CN114629639A - Key management method and device based on trusted execution environment and electronic equipment - Google Patents
Key management method and device based on trusted execution environment and electronic equipment Download PDFInfo
- Publication number
- CN114629639A CN114629639A CN202210237206.0A CN202210237206A CN114629639A CN 114629639 A CN114629639 A CN 114629639A CN 202210237206 A CN202210237206 A CN 202210237206A CN 114629639 A CN114629639 A CN 114629639A
- Authority
- CN
- China
- Prior art keywords
- key
- execution environment
- trusted execution
- user data
- trusted
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000007726 management method Methods 0.000 title claims abstract description 50
- 239000000463 material Substances 0.000 claims abstract description 56
- 238000000034 method Methods 0.000 claims abstract description 39
- 230000005540 biological transmission Effects 0.000 claims abstract description 34
- 230000002085 persistent effect Effects 0.000 claims description 80
- 238000004422 calculation algorithm Methods 0.000 claims description 9
- 238000012795 verification Methods 0.000 claims description 4
- 238000010586 diagram Methods 0.000 description 12
- 238000004364 calculation method Methods 0.000 description 9
- 238000005516 engineering process Methods 0.000 description 9
- 230000006870 function Effects 0.000 description 7
- 230000008569 process Effects 0.000 description 7
- 238000004590 computer program Methods 0.000 description 5
- 230000009471 action Effects 0.000 description 4
- 238000004891 communication Methods 0.000 description 4
- 238000007789 sealing Methods 0.000 description 3
- JBWKIWSBJXDJDT-UHFFFAOYSA-N triphenylmethyl chloride Chemical compound C=1C=CC=CC=1C(C=1C=CC=CC=1)(Cl)C1=CC=CC=C1 JBWKIWSBJXDJDT-UHFFFAOYSA-N 0.000 description 3
- 230000001815 facial effect Effects 0.000 description 2
- 230000003993 interaction Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- GETQKLUOZMYHGE-UHFFFAOYSA-N 2-[[3-(3,6-dichlorocarbazol-9-yl)-2-hydroxypropyl]amino]-2-(hydroxymethyl)propane-1,3-diol Chemical compound ClC1=CC=C2N(CC(O)CNC(CO)(CO)CO)C3=CC=C(Cl)C=C3C2=C1 GETQKLUOZMYHGE-UHFFFAOYSA-N 0.000 description 1
- 101100498818 Arabidopsis thaliana DDR4 gene Proteins 0.000 description 1
- 238000013459 approach Methods 0.000 description 1
- 238000009795 derivation Methods 0.000 description 1
- 238000001514 detection method Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 230000004927 fusion Effects 0.000 description 1
- 239000004973 liquid crystal related substance Substances 0.000 description 1
- 238000012423 maintenance Methods 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 238000003032 molecular docking Methods 0.000 description 1
- 230000000750 progressive effect Effects 0.000 description 1
- 238000007670 refining Methods 0.000 description 1
- 230000001360 synchronised effect Effects 0.000 description 1
- 229920006342 thermoplastic vulcanizate Polymers 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/0822—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using key encryption key
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0442—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
Abstract
The embodiment of the application provides a key management method, a device, equipment and a storage medium based on a trusted execution environment, wherein a server comprises the trusted execution environment supporting secret computing, and the method comprises the following steps: generating a key and remote attestation material for the key in the trusted execution environment; transmitting the key and the remote attestation material to a terminal device; when the terminal device determines that the trusted execution environment is a trusted environment and the key is a trusted key based on the remote attestation material, receiving an encrypted user data key generated after the terminal device encrypts the user data key by using the key; and decrypting the encrypted user data key by adopting the key to obtain the user data key so as to enable the trusted execution environment and the terminal equipment to perform data transmission based on the user data key. According to the embodiment of the application, data security is guaranteed through remote deployment and management of the secret key.
Description
Technical Field
The embodiment of the application relates to the technical field of information security, in particular to a key management method based on a trusted execution environment, a key management device based on the trusted execution environment, an electronic device and a storage medium.
Background
With the enactment of laws and regulations such as data security law and personal information protection law, more and more attention is paid to the security and privacy of the sensitive data, and the data security protection measures need to run through the complete life cycle (storage state, transmission state, calculation state).
The encryption system is a foundation for data security, and the key security is the most core part of the encryption system security, so that a safe, reliable and easily-engineering-landed key management method is provided in the whole life cycle of data, and the data security compliance capability and the product competitiveness of a product can be improved.
By refining the customer requirements, the customer is found to have a strong demand for protecting the high-value data from being exported to an untrusted environment and performing fusion calculation with third-party data (the data is transmitted to the untrusted environment for storage and calculation), however, due to the fact that the computing environment is not networked, the customer is unwilling to bear additional security hardware cost, operation and maintenance investment and other factors, an effective key management method cannot be provided at present to ensure key security, and further ensure data security.
Disclosure of Invention
The embodiment of the application provides a key management method based on a trusted execution environment, so as to solve the problem that the security of a key cannot be ensured.
Correspondingly, the embodiment of the application also provides a key management device based on the trusted execution environment, an electronic device and a storage medium, so as to ensure the implementation and application of the method.
In order to solve the above problem, an embodiment of the present application discloses a key management method based on a trusted execution environment, where the method includes: the method is applied to a server, wherein the server comprises a trusted execution environment supporting secret computing, and the method comprises the following steps:
generating a key and remote attestation material for the key in the trusted execution environment;
transmitting the key and the remote attestation material to a terminal device;
when the terminal device determines that the trusted execution environment is a trusted environment and the key is a trusted key based on the remote attestation material, receiving an encrypted user data key generated after the terminal device encrypts the user data key by using the key;
and decrypting the encrypted user data key by adopting the key to obtain the user data key so as to enable the trusted execution environment and the terminal equipment to perform data transmission based on the user data key.
Optionally, the generating of keys and remote attestation material of the keys in the trusted execution environment includes:
generating a key in the trusted execution environment;
and calculating the abstract data of the secret key by adopting a preset abstract algorithm, and generating the remote certification material of the secret key based on the abstract data.
Optionally, the method further comprises:
obtaining a persistent data key based on the hardware-level security instruction; the persistent data key is generated according to a persistent root key protected by hardware built in the server;
encrypting the key with the persistent data key and encrypting the user data key with the persistent data key;
and storing the encrypted key and the encrypted user data key into a persistent storage area corresponding to the trusted execution environment.
Optionally, the decrypting the encrypted user data key by using the key to obtain the user data key includes:
obtaining the encrypted key from the persistent storage area;
decrypting the encrypted key using the persistent data key;
and decrypting the encrypted user data key by using the decrypted key to obtain the decrypted user data key.
Optionally, the method further comprises:
when the trusted execution environment and the terminal equipment perform data transmission, acquiring the encrypted user data key from the persistent storage area;
decrypting the encrypted user data key using the persistent data key;
and encrypting and transmitting data transmitted between the trusted execution environment and the terminal equipment by adopting the decrypted user data key.
Optionally, the persistent storage area allows an authorized trusted execution environment to obtain the encrypted key and the encrypted user data key.
Optionally, the method further comprises:
establishing a trusted encrypted channel between the trusted execution environment and other trusted execution environments; the other trusted execution environment is a trusted execution environment supporting secret computing in other servers;
when the other trusted execution environment and the terminal equipment perform data transmission, acquiring the user data key from the trusted execution environment based on the trusted encryption channel;
and encrypting and transmitting data transmitted between the other trusted execution environments and the terminal equipment by adopting the user data key.
Optionally, data transmission is performed between the server and the terminal device in an online manner or an offline manner.
The embodiment of the application also discloses a key management device based on the trusted execution environment, which is applied to a server, wherein the server comprises the trusted execution environment supporting the cryptographic calculation, and the device comprises:
a generation module to generate a key and remote attestation material for the key in the trusted execution environment;
a transmission module for transmitting the key and the remote attestation material to a terminal device;
a verification module, configured to receive an encrypted user data key generated after the terminal device encrypts the user data key with the key when the terminal device determines, based on the remote attestation material, that the trusted execution environment is a trusted environment and the key is a trusted key;
and the deployment module is used for decrypting the encrypted user data key by adopting the key to obtain the user data key so as to enable the trusted execution environment and the terminal equipment to perform data transmission based on the user data key.
Optionally, the generating module is configured to generate a key in the trusted execution environment; and calculating the abstract data of the secret key by adopting a preset abstract algorithm, and generating the remote certification material of the secret key based on the abstract data.
Optionally, the apparatus further comprises: the persistent storage module is used for acquiring a persistent data key based on the hardware-level security instruction; the persistent data key is generated according to a persistent root key protected by hardware built in the server; encrypting the key with the persistent data key and encrypting the user data key with the persistent data key; and storing the encrypted key and the encrypted user data key into a persistent storage area corresponding to the trusted execution environment.
Optionally, the deployment module is configured to obtain the encrypted key from the persistent storage area; decrypting the encrypted key using the persistent data key; and decrypting the encrypted user data key by using the decrypted key to obtain the decrypted user data key.
Optionally, the apparatus further comprises: the data transmission module is used for acquiring the encrypted user data key from the persistent storage area when the trusted execution environment and the terminal equipment perform data transmission; decrypting the encrypted user data key using the persistent data key; and encrypting and transmitting data transmitted between the trusted execution environment and the terminal equipment by adopting the decrypted user data key.
Optionally, the persistent storage area allows an authorized trusted execution environment to obtain the encrypted key and the encrypted user data key.
Optionally, the apparatus further comprises: a key transmission module for establishing a trusted encryption channel between the trusted execution environment and another trusted execution environment; the other trusted execution environment is a trusted execution environment supporting secret computing in other servers; when the other trusted execution environment and the terminal equipment perform data transmission, acquiring the user data key from the trusted execution environment based on the trusted encryption channel; and encrypting and transmitting data transmitted between the other trusted execution environments and the terminal equipment by adopting the user data key.
Optionally, data transmission is performed between the server and the terminal device in an online manner or an offline manner.
The embodiment of the application also discloses an electronic device, which comprises: a processor; and a memory having executable code stored thereon, which when executed, causes the processor to perform a trusted execution environment based key management method as described in one or more of the embodiments of the present application.
One or more machine-readable media having executable code stored thereon that, when executed, cause a processor to perform a trusted execution environment based key management method as described in one or more of the embodiments of the present application are also disclosed.
Compared with the prior art, the embodiment of the application has the following advantages:
in this embodiment, in a server including a trusted execution environment supporting cryptographic computation, a remote attestation material of a key and a secret key is generated in the trusted execution environment, and the key and the remote attestation material are transmitted to a terminal device, where if the terminal device determines that the secret key is a trusted secret key based on the remote attestation material, the server may receive an encrypted user data secret key generated by the terminal device after encrypting the user data secret key with the secret key, decrypt the encrypted user data secret key with the secret key to obtain the user data secret key, and then may transmit data between the trusted execution environment and the terminal device after encrypting with the user data secret key. The embodiment of the application realizes remote deployment and management of the user data key based on the trusted execution environment of the server, so that data interaction between the trusted execution environment and the terminal equipment based on the user data key can be realized, and data safety is ensured.
Drawings
FIG. 1 is a flowchart illustrating steps of an embodiment of a trusted execution environment based key management method of the present application;
FIG. 2 is a schematic illustration of a trusted execution environment based key management of the present application;
FIG. 3 is a block diagram of an embodiment of a trusted execution environment based key management apparatus according to the present application;
fig. 4 is a schematic structural diagram of an apparatus according to an embodiment of the present application.
Detailed Description
In order to make the aforementioned objects, features and advantages of the present application more comprehensible, the present application is described in further detail with reference to the accompanying drawings and the detailed description.
First, some technical terms related to the embodiments of the present application are described:
KMS: key Management Service, Key Management Service.
Remote Attestation: remote attestation is a secret computing technique.
TEE: the Trusted Execution Environment is an Execution Environment which is based on CPU hardware security extension and is completely isolated from the outside, and is a secret computing technology.
SGX: is a secret computing technology and provides a trusted execution environment.
CPU Sealing Key: the CPU encrypts the key.
PKI: public Key Infrastructure.
HSM: hardware Security Module, a Hardware Security Module, is a computer Hardware device used to secure and manage digital keys used by strong authentication systems, and to provide related cryptographic operations at the same time.
TPM: the Trusted Platform Module is a chip which is planted in a computer and provides a Trusted root for the computer. The specification of the chip is established by Trusted Computing Group (Trusted Computing Group).
TCM: the trusted cryptography module is a hardware module of the trusted computing platform, provides a cryptographic operation function for the trusted computing platform, has a protected storage space, and corresponds to the TPM.
TPCM (thermoplastic vulcanizate): the Trusted Platform Control Module is used for enabling the Trusted Platform Module TPM to have a function of controlling Platform resources.
SaaS: Software-as-a-Service, i.e., providing Software services over a network.
SSL: secure Sockets Layer, Secure socket protocol.
Confidential Computing (also called secure Computing/trusted Computing) creates a completely isolated trusted execution environment, TEE, also called secure enclave, based on CPU hardware. Since the confidential calculation can encrypt the data being used/executed and place the data in a secure TEE to perform operations, the data in the TEE cannot be recognized by a third party, thereby preventing any third party from tampering with the data being executed by the TEE.
The TEE can be applied to the field of cloud computing, and can also be used in terminal equipment such as mobile phones, tablet computers and computers. The TEE is used for isolating processes of collecting, storing, verifying and the like of fingerprints, passwords and facial information, and even if the mobile phone is prison-off or Root-off (the third party obtains the highest authority), the third party cannot obtain corresponding data, so that the data safety is ensured.
In specific implementation, the memory encryption protection of data in operation can be realized through the TEE provided by the server chip supporting the secret computer calculation, and the data is prevented from being acquired by a third party (an unauthorized party) in a calculation state; the encryption and decryption processes of data transmission and storage can be protected through the TEE; the client's data key needs to be securely placed inside the TEE, i.e. the management method for the key needs to extend from the client locally inside the TEE.
Currently, there are the following remote key management methods:
1. secure crypto chip/hardware based schemes (e.g. HSM hardware crypto machine, TCM/TPCM trusted crypto module, etc.):
1) the root of trust key is managed by a hardware security module (e.g., TPM, PCI-E cryptographic card, etc.), and the user data key is cryptographically protected by the root of trust key, but this approach requires reliance on the presence of secure hardware.
2) The trusted root key is protected by the security hardware and cannot be obtained outside the security hardware in any way, the data encryption and decryption and signature verification processes must be completed inside the security hardware, and the data operation of the user cannot be completed inside the security hardware.
3) The safety hardware has single function and does not support executable codes customized by a user to run in the safety hardware.
4) The secure hardware has no mature technical implementation of interfacing with TEE trusted execution environments.
2. KMS on cloud based schemes (e.g., key management service on KMS cloud, etc.):
1) the SaaS service can be achieved by depending on a network.
2) The service requester is authenticated by adopting the access key signature mode, and the problem of protecting the access key in a remote untrusted environment is solved.
3) The KMS relies on the SSL encrypted channel to secure the transmission of user data keys, but it is difficult to implement secure SSL client security assumptions in a remote untrusted environment.
4) Currently, the KMS of cloud vendors does not support remote attestation of TEE.
In practical applications, data security can be guaranteed to some extent by the above-mentioned several remote key management methods, but if the usage environment of data cannot be networked to access the key management service on the KMS cloud, or the customer does not want to bear the hardware cost of HSM or TCM/TPCM, the above-mentioned methods are not feasible. In addition, the existing software and hardware key management service or the module and TEE docking technology is not mature, and a complete technical link does not guarantee the key security, so that a practical case of key management based on TEE is not available.
In view of the above problems, an embodiment of the present application provides a secret key management method based on secret computing, which does not depend on a key management service on a KMS cloud or an additional off-line hardware cryptographic machine, provides a secure key management capability for data to be encrypted and protected in a full life cycle, and is particularly suitable for realizing "data available and invisible" data privacy protection based on a trusted execution environment of secret computing in a scenario where data is out of a domain to an untrusted environment. The key management method described in the embodiment of the application can be applied to privacy computing products, such as all-in-one machines of the privacy computing products, and can realize full life cycle protection of sensitive data of clients in an out-of-domain mode.
Referring to fig. 1, a flowchart of steps of an embodiment of a key management method based on a trusted execution environment according to the present application is applied to a server, where the server includes a trusted execution environment supporting cryptographic computing, and the method includes the following steps:
The terminal device may be a terminal device used by a client, such as a smart phone, a personal computer, a notebook computer, a tablet computer, a portable wearable device, and the like, the server may be implemented by an independent server or a server cluster formed by a plurality of servers, and the server may interact with a plurality of terminal devices.
In a specific implementation, a key and remote attestation material for the key are generated at a trusted execution environment (Secure Enclave), such as the SGX, and then the key and the remote attestation material for the key are sent to the terminal device so that the terminal device can authenticate based on the remote attestation material, and if the remote attestation material authenticates successfully, the remote attestation material can be assured that the remote attestation material was generated in a trusted execution environment, which can then trust that the key was also generated in a trusted execution environment, thus trusting the key as Secure and trusted.
As an alternative example of the present application, an asymmetric encryption technique may be used in the trusted execution environment to generate a secret key, and the generated secret key may be a secret key pair (asymmetric secret key) including a public key and a private key, where the private key is unpublished by an owner, the public key is published to the terminal device by the owner, the public key may be used to encrypt data, and data encrypted by using the public key needs to be decrypted by using the private key in the public-private key pair. The private key portion resides in the trusted execution environment to secure the private key.
Accordingly, if the secret key is a secret key pair, a public key and remote attestation material of the public key may be generated and sent to the terminal device, and if the remote attestation material is successfully verified, it may be certain that the remote attestation material is generated in a trusted execution environment, and then the public key (including the corresponding private key) may also be trusted to be generated in the trusted execution environment, so that the public key is trusted to be secure and trusted.
It should be noted that, data transmission between the terminal device and the trusted execution environment may be performed in an online manner (data network) or an offline manner (through a storage device such as a usb disk), which is not limited in this embodiment of the present application.
And 108, decrypting the encrypted user data key by using the key to obtain the user data key, so that the trusted execution environment and the terminal equipment perform data transmission based on the user data key.
In a specific implementation, a user may need to perform fused computation on data, such as sensitive data of a client, such as a fingerprint, a password, and facial information, from an environment in which the user is not trusted to an environment in which the user is not trusted, for example, the environment in which the user is from the environment in which the user is not trusted to a third party data, so that data security risks, such as data leakage, are easily caused.
In this embodiment of the present application, if the terminal device verifies, based on the remote certification material, that the trusted execution environment to which data is to be sent is a trusted environment and determines that the secret key is the trusted secret key, the secret key may be used to encrypt the user data secret key, and then the encrypted user data secret key is transmitted to the trusted execution environment in an online manner or an offline manner, and the trusted execution environment reads the encrypted user data secret key, and may decrypt the encrypted user data secret key using the secret key (or using a private key if the secret key is a key pair) to obtain the user data secret key, thereby completing deployment of the user data secret key.
Subsequently, the trusted execution environment and the terminal device can encrypt data transmitted between the trusted execution environment and the terminal device by using the user data key, so that the data is protected throughout the complete life cycle by the data security protection measure, namely, in the storage state, the transmission state and the computing state.
Referring to fig. 2, a schematic diagram of key management based on a trusted execution environment according to the present application includes TEE Secure environment 1 (a trusted execution environment for implementing key management) and a user (a terminal device of the user), and when user data key deployment is performed, the following steps may be performed:
1. a terminal device of a user acquires a public key and a remote certification material of the public key; the public key is generated in the asymmetric key in the TEE Secure Enclave1, and the remote certification material is generated in the TEE Secure Enclave1 based on the public key; 2. verifying the remote attestation material; 3. if the remote certification material is successfully verified, the public key can be trusted; 4. encrypting the user data key by using the trusted public key, and then transmitting the encrypted user data key to TEE Secure envelope 1; 5. the TEE Secure Enclave1 decrypts the encrypted user data key by using a private key in the asymmetric key to obtain a user data key, so that the user data key can be deployed in the TEE Secure Enclave1, and then the TEE Secure Enclave1 can encrypt data transmitted between the TEE Secure Enclave1 and terminal equipment of a user by using the user data key and then transmit the encrypted data.
In the key management method based on the trusted execution environment, in a server including a trusted execution environment supporting secret computing, a remote certification material of a key and a key is generated in the trusted execution environment, and the key and the remote certification material are transmitted to a terminal device, wherein if the terminal device determines that the key is a trusted key based on the remote certification material, the server can receive an encrypted user data key generated by the terminal device after encrypting the user data key by using the key, decrypt the encrypted user data key by using the key to obtain the user data key, and then, transmit data between the trusted execution environment and the terminal device after encrypting by using the user data key. The embodiment of the application realizes remote deployment and management of the user data key based on the trusted execution environment of the server, so that data interaction between the trusted execution environment and the terminal equipment based on the user data key can be realized, and data safety is ensured.
In an exemplary embodiment, the step 102 of generating a key and remote attestation material of the key in the trusted execution environment may include the steps of:
generating a key in the trusted execution environment;
and calculating the abstract data of the secret key by adopting a preset abstract algorithm, and generating the remote certification material of the secret key based on the abstract data.
In this embodiment, after a key is generated in the trusted execution environment, a preset digest algorithm, for example, an algorithm such as sha256, may be used to calculate digest data of the key, so as to generate remote attestation material of the key based on the digest data, and then generate remote attestation material, for example, SGX DCAP Quote data, based on the digest data.
After the key and the remote certification material of the key are generated in the trusted execution environment, the terminal device verifies the remote certification material of the key through a remote certification algorithm of the trusted execution environment, confirms that the remote certification material is generated in a trusted execution environment, and then can trust that the key is generated in the trusted execution environment, so that the key is safe and trusted, and then the user data key can be encrypted based on the key and transmitted to the trusted execution environment, and the deployment of the user data key in the trusted execution environment is completed.
In the above exemplary embodiment, after the key is generated in the trusted execution environment, the digest data of the key is generated based on the digest algorithm, so as to generate remote attestation material capable of remotely certifying the key based on the digest data, so that the terminal device can determine, according to the remote attestation material, that the key is generated in the trusted environment, and further determine that the key is generated in the trusted execution environment, so that the terminal device can securely transmit the user data key to the trusted execution environment after encrypting the user data key thereof based on the key, thereby ensuring the security of the user data key.
In an exemplary embodiment, the method may further include the steps of:
obtaining a persistent data key based on the hardware-level security instruction; the persistent data key is generated according to a persistent root key protected by hardware built in the server;
encrypting the key with the persistent data key and encrypting the user data key with the persistent data key;
and storing the encrypted key and the encrypted user data key into a persistent storage area corresponding to the trusted execution environment.
In practical applications, to ensure the availability of the key, the key needs to be securely stored persistently.
In the embodiment of the application, a persistent root Key (hardware root Key) protected by hardware built in a server chip supporting secret computing, such as an SGX Sealing Key, is used, the persistent root Key is internally derived from CPU hardware, only allows access of a trusted execution environment, and cannot be read by the outside, and the security is high.
In the embodiment of the application, the trusted execution environment encrypts a private key of a public and private key pair and a user data key deployed by a user by using a persistent data key of the trusted execution environment, and the encrypted private key and the encrypted user data key can be persistently stored outside the trusted execution environment (in a persistent storage area), wherein the persistent data key cannot be decrypted because the environment outside the trusted execution environment does not hold the persistent data key.
In an exemplary embodiment, the persistent storage area allows an authorized trusted execution environment to obtain the encrypted key and the encrypted user data key, for example, the trusted execution environment that generated the key may be the authorized trusted execution environment, and further, the trusted execution environment that is trusted by the trusted execution environment that generated the key may also be the authorized trusted execution environment.
It should be noted that, besides the key (private key) and the user data key, other data may also be selected according to actual requirements, whether to use the persistent data key for encryption and then store the data in the persistent storage area, so that the trusted execution environment can obtain and use the data, which is not limited in this embodiment of the present application.
In an exemplary embodiment, the step 108 of decrypting the encrypted user data key by using the key to obtain the user data key may include the following steps:
obtaining the encrypted key from the persistent storage area;
decrypting the encrypted key using the persistent data key;
and decrypting the encrypted user data key by using the decrypted key to obtain the decrypted user data key.
In this embodiment of the present application, after the key is generated in the trusted execution environment, the key may be encrypted by using a persistent data key and then stored in the persistent storage area. After receiving the user data key encrypted by the key transmitted by the terminal device, the encrypted key (private key) can be obtained from the persistent storage area, and then the encrypted key is decrypted by using the persistent data key, so that the encrypted user data key is decrypted by using the obtained key, and finally the user data key of the terminal device is obtained.
In an exemplary embodiment, the method may further include the steps of:
when the trusted execution environment and the terminal equipment perform data transmission, acquiring the encrypted user data key from the persistent storage area;
decrypting the encrypted user data key with the persistent data key;
and encrypting and transmitting data transmitted between the trusted execution environment and the terminal equipment by adopting the decrypted user data key.
In this embodiment of the present application, after the trusted execution environment obtains the user data key, the user data key may be encrypted by using the persistent data key and then stored in the persistent storage area. When the trusted execution environment and the terminal device perform data transmission, the encrypted user data key can be obtained from the persistent storage area, and then the encrypted user data key is decrypted by adopting the persistent data key to obtain the user data key, so that the data transmitted between the trusted execution environment and the terminal device can be the data encrypted by adopting the user data key, and the data security is ensured.
Referring to fig. 2, when TEE Secure encrypt 1 generates an asymmetric key, a private key in the asymmetric key may be encrypted with a persistent data key derived based on a hardware root key to a user data key, and then the encrypted user data key may be persistently stored in a persistent storage area. In addition, when the TEE Secure enclosure 1 obtains the encrypted user data key, the encrypted user data key may be decrypted by using a private key (the private key may be obtained from a persistent storage area) to obtain the user data key, the user data key may be encrypted by using a persistent data key derived from a hardware root key, and then the encrypted user data key is persistently stored in the persistent storage area. Subsequently, when the private key needs to be used or the user data key needs to be used, it can be obtained from the persistent storage area and used.
In an exemplary embodiment, the method may further include the steps of:
establishing a trusted encrypted channel between the trusted execution environment and other trusted execution environments; the other trusted execution environment is a trusted execution environment supporting secret computing in other servers;
when the other trusted execution environment and the terminal equipment perform data transmission, acquiring the user data key from the trusted execution environment based on the trusted encryption channel;
and encrypting and transmitting data transmitted between the other trusted execution environments and the terminal equipment by adopting the user data key.
In a specific implementation, through remote key deployment, a user data key may be cached in a trusted execution environment that generates a key, for example, TEE Secure Enclave1 in fig. 2, in an embodiment of the present application, to expand a use range, TEE Secure Enclave1 and another trusted execution environment, for example, TEE Secure Enclave 2 in fig. 2, may establish a trusted encryption channel between the two trusted execution environments through a remote/local attestation technology between the trusted execution environments (for example, remote attestation, local attestation, and the like of SGX), and a user data key may be transferred between the trusted execution environments through the trusted encryption channel.
In the embodiment of the application, by using the user-defined executable code capability provided by the trusted execution environment, the other trusted execution environment (for example, the TEE Secure Enclave 2) may obtain the user data key from the key-managed trusted execution environment (TEE Secure Enclave 1), so that in the other trusted execution environment, the runtime protection effect that the user data key is only used in the trusted execution environment is realized.
The embodiment of the application avoids the cost of extra security hardware borne by a user, does not need to access a network channel of KMS service on the cloud, and only needs to utilize server hardware (CPU) supporting computer encryption calculation and providing CPU Sealing Key and remote certification capability to realize remote deployment and management of the user data Key.
In summary, the application of the embodiment of the present application has the following advantages: 1. the authentication of the key management service request is realized by using a TEE remote certification technology, and the access security can be improved by combining a traditional access key authentication mode; 2. the TEE remote certification technology is utilized to realize the remote authentication and permission of the key generation and use environment, and the security boundary of the key is defined; 3. safe key deployment is realized by using a TEE remote attestation technology; 4. the persistent storage of the key is realized by using a TEE hardware key derivation technology, and the key required for decryption can be limited only in a range in which the hardware key can be derived or in an allowed safe enclave, so that the possibility that the key is stolen is avoided; 5. the TEE secret computing technology is used for realizing key management which can be completely off-line.
It should be noted that, for simplicity of description, the method embodiments are described as a series of acts or combination of acts, but those skilled in the art will recognize that the embodiments are not limited by the order of acts described, as some steps may occur in other orders or concurrently depending on the embodiments. Further, those skilled in the art will also appreciate that the embodiments described in the specification are presently preferred and that no particular act is required of the embodiments of the application.
On the basis of the foregoing embodiments, the present embodiment further provides a key management apparatus based on a trusted execution environment, which is applied to electronic devices such as a terminal device and a server.
Referring to fig. 3, a block diagram of an embodiment of a key management device based on a trusted execution environment according to the present application is shown, and is applied to a server, where the server includes a trusted execution environment supporting cryptographic computing, and the device may specifically include the following modules:
a generation module 302 for generating a key and remote attestation material for the key in the trusted execution environment;
a transmission module 304 for transmitting the key and the remote attestation material to a terminal device;
a verification module 306, configured to receive an encrypted user data key generated after the terminal device encrypts the user data key with the key when the terminal device determines, based on the remote attestation material, that the trusted execution environment is a trusted environment and the key is a trusted key;
the deployment module 308 is configured to decrypt the encrypted user data key with the key to obtain the user data key, so that the trusted execution environment and the terminal device perform data transmission based on the user data key.
In an exemplary embodiment, the generating module 302 is configured to generate a key in the trusted execution environment; and calculating the abstract data of the secret key by adopting a preset abstract algorithm, and generating the remote certification material of the secret key based on the abstract data.
In an exemplary embodiment, the apparatus further comprises: the persistent storage module is used for acquiring a persistent data key based on the hardware-level security instruction; the persistent data key is generated according to a persistent root key protected by hardware built in the server; encrypting the key with the persistent data key and encrypting the user data key with the persistent data key; and storing the encrypted key and the encrypted user data key into a persistent storage area corresponding to the trusted execution environment.
In an exemplary embodiment, the deployment module 308 is configured to obtain the encrypted key from the persistent storage area; decrypting the encrypted key using the persistent data key; and decrypting the encrypted user data key by using the decrypted key to obtain the decrypted user data key.
In an exemplary embodiment, the apparatus further comprises: the data transmission module is used for acquiring the encrypted user data key from the persistent storage area when the trusted execution environment and the terminal equipment perform data transmission; decrypting the encrypted user data key using the persistent data key; and encrypting and transmitting data transmitted between the trusted execution environment and the terminal equipment by adopting the decrypted user data key.
In an exemplary embodiment, the persistent storage area allows an authorized trusted execution environment to obtain the encrypted key and the encrypted user data key.
In an exemplary embodiment, the apparatus further comprises: a key transmission module for establishing a trusted encryption channel between the trusted execution environment and another trusted execution environment; the other trusted execution environment is a trusted execution environment supporting secret computing in other servers; when the other trusted execution environment and the terminal equipment perform data transmission, acquiring the user data key from the trusted execution environment based on the trusted encryption channel; and encrypting and transmitting data transmitted between the other trusted execution environments and the terminal equipment by adopting the user data key.
In an exemplary embodiment, the server and the terminal device perform data transmission in an online manner or an offline manner.
The present application further provides a non-transitory, readable storage medium, where one or more modules (programs) are stored, and when the one or more modules are applied to a device, the device may execute instructions (instructions) of method steps in this application.
Embodiments of the present application provide one or more machine-readable media having instructions stored thereon, which when executed by one or more processors, cause an electronic device to perform the methods as described in one or more of the above embodiments. In the embodiment of the present application, the electronic device includes various types of devices such as a terminal device and a server (cluster).
Embodiments of the present disclosure may be implemented as an apparatus, which may include electronic devices such as a terminal device, a server (cluster), etc., using any suitable hardware, firmware, software, or any combination thereof, to perform a desired configuration. Fig. 4 schematically illustrates an example apparatus 400 that may be used to implement various embodiments described herein.
For one embodiment, fig. 4 illustrates an example apparatus 400 having one or more processors 402, a control module (chipset) 404 coupled to at least one of the processor(s) 402, a memory 406 coupled to the control module 404, a non-volatile memory (NVM)/storage 408 coupled to the control module 404, one or more input/output devices 410 coupled to the control module 404, and a network interface 412 coupled to the control module 404.
In some embodiments, the apparatus 400 may include one or more computer-readable media (e.g., the memory 406 or the NVM/storage 408) having instructions 414 and one or more processors 402 in combination with the one or more computer-readable media and configured to execute the instructions 414 to implement modules to perform the actions described in this disclosure.
For one embodiment, control module 404 may include any suitable interface controllers to provide any suitable interface to at least one of processor(s) 402 and/or any suitable device or component in communication with control module 404.
The control module 404 may include a memory controller module to provide an interface to the memory 406. The memory controller module may be a hardware module, a software module, and/or a firmware module.
The memory 406 may be used, for example, to load and store data and/or instructions 414 for the apparatus 400. For one embodiment, memory 406 may comprise any suitable volatile memory, such as suitable DRAM. In some embodiments, the memory 406 may comprise a double data rate type four synchronous dynamic random access memory (DDR4 SDRAM).
For one embodiment, control module 404 may include one or more input/output controllers to provide an interface to NVM/storage 408 and input/output device(s) 410.
For example, NVM/storage 408 may be used to store data and/or instructions 414. NVM/storage 408 may include any suitable non-volatile memory (e.g., flash memory) and/or may include any suitable non-volatile storage device(s) (e.g., one or more hard disk drive(s) (HDD (s)), one or more Compact Disc (CD) drive(s), and/or one or more Digital Versatile Disc (DVD) drive (s)).
NVM/storage 408 may include storage resources that are physically part of the device on which apparatus 400 is installed, or it may be accessible by the device and may not necessarily be part of the device. For example, NVM/storage 408 may be accessed over a network via input/output device(s) 410.
Input/output device(s) 410 may provide an interface for apparatus 400 to communicate with any other suitable device, and input/output devices 410 may include communication components, audio components, sensor components, and the like. The network interface 412 may provide an interface for the apparatus 400 to communicate over one or more networks, and the apparatus 400 may wirelessly communicate with one or more components of a wireless network according to any of one or more wireless network standards and/or protocols, such as access to a communication standard-based wireless network, such as WiFi, 2G, 3G, 4G, 5G, etc., or a combination thereof.
For one embodiment, at least one of the processor(s) 402 may be packaged together with logic for one or more controller(s) (e.g., memory controller module) of the control module 404. For one embodiment, at least one of the processor(s) 402 may be packaged together with logic for one or more controllers of control module 404 to form a System In Package (SiP). For one embodiment, at least one of the processor(s) 402 may be integrated on the same die with logic for one or more controller(s) of the control module 404. For one embodiment, at least one of the processor(s) 402 may be integrated on the same die with logic of one or more controllers of the control module 404 to form a system on a chip (SoC).
In various embodiments, the apparatus 400 may be, but is not limited to being: a server, a desktop computing device, or a mobile computing device (e.g., a laptop computing device, a handheld computing device, a tablet, a netbook, etc.), among other terminal devices. In various embodiments, apparatus 400 may have more or fewer components and/or different architectures. For example, in some embodiments, device 400 includes one or more cameras, a keyboard, a Liquid Crystal Display (LCD) screen (including a touch screen display), a non-volatile memory port, multiple antennas, a graphics chip, an Application Specific Integrated Circuit (ASIC), and speakers.
The detection device may adopt a main control chip as a processor or a control module, the sensor data, the position information and the like are stored in a memory or an NVM/storage device, the sensor group may serve as an input/output device, and the communication interface may include a network interface.
For the device embodiment, since it is basically similar to the method embodiment, the description is simple, and for the relevant points, refer to the partial description of the method embodiment.
The embodiments in the present specification are described in a progressive manner, each embodiment focuses on differences from other embodiments, and the same and similar parts among the embodiments are referred to each other.
Embodiments of the present application are described with reference to flowchart illustrations and/or block diagrams of methods, terminal devices (systems), and computer program products according to embodiments of the application. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable trusted execution environment-based key management terminal to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable trusted execution environment-based key management terminal, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable key management terminal device based on a trusted execution environment to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable key management terminal based on a trusted execution environment to cause a series of operational steps to be performed on the computer or other programmable terminal to produce a computer implemented process such that the instructions which execute on the computer or other programmable terminal provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
While preferred embodiments of the present application have been described, additional variations and modifications of these embodiments may occur to those skilled in the art once they learn of the basic inventive concepts. Therefore, it is intended that the appended claims be interpreted as including the preferred embodiment and all changes and modifications that fall within the true scope of the embodiments of the present application.
Finally, it should also be noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or terminal that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or terminal. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other like elements in a process, method, article, or terminal that comprises the element.
The key management method and apparatus based on trusted execution environment, the electronic device and the storage medium provided by the present application are introduced in detail, and specific examples are applied in the present application to explain the principles and embodiments of the present application, and the descriptions of the above embodiments are only used to help understand the method and core ideas of the present application; meanwhile, for a person skilled in the art, according to the idea of the present application, there may be variations in the specific embodiments and the application scope, and in summary, the content of the present specification should not be construed as a limitation to the present application.
Claims (11)
1. A key management method based on a trusted execution environment is applied to a server, wherein the server comprises the trusted execution environment supporting secret computing, and the method comprises the following steps:
generating a key and remote attestation material for the key in the trusted execution environment;
transmitting the key and the remote attestation material to a terminal device;
when the terminal device determines that the trusted execution environment is a trusted environment and the key is a trusted key based on the remote attestation material, receiving an encrypted user data key generated after the terminal device encrypts the user data key by using the key;
and decrypting the encrypted user data key by adopting the key to obtain the user data key so as to enable the trusted execution environment and the terminal equipment to perform data transmission based on the user data key.
2. The method of claim 1, wherein generating a key and remote attestation material for the key in the trusted execution environment comprises:
generating a key in the trusted execution environment;
and calculating the abstract data of the secret key by adopting a preset abstract algorithm, and generating the remote certification material of the secret key based on the abstract data.
3. The method of claim 1, further comprising:
obtaining a persistent data key based on the hardware-level security instruction; the persistent data key is generated according to a persistent root key protected by hardware built in the server;
encrypting the key with the persistent data key and encrypting the user data key with the persistent data key;
and storing the encrypted key and the encrypted user data key into a persistent storage area corresponding to the trusted execution environment.
4. The method of claim 3, wherein decrypting the encrypted user data key using the key to obtain the user data key comprises:
obtaining the encrypted key from the persistent storage area;
decrypting the encrypted key using the persistent data key;
and decrypting the encrypted user data key by using the decrypted key to obtain the decrypted user data key.
5. The method of claim 3, further comprising:
when the trusted execution environment and the terminal equipment perform data transmission, acquiring the encrypted user data key from the persistent storage area;
decrypting the encrypted user data key using the persistent data key;
and encrypting and transmitting data transmitted between the trusted execution environment and the terminal equipment by adopting the decrypted user data key.
6. The method of claim 1, wherein the persistent storage area allows an authorized trusted execution environment to obtain the encrypted key and the encrypted user data key.
7. The method of claim 6, further comprising:
establishing a trusted encrypted channel between the trusted execution environment and other trusted execution environments; the other trusted execution environment is a trusted execution environment supporting secret computing in other servers;
when the other trusted execution environment and the terminal equipment perform data transmission, acquiring the user data key from the trusted execution environment based on the trusted encryption channel;
and encrypting and transmitting data transmitted between the other trusted execution environments and the terminal equipment by adopting the user data key.
8. The method according to claim 1, wherein data transmission is performed between the server and the terminal device in an online manner or an offline manner.
9. A key management apparatus based on a trusted execution environment, applied to a server including a trusted execution environment supporting cryptographic computing therein, the apparatus comprising:
a generation module to generate a key and remote attestation material for the key in the trusted execution environment;
a transmission module for transmitting the key and the remote attestation material to a terminal device;
a verification module, configured to receive an encrypted user data key generated after the terminal device encrypts the user data key using the key when the terminal device determines, based on the remote attestation material, that the trusted execution environment is a trusted environment and the key is a trusted key;
and the deployment module is used for decrypting the encrypted user data key by adopting the key to obtain the user data key so as to enable the trusted execution environment and the terminal equipment to perform data transmission based on the user data key.
10. An electronic device, comprising: a processor; and
memory having stored thereon executable code which, when executed, causes the processor to perform a trusted execution environment based key management method as claimed in one or more of claims 1-8.
11. One or more machine-readable media having executable code stored thereon that, when executed, causes a processor to perform a trusted execution environment based key management method as recited in one or more of claims 1-8.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210237206.0A CN114629639A (en) | 2022-03-10 | 2022-03-10 | Key management method and device based on trusted execution environment and electronic equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210237206.0A CN114629639A (en) | 2022-03-10 | 2022-03-10 | Key management method and device based on trusted execution environment and electronic equipment |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN114629639A true CN114629639A (en) | 2022-06-14 |
Family
ID=81901466
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210237206.0A Pending CN114629639A (en) | 2022-03-10 | 2022-03-10 | Key management method and device based on trusted execution environment and electronic equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114629639A (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115001716A (en) * | 2022-08-02 | 2022-09-02 | 长沙朗源电子科技有限公司 | Network data processing method and system of education all-in-one machine and education all-in-one machine |
| CN115065487A (en) * | 2022-08-17 | 2022-09-16 | 北京锘崴信息科技有限公司 | Privacy protection cloud computing method and cloud computing method for protecting financial privacy data |
| CN115580413A (en) * | 2022-12-07 | 2023-01-06 | 南湖实验室 | Zero-trust multi-party data fusion calculation method and device |
| CN115758396A (en) * | 2022-08-31 | 2023-03-07 | 兰州大学 | Database security access control technology based on trusted execution environment |
-
2022
- 2022-03-10 CN CN202210237206.0A patent/CN114629639A/en active Pending
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115001716A (en) * | 2022-08-02 | 2022-09-02 | 长沙朗源电子科技有限公司 | Network data processing method and system of education all-in-one machine and education all-in-one machine |
| CN115001716B (en) * | 2022-08-02 | 2022-12-06 | 长沙朗源电子科技有限公司 | Network data processing method and system of education all-in-one machine and education all-in-one machine |
| CN115065487A (en) * | 2022-08-17 | 2022-09-16 | 北京锘崴信息科技有限公司 | Privacy protection cloud computing method and cloud computing method for protecting financial privacy data |
| CN115065487B (en) * | 2022-08-17 | 2022-12-09 | 北京锘崴信息科技有限公司 | Privacy protection cloud computing method and cloud computing method for protecting financial privacy data |
| CN115758396A (en) * | 2022-08-31 | 2023-03-07 | 兰州大学 | Database security access control technology based on trusted execution environment |
| CN115580413A (en) * | 2022-12-07 | 2023-01-06 | 南湖实验室 | Zero-trust multi-party data fusion calculation method and device |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| TWI601405B (en) | Method and apparatus for cloud-assisted cryptography | |
| WO2021022701A1 (en) | Information transmission method and apparatus, client terminal, server, and storage medium | |
| US9813247B2 (en) | Authenticator device facilitating file security | |
| KR101712784B1 (en) | System and method for key management for issuer security domain using global platform specifications | |
| KR101891420B1 (en) | Content protection for data as a service (daas) | |
| CN109639427B (en) | Data sending method and equipment | |
| CN114629639A (en) | Key management method and device based on trusted execution environment and electronic equipment | |
| US20140112470A1 (en) | Method and system for key generation, backup, and migration based on trusted computing | |
| US10601590B1 (en) | Secure secrets in hardware security module for use by protected function in trusted execution environment | |
| US20110314284A1 (en) | Method for securing transmission data and security system for implementing the same | |
| US9280687B2 (en) | Pre-boot authentication using a cryptographic processor | |
| CN109862560B (en) | Bluetooth authentication method, device, equipment and medium | |
| JP6476167B2 (en) | Self-authentication device and self-authentication method | |
| KR102013983B1 (en) | Method and server for authenticating an application integrity | |
| JP6756056B2 (en) | Cryptographic chip by identity verification | |
| CA2891610C (en) | Agent for providing security cloud service and security token device for security cloud service | |
| CN107026730B (en) | Data processing method, device and system | |
| JP6378424B1 (en) | User authentication method with enhanced integrity and security | |
| CN117397198A (en) | Binding encryption key attestation | |
| CN109960935B (en) | Method, device and storage medium for determining trusted state of TPM (trusted platform Module) | |
| US11520859B2 (en) | Display of protected content using trusted execution environment | |
| US20070242822A1 (en) | System, device, method, and program for communication | |
| CN110912685A (en) | Establishing a protected communication channel | |
| US20210194705A1 (en) | Certificate generation method | |
| KR100952300B1 (en) | Terminal and Memory for secure data management of storage, and Method the same |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |