CN110233729A - A kind of encryption solid-state disk key management method based on PUF - Google Patents

A kind of encryption solid-state disk key management method based on PUF Download PDF

Info

Publication number
CN110233729A
CN110233729A CN201910587599.6A CN201910587599A CN110233729A CN 110233729 A CN110233729 A CN 110233729A CN 201910587599 A CN201910587599 A CN 201910587599A CN 110233729 A CN110233729 A CN 110233729A
Authority
CN
China
Prior art keywords
state disk
solid
key
safe
ukey
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201910587599.6A
Other languages
Chinese (zh)
Other versions
CN110233729B (en
Inventor
冯志华
罗重
赵霞
安东博
梁书铭
邓威
习亮
郭慧波
宋峙峰
曲新春
万星
余艺
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Institute of Computer Technology and Applications
Original Assignee
Beijing Institute of Computer Technology and Applications
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Institute of Computer Technology and Applications filed Critical Beijing Institute of Computer Technology and Applications
Priority to CN201910587599.6A priority Critical patent/CN110233729B/en
Publication of CN110233729A publication Critical patent/CN110233729A/en
Application granted granted Critical
Publication of CN110233729B publication Critical patent/CN110233729B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0643Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/085Secret sharing or secret splitting, e.g. threshold schemes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3234Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving additional secure or trusted devices, e.g. TPM, smartcard, USB or software token

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Power Engineering (AREA)
  • Storage Device Security (AREA)

Abstract

The present invention relates to a kind of encryption solid-state disk key management method based on PUF, wherein it include: that host powers on, bios self-test;Safe UKey verifying encryption solid-state disk identity, user's checking password are verified, and are sent password hash value and thresholding key components to solid-state disk, encryption solid-state disk is encrypted and are verified safe UKey identity.The present invention introduces the use of PUF in the differentiated control of key and the interactive authentication of key.Threshold cryptography is introduced in cipher key management procedures, is stored respectively among safe UKey and solid-state disk after data key ciphertext is decomposed, either side is stolen can not to recover partial data key.Using the PUF value being electrically generated in PUF module built in encryption solid-state disk as certification core root-of-trust, the safety and reliability of certification is stronger for cipher key interaction certification.

Description

A kind of encryption solid-state disk key management method based on PUF
Technical field
The present invention relates to field of information security technology, in particular to a kind of encryption solid-state disk key management side based on PUF Method.
Background technique
Encryption solid-state disk commonly protects the mode of sensitive information as enterprises and individuals user, and key managing project is The core of entire security system, the stolen avalanche that will lead to entire security system of key.
The existing key storage scheme for encryption solid-state disk, mainly using the way to manage of multistage key, by more The mode of grade control protects key.But no matter key is stored in UKey, solid-state disk either other single storages Jie In matter, once the equipment of storage key is stolen, key is read, and all suffers from the stolen risk of data.Threshold cryptosystem scheme (t, n) Thought be that secret is divided into n parts of shadows, n participant is distributed to, wherein being arbitrarily more than or equal to that t participant cooperate with can be extensive Multiple key.Threshold schemes are applied in the key management of encryption solid-state disk, security risk can be dispersed, guaranteed data security Property.
Existing key managing project, there are mainly two types of for authentication mode: the authentication mode of public private key pair, by recognizing Demonstrate,prove both sides and distribute public private key pair, when authentication handshake by verify public private key pair whether match to verify whether it is legal, It is that consumption resource is excessive, and needs to introduce third party's key and be in charge of center there are problem;The authentication mode of symmetry algorithm, by double Whether the symmetric cryptographic algorithm of Fang Gongyou and identical key are identical by verifying both sides' key and algorithm when authentication handshake It is legal to verify whether, there are problems that problem is that both sides all suffer from key storage, the safety if authentication key is stolen System cracks.
Summary of the invention
The purpose of the present invention is to provide a kind of encryption solid-state disk key management method based on PUF, it is above-mentioned for solving Problem of the prior art.
A kind of encryption solid-state disk key management method based on PUF of the present invention, wherein include: that host powers on, bios is certainly Inspection;Safe UKey verifying encryption solid-state disk identity, user's checking password are verified, and send password hash value and thresholding key Component verifies safe UKey identity to solid-state disk, encryption solid-state disk is encrypted, comprising: safe UKey generates random number a, by hash value K and a is sent to encryption solid-state disk;It encrypts solid-state disk and receives hash value K and a, generate random number b;Exclusive or K and PUF value P generates n, It encrypts solid-state disk and calculates n generation N using hash algorithm, encryption solid-state disk uses symmetric cryptographic algorithm X, and it is raw to encrypt a using N as key At A, A and b are sent to safe Ukey;Safe UKey receives A, and the N of storage is used to generate a ' as key decryption A;Examine solution Whether close result is consistent with a of generation, is consistent, and safe UKey thinks that encryption solid-state disk is credible;It the use of N is key, symmetric cryptography Algorithm X encrypts b and generates B, and B and thresholding key components E2 are sent to encryption solid-state disk;User inputs password k ', calculates password k ' Hash value K ', whether checking computation result be consistent with the password hash value K being stored in safe UKey, be consistent, think user Identity is legal;K ' is sent to encryption solid-state disk;It encrypts solid-state disk and receives B and K ', exclusive or K ' and PUF value P generates n ', and encryption is solid State disk calculates n ' using hash algorithm and generates N ', and encryption solid-state disk uses symmetric cryptographic algorithm X, decrypts B as key using N ' and generates B ', examines whether decrypted result is consistent with b, is consistent, encrypts solid-state disk and think that safe UKey is credible;It encrypts solid-state disk and restores number According to key, data in disk, activation system are decrypted.
One embodiment of encryption solid-state disk key management method according to the present invention, wherein further include: for the first time using safe Safe Ukey and encryption solid-state disk are bound one by one under environment, by user setting password k, calculate the hash value K of password k, It calculates password value K and encrypts the combined value n of solid-state disk PUF value P, encrypt solid-state disk using hash algorithm and calculate combined value n's Hash value N, safe UKey store the hash value N and user password hash value K.
One embodiment of encryption solid-state disk key management method according to the present invention, wherein using encryption solid-state disk PUF value P generates data key ciphertext E, by data with PUF value P encrypted data key e as root key, using symmetric encipherment algorithm Y Key ciphertext E usage threshold algorithm decomposes, and part threshold data key ciphertext E1 is stored in solid-state disk, part threshold data key Ciphertext E2 is stored in safe UKey.
One embodiment of encryption solid-state disk key management method according to the present invention, wherein total thresholding key components number For n, partial data key ciphertext can be solved when thresholding key components number is more than or equal to threshold value t, is stored in safe UKey Data key number of components x<t encrypts the data key number of components y<t, the x+y>t that store in solid-state disk, need to obtain safe Ukey with And the key components in encryption solid-state disk are to restore partial data key ciphertext.
One embodiment of encryption solid-state disk key management method according to the present invention, wherein encryption solid-state disk verifying safety After UKey identity, solid-state disk usage threshold algorithm is encrypted, by itself storage threshold data key cyphertext component E1 and receives to come Partial data key ciphertext E is synthesized from the threshold data key cyphertext component E2 in safe UKey, encryption solid-state disk uses symmetrical Encryption Algorithm Y obtains data key plaintext e by key ciphertext data key ciphertext E of PUF value.
The characteristic that the present invention makes full use of PUF value physics unclonable.To encrypt solid-state disk PUF value work in verification process A set of completely new authentication handshake method is designed in conjunction with hash algorithm and symmetric encipherment algorithm for the credible core of safety certification.Phase Authenticated than public private key pair, this method resource consumption is less, calculating speed faster.Compared to conventional symmetrical algorithm certification disk end without depositing Store up authentication key, the unclonable characteristic of the physics of PUF value ensure that binding after UKey and encryption solid-state disk be mutually authenticated can By property, this method integrally improves the safety and reliability of verification process.
Detailed description of the invention
Fig. 1 show a kind of safe mode schematic diagram of encryption solid-state disk key management method based on PUF;
The identifying procedure figure of encryption solid-state disk key management method of the Fig. 2 based on PUF;
The key structure figure of encryption solid-state disk key management method of the Fig. 3 based on PUF.
Specific embodiment
To keep the purpose of the present invention, content and advantage clearer, with reference to the accompanying drawings and examples, to of the invention Specific embodiment is described in further detail.
Fig. 1 show a kind of safe mode schematic diagram of encryption solid-state disk key management method based on PUF, and Fig. 2 is based on The identifying procedure figure of the encryption solid-state disk key management method of PUF;Encryption solid-state disk key management method of the Fig. 3 based on PUF Key structure figure, as shown in Figure 1 to Figure 3, a kind of encryption solid-state disk key management method based on PUF includes:
(1) host powers on, bios self-test;
(2) safe UKey verifying encryption solid-state disk identity;
(3) user's checking password is verified, and sends password hash value and thresholding key components to encrypting solid-state disk;
(4) encryption solid-state disk verifies safe UKey identity;
(5) it is verified, encrypts solid-state disk and restore data key, decrypt data in disk, activation system.
As shown in Figure 1 to Figure 3, it is initialized, i.e., is used under security context to safe Ukey before use for the first time It is bound one by one with encryption solid-state disk.By user setting password k, the hash value K of password k is calculated, calculates password value K and encryption The combined value n of solid-state disk PUF value P, combined method can be exclusive or or splicing, and encryption solid-state disk uses hash algorithm, calculates Hash the value N, safe UKey of combined value n stores the hash value N and user password hash value K.
As shown in Figure 1 to Figure 3, wherein tripartite's identifying procedure, detailed step are as follows:
(1) safe UKey generates random number a, and K and a are sent to encryption solid-state disk.
(2) encryption solid-state disk receives K and a, generates random number b.Exclusive or K and PUF value P generates n, and encryption solid-state disk uses Hash algorithm calculates n and generates N.It encrypts solid-state disk and uses symmetric cryptographic algorithm X, a is encrypted as key using N and generates A, A and b is sent out It send to safe UKey.
(3) safe UKey receives A, and the N of storage is used to generate a ' as key decryption A.Examine decrypted result and step (1) Whether a of middle generation is consistent, and is consistent, and safe UKey thinks that encryption solid-state disk is credible.Safe UKey is using N as key, cryptographic algorithm X encrypts b and generates B, and B and thresholding key components E2 are sent to encryption solid-state disk.
(4) user input password k ', calculate password k ' hash value K ', checking computation result be stored in safe UKey Password hash value K whether be consistent, be consistent, think that user identity is legal.K ' is sent to encryption solid-state disk.
(5) encryption solid-state disk receives B and K '.Exclusive or K ' and PUF value P generates n ', and encryption solid-state disk uses hash algorithm, meter It calculates n ' and generates N '.It encrypts solid-state disk and uses symmetric cryptographic algorithm X, B is decrypted as key using N ' and generates b '.Examine decrypted result and step Whether the b generated in (2) suddenly is consistent, and is consistent, encrypts solid-state disk and think that safe UKey is credible.
(6) solid-state disk usage threshold cryptographic algorithm is encrypted, itself is stored threshold data key cyphertext component E1 and is connect Partial data key ciphertext E is synthesized by the threshold data key cyphertext component E2 from safe UKey.Solid-state disk is encrypted to use Symmetric encipherment algorithm Y obtains data key plaintext e by key ciphertext data key ciphertext E of PUF value.Verification process terminates.
Wherein key management is using encryption solid-state disk PUF value P as root key.Using symmetric encipherment algorithm Y, with PUF value P Encrypted data key e generates data key ciphertext E.Data key ciphertext E usage threshold cryptographic algorithm is decomposed, part thresholding Data key ciphertext E1 is stored in encryption solid-state disk, and part threshold data key ciphertext E2 is stored in safe UKey.
Wherein threshold cryptography algorithm (t, n), total thresholding key components number are n, t < n.When thresholding key components number is less than t Shi Wufa solves partial data key ciphertext.Data key number of components x < t for storing in UKey is encrypted and is stored in solid-state disk Data key number of components y<t, x+y>t.The key components for individually obtaining safe UKey or encrypting in solid-state disk can not restore Partial data key ciphertext.
To encrypt the PUF value of solid-state disk as the root key of key management in cipher key management procedures, its object is made full use of Unclonable attribute is managed, the safety of root key is improved.It introduces threshold cryptography algorithm security and decomposes storage key, deposit respectively It is stored in safe UKey and encryption solid-state disk, compares traditional secrete key storage mode, the stolen attacker of either side can not obtain Partial data key ciphertext, improves the safety of encryption system.
The beneficial effects of the present invention are:
(1) to encrypt solid-state disk PUF value as the credible core of safety certification in verification process, in conjunction with hash algorithm and Symmetric encipherment algorithm designs a set of completely new authentication handshake method.It is authenticated compared to public private key pair, this method resource consumption is less, Calculating speed is faster.Authentication storage key, the unclonable characteristic of the physics of PUF value are not necessarily to compared to existing symmetry algorithm certification disk end It ensure that the reliability that UKey and encryption solid-state disk are mutually authenticated after binding, this method integrally improve the safety of verification process Property and reliability.
(2) in cipher key management procedures using encrypt solid-state disk PUF value as the root key of key management, make full use of it The unclonable attribute of physics, improves the safety of root key.It introduces threshold cryptography algorithm security and decomposes storage key, respectively It is stored in safe UKey and encryption solid-state disk, compares existing key storage mode, the stolen attacker of either side can not obtain Entire data key ciphertext is taken, the safety of encryption system is improved.
The present invention introduces the use of PUF in the differentiated control of key and the interactive authentication of key.Wherein key point Grade management using the PUF value being electrically generated in PUF module built in encryption solid-state disk main control chip as root key, to data key into Row encryption.PUF value can with it is unreadable and have the unclonable characteristic of physics, ensure that the safety of root key.In key management Threshold cryptography is introduced in the process, is stored respectively among safe UKey and solid-state disk after data key ciphertext is decomposed, Either side is stolen can not to recover partial data key.Cipher key interaction certification uses built in encryption solid-state disk in PUF module The PUF value being electrically generated is used in combination hash algorithm and symmetric encipherment algorithm carries out handshake authentication as certification core root-of-trust, with The scheme of existing public private key pair certification and symmetric encipherment algorithm certification is compared, it is only necessary to which UKey folk prescription stores key, the peace of certification Full property and reliability are stronger.
The above is only a preferred embodiment of the present invention, it is noted that for the ordinary skill people of the art For member, without departing from the technical principles of the invention, several improvement and deformations can also be made, these improvement and deformations Also it should be regarded as protection scope of the present invention.

Claims (5)

1. a kind of encryption solid-state disk key management method based on PUF characterized by comprising
Host powers on, bios self-test;
Safe UKey verifying encryption solid-state disk identity, user's checking password are verified, send password hash value and thresholding is close Key component verifies safe UKey identity to solid-state disk, encryption solid-state disk is encrypted, comprising:
Safe UKey generates random number a, and hash value K and a are sent to encryption solid-state disk;
It encrypts solid-state disk and receives hash value K and a, generate random number b;Exclusive or K and PUF value P generates n, and encryption solid-state disk uses Hash algorithm calculates n and generates N, and encryption solid-state disk uses symmetric cryptographic algorithm X, encrypts a as key using N and generates A, A and b is sent To safe Ukey;
Safe UKey receives A, and the N of storage is used to generate a ' as key decryption A;Examine decrypted result and generation a whether phase Symbol, is consistent, and safe UKey thinks that encryption solid-state disk is credible;The use of N is key, symmetric cryptographic algorithm X encrypts b and generates B, by B and Thresholding key components E2 is sent to encryption solid-state disk;
User inputs password k ', calculates the hash value K ' of password k ', checking computation result and the password being stored in safe UKey Whether hash value K is consistent, and is consistent, and thinks that user identity is legal;K ' is sent to encryption solid-state disk;
It encrypts solid-state disk and receives B and K ', exclusive or K ' and PUF value P generates n ', and encryption solid-state disk calculates n ' using hash algorithm and generates N ', encryption solid-state disk use symmetric cryptographic algorithm X, decrypt B as key using N ' and generate b ', examine whether decrypted result is consistent with b, It is consistent, encrypts solid-state disk and think that safe UKey is credible;
It encrypts solid-state disk and restores data key, decrypt data in disk, activation system.
2. encryption solid-state disk key management method as described in claim 1, which is characterized in that further include: for the first time using safe Safe Ukey and encryption solid-state disk are bound one by one under environment, by user setting password k, calculate the hash value K of password k, It calculates password value K and encrypts the combined value n of solid-state disk PUF value P, encrypt solid-state disk using hash algorithm and calculate combined value n's Hash value N, safe UKey store the hash value N and user password hash value K.
3. encryption solid-state disk key management method as described in claim 1, which is characterized in that using encryption solid-state disk PUF value P As root key, data key ciphertext E is generated with PUF value P encrypted data key e using symmetric encipherment algorithm Y, data are close Key ciphertext E usage threshold algorithm decomposes, and part threshold data key ciphertext E1 is stored in solid-state disk, and part threshold data key is close Literary E2 is stored in safe UKey.
4. encryption solid-state disk key management method as described in claim 1, which is characterized in that total thresholding key components number is N can solve partial data key ciphertext, the number stored in safe UKey when thresholding key components number is more than or equal to threshold value t According to key components number x<t, encrypt data key number of components y<t, the x+y>t stored in solid-state disk, need to obtain safe Ukey and The key components in solid-state disk are encrypted to restore partial data key ciphertext.
5. key managing project as described in claim 1, which is characterized in that after encryption solid-state disk verifies safe UKey identity, Solid-state disk usage threshold algorithm is encrypted, by itself storage threshold data key cyphertext component E1 and is received from safe UKey Threshold data key cyphertext component E2 synthesize partial data key ciphertext E, encryption solid-state disk use symmetric encipherment algorithm Y, with PUF value is that key ciphertext data key ciphertext E obtains data key plaintext e.
CN201910587599.6A 2019-07-02 2019-07-02 Encrypted solid-state disk key management method based on PUF Active CN110233729B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910587599.6A CN110233729B (en) 2019-07-02 2019-07-02 Encrypted solid-state disk key management method based on PUF

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910587599.6A CN110233729B (en) 2019-07-02 2019-07-02 Encrypted solid-state disk key management method based on PUF

Publications (2)

Publication Number Publication Date
CN110233729A true CN110233729A (en) 2019-09-13
CN110233729B CN110233729B (en) 2022-03-11

Family

ID=67857741

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910587599.6A Active CN110233729B (en) 2019-07-02 2019-07-02 Encrypted solid-state disk key management method based on PUF

Country Status (1)

Country Link
CN (1) CN110233729B (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112069555A (en) * 2020-08-13 2020-12-11 中国电子科技集团公司第三十研究所 Safe computer architecture based on double-hard-disk cold switching operation
WO2022259013A1 (en) 2021-06-07 2022-12-15 Telefonaktiebolaget Lm Ericsson (Publ) Storage device being authenticated to host by utilizing physically unclonable function (puf) for data encryption/decryption
WO2022259015A1 (en) 2021-06-07 2022-12-15 Telefonaktiebolaget Lm Ericsson (Publ) Storage device utilziing physically unclonable function (puf) based secret sharing scheme for data encryption/decryption

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8667265B1 (en) * 2010-07-28 2014-03-04 Sandia Corporation Hardware device binding and mutual authentication
US20140258736A1 (en) * 2013-03-08 2014-09-11 Robert Bosch Gmbh Systems and Methods for Maintaining Integrity and Secrecy in Untrusted Computing Platforms
CN104836669A (en) * 2015-05-08 2015-08-12 东南大学 Security authentication method based on SRAM PUF (Static Random Access Memory Physical Uncloable Function), terminal and authentication system
CN108199845A (en) * 2017-12-08 2018-06-22 中国电子科技集团公司第三十研究所 A kind of light-weight authentication equipment and authentication method based on PUF
CN108737076A (en) * 2017-04-13 2018-11-02 山东量子科学技术研究院有限公司 A kind of identity authorization system and identity identifying method
CN108920984A (en) * 2018-07-06 2018-11-30 北京计算机技术及应用研究所 The anti-clone of one kind distorts safe SSD main control chip framework
CN109040067A (en) * 2018-08-02 2018-12-18 广东工业大学 A kind of user authentication device and authentication method based on the unclonable technology PUF of physics

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8667265B1 (en) * 2010-07-28 2014-03-04 Sandia Corporation Hardware device binding and mutual authentication
US20140258736A1 (en) * 2013-03-08 2014-09-11 Robert Bosch Gmbh Systems and Methods for Maintaining Integrity and Secrecy in Untrusted Computing Platforms
CN104836669A (en) * 2015-05-08 2015-08-12 东南大学 Security authentication method based on SRAM PUF (Static Random Access Memory Physical Uncloable Function), terminal and authentication system
CN108737076A (en) * 2017-04-13 2018-11-02 山东量子科学技术研究院有限公司 A kind of identity authorization system and identity identifying method
CN108199845A (en) * 2017-12-08 2018-06-22 中国电子科技集团公司第三十研究所 A kind of light-weight authentication equipment and authentication method based on PUF
CN108920984A (en) * 2018-07-06 2018-11-30 北京计算机技术及应用研究所 The anti-clone of one kind distorts safe SSD main control chip framework
CN109040067A (en) * 2018-08-02 2018-12-18 广东工业大学 A kind of user authentication device and authentication method based on the unclonable technology PUF of physics

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
MARIO BARBARESCHI: ""A PUF-based hardware mutual authentication protocol"", 《OURNAL OF PARALLEL AND DISTRIBUTED COMPUTING》 *
刘丹: ""一种基于SRAM PUF的安全双向认证协议"", 《密码学报》 *

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112069555A (en) * 2020-08-13 2020-12-11 中国电子科技集团公司第三十研究所 Safe computer architecture based on double-hard-disk cold switching operation
CN112069555B (en) * 2020-08-13 2022-03-18 中国电子科技集团公司第三十研究所 Safe computer architecture based on double-hard-disk cold switching operation
WO2022259013A1 (en) 2021-06-07 2022-12-15 Telefonaktiebolaget Lm Ericsson (Publ) Storage device being authenticated to host by utilizing physically unclonable function (puf) for data encryption/decryption
WO2022259015A1 (en) 2021-06-07 2022-12-15 Telefonaktiebolaget Lm Ericsson (Publ) Storage device utilziing physically unclonable function (puf) based secret sharing scheme for data encryption/decryption

Also Published As

Publication number Publication date
CN110233729B (en) 2022-03-11

Similar Documents

Publication Publication Date Title
US11533297B2 (en) Secure communication channel with token renewal mechanism
WO2020087805A1 (en) Trusted authentication method employing two cryptographic values and chaotic encryption in measurement and control network
CN109379387B (en) Safety certification and data communication system between Internet of things equipment
CN103179086B (en) Remote storage processing method and the system of data
CN110958219B (en) SM2 proxy re-encryption method and device for medical cloud shared data
US20170142082A1 (en) System and method for secure deposit and recovery of secret data
CN110519046B (en) Quantum communication service station key negotiation method and system based on one-time asymmetric key pair and QKD
Rezaeighaleh et al. New secure approach to backup cryptocurrency wallets
US11874935B2 (en) Protecting data from brute force attack
CN113630416A (en) Secret authentication and provisioning
US20180219688A1 (en) Information Transmission Method and Mobile Device
CN109543434B (en) Block chain information encryption method, decryption method, storage method and device
CN108881960B (en) Intelligent camera safety control and data confidentiality method based on identification password
CN112383391A (en) Data security protection method based on data attribute authorization, storage medium and terminal
CN110233729A (en) A kind of encryption solid-state disk key management method based on PUF
CN104243494A (en) Data processing method
EP4300338A1 (en) Computer file security encryption method, computer file security decryption method, and readable storage medium
TWI476629B (en) Data security and security systems and methods
CN107911221B (en) Key management method for secure storage of solid-state disk data
CN109412795A (en) A kind of Virtual Intelligent cipher key
CN110837634B (en) Electronic signature method based on hardware encryption machine
CN109299618B (en) Quantum-resistant computing cloud storage method and system based on quantum key card
US11784812B1 (en) Device, system, and method to facilitate secure data transmission, storage and key management
Hussien et al. Scheme for ensuring data security on cloud data storage in a semi-trusted third party auditor
Xia et al. Design of secure FTP system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant