CN116340954B - Data security channel establishment method, system control processor and starting firmware - Google Patents
Data security channel establishment method, system control processor and starting firmware Download PDFInfo
- Publication number
- CN116340954B CN116340954B CN202310305032.1A CN202310305032A CN116340954B CN 116340954 B CN116340954 B CN 116340954B CN 202310305032 A CN202310305032 A CN 202310305032A CN 116340954 B CN116340954 B CN 116340954B
- Authority
- CN
- China
- Prior art keywords
- key
- system control
- firmware
- control processor
- starting
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 34
- 230000004044 response Effects 0.000 claims abstract description 76
- 230000005540 biological transmission Effects 0.000 abstract description 15
- 238000004891 communication Methods 0.000 abstract description 5
- 238000010586 diagram Methods 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/575—Secure boot
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/572—Secure firmware programming, e.g. of basic input output system [BIOS]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
Abstract
The application belongs to the technical field of communication security, and discloses a data security channel establishment method, a system control processor and starting firmware, wherein the method comprises the following steps: generating a boot firmware key hash according to the pre-stored boot firmware key, and sending a request message to the boot firmware; receiving a response message sent by the starting firmware, and judging whether the actual starting firmware key hash is consistent with the starting firmware key hash; if the key hash is consistent with the pre-stored starting firmware key, generating a shared key according to the system control processor key hash; transmitting the shared key to the boot firmware; receiving an encryption response message of starting firmware encrypted by adopting a shared key; decrypting the encrypted response message according to the shared key in the system control processor, and encrypting the message which is subsequently sent to the starting firmware according to the shared key after the decryption is successful. The method and the device can achieve the effect of improving the safety and confidentiality of data transmission between the system control processor and the starting firmware.
Description
Technical Field
The present disclosure relates to the field of communications security technologies, and in particular, to a method for establishing a data security channel, a system control processor, and a startup firmware.
Background
In the current Power processor architecture, the boot firmware HostBoot is a module for initializing a processor, a BUS BUS and an initialization memory, the system control processor SCP is a module for loading the HostBoot and configuring the state of the CPU, but the system control processor and the boot firmware are in data communication in a plaintext mode, that is, an attacker can acquire the data between the system control processor and the boot firmware through a physical means, or an illegal attack is injected to cause the system control processor or the boot firmware to recognize error information, so that serious security holes are caused.
Therefore, the prior art has the problems that the system control processor and the starting firmware perform data communication in a plaintext mode, are easily subjected to illegal attacks, and have low data transmission security and poor confidentiality.
Disclosure of Invention
The application provides a data security channel establishment method, a system control processor and starting firmware, which can improve the security and confidentiality of data transmission between the system control processor and the starting firmware and avoid the condition of information leakage.
In a first aspect, an embodiment of the present application provides a method for establishing a data security channel, where the method includes:
generating a boot firmware key hash according to a pre-stored boot firmware key in a system control processor, and sending a request message for requesting to establish a secure channel to the boot firmware;
receiving a response message sent by the starting firmware, wherein the response message comprises a real starting firmware key hash of the starting firmware, and judging whether the real starting firmware key hash is consistent with the starting firmware key hash;
if the key hash is consistent with the pre-stored starting firmware key, generating a shared key according to the system control processor key hash in the system control processor; if the two paths are inconsistent, the establishment of the safety channel fails;
after the shared key is generated, the shared key is sent to the starting firmware;
receiving an encryption response message of starting firmware encrypted by adopting a shared key;
decrypting the encrypted response message according to the shared key in the system control processor, and encrypting the message which is subsequently sent to the starting firmware according to the shared key after the decryption is successful.
Further, the generating the boot firmware key hash according to the boot firmware key pre-stored in the system control processor includes: the hash algorithm is called by calling a hardware algorithm interface of the trusted platform module on the system control processor, and a starting firmware key pre-stored in the system control processor is generated to be hashed by the hash algorithm.
Further, the hash algorithm is a sha256 hash algorithm.
Further, the generating the shared key according to the hash of the system control processor key and the pre-stored boot firmware key in the system control processor includes: and generating a shared key through a symmetric encryption algorithm according to the system control processor key hash and the prestored starting firmware key in the system control processor.
Further, after the generation of the shared key, the sending the shared key to the boot firmware includes:
after the shared key is generated, the shared key is encrypted according to a starting firmware key prestored in a system control processor to obtain a ciphertext, and the ciphertext is sent to starting firmware.
Further, the symmetric encryption algorithm is an AES256 symmetric encryption algorithm or a quotient code number 1 algorithm.
In a second aspect, embodiments of the present application provide a system control processor, including:
the hash module is used for generating a boot firmware key hash according to a pre-stored boot firmware key in the system control processor and sending a request message for requesting to establish a secure channel to the boot firmware;
the judging module is used for receiving a response message sent by the starting firmware, wherein the response message comprises a real starting firmware key hash of the starting firmware, and judging whether the real starting firmware key hash is consistent with the starting firmware key hash;
the shared key generation module is used for generating a shared key according to the system control processor key hash and the prestored starting firmware key in the system control processor;
the sending module is used for sending the shared secret key to the starting firmware after the shared secret key is generated;
the message receiving module is used for receiving an encryption response message encrypted by the shared key of the starting firmware;
and the decryption module is used for decrypting the encryption response message according to the shared secret key in the system control processor, and encrypting the message which is subsequently sent to the starting firmware according to the shared secret key after the decryption is successful.
In a third aspect, an embodiment of the present application provides a method for establishing a data security channel, where the method includes:
after receiving a request message for requesting to establish a secure channel sent by a system control processor, sending a response message to the system control processor, wherein the response message comprises a real boot firmware key hash of a boot firmware;
the response message is used for indicating the system control processor to judge whether the real starting firmware key hash is consistent with the starting firmware key hash in the system control memory, and when the real starting firmware key hash is judged to be consistent with the starting firmware key hash in the system control memory, a shared key is generated according to the system control processor key hash in the system control processor and the pre-stored starting firmware key;
acquiring a shared secret key sent by a system control processor; and encrypting the response message by adopting the shared secret key to obtain an encrypted response message, and sending the encrypted response message to the system control processor.
Further, the response message is further used for indicating the system control processor to encrypt the shared secret key according to the starting firmware secret key prestored in the system control processor after the shared secret key is generated, so as to obtain a ciphertext, and the ciphertext is sent to the starting firmware;
the acquiring the shared secret key sent by the system control processor includes:
receiving ciphertext sent by a system control processor;
and decrypting the ciphertext according to the starting firmware key in the starting firmware to obtain the shared key.
In a fourth aspect, embodiments of the present application provide a boot firmware, where the boot firmware includes:
the response module is used for sending a response message to the system control processor after receiving a request message which is sent by the system control processor and is used for requesting to establish a secure channel, wherein the response message comprises a real boot firmware key hash of the boot firmware;
the response message is used for indicating the system control processor to judge whether the real starting firmware key hash is consistent with the starting firmware key hash in the system control memory, and when the real starting firmware key hash is judged to be consistent with the starting firmware key hash in the system control memory, a shared key is generated according to the system control processor key hash in the system control processor and the pre-stored starting firmware key;
the receiving module is used for acquiring the shared secret key sent by the system control processor;
and the message encryption module is used for encrypting the response message by adopting the shared secret key to obtain an encrypted response message and sending the encrypted response message to the system control processor.
In summary, compared with the prior art, the technical scheme provided by the embodiment of the application has the beneficial effects that at least:
according to the data security channel establishing method, the same shared secret key is generated in the system control processor and the starting firmware, so that a data security channel between the system control processor and the starting firmware is established, the system control processor and the starting firmware can encrypt a data message by adopting the shared secret key and then transmit the data message, the transmitted data is prevented from being exposed to an attacker in a plaintext mode, the security and confidentiality of the transmitted data are improved, and the condition of information leakage is avoided.
Secondly, the shared secret key comprises information at two ends of the secret key hash of the system control processor and the secret key of the starting firmware, so that when the shared secret key is attacked or tampered in the transmission process, the system control processor and the starting firmware can find errors of the shared secret key in decryption, thereby discarding the attacked data in time, avoiding decrypting the data possibly tampered with errors, and further improving the safety of data transmission between the system control processor and the starting firmware.
Drawings
Fig. 1 is a flowchart of a method for establishing a data security channel according to an exemplary embodiment of the present application.
Fig. 2 is a schematic structural diagram of a system control processor according to an exemplary embodiment of the present application.
Fig. 3 is a flowchart of a method for establishing a data security channel according to another exemplary embodiment of the present application.
Fig. 4 is a flowchart of decryption steps provided in an exemplary embodiment of the present application.
Fig. 5 is a schematic structural diagram of a boot firmware according to an exemplary embodiment of the present application.
Detailed Description
The following description of the embodiments of the present application will be made clearly and fully with reference to the accompanying drawings, in which it is evident that the embodiments described are only some, but not all, of the embodiments of the present application. All other embodiments, which can be made by one of ordinary skill in the art without undue burden from the present disclosure, are within the scope of the present disclosure.
Referring to fig. 1, an embodiment of the present application provides a method for establishing a data security channel, where the method is implemented by a system control processor, and a main body view is described as the system control processor, and the method may include:
step S11, generating a boot firmware key hash according to a pre-stored boot firmware key in the system control processor, and sending a request message for requesting to establish a secure channel to the boot firmware. The request message is used for indicating the starting firmware to generate a response message.
The pre-stored starting firmware key is a key in starting firmware which is pre-stored in a system control processor. The system control processor and the boot firmware each contain a respective key and a respective key hash, but there is no counterpart, so that when a data security channel is established, the key of the boot firmware needs to be stored in the system control processor in advance.
Step S12, receiving a response message sent by the starting firmware, wherein the response message comprises a real starting firmware key hash of the starting firmware, and judging whether the real starting firmware key hash and the starting firmware key hash are consistent.
Step S13, if the key hash is consistent with the pre-stored starting firmware key, a shared key is generated according to the system control processor key hash in the system control processor; if not, the secure channel is failed to be established.
The above-mentioned judging step is to judge whether the pre-stored boot firmware key in the system control processor is trusted, and because the boot firmware key is used to generate the shared key, it is necessary to ensure that the pre-stored boot firmware key is identical to the boot firmware, so that the boot firmware can detect the problem if the generated shared key is attacked or tampered.
Step S14, after generating the shared key, the shared key is transmitted to the boot firmware. Specifically, step S14 is to enable the boot firmware to encrypt the response message with the shared key, generate an encrypted response message, and send the encrypted response message back to the system control processor.
Step S15, receiving an encryption response message of the starting firmware encrypted by adopting the shared key.
And S16, decrypting the encrypted response message according to the shared key in the system control processor, and encrypting the message which is subsequently sent to the starting firmware according to the shared key after the decryption is successful.
Specifically, the boot firmware decrypts the encrypted message sent by the received system control processor by using the shared key, thereby completing the secure communication between the system control processor and the boot firmware.
According to the data security channel establishing method provided by the embodiment, the same shared secret key is generated in the system control processor and the starting firmware, so that the data security channel between the system control processor and the starting firmware is established, the system control processor and the starting firmware can encrypt the data message by adopting the shared secret key and then transmit the encrypted data message, the transmitted data is prevented from being exposed to an attacker in a plaintext mode, the security and confidentiality of the transmitted data are improved, and the condition of information leakage is avoided.
Secondly, the shared secret key comprises information at two ends of the secret key hash of the system control processor and the secret key of the starting firmware, so that when the shared secret key is attacked or tampered in the transmission process, the system control processor and the starting firmware can find errors of the shared secret key in decryption, thereby discarding the attacked data in time, avoiding decrypting the data possibly tampered with errors, and further improving the safety of data transmission between the system control processor and the starting firmware.
In some embodiments, the generating the boot firmware key hash according to the boot firmware key pre-stored in the system control processor may specifically include the following steps:
the hash algorithm is called by calling a hardware algorithm interface of the trusted platform module on the system control processor, and a starting firmware key pre-stored in the system control processor is generated to be hashed by the hash algorithm.
The trusted platform module hardware algorithm interface is a TPM (Trusted Platform Module ) hardware algorithm interface, is an international standard of a secure cryptoprocessor, and aims to use a special microcontroller integrated in the device to process an encryption key in the device; the hash algorithm is an algorithm capable of calculating a character string with a fixed length corresponding to a digital message.
According to the embodiment, the hash algorithm is adopted to calculate the hash of the key, so that the hash of the pre-stored starting firmware key and the hash of the real starting firmware key are compared, the credibility of the pre-stored starting firmware key can be judged, and only when the hash of the pre-stored key is consistent with the hash of the real key, the consistency of the pre-stored starting firmware key and the starting firmware is indicated, and the method can be used for generating the shared key.
In some embodiments, the hash algorithm may be a sha256 hash algorithm.
Specifically, the five algorithms of the hash family are sha1, sha224, sha256, sha384 and sha512, respectively, wherein the sha256 hash algorithm is the most secure.
The embodiment ensures that the hash algorithm with the highest security is adopted for generating the key hash in the application, and ensures the accuracy of the pair of the boot firmware key hash and the true boot firmware key Ha Xibi.
In some embodiments, the generating the shared key according to the system control processor key hash and the pre-stored boot firmware key in the system control processor may specifically include:
and generating a shared key through a symmetric encryption algorithm according to the system control processor key hash and the prestored starting firmware key in the system control processor.
In particular, an asymmetric encryption algorithm may also be employed to generate the shared key.
The embodiment generates the shared secret key through the symmetric encryption algorithm or the asymmetric encryption algorithm, which is equivalent to encrypting the data transmission between the system control processor and the starting firmware by adopting the symmetric encryption algorithm or the asymmetric encryption algorithm, so that the safety and confidentiality of the data transmission are improved, and even if the transmitted data are stolen by an attacker, the attacker cannot obtain real data from the stolen information due to the protection of the shared secret key by adopting the encryption algorithm, and the condition of information leakage is avoided.
In some embodiments, after generating the shared key, the sending the shared key to the boot firmware includes:
after the shared key is generated, the shared key is encrypted according to a starting firmware key prestored in a system control processor to obtain a ciphertext, and the ciphertext is sent to starting firmware.
Because the shared key is firstly generated in the system control processor, the shared key must be ensured not to be intercepted or tampered in the process of being transmitted to the starting firmware, if the shared key is tampered, the shared key in the system control processor and the starting firmware is different, both sides cannot decrypt the information encrypted by the other side through the shared key to influence the data transmission between the two sides, and if the shared key is intercepted, the data transmitted after the safety channel is built cannot be protected by the shared key.
Therefore, the embodiment encrypts the generated shared key through the starting firmware key and then sends the encrypted shared key to the starting firmware, so that the starting firmware can directly decrypt the shared key and ensure the safety of the shared key, and further the safety of data transmission between the system control processor and the starting firmware after the safety channel is built is ensured.
In some embodiments, the symmetric encryption algorithm may be an AES256 symmetric encryption algorithm or a commercial secret number 1 algorithm.
The AES256 symmetric encryption algorithm is the encryption algorithm with highest security; the algorithm of the commercial cipher 1, namely the SM1 algorithm, is a commercial cipher block standard symmetric algorithm compiled by the national cipher administration, the block length and the key length are 128 bits, and the security and confidentiality strength of the algorithm and the implementation performance of related software and hardware are equivalent to AES.
The embodiment provides two symmetrical encryption algorithms with highest security, and the confidentiality of the shared key generated by using the symmetrical encryption algorithm to the data message is higher.
Referring to fig. 2, another embodiment of the present application provides a system control processor, which may include:
the hash module 101 is configured to generate a boot firmware key hash according to a boot firmware key pre-stored in the system control processor, and send a request message for requesting to establish a secure channel to the boot firmware.
The judging module 102 is configured to receive a response message sent by the boot firmware, where the response message includes a real boot firmware key hash of the boot firmware, and judge whether the real boot firmware key hash and the boot firmware key hash are consistent.
The shared key generation module 103 is configured to generate a shared key according to the system control processor key hash and the pre-stored boot firmware key in the system control processor.
The sending module 104 is configured to send the shared key to the boot firmware after generating the shared key.
The message receiving module 105 is configured to receive an encrypted response message encrypted by using the shared key, where the response message is started by the firmware.
And the decryption module 106 is configured to decrypt the encrypted response message according to the shared key in the system control processor, and encrypt a message subsequently sent to the boot firmware according to the shared key after the decryption is successful.
The system control processor and the starting firmware provided by the embodiment generate the same shared secret key, so that a data security channel between the system control processor and the starting firmware is established, the system control processor and the starting firmware can encrypt the data message by adopting the shared secret key and then transmit the encrypted data message, the transmitted data is prevented from being exposed to an attacker in a plaintext mode, the security and confidentiality of the transmitted data are improved, and the condition of information leakage is avoided.
Secondly, the shared key generated by the system control processor in the embodiment includes information on both ends of the system control processor key hash and the starting firmware key, so that when the shared key is attacked or tampered in the transmission process, the system control processor and the starting firmware can find errors of the shared key in decryption, thereby discarding the attacked data in time, avoiding decrypting the data possibly tampered with errors, and further improving the security of data transmission between the system control processor and the starting firmware.
Referring to fig. 3, another embodiment of the present application provides a method for establishing a data security channel, where the method is a method for establishing a data security channel executed by a boot firmware, and is described with a main body view angle as the boot firmware, and may specifically include:
step S21, after receiving a request message sent by the system control processor and used for requesting to establish a secure channel, a response message is sent to the system control processor, wherein the response message comprises a real boot firmware key hash of the boot firmware.
The response message is used for indicating the system control processor to judge whether the real boot firmware key hash is consistent with the boot firmware key hash in the system control memory, and when the real boot firmware key hash is judged to be consistent with the boot firmware key hash in the system control processor, the shared key is generated according to the system control processor key hash in the system control processor and the pre-stored boot firmware key.
Step S22, the shared secret key sent by the system control processor is acquired.
Step S23, encrypting the response message by adopting the shared secret key to obtain an encrypted response message, and sending the encrypted response message to the system control processor.
In the specific implementation process, after the encryption response message is sent, the message which is subsequently sent to the system control processor by the starting firmware is encrypted by adopting a shared key, the received message and data of the system control processor are decrypted by adopting the shared key, if the received data cannot be decrypted by using the shared key, the data is likely to be attacked in the transmission process, and the data which cannot be decrypted is directly discarded so as to avoid identifying the attacked and even tampered error information; and for the system control processor, the shared secret key is adopted to decrypt the received message and data of the starting firmware, and if the message and the data cannot be decrypted, the message and the data are directly discarded.
According to the data security channel establishing method provided by the embodiment, the same shared secret key is generated in the system control processor and the starting firmware, so that the data security channel between the system control processor and the starting firmware is established, the system control processor and the starting firmware can encrypt the data message by adopting the shared secret key and then transmit the encrypted data message, the transmitted data is prevented from being exposed to an attacker in a plaintext mode, the security and confidentiality of the transmitted data are improved, and the condition of information leakage is avoided.
Referring to fig. 4, in some embodiments, the response message is further used to instruct the system control processor to encrypt the shared key according to a boot firmware key pre-stored in the system control processor after the shared key is generated, to obtain a ciphertext, and send the ciphertext to the boot firmware; the step S22 may specifically include the steps of:
in step S221, the ciphertext sent by the system control processor is received.
Step S222, decrypting the ciphertext according to the starting firmware key in the starting firmware to obtain the shared key.
Aiming at the situation that the system control processor encrypts the generated shared secret key and then transmits the encrypted shared secret key, the embodiment ensures that the starting firmware can directly decrypt the shared secret key and simultaneously ensures the safety of the shared secret key, and further ensures the safety of data transmission between the system control processor and the starting firmware after the safety channel is built.
Referring to fig. 5, another embodiment of the present application provides a boot firmware, where the boot firmware may specifically include:
and the response module 201 is configured to send a response message to the system control processor after receiving a request message sent by the system control processor and used for requesting to establish a secure channel, where the response message includes a hash of a real boot firmware key of the boot firmware.
The response message is used for indicating the system control processor to judge whether the real boot firmware key hash is consistent with the boot firmware key hash in the system control memory, and when the real boot firmware key hash is judged to be consistent with the boot firmware key hash in the system control processor, the shared key is generated according to the system control processor key hash in the system control processor and the pre-stored boot firmware key.
A receiving module 202, configured to obtain the shared key sent by the system control processor.
The message encrypting module 203 is configured to encrypt the response message with the shared key, obtain an encrypted response message, and send the encrypted response message to the system control processor.
The starting firmware provided by the embodiment obtains the same shared secret key as the system control processor, so that a data security channel between the system control processor and the starting firmware is established, the system control processor and the starting firmware can encrypt the data message by adopting the shared secret key and then transmit the encrypted data message, the transmitted data is prevented from being exposed to an attacker in a plaintext mode, the security and confidentiality of the transmitted data are improved, and the condition of information leakage is avoided.
The technical features of the above embodiments may be arbitrarily combined, and all possible combinations of the technical features in the above embodiments are not described for brevity of description, however, as long as there is no contradiction between the combinations of the technical features, they should be considered as the scope of the description.
The above examples merely represent a few embodiments of the present application, which are described in more detail and are not to be construed as limiting the scope of the invention. It should be noted that it would be apparent to those skilled in the art that various modifications and improvements could be made without departing from the spirit of the present application, which would be within the scope of the present application. Accordingly, the scope of protection of the present application is to be determined by the claims appended hereto.
Claims (8)
1. A method for establishing a data security channel, the method comprising:
generating a boot firmware key hash according to a pre-stored boot firmware key in a system control processor, and sending a request message for requesting to establish a secure channel to the boot firmware;
receiving a response message sent by the starting firmware, wherein the response message comprises a real starting firmware key hash of the starting firmware; judging whether the actual boot firmware key hash is consistent with the boot firmware key hash;
if the key hash is consistent with the pre-stored starting firmware key, generating a shared key according to the system control processor key hash in the system control processor; if the two paths are inconsistent, the establishment of the safety channel fails;
after generating the shared key, sending the shared key to the boot firmware; specifically, after the shared key is generated, encrypting the shared key according to the starting firmware key prestored in the system control processor to obtain a ciphertext, and sending the ciphertext to the starting firmware;
receiving an encryption response message encrypted by the starting firmware by adopting the shared key;
decrypting the encrypted response message according to the shared key in the system control processor, and encrypting a message which is subsequently sent to the starting firmware according to the shared key after the decryption is successful.
2. The method of claim 1, wherein generating the boot firmware key hash from the boot firmware key pre-stored in the system control processor comprises:
and calling a hash algorithm by calling a trusted platform module hardware algorithm interface on the system control processor, and generating the boot firmware key hash by the hash algorithm through the boot firmware key prestored in the system control processor.
3. The method of claim 2, wherein the hashing algorithm is a sha256 hashing algorithm.
4. The method of claim 1, wherein the generating a shared key from a system control processor key hash in the system control processor and the pre-stored boot firmware key comprises:
and generating a shared key through a symmetric encryption algorithm according to the hash of the system control processor key in the system control processor and the prestored starting firmware key.
5. The method of claim 4, wherein the symmetric encryption algorithm is an AES256 symmetric encryption algorithm or a quotient 1 algorithm.
6. A system control processor, the system control processor comprising:
the hash module is used for generating a boot firmware key hash according to a pre-stored boot firmware key in the system control processor and sending a request message for requesting to establish a secure channel to the boot firmware;
the judging module is used for receiving a response message sent by the starting firmware, wherein the response message comprises a real starting firmware key hash of the starting firmware and judging whether the real starting firmware key hash is consistent with the starting firmware key hash or not;
the shared key generation module is used for generating a shared key according to the system control processor key hash in the system control processor and the prestored starting firmware key;
the sending module is used for sending the shared secret key to the starting firmware after the shared secret key is generated; specifically, the sending module is configured to encrypt the shared key according to the starting firmware key pre-stored in the system control processor after the shared key is generated, to obtain a ciphertext, and send the ciphertext to the starting firmware;
the message receiving module is used for receiving an encryption response message encrypted by the shared key of the starting firmware;
and the decryption module is used for decrypting the encrypted response message according to the shared key in the system control processor, and encrypting the message which is subsequently sent to the starting firmware according to the shared key after the decryption is successful.
7. A method for establishing a data security channel, the method comprising:
after receiving a request message for requesting to establish a secure channel sent by a system control processor, sending a response message to the system control processor; the response message comprises a real boot firmware key hash of the boot firmware;
the response message is used for indicating the system control processor to judge whether the real starting firmware key hash is consistent with the starting firmware key hash in the system control memory, and when the real starting firmware key hash is judged to be consistent with the starting firmware key hash in the system control memory, a shared key is generated according to the system control processor key hash in the system control processor and a prestored starting firmware key; the response message is also used for indicating the system control processor to encrypt the shared secret key according to the starting firmware secret key prestored in the system control processor after generating the shared secret key to obtain a ciphertext, and the ciphertext is sent to the starting firmware;
acquiring the shared secret key sent by the system control processor; specifically, receiving ciphertext sent by the system control processor; decrypting the ciphertext according to the starting firmware key in the starting firmware to obtain the shared key;
and encrypting the response message by adopting the shared key to obtain an encrypted response message, and sending the encrypted response message to the system control processor.
8. A boot firmware, the boot firmware comprising:
the response module is used for sending a response message to the system control processor after receiving a request message which is sent by the system control processor and used for requesting to establish a secure channel, wherein the response message comprises a real boot firmware key hash of the boot firmware;
the response message is used for indicating the system control processor to judge whether the real starting firmware key hash is consistent with the starting firmware key hash in the system control memory, and when the real starting firmware key hash is judged to be consistent with the starting firmware key hash in the system control memory, a shared key is generated according to the system control processor key hash in the system control processor and a prestored starting firmware key; the response message is also used for indicating the system control processor to encrypt the shared secret key according to the starting firmware secret key prestored in the system control processor after generating the shared secret key to obtain a ciphertext, and the ciphertext is sent to the starting firmware;
the receiving module is used for acquiring the shared secret key sent by the system control processor; specifically, the receiving module is used for receiving ciphertext sent by the system control processor; decrypting the ciphertext according to the starting firmware key in the starting firmware to obtain the shared key;
and the message encryption module is used for encrypting the response message by adopting the shared secret key to obtain an encrypted response message, and sending the encrypted response message to the system control processor.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310305032.1A CN116340954B (en) | 2023-03-24 | 2023-03-24 | Data security channel establishment method, system control processor and starting firmware |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310305032.1A CN116340954B (en) | 2023-03-24 | 2023-03-24 | Data security channel establishment method, system control processor and starting firmware |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN116340954A CN116340954A (en) | 2023-06-27 |
| CN116340954B true CN116340954B (en) | 2024-01-23 |
Family
ID=86887356
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202310305032.1A Active CN116340954B (en) | 2023-03-24 | 2023-03-24 | Data security channel establishment method, system control processor and starting firmware |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN116340954B (en) |
Citations (16)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US5937063A (en) * | 1996-09-30 | 1999-08-10 | Intel Corporation | Secure boot |
| CN101908959A (en) * | 2010-07-28 | 2010-12-08 | 北京握奇数据系统有限公司 | Method, equipment and system thereof for establishing shared key |
| CN105141568A (en) * | 2014-05-28 | 2015-12-09 | 腾讯科技(深圳)有限公司 | Safe communication channel establishment method and system, client and server |
| CN108075890A (en) * | 2016-11-16 | 2018-05-25 | 中兴通讯股份有限公司 | Data sending terminal, data receiver, data transmission method and system |
| KR20180092596A (en) * | 2017-02-10 | 2018-08-20 | 경희대학교 산학협력단 | METHOD AND SYSTEM FOR SECURE BOOTING OF IoT DEVICE PLATFORM USING EMBEDDED SECURE MODULE |
| CN109040132A (en) * | 2018-09-26 | 2018-12-18 | 南京南瑞继保电气有限公司 | One kind being based on the randomly selected encryption communication method of shared key |
| KR20190005044A (en) * | 2017-07-05 | 2019-01-15 | 주식회사 케이티 | Method and system for two-way authentication |
| CN109257170A (en) * | 2018-11-02 | 2019-01-22 | 美的集团股份有限公司 | Cryptographic key negotiation method, equipment, terminal, storage medium and system |
| US10599848B1 (en) * | 2017-05-09 | 2020-03-24 | American Megatrends International, Llc | Use of security key to enable firmware features |
| CN111065097A (en) * | 2019-10-11 | 2020-04-24 | 上海交通大学 | Channel protection method and system based on shared secret key in mobile internet |
| CN113032788A (en) * | 2021-03-24 | 2021-06-25 | 山东英信计算机技术有限公司 | Firmware image switching method, device and medium in computer system |
| CN113656086A (en) * | 2020-04-28 | 2021-11-16 | 瑞昱半导体股份有限公司 | Method for safely storing and loading firmware and electronic device |
| KR20220065223A (en) * | 2020-11-13 | 2022-05-20 | 경희대학교 산학협력단 | Update method to automotive ECU device by using external hardware module |
| CN114528555A (en) * | 2022-01-26 | 2022-05-24 | 苏州浪潮智能科技有限公司 | ARM server firmware safety check starting management method, device and medium |
| CN115168866A (en) * | 2022-06-29 | 2022-10-11 | 海光信息技术股份有限公司 | Processor safety starting method and processor |
| WO2022251987A1 (en) * | 2021-05-29 | 2022-12-08 | 华为技术有限公司 | Data encryption and decryption method and apparatus |
Family Cites Families (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US10382210B2 (en) * | 2016-01-10 | 2019-08-13 | Apple Inc. | Secure device pairing |
| KR102604046B1 (en) * | 2016-11-28 | 2023-11-23 | 삼성전자주식회사 | Method for Managing Program and Electronic Device supporting the same |
| US10984107B2 (en) * | 2018-04-24 | 2021-04-20 | Mellanox Technologies, Ltd. | Secure boot |
| US20200162247A1 (en) * | 2018-11-15 | 2020-05-21 | Iot And M2M Technologies, Llc | Secure firmware transfer from a server to a primary platform |
| US11232210B2 (en) * | 2019-03-26 | 2022-01-25 | Western Digital Technologies, Inc. | Secure firmware booting |
| US11321465B2 (en) * | 2019-04-04 | 2022-05-03 | Cisco Technology, Inc. | Network security by integrating mutual attestation |
| US11907386B2 (en) * | 2020-09-22 | 2024-02-20 | Dell Products L.P. | Platform root-of-trust system |
-
2023
- 2023-03-24 CN CN202310305032.1A patent/CN116340954B/en active Active
Patent Citations (16)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US5937063A (en) * | 1996-09-30 | 1999-08-10 | Intel Corporation | Secure boot |
| CN101908959A (en) * | 2010-07-28 | 2010-12-08 | 北京握奇数据系统有限公司 | Method, equipment and system thereof for establishing shared key |
| CN105141568A (en) * | 2014-05-28 | 2015-12-09 | 腾讯科技(深圳)有限公司 | Safe communication channel establishment method and system, client and server |
| CN108075890A (en) * | 2016-11-16 | 2018-05-25 | 中兴通讯股份有限公司 | Data sending terminal, data receiver, data transmission method and system |
| KR20180092596A (en) * | 2017-02-10 | 2018-08-20 | 경희대학교 산학협력단 | METHOD AND SYSTEM FOR SECURE BOOTING OF IoT DEVICE PLATFORM USING EMBEDDED SECURE MODULE |
| US10599848B1 (en) * | 2017-05-09 | 2020-03-24 | American Megatrends International, Llc | Use of security key to enable firmware features |
| KR20190005044A (en) * | 2017-07-05 | 2019-01-15 | 주식회사 케이티 | Method and system for two-way authentication |
| CN109040132A (en) * | 2018-09-26 | 2018-12-18 | 南京南瑞继保电气有限公司 | One kind being based on the randomly selected encryption communication method of shared key |
| CN109257170A (en) * | 2018-11-02 | 2019-01-22 | 美的集团股份有限公司 | Cryptographic key negotiation method, equipment, terminal, storage medium and system |
| CN111065097A (en) * | 2019-10-11 | 2020-04-24 | 上海交通大学 | Channel protection method and system based on shared secret key in mobile internet |
| CN113656086A (en) * | 2020-04-28 | 2021-11-16 | 瑞昱半导体股份有限公司 | Method for safely storing and loading firmware and electronic device |
| KR20220065223A (en) * | 2020-11-13 | 2022-05-20 | 경희대학교 산학협력단 | Update method to automotive ECU device by using external hardware module |
| CN113032788A (en) * | 2021-03-24 | 2021-06-25 | 山东英信计算机技术有限公司 | Firmware image switching method, device and medium in computer system |
| WO2022251987A1 (en) * | 2021-05-29 | 2022-12-08 | 华为技术有限公司 | Data encryption and decryption method and apparatus |
| CN114528555A (en) * | 2022-01-26 | 2022-05-24 | 苏州浪潮智能科技有限公司 | ARM server firmware safety check starting management method, device and medium |
| CN115168866A (en) * | 2022-06-29 | 2022-10-11 | 海光信息技术股份有限公司 | Processor safety starting method and processor |
Non-Patent Citations (3)
| Title |
|---|
| Survey of Secure Processors;Sau, Suman等;INTERNATIONAL CONFERENCE ON EMBEDDED COMPUTER SYSTEMS: ARCHITECTURES, MODELING, AND SIMULATION (SAMOS 2017);全文 * |
| 哈希加密方案;黄智颖, 冯新喜, 张焕国;通信技术(第07期);全文 * |
| 智能IoT固件敏感信息检测技术的研究;随唐;中国优秀硕士学位论文全文数据库 (信息科技辑);全文 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN116340954A (en) | 2023-06-27 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10482291B2 (en) | Secure field-programmable gate array (FPGA) architecture | |
| US9949115B2 (en) | Common modulus RSA key pairs for signature generation and encryption/decryption | |
| US11431498B2 (en) | Quantum-augmentable hybrid encryption system and method | |
| KR101725847B1 (en) | Master key encryption functions for transmitter-receiver pairing as a countermeasure to thwart key recovery attacks | |
| KR101032016B1 (en) | Constrained cryptographic keys | |
| JP4875075B2 (en) | Secure patch system | |
| US8577039B2 (en) | Cryptographic communication apparatus and cryptographic communication system | |
| EP3972293B1 (en) | Bluetooth device connection methods and bluetooth devices | |
| CN112702318A (en) | Communication encryption method, decryption method, client and server | |
| CN111935712A (en) | Data transmission method, system and medium based on NB-IoT communication | |
| JP7451738B2 (en) | Key update method and related devices | |
| US10630466B1 (en) | Apparatus and method for exchanging cryptographic information with reduced overhead and latency | |
| CN111836260B (en) | Authentication information processing method, terminal and network equipment | |
| US20080045180A1 (en) | Data transmitting method and apparatus applying wireless protected access to a wireless distribution system | |
| CN116340954B (en) | Data security channel establishment method, system control processor and starting firmware | |
| KR100883442B1 (en) | Method of delivering direct proof private keys to devices using an on-line service | |
| CN116074049A (en) | Communication method, system and server of trusted computing dual-architecture system | |
| CN113890731A (en) | Key management method, key management device, electronic equipment and storage medium | |
| CN117335981A (en) | Secure communication method, device, equipment and medium based on lightweight key algorithm | |
| JP3721176B2 (en) | Authentication system and encrypted communication system | |
| CN117714185A (en) | Bank counter data processing method and system based on cryptographic algorithm | |
| JP2000216770A (en) | Method and system for transferring data |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |