CN1929379A - Intelligent cipher key capable of security control for movable storage device and its working method - Google Patents
Intelligent cipher key capable of security control for movable storage device and its working method Download PDFInfo
- Publication number
- CN1929379A CN1929379A CN 200610099069 CN200610099069A CN1929379A CN 1929379 A CN1929379 A CN 1929379A CN 200610099069 CN200610099069 CN 200610099069 CN 200610099069 A CN200610099069 A CN 200610099069A CN 1929379 A CN1929379 A CN 1929379A
- Authority
- CN
- China
- Prior art keywords
- storage device
- code key
- intelligent code
- movable storage
- key
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Storage Device Security (AREA)
Abstract
This invention relates to one intelligent key code and its work method to control mobile memory device, which comprises intelligent code key main control module, common interface control module, computer host, power circuit, status indicator and two input and output mouths, wherein, the main control module is connected to output interface and computer; the said common interface control module is connected to intelligent key main control module to connect mobile memory device through other input interface.
Description
Technical field
The present invention relates to intelligent code key, particularly intelligent cipher key capable of security control for movable storage device and method of work thereof.
Technical background
In recent years, along with the Internet technology fast development, ecommerce and E-Government were replacing traditional commercial affairs, government affairs pattern.One of central factor that ensures the normal operation of ecommerce and E-Government is exactly to guarantee that the each side personnel identity of participating is credible.
Intelligent code key can satisfy the demand of personal identification on the network well.The built-in main control chip of intelligent code key, wherein solidified the SOS (COS) of intelligent code key, the intelligent code key main control chip includes RSA Algorithm processor and symmetric encipherment algorithm processor, can be in inner enciphered data, it is right also can to produce RSA key in inside, and utilize RSA key to data being carried out " signature " and " separating signature ", send both sides' identity with confirmation, and utilize the symmetric encipherment algorithm processor to add, decipher the data of sending and receiving.When carrying out authentication, need " personal identification number (PIN) " that the intelligent code key holder imports the coupling of intelligent code key therewith to obtain the right to use of intelligent code key.
On the other hand, movable storage device, as utilize flash memory (Flash Memory) for the flash disk of memory carrier (being also referred to as USB flash disk) with utilize the magnetic storage technology to realize the portable hard drive of mobile storage, become the carrier that people carry out information exchange, these movable storage device majorities do not possess the security control function, any one user only need be connected to computer with equipment after taking these movable storage devices, just can read the wherein data of storage.Because of lacking the security control function, movable storage device causes data to be revealed having caused huge, irreparable damage to numerous offices, entity and individual.
The authentication and the data encryption feature that utilize intelligent code key to have can make movable storage device have the security control function, prevent to lack the data leakage problem appearance that the security control function causes because of movable storage device.
Summary of the invention
The technical problem that the present invention solves is authentication and the data encryption feature that utilizes intelligent code key to have, by technological improvement to existing intelligent code key, make intelligent code key can control the reading and writing of data and adding, deciphering of data in the movable storage device, realize the safe storage of data in the movable storage device.
The present invention solves the problems of the technologies described above the technical scheme of being taked:
Intelligent cipher key capable of security control for movable storage device, constitute by intelligent code key main control module, general-purpose interface control module, power circuit, positioning indicator, and link to each other with movable storage device with main frame respectively by two general-purpose interfaces.
Described intelligent code key main control module comprises the intelligent code key main control chip, and described intelligent code key main control chip links to each other by general-purpose interface with main frame and carries out exchanges data by the information exchanging channel based on general-purpose interface.
Described intelligent code key main control chip is an integrated microprocessor of intelligent code key processor, input/output port and memory, described intelligent code key processor be used to produce RSA key to and symmetric cryptographic key, and carry out symmetry and asymmetric encryption and decryption computing, described memory comprises RAM, EEPROM and FLASH, and memory is used for storage and comprises required firmware program, key information, cryptographic algorithm information and intelligent code key userspersonal information.
Described intelligent code key main control module is finished function and also can be shared to a plurality of functional units or a plurality of integrated circuit modules and finishing jointly.
Described general-purpose interface control module comprises interface control chip, described interface control chip is inner integrated input/output port.
Described interface control chip links to each other by general-purpose interface with movable storage device and carries out exchanges data by the information exchanging channel based on general-purpose interface.
Described intelligent code key main control chip links to each other with described interface control chip.
Described intelligent code key main control chip and described interface control chip can be merged into a functional unit or use an integrated circuit modules.
Described power circuit links to each other with interface control chip with the intelligent code key main control chip respectively, and links to each other with movable storage device by general-purpose interface, is used to the working power that provides stable.
Described positioning indicator links to each other with described intelligent code key main control chip, is used to show the operating state of intelligent code key.
Described general-purpose interface not only comprises USB interface, IEEE 1394 interfaces, can also comprise wireless blue tooth interface, IrDA infrared interface, HomeRF interface, IEEE 802.11a interface and/or IEEE 802.11b interface.
The method of work of intelligent cipher key capable of security control for movable storage device may further comprise the steps:
(1) connection device powers on, System self-test;
(2) main frame sends order to intelligent code key;
(3) intelligent code key analysis and the object computer main frame order of sending;
(4) intelligent code key returns result to main frame.
In the described step (1), the movable storage device interface is connected with the interface of intelligent code key, and the intelligent code key that connects is linked to each other with main frame by another interface, power on.
After powering on, the System self-test process can be divided into following 2 sub-steps:
(a) intelligent code key at first attempts reading the intelligent code key facility information from the specific memory section of the movable storage device that connected:
If read correct format, illustrate that movable storage device realized safe storage, Equipment Serial Number and the contrast of current intelligent code key Equipment Serial Number in the intelligent code key facility information that will from the specific memory section of the movable storage device that connected, read, if it is identical, explanation is intelligent code key and the movable storage device through binding, and by the encryption key indices of from movable storage device, reading number, find and be stored in encryption key corresponding in the intelligent code key, execution in step (2); If different, the result is returned main frame, change error handling processing over to;
If it is incorrect to read form, illustrate that movable storage device and the binding of intelligent code key not realize safe storage, go to substep (b);
(b) prompting user initialization:
Initialization procedure is told a tool shelf, maintain secrecy dish and several common disk with movable storage device, and produce a unique encryption key and be kept in the intelligent code key main control chip for movable storage device, this key is used for maintaining secrecy and coils adding, deciphering of data, in case after producing and storing, can not from the intelligent code key main control chip, read, can not be changed, and can only add, use during data decryption by the firmware program of intelligent code key main control chip.Just addressable after secret dish needs authentication to pass through, wherein Cun Chu data are by the encryption of intelligent code key main control chip.It is promptly addressable that common disk need not authentication, and wherein Cun Chu data are stored with the plaintext form.Initialization procedure is as follows:
(i) rewrite the movable storage device partition table information, tool shelf is set, maintains secrecy and coil and the common disk size according to user's request.Partition table information can deposit in the intelligent code key main control chip or movable storage device in;
(ii) intelligent code key is that movable storage device produces a unique encryption key and a call number corresponding with encryption key, and encryption key and call number thereof are stored in the intelligent code key main control chip;
The (iii) relevant information of the intelligent code key that will be connected with movable storage device, include but not limited to that the unique Equipment Serial Number of intelligent code key, encryption key indices number, user profile write the specific memory section in the movable storage device, represent this movable storage device with the binding of the intelligent code key that is connected, realize safe storage.
In the described step (2), main frame sends to the order of intelligent code key, by the firmware program analysis on the intelligent code key main control chip also by oneself.
In the described step (3), the instruction that intelligent code key analytical calculation machine host sends relates to the instruction of authentication, is carried out by the intelligent code key main control chip; Relate to the operation that in movable storage device, writes enciphered data, independently be responsible for the encryption of data, and data encrypted is write the corresponding stored unit by the intelligent code key main control chip; Relate to and from movable storage device, read enciphered data, independently be responsible for the deciphering of enciphered data by the intelligent code key main control chip, and the data after will deciphering export main frame to.
In the described step (4), the result that intelligent code key returns to main frame comprises intelligent code key main control chip execution result and error condition.
When intelligent cipher key capable of security control for movable storage device is not connected with movable storage device, only during the separate connection main frame, can finish all functions of common intelligent code key.
The present invention is by the improvement to intelligent code key, on intelligent code key, increase by a general-purpose interface, be used to connect movable storage device, when keeping the intelligent code key general function, utilize the authentication and the data encryption feature of intelligent code key, data reads in the control movable storage device, write and the adding of data, deciphering, realization is to data security storage in the ordinary mobile storage, the invention also discloses a kind of method of work of intelligent cipher key capable of security control for movable storage device simultaneously, make the present invention can guarantee to be stored in safety of data in the movable storage device.
The beneficial effect of intelligent cipher key capable of security control for movable storage device of the present invention and method of work thereof is the application of having expanded intelligent code key, in movable storage device, realize the data security storage, solved the data leakage problem that movable storage device causes because of lacking security mechanism.
Description of drawings
Fig. 1 is a hardware configuration theory diagram of the present invention;
Fig. 2 is a workflow schematic diagram of the present invention;
Fig. 3 is the circuit theory diagrams that two general-purpose interfaces of the present invention all adopt USB interface.
Embodiment
Because USB interface-based intelligent code key and movable storage device are comparatively general, so general-purpose interface is selected USB interface for use in one embodiment of the present of invention.As shown in Figure 1, intelligent cipher key capable of security control for movable storage device of the present invention is made of intelligent code key main control chip, interface control module, power circuit and positioning indicator etc.Described intelligent code key main control chip is made up of input/output port, processor, EEPROM, RAM, FLASH; Described interface control module is made up of interface controller and input/output port.
Fig. 3 is the circuit theory diagrams that two general-purpose interfaces of the present invention are all selected USB interface for use.
Described intelligent code key main control chip U2 is an integrated microprocessor of intelligent code key processor, input/output port and memory, described intelligent code key processor is used to produce RSA key to be used in the enciphered mobile storage apparatus symmetric cryptographic key of data right, carry out firmware program, add, decrypt operation, described memory comprises RAM, EEPROM and FLASH, and memory is used for storage and comprises required firmware program, key information, cryptographic algorithm information and intelligent code key userspersonal information.
Described intelligent code key main control chip U2 links to each other with main frame, and described intelligent code key main control chip U2 links to each other by the input-output unit in it is corresponding with the USB interface of main frame, carries out data communication.
Described USB main control chip U3 links to each other with intelligent code key main control chip U2.
Described USB main control chip U3 links to each other by the input-output unit in it is corresponding with the USB interface of movable storage device, reads, gets the data that are stored in the movable storage device by the intelligent code key main control chip by the control of USB main control chip.
Described power circuit links to each other with the USB main control chip with the intelligent code key main control chip respectively, is used to the working power that provides stable.
Described positioning indicator links to each other with described intelligent code key main control chip, is used to show the operating state of intelligent code key.
As shown in Figure 3, the IO0-IO7 data wire of described USB main control chip U3 links to each other with the GP0-GP7 of intelligent code key main control chip U2, and WP, the WE of described USB main control chip U3, ALE, CLE, CE, RE, R/B link to each other with GP14, GP12, GP9, GP8, GP10, GP11, the GP13 of intelligent code key main control chip U2 respectively.
The D+ line of described intelligent code key main control chip and D-line are formed and main frame mutual communication USB interface, and are connected with the USB interface of main frame.
The D+ line of described USB main control chip and D-line are formed and movable storage device mutual communication USB interface, and link to each other with the USB interface of movable storage device.
Described main frame is by the GND earth connection.
Described power circuit comprises regulator block U1, provide+the 5V stabilized power supply by main frame, this power supply is connected to the power input of regulator block U1, regulator block U2 output connects the Vcc3.3 line of described intelligent code key main control chip and USB main control chip, and described status display circuit is required+and the 3.3V power supply produces by regulator block U1.
Described main control chip connects a quartz crystal X1, respectively by a capacity earth, constitutes crystal oscillating circuit simultaneously, and clock signal is provided.
Described status display circuit is made up of LED and current-limiting resistance R, and described intelligent code key main control chip U2 connects the LED negative electrode through current-limiting resistance R, and the LED anode connects USB main control chip and Vcc3.3 line.
The course of work of present embodiment is as follows:
(1) connection device powers on, System self-test;
(2) main frame sends order to intelligent code key;
(3) intelligent code key analysis and the object computer main frame order of sending;
(4) intelligent code key returns result to main frame.
In the described step (1), the USB interface that movable storage device USB interface and intelligent code key is used for external movable storage device is connected, and the intelligent code key that connects is linked to each other with the USB interface of main frame by another interface, powers on.
After powering on, the System self-test process can be divided into following 2 sub-steps:
(a) intelligent code key at first attempts reading the intelligent code key facility information from the specific memory section of the movable storage device that connected:
If read correct format, illustrate that movable storage device realized safe storage, Equipment Serial Number and the contrast of current intelligent code key Equipment Serial Number in the intelligent code key facility information that will from the specific memory section of the movable storage device that connected, read, if it is identical, explanation is intelligent code key and the movable storage device through binding, and by the encryption key indices of from movable storage device, reading number, find and be stored in encryption key corresponding in the intelligent code key, execution in step (2); If different, the result is returned main frame, change error handling processing over to;
If it is incorrect to read form, illustrate that movable storage device and the binding of intelligent code key not realize safe storage, go to substep (b);
(b) prompting user initialization:
Initialization procedure is told a tool shelf, maintain secrecy dish and several common disk with movable storage device, and produce a unique encryption key and be kept in the intelligent code key main control chip for movable storage device, this key is used for maintaining secrecy and coils adding, deciphering of data, in case after producing and storing, can not from the intelligent code key main control chip, read, can not be changed, and can only add, use during data decryption by the firmware program of intelligent code key main control chip.Just addressable after secret dish needs authentication to pass through, wherein Cun Chu data are by the encryption of intelligent code key main control chip.It is promptly addressable that common disk need not authentication, and wherein Cun Chu data are stored with the plaintext form.Initialization procedure is as follows:
(i) rewrite the movable storage device partition table information, tool shelf is set, maintains secrecy and coil and the common disk size according to user's request, partition table information is deposited in the movable storage device;
(ii) intelligent code key is that movable storage device produces a unique encryption key and a call number corresponding with encryption key, and encryption key and call number thereof are stored in the intelligent code key main control chip;
The (iii) relevant information of the intelligent code key that will be connected with movable storage device, include but not limited to that the unique Equipment Serial Number of intelligent code key, encryption key indices number, user profile write the specific memory section in the movable storage device, represent this movable storage device with the binding of the intelligent code key that is connected, realize safe storage.
In the described step (2), main frame sends to the order of intelligent code key, by the firmware program analysis on the intelligent code key main control chip also by oneself.
In the described step (3), the instruction that intelligent code key analytical calculation machine host sends relates to the instruction of authentication, is carried out by the intelligent code key main control chip; Relate to the operation that in movable storage device, writes enciphered data, independently be responsible for the encryption of data, and data encrypted is write the corresponding stored unit by the intelligent code key main control chip; Relate to and from movable storage device, read enciphered data, independently be responsible for the deciphering of enciphered data by the intelligent code key main control chip, and the data after will deciphering export main frame to.
In the described step (4), the result that intelligent code key returns to main frame comprises intelligent code key main control chip execution result and error condition.
When intelligent code key is not connected with movable storage device, can finish all functions of common intelligent code key.
Claims (9)
1, a kind of intelligent cipher key capable of security control for movable storage device, it is characterized in that: comprise the general-purpose interface control module that is used to control the movable storage device data read, intelligent code key main control module and two input/output interfaces that are used for the used key of data in the storage encryption movable storage device, described intelligent key spoon main control module links to each other with main frame by input/output interface, described general-purpose interface control module links to each other with the intelligent code key main control module, and links to each other with movable storage device by another input/output interface.
2, according to the described intelligent cipher key capable of security control for movable storage device of claim 1, it is characterized in that: described intelligent code key main control module comprises the intelligent code key main control chip.
3, according to the described intelligent cipher key capable of security control for movable storage device of claim 2, it is characterized in that: described intelligent code key main control chip is an integrated intelligent code key processor, the microprocessor of input/output port and memory, described intelligent code key processor be used to produce RSA key to and symmetric cryptographic key, and carry out symmetry and asymmetric encryption and decryption computing, described memory comprises RAM, EEPROM and FLASH, memory are used for storage and comprise required firmware program, key information, cryptographic algorithm information and intelligent code key userspersonal information.
4, according to the described intelligent cipher key capable of security control for movable storage device of claim 2, it is characterized in that: described intelligent code key main control module is finished function and also can be shared to a plurality of functional units or a plurality of integrated circuit modules and finishing jointly.
5, according to the described intelligent cipher key capable of security control for movable storage device of claim 1, it is characterized in that: described general-purpose interface not only comprises USB interface, IEEE 1394 interfaces, can also comprise wireless blue tooth interface, IrDA infrared interface, HomeRF interface, IEEE802.11a interface and/or IEEE 802.11b interface.
6, a kind of method of work of intelligent cipher key capable of security control for movable storage device is characterized in that: may further comprise the steps:
(1) connection device powers on, and System self-test judges according to the information of reading whether movable storage device has realized safe storage in movable storage device, if be unrealized safe storage, then carry out the safe storage initialization procedure;
(2) main frame sends order to intelligent code key, by firmware program analysis, the processing in the intelligent code key;
(3) intelligent code key analysis and the object computer main frame order of sending relates to the operation of authentication, is carried out by the intelligent code key main control chip; Relate to the operation that in movable storage device, writes enciphered data, independently be responsible for the encryption of data, and data encrypted is write the corresponding stored unit by the intelligent code key main control chip; Relate to the operation of reading enciphered data from movable storage device, by the independently deciphering of responsible enciphered data of intelligent code key main control chip, and the data after will deciphering export main frame to;
(4) intelligent code key returns result to main frame, and result comprises firmware program execution result and error condition in the intelligent code key.
7, according to the method for work of the described intelligent cipher key capable of security control for movable storage device of claim 6, it is characterized in that:
Initialization procedure is with movable storage device subregion again in the described step (1), tell tool shelf, maintain secrecy and coil and common disk, and in movable storage device and intelligent code key, write the information that can represent that the two has realized the safe storage binding respectively, realize intelligent code key and mobile memory apparatus bound.
8, according to the method for work of the described intelligent cipher key capable of security control for movable storage device of claim 6, it is characterized in that:
The symmetric cryptographic key that is used for data in the enciphered mobile storage apparatus is produced by the intelligent code key main control chip, and by firmware program management in the intelligent code key.
9, according to the method for work of the described intelligent cipher key capable of security control for movable storage device of claim 6, it is characterized in that:
When intelligent cipher key capable of security control for movable storage device is not connected with movable storage device, only during the separate connection main frame, can finish all functions of common intelligent code key.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 200610099069 CN1929379A (en) | 2006-07-18 | 2006-07-18 | Intelligent cipher key capable of security control for movable storage device and its working method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 200610099069 CN1929379A (en) | 2006-07-18 | 2006-07-18 | Intelligent cipher key capable of security control for movable storage device and its working method |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN1929379A true CN1929379A (en) | 2007-03-14 |
Family
ID=37859181
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN 200610099069 Pending CN1929379A (en) | 2006-07-18 | 2006-07-18 | Intelligent cipher key capable of security control for movable storage device and its working method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN1929379A (en) |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN100458816C (en) * | 2007-07-13 | 2009-02-04 | 华中科技大学 | Cipher processor for avoiding reciphering and method for accessing data using same |
| CN101872334A (en) * | 2010-05-26 | 2010-10-27 | 北京飞天诚信科技有限公司 | Compound type usb equipment and implementation method thereof |
| CN101281497B (en) * | 2007-04-02 | 2011-01-19 | 北京爱国者存储科技有限责任公司 | Ciphering type mobile storage apparatus |
| CN102609589A (en) * | 2012-02-13 | 2012-07-25 | 山东浪潮商用系统有限公司 | Productization design method of intelligent password key |
| CN104868997A (en) * | 2015-03-30 | 2015-08-26 | 廖小谦 | Safety intelligent hardware, and protection method and system of user data of intelligent terminal |
-
2006
- 2006-07-18 CN CN 200610099069 patent/CN1929379A/en active Pending
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101281497B (en) * | 2007-04-02 | 2011-01-19 | 北京爱国者存储科技有限责任公司 | Ciphering type mobile storage apparatus |
| CN100458816C (en) * | 2007-07-13 | 2009-02-04 | 华中科技大学 | Cipher processor for avoiding reciphering and method for accessing data using same |
| CN101872334A (en) * | 2010-05-26 | 2010-10-27 | 北京飞天诚信科技有限公司 | Compound type usb equipment and implementation method thereof |
| CN102609589A (en) * | 2012-02-13 | 2012-07-25 | 山东浪潮商用系统有限公司 | Productization design method of intelligent password key |
| CN104868997A (en) * | 2015-03-30 | 2015-08-26 | 廖小谦 | Safety intelligent hardware, and protection method and system of user data of intelligent terminal |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN1147793C (en) | Semiconductor memory device | |
| CN1204722C (en) | Wireless data communication method and device for data processing system | |
| CN101196855B (en) | Mobile encrypted memory device and cipher text storage area data encrypting and deciphering processing method | |
| CN1949194A (en) | Portable access device with secret function and access method thereof | |
| CN1929379A (en) | Intelligent cipher key capable of security control for movable storage device and its working method | |
| CN109447225B (en) | High-speed safe encryption Micro SD card | |
| CN107256363A (en) | A kind of high-speed encryption and decryption device being made up of encryption/decryption module array | |
| CN1889426A (en) | Method and system for realizing network safety storaging and accessing | |
| CN101510245B (en) | High speed encryption and decryption USB bridging chip and chip high speed encryption and decryption method | |
| CN1818923A (en) | Enciphering authentication for radio-frequency recognition system | |
| CN101540191B (en) | Real-time encrypted U disk and high speed encryption-decryption method | |
| CN101561751A (en) | USB encryption and decryption bridging chip | |
| CN102073808A (en) | Method for encrypting and storing information through SATA interface and encryption card | |
| CN100346594C (en) | An IC card with cipher key conversion function | |
| CN1734475A (en) | Semiconductor integrated circuit and information processing apparatus | |
| CN1725196A (en) | Enciphered protection and read write control method for computer data | |
| CN107612683A (en) | A kind of encipher-decipher method, device, system, equipment and storage medium | |
| CN1764881A (en) | Instructions to assist the processing of a cipher message | |
| CN104391813A (en) | SOC (system-on-chip) chip for embedded data security system | |
| CN101030174A (en) | Mobile memory with fingerprint recognition function | |
| CN101561888A (en) | Real-time encryption SD card and high-speed encryption/decryption method | |
| CN101661563B (en) | Safe multi-interface certificate mobile inquiry system and method thereof | |
| CN1771691A (en) | Method, system and computer program for the secured management of network devices | |
| CN104063333A (en) | Encrypted storage equipment and encrypted storage method | |
| CN1968085A (en) | Method for high-speed safety communication of intelligent card |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C57 | Notification of unclear or unknown address | ||
| DD01 | Delivery of document by public notice |
Addressee: Qin Fen Document name: Notification of the application for patent for invention to go through the substantive examination procedure |
|
| C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Open date: 20070314 |