CN113094718A

CN113094718A - File encryption method and related device

Info

Publication number: CN113094718A
Application number: CN201911343064.0A
Authority: CN
Inventors: 杨涛; 张广宇; 王海军
Original assignee: Huawei Digital Technologies Suzhou Co Ltd
Current assignee: Huawei Digital Technologies Suzhou Co Ltd
Priority date: 2019-12-23
Filing date: 2019-12-23
Publication date: 2021-07-09
Also published as: WO2021129557A1

Abstract

The embodiment of the application discloses a file encryption method and device, wherein the file encryption device comprises the following steps: the system comprises a processor, a universal flash host (UFS) controller coupled with the processor, and a memory coupled with the UFS controller; the processor is configured to send a first request to the UFS controller, where the first request is used to request storage of a target file; the UFS controller is configured to: acquiring a target random number corresponding to the target file; generating a second key corresponding to the target file according to the target random number and a pre-stored first key; encrypting the target file through the second key to obtain an encrypted target file; storing the encrypted target file to the memory; the memory is used for storing the encrypted target file. By the device provided by the first aspect, the encryption mode of a file and a key can be still ensured under the condition of high storage efficiency, and the encryption level of the file is improved.

Description

File encryption method and related device

Technical Field

The present application relates to the field of information technologies, and in particular, to a file encryption method and a related apparatus.

Background

Along with the popularization of intelligent terminals, the intelligent terminals become necessities of daily life of people, but meanwhile, the safety problem of the intelligent terminals is increasingly prominent: such as: information leakage, fraud and number stealing, Trojan horse virus and the like. Therefore, the more serious the security problem of the smart terminal is seen by the user. In order to ensure the information security in the intelligent terminal, the current intelligent terminal storage system generally adopts a full disk encryption or file encryption mode to protect the file information in the intelligent terminal. For example: a file encryption method based on the existing Universal Flash Storage (UFS) protocol adopts a limited Key file encryption (total files limited keys) method, the method is that 32 groups of initial Key Class keys are configured at one time by a Trusted Execution Environment (TEE) in a processor, and then files in an intelligent terminal are encrypted through the initial keys. However, in the process of encrypting other files later, the method does not refresh and configure a new Class Key, so that the keys used in the encryption process of the file encryption method are all fixed 32 groups of initial keys, the requirement of one file for one Key cannot be met, and the encryption level is low. If a file-Key is to be realized, that is, before each file encryption is performed, a new Class Key configured at the TEE side needs to be switched and then switched to a file management module in the processor to perform the file encryption storage, which may cause frequent interaction between the TEE and the file management module, and thus the actual storage efficiency is extremely low.

Therefore, how to guarantee the storage efficiency and the encryption level of file encryption simultaneously under the condition that the file is stored in the intelligent terminal in an encrypted manner is an urgent problem to be solved.

Disclosure of Invention

The embodiment of the application provides a file encryption method and related equipment, which can ensure the storage efficiency and the encryption level of file encryption simultaneously under the condition of being based on a UFS transmission protocol.

In a first aspect, an embodiment of the present application provides a file encryption apparatus, including: the device comprises a processor and a universal flash memory host UFS controller coupled with the processor; the processor is configured to send a first request to the UFS controller, where the first request is used to request storage of a target file; the UFS controller is configured to: acquiring a target random number corresponding to the target file; generating a second key corresponding to the target file according to the target random number and a pre-stored first key; and encrypting the target file through the second key to obtain an encrypted target file.

By the apparatus provided in the first aspect, when encrypting different files, the UFS controller may first generate keys (second keys) of different files according to the same initial key (first key) and the random number corresponding to each of the different files, and then encrypt the different files according to the key corresponding to each of the different files, so that the encryption keys used by each of the files in the file encryption process are different, where each of the files has a unique random number corresponding to the random number. It can be understood that, because the keys for encrypting the files are different between different files, the encrypted files are not easy to be broken after the files are encrypted and stored, so that information leakage is caused, and the encryption level of the files can be greatly improved by the encryption mode. Secondly, in each file encryption process, different random numbers can be used for generating a file key on the basis of the same initial key, so that the situation that the initial key is refreshed too frequently by the trusted execution environment TEE in order to improve the encryption level of the file can be avoided, the file encryption storage efficiency is low, and resources are wasted. Therefore, the method provided by the first aspect can ensure both the storage efficiency and the encryption level of file encryption under the condition based on the UFS transport protocol.

In a possible implementation manner, the UFS controller is further configured to: and acquiring the target file. By implementing the embodiment of the application, the target file can be obtained first before the target file is encrypted, and the target file can be obtained actively by the UFS controller after the file management system of the processor generates the file, or can be received passively by the UFS controller after the file management system of the processor generates the file. For example: after creating the target file, the file management module directly sends the target file to the UFS controller; another example is: after creating the target file, the file management module stores the target file into a temporary memory, and sends a storage address and the first request to the UFS controller together, and the UFS controller obtains the target file according to the storage address.

In a possible implementation manner, the UFS controller is further configured to: obtaining a descriptor of the first request corresponding to the target file, wherein the descriptor comprises a data unit number DUN; the UFS controller is specifically configured to: dividing the target file into a plurality of file data blocks; and sequentially encrypting the plurality of file data blocks according to the second key from one file data block corresponding to the DUN in the plurality of file data blocks to obtain the encrypted target file. By implementing the embodiment of the application, in the process of encrypting the target file, the UFS controller needs to determine the initial encryption object of the target file (i.e., the file data block corresponding to the DUN in the plurality of file data blocks) according to the DUN in the descriptor, and then controls the target file to perform the encryption storage operation, so that the encryption level of the file can be improved under the condition of ensuring the storage efficiency of file encryption. Secondly, the target file is divided into a plurality of file data blocks, and then the target file is encrypted by using a block encryption algorithm, so that the encryption level of file encryption is also improved. For example, the block length of the block encryption algorithm may be 128 bits, and the key length may be 128 bits, 192 bits or 256 bits.

In a possible implementation manner, the processor is further configured to: when the object file is created, the object random number and the descriptor of the object file are generated. By implementing the embodiment of the application, when the file management module in the processor creates the target file, the target random number uniquely corresponding to the target file and the descriptor of the first request corresponding to the target file can be generated. Therefore, the random numbers and the descriptors corresponding to different files are different, the encryption level of file encryption is guaranteed, the cracking difficulty of the encrypted target file is improved, and the risk of target file leakage is reduced.

In a possible implementation manner, the apparatus further includes a dynamic random access memory coupled to the processor and the UFS controller, respectively; the processor is further configured to: expanding the descriptor according to the target random number to obtain an expanded descriptor, wherein the expanded descriptor comprises the target random number and the DUN; sending the expanded descriptor to the dynamic random access memory; the UFS controller is specifically configured to: acquiring the expanded descriptor from the dynamic random access memory according to the first request; and acquiring the target random number and the DUN according to the expanded descriptor. In implementing the embodiment of the present application, a manner of acquiring the target random number by the UFS controller may be to add the target random number to the descriptor when generating the target random number and the descriptor, that is, the extended descriptor may carry the target random number and be stored in the dynamic random access memory by extending the descriptor, and the UFS controller acquires the target random number by acquiring the extended descriptor. The key is generated according to the target random number after the target random number is obtained, the key obtaining mode also ensures that only the target random number appears in a file management module (namely, a software layer) of the processor, and the root key (namely, the second key) is obtained by hardware logic derivation and cannot be sensed and obtained by software, so that the safety coefficient of the key is improved.

In a possible implementation manner, the apparatus further includes a dynamic random access memory coupled to the processor and the UFS controller, respectively; the processor is further configured to: transmitting the target random number to the DRAM; expanding the descriptor according to the storage address of the target random number and the data length of the target random number to obtain an expanded descriptor, wherein the expanded descriptor comprises the storage address of the target random number, the data length of the target random number and the DUN; sending the expanded descriptor to the dynamic random access memory; the UFS controller is specifically configured to: acquiring the expanded descriptor from the dynamic random access memory according to the first request; determining the storage address of the target random number in the expanded descriptor, and acquiring the target random number according to the storage address of the target random number; and acquiring the DUN according to the expanded descriptor. In the case of implementing the embodiment of the present application based on the JESD223D protocol, the UFS controller may acquire the target random number by acquiring the storage address in the extended descriptor. The key is generated according to the target random number after the target random number is obtained, the key obtaining mode also ensures that only the target random number appears in a file management module (namely, a software layer) of the processor, and the root key (namely, a second key) is obtained by hardware logic derivation and cannot be sensed and obtained by software, so that the safety coefficient of the key is improved, and the risk of cracking the file after a lawbreaker steals the key is greatly reduced.

In a possible implementation manner, the apparatus further includes a dynamic random access memory coupled to the processor and the UFS controller, respectively; the processor is further configured to: sending the descriptor to the DRAM; sending the storage address of the target random number to an address register in the UFS controller; the UFS controller is specifically configured to: acquiring the descriptor from the DRAM according to the first request; and acquiring the target random number according to the storage address of the target random number stored in the address register in the UFS controller. By implementing the embodiment of the application, the processor directly sends the target random number to the UFS controller, and the UFS controller generates the encrypted key according to the target random number, and the UFS controller can obtain the target random number by directly obtaining the storage address of the target random number, thereby ensuring that only the target random number appears in the processor (namely, a software layer), and the root key (second key) is obtained by hardware logic derivation and cannot be sensed and obtained by software, so that the safety coefficient of the key for encrypting the target file is improved, the risk of cracking the file after a lawbreaker steals the key is greatly reduced, the security level is improved, the storage efficiency of the target file cannot be influenced by the obtaining mode of the target random number, and resources are saved.

In one possible implementation manner, the apparatus further includes: a random number generator coupled to the UFS controller, the random number generator configured to generate a variable parameter, the variable parameter configured to generate the second key; the UFS controller is specifically configured to: generating a third key according to the target random number and the variable parameter, where the variable parameter includes a first variable and a second variable, the first variable is used to identify a bit width of the second key, and the second variable is a random number with a preset fixed bit width or a number with a preset fixed bit width that identifies an attribute of the target file, where the preset fixed bit width of the second variable is determined by the bit width of the third key; and generating the second key by a derivation algorithm according to the third key and the first key stored in advance. According to the embodiment of the application, the third key can be generated according to the target random number, the first variable parameter and the second variable parameter, the third key uniquely corresponds to the target file, and the second key generated according to the third key and the prestored first key is also unique, so that the encryption grade of the file is greatly improved by the file-key encryption mode. Meanwhile, the second key is derived by hardware logic according to the first key, software cannot sense and acquire the second key, and the risk that the file is decrypted after the key is stolen by a lawbreaker is reduced.

In one possible implementation manner, the target random number is a random number of a file attribute, and a bit width of the target random number includes one of the following bit widths: 128 bits, 192 bits, 256 bits, 512 bits. According to the embodiment of the application, the target file can be encrypted through random numbers with different digits. It can be understood that the target random number is for encrypting the target file, the encryption algorithms used in the encryption process of the random numbers with different digits may be the same or different, and when the digit number of the random number is higher, the corresponding encryption algorithm may be more complex, that is, the operation process is more complicated, the security performance is higher, and the file protection is more facilitated.

In one possible implementation, the apparatus further includes a memory coupled to the UFS controller; the UFS controller is configured to store the encrypted target file in the memory; the memory is used for storing the encrypted target file. By implementing the embodiment of the application, the encrypted target file can be stored through the memory, and the memory can be a solid state disk, a UFS Flash memory (UFS Flash), a solid state memory and the like of the intelligent terminal, so that the target file can be effectively stored after the intelligent terminal encrypts the file.

In a possible implementation manner, the processor is further configured to: sending a second request to the UFS controller, where the second request is used to request reading of the encrypted target file; the UFS controller is further configured to: and acquiring the second key corresponding to the target file according to the second request, and decrypting and reading the encrypted target file according to the second key. By implementing the embodiment of the application, when the UFS controller receives a request for reading an encrypted file, the UFS controller can obtain a unique second key used for file encryption according to the read request to decrypt and read the encrypted file. The target file can be read only under the condition that the second key exists, the security of the target file is facilitated, meanwhile, the second key is derived from hardware logic and cannot be stored in the UFS controller, software cannot be sensed and acquired, and the risk of being stolen by lawless persons is reduced.

In a second aspect, an embodiment of the present application provides a file encryption method, including: sending a first request to a universal flash host UFS controller through a processor, wherein the first request is used for requesting to store a target file; acquiring a target random number corresponding to the target file through the UFS controller; generating a second key corresponding to the target file according to the target random number and a pre-stored first key through the UFS controller; and encrypting the target file according to the second key through the UFS controller to obtain an encrypted target file.

In one possible implementation manner, the method further includes: and acquiring the target file through the UFS controller.

In one possible implementation manner, the method further includes: obtaining, by the UFS controller, a descriptor of the first request corresponding to the target file, where the descriptor includes a data unit number DUN; the encrypting the target file according to the second key by the UFS controller to obtain an encrypted target file includes: dividing the target file into a plurality of file data blocks through the UFS controller; and sequentially encrypting the plurality of file data blocks by the UFS controller from one file data block corresponding to the DUN in the plurality of file data blocks according to the second key to obtain an encrypted target file.

In one possible implementation manner, the method further includes: and generating the target random number and the descriptor of the target file by the processor when the target file is created.

In one possible implementation manner, the method further includes: expanding, by the processor, the descriptor according to the target random number to obtain an expanded descriptor, where the expanded descriptor includes the target random number and the DUN; sending the expanded descriptor to a dynamic random access memory through the processor; the obtaining, by the UFS controller, a target random number corresponding to the target file includes: acquiring the expanded descriptor from the dynamic random access memory according to the first request through the UFS controller; and acquiring the target random number and the DUN by the UFS controller according to the expanded descriptor.

In one possible implementation manner, the method further includes: sending the target random number to a dynamic random access memory through the processor; expanding, by the processor, the descriptor according to the storage address of the target random number and the data length of the target random number to obtain an expanded descriptor, where the expanded descriptor includes the storage address of the target random number, the data length of the target random number, and the DUN; transmitting the extended descriptor to the dram through the processor; the obtaining, by the UFS controller, a target random number corresponding to the target file includes: acquiring the expanded descriptor from the dynamic random access memory according to the first request through the UFS controller; determining, by the UFS controller, a storage address of the target random number in the expanded descriptor, and obtaining the target random number according to the storage address of the target random number; the obtaining, by the UFS controller, a descriptor of the first request corresponding to the target file includes: and acquiring the DUN according to the expanded descriptor through the UFS controller.

In one possible implementation manner, the method further includes: sending the descriptor to a dynamic random access memory through the processor; sending the storage address of the target random number to an address register in the UFS controller through the processor; the obtaining, by the UFS controller, a target random number corresponding to the target file includes: obtaining, by the UFS controller, the descriptor from the dram according to the first request; and acquiring the target random number by the UFS controller according to the storage address of the target random number stored in an address register in the UFS controller.

In one possible implementation manner, the method further includes: generating a variable parameter by a random number generator, wherein the variable parameter is used for generating the second key; the generating, by the UFS controller, a second key corresponding to the target file according to the target random number and a pre-stored first key includes: generating, by the UFS controller, a third key according to the target random number and the variable parameter, where the variable parameter includes a first variable and a second variable, the first variable is used to identify a bit width of the second key, and the second variable is a random number with a preset fixed bit width or a number with a preset fixed bit width that identifies an attribute of the target file, where the preset fixed bit width of the second variable is determined by the bit width of the third key; and generating, by the UFS controller, the second key by a derivation algorithm based on the third key and the first key stored in advance.

In one possible implementation manner, the target random number is a random number of a file attribute, and a bit width of the target random number includes one of the following bit widths: 128 bits, 192 bits, 256 bits, 512 bits.

In one possible implementation manner, the method further includes: storing the encrypted target file to a memory through the UFS controller; and storing the encrypted target file through the memory.

In one possible implementation manner, the method further includes: sending a second request to the UFS controller through the processor, the second request requesting reading of the encrypted target file; and acquiring the second key corresponding to the target file according to the second request through the UFS controller, and decrypting and reading the encrypted target file according to the second key.

In a third aspect, an embodiment of the present application provides a file encryption apparatus, including: the device comprises a first sending unit, a second sending unit and a control unit, wherein the first sending unit is used for sending a first request to a universal flash host UFS controller through a processor, and the first request is used for requesting to store a target file; a first obtaining unit, configured to obtain, by the UFS controller, a target random number corresponding to the target file; a key unit, configured to generate, by the UFS controller, a second key corresponding to the target file according to the target random number and a pre-stored first key; and the encryption unit is used for encrypting the target file according to the second key through the UFS controller to obtain an encrypted target file.

In one possible implementation manner, the apparatus further includes: and a second obtaining unit, configured to obtain the target file through the UFS controller.

In one possible implementation manner, the apparatus further includes: a third obtaining unit, configured to obtain, by the UFS controller, a descriptor of the first request corresponding to the target file, where the descriptor includes a data unit number DUN; the encryption unit is specifically configured to: dividing the target file into a plurality of file data blocks through the UFS controller; and sequentially encrypting the plurality of file data blocks by the UFS controller from one file data block corresponding to the DUN in the plurality of file data blocks according to the second key to obtain the encrypted target file.

In one possible implementation manner, the apparatus further includes: a first generating unit, configured to generate, by the processor, the target random number and the descriptor of the target file when the target file is created.

In one possible implementation manner, the apparatus further includes: a first spreading unit, configured to spread, by the processor, the descriptor according to the target random number to obtain a spread descriptor, where the spread descriptor includes the target random number and the DUN; a second sending unit, configured to send the expanded descriptor to a dynamic random access memory through the processor; the first obtaining unit is specifically configured to: acquiring the expanded descriptor from the dynamic random access memory according to the first request through the UFS controller; and acquiring the target random number and the DUN by the UFS controller according to the expanded descriptor.

In one possible implementation manner, the apparatus further includes: a third sending unit, configured to send the target random number to a dynamic random access memory through the processor; a second expanding unit, configured to expand, by the processor, the descriptor according to a storage address of the target random number and a data length of the target random number, to obtain an expanded descriptor, where the expanded descriptor includes the storage address of the target random number, the data length of the target random number, and the DUN; a third sending unit, configured to send the expanded descriptor to the dram through the processor; the first obtaining unit is specifically configured to: acquiring the expanded descriptor from the dynamic random access memory according to the first request through the UFS controller; determining, by the UFS controller, a storage address of the target random number in the expanded descriptor, and obtaining the target random number according to the storage address of the target random number; the third obtaining unit is specifically configured to: and acquiring the DUN according to the expanded descriptor through the UFS controller.

In one possible implementation manner, the apparatus further includes: a fourth sending unit, configured to send, by the processor, the descriptor to a dynamic random access memory; sending the storage address of the target random number to an address register in the UFS controller through the processor; the first obtaining unit is specifically configured to: obtaining, by the UFS controller, the descriptor from the dram according to the first request; and acquiring the target random number by the UFS controller according to the storage address of the target random number stored in an address register in the UFS controller.

In one possible implementation manner, the apparatus further includes: a second generation unit configured to generate a variable parameter by a random number generator, the variable parameter being used to generate the second key; the key unit is specifically configured to: generating, by the UFS controller, a third key according to the target random number and the variable parameter, where the variable parameter includes a first variable and a second variable, the first variable is used to identify a bit width of the second key, and the second variable is a random number with a preset fixed bit width or a number with a preset fixed bit width that identifies an attribute of the target file, where the preset fixed bit width of the second variable is determined by the bit width of the third key; and generating, by the UFS controller, the second key by a derivation algorithm based on the third key and the first key stored in advance.

In one possible implementation manner, the apparatus further includes: a first storage unit, configured to store the encrypted target file in a memory through the UFS controller; and the second storage unit is used for storing the encrypted target file through the memory.

In one possible implementation manner, the apparatus further includes: a fifth sending unit, configured to send, to the UFS controller, a second request through the processor, where the second request is used to request reading of the encrypted target file; and a decryption unit, configured to obtain, by the UFS controller according to the second request, the second key corresponding to the target file, and decrypt and read the encrypted target file according to the second key.

In a fourth aspect, the present application provides a chip system, where the chip system includes any one of the apparatuses for supporting file encryption as referred to in the first aspect, and the chip system may be formed by a chip, and may also include a chip and other discrete devices.

In a fifth aspect, an embodiment of the present application provides a computer storage medium for storing computer software instructions for a file encryption apparatus provided in the first aspect, which includes a program for executing the first aspect.

In a sixth aspect, the present application provides a computer program, where the computer program includes instructions, and when the computer program is executed by a computer, the computer may execute the process executed by the file encryption apparatus in the first aspect.

Drawings

In order to more clearly illustrate the technical solutions in the embodiments or the background art of the present application, the drawings required to be used in the embodiments or the background art of the present application will be described below.

Fig. 1A is a schematic view of an application scenario when an audio record file is stored in an encrypted manner according to an embodiment of the present application.

Fig. 1B is a schematic view of an application scenario for saving a download file according to an embodiment of the present application.

Fig. 1C is a schematic diagram of a file encryption architecture based on a UFS controller according to an embodiment of the present application.

Fig. 1D is a schematic diagram of another file encryption architecture based on a UFS controller according to an embodiment of the present application.

Fig. 2 is a schematic diagram of a file encryption apparatus according to an embodiment of the present application.

Fig. 3 is a schematic flowchart of a file encryption method according to an embodiment of the present application.

Fig. 4 is a schematic structural diagram of a transmission request descriptor UTRD according to an embodiment of the present application.

Fig. 5 is a schematic structural diagram of an extended descriptor UTRD provided in an embodiment of the present application.

Fig. 6 is a schematic diagram of a file encryption algorithm framework applied in the UFS controller according to an embodiment of the present application.

Fig. 7 is a schematic structural diagram of another file encryption apparatus according to an embodiment of the present application.

Fig. 8 is a schematic structural diagram of another file encryption device according to an embodiment of the present application.

Detailed Description

The embodiments of the present application will be described below with reference to the drawings.

The terms "first," "second," "third," and "fourth," etc. in the description and claims of this application and in the accompanying drawings are used for distinguishing between different objects and not for describing a particular order. Furthermore, the terms "include" and "have," as well as any variations thereof, are intended to cover non-exclusive inclusions. For example, a process, method, system, article, or apparatus that comprises a list of steps or elements is not limited to only those steps or elements listed, but may alternatively include other steps or elements not listed, or inherent to such process, method, article, or apparatus.

Reference herein to "an embodiment" means that a particular feature, structure, or characteristic described in connection with the embodiment can be included in at least one embodiment of the application. The appearances of the phrase in various places in the specification are not necessarily all referring to the same embodiment, nor are separate or alternative embodiments mutually exclusive of other embodiments. It is explicitly and implicitly understood by one skilled in the art that the embodiments described herein can be combined with other embodiments.

As used in this specification, the terms "component," "module," "system," and the like are intended to refer to a computer-related entity, either hardware, firmware, a combination of hardware and software, or software in execution. For example, a component may be, but is not limited to being, a process running on a processor, an object, an executable, a thread of execution, a program, and/or a computer. By way of illustration, both an application running on a computing device and the computing device can be a component. One or more components can reside within a process and/or thread of execution and a component can be localized on one computer and/or distributed between 2 or more computers. In addition, these components can execute from various computer readable media having various data structures stored thereon. The components may communicate by way of local and/or remote processes such as in accordance with a signal having one or more data packets (e.g., data from two components interacting with another component in a local system, distributed system, and/or across a network such as the internet with other systems by way of the signal).

First, some terms in the present application are explained so as to be easily understood by those skilled in the art.

(1) Universal Flash Storage (UFS), which is a Flash Storage specification designed for use in electronic products such as digital cameras and intelligent terminals. The method can provide high data transmission speed and stability, and simultaneously reduce confusion of various storage card formats on the market and use of different storage card adapters by users. The UFS Flash memory (UFS Flash) is one of mainstream storage media in a mobile phone system, can be a storage medium of a mobile phone chip system, and data exchange between a mobile phone SOC chip and the UFS Flash is realized based on a mipi UFS protocol.

(2) A Solid State Drive (SSD), or Solid State disk, is a hard disk made of an array of Solid State electronic memory chips. The SSD consists of a control unit and a storage unit (a Flash chip and a DRAM chip), and the working temperature range of the chip is wide, so that the application field is wide. The storage media of the solid state disk are usually two types, one is to use a Flash memory (Flash chip) as the storage medium, and the other is to use a DRAM as the storage medium.

(3) Advanced Encryption Standard (AES), the AES Encryption process operates on a 4 × 4 Byte matrix, also called "state", whose initial value is a block of plaintext (one element size in the matrix is one Byte in the block of plaintext). (the Rijndael encryption method can optionally increase the number of matrix rows for supporting larger blocks.) in encryption, each round of AES encryption cycles (except the last round) contains 4 steps, which are AddRoundKey, SubBytes, ShiftRows, and MixColumns, respectively.

(4) Key Derivation Functions (KDFs), also referred to as Key Derivation Functions. The role of the key derivation function is to derive key data from a shared secret bit string. During the key agreement process, the key derivation function acts on the shared secret bit string obtained by the key exchange to generate the required session key therefrom, or to further encrypt the required key data.

(5) A Central Processing Unit (CPU) is an operation core and a control core of a computer, and is a final execution Unit for information Processing and program operation. The CPU includes an arithmetic logic unit, a register unit, a control unit, and the like, and has functions of processing instructions, performing operations, controlling time, processing data, and the like.

(6) A Trusted Execution Environment (TEE), which is an area on the processor CPU. The function of this block area is to provide a more secure space for the execution of data and code and to ensure their confidentiality and integrity.

(7) A register, a very important type of memory cell in an integrated circuit, is usually composed of flip-flops. The registers are components within the central processing unit. Registers are high-speed storage elements of limited storage capacity that may be used to temporarily store instructions, data, and addresses. In the control unit of the central processing unit, registers are included, such as an Instruction Register (IR) and a Program Counter (PC). In the arithmetic and logic part of the central processor, the register has an Accumulator (ACC).

(8) A physical block (block), which is the smallest unit of storage and processing in a database, contains header information data or PL/SQL code of the block itself. The block size may be specified by selecting "custom mount" at mount time, and the block size typically ranges from several hundred KB to several MB, each block comprising a plurality of pages (pages), typically a multiple of 4KB (e.g., 4KB or 16 KB).

(9) Double Data Rate (DDR), which enables the main steps of address assignment, Data transmission and output to be performed independently and kept completely synchronous with the CPU; DDR uses DLL (Delay Locked Loop) technology, and when data is valid, the memory controller can use this data filter signal to pinpoint the data, output it every 16 times, and resynchronize the data from different memory modules.

(10) Dynamic Random Access Memory (DRAM) uses the amount of charge stored in a capacitor to represent 0 and 1, which is a binary bit, the minimum unit of Memory. That is, DRAM is the most common system memory. DRAM can hold data only for a short time. To retain data, DRAM uses capacitive storage, so must be refreshed (refresh) once at intervals, and if the memory cells are not refreshed, the stored information is lost.

To facilitate understanding of the embodiment of the present invention, the following exemplary lists scenarios to which the file encryption method is applied in the present application, and may include the following two scenarios:

in a first scenario, when a user uses an intelligent terminal, the generated related file can be encrypted and stored.

When a user uses an intelligent terminal (such as a mobile phone), in order to better protect the privacy generated when the user uses the intelligent terminal, files generated when the user uses the intelligent terminal (such as game video files during game playing, audio files recorded during telephone conversation, image files shot by a camera, text files during memo editing, browsing records during internet browsing and the like) need to be encrypted and stored, and the privacy of the user is prevented from being leaked due to the fact that the information of the intelligent terminal is stolen by attack of lawless persons. For example: referring to fig. 1A, fig. 1A is a schematic view of an application scenario when an audio record file is stored in an encrypted manner according to an embodiment of the present application. As shown in fig. 1A, when the user finishes using the recording function of the mobile phone, the intelligent terminal may encrypt the recorded audio file through the SOC chip and store the encrypted audio file in the memory. Therefore, when the user uses the intelligent terminal, the related data generated by the user can be stored in an encrypted manner, so that the privacy of the user is ensured not to be disclosed.

And in a second scenario, the user is connected with the Internet through the intelligent terminal, and after downloading the related data files, the data files can be encrypted and stored.

When a user surfs the internet by using the mobile phone, the user can browse pictures, videos, files and the like of the heart instrument, and the files can be encrypted and stored in the mobile phone, so that the files can be stored better, and privacy information can be prevented from being leaked. For example: referring to fig. 1B, fig. 1B is a schematic view of an application scenario for saving a download file according to an embodiment of the present application. As shown in fig. 1B, after downloading a file on the internet, a user can control the file to be encrypted through the file control module and the UFS controller, and then the file is stored in the memory. Therefore, when the user downloads or receives the files sent by other intelligent terminals by using the intelligent terminal, the files are encrypted and stored, and the possibility of leakage of important information or privacy information can be greatly avoided.

It is understood that the above two application scenarios are only a few exemplary implementations in the embodiments of the present invention, and the application scenarios in the embodiments of the present invention include, but are not limited to, the above application scenarios. For example: files received through Bluetooth are encrypted and stored, and system files generated after the intelligent terminal runs related applications are encrypted and stored.

Based on the corresponding application scenario in the present application, and in order to facilitate understanding of the embodiment of the present invention, first, one of the system architectures based on the embodiment of the present application is described below. Referring to fig. 1C, fig. 1C is a schematic diagram of a file encryption architecture based on a UFS controller according to an embodiment of the present disclosure, where the architecture shown in fig. 1C mainly uses an SOC chip as a main body, and is described from the perspective of file encryption storage, and may be applied to the application scenarios shown in fig. 1A and fig. 1B. The file encryption method based on the UFS controller can be applied to the system architecture. The system architecture includes a processor 101 and a Universal Flash Storage Host Controller (UFSHC) coupled to the processor 101, that is, the UFS Controller 102, and may further include: and a memory 103 and a Double Data Rate DRAM controller (DDRC) 104 coupled to the UFS controller 102, where if the encryption architecture is applied to an intelligent terminal (e.g., a mobile phone, a tablet computer, etc.), the UFS controller 102 is equivalent to a Solid State Disk (SSD) of the intelligent terminal, it can be understood that the Solid State Disk can be configured in different devices, and corresponds to different master control forms in different devices, and the master control form is not limited in this embodiment of the present application, such as a server or a personal computer, etc.; the memory 103 is equivalent to a UFS Flash memory (UFS Flash), a solid-state memory, or the like, and stores an encrypted target file; the DDR DRAM controller 104 is used to control a temporary Memory or an operating Memory of the smart terminal, such as a Dynamic Random Access Memory (DRAM), a DDR (Double Data Rate), and the like. Optionally, please refer to fig. 1D, where fig. 1D is a schematic diagram of another file encryption architecture based on the UFS controller according to an embodiment of the present application. On the basis of fig. 1C, the UFS controller-based file encryption architecture may further comprise a random number generator 105 coupled to said UFS controller 102. Fig. 1D is illustrated by taking an example in which the processor 101, the UFS controller 102, the double-rate dram controller 104, and the random number generator 105 are integrated inside an SOC chip; alternatively, the UFS controller 102 may be a processing device independent from the processor 101, and connected to the processor 101 and the memory 103 to perform operations such as file storage, file reading, and file encryption; the ddr dram controller 103 may also be an independent memory device, and is used to control the dram processor 101 to generate the target random number and descriptor of the target file, and so on, which are not described herein again.

Specifically, when the processor 101 creates a file, a target random number and a descriptor of the file can be synchronously generated, wherein the target random number (Meta Data) is randomly generated and is a random number with file attributes; this Descriptor is understood in the present application as UFS transport protocol Transfer Request Descriptor (UTRD). The processor is further configured to send a first request to the UFS controller, where the first request is used to request storage or encrypted storage of a target file.

When the UFS controller 102 receives a first request of the processor 101 for a target file, it may obtain a target random number of the target file corresponding to the first request according to the first request; generating a second key corresponding to the target file according to the target random number and a pre-stored first key; then, encrypting the target file through the second key to obtain an encrypted target file; and storing the encrypted target file to the memory.

A random number generator 105, coupled to the UFS controller 102, may generate a variable parameter that is used to generate a second key for file encryption. After encryption using the second key, the variable parameter may be saved to the memory 103 along with the target random number and the encrypted file. When the file is read, the second secret key is determined according to the variable parameter corresponding to the target file and the target random number, and then the encrypted file is decrypted and read by using the same second secret key. The random number generator 104 may be a true random number generator, among other things.

It can be understood that the specific file encryption scenario after configuring the processor 101, the UFS controller 102 coupled to the processor 101, and the memory 103 coupled to the UFS controller 102 also applies to the system architecture illustrated in the embodiment of the present application, and is not described herein again.

It can also be understood that the memory and the dynamic random access memory are two different memories, the memory is used for storing encrypted files and is a memory for storing data for a long time, that is, the encrypted files stored in the intelligent terminal/system after power off are not lost, for example: a mobile phone memory in the mobile phone; the dynamic random access memory is used for temporarily storing a target file before encryption, storing a random number, a descriptor and the like, and is a memory for storing data for a short time, that is, the temporary file, the stored random number, the descriptor and the like stored in the intelligent terminal/system after power failure are lost, for example: and operating memory in the mobile phone.

It should be noted that the processor 101, the UFS controller 102, and the double-rate dram controller 104 may be integrated in one chip, or may be integrated in different chips, which is not specifically limited in this embodiment of the present invention.

It should be further noted that the file encryption system architectures shown in fig. 1C and fig. 1D are only some exemplary implementations in the embodiments of the present application, and the file encryption system architecture in the embodiments of the present application includes, but is not limited to, the above file encryption system architecture.

With reference to the system architectures shown in fig. 1C and fig. 1D, an embodiment of the present application further provides a file encryption device diagram applied to a smartphone terminal, which can be applied to the system architecture shown in fig. 1D, please refer to fig. 2, and fig. 2 is a schematic diagram of a file encryption device provided in an embodiment of the present application. As shown in fig. 2, the file encryption apparatus 10 in the embodiment of the present application may include a processor 101, a UFS controller 102 coupled to the processor 101, a memory 103 coupled to the UFS controller 102, a dynamic random access memory DRAM113 coupled to the UFS controller 102 and a double data rate dynamic random access memory controller 104(DDRC), and a random number generator 105 coupled to the UFS controller 102. The built-in logic module of the processor 101 may include: a Trusted Execution Environment (TEE) 211, a file management module 212, and the like. The built-in logic modules of UFS controller 102 may include: a Key Store 221, and the like, where the Key Store 221 corresponds to a memory inside the UFS controller, and the Key Store 221 may further include an address register for storing a storage address of the target random number. The built-in logic module of the dynamic random access memory DRAM113 may include a first memory module 231 and a second memory module 232. Wherein the content of the first and second substances,

the TEE211 in the processor may be used for the first key in the profile encryption process. For example: after a system of an intelligent terminal to which a file encryption device belongs is powered on and started or when a UFS controller is initialized, a Trusted Execution Environment (TEE) configures a first Key (Class Key) into a Key Store of the UFS controller. Generally, only 32 sets of classbey are in the UFS controller, so one of the most efficient schemes may be to configure 32 sets of classbey to Key Store of the UFS controller by TEE once when the UFS controller is initialized.

The file management module 212 in the processor may create a target file for storage or reading, and may also synchronously generate a target random number and a transmission request descriptor UTRD of the file for encrypted storage and decrypted reading of the file when the target file is created.

A Key Store 221 in the UFS controller 102 is equivalent to a memory/register inside the UFS controller for storing a first Key issued by a TEE in the processor. In a possible implementation manner, the memory may further include an address register, where the address register is configured to store a storage address of the target random number, so that the UFS controller can directly obtain the target random number according to the storage address stored in the register, so as to encrypt the target file.

The first storage module 231 in the dynamic random access memory 113 may be used to store the target random number.

A second storage module 232 in the dynamic random access memory 113 may be used to store the transfer request descriptor UTRD. It is understood that the first storage module 231 and the second storage module 232 may be different storage areas in the same dynamic random access memory, or may be two different dynamic random access memories, and the embodiment of the present invention is not limited in this respect.

The random number generator 105 may generate variable parameters, where the variable parameters include a first variable and a second variable, where the first variable is used to identify a bit width of the second key, and the second variable is a random number with a preset fixed bit width or a number with a preset fixed bit width that identifies an attribute of the target file, where the preset fixed bit width of the second variable is determined by a bit width of the third key; and generating the second key by a derivation algorithm according to the third key and the first key stored in advance. The random number generator 105 may be a true random number generator, among other things.

It should be further noted that the file encryption device structure shown in fig. 2 is only a partial exemplary implementation manner in the embodiment of the present application, and the file encryption device structure in the embodiment of the present application includes, but is not limited to, the above file encryption device structure.

Based on the system architecture provided in fig. 1C and fig. 1D and the structure of the file encryption device provided in fig. 2, the technical problem proposed in the present application is specifically analyzed and solved in combination with the file encryption method provided in the present application.

Referring to fig. 3, fig. 3 is a flowchart illustrating a file encryption method according to an embodiment of the present application, where the method is applicable to the file encryption system architecture shown in fig. 1C and fig. 1D and the file encryption apparatus shown in fig. 2, where the file encryption apparatus 10 shown in fig. 2 may be used to support and execute steps S301 to S306 of the method flow shown in fig. 3.

Step S301: a first request is sent by a processor to a universal flash host UFS controller.

Specifically, a first request is sent to a universal flash host UFS controller through a processor, and the first request is used for requesting to store a target file. It will be appreciated that the file management module in the processor may send a first request to the UFS controller for storage of a target file, for example: the first Request may be a UFS Transport Request (UFS Transport protocol Transfer Request), i.e., a UTP Transfer Request, in the present application. Optionally, the first request may also be used to request encrypted storage of the target file.

Optionally, the target file is acquired by the UFS controller. It is understood that, after receiving the first request, the UFS controller may obtain the target file identified or carried in the first request and encrypt it. The manner of acquiring the file by the UFS controller may include: the UFS controller receives a target file sent by a file management module in the processor, for example: after creating the target file, the file management module directly sends the target file to the UFS controller; or, the UFS controller obtains the target file from a dynamic random access memory (i.e., a temporary memory) according to a first request sent by a file management module in the processor, where the dynamic random access memory may be used to temporarily store the target file created by the file management module in the processor, for example: after creating the target file, the file management module stores the target file into the dynamic random access memory, and sends the storage address and the first request to the UFS controller, and the UFS controller obtains the target file according to the storage address.

Optionally, the processor generates the target random number and the descriptor of the target file when creating the target file. It will be appreciated that the file management module in the processor creates a target file for which a target random number (Meta Data) and a transfer request descriptor UTRD may be generated. The target random number can uniquely correspond to the target file and is a unique identifier of the file, that is, it can be understood that different files have different random numbers corresponding to the files, so that when the target file is encrypted by using the random number uniquely corresponding to the target file, the encryption level of the target file can be better improved, and the information security of the target file is ensured. The descriptor in the embodiment of the present application may be used to provide Data Unit Number (DUN) when the target file is encrypted, and it should be noted that there are multiple descriptors corresponding to the file (e.g., descriptors for reading), and different commands or requests may correspond to different descriptors, that is, different types of descriptors correspond to different functions. The Descriptor mentioned in this application may be understood as a UFS Transfer protocol Request Descriptor (UTRD), and when the UFS controller acquires a Transfer Request sent by the processor, the UFS controller acquires the UTRD to implement a command and/or function corresponding to the UTRD through the UFS controller. Meanwhile, when the target file is created, the target random number and the descriptor of the target file are generated, so that the random numbers and the descriptors corresponding to different files can be ensured to be different, the encryption grade of file encryption is ensured, and the cracking difficulty of lawless persons on the encrypted target file is improved.

Optionally, the target random number is a random number of a file attribute, and a bit width of the target random number includes one of the following bit widths: 128 bits, 192 bits, 256 bits, 512 bits. It should be noted that, the specific bit width of the target random number is not specifically limited in the present application, for example: the bit width of the target random number may be 128 bits, 192 bits, 256 bits, 512 bits. In addition to the above four bit widths, bit widths which do not exclude other values are also applicable to the embodiment of the present application for file encryption. It can be understood that the target random number is for encrypting the target file, the encryption algorithms used in the encryption process of the random numbers with different digits may be the same or different, and when the digit number of the random number is higher, the corresponding encryption algorithm may be more complex, that is, the operation process is more complicated, the security performance is higher, and the file protection is more facilitated.

Step S302: and acquiring a target random number corresponding to the target file through the UFS controller.

Specifically, a target random number (Meta Data) corresponding to the target file is acquired through the UFS controller. In this embodiment, the target random number may be used to generate a file key (i.e., the second key in this application) for encrypting the target file together with the initial key in the encryption process, and since the target file only uniquely corresponds to one target random number, the file key determined according to the target random number may ensure the uniqueness of the file key, and therefore, the UFS controller needs to first obtain the target random number before encrypting the file.

Step S303: and obtaining a descriptor of a first request corresponding to the target file through the UFS controller.

Specifically, a descriptor of the first request corresponding to the target file is obtained through the UFS controller, where the descriptor includes a data unit number DUN. Referring to fig. 4, fig. 4 is a schematic structural diagram of a transmission request descriptor UTRD according to an embodiment of the present application. During the encryption of the target file, the UFS controller needs to determine the initial encrypted object of the target file according to the DUN value (for example, DW1 and DW3 lines in fig. 4) in the UTRD, and the target descriptor also includes the storage address of the storage command (as shown in DW4 and DW5 lines in fig. 4) which can be used for the UFS controller to control the target file to perform the encrypted storage operation according to the storage command.

It is to be understood that, in the embodiment of the present application, the order between the step S302 and the step S303 is not specifically limited. For example: according to the embodiment of the application, the target random number corresponding to the target file can be obtained firstly, then the descriptor can be obtained, the descriptor can be obtained firstly, then the target random number corresponding to the target file can be obtained, and the target random number corresponding to the target file and the descriptor can be obtained simultaneously.

Optionally, the processor expands the descriptor according to the target random number to obtain an expanded descriptor, where the expanded descriptor includes the target random number and the DUN; sending, by the processor, the expanded descriptor to a dynamic random access memory. The obtaining, by the UFS controller, a target random number corresponding to the target file includes: acquiring the expanded descriptor from the dynamic random access memory according to the first request through the UFS controller; and acquiring the target random number and the DUN according to the expanded descriptor through the UFS controller. It can be understood that, in order for the UFS controller to encrypt the target file by the target random number, the target random number must be obtained first, and the target random number is generated by the file management module in the processor together with the descriptor, so that the UFS controller can obtain the target random number by obtaining the extended descriptor, i.e., one of the ways for the UFS controller to obtain the target random number in the case of the JESD 223D-based protocol. Referring to fig. 5, fig. 5 is a schematic structural diagram of an extended descriptor UTRD according to an embodiment of the present application. For example, as shown in fig. 5, the 128-bit target random number is in the DW8-DW11 row region of the extended descriptor UTRD, and it should be noted that, when the number of bits of the target random number increases, the number of rows of the extended descriptor UTRD also increases. It can be understood that, when the file management module in the processor generates the target random number and the descriptor, the target random number is added to the descriptor UTRD, that is, the extended descriptor UTRD can carry the target random number and be stored in the dynamic random access memory by extending the descriptor, and then the UFS controller can obtain the target random number by obtaining the extended descriptor, and generate the key according to the target random number after obtaining the target random number, and the obtaining of the key ensures that only the target random number appears in the file management module (i.e., the software layer) of the processor, and the root key (i.e., the second key) is derived by the hardware logic and is not perceived and/or obtained by the software, so that the security coefficient of the key is improved.

Optionally, sending, by the processor, the target random number to a dynamic random access memory; expanding the descriptor according to the storage address of the target random number and the data length of the target random number by the processor to obtain an expanded descriptor, wherein the expanded descriptor comprises the storage address of the target random number, the data length of the target random number and the DUN; sending, by the processor, the expanded descriptor to the dynamic random access memory; the obtaining, by the UFS controller, a target random number corresponding to the target file includes: acquiring the expanded descriptor from the dynamic random access memory according to the first request through the UFS controller; determining, by the UFS controller, a storage address of the target random number in the extended descriptor, and obtaining the target random number according to the storage address of the target random number in the extended descriptor; the obtaining, by the UFS controller, the descriptor of the first request corresponding to the target file includes: and acquiring the DUN according to the expanded descriptor through the UFS controller.

It can be understood that, after the file management module in the processor generates the target random number and stores the target random number in the dynamic random access memory, the storage address of the target random number and the data length of the target random number may be added to the descriptor UTRD, that is, the extended descriptor UTRD may carry the storage address and the data length of the target random number in a manner of extending the descriptor, and then the UFS controller may obtain the target random number through the storage address and the data length, and the extended descriptor may also obtain the DUN value. For example: the extension may be that two rows of DW8 and DW9 are added to the descriptor shown in fig. 4, where the DW8 row may be added in the form of a DW4 row, the DW8 row includes the storage address of the target random number, the DW9 row may be added in the form of a DW5 row, and the DW9 row includes the data length of the target random number. Therefore, in the case of the protocol based on the JESD223D, the UFS controller can acquire the target random number by acquiring the storage address in the extended descriptor. The key is generated according to the target random number after the target random number is obtained, the key obtaining mode also ensures that only the target random number appears in a file management module (namely, a software layer) of the processor, and the root key (namely, the second key) is derived by hardware logic according to the first key and cannot be sensed and obtained by software, so that the safety coefficient of the key is improved, and the risk of cracking the file after a lawbreaker steals the key is greatly reduced.

Optionally, sending, by the processor, the descriptor to a dynamic random access memory; sending, by the processor, a storage address of the target random number to an address register in the UFS controller; the obtaining, by the UFS controller, a target random number corresponding to the target file includes: obtaining, by the UFS controller, the descriptor from the dynamic random access memory according to the first request; and acquiring the target random number by the UFS controller according to the storage address of the target random number stored in an address register in the UFS controller. It can be understood that, to encrypt the target file by the target random number, the UFS controller first needs to obtain the target random number, and the target random number is generated by the file management module in the processor together with the descriptor, so that, in addition to obtaining the target random number by obtaining the extended descriptor, the UFS controller can receive the storage address of the target random number directly sent by the file management module to the address register of the key store, and obtain the target random number according to the storage address. That is, the UFS controller may be controlled to add an Address Register of Meta Data (target random number) in the Register Space (key store) in the case of an extended protocol-based IO Memory/Register Space, and the implementation may refer to the UTRLBA/UTRLBAU registers part in the protocol. It will also be appreciated that the target random number is sent by the processor to a dynamic random access memory for storage.

For example: when the UFS controller receives a UTP Transfer Request (first Request), the Address register reads the storage Address of Meta Data, and then the Meta Data is obtained according to the storage Address. Meanwhile, the UFS controller may also read the descriptor UTRD from the Memory Space (Memory) via UTRLBA/utrlpa registers upon receiving a UTP Transfer Request (first Request). The method also ensures that only the target random number appears in a file management module (namely, a software layer) of the processor, and the first secret key only exists in the trusted execution environment TEE and the UFS controller, so that the safety coefficient of the secret key is improved. To sum up, the embodiment of the present application can obtain the target random number through at least three obtaining manners, and then generate the key according to the obtained target random number, so that it is ensured that the key only exists in hardware and does not appear in a software layer, and the software layer only stores the target random number, thereby greatly reducing the risk of key leakage, improving the encryption level of the target file, and the obtaining manner of the target random number does not affect the storage efficiency of the target file, and saving resources.

Step S304: and generating a second key corresponding to the target file according to the target random number and a pre-stored first key through the UFS controller.

Specifically, the UFS controller generates a second key corresponding to the target file according to the target random number and a pre-stored first key, where the first key is an initial key configured by hardware, and the second key is a key used for encrypting the target file, and the file key used for encrypting the target file is generated by combining the random number and the initial key, so that a file-key can be ensured, and the security coefficient of the encrypted target file is improved. It should be noted that, a pre-stored first Key Class Key (i.e., an initial Key) is configured to a Key Store of the UFS controller at one time after the system is powered on and started or when the UFS controller is initialized by a trusted execution environment TEE in the processor, and in the embodiment of the present application, a second Key for file encryption is generated by using a target random number and the first Key under the condition of avoiding frequent interaction between the trusted execution environment TEE and the UFS controller, so that a secret is obtained, the possibility of being broken is almost zero, the security coefficient of the file Key is improved, the possibility of being broken is greatly reduced, and the use efficiency is also improved.

It can be understood that, because the first key is sent to the UFS controller by the TEE, but the first key is stored in the UFS controller and cannot be read by software, and because the second key is derived from the first key, only the target random number will appear in the file management module (at the software level) for file encryption, and the first key only exists in the TEE and the UFSHC, the security factor is increased, so the hardware in the embodiment of the present application can implement a key system of security authentication (MDPP) 3.0.

Optionally, before generating the second key, a variable parameter may be generated by a random number generator, where the variable parameter is used to generate the second key; generating, by the UFS controller, a second key corresponding to the target file according to the target random number and a pre-stored first key, including: generating a third key according to the target random number and the variable parameter by the UFS controller, where the variable parameter includes a first variable and a second variable, the first variable is used to identify a bit width of the second key, and the second variable is a random number with a preset fixed bit width or a number with a preset fixed bit width that identifies a file attribute of the target file, where the preset fixed bit width of the second variable is determined by the bit width of the third key; and generating the second key by the UFS controller according to the third key and the pre-stored first key through a derivation algorithm.

The method can be understood that the third key is generated according to the target random number, the first variable parameter and the second variable parameter, the third key uniquely corresponds to the target file, and the second key generated according to the third key and the prestored first key is also unique, so that the encryption grade of the file is greatly improved and the risk of stealing the file is reduced due to the encryption mode of the file and the key. Among them, for example: referring to fig. 6, fig. 6 is a schematic diagram of a file encryption algorithm framework applied in a UFS controller according to an embodiment of the present application. As shown in fig. 6, the third key Fix Data may be generated by the root key module Fix Data GEN according to the target random number, the first variable L, and the second variable label. That is, the Fix Data Gen has three input variables, Mata Data, label, and L, and outputs a third key Fix Data having a fixed bit width. The L variable is a value representing a fixed bit width of the third key, and the Label variable may be randomly generated by the hardware random number generator trng, may represent an attribute of the target file, and may also be a value having a fixed bit width. For example: the third key can be obtained by directly splicing three variables of Mata Data, label and L. In a possible implementation manner, the specific algorithm for generating the third key Fix Data can be further specified in NIST Special Publication 800-108 protocol, which is not described herein again.

It can also be understood that, after generating the third key, the UFS controller needs to generate a second key for file encryption by a derivation algorithm according to the third key and the first key stored in advance. It can also be understood that the second key is derived from hardware logic, and cannot be sensed and acquired by software, so that the risk of stealing by lawbreakers is reduced. The Derivation algorithm (KDF) may also be referred to as a Key acquisition function, and the KDF may include one of the following algorithms: CMAC algorithm, HMAC algorithm, etc. For example: as shown in fig. 6, the second Key FEK may be generated by the Key derivation module NIST-KDF according to the third Key Fix Data and the first Key Class Key, and the derivation algorithm used is a CMAC algorithm of 256 bits. The bit width of the second Key FEK is determined by the third Key Fix Data and the first Key Class Key. In a possible implementation manner, the specific algorithm for generating the second key FEK can be further detailed in NIST Special Publication 800-108 protocol, which is not described herein again.

Step S305: and encrypting the target file according to the second key through the UFS controller to obtain the encrypted target file.

Specifically, the UFS controller encrypts the target file according to the second key to obtain an encrypted target file. By implementing the embodiment of the present application, after the second key uniquely corresponding to the target file is obtained, the target file may be encrypted and stored by an encryption algorithm according to the second key, where the encryption algorithm may be a symmetric encryption algorithm, for example: the encryption algorithm may comprise at least one of the following methods: advanced Encryption Standard (AES), Data Encryption Standard (DESL), International Data Encryption Algorithm (IDEA), and the like.

Optionally, the encrypting the target file according to the second key by the UFS controller to obtain an encrypted target file includes: dividing the target file into a plurality of file data blocks by the UFS controller; and sequentially encrypting the plurality of file data blocks according to the second key from one file data block corresponding to the DUN in the plurality of file data blocks through the UFS controller to obtain the encrypted target file. It can be understood that, in the embodiment of the present application, the target file may be divided into a plurality of groups of file data blocks, and then the target file is encrypted by using a block encryption algorithm in the advanced encryption standard, where the block length of the block encryption algorithm may be 128 bits, and the key length may be 128 bits, 192 bits, or 256 bits, so that the efficiency of file encryption storage may be greatly improved, and the encryption level of file encryption is also improved. The size of the block of the packet file may be 128 bits, 256 bits, and the like, which is not limited in this embodiment of the application. For example, as shown in FIG. 6, the PlayIntext [ j ] in FIG. 6 is the data plaintext of jth block, and the size is 128 bit; i in fig. 6 is an adjustment parameter, in the encryption engine of the UFS controller, the adjustment parameter of the first block is initialized to the DUN value in the UTRD, and the adjustment parameter of the subsequent block is compensated and adjusted according to the DUN value in the first UTRD; aj is a calculated component associated with block j; cipher Text [ j ] is a Cipher Text obtained after the jth block data plaintext is encrypted; AES-ENC (AES128 block encryption algorithm)/AES-DEC (AES128 block decryption algorithm) in fig. 6 encrypts/decrypts the target file as a basic encryption unit/basic decryption unit. The UFS controller obtains file data (i.e., play [ j ] in fig. 6) of a predetermined length (e.g., 128bit) from the DRAM, encrypts and stores the file data, which is used as a file key, and input parameters such as i, in the memory, and finally notifies the file management module in the processor of the completion of storage.

Step S306: and storing the encrypted target file through a memory.

Specifically, the encrypted target file is stored in a memory, and is stored in the memory after being encrypted, and finally, a file management module in the processor is informed of the completion of storage. It can be understood that the memory may be a solid state disk, a UFS Flash memory (UFS Flash), a solid state memory, or the like of the smart terminal, so that the target file can be effectively stored after the smart terminal encrypts the file.

Optionally, a second request is sent to the UFS controller by the processor, where the second request is used to request reading of the encrypted target file; and acquiring the second key corresponding to the target file according to the second request through the UFS controller, and decrypting and reading the encrypted target file according to the second key. It is understood that, when the UFS controller receives a request to read an encrypted file, the UFS controller may read and decrypt the encrypted file according to a second key derived from the read request. The target file can be read only under the condition that the second key exists, the security of the target file is facilitated, meanwhile, the second key is derived from hardware logic, software cannot be sensed and acquired, and the risk of being stolen by lawbreakers is reduced. For example: after ufshc reads data with a preset length from the specified address of ufs device (the data is consistent with the preset length of the file obtained during encryption), FEK is used as a file key, and the input parameters such as i and the like are decrypted and stored in the specified address of DRAM, and finally the file management module in the processor is informed that the reading is completed.

By implementing the embodiment of the application, the UFS controller can acquire the random number corresponding to the target file through the first request sent by the processor; and then generating a second key after encrypting according to the random number and a pre-stored first key, and finally encrypting the target file according to the second key. Firstly, when different files are encrypted, different file keys (second keys) can be generated through different random numbers corresponding to different files on the basis of the same initial key (first key), and finally, different files are encrypted according to different file keys corresponding to different files, wherein each file has a unique file key corresponding to the file key. It can be understood that, because the keys for encrypting the files are different between different files, the encrypted files are not easy to be broken after the files are encrypted and stored, so that information leakage is caused, and the encryption level of the files can be greatly improved by the encryption mode. Secondly, in each file encryption process, different random numbers can be used for generating a file key on the basis of the same initial key, so that the situation that the initial key is refreshed too frequently by the trusted execution environment TEE in order to improve the encryption level of the file can be avoided, the file encryption storage efficiency is low, and resources are wasted. Moreover, the UFS controller firstly acquires the target random number and then generates a file encryption key according to the target random number, the key acquisition mode ensures that the encryption key only exists in a hardware layer, and the second key is derived from hardware logic and cannot be sensed and acquired by software, so that the safety coefficient of the key is greatly improved, the purpose of one-character encryption is achieved, the possibility of being broken is almost zero, and the encryption level of the target file is also improved. And finally, the chip can ensure the functional isolation of the TEE and the file management module, the safety performance is optimal, and the file storage efficiency is not influenced.

The method of the embodiments of the present application is explained in detail above, and the related apparatus of the embodiments of the present application is provided below.

Referring to fig. 7, fig. 7 is a schematic structural diagram of another file encryption apparatus provided in this embodiment, the file encryption apparatus 20 may include a first sending unit 701, a first obtaining unit 702, a key unit 703, an encryption unit 704, a second obtaining unit 705, a third obtaining unit 706, a first generating unit 707, a first expanding unit 708, a second sending unit 709, a third sending unit 710, a second expanding unit 711, a third sending unit 7122, a fourth sending unit 713, a second generating unit 714, a fifth sending unit 715, a first storage unit 716, a second storage unit 717, and a decryption unit 718. The details of each unit are as follows.

A first sending unit 701, configured to send, by a processor, a first request to a universal flash host UFS controller, where the first request is used to request storage of a target file;

a first obtaining unit 702, configured to obtain, by the UFS controller, a target random number corresponding to the target file;

a key unit 703, configured to generate, by the UFS controller, a second key corresponding to the target file according to the target random number and a pre-stored first key;

an encrypting unit 704, configured to encrypt the target file according to the second key through the UFS controller, so as to obtain an encrypted target file.

In one possible implementation, the apparatus further includes: a second obtaining unit 705, configured to obtain the target file through the UFS controller.

In one possible implementation, the apparatus further includes: a third obtaining unit 706, configured to obtain, by the UFS controller, a descriptor of the first request corresponding to the target file, where the descriptor includes a data unit number DUN; the encryption unit 704 is specifically configured to: dividing the target file into a plurality of file data blocks by the UFS controller; and sequentially encrypting the plurality of file data blocks according to the second key from one file data block corresponding to the DUN in the plurality of file data blocks through the UFS controller to obtain the encrypted target file.

In one possible implementation, the apparatus further includes: a first generating unit 707 for generating, by the processor, the target random number and the descriptor of the target file when creating the target file.

In one possible implementation, the apparatus further includes: a first spreading unit 708, configured to spread, by the processor, the descriptor according to the target random number to obtain a spread descriptor, where the spread descriptor includes the target random number and the DUN; a second sending unit 709, configured to send, by the processor, the extended descriptor to a dynamic random access memory; the first obtaining unit 702 is specifically configured to: acquiring the expanded descriptor from the dynamic random access memory according to the first request through the UFS controller; and acquiring the target random number and the DUN according to the expanded descriptor through the UFS controller.

In one possible implementation, the apparatus further includes: a third sending unit 710, configured to send, by the processor, the target random number to a dynamic random access memory; a second expanding unit 711, configured to expand, by the processor, the descriptor according to the storage address of the target random number and the data length of the target random number, to obtain an expanded descriptor, where the expanded descriptor includes the storage address of the target random number, the data length of the target random number, and the DUN; a third sending unit 712, configured to send, by the processor, the extended descriptor to the dynamic random access memory; the first obtaining unit 702 is specifically configured to: acquiring the expanded descriptor from the dynamic random access memory according to the first request through the UFS controller; determining, by the UFS controller, a storage address of the target random number in the expanded descriptor, and obtaining the target random number according to the storage address of the target random number; the third obtaining unit 706 is specifically configured to: and acquiring the DUN according to the expanded descriptor through the UFS controller.

In one possible implementation, the apparatus further includes: a fourth sending unit 713, configured to send, by the processor, the descriptor to a dynamic random access memory; sending, by the processor, a storage address of the target random number to an address register in the UFS controller; the first obtaining unit 702 is specifically configured to: obtaining, by the UFS controller, the descriptor from the dynamic random access memory according to the first request; and acquiring the target random number by the UFS controller according to the storage address of the target random number stored in an address register in the UFS controller.

In one possible implementation, the apparatus further includes: a second generating unit 714 configured to generate a variable parameter by a random number generator, the variable parameter being used to generate the second key; the key unit 703 is specifically configured to: generating a third key according to the target random number and the variable parameter by the UFS controller, where the variable parameter includes a first variable and a second variable, the first variable is used to identify a bit width of the second key, and the second variable is a random number with a preset fixed bit width or a number with a preset fixed bit width that identifies a file attribute of the target file, where the preset fixed bit width of the second variable is determined by the bit width of the third key; and generating the second key by the UFS controller according to the third key and the pre-stored first key through a derivation algorithm.

In one possible implementation, the apparatus further includes: a first storage unit 715, configured to store the encrypted target file to a memory through the UFS controller; a second storage unit 716, configured to store the encrypted target file through the memory.

In one possible implementation, the apparatus further includes: a fifth sending unit 717, configured to send, by the processor, a second request to the UFS controller, where the second request is for requesting reading of the encrypted target file; a decryption unit 718, configured to obtain, by the UFS controller according to the second request, the second key corresponding to the target file, and decrypt and read the encrypted target file according to the second key.

It should be noted that, for the functions of each functional unit in the file encryption device 20 described in the embodiment of the present application, reference may be made to the related description of step S301 to step S306 in the embodiment of the method described in fig. 3, which is not described herein again.

As shown in fig. 8, fig. 8 is a schematic structural diagram of another file encryption apparatus provided in this embodiment of the present application, where the apparatus 30 includes at least one processor 801, at least one memory 802, and at least one UFS controller 803. In addition, the device may also include common components such as an antenna, which will not be described in detail herein.

The processor 801 may be a general purpose Central Processing Unit (CPU), a microprocessor, an application-specific integrated circuit (ASIC), or one or more integrated circuits for controlling the execution of programs according to the above schemes.

The UFS controller 803, which may be a solid state disk, is composed of a control unit and a storage unit.

The Memory 802 may be a Read-Only Memory (ROM) or other type of static storage device that can store static information and instructions, a Random Access Memory (RAM) or other type of dynamic storage device that can store information and instructions, an Electrically Erasable Programmable Read-Only Memory (EEPROM), a Compact Disc Read-Only Memory (CD-ROM) or other optical Disc storage, optical Disc storage (including Compact Disc, laser Disc, optical Disc, digital versatile Disc, blu-ray Disc, etc.), magnetic disk storage media or other magnetic storage devices, or any other medium that can be used to carry or store desired program code in the form of instructions or data structures and that can be accessed by a computer, but is not limited to these. The memory may be self-contained and coupled to the processor via a bus. The memory may also be integral to the processor.

Wherein, the memory 802 is used for storing application program codes for executing the above scheme, and is controlled by the processor 801 and the UFS controller 803 to execute. The processor 801 and UFS controller 803 are used to execute application program code stored in the memory 802.

The memory 802 stores code that may perform the file encryption method provided above in fig. 3, such as sending, by the processor, a first request to the universal flash host UFS controller, the first request requesting storage of a target file; acquiring a target random number corresponding to the target file through the UFS controller; generating a second key corresponding to the target file according to the target random number and a pre-stored first key through the UFS controller; and encrypting the target file according to the second key through the UFS controller to obtain an encrypted target file.

It should be noted that, for the functions of each functional unit in the file encryption device 30 described in the embodiment of the present application, reference may be made to the description related to step S301 to step S306 in the method embodiment described in fig. 3, which is not described herein again.

In the foregoing embodiments, the descriptions of the respective embodiments have respective emphasis, and for parts that are not described in detail in a certain embodiment, reference may be made to related descriptions of other embodiments.

It should be noted that, for simplicity of description, the above-mentioned method embodiments are described as a series of acts or combination of acts, but those skilled in the art will recognize that the present application is not limited by the order of acts described, as some steps may occur in other orders or concurrently depending on the application. Further, those skilled in the art should also appreciate that the embodiments described in the specification are preferred embodiments and that the acts and modules referred to are not necessarily required in this application.

In the embodiments provided in the present application, it should be understood that the disclosed apparatus may be implemented in other manners. For example, the above-described embodiments of the apparatus are merely illustrative, and for example, the above-described division of the units is only one type of division of logical functions, and other divisions may be realized in practice, for example, a plurality of units or components may be combined or integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection of some interfaces, devices or units, and may be an electric or other form.

The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.

In addition, functional units in the embodiments of the present application may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a form of hardware, and can also be realized in a form of a software functional unit.

The integrated unit may be stored in a computer-readable storage medium if it is implemented in the form of a software functional unit and sold or used as a separate product. Based on such understanding, the technical solution of the present application may be substantially implemented or a part of or all or part of the technical solution contributing to the prior art may be embodied in the form of a software product stored in a storage medium, and including several instructions for enabling a computer device (which may be a personal computer, a server, or a network device, and may specifically be a processor in the computer device) to execute all or part of the steps of the above-mentioned method of the embodiments of the present application. The storage medium may include: a U-disk, a removable hard disk, a magnetic disk, an optical disk, a Read-Only Memory (ROM) or a Random Access Memory (RAM), and the like.

The above embodiments are only used for illustrating the technical solutions of the present application, and not for limiting the same; although the present application has been described in detail with reference to the foregoing embodiments, it should be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; and such modifications or substitutions do not depart from the spirit and scope of the corresponding technical solutions in the embodiments of the present application.

Claims

1. A file encryption apparatus, comprising: a processor and a universal flash host UFS controller coupled to the processor;

the processor is configured to send a first request to the UFS controller, where the first request is used to request storage of a target file;

the UFS controller is configured to:

acquiring a target random number corresponding to the target file;

generating a second key corresponding to the target file according to the target random number and a pre-stored first key;

and encrypting the target file through the second key to obtain the encrypted target file.

2. The apparatus of claim 1, wherein the UFS controller is further to: and acquiring the target file.

3. The apparatus of claim 1 or 2, wherein the UFS controller is further to:

obtaining a descriptor of the first request corresponding to the target file, wherein the descriptor comprises a data unit number DUN;

the UFS controller is specifically configured to: dividing the target file into a plurality of file data blocks;

and sequentially encrypting the plurality of file data blocks according to the second key from one file data block corresponding to the DUN in the plurality of file data blocks to obtain the encrypted target file.

4. The apparatus of claim 3, wherein the processor is further configured to:

generating the target random number and the descriptor of the target file when the target file is created.

5. The apparatus of claim 4, wherein the apparatus further comprises a dynamic random access memory coupled to the processor, the UFS controller, respectively;

the processor is further configured to: expanding the descriptor according to the target random number to obtain an expanded descriptor, wherein the expanded descriptor comprises the target random number and the DUN;

sending the expanded descriptor to the dynamic random access memory;

the UFS controller is specifically configured to:

acquiring the expanded descriptor from the dynamic random access memory according to the first request;

and acquiring the target random number and the DUN according to the expanded descriptor.

6. The apparatus of claim 4, wherein the apparatus further comprises a dynamic random access memory coupled to the processor, the UFS controller, respectively;

the processor is further configured to: sending the target random number to the dynamic random access memory;

expanding the descriptor according to the storage address of the target random number and the data length of the target random number to obtain an expanded descriptor, wherein the expanded descriptor comprises the storage address of the target random number, the data length of the target random number and the DUN;

sending the expanded descriptor to the dynamic random access memory;

the UFS controller is specifically configured to:

determining the storage address of the target random number in the expanded descriptor, and acquiring the target random number according to the storage address of the target random number;

and acquiring the DUN according to the expanded descriptor.

7. The apparatus of claim 4, wherein the apparatus further comprises a dynamic random access memory coupled to the processor, the UFS controller, respectively;

the processor is further configured to: sending the descriptor to the dynamic random access memory;

sending a storage address of the target random number to an address register in the UFS controller;

the UFS controller is specifically configured to:

acquiring the descriptor from the dynamic random access memory according to the first request;

and acquiring the target random number according to the storage address of the target random number stored in an address register in the UFS controller.

8. The apparatus of any one of claims 1-7, further comprising: a random number generator coupled to the UFS controller, the random number generator configured to generate a variable parameter, the variable parameter configured to generate the second key;

the UFS controller is specifically configured to:

generating a third key according to the target random number and the variable parameter, wherein the variable parameter includes a first variable and a second variable, the first variable is used for identifying a bit width of the second key, the second variable is a random number with a preset fixed bit width or a number with a preset fixed bit width for identifying the attribute of the target file, and the preset fixed bit width of the second variable is determined by the bit width of the third key;

and generating the second key by a derivation algorithm according to the third key and the first key stored in advance.

9. The apparatus according to any one of claims 1-8, wherein the target random number is a random number of a file attribute, and wherein a bit width of the target random number comprises one of the following bit widths: 128 bits, 192 bits, 256 bits, 512 bits.

10. The apparatus of any of claims 1-9, wherein the processor is further configured to:

sending a second request to the UFS controller, wherein the second request is used for requesting to read the encrypted target file;

the UFS controller is further configured to:

and acquiring the second key corresponding to the target file according to the second request, and decrypting and reading the encrypted target file according to the second key.

11. A method for encrypting a file, comprising:

sending a first request to a universal flash host UFS controller through a processor, wherein the first request is used for requesting to store a target file;

acquiring a target random number corresponding to the target file through the UFS controller;

generating a second key corresponding to the target file according to the target random number and a pre-stored first key through the UFS controller;

and encrypting the target file according to the second key through the UFS controller to obtain an encrypted target file.

12. The method of claim 11, wherein the method further comprises:

and acquiring the target file through the UFS controller.

13. The method of claim 11 or 12, wherein the method further comprises:

obtaining, by the UFS controller, a descriptor of the first request corresponding to the target file, the descriptor including a data unit number DUN;

the encrypting the target file according to the second key by the UFS controller to obtain an encrypted target file includes: dividing the target file into a plurality of file data blocks by the UFS controller;

and sequentially encrypting the plurality of file data blocks according to the second key from one file data block corresponding to the DUN in the plurality of file data blocks through the UFS controller to obtain the encrypted target file.

14. The method of claim 13, wherein the method further comprises:

generating, by the processor, the target random number and the descriptor of the target file when creating the target file.

15. The method of claim 14, wherein the method further comprises:

expanding, by the processor, the descriptor according to the target random number to obtain an expanded descriptor, the expanded descriptor including the target random number and the DUN;

sending, by the processor, the expanded descriptor to a dynamic random access memory;

the obtaining, by the UFS controller, a target random number corresponding to the target file includes:

acquiring the expanded descriptor from the dynamic random access memory according to the first request through the UFS controller;

and acquiring the target random number and the DUN according to the expanded descriptor through the UFS controller.

16. The method of claim 14, wherein the method further comprises:

sending, by the processor, the target random number to a dynamic random access memory;

expanding the descriptor according to the storage address of the target random number and the data length of the target random number by the processor to obtain an expanded descriptor, wherein the expanded descriptor comprises the storage address of the target random number, the data length of the target random number and the DUN;

sending, by the processor, the expanded descriptor to the dynamic random access memory;

determining, by the UFS controller, a storage address of the target random number in the expanded descriptor, and obtaining the target random number according to the storage address of the target random number;

the obtaining, by the UFS controller, the descriptor of the first request corresponding to the target file includes:

and acquiring the DUN according to the expanded descriptor through the UFS controller.

17. The method of claim 14, wherein the processor is further configured to:

sending, by the processor, the descriptor to a dynamic random access memory;

sending, by the processor, a storage address of the target random number to an address register in the UFS controller;

obtaining, by the UFS controller, the descriptor from the dynamic random access memory according to the first request;

and acquiring the target random number by the UFS controller according to the storage address of the target random number stored in an address register in the UFS controller.

18. The method of any one of claims 11-17, further comprising: generating a variable parameter by a random number generator, the variable parameter being used for generating the second key;

generating, by the UFS controller, a second key corresponding to the target file according to the target random number and a pre-stored first key, including:

generating a third key according to the target random number and the variable parameter by the UFS controller, where the variable parameter includes a first variable and a second variable, the first variable is used to identify a bit width of the second key, and the second variable is a random number with a preset fixed bit width or a number with a preset fixed bit width that identifies a file attribute of the target file, where the preset fixed bit width of the second variable is determined by the bit width of the third key;

and generating the second key by the UFS controller according to the third key and the pre-stored first key through a derivation algorithm.

19. The method according to any of claims 11-18, wherein the target random number is a random number of a file attribute, and wherein a bit width of the target random number comprises one of the following bit widths: 128 bits, 192 bits, 256 bits, 512 bits.

20. The method of any one of claims 11-19, further comprising:

sending, by the processor, a second request to the UFS controller, the second request requesting reading of the encrypted target file;

and acquiring the second key corresponding to the target file according to the second request through the UFS controller, and decrypting and reading the encrypted target file according to the second key.

21. A computer storage medium, characterized in that it stores a computer program which, when executed by a processor, implements the method of any of the preceding claims 11-20.

22. A computer program, characterized in that the computer program comprises instructions which, when executed by a computer, cause the computer to carry out the method according to any one of claims 11-20.