CN110166236B - Key processing method, device and system and electronic equipment - Google Patents

Key processing method, device and system and electronic equipment Download PDF

Info

Publication number
CN110166236B
CN110166236B CN201910470792.1A CN201910470792A CN110166236B CN 110166236 B CN110166236 B CN 110166236B CN 201910470792 A CN201910470792 A CN 201910470792A CN 110166236 B CN110166236 B CN 110166236B
Authority
CN
China
Prior art keywords
key
storage module
component
key component
module
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201910470792.1A
Other languages
Chinese (zh)
Other versions
CN110166236A (en
Inventor
赵波
林峰
姜晓新
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Zhongjin Guoxin Technology Co ltd
Original Assignee
Beijing Zhongjin Guoxin Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Zhongjin Guoxin Technology Co ltd filed Critical Beijing Zhongjin Guoxin Technology Co ltd
Priority to CN201910470792.1A priority Critical patent/CN110166236B/en
Publication of CN110166236A publication Critical patent/CN110166236A/en
Application granted granted Critical
Publication of CN110166236B publication Critical patent/CN110166236B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0822Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using key encryption key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0894Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage

Abstract

The invention provides a key processing method, which comprises the following steps: when the cryptographic module receives an operation instruction sent by a user, the security chip is triggered to use a preset first secret key component and a preset second secret key component to carry out operation to obtain a secret key encryption secret key, the secret key encryption secret key is used to execute an operation type corresponding to the operation instruction, the user secret key is operated by applying the secret key encryption secret key, the user secret key is stored in a ciphertext mode, and the risk that the user secret key is directly used after being leaked is reduced; according to the key processing system corresponding to the key processing method provided by the invention, the security chip and the conductive unit in the cryptographic module are prevented from being damaged by the protective coating in the key processing system. By applying the method and the key processing system corresponding to the method provided by the invention, the user key stored in the cryptographic module is protected, the risk that the user key is directly used after being leaked is reduced, and the robustness and the stability of a security system are improved.

Description

Key processing method, device and system and electronic equipment
Technical Field
The present invention relates to the field of information security technologies, and in particular, to a method, an apparatus, and a system for processing a key, and an electronic device.
Background
With the rapid development of the internet and the continuous improvement of the informatization degree, the digital industry is rapidly developed in China and even all over the world, and various industries in the society gradually transfer information, exchange data, negotiate trade and the like by means of the internet. The internet is a double-edged sword, brings great convenience to our life, and simultaneously, data and information transmitted by the internet face security risks of being stolen and modified by lawless persons, so that the confidentiality and the security of the transmitted data and information are increasingly emphasized.
In order to prevent transmitted information and data from being modified and stolen by lawbreakers, a user generally encrypts the transmitted data and information by using a key stored in a security chip of a cryptographic module in an encryption system and then transmits the encrypted data and information in a form of a ciphertext, and the user decrypts the ciphertext by using a corresponding key stored in the security chip after receiving the ciphertext, so that the possibility of data leakage and the risk of data stealing by lawbreakers are reduced. The user key is the core of data transmission, the user key is usually stored in a security chip of the encryption system in a plaintext form, the cryptographic module is the core part of the whole encryption system, and once a lawbreaker cracks to obtain the user key stored in the security chip, data leakage of a user is caused, and the stability and the robustness of the whole encryption system are directly damaged.
Disclosure of Invention
In view of this, embodiments of the present invention provide a key processing method, which can process a key stored in the security chip, implement encrypted storage of a user key, reduce a probability of user key leakage, and improve stability and robustness of the entire encryption system.
The invention also provides a key processing device for ensuring the practical and application of the method in practice.
In order to achieve the above purpose, the embodiments of the present invention provide the following technical solutions:
a key processing method is applied to a security chip and comprises the following steps:
when a cryptographic module receives an operation instruction sent by a user, acquiring a first key component and a second key component preset in the security chip, and operating the first key component and the second key component according to a preset algorithm to generate a key encryption key;
acquiring operation information in the operation instruction, and determining an operation type corresponding to the operation instruction according to the operation information;
if the operation type corresponding to the operation instruction is encryption operation, determining a first user key in the operation instruction, encrypting the first user key by using the key encryption key to generate a first key ciphertext, and inputting the first key ciphertext into the cryptographic module for storage;
if the operation type corresponding to the operation instruction is decryption operation, determining a second key ciphertext corresponding to the operation instruction in the cryptographic module, decrypting the second key ciphertext by using the key encryption key, obtaining a second user key in the second key ciphertext, and outputting the second user key to the cryptographic module.
The method described above, optionally, the setting process of the first key component and the second key component includes:
when the cryptographic module is initialized, receiving a key generation instruction sent by the cryptographic module, and generating a key encryption key by using a preset generation algorithm;
calculating the key encryption key by using a preset function to generate three key components, and respectively storing the three key components into a pre-established external storage module and a first storage module and a second storage module in the security chip; the key component stored in the first storage module is a first key component, the key component stored in the second storage module is a second key component, and the key component stored in the external storage module is a third key component.
The above method, optionally, further includes:
when the security chip is restarted after power failure, judging whether the key component stored in the first storage module exists or not;
when the key component in the first storage module does not exist, determining whether the key component in the external module needs to be acquired;
when the key component in the external module needs to be acquired, triggering the cryptographic module to communicate with the external storage module so as to acquire the key component stored in the external storage module;
and saving the acquired key component saved in the external storage module into the first storage module as a new first key component.
Optionally, the above method, where the storing the three key components into a pre-established external storage module and a first storage module and a second storage module in the security chip respectively includes:
randomly selecting two key components from the three key components, sending the two selected key components to the security chip, and triggering the security chip to randomly store the two key components into the first storage module and the second storage module respectively;
and sending the rest key components to a pre-established external storage module, and triggering the external storage module to store the received key components.
A key processing apparatus comprising:
the operation unit is used for acquiring a first key component and a second key component preset in the security chip when the cryptographic module receives an operation instruction sent by a user, and operating the first key component and the second key component according to a preset algorithm to generate a key encryption key;
the acquisition unit is used for acquiring the operation information in the operation instruction and determining the operation type corresponding to the operation instruction according to the operation information;
the encryption unit is used for determining a first user key in the operation instruction if the operation type corresponding to the operation instruction is encryption operation, encrypting the first user key by using the key encryption key to generate a first key ciphertext, and inputting the first key ciphertext into the crypto module for storage;
and the decryption unit is used for determining a second key ciphertext corresponding to the operation instruction in the cryptographic module if the operation type corresponding to the operation instruction is decryption operation, decrypting the second key ciphertext by using the key encryption key to obtain a second user key in the second key ciphertext, and outputting the second user key to the cryptographic module.
The above apparatus, optionally, further comprises:
the generating unit is used for receiving a key generating instruction sent by the cryptographic module when the cryptographic module is initialized and generating a key encryption key by using a preset generating algorithm;
the first storage unit is used for operating the key encryption key by using a preset function to generate three key components and storing the three key components into a pre-established external storage module and a first storage module and a second storage module in the security chip respectively; the key component stored in the first storage module is a first key component, the key component stored in the second storage module is a second key component, and the key component stored in the external storage module is a third key component.
The above apparatus, optionally, further comprises:
the judging unit is used for judging whether the key component stored in the first storage module exists or not when the security chip is restarted after power failure;
a determining unit, configured to determine whether a key in the external module needs to be acquired when the key component in the first storage module does not exist;
the communication unit is used for triggering the cryptographic module to communicate with the external storage module when the key component in the external module needs to be acquired so as to acquire the key component stored in the external storage module;
and the second saving unit is used for saving the acquired key component saved in the external storage module into the first storage module as a new first key component.
The above apparatus, optionally, the first saving unit includes:
the first storage subunit is used for randomly selecting two key components from the three key components, sending the two selected key components to the security chip, and triggering the security chip to randomly store the two key components into the first storage module and the second storage module respectively;
and the second storage subunit is used for sending the residual key components to a pre-established external storage module and triggering the external storage module to store the received key components.
A key processing system comprising:
the password module and the external storage module;
the cryptographic module comprises: the safety chip, the power supply switching circuit, the protective coating and the conductive unit;
the security chip is used for executing the key processing method;
the power supply switching circuit is used for selecting a power supply for the safety chip, and when a main power supply is powered off, the power supply switching circuit is switched to an external power supply so as to ensure normal power supply for the safety chip;
the conductive unit is used for communicating the safety chip with a power supply;
the protective coating is used for protecting the conductive unit and the security chip, when the protective coating is damaged, the conductive unit is damaged, the security chip is in a power-down state, and the key component of the first storage module stored in the security chip is lost.
An electronic device comprising a memory, and one or more instructions, wherein the one or more instructions are stored in the memory and configured to be executed by the one or more processors to perform the key processing method as described above.
Compared with the prior art, the invention has the following advantages:
the invention provides a key processing method, which comprises the following steps: when a cryptographic module receives an operation instruction sent by a user, acquiring a first key component and a second key component preset in the security chip, operating the first key component and the second key component according to a preset algorithm to generate a key encryption key, acquiring operation information in the operation instruction, determining an operation type corresponding to the operation instruction according to the operation information, if the operation type is encryption operation, determining a first user key in the operation instruction, encrypting the first user key by using the key encryption key to obtain a first key ciphertext, and storing the first key ciphertext; if the operation type is decryption operation, a second key ciphertext corresponding to the decryption operation is obtained, the key encryption key is applied to decrypt the second key ciphertext, a second user key in the second key ciphertext is obtained, and the second user key is output to the cryptographic module. By applying the method provided by the invention, the user key is processed and stored in a ciphertext form, so that the risk that the user key is directly used after being stolen is reduced, and the robustness and the stability of a security system are improved.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the provided drawings without creative efforts.
FIG. 1 is a flowchart of a method for processing a key according to the present invention;
FIG. 2 is a flow chart of another method of a key processing method according to the present invention;
fig. 3 is a device structure diagram of a key processing device according to the present invention;
fig. 4 is a schematic structural diagram of an electronic device provided in the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
In this application, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.
The invention is operational with numerous general purpose or special purpose computing device environments or configurations. For example: personal computers, server computers, multiprocessor devices, distributed computing environments that include any of the above devices or apparatus, and the like.
The embodiment of the invention provides a key processing method, which can be applied to a cryptographic module of a computer or server security system, wherein an execution subject of the method can be a security chip of the cryptographic module in the security system, different operation processing is performed on a user key according to different execution conditions by applying the method, and a flow chart of the method is shown in fig. 1, and the method specifically comprises the following steps:
s101, when the cryptographic module receives an operation instruction sent by a user, acquiring a first key component and a second key component preset in the security chip, and operating the first key component and the second key component according to a preset algorithm to generate a key encryption key.
In the method provided by the embodiment of the present invention, when the cryptographic module is in a normal working state, that is, the cryptographic module can provide operations such as encryption, decryption, signature verification and the like to the outside, and the cryptographic module is not damaged, and when the cryptographic module receives an operation instruction sent by a user, a security chip in the cryptographic module is triggered to obtain a first key component and a second key component preset in the security chip, and the first key component and the second key component are operated according to a preset algorithm to obtain a key encryption key.
S102, obtaining operation information in the operation instruction, and determining an operation type corresponding to the operation instruction according to the operation information.
In the method provided by the embodiment of the invention, the operation instruction is analyzed to obtain an analysis result, the analysis result comprises operation information in the operation instruction, the operation type corresponding to the operation instruction is determined according to the operation information, and corresponding operation is executed.
S103, if the operation type corresponding to the operation instruction is an encryption operation, determining a first user key in the operation instruction, encrypting the first user key by using the key encryption key to generate a first key ciphertext, and inputting the first key ciphertext into the cryptographic module for storage.
In the method provided by the embodiment of the present invention, when the operation type is an encryption operation, a first user key included in the operation instruction is obtained, a key encryption key is applied to perform an encryption operation on the first user key, a first key ciphertext is generated, and the first key ciphertext is input to the cryptographic module for storage; it should be noted that, the first user key is encrypted, and when a first key ciphertext is generated, the generated first key ciphertext carries an identification number associated with the first user key, where the identification number may be a unique identity identification number of the first user key; for example, if the identity identification number of the first user key is a, the generated first key ciphertext carries the identification number a to represent that the first key ciphertext corresponds to the first user key.
S104, if the operation type corresponding to the operation instruction is decryption operation, determining a second key ciphertext corresponding to the operation instruction in the cryptographic module, decrypting the second key ciphertext by using the key encryption key, obtaining a second user key in the second key ciphertext, and outputting the second user key to the cryptographic module.
In the method provided by the embodiment of the present invention, when the operation type is a decryption operation, the operation instruction is analyzed to obtain an identification number of a key ciphertext included in the operation instruction, and the key ciphertext corresponding to the identification number in the cryptographic module is determined according to the identification number; for example, the identification number of the key ciphertext contained in the operation instruction is B, and the identification number B is associated with the identification number of the second user key; searching a key ciphertext carrying the identification number B in a ciphertext storage module for storing the key ciphertext in the password module according to the identification number B, wherein the key ciphertext carrying the identification number B is a ciphertext of a second user key; and decrypting the second user key ciphertext by using the key encryption key to obtain a second user key, and outputting the second user key to the cryptographic module for encrypting or decrypting the communication data.
In the method provided by the embodiment of the invention, the user key is encrypted by using the key encryption key in the method and then stored in a ciphertext mode, or the ciphertext corresponding to the user key is operated by using the key encryption key to obtain the user key.
In the method provided in the embodiment of the present invention, the key encryption key is obtained by performing an operation using a first key component and a second key component in a security chip, a method flowchart of a method for setting the first key component and the second key component is shown in fig. 2, and the specific process is as follows:
s201, when the cryptographic module is initialized, receiving a key generation instruction sent by the cryptographic module, and generating a key encryption key by using a preset generation algorithm.
In the method provided by the embodiment of the invention, after the cryptographic module leaves the factory, a manufacturer initializes the cryptographic module, the cryptographic module generates a key generation instruction, and sends the key generation instruction to a security chip in the cryptographic module; after receiving the key generation instruction, the security chip generates a key encryption key according to a preset generation algorithm, where the key encryption key may be a string of random numbers, and the preset generation algorithm may be any random number generation algorithm.
S202, operating the key encryption key by using a preset function to generate three key components, and respectively storing the three key components into a pre-established external storage module and a first storage module and a second storage module in the security chip; the key component stored in the first storage module is a first key component, the key component stored in the second storage module is a second key component, and the key component stored in the external storage module is a third key component.
In the method provided by the embodiment of the invention, after a key encryption key is generated, a preset function is applied to operate the key encryption key to generate three key components; it should be noted that the preset function may be based on Lagrange interpolation formula, and the specific generation process may refer to the following specific process:
assuming that the key encryption key is denoted by S, the key encryption key may be a 16-byte random number, and (t-1) elements a are arbitrarily selected in a finite field gf (p)i(i-1, 2.., t-1) constitutes a polynomial of order (t-1)
Figure BDA0002080774260000081
Wherein p is a large prime number and p > 2L, where L is the bit length of S, aiCan be a 32-byte random number, and the encryption key S ═ f (0) ═ a0Generating n key components
Figure BDA0002080774260000082
Wherein, r is 1, 2.. times, n; then the S isrAnd p is safely sent to a corresponding storage module for storage; taking the (2,3) threshold as an example, the key component generation process is as follows:
key component: s1=f(1)=(a0+a1*1)mod p;
Key component: s2=f(2)=(a0+a1*2)mod p;
Key component: s3=f(3)=(a0+a1*3)mod p;
It should be noted that, after 3 key components are generated by applying a threshold technique to the key encryption key, two key components of the three key components are randomly selected, the two selected key components are respectively randomly stored in a first storage module and a second storage module of the security chip, the remaining key components are sent to a pre-established external storage module, and the external storage module is triggered to store the received key components; it should be noted that the key component stored in the first storage module of the secure chip is a first key component, the key component stored in the second storage module of the secure chip is a second key component, and the key component stored in the external storage module is a third key component.
In the method provided in the embodiment of the present invention, when a cryptographic module receives an operation instruction sent by a user, two key components, that is, a first key component and a second key component, stored in the secure chip are obtained, and the first key component and the second key component are operated to generate a key encryption key, where to specifically describe a generation process of the key encryption key, a specific operation process is illustrated here:
any t key components get corresponding Sr (r ═ 1,2, …, t) and p, using Lagrange interpolation polynomial equation:
Figure BDA0002080774260000091
the secret key encryption secret key S can be recovered; taking the (2,3) threshold f (2), f (3) key component and p as examples, that is:
Figure BDA0002080774260000092
Figure BDA0002080774260000093
S=f(0)=(f(2)*L1(x)+f(3)*L2(x))modp;
by way of example, the key encryption key may be obtained by calculation according to the first key component and the second key component, and it should be noted that, in the present invention, two key components are applied in generating the key encryption key, and in practical application, the key encryption key may be generated by not only applying two key components, but also applying 3 key components.
In the method provided in the embodiment of the present invention, when the cryptographic module is damaged or powered down, the key component stored in the first storage module in the security chip is lost, after the cryptographic module is powered up and restarted, in order to restore the cryptographic module to a normal operating state, the key component needs to be applied to the key encryption key, and since the key component stored in the first storage module in the security chip is lost, the key encryption key cannot be generated, so that the cryptographic module cannot operate normally, at this time, the key component stored in the external storage module needs to be introduced into the security chip of the cryptographic module, the key component obtained from the external storage module is stored in the first storage module of the security chip, and as a new first key component, the new first key component and the second key component can be applied to generate the key encryption key, so that the cryptographic module can operate normally, therefore, the risk that the user key is lost by the cryptographic module is reduced, and the loss of the user is reduced.
It should be noted that, when the security chip is restarted after power failure, it is determined whether the key component stored in the first storage module exists; when the key component in the first storage module does not exist, a user determines whether the key component in the external storage module needs to be acquired, when the user determines that the key component in the external storage module needs to be acquired, the cryptographic module is connected with the external storage module through an interface for communication, the cryptographic module is triggered to acquire the key component stored in the external storage module through the interface, and the acquired key component stored in the external storage module is stored in the first storage module of the security chip to serve as a new first key component; it should be noted that, when the user confirms that the cryptographic module does not need to acquire a new key component, the cryptographic module is not connected to and communicates with the external storage module;
it should be noted that in the method provided in the embodiment of the present invention, when the cryptographic module is powered on again after being damaged or powered off, and an operation instruction sent by a user is received, it is determined whether a key component stored in a first storage module of a security chip in the cryptographic module exists, if the key component does not exist, it is determined whether a key component in an external storage module needs to be acquired, and when the key component in the external storage needs to be acquired, the cryptographic module and the external storage module are connected and communicated through an interface to acquire the key component stored in the external storage module.
It should be noted that, corresponding to the foregoing method, an embodiment of the present invention further provides a key processing system, which is used to support implementation of the key processing method, and the key processing system specifically includes the following components:
the key processing system comprises a cryptographic module and an external storage module;
the cryptographic module comprises: the safety chip, the power supply switching circuit, the protective coating and the conductive unit;
the security chip is used for acquiring a preset first key component and a preset second key component when receiving an operation instruction sent by a user, operating the first key component and the second key component according to a preset algorithm to acquire a key encryption key, and executing an operation corresponding to the operation instruction by using the key encryption key; wherein, the preset setting process of the first key component and the second key component comprises the following steps: the method comprises the steps that a safety chip receives a generation instruction, the safety chip is triggered to generate a secret key encryption secret key according to a preset generation algorithm, a preset function is used for operating the secret key encryption secret key to generate three secret key components, and the three secret key components are respectively stored in a pre-established external storage module and a first storage module and a second storage module in the safety chip; the key component stored in the first storage module is a first key component, the key component stored in the second storage module is a second key component, and the key component stored in the external storage module is a third key component;
the power supply switching circuit is used for selecting a power supply for the safety chip, and when a main power supply is powered off, the power supply switching circuit is switched to an external power supply so as to ensure normal power supply for the safety chip;
the conductive unit is used for communicating the safety chip with a power supply;
it should be noted that the conductive unit includes a fixed conductive unit and a non-fixed conductive unit, the fixed conductive unit is disposed on the circuit board of the cryptographic module and is in an open circuit state, the open circuit interval is very small, about 1-2mm, the non-fixed conductive unit is a conductor, including but not limited to a conductive film, and is placed on the open circuit portion to conduct the circuit;
the protective coating is used for protecting the conductive unit and the security chip, when the protective coating is damaged, the conductive unit is damaged, the security chip is in a power-down state, and the key component of the first storage module stored in the security chip is lost;
it should be noted that the protective coating covers the conductive unit and the safety chip to fix the position of the conductive unit and ensure the connection between the safety chip and the power supply; the protective coating can also cover the cryptographic module, so that the cryptographic module, the security chip and the conductive unit are prevented from directly contacting with the external environment; the protective coating can be colloid, can be fixedly attached to the cryptographic module and can fix the non-fixed part in the conductive unit, and the protective coating comprises but is not limited to non-transparent AB glue; it should be noted that, when the protective coating is damaged, the non-fixed conductive unit in the conductive unit is taken up, and the conductive unit is broken, so that the security chip is in a power-down state.
The external storage module is used for storing a key component, when the key component stored in the first storage module in the security chip is lost and a new key component needs to be introduced, the external storage module is connected with the cryptographic module through an interface, the stored key component is input into the cryptographic module, the cryptographic module stores the received key component into the first storage module of the security chip as the new first key component, and the external storage module can be stored in a manufacturer of the cryptographic module;
it should be noted that, when the key component stored in the first storage module in the security chip is lost again, the cryptographic module may be connected to the external storage module again through the interface, the key component stored in the external storage module is obtained again, the obtained key component is stored in the first storage module of the security chip again, and the stored key component is used as a new first key component again.
It is assumed that, when a cryptographic module is initialized, a key component needs to be configured for the cryptographic module, the cryptographic module sends a generated key generation instruction to a secure chip, the secure chip applies a preset generation algorithm to generate a key encryption key, and applies a threshold technique to perform an operation on the key encryption key to generate three different equal key components, where the three key components may be a, b, and c, two key components are randomly selected from the three key components, the two selected key components may be a and b, and the two selected key components are sent to the secure chip, the secure chip randomly stores the two key components in a first storage module and a second storage module, the key component stored in the first storage module may be a, and the key component stored in the second storage module may be b, importing the rest key components into the external storage module through an interface for storage, wherein the key components stored in the external storage module are c;
it should be noted that the first storage module may be a RAM module in the security chip, and the second storage module may be a FLASH module in the security chip; the key component stored in the first storage module is a first key component, the key component stored in the second storage module is a second key component, and the key component stored in the external storage module is a third key component;
when the cryptographic module is in a normal working state and receives an operation instruction of a user, triggering the two key components a and b stored by the application of the security chip to carry out operation, generating a key encryption key, and executing an operation type corresponding to the operation instruction by using the key encryption key; if the cryptographic module is damaged for the first time, the key component a stored in the first storage module of the secure chip is lost, the cryptographic module can be connected with the external storage module through an interface to obtain a key component c stored in the external storage module, the key component c is stored in the first storage module of the secure chip as a new first key component, at this time, the new first key component is c, and at this time, the secure chip can perform operation through the stored key component c and the key component b to generate a key encryption key;
if the cryptographic module is damaged or powered down, the key component c stored in the first storage module in the secure chip is lost, the cryptographic module and the external storage module can be connected through the interface again, the key component c stored in the external storage module is obtained again, and the key component c is stored in the first storage module of the secure chip again and is used as a new first key component again.
In the method provided by the embodiment of the invention, the security chip generates the key encryption key by using the two stored key components, encrypts the key of the user by using the key encryption key to generate the corresponding ciphertext, and outputs the ciphertext to the cryptographic module for storage, so that the confidentiality of the user key is improved, and the possibility of direct application after the user key is obtained is reduced; when one component in the security chip is lost, the key component stored in the external storage module can be acquired, so that the key encryption key can be generated again, the situation that the key encryption key cannot be generated after one component is lost is avoided, the loss of a user is avoided, and the robustness and the stability of the encryption system are improved.
Corresponding to fig. 1, an embodiment of the present invention further provides a key processing apparatus, which is used for implementing the method in fig. 1 specifically, and the key processing apparatus provided in the embodiment of the present invention may be applied to an encryption module of a computer or an encryption apparatus of a server, and a schematic structural diagram of the key processing apparatus is shown in fig. 3, and specifically includes:
the operation unit 301 is configured to, when the cryptographic module receives an operation instruction sent by a user, obtain a first key component and a second key component preset in the secure chip, and perform operation on the first key component and the second key component according to a preset algorithm to generate a key encryption key;
an obtaining unit 302, configured to obtain operation information in the operation instruction, and determine an operation type corresponding to the operation instruction according to the operation information;
an encrypting unit 303, configured to determine a first user key in the operation instruction if the operation type corresponding to the operation instruction is an encryption operation, encrypt the first user key by using the key encryption key, generate a first key ciphertext, and input the first key ciphertext into the cryptographic module for saving;
a decryption unit 304, configured to determine a second key ciphertext corresponding to the operation instruction in the cryptographic module if the operation type corresponding to the operation instruction is a decryption operation, decrypt the second key ciphertext using the key encryption key, obtain a second user key in the second key ciphertext, and output the second user key to the cryptographic module.
In the device provided by the embodiment of the invention, when a cryptographic module receives an operation instruction sent by a user, a first key component and a second key component preset in a security chip are obtained, the first key component and the second key component are operated according to a preset algorithm to generate a key encryption key, operation information in the operation instruction is obtained, an operation type corresponding to the operation instruction is determined according to the operation information, if the operation type is encryption operation, a first user key in the operation instruction is determined, the key encryption key is used for encrypting the first user key to obtain a first key ciphertext, and the first key ciphertext is stored; if the operation type is decryption operation, a second key ciphertext corresponding to the decryption operation is obtained, the key encryption key is applied to decrypt the second key ciphertext, a second user key in the second key ciphertext is obtained, and the second user key is output to the cryptographic module. By applying the method provided by the invention, the user key is processed and stored in a ciphertext form, so that the risk that the user key is directly used after being stolen is reduced, and the robustness and the stability of a security system are improved.
In an embodiment provided by the present invention, based on the foregoing scheme, the method further includes:
the generating unit is used for receiving a key generating instruction sent by the cryptographic module when the cryptographic module is initialized and generating a key encryption key by using a preset generating algorithm;
the first storage unit is used for operating the key encryption key by using a preset function to generate three key components and storing the three key components into a pre-established external storage module and a first storage module and a second storage module in the security chip respectively; the key component stored in the first storage module is a first key component, the key component stored in the second storage module is a second key component, and the key component stored in the external storage module is a third key component.
In an embodiment provided by the present invention, based on the foregoing scheme, the method further includes:
the judging unit is used for judging whether the key component stored in the first storage module exists or not when the security chip is restarted after power failure;
a determining unit, configured to determine whether a key component in the external module needs to be acquired when the key component in the first storage module does not exist;
the communication unit is used for triggering the cryptographic module to communicate with the external storage module when the key component in the external module needs to be acquired so as to acquire the key component stored in the external storage module;
and the second saving unit is used for saving the acquired key component saved in the external storage module into the first storage module as a new first key component.
In an embodiment provided by the present invention, based on the foregoing solution, the first saving unit includes:
the first storage subunit is used for randomly selecting two key components from the three key components, sending the two selected key components to the security chip, and triggering the security chip to randomly store the two key components into the first storage module and the second storage module respectively;
and the second storage subunit is used for sending the residual key components to a pre-established external storage module and triggering the external storage module to store the received key components.
An electronic device is provided in an embodiment of the present invention, and the structural diagram of the electronic device is shown in fig. 4, which specifically includes a memory 402 and one or more instructions 401, where the one or more instructions 401 are stored in the memory 402, and are configured to be executed by one or more processors 403 to perform the following operations according to the one or more instructions 401:
when a cryptographic module receives an operation instruction sent by a user, acquiring a first key component and a second key component preset in the security chip, and operating the first key component and the second key component according to a preset algorithm to generate a key encryption key;
acquiring operation information in the operation instruction, and determining an operation type corresponding to the operation instruction according to the operation information;
if the operation type corresponding to the operation instruction is encryption operation, determining a first user key in the operation instruction, encrypting the first user key by using the key encryption key to generate a first key ciphertext, and inputting the first key ciphertext into the cryptographic module for storage;
if the operation type corresponding to the operation instruction is decryption operation, determining a second key ciphertext corresponding to the operation instruction in the cryptographic module, decrypting the second key ciphertext by using the key encryption key, obtaining a second user key in the second key ciphertext, and outputting the second user key to the cryptographic module.
The embodiments in the present specification are described in a progressive manner, and the same and similar parts among the embodiments are referred to each other, and each embodiment focuses on the differences from the other embodiments. In particular, the system or system embodiments are substantially similar to the method embodiments and therefore are described in a relatively simple manner, and reference may be made to some of the descriptions of the method embodiments for related points. The above-described system and system embodiments are only illustrative, wherein the units described as separate parts may or may not be physically separate, and the parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of the present embodiment. One of ordinary skill in the art can understand and implement it without inventive effort.
Those of skill would further appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware, computer software, or combinations of both, and that the various illustrative components and steps have been described above generally in terms of their functionality in order to clearly illustrate this interchangeability of hardware and software. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the implementation. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present invention.
The previous description of the disclosed embodiments is provided to enable any person skilled in the art to make or use the present invention. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments without departing from the spirit or scope of the invention. Thus, the present invention is not intended to be limited to the embodiments shown herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.

Claims (8)

1. A key processing method is applied to a secure chip and comprises the following steps:
when a cryptographic module receives an operation instruction sent by a user, acquiring a first key component and a second key component preset in the security chip, and operating the first key component and the second key component according to a preset algorithm to generate a key encryption key;
acquiring operation information in the operation instruction, and determining an operation type corresponding to the operation instruction according to the operation information;
if the operation type corresponding to the operation instruction is encryption operation, determining a first user key in the operation instruction, encrypting the first user key by using the key encryption key to generate a first key ciphertext, and inputting the first key ciphertext into the cryptographic module for storage;
if the operation type corresponding to the operation instruction is decryption operation, determining a second key ciphertext corresponding to the operation instruction in the cryptographic module, decrypting the second key ciphertext by using the key encryption key to obtain a second user key in the second key ciphertext, and outputting the second user key to the cryptographic module;
the setting process of the first key component and the second key component comprises the following steps:
when the cryptographic module is initialized, receiving a key generation instruction sent by the cryptographic module, and generating a key encryption key by using a preset generation algorithm;
calculating the key encryption key by using a preset function to generate three key components, and respectively storing the three key components into a pre-established external storage module and a first storage module and a second storage module in the security chip; the key component stored in the first storage module is a first key component, the key component stored in the second storage module is a second key component, and the key component stored in the external storage module is a third key component;
the preset function is a Lagrange interpolation formula, the preset function is used for calculating the secret key encryption secret key to generate a secret key component, and the specific steps are as follows:
the key encryption key is represented by S, the key encryption key is a random number of 16 bytes, and (t-1) elements a are randomly selected in a finite field GF (p)i(i-1, 2, …, t-1) form a polynomial of order (t-1)
Figure FDA0003294069500000011
Wherein p is a large prime number and p>2L, wherein L is the bit length of S, aiThe key encryption key S ═ f (0) ═ a is a random number of 32 bytes0Generating n key components
Figure FDA0003294069500000021
Wherein r is 1,2, …, n; will SrAnd p is sent to the corresponding storage module safely for storage.
2. The method of claim 1, further comprising:
when the security chip is restarted after power failure, judging whether the key component stored in the first storage module exists or not;
when the key component in the first storage module does not exist, determining whether the key component in the external storage module needs to be acquired or not;
when the key component in the external storage module needs to be acquired, triggering the cryptographic module to communicate with the external storage module so as to acquire the key component stored in the external storage module;
and saving the acquired key component saved in the external storage module into the first storage module as a new first key component.
3. The method according to claim 1, wherein the storing the three key components in a pre-established external storage module and a first storage module and a second storage module in the secure chip respectively comprises:
randomly selecting two key components from the three key components, sending the two selected key components to the security chip, and triggering the security chip to randomly store the two key components into the first storage module and the second storage module respectively;
and sending the rest key components to a pre-established external storage module, and triggering the external storage module to store the received key components.
4. A key processing apparatus, comprising:
the operation unit is used for acquiring a first key component and a second key component preset in a security chip when the cryptographic module receives an operation instruction sent by a user, and operating the first key component and the second key component according to a preset algorithm to generate a key encryption key;
the acquisition unit is used for acquiring the operation information in the operation instruction and determining the operation type corresponding to the operation instruction according to the operation information;
the encryption unit is used for determining a first user key in the operation instruction if the operation type corresponding to the operation instruction is encryption operation, encrypting the first user key by using the key encryption key to generate a first key ciphertext, and inputting the first key ciphertext into the crypto module for storage;
the decryption unit is configured to determine a second key ciphertext corresponding to the operation instruction in the cryptographic module if the operation type corresponding to the operation instruction is a decryption operation, decrypt the second key ciphertext using the key encryption key to obtain a second user key in the second key ciphertext, and output the second user key to the cryptographic module;
the generating unit is used for receiving a key generating instruction sent by the cryptographic module when the cryptographic module is initialized and generating a key encryption key by using a preset generating algorithm;
the first storage unit is used for operating the key encryption key by using a preset function to generate three key components and storing the three key components into a pre-established external storage module and a first storage module and a second storage module in the security chip respectively; the key component stored in the first storage module is a first key component, the key component stored in the second storage module is a second key component, and the key component stored in the external storage module is a third key component;
the preset function is a Lagrange interpolation formula, the preset function is used for calculating the secret key encryption secret key to generate a secret key component, and the specific steps are as follows:
the key encryption key is represented by S, the key encryption key is a random number of 16 bytes, and (t-1) elements a are randomly selected in a finite field GF (p)i(i-1, 2, …, t-1) form a polynomial of order (t-1)
Figure FDA0003294069500000031
Wherein p is a large prime number and p>2L, wherein L is the bit length of S, aiThe key encryption key S ═ f (0) ═ a is a random number of 32 bytes0Generating n key components
Figure FDA0003294069500000032
Wherein r is 1,2, …, n; will SrAnd p is sent to the corresponding storage module safely for storage.
5. The apparatus of claim 4, further comprising:
the judging unit is used for judging whether the key component stored in the first storage module exists or not when the security chip is restarted after power failure;
a determining unit, configured to determine whether a key component in the external storage module needs to be acquired when the key component in the first storage module does not exist;
the communication unit is used for triggering the cryptographic module to communicate with the external storage module when the key component in the external storage module needs to be acquired so as to acquire the key component stored in the external storage module;
and the second saving unit is used for saving the acquired key component saved in the external storage module into the first storage module as a new first key component.
6. The apparatus of claim 4, wherein the first retention unit comprises:
the first storage subunit is used for randomly selecting two key components from the three key components, sending the two selected key components to the security chip, and triggering the security chip to randomly store the two key components into the first storage module and the second storage module respectively;
and the second storage subunit is used for sending the residual key components to a pre-established external storage module and triggering the external storage module to store the received key components.
7. A key processing system, comprising:
the password module and the external storage module;
the cryptographic module comprises: the safety chip, the power supply switching circuit, the protective coating and the conductive unit;
the security chip is used for executing the key processing method of any one of claims 1 to 3;
the power supply switching circuit is used for selecting a power supply for the safety chip, and when a main power supply is powered off, the power supply switching circuit is switched to an external power supply so as to ensure normal power supply for the safety chip;
the conductive unit is used for communicating the safety chip with a power supply;
the protective coating is used for protecting the conductive unit and the security chip, when the protective coating is damaged, the conductive unit is damaged, the security chip is in a power-down state, and the key component of the first storage module stored in the security chip is lost.
8. An electronic device comprising a memory, and one or more instructions stored in the memory and configured to be executed by the one or more processors to perform the key processing method of any one of claims 1-3.
CN201910470792.1A 2019-05-31 2019-05-31 Key processing method, device and system and electronic equipment Active CN110166236B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910470792.1A CN110166236B (en) 2019-05-31 2019-05-31 Key processing method, device and system and electronic equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910470792.1A CN110166236B (en) 2019-05-31 2019-05-31 Key processing method, device and system and electronic equipment

Publications (2)

Publication Number Publication Date
CN110166236A CN110166236A (en) 2019-08-23
CN110166236B true CN110166236B (en) 2022-01-18

Family

ID=67630863

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910470792.1A Active CN110166236B (en) 2019-05-31 2019-05-31 Key processing method, device and system and electronic equipment

Country Status (1)

Country Link
CN (1) CN110166236B (en)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111159732A (en) * 2019-12-16 2020-05-15 佛山科学技术学院 Safety data storage device
CN111327637B (en) * 2020-03-10 2022-12-02 时时同云科技(成都)有限责任公司 Service key management method and system
CN112422293B (en) * 2020-11-27 2023-09-05 苏博云科数字认证有限公司 Key generation method, device and information processing method
CN114785503B (en) * 2022-06-16 2022-09-23 北京智芯半导体科技有限公司 Cipher card, root key protection method thereof and computer readable storage medium

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101311942A (en) * 2007-05-23 2008-11-26 西门子(中国)有限公司 Software encryption and decryption method and encryption and decryption device
CN106330868A (en) * 2016-08-14 2017-01-11 北京数盾信息科技有限公司 Encrypted storage key management system and method of high-speed network
CN108632295A (en) * 2018-05-09 2018-10-09 湖南东方华龙信息科技有限公司 The method for preventing terminal attack server repeatedly

Family Cites Families (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7107462B2 (en) * 2000-06-16 2006-09-12 Irdeto Access B.V. Method and system to store and distribute encryption keys
US8307098B1 (en) * 2000-08-29 2012-11-06 Lenovo (Singapore) Pte. Ltd. System, method, and program for managing a user key used to sign a message for a data processing system
US9858401B2 (en) * 2011-08-09 2018-01-02 Biogy, Inc. Securing transactions against cyberattacks
CN106301774B (en) * 2015-05-29 2019-08-06 辰芯科技有限公司 Safety chip, its encryption key generation method and encryption method
CN105933113A (en) * 2016-06-13 2016-09-07 北京三未信安科技发展有限公司 Secret key backup recovering method and system, and related devices
CN107317677B (en) * 2017-05-25 2020-02-07 苏州科达科技股份有限公司 Secret key storage and equipment identity authentication method and device
CN109088729B (en) * 2018-09-28 2021-03-26 北京金山安全软件有限公司 Key storage method and device
CN109768862B (en) * 2019-03-12 2019-11-22 北京深思数盾科技股份有限公司 A kind of key management method, key call method and cipher machine

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101311942A (en) * 2007-05-23 2008-11-26 西门子(中国)有限公司 Software encryption and decryption method and encryption and decryption device
CN106330868A (en) * 2016-08-14 2017-01-11 北京数盾信息科技有限公司 Encrypted storage key management system and method of high-speed network
CN108632295A (en) * 2018-05-09 2018-10-09 湖南东方华龙信息科技有限公司 The method for preventing terminal attack server repeatedly

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
Design of Monitor and Protect Circuits against FIB Attack on Chip Security;Mengmeng Ling;《IEEE》;20121118;全文 *
基于秘密共享的无线传感器网络组密钥管理方案;吕远方;《微计算机应用》;20100315;全文 *
密钥管理中的若干问题研究;张勇;《中国博士学位论文全文数据库》;20130401;全文 *

Also Published As

Publication number Publication date
CN110166236A (en) 2019-08-23

Similar Documents

Publication Publication Date Title
CN110166236B (en) Key processing method, device and system and electronic equipment
CN100487715C (en) Date safety storing system, device and method
JP4774492B2 (en) Authentication system and remote distributed storage system
EP1059761B1 (en) Cryptographic key, or other secret material, recovery
KR101317496B1 (en) Method for securing transmission data and security system for implementing the same
US20140133652A1 (en) Semiconductor device and information processing system for encrypted communication
US8904195B1 (en) Methods and systems for secure communications between client applications and secure elements in mobile devices
CN109768862B (en) A kind of key management method, key call method and cipher machine
EP2629225A1 (en) System, devices and methods for collaborative execution of a software application comprising at least one encrypted instruction
CN112953974B (en) Data collision method, device, equipment and computer readable storage medium
CN112035860A (en) File encryption method, terminal, device, equipment and medium
CN111008400A (en) Data processing method, device and system
CN110932853B (en) Key management device and key management method based on trusted module
CN114785503B (en) Cipher card, root key protection method thereof and computer readable storage medium
US9135449B2 (en) Apparatus and method for managing USIM data using mobile trusted module
CN109936448A (en) A kind of data transmission method and device
CN115396179A (en) Data transmission method, device, medium and equipment based on block chain
EP3902197A1 (en) Confidential data management device, program and recording medium
JP5347597B2 (en) Secret information management system, secret information management device, and program
KR101677138B1 (en) Method of on-line/off-line electronic signature system for security of off-line token
KR101915808B1 (en) Decrypting cipher texts using scrambling
CN117118613B (en) Whole vehicle instrument data security protection method, equipment and readable storage medium
CN114520740B (en) Encryption method, device, equipment and storage medium
JP4945809B2 (en) Multistage memory device, memory device, storage method, and storage processing program
JP6717730B2 (en) Terminal device, key providing system, key providing method, and computer program

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant