CN116484431A - Data protection method, electronic equipment and storage medium - Google Patents
Data protection method, electronic equipment and storage medium Download PDFInfo
- Publication number
- CN116484431A CN116484431A CN202310737595.8A CN202310737595A CN116484431A CN 116484431 A CN116484431 A CN 116484431A CN 202310737595 A CN202310737595 A CN 202310737595A CN 116484431 A CN116484431 A CN 116484431A
- Authority
- CN
- China
- Prior art keywords
- key
- electronic device
- encrypted
- user
- electronic equipment
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 86
- 238000012795 verification Methods 0.000 claims description 68
- 230000015654 memory Effects 0.000 claims description 41
- 230000004044 response Effects 0.000 claims description 36
- 238000004590 computer program Methods 0.000 claims description 7
- 238000005192 partition Methods 0.000 description 87
- 238000012217 deletion Methods 0.000 description 68
- 230000037430 deletion Effects 0.000 description 68
- 230000006870 function Effects 0.000 description 63
- 238000004891 communication Methods 0.000 description 34
- 230000006854 communication Effects 0.000 description 34
- 239000010410 layer Substances 0.000 description 25
- 230000006378 damage Effects 0.000 description 24
- 238000007726 management method Methods 0.000 description 23
- 238000010586 diagram Methods 0.000 description 21
- 238000012545 processing Methods 0.000 description 14
- 230000005236 sound signal Effects 0.000 description 13
- 238000010295 mobile communication Methods 0.000 description 12
- 230000008569 process Effects 0.000 description 10
- 210000000988 bone and bone Anatomy 0.000 description 9
- 210000004027 cell Anatomy 0.000 description 6
- 230000003287 optical effect Effects 0.000 description 6
- 230000008859 change Effects 0.000 description 5
- 230000000694 effects Effects 0.000 description 5
- 230000001360 synchronised effect Effects 0.000 description 5
- 238000013528 artificial neural network Methods 0.000 description 4
- 229920001621 AMOLED Polymers 0.000 description 3
- 230000002159 abnormal effect Effects 0.000 description 3
- 230000001133 acceleration Effects 0.000 description 3
- 230000001413 cellular effect Effects 0.000 description 3
- 238000005516 engineering process Methods 0.000 description 3
- 230000036541 health Effects 0.000 description 3
- 230000009467 reduction Effects 0.000 description 3
- 230000000007 visual effect Effects 0.000 description 3
- 238000013473 artificial intelligence Methods 0.000 description 2
- 230000003416 augmentation Effects 0.000 description 2
- 230000003190 augmentative effect Effects 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 2
- 230000036772 blood pressure Effects 0.000 description 2
- 238000013500 data storage Methods 0.000 description 2
- 238000001514 detection method Methods 0.000 description 2
- 230000001976 improved effect Effects 0.000 description 2
- 230000003993 interaction Effects 0.000 description 2
- 239000004973 liquid crystal related substance Substances 0.000 description 2
- 230000007774 longterm Effects 0.000 description 2
- 230000002093 peripheral effect Effects 0.000 description 2
- 239000002096 quantum dot Substances 0.000 description 2
- 238000009877 rendering Methods 0.000 description 2
- 239000004065 semiconductor Substances 0.000 description 2
- 230000003213 activating effect Effects 0.000 description 1
- 230000007175 bidirectional communication Effects 0.000 description 1
- 238000013529 biological neural network Methods 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 230000015572 biosynthetic process Effects 0.000 description 1
- 210000004556 brain Anatomy 0.000 description 1
- 238000004422 calculation algorithm Methods 0.000 description 1
- 238000004364 calculation method Methods 0.000 description 1
- 238000006243 chemical reaction Methods 0.000 description 1
- 230000000295 complement effect Effects 0.000 description 1
- 239000004020 conductor Substances 0.000 description 1
- 239000012792 core layer Substances 0.000 description 1
- 239000000835 fiber Substances 0.000 description 1
- 238000001914 filtration Methods 0.000 description 1
- 230000004927 fusion Effects 0.000 description 1
- 230000005484 gravity Effects 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 230000001939 inductive effect Effects 0.000 description 1
- 230000010354 integration Effects 0.000 description 1
- 239000010985 leather Substances 0.000 description 1
- 230000004807 localization Effects 0.000 description 1
- 239000011159 matrix material Substances 0.000 description 1
- 229910044991 metal oxide Inorganic materials 0.000 description 1
- 150000004706 metal oxides Chemical class 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 210000002569 neuron Anatomy 0.000 description 1
- 238000005457 optimization Methods 0.000 description 1
- 230000002138 osteoinductive effect Effects 0.000 description 1
- 230000010349 pulsation Effects 0.000 description 1
- 230000005855 radiation Effects 0.000 description 1
- 238000011160 research Methods 0.000 description 1
- 230000002441 reversible effect Effects 0.000 description 1
- 238000000926 separation method Methods 0.000 description 1
- 239000007787 solid Substances 0.000 description 1
- 230000003238 somatosensory effect Effects 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
- 238000003786 synthesis reaction Methods 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
- 230000001755 vocal effect Effects 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/45—Structures or tools for the administration of authentication
- G06F21/46—Structures or tools for the administration of authentication by designing passwords or checking the strength of passwords
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Bioethics (AREA)
- Medical Informatics (AREA)
- Databases & Information Systems (AREA)
- Storage Device Security (AREA)
Abstract
The application provides a data protection method, electronic equipment and a storage medium. The electronic device acquires the first data and the first data secret key, encrypts the first data based on the first data secret key, and obtains first encrypted data. The electronic device obtains the CE key from the first storage area and encrypts the first data key based on the CE key, storing the first encrypted data and the first encrypted data key. The electronic equipment receives and responds to a first message sent by the server, and deletes the CE key stored in the first storage area and the first encryption CE key stored in the second storage area, wherein the first message is sent to the electronic equipment by the server after the electronic equipment is in a lost state. Therefore, after the electronic equipment is lost, the electronic equipment cannot acquire the CE secret key, and the first encrypted data secret key cannot be decrypted, so that the first encrypted data cannot be decrypted, and the safety of the data stored in the electronic equipment is protected.
Description
Technical Field
The present disclosure relates to the field of terminal technologies, and in particular, to a data protection method, an electronic device, and a storage medium.
Background
Electronic products have become a necessity for people's life. The mobile phone stores a large amount of personal data of the user, such as private photos, contacts, short messages, call records, and the like. Once the mobile phone is lost, personal data stored in the mobile phone can be leaked. If the security of the stored data in the mobile phone is improved, further research is needed.
Disclosure of Invention
The application provides a data protection method, electronic equipment and a storage medium, which realize that the safety of data stored on the electronic equipment is improved.
In a first aspect, the application provides a data protection method, which is applied to an electronic device, wherein the electronic device comprises a first storage area and a second storage area, a CE key is stored in the first storage area, a first encryption CE key is stored in the second storage area, the first encryption CE key is obtained based on a hash value of a first screen locking password of the electronic device and the CE key, the CE key is used for encrypting a data key of the data, and the first encryption CE key is used for recovering the CE key in the second storage area after the electronic device is restarted; the method comprises the following steps: the electronic equipment acquires first data and a first data secret key, encrypts the first data based on the first data secret key, and obtains first encrypted data; the electronic equipment acquires the CE secret key from the first storage area and encrypts the first data secret key based on the CE secret key to obtain a first encrypted data secret key; the electronic device stores the first encrypted data and the first encrypted data key; the method comprises the steps that the electronic equipment receives a first message sent by a server, wherein the first message is sent to the electronic equipment by the server after the electronic equipment is in a lost state; in response to the first message, the electronic device deletes the CE key stored in the first storage area and the first encrypted CE key stored in the second storage area.
After the electronic device is turned off, the CE key stored in the first storage area is emptied, and the first encrypted CE key stored in the second storage area is not emptied. After restarting the electronic equipment, the electronic equipment can prompt the user to input a screen locking password of the electronic equipment, the electronic equipment can acquire a first encryption CE secret key from the second storage area, and under the condition that the screen locking password input by the user is the same as the first screen locking password, the electronic equipment can decrypt the first encryption CE secret key based on the hash value of the first screen locking password to obtain the CE secret key, and then the CE secret key is stored in the first storage area, so that the CE secret key is recovered in the first area.
The electronic device receives the first message sent by the server, which may be a user account number that the user logs in to the lost electronic device in a device searching application on other electronic devices, and controls the server to send the message to the lost electronic device. Or the user can log in the lost electronic equipment on the website and log in the user account number, and the control server sends a message to the lost electronic equipment. So that the lost electronic device can automatically delete the CE key stored in the first storage area and the first encrypted CE key in the second storage area after receiving the first message. Thus, after the electronic device is lost, the electronic device cannot acquire the CE key, and therefore cannot decrypt the first encrypted data key, and cannot acquire the first data key, so that the first encrypted data cannot be decrypted, and an attacker cannot acquire the first data. The occurrence of the condition that the first data stored in the electronic equipment is leaked after the electronic equipment is lost is avoided, and the safety of the data stored in the electronic equipment is protected.
With reference to the first aspect, in one possible implementation manner, a hash value of the first screen locking password is further stored in the second storage area, where the hash value of the first screen locking password is obtained based on the hash value of the first screen locking password and a hardware unique key.
The hash value stored in the second storage area for encrypting the first screen locking password is used for recovering and obtaining the CE secret key in the first storage area after the electronic equipment is shut down and restarted.
With reference to the first aspect, in one possible implementation manner, the electronic device includes a security chip; before the electronic device receives the first message sent by the server, the method comprises the following steps: the electronic equipment acquires an account ID of a first user account logged in on the electronic equipment; the electronic equipment encrypts the CE secret key based on the hash value of the account ID of the first user account to obtain a second encrypted CE secret key; the electronic equipment encrypts the hash value of the account ID of the first user account based on the hardware unique key to obtain the hash value of the account ID of the encrypted first user account; the electronic device stores the second encryption CE key and the hash value of the account ID of the encrypted first user account in the security chip; after the electronic device receives the first message sent by the server, the method comprises the following steps: the electronic device continues to store the second encrypted CE key and the hash value of the account ID that encrypted the first user account within the secure chip.
The safety coefficient of the safety chip is higher than that of the second storage area and the first storage area, and data stored in the safety chip are difficult to acquire by an attacker. The secure chip additionally stores therein a second encrypted CE key and a hash value of the account ID of the encrypted first user account. The second encryption CE secret key stored in the security chip and the hash value of the account ID of the encrypted first user account are used for recovering the CE secret key and the first encryption CE secret key in the first storage area and the second storage after the electronic equipment is lost and recovered, so that the encryption data on the electronic equipment is decrypted based on the CE secret key. So that the user can continue to use the user data stored on the electronic device normally.
With reference to the first aspect, in one possible implementation manner, before the electronic device obtains the account ID of the first user account logged in on the electronic device, the method further includes: and under the condition that the electronic equipment does not log in the first user account, the electronic equipment displays first prompt information, wherein the first prompt information is used for prompting a user to log in the first user account on the electronic equipment.
Because the electronic device needs to encrypt the CE key based on the hash value of the account ID of the user account, a second encrypted CE key is obtained. Therefore, under the condition that the electronic device does not log in the first user account, the electronic device can prompt a user to log in the first user account on the electronic device. So that the electronic device can obtain the second encryption CE key.
With reference to the first aspect, in one possible implementation manner, after the electronic device deletes the CE key stored in the first storage area and removes the first encrypted CE key stored in the second storage area, the method includes: the electronic equipment prompts a user to input a first user account number and a first screen locking password; under the condition that a second user account input by a user and a second screen locking password input by the user pass verification, the electronic equipment acquires a second encryption CE secret key and a hash value of an account ID of the encrypted first user account from the security chip; the electronic equipment decrypts the hash value of the account ID of the encrypted user account based on the hardware unique key to obtain the hash value of the account ID of the first user account; the electronic equipment decrypts the second encryption CE secret key based on the hash value of the account ID of the first user account to obtain a CE secret key; the electronic device stores the CE key in the first storage area.
Thus, after the user retrieves the device, the electronic device can prompt the user to input the user account number and the screen locking password. After the double authentication is passed, the electronic device can obtain the hash value of the second encryption CE key and the account ID for encrypting the first user account from the security chip. Decrypting the second encryption CE key based on the hash value of the account ID of the first user account to obtain the CE key, thereby recovering the CE key in the first storage area again. The electronic device decrypts the first encrypted data based on the CE key stored in the first storage area to obtain the first data. After the equipment is lost, the electronic equipment can recover the CE secret key, so that the user can use the user data normally again.
With reference to the first aspect, in one possible implementation manner, after the second user account and the second lock screen password pass verification, the method further includes: the electronic equipment acquires a hash value for encrypting the first screen locking password from the second storage; the electronic equipment decrypts the hash value of the encrypted first screen locking password based on the hardware unique key to obtain the hash value of the first screen locking password; the electronic equipment encrypts the CE secret key based on the hash value of the first screen locking password to obtain a first encrypted CE secret key; the electronic device stores the first encrypted CE key in the second storage area.
Thus, after the electronic device is lost and retrieved, the electronic device may restore the CE key in the first storage area, and then restore the first encrypted CE key in the second storage area. After the electronic device is powered off and restarted, the electronic device can recover the CE key stored in the first storage area based on the first encryption CE key stored in the second storage area.
With reference to the first aspect, in one possible implementation manner, after the electronic device stores the first encryption CE key in the second storage area, the method further includes: when the electronic equipment is in a shutdown state, deleting the CE secret key in the first storage area by the electronic equipment; when the electronic equipment is in a shutdown state and a restarting state, the electronic equipment prompts a user to input a screen locking password; under the condition that the third screen locking password input by the user passes verification, the electronic equipment acquires a hash value of the encrypted first screen locking password from the second storage; the electronic device obtains a first encryption CE key from the second storage area; the electronic equipment decrypts the hash value of the encrypted first screen locking password based on the hardware unique key to obtain the hash value of the first screen locking password; the electronic equipment decrypts the first encryption CE key based on the hash value of the first screen locking password to obtain a CE key; the electronic device again stores the CE key in the first storage area.
Thus, after the electronic device is lost and retrieved, the electronic device may restore the CE key in the first storage area, and then restore the first encrypted CE key in the second storage area. After the electronic device is powered off and restarted, the electronic device can recover the CE key stored in the first storage area based on the first encryption CE key stored in the second storage area.
With reference to the first aspect, in one possible implementation manner, the determining, by the electronic device, that the second user account and the second screen locking password pass the verification specifically includes: the electronic equipment acquires a hash value for encrypting the first screen locking password from the second storage area; the electronic equipment acquires a hash value of an account ID of the encrypted first user account from the security chip; the electronic equipment acquires a hardware unique key; the electronic equipment decrypts the hash value of the encrypted first screen locking password based on the hardware unique key to obtain the hash value of the first screen locking password; the electronic equipment decrypts the hash value of the account ID of the encrypted first user account based on the hardware unique key to obtain the hash value of the account ID of the first user account; the electronic equipment receives a second user account number input by a user and a second screen locking password input by the user; and under the condition that the hash value of the account ID of the second user account is the same as that of the first user account and the hash value of the second screen locking password is the same as that of the first screen locking password, the electronic equipment determines that the second user account and the second screen locking password pass verification.
With reference to the first aspect, in one possible implementation manner, after the second user account and the second lock screen password pass verification, the method further includes: the electronic device receives a first operation; in response to the first operation, the electronic device obtains first encrypted data and a first encrypted data key; the electronic equipment acquires the CE secret key from the first storage area; the electronic equipment decrypts the first encrypted data key based on the CE key to obtain a first data key; the electronic equipment decrypts the first encrypted data based on the first data secret key to obtain first data; the electronic device displays the first data.
In a second aspect, the present application provides an electronic device comprising one or more processors, one or more memories, and a security chip; wherein the security chip, the one or more memories are coupled to the one or more processors, the one or more memories for storing computer program code comprising computer instructions that, when executed by the one or more processors, cause the electronic device to perform a data protection method provided in any of the possible implementations of the first aspect.
In a third aspect, the present application provides a chip system for application to an electronic device, the chip system comprising one or more processors for invoking computer instructions to cause the electronic device to perform a data protection method as provided in any one of the possible implementations of the first aspect.
In a fourth aspect, the present application provides a computer readable storage medium comprising instructions which, when run on an electronic device, cause the electronic device to perform a data protection method provided in any one of the possible implementations of the first aspect.
For the beneficial effects of the second aspect to the fourth aspect, reference may be made to the description of the beneficial effects in the first aspect, which is not repeated here.
Drawings
FIGS. 1A-1B illustrate one way of remotely erasing data;
FIG. 1C shows a schematic diagram of how an electronic device 100 stores a CE key and encrypts the CE key;
FIGS. 2A-2C are schematic diagrams illustrating turning on a CE key generation function;
FIGS. 2D-2G are diagrams illustrating the electronic device 100 receiving a user-operated set lock screen password;
fig. 3 shows a schematic diagram of a method for storing CE keys by the electronic device 100;
FIG. 4 is a flow chart of a method of how the electronic device 100 encrypts and stores first data generated on the electronic device 100 with a CE key;
fig. 5 shows a flow diagram of a method of decrypting encrypted first data by the electronic device 100;
FIGS. 6A-6E illustrate schematic diagrams of an electronic device 100 receiving a user operation to turn on a temporary destruction CE key function;
FIG. 7 is a flow chart illustrating a method of generating and storing a second encryption CE key by the electronic device 100;
8A-8F illustrate a remote operation of deleting a CE key and a first encryption CE key stored on an electronic device 100;
FIG. 8G illustrates a schematic diagram of remote deletion of a CE key and a first encryption CE key stored on an electronic device 100;
FIG. 9 is a flow chart of a method for remotely deleting a CE key stored in a key module on an electronic device 100 and a first encrypted CE key stored in an erasable partition;
FIG. 10 is a flow chart of a method for failing to acquire unencrypted first data after an attacker enters a main interface of a mobile phone through an abnormal means;
11A-11B illustrate schematic diagrams for verifying the identity of a user;
FIG. 12 shows a schematic diagram of the electronic device 100 verifying a user identity;
fig. 13 is a flowchart of a method for decrypting encrypted data on an electronic device 100 according to the present application;
fig. 14 shows a flow chart of a method for the electronic device 100 to store a CE key and a first encrypted CE key;
FIG. 15 is a schematic flow chart of a data protection method provided in the present application;
fig. 16 shows a schematic structural diagram of an electronic device;
Fig. 17 shows a software configuration block diagram of the electronic device 100.
Detailed Description
The technical solutions in the embodiments of the present application will be clearly and thoroughly described below with reference to the accompanying drawings. Wherein, in the description of the embodiments of the present application, "/" means or is meant unless otherwise indicated, for example, a/B may represent a or B; the text "and/or" is merely an association relation describing the associated object, and indicates that three relations may exist, for example, a and/or B may indicate: the three cases where a exists alone, a and B exist together, and B exists alone, and in addition, in the description of the embodiments of the present application, "plural" means two or more than two.
The terms "first," "second," and the like, are used below for descriptive purposes only and are not to be construed as implying or implying relative importance or implicitly indicating the number of technical features indicated. Thus, a feature defining "a first" or "a second" may explicitly or implicitly include one or more such feature, and in the description of embodiments of the present application, unless otherwise indicated, the meaning of "a plurality" is two or more.
The term "User Interface (UI)" in the following embodiments of the present application is a media interface for interaction and information exchange between an application program or an operating system and a user, which enables conversion between an internal form of information and an acceptable form of the user. A commonly used presentation form of the user interface is a graphical user interface (graphic user interface, GUI), which refers to a user interface related to computer operations that is displayed in a graphical manner. It may be a visual interface element of text, icons, buttons, menus, tabs, text boxes, dialog boxes, status bars, navigation bars, widgets, etc., displayed in a display of the electronic device.
In order to enable a user to lose the mobile phone, the situation that the data stored on the mobile phone is leaked occurs, and the data stored on the mobile phone can be deleted in a remote data erasing mode.
1A-1B illustrate one way to remotely erase data.
As shown in fig. 1A, after the mobile phone of the user is lost, the user may log in on another device to the user account logged in on the lost mobile phone. And enter a find device interface, such as user interface 1100 shown in fig. 1A.
The user interface 1100 shows the type "glory big 4 Pro" of the lost cell phone, which is on and online. The current position of the lost mobile phone is "Beijing city lake area Su Gutuo town". The location was updated one minute ago.
The lost mode of the lost handset is not on.
The lost handset has two SIM cards loaded, one of which has a phone number of "12345678" and the other of which has a phone number of "12345600", both of which are locked.
As shown in fig. 1A, other devices may receive an input operation (e.g., a single click) by a user for selection of item 1101 in user interface 1100, and in response to the input operation by the user, the other devices may display user interface 1200 as shown in fig. 1B.
As shown in FIG. 1B, after the hint information "erase" is shown in user interface 1200, the device will resume factory settings and all data on the device (including memory card) will be permanently deleted. If the device is connected to the network, the device can still be positioned to the device, but the device cannot ring, be set as lost, erased again and the like after the successful deletion of the glory account password is required to be verified for activating and reusing the color, and the prompt information is used for prompting the user whether to erase the data stored on the lost mobile phone. The user interface 1200 also includes an option 1201, where the option 1201 is used to receive a user operation, and remotely delete data stored on the lost mobile phone.
As shown in fig. 1B, other devices may receive user input (e.g., a single click) for option 1201 in user interface 1200, and in response to the user input, the other devices may send a message to the server to the message for the knowledge server to remotely delete the data stored on the lost handset.
Specifically, other devices may send the identity of the lost handset to the server. After the server acquires the identification of the lost mobile phone, a deleting instruction is sent to the lost mobile phone based on the identification of the lost mobile phone. After receiving the deleting instruction, the lost mobile phone deletes all the data in the equipment and on the storage equipment. Thus, the situation of losing the data stored in the mobile phone can be prevented.
However, this erase data scheme has the following drawbacks: if the lost mobile phone is lost only in a short time, the user retrieves the lost mobile phone. At this time, the lost data on the mobile phone is deleted, the deleted data cannot be recovered, and the user experience is poor.
Based on the above, the application proposes a data protection method. The method comprises the steps of generating a CE key, encrypting and storing the CE key, temporarily destroying the CE key, recovering the CE key and the like.
The steps of generating the CE key, encrypting and storing the CE key, temporarily destroying the CE key, recovering the CE key, and the like by the electronic device will be explained and described in detail.
Fig. 1C shows a schematic diagram of how the electronic device 100 stores CE keys and encrypts CE keys.
The storage area on the electronic device 100 may include a secure storage area and an unsecure storage area, among others.
The unsecure storage area may include a lock screen service, a temporary destruction CE key service, a vold module, and a file system.
The secure storage area may include a HUKS CA module, a HUKS TA module, a keymaster CA module, a keymaster TA module, a secure chip, and an erasable partition.
The screen locking service is used for receiving a screen locking password set by user operation.
And the screen locking service is also used for sending the hash value of the screen locking password of the user equipment to the vold module.
Temporarily destroying the CE key service, for receiving a user operation to obtain the user account logged in on the electronic device 100.
The temporary destruction CE key service is further configured to send the hash value of the account ID of the user account logged on the electronic device 100 to the vold module.
The vold module is configured to randomly generate a random number as a CE key when the electronic device 100 is first powered on.
The vold module is further configured to send the CE key to a key ring (key ring) module.
And the key module is used for storing the CE key.
And the key module is also used for sending the CE key to the file system.
A file system for randomly generating a random number as a data encryption key (data encryption key, DEK) key when creating the first data.
The file system is further used for encrypting the first data based on the DEK key to obtain first encrypted data and storing the first encrypted data.
The file system is further used for encrypting the DEK key based on the CE key to obtain an encrypted DEK key and storing the encrypted DEK key.
The vold module is further configured to send the hash value of the account ID of the user account and the CE key to the HUKS CA module.
And the HUKS CA module is used for sending the hash value of the account ID of the user account and the CE key to the HUKS TA module.
And the HUKS TA module is used for encrypting the CE key based on the hash value of the account ID of the user account to obtain a second encryption CE key.
And the HUKS TA module is also used for encrypting the hash value of the account ID of the user account based on the hardware unique key HUK to obtain the hash value of the account ID of the encrypted user account.
The HUKS TA module is further used for sending the second encryption CE secret key and the hash value of the account ID of the encrypted user account to the security chip.
And the security chip is used for storing the second encryption CE key and the hash value of the account ID of the encrypted user account.
The vold module is also used for sending the hash value of the screen locking password and the CE key to the keymaster CA module.
And the keymaster CA module is used for sending the hash value of the screen locking password and the CE key to the keymaster TA module.
And the keymaster TA module is used for encrypting the CE key based on the hash value of the screen locking password to obtain a first encryption CE key.
And the keymaster TA module is also used for obtaining the hash value of the encrypted screen locking password based on the hash value of the encrypted screen locking password of the hardware unique key HUK.
And the keymaster TA module is further used for sending the hash values of the first encryption CE key and the encryption lock screen password to the erasable partition.
And the erasable partition is used for storing the hash value of the first encryption CE key and the encryption lock screen password.
Generating CE keys
After the electronic device 100 is first powered on, the electronic device 100 may randomly generate a random number, which may be referred to as a CE key, through the vold module. The CE key is a key that encrypts a DEK key, which is used to encrypt a file on the electronic device 100, resulting in an encrypted file. When creating a new file, the electronic device 100 may generate a random number through the file system, which may be used as a DEK key. After the CE key encrypts the DEK key, an encrypted DEK key is obtained, which is stored in metadata (meta data) of the file.
Optionally, the electronic device 100 has a CE key generation function option, and after the CE key generation function is turned on, the electronic device 100 may randomly generate a random number through the vold module, where the random number may be referred to as a CE key.
Fig. 2A-2C show schematic diagrams of turning on the CE key generation function.
Fig. 2A shows a main interface 210 of the electronic device 100. The main interface 210 includes icons of a plurality of applications, such as an icon of a weather application, an icon of a glowing store application, an icon of a smart home application, an icon of a sports health application, an icon of a memo application, an icon of a calendar application, an icon of a life service application, an icon of a setup application, an icon of a camera application, an icon of an address book application, an icon of a phone application, and an icon of an information application, etc. The main interface 210 also shows a power indicator, weather indicator, date indicator, network signal indicator, page indicator, etc.
As shown in fig. 2A, the electronic device 100 may receive an input operation (e.g., a click) by a user for setting an icon of an application, and in response to the input operation by the user, the electronic device 100 may display the user interface 220 shown in fig. 2B. The user interface 220 is the main interface for setting up the application.
As shown in fig. 2B, a plurality of settings options, such as a flight mode settings option, are shown in user interface 220 with the flight mode of electronic device 100 off. Wi-Fi setup options, wi-Fi functionality of the electronic device 100 is turned on. Bluetooth set option Bluetooth function of the electronic device 100 is turned on. Personal hotspot setting options, mobile network setting options, do-not-disturb mode setting options, display and brightness setting options, glowing account numbers, CE key generation function options 2201, etc., the CE key generation function is turned off.
As shown in fig. 2B, the electronic device 100 may receive an input operation (e.g., a single click) by a user for the CE key generation function option 2201 in the user interface 220, and in response to the input operation by the user, the electronic device 100 may display a change to the display form of the CE key generation function option 2201, and the CE key generation function option 2201 may display the display form shown in fig. 2C to prompt the user that the CE key generation function of the electronic device 100 is turned on.
After the CE key generation function of the electronic device 100 is turned on, the electronic device 100 may randomly generate a CE key, encrypt a DEK key generated by a file system, and encrypt and protect the DEK key, so as to avoid disclosure of the DEK key.
After the electronic device 100 generates the CE key, the electronic device 100 may store the CE key in the key ring. The electronic device 100 may obtain the CE key from the key ring and decrypt the encrypted DEK key based on the CE key. And obtaining the DEK key, decrypting the encrypted file by the DEK key to obtain an unencrypted file, so that a user can view the unencrypted file.
In other embodiments, the electronic device 100 may automatically turn on the CE key generation functionality option without requiring the user to manually turn on the CE key generation functionality.
Encryption storage CE secret key
1. And encrypting the CE key based on the screen locking password to obtain a first encryption CE key and storing the first encryption CE key.
The CE key stored in the key is deleted after the electronic device 100 is restarted. In order to enable the electronic device 100 to recover the CE key in the key ring after a restart. The electronic device 100 may encrypt the CE key to obtain an encrypted CE key, and store the encrypted CE key in the erasable partition. The encrypted CE key stored in the erasable partition is not deleted after the electronic device 00 is restarted. Then after the electronic device 100 is restarted, the CE key in the key ring may be recovered by encrypting the CE key stored in the erasable partition.
Alternatively, the encryption CE key may be encrypted by a lock screen password. The encryption CE key may also be obtained by encrypting other parameters, or by encrypting a combination of a screen-locking password and other parameters, which is not limited in this application, and the application will be described by taking an example that the encryption CE key is obtained by encrypting the screen-locking password.
Alternatively, after the CE key generation function is turned on based on the operations shown in fig. 2A to fig. 2C, the electronic device 100 may prompt the user to set the screen locking password if it is monitored that the user does not set the screen locking password, and the electronic device 100 may encrypt the CE key with the screen locking password set by the user if the user successfully sets the screen locking password.
Alternatively, after the CE key generation function is turned on based on the operations shown in fig. 2A to fig. 2C, in a case where the electronic device 100 monitors that the user does not set the screen locking password, the electronic device 100 may prompt the user to set the screen locking password, and in a case where the user does not set the screen locking password, the electronic device 100 may encrypt the CE key based on the preset screen locking password.
Fig. 2D-2G illustrate schematic diagrams of the electronic device 100 receiving a user operation to set a lock screen password.
For example, as shown in fig. 2D, when the electronic device 100 monitors that the CE key generation function of the electronic device 100 is turned on and the user does not set the screen locking password, the electronic device 100 may display the prompt 2202 shown in fig. 2D, where the prompt 2202 includes the prompt "do you not set the screen locking password yet, is the screen locking password set? "and options 2203 and 2204.
The prompt information 2202 is used for prompting a user to set a screen locking password. The electronic device 100 may receive an input operation (e.g., a single click) by the user for the option 2203, setting a lock screen password of the electronic device 100. The electronic device 100 may also receive an input operation (e.g., a click) from the user for the option 2204, stopping setting the lock screen password of the electronic device 100.
For example, as shown in fig. 2D, the electronic device 100 may receive an input operation (e.g., a click) by a user for the option 2203, and in response to the input operation by the user, the electronic device 100 may display the user interface 230 shown in fig. 2E. The user may enter the lock screen password in user interface 230 and after the user enters the lock screen password, display user interface 240 shown in fig. 2F.
For example, as shown in fig. 2G, after the user inputs and confirms the screen-locking password, the electronic device 100 may display a prompt 2205, where the prompt 2205 includes "the screen-locking password is set successfully", and the prompt 2205 is used to prompt the user that the screen-locking password of the electronic device 100 is set successfully.
Optionally, after the electronic device 100 receives the user operation setting screen locking password, in order to prevent the screen locking password from being revealed, the electronic device 100 may encrypt the CE key based on the screen locking password set by the user, to obtain an encrypted CE key. The electronic device 100 then stores the encrypted CE key in the erasable partition. The encrypted CE key stored in the erasable partition is not deleted after the electronic device 00 is restarted. After the electronic device 100 is restarted, the CE key in the key ring may be recovered by encrypting the CE key stored in the erasable partition.
Fig. 3 shows a schematic diagram of a method for storing CE keys by the electronic device 100.
Functional modules may be included on electronic device 100, such as a lock screen service (lock settings service, LSS), daemon (vold) module, a key ring module, a key manager client application (keymaster client application, keymaster CA) module, a key manager trusted application (keymaster trusted application, keymaster TA) module, and an erasable partition.
S301, the screen locking service acquires the screen locking password and calculates a hash value of the screen locking password.
The screen locking password obtained by the screen locking service can be the screen locking password set by the user and shown in fig. 2D-2G, or can be a preset screen locking password.
S302, the screen locking service sends the hash value of the screen locking password to the vold module.
Alternatively, the screen locking server may not calculate the hash value of the screen locking password, and directly send the screen locking password to the vold module.
S303, the vold module randomly generates a random number as a CE key.
Alternatively, the vold module may randomly generate a random number as the CE key when the electronic device 100 is first turned on.
Optionally, when the electronic device 100 is turned on for the first time and the CE key generation function is turned on, the vold module may randomly generate a random number as the CE key.
S304, the vold module sends the CE key to the key module.
S305, the key module stores the CE key.
S306, the vold module sends the hash value of the CE secret key and the screen locking password to the keymaster CA module.
Optionally, the vold module may also send the CE key and the lock screen password to the keymaster CA module.
The Keymaster CA module can call the Keymaster TA module, and the hash values of the CE secret key and the screen locking password are stored in an encrypted mode through the Keymaster TA module.
S307, the Keymaster CA module sends the hash value of the CE key and the screen locking password to the Keymaster TA module.
S308, the Keymaster TA module encrypts the CE key by using the hash value of the screen locking password to obtain a first encrypted CE key.
After the Keymaster TA module receives the CE key sent by the Keymaster CA module, the Keymaster TA module can encrypt the CE key by using the hash value of the screen locking password to obtain a first encrypted CE key, so that the situation of CE key leakage is avoided.
S309, the Keymaster TA module encrypts the hash value of the screen locking password by using the hardware unique key HUK to obtain the hash value of the encrypted screen locking password.
Alternatively, the hardware unique key HUK is associated with hardware or a chip in the electronic device 100, and the hardware unique key HUK on a different device does not pass.
After the Keymaster TA module receives the hash value of the screen locking password sent by the Keymaster CA module, the Keymaster TA module can acquire a hardware unique key HUK, encrypt the hash value of the screen locking password through the hardware unique key HUK to obtain the hash value of the encrypted screen locking password, and the condition that the hash value of the screen locking password is leaked is avoided.
S310, the KeyMaster TA module sends the hash value of the encryption lock screen password and the first encryption CE key to the erasable partition.
S311, the erasable partition stores a hash value of the encryption lock screen password and a first encryption CE key.
The hash value of the encrypted screen locking password and the first encrypted CE key stored in the erasable partition may be used to recover the CE key stored in the key module after the device is restarted, so that the encrypted data may be decrypted, and the electronic device 100 may normally display unencrypted data.
Fig. 4 shows a flow chart of a method of how the electronic device 100 encrypts and stores first data generated on the electronic device 100 by means of a CE key.
After the electronic device 100 locks the screen, the electronic device 100 may encrypt data on the device through the DEK. Thus, after the electronic device 100 locks the screen, the electronic device 100 may decrypt the encrypted DEK key based on the CE key to obtain the DEK key only after the correct screen locking password is input. The electronic device 100 may then decrypt the encrypted data based on the DEK key to obtain unencrypted data. The user can view and use the unencrypted data.
In fig. 4, the electronic device 100 includes a file system, a keying module, and other functional modules.
S401, creating first data by a file system.
S402, the file system randomly generates a random number as a DEK key.
After creating the first data, the file system may randomly generate a random number, which may be referred to as a DEK key, which is used to encrypt the first data.
Optionally, the DEK keys of different data are different. Alternatively, the DEK keys of different data may be the same, which is not limited in this application.
S403, the file system encrypts the first data based on the DEK key to obtain encrypted first data.
After the first data is created by the file system, the first data can be encrypted based on the DEK secret key to obtain encrypted first data, so that the situation that the unencrypted first data is leaked is avoided.
S404, the file system acquires the CE key from the key ring module.
S405, the file system encrypts the DEK key based on the CE key to obtain an encrypted DEK key.
S406, the file system stores the encrypted DEK key and the encrypted first data.
Alternatively, the file system may write the encrypted DEK key in metadata of the first data. Metadata of the first data is used to describe attributes of the first data, such as data type, data size, encrypted DEK key, etc.
In order to ensure the security of the encrypted first data, the secret storage is also required for the DEK key for obtaining the encrypted first data. The encrypted DEK key may be obtained, for example, by encrypting the DEK key with the CE key. The file system writes the encrypted DEK key in the metadata of the first data, so that the condition that the unencrypted DEK key is revealed is avoided.
Fig. 5 shows a flow chart of a method of decrypting encrypted first data by the electronic device 100.
After the electronic device 100 locks the screen, the electronic device 100 may encrypt data on the device through the DEK. After the electronic device 100 is on, the electronic device 100 may prompt the user to input a screen locking password, and the electronic device 100 may decrypt the encrypted data to obtain plaintext data only when the screen locking password is correctly input. The user can view the plaintext data.
In fig. 5, the electronic device 100 includes a lock screen service, a file system, a keying module, and functional modules such as an erasable partition.
S501, the screen locking service receives a screen locking password input by a user.
S502, the screen locking service acquires a hash value of a screen locking password set by a user.
S503, the screen locking service needs to confirm whether the hash value of the screen locking password input by the user is the same as the hash value of the screen locking password set by the user.
The lockscreen service may obtain a hash value of the lockscreen password set by the user from the erasable partition. Specifically, the screen locking service may send an acquisition notification to the erasable partition, where after the erasable partition receives the erasable partition, the erasable partition may acquire a hardware unique key HUK, and the erasable partition decrypts the hash value of the encrypted screen locking password based on the hardware unique key HUK to obtain the hash value of the screen locking password set by the user. The erasable partition sends the hash value of the screen locking password set by the user to the screen locking service, and the screen locking service can acquire the hash value of the screen locking password set by the user.
After the screen locking service obtains the hash value of the screen locking password set by the user and sent by the erasable partition, and the hash value of the screen locking password set by the user, the screen locking service needs to confirm whether the hash value of the screen locking password input by the user is the same as the hash value of the screen locking password set by the user.
In the case where the hash value of the screen locking password input by the user is different from the hash value of the screen locking password set by the user, S504 is executed and the flow ends.
Optionally, in the case that the hash value of the screen locking password input by the user is different from the hash value of the screen locking password set by the user, the screen locking service may prompt the user that the password is input incorrectly, and after the user continuously inputs the screen locking password for m times, the screen locking service may prompt the user to retry inputting the correct screen locking password after a certain time interval.
In the case where the hash value of the screen locking password input by the user is the same as the hash value of the screen locking password set by the user, S505 is performed.
S504, ending.
S505, the screen locking service executes unlocking operation and enters a main interface of the electronic equipment 100.
And under the condition that the hash value of the screen locking password input by the user is the same as the hash value of the screen locking password set by the user, the screen locking service executes unlocking operation and enters a main interface of the electronic equipment 100.
Alternatively, in the case where the user does not set the lock screen password, S501 to S504 may be omitted and S505 may be directly executed.
S506, the screen locking service sends a verification success message to the file system.
Under the condition that the hash value of the screen locking password input by the user is the same as the hash value of the screen locking password set by the user, the screen locking service can send a verification success message to the file system, so that the file system can decrypt the encrypted data to obtain plaintext data.
In one possible implementation, the file system may immediately execute S507-S510 after the file system receives the authentication success message sent by the lock screen service.
In other possible implementations, after the file system receives the verification success message sent by the screen locking service and when it is monitored that the user opens the first application, the first data is data in the first application, and the file system executes S507-S510 again. The file system may not perform S507-S510 until the user opens the first application.
S507, the file system obtains the CE key from the erasable partition.
The file system may send an acquire message to the erasable partition, and in response to the acquire message, the erasable partition acquires the stored hardware unique key HUK, the hash value of the encrypted lock screen password, and the first encrypted CE key. Firstly, the erasable partition decrypts the hash value of the encrypted screen locking password based on the hardware unique key HUK to obtain the hash value of the screen locking password, and the hash value of the screen locking password is unencrypted. And then, the erasable partition decrypts the first encryption CE key based on the hash value of the screen locking password to obtain the CE key. Finally, the erasable partition sends the CE key to the file system. In this way, the file system can obtain the CE key.
S508, the file system acquires the encrypted DEK key.
S509, the file system decrypts the encrypted DEK key based on the CE key to obtain the DEK key.
S510, the file system decrypts the encrypted first data based on the DEK key to obtain the first data.
Alternatively, the file system may obtain the encrypted DEK key from the metadata of the first data. And decrypting the encrypted DEK key based on the CE key to obtain the DEK key. Finally, the file system acquires the encrypted first data, and decrypts the encrypted first data based on the DEK key to obtain the first data.
Thus, the first data is unencrypted data that can be viewed and used by the user.
After the mobile phone is turned off and restarted and the screen locking password is input to pass verification, the electronic device can acquire the CE secret key, decrypt the encrypted DEK secret key based on the CE secret key to obtain the DEK secret key, and decrypt the encrypted first data based on the DEK secret key to obtain the first data. For example, the first data may be a photograph in a gallery, and the instruction to acquire the first data may be "/#is/data/media/0/DCIM/Camera". The instruction that the first data decryption was successful may be "img_20230423_093709.jpg cache".
2. And encrypting the CE key based on the user account to obtain a second encryption CE key and storing the second encryption CE key.
In this application, the electronic device 100 may provide a temporary destruction CE key function. After the temporary destruction CE key function is turned on, the electronic device 100 may encrypt the CE key based on the user account logged on the electronic device 100, to obtain a second encrypted CE key. The electronic device 100 stores the second encryption CE key within the secure chip. In this way, after the electronic device 100 is lost, the user can remotely operate to delete the first encryption CE key stored in the erasable partition of the electronic device 100 and the CE key stored in the key module, so that the data encrypted based on the CE key in the electronic device 100 cannot be decrypted, and further, the situation that the user data in the electronic device 100 is revealed is avoided.
Optionally, after the user remotely operates to delete the first encryption CE key stored in the erasable partition of the electronic device 100, the user finds the electronic device 100 again. The electronic device 100 may obtain the second encryption CE key from the security chip when the account number password logged in by the electronic device 100 is verified to be correct and the screen locking password is verified to be correct, and decrypt the second encryption CE key based on the user account number logged in by the electronic device 100 to obtain the CE key.
In one aspect, the electronic device 100 may decrypt the encrypted DEK key based on the CE key to obtain the DEK key. The electronic device 100 decrypts the encrypted data based on the DEK key to obtain unencrypted data. The user may then view the unencrypted data and use the unencrypted data.
On the other hand, after the electronic device 100 obtains the CE key, the CE key may be stored in the key ring module, so that after the electronic device 100 locks the screen and enters the main interface, the CE key may be quickly obtained from the key ring module to decrypt the encrypted data, and unencrypted data is obtained. The electronic device 100 also needs to encrypt the CE key based on the lock screen password and store the CE key in the erasable partition. Because the electronic device 100 clears the CE key stored in the key ring module after the shutdown restart, the electronic device 100 encrypts the CE key based on the lock screen password and stores the encrypted CE key in the erasable partition, so that the electronic device 100 can recover the CE key stored in the key ring module based on the first encrypted CE key stored in the erasable partition after the shutdown restart.
Fig. 6A-6E illustrate schematic diagrams of the electronic device 100 receiving a user operation to turn on the temporary destruction CE key function.
Alternatively, the user may turn on the temporary destruction CE key function in the setup application.
For example, as shown in fig. 6A, the electronic device 100 may receive a sliding operation (e.g., an upward sliding operation) by a user on the user interface 220, and in response to the sliding operation by the user, the electronic device 100 may display the user interface 610 shown in fig. 6B. User interface 610 is similar to user interface 220, except that a find device service option 601 is also included in user interface 610.
As shown in fig. 6B, the electronic device 100 may receive an input operation (e.g., a single click) by a user for looking up the device service option 601 in the user interface 610, and in response to the input operation by the user, the electronic device 100 may display the user interface 620 shown in fig. 6C.
As shown in fig. 6C, a plurality of function options are shown in user interface 620. For example, find my device option, find my device function off. The send last position option, the send last position function is turned off, and after the send last position function is turned on, the electronic device 100 may automatically report position information when the power is low. The remote connection network option, the remote connection network function is closed, and after the remote connection network function is opened, the electronic device 100 can automatically open mobile data on the device when the mobile data cannot be searched due to off-network. The shutdown verification password option is that the shutdown verification password function is started, and after the shutdown verification password function is started, the electronic device 100 is shut down in a screen locking mode, and a user is required to input a screen locking password to prevent the device from being shut down after being lost. The temporary destroying data option 6201, the temporary destroying data function is closed, after the temporary destroying data function is started, the electronic device 100 can encrypt the data on the device into a message, a non-owner cannot acquire the data stored by the mobile phone, and the data can be recovered after the mobile phone is recovered and the verification account is successful.
As shown in fig. 6C, the electronic device 100 may receive an input operation (e.g., a click) by the user on the temporary destruction data option 6201 in the user interface 620, and in response to the input operation by the user, the electronic device 100 may change a display form of the temporary destruction data option 6201, for example, display a display form as shown in fig. 6D, to prompt the user that the temporary destruction data function of the electronic device 100 is turned on, that is, that the temporary destruction CE key function is turned on.
Optionally, after the temporary destruction CE key function is turned on, the electronic device 200 obtains a user account that needs to be logged in on the electronic device 100 for the second encrypted CE key. In the event that the electronic device 100 is not logged into the user account, the electronic device 100 may prompt the user to log into the user account so that the second encrypted CE key may be obtained and saved.
For example, as shown in fig. 6E, when the electronic device 100 detects that the temporary destruction CE key function is turned on, the electronic device 100 may display the prompt 6202 shown in fig. 6E, where the prompt 6202 includes "you have not logged in to the user account of the device, and the function may be used after logging in to the user account of the device". The prompt 6202 is used to prompt the user to log into the user account of the electronic device 100. The prompt 6202 further includes an option 6203, and the electronic device 100 may receive an input operation (e.g., a click) of the user on the option 6203 in the prompt 6202, and in response to the input operation by the user, the electronic device 100 may display a user account login interface, and receive the ID of the user account and the password of the user account input by the user at the user account login interface.
Optionally, if the user selects to not log in the user account of the electronic device 100, the electronic device 100 may switch the display form of the temporary destruction data option 6201 to the display form shown in fig. 6C, so as to prompt the user that the temporary destruction data function cannot be used without logging in the user account of the electronic device 100.
Fig. 7 shows a flow chart of a method of generating and storing a second encryption CE key by the electronic device 100.
As shown in fig. 7, the electronic device 100 includes a vold module, a unified key storage management service client application (honor universal keystore service client application, HUKS CA) module, a unified key storage management service trusted application (honor universal keystore service trusted application, HUKS TA) module, and a security chip.
S701, a vold module acquires a hash value of a user account ID.
As can be seen from fig. 6A to fig. 6E, after the electronic device 100 receives the user operation to turn on the temporary destroying CE key function, the electronic device 100 may directly obtain the hash value of the user account ID when the electronic device 100 has logged in the user account.
In the event that the electronic device 100 does not log in to the user account, the electronic device 100 may prompt the user to log in to the user account. Temporary destruction CE key functionality may only be used at electronic devices that have logged in to the user account.
After the electronic device 100 logs in the user account, the vold module may obtain a hash value of the user account ID.
In other embodiments, the vold module may also obtain the user account ID or the user account password, which is not limited in this application.
S702, the vold module sends the hash value of the user account ID and the CE key to the HUKS CA module.
As can be seen from the descriptions of fig. 2A-2C, after the electronic device 100 receives a user operation to turn on the CE key generation function, the vold module may generate the CE key and store the CE key in the key ring module. On the other hand, the SE secret is stored in the erasable partition after being encrypted by the lock screen password.
After the electronic device 100 receives the user operation to open the temporary destruction CE key function, the vold module may obtain the hash value of the user account ID when the electronic device 100 has logged in to the user account.
The vold module then sends the hash value of the user account ID and the CE key to the HUKS CA module. The HUKS CA module can store the hash value of the user account ID and the CE secret key in the security chip. And the hash value of the user account ID and the leakage of the CE secret key are avoided.
S703, the HUKS CA module sends the hash value of the user account ID and the CE key to the keymaster TA module.
S704, the key master TA module encrypts the CE key based on the hash value of the user account ID to obtain a second encrypted CE key.
And S705, the keymaster TA module encrypts the hash value of the user account ID based on the hardware unique key HUK to obtain the hash value of the encrypted user account ID.
After receiving the hash value of the user account ID and the CE key sent by the vold module, the HUKS CA module can call the keyaster TA module, and the hash value of the user account ID and the CE key are encrypted by the keyaster TA module and then stored in the security chip.
Specifically, the keymaster TA module may encrypt the CE key based on the hash value of the user account ID to obtain a second encrypted CE key. The keymaster TA module may encrypt the CE key based on the hash value of the user account ID to obtain a second encrypted CE key.
Alternatively, in other embodiments, the vold module may send the user account ID, which is the user account password, to the HUKS CA module. The HUKS CA module invokes the keyaster TA module again to encrypt and store the user account ID and the user account password in the security chip. For example, the keymaster TA module may encrypt the user account ID and the latter user account password based on the hardware unique key HUK, obtain the encrypted user account ID or the encrypted user account password, and store the encrypted user account ID or the encrypted user account password in the security chip.
Optionally, when the keymaster TA module encrypts to obtain the second encrypted CE key or the hash value of the encrypted user account ID, other parameters may be combined, which is not limited to the hash value of the user account ID and the hardware unique key HUK, and the application is not limited to this.
S706, the keymaster TA module sends the second encryption CE key and the hash value of the encrypted user account ID to the security chip.
S707, the security chip stores the hash value of the second encryption CE key and the encryption user account ID.
After the electronic device 100 opens the temporary destroying CE key function, the electronic device 100 may additionally encrypt the CE key to obtain a second encrypted CE key, and store the second encrypted CE key and the hash value of the encrypted user account ID in the security performance with the highest security performance. Thus, even if the electronic device 100 is lost, it is difficult for an attacker to obtain the second encryption CE key, the hash value of the encrypted user account ID, from the security chip. And, after the electronic device 100 is lost, the user may remotely delete the CE key stored in the key and the first encrypted CE key stored in the erasable partition in the electronic device 100. While the data within the electronic device 100 is in an encrypted state. If the attacker cannot obtain the CE key, the attacker cannot decrypt the encrypted data on the electronic device 100, and cannot steal the data of the user. By this method, the security of the data stored on the electronic device 100 is ensured.
Temporary destruction of CE keys
The application provides a temporary destroying method for a CE key, when an electronic device 100 is lost, a user may log in a user account logged in the electronic device 100 on other devices, and the user may remotely operate on the other devices to delete the CE key stored in a key module on the electronic device 100 and store a first encrypted CE key stored in an erasable partition. Thus, after the instant electronic device 100 is lost, even if an attacker gets into the main interface beyond the screen locking password, the CE key stored in the key ring module and the first encrypted CE key stored in the erasable partition are deleted, and the attacker cannot acquire the CE key, so that the attacker cannot decrypt the encrypted data.
Fig. 8A-8E illustrate a remote operation to delete a CE key and a first encryption CE key stored on an electronic device 100.
By way of example, the other device may be an electronic device 200, the electronic device 200 being different from the electronic device 100.
Fig. 8A illustrates a main interface of the electronic device 200 including icons of a plurality of applications, such as an icon of a weather application, an icon of a glowing store application, an icon of a smart home application, an icon of a sports health application, an icon of a memo application, an icon of a calendar application, an icon of a life service application, an icon of a search device application, an icon of a camera application, an icon of an address book application, an icon of a telephone application, an icon of an information application, and the like. The main interface also shows a power indicator, weather indicator, date indicator, network signal indicator, page indicator, etc.
As shown in fig. 8A, the electronic device 200 may receive an input operation (e.g., a single click) by a user for finding an icon of a device application in the main interface shown in fig. 8A, and in response to the input operation by the user, the electronic device 200 may display the user interface 810 shown in fig. 8B. The user interface 810 is used to prompt a user to enter an account ID and an account password for a user account logged on the electronic device 100.
As shown in fig. 8C, after the user inputs the account ID and the account password of the user account logged in on the electronic device 100 in the user interface 810, the electronic device 200 may receive an input operation (e.g., a click) of the user for determining an option in the user interface 810, and in response to the input operation of the user, the electronic device 200 may display the user interface 820 shown in fig. 8D.
The account name of a user account logged on to the electronic device 100 is shown in the user interface 820, e.g. the account name may be "Lisa". A user account logged on to the electronic device 100 may be associated with a plurality of devices, and the user may select a missing device from the plurality of devices in the user interface 820 and delete the CE key stored in the key module on the device and the first encrypted CE key stored in the erasable partition.
As shown in FIG. 8D, the plurality of devices may include device "glowing Magic5" and device "Watch Magic 2". Among other things, the device "glory magic5" may be the electronic device 100.
As shown in fig. 8D, the electronic device 200 may receive an input operation (e.g., a single click) by a user for an icon of the device "glowing magic5" in the user interface 820, and in response to the input operation by the user, the electronic device 200 may display the user interface 830 shown in fig. 8E. A number of options are shown in the user interface 830, such as a delete data option and a find location option.
As shown in fig. 8E, the electronic device 200 may receive an input operation (e.g., a single click) by a user for deleting a data option in the user interface 830, and in response to the input operation by the user, the electronic device 200 may display the user interface 840 shown in fig. 8F. A permanent delete option and a temporary destroy option are shown in the user interface 840. Wherein the electronic device 200 may receive a user input operation (e.g., a single click) for a permanent delete option in the user interface 840, in response to which the electronic device 200 may send a message to the server 300, in response to which the electronic device 200 sends a data formatting request to the electronic device 100. After receiving the data formatting request sent by the server 300, the electronic device 100 may delete all the data stored on the electronic device 100, i.e. restore the factory settings. The electronic device 200 may also receive a user input (e.g., a single click) for a temporary destruction option in the user interface 840, in response to which the electronic device 200 may send a message to the server 300, and in response to which the electronic device 200 sends a CE key deletion request to the electronic device 100. After receiving the CE key deletion request sent by the server 300, the electronic device 100 may delete the CE key stored in the key module on the electronic device 100 and the first encrypted CE key stored in the erasable partition.
For example, as shown in fig. 8F, the electronic device 200 may receive an input operation (e.g., a click) by the user for the temporary destruction option in the user interface 840, in response to the input operation by the user, the electronic device 200 may send a message to the server 300, and in response to the message sent by the electronic device 200, the server 300 may send a CE key deletion request to the electronic device 100. After receiving the CE key deletion request sent by the server 300, the electronic device 100 may delete the CE key stored in the key module on the electronic device 100 and the first encrypted CE key stored in the erasable partition.
Alternatively, the user is not limited to remotely controlling the electronic device 100 in the manner shown in fig. 8A-8F to delete the CE key stored in the key module on the electronic device 100 and the first encrypted CE key stored in the erasable partition. In other embodiments, the user may also log on to a web page to a user account logged on to the electronic device 100. The CE key deletion request is transmitted to the electronic device 100 through the server 300 in operation on the web page. The CE key stored in the key module on the electronic device 100, and the first encrypted CE key stored in the erasable partition, are deleted.
Not only in the above manner, the user may remotely control the electronic device 100 in other manners to delete the CE key stored in the key module on the electronic device 100 and the first encrypted CE key stored in the erasable partition, which is not limited in this application.
Fig. 8G shows a schematic diagram of remote deletion of a CE key and a first encrypted CE key stored on the electronic device 100.
S801, the server 300 receives a message sent by the electronic device 200, where the message is used to destroy the CE key temporarily stored on the electronic device 100, and a first application on the electronic device 200 logs in with a user account logged in on the electronic device 100.
The electronic device 200 may receive a user operation to open a first application, and log in a first user account in the first application, where the first user account is a user account logged in on the electronic device 100.
The first application may be, for example, a find device application as shown in fig. 8A.
For example, the electronic device 200 may log in a first user account in a first application based on the manner shown in fig. 8B-8C.
The electronic device 200 receives a user operation for destroying the CE key and the first encryption CE key stored on the electronic device 100.
The user operation may be an input operation for the temporary destruction option shown in fig. 8F, for example.
In some embodiments, the first user account is associated with a plurality of devices, each having the first user account logged on. The electronic device 200 may prompt the user to select which of the lost devices is, such as the selection operation for device "glowing magic5" shown in fig. 8D-8E.
In response to a user operation, the electronic device 200 may transmit a CE key deletion request to the server 300.
When the electronic device 200 transmits the CE key deletion request to the server 300, the electronic device 200 may also transmit a device identification of the user selected device, such as the device identification of the electronic device 100, to the server 300.
S802, in response to the message, the server 300 transmits a CE key deletion request to the electronic device 100.
S803, in response to the CE key deletion request, the electronic device 100 sends the CE key deletion request to the vold module.
When the electronic device 200 transmits the CE key deletion request to the server 300, the electronic device 200 may also transmit a device identification of the user selected device, such as the device identification of the electronic device 100, to the server 300.
In one possible implementation, the device identification of the electronic device 100 may be sent to the server 300 carried in a CE key deletion request.
In other possible implementations, the device identification of the electronic device 100 may be sent to the server 300 independent of the CE key deletion request.
In response to the user's input operation for the temporary destruction option shown in fig. 8F, the electronic device 200 may send a CE key deletion request to the server 300 for deleting the CE key and the first encrypted CE key stored on the electronic device 100.
The server 300 sends a CE key deletion request to the vol d module on the electronic device 100.
S804, the vold module deletes the CE module stored in the key ring module.
S805, the vold module deletes the first encryption CE key stored in the erasable partition through the keymaster TA module.
After receiving the CE key deletion request sent by the server 300, the vold module may send a CE key deletion request to the key ring module to request the key ring module to delete the CE key stored in the key ring module.
After receiving the CE key deletion request sent by the server 300, the vold module may send a first encryption CE key deletion request to the keymaster CA module to request the keymaster CA module to delete the first encryption CE key stored in the erasable partition.
After receiving the first encryption CE key deletion request sent by the keymaster TA module, the keymaster CA module may invoke the keymaster TA module to delete the first encryption CE key stored in the erasable partition. Specifically, the keymaster CA module may send a first encryption CE key deletion request to the keymaster TA module, where after the keymaster TA module receives the first encryption CE key deletion request, the keymaster TA module sends the first encryption CE key deletion request to the erasable partition.
After receiving the first encryption CE key deletion request sent by the keymaster TA module, the erasable partition may delete the first encryption CE key in response to the first encryption CE key deletion request.
Fig. 9 is a flowchart of a method for remotely deleting a CE key stored in a key module on the electronic device 100 and storing a first encrypted CE key in an erasable partition.
S901, the electronic device 200 logs in a first user account in a first application, where the first user account is a user account logged in on the electronic device 100.
The electronic device 200 may receive a user operation to open a first application, and log in a first user account in the first application, where the first user account is a user account logged in on the electronic device 100.
The first application may be, for example, a find device application as shown in fig. 8A.
For example, the electronic device 200 may log in a first user account in a first application based on the manner shown in fig. 8B-8C.
S902, the electronic device 200 receives a user operation for destroying the CE key and the first encryption CE key stored on the electronic device 100.
The user operation may be an input operation for the temporary destruction option shown in fig. 8F, for example.
In some embodiments, the first user account is associated with a plurality of devices, each having the first user account logged on. The electronic device 200 may prompt the user to select which of the lost devices is, such as the selection operation for device "glowing magic5" shown in fig. 8D-8E.
S903, in response to the user operation, the electronic device 200 may transmit a CE key deletion request to the server 300.
When the electronic device 200 transmits the CE key deletion request to the server 300, the electronic device 200 may also transmit a device identification of the user selected device, such as the device identification of the electronic device 100, to the server 300.
In one possible implementation, the device identification of the electronic device 100 may be sent to the server 300 carried in a CE key deletion request.
In other possible implementations, the device identification of the electronic device 100 may be sent to the server 300 independent of the CE key deletion request.
In response to the user's input operation for the temporary destruction option shown in fig. 8F, the electronic device 200 may send a CE key deletion request to the server 300 for deleting the CE key and the first encrypted CE key stored on the electronic device 100.
S904, the server 300 sends a CE key deletion request to the vold module on the electronic device 100.
The server 300 may send the CE key deletion request to the electronic device 100 based on the device identification of the electronic device 100 after receiving the CE key deletion request and the device identification of the electronic device 100 sent by the server 300.
S905, the vold module sends a CE key deletion request to the key ring module.
After receiving the CE key deletion request sent by the server 300, the vold module may send a CE key deletion request to the key ring module to request the key ring module to delete the CE key stored in the key ring module.
S906, deleting the CE key by the key module.
S907, the key ring module sends a deletion success message to the vold module.
In response to the CE key deletion request sent by the vold module, the key module may delete the CE key stored in the key module. After the key module deletes the CE key stored in the key module, the key module may send a delete success message to the vold module to inform the vold module that the CE key has been deleted successfully.
S908, the vold module sends a first encryption CE key deletion request to the keymaster CA module.
S909, the keymaster CA module sends a first encryption CE key deletion request to the keymaster TA module.
S910, the Keymaster TA module sends a first encryption CE key deletion request to the erasable partition.
After receiving the CE key deletion request sent by the server 300, the vold module may send a first encryption CE key deletion request to the keymaster CA module to request the keymaster CA module to delete the first encryption CE key stored in the erasable partition.
After receiving the first encryption CE key deletion request sent by the keymaster TA module, the keymaster CA module may invoke the keymaster TA module to delete the first encryption CE key stored in the erasable partition. Specifically, the keymaster CA module may send a first encryption CE key deletion request to the keymaster TA module, where after the keymaster TA module receives the first encryption CE key deletion request, the keymaster TA module sends the first encryption CE key deletion request to the erasable partition.
S911, in response to the first encryption CE key deletion request, the erasable partition deletes the first encryption CE key.
After receiving the first encryption CE key deletion request sent by the keymaster TA module, the erasable partition may delete the first encryption CE key in response to the first encryption CE key deletion request.
S912, the erasable partition sends a deletion success message to the keymaster TA module.
S913, the keymaster TA module sends a delete success message to the keymaster CA module.
S914, the key later CA module sends a deletion success message to the key ring module.
After deleting the first encryption CE key, the erasable partition may send a delete success message to the keymaster TA module to inform the keymaster TA module that the erasable partition has successfully deleted the first encryption CE key.
Similarly, after receiving the deletion success message sent by the erasable partition, the keymaster TA module may send a deletion success message to the keymaster CA module to inform the keymaster CA module that the erasable partition has successfully deleted the first encrypted CE key.
Similarly, after receiving the deletion success message sent by the keylater TA module, the keylater CA module may send a deletion success message to the key ring module to inform the key ring module that the erasable partition has successfully deleted the first encrypted CE key.
S915, the vold module sends the CE key and the first encryption CE key deletion success message to the server 300.
After receiving the deletion success message sent by the key module and the deletion success message sent by the key CA module, the vold module may send a CE key and a first encryption CE key deletion success message to the server 300. To inform the server 300 that the electronic device 100 has successfully deleted the CE key stored in the key module and the first encrypted CE key stored in the erasable partition.
Optionally, after the electronic device 100 deletes the CE key stored in the key module and the first encrypted CE key stored in the erasable partition, the electronic device 100 may prompt the user to input the user account logged in on the electronic device 100 to verify that the user account input by the user is the same as the user account logged in on the electronic device 100, for example, the verification interface shown in fig. 11A is displayed. In the case that the verification is passed, the electronic device 100 may recover the CE key stored in the key ring module and the first encrypted CE key stored in the erasable partition, so as to decrypt the encrypted data on the electronic device 100. If the verification is not passed, the electronic device 100 cannot recover the CE key stored in the key module and the first encrypted CE key stored in the erasable partition, so that the encrypted data on the electronic device 100 cannot be decrypted.
S916, the server 300 transmits the CE key and the first encryption CE key deletion success message to the electronic device 200.
S917, the electronic device 200 displays prompt information that the CE key and the first encryption CE key are successfully unloaded.
Optionally, after receiving the CE key and the first encrypted CE key deletion success message sent by the electronic device 100, the server 300 may send the CE key and the first encrypted CE key deletion success message to the electronic device 200. After receiving the CE key and the first encrypted CE key deletion success message, the electronic device 200 may display a prompt message for prompting the user that the CE key stored in the key ring module on the electronic device 100 and the first encrypted CE key stored in the erasable partition have been deleted successfully, and that the attacker cannot decrypt the encrypted data on the electronic device 100.
Fig. 10 is a flowchart of a method for failing to acquire unencrypted first data after an attacker enters a mobile phone main interface through an abnormal means.
As shown in fig. 10, the electronic device 100 includes an authentication module, (universal flash storage controller, UFS controller) module, a file system, and a keying module.
S1001, the user account logged in on the electronic device 100 fails to verify.
As can be seen from the description of fig. 9, after the electronic device 100 deletes the CE key stored in the key module and the first encrypted CE key stored in the erasable partition, the electronic device 100 may prompt the user to input the user account logged in on the electronic device 100 to verify that the user account input by the user is the same as the user account logged in on the electronic device 100, for example, the verification interface shown in fig. 11A is displayed.
An attacker may be an owner of the non-electronic device 100, for example, who picks up the user of the electronic device 100. When an attacker wants to obtain plaintext data on the electronic device 100, the user account logged on the electronic device 100 needs to be verified. The user account name and password entered by the emergency attacker needs to be consistent with the user account name and password logged on the electronic device 100. In the event of an inconsistency, the electronic device 100 may display a message that the authentication failed. Thus, an attacker cannot access the main interface of the electronic device 100 to access the plaintext data within the electronic device 100.
S1002, the attacker illegally acquires the first encrypted data on the electronic device 100.
In some embodiments, an attacker may obtain encrypted data (e.g., first encrypted data) on the electronic device 100 by an illegal means.
The first encrypted data may be, for example, a picture in a gallery application.
For example, the desktop of the electronic device 100 may be illegally accessed through an adb command, without verifying the user account and password logged on the electronic device 100.
And S1003, the UFS controller module receives the first encrypted data decryption request.
When an attacker illegally enters the desktop of the electronic device 100 and obtains the first encrypted data, the first encrypted data needs to be decrypted, and then the DEK key for decrypting the first encrypted data needs to be obtained. A first encrypted data decryption request may be sent to the UFS controller module indicating that the UFS controller module has acquired the DEK key.
S1004, the UFS controller module sends a DEK key obtaining request to the file system.
After receiving the first encrypted data decryption request, the UFS controller module may send a request for obtaining the DEK key to the file system in order to obtain the DEK key.
S1005, the file system acquires an encryption DEK key for decrypting the first encrypted data.
Alternatively, the encrypted DEK key may be obtained from metadata of the first encrypted data. After receiving the DEK key request sent by the UFS controller module, the file system may obtain an encrypted DEK key for decrypting the first encrypted data.
S1006, the file system sends a request for acquiring the CE key to the key ring module.
After the file system obtains the encrypted DEK key, in order to decrypt the encrypted DEK key to obtain the DEK key, the file system may send a request for obtaining the CE key to the key module, where the CE key may be used to decrypt the encrypted DEK key to obtain the DEK key.
S1007, the key module sends a CE key deleted notification to the file system.
After receiving a CE key obtaining request sent by a file system, the key module may send a CE key deleted notification to the file system after the key module has deleted the CE key.
S1008, the decryption of the file system encryption DEK key fails.
After the file system receives the notification that the CE key sent by the key module has been deleted, that is, the file system does not acquire the CE key, the encrypted DEK key cannot be decrypted, that is, the DEK key cannot be obtained, and at this time, the decryption of the encrypted DEK key fails.
S1009, the file system sends an encryption DEK key decryption failure message to the UFS controller module.
After the file system does not acquire the CE key, the file system cannot decrypt the encrypted DEK key, and cannot acquire the DEK key, and after the decryption of the encrypted DEK key fails, the file system may send a decryption failure message of the encrypted DEK key to the UFS controller module.
S1010, the decryption of the first encrypted data fails.
After obtaining the decryption failure message of the encrypted DEK key sent by the file system, the UFS controller module cannot obtain the DEK key, and cannot decrypt the first encrypted data, so that the decryption of the first encrypted data fails. The attacker cannot acquire the first data, so that the data security of the user is protected.
After an attacker illegally enters the desktop of the electronic device 100 through the adb command and obtains the first encrypted data, the attacker cannot obtain the CE key, that is, cannot decrypt the encrypted DEK key to obtain the DEK key, that is, cannot obtain the first data, because the CE key is deleted, thereby avoiding the occurrence of the situation of user data leakage. When the first encrypted data Is an encrypted picture in the gallery, the attacker obtains the first encrypted data through the adb command and cannot decrypt the first encrypted data, the electronic device 100 may prompt the user that the data obtaining fails, and the obtaining instruction may be ":/Is/data/media/0/DCIM/Camera". The instruction of the decryption failure of the first encrypted data may be "Is: data/media/0/DCIM/Camera: NO such file or directory).
In some embodiments, the user retrieves the electronic device 100 after the electronic device 100 is lost. To enable the user to continue to use the electronic device 100 and view user data stored within the electronic device 100. The user may retrieve the CE key stored in the key ring module on the electronic device 100.
In other embodiments, after the electronic device 100 retrieves, in order to recover the CE key stored in the key module after the electronic device 100 is turned off and restarted, the electronic device 100 may encrypt the CE key and store the encrypted CE key in the erasable partition.
Optionally, after the electronic device 100 is lost, the user retrieves the electronic device 100 again, so as to verify the identity of the user, and ensure that the current user is the owner of the electronic device 100. The electronic device 100 needs to verify the user account number and the lock screen password. After both are verified, the electronic device 100 enters the main interface and decrypts the encrypted data to obtain the plaintext data.
Fig. 11A-11B show schematic diagrams for verifying the identity of a user.
As shown in fig. 11A, after the user retrieves the electronic device 100, the electronic device 100 may prompt the user to enter a user account logged on the electronic device 100. In the case that the user account input by the user is the same as the user account logged in on the electronic device 100, the electronic device 100 may prompt the user to verify the screen locking password.
As shown in fig. 11B, the electronic device 100 may prompt the user to enter a lock screen password for the electronic device 100. In the case where the screen locking password input by the user is the same as the screen locking password stored in the electronic device 100, the electronic device 100 may perform an unlocking operation and enter into the main interface of the electronic device 100.
Fig. 12 shows a schematic diagram of the electronic device 100 verifying the identity of a user.
S1201, whether the user account logged in on the electronic device 100 passes the verification.
The electronic device 100 may display the user interface shown in fig. 11A, and prompt the user to input the account ID and the account password of the user account that is logged in electronically.
Under the condition that the account ID and the account password of the user account input by the user are consistent with the account ID and the account password of the user account logged in on the electronic device 100, the electronic device 100 can confirm that the user account verification passes.
The process of user account verification may include: and (3) verifying the account ID of the user account and verifying the account password of the user account.
The electronic device 100 receives an account ID of a user account input by a user, and sends the account ID of the user account input by the user to the HUKS TA module. The HUKS TA module can acquire a hash value of the encrypted user account ID from the security chip and acquire a hardware unique key HUK. The HUKS TA module can decrypt the hash value of the encrypted user account ID based on the hardware unique key HUK to obtain the hash value of the user account ID. The HUKS TA module calculates a hash value of the account ID of the user account input by the user, and under the condition that the hash value of the account ID of the user account input by the user is the same as the hash value of the user account ID stored in the security chip, the electronic device 100 can confirm that the account ID verification of the user account passes.
The electronic device 100 also needs to send the account ID and the account password of the user account input by the user to the server 300. The server 300 may acquire the account ID of the user account input by the user to the account password stored in the server 300. Under the condition that the account password stored in the server 300 is the same as the account password of the user account input by the user, the electronic device 100 can confirm that the account password verification of the user account passes.
In the case where the user account registered on the electronic device 100 is authenticated, S1202 is executed.
In the case that the user account number registered on the electronic device 100 is not verified, the flow ends.
S1202, whether the screen locking password on the electronic device 100 passes verification.
The electronic device 100 may display the user interface shown in fig. 11B, prompting the user to enter a lock screen password for the electronic device 100.
Under the condition that the screen locking password of the electronic device 100 input by the user is consistent with the screen locking password stored in the electronic device 100, the electronic device 100 can confirm that the screen locking password passes verification.
The process of screen locking password verification may include: the electronic device 100 receives a screen lock password entered by a user. And the screen locking password input by the user is sent to the keymaster TA module. The keymaster TA module can acquire the hash value of the encrypted screen locking password from the erasable partition, and then acquire the hardware unique key HUK. The keymaster TA module can decrypt the hash value of the encrypted screen locking password based on the hardware unique key HUK to obtain the hash value of the screen locking password. The keymaster TA module may calculate a hash value of the screen locking password entered by the user. In the case that the hash value of the screen locking password stored in the erasable partition is the same as the hash value of the screen locking password input by the user, the electronic device 100 may confirm that the screen locking password passes the verification.
In the case where the screen lock password authentication on the electronic device 100 passes, S1203 is executed.
In the event that the lock screen password verification on the electronic device 100 is not passed, the flow ends.
S1203, the security chip acquires the second encryption CE key and the hash value of the encryption user account ID, and sends the second encryption CE key and the hash value of the encryption user account ID to the HUKS TA module.
Optionally, after the electronic device 100 verifies that the user account and the screen locking password pass, the electronic device 100 may send a verification success notification to the security chip, and after receiving the verification success notification, the security chip may obtain the second encryption CE key and the hash value of the encrypted user account ID, and send the second encryption CE key and the hash value of the encrypted user account ID to the HUKS TA module.
And S1204, the HUKS TA module decrypts the second encryption CE key based on the hash value of the user account ID to obtain a CE key, the CE key is sent to the vold module through the HUKS CA module, and the vold module sends the CE key to the key module.
After receiving the second encrypted CE key and the hash value of the encrypted user account ID, the HUKS TA module may obtain the hardware unique key HUK. The keymaster TA module may decrypt the hash value of the encrypted user account ID based on the hardware unique key HUK to obtain the hash value of the user account ID. The HUKS TA module decrypts the second encryption CE key based on the hash value of the user account ID to obtain the CE key. The HUKS TA module sends the CE key to the HUKS CA module, the HUKS CA module sends the CE key to the vold module, and the vold module sends the CE key to the key module.
And S1205, decrypting the encrypted DEK key by the key module based on the CE key to obtain the DEK key. And decrypting the first encrypted data based on the DEK key to obtain the first data.
The key module may obtain an encrypted DEK key from metadata of the first encrypted data, and decrypt the encrypted DEK key based on the CE key to obtain the DEK key. And the keying module decrypts the first encrypted data based on the DEK key to obtain the first data.
Thus, after the electronic device 100 verifies that the user account and the screen locking password both pass, the electronic device 100 may decrypt the encrypted DEK key in the manner of S1203-S1205 to obtain the DEK key. The first encrypted data may then be decrypted based on the DEK key to obtain the first data. The user may view and use the unencrypted first data.
And S1206, the vold module sends the CE key to the keymaster TA module, and the keymaster TA module encrypts the CE key based on the hash value of the screen locking password to obtain a first encrypted CE key and stores the first encrypted CE key in the erasable partition.
The vold module may store CE keys. In addition, the CE key also needs to be sent to the keymaster TA module, and the keymaster TA module encrypts the CE key based on the hash value of the screen locking password to obtain a first encrypted CE key, and stores the first encrypted CE key in the erasable partition.
Fig. 13 is a flowchart of a method for decrypting encrypted data on an electronic device 100 according to the present application.
The electronic device 100 includes a verification module, a vold module, a HUKS CA module, a HUKS TA module, and a security chip.
S1301, the verification module confirms that the user account logged in the electronic device 100 passes verification.
For example, the verification module may display the user interface shown in fig. 11A, prompting the user to input the account ID and the account password of the user account that is logged in electronically.
Under the condition that the account ID and the account password of the user account input by the user are consistent with the account ID and the account password of the user account logged in on the electronic device 100, the verification module can confirm that the user account verification passes.
The process of user account verification may include: and (3) verifying the account ID of the user account and verifying the account password of the user account.
The verification module receives the account ID of the user account input by the user and sends the account ID of the user account input by the user to the HUKS TA module. The HUKS TA module can acquire a hash value of the encrypted user account ID from the security chip and acquire a hardware unique key HUK. The HUKS TA module can decrypt the hash value of the encrypted user account ID based on the hardware unique key HUK to obtain the hash value of the user account ID. The HUKS TA module calculates the hash value of the account ID of the user account input by the user, and the verification module can confirm that the account ID of the user account passes verification under the condition that the hash value of the account ID of the user account input by the user is the same as the hash value of the user account ID stored in the security chip.
The authentication module also needs to send the account ID and the account password of the user account input by the user to the server 300. The server 300 may acquire the account ID of the user account input by the user to the account password stored in the server 300. Under the condition that the account password stored in the server 300 is the same as the account password of the user account input by the user, the verification module can confirm that the account password verification of the user account passes.
In the case where the user account registered on the electronic device 100 is authenticated, S1302 is performed.
In the case that the user account number registered on the electronic device 100 is not verified, the flow ends.
Optionally, in the case that the user account logged in on the electronic device 100 is not verified, the verification module may prompt the user account to input a mistake and please re-input the user account.
S1302, the screen locking password verification on the electronic equipment 100 is passed.
The authentication module may display the user interface shown in fig. 11B, prompting the user to enter a lock screen password for the electronic device 100.
And under the condition that the screen locking password of the electronic device 100 input by the user is consistent with the screen locking password stored in the electronic device 100, the verification module can confirm that the screen locking password passes verification.
The process of screen locking password verification may include: the verification module receives a screen locking password input by a user. And the screen locking password input by the user is sent to the keymaster TA module. The keymaster TA module can acquire the hash value of the encrypted screen locking password from the erasable partition, and then acquire the hardware unique key HUK. The keymaster TA module can decrypt the hash value of the encrypted screen locking password based on the hardware unique key HUK to obtain the hash value of the screen locking password. The keymaster TA module may calculate a hash value of the screen locking password entered by the user. And under the condition that the hash value of the screen locking password stored in the erasable partition is the same as the hash value of the screen locking password input by the user, the verification module can confirm that the screen locking password passes verification.
In the case where the screen lock password authentication on the electronic device 100 passes, S1203 is executed.
In the event that the lock screen password verification on the electronic device 100 is not passed, the flow ends.
Optionally, if the screen lock password on the electronic device 100 is not verified, the verification module may prompt the user that the screen lock password is input incorrectly, and please re-input the screen lock password.
S1303, the verification module sends a request for recovering the CE key to the vold module.
In the case where the verification module verifies that the user account logged in on the electronic device 100 and the screen locking password both pass, the verification module may send a request for recovering the CE key to the vold module for recovering the CE key stored in the key ring and the first encrypted CE key stored in the erasable partition.
S1304, the vold module sends a hash value request for decrypting the second encrypted CE key and decrypting the encrypted user account ID to the HUKS CA module.
After receiving the request for recovering the CE key sent by the verification module, the vold module may send a hash value request for decrypting the second encrypted CE key and decrypting the encrypted user account ID to the HUKS CA module.
S1305, the HUKS CA module sends a hash value request for decrypting the second encryption CE key and decrypting the encrypted user account ID to the HUKS TA module.
S1306, the HUKS TA module sends a hash value request for decrypting the second encryption CE key and decrypting the encrypted user account ID to the security chip.
The HUKS CA module can acquire the hash value of the second encryption CE secret key and the encryption user account ID from the security chip through the HUKS TA module.
The HUKS CA module can decrypt through the HUKS TA module to obtain the CE key. Specifically, the HUKS CA module sends a hash request to the HUKS TA module to decrypt the second encrypted CE key and decrypt the encrypted user account ID. The HUKS TA module sends a hash value request for decrypting the second encryption CE key and decrypting the encrypted user account ID to the security chip.
S1307, the security chip sends the second encryption CE key and the hash value of the encrypted user account ID to the HUKS TA module.
After receiving the request for decrypting the second encryption CE key and decrypting the hash value of the encrypted user account ID sent by the HUKS TA module, the security chip may obtain the second encryption CE key and the hash value of the encrypted user account ID. The security chip then sends the second encrypted CE key and the hash value of the encrypted user account ID to the HUKS TA module.
S1308, the HUKS TA module decrypts to obtain the CE key.
After receiving the second encryption CE key sent by the security chip and the hash value of the encrypted user account ID, the HUKS TA module can acquire the hardware unique key HUK, and decrypt the hash value of the encrypted user account ID based on the hardware unique key HUK to obtain the hash value of the user account ID. The HUKS TA module decrypts the second encryption CE key based on the hash value of the user account ID to obtain the CE key.
S1309 the HUKS TA module sends the CE key to the HUKS CA module.
S1310, the HUKS CA module sends the CE key to the vold module.
S1311, the vold module decrypts the encrypted DEK key based on the CE key to obtain the DEK key, and decrypts the first encrypted data based on the DEK key to obtain the first data.
Specifically, the vold module obtains the CE key. The vold module may send the CE key to the key module, and the file system may obtain the CE key from the key module. The file system then obtains the encrypted DEK key from the metadata of the first encrypted data. The file system then decrypts the encrypted DEK key based on the CE key to obtain the DEK key. And finally, the file system decrypts the first encrypted data based on the DEK key to obtain the first data. In this way, the user can view and use the first data.
Fig. 14 shows a flowchart of a method for the electronic device 100 to store a CE key and a first encrypted CE key.
As shown in fig. 14, the electronic device 100 includes a vold module, a key ring module, a key later CA module, a key later TA module, and an erasable partition.
S1401, the vold module sends the CE key to the key module.
S1402, the key module stores the CE key.
In this way, after the user remotely deletes the CE key stored in the key module on the electronic device 100, after the user retrieves the mobile phone, after verifying that the user account and the screen locking password pass, the CE key can be obtained from the security chip based on the second encrypted CE key, and then the CE key is stored in the key module, so as to recover the CE key stored in the key module.
S1403, the vold module sends the CE key to the keymaster CA module.
S1404, the key CA module sends the CE key to the key TA module.
After the vold module obtains the CE key, the CE key vold module may send the CE key to the keymaster CA module to encrypt the CE key and store it in the erasable partition. The keymaster CA module may invoke the keymaster TA module to encrypt the CE key and store it in the erasable partition. And the key CA module sends the CE key to the key TA module after receiving the CE key sent by the vold module.
S1405, the keymaster TA module encrypts the CE key by using the hash value of the screen locking password to obtain a first encrypted CE key.
The hash value of the screen locking password can be obtained from the erasable partition by a keymaster TA module. Specifically, the keymaster TA module obtains a hash value of the encrypted lock screen password from the erasable partition. And the keymaster TA module acquires the hardware unique key HUK, and decrypts the hash value of the encrypted screen locking password based on the hardware unique key HUK to obtain the hash value of the screen locking password.
After the keymaster TA module obtains the hash value of the screen-locking password, the keymaster TA module may encrypt the CE key based on the hash value of the screen-locking password to obtain a first encrypted CE key.
S1406, the keymaster TA module sends the first encrypted CE key to the erasable partition.
S1407, the erasable partition stores the first encryption CE key.
Thus, after the keymaster TA module obtains the first encrypted CE key, the keymaster TA module may send the first encrypted CE key to the erasable partition and store it in the erasable partition. In this way, after the electronic device 100 is turned off and restarted, the CE key stored in the kernel module may be emptied, and the electronic device 100 may recover to obtain the CE key in the kernel module based on the first encrypted CE key stored in the erasable partition.
Fig. 15 is a flow chart of a method for protecting data provided in the present application.
S1501, the electronic device acquires the first data and the first data key, and encrypts the first data based on the first data key to obtain first encrypted data.
The electronic device may be the electronic device 100.
S1502, the electronic device acquires the CE key from the first storage area and encrypts the first data key based on the CE key to obtain a first encrypted data key.
The first storage area may be a keying module.
S1503, the electronic device stores the first encrypted data and the first encrypted data key.
Alternatively, the electronic device may store the first encrypted data key in metadata of the first encrypted data.
The electronic equipment comprises a first storage area and a second storage area, wherein a CE secret key is stored in the first storage area, a first encryption CE secret key is stored in the second storage area, the first encryption CE secret key is obtained based on a hash value of a first screen locking password of the electronic equipment and the CE secret key, the CE secret key is used for encrypting a data secret key of data, and the first encryption CE secret key is used for recovering in the second storage area to obtain the CE secret key after the electronic equipment is restarted.
The second storage area may be an erasable partition.
S1504, the electronic equipment receives a first message sent by the server, wherein the first message is sent to the electronic equipment by the server after the electronic equipment is in a lost state.
In response to the first message, the electronic device deletes the CE key stored in the first storage area and the first encrypted CE key stored in the second storage area S1505.
Here, the first message may be a CE key deletion request transmitted from the server 300 to the electronic device 100.
After the electronic device is lost, the user may remotely delete the CE key stored in the first storage area on the lost electronic device and the first encrypted CE key stored in the second storage area on the lost electronic device.
In one possible implementation summary, a user may log in to a lookup device application on another electronic device (e.g., electronic device 200) a first user account logged on a lost electronic device, remotely controlling the lost electronic device to delete a CE key stored in a first storage area and a first encrypted CE key stored in a second storage area.
In other possible implementations, the user may also log in to the website a first user account logged on the lost electronic device, and remotely control the lost electronic device to delete the CE key stored in the first storage area and the first encrypted CE key stored in the second storage area.
The electronic device receives the first message sent by the server, which may be a user account number that the user logs in to the lost electronic device in a device searching application on other electronic devices, and controls the server to send the message to the lost electronic device. Or the user can log in the lost electronic equipment on the website and log in the user account number, and the control server sends a message to the lost electronic equipment. So that the lost electronic device can automatically delete the CE key stored in the first storage area and the first encrypted CE key in the second storage area after receiving the first message. Thus, after the electronic device is lost, the electronic device cannot acquire the CE key, and therefore cannot decrypt the first encrypted data key, and cannot acquire the first data key, so that the first encrypted data cannot be decrypted, and an attacker cannot acquire the first data. The occurrence of the condition that the first data stored in the electronic equipment is leaked after the electronic equipment is lost is avoided, and the safety of the data stored in the electronic equipment is protected.
In particular, reference may be made to the descriptions in the embodiments of FIGS. 8A-8F and 8G.
In one possible implementation, the second storage area further stores a hash value for encrypting the first screen locking password, where the hash value for encrypting the first screen locking password is obtained based on the hash value of the first screen locking password and the hardware unique key.
The hash value stored in the second storage area for encrypting the first screen locking password is used for recovering and obtaining the CE secret key in the first storage area after the electronic equipment is shut down and restarted.
The first screen locking password may be a screen locking password set by the user as shown in fig. 2D-2G.
In one possible implementation, an electronic device includes a security chip; before the electronic device receives the first message sent by the server, the method comprises the following steps: the electronic equipment acquires an account ID of a first user account logged in on the electronic equipment; the electronic equipment encrypts the CE secret key based on the hash value of the account ID of the first user account to obtain a second encrypted CE secret key; the electronic equipment encrypts the hash value of the account ID of the first user account based on the hardware unique key to obtain the hash value of the account ID of the encrypted first user account; the electronic device stores the second encryption CE key and the hash value of the account ID of the encrypted first user account in the security chip; after the electronic device receives the first message sent by the server, the method comprises the following steps: the electronic device continues to store the second encrypted CE key and the hash value of the account ID that encrypted the first user account within the secure chip.
The safety coefficient of the safety chip is higher than that of the second storage area and the first storage area, and data stored in the safety chip are difficult to acquire by an attacker. The secure chip additionally stores therein a second encrypted CE key and a hash value of the account ID of the encrypted first user account. The second encryption CE secret key stored in the security chip and the hash value of the account ID of the encrypted first user account are used for recovering the CE secret key and the first encryption CE secret key in the first storage area and the second storage after the electronic equipment is lost and recovered, so that the encryption data on the electronic equipment is decrypted based on the CE secret key. So that the user can continue to use the user data stored on the electronic device normally.
The first user account may be a user account shown in fig. 6E where the user logs in on the electronic device 100.
In one possible implementation manner, before the electronic device obtains the account ID of the first user account logged in on the electronic device, the method further includes: and under the condition that the electronic equipment does not log in the first user account, the electronic equipment displays first prompt information, wherein the first prompt information is used for prompting a user to log in the first user account on the electronic equipment.
Because the electronic device needs to encrypt the CE key based on the hash value of the account ID of the user account, a second encrypted CE key is obtained. Therefore, under the condition that the electronic device does not log in the first user account, the electronic device can prompt a user to log in the first user account on the electronic device. So that the electronic device can obtain the second encryption CE key.
For example, the first hint information may be hint information 6202 shown in FIG. 6E.
In one possible implementation, after the electronic device deletes the CE key stored in the first storage area and removes the first encrypted CE key stored in the second storage area, the method includes: the electronic equipment prompts a user to input a first user account number and a first screen locking password; under the condition that a second user account input by a user and a second screen locking password input by the user pass verification, the electronic equipment acquires a second encryption CE secret key and a hash value of an account ID of the encrypted first user account from the security chip; the electronic equipment decrypts the hash value of the account ID of the encrypted user account based on the hardware unique key to obtain the hash value of the account ID of the first user account; the electronic equipment decrypts the second encryption CE secret key based on the hash value of the account ID of the first user account to obtain a CE secret key; the electronic device stores the CE key in the first storage area.
For example, the electronic device 100 may prompt the user to input the second user account through the prompt information shown in fig. 11A.
For example, the electronic device 100 may prompt the user to input the second lock screen password through the prompt information shown in fig. 11B.
Thus, after the user retrieves the device, the electronic device can prompt the user to input the user account number and the screen locking password. After the double authentication is passed, the electronic device can obtain the hash value of the second encryption CE key and the account ID for encrypting the first user account from the security chip. Decrypting the second encryption CE key based on the hash value of the account ID of the first user account to obtain the CE key, thereby recovering the CE key in the first storage area again. The electronic device decrypts the first encrypted data based on the CE key stored in the first storage area to obtain the first data. After the equipment is lost, the electronic equipment can recover the CE secret key, so that the user can use the user data normally again.
Specifically, reference may be made to the descriptions in the embodiments of fig. 12 and 13, and the description is omitted herein.
In one possible implementation manner, after the second user account and the second lock screen password pass verification, the method further includes: the electronic equipment acquires a hash value for encrypting the first screen locking password from the second storage; the electronic equipment decrypts the hash value of the encrypted first screen locking password based on the hardware unique key to obtain the hash value of the first screen locking password; the electronic equipment encrypts the CE secret key based on the hash value of the first screen locking password to obtain a first encrypted CE secret key; the electronic device stores the first encrypted CE key in the second storage area.
Thus, after the electronic device is lost and retrieved, the electronic device may restore the CE key in the first storage area, and then restore the first encrypted CE key in the second storage area. After the electronic device is powered off and restarted, the electronic device can recover the CE key stored in the first storage area based on the first encryption CE key stored in the second storage area.
In particular, reference may be made to the description in the embodiment of fig. 14.
In one possible implementation, after the electronic device stores the first encryption CE key in the second storage area, the method further includes: when the electronic equipment is in a shutdown state, deleting the CE secret key in the first storage area by the electronic equipment; when the electronic equipment is in a shutdown state and a restarting state, the electronic equipment prompts a user to input a screen locking password; under the condition that the third screen locking password input by the user passes verification, the electronic equipment acquires a hash value of the encrypted first screen locking password from the second storage; the electronic device obtains a first encryption CE key from the second storage area; the electronic equipment decrypts the hash value of the encrypted first screen locking password based on the hardware unique key to obtain the hash value of the first screen locking password; the electronic equipment decrypts the first encryption CE key based on the hash value of the first screen locking password to obtain a CE key; the electronic device again stores the CE key in the first storage area.
Thus, after the electronic device is lost and retrieved, the electronic device may restore the CE key in the first storage area, and then restore the first encrypted CE key in the second storage area. After the electronic device is powered off and restarted, the electronic device can recover the CE key stored in the first storage area based on the first encryption CE key stored in the second storage area.
In a possible implementation manner, the electronic device determines that the second user account and the second lock screen password pass verification, and specifically includes: the electronic equipment acquires a hash value for encrypting the first screen locking password from the second storage area; the electronic equipment acquires a hash value of an account ID of the encrypted first user account from the security chip; the electronic equipment acquires a hardware unique key; the electronic equipment decrypts the hash value of the encrypted first screen locking password based on the hardware unique key to obtain the hash value of the first screen locking password; the electronic equipment decrypts the hash value of the account ID of the encrypted first user account based on the hardware unique key to obtain the hash value of the account ID of the first user account; the electronic equipment receives a second user account number input by a user and a second screen locking password input by the user; and under the condition that the hash value of the account ID of the second user account is the same as that of the first user account and the hash value of the second screen locking password is the same as that of the first screen locking password, the electronic equipment determines that the second user account and the second screen locking password pass verification.
In one possible implementation manner, after the second user account and the second lock screen password pass verification, the method further includes: the electronic device receives a first operation; in response to the first operation, the electronic device obtains first encrypted data and a first encrypted data key; the electronic equipment acquires the CE secret key from the first storage area; the electronic equipment decrypts the first encrypted data key based on the CE key to obtain a first data key; the electronic equipment decrypts the first encrypted data based on the first data secret key to obtain first data; the electronic device displays the first data.
An electronic device includes one or more processors, one or more memories, and a security chip; wherein the security chip, the one or more memories are coupled to the one or more processors, the one or more memories being for storing computer program code comprising computer instructions that, when executed by the one or more processors, cause the electronic device to perform a data protection method as shown in the embodiment of fig. 15.
The application provides a chip system, which is applied to electronic equipment, and comprises one or more processors, wherein the processors are used for calling computer instructions to enable the electronic equipment to execute a data protection method shown in the embodiment of fig. 15.
The present application provides a computer readable storage medium comprising instructions that, when executed on an electronic device, cause the electronic device to perform a data protection method as shown in the embodiment of fig. 15.
Referring to fig. 16, fig. 16 shows a schematic structural diagram of the electronic device 100.
The electronic device 100 may be a cell phone, tablet, desktop, laptop, handheld, notebook, ultra-mobile personal computer (ultra-mobile personal computer, UMPC), netbook, as well as a cellular telephone, personal digital assistant (personal digital assistant, PDA), augmented reality (augmented reality, AR) device, virtual Reality (VR) device, artificial intelligence (artificial intelligence, AI) device, wearable device, vehicle-mounted device, smart home device, and/or smart city device, with the specific types of such electronic devices not being particularly limited in the embodiments of the present application.
The electronic device 100 may include a processor 110, an external memory interface 120, an internal memory 121, a universal serial bus (universal serial bus, USB) interface 130, a charge management module 140, a power management module 141, a battery 142, an antenna 1, an antenna 2, a mobile communication module 150, a wireless communication module 160, an audio module 170, a speaker 170A, a receiver 170B, a microphone 170C, an earphone interface 170D, a sensor module 180, keys 190, a motor 191, an indicator 192, a camera 193, a display 194, and a subscriber identity module (subscriber identification module, SIM) card interface 195, etc. The sensor module 180 may include a pressure sensor 180A, a gyro sensor 180B, an air pressure sensor 180C, a magnetic sensor 180D, an acceleration sensor 180E, a distance sensor 180F, a proximity sensor 180G, a fingerprint sensor 180H, a temperature sensor 180J, a touch sensor 180K, an ambient light sensor 180L, a bone conduction sensor 180M, and the like.
It should be understood that the illustrated structure of the embodiment of the present invention does not constitute a specific limitation on the electronic device 100. In other embodiments of the present application, electronic device 100 may include more or fewer components than shown, or certain components may be combined, or certain components may be split, or different arrangements of components. The illustrated components may be implemented in hardware, software, or a combination of software and hardware.
The processor 110 may include one or more processing units, such as: the processor 110 may include an application processor (application processor, AP), a modem processor, a graphics processor (graphics processing unit, GPU), an image signal processor (image signal processor, ISP), a controller, a video codec, a digital signal processor (digital signal processor, DSP), a baseband processor, and/or a neural network processor (neural-network processing unit, NPU), etc. Wherein the different processing units may be separate devices or may be integrated in one or more processors.
The controller can generate operation control signals according to the instruction operation codes and the time sequence signals to finish the control of instruction fetching and instruction execution.
A memory may also be provided in the processor 110 for storing instructions and data. In some embodiments, the memory in the processor 110 is a cache memory. The memory may hold instructions or data that the processor 110 has just used or recycled. If the processor 110 needs to reuse the instruction or data, it can be called directly from the memory. Repeated accesses are avoided and the latency of the processor 110 is reduced, thereby improving the efficiency of the system.
In some embodiments, the processor 110 may include one or more interfaces. The interfaces may include an integrated circuit (inter-integrated circuit, I2C) interface, an integrated circuit built-in audio (inter-integrated circuit sound, I2S) interface, a pulse code modulation (pulse code modulation, PCM) interface, a universal asynchronous receiver transmitter (universal asynchronous receiver/transmitter, UART) interface, a mobile industry processor interface (mobile industry processor interface, MIPI), a general-purpose input/output (GPIO) interface, a subscriber identity module (subscriber identity module, SIM) interface, and/or a universal serial bus (universal serial bus, USB) interface, among others.
The I2C interface is a bi-directional synchronous serial bus comprising a serial data line (SDA) and a serial clock line (derail clock line, SCL). In some embodiments, the processor 110 may contain multiple sets of I2C buses. The processor 110 may be coupled to the touch sensor 180K, charger, flash, camera 193, etc., respectively, through different I2C bus interfaces. For example: the processor 110 may be coupled to the touch sensor 180K through an I2C interface, such that the processor 110 communicates with the touch sensor 180K through an I2C bus interface to implement a touch function of the electronic device 100.
The I2S interface may be used for audio communication. In some embodiments, the processor 110 may contain multiple sets of I2S buses. The processor 110 may be coupled to the audio module 170 via an I2S bus to enable communication between the processor 110 and the audio module 170. In some embodiments, the audio module 170 may transmit an audio signal to the wireless communication module 160 through the I2S interface, to implement a function of answering a call through the bluetooth headset.
PCM interfaces may also be used for audio communication to sample, quantize and encode analog signals. In some embodiments, the audio module 170 and the wireless communication module 160 may be coupled through a PCM bus interface. In some embodiments, the audio module 170 may also transmit audio signals to the wireless communication module 160 through the PCM interface to implement a function of answering a call through the bluetooth headset. Both the I2S interface and the PCM interface may be used for audio communication.
The UART interface is a universal serial data bus for asynchronous communications. The bus may be a bi-directional communication bus. It converts the data to be transmitted between serial communication and parallel communication. In some embodiments, a UART interface is typically used to connect the processor 110 with the wireless communication module 160. For example: the processor 110 communicates with a bluetooth module in the wireless communication module 160 through a UART interface to implement a bluetooth function. In some embodiments, the audio module 170 may transmit an audio signal to the wireless communication module 160 through a UART interface, to implement a function of playing music through a bluetooth headset.
The MIPI interface may be used to connect the processor 110 to peripheral devices such as a display 194, a camera 193, and the like. The MIPI interfaces include camera serial interfaces (camera serial interface, CSI), display serial interfaces (display serial interface, DSI), and the like. In some embodiments, processor 110 and camera 193 communicate through a CSI interface to implement the photographing functions of electronic device 100. The processor 110 and the display 194 communicate via a DSI interface to implement the display functionality of the electronic device 100.
The GPIO interface may be configured by software. The GPIO interface may be configured as a control signal or as a data signal. In some embodiments, a GPIO interface may be used to connect the processor 110 with the camera 193, the display 194, the wireless communication module 160, the audio module 170, the sensor module 180, and the like. The GPIO interface may also be configured as an I2C interface, an I2S interface, a UART interface, an MIPI interface, etc.
The USB interface 130 is an interface conforming to the USB standard specification, and may specifically be a Mini USB interface, a Micro USB interface, a USB Type C interface, or the like. The USB interface 130 may be used to connect a charger to charge the electronic device 100, and may also be used to transfer data between the electronic device 100 and a peripheral device. And can also be used for connecting with a headset, and playing audio through the headset. The interface may also be used to connect other electronic devices, such as AR devices, etc.
It should be understood that the interfacing relationship between the modules illustrated in the embodiments of the present invention is only illustrative, and is not meant to limit the structure of the electronic device 100. In other embodiments of the present application, the electronic device 100 may also use different interfacing manners, or a combination of multiple interfacing manners in the foregoing embodiments.
The charge management module 140 is configured to receive a charge input from a charger. The charger can be a wireless charger or a wired charger. In some wired charging embodiments, the charge management module 140 may receive a charging input of a wired charger through the USB interface 130. In some wireless charging embodiments, the charge management module 140 may receive wireless charging input through a wireless charging coil of the electronic device 100. The charging management module 140 may also supply power to the electronic device through the power management module 141 while charging the battery 142.
The power management module 141 is used for connecting the battery 142, and the charge management module 140 and the processor 110. The power management module 141 receives input from the battery 142 and/or the charge management module 140 to power the processor 110, the internal memory 121, the display 194, the camera 193, the wireless communication module 160, and the like. The power management module 141 may also be configured to monitor battery capacity, battery cycle number, battery health (leakage, impedance) and other parameters. In other embodiments, the power management module 141 may also be provided in the processor 110. In other embodiments, the power management module 141 and the charge management module 140 may be disposed in the same device.
The wireless communication function of the electronic device 100 may be implemented by the antenna 1, the antenna 2, the mobile communication module 150, the wireless communication module 160, a modem processor, a baseband processor, and the like.
The antennas 1 and 2 are used for transmitting and receiving electromagnetic wave signals. Each antenna in the electronic device 100 may be used to cover a single or multiple communication bands. Different antennas may also be multiplexed to improve the utilization of the antennas. For example: the antenna 1 may be multiplexed into a diversity antenna of a wireless local area network. In other embodiments, the antenna may be used in conjunction with a tuning switch.
The mobile communication module 150 may provide a solution for wireless communication including 2G/3G/4G/5G, etc., applied to the electronic device 100. The mobile communication module 150 may include at least one filter, switch, power amplifier, low noise amplifier (low noise amplifier, LNA), etc. The mobile communication module 150 may receive electromagnetic waves from the antenna 1, perform processes such as filtering, amplifying, and the like on the received electromagnetic waves, and transmit the processed electromagnetic waves to the modem processor for demodulation. The mobile communication module 150 can amplify the signal modulated by the modem processor, and convert the signal into electromagnetic waves through the antenna 1 to radiate. In some embodiments, at least some of the functional modules of the mobile communication module 150 may be disposed in the processor 110. In some embodiments, at least some of the functional modules of the mobile communication module 150 may be provided in the same device as at least some of the modules of the processor 110.
The modem processor may include a modulator and a demodulator. The modulator is used for modulating the low-frequency baseband signal to be transmitted into a medium-high frequency signal. The demodulator is used for demodulating the received electromagnetic wave signal into a low-frequency baseband signal. The demodulator then transmits the demodulated low frequency baseband signal to the baseband processor for processing. The low frequency baseband signal is processed by the baseband processor and then transferred to the application processor. The application processor outputs sound signals through an audio device (not limited to the speaker 170A, the receiver 170B, etc.), or displays images or video through the display screen 194. In some embodiments, the modem processor may be a stand-alone device. In other embodiments, the modem processor may be provided in the same device as the mobile communication module 150 or other functional module, independent of the processor 110.
The wireless communication module 160 may provide solutions for wireless communication including wireless local area network (wireless local area networks, WLAN) (e.g., wireless fidelity (wireless fidelity, wi-Fi) network), bluetooth (BT), global navigation satellite system (global navigation satellite system, GNSS), frequency modulation (frequency modulation, FM), near field wireless communication technology (near field communication, NFC), infrared technology (IR), etc., as applied to the electronic device 100. The wireless communication module 160 may be one or more devices that integrate at least one communication processing module. The wireless communication module 160 receives electromagnetic waves via the antenna 2, modulates the electromagnetic wave signals, filters the electromagnetic wave signals, and transmits the processed signals to the processor 110. The wireless communication module 160 may also receive a signal to be transmitted from the processor 110, frequency modulate it, amplify it, and convert it to electromagnetic waves for radiation via the antenna 2.
In some embodiments, antenna 1 and mobile communication module 150 of electronic device 100 are coupled, and antenna 2 and wireless communication module 160 are coupled, such that electronic device 100 may communicate with a network and other devices through wireless communication techniques. The wireless communication techniques may include the Global System for Mobile communications (global system for mobile communications, GSM), general packet radio service (general packet radio service, GPRS), code division multiple access (code division multiple access, CDMA), wideband code division multiple access (wideband code division multiple access, WCDMA), time division code division multiple access (time-division code division multiple access, TD-SCDMA), long term evolution (long term evolution, LTE), BT, GNSS, WLAN, NFC, FM, and/or IR techniques, among others. The GNSS may include a global satellite positioning system (global positioning system, GPS), a global navigation satellite system (global navigation satellite system, GLONASS), a beidou satellite navigation system (beidou navigation satellite system, BDS), a quasi zenith satellite system (quasi-zenith satellite system, QZSS) and/or a satellite based augmentation system (satellite based augmentation systems, SBAS).
The electronic device 100 implements display functions through a GPU, a display screen 194, an application processor, and the like. The GPU is a microprocessor for image processing, and is connected to the display 194 and the application processor. The GPU is used to perform mathematical and geometric calculations for graphics rendering. Processor 110 may include one or more GPUs that execute program instructions to generate or change display information.
The display screen 194 is used to display images, videos, and the like. The display 194 includes a display panel. The display panel may employ a liquid crystal display (liquid crystal display, LCD), an organic light-emitting diode (OLED), an active-matrix organic light-emitting diode (AMOLED) or an active-matrix organic light-emitting diode (matrix organic light emitting diode), a flexible light-emitting diode (flex), a mini, a Micro led, a Micro-OLED, a quantum dot light-emitting diode (quantum dot light emitting diodes, QLED), or the like. In some embodiments, the electronic device 100 may include 1 or N display screens 194, N being a positive integer greater than 1.
The electronic device 100 may implement photographing functions through an ISP, a camera 193, a video codec, a GPU, a display screen 194, an application processor, and the like.
The ISP is used to process data fed back by the camera 193. For example, when photographing, the shutter is opened, light is transmitted to the camera photosensitive element through the lens, the optical signal is converted into an electric signal, and the camera photosensitive element transmits the electric signal to the ISP for processing and is converted into an image visible to naked eyes. ISP can also perform algorithm optimization on noise and brightness of the image. The ISP can also optimize parameters such as exposure, color temperature and the like of a shooting scene. In some embodiments, the ISP may be provided in the camera 193.
The camera 193 is used to capture still images or video. The object generates an optical image through the lens and projects the optical image onto the photosensitive element. The photosensitive element may be a charge coupled device (charge coupled device, CCD) or a Complementary Metal Oxide Semiconductor (CMOS) phototransistor. The photosensitive element converts the optical signal into an electrical signal, which is then transferred to the ISP to be converted into a digital image signal. The ISP outputs the digital image signal to the DSP for processing. The DSP converts the digital image signal into an image signal in a standard RGB, YUV, or the like format. In some embodiments, electronic device 100 may include 1 or N cameras 193, N being a positive integer greater than 1.
The digital signal processor is used for processing digital signals, and can process other digital signals besides digital image signals. For example, when the electronic device 100 selects a frequency bin, the digital signal processor is used to fourier transform the frequency bin energy, or the like.
Video codecs are used to compress or decompress digital video. The electronic device 100 may support one or more video codecs. In this way, the electronic device 100 may play or record video in a variety of encoding formats, such as: dynamic picture experts group (moving picture experts group, MPEG) 1, MPEG2, MPEG3, MPEG4, etc.
The NPU is a neural-network (NN) computing processor, and can rapidly process input information by referencing a biological neural network structure, for example, referencing a transmission mode between human brain neurons, and can also continuously perform self-learning. Applications such as intelligent awareness of the electronic device 100 may be implemented through the NPU, for example: image recognition, face recognition, speech recognition, text understanding, etc.
The internal memory 121 may include one or more random access memories (random access memory, RAM) and one or more non-volatile memories (NVM).
The random access memory may include a static random-access memory (SRAM), a dynamic random-access memory (dynamic random access memory, DRAM), a synchronous dynamic random-access memory (synchronous dynamic random access memory, SDRAM), a double data rate synchronous dynamic random-access memory (double data rate synchronous dynamic random access memory, DDR SDRAM, such as fifth generation DDR SDRAM is commonly referred to as DDR5 SDRAM), etc.; the nonvolatile memory may include a disk storage device, a flash memory (flash memory).
The FLASH memory may include NOR FLASH, NAND FLASH, 3D NAND FLASH, etc. divided according to an operation principle, may include single-level memory cells (SLC), multi-level memory cells (MLC), triple-level memory cells (TLC), quad-level memory cells (QLC), etc. divided according to a storage specification, may include universal FLASH memory (english: universal FLASH storage, UFS), embedded multimedia card (eMMC), etc. divided according to a storage specification.
The random access memory may be read directly from and written to by the processor 110, may be used to store executable programs (e.g., machine instructions) for an operating system or other on-the-fly programs, may also be used to store data for users and applications, and the like.
The nonvolatile memory may store executable programs, store data of users and applications, and the like, and may be loaded into the random access memory in advance for the processor 110 to directly read and write.
The external memory interface 120 may be used to connect external non-volatile memory to enable expansion of the memory capabilities of the electronic device 100. The external nonvolatile memory communicates with the processor 110 through the external memory interface 120 to implement a data storage function. For example, files such as music and video are stored in an external nonvolatile memory.
The electronic device 100 may implement audio functions through an audio module 170, a speaker 170A, a receiver 170B, a microphone 170C, an earphone interface 170D, an application processor, and the like. Such as music playing, recording, etc.
The audio module 170 is used to convert digital audio information into an analog audio signal output and also to convert an analog audio input into a digital audio signal. The audio module 170 may also be used to encode and decode audio signals. In some embodiments, the audio module 170 may be disposed in the processor 110, or a portion of the functional modules of the audio module 170 may be disposed in the processor 110.
The speaker 170A, also referred to as a "horn," is used to convert audio electrical signals into sound signals. The electronic device 100 may listen to music, or to hands-free conversations, through the speaker 170A.
A receiver 170B, also referred to as a "earpiece", is used to convert the audio electrical signal into a sound signal. When electronic device 100 is answering a telephone call or voice message, voice may be received by placing receiver 170B in close proximity to the human ear.
Microphone 170C, also referred to as a "microphone" or "microphone", is used to convert sound signals into electrical signals. When making a call or transmitting voice information, the user can sound near the microphone 170C through the mouth, inputting a sound signal to the microphone 170C. The electronic device 100 may be provided with at least one microphone 170C. In other embodiments, the electronic device 100 may be provided with two microphones 170C, and may implement a noise reduction function in addition to collecting sound signals. In other embodiments, the electronic device 100 may also be provided with three, four, or more microphones 170C to enable collection of sound signals, noise reduction, identification of sound sources, directional recording functions, etc.
The earphone interface 170D is used to connect a wired earphone. The headset interface 170D may be a USB interface 130 or a 3.5mm open mobile electronic device platform (open mobile terminal platform, OMTP) standard interface, a american cellular telecommunications industry association (cellular telecommunications industry association of the USA, CTIA) standard interface.
The pressure sensor 180A is used to sense a pressure signal, and may convert the pressure signal into an electrical signal. In some embodiments, the pressure sensor 180A may be disposed on the display screen 194. The pressure sensor 180A is of various types, such as a resistive pressure sensor, an inductive pressure sensor, a capacitive pressure sensor, and the like. The capacitive pressure sensor may be a capacitive pressure sensor comprising at least two parallel plates with conductive material. The capacitance between the electrodes changes when a force is applied to the pressure sensor 180A. The electronic device 100 determines the strength of the pressure from the change in capacitance. When a touch operation is applied to the display screen 194, the electronic apparatus 100 detects the touch operation intensity according to the pressure sensor 180A. The electronic device 100 may also calculate the location of the touch based on the detection signal of the pressure sensor 180A. In some embodiments, touch operations that act on the same touch location, but at different touch operation strengths, may correspond to different operation instructions. For example: and executing an instruction for checking the short message when the touch operation with the touch operation intensity smaller than the first pressure threshold acts on the short message application icon. And executing an instruction for newly creating the short message when the touch operation with the touch operation intensity being greater than or equal to the first pressure threshold acts on the short message application icon.
The gyro sensor 180B may be used to determine a motion gesture of the electronic device 100. In some embodiments, the angular velocity of electronic device 100 about three axes (i.e., x, y, and z axes) may be determined by gyro sensor 180B. The gyro sensor 180B may be used for photographing anti-shake. For example, when the shutter is pressed, the gyro sensor 180B detects the shake angle of the electronic device 100, calculates the distance to be compensated by the lens module according to the angle, and makes the lens counteract the shake of the electronic device 100 through the reverse motion, so as to realize anti-shake. The gyro sensor 180B may also be used for navigating, somatosensory game scenes.
The air pressure sensor 180C is used to measure air pressure. In some embodiments, electronic device 100 calculates altitude from barometric pressure values measured by barometric pressure sensor 180C, aiding in positioning and navigation.
The magnetic sensor 180D includes a hall sensor. The electronic device 100 may detect the opening and closing of the flip cover using the magnetic sensor 180D. In some embodiments, when the electronic device 100 is a flip machine, the electronic device 100 may detect the opening and closing of the flip according to the magnetic sensor 180D. And then according to the detected opening and closing state of the leather sheath or the opening and closing state of the flip, the characteristics of automatic unlocking of the flip and the like are set.
The acceleration sensor 180E may detect the magnitude of acceleration of the electronic device 100 in various directions (typically three axes). The magnitude and direction of gravity may be detected when the electronic device 100 is stationary. The electronic equipment gesture recognition method can also be used for recognizing the gesture of the electronic equipment, and is applied to horizontal and vertical screen switching, pedometers and other applications.
A distance sensor 180F for measuring a distance. The electronic device 100 may measure the distance by infrared or laser. In some embodiments, the electronic device 100 may range using the distance sensor 180F to achieve quick focus.
The proximity light sensor 180G may include, for example, a Light Emitting Diode (LED) and a light detector, such as a photodiode. The light emitting diode may be an infrared light emitting diode. The electronic device 100 emits infrared light outward through the light emitting diode. The electronic device 100 detects infrared reflected light from nearby objects using a photodiode. When sufficient reflected light is detected, it may be determined that there is an object in the vicinity of the electronic device 100. When insufficient reflected light is detected, the electronic device 100 may determine that there is no object in the vicinity of the electronic device 100. The electronic device 100 can detect that the user holds the electronic device 100 close to the ear by using the proximity light sensor 180G, so as to automatically extinguish the screen for the purpose of saving power. The proximity light sensor 180G may also be used in holster mode, pocket mode to automatically unlock and lock the screen.
The ambient light sensor 180L is used to sense ambient light level. The electronic device 100 may adaptively adjust the brightness of the display 194 based on the perceived ambient light level. The ambient light sensor 180L may also be used to automatically adjust white balance when taking a photograph. Ambient light sensor 180L may also cooperate with proximity light sensor 180G to detect whether electronic device 100 is in a pocket to prevent false touches.
The fingerprint sensor 180H is used to collect a fingerprint. The electronic device 100 may utilize the collected fingerprint feature to unlock the fingerprint, access the application lock, photograph the fingerprint, answer the incoming call, etc.
The temperature sensor 180J is for detecting temperature. In some embodiments, the electronic device 100 performs a temperature processing strategy using the temperature detected by the temperature sensor 180J. For example, when the temperature reported by temperature sensor 180J exceeds a threshold, electronic device 100 performs a reduction in the performance of a processor located in the vicinity of temperature sensor 180J in order to reduce power consumption to implement thermal protection. In other embodiments, when the temperature is below another threshold, the electronic device 100 heats the battery 142 to avoid the low temperature causing the electronic device 100 to be abnormally shut down. In other embodiments, when the temperature is below a further threshold, the electronic device 100 performs boosting of the output voltage of the battery 142 to avoid abnormal shutdown caused by low temperatures.
The touch sensor 180K, also referred to as a "touch device". The touch sensor 180K may be disposed on the display screen 194, and the touch sensor 180K and the display screen 194 form a touch screen, which is also called a "touch screen". The touch sensor 180K is for detecting a touch operation acting thereon or thereabout. The touch sensor may communicate the detected touch operation to the application processor to determine the touch event type. Visual output related to touch operations may be provided through the display 194. In other embodiments, the touch sensor 180K may also be disposed on the surface of the electronic device 100 at a different location than the display 194.
The bone conduction sensor 180M may acquire a vibration signal. In some embodiments, bone conduction sensor 180M may acquire a vibration signal of a human vocal tract vibrating bone pieces. The bone conduction sensor 180M may also contact the pulse of the human body to receive the blood pressure pulsation signal. In some embodiments, bone conduction sensor 180M may also be provided in a headset, in combination with an osteoinductive headset. The audio module 170 may analyze the voice signal based on the vibration signal of the sound portion vibration bone block obtained by the bone conduction sensor 180M, so as to implement a voice function. The application processor may analyze the heart rate information based on the blood pressure beat signal acquired by the bone conduction sensor 180M, so as to implement a heart rate detection function.
The keys 190 include a power-on key, a volume key, etc. The keys 190 may be mechanical keys. Or may be a touch key. The electronic device 100 may receive key inputs, generating key signal inputs related to user settings and function controls of the electronic device 100.
The motor 191 may generate a vibration cue. The motor 191 may be used for incoming call vibration alerting as well as for touch vibration feedback. For example, touch operations acting on different applications (e.g., photographing, audio playing, etc.) may correspond to different vibration feedback effects. The motor 191 may also correspond to different vibration feedback effects by touching different areas of the display screen 194. Different application scenarios (such as time reminding, receiving information, alarm clock, game, etc.) can also correspond to different vibration feedback effects. The touch vibration feedback effect may also support customization.
The indicator 192 may be an indicator light, may be used to indicate a state of charge, a change in charge, a message indicating a missed call, a notification, etc.
The SIM card interface 195 is used to connect a SIM card. The SIM card may be inserted into the SIM card interface 195, or removed from the SIM card interface 195 to enable contact and separation with the electronic device 100. The electronic device 100 may support 1 or N SIM card interfaces, N being a positive integer greater than 1. The SIM card interface 195 may support Nano SIM cards, micro SIM cards, and the like. The same SIM card interface 195 may be used to insert multiple cards simultaneously. The types of the plurality of cards may be the same or different. The SIM card interface 195 may also be compatible with different types of SIM cards. The SIM card interface 195 may also be compatible with external memory cards. The electronic device 100 interacts with the network through the SIM card to realize functions such as communication and data communication. In some embodiments, the electronic device 100 employs esims, i.e.: an embedded SIM card. The eSIM card can be embedded in the electronic device 100 and cannot be separated from the electronic device 100.
The software system of the electronic device 100 may employ a layered architecture, an event driven architecture, a microkernel architecture, a microservice architecture, or a cloud architecture. In the embodiment of the invention, taking an Android system with a layered architecture as an example, a software structure of the electronic device 100 is illustrated.
Fig. 17 is a software configuration block diagram of the electronic device 100 according to the embodiment of the present invention.
The layered architecture divides the software into several layers, each with distinct roles and branches. The layers communicate with each other through a software interface. In some embodiments, the Android system is divided into four layers, from top to bottom, an application layer, an application framework layer, an Zhuoyun row (Android run) and system libraries, and a kernel layer, respectively.
The application layer may include a series of application packages.
As shown in fig. 17, the application package may include applications for cameras, gallery, calendar, phone calls, maps, navigation, WLAN, bluetooth, music, video, short messages, etc.
The application framework layer provides an application programming interface (application programming interface, API) and programming framework for application programs of the application layer. The application framework layer includes a number of predefined functions.
As shown in fig. 17, the application framework layer may include a window manager, a content provider, a view system, a phone manager, a resource manager, a notification manager, and the like.
The window manager is used for managing window programs. The window manager can acquire the size of the display screen, judge whether a status bar exists, lock the screen, intercept the screen and the like.
The content provider is used to store and retrieve data and make such data accessible to applications. The data may include video, images, audio, calls made and received, browsing history and bookmarks, phonebooks, etc.
The view system includes visual controls, such as controls to display text, controls to display pictures, and the like. The view system may be used to build applications. The display interface may be composed of one or more views. For example, a display interface including a text message notification icon may include a view displaying text and a view displaying a picture.
The telephony manager is used to provide the communication functions of the electronic device 100. Such as the management of call status (including on, hung-up, etc.).
The resource manager provides various resources for the application program, such as localization strings, icons, pictures, layout files, video files, and the like.
The notification manager allows the application to display notification information in a status bar, can be used to communicate notification type messages, can automatically disappear after a short dwell, and does not require user interaction. Such as notification manager is used to inform that the download is complete, message alerts, etc. The notification manager may also be a notification in the form of a chart or scroll bar text that appears on the system top status bar, such as a notification of a background running application, or a notification that appears on the screen in the form of a dialog window. For example, a text message is prompted in a status bar, a prompt tone is emitted, the electronic device vibrates, and an indicator light blinks, etc.
Android run time includes a core library and virtual machines. Android run time is responsible for scheduling and management of the Android system.
The core library consists of two parts: one part is a function which needs to be called by java language, and the other part is a core library of android.
The application layer and the application framework layer run in a virtual machine. The virtual machine executes java files of the application program layer and the application program framework layer as binary files. The virtual machine is used for executing the functions of object life cycle management, stack management, thread management, security and exception management, garbage collection and the like.
The system library may include a plurality of functional modules. For example: surface manager (surface manager), media Libraries (Media Libraries), three-dimensional graphics processing Libraries (e.g., openGL ES), 2D graphics engines (e.g., SGL), etc.
The surface manager is used to manage the display subsystem and provides a fusion of 2D and 3D layers for multiple applications.
Media libraries support a variety of commonly used audio, video format playback and recording, still image files, and the like. The media library may support a variety of audio and video encoding formats, such as MPEG4, h.264, MP3, AAC, AMR, JPG, PNG, etc.
The three-dimensional graphic processing library is used for realizing three-dimensional graphic drawing, image rendering, synthesis, layer processing and the like.
The 2D graphics engine is a drawing engine for 2D drawing.
The kernel layer is a layer between hardware and software. The inner core layer at least comprises a display driver, a camera driver, an audio driver and a sensor driver.
The workflow of the electronic device 100 software and hardware is illustrated below in connection with capturing a photo scene.
When touch sensor 180K receives a touch operation, a corresponding hardware interrupt is issued to the kernel layer. The kernel layer processes the touch operation into the original input event (including information such as touch coordinates, time stamp of touch operation, etc.). The original input event is stored at the kernel layer. The application framework layer acquires an original input event from the kernel layer, and identifies a control corresponding to the input event. Taking the touch operation as a touch click operation, taking a control corresponding to the click operation as an example of a control of a camera application icon, the camera application calls an interface of an application framework layer, starts the camera application, further starts a camera driver by calling a kernel layer, and captures a still image or video by the camera 193.
The embodiments of the present application may be arbitrarily combined to achieve different technical effects.
In the above embodiments, it may be implemented in whole or in part by software, hardware, firmware, or any combination thereof. When implemented in software, may be implemented in whole or in part in the form of a computer program product. The computer program product includes one or more computer instructions. When the computer program instructions are loaded and executed on a computer, the processes or functions described in the present application are produced in whole or in part. The computer may be a general purpose computer, a special purpose computer, a computer network, or other programmable apparatus. The computer instructions may be stored in a computer-readable storage medium or transmitted from one computer-readable storage medium to another computer-readable storage medium, for example, the computer instructions may be transmitted from one website, computer, server, or data center to another website, computer, server, or data center by a wired (e.g., coaxial cable, fiber optic, digital subscriber line), or wireless (e.g., infrared, wireless, microwave, etc.). The computer readable storage medium may be any available medium that can be accessed by a computer or a data storage device such as a server, data center, etc. that contains an integration of one or more available media. The usable medium may be a magnetic medium (e.g., a floppy disk, a hard disk, a magnetic tape), an optical medium (e.g., a DVD), or a semiconductor medium (e.g., a Solid State Disk (SSD)), or the like.
Those of ordinary skill in the art will appreciate that implementing all or part of the above-described method embodiments may be accomplished by a computer program to instruct related hardware, the program may be stored in a computer readable storage medium, and the program may include the above-described method embodiments when executed. And the aforementioned storage medium includes: ROM or random access memory RAM, magnetic or optical disk, etc.
In summary, the foregoing description is only exemplary embodiments of the present invention and is not intended to limit the scope of the present invention. Any modification, equivalent replacement, improvement, etc. made according to the disclosure of the present invention should be included in the protection scope of the present invention.
Claims (12)
1. The data protection method is characterized by being applied to electronic equipment, wherein the electronic equipment comprises a first storage area and a second storage area, a CE secret key is stored in the first storage area, a first encryption CE secret key is stored in the second storage area, the first encryption CE secret key is obtained based on a hash value of a first screen locking password of the electronic equipment and the CE secret key, the CE secret key is used for encrypting a data secret key of data, and the first encryption CE secret key is used for recovering the CE secret key in the second storage area after the electronic equipment is restarted; the method comprises the following steps:
The electronic equipment acquires first data and a first data secret key, encrypts the first data based on the first data secret key, and obtains first encrypted data;
the electronic equipment acquires the CE secret key from the first storage area and encrypts the first data secret key based on the CE secret key to obtain a first encrypted data secret key;
the electronic device storing the first encrypted data and the first encrypted data key;
the electronic equipment receives a first message sent by a server, wherein the first message is sent to the electronic equipment by the server after the electronic equipment is in a lost state;
in response to the first message, the electronic device deletes the CE key stored in the first storage area and the first encrypted CE key stored in the second storage area.
2. The method of claim 1, wherein the second storage area further stores a hash value of the encrypted first screen locking password, the hash value of the encrypted first screen locking password being derived based on the hash value of the first screen locking password and a hardware unique key.
3. The method of claim 2, wherein the electronic device comprises a security chip; before the electronic device receives the first message sent by the server, the method comprises the following steps:
The electronic equipment acquires an account ID of a first user account logged in on the electronic equipment;
the electronic equipment encrypts the CE secret key based on the hash value of the account ID of the first user account to obtain a second encrypted CE secret key;
the electronic equipment encrypts the hash value of the account ID of the first user account based on the hardware unique key to obtain the hash value of the account ID of the encrypted first user account;
the electronic device stores the second encryption CE key and the hash value of the account ID of the encrypted first user account in the security chip;
after the electronic equipment receives the first message sent by the server, the method comprises the following steps:
the electronic device continues to store the second encrypted CE key and the hash value of the account ID of the encrypted first user account in the secure chip.
4. The method of claim 3, wherein before the electronic device obtains the account ID of the first user account logged on to the electronic device, the method further comprises:
and under the condition that the electronic equipment does not log in the first user account, the electronic equipment displays first prompt information, wherein the first prompt information is used for prompting a user to log in the first user account on the electronic equipment.
5. The method of claim 3 or 4, wherein after the electronic device removes the CE key erasure stored in the first storage area and the first encryption CE key stored in the second storage area, the method comprises:
the electronic equipment prompts a user to input the first user account number and the first screen locking password;
under the condition that a second user account input by a user and a second screen locking password input by the user pass verification, the electronic equipment acquires hash values of the second encryption CE secret key and the account ID of the encrypted first user account from the security chip;
the electronic equipment decrypts the hash value of the account ID of the encrypted first user account based on the hardware unique key to obtain the hash value of the account ID of the first user account;
the electronic equipment decrypts the second encryption CE secret key based on the hash value of the account ID of the first user account to obtain the CE secret key;
the electronic device stores the CE key in the first storage area.
6. The method of claim 5, wherein after the second user account and the second lock screen password verification pass, the method further comprises:
The electronic equipment acquires a hash value of the encrypted first screen locking password from the second storage;
the electronic equipment decrypts the hash value of the encrypted first screen locking password based on the hardware unique key to obtain the hash value of the first screen locking password;
the electronic equipment encrypts the CE secret key based on the hash value of the first screen locking password to obtain the first encrypted CE secret key;
the electronic device stores the first encryption CE key in the second storage area.
7. The method of claim 6, wherein after the electronic device stores the first encrypted CE key in the second storage area, the method further comprises:
when the electronic equipment is in a shutdown state, deleting the CE secret key in the first storage area by the electronic equipment;
when the electronic equipment is in a shutdown state, a restarting state and a starting state, the electronic equipment prompts a user to input a screen locking password;
under the condition that the third screen locking password input by a user passes verification, the electronic equipment acquires a hash value of the encrypted first screen locking password from the second storage area;
The electronic equipment acquires the first encryption CE key from the second storage area;
the electronic equipment decrypts the hash value of the encrypted first screen locking password based on the hardware unique key to obtain the hash value of the first screen locking password;
the electronic equipment decrypts the first encryption CE secret key based on the hash value of the first screen locking password to obtain the CE secret key;
the electronic device again stores the CE key in the first storage area.
8. The method of claim 6, wherein the electronic device determines that the second user account and the second lock screen password pass verification, specifically comprising:
the electronic equipment acquires a hash value of the encrypted first screen locking password from the second storage area;
the electronic equipment acquires a hash value of the account ID of the encrypted first user account from the security chip;
the electronic equipment acquires the hardware unique key;
the electronic equipment decrypts the hash value of the encrypted first screen locking password based on the hardware unique key to obtain the hash value of the first screen locking password;
the electronic equipment decrypts the hash value of the account ID of the encrypted first user account based on the hardware unique key to obtain the hash value of the account ID of the first user account;
The electronic equipment receives the second user account number input by the user and the second screen locking password input by the user;
and under the condition that the hash value of the account ID of the second user account is the same as that of the first user account and the hash value of the second screen locking password is the same as that of the first screen locking password, the electronic equipment determines that the second user account and the second screen locking password pass verification.
9. The method of claim 6, wherein after the second user account and the second lock screen password verification pass, the method further comprises:
the electronic device receives a first operation;
in response to the first operation, the electronic device obtains the first encrypted data and the first encrypted data key;
the electronic equipment acquires the CE key from the first storage area;
the electronic equipment decrypts the first encryption data key based on the CE key to obtain the first data key;
the electronic equipment decrypts the first encrypted data based on the first data key to obtain the first data;
The electronic device displays the first data.
10. An electronic device comprising one or more processors, one or more memories, and a security chip; wherein the security chip, the one or more memories are coupled to the one or more processors, the one or more memories for storing computer program code comprising computer instructions that, when executed by the one or more processors, cause the electronic device to perform the method of any of claims 1-9.
11. A chip system for application to an electronic device, the chip system comprising one or more processors configured to invoke computer instructions to cause the electronic device to perform the method of any of claims 1-9.
12. A computer readable storage medium comprising instructions which, when run on an electronic device, cause the electronic device to perform the method of any of claims 1-9.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310737595.8A CN116484431B (en) | 2023-06-21 | 2023-06-21 | Data protection method, electronic equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310737595.8A CN116484431B (en) | 2023-06-21 | 2023-06-21 | Data protection method, electronic equipment and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN116484431A true CN116484431A (en) | 2023-07-25 |
| CN116484431B CN116484431B (en) | 2024-05-17 |
Family
ID=87212254
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202310737595.8A Active CN116484431B (en) | 2023-06-21 | 2023-06-21 | Data protection method, electronic equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN116484431B (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116795741A (en) * | 2023-08-28 | 2023-09-22 | 凡澈科技(武汉)有限公司 | Method and system for preventing memory data from being deleted and tampered |
Citations (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101119565A (en) * | 2007-09-03 | 2008-02-06 | 华为技术有限公司 | Mobile communications terminal data protection method, system and equipment |
| US20100088525A1 (en) * | 2008-10-03 | 2010-04-08 | Microsoft Corporation | External encryption and recovery management with hardware encrypted storage devices |
| US20160004648A1 (en) * | 2013-04-12 | 2016-01-07 | Fujitsu Limited | Data erasing apparatus, data erasing method, and computer-readable storage medium |
| US20170230179A1 (en) * | 2016-02-05 | 2017-08-10 | Mohammad Mannan | Password triggered trusted encrytpion key deletion |
| CN107911546A (en) * | 2017-11-14 | 2018-04-13 | 奇酷互联网络科技(深圳)有限公司 | Theft preventing method, anti-theft device and the mobile terminal of mobile terminal |
| CN113168477A (en) * | 2019-11-08 | 2021-07-23 | 华为技术有限公司 | Data processing method, device and system chip |
| CN113408016A (en) * | 2021-05-24 | 2021-09-17 | 荣耀终端有限公司 | Method and device for storing ciphertext |
| CN113609497A (en) * | 2021-06-30 | 2021-11-05 | 荣耀终端有限公司 | Data protection method and device |
| CN113609498A (en) * | 2021-07-15 | 2021-11-05 | 荣耀终端有限公司 | Data protection method and electronic equipment |
| CN114117367A (en) * | 2020-08-29 | 2022-03-01 | 华为技术有限公司 | Data protection method and electronic equipment |
-
2023
- 2023-06-21 CN CN202310737595.8A patent/CN116484431B/en active Active
Patent Citations (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101119565A (en) * | 2007-09-03 | 2008-02-06 | 华为技术有限公司 | Mobile communications terminal data protection method, system and equipment |
| US20100088525A1 (en) * | 2008-10-03 | 2010-04-08 | Microsoft Corporation | External encryption and recovery management with hardware encrypted storage devices |
| US20160004648A1 (en) * | 2013-04-12 | 2016-01-07 | Fujitsu Limited | Data erasing apparatus, data erasing method, and computer-readable storage medium |
| US20170230179A1 (en) * | 2016-02-05 | 2017-08-10 | Mohammad Mannan | Password triggered trusted encrytpion key deletion |
| CN107911546A (en) * | 2017-11-14 | 2018-04-13 | 奇酷互联网络科技(深圳)有限公司 | Theft preventing method, anti-theft device and the mobile terminal of mobile terminal |
| CN113168477A (en) * | 2019-11-08 | 2021-07-23 | 华为技术有限公司 | Data processing method, device and system chip |
| CN114117367A (en) * | 2020-08-29 | 2022-03-01 | 华为技术有限公司 | Data protection method and electronic equipment |
| CN113408016A (en) * | 2021-05-24 | 2021-09-17 | 荣耀终端有限公司 | Method and device for storing ciphertext |
| CN113609497A (en) * | 2021-06-30 | 2021-11-05 | 荣耀终端有限公司 | Data protection method and device |
| CN113609498A (en) * | 2021-07-15 | 2021-11-05 | 荣耀终端有限公司 | Data protection method and electronic equipment |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116795741A (en) * | 2023-08-28 | 2023-09-22 | 凡澈科技(武汉)有限公司 | Method and system for preventing memory data from being deleted and tampered |
| CN116795741B (en) * | 2023-08-28 | 2023-11-10 | 凡澈科技(武汉)有限公司 | Method and system for preventing memory data from being deleted and tampered |
Also Published As
| Publication number | Publication date |
|---|---|
| CN116484431B (en) | 2024-05-17 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN113704014B (en) | Log acquisition system, method, electronic device and storage medium | |
| CN113609498B (en) | Data protection method and electronic equipment | |
| CN111191213B (en) | Method for deleting security service and electronic equipment | |
| CN111373380A (en) | Data recovery method for terminal to restore factory settings and terminal | |
| CN113408016B (en) | Method and device for storing ciphertext | |
| CN114553814B (en) | Method and device for processing push message | |
| WO2021057982A1 (en) | Application processing method and related product | |
| CN116484431B (en) | Data protection method, electronic equipment and storage medium | |
| CN114817939A (en) | Authority control method and electronic equipment | |
| CN113536374A (en) | Image privacy protection method and electronic equipment | |
| WO2022111469A1 (en) | File sharing method and apparatus, and electronic device | |
| CN115017498B (en) | Method for operating applet and electronic device | |
| CN114692119A (en) | Method for verifying application and electronic equipment | |
| CN113260996A (en) | Data display method | |
| RU2809740C2 (en) | Method for processing file stored in external memory | |
| WO2024046418A1 (en) | Data protection method and electronic device | |
| WO2024061326A1 (en) | Data protection method, and electronic device | |
| CN116669020B (en) | Password management method, password management system and electronic equipment | |
| CN116049826B (en) | TPM-based data protection method, electronic equipment and storage medium | |
| CN117668863A (en) | Data protection method and electronic equipment | |
| CN118051376A (en) | Data backup method and electronic equipment | |
| CN114117458A (en) | Key using method and related product | |
| CN117784990A (en) | Method and related device for displaying icons of application programs in task bar | |
| CN117376906A (en) | Communication method, communication system and electronic equipment | |
| CN117675881A (en) | Application data storage method and electronic equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |