CN117560151A - Double-core password engineering experiment system and experiment method - Google Patents
Double-core password engineering experiment system and experiment method Download PDFInfo
- Publication number
- CN117560151A CN117560151A CN202410031303.3A CN202410031303A CN117560151A CN 117560151 A CN117560151 A CN 117560151A CN 202410031303 A CN202410031303 A CN 202410031303A CN 117560151 A CN117560151 A CN 117560151A
- Authority
- CN
- China
- Prior art keywords
- password
- module
- engineering
- experiment
- cryptographic
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000002474 experimental method Methods 0.000 title claims abstract description 125
- 238000000034 method Methods 0.000 title claims abstract description 24
- 238000012545 processing Methods 0.000 claims abstract description 61
- 238000005516 engineering process Methods 0.000 claims abstract description 43
- 238000004883 computer application Methods 0.000 claims abstract description 30
- 230000006870 function Effects 0.000 claims abstract description 21
- 230000003993 interaction Effects 0.000 claims abstract description 17
- 238000004088 simulation Methods 0.000 claims abstract description 8
- 238000004891 communication Methods 0.000 claims description 22
- 238000013461 design Methods 0.000 claims description 19
- 238000011156 evaluation Methods 0.000 claims description 13
- 230000002093 peripheral effect Effects 0.000 claims description 12
- 230000008569 process Effects 0.000 claims description 3
- 230000002452 interceptive effect Effects 0.000 claims description 2
- 230000009977 dual effect Effects 0.000 claims 2
- 239000008186 active pharmaceutical agent Substances 0.000 description 9
- 238000004458 analytical method Methods 0.000 description 9
- 238000011161 development Methods 0.000 description 5
- 230000018109 developmental process Effects 0.000 description 5
- 238000012360 testing method Methods 0.000 description 4
- 239000000523 sample Substances 0.000 description 3
- 208000020714 Mesomelic dysplasia, Kantaputra type Diseases 0.000 description 2
- 230000019771 cognition Effects 0.000 description 2
- 230000007123 defense Effects 0.000 description 2
- 238000002347 injection Methods 0.000 description 2
- 239000007924 injection Substances 0.000 description 2
- 238000009434 installation Methods 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000012549 training Methods 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000006243 chemical reaction Methods 0.000 description 1
- 238000010276 construction Methods 0.000 description 1
- 230000002950 deficient Effects 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 230000008140 language development Effects 0.000 description 1
- 238000004806 packaging method and process Methods 0.000 description 1
- 239000000243 solution Substances 0.000 description 1
- 239000004575 stone Substances 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 230000001360 synchronised effect Effects 0.000 description 1
- 238000010998 test method Methods 0.000 description 1
- 238000012795 verification Methods 0.000 description 1
- 230000000007 visual effect Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/12—Details relating to cryptographic hardware or logic circuitry
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/26—Testing cryptographic entity, e.g. testing integrity of encryption key or encryption algorithm
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Storage Device Security (AREA)
- Stored Programmes (AREA)
Abstract
The invention relates to the technical field of password and information security, in particular to a dual-core password engineering experiment system and an experiment method. The dual-core password engineering experiment system comprises an upper computer application system and a dual-core password experiment system, wherein the dual-core password experiment system comprises a security chip subsystem and a password co-processing subsystem; the user completes interaction with the system and programming through the upper computer application system; the secure chip subsystem provides a cryptographic service APDU for an API function of a cryptographic service middleware of the upper computer application system, and delivers information of the received cryptographic co-processing subsystem and other external devices to the upper computer application system; and the cryptographic co-processing subsystem performs information interaction with external equipment and provides a custom cryptographic algorithm engine for the upper computer application system. According to the dual-core password engineering experimental method provided by the invention, a user creates an experimental system simulation framework according to the knowledge module for selecting practice learning, and the learning of the required password engineering technology is completed.
Description
Technical Field
The invention relates to the technical field of password and information security, in particular to a dual-core password engineering experiment system and an experiment method.
Background
Currently, a password device based on a commercial password algorithm becomes an important basic stone for guaranteeing the safety of a national information system, the development of the password industry enters a fast lane, and the demands of people who understand passwords and use the passwords are increased sharply. In recent years, the efforts of information security engineering and talent culture of password engineering are increased, and advanced special talents capable of designing, developing and applying a password system or password equipment are important components of a talent capacity culture system.
Currently, in the teaching of professional courses such as password engineering, information security engineering, embedded systems and the like, a pure software platform or a general ARM embedded processor platform is mostly adopted for constructing engineering experiment systems, and experiment systems constructed by a security processor are omitted; the experimental system and the experimental method of the password engineering class which fully embody the domestic credit creation technology are deficient; the password service middleware technology meeting the national commercial password standard is not applied to the existing teaching experiment system and experiment method.
Disclosure of Invention
The invention provides a dual-core cryptographic engineering experiment system for solving the problems, which adopts a domestic safety processor and a domestic FPGA chip as hardware cores of the cryptographic engineering experiment system, combines a commercial cryptographic algorithm engine and a cryptographic service middleware technology of a national cryptographic standard, and provides a dual-core cryptographic engineering experiment system based on an advanced domestic information creation technology and an experiment method based on the dual-core cryptographic engineering experiment system.
The invention provides a dual-core password engineering experiment system, which comprises an upper computer application system and a dual-core password experiment system. The dual-core cryptographic experiment system comprises a secure chip subsystem and a cryptographic co-processing subsystem.
The secure chip subsystem comprises an instruction and data processing functional module, a cryptographic engine functional module and a peripheral driver layer module. The cryptographic engine functional module provides an API function for the cryptographic service middleware through the data processing functional module; the peripheral driving layer module receives information from the upper computer application system, the password co-processing subsystem and other external equipment, processes the information through the instruction and data processing function module and delivers the information to the upper computer application system.
The password co-processing subsystem comprises an FPGA co-processing module and an intelligent IC card co-processing module. The FPGA co-processing module and the intelligent IC card co-processing module respectively interact information with the peripheral driving layer module; the FPGA co-processing module is directly communicated with the self-defined FPGA interactive program through an asynchronous serial channel and is used for deploying a self-defined cryptographic algorithm engine or other functional IP cores into the FPGA co-processing module.
Further, the upper computer application system is built on the PC and comprises a GUI user application program framework, a password service middleware and a USB CCID driver; the user calls an API function in the password service middleware to design a user application program under the GUI user application program framework; the user application program performs information interaction with the secure chip subsystem through the USB CCID driver.
Further, the peripheral driving layer module comprises a USB CCID communication protocol module, a QSPI (four-way SPI interface) driving module and a 7816M1 driving module. The USB CCID communication protocol module is used for completing communication interaction with the upper computer application system, the QSPI driving module is used for completing communication interaction with the FPGA co-processing module, and the 7816M1 driving module is used for completing communication interaction with the intelligent IC card co-processing module.
Further, the API function of the password service middleware is obtained by packaging APDU provided by the security chip subsystem; and the upper computer application system and the security chip subsystem are communicated by adopting a unified APDU (advanced personal data Unit) between the security chip subsystem and the password co-processing subsystem.
Depending on the dual-core password engineering experiment system provided by the invention, the invention also provides a dual-core password engineering experiment method, which comprises a password application engineering technology experiment method and a password equipment evaluation engineering technology experiment method; the password application engineering technology experimental method and the password equipment evaluation engineering technology experimental method are both based on the dual-core password engineering experimental system provided by the invention. Based on the dual-core password engineering experiment method, a GUI user application program framework is constructed, and an experiment method for acquiring a related knowledge module is provided for a user.
Further, the experimental method of the password application engineering technology comprises 7 experimental cases constructed aiming at the password service middleware; the experimental method for evaluating the engineering technology by the password equipment comprises 4 experimental cases constructed for the password hardware equipment, and a user creates an experimental system simulation environment according to a knowledge module for selecting exercise, so that the user can practice learning the selected knowledge module in an experimental system simulation framework, and the engineering technology capability of the knowledge module is formed.
Compared with the prior art, the invention has the following beneficial effects:
by means of the dual-core password engineering experimental system and the experimental method, a user selects a knowledge module to create an experimental system simulation framework, and practice training is performed in the aspects of a password algorithm application technology, a password system design technology and a password equipment evaluation technology in a targeted and purposeful manner, so that the cognition level and the practice capability of the self-systemization and engineering password engineering professional technology are effectively improved.
Drawings
Fig. 1 is a logic architecture diagram of a dual-core cryptographic engineering experiment system provided according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention will be further described in detail with reference to the accompanying drawings and specific embodiments. It should be understood that the specific embodiments described herein are for purposes of illustration only and are not to be construed as limiting the invention.
The dual-core password engineering experiment system provided by the invention is a password engineering experiment box constructed by a domestic safety processor and a domestic FPGA chip, adopts a dual-core module design, and combines the related standards of the national commercial password technology to provide a dual-core password experiment system of the domestic information creation technology. The user relies on the dual-core password engineering experiment system to purposefully develop practical training in the aspects of the application technology of the password algorithm, the design technology of the password system and the evaluation technology of the password equipment, and finally, the cognition level and the practical capability of the self-systemized and engineered password engineering professional technology are effectively improved.
Fig. 1 shows a logic architecture of a dual-core cryptographic engineering experiment system provided according to an embodiment of the present invention.
As shown in FIG. 1, the dual-core cryptographic engineering experiment system provided by the embodiment of the invention comprises an upper computer application system and a dual-core cryptographic experiment system. The dual-core cryptographic experiment system comprises a secure chip subsystem and a cryptographic co-processing subsystem.
The upper computer application system is built on a PC and comprises a GUI user application program framework, a password service middleware and a USB CCID driver. The user calls an API function in the password service middleware to design a user application program under the GUI user application program framework; the user application program completes information interaction with the security chip subsystem through the USB CCID driver.
The secure chip subsystem comprises an instruction and data processing functional module, a cryptographic engine functional module and a peripheral driver layer module. The cryptographic engine functional module and the FPGA co-processing module provide APDUs for the cryptographic service middleware through the command and data processing functional module, and finally package the APDUs into API functions of the cryptographic service middleware.
The APDU is packaged into a cryptographic service middleware which accords with the cryptographic equipment application interface specification of the national cipher GM/T0018-2012, and the cryptographic service middleware comprises three functional class functions, namely a cryptographic processing class interface function set, a key management class interface function set and a device management class interface function set, and totally comprises 76 API functions.
The peripheral driving layer module receives information from the upper computer application system, the password co-processing subsystem and other external equipment and delivers the information to the upper computer application system through the instruction and data processing function module. The peripheral driving layer module comprises a USB CCID communication protocol module, a QSPI driving module and a 7816M1 driving module. The USB CCID communication protocol module is used for completing communication interaction with the upper computer application system, the QSPI driving module is used for completing communication interaction with the FPGA co-processing module, and the 7816M1 driving module is used for completing communication interaction with the intelligent IC card co-processing module.
The password co-processing subsystem takes an FPGA module of a password engineering experiment box as a core and comprises an FPGA co-processing module and an intelligent IC card co-processing module. And the FPGA co-processing module and the intelligent IC card co-processing module respectively interact information with the peripheral driving layer module. The intelligent IC card co-processing module realizes the functions of user private file management, split key storage, user identity co-authentication and the like based on COS (Chip Operating System) of the intelligent IC card. The FPGA co-processing module performs information interaction with the APDU of the application layer interface protocol through the synchronous serial QSPI interface channel and is used for calling the custom cryptographic algorithm engine in the FPGA co-processing module.
The safety chip subsystem and the upper computer application system adopt CCID protocol of USB interface to realize communication, the safety chip subsystem and the intelligent IC card co-processing module adopt CCID protocol of ISO/IEC7816 interface to realize communication, and the safety chip subsystem and the FPGA co-processing module adopt CCID protocol of QSP interface to realize communication. The CCID is a standard protocol of a smart card device, and the communication protocol packet format of the CCID is APDU, but the present invention encapsulates APDUs conforming to the CCID application layer protocol based on different physical layer communication interfaces. The invention adopts unified APDU to communicate the upper computer application system, the security chip subsystem and the cipher co-processing subsystem, thus reducing the problem of overlarge system overhead caused by protocol conversion of the security chip subsystem.
The invention provides a double-core password engineering experimental method based on the provided double-core password engineering experimental system. The dual-core password engineering experimental method comprises a password application engineering technical experimental method and a password equipment evaluation engineering technical experimental method.
The experimental method of the password application engineering technology relies on password service middleware and GUI user application program frameworks to construct 7 experimental cases, wherein the experimental cases comprise an encryption and decryption experiment 1-1 of a symmetric password engine, an encryption and decryption experiment 1-2 of an asymmetric password engine, a design and realization experiment 1-3 of an FPGA custom password engine, an application experiment 1-4 of an FPGA password coprocessor, an identity authentication and key negotiation protocol design experiment 1-5, an intelligent IC card security system design experiment 1-6 and a three-layer key management scheme design experiment 1-7 of password equipment.
In order to clearly describe the experimental method of the cryptographic equipment evaluation engineering technology provided by the invention, a cryptographic experiment box matched with a dual-core cryptographic engineering experimental system is introduced. In the password experiment box, a THM3682 chip is adopted as a core processing chip in the security chip subsystem, and a domestic FPGA chip is adopted as a core processing chip in the FPGA co-processing module.
Experiment 1-1 is an example of an experimental method for engineering application of a symmetric cryptographic algorithm (emphasis is on a commercial cryptographic algorithm). Firstly, a user builds an embedded Keil ARM-MDK development environment and a C language development environment, connects a password experiment box, and installs software (including password experiment box driving installation and password service middleware installation); then, the user downloads the firmware program of the experiment I into a password experiment box through Keil ARM-MDK software and a JTAG simulator; finally, at the PC end, under the GUI user application program framework in the upper computer application system, the user writes a C/C++ language program by referring to the corresponding routine of the experimental system, calls the password service middleware API function to indirectly use the hardware password engine in the experimental system, and repeatedly tests the running result. Finally, the user acquires the loading, debugging and testing methods of the firmware program based on the password experiment box and the application technology of the symmetric password algorithm.
Experiments 1-2 are examples of engineering application experimental methods with respect to asymmetric algorithms (emphasis on the commercial-dense algorithm). Based on the experimental environment established in the experiment 1-1 and similar experimental steps, a user writes a C/C++ language program with reference to a corresponding routine of an experimental system under the framework of a GUI user application program, and calls the password service middleware API function to indirectly use a hardware password engine in the experimental system, so that the user finally obtains the application technology of an asymmetric password algorithm.
Experiments 1-3 are embodiments of engineering techniques experimental methods for FPGAs to implement cryptographic algorithm modules. Building a Pango Design Suite (PDS) integrated development environment, and writing a Verilog program in the PDS by a user referring to a corresponding routine of an experimental system; simulating the program in a Modelsim simulation tool; and loading the codes after successful simulation into an FPGA chip for operation by referring to a PDS program downloading method. And repeatedly testing the operation result by interacting with the user-defined FPGA interaction program provided by the experimental system. Finally, the user obtains the FPGA design realization technology of the hardware cryptographic engine and the serial interface.
Experiments 1-4 are embodiments of engineering experiments methods for FPGA implementation of cryptographic coprocessors. Based on the experimental environment and similar experimental steps set up in experiments 1-3, the user practice calls the process of the custom cryptographic algorithm engine in the FPGA co-processing module through the secure chip subsystem. Under the GUI user application program framework, a user writes a C/C++ language program by referring to corresponding routines of experiments 1-1 or experiments 1-2, interacts with a password engine in the FPGA co-processing module, displays an operation result, and finally acquires the application technology of the password coprocessor.
Experiments 1-5 are examples of engineering experiments methods relating to cryptographic protocol design. Based on the experimental environment and similar experimental steps set up by experiment 1-1, a user designs a key exchange and key negotiation protocol under the GUI user application program framework in an upper computer application system, writes a corresponding C/C++ language program, and indirectly uses a hardware cryptographic engine in the experiment system based on a cryptographic service middleware API function. And finally, the user learns the design and application technology of the key exchange and key negotiation protocol in the network communication environment.
Experiments 1-6 are examples of engineering application experimental methods for smart IC cards. Based on the experimental environment and similar experimental steps set up by experiment 1-1, the user writes a corresponding C/C++ program under the GUI user application program framework in the upper computer application system by referring to corresponding routines of the experimental system and ISO/IEC 7816-3/4 command format in China financial Integrated Circuit (IC) card application Specification. Finally, the user can acquire the intelligent IC card application and the security design technology.
Experiments 1-7 are examples of engineering experiments methods relating to device key management. The user relies on the experimental environment established by the experiment 1-1 and integrates the operation content of the experiment 1-6, a three-layer key management scheme is designed under the GUI user application program framework by referring to the corresponding routine of the experimental system and the related technology of key management, the corresponding C/C++ program is written under the GUI user application program framework, and the corresponding firmware program is loaded into the password experiment box. And finally, the user learns the design and implementation technology of the related scheme of the key management.
The experimental method of the cryptographic equipment evaluation engineering technology is used for constructing 4 experimental cases by relying on a cryptographic engineering experimental box, wherein the experimental cases comprise a cryptographic equipment algorithm performance evaluation experiment 2-1, an energy analysis attack experiment 2-2, a voltage injection attack and defense experiment 2-3 and a circuit breaking attack and defense experiment 2-4.
Experiment 2-1 is an example of an engineering evaluation experimental method for a cryptographic algorithm engine. Depending on experimental environments established in experiments 1-1 and 1-3, a user selects different cryptographic algorithms under the framework of GUI user application programs in an upper computer application system, the algorithms can select functional modules from the cryptographic engines or can select co-processing modules from the FPGA, write C/C++ programs according to routines of the experiments 1-1 or 1-2, call APDUs of a security chip subsystem, and evaluate processing speeds of encryption and decryption, signature verification and the like of different cryptographic algorithm engines. Finally, the user acquires the performance evaluation technology of the cryptographic algorithm.
Experiment 2-2 is an example of a cryptographic chip non-invasive security assessment experimental method. Based on the experimental environment established in the experiment 1-1, a user collects power consumption of the cryptographic algorithm of the THM3682 chip and the FPGA chip in running through special equipment, and refers to a corresponding power consumption analysis algorithm example program to perform power consumption analysis attack, so that the user can master a power consumption analysis method of the cryptographic chip. Specifically, the user downloads the firmware program special for the experiment to the THM3682 chip; secondly, connecting two ends of one probe of an oscilloscope or a digital signal collector to two ends of a probe of a power consumption acquisition component on the THM3682 chip or the FPGA chip respectively, and connecting the other probe to a GPIO interface pin reserved on the THM3682 chip or the FPGA chip; thirdly, a user starts a cipher engine functional module in the security chip subsystem or a custom cipher algorithm engine in the FPGA co-processing module to encrypt and decrypt a certain cipher engine by utilizing an example program in the upper computer application system, and triggers an oscilloscope to acquire a power consumption curve by relying on a level signal output by a GPIO interface pin; finally, the user can utilize a preset power consumption analysis algorithm program under the GUI user application program framework to perform power consumption analysis on the collected power consumption curves. Finally, the user acquires the power consumption analysis attack technology.
Experiments 2-3 are examples of test methods for evaluating physical security of a cryptographic chip. Depending on the experimental environment and similar experimental steps built in the experiment 2-2, a user refers to a corresponding example program, writes a Verilog program in a PDS integrated development environment, compiles and downloads the Verilog program into an FPGA chip; secondly, a user utilizes voltage burr attack equipment such as a ChipWhisper, and when the FPGA chip runs a cryptographic algorithm, voltage burrs are injected into the FPGA chip and power consumption and GPIO output of the FPGA chip are collected; finally, the analysis attacks are performed under the GUI user application framework using a given analysis algorithm program. Finally, the user can learn the related technology of the password chip injection attack.
Experiments 2-4 are examples of an evaluation experimental method for physical security of cryptographic devices. The experiment is completed by means of 4 breaking switches on a password experiment box. The user firstly refers to a corresponding breaking and tearing-down example program, writes a C program in a Keil RAM-MDK integrated development environment, compiles the C program into a target code and downloads the target code into a THM3682 chip; secondly, electrifying the THM3682 chip again, and starting the operation of the downloading program; finally, the user dials the breaking switch to observe the state of the corresponding display device (LED lamp or LCD) on the experiment box, and then tests the circuit breaking logic of the safety chip. Finally, the user acquires the password equipment circuit breaking and disassembling defending technology based on the security chip.
In the specific embodiment of the invention, the design thought of the GUI user application program framework is adopted, and a user can quickly grasp the construction of the knowledge module of the visual and the obtained interaction mode based on the framework. The program framework is realized by programming in C/C++ language, and has compatibility of cross Windows and Linux platforms.
The above embodiments do not limit the scope of the present invention. It will be apparent to those skilled in the art that various modifications, combinations, sub-combinations and alternatives are possible, depending on design requirements and other factors. Any modifications, equivalent substitutions and improvements made within the spirit and principles of the present invention should be included in the scope of the present invention.
Claims (6)
1. The dual-core password engineering experiment system comprises an upper computer application system and is characterized by also comprising a dual-core password experiment system; the dual-core password experiment system comprises a secure chip subsystem and a password co-processing subsystem:
the secure chip subsystem comprises an instruction and data processing functional module, a password engine functional module and a peripheral driving layer module; the password engine functional module provides an API function for password service middleware in the upper computer application system through the instruction and data processing functional module; the peripheral driving layer module receives information from the upper computer application system, the password co-processing subsystem and other external equipment, processes the information through the instruction and data processing function module and then delivers the information to the upper computer application system;
the password co-processing subsystem comprises an FPGA co-processing module and an intelligent IC card co-processing module; the FPGA co-processing module and the intelligent IC card co-processing module respectively interact with the peripheral driving layer module in information; the FPGA co-processing module is directly communicated with the self-defined FPGA interactive program through an asynchronous serial channel and is used for deploying a self-defined cryptographic algorithm engine or other functional IP cores into the FPGA co-processing module.
2. The dual-core cryptographic engineering experiment system according to claim 1, wherein the upper computer application system is built on a PC and comprises a GUI user application framework, a cryptographic service middleware, and a USB CCID driver; and the user invokes an API function in the password service middleware to design a user application program under the GUI user application program framework, and the user application program performs information interaction with the secure chip subsystem through the USB CCID driver.
3. The dual-core cryptographic engineering experiment system according to claim 1, wherein the peripheral driver layer module comprises a USB CCID communication protocol module, a QSPI driver module, and a 7816M1 driver module; the USB CCID communication protocol module is used for completing communication interaction with the upper computer application system; the QSPI driving module is used for completing communication interaction with the FPGA co-processing module; the 7816M1 driving module is used for completing communication interaction with the intelligent IC card co-processing module.
4. The dual core cryptographic engineering experiment system according to claim 1, wherein the API function of the cryptographic service middleware is encapsulated by an APDU provided by the secure chip subsystem; and unified APDUs are adopted for communication between the upper computer application system and the security chip subsystem and between the security chip subsystem and the password co-processing subsystem.
5. The double-core password engineering experiment method is characterized by comprising a password application engineering technology experiment method and a password equipment evaluation engineering technology experiment method; the password application engineering technology experimental method and the password equipment evaluation engineering technology experimental method are both based on the dual-core password engineering experimental system as claimed in any one of claims 1-4.
6. The dual core cryptographic engineering experiment method of claim 5, wherein the cryptographic application engineering experiment method comprises an experiment case constructed for the cryptographic service middleware; the experimental method for evaluating the engineering technology by the password equipment comprises the steps that aiming at experimental cases constructed by the password hardware equipment, a user creates an experimental system simulation environment according to a knowledge module for selecting exercises, so that the user can practice learning the selected knowledge module in an experimental system simulation framework, and the engineering technology capability of the knowledge module is formed.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202410031303.3A CN117560151B (en) | 2024-01-09 | 2024-01-09 | Double-core password engineering experiment system and experiment method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202410031303.3A CN117560151B (en) | 2024-01-09 | 2024-01-09 | Double-core password engineering experiment system and experiment method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN117560151A true CN117560151A (en) | 2024-02-13 |
| CN117560151B CN117560151B (en) | 2024-03-19 |
Family
ID=89813218
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202410031303.3A Active CN117560151B (en) | 2024-01-09 | 2024-01-09 | Double-core password engineering experiment system and experiment method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN117560151B (en) |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111371550A (en) * | 2020-03-11 | 2020-07-03 | 北京红亚华宇科技有限公司 | Data security code box, experiment method and system |
| CN111917751A (en) * | 2020-07-24 | 2020-11-10 | 郑州信大捷安信息技术股份有限公司 | Multi-user access system and method based on communication module safety module |
| CN111935109A (en) * | 2020-07-24 | 2020-11-13 | 郑州信大捷安信息技术股份有限公司 | Secure communication module remote agent system, private protocol implementation method and device |
| US20220327192A1 (en) * | 2019-12-28 | 2022-10-13 | Feitian Technologies Co., Ltd. | Secure password entry method and system |
-
2024
- 2024-01-09 CN CN202410031303.3A patent/CN117560151B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20220327192A1 (en) * | 2019-12-28 | 2022-10-13 | Feitian Technologies Co., Ltd. | Secure password entry method and system |
| CN111371550A (en) * | 2020-03-11 | 2020-07-03 | 北京红亚华宇科技有限公司 | Data security code box, experiment method and system |
| CN111917751A (en) * | 2020-07-24 | 2020-11-10 | 郑州信大捷安信息技术股份有限公司 | Multi-user access system and method based on communication module safety module |
| CN111935109A (en) * | 2020-07-24 | 2020-11-13 | 郑州信大捷安信息技术股份有限公司 | Secure communication module remote agent system, private protocol implementation method and device |
Non-Patent Citations (1)
| Title |
|---|
| 李秀滢: "基于专用芯片的密码工程实验平台的设计", 电子设计工程, vol. 22, no. 15, 31 August 2014 (2014-08-31) * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN117560151B (en) | 2024-03-19 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| McGillion et al. | Open-TEE--an open virtual trusted execution environment | |
| US6769622B1 (en) | System and method for simulating universal serial bus smart card device connected to USB host | |
| CN107832670A (en) | Face identification method and Related product | |
| CN103714295B (en) | A kind of detection method and system of financial integrated circuit card personal data | |
| EP1489549A2 (en) | Smartcard test system | |
| CN104090855B (en) | The USB mode of USB interface and the compatibility method and device of MHL patterns | |
| CN102479123A (en) | System and method for testing chip operating system (COS) | |
| CN106708680A (en) | Power-off test system, method and apparatus | |
| CN110401539A (en) | A kind of certificate data processing method, server, terminal and system | |
| CN117560151B (en) | Double-core password engineering experiment system and experiment method | |
| CN103427989A (en) | Data encryption and identity authentication method oriented in environment of internet of things | |
| CN105303093A (en) | Token verification method for cryptographic smart token | |
| CN111443994B (en) | Device, system and method for simulating smart card driver | |
| CN102880246A (en) | Mobile integrated test server | |
| CN105871840B (en) | A kind of certificate management method and system | |
| CN107562628A (en) | Computer software testing system | |
| CN106055935A (en) | Process control method and device and electronic equipment | |
| CN112597053B (en) | User interface automatic test method and device with safety control | |
| KR20120100342A (en) | Security token device and rf module and method of authentication usable in smartphone and pc | |
| CN202838353U (en) | Intelligent card reader with PIN code inputting function | |
| CN102567202A (en) | Double-interface intelligent card simulator based on field programmable gata array (FPGA) | |
| CN101051355A (en) | Reading and writing device for identity certificate address information adding and its working method | |
| CN103679257B (en) | A kind of contactless payment telecommunications integrated circuit card and implementation method | |
| CN107577953A (en) | A kind of system and method based on CUSE simulation credible password modules | |
| Duan et al. | Correctness proofs for device drivers in embedded systems |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |