signal to
Cured private key in the OTP memory cell is read, generates corresponding public key, and response third signal to read institute
Cured private key in OTP memory cell is stated, encryption/decryption process and fourth signal are carried out to read to the data packet of input
Cured private key in the OTP memory cell is taken, signature/sign test processing is carried out to the data packet of input.
It is another object of the present invention to propose a kind of Safety net card on network-termination device, have described
Secure network chip, the PHY chip being connect with the MAC chip and the network interface being connect with PHY chip.
Another object of the present invention is to propose a kind of safe wireless network interface card on network-termination device have institute
The secure network chip stated, the PHY chip being connect with the MAC chip and the less radio-frequency mould being connect with the PHY chip
Block.
Another object of the present invention is to propose a kind of network-termination device, assemble/be integrated with the Safety net card or
The safe wireless network interface card.
Compared with prior art, the invention has the following advantages that
The present invention reconstructs data packet and encryption by increasing characteristic, and routine data packet is transformed into exclusive data
Packet, so that dedicated packet be avoided to flow through the safety issue in journey in network, and by data packet when receiving
Characteristic carries out repeatedly audit certification, guarantees that private network receiving device can only receive dedicated packet, with can preventing spoofed IP
The network attacks such as location, DOS flood attack.
Detailed description of the invention
The drawings described herein are used to provide a further understanding of the present invention, constitutes part of this application, this hair
Bright illustrative embodiments and their description are used to explain the present invention, and are not constituted improper limitations of the present invention.In the accompanying drawings:
Fig. 1 is the structural schematic diagram of secure network chip in the present invention;
Fig. 2 is the structural schematic diagram of Safety net card in the present invention;
Fig. 3 is the structural schematic diagram of safe wireless network interface card in the present invention;
Fig. 4 is the logical schematic of secure network chip in the present invention;
Fig. 5 is the first exemplary structural schematic diagram of key generation component in the present invention;
Fig. 6 is the second exemplary structural schematic diagram of key generation component in the present invention;
Fig. 7 is the exemplary structural schematic diagram of third of key generation component in the present invention;
Specific embodiment
The following description and drawings fully show specific embodiments of the present invention, to enable those skilled in the art to
Practice them.Other embodiments may include structure, logic, it is electrical, process and other change.Embodiment
Only represent possible variation.Unless explicitly requested, otherwise individual components and functionality is that optionally, and the sequence operated can be with
Variation.The part of some embodiments and feature can be included in or replace part and the feature of other embodiments.This hair
The range of bright embodiment includes equivalent obtained by the entire scope of claims and all of claims
Object.Herein, these embodiments of the invention can individually or generally be indicated that this is only with term " invention "
For convenience, and if in fact disclosing the invention more than one, the range for being not meant to automatically limit the application is to appoint
What single invention or inventive concept.
And in the following detailed description, a large amount of specific details can be proposed, in order to provide a thorough understanding of the present invention.
It will be understood by those skilled in the art, however, that implementable present invention without these specific details.In addition, in order to avoid
Unnecessarily obscure main thought of the invention, be not described in well-known method, process, component, structure, circuit and
Other feature.
As used in claims, unless otherwise noted, for describing elements/structures/signal/data
The uses of ordinal adjectives " first ", " second ", " third " etc. be only used for indicator elment/structure/signal/data tool
Body example or similar elements/structure/signal/data different instances, and be not intended to imply that element that these so describe/
Structure/signal/data must in a specific sequence (either temporally, spatially sequence or in any other manner)
Term " communication uplink data ", " communication downlink data " are for the independent network equipment (such as terminal PC machine, service
Device etc. has the non-intermediate equipment of the support communication for the functions such as data transmit-receive, data store, data use) for, " in communication
Row data " refer to the data that equipment is sent out, and " communication downlink data " refer to the data that equipment receives.Term " dedicated network "
Be for the network equipment of interaction data, such as between terminal PC machine and server through the embodiment of the present invention shown in
Method out interacts, then between terminal PC machine and server for just constitute the dedicated network of two equipment.
Term " upstream data channel " refers to that " communication uplink data " carry out the path of every processing, " downlink data channel "
Refer to that " communication downlink data " carry out the path of every processing.
Referring now to fig. 1, Fig. 1 shows in the present invention and shows for first of the secure network chip on network intermediary device
The structural schematic diagram of example, as shown in the drawing, the secure network chip 100 on network-termination device is applied to network
Terminal device, comprising: envelope/solution arrangement 110, enciphering/deciphering component 120 and MAC chip 130;The envelope/solution arrangement 110 is used
It is reassembled as in the first data packet (such as conventional data packet) for generating the network-termination device with one or more features number
According to the second data packet (such as dedicated packet), and the second data packet for being sent to the network-termination device is reassembled as lacking
First data packet of one or more of characteristics;The enciphering/deciphering component 120, for being obtained to after recombination
The data segment of second data packet is encrypted, and before reassembling into the first data packet, to being sent to the network terminal
The data segment of second data packet of equipment is decrypted;The MAC chip 130, for realizing the network-termination device
The conversion of data frame and data packet between network side.
The secure network chip, further includes: audit component 140, for before reassembling into the second data packet, to described
I P of the first data packet that network-termination device generates are audited, and are solved in the data segment to the second data packet
Before close processing, I P of the second data packet for being sent to the network-termination device are audited.
Wherein, the dedicated packet (i.e. the second data packet) being packaged into above-described embodiment by envelope/solution arrangement 110
In increased characteristic be following one or more: customized nonstandard protocol number;Sequence number value and the sequence for storing sequence number value
Number field;The verification of data field and and storage verification sum inspection field.
Wherein, customized nonstandard protocol number can be used for distinguishing dedicated packet and routine data packet, and sequence number value can be used for
The repeatability of data packet is detected, verify and can be used for detecting the integrality of data packet.
The present invention reconstructs data packet and encryption by increasing characteristic, and routine data packet is transformed into exclusive data
Packet, so that dedicated packet be avoided to flow through the safety issue in journey in network, and by data packet when receiving
Characteristic carries out repeatedly audit certification, guarantees that private network receiving device can only receive dedicated packet, can prevent from forging I P
The network attacks such as address, DOS flood attack.
In some preferred embodiments, the enciphering/deciphering component, comprising: randomizer, for responding the first letter
Number to generating unpredictable encoded radio;Burning unit, for executing the behaviour of the burned OTP memory cell of the encoded radio
Make;OTP memory cell, for solidifying the encoded radio using as private key;Cryptologic unit, for respond second signal to
Cured private key in the OTP memory cell is read, generates corresponding public key, and response third signal to read institute
Cured private key in OTP memory cell is stated, encryption/decryption process and fourth signal are carried out to read to the data packet of input
Cured private key in the OTP memory cell is taken, signature/sign test processing is carried out to the data packet of input.
As shown in Fig. 2, also proposed a kind of Safety net card on network-termination device in the embodiment of the present invention, have
The secure network chip 100, PCI/PCIe interface contact pin 700, the PHY chip 300 being connect with the MAC chip 200, with
And the network interface 500 (such as RJ45 slot) being connect with PHY chip 300.
As shown in figure 3, also proposed a kind of safe wireless network interface card on network-termination device in the embodiment of the present invention,
With the secure network chip 100, PCI/PCIe interface contact pin 700, the PHY chip being connect with the MAC chip 200
300 and the wireless radio frequency modules 600 that are connect with the PHY chip 300.
It also proposed a kind of network-termination device in the embodiment of the present invention, assemble/be integrated with the Safety net card or described
Safe wireless network interface card.
As shown in figure 4, each component in the present invention in embodiment shown in Fig. 1 is, it can be achieved that following steps/function/behaviour
Make:
Audit component
Audit component can be used for realizing network unit access control function.
Uplink handles direction: audit component parses upstream data packet, and searches access control list, judges destination IP
Whether address is in table.If tabling look-up hit, data packet is passed into package assembling, and read the close of corresponding purpose IP address
Key passes to rear class encrypted component;If tabling look-up miss, data cached packet, and CPU is notified to start verification process.
Downlink processing direction: audit component parses downlink data packet, and searches access control list, judges source IP
Whether address is in table.If tabling look-up hit, data packet is passed into deblocking arrangement, and read the close of corresponding source IP address
Key passes to rear class decryption component;If tabling look-up miss, packet discard.
Encapsulation/deblocking arrangement
Encapsulation/deblocking arrangement is for realizing data integrity inspection, anti-duplicate packages, anti-network attack function.
Uplink handles direction: package assembling is by increasing a sequence number field come anti-duplicate packages, first according to destination IP
Serial number table is searched in location, and sequence number value is read from table and adds a serial number as this bag data, is then written to this packet sequence number value
In serial number table.Package assembling calculates the HASH value of data packet IP and sequence number field, and the HASH value is added in data packet,
And data packet is exported to encrypted component.
Downlink processing direction: deblocking arrangement is extracted from data packet from the data packet after decryption component receiving and deciphering
Then serial number and HASH field value search serial number table according to purpose IP address, if the sequence number value read from table with from data
The sequence number field value extracted in packet is identical, then may determine that this bag data is duplicate packages, then abandon this packet, on the contrary then calculate data
The HASH value of packet IP and sequence number field, and be compared with the HASH field extracted in data packet, this is abandoned if different
Data packet, it is on the contrary then data packet is transmitted to next stage.Anti- network attack function can also be by judging that serial number and HASH field value are real
It is existing, unauthenticated device data packet, extensive aggression packet, IP spoofing packet etc. may filter that.
Encryption/decryption component
Uplink handles direction: for encrypted component for encrypting to upstream data packet, Encryption Algorithm uses 128bit AES
Algorithm, encryption key are looked into key list by audit component and are obtained.
Downlink processing direction: for decryption component for downlink data packet to be decrypted, decipherment algorithm uses 128bit AES
Algorithm, decruption key are looked into key list by audit component and are obtained.
For above-mentioned encryption/decryption component, the invention also provides a kind of preferred embodiments-in phy chip
Key generation component.
It shows in the present invention referring now to Fig. 5, Fig. 5 for the first exemplary of the key generation component in phy chip
Structural schematic diagram discloses a kind of key generation component 400 in phy chip, which can as shown in the drawing
It is single including randomizer 410, burning unit 420, OTP (One Time Programmable, One Time Programmable) storage
Member 430 and cryptologic unit 440.Key generation component 400 may also include any other circuit not shown in FIG. 1,
Structure or logic.The other embodiments of component 400 may include whole, certain in the unit for being shown in FIG. 1 or describing or not have
Have.
Randomizer 410 can be indicated for receiving enable signal (the first signal) and generating one or more groups of random
Several any circuit, structure or other hardware, for example, generator 110 enable port receive high level signal after start, produce
Raw one group 128 or 256 binary system random numbers, i.e., such as 010101011001 ....Preferably, generator 410 generates
The digit of random number is chosen between 32-256.
Burning unit 420 can be indicated for executing the operation of the burned OTP module of random number caused by generator 410
Any circuit, structure or other hardware;Preferably, the dedicated core of X-FAB manufacturer burning produced can be used in burning unit 420
Piece.
OTP memory cell 430 may include several fuses or other one time programmings storage equipment, it may include any quantity
Position, these positions can by special fuse OTP technique carry out assignment solidification, can be used for solidifying produced by randomizer 410
Encoded radio and/or other values for indicating data or state.Preferably, the fuse of 0.18um or less unit can be used in fuse.
Cryptologic unit 440 is represented by by any circuit, the knot of rivest, shamir, adelman (such as ECC algorithm) hypostazation
Structure or other hardware, the interface for having access OTP memory cell 430, receiving control signal, transmitting-receiving data flow, externally export
Data flow may include data flow after decryption, encrypted data flow, the data flow after signature, after sign test data flow and
The public key used is matched with private key.Further, the executable following operation of cryptologic unit 440:
Control signal (second signal) is received, access OTP module obtains private key, generates and match the public affairs used with the private key
Key, and export the public key;
Control signal (third signal) is received, access OTP module obtains private key and selects corresponding encryption/decryption algorithm, right
The data flow received carries out encryption/decryption process;
Wherein, it may include Encryption Control Signal and decryption control signal in the control signal, believe when receiving control extension
After number, access OTP module obtains private key and constitutes corresponding encryption logic, carries out at encryption to the data flow of input
Reason, and export encrypted data flow;After receiving decryption control signal, access OTP module obtains private key and constitutes phase
The data flow of input is decrypted in the decryption logic answered, and exports the data flow after decryption.
Control signal (fourth signal) is received, access OTP module obtains private key and carries out signature/sign test processing;
Wherein, it may include signature control signal and sign test control signal in the control signal, control letter when receiving signature
After number, access OTP module obtains private key and carries out signature processing to the data flow of input, and exports the data flow after signature.
After receiving sign test control signal, access OTP module obtains private key and carries out sign test processing to the data flow of input, and defeated
Data flow after sign test out.
Portion is generated the private key in key generation component in the present invention by unpredictable random number in the chip, then
In burned OTP module, private key value and chip exterior without any relationship and interaction, guarantee private key exclusive property and can not the property found out,
Component external, which either develops designer or attack personnel, can not know private key, to ensure the safety of private key and reliable
Property.Furthermore OTP module is only exported to cryptologic unit, and cryptologic unit only to component external output public key, plaintext,
Ciphertext, signature and sign test data, private key are from start to finish exported without normal direction component external during use, are further ensured
The safety and reliability of private key.It is more again exactly that can prevent attacker from passing through by choosing 0.18um unit fuse below
Reverse engineering cracks, and further increases safety.
Fig. 6 shows the second example in the present invention for the key generation component in phy chip, and the example is Fig. 5's
On the basis of increase converting unit 450, converting unit 450 can be indicated for carrying out again to private key cured in OTP module 430
Any circuit, structure or other hardware of variation, can be by the original of private key cured in OTP module 430 by the converting unit 450
Initial value is converted into the actual value of private key used in cryptologic unit 440, and the variation logic of converting unit 450 is one
Fixed, therefore the actual value of private key used in cryptologic unit 440 is also unique and constant.The present invention passes through increasing
Add converting unit 450 to change private key again, the cost that private key is cracked can be improved again.
Fig. 7 shows the third example in the present invention for the key generation component in phy chip, and the example is Fig. 5's
On the basis of increase volatile memory cell 460, volatile memory cell 460 can be indicated for storing randomizer for the first time
410 generate encoded radios any kind of storage equipment, may include any amount of data register, command register,
Status register, configuration register, control register, other programmable or hard coded register or register group or it is any its
His storage organization.Volatile memory cell 460 can temporarily store the encoded radio of the generation of randomizer 410, such as random number
Generator 410 sequentially generates multiple groups random coded value, and volatile memory cell 460 then can gradually cache randomizer
The 410 every group of random coded values generated include the final complete coding of acquisition to calculating and shifting processing in the process
Value.The present invention can reduce the requirements of type selecting of randomizer by the way that volatile memory cell 460 is added, to reduce seniority top digit
Randomizer space size, reduce the actual physics area of entire component and phy chip on the whole.
It should also be appreciated by one skilled in the art that various illustrative logical boxs, mould in conjunction with the embodiments herein description
Electronic hardware, computer software or combinations thereof may be implemented into block, circuit and algorithm steps.In order to clearly demonstrate hardware and
Interchangeability between software surrounds its function to various illustrative components, frame, module, circuit and step above and carries out
It is generally described.Hardware is implemented as this function and is also implemented as software, depends on specific application and to entire
The design constraint that system is applied.Those skilled in the art can be directed to each specific application, be realized in a manner of flexible
Described function, still, this realization decision should not be construed as a departure from the scope of protection of this disclosure.
The above description of the embodiment is only used to help understand the method for the present invention and its core ideas;Meanwhile for this
The those skilled in the art in field, according to the thought of the present invention, there will be changes in the specific implementation manner and application range,
In conclusion the contents of this specification are not to be construed as limiting the invention.
Claims (8)
1. a kind of secure network chip on network-termination device, which is characterized in that be applied to network-termination device, packet
It includes: envelope/solution arrangement, enciphering/deciphering component and MAC chip;
The envelope/solution arrangement, the first data packet for generating the network-termination device are reassembled as having one or more
Second data packet of a characteristic, and be reassembled as the second data packet for being sent to the network-termination device to lack described one
First data packet of a or multiple characteristics;
The enciphering/deciphering component is encrypted for the data segment to the second data packet obtained after recombination, and
Before reassembling into the first data packet, place is decrypted to the data segment for the second data packet for being sent to the network-termination device
Reason;
The MAC chip, for realizing the conversion of data frame and data packet between the network-termination device and network side.
2. secure network chip according to claim 1, which is characterized in that further include: audit component, for reassembling into
Before second data packet, I P of the first data packet that the network-termination device generates are audited, and to second
I P progress before the data segment of data packet is decrypted, to the second data packet for being sent to the network-termination device
Audit.
3. secure network chip according to claim 1, which is characterized in that the characteristic is with next or more
It is a:
Customized nonstandard protocol number;
Sequence number value and the sequence number field for storing sequence number value;
The verification of data field and and storage verification sum inspection field.
4. secure network chip according to claim 1, which is characterized in that the enciphering/deciphering component, comprising:
Randomizer, for responding the first signal to generate unpredictable encoded radio;
Burning unit, for executing the operation of the burned OTP memory cell of the encoded radio;
OTP memory cell, for solidifying the encoded radio using as private key;
Cryptologic unit reads cured private key in the OTP memory cell for responding second signal, generate and its
Corresponding public key, and response third signal is to read cured private key in the OTP memory cell, to the data packet of input
Encryption/decryption process and fourth signal are carried out to read cured private key in the OTP memory cell, to the number of input
Signature/sign test processing is carried out according to packet.
5. secure network chip according to claim 1, which is characterized in that the envelope/solution arrangement is also used to recombinating
Before the first data packet, legitimacy certification is carried out to the second data packet after decryption processing according to the characteristic.
6. a kind of Safety net card on network-termination device, which is characterized in that have safety net as described in claim 1
Network chip, the PHY chip being connect with the MAC chip and the network interface being connect with PHY chip.
7. a kind of safe wireless network interface card on network-termination device, which is characterized in that have peace as described in claim 1
Whole network chip, the PHY chip being connect with the MAC chip and the wireless radio frequency modules being connect with the PHY chip.
8. a kind of network-termination device, which is characterized in that assemble/be integrated with Safety net card as claimed in claim 6 or as weighed
Benefit require 7 described in safe wireless network interface card.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201711215142.XA CN109840431A (en) | 2017-11-28 | 2017-11-28 | Secure network chip and Safety net card and network-termination device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201711215142.XA CN109840431A (en) | 2017-11-28 | 2017-11-28 | Secure network chip and Safety net card and network-termination device |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN109840431A true CN109840431A (en) | 2019-06-04 |
Family
ID=66880932
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201711215142.XA Pending CN109840431A (en) | 2017-11-28 | 2017-11-28 | Secure network chip and Safety net card and network-termination device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109840431A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117539509A (en) * | 2024-01-09 | 2024-02-09 | 成都本原聚能科技有限公司 | Burning method of OTP module and data frame |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2007121641A1 (en) * | 2006-04-24 | 2007-11-01 | Beijing E-Henxen Authentication Technologies Co., Ltd. | A cpk credibility authentication system using chip |
| CN101183938A (en) * | 2007-10-22 | 2008-05-21 | 华中科技大学 | Wireless network security transmission method, system and equipment |
| CN101409619A (en) * | 2008-11-25 | 2009-04-15 | 普天信息技术研究院有限公司 | Flash memory card and method for implementing virtual special network key exchange |
| CN104579679A (en) * | 2014-12-10 | 2015-04-29 | 国家电网公司 | Wireless public network data forwarding method for rural power distribution network communication equipment |
| CN105656883A (en) * | 2015-12-25 | 2016-06-08 | 冶金自动化研究设计院 | Unidirectional transmission internal and external network secure isolating gateway applicable to industrial control network |
| CN106779636A (en) * | 2016-11-29 | 2017-05-31 | 北京乐酷达网络科技有限公司 | A kind of block chain digital cash wallet based on earphone interface of mobile phone |
-
2017
- 2017-11-28 CN CN201711215142.XA patent/CN109840431A/en active Pending
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2007121641A1 (en) * | 2006-04-24 | 2007-11-01 | Beijing E-Henxen Authentication Technologies Co., Ltd. | A cpk credibility authentication system using chip |
| CN101183938A (en) * | 2007-10-22 | 2008-05-21 | 华中科技大学 | Wireless network security transmission method, system and equipment |
| CN101409619A (en) * | 2008-11-25 | 2009-04-15 | 普天信息技术研究院有限公司 | Flash memory card and method for implementing virtual special network key exchange |
| CN104579679A (en) * | 2014-12-10 | 2015-04-29 | 国家电网公司 | Wireless public network data forwarding method for rural power distribution network communication equipment |
| CN105656883A (en) * | 2015-12-25 | 2016-06-08 | 冶金自动化研究设计院 | Unidirectional transmission internal and external network secure isolating gateway applicable to industrial control network |
| CN106779636A (en) * | 2016-11-29 | 2017-05-31 | 北京乐酷达网络科技有限公司 | A kind of block chain digital cash wallet based on earphone interface of mobile phone |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117539509A (en) * | 2024-01-09 | 2024-02-09 | 成都本原聚能科技有限公司 | Burning method of OTP module and data frame |
| CN117539509B (en) * | 2024-01-09 | 2024-03-22 | 成都本原聚能科技有限公司 | Burning method of OTP module and data frame |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Bernstein et al. | The security impact of a new cryptographic library | |
| CN103595530B (en) | Software secret key updating method and device | |
| Chim et al. | PASS: Privacy-preserving authentication scheme for smart grid network | |
| CN101926188B (en) | Security policy distribution to communication terminal | |
| CN106688204A (en) | Generating cryptographic checksums | |
| CN105281909A (en) | Encryption and decryption mechanism and internet of things lock system using encryption and decryption mechanism | |
| US8667283B2 (en) | Soft message signing | |
| US11463242B2 (en) | Padding oracle elimination in RSA encryption | |
| Esiner et al. | F-pro: a fast and flexible provenance-aware message authentication scheme for smart grid | |
| US11368319B2 (en) | Integrated circuit performing authentication using challenge-response protocol and method of using the integrated circuit | |
| JP2013131868A (en) | Temperature sensor, encryption device, encryption method, and individual information generation device | |
| Saxena et al. | Efficient signature scheme for delivering authentic control commands in the smart grid | |
| King | Investigating and securing communications in the Controller Area Network (CAN) | |
| CN109842488A (en) | For the key generation component in phy chip | |
| US10491570B2 (en) | Method for transmitting data, method for receiving data, corresponding devices and programs | |
| Li et al. | Efficient and fault‐diagnosable authentication architecture for AMI in smart grid | |
| CN110049045B (en) | Safety certification system for power line carrier | |
| CN110191467A (en) | A kind of method for authenticating of internet of things equipment, unit and storage medium | |
| Smekal et al. | Comparative analysis of different implementations of encryption algorithms on FPGA network cards | |
| Wang et al. | EasiSec: a SoC security coprocessor based on fingerprint–based key management for WSN | |
| CN109840431A (en) | Secure network chip and Safety net card and network-termination device | |
| Esiner et al. | Message authentication and provenance verification for industrial control systems | |
| Jolfaei et al. | A lightweight integrity protection scheme for fast communications in smart grid | |
| Fazzat et al. | A comparative performance study of cryptographic algorithms for connected vehicles | |
| CN105306437A (en) | Network security encryption and verification method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20190604 |
|
| WD01 | Invention patent application deemed withdrawn after publication |