CN110889696A - Storage method, device, equipment and medium for alliance block chain secret key based on SGX technology - Google Patents

Storage method, device, equipment and medium for alliance block chain secret key based on SGX technology Download PDF

Info

Publication number
CN110889696A
CN110889696A CN201911181686.8A CN201911181686A CN110889696A CN 110889696 A CN110889696 A CN 110889696A CN 201911181686 A CN201911181686 A CN 201911181686A CN 110889696 A CN110889696 A CN 110889696A
Authority
CN
China
Prior art keywords
key
block chain
secret key
enclave
storing
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201911181686.8A
Other languages
Chinese (zh)
Inventor
李伟
邱炜炜
尹可挺
鲁校冉
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hangzhou Qulian Technology Co Ltd
Original Assignee
Hangzhou Qulian Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hangzhou Qulian Technology Co Ltd filed Critical Hangzhou Qulian Technology Co Ltd
Priority to CN201911181686.8A priority Critical patent/CN110889696A/en
Publication of CN110889696A publication Critical patent/CN110889696A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06QDATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3829Payment protocols; Details thereof insuring higher security of transaction involving key management
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6209Protecting access to data via a platform, e.g. using keys or access control rules to a single file or object, e.g. in a secure envelope, encrypted and accessed using a key, or with access control rules appended to the object itself

Abstract

The invention discloses a storage method, a device, equipment and a medium for a block chain key of a alliance based on an SGX technology, wherein the method comprises the following steps: generating a secret key and encrypting the secret key; importing the generated secret key and the password into a server side where Enclave (SGX secure area) is located through a trusted channel; after the successful import, deleting the corresponding secret key file and the corresponding password, not storing any information about the secret key, and only storing the data encapsulated by the Enclave; when the block chain platform uses the private key, identity authentication needs to be performed first, and after the identity authentication is passed, the encapsulated data needs to be decrypted in an envelope trusted environment. On a blockchain network, the Intel SGX can guarantee code and data security even if an attacker has gained control over the operating system. The SGX technology is adopted for storing the secret key, so that the problem of storing the certificate secret key can be solved.

Description

Storage method, device, equipment and medium for alliance block chain secret key based on SGX technology
Technical Field
The invention relates to the field of key storage of a federation block chain, in particular to a method, a device, equipment and a medium for storing a federation block chain key based on an SGX technology.
Background
The blockchain technology is a novel decentralized protocol, digital currency transactions or other data can be safely stored, information cannot be forged and falsified, transaction confirmation on the blockchain is completed by all nodes on the blockchain together, consistency of the transaction confirmation is guaranteed by a consensus algorithm, a public account book is maintained on the blockchain, and any node of the public account book on a storage block is visible, so that the digital currency transactions or other data cannot be forged and falsified.
SGX technology, Intel Software Guard Extensions, is an extension of the Intel instruction architecture for enhancing Software security. In summary, a set of TEE mechanisms provided by an Intel CPU encapsulates legal software in an Enclave (secure area) to protect the software.
The private keys of the traditional federation blockchain certificate are stored locally, for example, in a certificate mechanism of Hyperleger Fabric, the private keys corresponding to different certificates are stored in folders of corresponding local certificates, and if the private keys are leaked or stolen by others, corresponding pseudo certificates can be generated, which brings unnecessary troubles. How to store the private key of the certificate in a sufficiently secure environment for better practical production is also a serious challenge.
Disclosure of Invention
In view of this, embodiments of the present invention provide a method, an apparatus, a device, and a medium for storing a federation block chain key based on an SGX technology, which solve the problem that a key file stored in an insecure place may be maliciously stolen, thereby ensuring that a private key of a certificate is stored in a secure environment.
In a first aspect, an embodiment of the present invention provides a method for storing a federation block chain key based on an SGX technology, where the method includes:
s1, key generation: encrypting the secret key generated by using the certificate generation tool or the secret key acquired by a third party by adopting a symmetric encryption mode;
s2, transmitting to an envelope and packaging a secret key: before a block chain platform is operated, a generated secret key and a password are required to be led into a server side where Enclave is located through a trusted channel;
s3, clearing the secret key file and storing the encapsulated file: after the block chain platform is successfully introduced, deleting the corresponding secret key file and the corresponding password by the block chain platform, not storing any information about the secret key, and only storing the data encapsulated by the Enclave by the block chain platform;
s4, using a secret key: when the block chain platform uses the private key, identity authentication needs to be performed firstly, after the identity authentication is passed, the platform decrypts the encapsulated data in the Enclave trusted environment, the process of using the private key is performed in the Enclave trusted environment, and the private key cannot be exposed any more.
Further, in step S1, the key is preferably a private key.
Further, in step S1, the key is encrypted by AES.
Further, in step S1, the password used in the encryption includes numbers, letters, and special symbols.
Further, in step S2, the key is transmitted to the Enclave by using the trusted channel TNC, and the transmitted key is decrypted by using the Enclave and then sealed with the key data.
Further, in step S2, the step of encapsulating the key includes:
the code in the Enclave obtains a seal key by using an EGETKEY instruction, the seal key is derived by combining the identity and the signature information of the Enclave, the secret key is encrypted by adopting symmetric encryption, the encrypted private key is sealed by the public key of the seal key, then the private key is stored on a hard disk, a return value is obtained after encapsulation, and then the return value is stored on a platform.
Further, in step S4, the step of performing identity authentication on the blockchain platform includes:
when the block chain platform uses the envelope and the envelope is to be authenticated, the envelope executes an EREPORRT instruction, the identity and the additional information of the envelope generate a REPORT structure, a REPORT key of the queuing envelope is used for generating a MAC, the MAC and the REPORT structure are sent to a QE, the QE verifies the structure, the structure is packaged into a QUOTE structure, the signature is signed by using the read EPID key, the QUOTE and the signature are sent to a server side for verification, and the server side verifies by using the authentication service provided by the intel and returns a verification message to the block chain platform.
In a second aspect, an embodiment of the present invention provides a federation block chain key storage device based on an SGX technology, including:
the key generation module is used for generating a key and encrypting the key;
the transmission and encapsulation module is used for importing the generated secret key and the password into a server end where the Enclave is located through a trusted channel, and encapsulating the secret key after the generated secret key;
the clearing and packaging storage module is used for deleting the corresponding secret key file and the corresponding password after the successful import, not storing any information about the secret key, and only storing the data packaged by the Enclave;
and the secret key using module is used for firstly carrying out identity authentication and decrypting the encapsulated data in an Enclave trusted environment after the identity authentication is passed.
In a third aspect, an embodiment of the present invention provides an apparatus, including:
one or more processors;
a memory for storing one or more programs;
when executed by the one or more processors, cause the one or more processors to implement a federated blockchain key storage method that is based on SGX technology as described in the first aspect.
In a fourth aspect, an embodiment of the present invention provides a computer-readable storage medium, on which a computer program is stored, where the computer program is configured to, when executed by a processor, implement a federation block chain key storage method based on SGX technology according to the first aspect.
The embodiment of the invention adopting at least one technical scheme can achieve the following beneficial effects:
the block chain generally selects to store the certificate key on a block chain platform or to be stored by a user, but if the block chain is attacked maliciously by an attacker, the corresponding key may be lost, and the key storage method based on the SGX can well solve the problem of storing the certificate key.
Drawings
The accompanying drawings, which are included to provide a further understanding of the application and are incorporated in and constitute a part of this application, illustrate embodiment(s) of the application and together with the description serve to explain the application and not to limit the application. In the drawings:
FIG. 1 is a schematic diagram of the overall implementation of the method of the present invention;
FIG. 2 is a flow chart of the overall architecture of the method of the present invention.
Detailed Description
The present invention will be described in detail below with reference to the accompanying drawings and preferred embodiments, and the objects and effects of the present invention will become more apparent, and the present invention will be further described in detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
The secret key comprises a public key and a private key, the private key is used for signing, the public key is used for signature verification, the private key needs to be kept properly in an actual scene, and the public key is used for being sent to a person needing signature verification.
The first embodiment is as follows:
fig. 1 is a schematic diagram illustrating an overall implementation of a method for storing a federation block chain key based on an SGX technology in an embodiment of the present application, and fig. 2 is a flowchart illustrating an overall architecture of the method for storing a federation block chain key based on an SGX technology in an embodiment of the present application. The certificate key in the embodiment of the present application may be a chain certificate key, an organization certificate key, a node certificate key, or an sdk certificate key. The following description will use the private key in the certificate file keystore generated by the Hyperhedger Fabric platform as an example to describe the certificate key in detail.
S1: the server side firstly needs to install a corresponding environment supported by SGX, needs to install SGXSDK provided by Intel, generates a corresponding certificate file and a private key thereof by utilizing a tool cryptogen carried by Hyperleger Fabric, takes the private key under a generated keystone folder as an example, and encrypts the private key file by utilizing a symmetric encryption algorithm, such as an AES encryption algorithm, and stores the encrypted private key file, wherein the password needs certain complexity requirements (numbers, letters and special symbols), but does not need a very complex password so as to avoid increasing the memory pressure.
S2: the Hyperleger Fabric platform requests identity authentication for the envelope of the server side, after the authentication is passed, the Hyperleger Fabric transmits the private key file and the AES symmetric secret key to the envelope of the server side through the trusted channel TNC, the encrypted private key file is decrypted inside the envelope by using the secret key, then the private key is encrypted by using the symmetric encryption inside the envelope, and then the seal is performed by using the public key of the seal key.
After the file is transmitted to the Enclave, the Enclave encrypts the decrypted key file by adopting a symmetric encryption algorithm, randomly generates a symmetric key through a random number in the Enclave, encrypts the transmitted key file by using the symmetric encryption algorithm, calls the EGETKEY to obtain the seal key, encrypts the encrypted data and the symmetric key by using the public key of the seal key and then encapsulates the encrypted data and the symmetric key in a disk, and cannot decrypt or take out the symmetric key when the private key file is not used.
S3: after the private key file is transmitted and packaged, the private key plaintext on the Hyperleger Fabric platform and the encrypted private key file are completely deleted, and the Enclave end stores the packaged private key file in the Enclave to the HyperleggerFabric platform.
S4: when the Hyperleger Fabric platform signs a certificate by using a private key, the platform needs to request identity authentication for the envelope first, after the authentication is passed, the encapsulated data is decrypted inside the envelope, and the private key is used inside the envelope, so that the clear text of the private key cannot be exposed in the process if the certificate is signed.
The Hyperleger Fabric performs identity request authentication on Enclave, and the Enclave executes an EREPORRT instruction, generates a REPORT structure by using the identity of the Enclave and additional information, generates an MAC by using a reporting key of a queuing Enclave (called QE, one of multiple built-in enclaves), then sends the MAC together with the REPORT structure to QE, the QE verifies the structure, encapsulates the structure into a QUOTE structure, signs the QUOTE structure by using a read EPID key, sends the QUOTE and the signature together to a server for verification, and the server verifies by using an authentication service provided by intel and returns a verification message to a block chain platform.
And when decrypting the encapsulated data, using the EGETKEY instruction to take out the private key of the seal key, decrypting the encapsulated data, taking out the symmetric key encrypted by the private key, and decrypting the encrypted private key again to obtain the plaintext of the private key.
It should be noted that the present invention is also applicable to the encrypted storage of any key in the block chain.
Example two:
the storage device for the federation block chain key based on the SGX technology provided by this embodiment may be configured in a block chain node, and the storage device may execute the storage method for the federation block chain key based on the SGX technology provided by this embodiment of the present invention, and has corresponding functional modules and beneficial effects of the storage device for the federation block chain key based on the SGX technology. The device includes:
the key generation module is used for generating a key and encrypting the key;
the transmission and encapsulation module is used for importing the generated secret key and the password into a server end where the Enclave is located through a trusted channel, and encapsulating the secret key after the generated secret key;
the clearing and packaging storage module is used for deleting the corresponding secret key file and the corresponding password after the successful import, not storing any information about the secret key, and only storing the data packaged by the Enclave;
and the secret key using module is used for firstly carrying out identity authentication and decrypting the encapsulated data in an Enclave trusted environment after the identity authentication is passed.
Illustratively, the transmission and encapsulation module includes a key encapsulation unit, configured to obtain a seal key by using an EGETKEY instruction for a code in the envelope, where the seal key is derived by combining an identity of the envelope and signature information, encrypt the key by using symmetric encryption, seal the encrypted private key by using a public key of the seal key, store the sealed private key in the hard disk, obtain a return value after encapsulation, and store the return value in the platform.
Illustratively, the key using module includes an identity authentication unit, configured to, when using Enclave and when authenticating the Enclave, execute an erepet command by the Enclave, generate a REPORT structure from the identity of the Enclave and additional information, generate a MAC using a reporting key of the querying Enclave, send the MAC and the REPORT structure to a QE, where the QE verifies the structure, encapsulate the structure into a queue structure, sign the queue structure using the read EPID key, send the queue and the signature together to a server for verification, where the server verifies using an authentication service provided by intel and returns a verification message to the block chain platform.
Example three:
the present embodiments provide a device, the components of which may include but are not limited to: one or more processors or processing units, memory. The memory is used for storing one or more programs; when executed by the one or more processors, cause the one or more processors to implement the method for storing a federation blockchain key based on SGX technology according to embodiment one.
The memory is a storage device capable of supporting SGX operations (a list of supported devices detailing the Intel SGX official website), and may include at least one program product having a set (e.g., at least one) of program modules configured to perform the functions of embodiments of the present invention.
A program/utility having a set (at least one) of program modules may be stored, for instance, in memory, such program modules including, but not limited to, one or more application programs, other program modules, and program data, each of which examples or some combination may comprise an implementation of a network environment. The program modules generally perform the functions and/or methodologies of the described embodiments of the invention.
The device may also communicate with one or more SGX-configured devices and also with one or more devices that enable a user to interact with the device. Such communication may be through Intel SGX identity authentication.
The processing unit executes various functional applications and data processing by executing programs stored in the memory, for example, implementing a parallel execution method of transaction requests provided by an embodiment of the present invention.
Example four:
the present embodiment also provides a computer-readable storage medium, on which a computer program (or referred to as computer-executable instructions) is stored, where the program, when executed by a processor, is configured to perform a federation blockchain key storage method based on the SGX technology, where the method is described in the first embodiment.
The embodiment of the invention can be used for designing the language in the language of 'C/C + +' and is not supported by other languages. The program code may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on the remote computer or server. In the case of a remote computer, the remote computer may be connected to the user's computer through any type of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or the connection may be made to an external computer (for example, through the Internet using an Internet service provider).
It will be understood by those skilled in the art that the foregoing is only a preferred embodiment of the present invention, and is not intended to limit the invention, and although the invention has been described in detail with reference to the foregoing examples, it will be apparent to those skilled in the art that various changes in the form and details of the embodiments may be made and equivalents may be substituted for elements thereof. All modifications, equivalents and the like which come within the spirit and principle of the invention are intended to be included within the scope of the invention.

Claims (10)

1. A alliance block chain key storage method based on SGX technology is characterized by comprising the following steps:
s1, key generation: generating a secret key and encrypting the secret key;
s2, transmitting to an envelope and packaging a secret key: before a block chain platform is operated, a generated secret key and a password are required to be led into a server side where Enclave is located through a trusted channel;
s3, clearing the secret key file and storing the encapsulated file: after the block chain platform is successfully introduced, deleting the corresponding secret key file and the corresponding password by the block chain platform, not storing any information about the secret key, and only storing the data encapsulated by the Enclave by the block chain platform;
s4, using a secret key: when the block chain platform uses the private key, identity authentication needs to be performed first, and after the identity authentication is passed, the platform decrypts the encapsulated data in an envelope trusted environment.
2. The SGX technology-based federation block chain key storage method of claim 1, wherein in the step S1, the key is preferably a private key.
3. The SGX technology-based federation block chain key storage method of claim 2, wherein in step S1, the key is encrypted by AES.
4. The SGX technology-based federation block chain key storage method of claim 3, wherein in step S1, the password used in encryption includes numbers, letters, special symbols.
5. The SGX technology-based alliance block chain key storage method as claimed in claim 1, wherein in step S2, the key is transmitted to an Enclave using a trusted channel TNC, and the transmitted key is decrypted by using the Enclave and then sealed with key data.
6. The SGX technology-based federation block chain key storage method of claim 1, wherein in step S2, the step of encapsulating the key comprises:
the code in the Enclave obtains a seal key by using an EGETKEY instruction, the seal key is derived by combining the identity and the signature information of the Enclave, the secret key is encrypted by adopting symmetric encryption, the encrypted private key is sealed by the public key of the seal key, then the private key is stored on a hard disk, a return value is obtained after encapsulation, and then the return value is stored on a platform.
7. The SGX technology-based federation blockchain key storage method of claim 1, wherein in step S4, the step of performing identity authentication on the blockchain platform includes:
when the block chain platform uses the envelope and the envelope is to be authenticated, the envelope executes an EREPORRT instruction, the identity and the additional information of the envelope generate a REPORT structure, a REPORT key of the queuing envelope is used for generating a MAC, the MAC and the REPORT structure are sent to a QE, the QE verifies the structure, the structure is packaged into a QUOTE structure, the signature is signed by using the read EPID key, the QUOTE and the signature are sent to a server side for verification, and the server side verifies by using the authentication service provided by the intel and returns a verification message to the block chain platform.
8. A device for storing a federation blockchain key based on SGX technology, comprising:
the key generation module is used for generating a key and encrypting the key;
the transmission and encapsulation module is used for importing the generated secret key and the password into a server end where the Enclave is located through a trusted channel, and encapsulating the secret key after the generated secret key;
the clearing and packaging storage module is used for deleting the corresponding secret key file and the corresponding password after the successful import, not storing any information about the secret key, and only storing the data packaged by the Enclave;
and the secret key using module is used for firstly carrying out identity authentication and decrypting the encapsulated data in an Enclave trusted environment after the identity authentication is passed.
9. An apparatus, comprising:
one or more processors;
a memory for storing one or more programs;
when executed by the one or more processors, cause the one or more processors to implement a federated blockchain key storage method as recited in any one of claims 1-7 that is based on SGX technology.
10. A computer-readable storage medium, on which a computer program is stored, which, when being executed by a processor, implements a federation block chain key storage method based on SGX technology as claimed in any one of claims 1 to 7.
CN201911181686.8A 2019-11-27 2019-11-27 Storage method, device, equipment and medium for alliance block chain secret key based on SGX technology Pending CN110889696A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201911181686.8A CN110889696A (en) 2019-11-27 2019-11-27 Storage method, device, equipment and medium for alliance block chain secret key based on SGX technology

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201911181686.8A CN110889696A (en) 2019-11-27 2019-11-27 Storage method, device, equipment and medium for alliance block chain secret key based on SGX technology

Publications (1)

Publication Number Publication Date
CN110889696A true CN110889696A (en) 2020-03-17

Family

ID=69749052

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201911181686.8A Pending CN110889696A (en) 2019-11-27 2019-11-27 Storage method, device, equipment and medium for alliance block chain secret key based on SGX technology

Country Status (1)

Country Link
CN (1) CN110889696A (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111090875A (en) * 2020-03-18 2020-05-01 支付宝(杭州)信息技术有限公司 Contract deployment method and device
CN111475782A (en) * 2020-04-08 2020-07-31 浙江大学 API (application program interface) key protection method and system based on SGX (secure gateway) software extension instruction
CN112711774A (en) * 2021-03-25 2021-04-27 腾讯科技(深圳)有限公司 Data processing method, device, equipment and storage medium

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107919954A (en) * 2017-10-20 2018-04-17 浙江大学 A kind of block chain user key guard method and device based on SGX
CN109150517A (en) * 2018-09-04 2019-01-04 大唐高鸿信安(浙江)信息科技有限公司 Key security management system and method based on SGX
CN109766712A (en) * 2018-12-14 2019-05-17 华东师范大学 A kind of reference report circulation method based on block chain and Intel SGX
CN109862046A (en) * 2019-04-10 2019-06-07 南京大学 Anonymous methods can be traced in a kind of alliance's chain
CN110138799A (en) * 2019-05-30 2019-08-16 东北大学 A kind of secure cloud storage method based on SGX

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107919954A (en) * 2017-10-20 2018-04-17 浙江大学 A kind of block chain user key guard method and device based on SGX
CN109150517A (en) * 2018-09-04 2019-01-04 大唐高鸿信安(浙江)信息科技有限公司 Key security management system and method based on SGX
CN109766712A (en) * 2018-12-14 2019-05-17 华东师范大学 A kind of reference report circulation method based on block chain and Intel SGX
CN109862046A (en) * 2019-04-10 2019-06-07 南京大学 Anonymous methods can be traced in a kind of alliance's chain
CN110138799A (en) * 2019-05-30 2019-08-16 东北大学 A kind of secure cloud storage method based on SGX

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111090875A (en) * 2020-03-18 2020-05-01 支付宝(杭州)信息技术有限公司 Contract deployment method and device
CN111475782A (en) * 2020-04-08 2020-07-31 浙江大学 API (application program interface) key protection method and system based on SGX (secure gateway) software extension instruction
CN112711774A (en) * 2021-03-25 2021-04-27 腾讯科技(深圳)有限公司 Data processing method, device, equipment and storage medium

Similar Documents

Publication Publication Date Title
US8660266B2 (en) Method of delivering direct proof private keys to devices using an on-line service
US10680816B2 (en) Method and system for improving the data security during a communication process
CN110138799B (en) SGX-based secure cloud storage method
US8495383B2 (en) Method for the secure storing of program state data in an electronic device
CN110889696A (en) Storage method, device, equipment and medium for alliance block chain secret key based on SGX technology
CN107453880B (en) Cloud data secure storage method and system
US20200112430A1 (en) Systems and Methods for Deployment, Management and Use of Dynamic Cipher Key Systems
CN109510708B (en) Public key password calculation method and system based on Intel SGX mechanism
CN108347419A (en) Data transmission method and device
CN102082790A (en) Method and device for encryption/decryption of digital signature
CN102571329A (en) Password key management
CN105991569A (en) Safe transmission method of TLS communication data
US10880100B2 (en) Apparatus and method for certificate enrollment
CN109379387B (en) Safety certification and data communication system between Internet of things equipment
CN103378971A (en) Data encryption system and method
CN105871858A (en) Method and system for ensuring high data safety
EP3292654B1 (en) A security approach for storing credentials for offline use and copy-protected vault content in devices
CN101834852A (en) Realization method of credible OpenSSH for protecting platform information
KR20140071775A (en) Cryptography key management system and method thereof
Hussien et al. Scheme for ensuring data security on cloud data storage in a semi-trusted third party auditor
KR101929355B1 (en) Encryption and decryption system using unique serial number and symmetric cryptography
Wu et al. Secure key management of mobile agent system using tpm-based technology on trusted computing platform
Anto Ajisha Shriny et al. Design and implementation of the protocol for secure software-based remote attestation in IoT devices
US20210390189A1 (en) Enhanced security systems and methods using a hybrid security solution
CN108809936B (en) Intelligent mobile terminal identity verification method based on hybrid encryption algorithm and implementation system thereof

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination