CN114637987A - Security chip firmware downloading method and system based on platform verification - Google Patents

Security chip firmware downloading method and system based on platform verification Download PDF

Info

Publication number
CN114637987A
CN114637987A CN202210536145.8A CN202210536145A CN114637987A CN 114637987 A CN114637987 A CN 114637987A CN 202210536145 A CN202210536145 A CN 202210536145A CN 114637987 A CN114637987 A CN 114637987A
Authority
CN
China
Prior art keywords
upgrade
firmware
verification
terminal equipment
version identification
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202210536145.8A
Other languages
Chinese (zh)
Other versions
CN114637987B (en
Inventor
王亮
颜昕明
李�杰
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Guangzhou Wise Security Technology Co Ltd
Original Assignee
Guangzhou Wise Security Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Guangzhou Wise Security Technology Co Ltd filed Critical Guangzhou Wise Security Technology Co Ltd
Priority to CN202210536145.8A priority Critical patent/CN114637987B/en
Publication of CN114637987A publication Critical patent/CN114637987A/en
Application granted granted Critical
Publication of CN114637987B publication Critical patent/CN114637987B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/51Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/60Software deployment
    • G06F8/65Updates

Abstract

The embodiment of the invention discloses a method and a system for downloading a security chip firmware based on platform verification, wherein the method comprises the following steps: sending the first ciphertext data to the terminal equipment; receiving the first ciphertext data, decrypting the first ciphertext data through a stored private key to obtain the upgrade version identification, and verifying the upgrade version identification; in response to a judgment result of successful verification, encrypting the original version identification of the current security chip firmware and the update timestamp of the firmware update time through an encryption key to obtain upgrade verification information; receiving the upgrade verification information, decrypting the upgrade verification information through a decryption key, verifying the update timestamp, generating a differential upgrade package based on the original version identification, encrypting the differential upgrade package and then sending the differential upgrade package to the terminal equipment. According to the scheme, the safety of firmware upgrading is guaranteed, a firmware upgrading verification mechanism is perfected, and the firmware upgrading efficiency is improved.

Description

Security chip firmware downloading method and system based on platform verification
Technical Field
The embodiment of the application relates to the technical field of chips, in particular to a method and a system for downloading a secure chip firmware based on platform verification.
Background
With the continuous improvement of information security requirements, the security of data can be well protected by using the security chip. The safety chip is a device which can independently generate a key, encrypt and decrypt, is internally provided with an independent processor and a storage unit, can store the key and the characteristic data, and provides encryption and safety authentication services for the computing equipment. The encryption is carried out by a security chip, the key is stored in hardware, and stolen data cannot be decrypted, so that the business privacy and the data security are protected. Currently, the product iteration speed is gradually increased, and the reliable and safe update of the firmware of the security chip becomes an important ring.
In the related art, a patent document such as publication number CN113168445A discloses a method, system, device and apparatus for securely providing over-the-air firmware upgrades. The system includes an embedded device configured to receive a firmware upgrade. The system includes a server having a memory configured to store a first key encryption key, a firmware upgrade, and a firmware key, and having a processor coupled to the memory; the processor is configured to obtain a firmware upgrade, a firmware key, and a first key encryption key; the processor is configured to encrypt the firmware upgrade using a firmware key; the processor is configured to encrypt the firmware key using the first key encryption key and transmit the encrypted firmware upgrade and the encrypted firmware key to the embedded device. Although the above scheme discloses a process of encrypting and decrypting transmission data to ensure the security of the data, the related encryption mechanism and verification mechanism are not perfect, and the downloading and updating of the secure chip firmware cannot be efficiently realized.
Disclosure of Invention
The embodiment of the invention provides a method and a system for downloading a secure chip firmware based on platform verification, which ensure the security of firmware upgrade, perfect a firmware upgrade verification mechanism and improve the firmware upgrade efficiency.
In a first aspect, an embodiment of the present invention provides a method for downloading a secure chip firmware based on platform verification, where the method includes:
the method comprises the steps that a central control platform sends first ciphertext data to terminal equipment, the terminal equipment comprises security chip firmware to be upgraded, and the first ciphertext data are obtained by encrypting an upgrade version identification through a public key by the central control platform;
the terminal equipment receives the first ciphertext data, decrypts the first ciphertext data through a stored private key to obtain the upgrade version identification, and verifies the upgrade version identification;
the terminal equipment responds to a judgment result of successful verification, encrypts an original version identifier of the current security chip firmware and an update timestamp of firmware update time through an encryption key to obtain upgrade verification information, and sends the upgrade verification information to the central control platform;
the central control platform receives the upgrade verification information, decrypts the upgrade verification information through a decryption key, verifies the update timestamp if the original version identification and the update timestamp are obtained through decryption, generates a differential upgrade packet based on the original version identification in response to a judgment result of successful verification, encrypts the differential upgrade packet and then sends the encrypted differential upgrade packet to the terminal equipment, and the terminal equipment is used for upgrading the security chip firmware.
Optionally, before the central control platform sends the first ciphertext data to the terminal device, the method further includes:
the method comprises the steps that a secure communication link is established between a central control platform and terminal equipment, and public key information and a firmware upgrading inquiry request sent by the terminal equipment are received;
and the central control platform responds to the firmware upgrading query request, carries out updating file detection, acquires an upgrading version identification of the updating file when detecting the updating file of a new version, and encrypts the upgrading version identification through a public key recorded in the public key information to obtain first ciphertext data.
Optionally, the verifying the upgrade version identifier includes:
acquiring an original version identifier, and comparing the original version identifier with the upgrade version identifier;
the terminal equipment responds to the judgment result of successful verification, and comprises the following steps:
and the terminal equipment responds to a judgment result that the original version identification and the upgraded version identification meet the comparison condition.
Optionally, the verifying the update timestamp includes:
inquiring a recorded time record table for transmitting the updated file with the terminal equipment, and determining a file sending time stamp for sending the updated file last time;
and verifying according to the file sending time stamp and the updating time stamp.
Optionally, the verifying according to the file sending timestamp and the update timestamp includes:
acquiring a timestamp threshold generated based on the size of the transmitted update file;
determining whether a difference between the update timestamp and the file transmission timestamp is less than the timestamp threshold.
Optionally, the generating, in response to the determination result of successful verification, a differential upgrade package based on the original version identifier, encrypting the differential upgrade package, and sending the encrypted differential upgrade package to the terminal device includes:
generating a differential upgrade package based on the original version identification according to a judgment result that the difference value between the update timestamp and the file sending timestamp is smaller than the timestamp threshold;
and selecting a corresponding encryption algorithm according to the upgrading information determined by the original version identification to encrypt the updated file to generate a differential upgrading packet, and sending the differential upgrading packet to the terminal equipment.
Optionally, after the sending to the terminal device, the method further includes:
and after receiving the differential upgrade package, the terminal equipment determines a corresponding decryption algorithm according to the upgrade version identification and the stored original version identification, decrypts the differential upgrade package through the decryption algorithm to obtain firmware upgrade data, and upgrades the firmware upgrade data.
In a second aspect, an embodiment of the present invention further provides a system for downloading secure chip firmware based on platform verification, including:
the central control platform is configured to send first ciphertext data to the terminal equipment, the terminal equipment comprises a security chip firmware to be upgraded, and the first ciphertext data is obtained by encrypting an upgrade version identifier through a public key by the central control platform;
the terminal equipment is configured to receive the first ciphertext data, decrypt the first ciphertext data through a stored private key to obtain the upgrade version identification, and verify the upgrade version identification;
the terminal equipment is configured to respond to a judgment result of successful verification, encrypt an original version identifier of the current security chip firmware and an update timestamp of firmware update time through an encryption key to obtain upgrade verification information, and send the upgrade verification information to the central control platform;
the central control platform is configured to receive the upgrade verification information, decrypt the upgrade verification information through a decryption key, verify the update timestamp if the original version identification and the update timestamp are obtained through decryption, generate a differential upgrade package based on the original version identification in response to a judgment result of successful verification, encrypt the differential upgrade package, and send the encrypted differential upgrade package to the terminal equipment, so that the terminal equipment can upgrade the firmware of the security chip.
In a third aspect, an embodiment of the present invention further provides a device for downloading a firmware of a secure chip based on platform verification, where the device includes:
one or more processors;
a storage device for storing one or more programs,
when the one or more programs are executed by the one or more processors, the one or more processors implement the method for downloading the firmware of the security chip based on the platform authentication according to the embodiment of the invention.
In a fourth aspect, an embodiment of the present invention further provides a storage medium containing computer executable instructions, where the computer executable instructions are used to execute the secure chip firmware downloading method based on platform verification according to an embodiment of the present invention when executed by a computer processor.
In a fifth aspect, the present application further provides a computer program product, where the computer program product includes a computer program, where the computer program is stored in a computer-readable storage medium, and at least one processor of the device reads the computer-readable storage medium and executes the computer program, so that the device executes the method for downloading secure chip firmware based on platform verification according to the present application.
In the embodiment of the invention, first ciphertext data is sent to a terminal device through a central control platform, the terminal device comprises a security chip firmware to be upgraded, and the first ciphertext data is obtained by encrypting an upgrade version identifier through a public key by the central control platform; the terminal equipment receives the first ciphertext data, decrypts the first ciphertext data through a stored private key to obtain the upgrade version identification, and verifies the upgrade version identification; the terminal equipment responds to a judgment result of successful verification, encrypts an original version identifier of the current security chip firmware and an update timestamp of firmware update time through an encryption key to obtain upgrade verification information, and sends the upgrade verification information to the central control platform; the central control platform receives the upgrade verification information, decrypts the upgrade verification information through a decryption key, verifies the update timestamp if the original version identification and the update timestamp are obtained through decryption, generates a differential upgrade packet based on the original version identification in response to a judgment result of successful verification, encrypts the differential upgrade packet and then sends the encrypted differential upgrade packet to the terminal equipment, and the terminal equipment is used for upgrading the security chip firmware. The security of firmware upgrading is ensured, the firmware upgrading verification mechanism is perfected, and the firmware upgrading efficiency is improved.
Drawings
Fig. 1 is a flowchart of a method for downloading a secure chip firmware based on platform verification according to an embodiment of the present invention;
fig. 2 is a flowchart of another method for downloading a firmware of a security chip based on platform verification according to an embodiment of the present invention;
fig. 3 is a flowchart of another method for downloading a firmware of a security chip based on platform verification according to an embodiment of the present invention;
fig. 4 is a flowchart of another method for downloading a firmware of a security chip based on platform verification according to an embodiment of the present invention;
fig. 5 is a block diagram of a structure of a system for downloading firmware of a security chip based on platform verification according to an embodiment of the present invention;
fig. 6 is a schematic structural diagram of an apparatus according to an embodiment of the present invention.
Detailed Description
The embodiments of the present invention will be described in further detail with reference to the drawings and embodiments. It is to be understood that the specific embodiments described herein are merely illustrative of and not restrictive on the broad invention. It should be further noted that, for convenience of description, only some structures related to the embodiments of the present invention are shown in the drawings, not all of them.
Fig. 1 is a flowchart of a method for downloading a secure chip firmware based on platform verification according to an embodiment of the present invention, where an embodiment of the present invention specifically includes the following steps:
step S101, the central control platform sends first ciphertext data to the terminal equipment, the terminal equipment comprises a security chip firmware to be upgraded, and the first ciphertext data is obtained by encrypting an upgrade version identification through a public key by the central control platform.
In one embodiment, the terminal device, such as an embedded device, is disposed in a specific component, such as a vehicle, a monitoring instrument, etc., and includes a security chip inside, and the security chip stores security chip firmware, which is upgraded by a specific refreshing procedure and serves as the most basic and bottom layer of the security chip.
In one embodiment, the terminal device interacts with the central control platform to realize the upgrading work of the internal security chip firmware to be upgraded. Firstly, the central control platform sends first ciphertext data to the terminal equipment, and the first ciphertext data is obtained by encrypting the upgrade version identification through a public key by the central control platform. The central control platform is a control platform for uniformly allocating and upgrading different upgrading firmware in different terminal equipment, the upgrading version identification is an identification of the version to be upgraded corresponding to the security chip firmware to be upgraded, and preferably, the upgrading version identification is a character string corresponding to the version number. The central control platform encrypts the upgrade version identifier through the stored public key to obtain first ciphertext data, and the specific encryption mode may exemplarily be an RSA encryption algorithm, an ECC encryption algorithm, and the like.
And S102, the terminal equipment receives the first ciphertext data, decrypts the first ciphertext data through a stored private key to obtain the upgrade version identification, and verifies the upgrade version identification.
In one embodiment, the terminal device receives ciphertext data, decrypts the first ciphertext data through a stored private key, the private key and a public key of the central control platform are a preset key pair, and the terminal device can successfully secret and obtain the upgrade version identifier by using the private key. And after the upgrade version identification is obtained, verifying the upgrade version identification.
And S103, the terminal equipment responds to the judgment result of successful verification, encrypts the original version identification of the current security chip firmware and the update time stamp of the firmware update time through an encryption key to obtain upgrade verification information, and sends the upgrade verification information to the central control platform.
In one embodiment, generation of the upgrade validation information is performed upon determining that the validation is successful. Specifically, the generation mode is to encrypt the original version identifier of the current secure chip firmware and the update timestamp of the firmware update time through the encryption key to obtain the upgrade verification information. The original version identification is the current version identification when the current version identification is not upgraded, and the update time stamp of the firmware update time is the time stamp corresponding to the update time when the firmware is updated last time. Specifically, when the upgrade verification information is generated, the original version identifier of the stored encryption key pair and the update timestamp of the firmware update time are encrypted, and the specific encryption algorithm may be a DES, 3DES, AES, or other encryption algorithm.
After the upgrade verification information is obtained, the upgrade verification information is sent to the central control platform to obtain upgrade update data.
And step S104, the central control platform receives the upgrade verification information, decrypts the upgrade verification information through a decryption key, verifies the update timestamp if the original version identification and the update timestamp are obtained through decryption, generates a differential upgrade packet based on the original version identification in response to a judgment result of successful verification, encrypts the differential upgrade packet and then sends the encrypted differential upgrade packet to the terminal equipment, so that the terminal equipment can upgrade the firmware of the security chip.
In one embodiment, after receiving the upgrade validation information, the central control platform decrypts the upgrade validation information by using a stored decryption key, where the stored decryption key and an encryption key used by the terminal device are a pre-stored key pair. And if the upgrade verification information is not tampered, the original version identification and the update timestamp are obtained if the decryption is successful. Further, the original version identification and the update time stamp are verified, and if the verification fails, the upgrading process is ended; and if the verification is successful, generating a differential upgrade package based on the original version identification, encrypting the differential upgrade package and then sending the encrypted differential upgrade package to the terminal equipment so as to upgrade the security chip firmware of the terminal equipment.
As can be seen from the above, first ciphertext data is sent to a terminal device through a central control platform, the terminal device includes a security chip firmware to be upgraded, and the first ciphertext data is obtained by encrypting an upgrade version identifier through a public key by the central control platform; the terminal equipment receives the first ciphertext data, decrypts the first ciphertext data through a stored private key to obtain the upgrade version identification, and verifies the upgrade version identification; the terminal equipment responds to a judgment result of successful verification, encrypts an original version identifier of the current security chip firmware and an update timestamp of firmware update time through an encryption key to obtain upgrade verification information, and sends the upgrade verification information to the central control platform; the central control platform receives the upgrade verification information, decrypts the upgrade verification information through a decryption key, verifies the update timestamp if the original version identification and the update timestamp are obtained through decryption, generates a differential upgrade packet based on the original version identification in response to a judgment result of successful verification, encrypts the differential upgrade packet and then sends the encrypted differential upgrade packet to the terminal equipment, and the terminal equipment is used for upgrading the security chip firmware. The security of firmware upgrading is ensured, the firmware upgrading verification mechanism is perfected, and the firmware upgrading efficiency is improved.
Fig. 2 is a flowchart of another method for downloading a firmware of a secure chip based on platform verification according to an embodiment of the present invention. On the basis of the above technical solution, a specific method for key exchange and a first ciphertext data forming process is provided, as shown in fig. 2, which specifically includes:
step S201, a secure communication link is established between the central control platform and the terminal equipment, and public key information and a firmware upgrading inquiry request sent by the terminal equipment are received.
Step S202, the central control platform responds to the firmware upgrading inquiry request, carries out updating file detection, acquires an upgrading version identification of the updating file when a new version of the updating file is detected, and encrypts the upgrading version identification through a public key recorded in the public key information to obtain first ciphertext data.
In one embodiment, the central control platform triggers an upgrade process by receiving a firmware upgrade query request sent by the terminal device, specifically performs update file detection, acquires an upgrade version identifier of an update file when the update file of a new version is detected, and encrypts the upgrade version identifier by using public key information received when the secure link is established to obtain first ciphertext data.
Step S203, the central control platform sends first cipher text data to terminal equipment, the terminal equipment comprises a security chip firmware to be upgraded, and the first cipher text data is obtained by encrypting an upgrade version identification through a public key by the central control platform;
step S204, the terminal equipment receives the first ciphertext data, decrypts the first ciphertext data through a stored private key to obtain the upgrade version identification, and verifies the upgrade version identification;
step S205, in response to the judgment result of successful verification, the terminal device encrypts the original version identifier of the current secure chip firmware and the update timestamp of the firmware update time through an encryption key to obtain upgrade verification information, and sends the upgrade verification information to the central control platform;
and S206, the central control platform receives the upgrade verification information, decrypts the upgrade verification information through a decryption key, verifies the update timestamp if the original version identifier and the update timestamp are obtained through decryption, generates a differential upgrade packet based on the original version identifier in response to a judgment result of successful verification, encrypts the differential upgrade packet and then sends the encrypted differential upgrade packet to the terminal equipment, and the differential upgrade packet is used for upgrading the security chip firmware of the terminal equipment.
Therefore, in the process of upgrading the safety firmware of the terminal equipment, the verification is carried out through the platform, the encrypted data of the upgrade version identification is generated based on the sending request of the terminal equipment in the verification process, the encrypted data obtained by the update time stamp of the original version identification and the firmware update time of the terminal equipment is verified subsequently, and the upgrade file is generated.
Fig. 3 is a flowchart of another method for downloading a firmware of a secure chip based on platform verification according to an embodiment of the present invention. On the basis of the above technical solution, a specific method for verifying the upgrade version identifier is provided, as shown in fig. 3, which specifically includes:
step S301, the central control platform sends first ciphertext data to the terminal device, the terminal device comprises a security chip firmware to be upgraded, and the first ciphertext data is obtained by encrypting an upgrade version identifier through a public key by the central control platform.
Step S302, the terminal device receives the first ciphertext data, decrypts the first ciphertext data through a stored private key to obtain the upgrade version identification, obtains an original version identification, and compares the original version identification with the upgrade version identification.
In one embodiment, the verification and comparison process does not acquire the original version identifier, and the original version identifier and the upgrade version identifier are compared, that is, verification is performed by comparing the original version identifier and the upgrade version identifier.
Step S303, the terminal device responds to a judgment result that the original version identification and the upgraded version identification meet the comparison condition, encrypts the original version identification of the current security chip firmware and the update timestamp of the firmware update time through an encryption key to obtain upgraded verification information, and sends the upgraded verification information to the central control platform.
In one embodiment, if the original version identifier and the upgraded version identifier satisfy the comparison condition, the verification is determined to be successful. Optionally, the comparison condition may be that the version number corresponding to the upgraded version identifier is greater than the version number corresponding to the original version identifier.
Step S304, the central control platform receives the upgrade verification information, decrypts the upgrade verification information through a decryption key, verifies the update timestamp if the original version identification and the update timestamp are obtained through decryption, generates a differential upgrade packet based on the original version identification in response to a judgment result of successful verification, encrypts the differential upgrade packet and then sends the encrypted differential upgrade packet to the terminal equipment, so that the terminal equipment can upgrade the firmware of the security chip.
Therefore, when the safe firmware of the terminal equipment is upgraded, the original version identification and the upgraded version identification are subjected to data verification and comparison, and encryption and decryption methods for the data are collected and processed in the transmission process, so that the safety of firmware upgrading is ensured, a firmware upgrading verification mechanism is perfected, and the firmware upgrading efficiency is improved.
Fig. 4 is a flowchart of another method for downloading secure chip firmware based on platform verification according to an embodiment of the present invention. On the basis of the above technical solution, a specific method for verifying the update timestamp is provided, as shown in fig. 4, the method specifically includes:
step S401, the central control platform sends first ciphertext data to the terminal device, the terminal device comprises a security chip firmware to be upgraded, and the first ciphertext data is obtained by encrypting an upgrade version identification through a public key by the central control platform.
Step S402, the terminal device receives the first ciphertext data, decrypts the first ciphertext data through a stored private key to obtain the upgrade version identification, and verifies the upgrade version identification.
And S403, the terminal equipment responds to the judgment result of successful verification, encrypts the original version identification of the current security chip firmware and the update time stamp of the firmware update time through an encryption key to obtain upgrade verification information, and sends the upgrade verification information to the central control platform.
And S404, the central control platform receives the upgrade verification information, decrypts the upgrade verification information through a decryption key, inquires a recorded time record table for transmitting an update file with the terminal equipment if the original version identification and the update time stamp are obtained through decryption, determines a file transmission time stamp for transmitting the update file last time, and verifies according to the file transmission time stamp and the update time stamp.
In an embodiment, if the update timestamp is obtained through decryption, the update timestamp is further verified, specifically, a recorded time record table for transmission of the update file with the terminal device is queried, a file sending timestamp for sending the update file last time is determined, and verification is performed according to the file sending timestamp and the update timestamp. Optionally, the process of performing verification according to the file sending timestamp and the update timestamp may be: acquiring a timestamp threshold generated based on the size of the transmitted update file; determining whether a difference between the update timestamp and the file transmission timestamp is less than the timestamp threshold. In one embodiment, different timestamp thresholds are generated for different sizes of update files. Specifically, the larger the updated file is, the larger the corresponding timestamp threshold is generated, and if the size of the updated file is 10M, the corresponding timestamp threshold is 20 seconds; an update file size of 50M corresponds to a timestamp threshold of 80 seconds. And when the comparison is carried out, comparing the received decrypted updating time stamp with the file sending time stamp, and if the difference value of the two is less than the time stamp threshold value, indicating that the verification is successful.
Step S405, responding to a judgment result of successful verification, generating a differential upgrade package based on the original version identification, selecting a corresponding encryption algorithm according to upgrade information determined by the original version identification to encrypt an update file to generate the differential upgrade package, and sending the differential upgrade package to the terminal equipment for upgrading the security chip firmware.
In one embodiment, a different encryption algorithm is used for encryption when encrypting the update file. Optionally, a corresponding encryption algorithm is selected according to the upgrade information determined by the original version identifier to encrypt the update file, so as to generate a differential upgrade package. That is, a corresponding encryption algorithm is selected according to the upgrade information, and different upgrade information corresponds to different encryption algorithms, such as encryption algorithms corresponding to different security levels. The upgrading information exemplarily comprises upgrading of a large version and upgrading of a small patch, and for the upgrading of the large version, the encryption is performed by using a higher-safety and more complex encryption algorithm to ensure the safety; for the upgrade of small patches, an encryption algorithm with relatively low complexity is used for encryption to improve the data processing efficiency.
Step S406, after the terminal device receives the differential upgrade package, determining a corresponding decryption algorithm according to the upgrade version identifier and the stored original version identifier, decrypting the differential upgrade package through the decryption algorithm to obtain firmware upgrade data, and upgrading the firmware upgrade data.
In one embodiment, the secure chip of the terminal device integrates different decryption algorithms, and determines a corresponding decryption algorithm according to the upgrade version identifier and the stored original version identifier in the process of decrypting the encrypted data. Namely, whether the version is a large version or a small patch is determined according to the upgrade version identification and the stored original version identification, and different conditions correspond to different decryption algorithms to be matched with the data encryption.
Therefore, the updating of the safe firmware is realized by verifying the updating timestamp, and meanwhile, different encryption algorithms are adopted for different updating conditions, so that the safety of firmware updating is ensured, a firmware updating verification mechanism is perfected, and the firmware updating efficiency is improved.
Fig. 5 is a block diagram of a system for downloading a firmware of a security chip based on platform verification according to an embodiment of the present invention, where the system is configured to execute a method for downloading a firmware of a security chip based on platform verification according to an embodiment of the data receiving end, and has functional modules and beneficial effects corresponding to the execution method. As shown in fig. 5, the apparatus specifically includes: a central control platform 101 and a terminal device 102,
wherein, well accuse platform 101 includes: a transmission unit 1011, an encryption unit 1012, a decryption unit 1013, an authentication unit 1014,
the terminal apparatus 102 includes: reception unit 1021, decryption unit 1022, authentication unit 1023, encryption unit 1024, transmission unit 1025
The system comprises a central control platform 101, wherein a sending unit 1011 is configured to send first ciphertext data to a terminal device, the terminal device comprises a security chip firmware to be upgraded, and the first ciphertext data is obtained by encrypting an upgrade version identifier through a public key by an encryption unit 1012 of the central control platform 101;
in the terminal device 102, the receiving unit 1021 is configured to receive the first ciphertext data, decrypt the first ciphertext data by using a private key stored in the decryption unit 1022 to obtain the upgrade version identifier, and verify the upgrade version identifier by using the verification unit 1023;
the terminal device 102 is configured to respond to a determination result of successful verification, encrypt an original version identifier of the current secure chip firmware and an update timestamp of firmware update time through an encryption key recorded by the encryption unit 1024 to obtain upgrade verification information, and send the upgrade verification information to the central control platform through the sending unit 1025;
the central control platform 101 is configured to receive the upgrade verification information, decrypt the upgrade verification information through a decryption key of the decryption unit 1013, verify the update timestamp through the verification unit 1014 if the original version identifier and the update timestamp are obtained through decryption, generate a differential upgrade package based on the original version identifier through the encryption unit 1012 in response to a determination result of successful verification, encrypt the differential upgrade package, and send the encrypted differential upgrade package to the terminal device through the sending unit 1011 for the terminal device to upgrade the secure chip firmware.
According to the scheme, first ciphertext data are sent to the terminal equipment through the central control platform, the terminal equipment comprises the security chip firmware to be upgraded, and the first ciphertext data are obtained by encrypting the upgrade version identification through the public key by the central control platform; the terminal equipment receives the first ciphertext data, decrypts the first ciphertext data through a stored private key to obtain the upgrade version identification, and verifies the upgrade version identification; the terminal equipment responds to a judgment result of successful verification, encrypts an original version identifier of the current security chip firmware and an update timestamp of firmware update time through an encryption key to obtain upgrade verification information, and sends the upgrade verification information to the central control platform; the central control platform receives the upgrade verification information, decrypts the upgrade verification information through a decryption key, verifies the update timestamp if the original version identification and the update timestamp are obtained through decryption, generates a differential upgrade packet based on the original version identification in response to a judgment result of successful verification, encrypts the differential upgrade packet and then sends the encrypted differential upgrade packet to the terminal equipment, and the terminal equipment is used for upgrading the security chip firmware. The security of firmware upgrading is ensured, the firmware upgrading verification mechanism is perfected, and the firmware upgrading efficiency is improved. Correspondingly, the functions executed by the modules are respectively as follows:
in a possible embodiment, before the central control platform sends the first ciphertext data to the terminal device, the method further includes:
the method comprises the steps that a secure communication link is established between a central control platform and terminal equipment, and public key information and a firmware upgrading inquiry request sent by the terminal equipment are received;
and the central control platform responds to the firmware upgrading query request, carries out updating file detection, acquires an upgrading version identification of the updating file when detecting the updating file of a new version, and encrypts the upgrading version identification through a public key recorded in the public key information to obtain first ciphertext data.
In a possible embodiment, the verifying the upgraded version id includes:
acquiring an original version identifier, and comparing the original version identifier with the upgrade version identifier;
the terminal equipment responds to the judgment result of successful verification, and comprises the following steps:
and the terminal equipment responds to a judgment result that the original version identification and the upgraded version identification meet the comparison condition.
In one possible embodiment, the verifying the update timestamp includes:
inquiring a recorded time record table for transmitting the updated file with the terminal equipment, and determining a file sending time stamp for sending the updated file last time;
and verifying according to the file sending time stamp and the updating time stamp.
In a possible embodiment, the verifying according to the file sending timestamp and the update timestamp includes:
acquiring a timestamp threshold generated based on the size of the transmitted update file;
determining whether a difference between the update timestamp and the file transmission timestamp is less than the timestamp threshold.
In a possible embodiment, the generating, in response to a determination result of successful verification, a differential upgrade package based on the original version identifier, encrypting the differential upgrade package, and sending the encrypted differential upgrade package to the terminal device includes:
generating a differential upgrade package based on the original version identification according to a judgment result that the difference value between the update timestamp and the file sending timestamp is smaller than the timestamp threshold;
and selecting a corresponding encryption algorithm according to the upgrading information determined by the original version identification to encrypt the updated file to generate a differential upgrading packet, and sending the differential upgrading packet to the terminal equipment.
In a possible embodiment, after sending to the terminal device, the method further includes:
and after receiving the differential upgrade package, the terminal equipment determines a corresponding decryption algorithm according to the upgrade version identification and the stored original version identification, decrypts the differential upgrade package through the decryption algorithm to obtain firmware upgrade data, and upgrades the firmware upgrade data.
Fig. 6 is a schematic structural diagram of a platform authentication-based secure chip firmware downloading device according to an embodiment of the present invention, as shown in fig. 6, the device includes a processor 201, a memory 202, an input device 203, and an output device 204; the number of the processors 201 in the device may be one or more, and one processor 201 is taken as an example in fig. 6; the processor 201, the memory 202, the input device 203 and the output device 204 in the apparatus may be connected by a bus or other means, for example in fig. 6. The memory 202 is a computer-readable storage medium, and can be used for storing software programs, computer-executable programs, and modules, such as program instructions/modules corresponding to the platform authentication-based secure chip firmware downloading method in the embodiment of the present invention. The processor 201 executes various functional applications and data processing of the device by running software programs, instructions and modules stored in the memory 202, that is, the above-mentioned platform authentication-based secure chip firmware downloading method is realized. The input device 203 may be used to receive input numeric or character information and generate key signal inputs relating to user settings and function controls of the apparatus. The output device 204 may include a display device such as a display screen.
An embodiment of the present invention further provides a storage medium containing computer-executable instructions, which when executed by a computer processor, are configured to perform a method for secure chip firmware download based on platform authentication, where the method includes:
the method comprises the steps that a central control platform sends first ciphertext data to terminal equipment, the terminal equipment comprises security chip firmware to be upgraded, and the first ciphertext data are obtained by encrypting an upgrade version identification through a public key by the central control platform;
the terminal equipment receives the first ciphertext data, decrypts the first ciphertext data through a stored private key to obtain the upgrade version identification, and verifies the upgrade version identification;
the terminal equipment responds to a judgment result of successful verification, encrypts an original version identifier of the current security chip firmware and an update timestamp of firmware update time through an encryption key to obtain upgrade verification information, and sends the upgrade verification information to the central control platform;
the central control platform receives the upgrade verification information, decrypts the upgrade verification information through a decryption key, verifies the update timestamp if the original version identification and the update timestamp are obtained through decryption, generates a differential upgrade packet based on the original version identification in response to a judgment result of successful verification, encrypts the differential upgrade packet and then sends the encrypted differential upgrade packet to the terminal equipment, and the terminal equipment is used for upgrading the security chip firmware.
From the above description of the embodiments, it is obvious for those skilled in the art that the embodiments of the present invention can be implemented by software and necessary general hardware, and certainly can be implemented by hardware, but the former is a better implementation in many cases. Based on such understanding, the technical solutions of the embodiments of the present invention may be embodied in the form of a software product, which may be stored in a computer-readable storage medium, such as a floppy disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a FLASH Memory (FLASH), a hard disk or an optical disk of a computer, and includes several instructions to make a computer device (which may be a personal computer, a service, or a network device) perform the methods described in the embodiments of the present invention.
It should be noted that, in the embodiment of the secure chip firmware downloading system based on platform verification, the included units and modules are only divided according to functional logic, but are not limited to the above division, as long as the corresponding functions can be implemented; in addition, specific names of the functional units are only for convenience of distinguishing from each other, and are not used for limiting the protection scope of the embodiment of the invention.
In some possible embodiments, various aspects of the methods provided by the present application may also be implemented in a form of a program product including program code for causing a computer device to perform the steps in the methods according to various exemplary embodiments of the present application described above in this specification when the program product runs on the computer device, for example, the computer device may perform the method for downloading the firmware of the secure chip based on the platform verification described in the embodiments of the present application. The program product may be implemented using any combination of one or more readable media.
It should be noted that the foregoing is only a preferred embodiment of the present invention and the technical principles applied. Those skilled in the art will appreciate that the embodiments of the present invention are not limited to the specific embodiments described herein, and that various obvious changes, adaptations, and substitutions are possible, without departing from the scope of the embodiments of the present invention. Therefore, although the embodiments of the present invention have been described in more detail through the above embodiments, the embodiments of the present invention are not limited to the above embodiments, and many other equivalent embodiments may be included without departing from the concept of the embodiments of the present invention, and the scope of the embodiments of the present invention is determined by the scope of the appended claims.

Claims (10)

1. The method for downloading the firmware of the security chip based on platform verification is characterized by comprising the following steps:
the method comprises the steps that a central control platform sends first ciphertext data to a terminal device, the terminal device comprises a security chip firmware to be upgraded, and the first ciphertext data is obtained by encrypting an upgrade version identification through a public key by the central control platform;
the terminal equipment receives the first ciphertext data, decrypts the first ciphertext data through a stored private key to obtain the upgrade version identification, and verifies the upgrade version identification;
the terminal equipment responds to a judgment result of successful verification, encrypts an original version identifier of the current security chip firmware and an update timestamp of firmware update time through an encryption key to obtain upgrade verification information, and sends the upgrade verification information to the central control platform;
the central control platform receives the upgrade verification information, decrypts the upgrade verification information through a decryption key, verifies the update timestamp if the original version identification and the update timestamp are obtained through decryption, generates a differential upgrade packet based on the original version identification in response to a judgment result of successful verification, encrypts the differential upgrade packet and then sends the encrypted differential upgrade packet to the terminal equipment, and the terminal equipment is used for upgrading the security chip firmware.
2. The method for downloading the firmware of the security chip based on the platform verification of claim 1, wherein before the central control platform sends the first ciphertext data to the terminal device, the method further comprises:
the method comprises the steps that a secure communication link is established between a central control platform and terminal equipment, and public key information and a firmware upgrading inquiry request sent by the terminal equipment are received;
and the central control platform responds to the firmware upgrading query request, carries out updating file detection, acquires an upgrading version identification of the updating file when detecting the updating file of a new version, and encrypts the upgrading version identification through a public key recorded in the public key information to obtain first ciphertext data.
3. The method for downloading secure chip firmware based on platform verification according to claim 1, wherein the verifying the upgrade version identifier includes:
acquiring an original version identifier, and comparing the original version identifier with the upgrade version identifier;
the terminal equipment responds to the judgment result of successful verification, and comprises the following steps:
and the terminal equipment responds to a judgment result that the original version identification and the upgraded version identification meet the comparison condition.
4. The secure chip firmware download method based on platform verification according to any of claims 1 to 3, wherein the verifying the update timestamp comprises:
inquiring a recorded time record table for transmitting the updated file with the terminal equipment, and determining a file sending time stamp for sending the updated file last time;
and verifying according to the file sending time stamp and the updating time stamp.
5. The method for downloading secure chip firmware based on platform verification according to claim 4, wherein the verifying according to the file sending timestamp and the update timestamp comprises:
acquiring a timestamp threshold generated based on the size of the transmitted update file;
determining whether a difference between the update timestamp and the file transmission timestamp is less than the timestamp threshold.
6. The platform verification-based secure chip firmware downloading method according to claim 5, wherein the generating a differential upgrade package based on the original version identifier in response to a determination result of successful verification, encrypting the differential upgrade package and then sending the encrypted differential upgrade package to the terminal device includes:
generating a differential upgrade package based on the original version identification according to a judgment result that the difference value between the update timestamp and the file sending timestamp is smaller than the timestamp threshold;
and selecting a corresponding encryption algorithm according to the upgrading information determined by the original version identification to encrypt the updated file to generate a differential upgrading packet, and sending the differential upgrading packet to the terminal equipment.
7. The platform verification-based secure chip firmware downloading method according to claim 6, after sending to the terminal device, further comprising:
and after receiving the differential upgrade package, the terminal equipment determines a corresponding decryption algorithm according to the upgrade version identification and the stored original version identification, decrypts the differential upgrade package through the decryption algorithm to obtain firmware upgrade data, and upgrades the firmware upgrade data.
8. The system for downloading the firmware of the security chip based on platform verification is characterized by comprising the following steps:
the central control platform is configured to send first ciphertext data to the terminal equipment, the terminal equipment comprises a security chip firmware to be upgraded, and the first ciphertext data is obtained by encrypting an upgrade version identifier through a public key by the central control platform;
the terminal equipment is configured to receive the first ciphertext data, decrypt the first ciphertext data through a stored private key to obtain the upgrade version identification, and verify the upgrade version identification;
the terminal equipment is configured to respond to a judgment result of successful verification, encrypt an original version identifier of the current security chip firmware and an update timestamp of firmware update time through an encryption key to obtain upgrade verification information, and send the upgrade verification information to the central control platform;
the central control platform is configured to receive the upgrade verification information, decrypt the upgrade verification information through a decryption key, verify the update timestamp if the original version identification and the update timestamp are obtained through decryption, generate a differential upgrade package based on the original version identification in response to a judgment result of successful verification, encrypt the differential upgrade package, and send the encrypted differential upgrade package to the terminal equipment, so that the terminal equipment can upgrade the firmware of the security chip.
9. A secure chip firmware download device based on platform verification, the device comprising: one or more processors; storage means for storing one or more programs that, when executed by the one or more processors, cause the one or more processors to implement the method for secure chip firmware download based on platform authentication of any one of claims 1-7.
10. A storage medium containing computer executable instructions for performing the platform verification-based secure chip firmware download method of any one of claims 1-7 when executed by a computer processor.
CN202210536145.8A 2022-05-18 2022-05-18 Security chip firmware downloading method and system based on platform verification Active CN114637987B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210536145.8A CN114637987B (en) 2022-05-18 2022-05-18 Security chip firmware downloading method and system based on platform verification

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210536145.8A CN114637987B (en) 2022-05-18 2022-05-18 Security chip firmware downloading method and system based on platform verification

Publications (2)

Publication Number Publication Date
CN114637987A true CN114637987A (en) 2022-06-17
CN114637987B CN114637987B (en) 2022-08-12

Family

ID=81952839

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210536145.8A Active CN114637987B (en) 2022-05-18 2022-05-18 Security chip firmware downloading method and system based on platform verification

Country Status (1)

Country Link
CN (1) CN114637987B (en)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114915504A (en) * 2022-07-18 2022-08-16 广州万协通信息技术有限公司 Security chip initial authentication method and system
CN115361140A (en) * 2022-08-19 2022-11-18 广州万协通信息技术有限公司 Method and device for verifying security chip key
CN115543392A (en) * 2022-11-30 2022-12-30 北京百度网讯科技有限公司 Trusted program upgrading method, device, equipment and storage medium
CN117278340A (en) * 2023-11-23 2023-12-22 瑞纳智能设备股份有限公司 Method for realizing low-power-consumption valve firmware upgrade, storage medium and electronic equipment
CN117707585B (en) * 2024-02-05 2024-05-03 广州市赛科自动化控制设备有限公司 Remote software upgrading method, system and storage medium

Citations (17)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20160036814A1 (en) * 2014-07-30 2016-02-04 Master Lock Company Llc Wireless firmware updates
US20160117162A1 (en) * 2014-07-07 2016-04-28 Symphony Teleca Corporation Remote Embedded Device Update Platform Apparatuses, Methods and Systems
CN106325929A (en) * 2016-08-22 2017-01-11 合肥华凌股份有限公司 Firmware upgrading method, firmware upgrading device, refrigerator and server side
CN106648784A (en) * 2016-12-27 2017-05-10 Tcl集团股份有限公司 OTA upgrading method and system based on android system and android terminal
CN206946466U (en) * 2017-06-29 2018-01-30 上海传英信息技术有限公司 The upgrading of Intelligent mobile equipment or rebuilt component
CN109495307A (en) * 2018-11-27 2019-03-19 北京车和家信息技术有限公司 Method for upgrading system, OTA upgrade package encryption method, terminal device and vehicle
CN109829294A (en) * 2019-01-31 2019-05-31 云丁网络技术(北京)有限公司 A kind of firmware validation method, system, server and electronic equipment
CN109889589A (en) * 2019-02-18 2019-06-14 闪联信息技术工程中心有限公司 One kind realizing embedded hardware OTA upgrade-system and method based on block chain
CN110187904A (en) * 2019-05-05 2019-08-30 浙江合众新能源汽车有限公司 A kind of device and method for vehicle control device firmware update
CN110874231A (en) * 2018-09-04 2020-03-10 中兴通讯股份有限公司 Method, device and storage medium for updating terminal version
CN111240713A (en) * 2019-12-28 2020-06-05 杭州拓深科技有限公司 Method for detecting remote breakpoint continuous transmission through power utilization
CN111638898A (en) * 2020-06-05 2020-09-08 泸州禾苗通信科技有限公司 Cloud verification method for absolute consistency of firmware version upgrading of FOTA
CN112148326A (en) * 2020-08-31 2020-12-29 山东省科学院自动化研究所 Remote updating method, device and system for Internet of things equipment firmware
CN112514354A (en) * 2020-03-19 2021-03-16 华为技术有限公司 Vehicle software upgrading method and related system
CN113050968A (en) * 2021-03-29 2021-06-29 联想(北京)有限公司 Firmware upgrading method and device
CN113168445A (en) * 2018-11-12 2021-07-23 瑟德韦夫公司 Secure over-the-air firmware upgrade
CN113868672A (en) * 2021-12-01 2021-12-31 武汉天喻信息产业股份有限公司 Module wireless firmware upgrading method, security chip and wireless firmware upgrading platform

Patent Citations (17)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20160117162A1 (en) * 2014-07-07 2016-04-28 Symphony Teleca Corporation Remote Embedded Device Update Platform Apparatuses, Methods and Systems
US20160036814A1 (en) * 2014-07-30 2016-02-04 Master Lock Company Llc Wireless firmware updates
CN106325929A (en) * 2016-08-22 2017-01-11 合肥华凌股份有限公司 Firmware upgrading method, firmware upgrading device, refrigerator and server side
CN106648784A (en) * 2016-12-27 2017-05-10 Tcl集团股份有限公司 OTA upgrading method and system based on android system and android terminal
CN206946466U (en) * 2017-06-29 2018-01-30 上海传英信息技术有限公司 The upgrading of Intelligent mobile equipment or rebuilt component
CN110874231A (en) * 2018-09-04 2020-03-10 中兴通讯股份有限公司 Method, device and storage medium for updating terminal version
CN113168445A (en) * 2018-11-12 2021-07-23 瑟德韦夫公司 Secure over-the-air firmware upgrade
CN109495307A (en) * 2018-11-27 2019-03-19 北京车和家信息技术有限公司 Method for upgrading system, OTA upgrade package encryption method, terminal device and vehicle
CN109829294A (en) * 2019-01-31 2019-05-31 云丁网络技术(北京)有限公司 A kind of firmware validation method, system, server and electronic equipment
CN109889589A (en) * 2019-02-18 2019-06-14 闪联信息技术工程中心有限公司 One kind realizing embedded hardware OTA upgrade-system and method based on block chain
CN110187904A (en) * 2019-05-05 2019-08-30 浙江合众新能源汽车有限公司 A kind of device and method for vehicle control device firmware update
CN111240713A (en) * 2019-12-28 2020-06-05 杭州拓深科技有限公司 Method for detecting remote breakpoint continuous transmission through power utilization
CN112514354A (en) * 2020-03-19 2021-03-16 华为技术有限公司 Vehicle software upgrading method and related system
CN111638898A (en) * 2020-06-05 2020-09-08 泸州禾苗通信科技有限公司 Cloud verification method for absolute consistency of firmware version upgrading of FOTA
CN112148326A (en) * 2020-08-31 2020-12-29 山东省科学院自动化研究所 Remote updating method, device and system for Internet of things equipment firmware
CN113050968A (en) * 2021-03-29 2021-06-29 联想(北京)有限公司 Firmware upgrading method and device
CN113868672A (en) * 2021-12-01 2021-12-31 武汉天喻信息产业股份有限公司 Module wireless firmware upgrading method, security chip and wireless firmware upgrading platform

Non-Patent Citations (5)

* Cited by examiner, † Cited by third party
Title
严娟 等: "基于以太网OTA远程升级的研究", 《上海汽车》 *
施超 等: "基于Android平台OTA差分升级系统设计与实现", 《信息技术》 *
王海幸: "车辆监控平台设计与实现", 《中国优秀博硕士学位论文全文数据库(硕士)信息科技辑》 *
石丰略 等: "基于TPM芯片的车载安全空中下载系统研究", 《信息通信》 *
袁一泳: "一种移动终端安全下载的方法", 《电脑知识与技术》 *

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114915504A (en) * 2022-07-18 2022-08-16 广州万协通信息技术有限公司 Security chip initial authentication method and system
CN114915504B (en) * 2022-07-18 2022-12-20 广州万协通信息技术有限公司 Security chip initial authentication method and system
CN115361140A (en) * 2022-08-19 2022-11-18 广州万协通信息技术有限公司 Method and device for verifying security chip key
CN115361140B (en) * 2022-08-19 2023-11-24 广州万协通信息技术有限公司 Method and device for verifying security chip key
CN115543392A (en) * 2022-11-30 2022-12-30 北京百度网讯科技有限公司 Trusted program upgrading method, device, equipment and storage medium
CN117278340A (en) * 2023-11-23 2023-12-22 瑞纳智能设备股份有限公司 Method for realizing low-power-consumption valve firmware upgrade, storage medium and electronic equipment
CN117278340B (en) * 2023-11-23 2024-02-13 瑞纳智能设备股份有限公司 Method for realizing low-power-consumption valve firmware upgrade, storage medium and electronic equipment
CN117707585B (en) * 2024-02-05 2024-05-03 广州市赛科自动化控制设备有限公司 Remote software upgrading method, system and storage medium

Also Published As

Publication number Publication date
CN114637987B (en) 2022-08-12

Similar Documents

Publication Publication Date Title
CN114637987B (en) Security chip firmware downloading method and system based on platform verification
CN110225063B (en) Upgrading method and system of automobile-mounted system, server and vehicle-mounted terminal
US20170208049A1 (en) Key agreement method and device for verification information
CN110621014B (en) Vehicle-mounted equipment, program upgrading method thereof and server
EP1712992A1 (en) Updating of data instructions
JP2018078484A (en) Reuse system, key generation device, data security device, on-vehicle computer, reuse method, and computer program
CN110690956B (en) Bidirectional authentication method and system, server and terminal
CN114662087B (en) Multi-terminal verification security chip firmware updating method and device
CN115396121B (en) Security authentication method for security chip OTA data packet and security chip device
EP4322464A1 (en) Information transmission method, storage medium and electronic device
CN111614621B (en) Internet of things communication method and system
CN115065472B (en) Security chip encryption and decryption method and device based on multi-key encryption and decryption
CN115208705B (en) Encryption and decryption method and device based on link data self-adaptive adjustment
CN113239363A (en) Firmware updating method, device, equipment, readable storage medium and memory system
CN114793184B (en) Security chip communication method and device based on third-party key management node
CN114915504B (en) Security chip initial authentication method and system
CN113301036A (en) Communication encryption method and device, equipment and storage medium
WO2021259310A1 (en) Over-the-air updating method, update server, terminal device, and internet of things system
CN109451504B (en) Internet of things module authentication method and system
CN111510448A (en) Communication encryption method, device and system in OTA (over the air) upgrade of automobile
CN110837643B (en) Activation method and device of trusted execution environment
CN113922974B (en) Information processing method and system, front end, server side and storage medium
CN105100030B (en) Access control method, system and device
CN114745115A (en) Information transmission method and device, computer equipment and storage medium
CN115361140B (en) Method and device for verifying security chip key

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant