CN113343245B - Chip secure starting method, secure chip and receiver thereof - Google Patents

Chip secure starting method, secure chip and receiver thereof Download PDF

Info

Publication number
CN113343245B
CN113343245B CN202110584436.XA CN202110584436A CN113343245B CN 113343245 B CN113343245 B CN 113343245B CN 202110584436 A CN202110584436 A CN 202110584436A CN 113343245 B CN113343245 B CN 113343245B
Authority
CN
China
Prior art keywords
chip
starting
firmware
authorization code
fails
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202110584436.XA
Other languages
Chinese (zh)
Other versions
CN113343245A (en
Inventor
郝志杰
丁杰
张玉安
吴振
胡月
李满
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
CHANGSHA HAIGE BEIDOU INFORMATION TECHNOLOGY CO LTD
Original Assignee
CHANGSHA HAIGE BEIDOU INFORMATION TECHNOLOGY CO LTD
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by CHANGSHA HAIGE BEIDOU INFORMATION TECHNOLOGY CO LTD filed Critical CHANGSHA HAIGE BEIDOU INFORMATION TECHNOLOGY CO LTD
Priority to CN202110584436.XA priority Critical patent/CN113343245B/en
Publication of CN113343245A publication Critical patent/CN113343245A/en
Application granted granted Critical
Publication of CN113343245B publication Critical patent/CN113343245B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/575Secure boot
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/60Software deployment
    • G06F8/65Updates

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses a chip safe starting method, which comprises executing bottom layer initialization codes; acquiring a chip starting mode and initializing; reading eFuse data, judging and recording ID; obtaining an authorization code ciphertext, decryption and verification from a storage medium; comparing the obtained chip ID; loading a firmware file header from a storage medium and verifying; loading firmware encrypted data, checking and extracting a chip ID; comparing the chip ID; setting a chip Rom; and executing the firmware of the chip to finish the starting. The invention also discloses a chip started by adopting the chip safe starting method, and a receiver comprising the chip safe starting method and the safe chip. The invention ensures the reliability and safety of the chip starting process by innovating the starting process of the chip, and is suitable for any chip and occasion with strict safety requirements on starting.

Description

Chip secure starting method, secure chip and receiver thereof
Technical Field
The invention belongs to the field of chip design, and particularly relates to a chip safe starting method, a safe chip and a receiver thereof.
Background
With the development of economic technology and the improvement of living standard of people, the chip is widely applied to the production and the life of people, and brings endless convenience to the production and the life of people.
The execution process of any chip is summarized, and the starting is the premise for guaranteeing the subsequent work of the chip. If the boot loader software of the chip is modified, a series of security problems can result. For this reason, a secure way needs to be taken to start the chip.
At present, a commonly used chip secure boot scheme generally stores a plurality of secure keys in an eFuse of a chip; while a secure RSA public key requires 2048 bits, multiple eFuses are combined in the chip (usually, the eFuses occupy bits in the range of 256 to 2048), which significantly increases the cost of the chip. In addition, the chip ROM stores the code for loading the secondary boot, and the code is visible in JTAG mode, which undoubtedly exposes the security key in the eFuse, so that the chip has a security risk.
Disclosure of Invention
One of the objectives of the present invention is to provide a secure chip starting method with high reliability, good security and wide application range.
The invention also aims to provide a security chip comprising the chip security starting method.
The invention also aims to provide a receiver comprising the chip security starting method and the security chip.
The invention provides a chip safe starting method, which comprises the following steps:
s1, executing a bottom layer initialization code of a chip;
s2, acquiring a starting mode of the chip and initializing each peripheral driver;
s3, reading eFuse data of the chip, judging and recording the ID of the chip;
s4, obtaining an authorization code ciphertext from a storage medium of the chip, and decrypting and checking the authorization code ciphertext;
s5, comparing the chip ID obtained from the authorization code with the chip ID obtained in the step S3;
s6, loading a firmware file header from a storage medium of the chip and checking;
s7, loading firmware encrypted data from the chip according to the file header information, carrying out data correctness verification after decryption, and extracting a chip ID corresponding to the firmware;
s8, comparing the chip ID obtained in the step S7 with the chip ID obtained from the authorization code;
s9, configuring a chip Rom according to a safety model of the chip eFuse;
and S10, executing firmware of the chip, and finishing starting.
The chip safe starting method also comprises the following steps: after the firmware is started, the function list is enabled according to the authorization code.
The chip safe starting method also comprises the following steps: and after the firmware is started, judging the time in the authorization code according to the time service function and executing corresponding action.
The step S1 of executing the bottom initialization code of the chip specifically includes executing Cache/TLB initialization, setting the running mode and memory allocation of the CPU, and the like.
Initializing each peripheral driver in step S2 specifically includes initializing a serial port, a Timer, a decryption controller, and a start medium.
Reading chip eFuse data, judging and recording chip ID in step S3 includes the following steps:
A. reading chip eFuse data;
B. determining whether the eFuse data is valid:
if valid, enable secure configuration in the eFuse data;
if the chip is invalid, the safe start fails, and the chip enters an upgrading mode.
The obtaining of the authorization code ciphertext from the storage medium of the chip, the decrypting and the verifying in step S4 specifically includes the following steps:
a. obtaining an authorization code ciphertext from a storage medium and loading the authorization code ciphertext into an internal Ram;
b. decrypting the authorization code using a default RSA publish:
if the decryption is successful, performing subsequent starting steps;
if decryption fails, the secure boot fails, and an upgrade mode of the chip is entered;
c. and (3) carrying out plaintext verification on the decrypted authorization code:
if the verification is successful, performing a subsequent starting step;
and if the verification fails, the safe start fails, and the upgrading mode of the chip is entered.
The upgrading model specifically comprises that a PC terminal downloads an upgrading program to a memory inside a chip through a USB/SPI/I2C/UART and other transmission interfaces, and skips to execute the upgrading program; the upgrading program writes the file transmitted from the PC terminal to the storage medium of the chip; the storage medium comprises NorFlash/NandFlash/SD/MMC/eMMC and the like.
Comparing the chip ID obtained in the authorization code in step S5 with the chip ID obtained in step S3, specifically includes the following steps:
comparing the chip ID obtained in the authorization code with the chip ID obtained in step S3:
if the comparison is consistent, performing the subsequent starting step;
if the comparison is inconsistent, the safe start fails, and the upgrading mode of the chip is entered.
The loading and verifying of the firmware file header from the storage medium of the chip in step S6 specifically includes the following steps:
(1) loading a firmware file header from a storage medium to an internal Ram;
(2) and for the loaded firmware file header, whether CRC check is effective is adopted:
if the verification is passed, carrying out the subsequent starting step;
and if the verification fails, the safe start fails, and the chip enters an upgrading mode.
Step S7, where the firmware encrypted data is loaded from the chip according to the header information, the data correctness is verified after decryption, and the chip ID corresponding to the firmware is extracted, the method specifically includes the following steps:
1) according to the authorization code obtained after the verification in step S4, it is determined whether the firmware data is a plaintext:
if the firmware data is plaintext, performing CRC check directly:
if the CRC passes, performing subsequent starting steps;
if the CRC fails, the safe start fails, and the upgrading mode of the chip is entered;
if the firmware data is a ciphertext, performing the subsequent decryption process of the steps 2) to 6);
2) obtaining a ciphertext of the AES KEY from the firmware file header;
3) obtaining RSA keyindex according to the authorization code;
4) carrying out RSA decryption on the obtained AES KEY;
5) and performing AES decryption on the firmware data area by using the decrypted AES key:
if the decryption is successful, performing CRC check:
if the CRC passes, performing subsequent starting steps;
if the CRC fails, the safe start fails, and the upgrading mode of the chip is entered;
if the decryption fails, the safe start fails, and the upgrading mode of the chip is entered.
6) The chip ID is extracted from the firmware data.
Comparing the chip ID obtained in step S7 with the chip ID obtained in the authorization code in step S8, specifically including the following steps:
comparing the chip ID obtained in the step S7 with the chip ID obtained from the authorization code:
if the comparison is consistent, performing the subsequent starting step;
if the comparison is inconsistent, the safe start fails, and the upgrading mode of the chip is entered.
The invention also discloses a safety chip which is started by adopting the chip safety starting method.
The invention also discloses a receiver which comprises the safety chip, and the safety chip is started by adopting the chip safety starting method.
The chip safe starting method, the safe chip and the receiver thereof ensure the reliability and the safety of the chip starting process by innovating the starting process of the chip, and are suitable for any chip and occasion with strict safety requirements on starting.
Drawings
FIG. 1 is a schematic process flow diagram of the process of the present invention.
Detailed Description
The method is suitable for chips with the following specifications:
CPU is not limited to ARM/MIPS/etc series;
2. the bus is not limited to Axi/Ahb/Apb and the like, bus interconnection related IP and the like;
3. the decryption controllers such as RSA/AES/DES are supported, and the decryption controllers can be selected;
4. if the chip has the starting performance requirement, recommending to support hard decryption, otherwise, realizing a software decryption algorithm by Rom;
the eFuse controller can read and write eFuse peripherals of the chip;
6. the storage medium controller is not limited to QSPI NorFlash/NandFlash/SD/eMMC and the like;
7, a UART controller, which mainly has the function of information printing;
timer controller, the main function is timing function;
the IROM memory chip is used for solidifying codes, and the size of the IROM memory chip is customized according to application requirements;
the IRAM stores execution codes or data and the like, and the size is customized according to application requirements;
the system control modules such as PLL/CLK/Reset/IOMUX and the like are mainly used for clock control/module Reset/pin multiplexing and the like;
12. the programming controller module is not limited to USB otg/USB Device/UART/SD/SPI/I2C and the like;
13. other application specific modules, the function being application dependent; for example, a navigation baseband chip needs to implement logic function units such as RDSS/RNSS;
14. having a security module enabling function;
it can be seen that most of the chips on the market today meet the above requirements, and therefore the method of the present invention has proved to be very useful.
Secondly, the method of the invention is defined as follows:
1. exporting a plurality of pairs of publickeys and privatekeys of RSA by using a hardware encryption tool, wherein the publickeys are stored in a chip ROM, and the privatekeys are stored in a secure server;
such as: RSA 2048 is used, 8 public keys are stored in a chip Rom, and public key7 is set as a default public key;
2. the storage medium has at least two files, an authorization code file and a firmware file: the authorization code file must be a ciphertext, and the firmware file may be a plaintext or a ciphertext (determined by the authorization code);
such as: the format of the authorization code file is shown in table 1, the format of the firmware file is shown in table 2, and the format of the firmware file header is shown in table 3;
TABLE 1 authorization code File Format schematic Table
Item Occupying byte size Definition of Description of the invention
Magic 4 0xacfd0def Type (B)
Version 4 Version(s)
ChipID 4 Chip ID
SerialNum 4 Card serial number
Feature0~5 24 Firmware function definition
Start_Date 4 Product registration start date
End_Date 4 End date of use of product
Flags 4 And (4) safety setting: whether the firmware is encrypted, rsakeyindex, etc
CRC32 4 Data verification
TABLE 2 firmware File Format schematic Table
Figure BDA0003087639920000071
Table 3 firmware header format schematic table
Figure BDA0003087639920000081
The authorization code is encrypted and decrypted by RSA 2048, the encryption is private key7, and the encryption is public key 7;
the Data area in the firmware file can be plaintext or ciphertext, and whether encryption or decryption is determined by Flags in the authorization code;
encrypting and decrypting a Data area of the firmware by using AES 128; AESkey is encrypted by RSA 2048, and the encrypted and decrypted indexes (the range is 0-7) are specified by Flags in the authorization code;
the Aesk ciphertext is stored in a Header of the firmware file;
the data definition in the eFuse has at least two fields of chip ID and safety configuration Flags, and the occupied bit is less than 256;
4. before reading the data of the storage medium, whether the JTAG function needs to be invalidated or not is determined according to the eFuse safety configuration;
5. before the jump firmware is executed, determining whether Bootrom is set to be invisible according to the setting of the eFuse;
such as: setting a register, and informing a chip that the read data of the logical enable Rom address are all 0, wherein the real instruction is invisible;
6. before loading the authorization code, whether the Jtag function is enabled or not is determined according to eFuse setting;
7. failure of decryption of the authorization code or failure of decryption of the firmware can cause failure of startup;
8. the authorization code is decrypted successfully, and if the authorization code is inconsistent with the chip ID in the eFuse, the starting is failed;
9. the firmware file is successfully decrypted, the data is successfully verified, and if the firmware file is inconsistent with the chip ID in the eFuse, the starting is failed;
10. after the firmware is successfully started, the time in the authorization code is verified to be invalid, and the start is failed (optional);
12. after the firmware boot is successful, the function (optional) is enabled according to the authorization code.
The above definitions indicate that:
firstly: the firmware file taken by the user is a cipher text, and the firmware is to be decrypted by firstly taking the public key of RSA; but the keys store Bootrom read-only codes, and the settings cannot be seen, so that the firmware files are ensured to be safe;
then, the chip can write different chip IDs according to the categories; thus, the chip ID in the firmware and the information stored by the eFuse are matched, and the firmware can be executed; the firmware cannot be copied for other purposes maliciously;
finally, even if the firmware fails to be started, the Jtag is in an invalid state; the user cannot read Rom information including Public key and the like in the debug state.
FIG. 1 is a schematic flow chart of the method of the present invention: the invention provides a chip safe starting method, which comprises the following steps:
s1, executing a bottom layer initialization code of a chip; the method specifically comprises the steps of initializing a Cache/TLB, setting a running mode of a CPU, allocating memory and the like; then jumping to a Main function;
s2, acquiring a starting mode of the chip and initializing each peripheral driver; the method specifically comprises the steps of initializing a serial port, a Timer, a decryption controller, a starting medium (QSPI/Nand/SD/eMMC and the like) and the like;
s3, reading eFuse data of the chip, judging and recording the ID of the chip; the method specifically comprises the following steps:
A. reading chip eFuse data;
B. determining whether the eFuse data is valid:
if valid, enable secure configuration in the eFuse data; for example, disabling Jtag functionality, etc.;
if the chip is invalid, the safe start fails, and an upgrading mode of the chip is entered;
s4, obtaining an authorization code ciphertext from a storage medium of the chip, and decrypting and checking the authorization code ciphertext; the method specifically comprises the following steps:
a. obtaining an authorization code ciphertext from a storage medium (generally from a storage medium fixed address 0), and loading the authorization code ciphertext into an internal Ram;
b. decrypting the authorization code using a default RSA publish:
if the decryption is successful, performing subsequent starting steps;
if decryption fails, the secure boot fails, and an upgrade mode of the chip is entered;
c. and (3) carrying out plaintext verification on the decrypted authorization code:
if the verification is successful, performing a subsequent starting step;
if the verification fails, the safe start fails, and the chip enters an upgrading mode;
the upgrading model specifically comprises that the PC terminal downloads an upgrading program to the internal memory of the chip through a USB/SPI/I2C/UART and other transmission interfaces, and skips to execute the upgrading program; the upgrading program writes the file transmitted from the PC end to the storage medium of the chip; the storage medium comprises NorFlash/NandFlash/SD/MMC/eMMC and the like;
s5, comparing the chip ID obtained from the authorization code with the chip ID obtained in the step S3; the method specifically comprises the following steps:
comparing the chip ID obtained in the authorization code with the chip ID obtained in step S3:
if the comparison is consistent, performing the subsequent starting step;
if the comparison is inconsistent, the safe start fails, and the upgrading mode of the chip is entered;
s6, loading a firmware file header from a storage medium of the chip and checking; the method specifically comprises the following steps:
(1) loading a firmware file header from a storage medium (generally from a storage medium fixed address 1) to an internal Ram;
(2) and for the loaded firmware file header, whether CRC check is effective is adopted:
if the verification is passed, carrying out the subsequent starting step;
if the verification fails, the safe start fails, and the upgrading mode of the chip is entered
S7, loading firmware encrypted data from the chip according to the file header information, carrying out data correctness verification after decryption, and extracting a chip ID corresponding to the firmware; the method specifically comprises the following steps:
1) according to the authorization code obtained after the verification in step S4, it is determined whether the firmware file header is a plaintext:
if the firmware file header is plaintext, directly performing CRC check:
if the CRC passes, performing subsequent starting steps;
if the CRC fails, the safe start fails, and the upgrading mode of the chip is entered;
if the firmware file header is a cipher text, carrying out the subsequent decryption process of the steps 2) to 6);
2) obtaining a ciphertext of the AESKEY from the firmware file header;
3) obtaining RSA keyindex according to the authorization code;
4) carrying out RSA decryption on the obtained AES KEY;
5) and performing AES decryption on the firmware data area by using the decrypted AES key:
if the decryption is successful, performing CRC check:
if the CRC passes, performing subsequent starting steps;
if the CRC fails, the safe start fails, and the upgrading mode of the chip is entered;
if the decryption fails, the secure boot fails, and an upgrade mode of the chip is entered;
6) extracting chip ID from firmware data
S8, comparing the chip ID obtained in the step S7 with the chip ID obtained from the authorization code; the method specifically comprises the following steps:
comparing the chip ID obtained in the step S7 with the chip ID obtained from the authorization code:
if the comparison is consistent, performing the subsequent starting step;
if the comparison is inconsistent, the safe start fails, and the upgrading mode of the chip is entered;
s9, configuring a chip Rom according to a safety model of the chip eFuse;
s10, executing firmware of the chip, and finishing starting;
s11, enabling the function list according to the authorization code after the firmware is started;
and S12, after the firmware is started, judging the time in the authorization code according to the time service function and executing a corresponding action.

Claims (8)

1. A chip safe starting method comprises the following steps:
s1, executing the bottom layer initialization code of the chip;
s2, acquiring the starting mode of the chip and initializing each peripheral driver;
s3, reading eFuse data of the chip, judging and recording ID of the chip;
s4, obtaining the authorization code ciphertext from the storage medium of the chip, and decrypting and checking; the method specifically comprises the following steps:
a. obtaining an authorization code ciphertext from a storage medium and loading the authorization code ciphertext into an internal Ram;
b. decrypting the authorization code using a default RSA publish key:
if the decryption is successful, performing subsequent starting steps;
if the decryption fails, the secure boot fails, and an upgrade mode of the chip is entered;
c. and (3) carrying out plaintext verification on the decrypted authorization code:
if the verification is successful, performing a subsequent starting step;
if the verification fails, the safe starting fails, and the upgrading mode of the chip is entered;
s5, comparing the chip ID obtained from the authorization code with the chip ID obtained from the step S3;
s6, loading the firmware file header from the storage medium of the chip and checking;
s7, loading the firmware encrypted data from the chip according to the file header information, carrying out data correctness verification after decryption, and extracting the chip ID corresponding to the firmware; the method specifically comprises the following steps:
1) according to the authorization code obtained after the verification in step S4, it is determined whether the firmware data is a plaintext:
if the firmware data is a plaintext, performing CRC directly:
if the CRC passes, performing subsequent starting steps;
if the CRC fails, the safe start fails, and the upgrading mode of the chip is entered;
if the firmware data is a ciphertext, performing the subsequent decryption process of the step 2) to the step 6);
2) obtaining a ciphertext of the AESKEY from the firmware file header;
3) obtaining RSA keyindex according to the authorization code;
4) carrying out RSA decryption on the obtained AES KEY;
5) and performing AES decryption on the firmware data area by using the decrypted AES key:
if the decryption is successful, performing CRC check:
if the CRC passes, performing subsequent starting steps;
if the CRC fails, the safe starting fails, and an upgrading mode of the chip is entered;
if the decryption fails, the secure boot fails, and an upgrade mode of the chip is entered;
6) extracting a chip ID from the firmware data;
s8, comparing the chip ID obtained in the step S7 with the chip ID obtained in the authorization code;
s9, configuring the Rom of the chip according to the safety model of the eFuse of the chip;
and S10, executing the firmware of the chip and completing the starting.
2. The secure chip starting method according to claim 1, wherein the step S3 of reading chip eFuse data, determining and recording chip ID specifically includes the following steps:
A. reading chip eFuse data;
B. determining whether the eFuse data is valid:
if valid, enable secure configuration in the eFuse data;
if the chip is invalid, the safe start fails, and the chip enters an upgrading mode.
3. The chip secure booting method according to claim 2, characterized in that the upgrade mode specifically includes that the PC terminal downloads an upgrade program to a chip internal memory through a transmission interface, and skips to execute the upgrade program; the upgrading program writes the subsequent file transmitted from the PC end to the storage medium of the chip; the transmission interface comprises USB, SPI, I2C and UART; the storage medium comprises NorFlash, NandFlash, SD, MMC and eMMC.
4. The chip secure boot method according to claim 3, wherein the comparing the chip ID obtained in the authorization code in step S5 with the chip ID obtained in step S3 specifically includes the following steps:
comparing the chip ID obtained in the authorization code with the chip ID obtained in step S3:
if the comparison is consistent, performing subsequent starting steps;
if the comparison is inconsistent, the safe start fails, and the upgrading mode of the chip is entered.
5. The secure chip starting method according to claim 4, wherein the step S6 of loading and verifying the firmware file header from the storage medium of the chip specifically includes the following steps:
(1) loading a firmware file header from a storage medium to an internal Ram;
(2) and for the loaded firmware file header, whether CRC check is effective is adopted:
if the verification is passed, carrying out the subsequent starting step;
and if the verification fails, the safe start fails, and the upgrading mode of the chip is entered.
6. The chip secure boot method according to claim 5, wherein the step S8 of comparing the chip ID obtained in the step S7 with the chip ID obtained in the authorization code includes the following steps:
comparing the chip ID obtained in the step S7 with the chip ID obtained from the authorization code:
if the comparison is consistent, performing subsequent starting steps;
if the comparison is inconsistent, the safe start fails, and the upgrading mode of the chip is entered.
7. A security chip, characterized in that the chip security starting method of any one of claims 1 to 6 is used for starting.
8. A receiver, characterized in that it comprises a secure chip as claimed in claim 7, and the secure chip is activated by using the secure chip activation method as claimed in any one of claims 1 to 6.
CN202110584436.XA 2021-05-27 2021-05-27 Chip secure starting method, secure chip and receiver thereof Active CN113343245B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110584436.XA CN113343245B (en) 2021-05-27 2021-05-27 Chip secure starting method, secure chip and receiver thereof

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110584436.XA CN113343245B (en) 2021-05-27 2021-05-27 Chip secure starting method, secure chip and receiver thereof

Publications (2)

Publication Number Publication Date
CN113343245A CN113343245A (en) 2021-09-03
CN113343245B true CN113343245B (en) 2022-09-30

Family

ID=77471779

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110584436.XA Active CN113343245B (en) 2021-05-27 2021-05-27 Chip secure starting method, secure chip and receiver thereof

Country Status (1)

Country Link
CN (1) CN113343245B (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115017517A (en) * 2022-06-07 2022-09-06 Oppo广东移动通信有限公司 Chip and checking method
CN116028992B (en) * 2023-02-23 2024-06-07 广东高云半导体科技股份有限公司 SoC chip and method for realizing data security detection thereof

Family Cites Families (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102622249B (en) * 2012-03-05 2015-12-02 山东华芯半导体有限公司 A kind of safe starting method preventing CPU self-locking
CN104123505A (en) * 2014-07-24 2014-10-29 丹阳市广播电视台 Android intelligent device anti-getroot system and calibration method thereof
KR101795457B1 (en) * 2016-09-27 2017-11-10 시큐리티플랫폼 주식회사 Method of initializing device and method of updating firmware of device having enhanced security function
CN107277591B (en) * 2017-06-16 2020-04-21 深圳市亿联智能有限公司 Method for encrypting fusion type set top box in OTG mode
CN109492370B (en) * 2017-09-11 2022-06-28 华为技术有限公司 Terminal starting method, terminal and signature device
CN108229132A (en) * 2017-12-27 2018-06-29 北京和利时系统工程有限公司 A kind of safe starting method and device, terminal
CN109150834A (en) * 2018-07-20 2019-01-04 武汉虹信通信技术有限责任公司 A kind of embedded device license authorization management method
US10997297B1 (en) * 2019-12-06 2021-05-04 Western Digital Technologies, Inc. Validating firmware for data storage devices
CN111611602B (en) * 2020-05-07 2023-01-24 山东华芯半导体有限公司 Safe and controllable mass production method based on state secret chip
CN112231709B (en) * 2020-10-15 2022-12-16 中国电子科技集团公司第三十八研究所 System safety design method with remote upgrading function

Also Published As

Publication number Publication date
CN113343245A (en) 2021-09-03

Similar Documents

Publication Publication Date Title
CN104794393B (en) A kind of embedded partitions image safety certification and kernel trusted bootstrap method and its equipment
US9015848B2 (en) Method for virtualizing a personal working environment and device for the same
US7447895B2 (en) BIOS locking device, computer system with a BIOS locking device and control method thereof
CN113343245B (en) Chip secure starting method, secure chip and receiver thereof
US20030018892A1 (en) Computer with a modified north bridge, security engine and smart card having a secure boot capability and method for secure booting a computer
US8296528B2 (en) Methods and systems for microcode patching
EP1870814A1 (en) Methods, apparatus, and systems for secure demand paging and other paging operations for processor devices
US20050141717A1 (en) Apparatus, system, and method for sealing a data repository to a trusted computing platform
US20100169631A1 (en) Authentication for resume boot path
US20130227262A1 (en) Authentication device and authentication method
CN107832589B (en) Software copyright protection method and system
EP1428095A2 (en) External locking mechanism for personal computer memory locations
CN103366103B (en) The application program encryption protecting method of card reader
US8751817B2 (en) Data processing apparatus and validity verification method
CN112181513B (en) Trusted measurement method based on control host system guidance of hardware board card
CN101334827A (en) Magnetic disc encryption method and magnetic disc encryption system for implementing the method
CN112560120B (en) Secure memory bank and method for starting secure memory bank
CN106657551A (en) Method and system for preventing mobile terminal from being unlocked
CN202217282U (en) Safety data memory system based on finger print universal serial bus (USB) flash disk and virtual machine
JP2003022216A (en) Storage device
CN106156632A (en) Safety device and within it provide security service to the method for main frame, safety equipment
CN115221549A (en) LPC bus safety access method, system, terminal and storage medium
US9047457B2 (en) Portable electronic entity, host station and associated method
CN113515414B (en) Data processing system and non-transitory machine readable medium
US11113399B2 (en) Electronic apparatus and control method of electronic apparatus

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant