CN112286550A - Security signature algorithm for system upgrade of embedded equipment - Google Patents

Security signature algorithm for system upgrade of embedded equipment Download PDF

Info

Publication number
CN112286550A
CN112286550A CN202011138496.0A CN202011138496A CN112286550A CN 112286550 A CN112286550 A CN 112286550A CN 202011138496 A CN202011138496 A CN 202011138496A CN 112286550 A CN112286550 A CN 112286550A
Authority
CN
China
Prior art keywords
signature
data
signature algorithm
block
algorithm
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202011138496.0A
Other languages
Chinese (zh)
Inventor
仵晨阳
孙荣卫
张波
武鹏程
高佳玲
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shanghai Abup Intelligent Technology Co ltd
Original Assignee
Shanghai Abup Intelligent Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shanghai Abup Intelligent Technology Co ltd filed Critical Shanghai Abup Intelligent Technology Co ltd
Priority to CN202011138496.0A priority Critical patent/CN112286550A/en
Publication of CN112286550A publication Critical patent/CN112286550A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/60Software deployment
    • G06F8/65Updates
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Techniques For Improving Reliability Of Storages (AREA)

Abstract

The invention discloses a security signature algorithm for system upgrade of an embedded device, which belongs to the technical field of embedded operating system upgrade and data security encryption and comprises the following steps: reading a binary data packet to be differentiated; step two, partitioning the data packet; respectively signing the data blocks by using a preset signature algorithm, and recording signature algorithm mark values; step four, checking the signature data of the corresponding block, judging whether the signature data conflict, and if the signature conflict does not occur, performing step seven; and step five, if the signature data conflicts, adjusting the size of the blocks, repeating the step two to the step four until the signature of the data block is unique, and performing the step seven. The method of the invention completely avoids the hidden trouble of upgrading failure caused by data block label conflict theoretically and practically, and improves the safety of system upgrading.

Description

Security signature algorithm for system upgrade of embedded equipment
Technical Field
The invention relates to the technical field of embedded operating system upgrading and data security encryption, in particular to a security signature algorithm for embedded equipment system upgrading.
Background
Embedded operating systems are widely used in various fields, and update of terminal systems is also a routine iteration in order to adapt to service updates. In order to improve the reliability and the safety of system upgrading and eliminate the hidden trouble of upgrading failure under the condition of upgrading power failure, the invention develops a safety signature algorithm aiming at the upgrading of an embedded device system based on the invention patents ' differential upgrading algorithm aiming at the binary system file of IOT equipment ', self-adaptive bidirectional differential algorithm based on block write-back ' and ' mixed packing compression technology of integer arrays ' which are self-developed by the company.
Disclosure of Invention
The invention aims to provide a security signature algorithm for upgrading an embedded device system, so as to solve the problems in the background technology.
In order to achieve the purpose, the invention provides the following technical scheme: a security signature algorithm for system upgrade of an embedded device comprises the following steps:
reading a binary data packet to be differentiated;
step two, partitioning the data packet;
respectively signing the data blocks by using a preset signature algorithm, and recording signature algorithm mark values;
step four, checking the signature data of the corresponding block, judging whether the signature data conflict, and if the signature conflict does not occur, performing step seven;
step five, if the signature data conflicts, adjusting the size of the blocks, repeating the step two to the step four until the signature of the data block is unique, and performing the step seven;
step six, if the signature algorithm is used, and the signature conflict occurs in the block size adjusted each time, the signature algorithm needs to be replaced, and the steps two to five are repeated until the signature of the data block is unique;
recording the size of the blocks, the signature data and the mark value of the signature algorithm;
step eight, differentiating and packaging the successfully partitioned data;
and step nine, compressing the packed data, and writing the difference packet into the difference packet.
Preferably, the signature algorithm replaced in the sixth step is murmurr 3, CRC32, xxHash or lookup3, and the sequence of replacing the signature algorithm is murmurr 3, CRC32, xxHash and lookup 3.
Preferably, the data obtained by the difference in the step eight is packed into an integer array by using a basic storage bit number smaller than the integer storage length.
Preferably, the difference in the step eight is divided into a forward direction and a reverse direction, and the forward direction and the reverse direction are performed simultaneously.
Preferably, the binary data packet includes an old version and a new version.
Compared with the prior art, the invention has the beneficial effects that:
according to the invention, data is blocked and signature check is carried out before difference, so that the uniqueness of signature and the reliability of power failure upgrade are ensured; the method of the invention completely avoids hidden trouble of upgrading failure caused by data block label conflict theoretically and practically, and improves the safety of system upgrading.
Drawings
FIG. 1 is a flow chart of an algorithm for generating unique signature data in accordance with the present invention;
FIG. 2 is a diagram illustrating uniqueness of signatures according to the present invention, wherein (a) is a diagram illustrating a case where a power failure occurs during upgrade, (b) is a diagram illustrating a situation where all signatures of data blocks conflict, and (c) is a diagram illustrating a situation where no signatures of data blocks conflict;
FIG. 3 is a diagram illustrating signature algorithm tag values according to the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Referring to fig. 1, the present invention provides a technical solution: a security signature algorithm for system upgrade of an embedded device comprises the following steps:
step 101, reading a binary data packet to be differentiated.
And 102, respectively blocking the data packets of the new and old versions.
103, respectively signing the data blocks by using a preset signature algorithm so as to generate power failure during upgrading and accurately position the power failure position to continue upgrading; the failure of upgrading under the condition of power failure is avoided.
And 104, verifying the signature data, judging whether the signatures of the blocks corresponding to the new version and the old version are the same, and if the signature data of the corresponding blocks are different, executing the step 107.
If the signatures are the same, step 105 further determines whether the corresponding data contents are the same, and if the data contents are the same and there is no data signature conflict, step 107 is performed.
And 106, if the data contents are different and the data signature conflict occurs in the block, adjusting the size of the data block, and repeating the steps 102 to 105 to ensure the uniqueness of the signature data and avoid the data signature conflict.
And step 107, recording the size of the block, the signature data of the new version and the old version and the mark value of the used algorithm, and writing the difference packet.
And 108, differentiating the data with the unique signature, and packaging the differential result.
Step 109, compress the packed data and write the differential packet.
In the embodiment, the differential data are packed by using the basic storage bit number smaller than the integer storage length, so that the effective utilization of the integer storage space is improved; and compressing the packed data.
When the system of the embedded device is upgraded in a power failure mode, firstly, the data signature of the first block is verified and compared with the signature data of the new version and the old version stored in the differential packet, and if the signature data of the new version and the old version are the same, the upgrading is started from the block; if the signature data is different from the signature data of the old version, comparing signatures of the corresponding new version data blocks, if the signature data is the same as the signature data of the new version data block, indicating that the block is upgraded, and sequentially comparing the signatures of the next block; if the signatures of the data blocks are different from those of the old and new versions, the data blocks are partially upgraded, and if the power failure occurs in the data blocks, the backup (copied old version data of the data blocks) should be overwritten to the data blocks, and then the data blocks are upgraded from the data blocks.
If the process is normally carried out, the signature of the block corresponding to the new version and the old version is required to be unique; if the signatures of the corresponding blocks conflict, the power-down upgrade may fail. For example, as shown in fig. 2, 2(a) is the case of power failure during upgrade, and it is necessary to check the signatures of the data blocks of the old and new versions (a1, a2, B1, B2, C1, and C2) and determine at which block the power failure occurred.
When data block signatures a1, a2, B1 and B2 all conflict 2(B), not only the corresponding blocks conflict, but also adjacent blocks conflict, the signatures of a1, B1 and C1 blocks are sequentially compared, the signatures of a1 and a2 blocks are found to be the same, the signatures of B1 and B2 blocks are found to be the same, the signatures of C1 blocks are judged to be old versions through signatures, and the signatures of backups are all the same as a1, a2, B1 and B2. This makes it impossible to determine, via the signature, whether a1 or B1 has been upgraded, and whether a power loss occurred in upgrading the a1 block or the B1 block.
When the signatures of the data blocks A1 and A2 are unique, and the signatures of the data blocks B1 and B2 are unique, no matter whether the adjacent blocks A1 and B1 have collision 2(c), the power-down position can be determined; assuming that power failure occurs in the block B1, the block A1 is upgraded to the block A2, the signature of the block A1 is equal to the signature of the block A2, the signature data of backup is not equal to the block A1, the signature of the block B1 is not equal to the signature of the block B2, power failure is uniquely determined to occur in the block B1, and backup is covered to the block B1; assuming that a power loss occurs at the a1 block, the signature of the a1 block is not equal to the signature of the a2 block, uniquely determining that a power loss occurred at the B1 block, overwriting the backup to the a1 block. Therefore, the failure of power failure upgrading can be avoided only by ensuring the uniqueness of the signatures of the data blocks corresponding to the new version and the old version.
In the algorithm, a murmurur 3 hash algorithm is used as a preferred signature algorithm (the signature algorithm is found to have the best quality through investigation), and if in an extreme case, the signature is carried out through self-adaptive block division, and the signature conflict exists in the size of each block, an alternative signature algorithm needs to be replaced for signature verification, and the size of one block is found out to enable the signature to be unique. We investigated 4 signature algorithms in total, as shown in fig. 3, each corresponding to a 2-bit flag value. And writing the corresponding mark value into the head of the differential packet, and determining the signature algorithm in sequence during upgrading to completely avoid the failure of power failure upgrading.
According to one aspect of the present invention, an algorithm for solving signature conflicts during system upgrade of an embedded device is provided, the technical solution is as follows:
reading an old version and a new version of a binary data packet to be differentiated, when an embedded device system is upgraded, firstly, partitioning the data packet, and then differentiating, wherein the differentiating process is divided into forward and reverse;
and respectively signing the data blocks by using a preset signature algorithm, so that the process of completing the upgrade is judged when the power failure upgrade is carried out, and the upgrade failure of the equipment due to the power failure is prevented. This requires that the signature data be guaranteed to be unique so that the final upgrade is successful.
Verifying the signature data of the blocks corresponding to the new version and the old version, judging whether the signature data is unique, and if the signature is unique, recording the size of each block; if the signatures of the corresponding blocks are the same and the data contents are different, the signature data conflict, the size of the sub-blocks needs to be adjusted in a self-adaptive mode, and the signature data needs to be verified again until the signatures of the data blocks are unique. And recording the signature data of each block in the new version and the old version and the used signature algorithm, and writing the differential packet.
And differentiating the successfully partitioned data, and packing the integer array by using a basic storage bit number smaller than the integer storage length of the obtained differential data, so that the storage capacity of a smaller number with the high-order storage of 0 is reduced, and the effective utilization of the integer storage space is improved.
Although embodiments of the present invention have been shown and described, it will be appreciated by those skilled in the art that changes, modifications, substitutions and alterations can be made in these embodiments without departing from the principles and spirit of the invention, the scope of which is defined in the appended claims and their equivalents.

Claims (5)

1. A security signature algorithm for upgrading an embedded device system is characterized by comprising the following steps:
reading a binary data packet to be differentiated;
step two, partitioning the data packet;
respectively signing the data blocks by using a preset signature algorithm, and recording signature algorithm mark values;
step four, checking the signature data of the corresponding block, judging whether the signature data conflict, and if the signature conflict does not occur, performing step seven;
step five, if the signature data conflicts, adjusting the size of the blocks, repeating the step two to the step four until the signature of the data block is unique, and performing the step seven;
step six, if the signature algorithm is used, and the signature conflict occurs in the block size adjusted each time, the signature algorithm needs to be replaced, and the steps two to five are repeated until the signature of the data block is unique;
recording the size of the blocks, the signature data and the mark value of the signature algorithm;
step eight, differentiating and packaging the successfully partitioned data;
and step nine, compressing the packed data, and writing the difference packet into the difference packet.
2. The security signature algorithm for the system upgrade of the embedded device according to claim 1, wherein: the signature algorithm replaced in the sixth step is Murmur3, CRC32, xxHash or lookup3, and the sequence of replacing the signature algorithm is Murmur3, CRC32, xxHash and lookup 3.
3. The security signature algorithm for the system upgrade of the embedded device according to claim 1, wherein: and step eight, packing the integer array by using the basic storage bit number smaller than the integer storage length for the data obtained by the difference in the step eight.
4. The security signature algorithm for the system upgrade of the embedded device according to claim 1, wherein: and the difference in the step eight is divided into a forward direction and a reverse direction, and the forward direction and the reverse direction are carried out simultaneously.
5. The security signature algorithm for the system upgrade of the embedded device according to claim 1, wherein: the binary data packet includes an old version and a new version.
CN202011138496.0A 2020-10-22 2020-10-22 Security signature algorithm for system upgrade of embedded equipment Pending CN112286550A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202011138496.0A CN112286550A (en) 2020-10-22 2020-10-22 Security signature algorithm for system upgrade of embedded equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202011138496.0A CN112286550A (en) 2020-10-22 2020-10-22 Security signature algorithm for system upgrade of embedded equipment

Publications (1)

Publication Number Publication Date
CN112286550A true CN112286550A (en) 2021-01-29

Family

ID=74423557

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202011138496.0A Pending CN112286550A (en) 2020-10-22 2020-10-22 Security signature algorithm for system upgrade of embedded equipment

Country Status (1)

Country Link
CN (1) CN112286550A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116302030A (en) * 2023-03-09 2023-06-23 上海对外经贸大学 Safe embedded system firmware block differential upgrading method and system

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116302030A (en) * 2023-03-09 2023-06-23 上海对外经贸大学 Safe embedded system firmware block differential upgrading method and system

Similar Documents

Publication Publication Date Title
US7546436B2 (en) Storage device with SCSI formatting
CN103699494B (en) A kind of date storage method, data storage device and distributed memory system
US6883131B2 (en) XOR processing incorporating error correction code data protection
EP1855284A2 (en) Apparatus for writing data and redundancy data on a storage medium
EP1458107A1 (en) Extended error correction codes
US8321757B2 (en) Method and apparatus for error correction
KR101572038B1 (en) Correction of errors in a memory array
US9136010B2 (en) Method for generating physical identifier in storage device and machine-readable storage medium
US20040073846A1 (en) Memory device, terminal apparatus, and data repair system
US20210397441A1 (en) Firmware updating system and method
US6622205B1 (en) Process for the secure writing of a pointer for a circular memory
CN109933340B (en) On-orbit writing and self-checking method of spacecraft EEPROM (electrically erasable programmable read-Only memory) based on page mode
US5721739A (en) Method for detecting read errors, correcting single-bit read errors and reporting multiple-bit read errors
US8581751B2 (en) Multi-cell voltage secure data encoding in hybrid vehicles
US7747925B2 (en) Apparatus and method for error correction code striping
CN112286550A (en) Security signature algorithm for system upgrade of embedded equipment
EP2568655B1 (en) Method for authenticating a storage device, machine-readable storage medium, and host device
CN108572882B (en) Data storage method and storage device
CN101470666A (en) Data memory method
US11461464B2 (en) Methods and apparatus for memory attack detection
US20080253256A1 (en) Apparatus for writing data and redundancy data on a storage medium
EP3916558A1 (en) Data protection
CN110348244B (en) Arbitration-based multi-checksum verification method, system, device and storage medium
CN108762975A (en) A kind of ECC data storage method, system and storage medium
US20220261176A1 (en) Storage Device and Method for Modifying Memory Cells of a Storage Device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination