CN113642051A - Encrypted data read-write method of SPI storage equipment and embedded processor chip - Google Patents

Encrypted data read-write method of SPI storage equipment and embedded processor chip Download PDF

Info

Publication number
CN113642051A
CN113642051A CN202111189816.XA CN202111189816A CN113642051A CN 113642051 A CN113642051 A CN 113642051A CN 202111189816 A CN202111189816 A CN 202111189816A CN 113642051 A CN113642051 A CN 113642051A
Authority
CN
China
Prior art keywords
data
encryption
spi
key
decryption
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202111189816.XA
Other languages
Chinese (zh)
Other versions
CN113642051B (en
Inventor
吴德煌
原顺
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Guangzhou Jiangxinchuang Technology Co ltd
Original Assignee
Guangzhou Jiangxinchuang Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Guangzhou Jiangxinchuang Technology Co ltd filed Critical Guangzhou Jiangxinchuang Technology Co ltd
Priority to CN202111189816.XA priority Critical patent/CN113642051B/en
Publication of CN113642051A publication Critical patent/CN113642051A/en
Application granted granted Critical
Publication of CN113642051B publication Critical patent/CN113642051B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/78Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
    • G06F21/79Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data in semiconductor storage media, e.g. directly-addressable memories

Abstract

The embodiment of the invention discloses an encrypted data reading and writing method of SPI storage equipment and an embedded processor chip, wherein the encrypted data reading method comprises the following steps: responding to a CPU to set a data address to be accessed to an encryption and decryption processing unit, and calculating a grouping key by the encryption and decryption processing unit according to the data address to be accessed; the SPI controller initiates data access and transmission operation to the SPI storage device according to the data address to be accessed; the SPI controller reads a corresponding group key from the encryption and decryption unit, and performs exclusive-OR operation on the group key and ciphertext data received from the SPI storage device to obtain decrypted data; the CPU receives the decrypted data from the SPI controller. The embodiment of the invention realizes the write-in online encryption and the read online decryption of data; the encryption and decryption processes of the data are finished in real time, and the read-write speed is not influenced.

Description

Encrypted data read-write method of SPI storage equipment and embedded processor chip
Technical Field
The invention relates to the technical field of electronic chips, in particular to an encrypted data read-write method of SPI (serial peripheral interface) storage equipment and an embedded processor chip.
Background
The SPI memory device refers to a memory device using an SPI bus interface, and commonly includes SPI NOR, SPI NAND, SPI SRAM, and the like. Generally, the SPI storage device has a small capacity and a relatively low cost, and is a type of storage device commonly used in embedded devices.
The on-line encryption storage of the SPI storage device refers to a technique in which data stored on the storage device is encrypted data, but data read by the CPU is plaintext data. By using the technology, the data stored in the SPI storage device can be encrypted and protected, the encryption process can be hidden, and the CPU is transparent, so that the use of a user is simpler.
Referring to fig. 1, the flow of implementing the online encryption storage technology of the current SPI storage device is shown in fig. 1. The system maps the data area related to the ciphertext stored in the SPI to the address space which can be read by the CPU. When the CPU reads the encrypted data, the CPU directly initiates the read operation of the relevant address space. In the reading process, the encrypted data is decrypted by a decryption unit on the data path, then the related plaintext data is transmitted to the Cache, and finally the data is returned to the CPU through the Cache.
The SPI online encryption storage is mainly applied to application scenes such as firmware encryption and data protection. For example, in a scenario of firmware encryption, a manufacturer may encrypt firmware burned on the SPI storage device when leaving a factory by using the technology, and then solidify a secret key inside the main control chip, so that the firmware on the SPI storage device is bound with the main control chip, thereby preventing illegal firmware from being illegally copied.
Existing online encryption protection techniques for SPI storage devices have several drawbacks.
Referring to fig. 2, a first disadvantage is that data transmission and encryption and decryption are processed serially and are inefficient. One characteristic of SPI storage devices is that the bus transfer rate is low, and with current solutions, once data encryption transmission is enabled, the overall transfer rate becomes lower. There are two reasons for this, one is that the decryption unit is designed to be serial to the bus transmission; secondly, the selection of the encryption algorithm also has an influence, and some algorithms can not decrypt until enough data arrives.
The second drawback is the unfriendly support for SPI NAND. This is related to the property that SPI NAND is not randomly readable. The current scheme maps an encrypted data area through Cache, wherein the Cache can be read randomly, but SPI NAND can not be read randomly. SPI NAND devices cannot be well supported due to the mismatch in characteristics of the two devices.
A third disadvantage is the unfriendly support for write operations. Even for SPI NOR devices, current schemes do not support encrypted write operations well. The reason is that the SPI NOR device can support random reading, but the write operation is performed in a minimum data block manner, erasing and writing, which is not matched with the characteristics of the Cache. Cache is random write enabled and write operations do not require erasing first. For this reason, the current technical solution usually only sees the online decryption read function, but not the online encryption write function.
Disclosure of Invention
The present invention is directed to solving at least one of the problems of the prior art. Therefore, the invention provides an encrypted data reading method of SPI storage equipment, which can realize the write-in online encryption and the read online decryption of data; the encryption and decryption processes of the data are finished in real time, and the read-write speed is not influenced; and can support read and write operations of storage devices such as SPI NOR, SPI NAND, and SPI SRAM.
The invention also provides an encrypted data writing method of the SPI storage device.
The invention also provides an embedded processor chip.
According to the first aspect of the invention, the encrypted data reading method of the SPI storage device comprises the following steps: responding to a CPU to set a data address to be accessed to an encryption and decryption processing unit, and calculating a grouping key by the encryption and decryption processing unit according to the data address to be accessed; the SPI controller initiates data access and transmission operation to the SPI storage device according to the data address to be accessed; the SPI controller reads a corresponding group key from the encryption and decryption unit, and performs exclusive-OR operation on the group key and ciphertext data received from the SPI storage device to obtain decrypted data; the CPU receives the decrypted data from the SPI controller.
The encrypted data reading method of the SPI storage device according to the embodiment of the invention at least has the following beneficial effects: the method of the embodiment of the invention realizes the encryption and storage of the SPI which is transparent to the CPU, realizes the real-time completion of the on-line decryption process and does not influence the transmission rate.
According to some embodiments of the present invention, the encryption/decryption processing unit calculating a group key from the address of the data to be accessed includes: the encryption and decryption unit adopts a symmetric key algorithm and calculates a grouping key of the data through a counting value related to the data position; symmetric key algorithms include, but are not limited to, AES, DES, TEA, and SM4, among others.
According to some embodiments of the present invention, when a CPU initiates an access to an SPI memory, a starting position and a length of a ciphertext currently transmitted are configured to the encryption and decryption unit; and the encryption and decryption unit outputs a valid packet key or an invalid packet key at the SPI controller according to the starting position and the length of the ciphertext. The embodiment can realize the mixed transmission of the plaintext and the ciphertext and effectively improve the access efficiency.
According to some embodiments of the present invention, the SPI controller performs row detection when receiving data transmitted by the SPI storage device, and outputs empty block information through a register if an accessed physical block is an empty block. The SPI controller of this embodiment supports empty block detection, and the mismatching problem of application that appears after starting online encryption and decryption function can effectively be solved to this function.
An encrypted data writing method of an SPI storage device according to an embodiment of a second aspect of the present invention includes the steps of: responding to a CPU to set a data address to be written to an encryption and decryption processing unit, and calculating a grouping key by the encryption and decryption processing unit according to the data address to be written; the SPI controller receives data to be written, reads a corresponding group key from the encryption and decryption unit, and performs exclusive-or operation on the data to be written and the group key to obtain encrypted data; and the SPI controller writes the encrypted data into the SPI storage equipment according to the address of the data to be written.
The encrypted data writing method of the SPI storage device according to the embodiment of the invention at least has the following beneficial effects: the method of the embodiment of the invention realizes the encryption and storage of the SPI which is transparent to the CPU, realizes the real-time completion of the online encryption process and does not influence the transmission rate.
According to some embodiments of the invention, the calculating, by the encryption/decryption processing unit, a group key from the address of the data to be written comprises: the encryption and decryption unit adopts a symmetric key algorithm and calculates a grouping key of the data through a counting value related to the data position; the symmetric key algorithm includes AES, DES, TEA, and SM 4.
According to some embodiments of the present invention, when a CPU initiates a write operation of an SPI memory, a starting position and a length of a cipher text currently transmitted are configured to the encryption and decryption unit; and the encryption and decryption unit outputs a valid packet key or an invalid packet key at the SPI controller according to the starting position and the length of the ciphertext. The embodiment can realize the mixed transmission of the plaintext and the ciphertext and effectively improve the access efficiency.
An embedded processor chip according to an embodiment of the third aspect of the invention, comprises: the CPU is used for initiating the read-write operation of the SPI storage equipment; the encryption and decryption processing unit is connected with the CPU and used for calculating a grouping key through a symmetric key algorithm according to the configuration of the CPU; and the SPI controller is connected with the CPU and the encryption and decryption unit and used for carrying out encryption and decryption operations on read-write data of the SPI storage device according to the grouping key of the encryption and decryption unit.
The embedded processor chip according to the embodiment of the invention at least has the following beneficial effects: the embodiment of the invention realizes the SPI real-time encryption storage function through a symmetric key algorithm and an encryption and decryption processing unit. The embodiment of the invention can realize that the encryption and decryption processing of the data does not cause the reduction of the transmission efficiency, and the grouping key calculation and the data transmission process are carried out simultaneously.
According to some embodiments of the invention, the SPI controller comprises a null block detection unit for performing row detection on the received data. The SPI controller of the embodiment of the invention can detect the empty block, so that software application can not feel the difference from accessing the common SPI storage.
Additional aspects and advantages of the invention will be set forth in part in the description which follows and, in part, will be obvious from the description, or may be learned by practice of the invention.
Drawings
The above and/or additional aspects and advantages of the present invention will become apparent and readily appreciated from the following description of the embodiments, taken in conjunction with the accompanying drawings of which:
FIG. 1 is a schematic diagram of an implementation flow of an online encryption storage technique of an SPI storage device in the prior art;
FIG. 2 is a diagram illustrating transmission rates of an online encrypted storage technique for a prior art SPI storage device;
FIG. 3 is a schematic diagram of an embedded processor chip read-write SPI memory device according to an embodiment of the present invention;
fig. 4 is a schematic flowchart of an encrypted data reading method of an SPI storage device according to an embodiment of the present invention;
fig. 5 is a schematic flowchart of an encrypted data writing method of an SPI storage device according to an embodiment of the present invention;
FIG. 6 is a diagram illustrating mixed plaintext and ciphertext transmission in accordance with an embodiment of the invention;
Fig. 7 is a schematic diagram of encrypting and decrypting data by using a symmetric key algorithm according to an embodiment of the present invention.
Detailed Description
Reference will now be made in detail to embodiments of the present invention, examples of which are illustrated in the accompanying drawings, wherein like or similar reference numerals refer to the same or similar elements or elements having the same or similar function throughout. The embodiments described below with reference to the accompanying drawings are illustrative only for the purpose of explaining the present invention, and are not to be construed as limiting the present invention.
In the description of the present invention, the meaning of a plurality of means is one or more, the meaning of a plurality of means is two or more, and more than, less than, more than, etc. are understood as excluding the present number, and more than, less than, etc. are understood as including the present number. If the first and second are described for the purpose of distinguishing technical features, they are not to be understood as indicating or implying relative importance or implicitly indicating the number of technical features indicated or implicitly indicating the precedence of the technical features indicated.
A CPU: a central processing unit;
SPI: serial Peripheral Interface;
NOR: a non-volatile flash memory technology that supports random access;
NAND: a non-volatile flash memory technology.
Referring to fig. 3, an embedded processor chip according to an embodiment of the present invention includes: the CPU is used for initiating the read-write operation of the SPI storage equipment; the encryption and decryption processing unit is connected with the CPU and used for calculating a grouping key through a symmetric key algorithm according to the configuration of the CPU; and the SPI controller is connected with the CPU and the encryption and decryption unit and used for carrying out encryption and decryption operations on read-write data of the SPI storage device according to the grouping key of the encryption and decryption unit.
In some embodiments, the SPI controller comprises an empty block detection unit for performing row detection on the received data.
Referring to fig. 4, the encrypted data reading method of the SPI storage device according to the embodiment of the present invention includes the following steps: when a CPU (central processing unit) needs to access a data encryption area, firstly, setting a data address needing to be accessed to an encryption and decryption processing unit, and immediately starting to calculate a grouping key at a corresponding position by the encryption and decryption processing unit; meanwhile, the SPI controller initiates data access and transmission operation to the SPI storage device according to a normal access flow; and when the data are transmitted to the SPI controller, reading the corresponding grouping key from the encryption and decryption processing unit, and carrying out XOR operation on the received data to obtain decrypted data.
In some embodiments, when the CPU initiates an access of the SPI memory, the starting position and length of the ciphertext currently transmitted are configured to the encryption and decryption unit; the encryption and decryption unit outputs a valid packet key or an invalid packet key at the SPI controller according to the starting position and the length of the ciphertext.
In some embodiments, the SPI controller performs row detection when receiving data transmitted by the SPI storage device, and outputs empty block information through the register if the accessed physical block is an empty block. Both SPI NOR and SPI NAND support erase operations by physical block size. The physical block after erasure is an empty block, and the value of each byte position is 0xFF by default. In practical applications, software may need to perform empty block detection on a physical block. However, after the SPI inline encryption function is enabled, the data read by the CPU is the data processed by the encryption/decryption processing unit, and even if the read physical block is an empty block, the resultant data is not 0 xFF. Therefore, some software modules which rely on the characteristics of the SPI NOR and the SPI NAND to detect the empty block cannot normally detect and judge the empty block, and related functions cannot normally work, so that the empty block detection function is very important. The solution of this embodiment is to add a null data detection function within the corresponding SPI controller. When the physical block accessed by the SPI controller is an empty block, all the read data are 0 xFF; the SPI controller can detect the data in the process of receiving the data, and when the data block is received, corresponding information is given out through the register to inform the CPU whether the current data block is an empty block or not.
Referring to fig. 5, the encrypted data writing method for the SPI storage device according to the embodiment of the present invention includes the following steps: the CPU sets a data address to be written to the encryption and decryption processing unit, and the encryption and decryption processing unit calculates a grouping key according to the data address to be written; the SPI controller receives data to be written, reads a corresponding group key from the encryption and decryption unit, and performs exclusive-or operation on the data to be written and the group key to obtain encrypted data; and the SPI controller writes the encrypted data into the SPI storage equipment according to the data address to be written.
In some embodiments, when the CPU initiates a write operation of the SPI memory, the starting position and length of the ciphertext currently transmitted are configured to the encryption and decryption unit; the encryption and decryption unit outputs a valid packet key or an invalid packet key at the SPI controller according to the starting position and the length of the ciphertext. In this embodiment, plaintext and ciphertext are transmitted in a mixed manner. Referring to FIG. 6, a typical write transfer includes a command, address, and data. The SPI memory access is achieved by sending commands over the SPI bus, and therefore cannot encrypt all data transmitted over the bus. Since information such as a command, an address, and the like is processed by encryption, the SPI storage device cannot normally operate. One possibility is to transmit unencrypted data separately from encrypted data, such as by first transmitting the commands and addresses in the figure unencrypted, and then transmitting the data portion encrypted. In order to have better transmission efficiency, the scheme provided by this embodiment may implement hybrid transmission of plaintext data and ciphertext data by configuring an encryption/decryption processing unit, and the specific method is as follows: for each transmission, the starting position and the length of the cipher text transmitted currently can be configured to the encryption and decryption processing unit; when the encryption and decryption processing unit outputs the block key, the plaintext area outputs an invalid block key, and the ciphertext area outputs a valid block key.
Referring to fig. 7, in some embodiments, the encryption and decryption unit calculates a group key of the data through a count value associated with the data location using a symmetric key algorithm; the symmetric key algorithm includes AES, DES, TEA, SM4, and the like. The selection of algorithms and modes has a great influence on the implementation of the encryption and decryption processing unit, and some algorithms and modes need to wait until enough data can be started, and some algorithms and modes do not need to wait for the data. Compared with an asymmetric key algorithm, the symmetric key algorithm is more suitable for processing application scenes with large data volume, so that the symmetric key algorithm is used for encrypting and decrypting data in the scheme of the invention. Common symmetric key algorithms include AES, DES, TEA, SM4, and the like. The Counter Mode (Counter Mode) is an application Mode of a symmetric key algorithm, and is characterized in that a packet key of data is calculated using a count value (Counter) associated with a data position, and then exclusive-or operation is performed with the data using the packet key, thereby encrypting and decrypting the data. The advantage of this mode is that it only needs to know the position of the data, and it does not need to wait for the completion of the data transmission, and the corresponding group key can be calculated. The processing procedure of encrypting and decrypting the data by using the grouping key is exclusive-or operation, is a very simple hardware processing procedure, and cannot cause transmission delay. The counter mode is also a streaming data encryption and decryption mode, does not require that the processed data be aligned according to a certain byte length, and can process data with any byte length. Meanwhile, in the counter mode, the processing flows of encryption and decryption are completely consistent, and the hardware is simple to implement.
In this embodiment, by using a symmetric key algorithm and a counter mode, the following functions can be implemented: the CPU only needs to give the data position needing to be accessed (read and written), and the encryption and decryption processing unit can start to calculate the grouping key; the encryption and decryption processing unit calculates the grouping key, and the grouping key and the transmission process of data on the SPI bus can be processed in parallel; the data with any length can be encrypted and decrypted.
Compared with the prior art, the SPI storage real-time encryption and decryption technology provided by the invention has the greatest characteristic that the encryption and decryption processing of data can not cause the reduction of transmission efficiency, and the grouping key calculation and the data transmission process are carried out simultaneously; the other remarkable characteristic is that the on-line read-write encryption and decryption of various storage devices such as SPI NOR, SPI NAND and the like can be supported; and after the online encryption and decryption function is enabled, the characteristics of the flash memory can still be embodied, such as empty block detection, so that the software application can not feel the difference from accessing the ordinary SPI storage.
Although specific embodiments have been described herein, those of ordinary skill in the art will recognize that many other modifications or alternative embodiments are equally within the scope of this disclosure. For example, any of the functions and/or processing capabilities described in connection with a particular device or component may be performed by any other device or component. In addition, while various illustrative implementations and architectures have been described in accordance with embodiments of the present disclosure, those of ordinary skill in the art will recognize that many other modifications of the illustrative implementations and architectures described herein are also within the scope of the present disclosure.
Certain aspects of the present disclosure are described above with reference to block diagrams and flowchart illustrations of systems, methods, systems, and/or computer program products according to example embodiments. It will be understood that one or more blocks of the block diagrams and flowchart illustrations, and combinations of blocks in the block diagrams and flowchart illustrations, respectively, can be implemented by executing computer-executable program instructions. Also, according to some embodiments, some blocks of the block diagrams and flow diagrams may not necessarily be performed in the order shown, or may not necessarily be performed in their entirety. In addition, additional components and/or operations beyond those shown in the block diagrams and flow diagrams may be present in certain embodiments.
Accordingly, blocks of the block diagrams and flowchart illustrations support combinations of means for performing the specified functions, combinations of elements or steps for performing the specified functions and program instruction means for performing the specified functions. It will also be understood that each block of the block diagrams and flowchart illustrations, and combinations of blocks in the block diagrams and flowchart illustrations, can be implemented by special purpose hardware-based computer systems that perform the specified functions, elements or steps, or combinations of special purpose hardware and computer instructions.
The embodiments of the present invention have been described in detail with reference to the accompanying drawings, but the present invention is not limited to the above embodiments, and various changes can be made within the knowledge of those skilled in the art without departing from the gist of the present invention.

Claims (9)

1. An encrypted data reading method of an SPI storage device is characterized by comprising the following steps:
responding to a CPU to set a data address to be accessed to an encryption and decryption processing unit, and calculating a grouping key by the encryption and decryption processing unit according to the data address to be accessed;
the SPI controller initiates data access and transmission operation to the SPI storage device according to the data address to be accessed;
the SPI controller reads a corresponding group key from the encryption and decryption unit, and performs exclusive-OR operation on the group key and ciphertext data received from the SPI storage device to obtain decrypted data;
the CPU receives the decrypted data from the SPI controller.
2. The SPI storage device encrypted data reading method according to claim 1, wherein the encryption/decryption processing unit calculating a group key from the data address to be accessed comprises:
the encryption and decryption unit adopts a symmetric key algorithm and calculates a grouping key of the data through a counting value related to the data position;
The symmetric key algorithm includes AES, DES, TEA, and SM 4.
3. The SPI storage device encrypted data reading method according to claim 1, wherein when the CPU initiates an access of the SPI memory, a starting position and a length of a ciphertext currently transmitted are configured to the encryption/decryption unit;
and the encryption and decryption unit outputs a valid packet key or an invalid packet key at the SPI controller according to the starting position and the length of the ciphertext.
4. The SPI storage device encrypted data reading method according to claim 1, wherein the SPI controller performs a row check upon receiving data transmitted by the SPI storage device, and outputs a null block information through a register if the accessed physical block is a null block.
5. An encrypted data writing method of an SPI storage device is characterized by comprising the following steps:
responding to a CPU to set a data address to be written to an encryption and decryption processing unit, and calculating a grouping key by the encryption and decryption processing unit according to the data address to be written;
the SPI controller receives data to be written, reads a corresponding group key from the encryption and decryption unit, and performs exclusive-or operation on the data to be written and the group key to obtain encrypted data;
And the SPI controller writes the encrypted data into the SPI storage equipment according to the address of the data to be written.
6. The SPI storage device encryption data writing method of claim 5, wherein the encryption/decryption processing unit calculating a packet key from the to-be-written data address comprises:
the encryption and decryption unit adopts a symmetric key algorithm and calculates a grouping key of the data through a counting value related to the data position;
the symmetric key algorithm includes AES, DES, TEA, and SM 4.
7. The method according to claim 5, wherein when the CPU initiates a write operation of the SPI memory, the starting position and length of the ciphertext currently transmitted are configured to the encryption/decryption unit;
and the encryption and decryption unit outputs a valid packet key or an invalid packet key at the SPI controller according to the starting position and the length of the ciphertext.
8. An embedded processor chip, comprising:
the CPU is used for initiating the read-write operation of the SPI storage equipment;
the encryption and decryption processing unit is connected with the CPU and used for calculating a grouping key through a symmetric key algorithm according to the configuration of the CPU;
And the SPI controller is connected with the CPU and the encryption and decryption unit and used for carrying out encryption and decryption operations on read-write data of the SPI storage device according to the grouping key of the encryption and decryption unit.
9. The embedded processor chip of claim 8, wherein the SPI controller comprises a null block detection unit for performing row detection on the received data.
CN202111189816.XA 2021-10-13 2021-10-13 Encrypted data read-write method of SPI storage equipment and embedded processor chip Active CN113642051B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202111189816.XA CN113642051B (en) 2021-10-13 2021-10-13 Encrypted data read-write method of SPI storage equipment and embedded processor chip

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202111189816.XA CN113642051B (en) 2021-10-13 2021-10-13 Encrypted data read-write method of SPI storage equipment and embedded processor chip

Publications (2)

Publication Number Publication Date
CN113642051A true CN113642051A (en) 2021-11-12
CN113642051B CN113642051B (en) 2022-02-22

Family

ID=78426515

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202111189816.XA Active CN113642051B (en) 2021-10-13 2021-10-13 Encrypted data read-write method of SPI storage equipment and embedded processor chip

Country Status (1)

Country Link
CN (1) CN113642051B (en)

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1936870A (en) * 2005-09-23 2007-03-28 中国科学院计算技术研究所 Hard-disc fan-area data enciphering and deciphering method and system
CN102355352A (en) * 2011-07-24 2012-02-15 哈尔滨工程大学 Data confidentiality and integrity protection method
US20160171249A1 (en) * 2014-12-15 2016-06-16 Joseph C. Circello Decryption Systems And Related Methods For On-The-Fly Decryption Within Integrated Circuits
CN106599735A (en) * 2017-02-13 2017-04-26 珠海格力电器股份有限公司 Data protection device and method, and storage controller
CN108768620A (en) * 2018-03-26 2018-11-06 海光信息技术有限公司 A kind of data processing method and device
CN109656840A (en) * 2018-12-21 2019-04-19 成都海光集成电路设计有限公司 A kind of device of data encrypting and deciphering, method, storage medium and data-storage system
CN110457924A (en) * 2019-08-12 2019-11-15 南京芯驰半导体科技有限公司 Storing data guard method and device
CN110515863A (en) * 2018-05-22 2019-11-29 东芝存储器株式会社 Control the storage system and method for nonvolatile memory

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1936870A (en) * 2005-09-23 2007-03-28 中国科学院计算技术研究所 Hard-disc fan-area data enciphering and deciphering method and system
CN102355352A (en) * 2011-07-24 2012-02-15 哈尔滨工程大学 Data confidentiality and integrity protection method
US20160171249A1 (en) * 2014-12-15 2016-06-16 Joseph C. Circello Decryption Systems And Related Methods For On-The-Fly Decryption Within Integrated Circuits
CN106599735A (en) * 2017-02-13 2017-04-26 珠海格力电器股份有限公司 Data protection device and method, and storage controller
CN108768620A (en) * 2018-03-26 2018-11-06 海光信息技术有限公司 A kind of data processing method and device
CN110515863A (en) * 2018-05-22 2019-11-29 东芝存储器株式会社 Control the storage system and method for nonvolatile memory
CN109656840A (en) * 2018-12-21 2019-04-19 成都海光集成电路设计有限公司 A kind of device of data encrypting and deciphering, method, storage medium and data-storage system
CN110457924A (en) * 2019-08-12 2019-11-15 南京芯驰半导体科技有限公司 Storing data guard method and device

Also Published As

Publication number Publication date
CN113642051B (en) 2022-02-22

Similar Documents

Publication Publication Date Title
US9483664B2 (en) Address dependent data encryption
US7092400B2 (en) Method of transmitting data through a data bus
US7657754B2 (en) Methods and apparatus for the secure handling of data in a microcontroller
US20180365451A1 (en) Input/output data encryption
EP3721367A1 (en) Storage apparatus and method for address scrambling
CN111131130B (en) Key management method and system
US11809346B2 (en) System architecture with secure data exchange
TWI747007B (en) Configurable security memory region
US10180804B1 (en) Obfuscation-enhanced memory encryption
CN106533652A (en) XTS-SM4-based storage encryption and decryption method and device
US7877615B2 (en) Semiconductor devices and scrambled data transmission methods thereof
US11429751B2 (en) Method and apparatus for encrypting and decrypting data on an integrated circuit
US11456855B2 (en) Obfuscating data at-transit
CN112329038A (en) Data encryption control system and chip based on USB interface
CN112887077B (en) SSD main control chip random cache confidentiality method and circuit
CN111506934B (en) Memory chip with safety function and memory device
CN113642051B (en) Encrypted data read-write method of SPI storage equipment and embedded processor chip
US11797717B2 (en) Bus encryption for non-volatile memories
CN112395651A (en) Memory device and method for operating memory device
CN107861892B (en) Method and terminal for realizing data processing
CN111512308A (en) Storage controller, file processing method, device and system
GB2424089A (en) Side channel attack prevention in data processing apparatus such as a smart card
KR102660388B1 (en) Memory module, oprtation method of memory module, memory system and operation method of memory system
US9058295B2 (en) Encrypt data of storage device
CN112688953B (en) Data processing method and device, electronic equipment and computer readable storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant