CN201655334U - Nonvolatile memory protection system - Google Patents
Nonvolatile memory protection system Download PDFInfo
- Publication number
- CN201655334U CN201655334U CN2009201205376U CN200920120537U CN201655334U CN 201655334 U CN201655334 U CN 201655334U CN 2009201205376 U CN2009201205376 U CN 2009201205376U CN 200920120537 U CN200920120537 U CN 200920120537U CN 201655334 U CN201655334 U CN 201655334U
- Authority
- CN
- China
- Prior art keywords
- address
- data
- control module
- memory
- programming
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Lifetime
Links
Images
Landscapes
- Storage Device Security (AREA)
Abstract
The utility model provides a nonvolatile memory protection system and protection method thereof. A protection code is invoked from a memory via a control unit to limit an authorized user to program with or verify the data/program in the protection zone. Meanwhile, the data inputted into the memory is encrypted data, achieving different memories with different secret keys. The encryption method is not limited to one method. Different addresses can be provided with different secret key protections. If the secret key needs modifying, there is no need to replace the memory, but just to program. The utility model encrypts the memory address via the address encryption key to make the memory data about an unauthorized user's access to the memory address as the perturbation data. Memory data/program is decrypted via the data/program decryption key to prevent an unauthorized user from illegally obtaining the data and the analysis thereafter.
Description
Technical field
The utility model relates to the protection system of data/programming, data/program verification, address encryption, data/program deciphering of nonvolatile memory.
Background technology
Traditional nonvolatile memory cipher mode mainly contains following three classes: (1) carries out software cryptography by compiler to the data of storer, and the memory encryption that this method realizes cracks by the parsing of signal and communications protocol easily; (2) by hardware encryption module is set in storer, encrypting module adopts fixing particular encryption algorithm to realize, the memory encryption underaction that this method realizes uses identical cipher mode for different memory code; (3) mode by mask is solidificated in a ROM memory inside with key, the memory encryption that this method realizes is revised if desired, must revise in chip-scale, the relative second way, the cost that changes method modification encryption key is much smaller, can accomplish only to revise mask, thereby change key, but hardware modifications can not accomplish that each product uses different keys for bulk article, and key modification simultaneously needs must time and cost.
Summary of the invention
The utility model is intended to solve the deficiencies in the prior art; proposed memory data/programming, memory data/program verification, storage address encryption and memory data/program deciphering is carried out classification, multiple protective, is convenient to the nonvolatile memory protection system that realizes in batches.
The utility model has also proposed the guard method of nonvolatile memory.
The utility model has also proposed to be used for the control module of storage protection system and guard method simultaneously.
A kind of nonvolatile memory protection system is memory program/calibration equipment, and it comprises: programming/verification unit, control module and storer:
Described control module comprises memory control module, key/protected code registers group, storage address selection module and protection module, wherein:
Memory control module is connected programming/verification unit by the control input end mouth one of control module with the first input control signal line (W15c), receives memory program or storer checking command that programming/verification unit is sent;
Memory control module is connected programming/verification unit by the address input end mouth one of control module with the first Input Address line (W16a), receives the memory addressing address that programming/verification unit is sent;
Storage address selects module to be connected programming/verification unit by the address input end mouth one of control module with the first Input Address line (W16a), receives the memory addressing address that programming/verification unit is sent;
Protection module is connected programming/verification unit by the data-in port one of control module with first input data line (w13d), receives the programming data/program of programming/verification unit output;
Protection module is by the data-out port one and first output data line (w37d) connected storage of control module, protected code according to the correspondence programming address that key/the protection register provides, carry out a kind of in the following operation: when (1) allows visit when protected code, to storer output programming data/program; (2) when the protected code disable access, change through protected code protection back to storer output, and do not change the data/program of memory content; (3) when the protected code disable access, not to storer output programming data/program;
Protection module is by the data-in port two and second input data line (w07d) connected storage of control module, and according to the verification address that storage address selects module to export, reception memorizer provides checking data/program;
Key/protected code registers group is by the data-in port two and second input data line (w07d) connected storage of control module; select the protected code address of module output according to storage address; the protected code of the corresponding address that reception memorizer provides; perhaps programming/obtain the protected code of corresponding address from storer before the verification, protected code passes to protection module by protected code data line (w43d) again.
Protection module is connected programming/verification unit by the data-out port two of control module with second output data line (w31d), the protected code of the corresponding verification address that provides according to key/protection register, carry out a kind of in the following operation: when (1) allows visit when protected code, to programming/verification unit output verification data/program; (2) when the protected code disable access, to the data of programming/verification unit output change after the protected code protection; (3) when the protected code disable access, not to programming/verification unit output verification data/program;
Memory control module is by the control output end mouth one and first output control signal wire (w57c) connected storage of control module, and control store is programmed or verification; Further when the address of programming or verification was the address in storage protection district, memory control module can also be forbidden the effect of the first input control signal line (W15c);
Storage address is selected address output end mouth one and first OPADD line (w67a) connected storage of module by control module, and the address output end mouth is selected output protection sign indicating number address or programming address/verification addressing address to storer;
Memory control module is by selecting control line (w56c) and select address wire (w56a) connected storage address selection module, control address selection module selection output protection sign indicating number address, programming address or verification address.
Memory control module connects key/protected code registers group by register controlled line (w54c), and control key/protected code registers group is upgraded the protected code order;
Key/protected code registers group offers memory control module by register data line (w45d) connected storage control module with the protected code after upgrading.
A kind of nonvolatile memory protection system is memory encryption/decryption device, and it comprises: CPU, encryption/decryption element, control module and storer:
Described encryption/decryption element connects CPU by CPU control signal wire (w02c), receives the instruction that CPU sends; Encryption/decryption element connects CPU by cpu address line (W02a), the address that storer address to be encrypted that reception CPU sends or storer are treated data decryption/program; Memory data/program after encryption/decryption element will be deciphered by cpu data line (w02d) offers CPU;
Described control module comprises memory control module, key/protected code registers group and storage address selection module, wherein:
Memory control module is connected encryption/decryption element by the control input end mouth two of control module with the second input control signal line (W25c), receives storage address encryption or memory data decryption instructions that encryption/decryption element is sent; Memory control module is connected encryption/decryption element by the address input end mouth two of control module with the second Input Address line (W25a), receives the memory addressing address that encryption/decryption element is sent;
Storage address selects module to be connected encryption/decryption element by the address input end mouth three of control module with the 3rd Input Address line (W26a), receives the memory addressing address that encryption/decryption element is sent;
Key/protected code registers group is by the data-in port two and second input data line (w07d) connected storage of control module; according to the cipher key address that storage address selects module to export, storage address encryption key that reception memorizer provides or memory data/program decruption key.
Key/protected code registers group is connected encryption/decryption element by the data-out port three of control module with the 3rd output data line (w42d), provides data/program decruption key or address encryption key to encryption/decryption element;
Memory control module is by the control output end mouth one and first output control signal wire (w57c) connected storage of control module, and control store carries out storage address encryption or memory data/program deciphering;
Storage address is selected address output end mouth one and first OPADD line (w67a) connected storage of module by control module, the address output end mouth to its control signal of sending and address signal, is exported encryption address or data decryption/program address to storer according to memory control module;
Memory control module is by selecting control line (w56c) and select address wire (w56a) connected storage address selection module, control address selection module selection output encryption address or data decryption/program address.
Memory control module connects key/protected code registers group by register controlled line (w54c), and control key/protected code registers group is upgraded cipher key command;
Key/protected code registers group offers memory control module by register data line (w45d) connected storage control module with the key after upgrading.
Storer connects encryption/decryption element by second input data line (w07d), and providing to encryption/decryption element needs data decryption/program.
Further; encryption/decryption element obtains protected code from key/protected code registers group; judge whether it is whether CPU output user running program is user's running program of authorizing by CPU control signal wire (W02c) and cpu address line (W02a); if not the user program of authorizing, then forbidden storage device visit.
A kind of nonvolatile memory protection system comprises: programming/verification unit, CPU, encryption/decryption element, control module and storer:
Memory control module is connected programming/verification unit by the control input end mouth one of control module with the first input control signal line (W15c), receives memory program or storer checking command that programming/verification unit is sent;
Memory control module is connected programming/verification unit by the address input end mouth one of control module with the first Input Address line (W16a), receives the memory addressing address that programming/verification unit is sent;
Storage address selects module to be connected programming/verification unit by the address input end mouth one of control module with the first Input Address line (W16a), receives the memory addressing address that programming/verification unit is sent;
Protection module is connected programming/verification unit by the data-in port one of control module with first input data line (w13d), receives the programming data/program of programming/verification unit output;
Protection module is by the data-out port one and first output data line (w37d) connected storage of control module, protected code according to the correspondence programming address that key/the protection register provides, carry out a kind of in the following operation: when (1) allows visit when protected code, to storer output programming data/program; (2) when the protected code disable access, change through protected code protection back to storer output, and do not change the data/program of memory content; (3) when the protected code disable access, not to storer output programming data/program;
Protection module is by the data-in port two and second input data line (w07d) connected storage of control module, and according to the verification address that storage address selects module to export, reception memorizer provides checking data/program;
Key/protected code registers group is by the data-in port two and second input data line (w07d) connected storage of control module; select protected code, the cipher key address of module output according to storage address; reception memorizer provides corresponding protected code, key; perhaps at protected code, address encryption key, the memory data decruption key of programming, obtain from storer before the verification, deciphering, encryption programming data/program or checking data/program correspondence, protected code passes to protection module by protected code data line (w43d) again.
Protection module is connected programming/verification unit by the data-out port two of control module with second output data line (w31d), the protected code of the corresponding verification address that provides according to key/protection register, carry out a kind of in the following operation: when (1) allows visit when protected code, to programming/verification unit output verification data/program; (2) when the protected code disable access, to the data of programming/verification unit output change after the protected code protection; (3) when the protected code disable access, not to programming/verification unit output verification data/program;
Memory control module is connected encryption/decryption element by the control input end mouth two of control module with the second input control signal line (W25c), receives storage address encryption or memory data decryption instructions that encryption/decryption element is sent;
Memory control module is connected encryption/decryption element by the address input end mouth two of control module with the second Input Address line (W25a), receives the memory addressing address that encryption/decryption element is sent;
Storage address selects module to be connected encryption/decryption element by the address input end mouth three of control module with the 3rd Input Address line (W26a), receives the memory addressing address that encryption/decryption element is sent;
Key/protected code registers group is connected encryption/decryption element by the data-out port three of control module with the 3rd output data line (w42d), provides data/program decruption key or address encryption key to encryption/decryption element;
Memory control module is by the control output end mouth one and first output control signal wire (w57c) connected storage of control module, control store is programmed, verification, address encryption or memory data/program deciphering, further when the address of programming or verification was the address in storage protection district, memory control module can also be forbidden the effect of the first input control signal line (W15c);
Storage address is selected address output end mouth one and first OPADD line (w67a) connected storage of module by control module, the address output end mouth according to memory control module to its control signal of sending and address signal, under programming/verification state,, under storage address encryption/data decryption state, export encryption address or data decryption/program address to storer to storer output protection sign indicating number address or programming/verification addressing address;
Memory control module is by selecting control line (w56c) and selecting address wire (w56a) connected storage address selection module; control address selects module to select output protection sign indicating number address, programming address or verification address under programming/verification state;, control address selects module to select output encryption address or data decryption/program address under storage address encryption or data/program decrypted state.
Memory control module connects key/protected code registers group by register controlled line (w54c), and control key/protected code registers group is upgraded the protected code order;
Key/protected code registers group offers memory control module by register data line (w45d) connected storage control module with the protected code after upgrading.
Storer connects encryption/decryption element by second input data line (w07d), and providing to encryption/decryption element needs data decryption/program.
Further; encryption/decryption element obtains protected code from key/protected code registers group; judge whether it is whether CPU output user running program is user's running program of authorizing by CPU control signal wire (W02c) and address wire (W02a); if not the user program of authorizing, then forbidden storage device visit.
A kind of nonvolatile memory guard method is memory data/programming method, and it comprises the steps:
(1) programming/verification unit is sent programming instruction by the memory control module of the first input control signal line (W15c) connection control module to control module; Programming/verification unit is selected module and memory control module by the storage address that the first Input Address line (W16a) connects control module, the addressing address of output programming data/program correspondence; The programming data of programming/verification unit/program output terminal is exported programming data/program by the protection module of first input data line (w13d) connection control module;
(2) after the memory control module of control module receives programming instruction, memory control module is selected module output protection sign indicating number memory address by selecting address wire (w56a) to storage address, memory control module is by selecting the protected code memory address of control line (w56c) control store address selection module to the first OPADD line (w67a) output addressing address correspondence, memory control module provides the protected code of corresponding address by second input data line (w07d) to key/protected code registers group by control line (w57c) control store simultaneously, key/protected code registers group is upgraded protected code under the control of register controlled line (w54c), protected code after the renewal offers memory control module by register data line (w45d), and provides protection module by data line (w43d);
(3) memory control module judges according to the protected code that receives whether the addressing address that programming/verification unit is sent is the address in storage protection district: if the addressing address is not the address, protected location, the programming address of memory control module by selecting control line (w56c) notice storage address to select module to select the first Input Address line (W16a) to send, storage address selects module to offer storer by the first OPADD line (w67a) address of will programming, protection module offers storer with programming data/program by first output data line (w37d), storer under the control of control line (w57c), with programming data/procedure stores in the storage address of correspondence; If the addressing address is the address in storage protection district; the programming control signal that the memory control module shielding programming/verification unit first input control signal line (W15c) sends; perhaps programming data/the program of key/protected code registers group output protection sign indicating number interference protection module output, and do not change the content of storer.
Further, programming data/program of providing of programming/verification unit is enciphered data/program.
A kind of nonvolatile memory guard method is the checking memory data method, and it comprises the steps:
(1) programming/verification unit is sent checking command by the memory control module of the first input control signal line (W15c) connection control module to control module; Programming/verification unit is selected module and memory control module, the addressing address of output verification data/program correspondence by the storage address that the first Input Address line (W16a) connects control module;
(2) after the memory control module of control module receives checking command, memory control module is selected module output protection sign indicating number memory address by selecting address wire (w56a) to storage address, memory control module is by selecting the protected code memory address of control line (w56c) control store address selection module to the first OPADD line (w67a) output addressing address correspondence, memory control module provides the protected code of corresponding address by second input data line (w07d) to key/protected code registers group by control line (w57c) control store simultaneously, key/protected code registers group is upgraded protected code under the control of register controlled line (w54c), protected code after the renewal offers memory control module by register data line (w45d), and offers protection module by data line (w43d);
(3) memory control module judges according to the protected code that receives whether the addressing address that programming/verification unit is sent is the address in storage protection district: be not the address of protected location as the addressing address, the verification address of memory control module by selecting control line (w56c) notice storage address to select module to select the first Input Address line (W16a) to send, storage address selects module by the first OPADD line (w67a) the verification address to be offered storer, storer offers protection module with addressing address corresponding check data/program by data line (w07d) under the control of control line (w57c), protection module offers programming/verification unit by second output data line (w31d) and carries out verification; If the addressing address is the address in storage protection district; the verification control signal that memory control module shielding programming/verification unit is sent by the first input control signal line (W15c), the perhaps checking data/program of key/protected code registers group output protection sign indicating number interference protection module output.
The checking memory data method can be carried out separately, also can carry out after memory program data/program.
A kind of memory-protection method is the storage address encryption method, and it comprises the steps:
(1) encryption/decryption element connects CPU by CPU control signal wire (w02c), receives the instruction that CPU sends; Encryption/decryption element connects CPU by cpu address line (W02a), receives the storer address to be encrypted that CPU sends;
(2) encryption/decryption element obtains the encryption key of corresponding address from the key/protected code registers group of control module, utilize the address encryption key that the storer address to be encrypted that CPU sends is encrypted, memory control module is exported to by the second Input Address signal wire (w25a) in address after encryption/decryption element will be encrypted, exports to storage address by address signal line (w26a) and selects module; Encryption/decryption element is sent instruction by the storage control module of the second input control signal line (W25c) connection control module to memory control module;
(3) if the address after the encryption that memory control module receives is the address in storage protection district, then memory control module is interrupted the encryption address that the second OPADD signal wire (w25a) sends, if the address is the address of storer non-protection area after the encryption that memory control module receives, memory control module selects module to select address after the encryption that encryption/decryption element provides by the 3rd Input Address line (W26a) by selecting control line (w56c) notice storage address, and storage address selection module offers storer with encryption address by the first OPADD line (w67a);
Further; step (1) comprises that also encryption/decryption element obtains protected code from key/protected code registers group; judge whether it is whether CPU output user running program is user's running program of authorizing by CPU control signal wire (W02c) and cpu address line (W02a); if not the user program of authorizing; then forbidden storage device visit; if user's running program of authorizing then continues step (2).
A kind of nonvolatile memory guard method is memory data/program decryption method, and it comprises the steps:
(1) encryption/decryption element connects CPU by CPU control signal wire (w02c), receives the reading memory data instruction that CPU sends; Encryption/decryption element connects CPU by cpu address line (W02a), needs the addressing address of data decryption/program correspondence in the storer that reception CPU sends;
(2) encryption/decryption element is sent reading memory data/programmed instruction by the memory control module of the second input control signal line (W25c) connection control module to control module; Encryption/decryption element is by the memory control module of the second Input Address line (W25a) connection control module, and by the 3rd Input Address line (w26a) connected storage address selection module, output needs the addressing address of data decryption/program correspondence;
(3) memory control module is selected the addressing address of encryption/decryption element by the output of the 3rd Input Address line (W26a) by selecting control line (w56c) control store address selection module, storage address selects module by the first OPADD line (w67a) the addressing address to be offered storer, storer provides the storage data of addressing address correspondence to encryption/decryption element by second input data line (w07d) under the control of the first output control signal wire (w57c);
(4) encryption/decryption element is deciphered the data/program decruption key of the 3rd output data line (w42d) output and the memory data that receives according to predefined mode, and the data/program after the deciphering offers CPU.
Further; step (1) comprises that also encryption/decryption element obtains protected code from key/protected code registers group group; judge whether it is whether CPU output user running program is user's running program of authorizing by CPU control line (W02c) and cpu address line (W02a); if not the user program of authorizing; then forbidden storage device visit; if user's running program of authorizing then continues step (2).
The renewal of key described in the utility model and protected code, except that the above-mentioned described renewal of the utility model, can also under following any situation, upgrade:
(1) system reset or when reading sequence and restarting, the protected code of readout memory protected location or key, key/protected code registers group that each protected code or the key of protected location are called in the control module correspondence;
(2) carry out that memory data/program verification, storage address are encrypted, the protected code or the key of readout memory protected location before memory data/program deciphering, with key/protected code registers group that each protected code or the key of protected location are called in the control module correspondence, the more new demand operating process under this kind situation can be tolerated the acquisition time of key and protected code;
(3) utilize free time; this free time is long a period of time; pattern that is in dormancy or standby as system etc. does not take the occasion of storer; the protected code of readout memory protected location or key, key/protected code registers group that each protected code or the key of protected location are called in the control module correspondence.
Programming described in the utility model/verification unit connects external control, and described external control is any one among PC, CPU, FPGA, the CPLD.
The beneficial effects of the utility model are: carried out cascade protection by memory data/programming, memory data/program verification, storage address encryption and memory data/program deciphering, wherein:
The memory data that the utility model provides/programming device and programmed method thereof, the control by control module accesses protected code from storer, and restricting unauthorized user is to the data/programming in the address, protected location of storer; The data of input store are enciphered data; encrypted process is undertaken by host computer; and key together is programmed into storer; can realize that different storeies has different keys; encryption method also is not limited to a kind of, also can provide different cryptographic key protections for different addresses, if desired key is made amendment; do not need to change hardware, only need be undertaken by programming.
The memory data that the utility model provides/program calibration equipment and method of calibration thereof, the control by control module accesses protected code from storer, and restricting unauthorized effectively user is to the data in the address, protected location of storer/program verification.
Storage address encryption device and encryption method thereof that the utility model provides by the encryption of address encryption key to storage address, make the data of unauthorized user reference-to storage addressed memory be the upset data.
The memory data that the utility model provides/program decryption device and decryption method thereof by the deciphering of data/program decruption key to memory data/program, prevents to resolve after the ill-gotten data of unauthorized user.
Utilize the storage control unit of the nonvolatile memory that utility model provides can realize above-mentioned various protections simultaneously, its control is simple, save cost.
Description of drawings
Fig. 1 is a kind of nonvolatile memory protection system that the utility model proposes, existing in fact reservoir programming/verification;
Fig. 2 is a kind of nonvolatile memory protection system that the utility model proposes, existing in fact reservoir encrypt/decrypt;
Fig. 3 is a kind of nonvolatile memory protection system that the utility model proposes, existing in fact reservoir programming/verification and memory encryption/deciphering;
Fig. 4 is the key/register protected code registers group synoptic diagram that the utility model proposes
Embodiment
Below in conjunction with accompanying drawing the utility model content is further specified.
A kind of nonvolatile memory protection system be memory program/calibration equipment as shown in Figure 1, it comprises: programming/verification unit (01), control module (02) and storer (07):
Described control module (02) comprises memory control module (05), key/protected code registers group (04), storage address selection module (06) and protection module (03), wherein:
Memory control module (05) is connected programming/verification unit (01) by the control input end mouth one of control module (02) with the first input control signal line (W15c), receives memory program or storer checking command that programming/verification unit (01) is sent;
Memory control module (05) is connected programming/verification unit (01) by the address input end mouth one of control module (02) with the first Input Address line (W16a), receives the memory addressing address that programming/verification unit (01) is sent;
Storage address selects module (06) to be connected programming/verification unit (01) by the address input end mouth one of control module (02) with the first Input Address line (W16a), receives the memory addressing address that programming/verification unit (01) is sent;
Protection module (03) is connected programming/verification unit (01) by the data-in port one of control module (02) with first input data line (w13d), receives the programming data/program of programming/verification unit (01) output;
Protection module (03) is by the data-out port one and first output data line (w37d) connected storage of control module (02), protected code according to the correspondence programming address that key/the protection register provides, carry out a kind of in the following operation: when (1) allows visit when protected code, to storer output programming data/program; (2) when the protected code disable access, change through protected code protection back to storer output, and do not change the data/program of memory content; (3) when the protected code disable access, not to storer output programming data/program;
Protection module (03) is by the data-in port two and second input data line (w07d) connected storage of control module (02), and according to the verification address that storage address selects module (06) to export, reception memorizer provides checking data/program;
Key/protected code registers group (04) is by the data-in port two and second input data line (w07d) connected storage of control module (02); select the protected code address of module (06) output according to storage address; the protected code of the corresponding address that reception memorizer provides; perhaps programming/obtain the protected code of corresponding address from storer before the verification, protected code passes to protection module (03) by protected code data line (w43d) again.
Protection module (03) is connected programming/verification unit (01) by the data-out port two of control module (02) with second output data line (w31d), the protected code of the corresponding verification address that provides according to key/protection register, carry out a kind of in the following operation: when (1) allows visit when protected code, to programming/verification unit (01) output verification data/program; (2) when the protected code disable access, to the data of programming/verification unit (01) output change after the protected code protection; (3) when the protected code disable access, not to programming/verification unit (01) output verification data/program;
Memory control module (05) is by the control output end mouth one and first output control signal wire (w57c) connected storage of control module (02), and control store is programmed or verification; Further when the address of programming or verification was the address in storage protection district, memory control module (05) can also be forbidden the effect of the first input control signal line (W15c);
Storage address is selected address output end mouth one and first OPADD line (w67a) connected storage of module (06) by control module (02), and the address output end mouth is selected output protection sign indicating number address or programming address/verification addressing address to storer;
Memory control module (05) is by selecting control line (w56c) and select address wire (w56a) connected storage address selection module (06), control address selection module selection output protection sign indicating number address, programming address or verification address.
Memory control module (05) connects key/protected code registers group (04) by register controlled line (w54c), and control key/protected code registers group (04) is upgraded the protected code order;
Key/protected code registers group (04) offers memory control module (05) by register data line (w45d) connected storage control module (05) with the protected code after upgrading.
A kind of nonvolatile memory protection system is memory encryption/decryption device, and it comprises: CPU, encryption/decryption element, control module (02) and storer:
Described encryption/decryption element connects CPU by CPU control signal wire (w02c), receives the instruction that CPU sends; Encryption/decryption element connects CPU by cpu address line (W02a), the address that storer address to be encrypted that reception CPU sends or storer are treated data decryption/program; Memory data/program after encryption/decryption element will be deciphered by cpu data line (w02d) offers CPU;
Described control module (02) comprises memory control module (05), key/protected code registers group (04) and storage address selection module (06), wherein:
Memory control module (05) is connected encryption/decryption element by the control input end mouth two of control module (02) with the second input control signal line (W25c), receives storage address encryption or memory data decryption instructions that encryption/decryption element is sent; Memory control module (05) is connected encryption/decryption element by the address input end mouth two of control module (02) with the second Input Address line (W25a), receives the memory addressing address that encryption/decryption element is sent;
Storage address selects module (06) to be connected encryption/decryption element by the address input end mouth three of control module (02) with the 3rd Input Address line (W26a), receives the memory addressing address that encryption/decryption element is sent;
Key/protected code registers group (04) is by the data-in port two and second input data line (w07d) connected storage of control module (02); according to the cipher key address that storage address selects module (06) to export, storage address encryption key that reception memorizer provides or memory data/program decruption key.
Key/protected code registers group (04) is connected encryption/decryption element by the data-out port three of control module (02) with the 3rd output data line (w42d), provides data/program decruption key or address encryption key to encryption/decryption element; Memory control module (05) is by the control output end mouth one and first output control signal wire (w57c) connected storage of control module (02), and control store carries out storage address encryption or memory data/program deciphering;
Storage address is selected address output end mouth one and first OPADD line (w67a) connected storage of module (06) by control module (02), the address output end mouth to its control signal of sending and address signal, is exported encryption address or data decryption/program address to storer according to memory control module (05);
Memory control module (05) is by selecting control line (w56c) and select address wire (w56a) connected storage address selection module (06), control address selection module selection output encryption address or data decryption/program address.
Memory control module (05) connects key/protected code registers group (04) by register controlled line (w54c), and control key/protected code registers group (04) is upgraded cipher key command;
Key/protected code registers group (04) offers memory control module (05) by register data line (w45d) connected storage control module (05) with the key after upgrading.
Storer connects encryption/decryption element by second input data line (w07d), and providing to encryption/decryption element needs data decryption/program.
Further; encryption/decryption element obtains protected code from key/protected code registers group (04); judge whether it is whether CPU output user running program is user's running program of authorizing by CPU control signal wire (W02c) and cpu address line (W02a); if not the user program of authorizing, then forbidden storage device visit.
A kind of nonvolatile memory protection system comprises: programming/verification unit (01), CPU, encryption/decryption element, control module (02) and storer:
Memory control module (05) is connected programming/verification unit (01) by the control input end mouth one of control module (02) with the first input control signal line (W15c), receives memory program or storer checking command that programming/verification unit (01) is sent;
Memory control module (05) is connected programming/verification unit (01) by the address input end mouth one of control module (02) with the first Input Address line (W16a), receives the memory addressing address that programming/verification unit (01) is sent;
Storage address selects module (06) to be connected programming/verification unit (01) by the address input end mouth one of control module (02) with the first Input Address line (W16a), receives the memory addressing address that programming/verification unit (01) is sent;
Protection module (03) is connected programming/verification unit (01) by the data-in port one of control module (02) with first input data line (w13d), receives the programming data/program of programming/verification unit (01) output;
Protection module (03) is by the data-out port one and first output data line (w37d) connected storage of control module (02), protected code according to the correspondence programming address that key/the protection register provides, carry out a kind of in the following operation: when (1) allows visit when protected code, to storer output programming data/program; (2) when the protected code disable access, change through protected code protection back to storer output, and do not change the data/program of memory content; (3) when the protected code disable access, not to storer output programming data/program;
Protection module (03) is by the data-in port two and second input data line (w07d) connected storage of control module (02), and according to the verification address that storage address selects module (06) to export, reception memorizer provides checking data/program;
Key/protected code registers group (04) is by the data-in port two and second input data line (w07d) connected storage of control module (02); select the protected code of module (06) output according to storage address; cipher key address; reception memorizer provides corresponding protected code; key; perhaps programming; verification; deciphering; obtain the protected code of programming data/program or checking data/program correspondence before encrypting from storer; the address encryption key; memory data decruption key, protected code pass to protection module (03) by protected code data line (w43d) again.
Protection module (03) is connected programming/verification unit (01) by the data-out port two of control module (02) with second output data line (w31d), the protected code of the corresponding verification address that provides according to key/protection register, carry out a kind of in the following operation: when (1) allows visit when protected code, to programming/verification unit (01) output verification data/program; (2) when the protected code disable access, to the data of programming/verification unit (01) output change after the protected code protection; (3) when the protected code disable access, not to programming/verification unit (01) output verification data/program;
Memory control module (05) is connected encryption/decryption element by the control input end mouth two of control module (02) with the second input control signal line (W25c), receives storage address encryption or memory data decryption instructions that encryption/decryption element is sent;
Memory control module (05) is connected encryption/decryption element by the address input end mouth two of control module (02) with the second Input Address line (W25a), receives the memory addressing address that encryption/decryption element is sent;
Storage address selects module (06) to be connected encryption/decryption element by the address input end mouth three of control module (02) with the 3rd Input Address line (W26a), receives the memory addressing address that encryption/decryption element is sent;
Key/protected code registers group (04) is connected encryption/decryption element by the data-out port three of control module (02) with the 3rd output data line (w42d), provides data/program decruption key or address encryption key to encryption/decryption element;
Memory control module (05) is by the control output end mouth one and first output control signal wire (w57c) connected storage of control module (02), control store is programmed, verification, address encryption or memory data/program deciphering, further when the address of programming or verification was the address in storage protection district, memory control module (05) can also be forbidden the effect of the first input control signal line (W15c);
Storage address is selected address output end mouth one and first OPADD line (w67a) connected storage of module (06) by control module (02), the address output end mouth according to memory control module (05) to its control signal of sending and address signal, under programming/verification state,, under storage address encryption/data decryption state, export encryption address or data decryption/program address to storer to storer output protection sign indicating number address or programming/verification addressing address;
Memory control module (05) is by selecting control line (w56c) and selecting address wire (w56a) connected storage address selection module (06); control address selects module to select output protection sign indicating number address, programming address or verification address under programming/verification state;, control address selects module to select output encryption address or data decryption/program address under storage address encryption or data/program decrypted state.
Memory control module (05) connects key/protected code registers group (04) by register controlled line (w54c), and control key/protected code registers group (04) is upgraded the protected code order;
Key/protected code registers group (04) offers memory control module (05) by register data line (w45d) connected storage control module (05) with the protected code after upgrading.
Storer connects encryption/decryption element by second input data line (w07d), and providing to encryption/decryption element needs data decryption/program.
Further; encryption/decryption element obtains protected code from key/protected code registers group (04); judge whether it is whether CPU output user running program is user's running program of authorizing by CPU control signal wire (W02c) and address wire (W02a); if not the user program of authorizing, then forbidden storage device visit.
A kind of nonvolatile memory guard method is memory data/programming method, and it comprises the steps:
(4) programming/verification unit (01) is sent programming instruction by the memory control module (05) of the first input control signal line (W15c) connection control module (02) to control module (02); Programming/verification unit (01) is selected module (06) and memory control module (05) by the storage address that the first Input Address line (W16a) connects control module (02), the addressing address of output programming data/program correspondence; The programming data of programming/verification unit (01)/program output terminal is exported programming data/program by the protection module (03) of first input data line (w13d) connection control module (02);
(5) after the memory control module (05) of control module (02) receives programming instruction, memory control module (05) is selected module (06) output protection sign indicating number memory address by selecting address wire (w56a) to storage address, memory control module (05) is by selecting the protected code memory address of control line (w56c) control store address selection module (06) to the first OPADD line (w67a) output addressing address correspondence, memory control module (05) provides the protected code of corresponding address by second input data line (w07d) to key/protected code registers group (04) by control line (w57c) control store simultaneously, key/protected code registers group (04) is upgraded protected code under the control of register controlled line (w54c), protected code after the renewal offers memory control module (05) by register data line (w45d), and provides protection module (03) by data line (w43d);
(6) memory control module (05) judges according to the protected code that receives whether the addressing address that programming/verification unit (01) is sent is the address in storage protection district: if the addressing address is not the address, protected location, the programming address of memory control module (05) by selecting control line (w56c) notice storage address to select module (06) to select the first Input Address line (W16a) to send, storage address selects module (06) to offer storer by the first OPADD line (w67a) address of will programming, protection module (03) offers storer with programming data/program by first output data line (w37d), storer under the control of control line (w57c), with programming data/procedure stores in the storage address of correspondence; If the addressing address is the address in storage protection district; the programming control signal that memory control module (05) shielding programming/verification unit (01) first input control signal line (W15c) sends; perhaps programming data/the program of key/protected code registers group (04) output protection sign indicating number interference protection module (03) output, and do not change the content of storer.
Further, programming data/program of providing of programming/verification unit (01) is enciphered data/program.
A kind of nonvolatile memory guard method is the checking memory data method, and it comprises the steps:
(4) programming/verification unit (01) is sent checking command by the memory control module (05) of the first input control signal line (W15c) connection control module (02) to control module (02); Programming/verification unit (01) is selected module (06) and memory control module (05), the addressing address of output verification data/program correspondence by the storage address that the first Input Address line (W16a) connects control module (02);
(5) after the memory control module (05) of control module (02) receives checking command, memory control module (05) is selected module (06) output protection sign indicating number memory address by selecting address wire (w56a) to storage address, memory control module (05) is by selecting the protected code memory address of control line (w56c) control store address selection module (06) to the first OPADD line (w67a) output addressing address correspondence, memory control module (05) provides the protected code of corresponding address by second input data line (w07d) to key/protected code registers group (04) by control line (w57c) control store simultaneously, key/protected code registers group (04) is upgraded protected code under the control of register controlled line (w54c), protected code after the renewal offers memory control module (05) by register data line (w45d), and offers protection module (03) by data line (w43d);
(6) memory control module (05) judges according to the protected code that receives whether the addressing address that programming/verification unit (01) is sent is the address in storage protection district: be not the address of protected location as the addressing address, the verification address of memory control module (05) by selecting control line (w56c) notice storage address to select module (06) to select the first Input Address line (W16a) to send, storage address selects module (06) by the first OPADD line (w67a) the verification address to be offered storer, storer offers protection module (03) with addressing address corresponding check data/program by data line (w07d) under the control of control line (w57c), protection module (03) offers programming/verification unit (01) by second output data line (w31d) and carries out verification; If the addressing address is the address in storage protection district; the verification control signal that memory control module (05) shielding programming/verification unit (01) is sent by the first input control signal line (W15c), the perhaps checking data/program of key/protected code registers group (04) output protection sign indicating number interference protection module (03) output.
The checking memory data method can be carried out separately, also can carry out after memory program data/program.
A kind of memory-protection method is the storage address encryption method, and it comprises the steps:
(4) encryption/decryption element connects CPU by CPU control signal wire (w02c), receives the instruction that CPU sends; Encryption/decryption element connects CPU by cpu address line (W02a), receives the storer address to be encrypted that CPU sends;
(5) encryption/decryption element obtains the encryption key of corresponding address from the key/protected code registers group (04) of control module (02), utilize the address encryption key that the storer address to be encrypted that CPU sends is encrypted, memory control module (05) is exported to by the second Input Address signal wire (w25a) in address after encryption/decryption element will be encrypted, exports to storage address by address signal line (w26a) and selects module (06); Encryption/decryption element is sent instruction by the storage control module of the second input control signal line (W25c) connection control module (02) to memory control module (05);
(6) if the address after the encryption that memory control module (05) receives is the address in storage protection district, then memory control module (05) is interrupted the encryption address that the second OPADD signal wire (w25a) sends, if the address is the address of storer non-protection area after the encryption that memory control module (05) receives, memory control module (05) selects module (06) to select address after the encryption that encryption/decryption element provides by the 3rd Input Address line (W26a) by selecting control line (w56c) notice storage address, and storage address selection module (06) offers storer with encryption address by the first OPADD line (w67a);
Further; step (1) comprises that also encryption/decryption element obtains protected code from key/protected code registers group (04); judge whether it is whether CPU output user running program is user's running program of authorizing by CPU control signal wire (W02c) and cpu address line (W02a); if not the user program of authorizing; then forbidden storage device visit; if user's running program of authorizing then continues step (2).
A kind of nonvolatile memory guard method is memory data/program decryption method, and it comprises the steps:
(5) encryption/decryption element connects CPU by CPU control signal wire (w02c), receives the reading memory data instruction that CPU sends; Encryption/decryption element connects CPU by cpu address line (W02a), needs the addressing address of data decryption/program correspondence in the storer that reception CPU sends;
(6) encryption/decryption element is sent reading memory data/programmed instruction by the memory control module (05) of the second input control signal line (W25c) connection control module (02) to control module (02); Encryption/decryption element connects the memory control module (05) of control module (02) by the second Input Address line (W25a), by the 3rd Input Address line (w26a) connected storage address selection module (06), output needs the addressing address of data decryption/program correspondence;
(7) memory control module (05) is selected the addressing address of encryption/decryption element by the output of the 3rd Input Address line (W26a) by selecting control line (w56c) control store address selection module (06), storage address selects module (06) by the first OPADD line (w67a) the addressing address to be offered storer, storer provides the storage data of addressing address correspondence to encryption/decryption element by second input data line (w07d) under the control of the first output control signal wire (w57c);
(8) encryption/decryption element is deciphered the data/program decruption key of the 3rd output data line (w42d) output and the memory data that receives according to predefined mode, and the data/program after the deciphering offers CPU.
Further; step (1) comprises that also encryption/decryption element obtains protected code from key/protected code registers group (04) group; judge whether it is whether CPU output user running program is user's running program of authorizing by CPU control line (W02c) and cpu address line (W02a); if not the user program of authorizing; then forbidden storage device visit; if user's running program of authorizing then continues step (2).
As shown in Figure 4, the aforesaid storer of the utility model is a nonvolatile memory, and as disposable programmable memory, Flash etc., it is divided into:
---the protected location is used for memory data/program decruption key, storage address encryption key and protected code;
---non-protection area is used to store the data that do not need protection.
Data that need protection or program that described protected location can also further protect the user to make by oneself.
Described memory data/program decruption key, storage address encryption key and protected code are programmed in certain storer that pre-determines the address;
The data of the address storage that described storer is different or corresponding different protected code and the keys of program; the data of also can part different addresses storage or the identical protected code and the key of program correspondence, the data or the corresponding identical protected code and the key of program of all addresses storages that can certainly storer.
What should be understood that is that the foregoing description is just to explanation of the present utility model, rather than to restriction of the present utility model, any innovation and creation that do not exceed in the utility model connotation scope all fall within the utility model protection domain.
Claims (3)
1. the nonvolatile memory protection system is characterized in that realizing memory program/verification, and it comprises: programming/verification unit, control module and storer:
Described control module comprises memory control module, key/protected code registers group, storage address selection module and protection module, wherein:
Memory control module is connected programming/verification unit by the control input end mouth one of control module with the first input control signal line (W15c), receives memory program or storer checking command that programming/verification unit is sent;
Memory control module is connected programming/verification unit by the address input end mouth one of control module with the first Input Address line (W16a), receives the memory addressing address that programming/verification unit is sent;
Storage address selects module to be connected programming/verification unit by the address input end mouth one of control module with the first Input Address line (W16a), receives the memory addressing address that programming/verification unit is sent;
Protection module is connected programming/verification unit by the data-in port one of control module with first input data line (w13d), receives the programming data/program of programming/verification unit output;
Protection module is by the data-out port one and first output data line (w37d) connected storage of control module, protected code according to the correspondence programming address that key/the protection register provides, carry out a kind of in the following operation: when (1) allows visit when protected code, to storer output programming data/program; (2) when the protected code disable access, change through protected code protection back to storer output, and do not change the data/program of memory content; (3) when the protected code disable access, not to storer output programming data/program;
Protection module is by the data-in port two and second input data line (w07d) connected storage of control module, and according to the verification address that storage address selects module to export, reception memorizer provides checking data/program;
Key/protected code registers group is by the data-in port two and second input data line (w07d) connected storage of control module; select the protected code address of module output according to storage address; the protected code of the corresponding address that reception memorizer provides; perhaps programming/obtain the protected code of corresponding address from storer before the verification, protected code passes to protection module by protected code data line (w43d) again.
Protection module is connected programming/verification unit by the data-out port two of control module with second output data line (w31d), the protected code of the corresponding verification address that provides according to key/protection register, carry out a kind of in the following operation: when (1) allows visit when protected code, to programming/verification unit output verification data/program; (2) when the protected code disable access, to the data of programming/verification unit output change after the protected code protection; (3) when the protected code disable access, not to programming/verification unit output verification data/program;
Memory control module is by the control output end mouth one and first output control signal wire (w57c) connected storage of control module, and control store is programmed or verification;
Storage address is selected address output end mouth one and first OPADD line (w67a) connected storage of module by control module, and the address output end mouth is selected output protection sign indicating number address or programming address/verification addressing address to storer;
Memory control module is by selecting control line (w56c) and select address wire (w56a) connected storage address selection module, control address selection module selection output protection sign indicating number address, programming address or verification address.
Memory control module connects key/protected code registers group by register controlled line (w54c), and control key/protected code registers group is upgraded the protected code order;
Key/protected code registers group offers memory control module by register data line (w45d) connected storage control module with the protected code after upgrading.
2. nonvolatile memory protection system is characterized in that daring to memory encryption/deciphering, and it comprises: CPU, encryption/decryption element, control module and storer:
Described encryption/decryption element connects CPU by CPU control signal wire (w02c), receives the instruction that CPU sends; Encryption/decryption element connects CPU by cpu address line (W02a), the address that storer address to be encrypted that reception CPU sends or storer are treated data decryption/program; Memory data/program after encryption/decryption element will be deciphered by cpu data line (w02d) offers CPU;
Described control module comprises memory control module, key/protected code registers group and storage address selection module, wherein:
Memory control module is connected encryption/decryption element by the control input end mouth two of control module with the second input control signal line (W25c), receives storage address encryption or memory data decryption instructions that encryption/decryption element is sent; Memory control module is connected encryption/decryption element by the address input end mouth two of control module with the second Input Address line (W25a), receives the memory addressing address that encryption/decryption element is sent;
Storage address selects module to be connected encryption/decryption element by the address input end mouth three of control module with the 3rd Input Address line (W26a), receives the memory addressing address that encryption/decryption element is sent;
Key/protected code registers group is by the data-in port two and second input data line (w07d) connected storage of control module; according to the cipher key address that storage address selects module to export, storage address encryption key that reception memorizer provides or memory data/program decruption key.
Key/protected code registers group is connected encryption/decryption element by the data-out port three of control module with the 3rd output data line (w42d), provides data/program decruption key or address encryption key to encryption/decryption element;
Memory control module is by the control output end mouth one and first output control signal wire (w57c) connected storage of control module, and control store carries out storage address encryption or memory data/program deciphering;
Storage address is selected address output end mouth one and first OPADD line (w67a) connected storage of module by control module, the address output end mouth to its control signal of sending and address signal, is exported encryption address or data decryption/program address to storer according to memory control module;
Memory control module is by selecting control line (w56c) and select address wire (w56a) connected storage address selection module, control address selection module selection output encryption address or data decryption/program address.
Memory control module connects key/protected code registers group by register controlled line (w54c), and control key/protected code registers group is upgraded cipher key command;
Key/protected code registers group offers memory control module by register data line (w45d) connected storage control module with the key after upgrading.
Storer connects encryption/decryption element by second input data line (w07d), and providing to encryption/decryption element needs data decryption/program.
3. nonvolatile memory protection system is characterized in that comprising: programming/verification unit, CPU, encryption/decryption element, control module and storer:
Memory control module is connected programming/verification unit by the control input end mouth one of control module with the first input control signal line (W15c), receives memory program or storer checking command that programming/verification unit is sent;
Memory control module is connected programming/verification unit by the address input end mouth one of control module with the first Input Address line (W16a), receives the memory addressing address that programming/verification unit is sent;
Storage address selects module to be connected programming/verification unit by the address input end mouth one of control module with the first Input Address line (W16a), receives the memory addressing address that programming/verification unit is sent;
Protection module is connected programming/verification unit by the data-in port one of control module with first input data line (w13d), receives the programming data/program of programming/verification unit output;
Protection module is by the data-out port one and first output data line (w37d) connected storage of control module, protected code according to the correspondence programming address that key/the protection register provides, carry out a kind of in the following operation: when (1) allows visit when protected code, to storer output programming data/program; (2) when the protected code disable access, change through protected code protection back to storer output, and do not change the data/program of memory content; (3) when the protected code disable access, not to storer output programming data/program;
Protection module is by the data-in port two and second input data line (w07d) connected storage of control module, and according to the verification address that storage address selects module to export, reception memorizer provides checking data/program;
Key/protected code registers group is by the data-in port two and second input data line (w07d) connected storage of control module, select protected code, the cipher key address of module output according to storage address, reception memorizer provides corresponding protected code, key, perhaps at protected code, address encryption key, the memory data decruption key of programming, obtain from storer before the verification, deciphering, encryption programming data/program or checking data/program correspondence, protected code passes to protection module by protected code data line (w43d) again;
Protection module is connected programming/verification unit by the data-out port two of control module with second output data line (w31d), the protected code of the corresponding verification address that provides according to key/protection register, carry out a kind of in the following operation: when (1) allows visit when protected code, to programming/verification unit output verification data/program; (2) when the protected code disable access, to the data of programming/verification unit output change after the protected code protection; (3) when the protected code disable access, not to programming/verification unit output verification data/program;
Memory control module is connected encryption/decryption element by the control input end mouth two of control module with the second input control signal line (W25c), receives storage address encryption or memory data decryption instructions that encryption/decryption element is sent;
Memory control module is connected encryption/decryption element by the address input end mouth two of control module with the second Input Address line (W25a), receives the memory addressing address that encryption/decryption element is sent;
Storage address selects module to be connected encryption/decryption element by the address input end mouth three of control module with the 3rd Input Address line (W26a), receives the memory addressing address that encryption/decryption element is sent;
Key/protected code registers group is connected encryption/decryption element by the data-out port three of control module with the 3rd output data line (w42d), provides data/program decruption key or address encryption key to encryption/decryption element;
Memory control module is by the control output end mouth one and first output control signal wire (w57c) connected storage of control module, control store is programmed, verification, address encryption or memory data/program deciphering, further when the address of programming or verification was the address in storage protection district, memory control module can also be forbidden the effect of the first input control signal line (W15c);
Storage address is selected address output end mouth one and first OPADD line (w67a) connected storage of module by control module, the address output end mouth according to memory control module to its control signal of sending and address signal, under programming/verification state,, under storage address encryption/data decryption state, export encryption address or data decryption/program address to storer to storer output protection sign indicating number address or programming/verification addressing address;
Memory control module is by selecting control line (w56c) and selecting address wire (w56a) connected storage address selection module; control address selects module to select output protection sign indicating number address, programming address or verification address under programming/verification state;, control address selects module to select output encryption address or data decryption/program address under storage address encryption or data/program decrypted state.
Memory control module connects key/protected code registers group by register controlled line (w54c), and control key/protected code registers group is upgraded the protected code order;
Key/protected code registers group offers memory control module by register data line (w45d) connected storage control module with the protected code after upgrading;
Storer connects encryption/decryption element by second input data line (w07d), and providing to encryption/decryption element needs data decryption/program.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2009201205376U CN201655334U (en) | 2009-05-25 | 2009-05-25 | Nonvolatile memory protection system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2009201205376U CN201655334U (en) | 2009-05-25 | 2009-05-25 | Nonvolatile memory protection system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN201655334U true CN201655334U (en) | 2010-11-24 |
Family
ID=43120578
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2009201205376U Expired - Lifetime CN201655334U (en) | 2009-05-25 | 2009-05-25 | Nonvolatile memory protection system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN201655334U (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101901629A (en) * | 2009-05-25 | 2010-12-01 | 杭州士兰微电子股份有限公司 | Nonvolatile memory protecting system and method |
| CN107408068A (en) * | 2015-03-23 | 2017-11-28 | 英特尔公司 | Dynamic configuration and peripheral access in processor |
-
2009
- 2009-05-25 CN CN2009201205376U patent/CN201655334U/en not_active Expired - Lifetime
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101901629A (en) * | 2009-05-25 | 2010-12-01 | 杭州士兰微电子股份有限公司 | Nonvolatile memory protecting system and method |
| CN101901629B (en) * | 2009-05-25 | 2013-12-25 | 杭州士兰微电子股份有限公司 | Nonvolatile memory protecting system and method |
| CN107408068A (en) * | 2015-03-23 | 2017-11-28 | 英特尔公司 | Dynamic configuration and peripheral access in processor |
| CN107408068B (en) * | 2015-03-23 | 2021-05-11 | 英特尔公司 | Dynamic configuration and peripheral access in a processor |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104156642B (en) | A kind of security password input system and method based on safe touch screen control chip | |
| KR102013841B1 (en) | Method of managing key for secure storage of data, and and apparatus there-of | |
| CN1914849B (en) | Trusted mobile platform architecture | |
| EP0583140B1 (en) | System for seamless processing of encrypted and non-encrypted data and instructions | |
| JP4865694B2 (en) | Processor device | |
| CN102197382B (en) | Multi-layer content protecting microcontroller | |
| US20150186679A1 (en) | Secure processor system without need for manufacturer and user to know encryption information of each other | |
| CN102436423B (en) | Controller and method for protecting NorFlash core data outside universal sheet | |
| CN101996154B (en) | General processor supporting reconfigurable safety design | |
| CN101882189B (en) | Embedded-type system for ensuring completeness of program and realization method thereof | |
| CN204242180U (en) | A kind of security password input system based on safe touch screen control chip | |
| KR101303278B1 (en) | FPGA apparatus and method for protecting bitstream | |
| CN102347834A (en) | Trusted mobile platform architecture | |
| WO2009073863A1 (en) | Secure software download | |
| US9152576B2 (en) | Mode-based secure microcontroller | |
| CN104506504A (en) | Security mechanism and security device for confidential information of card-free terminal | |
| CN101901629B (en) | Nonvolatile memory protecting system and method | |
| CN114785503B (en) | Cipher card, root key protection method thereof and computer readable storage medium | |
| CN103929312A (en) | Mobile terminal and method and system for protecting individual information of mobile terminal | |
| CN101770559A (en) | Data protecting device and data protecting method | |
| CN102662874B (en) | Double-interface encryption memory card and management method and system of data in double-interface encryption memory card | |
| CN108959129B (en) | Embedded system confidentiality protection method based on hardware | |
| CN201655334U (en) | Nonvolatile memory protection system | |
| KR20180059217A (en) | Apparatus and method for secure processing of memory data | |
| CN103336919A (en) | System and method for achieving instrument encryption verification control function |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CX01 | Expiry of patent term | ||
| CX01 | Expiry of patent term |
Granted publication date: 20101124 |