CN115296808A - Key replacing method, device, computer equipment and storage medium - Google Patents
Key replacing method, device, computer equipment and storage medium Download PDFInfo
- Publication number
- CN115296808A CN115296808A CN202211231527.6A CN202211231527A CN115296808A CN 115296808 A CN115296808 A CN 115296808A CN 202211231527 A CN202211231527 A CN 202211231527A CN 115296808 A CN115296808 A CN 115296808A
- Authority
- CN
- China
- Prior art keywords
- offset
- target
- key
- original
- server
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0891—Revocation or update of secret information, e.g. encryption key update or rekeying
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0894—Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
- H04L9/0897—Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage involving additional devices, e.g. trusted platform module [TPM], smartcard or USB
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/08—Randomization, e.g. dummy operations or using noise
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/12—Details relating to cryptographic hardware or logic circuitry
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Storage Device Security (AREA)
Abstract
The application relates to a key exchange method, a key exchange device, a computer device, a storage medium and a computer program product. The method comprises the following steps: receiving a target offset sent by a server; the target offset is the offset obtained by modifying the original offset by the server; updating the original offset stored in the security chip into a target offset; the security chip also stores random data; when data communication is carried out with the server, a target key in the random data is searched according to the target offset, and a target encryption communication channel is established based on the searched target key and the target key stored by the server. By adopting the method, the actual target key information can be transmitted without using a communication channel, the preset random data is stored in the security chip, and the security chip has the black box characteristic, so that the random data can be protected from being read easily, and the original key can be replaced remotely on the premise of ensuring the security. Even if the original secret key has the highest grade, the secret key can be replaced by the scheme.
Description
Technical Field
The present application relates to the field of digital information transmission, and in particular, to a method, an apparatus, a computer device, a storage medium, and a computer program product for replacing a key.
Background
With the development of network security technology, more and more devices communicate with each other by using data encrypted by a secret key, so as to ensure the security of information transmission. However, after the equipment is shipped, the keys in the equipment may need to be replaced for various reasons.
The process of replacing the key according to the conventional technology is to establish a higher-level communication channel according to the key with a higher security level, and transmit the replaced target key by using the higher-level communication channel. However, in the case of key leakage and the like, there is a certain safety risk in using a key of a higher security level.
Disclosure of Invention
In view of the above, it is necessary to provide a key exchange method, an apparatus, a computer device, a storage medium, and a computer program product, which can improve security of information transmission.
In a first aspect, the present application provides a key exchange method. Applied to a secure chip, the method comprising:
receiving a target offset sent by a server; the target offset is an offset obtained by modifying the original offset by the server;
updating the original offset stored by the security chip to the target offset; the security chip also stores random data;
and when data communication is carried out with the server, searching a target key in the random data according to the target offset, and establishing a target encryption communication channel based on the searched target key and the target key stored by the server.
In one embodiment, the searching for the target key in the random data according to the target offset includes:
determining a starting position in the random data according to the target offset;
searching data corresponding to the target offset in the random data according to the initial position;
and taking the data corresponding to the target offset as a target key.
In one embodiment, the searching for data corresponding to the target offset according to the starting position in the random data includes:
searching data of the key length in the random data according to the initial position;
and taking the data of the key length as the data corresponding to the target offset.
In one embodiment, the receiving the target offset sent by the server includes:
determining an original offset stored by the security chip;
searching an original secret key in the random data according to the original offset stored in the security chip;
establishing an original encryption communication channel based on the searched original secret key and the original secret key stored by the server;
and receiving the target offset sent by the server based on the original encrypted communication channel.
In one embodiment, before updating the original offset stored in the secure chip to the target offset, the method further includes:
and searching an original key in the random data according to the original offset, and establishing an original encryption communication channel based on the searched original key and the original key stored by the server so that the security chip and the server perform data communication based on the original encryption communication channel.
In a second aspect, the present application provides a key exchange method. Applied to a server, the method comprising:
acquiring random data and original offset corresponding to the security chip;
modifying the original offset to obtain a target offset;
searching a target secret key in the random data according to the target offset, and storing the target secret key;
sending the target offset to a security chip so that the security chip updates the stored original offset to the target offset;
and when the security chip communicates with the server, an encrypted communication channel is established based on the stored target key and the updated target key searched by the target offset.
In one embodiment, the sending the target offset to a secure chip includes:
establishing an original encryption communication channel based on the original secret key stored by the server and the original secret key searched by the security chip;
and sending the target offset to a security chip based on the original encrypted communication channel.
In a third aspect, the present application further provides a secret key replacing device, which is applied to a secure chip, and the device includes:
the offset acquisition module is used for receiving the target offset sent by the server; the target offset is an offset obtained by modifying the original offset by the server;
the offset updating module is used for updating the original offset stored by the security chip into the target offset; the security chip also stores random data;
and the communication module is used for searching a target key in the random data according to the target offset when carrying out data communication with the server, and establishing a target encryption communication channel based on the searched target key and the target key stored by the server.
In a fourth aspect, the present application further provides a key exchange apparatus, applied to a server, where the apparatus includes:
the data acquisition module is used for acquiring random data and original offset corresponding to the security chip;
the offset modifying module is used for modifying the original offset to obtain a target offset;
the secret key generating module is used for searching a target secret key in the random data according to the target offset and storing the target secret key;
the secret key sending module is used for sending the target offset to a security chip so that the security chip updates the stored original offset into the target offset;
and the communication module is used for establishing an encryption communication channel based on the stored target key and the updated target key searched by the target offset when the security chip is communicated with the server.
In a fifth aspect, the present application further provides a computer device. The computer device comprises a memory storing a computer program and a processor implementing the steps of key exchange in any of the embodiments described above when the processor executes the computer program.
In a sixth aspect, the present application further provides a storage medium. The storage medium having stored thereon a computer program which, when executed by a processor, performs the steps of key exchange in any of the embodiments described above.
In a seventh aspect, the present application further provides a computer program product. The computer program product comprising a computer program that when executed by a processor performs the steps of key exchange in any of the embodiments described above.
The key replacing method, the key replacing device, the computer equipment, the storage medium and the computer program product receive the target offset sent by the server; the target offset is obtained by modifying the original offset by the server, and the original offset stored by the security chip is updated to be the target offset; the security chip also stores random data; because actual target key information cannot appear in the communication channel, the security chip stores preset random data, and the security chip has a black box characteristic and can protect the random data from being read easily, a third party cannot obtain the random data and cannot deduce a target key based on target offset, so that remote replacement of an original key between the terminal and the server can be realized, and the security is high. Further, when performing data communication with the server, a target key in the random data is searched for according to the target offset, and a target encrypted communication channel is established based on the searched target key and the target key stored in the server. By adopting the method, the actual target key information can be transmitted without using a communication channel, the preset random data is stored in the security chip, and the security chip has the black box characteristic, so that the random data can be protected from being read easily, and the original key can be replaced remotely on the premise of ensuring the security. Even if the original secret key has the highest grade, the secret key can be replaced by the scheme.
Drawings
FIG. 1 is a diagram of an application environment of a key exchange method in one embodiment;
FIG. 2 is a flowchart illustrating a key exchange method according to an embodiment;
FIG. 3 is a flowchart illustrating a key exchange method according to another embodiment;
FIG. 4 is a diagram of an application environment of another embodiment of a key exchange method;
FIG. 5 is a diagram of an exemplary implementation of a key exchange method;
FIG. 6 is a diagram of an application environment of another embodiment of a key exchange method;
FIG. 7 is a block diagram showing the structure of a key exchange device according to an embodiment;
fig. 8 is a block diagram showing the structure of a key exchange device according to another embodiment;
FIG. 9 is a diagram of a computer internal structure in one embodiment.
Detailed Description
In order to make the objects, technical solutions and advantages of the present application more apparent, the present application is described in further detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the present application and are not intended to limit the present application.
The key exchange method provided by the embodiment of the application can be applied to the application environment shown in fig. 1. Wherein the terminal 102 communicates with the server 104 via a network. The data storage system may store data that the server 104 needs to process. The data storage system may be integrated on the server 104, or may be located on the cloud or other network server.
The terminal 102 may be, but is not limited to, various computer devices such as an intelligent chair with a security chip installed therein, and a control device externally connected to the intelligent chair. The server 104 may be implemented by an independent server, a server cluster composed of a plurality of servers, or an internet of things platform. The scheme provided by the embodiment of the application is cooperatively realized by the terminal 102 and the server 104.
In one embodiment, the security chip is an embedded data security chip for intellectual property protection and data protection. The safety chip stores the secret key and the check information, and can store the user-defined data and operate the user-defined algorithm. In one embodiment, the custom data and algorithm stored in the security chip cannot be read and analyzed by the outside world, so as to ensure the data security. The security chip can be a chip represented by a chip with a built-in smart card kernel, the chips support downloading and running of a custom algorithm, and have functions of resisting various attacks, such as differential attack resistance, power consumption analysis and splitting attack resistance, on a chip hardware level. When the security level of the chip is the bank card level, and the self-defined data and the self-defined algorithm stored in the chip are considered as a black box, the outside cannot acquire the information, and the analysis and the cloning of the internal algorithm cannot be performed. The secure chip may be specifically SMEC90ST of giant welfare in shenzhen, LKT4306 of 5363 ann beijing Ling Kexin, or the like.
In one embodiment, the server may be a cloud server. The cloud server is arranged in a special machine room, and a secret key modification algorithm is operated on the cloud server. In this embodiment, it can be considered that the key modification algorithm and the interaction logic operated in the cloud server cannot be read and analyzed by the outside.
In one embodiment, as shown in fig. 2, a key exchange method is provided, which is described by taking the method as an example applied to the terminal 102 with the secure chip installed in fig. 1, and includes the following steps:
step 202, receiving a target offset sent by a server; the target offset is the offset that the server modifies from the original offset.
The original offset is an offset of the original key, which is an offset address with respect to random data stored by the secure chip. The original key can be determined based on the original offset and the random data stored by the security chip, because the address of the original offset in the random data is the starting address of the original key, the random data is selected according to the starting address of the original key, so that the security chip can obtain the original key, and a communication channel between the terminal and the server is established through the original key.
In one embodiment, the random data stored in the security chip may be determined before the security chip or the computer device is shipped. Illustratively, before the intelligent furniture equipment is delivered from a factory in a mass production manner, a random number is generated by a designated person, and is marked as RandData, and the random number can be a pseudo random number meeting a safety condition or a true random number generated based on hardware, wherein the security of the true random number is higher.
In one embodiment, before the security chip or the computer device leaves the factory, the server generates the original offset in the corresponding random data based on the encryption algorithm corresponding to the security chip. Illustratively, the value of the original offset is generated according to an encryption algorithm of the security chip; after initialization of the pointer to the original offset, an offset address between the pointer and the start address of the random data is determined based on the value of the original offset, the offset address being the original offset. After the random data and the original offset stored in the security chip are determined, an original starting position in the random data is determined by using the pointer of the original offset, and data with a key length is selected from the original starting position and is used for generating an original key.
The server stores the original offset, the random data and the original key corresponding to the security chip; and for the original offset and the random data corresponding to the security chip, the original offset and the random data corresponding to the security chip are corresponding to the original offset and the random data stored in the security chip, and the original offset and the random data corresponding to the security chip are stored in the server. Illustratively, the original offset and the random data corresponding to the secure chip are the same as the original offset and the random data stored in the secure chip, and are stored in the server. The archive of the original offset and the random data stored by the security chip is recorded as ArchiveData, the archive of the security chip has a high security level, and communication is performed only under special conditions.
In one embodiment, before updating the original offset stored in the secure chip to the target offset, the method includes: and searching an original key in the random data according to the original offset, and establishing an original encryption communication channel based on the searched original key and the original key stored by the server so that the security chip and the server perform data communication based on the original encryption communication channel.
Searching an original key in random data according to an original offset, comprising: determining an original starting position of the original offset in the random data, determining data corresponding to the original offset in the random data according to the original starting position, and generating an original key based on the data corresponding to the original offset. The original key may be data corresponding to the original offset, or may be an original key generated by performing some encryption based on the data corresponding to the original offset.
Establishing an original encrypted communication channel based on the searched original key and an original key stored by a server, comprising: the terminal determines a communication channel, encrypts the communication channel based on the searched original secret key and instructs the server to encrypt the communication channel based on the original secret key stored in the server, so that the original encrypted communication channel is obtained, and the security chip and the server perform data communication based on the original encrypted communication channel.
The communication channel specified by the terminal may be a preset communication channel or a dynamically selected communication channel. This communication channel enables operations such as line analysis and protocol analysis by unauthorized parties. Optionally, the communication channel may be a channel through which the security chip and the general MCU perform serial or SPI wired communication, the MCU may perform wired communication with the Wi-Fi or 4G module, and the wireless communication module may perform wireless communication with the cloud server.
In one embodiment, when the replacement condition of the original key is satisfied, the original key is the key to be replaced, and the data for replacing the original offset is the target offset sent by the server. Optionally, when the terminal detects that an original key of the terminal is leaked, sending a key replacing instruction to the server to modify the original offset into a target offset by the server, and then sending the target offset to the terminal, so that the terminal receives the target offset sent by the server; when the server detects that an original key of a certain security chip is leaked, the server modifies the original offset into a target offset and then sends the target offset to the terminal, so that the terminal receives the target offset sent by the server.
In one embodiment, the original key is the key with the highest security level between the terminal and the server; when the original secret key is leaked, the encrypted communication channels established between the terminal and the server through the preset secret keys with any security level are unsafe, and in this case, data transmitted through the unsafe encrypted communication channels are at risk of leakage, so that the target secret key is not suitable for direct transmission. Based on the method, the original offset stored by the security chip is updated to the target offset sent by the server, even if the target offset is leaked, the random data stored by the security chip is stored in the security chip of the off-line product in advance, and the random data can be protected from being read easily due to the fact that the security chip has the black box characteristic, so that an intruder cannot obtain the random data and cannot deduce a target key based on the target offset, remote replacement of the key can be achieved, and the security is high. Wherein the encrypted communication channel generated by the key with the higher security level may be used for replacing the key with the lower security level, and the key with the higher security level may be replaced according to any embodiment of the present invention.
In one embodiment, the server modifies the original offset to obtain the target offset, including: generating a value of a target offset according to an encryption algorithm of the security chip; and after the pointer of the target offset is initialized, calculating an offset address between the pointer and the start address of the random data based on the value of the target offset, wherein the offset address is the target offset, and modifying the original offset into the target offset. And after the target offset is generated, the server sends the target offset to the terminal. When the target offset sent to the terminal is encrypted and confused, the difficulty of reverse analysis of the target offset is increased, and the security of key replacement is increased.
In one embodiment, receiving the target offset sent by the server includes: determining an original offset stored by a security chip; searching an original secret key in random data according to an original offset stored in a security chip; establishing an original encryption communication channel based on the searched original secret key and an original secret key stored by the server; the target offset sent by the server is received based on the original encrypted communication channel.
The original offset stored by the security chip is filed in a certain preset area of the security chip, and the filed in the preset area has higher confidentiality.
Searching an original secret key in random data according to an original offset stored in a security chip, comprising the following steps: and the terminal determines a communication channel, encrypts the communication channel based on the searched original secret key and instructs the server to encrypt the communication channel based on the original secret key stored by the server to obtain the original encrypted communication channel.
Receiving a target offset sent by a server based on an original encrypted communication channel, wherein the target offset comprises: when the target offset sent by the server is subjected to asymmetric encryption, decrypting according to a corresponding private key to obtain a decrypted target offset, wherein the decrypted target offset is the received target offset; when the target offset sent by the server is not encrypted, the unencrypted target offset is the received target offset.
The target offset is an offset of the target key; the target offset is an offset address relative to the random data stored in advance, the target offset is different from the original offset, the target offset is sent to the terminal by the server, and the target offset is not stored in the security chip in advance. The address of the target offset in the random data is the address of the target key, which enables the secure chip to look up the target key. And the target key is generated based on random data, the target key is still a random number, and the key strength is higher.
Step 204, updating the original offset stored in the security chip into a target offset; the secure chip also stores random data.
The random data stored in the security chip is preset data stored in the security chip, and the preset data can be burned into the security chip in the production process of the security chip. The preset data is the value range of the target secret key, the data volume of the preset data is increased, the probability of repetition among different secret keys can be reduced, and the security of the secret key can be kept high enough after the secret key is replaced for multiple times. Optionally, the preset data is determined based on the storage space of the chip and the value range of the key, so that the value range is as large as possible under the condition that the storage space allows, after the value range is increased, the key can be updated for many times, and different keys can be obtained each time as long as the random data is long enough and the number of updating times is almost not limited. Illustratively, the data amount of the preset data is 512 bytes.
In one embodiment, in the process of updating the original offset stored in the security chip to the target offset, the pointer of the target offset may be updated with the pointer of the original offset stored in the security chip, and the value of the target offset may replace the value of the original offset; it is also possible to keep a pointer to the original offset and set the pointer to the original offset according to the value of the target offset.
And step 206, when the data communication is carried out with the server, searching a target key in the random data according to the target offset, and establishing a target encryption communication channel based on the searched target key and the target key stored by the server.
In one embodiment, finding a target key in random data according to a target offset includes: determining an initial position in the random data according to the target offset; searching data corresponding to the target offset in the random data according to the initial position; and taking the data corresponding to the target offset as a target key.
Optionally, in the process of determining the starting position in the random data according to the target offset, the starting position is calculated according to a starting position determination rule for determining the starting position of the key, and the algorithm complexity of the starting position determination rule is positively correlated with the security. When the algorithm complexity of the initial position determination rule increases, the possibility that the original key and the target key are overlapped is reduced, and the possibility that the initial position determination rule is cracked is increased.
The starting position determination rule is used to determine a relationship between the offset and at least part of the data of the random data. The relationship may be one or more of: the security chip can determine the initial position in the random data according to the address difference between the target offset and the initial address of the random data; the security chip can also determine the initial position in the random data according to the address difference between the target offset and the initial address of the original offset; the security chip may also determine a starting position in the random data according to certain data to which the target offset is mapped.
In one embodiment, searching for data corresponding to a target offset according to a starting position in random data includes: in the random data, searching data of the key length according to the initial position; and taking the data of the key length as the data corresponding to the target offset.
The key length is the data size of the data corresponding to the target offset; the key length is related to the data amount of the target key, and the key length may be the data amount of the target key; it will be appreciated that the key length may also be the data size of the original key. The key length may be preset, or may be generated according to a preset mapping rule according to data such as an identification number of a secure chip and a terminal.
In one embodiment, the data corresponding to the target offset is used as the target key according to a key data lookup rule. The algorithm complexity and the security of the key data searching rule are positively correlated. When the algorithm complexity of the key data search rule increases, the possibility of overlapping the original key and the target key is reduced, and the possibility of cracking the key data search rule is reduced. Illustratively, the key data search rule may be to sequentially select data of different addresses according to an address sequence of random data until data of a key length is obtained; the key data search rule may also be that according to some data selection rules, data of different addresses are sequentially selected according to the address sequence of random data until data of the key length is obtained. The data selection rule may be to sequentially select data of different addresses according to a preset address interval.
The data corresponding to the target offset may be data of a key length, data generated by mapping according to a certain mapping table, or data generated by performing asymmetric encryption again based on the selected data.
In the key replacing method, a target offset sent by the server is received; the target offset is obtained by modifying the original offset by the server, and the original offset stored by the security chip is updated to be the target offset; the security chip also stores random data; because actual target key information can not appear in the communication channel, only the terminal random data prestoring and target offset transmission are involved, but the safety key can be replaced, the safe replacement of the key is realized, the method can be used for the remote safe replacement of the highest-level communication key, and even if the target offset is leaked, the method can not cause too much influence.
And the security chip stores preset random data, has a black box characteristic, and can protect the random data from being easily read, so that a third party cannot obtain the random data and cannot deduce a target key based on a target offset, and therefore, remote replacement of an original key between the terminal and the server can be realized, and the security is high. Further, when performing data communication with the server, a target key in the random data is searched for according to the target offset, and a target encrypted communication channel is established based on the searched target key and the target key stored in the server. The method can remotely replace the original secret key on the premise of ensuring the safety, and the secret key can be replaced by the scheme when the grade of the original secret key is the highest.
In one embodiment, as shown in fig. 3, a communication authentication method for a computer device is provided, which is described by taking the method as an example applied to the server 104 in fig. 1, and includes the following steps:
step 302, obtaining random data and original offset corresponding to the security chip.
The random data and the original offset corresponding to the security chip are the same as those stored in the security chip, and the random data and the original offset corresponding to the security chip are stored in the server. It is understood that when the original key is replaced due to leakage of the original key or a related reason, the original encrypted communication channel generated by the original key is unreliable, and thus, data stored in the secure chip is not transmitted to the server.
And step 304, modifying the original offset to obtain a target offset.
In one embodiment, modifying the original offset to obtain the target offset includes: generating a value of a target offset according to an encryption algorithm of the security chip; and after the pointer of the target offset is initialized, calculating an offset address between the pointer and the start address of the random data based on the value of the target offset, wherein the offset address is the target offset, and modifying the original offset into the target offset. And after the target offset is generated, the server sends the target offset to the terminal. When the target offset sent to the terminal is encrypted and confused, the difficulty of reverse analysis of the target offset is increased, and the security of key replacement is increased.
The range of the original offset is modified, which is determined based on the address range to which the random data corresponding to the security chip belongs. Optionally, when the modified value of the original offset is in the address of the random data, the address can be selected as the target offset; when the modified value of the original offset is outside the address of the random data, some operation may be performed to generate the target offset based on the modified value. Alternatively, the target offset may be asymmetrically encrypted and then sent to the security chip.
Step 306, searching the target key in the random data according to the target offset, and storing the target key.
In one embodiment, the server searches the random data for the target key according to the target offset, including: the server determines an initial position in random data corresponding to the security chip according to the target offset; in the random data, the server searches data corresponding to the target offset according to the initial position; and taking the data corresponding to the target offset as a target key. It should be understood that there is no order between step 306 and step 308, and that both steps may be in parallel or in series.
And 308, sending the target offset to the security chip so that the security chip updates the stored original offset to the target offset.
In one embodiment, the server sends the target offset to the security chip, including: the server establishes an original encryption communication channel based on an original secret key stored by the server and an original secret key searched by the security chip; the target offset is sent to the security chip based on the original encrypted communication channel.
Specifically, the server establishes an original encryption communication channel based on an original key stored by the server and an original key searched by the security chip, and the method includes: after the terminal determines a communication channel and encrypts the communication channel based on the searched original secret key, the server encrypts the communication channel based on the original secret key stored by the server in response to the instruction of the terminal to obtain the original encrypted communication channel. Therefore, although the original encryption communication channel has the possibility of leakage, certain reliability can be improved, the possibility of leakage of the target offset in transmission is reduced, and the safety of data transmission is guaranteed.
Step 310, when the security chip communicates with the server, an encrypted target communication channel is established based on the stored target key and the target key searched by the updated target offset.
The stored target key is a target key in the server, and the target key searched by the updated target offset is a target key searched by the terminal based on the updated target offset. The target encrypted communication channel has higher security and can contribute to the secure transmission of data.
In the secret key replacing method, random data and original offset corresponding to the security chip are obtained; modifying the original offset to obtain a target offset; searching a target secret key in the random data according to the target offset, and storing the target secret key; sending the target offset to a security chip so that the security chip updates the stored original offset to the target offset; because actual target key information cannot appear in a communication channel, the security chip and the server both store preset random data, and the security chip and the server both have black box characteristics, the respective random data can be protected from being easily read, so that a third party cannot obtain the random data, and cannot deduce the target key based on target offset, thereby realizing remote replacement of an original key between the terminal and the server, and having higher security. Furthermore, when the security chip communicates with the server, a target encryption communication channel is established based on the stored target key and the target key searched by the updated target offset, so that the original key can be remotely replaced on the premise of ensuring security, the grade of the original key is the highest, and the key can be replaced by the scheme.
In one embodiment, the complete process before and after key exchange is discussed in a more complete embodiment, which is discussed by taking the communication channel between the secure chip 402 and the cloud server 404 in fig. 4 as an example.
As shown in fig. 5, before the intelligent furniture device leaves the factory, a set of 512-byte random data is burned into the security chip to obtain random data stored in the security chip, and the random data is recorded as RandData. The value of the original offset amount (offset value) is determined with respect to the start address of the random data, and the pointer (Ptr) of the original offset amount is set, thereby obtaining the original offset amount (offset). The security chip and the cloud server use data pointed by a pointer (Ptr) of an original offset as a starting position, take data with a key length (such as data amount of N bytes) as an original key, use the data as a highest-level communication key KeyTop, and record the original offset, random data (RandData) and the original key corresponding to the security chip in the cloud server. Meanwhile, the original offset and the random data (RandData) corresponding to the security chip are encrypted and stored in a relatively secure environment, and are not randomly started, and the archive is recorded as ArchiveData. Wherein the security chip also has the same archive (ArchiveData).
Before replacing the original key, a communication channel between the secure chip and the cloud server is encrypted based on the original offset and random data (RandData). Specifically, the security chip reads the stored original offset (offset) and sets the original offset (offset) as the offset of the pointer (Ptr) of the original offset. Taking the offset of a pointer (Ptr) of the original offset as an initial position, and taking N bytes of data to obtain an original key (KeyTop); and the original secret key (KeyTop) is already stored in the cloud server, so a secure encrypted communication channel can be established between the secure chip and the cloud server for communication. The conditions for replacing the original key are: for some reason, the original key (KeyTop) is revealed, and the archive ArchiveData is not revealed.
The appointed person unseals an archive (ArchiveData) in the security chip or the cloud server, acquires random data (RandData) and an original Offset (Offset) from the archive, and the cloud server modifies the original Offset (Offset) into a new value and records the new value as a target Offset (Offset). The cloud server determines the initial position in the random data (RandData) area by the target Offset (Offset), then takes the data of N bytes as the target key (KeyTop) after replacement, records the target key (KeyTop) in the cloud server, and at the same time, the cloud server updates Offset to Offset in Archivedata, and records the new archive as Archivedata, and encrypts and archives the archive again as the original key for the next key replacement.
After the cloud server generates the target key, the cloud server transmits a key modification instruction to the security chip. Specifically, the cloud server and the security chip establish a communication channel by using the leaked original key, and the cloud server sends the target Offset (Offset) to the security chip through the communication channel which is not secured.
As shown in fig. 6, after receiving the target Offset (Offset), the security chip sets the pointer (Ptr) of the original Offset based on the target Offset (Offset), so that the pointer (Ptr) of the original Offset points to the start position corresponding to the target Offset, so as to obtain data corresponding to the target Offset, thereby implementing key exchange.
After the secret key is replaced, the security chip searches a target secret key in the random data (RandData) according to the target Offset (Offset), and establishes a target encryption communication channel based on the searched target secret key (KeyTop) and the target secret key (KeyTop) stored in the cloud server for communication. Because the target encryption communication channel uses the target key which is not leaked, the channel is safe, and can safely transmit information for replacing other sub-keys or relative low-level keys, and even if the outside obtains the target Offset (Offset) through line monitoring, the outside cannot know the specific new key.
Therefore, when the key with the highest level is modified according to the scheme, actual target key information does not appear in a communication channel, and the communication channel does not influence the security of modifying the key even if being monitored by an unauthorized third party and has no key leakage risk; the key interaction logic is generated between the security chip and the cloud server, and the two parts can be completely considered as black boxes, and the possibility of malicious cracking and reverse analysis by a third party is almost 0; and the process logic of key replacement is simple, complex encryption and decryption algorithms and processes are not needed, and the method has better universality and feasibility of mass production. In addition, the updated target secret key is still an irregular random number, the strength of the secret key is guaranteed, and as long as the random data is long enough, the limit of the updating times is almost eliminated, the secret key can be updated for many times, different secret keys can be obtained every time, and the safety is further guaranteed.
It should be understood that, although the steps in the flowcharts related to the embodiments described above are shown in sequence as indicated by the arrows, the steps are not necessarily performed in sequence as indicated by the arrows. The steps are not performed in the exact order shown and described, and may be performed in other orders, unless explicitly stated otherwise. Moreover, at least a part of the steps in the flowcharts related to the embodiments described above may include multiple steps or multiple stages, which are not necessarily performed at the same time, but may be performed at different times, and the execution order of the steps or stages is not necessarily sequential, but may be rotated or alternated with other steps or at least a part of the steps or stages in other steps.
Based on the same inventive concept, the embodiment of the present application further provides a key exchange device for implementing the key exchange method. The implementation scheme for solving the problem provided by the device is similar to the implementation scheme described in the above method, so specific limitations in one or more embodiments of the key exchange device provided below can be referred to the above limitations on the key exchange method, and are not described herein again.
In one embodiment, as shown in fig. 7, there is provided a key exchange apparatus applied to a secure chip, the apparatus including: an offset acquisition module 702, an offset update module 704, and a communication module 706, wherein:
an offset obtaining module 702, configured to receive a target offset sent by a server; the target offset is an offset obtained by modifying an original offset by the server;
an offset updating module 704, configured to update an original offset stored in the security chip to the target offset; the security chip also stores random data;
a communication module 706, configured to, when performing data communication with the server, search for a target key in the random data according to the target offset, and establish a target encryption communication channel based on the searched target key and the target key stored by the server.
In one embodiment, the communication module 706 is configured to:
determining an initial position in the random data according to the target offset;
searching data corresponding to the target offset in the random data according to the initial position;
and taking the data corresponding to the target offset as a target key.
In one embodiment, the communication module 706 is specifically configured to:
searching data of the key length in the random data according to the initial position;
and taking the data of the key length as the data corresponding to the target offset.
In one embodiment, the offset obtaining module 702 is configured to:
determining an original offset stored by the security chip;
searching an original secret key in the random data according to the original offset stored in the security chip;
establishing an original encryption communication channel based on the searched original secret key and the original secret key stored by the server;
and receiving the target offset sent by the server based on the original encrypted communication channel.
In one embodiment, the communication module 706 is further configured to:
and searching an original key in the random data according to the original offset, and establishing an original encryption communication channel based on the searched original key and the original key stored by the server, so that the security chip and the server perform data communication based on the original encryption communication channel.
In one embodiment, as shown in fig. 8, the present application further provides a key exchange apparatus, applied to a server, including: a data acquisition module 802, an offset modification module 804, a key generation module 806, a key sending module 808, and a communication module 810, wherein:
a data obtaining module 802, configured to obtain random data and an original offset corresponding to the security chip;
an offset modification module 804, configured to modify the original offset to obtain a target offset;
a key generating module 806, configured to search a target key in the random data according to the target offset, and store the target key;
a key sending module 808, configured to send the target offset to a secure chip, so that the secure chip updates a stored original offset to the target offset;
a communication module 810, configured to establish a target encryption communication channel based on the stored target key and the updated target key searched for by the target offset when the security chip communicates with the server.
In one embodiment, the communication module 810 is further configured to: before the original offset stored in the secure chip is updated to the target offset, an original key in the random data is searched according to the original offset, and an original encryption communication channel is established based on the searched original key and the original key stored in the server, so that the secure chip and the server perform data communication based on the original encryption communication channel.
The modules in the key exchange device may be implemented in whole or in part by software, hardware, or a combination thereof. The modules can be embedded in a hardware form or independent from a processor in the computer device, and can also be stored in a memory in the computer device in a software form, so that the processor can call and execute operations corresponding to the modules.
In one embodiment, a computer device is provided, which may be a terminal, and its internal structure diagram may be as shown in fig. 9. The computer apparatus includes a processor, a memory, an input/output interface, a communication interface, a display unit, and an input device. The processor, the memory and the input/output interface are connected by a system bus, and the communication interface, the display unit and the input device are connected by the input/output interface to the system bus. Wherein the processor of the computer device is configured to provide computing and control capabilities. The memory of the computer device comprises a nonvolatile storage medium and an internal memory. The non-volatile storage medium stores an operating system and a computer program. The internal memory provides an environment for the operation of an operating system and computer programs in the non-volatile storage medium. The input/output interface of the computer device is used for exchanging information between the processor and an external device. The communication interface of the computer device is used for communicating with an external terminal in a wired or wireless manner, and the wireless manner can be realized through WIFI, a mobile cellular network, NFC (near field communication) or other technologies. The computer program is executed by a processor to implement a key exchange method. The display unit of the computer equipment is used for forming a visual picture, and can be a display screen, a projection device or a virtual reality imaging device, the display screen can be a liquid crystal display screen or an electronic ink display screen, the input device of the computer equipment can be a touch layer covered on the display screen, a key, a track ball or a touch pad arranged on a shell of the computer equipment, and can also be an external keyboard, a touch pad or a mouse and the like.
Those skilled in the art will appreciate that the architecture shown in fig. 9 is merely a block diagram of some of the structures associated with the disclosed aspects and is not intended to limit the computing devices to which the disclosed aspects apply, as particular computing devices may include more or less components than those shown, or may combine certain components, or have a different arrangement of components.
In one embodiment, a computer device is further provided, which includes a memory and a processor, the memory stores a computer program, and the processor implements the steps of the above method embodiments when executing the computer program.
In one embodiment, a storage medium is provided, which is a computer-readable storage medium, and the storage medium stores a computer program, which when executed by a processor, implements the steps in the above-described method embodiments.
In an embodiment, a computer program product is provided, comprising a computer program which, when being executed by a processor, carries out the steps of the above-mentioned method embodiments.
It should be noted that, the user information (including but not limited to user equipment information, user personal information, etc.) and data (including but not limited to data for analysis, stored data, displayed data, etc.) referred to in the present application are information and data authorized by the user or sufficiently authorized by each party, and the collection, use and processing of the related data need to comply with the relevant laws and regulations and standards of the relevant country and region.
It will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above can be implemented by hardware instructions of a computer program, which can be stored in a non-volatile computer-readable storage medium, and when executed, can include the processes of the embodiments of the methods described above. Any reference to memory, database, or other medium used in the embodiments provided herein may include at least one of non-volatile and volatile memory. The nonvolatile Memory may include a Read-Only Memory (ROM), a magnetic tape, a floppy disk, a flash Memory, an optical Memory, a high-density embedded nonvolatile Memory, a resistive Random Access Memory (ReRAM), a Magnetic Random Access Memory (MRAM), a Ferroelectric Random Access Memory (FRAM), a Phase Change Memory (PCM), a graphene Memory, and the like. Volatile Memory can include Random Access Memory (RAM), external cache Memory, and the like. By way of illustration and not limitation, RAM can take many forms, such as Static Random Access Memory (SRAM) or Dynamic Random Access Memory (DRAM), among others. The databases referred to in various embodiments provided herein may include at least one of relational and non-relational databases. The non-relational database may include, but is not limited to, a block chain based distributed database, and the like. The processors referred to in the embodiments provided herein may be general purpose processors, central processing units, graphics processors, digital signal processors, programmable logic devices, quantum computing based data processing logic devices, etc., without limitation.
The technical features of the above embodiments can be arbitrarily combined, and for the sake of brevity, all possible combinations of the technical features in the above embodiments are not described, but should be considered as the scope of the present specification as long as there is no contradiction between the combinations of the technical features.
The above-mentioned embodiments only express several embodiments of the present application, and the description thereof is more specific and detailed, but not construed as limiting the scope of the present application. It should be noted that, for a person skilled in the art, several variations and modifications can be made without departing from the concept of the present application, which falls within the scope of protection of the present application. Therefore, the protection scope of the present application shall be subject to the appended claims.
Claims (11)
1. A secret key replacing method is applied to a security chip, and the method comprises the following steps:
receiving a target offset sent by a server; the target offset is an offset obtained by modifying the original offset by the server;
updating the original offset stored in the security chip to the target offset; the security chip also stores random data;
and when data communication is carried out with the server, searching a target key in the random data according to the target offset, and establishing a target encryption communication channel based on the searched target key and the target key stored by the server.
2. The method of claim 1, wherein the finding the target key in the random data according to the target offset comprises:
determining an initial position in the random data according to the target offset;
searching data corresponding to the target offset in the random data according to the initial position;
and taking the data corresponding to the target offset as a target key.
3. The method according to claim 2, wherein the searching for the data corresponding to the target offset from the random data according to the start position comprises:
searching data of the key length in the random data according to the initial position;
and taking the data of the key length as the data corresponding to the target offset.
4. The method of claim 1, wherein receiving the target offset sent by the server comprises:
determining an original offset stored by the security chip;
searching an original secret key in the random data according to the original offset stored in the security chip;
establishing an original encryption communication channel based on the searched original secret key and the original secret key stored by the server;
and receiving the target offset sent by the server based on the original encrypted communication channel.
5. The method of claim 1, wherein before updating the original offset stored by the secure chip to the target offset, the method further comprises:
and searching an original key in the random data according to the original offset, and establishing an original encryption communication channel based on the searched original key and the original key stored by the server so that the security chip and the server perform data communication based on the original encryption communication channel.
6. A key exchange method is applied to a server, and the method comprises the following steps:
acquiring random data and original offset corresponding to the security chip;
modifying the original offset to obtain a target offset;
searching a target secret key in the random data according to the target offset, and storing the target secret key;
sending the target offset to a security chip so that the security chip updates the stored original offset to the target offset;
and when the security chip communicates with the server, establishing a target encryption communication channel based on the stored target key and the updated target key searched by the target offset.
7. The method of claim 6, wherein sending the target offset to a secure chip comprises:
establishing an original encryption communication channel based on the original secret key stored by the server and the original secret key searched by the security chip;
and sending the target offset to a security chip based on the original encrypted communication channel.
8. A key exchange device applied to a secure chip, the device comprising:
the offset acquisition module is used for receiving the target offset sent by the server; the target offset is an offset obtained by modifying the original offset by the server;
the offset updating module is used for updating the original offset stored in the security chip into the target offset; the security chip also stores random data;
and the communication module is used for searching a target key in the random data according to the target offset when carrying out data communication with the server, and establishing a target encryption communication channel based on the searched target key and the target key stored by the server.
9. A key exchange apparatus applied to a server, the apparatus comprising:
the data acquisition module is used for acquiring random data and original offset corresponding to the security chip;
the offset modifying module is used for modifying the original offset to obtain a target offset;
the secret key generating module is used for searching a target secret key in the random data according to the target offset and storing the target secret key;
the secret key sending module is used for sending the target offset to a security chip so that the security chip updates the stored original offset into the target offset;
and the communication module is used for establishing a target encryption communication channel based on the stored target key and the updated target key searched by the target offset when the security chip is communicated with the server.
10. A computer device comprising a memory and a processor, the memory storing a computer program, characterized in that the processor, when executing the computer program, implements the steps of the method of any of claims 1 to 7.
11. A storage medium having a computer program stored thereon, the computer program, when being executed by a processor, realizing the steps of the method of any one of claims 1 to 7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211231527.6A CN115296808B (en) | 2022-10-10 | 2022-10-10 | Key replacing method, device, computer equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211231527.6A CN115296808B (en) | 2022-10-10 | 2022-10-10 | Key replacing method, device, computer equipment and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN115296808A true CN115296808A (en) | 2022-11-04 |
| CN115296808B CN115296808B (en) | 2023-03-10 |
Family
ID=83819307
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202211231527.6A Active CN115296808B (en) | 2022-10-10 | 2022-10-10 | Key replacing method, device, computer equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115296808B (en) |
Citations (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20050058293A1 (en) * | 2003-09-12 | 2005-03-17 | Victor Company Of Japan, Ltd. | Information transmission system |
| EP1693982A2 (en) * | 1999-03-11 | 2006-08-23 | TECSEC, Inc. | Method for establishing a secure communication channel |
| US20100246811A1 (en) * | 2009-03-25 | 2010-09-30 | Lsi Corporation | Systems and methods for information security using one-time pad |
| US20130145177A1 (en) * | 2011-12-06 | 2013-06-06 | Honeywell International Inc. | Memory location specific data encryption key |
| CN105933318A (en) * | 2016-05-26 | 2016-09-07 | 乐视控股(北京)有限公司 | Data secret-keeping method, device and system |
| CN106302379A (en) * | 2015-06-26 | 2017-01-04 | 比亚迪股份有限公司 | The authentication method of vehicle mounted electrical apparatus, system and its apparatus |
| US20170012949A1 (en) * | 2006-04-25 | 2017-01-12 | Stephen Laurence Boren | Dynamic identity verification and authentication continuous, dynamic one-time-pad/one-time passwords and dynamic distributed key infrastructure for secure communications with a single key for any key-based network security controls |
| US20170169233A1 (en) * | 2015-05-12 | 2017-06-15 | Datrium Inc. | Distributed data method for encrypting data |
| CN109104276A (en) * | 2018-07-31 | 2018-12-28 | 如般量子科技有限公司 | A kind of cloud storage method of controlling security and system based on pool of keys |
| CN112383897A (en) * | 2020-10-19 | 2021-02-19 | 东软集团股份有限公司 | Information transmission method, device, medium and electronic equipment based on intelligent network connection |
| CN112651034A (en) * | 2020-12-21 | 2021-04-13 | 山东山大鸥玛软件股份有限公司 | One-time pad replaceable encryption algorithm, assembly and equipment based on codebook |
-
2022
- 2022-10-10 CN CN202211231527.6A patent/CN115296808B/en active Active
Patent Citations (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP1693982A2 (en) * | 1999-03-11 | 2006-08-23 | TECSEC, Inc. | Method for establishing a secure communication channel |
| US20050058293A1 (en) * | 2003-09-12 | 2005-03-17 | Victor Company Of Japan, Ltd. | Information transmission system |
| US20170012949A1 (en) * | 2006-04-25 | 2017-01-12 | Stephen Laurence Boren | Dynamic identity verification and authentication continuous, dynamic one-time-pad/one-time passwords and dynamic distributed key infrastructure for secure communications with a single key for any key-based network security controls |
| US20100246811A1 (en) * | 2009-03-25 | 2010-09-30 | Lsi Corporation | Systems and methods for information security using one-time pad |
| US20130145177A1 (en) * | 2011-12-06 | 2013-06-06 | Honeywell International Inc. | Memory location specific data encryption key |
| US20170169233A1 (en) * | 2015-05-12 | 2017-06-15 | Datrium Inc. | Distributed data method for encrypting data |
| CN106302379A (en) * | 2015-06-26 | 2017-01-04 | 比亚迪股份有限公司 | The authentication method of vehicle mounted electrical apparatus, system and its apparatus |
| CN105933318A (en) * | 2016-05-26 | 2016-09-07 | 乐视控股(北京)有限公司 | Data secret-keeping method, device and system |
| CN109104276A (en) * | 2018-07-31 | 2018-12-28 | 如般量子科技有限公司 | A kind of cloud storage method of controlling security and system based on pool of keys |
| CN112383897A (en) * | 2020-10-19 | 2021-02-19 | 东软集团股份有限公司 | Information transmission method, device, medium and electronic equipment based on intelligent network connection |
| CN112651034A (en) * | 2020-12-21 | 2021-04-13 | 山东山大鸥玛软件股份有限公司 | One-time pad replaceable encryption algorithm, assembly and equipment based on codebook |
Also Published As
| Publication number | Publication date |
|---|---|
| CN115296808B (en) | 2023-03-10 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN105760764B (en) | Encryption and decryption method and device for embedded storage device file and terminal | |
| CN113346998B (en) | Key updating and file sharing method, device, equipment and computer storage medium | |
| CN109471844A (en) | File sharing method, device, computer equipment and storage medium | |
| CN113691502B (en) | Communication method, device, gateway server, client and storage medium | |
| CN106452770B (en) | Data encryption method, data decryption method, device and system | |
| CN104331408A (en) | Chunk-level client side encryption in hierarchical content addressable storage systems | |
| KR20130064701A (en) | Privacy-preserving collaborative filtering | |
| CN103841099A (en) | System for encrypting content name | |
| CN102138300A (en) | Message authentication code pre-computation with applications to secure memory | |
| CN103310169A (en) | SD (Secure Digital) card data protection method and protection system thereof | |
| CN105117635A (en) | Local data security protection system and method | |
| CN104618096A (en) | Method and device for protecting secret key authorized data, and TPM (trusted platform module) secrete key management center | |
| CN112073444B (en) | Data set processing method and device and server | |
| CN101345624A (en) | Document access system and method | |
| CN107872315B (en) | Data processing method and intelligent terminal | |
| CN115348107A (en) | Internet of things equipment secure login method and device, computer equipment and storage medium | |
| CN114491637A (en) | Data query method and device, computer equipment and storage medium | |
| CN112822010B (en) | Removable storage medium management method based on quantum key and block chain | |
| US11989720B2 (en) | System and method for oblivious information retrieval | |
| CN116455572B (en) | Data encryption method, device and equipment | |
| CN113127844A (en) | Variable access method, device, system, equipment and medium | |
| CN117041956A (en) | Communication authentication method, device, computer equipment and storage medium | |
| CN116684102A (en) | Message transmission method, message verification method, device, equipment, medium and product | |
| CN115296808B (en) | Key replacing method, device, computer equipment and storage medium | |
| CN116594567A (en) | Information management method and device and electronic equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |