CN110233729B - Encrypted solid-state disk key management method based on PUF - Google Patents
Encrypted solid-state disk key management method based on PUF Download PDFInfo
- Publication number
- CN110233729B CN110233729B CN201910587599.6A CN201910587599A CN110233729B CN 110233729 B CN110233729 B CN 110233729B CN 201910587599 A CN201910587599 A CN 201910587599A CN 110233729 B CN110233729 B CN 110233729B
- Authority
- CN
- China
- Prior art keywords
- state disk
- solid
- key
- ukey
- encrypted
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0643—Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/085—Secret sharing or secret splitting, e.g. threshold schemes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3234—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving additional secure or trusted devices, e.g. TPM, smartcard, USB or software token
Abstract
The invention relates to a cryptographic solid-state disk key management method based on PUF, which comprises the following steps: powering on the host computer, and performing bios self-checking; and the safety UKey verifies the identity of the encrypted solid-state disk, the user verifies the password, and if the password is verified, the password hash value and the threshold key component are sent to the encrypted solid-state disk, and the encrypted solid-state disk verifies the identity of the safety UKey. The invention introduces the use of PUF in the hierarchical management of the key and the mutual authentication of the key. A threshold encryption algorithm is introduced in the key management process, data key ciphertexts are respectively stored in a safe UKey and a solid-state disk after being decomposed, and a complete data key cannot be recovered when any party is stolen. The key interactive authentication adopts the PUF value electrically generated by the built-in PUF module of the encryption solid-state disk as an authentication core trust root, and the authentication security and reliability are stronger.
Description
Technical Field
The invention relates to the technical field of information security, in particular to a PUF-based encrypted solid-state disk key management method.
Background
As a common way for protecting sensitive information for enterprises and individual users, an encryption solid-state disk has a key management scheme which is a core part of the whole security system, and the theft of keys will cause the collapse of the whole security system.
The existing key storage scheme for the encrypted solid-state disk mainly adopts a multi-level key management mode and protects the key in a multi-level management and control mode. However, whether the key is stored on a UKey, a solid-state disk, or other single storage medium, once the device storing the key is stolen, the key is read, and risk of data theft is encountered. The idea of the threshold encryption scheme (t, n) is to divide the secret into n parts of shadows, distribute the shadows to n participants, and recover the key by the cooperation of any participants more than or equal to t. The threshold scheme is applied to the key management of the encrypted solid-state disk, so that the security risk can be dispersed, and the data security is ensured.
The authentication methods of the existing key management schemes mainly include the following two types: the authentication mode of the public and private key pair is that the public and private key pair is distributed to both authentication parties, and whether the public and private key pair is legal or not is verified by verifying whether the public and private key pair is matched or not during authentication handshake, so that the problems that the consumed resources are overlarge and a third-party key distribution center is required to be introduced exist; the authentication mode of the symmetric algorithm is that whether the key and the algorithm of the two parties are the same or not is verified to verify whether the key and the algorithm of the two parties are legal or not during authentication handshake through the common symmetric cryptographic algorithm and the same key of the two parties, and the problem exists that the two parties face the problem of key storage, and once the authentication key is stolen, a security system is broken.
Disclosure of Invention
The present invention aims to provide a PUF-based encrypted solid-state disc key management method, which is used to solve the above-mentioned problems of the prior art.
The invention discloses a PUF-based encrypted solid-state disk key management method, which comprises the following steps: powering on the host computer, and performing bios self-checking; the safety UKey verifies the identity of the encrypted solid-state disk, the user verifies the password, and the password hash value and the threshold key component are sent to the encrypted solid-state disk after the verification is passed, and the encrypted solid-state disk verifies the safety UKey identity, which comprises the following steps: the safety UKey generates a random number a and sends hash values K and a to the encryption solid-state disk; the encryption solid-state disk receives the hash values K and a and generates a random number b; the XOR K and the PUF value P generate N, the encryption solid-state disk calculates N by using a hash algorithm to generate N, the encryption solid-state disk encrypts a by using N as a key to generate A by using a symmetric cryptographic algorithm X, and A and b are sent to a secure Ukey; the safety UKey receives A and decrypts A by using the stored N as a secret key to generate a'; checking whether the decryption result is consistent with the generated a, and if so, considering the encrypted solid-state disk to be credible by the safety UKey; b is generated by encrypting B by using N as a key and a symmetric cryptographic algorithm X, and B and a threshold key component E2 are sent to an encrypted solid-state disk; the user inputs the password K ', calculates the hash value K ' of the password K ', checks whether the calculation result is consistent with the password hash value K stored in the safety UKey, and if so, the user identity is considered to be legal; sending K' to the encrypted solid-state disk; the encrypted solid-state disk receives B and K ', XOR K ' and PUF value P to generate N ', the encrypted solid-state disk uses a hash algorithm to calculate N ' to generate N ', the encrypted solid-state disk uses a symmetric cryptographic algorithm X, and the N ' is used as a key to decrypt B to generate B ', whether a decryption result is in accordance with B is checked, and if the decryption result is in accordance with B, the encrypted solid-state disk considers that the UKey is safe and credible; and the encrypted solid-state disk recovers the data key, decrypts the data in the disk and starts the system.
An embodiment of the method for managing the encryption solid-state disk key according to the present invention further includes: the method comprises the steps of binding a security Ukey and an encryption solid-state disk one by one in a security environment for the first time, setting a password K by a user, calculating a hash value K of the password K, calculating a combined value N of the password value K and an encryption solid-state disk PUF value P, calculating a hash value N of the combined value N by the encryption solid-state disk through a hash algorithm, and storing the hash value N and the user password hash value K by the security Ukey.
According to an embodiment of the encrypted solid-state disk key management method of the present invention, an encrypted solid-state disk PUF value P is used as a root key, a symmetric encryption algorithm Y is used, a data key E is encrypted with the PUF value P, a data key ciphertext E is generated, the data key ciphertext E is decomposed with a threshold algorithm, a part of the threshold data key ciphertext E1 is stored in the solid-state disk, and a part of the threshold data key ciphertext E2 is stored in the secure UKey.
According to an embodiment of the method for managing the key of the encrypted solid-state disk, the total threshold key component number is n, when the threshold key component number is greater than or equal to a threshold t, a complete data key ciphertext can be solved, the data key component number x < t stored in the secure UKey, the data key component number y < t, x + y > t stored in the encrypted solid-state disk, and the secure Ukey and the key components in the encrypted solid-state disk need to be acquired to recover the complete data key ciphertext.
According to an embodiment of the method for managing the key of the encrypted solid-state disk, after the encrypted solid-state disk verifies the identity of the secure UKey, the encrypted solid-state disk uses a threshold algorithm to synthesize the self-stored threshold data key ciphertext component E1 and the received threshold data key ciphertext component E2 from the secure UKey into a complete data key ciphertext E, the encrypted solid-state disk uses a symmetric encryption algorithm Y, and the PUF value is used as the key to decrypt the data key ciphertext E to obtain the data key plaintext E.
The invention makes full use of the physical unclonable nature of PUF values. In the authentication process, an encrypted solid-state disk PUF value is used as a credible core of security authentication, and a brand-new authentication handshake method is designed by combining a hash algorithm and a symmetric encryption algorithm. Compared with public and private key pair authentication, the method has the advantages of less resource consumption and higher computing speed. Compared with the traditional symmetric algorithm authentication disk end, the authentication key does not need to be stored, the reliability of mutual authentication of the UKey and the encrypted solid-state disk after the binding is ensured by the physical unclonable characteristic of the PUF value, and the safety and the reliability of the authentication process are integrally improved by the method.
Drawings
Fig. 1 is a schematic diagram illustrating a security mode of a PUF-based encryption solid-state disc key management method;
FIG. 2 is an authentication flow diagram of a PUF-based encrypted solid-state disk key management method;
fig. 3 is a key structure diagram of a PUF-based encryption solid-state disc key management method.
Detailed Description
In order to make the objects, contents, and advantages of the present invention clearer, the following detailed description of the embodiments of the present invention will be made in conjunction with the accompanying drawings and examples.
Fig. 1 is a schematic diagram illustrating a security mode of a PUF-based encryption solid-state disk key management method, and fig. 2 is an authentication flow chart of the PUF-based encryption solid-state disk key management method; fig. 3 is a key structure diagram of a PUF-based encryption solid-state disk key management method, as shown in fig. 1 to 3, a PUF-based encryption solid-state disk key management method includes:
(1) powering on the host computer, and performing bios self-checking;
(2) the safety UKey verifies the identity of the encrypted solid-state disk;
(3) the user verifies the password, and if the password passes the verification, the password hash value and the threshold key component are sent to the encrypted solid-state disk;
(4) the encrypted solid-state disk verifies the identity of the safe UKey;
(5) and if the verification is passed, the solid-state disk is encrypted to recover the data key, the data in the disk is decrypted, and the system is started.
As shown in fig. 1 to fig. 3, initialization is required before use, that is, the secure Ukey and the encrypted solid-state disk are bound one by one in the secure environment for the first time. The method comprises the steps that a user sets a password K, calculates a hash value K of the password K, and calculates a combined value N of the password value K and a PUF value P of an encrypted solid-state disk, the combining method can be exclusive OR or splicing, the encrypted solid-state disk uses a hash algorithm to calculate the hash value N of the combined value N, and a secure UKey stores the hash value N and the user password hash value K.
As shown in fig. 1 to fig. 3, the three-party authentication process includes the following detailed steps:
(1) and the safety UKey generates a random number a and sends K and a to the encryption solid-state disk.
(2) The encryption solid-state disk receives K and a and generates a random number b. And the XOR K and the PUF value P generate N, and the encrypted solid-state disk calculates N by using a hash algorithm to generate N. The encryption solid-state disk uses a symmetric cryptographic algorithm X, encrypts a by taking N as a key to generate A, and sends A and b to a secure UKey.
(3) The secure UKey receives A and decrypts A using the stored N as a key to generate a'. And (4) checking whether the decryption result is consistent with the a generated in the step (1), and if so, considering that the encrypted solid-state disk is credible by the security UKey. The security UKey uses N as a key, a cryptographic algorithm X encrypts B to generate B, and B and a threshold key component E2 are sent to an encrypted solid-state disk.
(4) And the user inputs the password K ', calculates the hash value K ' of the password K ', and checks whether the calculation result is consistent with the password hash value K stored in the safety UKey or not, and if so, the user identity is considered to be legal. K' is sent to the encrypted solid state disk.
(5) The encrypted solid state disk receives B and K'. XOR K 'and PUF value P to generate N', and calculating N 'by using hash algorithm to generate N' in the encrypted solid-state disk. The encrypted solid-state disk uses a symmetric cryptographic algorithm X to decrypt B by taking N 'as a secret key to generate B'. And (3) checking whether the decryption result is consistent with b generated in the step (2), and if so, considering the security UKey as credible by the encrypted solid-state disk.
(6) The encrypted solid-state disk synthesizes the self-stored threshold data key ciphertext component E1 and the received threshold data key ciphertext component E2 from the security UKey into a complete data key ciphertext E by using a threshold cryptographic algorithm. And the encrypted solid-state disk decrypts the data key ciphertext E by using the PUF value as a key by using a symmetric encryption algorithm Y to obtain a data key plaintext E. The authentication process ends.
Wherein the key management employs an encrypted solid-state disk PUF value P as a root key. And encrypting the data key E by using the PUF value P by using a symmetric encryption algorithm Y to generate a data key ciphertext E. And decomposing the data key ciphertext E by using a threshold cryptographic algorithm, storing a part of the threshold data key ciphertext E1 in an encrypted solid-state disk, and storing a part of the threshold data key ciphertext E2 in a safe UKey.
Wherein, the threshold cryptographic algorithm (t, n) has the total threshold key component number of n, and t is less than n. And when the threshold key component number is less than t, the complete data key ciphertext cannot be solved. The data key component number x < t stored in UKey, and the data key component number y < t, x + y > t stored in the encrypted solid-state disk. The complete data key ciphertext cannot be recovered by independently acquiring the secure UKey or encrypting the key component in the solid-state disk.
In the key management process, the PUF value of the encrypted solid-state disk is used as a root key for key management, the physical unclonable attribute of the PUF value is fully utilized, and the security of the root key is improved. Compared with the traditional key storage mode, any party who steals cannot acquire the complete data key ciphertext, and the safety of an encryption system is improved.
The invention has the beneficial effects that:
(1) in the authentication process, an encrypted solid-state disk PUF value is used as a credible core of security authentication, and a brand-new authentication handshake method is designed by combining a hash algorithm and a symmetric encryption algorithm. Compared with public and private key pair authentication, the method has the advantages of less resource consumption and higher computing speed. Compared with the existing symmetric algorithm authentication disk end, the authentication key does not need to be stored, the reliability of mutual authentication of the UKey and the encrypted solid-state disk after the binding is ensured by the physical unclonable characteristic of the PUF value, and the security and the reliability of the authentication process are integrally improved by the method.
(2) In the key management process, the PUF value of the encrypted solid-state disk is used as a root key for key management, the physical unclonable attribute of the PUF value is fully utilized, and the security of the root key is improved. Compared with the existing key storage mode, any party who steals cannot acquire the complete data key ciphertext, and the safety of an encryption system is improved.
The invention introduces the use of PUF in the hierarchical management of the key and the mutual authentication of the key. The key hierarchical management adopts a PUF value electrically generated by a built-in PUF module of an encryption solid-state disk main control chip as a root key to encrypt a data key. The PUF value can be unreadable and has the physical unclonable characteristic, and the security of the root key is guaranteed. A threshold encryption algorithm is introduced in the key management process, data key ciphertexts are respectively stored in a safe UKey and a solid-state disk after being decomposed, and a complete data key cannot be recovered when any party is stolen. Compared with the scheme of the existing public and private key pair authentication and symmetric encryption algorithm authentication, the key interaction authentication only needs to store the key in a UKey single way, and the authentication security and reliability are higher.
The above description is only a preferred embodiment of the present invention, and it should be noted that, for those skilled in the art, several modifications and variations can be made without departing from the technical principle of the present invention, and these modifications and variations should also be regarded as the protection scope of the present invention.
Claims (5)
1. A cryptographic solid state disk key management method based on PUF is characterized by comprising the following steps:
powering on the host computer, and performing bios self-checking;
the safety UKey verifies the identity of the encrypted solid-state disk and the verification password of the user, if the verification is passed, the password hash value and the threshold key component are sent to the encrypted solid-state disk, and the encrypted solid-state disk verifies the safety UKey identity, which comprises the following steps:
the safety UKey generates a random number a and sends hash values K and a to the encryption solid-state disk;
the encryption solid-state disk receives the hash values K and a and generates a random number b; the XOR K and the PUF value P generate N, the encryption solid-state disk calculates N by using a hash algorithm to generate N, the encryption solid-state disk encrypts a by using N as a key to generate A by using a symmetric cryptographic algorithm X, and A and b are sent to a secure Ukey;
the safety UKey receives A and decrypts A by using the stored N as a secret key to generate a'; checking whether the decryption result is consistent with the generated a, and if so, considering the encrypted solid-state disk to be credible by the safety UKey; b is generated by encrypting B by using N as a key and a symmetric cryptographic algorithm X, and B and a threshold key component E2 are sent to an encrypted solid-state disk;
the user inputs the password K ', calculates the hash value K ' of the password K ', checks whether the calculation result is consistent with the password hash value K stored in the safety UKey, and if so, the user identity is considered to be legal; sending K' to the encrypted solid-state disk;
the encrypted solid-state disk receives B and K ', XOR K ' and PUF value P to generate N ', the encrypted solid-state disk uses a hash algorithm to calculate N ' to generate N ', the encrypted solid-state disk uses a symmetric cryptographic algorithm X, and the N ' is used as a key to decrypt B to generate B ', whether a decryption result is in accordance with B is checked, and if the decryption result is in accordance with B, the encrypted solid-state disk considers that the UKey is safe and credible;
and the encrypted solid-state disk recovers the data key, decrypts the data in the disk and starts the system.
2. The method of encrypted solid-state disk key management of claim 1, further comprising: the method comprises the steps of binding a security Ukey and an encryption solid-state disk one by one in a security environment for the first time, setting a password K by a user, calculating a hash value K of the password K, calculating a combined value N of the password value K and an encryption solid-state disk PUF value P, calculating a hash value N of the combined value N by the encryption solid-state disk through a hash algorithm, and storing the hash value N and the user password hash value K by the security Ukey.
3. The method of claim 1, wherein the encrypted solid-state disk key management method uses an encrypted solid-state disk PUF value P as a root key, uses a symmetric encryption algorithm Y to encrypt a data key E with the PUF value P, generates a data key ciphertext E, decomposes the data key ciphertext E using a threshold algorithm, stores a portion of the threshold data key ciphertext E1 in the solid-state disk, and stores a portion of the threshold data key ciphertext E2 in the secure UKey.
4. The method for managing the key of the encrypted solid-state disk according to claim 1, wherein the total threshold number of key components is n, when the threshold number of key components is greater than or equal to a threshold t, the complete data key ciphertext can be solved, the number x < t of data key components stored in the secure UKey, the number y < t, x + y > t of data key components stored in the encrypted solid-state disk, and the secure UKey and the key components in the encrypted solid-state disk need to be obtained to recover the complete data key ciphertext.
5. The method for managing the encryption key of the solid-state disk according to claim 1, wherein after the identity of the security UKey is verified by the encryption solid-state disk, the encryption solid-state disk uses a threshold algorithm to synthesize the self-stored threshold data key ciphertext component E1 with the received threshold data key ciphertext component E2 from the security UKey into a complete data key ciphertext E, the encryption solid-state disk uses a symmetric encryption algorithm Y, and the data key ciphertext E is decrypted by using the PUF value as the key to obtain a data key plaintext E.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910587599.6A CN110233729B (en) | 2019-07-02 | 2019-07-02 | Encrypted solid-state disk key management method based on PUF |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910587599.6A CN110233729B (en) | 2019-07-02 | 2019-07-02 | Encrypted solid-state disk key management method based on PUF |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN110233729A CN110233729A (en) | 2019-09-13 |
| CN110233729B true CN110233729B (en) | 2022-03-11 |
Family
ID=67857741
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910587599.6A Active CN110233729B (en) | 2019-07-02 | 2019-07-02 | Encrypted solid-state disk key management method based on PUF |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN110233729B (en) |
Families Citing this family (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112069555B (en) * | 2020-08-13 | 2022-03-18 | 中国电子科技集团公司第三十研究所 | Safe computer architecture based on double-hard-disk cold switching operation |
| EP4352645A1 (en) | 2021-06-07 | 2024-04-17 | Telefonaktiebolaget LM Ericsson (publ) | Storage device utilziing physically unclonable function (puf) based secret sharing scheme for data encryption/decryption |
| CN117501271A (en) | 2021-06-07 | 2024-02-02 | 瑞典爱立信有限公司 | Authenticating a storage device to a host by encrypting/decrypting data using a physical unclonable function PUF |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8667265B1 (en) * | 2010-07-28 | 2014-03-04 | Sandia Corporation | Hardware device binding and mutual authentication |
| CN104836669A (en) * | 2015-05-08 | 2015-08-12 | 东南大学 | Security authentication method based on SRAM PUF (Static Random Access Memory Physical Uncloable Function), terminal and authentication system |
| CN108199845A (en) * | 2017-12-08 | 2018-06-22 | 中国电子科技集团公司第三十研究所 | A kind of light-weight authentication equipment and authentication method based on PUF |
| CN108737076A (en) * | 2017-04-13 | 2018-11-02 | 山东量子科学技术研究院有限公司 | A kind of identity authorization system and identity identifying method |
| CN108920984A (en) * | 2018-07-06 | 2018-11-30 | 北京计算机技术及应用研究所 | The anti-clone of one kind distorts safe SSD main control chip framework |
| CN109040067A (en) * | 2018-08-02 | 2018-12-18 | 广东工业大学 | A kind of user authentication device and authentication method based on the unclonable technology PUF of physics |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US9367701B2 (en) * | 2013-03-08 | 2016-06-14 | Robert Bosch Gmbh | Systems and methods for maintaining integrity and secrecy in untrusted computing platforms |
-
2019
- 2019-07-02 CN CN201910587599.6A patent/CN110233729B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8667265B1 (en) * | 2010-07-28 | 2014-03-04 | Sandia Corporation | Hardware device binding and mutual authentication |
| CN104836669A (en) * | 2015-05-08 | 2015-08-12 | 东南大学 | Security authentication method based on SRAM PUF (Static Random Access Memory Physical Uncloable Function), terminal and authentication system |
| CN108737076A (en) * | 2017-04-13 | 2018-11-02 | 山东量子科学技术研究院有限公司 | A kind of identity authorization system and identity identifying method |
| CN108199845A (en) * | 2017-12-08 | 2018-06-22 | 中国电子科技集团公司第三十研究所 | A kind of light-weight authentication equipment and authentication method based on PUF |
| CN108920984A (en) * | 2018-07-06 | 2018-11-30 | 北京计算机技术及应用研究所 | The anti-clone of one kind distorts safe SSD main control chip framework |
| CN109040067A (en) * | 2018-08-02 | 2018-12-18 | 广东工业大学 | A kind of user authentication device and authentication method based on the unclonable technology PUF of physics |
Non-Patent Citations (2)
| Title |
|---|
| "A PUF-based hardware mutual authentication protocol";Mario Barbareschi;《ournal of Parallel and Distributed Computing》;20180418;全文 * |
| "一种基于SRAM PUF的安全双向认证协议";刘丹;《密码学报》;20170815;全文 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN110233729A (en) | 2019-09-13 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| KR101999188B1 (en) | Secure personal devices using elliptic curve cryptography for secret sharing | |
| KR101010040B1 (en) | File encryption/decryption method, device, program, and computer-readable recording medium containing the program | |
| CN103179086B (en) | Remote storage processing method and the system of data | |
| US9043610B2 (en) | Systems and methods for data security | |
| US20160323105A1 (en) | Device, server and method for providing secret key encryption and restoration | |
| US20100005318A1 (en) | Process for securing data in a storage unit | |
| CN110958219B (en) | SM2 proxy re-encryption method and device for medical cloud shared data | |
| US11874935B2 (en) | Protecting data from brute force attack | |
| US8806206B2 (en) | Cooperation method and system of hardware secure units, and application device | |
| CN107908574B (en) | Safety protection method for solid-state disk data storage | |
| CN110233729B (en) | Encrypted solid-state disk key management method based on PUF | |
| CN110868291B (en) | Data encryption transmission method, device, system and storage medium | |
| CN107920052B (en) | Encryption method and intelligent device | |
| CN113472793A (en) | Personal data protection system based on hardware password equipment | |
| EP4300338A1 (en) | Computer file security encryption method, computer file security decryption method, and readable storage medium | |
| CN112383391A (en) | Data security protection method based on data attribute authorization, storage medium and terminal | |
| TWI476629B (en) | Data security and security systems and methods | |
| CN107911221B (en) | Key management method for secure storage of solid-state disk data | |
| JP2022542095A (en) | Hardened secure encryption and decryption system | |
| CN110837634B (en) | Electronic signature method based on hardware encryption machine | |
| CN112685786A (en) | Financial data encryption and decryption method, system, equipment and storage medium | |
| CN109412795A (en) | A kind of Virtual Intelligent cipher key | |
| CN110365472B (en) | Quantum communication service station digital signature method and system based on asymmetric key pool pair | |
| CN109299618B (en) | Quantum-resistant computing cloud storage method and system based on quantum key card | |
| CN112787996B (en) | Password equipment management method and system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |