CN115827514A - Data writing method, data reading method and related device - Google Patents
Data writing method, data reading method and related device Download PDFInfo
- Publication number
- CN115827514A CN115827514A CN202211408861.4A CN202211408861A CN115827514A CN 115827514 A CN115827514 A CN 115827514A CN 202211408861 A CN202211408861 A CN 202211408861A CN 115827514 A CN115827514 A CN 115827514A
- Authority
- CN
- China
- Prior art keywords
- data
- written
- read
- error correction
- redundancy
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Storage Device Security (AREA)
- Techniques For Improving Reliability Of Storages (AREA)
Abstract
The embodiment of the application provides a data writing method, a data reading method and a related device, wherein the data writing method comprises the steps of obtaining data to be written and a data address to be written corresponding to the data to be written; performing write redundancy coding operation on the address of the data to be written and the data to be written by using a write redundancy polynomial to obtain an integrity error correction tag to be written, wherein the integrity error correction tag to be written is used for integrity verification and data error correction; and writing the data to be written and the integrity error correction label to be written into the memory. The data writing method provided by the embodiment of the application can improve the integrity protection function of the memory data under the condition of ensuring the error correction capability.
Description
Technical Field
The embodiment of the application relates to the technical field of computers, in particular to a data writing method, a data reading method and a related device.
Background
With the development of digital technology, many confidential information is processed on a computer system, and the security of the computer system is particularly prominent. Currently, computer system security is guaranteed by designing from the CPU hardware and the memory controller of the CPU. Most of the confidential information is encrypted and stored in the memory of the computer system, so that the confidential information is protected, but the integrity of the confidential information stored in the memory cannot be detected. If a malicious attacker physically attacks the encrypted memory, the user cannot detect the integrity of the data, which may result in a business risk.
In one method, a digest calculation engine of SHA3 (third generation secure hash algorithm) is added to a memory controller in a double data rate synchronous dynamic random access memory (DDR 5) environment, and a redundant memory space of DRAM (memory) itself, such as ecc bit (error detection and correction bits), is used to store a data MAC value (Message Authentication Codes).
However, although the SHA3 algorithm can be used for verifying the integrity of data, the MAC value used in verifying the integrity of data is stored in the memory after being truncated, and the truncated MAC value is only 28 bits and cannot verify the integrity of a large amount of bits of data stored in the memory, so that the memory data integrity protection function is seriously weakened (the collision probability is about one hundred thousand); and the MAC value is stored in the ecc bit in the memory, thereby shortening the ecc bit originally used for error correction and detection and reducing the error correction capability of the error correction code on the data of the memory. When the error correction capability of the memory is reduced, data errors cannot be detected, and catastrophic results are caused.
Therefore, how to improve the integrity protection function of the memory data while ensuring the error correction capability becomes a technical problem that needs to be solved urgently.
Disclosure of Invention
The technical problem solved by the embodiment of the application is how to improve the integrity protection function of the memory data under the condition of ensuring the error correction capability.
In order to solve the foregoing problems, embodiments of the present application provide a data writing method, a data reading method, and a related apparatus, including:
in a first aspect, an embodiment of the present application provides a data writing method, where the method includes:
acquiring data to be written and a data address to be written corresponding to the data to be written;
performing write redundancy coding operation on the address of the data to be written and the data to be written by using a write redundancy polynomial to obtain an integrity error correction label to be written, wherein the integrity error correction label to be written is used for integrity verification and data error correction;
and writing the data to be written and the integrity error correction label to be written into the memory.
In a second aspect, an embodiment of the present application provides a data reading method, where the method includes:
acquiring data to be read stored in a data address to be read and a data to be read integrity error correction tag corresponding to the data to be read, wherein the data address to be read comprises a data address to be written in the data writing method according to the first aspect, the data to be read integrity error correction tag comprises a data to be written in the data writing method according to the first aspect, and the data to be read integrity error correction tag is used for performing integrity verification and data error correction on the data to be read;
acquiring a first redundancy integrity error correction label according to the integrity error correction label to be read;
performing a read redundancy coding operation on the data to be read and the address of the data to be read by using a read redundancy polynomial to obtain a second redundancy integrity error correction tag, wherein the read redundancy polynomial corresponds to the write redundancy polynomial in the data writing method of the first aspect;
when the first redundancy integrity error correction label is equal to the second redundancy integrity error correction label, determining that the data to be read is complete;
and sending the determined complete data to be read.
In a third aspect, an embodiment of the present application further provides a data writing device, where the device includes:
the write-in acquisition module is suitable for acquiring data to be written and a data address to be written corresponding to the data to be written;
the write redundancy coding operation module is suitable for performing write redundancy coding operation on the address of the data to be written and the data to be written by using a write redundancy polynomial to obtain an integrity error correction label to be written, and the integrity error correction label to be written is used for integrity verification and data error correction;
and the writing module is suitable for writing the data to be written and the integrity error correction label to be written into the memory.
In a fourth aspect, an embodiment of the present application further provides a data reading apparatus, where the apparatus includes:
a read obtaining module, adapted to obtain data to be read stored in a data address to be read, and a data integrity error correction tag to be read corresponding to the data to be read, where the data address to be read includes a data address to be written in the data writing device according to the third aspect, the data integrity error correction tag to be read includes a data integrity error correction tag to be written in the data writing device according to the third aspect, and the data integrity error correction tag to be read is used for performing integrity verification and data error correction on the data to be read;
the first redundancy integrity error correction tag acquisition module is suitable for acquiring a first redundancy integrity error correction tag according to the integrity error correction tag to be read;
a read redundancy coding operation module adapted to perform read redundancy coding operation on the data to be read and the address of the data to be read by using a read redundancy polynomial to obtain a second redundancy integrity error correction tag, where the read redundancy polynomial corresponds to a write redundancy polynomial in the data writing device of the third aspect;
the integrity determining module is suitable for determining that the data to be read is complete when the first redundancy integrity error correction tag is equal to the second redundancy integrity error correction tag;
and the sending module is suitable for sending the determined complete data to be read.
In a fifth aspect, embodiments of the present application further provide a storage medium, where a program suitable for data writing and data reading is stored, so as to implement the data writing method according to the first aspect or the data reading method according to the second aspect.
In a sixth aspect, an embodiment of the present application further provides an electronic device, which includes at least one memory and at least one processor, where the memory stores a data writing program, and the processor calls the program to perform the data writing method according to the first aspect or the data reading method according to the second aspect.
Compared with the prior art, the technical scheme of the embodiment of the application has the following advantages:
in the embodiment of the application, data to be written and a data address to be written corresponding to the data to be written are obtained firstly; encrypting the data to be written to obtain encrypted data to be written; performing write redundancy coding operation on the address of the data to be written and the encrypted data to be written by using a write redundancy polynomial to obtain an integrity error correction tag; encrypting the integrity error correction label to obtain an encryption integrity error correction label to be written, wherein the encryption integrity error correction label to be written is used for integrity verification and data error correction; and writing the encrypted data to be written and the encrypted integrity error correction label to be written into the memory.
It can be seen that, according to the technical scheme provided in the embodiment of the present application, according to the data to be written to and the data address to be written to corresponding to the data to be written, first, a write redundancy coding operation is performed on the data to be written and the data address to be written by using a write redundancy polynomial, so as to obtain an integrity error correction tag to be written, and then, the integrity error correction tag to be written and the data to be written are written into the memory.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings needed to be used in the description of the embodiments or the prior art will be briefly introduced below, it is obvious that the drawings in the following description are only embodiments of the present application, and for those skilled in the art, other drawings can be obtained according to the provided drawings without creative efforts.
FIG. 1 illustrates a basic system architecture diagram of a computer implemented data security process.
Fig. 2 is a schematic diagram illustrating a basic system architecture of an error checking and correcting check code for implementing memory error detection and correction.
FIG. 3a is a block diagram illustrating an exemplary system for implementing generation of a write data integrity verification code using a message digest algorithm.
FIG. 3b is a block diagram illustrating an exemplary system for performing read data integrity verification using a message digest algorithm.
Fig. 4a is a schematic diagram of an architecture for implementing data writing according to the data writing method provided in the embodiment of the present application.
Fig. 4b is a schematic diagram of an architecture for implementing data reading according to the data reading method provided in the embodiment of the present application.
Fig. 5 is a flow chart illustrating a data writing method according to an embodiment of the present disclosure.
Fig. 6 is another schematic flow chart of a data writing method according to an embodiment of the present application.
Fig. 7 is a flow chart illustrating a data reading method according to an embodiment of the present disclosure.
Fig. 8 is a schematic diagram of a data writing device according to an embodiment of the present application.
Fig. 9 is a schematic structural diagram of a data reading apparatus according to an embodiment of the present application.
Detailed Description
The technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only a part of the embodiments of the present application, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
Fig. 1 is a schematic diagram illustrating a basic system architecture of a computer-implemented data security process, which may include, as shown in fig. 1: processor 110, memory controller 120, and memory 130.
The processor 110 is mainly a high-performance computing processor, and is generally a CPU (central processing unit) or a GPGPU (general purpose graphics processing unit), the processor 110 may send a data read/write request, the memory 130 may store instructions and data, the processor 110 obtains the instructions and corresponding data from the memory 130, then executes the instructions, and writes the result data back to the memory 130.
The memory 130 is a storage area for program execution codes and data, and is typically a DRAM (dynamic random access memory) type memory chip.
When data security protection is performed, an encryption protection scheme is added to the hardware of the processor 110, so that confidentiality protection of the memory data is increased. An encryption engine (i.e., a key is used for encrypting and decrypting data) is added to the memory controller 120, and after the data to be written into the memory is encrypted, a ciphertext is stored in the memory 130; when the memory 130 reads data, the memory controller 120 decrypts the ciphertext and transmits the decrypted ciphertext to the processor 110 for data processing.
There are many schemes for confidentiality protection of the memory 130, but the integrity of the memory data cannot be checked. If a malicious attacker physically attacks the encrypted data stored in the memory 130, the user cannot detect the integrity of the memory data, which leads to a business risk, and is particularly prominent in the field of high security requirements such as finance.
To ensure the integrity of the memory data, an ECC (error checking and correcting) check code is added to the latest DDR5 (double data rate synchronous dynamic random access memory) memory technology to improve the stability of the memory 130.
Fig. 2 is a schematic diagram illustrating a basic system architecture of an error checking and correcting check code for implementing memory error detection and correction.
As shown in the figure, the system may include: a processor 110, an error checking and correcting module 121, and a memory 130.
As shown in the figure, when the memory 130 has an error due to a fault or electrical noise, some bits of the memory data are inverted, resulting in a data error. The error checking and correcting module 121 (ECC error detection and correction control) sets extra memory cells (error detection and correction bits shown in fig. 2) ECC bits on the memory 130, stores ECC check data, and corrects erroneous memory data bits by using the error checking and correcting module 121 when the processor 110 issues a request to read data. Typically, DDR5 has enough bits to check the memory cells of the data by ECC. ECC algorithms, however, typically provide error correction and detection for a limited number of bits and cannot detect errors for all memory data bits.
Some CPU manufacturers add a digest calculation engine of SHA3 (Secure Hash Algorithm-3, one-way Hash function) to the memory controller 120, and use a redundant storage space (such as the error detection and correction bit shown in fig. 2) of the memory 130 itself to store a data MAC value (information verification Code), specifically, as shown in fig. 3a and fig. 3b, fig. 3a exemplarily shows a system framework schematic diagram for generating a write data integrity verification Code by using an information digest Algorithm, and fig. 3b exemplarily shows a system framework schematic diagram for realizing read data integrity verification Code by using an information digest Algorithm.
As shown in the figure, the system may include: a message digest calculation engine 150, and a memory 130.
In the data writing stage, the data to be written in calculates an information verification code by the information summary calculation engine 150, and the information verification code is stored in a redundant storage space in the memory 130 after being cut off; in the data reading stage, after the encrypted data and the information verification code stored when the ciphertext data is written are taken out from the memory 130, the encrypted data enters the abstract calculation engine 150 for recalculation to obtain a calculation information verification code, the information verification code stored when the ciphertext data is written and the calculation information verification code obtained again are compared, and if the two are equal, the data is not tampered; if the two are not appropriate, the data is tampered, and a data exception signal is sent out. In the MAC calculation algorithm, MAC = SHA3 (data, addr, MAC key, meta), wherein addr is a memory address of the current encrypted data to be read; the MAC key is an information verification code calculation protection key, is automatically generated by the integrated circuit chip and is stored in the integrated circuit chip, and cannot be acquired from the outside; meta is a set of metadata, which is determined by the manufacturer.
However, the information digest algorithm and the information verification code are 28 bits after being truncated, which seriously weakens the integrity protection function of the memory 130 (the collision probability is about one hundred thousand), occupies error detection and correction bits for error correction, and reduces the error correction capability of the memory 130 on the memory data. When the error correction capability of the memory 130 is degraded, the data error cannot be detected, resulting in catastrophic results.
It can be seen that the above-mentioned manner of data integrity protection may impair the error correction capability and integrity protection function of the memory 130.
In order to solve the foregoing problems, embodiments of the present application provide a data writing method to implement a memory data integrity protection function and an error correction function.
Fig. 4a is a schematic diagram of an architecture for implementing data writing according to the data writing method provided in the embodiment of the present application.
Specifically, the implementation of data writing may include:
step 1, the processor sends out data writing operation: and writing the data to be written into the position of the data address addr to be written in the memory.
Step 2, encrypting the plaintext data (i.e. the original data to be written in which the plaintext data is not encrypted) by the data encryption module 001, for example: the data encryption method comprises the steps of using an SM4 encryption algorithm, wherein SM4 is a block cipher algorithm and is used for encrypting data to be written, protecting the security of data of the data to be written, obtaining encrypted data to be written (ciphertext data) and storing the encrypted data to be written into data storage bits (data bits) of a memory, and a second encryption key used by a data encryption module 001 can be generated by a first key derivation function for a security encryption parameter and a second encryption parameter generated by a security processor (such as a random number 1 generated when the processor is started), and if KDF is used, KDF is a key derivation function.
Of course, in other embodiments, the specific generation manner of the second encryption key may be determined as needed.
In other embodiments, the data to be written may also be directly stored without being encrypted.
Step 3, by using the address addr of the data to be written and the parameter of the write redundancy initial value (for example, the random number 3 generated when the processor is started), the write redundancy initial value (that is, the initial value of the CRC of 128 bits) is obtained through calculation, the calculation process can be customized (for example, directly connected together, or through a certain calculation), and no specific calculation is specified in the data writing method provided in the embodiment of the present application, where the random number 3 is an initial value calculation parameter of the redundancy coding operation module 002 (used for performing the write redundancy coding operation), and the address addr of the data to be written is derived and written to the redundancy initial value, and the random number 3 is generated by the processor hardware once after the processor is started, and the content cannot be obtained from the outside, and remains unchanged in the whole working process of the processor, so that the stability and the certainty of the redundancy coding operation module 002 can be ensured, and a reliable basis is provided for the verification of the integrity of subsequent data and the error correction of the data.
Step 4, the redundancy coding operation module 002CRC128 calculates the integrity error correction tag (plaintext tag, i.e. redundant data) for the encrypted data to be written (ciphertext data) by using the written redundancy initial value and the redundancy polynomial randomly generated when the processor is started (i.e. written redundancy polynomial);
certainly, in the scheme that the write redundancy initial value parameter is not obtained, the write redundancy initial value is not obtained based on the to-be-written data address addr and the write redundancy initial value parameter, and then the write redundancy coding operation is directly performed on the to-be-written data address and the to-be-written encrypted data by using a write redundancy polynomial, so that the integrity error correction tag is obtained.
Step 5, the to-be-written data address addr and the first encryption parameter (for example, the random number 2 generated when the processor is started) derive the current first encryption key through the second key generation function KDF2, encrypt the integrity error correction tag (plaintext tag) by using the integrity error correction tag encryption module 003 (which may be the SM4 encryption algorithm) to obtain the to-be-written encrypted integrity error correction tag (ciphertext tag), and store the to-be-written encrypted integrity error correction tag (ciphertext tag) in the memory 004 to be the corresponding integrity verification error correction bit, because the redundancy coding operation module 002 is linear transformation, in order to protect the security of the generated integrity error correction tag, the integrity error correction tag is additionally encrypted and protected by the integrity error correction tag encryption module 003.
In other embodiments, the current first encryption key may also be derived by directly using the to-be-written data address addr through the second key generation function without using the first encryption parameter, and the integrity error correction tag is encrypted by using the first encryption key, so that the security of the integrity error correction tag is ensured.
Correspondingly, when reading the data stored in the memory by the above method, after decrypting the encrypted integrity error correction tag to be written (encrypted integrity error correction tag to be read) and the encrypted data to be written (encrypted data to be read) and verifying the integrity of the data, the data can be directly read when the integrity of the data is determined, and the data can be read after error correction when the data is incomplete, specifically, refer to fig. 4b, where fig. 4b is a schematic diagram of an architecture for realizing data reading by the data reading method provided by the embodiment of the present application.
As shown in the figure, the implementation of data reading may include:
step 1, a processor sends out a data reading operation, and reads data to be read from a data address addr to be read, wherein the data address addr to be read corresponds to each data address addr to be written in the data writing process, and as the integrity of the data stored in the data address addr to be read needs to be verified, the correct data to be read can be read only after the data integrity is confirmed, the integrity of encrypted data to be read at the corresponding address needs to be verified according to an encrypted integrity error correction tag to be read, which is stored at the corresponding address in the writing process;
firstly reading the encrypted integrity error correction label to be read and the encrypted data to be read which are stored in the data writing process according to the data address addr to be read in the data reading request, and then carrying out integrity verification and error correction, namely step 2.
Of course, if the integrity error correction tag and the data which are not encrypted are stored in the writing process, the integrity error correction tag to be read and the data to be read are read in the reading process.
Step 2, by using the address addr of the data to be read and the first decryption key, the first decryption key is the same as the first encryption key used in data writing, that is, the random number 2, the first decryption key of the current encrypted integrity error correction tag to be read is derived through the second key generation function, and the SM4 can be used to decrypt the encrypted integrity error correction tag to be read in the integrity verification error correction bit stored in the memory 004 corresponding to the address addr of the data to be read, so as to obtain a first redundant integrity error correction tag;
it is easy to understand that, when data is written, if the first key to be written in the integrity error correction tag is derived through the second key generation function by using the data address to be written, correspondingly, in the data reading process, the first decryption key is obtained through the second key generation function by using the data address to be read, and the encrypted integrity error correction tag to be read is decrypted, so that the correct first redundant integrity error correction tag can be obtained.
Step 3, the address addr of the data to be read and the read redundancy initial value parameter, such as the write redundancy initial value parameter used in data writing: a random number 3, which is calculated to obtain a read redundancy initial value (an initial value of 128-bit CRC);
according to specific parameters used when the redundancy code operation module 002 performs write-in redundancy code operation in the data write-in process, correspondingly, when data is read, the redundancy code operation module 012 needs to use the same calculation parameters when performing read redundancy code operation, and when the write-in encoding operation is directly performed on the data address to be written in and the encrypted data to be written in during data write-in, the read encoding operation is performed by directly using the data address addr to be read and the encrypted data to be read correspondingly in the data read-out process; if the data to be written in uses the address of the data to be written in and the parameter of the initial value of the written redundancy to obtain the initial value of the written redundancy, and then the encrypted data to be written in is subjected to the operation of the written redundancy coding, then when the data is read, the address of the data to be read and the parameter of the initial value of the read redundancy are used to obtain the initial value of the read redundancy, and then the encrypted data to be read is subjected to the operation of the read redundancy coding.
Step 4, the redundancy code operation module 012 (configured to perform a read redundancy code operation) calculates the encrypted data to be read (ciphertext data) stored at the data address addr to be read, using the read redundancy initial value and the redundancy polynomial (i.e., the read redundancy polynomial) calculated in step 3, to obtain a second redundancy integrity error correction tag.
When the data writing process is carried out, only the encrypted data to be written and the data address to be written are used for carrying out writing redundancy coding operation by using the writing redundancy polynomial, and in the data reading process, the data address to be read and the encrypted data to be read are correspondingly used for carrying out reading redundancy coding operation by using the reading redundancy polynomial.
And step 5, the integrity verification and error correction module 013 performs integrity verification and error correction by using the second redundant integrity error correction tag and the first redundant integrity error correction tag, determines that the encrypted data to be read is complete when the comparison ratio of the second redundant integrity error correction tag to the first redundant integrity error correction tag is equal to the comparison ratio of the first redundant integrity error correction tag to the second redundant integrity error correction tag, and decrypts the data to be read. And when the data to be read is decrypted, a second decryption key is generated by using the second decryption parameter and the security decryption parameter through the first key generation function, the security decryption parameter is the same as the security encryption parameter used in the data writing process, and the second encryption key corresponds to the second decryption key.
Of course, when data is written in, and data to be written is encrypted only by using the secure encryption parameter, in the process of data reading, decryption of encrypted data to be read is correspondingly completed only by using the secure decryption parameter, or when data is written in, and data to be written is encrypted only by using the second encryption parameter, in the process of data reading, decryption of encrypted data to be read is also performed by using the corresponding second decryption parameter, that is, it is enough to ensure that the encryption parameter and the decryption parameter used in data writing and data reading are consistent.
When the error deviation is smaller than the error correction threshold value, the redundancy coding operation module 012 corrects the encrypted data to be read to obtain corrected encrypted data, namely data 1;
and 6, correcting the encrypted data 1 to be read, decrypting the encrypted data by the data decryption module 010 through an algorithm SM4 used in data writing to obtain the data to be read, and sending the data to the processor.
Similarly, according to the type and number of the encryption parameters used in the data writing process, the corresponding decryption parameters are selected to correct the decryption of the encrypted data to be read when the data is read. When the encryption parameter used for data writing and to be written in encryption is a second encryption parameter or a security decryption parameter, the corresponding second decryption parameter or security decryption parameter needs to be used for correcting decryption of the encrypted data to be read in the data reading process; when the encryption parameters used in the data writing process for encrypting the data to be written are the second encryption parameters and the security encryption parameters, the corresponding second decryption parameters and the security decryption parameters are needed to be used for correcting decryption of the encrypted data to be read when the data is read.
To facilitate understanding, further description is performed in combination with a specific flow of data reading and writing, and to facilitate description of the technical solution provided by the embodiment of the present application, first, a data writing method is introduced, please refer to fig. 5, and fig. 5 is a flow diagram of the data writing method provided by the embodiment of the present application.
As shown in the drawings, a data writing method provided by an embodiment of the present application may include the following steps:
step S00, data to be written and a data address to be written corresponding to the data to be written are obtained.
The processor sends a data writing request, and writes the data to be written into the address to be written of the memory, so that the data to be written and the address of the data to be written corresponding to the data to be written can be obtained when the data writing request is obtained.
And S01, performing write redundancy coding operation on the address of the data to be written and the data to be written by using a write redundancy polynomial to obtain an integrity error correction label to be written, wherein the integrity error correction label to be written is used for integrity verification and data error correction.
It is easy to understand that the redundant polynomial refers to a coding formula used in redundant coding operation, provides an operator for the redundant coding operation, is randomly generated after hardware of a processor is started, and keeps unchanged in the whole working process of the processor, so that the redundant polynomial randomly generated based on the processor is not easy to predict and keeps unchanged in the working process, and thus, the finally obtained to-be-written integrity error correction label is not easy to crack and has higher safety.
The write redundancy polynomial can provide an error correction function, the integrity error correction tag obtained by performing write redundancy coding operation based on the write redundancy polynomial can realize data correction when the data to be written has errors, the write redundancy polynomial calculates the final integrity error correction tag for realizing integrity check, the collision probability of the integrity error correction tag is extremely low, the probability is about less than 1/100million, and the integrity error correction tag can be used as a verification code for integrity verification.
Because in a general case, the write redundancy coding operation is a linear block code, when the used data to be written are the same, the generated integrity error correction tags to be written are the same and are easily attacked by cracking, and the security is low, therefore, in order to improve the security of the integrity error correction tags, in an embodiment, the data writing method provided by the embodiment of the present application may further include:
acquiring a write redundancy initial value parameter;
the step of performing write redundancy coding operation on the address of the data to be written and the data to be written by using a write redundancy polynomial to obtain the integrity error correction tag to be written comprises the following steps:
obtaining a write redundancy initial value according to the write redundancy initial value parameter and the address of the data to be written;
and performing write redundancy coding operation on the data to be written by using a write redundancy polynomial and the write redundancy initial value to obtain the integrity error correction tag to be written.
The written redundancy initial value parameter can be a random number generated by processor hardware once after the processor is started, the content of the random number cannot be obtained from the outside, the random number remains unchanged in the whole working process of the processor, the random number is not easy to obtain and damage by the outside, and the high safety is achieved.
And S02, writing the data to be written and the integrity error correction label to be written into a memory.
It can be seen that, according to the technical scheme provided in the embodiment of the present application, according to the data to be written to and the data address to be written to corresponding to the data to be written, first, a write redundancy coding operation is performed on the data to be written and the data address to be written by using a write redundancy polynomial, so as to obtain an integrity error correction tag to be written, and then, the integrity error correction tag to be written and the data to be written are written into the memory.
In order to further enhance the security of the integrity error correction tag to be written, in an implementation manner, the integrity error correction tag to be written may also be encrypted, specifically, please refer to fig. 6, where fig. 6 is another schematic flow chart of the data writing method provided in the embodiment of the present application.
As shown in the figure, the process may include the following steps:
step S10, obtaining data to be written and a data address to be written corresponding to the data to be written.
The content of step S10 can refer to the content of step S00, and is not described herein again.
And S11, performing write redundancy coding operation on the address of the data to be written and the data to be written by using a write redundancy polynomial to obtain an integrity error correction label to be written.
Step S11 can refer to the content of step S01, and is not described herein again.
And S12, encrypting the integrity error correction label to be written to obtain the encrypted integrity error correction label to be written.
By encrypting the to-be-written integrity error correction label, the protection of the to-be-written integrity error correction label is increased, external attack can be prevented, the safety of the to-be-written integrity error correction label is protected, and therefore the accuracy of an integrity verification result can be ensured during integrity verification and error correction.
In an embodiment, the encrypting the integrity error correction tag to be written to obtain an encrypted integrity error correction tag to be written to may include:
obtaining a first encryption key according to the address of the data to be written;
and encrypting the integrity error correction label to be written by using the first encryption key to obtain the encryption integrity error correction label to be written.
The first encryption key obtained according to the address of the data to be written may be obtained through the first key generation function KDF, or may be obtained according to other key generation methods, and the first encryption key is used to encrypt the integrity error correction tag to be written, so that the capability of the integrity error correction tag to be written to itself against external attack is increased, and the security of the integrity error correction tag to be written is improved.
In order to further enhance the self-defense performance of the integrity error correction tag to be written, in an embodiment, the first encryption key may be obtained by using multiple parameters, and specifically, the step of obtaining the first encryption key may further include:
acquiring a first encryption parameter;
the step of obtaining a first encryption key according to the address of the data to be written comprises the following steps:
and obtaining the first encryption key according to the first encryption parameter and the address of the data to be written.
The first encryption parameter may be a random number generated by processor hardware when the processor is started, so that the first encryption parameter is an unpredictable encryption parameter that cannot be obtained by the outside, and the security of the integrity error correction tag to be written is further enhanced.
Of course, in other embodiments, other parameters that can increase the security of the integrity correction tag to be written may also be used.
And S13, writing the data to be written and the encryption integrity error correction label to be written into a memory.
By encrypting the integrity error correction label to be written, the integrity error correction label to be written is not easy to crack, the safety of the integrity error correction label to be written can be ensured, and the subsequent data integrity verification and error correction can be more reliable.
Certainly, in other embodiments, the data to be written may be processed to improve the security of the data to be written, so as to improve the security of the integrity error correction tag to be written, which is obtained based on the data to be written subsequently, and specifically, the data writing method provided in this embodiment may further include:
and encrypting the data to be written to obtain encrypted data to be written.
It is easily understood that the security of the data to be written can be guaranteed by the encryption process.
In a specific embodiment, the encrypting the data to be written to obtain encrypted data to be written includes:
obtaining a second encryption key according to the security encryption parameter, wherein the security encryption parameter is obtained through a security processor;
and encrypting the data to be written by using the second encryption key to obtain the encrypted data to be written.
The safety processor sets safety encryption parameters for generating a safety encryption key, so that the safety of data to be written can be ensured.
Of course, in one embodiment, the first encryption key may be directly a secure encryption parameter.
In another specific implementation manner, in order to further ensure the security performance of the second encryption key and improve the security protection for the data to be written, in an implementation manner, the encrypting the data to be written to obtain the encrypted data to be written may further include:
acquiring a second encryption parameter;
said step of obtaining said second encryption key comprises:
obtaining the second encryption key according to the second encryption parameter and the security encryption parameter;
and encrypting the data to be written by using the second encryption key to obtain the encrypted data to be written.
The second encryption parameter can be a random number generated when a Central Processing Unit (CPU) is started, the random number is generated once by processor hardware after the processor is started, the content of the random number is removed from the outside, the random number is kept unchanged in the whole working process of the processor, and the random number has randomness, so that external attacks can be prevented, the defense capability of the data to be written is improved, and the security of the data to be written is improved by obtaining a second encryption key based on the second encryption parameter and the security encryption parameter.
Of course, the second encryption parameter may be another parameter, and it is sufficient that the security of the second encryption key obtained by using only the secure encryption parameter can be enhanced.
And after the encrypted data to be written is obtained, further writing the encrypted data to be written and the integrity error correction label to be written into the memory.
Therefore, one data to be written will have a corresponding data to be written integrity error correction tag used for integrity verification and data error correction, so that integrity verification and data error correction can be realized on each data to be written stored in the memory, the data security is improved, each data to be written stored in the memory is encrypted data to be written, the data to be written is further ensured, and the functions of integrity verification and error correction of the data to be written can be increased while the data security is improved.
In order to ensure the security of the data to be written and enhance the security of the integrity error correction tag to be written, in another embodiment, the method may further combine the manner of performing encryption processing on the data to be written and the manner of performing encryption processing on the integrity error correction tag to be written, and specifically, the data writing method provided in this embodiment may further include:
firstly, data to be written and a data address to be written corresponding to the data to be written are obtained.
Then, in order to improve the security of the data to be written, the data to be written may be encrypted to obtain encrypted data to be written.
Of course, when encrypting the data to be written, the method of obtaining the second encryption key by using a single parameter may also be a method of obtaining the second encryption key by using multiple parameters, for example, when obtaining the second encryption key by using a single parameter, the following steps may be performed:
obtaining a second encryption key according to a security encryption parameter, wherein the security encryption parameter is obtained through a security processor;
and encrypting the data to be written by using the second encryption key to obtain the encrypted data to be written.
The second encryption key is obtained through the security encryption parameter, and the security of the data to be written can be improved. In another specific embodiment, in order to be not easily damaged by the outside world, the second encryption key may be obtained by adding multiple parameters, specifically:
and acquiring a second encryption parameter and a safety encryption parameter, and acquiring the second encryption key according to the second encryption parameter and the safety encryption parameter.
The second encryption parameter may be a parameter which is not easily obtained from the outside and has specificity, such as the random number generated once when the processor is started, so that the security of the data to be written can be further improved by adding an additional encryption parameter which is not easily cracked in combination with the secure encryption parameter.
And after the encrypted data to be written is obtained, further combining the encrypted data to be written and the address of the data to be written, and performing write redundancy coding operation by using a write redundancy polynomial to obtain the integrity error correction tag to be written.
Of course, in order to increase the security of the write redundancy coding operation, a write redundancy initial value parameter capable of improving the redundancy coding operation prevention performance may be used, so that a write redundancy initial value is obtained based on the address of the data to be written and the write redundancy initial value parameter, and the to-be-written integrity error correction tag is obtained by further combining the encrypted data to be written.
Then, in order to improve the security of the integrity error correction tag to be written, the integrity error correction tag to be written may also be encrypted, so as to obtain the encrypted integrity error correction tag to be written.
For a specific encryption mode to be written in the integrity error correction tag, reference may be made to the foregoing embodiment, and of course, other types of first encryption parameters may be used instead of the first encryption parameter, or the number of key generation parameters for obtaining the first encryption key may be increased, that is, the number of the first encryption parameters to be used may be increased.
And finally, writing the encrypted data to be written and the encrypted integrity error correction label to be written into the memory.
Therefore, the security of the data to be written and the security of the integrity error correction label to be written can be simultaneously realized by simultaneously adopting an encryption processing mode for the data to be written and the integrity error correction label to be written, so that the integrity verification of the data to be written corresponding to the address of the data to be written and the error correction of the data to be written when the data to be written has errors can be realized based on the encryption integrity error correction label to be written, and the security protection, the integrity verification and the error correction of the data to be written are realized by utilizing the data to be written and the address of the data to be written, therefore, the integrity protection function of the memory data and the security of the data to be written can be simultaneously improved under the condition of not influencing the error correction performance of the data and ensuring the error correction capability.
After the data to be written and the corresponding integrity error correction tag to be written are written into the memory, when a processor sends a data reading request, integrity verification and data error correction can be performed on the data to be written through the integrity error correction tag to be written, so that correct data to be read, namely original and complete data to be written stored in the memory in the data writing process, can be obtained.
For convenience of understanding, the following description is made in terms of data reading, please refer to fig. 7, and fig. 7 is a schematic flow chart of a data reading method provided in an embodiment of the present application.
As shown in the figure, the process may include the following steps:
step S20, obtaining the data to be read stored in the data address to be read and the integrity error correction label to be read corresponding to the data to be read.
The data address to be read comprises a data address to be written in the data writing method according to any one of the preceding embodiments, and the integrity error correction tag to be read comprises an integrity error correction tag to be written in the data writing method according to any one of the preceding embodiments.
It is to be understood that, in other embodiments, when the encrypted data to be written and the encrypted integrity error correction tag to be written are written during the data writing process, and when the data is read, the encrypted data to be read and the encrypted integrity error correction tag to be read are obtained correspondingly.
When the encrypted data to be written and the integrity error correction label to be written are written in the data writing process, correspondingly, when the data are read, the encrypted data to be read and the integrity error correction label to be read are obtained.
When data to be written and an encryption integrity error correction tag to be written are written in the data writing process, correspondingly, the data to be read and the encryption integrity error correction tag to be read are obtained in the data reading process.
That is, the data in a certain data address is read and the data in a certain data address stored in the memory are corresponding, so that the correct data can be read after the integrity of the data is verified and corrected by using the integrity error correction tag to be read or the encryption integrity error correction tag to be read, which is written in the memory in advance, of the corresponding data.
Step S21, obtaining a first redundant integrity error correction label according to the integrity error correction label to be read.
Corresponding to the implementation flow of data writing, data integrity verification and error correction are required during data reading.
When the integrity error correction tag to be written is written in the data writing process, the integrity error correction tag to be read is obtained during reading.
Of course, in another specific embodiment, when the encrypted integrity error correction tag to be written is written in the data writing process, the encrypted integrity error correction tag to be read is obtained during reading, and at this time, the integrity verification of the data is performed after the encrypted integrity error correction tag to be read is decrypted.
Therefore, the steps of the data reading method provided by the embodiment of the present application may further include:
and decrypting the encrypted integrity error correction label to be read to obtain a first redundant integrity error correction label.
According to the steps of data writing, the data information suitable for integrity verification, namely the first redundancy integrity error correction label, can be obtained after the encryption integrity error correction label to be read is decrypted.
In order to enable the decrypted first redundant integrity error correction tag to serve as a basis for data integrity verification and error correction, the parameters required for decryption are the same as the encryption parameters used in the aforementioned data writing method.
Specifically, the step of decrypting the encrypted integrity error correction tag to be read to obtain a first redundant integrity error correction tag may include:
obtaining a first decryption key by using the address of the data to be read, wherein the first decryption key corresponds to a first encryption key, and the first encryption key is used for encrypting an integrity error correction label when the data is written to obtain the encrypted integrity error correction label to be written;
and decrypting the encrypted integrity error correction label to be read by using the first decryption key to obtain the first redundant integrity error correction label.
Since the first encryption key used in the data writing process is obtained according to the data address to be written, in order to ensure the realization of data integrity verification during data reading, similarly, when the encrypted integrity error correction tag to be read is decrypted, the used decryption key also needs to obtain the first decryption key by using the data address to be read corresponding to the data address to be written in the data writing method.
Certainly, when the double parameters (i.e. the first encryption parameter and the address of the data to be written) are used for encryption in order to further improve the security of the integrity error correction tag during encryption in the data writing process, the corresponding double parameters also need to be used to obtain the decryption key in the data reading process, so that decryption of the encrypted data to be read is successfully completed.
Specifically, the process of decrypting the encrypted data to be read may further include:
acquiring a first decryption parameter, wherein the first decryption parameter corresponds to a first encryption parameter, and the first encryption parameter is used for acquiring the first encryption key when data is written;
the step of obtaining the first decryption key by using the address of the data to be read comprises:
and obtaining a first decryption key by using the first decryption parameter and the address of the data to be read.
Therefore, the decryption key suitable for the type of encrypted integrity error correction label to be read can be obtained by corresponding to the key generation parameter used for security protection in the data writing process.
And S22, performing reading redundancy coding operation on the data to be read and the address of the data to be read by using a reading redundancy polynomial to obtain a second redundancy integrity error correction tag.
The read redundancy polynomial corresponds to the write redundancy polynomial in the data writing method, so that the obtained second redundancy integrity error correction tag can be ensured to be suitable for integrity verification and error correction of data in the same data address during data writing and data reading.
Certainly, in the process of data writing, when data to be written is written, the data to be read is obtained by data reading, and at this time, when the second redundant integrity error correction tag is obtained, the data to be encrypted needs to be used; and when the encrypted data to be written is written in the data writing process, the encrypted data to be read is obtained by data reading, and at the moment, the encrypted data to be read needs to be used when the second redundancy integrity error correction tag is obtained.
To this end, in particular, the data reading method provided in the embodiment of the present application may further include:
and performing reading redundancy coding operation on the encrypted data to be read and the address of the data to be read by using a reading redundancy polynomial to obtain a second redundancy integrity error correction tag.
The encrypted data to be read and the encrypted data to be written are in a corresponding relationship, and according to the data writing process, correspondingly, when whether the data is integrity is verified, the encrypted data to be read needs to be used as a generation parameter of the second redundancy integrity error correction tag, so that the accuracy of the finally determined data integrity can be ensured.
In order to ensure the data security, when other parameters for protecting the data security are added during data writing to perform writing redundancy coding operation, the same parameters are also required to be used to complete reading redundancy coding operation in the corresponding data reading process.
Specifically, the data reading method may further include:
acquiring a read redundancy initial value parameter;
the step of performing read redundancy coding operation on the data to be read and the address of the data to be read by using a read redundancy polynomial to obtain a second redundancy integrity error correction tag comprises the following steps:
obtaining a reading redundancy initial value according to the reading redundancy initial value parameter and the address of the data to be read;
and performing read redundancy coding operation on the data to be read by using the read redundancy polynomial and the redundancy initial value to obtain the second redundancy integrity error correction tag.
The read redundancy initial value is the same as the write redundancy initial value in the data writing method, and the corresponding read redundancy coding operation and the corresponding write redundancy coding operation are also the same, so that a corresponding second redundancy integrity error correction tag can be obtained, and the reliability of data integrity verification is ensured.
It is easy to understand that, when the data to be read is encrypted data to be read, the encrypted data to be read also needs to be used in the process of performing the read redundancy coding operation by using the redundancy initial value parameter, and specifically, the step of obtaining the second redundancy integrity error correction tag may further include:
and performing read redundancy coding operation on the encrypted data to be read by using the read redundancy polynomial and the redundancy initial value to obtain the second redundancy integrity error correction tag.
Therefore, peer-to-peer data can be obtained by using the corresponding redundant coding operation parameters, and the accuracy of data integrity verification is ensured.
Step S23 determines whether the first redundant integrity error correction tag is equal to the second redundant integrity error correction tag. If yes, step S27 is executed, otherwise step S24 is executed.
When the first redundancy integrity error correction tag is not equal to the second redundancy integrity error correction tag, that is, the data after the redundancy coding operation is read, that is, the second redundancy integrity error correction tag has an error, the second redundancy integrity error correction tag needs to be corrected.
Specifically, please refer to fig. 7.
As shown in the figure, the process may further include the steps of:
step S24, obtaining an error deviation between the first redundant integrity error correction tag and the second redundant integrity error correction tag.
The error deviation may include the number of errors occurring in corresponding bits between original data of the data to be read and a decrypted device obtained after decryption, that is, the second redundant integrity error correction tag.
In one embodiment, the error bias may include a hamming distance.
Therefore, the Hamming distance can accurately determine error deviation, the judgment accuracy is ensured, and the data corresponding to the error bit can be quickly corrected to obtain correct data to be read.
And step S25, judging whether the error deviation is larger than an error correction threshold value. If not, step S26 is performed, and if yes, step S28 is performed.
And S26, performing data error correction on the data to be read and the first redundancy integrity error correction tag by utilizing the reading redundancy coding operation to obtain corrected data to be read.
The bit with data error in the obtained data to be read is turned over and adjusted, for example, the original data is 1 at the bit, but the error of the data of the bit caused by the hardware problem in the writing process or the memory is turned from 1 to 0, at this time, the error of the bit is turned over from 0 to 1 through the redundancy coding operation, so that the data error correction of the bit can be realized until the correction of all the bits with data turning is completed, and the correct data to be read is obtained, namely the data to be read is corrected.
When the data to be read is the encrypted data to be read, the data error correction needs to be performed on the encrypted data to be read and the first redundant integrity error correction tag by using the read redundant coding operation, so that the encrypted data to be read is corrected.
So as to obtain corresponding correction data according to the actual data written in the data writing process.
When it is determined that the first redundant integrity error correction tag is equal to the second redundant integrity error correction tag, or after performing data correction through a read redundant coding operation, it is determined that the data to be read is complete, and at this time, the next step, that is, step S27, may be performed.
And step S27, sending the determined complete data to be read.
When the error deviation is greater than the error correction threshold, it indicates that the data exceeds the error correction range of the redundant coding operation, and the error correction function cannot be realized, so that the data exception information is sent to the external device, that is, step S28, prompts the data stored at the data address of the computer system to have an error, and performs external auxiliary correction, so that the data information read to the error does not occur, the whole computer data operation is damaged, and the safety of the computer data can be protected.
Step S28, sending out data exception information.
Because the write redundancy coding operation and the read redundancy coding operation are corresponding linear coding operations, the input address is the same address, and the integrity error correction tag to be read and the integrity error correction tag to be written are also correspondingly the same, so that the obtained first redundancy integrity error correction tag can perform integrity verification and data error correction on data to be read.
When the data to be read is the encrypted data to be read, after integrity verification and error correction are performed on the encrypted data to be read, the obtained corrected encrypted data to be read also needs to be decrypted, and the correct decrypted data to be read is sent after the decrypted data to be read is obtained.
Specifically, the data reading method may further include:
decrypting the encrypted data to be read to obtain decrypted data to be read;
and sending the determined complete decrypted data to be read.
And determining the integrity of the data according to the first redundancy integrity error correction label and the second redundancy integrity error correction label, and sending the data to be read after the decryption of the encrypted data to be read is completed. That is, the data to be read at this time is safe and correct data, and can be sent to the processor.
And performing corresponding operation according to the data specifically written in during data writing, wherein the data written in during data writing is encrypted data to be written in, and when the data is read, the verification of the integrity of the data is the verification of the integrity of the encrypted data to be read, so that a correct verification result can be obtained.
Specifically, the step of decrypting the encrypted data to be read to obtain decrypted data to be read includes:
acquiring a security decryption parameter, wherein the security decryption parameter corresponds to a security encryption parameter, and the security encryption parameter is acquired through a security processor and is used for acquiring a second encryption key for encrypting data to be written when the data is written;
obtaining a second decryption key according to the security decryption parameter;
and decrypting the encrypted data to be read by using the second decryption key to obtain the decrypted data to be read.
Therefore, according to the encryption parameter (second encryption parameter) of the data to be written used in the data writing process, the same data decryption parameter (second decryption parameter) is correspondingly used in the data reading process, the second key suitable for decrypting the encrypted data to be read is obtained, the correspondence between the decryption of the encrypted data to be read and the encryption of the data to be written is ensured, and the successful verification of the integrity of the subsequent data can be ensured.
Of course, when the data to be written is encrypted by using two parameters (the secure encryption parameter and the second encryption parameter) in the data writing process, similarly, when the data is read, two parameters are needed to obtain the second decryption key.
Specifically, the step of decrypting the encrypted data to be read may further include:
acquiring a second decryption parameter, wherein the second decryption parameter corresponds to a second encryption parameter, and the second encryption parameter is used for acquiring a second encryption key when data is written;
the step of obtaining a second decryption key according to the secure decryption parameter comprises:
obtaining a second decryption key according to the second decryption parameter and the security decryption parameter;
and decrypting the encrypted data to be read by using the second decryption key to obtain the decrypted data to be read.
According to the encryption parameters (the second encryption parameter and the security encryption parameter) specifically used during the encryption of the data to be written in the data writing process, the second decryption parameter and the security decryption parameter which are equivalent are selected and used during the data reading process, so that the obtained second decryption key is a key suitable for decrypting the encrypted data to be read stored in the memory.
Of course, when data is written, if a plurality of encryption parameters are used to encrypt data to be written, the same number of decryption parameters are required to be used to decrypt data when data is read.
It can be seen that in the technical solution provided in the embodiment of the present application, the data to be read and the integrity error correction tag to be read are obtained according to the address of the data to be read that needs to be read, first, according to the integrity error correction tag to be read, a first redundancy integrity error correction tag is obtained for subsequently verifying the integrity of the data to be read and performing error correction on the data to be read when an error is verified, then, a read redundancy coding operation is further performed on the data to be read and the address of the data to be read by using a read redundancy polynomial, a second redundancy integrity error correction tag is obtained, the integrity of the data to be read is determined by comparing the first redundancy integrity error correction tag with the second redundancy integrity error correction tag, and when the data to be read is determined to be complete, decryption is performed to obtain the data to be read, and the data to be read is sent. The data to be read is corresponding to the data address to be written in the data writing process, so that the data to be read obtained according to the data address to be read is the data to be written in when writing, the integrity error correction tag to be read is the data to be written in when writing, the integrity verification and the data error correction of the data to be read can be realized by using the integrity error correction tag to be read, and the obtained second redundancy integrity error correction tag is the data to be written in when writing the data, because the used read redundancy polynomial and the used writing polynomial are the same, the data to be written in can be verified by using the first redundancy integrity error correction tag, the integrity verification and the error correction of the data to be read can be realized, the integrity protection function of the memory data can be improved under the condition that the error correction capability is ensured without influencing the error correction performance of the data.
In order to solve the foregoing problem, an embodiment of the present application further provides a data writing device, which may be regarded as a functional module that is required to be configured to implement the data writing method provided in the embodiment of the present application. The device contents described below may be referred to in correspondence with the data writing method contents described above.
Referring to fig. 8, fig. 8 is a schematic diagram of a data writing device according to an embodiment of the present application.
As shown in the figure, the data writing apparatus may include:
the write-in obtaining module 300 is adapted to obtain data to be written and a data address to be written corresponding to the data to be written;
a write redundancy coding operation module 301, adapted to perform write redundancy coding operation on the address of the data to be written and the data to be written by using a write redundancy polynomial, to obtain an integrity error correction tag to be written, where the integrity error correction tag to be written is used for integrity verification and data error correction;
a writing module 302, adapted to write the data to be written and the integrity error correction tag to be written into the memory.
In some embodiments, the data writing apparatus may further include:
the write-in redundancy parameter acquisition module is suitable for acquiring a write-in redundancy initial value parameter;
the write redundancy coding operation module 301 is adapted to perform write redundancy coding on the address of the data to be written and the data to be written by using a write redundancy polynomial, so as to obtain an integrity error correction tag to be written, and includes:
obtaining a write redundancy initial value according to the write redundancy initial value parameter and the address of the data to be written;
and performing write redundancy coding operation on the data to be written by using a write redundancy polynomial and the write redundancy initial value to obtain the integrity error correction tag to be written.
In some embodiments, the data writing apparatus may further include:
the integrity error correction tag encryption module is suitable for encrypting the integrity error correction tag to be written to obtain an encrypted integrity error correction tag to be written;
the writing module 302 is adapted to write the data to be written and the integrity error correction tag to be written into a memory, and includes:
and writing the data to be written and the encrypted integrity error correction label to be written into the memory.
In an embodiment, the integrity error correction tag encryption module is adapted to encrypt the integrity error correction tag to be written to obtain an encrypted integrity error correction tag to be written to, and includes:
obtaining a first encryption key according to the address of the data to be written;
and encrypting the integrity error correction label to be written by using the first encryption key to obtain the encryption integrity error correction label to be written.
In some embodiments, the data writing apparatus may further include:
the first encryption parameter acquisition module is suitable for acquiring a first encryption parameter;
the integrity error correction tag encryption module is adapted to obtain a first encryption key according to the address of the data to be written, and includes:
and obtaining the first encryption key according to the first encryption parameter and the address of the data to be written.
In some embodiments, the data writing apparatus may further include:
the data encryption module is suitable for encrypting the data to be written to obtain encrypted data to be written;
the writing module is adapted to write the data to be written and the integrity error correction tag to be written into a memory, and includes:
and writing the encrypted data to be written and the integrity error correction label to be written into the memory.
In an embodiment, the data encryption module is adapted to encrypt the data to be written to obtain encrypted data to be written, and includes:
obtaining a second encryption key according to a security encryption parameter, wherein the security encryption parameter is obtained through a security processor;
and encrypting the data to be written by using the second encryption key to obtain the encrypted data to be written.
In some embodiments, the data writing apparatus may further include:
the second encryption parameter acquisition module is suitable for acquiring a second encryption parameter;
the data encryption module, adapted to obtain the second encryption key, includes:
and obtaining the second encryption key according to the second encryption parameter and the safety encryption parameter.
It can be seen that, according to the technical scheme provided in the embodiment of the present application, according to the data to be written to and the data address to be written to corresponding to the data to be written, first, a write redundancy coding operation is performed on the data to be written and the data address to be written by using a write redundancy polynomial, so as to obtain an integrity error correction tag to be written, and then, the integrity error correction tag to be written and the data to be written are written into the memory.
In order to solve the foregoing problem, an embodiment of the present application further provides a data reading apparatus, which may be regarded as a functional module that is required to be configured to implement the data reading method provided by the embodiment of the present application. The device contents described below may be referred to in correspondence with the data reading method contents described above.
Referring to fig. 9, fig. 9 is a schematic structural diagram of a data reading apparatus according to an embodiment of the present disclosure.
As shown in the figure, the data reading apparatus may include:
a read obtaining module 400, adapted to obtain data to be read stored in a data address to be read, and a data integrity error correction tag to be read corresponding to the data to be read, where the data address to be read includes a data address to be written in the data writing device according to the foregoing embodiment, the data integrity error correction tag to be read includes a data integrity error correction tag to be written in the data writing device according to the foregoing embodiment, and the data integrity error correction tag to be read is used for performing integrity verification and data error correction on the data to be read;
a first redundancy integrity error correction tag obtaining module 401, adapted to obtain a first redundancy integrity error correction tag according to the to-be-read integrity error correction tag;
a read redundancy coding operation module 402, adapted to perform a read redundancy coding operation on the data to be read and the address of the data to be read by using a read redundancy polynomial, so as to obtain a second redundancy integrity error correction tag, where the read redundancy polynomial corresponds to the write redundancy polynomial in the data writing device according to any one of the foregoing embodiments;
an integrity determining module 403, adapted to determine that the data to be read is complete when the first redundant integrity error correction tag is equal to the second redundant integrity error correction tag;
a sending module 404, adapted to send the determined complete data to be read.
In one embodiment, the data reading apparatus may further include:
a data error correction module 405 adapted to obtain an error deviation of the first redundant integrity error correction tag and the second redundant integrity error correction tag when the first redundant integrity error correction tag is not equal to the second redundant integrity error correction tag;
when the error deviation is not greater than an error correction threshold value, performing data error correction on the data to be read and the first redundancy integrity error correction tag by using the read redundancy coding operation to obtain corrected data to be read;
the sending module 404 is adapted to send the determined complete data to be read, and includes:
and sending the data to be read corrected.
In an embodiment, the data reading apparatus may further include:
and a data error reporting module 406, adapted to send data exception information when the error deviation is greater than the error correction threshold.
In one embodiment, the error bias includes a hamming distance.
In one embodiment, the data reading apparatus further includes:
the read redundancy parameter acquisition module is suitable for acquiring a read redundancy initial value parameter;
the read redundancy code operation module is adapted to perform read redundancy code operation on the data to be read and the address of the data to be read by using a read redundancy polynomial to obtain a second redundancy integrity error correction tag, and includes:
obtaining a reading redundancy initial value according to the reading redundancy initial value parameter and the address of the data to be read;
and performing reading redundancy coding operation on the data to be read by using the reading redundancy polynomial and the reading redundancy initial value to obtain the second redundancy integrity error correction tag.
In an embodiment, the integrity error correction tag to be read includes an encrypted integrity error correction tag to be read, and the first redundancy integrity error correction tag obtaining module is adapted to obtain the first redundancy integrity error correction tag according to the integrity error correction tag to be read, and includes:
and decrypting the encrypted integrity error correction label to be read to obtain a first redundant integrity error correction label.
In an embodiment, the first redundant integrity error correction tag obtaining module is adapted to decrypt the encrypted integrity error correction tag to be read, and obtain a first redundant integrity error correction tag, including:
obtaining a first decryption key by using the address of the data to be read, wherein the first decryption key corresponds to a first encryption key, and the first encryption key is used for encrypting an integrity error correction label when the data is written to obtain the encrypted integrity error correction label to be written;
and decrypting the encrypted integrity error correction label to be read by using the first decryption key to obtain the first redundant integrity error correction label.
In one embodiment, the data reading apparatus may further include:
the first decryption parameter acquisition module is suitable for acquiring a first decryption parameter, the first decryption parameter corresponds to a first encryption parameter, and the first encryption parameter is used for acquiring the first encryption key when data is written;
the first redundancy integrity error correction tag obtaining module is adapted to obtain a first decryption key by using the data address to be read, and includes:
and obtaining a first decryption key by using the first decryption parameter and the address of the data to be read.
In an embodiment, the data to be read includes encrypted data to be read, and the sending module, before being adapted to send the data to be read, is further configured to:
the data decryption module is suitable for decrypting the encrypted data to be read to obtain decrypted data to be read;
the sending module is adapted to send the determined complete data to be read, and includes:
and sending the determined complete decrypted data to be read.
In an embodiment, the data decryption module is adapted to decrypt the encrypted data to be read to obtain decrypted data to be read, and includes:
acquiring a security decryption parameter, wherein the security decryption parameter corresponds to a security encryption parameter, and the security encryption parameter is acquired through a security processor and is used for acquiring a second encryption key for encrypting data to be written when the data is written;
obtaining a second decryption key according to the security decryption parameter;
and decrypting the encrypted data to be read by using the second decryption key to obtain the decrypted data to be read.
In one embodiment, the data reading apparatus may further include:
the second decryption parameter acquisition module is suitable for acquiring a second decryption parameter, the second decryption parameter corresponds to a second encryption parameter, and the second encryption parameter is used for acquiring a second encryption key when data is written;
the data decryption module is adapted to obtain a second decryption key according to the security decryption parameter, and includes:
obtaining a second decryption key according to the second decryption parameter and the security decryption parameter;
and decrypting the encrypted data to be read by using the second decryption key to obtain the decrypted data to be read.
It can be seen that in the technical solution provided in the embodiment of the present application, the data to be read and the integrity error correction tag to be read are obtained according to the address of the data to be read that needs to be read, first, according to the integrity error correction tag to be read, a first redundancy integrity error correction tag is obtained for subsequently verifying the integrity of the data to be read and performing error correction on the data to be read when an error is verified, then, a read redundancy coding operation is further performed on the data to be read and the address of the data to be read by using a read redundancy polynomial, a second redundancy integrity error correction tag is obtained, the integrity of the data to be read is determined by comparing the first redundancy integrity error correction tag with the second redundancy integrity error correction tag, and when the data to be read is determined to be complete, decryption is performed to obtain the data to be read, and the data to be read is sent. The data to be read is corresponding to the data address to be written in the data writing process, so that the data to be read obtained according to the data address to be read is the data to be written in when writing, the integrity error correction tag to be read is the data to be written in when writing, the integrity verification and the data error correction of the data to be read can be realized by using the integrity error correction tag to be read, and the obtained second redundancy integrity error correction tag is the data to be written in when writing the data, because the used read redundancy polynomial and the used writing polynomial are the same, the data to be written in can be verified by using the first redundancy integrity error correction tag, the integrity verification and the error correction of the data to be read can be realized, the integrity protection function of the memory data can be improved under the condition that the error correction capability is ensured without influencing the error correction performance of the data.
An embodiment of the present application further provides a storage medium, where a program suitable for data writing and data reading is stored in the storage medium, so as to implement the data writing method according to any one of the foregoing embodiments or the data reading method according to any one of the foregoing embodiments.
An embodiment of the present application further provides an electronic device, which includes at least one memory and at least one processor, where the memory stores a data writing program, and the processor calls the program to perform the data writing method according to any one of the foregoing embodiments or the data reading method according to any one of the foregoing embodiments.
Although the embodiments of the present application are disclosed above, the present application is not limited thereto. Various changes and modifications may be effected therein by one of ordinary skill in the pertinent art without departing from the scope or spirit of the present disclosure, and it is intended that the scope of the present disclosure be defined by the appended claims.
Claims (39)
1. A method of writing data, comprising:
acquiring data to be written and a data address to be written corresponding to the data to be written;
performing write redundancy coding operation on the address of the data to be written and the data to be written by using a write redundancy polynomial to obtain an integrity error correction tag to be written, wherein the integrity error correction tag to be written is used for integrity verification and data error correction;
and writing the data to be written and the integrity error correction label to be written into the memory.
2. The data writing method of claim 1, further comprising:
acquiring a write redundancy initial value parameter;
the step of performing write redundancy coding operation on the address of the data to be written and the data to be written by using a write redundancy polynomial to obtain the integrity error correction tag to be written comprises the following steps:
obtaining a write redundancy initial value according to the write redundancy initial value parameter and the address of the data to be written;
and performing write redundancy coding operation on the data to be written by using a write redundancy polynomial and the write redundancy initial value to obtain the integrity error correction tag to be written.
3. The data writing method of claim 1, further comprising:
encrypting the integrity error correction label to be written to obtain an encrypted integrity error correction label to be written;
the step of writing the data to be written and the integrity error correction tag to be written into the memory comprises:
and writing the data to be written and the encrypted integrity error correction label to be written into the memory.
4. The data writing method according to claim 3, wherein the step of encrypting the integrity error correction tag to be written to obtain the encrypted integrity error correction tag to be written comprises:
obtaining a first encryption key according to the address of the data to be written;
and encrypting the integrity error correction label to be written by using the first encryption key to obtain the encryption integrity error correction label to be written.
5. The data writing method of claim 4, further comprising:
acquiring a first encryption parameter;
the step of obtaining a first encryption key according to the address of the data to be written comprises the following steps:
and obtaining the first encryption key according to the first encryption parameter and the address of the data to be written.
6. The data writing method of claim 1, further comprising:
encrypting the data to be written to obtain encrypted data to be written;
the step of writing the data to be written and the integrity error correction tag to be written into the memory comprises:
and writing the encrypted data to be written and the integrity error correction label to be written into the memory.
7. The data writing method according to claim 6, wherein the encrypting the data to be written to obtain the encrypted data to be written includes:
obtaining a second encryption key according to a security encryption parameter, wherein the security encryption parameter is obtained through a security processor;
and encrypting the data to be written by using the second encryption key to obtain the encrypted data to be written.
8. The data writing method of claim 7, further comprising:
acquiring a second encryption parameter;
the step of obtaining a second encryption key according to the security encryption parameter comprises:
and obtaining the second encryption key according to the second encryption parameter and the safety encryption parameter.
9. A data reading method, comprising:
acquiring data to be read stored in a data address to be read, and a data integrity error correction tag to be read corresponding to the data to be read, wherein the data address to be read comprises a data address to be written in the data writing method according to any one of claims 1 to 8, the data integrity error correction tag to be read comprises a data integrity error correction tag to be written in the data writing method according to any one of claims 1 to 8, and the data integrity error correction tag to be read is used for performing integrity verification and data error correction on the data to be read;
acquiring a first redundancy integrity error correction label according to the integrity error correction label to be read;
performing a read redundancy coding operation on the data to be read and the address of the data to be read by using a read redundancy polynomial to obtain a second redundancy integrity error correction tag, wherein the read redundancy polynomial corresponds to the write redundancy polynomial in the data writing method according to any one of claims 1 to 8;
when the first redundancy integrity error correction tag is equal to the second redundancy integrity error correction tag, determining that the data to be read is complete;
and sending the determined complete data to be read.
10. The data reading method of claim 9, further comprising:
when the first redundant integrity error correction label is not equal to the second redundant integrity error correction label, acquiring error deviation of the first redundant integrity error correction label and the second redundant integrity error correction label;
when the error deviation is not greater than an error correction threshold value, performing data error correction on the data to be read and the first redundancy integrity error correction tag by using the read redundancy coding operation to obtain corrected data to be read;
and sending the data to be read corrected.
11. A data reading method according to claim 10, further comprising:
and when the error deviation is larger than the error correction threshold value, sending data exception information.
12. A method of reading data according to claim 10, wherein the error bias comprises a hamming distance.
13. The data reading method of claim 9, further comprising:
acquiring a read redundancy initial value parameter;
the step of performing read redundancy coding operation on the data to be read and the address of the data to be read by using a read redundancy polynomial to obtain a second redundancy integrity error correction tag comprises the following steps:
obtaining a reading redundancy initial value according to the reading redundancy initial value parameter and the address of the data to be read;
and performing reading redundancy coding operation on the data to be read by using the reading redundancy polynomial and the reading redundancy initial value to obtain the second redundancy integrity error correction tag.
14. The data reading method according to claim 9, wherein the integrity error correction tag to be read includes an encrypted integrity error correction tag to be read, and the step of obtaining a first redundant integrity error correction tag according to the integrity error correction tag to be read includes:
and decrypting the encrypted integrity error correction tag to be read to obtain the first redundant integrity error correction tag.
15. The data reading method according to claim 14, wherein the step of decrypting the encrypted integrity error correction tag to be read to obtain the first redundant integrity error correction tag comprises:
obtaining a first decryption key by using the address of the data to be read, wherein the first decryption key corresponds to a first encryption key, and the first encryption key is used for encrypting an integrity error correction label when the data is written to obtain the encrypted integrity error correction label to be written;
and decrypting the encrypted integrity error correction label to be read by using the first decryption key to obtain the first redundant integrity error correction label.
16. A data reading method according to claim 15, further comprising:
acquiring a first decryption parameter, wherein the first decryption parameter corresponds to a first encryption parameter, and the first encryption parameter is used for acquiring the first encryption key when data is written;
the step of obtaining the first decryption key by using the address of the data to be read comprises:
and obtaining a first decryption key by using the first decryption parameter and the address of the data to be read.
17. The data reading method according to claim 9, wherein the data to be read includes encrypted data to be read, and before the step of sending the data to be read that is determined to be complete, the method further includes:
decrypting the encrypted data to be read to obtain decrypted data to be read;
the step of sending the determined complete data to be read includes:
and sending the determined complete decrypted data to be read.
18. The data reading method according to claim 17, wherein the decrypting the encrypted data to be read to obtain decrypted data to be read includes:
acquiring a security decryption parameter, wherein the security decryption parameter corresponds to a security encryption parameter, and the security encryption parameter is acquired through a security processor and is used for acquiring a second encryption key for encrypting data to be written when the data is written;
obtaining a second decryption key according to the security decryption parameter;
and decrypting the encrypted data to be read by using the second decryption key to obtain the decrypted data to be read.
19. A data reading method according to claim 18, further comprising:
acquiring a second decryption parameter, wherein the second decryption parameter corresponds to a second encryption parameter, and the second encryption parameter is used for acquiring a second encryption key when data is written;
the step of obtaining a second decryption key according to the secure decryption parameter comprises:
obtaining a second decryption key according to the second decryption parameter and the security decryption parameter;
and decrypting the encrypted data to be read by using the second decryption key to obtain the decrypted data to be read.
20. A data writing apparatus, comprising:
the write-in acquisition module is suitable for acquiring data to be written and a data address to be written corresponding to the data to be written;
the write redundancy coding operation module is suitable for performing write redundancy coding operation on the address of the data to be written and the data to be written by using a write redundancy polynomial to obtain an integrity error correction label to be written, and the integrity error correction label to be written is used for integrity verification and data error correction;
and the writing module is suitable for writing the data to be written and the integrity error correction label to be written into the memory.
21. The data writing apparatus of claim 20, further comprising:
the write-in redundancy parameter acquisition module is suitable for acquiring a write-in redundancy initial value parameter;
the write redundancy coding operation module is adapted to perform write redundancy coding on the address of the data to be written and the data to be written by using a write redundancy polynomial, so as to obtain an integrity error correction tag to be written, and includes:
obtaining a write redundancy initial value according to the write redundancy initial value parameter and the address of the data to be written;
and performing write redundancy coding operation on the data to be written by using a write redundancy polynomial and the write redundancy initial value to obtain the integrity error correction tag to be written.
22. The data writing apparatus of claim 20, further comprising:
the integrity error correction tag encryption module is suitable for encrypting the integrity error correction tag to be written to obtain an encrypted integrity error correction tag to be written;
the writing module is adapted to write the data to be written and the integrity error correction tag to be written into the memory, and includes:
and writing the data to be written and the encrypted integrity error correction label to be written into the memory.
23. The data writing apparatus according to claim 22, wherein the integrity error correction tag encryption module is adapted to encrypt the integrity error correction tag to be written, so as to obtain an encrypted integrity error correction tag to be written, and includes:
obtaining a first encryption key according to the address of the data to be written;
and encrypting the integrity error correction label to be written by using the first encryption key to obtain the encryption integrity error correction label to be written.
24. The data writing apparatus of claim 23, further comprising:
the first encryption parameter acquisition module is suitable for acquiring a first encryption parameter;
the integrity error correction tag encryption module is adapted to obtain a first encryption key according to the address of the data to be written, and includes:
and obtaining the first encryption key according to the first encryption parameter and the address of the data to be written.
25. The data writing apparatus of claim 20, further comprising:
the data encryption module is suitable for encrypting the data to be written to obtain encrypted data to be written;
the writing module is adapted to write the data to be written and the integrity error correction tag to be written into a memory, and includes:
and writing the encrypted data to be written and the integrity error correction label to be written into the memory.
26. The data writing device according to claim 25, wherein the data encryption module is adapted to encrypt the data to be written to obtain encrypted data to be written, and includes:
obtaining a second encryption key according to a security encryption parameter, wherein the security encryption parameter is obtained through a security processor;
and encrypting the data to be written by using the second encryption key to obtain the encrypted data to be written.
27. The data writing apparatus of claim 26, further comprising:
the second encryption parameter acquisition module is suitable for acquiring a second encryption parameter;
the data encryption module, adapted to obtain the second encryption key, includes:
and obtaining the second encryption key according to the second encryption parameter and the safety encryption parameter.
28. A data reading apparatus, comprising:
a reading obtaining module, adapted to obtain data to be read stored in a data address to be read, and a data integrity error correction tag to be read corresponding to the data to be read, where the data address to be read includes a data address to be written in the data writing apparatus according to any one of claims 20 to 27, the data integrity error correction tag to be read includes a data integrity error correction tag to be written in the data writing apparatus according to any one of claims 20 to 27, and the data integrity error correction tag to be read is used for performing integrity verification and data error correction on the data to be read;
the first redundancy integrity error correction tag acquisition module is suitable for acquiring a first redundancy integrity error correction tag according to the integrity error correction tag to be read;
a read redundancy coding operation module adapted to perform a read redundancy coding operation on the data to be read and the address of the data to be read by using a read redundancy polynomial to obtain a second redundancy integrity error correction tag, wherein the read redundancy polynomial corresponds to the write redundancy polynomial in the data writing device according to any one of claims 20 to 27;
the integrity determining module is suitable for determining that the data to be read is complete when the first redundancy integrity error correction tag is equal to the second redundancy integrity error correction tag;
and the sending module is suitable for sending the determined complete data to be read.
29. The data reading apparatus of claim 28, further comprising:
the data error correction module is suitable for acquiring error deviation of the first redundancy integrity error correction label and the second redundancy integrity error correction label when the first redundancy integrity error correction label is not equal to the second redundancy integrity error correction label;
when the error deviation is not greater than an error correction threshold value, performing data error correction on the data to be read and the first redundancy integrity error correction tag by using the read redundancy coding operation to obtain corrected data to be read;
the sending module is adapted to send the determined complete data to be read, and includes:
and sending the data to be read corrected.
30. The data reading apparatus of claim 29, further comprising:
and the data error reporting module is suitable for sending data abnormal information when the error deviation is greater than the error correction threshold value.
31. The data reading apparatus of claim 28, further comprising:
the read redundancy parameter acquisition module is suitable for acquiring a read redundancy initial value parameter;
the read redundancy code operation module is adapted to perform read redundancy code operation on the data to be read and the address of the data to be read by using a read redundancy polynomial to obtain a second redundancy integrity error correction tag, and includes:
obtaining a reading redundancy initial value according to the reading redundancy initial value parameter and the address of the data to be read;
and performing reading redundancy coding operation on the data to be read by using the reading redundancy polynomial and the reading redundancy initial value to obtain the second redundancy integrity error correction tag.
32. The data reading apparatus according to claim 28, wherein the integrity error correction tag to be read includes an encrypted integrity error correction tag to be read, and the first redundancy integrity error correction tag obtaining module is adapted to obtain the first redundancy integrity error correction tag according to the integrity error correction tag to be read, and includes:
and decrypting the encrypted integrity error correction label to be read to obtain a first redundant integrity error correction label.
33. The data reading apparatus according to claim 32, wherein the first redundant integrity error correction tag obtaining module is adapted to decrypt the encrypted integrity error correction tag to be read, so as to obtain a first redundant integrity error correction tag, and includes:
obtaining a first decryption key by using the address of the data to be read, wherein the first decryption key corresponds to a first encryption key, and the first encryption key is used for encrypting an integrity error correction label when the data is written to obtain the encrypted integrity error correction label to be written;
and decrypting the encrypted integrity error correction label to be read by using the first decryption key to obtain the first redundant integrity error correction label.
34. The data reading apparatus of claim 33, further comprising:
the first decryption parameter acquisition module is suitable for acquiring a first decryption parameter, the first decryption parameter corresponds to a first encryption parameter, and the first encryption parameter is used for acquiring the first encryption key when data is written;
the first redundancy integrity error correction tag obtaining module is adapted to obtain a first decryption key by using the data address to be read, and includes:
and obtaining a first decryption key by using the first decryption parameter and the address of the data to be read.
35. The data reading apparatus according to claim 28, wherein the data to be read includes encrypted data to be read, and the sending module, before sending the data to be read, is adapted to send the data to be read in a complete state, further includes:
the data decryption module is suitable for decrypting the encrypted data to be read to obtain decrypted data to be read;
the sending module is adapted to send the determined complete data to be read, and includes:
and sending the determined complete decrypted data to be read.
36. The data reading apparatus of claim 35, wherein the data decryption module is adapted to decrypt the encrypted data to be read to obtain decrypted data to be read, and includes:
acquiring a security decryption parameter, wherein the security decryption parameter corresponds to a security encryption parameter, and the security encryption parameter is acquired through a security processor and is used for acquiring a second encryption key for encrypting data to be written when the data is written;
obtaining a second decryption key according to the security decryption parameter;
and decrypting the encrypted data to be read by using the second decryption key to obtain the decrypted data to be read.
37. The data reading apparatus of claim 36, further comprising:
the second decryption parameter acquisition module is suitable for acquiring a second decryption parameter, the second decryption parameter corresponds to a second encryption parameter, and the second encryption parameter is used for acquiring a second encryption key when data is written;
the data decryption module is adapted to obtain a second decryption key according to the security decryption parameter, and includes:
obtaining a second decryption key according to the second decryption parameter and the security decryption parameter;
and decrypting the encrypted data to be read by using the second decryption key to obtain the decrypted data to be read.
38. A storage medium storing a program adapted for data writing and data reading to implement the data writing method according to any one of claims 1 to 8 or the data reading method according to any one of claims 9 to 19.
39. An electronic device comprising at least one memory storing a data writing program and at least one processor calling the program to perform the data writing method according to any one of claims 1 to 8 or the data reading method according to any one of claims 9 to 19.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211408861.4A CN115827514A (en) | 2022-11-11 | 2022-11-11 | Data writing method, data reading method and related device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211408861.4A CN115827514A (en) | 2022-11-11 | 2022-11-11 | Data writing method, data reading method and related device |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN115827514A true CN115827514A (en) | 2023-03-21 |
Family
ID=85527665
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202211408861.4A Pending CN115827514A (en) | 2022-11-11 | 2022-11-11 | Data writing method, data reading method and related device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115827514A (en) |
-
2022
- 2022-11-11 CN CN202211408861.4A patent/CN115827514A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9245153B2 (en) | Semiconductor device | |
| US9300470B2 (en) | Semiconductor device and method of writing data to semiconductor device | |
| US11693754B2 (en) | Aggregate GHASH-based message authentication code (MAC) over multiple cachelines with incremental updates | |
| US9734328B2 (en) | Datum reading error detection method | |
| KR20150112893A (en) | Method for protecting data from algebraic manipulation | |
| CN109445705B (en) | Firmware authentication method and solid state disk | |
| US20120030543A1 (en) | Protection of application in memory | |
| EP3697021A1 (en) | Secure and encrypted logging systems and methods with data recovery | |
| US20070016768A1 (en) | Detection of a change of the data of a dataset | |
| CN115827514A (en) | Data writing method, data reading method and related device | |
| US11841944B2 (en) | Parameter checking system and parameter checking method | |
| CN107861892B (en) | Method and terminal for realizing data processing | |
| CN110311773B (en) | Method for preventing injection type attack of advanced encryption standard coprocessor | |
| JP5986279B2 (en) | Semiconductor device | |
| US11461464B2 (en) | Methods and apparatus for memory attack detection | |
| EP3649553B1 (en) | Data protection | |
| US20240007265A1 (en) | Data authenticity and integrity check for data security schemes | |
| US20240232436A9 (en) | Secured computer memory | |
| US20240135040A1 (en) | Secured computer memory | |
| CN108632024B (en) | Method and device for running bootstrap program | |
| CN114564754A (en) | DRAM memory integrity protection method and device, electronic equipment and storage medium | |
| JP2024011421A (en) | Memory abnormality determination method and common key writing system | |
| CN117494161A (en) | Mobile hard disk encryption/decryption method, system and medium capable of recovering error data | |
| KR20170096564A (en) | Method and apparatus for generating key using characteristic of memory |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |