CN203631135U - Encrypted universal serial bus (USB) flash disk - Google Patents
Encrypted universal serial bus (USB) flash disk Download PDFInfo
- Publication number
- CN203631135U CN203631135U CN201320627148.9U CN201320627148U CN203631135U CN 203631135 U CN203631135 U CN 203631135U CN 201320627148 U CN201320627148 U CN 201320627148U CN 203631135 U CN203631135 U CN 203631135U
- Authority
- CN
- China
- Prior art keywords
- encrypted
- fpga
- disk
- master control
- usb
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Lifetime
Links
- 238000012937 correction Methods 0.000 claims description 11
- 230000006870 function Effects 0.000 abstract description 17
- 230000001360 synchronised effect Effects 0.000 abstract description 3
- 238000013475 authorization Methods 0.000 description 10
- 230000002093 peripheral effect Effects 0.000 description 9
- 238000013507 mapping Methods 0.000 description 5
- 238000005299 abrasion Methods 0.000 description 4
- 238000012545 processing Methods 0.000 description 4
- 238000012986 modification Methods 0.000 description 3
- 230000004048 modification Effects 0.000 description 3
- 230000004044 response Effects 0.000 description 3
- 238000004891 communication Methods 0.000 description 2
- 238000013478 data encryption standard Methods 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 238000000034 method Methods 0.000 description 2
- 238000005192 partition Methods 0.000 description 2
- 230000008569 process Effects 0.000 description 2
- 238000011084 recovery Methods 0.000 description 2
- 208000027418 Wounds and injury Diseases 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000008901 benefit Effects 0.000 description 1
- 230000008878 coupling Effects 0.000 description 1
- 238000010168 coupling process Methods 0.000 description 1
- 238000005859 coupling reaction Methods 0.000 description 1
- 230000006378 damage Effects 0.000 description 1
- 230000007812 deficiency Effects 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 238000000605 extraction Methods 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 208000014674 injury Diseases 0.000 description 1
- 239000011159 matrix material Substances 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 230000007480 spreading Effects 0.000 description 1
Images
Abstract
The utility model discloses an encrypted universal serial bus (USB) flash disk which comprises an NAND Flash memorizer, a USB protocol chip and a main controller as well as at least one encrypted FPGA, erasable programmable configurable serial (EPCS) chip and synchronous dynamic random access memory (SDRAM), wherein the NAND Flash memorizer is connected with the main controller; the USB protocol chip is connected with the main controller; the main controller is a main control field programmable gate array (FPGA) which is internally provided with an NIOS II processor used as a control core; the encrypted FPGA is connected with the main control FPGA; the EPCS chip is connected with the main control FPGA; the SDRAM is connected with the main control FPGA. The encrypted USB flash disk is rich in functions and simple to operate, is based on a reliable and effective encryption algorithm, has functions of safe fingerprint and wireless strategy authorized visit and has the characteristic functions of real-time alarm when being away from equipment and the like, thus being suitable for secret-related persons to carry and store secret-related files which need to be encrypted in real time, etc.
Description
Technical field
The utility model relates to a kind of USB flash disk, is specifically related to a kind of encrypted U disk.
Background technology
The implementation of modal common U disk is take general USB flash disk controller chip as platform, and large capacity NAND FLASH is as storage medium.Common U disk data in storage medium, all with stored in clear, is not easy to carry confidential document, and USB flash disk is lost and only need be taken off its storage medium and just can read file content wherein, is conventionally only suitable on the PC of the interior place of fixed area specially, has certain limitation.
A kind of implementation of special-purpose USB flash disk is take arm processor as core, is mainly responsible for usb protocol and resolves and reply the control of each functional module and data call.FPGA makees coprocessor, is responsible for the control of control, error correction algorithm and other peripheral hardwares of NAND FLASH.Cryptographic algorithm realizes structure by other a slice special FPGA.It is mainly that master controller peripheral hardware need to be more that this scheme hardware is realized, and cost is higher, and bus and Peripheral Interface module are fixed, and cannot form the interconnected of many interfaces with FPGA, lack dirigibility.After whole scheme realizes, equipment power dissipation is greater than the maximum output power of PC USB port, thereby this scheme is only suitable for the checking of functional code.
NOR FLASH is NOR nonvolatile memory, FRAM is ferroelectric memory, EPCS (Erasable programmable configurable serial) is FPGA configuration data serial storage, SDRAM(Synchronous Dynamic Random Access Memory) be synchronous DRAM, NANDFLASH is the one of nonvolatile memory.
Aes algorithm is the abbreviation of Advanced Encryption Standard (Advanced Encryption Standard) algorithm.AES is the cryptographic algorithm of a kind of iteration, symmetric key grouping, uses key to different from public key cryptography, and symmetric key cipher is used identical secret key encryption and data decryption.The figure place of the enciphered data of returning by block cipher is identical with input data.
The ultimate principle of AES is exactly the in-place computation that is arranged in of matrix data.But than the wider block of Rijndael and key length, AES adopts namely 16 bytes of fixing block length 128 bits, and key length is 128 bits, and 192 bits and three kinds of length of 256 bits are optional.AES has converged strong security, high-performance, high-level efficiency, the advantage such as easy-to-use and flexible as data encryption standards of new generation.AES is designed with three key lengths: 128,192,256, comparatively speaking, 128 keys of AES are stronger 1021 times than 56 keys of DES.Aes algorithm mainly comprises three aspects: wheel variation, the number of turns and cipher key spreading.
Abrasion equilibrium algorithm, the injury of USB flash disk characteristic maximum comes from wipes and writes the wearing and tearing that cause, and erasable number of times is more, and performance is more unstable, for balance abrasion, mainly contains following solution:
One: adopt the queue mode of reclaiming: use that can balanced NAND FLASH piece.So just can frequently same NAND FLASH not wiped and be write, after NAND FLASH piece is wiped free of, at least will experience the ability of queue length and wiped for the second time and use.
Two: adopt swap block Writing Technology: can reduce the number of times that NAND FLASH wipes same repeatedly.If write LBA(LBA (Logical Block Addressing)) after swap block is write the page (the untapped page), write swap block, otherwise swap block is submitted to mapping table, and (former mapping block will go out of use, be remapped to swap block, note: former mapping block rear end page data, the valid data of namely again not rewriting in swap block need to copy to swap block from former mapping block, set up again new mapping), like this, writing ninety-nine times out of a hundred all need to from recovery area, (recovery area be all wiped at first, but finally put into the piece of not wiping, after each extraction, all to wipe) extract a piece and wipe and be used as afterwards swap block, if the LBA writing usually drops on outside exchange, erasing times will be a lot of so, this all looks for a new erase block with writing at every turn, read former, write new piece, remap to differ and be as good as, because being written as continuum, USB flash disk major part writes, adopt the erasing times that can improve in this way operating speed and reduce same of NAND FLASH, accomplish abrasion equilibrium.
Mass Storage Class equipment comprises 4 logical partitions: CDROM district, and common U disk district, encrypted U disk district and hidden area, equipment firmware code can call scsi command parse state machine function after USB is flexible coupling, and Interface0 is divided into four subregions.
Introducing the capacity of this equipment below divides.In NAND FLASH, available BLOCK quantity is 15000, and actual BLOCK quantity is 16384, because the cause of bad block management and wear leveling, we only store valid data with 15000BLOCK.Because 1BLOCK comprises 128page (page size is 4KB), so the logical address length that upper function has access to is 15000*128.
Wherein general area and encryption authorization district capacity can be by the format output function adjustment of dispatching from the factory in host computer.In addition, due to the cause that compact disk file system sector-size is 2KB, distribute to 0x80000 the logical address (2GB) of CD-ROM drive, actual CD-ROM drive capacity only has 1GB.
Utility model content
The utility model has overcome the deficiencies in the prior art, a kind of encrypted U disk is provided, dangerous to USB flash disk classified information storage in prior art to be solved, storage data are not with clear-text way storage, use region limitation serious, bus and Peripheral Interface module are fixed, and cannot form the interconnected of many interfaces with FPGA, lack dirigibility, and the problem such as system power dissipation is large.
For solving above-mentioned technical matters, the utility model by the following technical solutions:
A kind of encrypted U disk, comprises NAND FLASH storer, usb protocol chip and master controller; Described NANDFLASH storer is connected with described master controller, and described usb protocol chip is connected with master controller; Described master controller is master control FPGA, and described master control FPGA inside is provided with for the NIOS II processor as control core; Described encrypted U disk also comprises that at least a slice is encrypted FPGA, EPCS chip, SDRAM; Described encryption FPGA is connected with described master control FPGA; Described EPCS chip is connected with described master control FPGA; Described SDRAM is connected with described master control FPGA.
Further technical scheme is that encrypted U disk also comprises FRAM, and described FRAM is connected with described master control FPGA.
Further technical scheme is that master control FPGA inside is provided with Error Correction of Coding module, and described Error Correction of Coding module is connected with described NIOS II processor, and described Error Correction of Coding module is connected with described encryption FPGA.
Further technical scheme is that encrypted U disk also comprises SPI NOR FLASH storer, and described SPI NORFLASH storer is connected with described master control FPGA.
Further technical scheme is that encrypted U disk also comprises fingerprint chip, and described fingerprint chip is connected with described master control FPGA.
Further technical scheme is that encrypted U disk also comprises wireless module, and described wireless module is connected with described master control FPGA.
Further technical scheme is that encrypted U disk also comprises alarm, and described alarm intercoms by wireless mode mutually with described wireless module.
Further technical scheme is that encrypted U disk is portable encryption USB flash disk.
Compared with prior art, the beneficial effects of the utility model are: the utility model encrypted U disk feature richness, simple to operate, based on reliably efficient cryptographic algorithm, fingerprint and the wireless policy authorization access function of safety, away from feature functionalitys such as equipment Realtime Alerts, be applicable to concerning security matters personnel and carry and store confidential document, confidential document needs are real-time encrypted etc.
Accompanying drawing explanation
Fig. 1 is example structure block diagram of the utility model.
Fig. 2 is master control FPGA inner structure module frame chart in embodiment of the utility model.
Fig. 3 is embodiment main flow chart of the utility model.
Embodiment
Below in conjunction with accompanying drawing, the utility model is further elaborated.
As shown in Figure 1, Fig. 1 shows the structured flowchart of an embodiment of the utility model.The present embodiment encrypted U disk, encrypted U disk can be Portable U disk, comprises NAND FLASH storer, usb protocol chip and master controller; NAND FLASH storer is connected with master controller, and usb protocol chip is connected with master controller; As preferred embodiment, in the present embodiment, master controller is master control FPGA, and master control FPGA inside is provided with for the NIOS II processor as control core; The present embodiment encrypted U disk also comprises that at least a slice is encrypted FPGA, EPCS chip, SDRAM; Encrypting FPGA is connected with master control FPGA; EPCS chip is connected with master control FPGA; SDRAM is connected with master control FPGA.As preferred embodiment, the present embodiment encrypted U disk also comprises fingerprint chip, and fingerprint chip is connected with master control FPGA.The present embodiment encrypted U disk is also provided with wireless module, and wireless module is connected with master control FPGA.Be provided with independently alarm, alarm intercoms mutually by communication and wireless module simultaneously.Encrypted U disk also comprises FRAM, and FRAM is connected with master control FPGA.Encrypted U disk also comprises SPI NORFLASH storer, and SPI NOR FLASH storer is connected with master control FPGA.Be provided with the noise source steering logic module that noise source is controlled simultaneously.
The present embodiment encrypted U disk uses the NIOS II processor of FPGA inside as control core, is responsible for usb protocol and resolves and reply the realization of wear-leveling algorithm, the control of each functional module and data call.FPGA is responsible for the control of control, error correction algorithm and other peripheral hardwares of NAND FLASH.By another sheet, FPGA realizes special cryptographic algorithm.Device power supply (DPS) adopts PC USB port 5V power supply.Power management module converts input power to the each components and parts of device interior required power supply (needs 3.3V as FPGA needs 1.2V, 2.5V, other peripheral hardwares; the 1.8V that fingerprint chip needs etc.) and realize overvoltage/undervoltage protection, surge protection, electrostatic protection function, guarantee security, the reliability of equipment itself.
Clock management module provides the required work clock of each components and parts (needing 12MHz/LVTTL, wireless module to need 12MHz/LVTTL etc. as FPGA needs 50MHz/LVTTL, USB).
The monitoring that reset administration module keeps Dui Ge road supply voltage and FPGA working condition, realizes the functions such as electrification reset, power-off reset, electric voltage exception reset, the overtime reset of house dog.
As shown in Figure 2, Fig. 2 shows master control FPGA inner structure module frame chart in embodiment of the utility model.FPGA is the master control device of equipment, is made up of and each peripheral hardware steering logic forms NIOS II soft nucleus CPU, Correction-Coding Algorithm.In master control FPGA, be provided with NIOS II CPU, NIOS II CPU is connected with inner multiple SPI modules, multiple serial port module, Error Correction of Coding module, NAND steering logic module, noise source steering logic module, multiple AVALON bus, the configuration logic that the powers on module arranging of master control FPGA respectively.The configuration logic that powers on module is connected with outside EPCS chip; Part SPI module is connected with outside FRAM, and part SPI module is connected with outside SPI NOR FLASH storer; Part AVALON bus is connected with outside SDRAM, and part AVALON bus is connected with external USB protocol chip; Noise source steering logic module is connected with external noise source, receives external noise source; NAND FLASH steering logic module and outside NAND FLASH storer interconnect; Error Correction of Coding module is connected with NAND steering logic in master control FPGA inside, is connected with external encryption algorithm FPGA simultaneously, and encryption algorithm F PGA is and encrypts FPGA.Part serial port module is connected with external wireless module, and part serial port module is connected with outside fingerprint chip.NIOS II CPU hardware components and fpga logic part active arrangement after device power complete structure, then from EPCS chip, load NIOS II program, move at SDRAM.Encryption algorithm F PGA carries out long-range structure by NIOS II CPU obtaining after mandate, prevents that algorithm from divulging a secret.
As shown in Figure 3, Fig. 3 shows embodiment main flow chart of the utility model.After device power, move NIOS II program, carry out after the operation such as electrification reset, software and hardware initialization, PC starts to connect usb bus, enumerates USB device, then enters the flow process of poll processing USB affairs.Main flow be electrification reset to software and hardware initialization, to memory block access pre-authorization, to connecting usb bus, to processing USB affairs, to authorization identifying judgement, be back to and process before USB affairs according to judged result." electrification reset " occur in device power and fpga logic and NIOS II program boot complete after.CPU resets to each peripheral module, makes it to return to original state,
" software and hardware initialization " provides a suitable environment for running software, and concrete operation comprises carries out pattern setting, parameter configuration, module initialization etc. to peripheral module.
The access control of " memory block access pre-authorization " initialization to CD-ROM drive, common U disk and mandate USB flash disk.Following table has been listed the access authorization of acquiescence.
| ? | CD-ROM drive | Common U disk | Authorize USB flash disk |
| Acquiescence is authorized | Addressable | Addressable | Inaccessible |
The specific implementation of " addressable " is: accepts the visit order of PC to LUN, comprises reading and writing, medium inquiry etc., and correctly response.Can see the drive of this disc driver at PC end, and can read and write wherein data, be read-only for CD-ROM drive.
The specific implementation of " inaccessible " is: do not accept the visit order of PC to LUN, report that to PC disc driver is without medium.Can see the drive of this disc driver at PC end, but access time can be ejected the information of " please disk being inserted to driver ".
In addition, the present embodiment has also carried out unauthorized control to hidden area.
" processing USB affairs " is the processing to various USB events, comprises bus events, enumerates response, end points access etc.Adopt the mode of poll to carry out program design, to guarantee that response is to all USB events.
" authorization identifying judgement " is to realize the access control to authorizing USB flash disk by fingerprint, wireless module.Fingerprint module control principle is by contrasting with the fingerprint template of registering, if contrasted successfully, opens USB flash disk authorization control, otherwise turn-offs the authorization control of USB flash disk.Wireless module control principle is in the time of the equipment of use, on encrypted U disk, wireless module is communicated by letter mutually with alarm equipment independently, if alarm equipment is away from equipment more than 10 meters, communication failure, the authorization control of turn-offing USB flash disk at once, can prevent from using the personnel of encrypted U disk away from the equipment using, also can prevent that equipment from being stolen.
The present embodiment has been realized: CDROM subregion starts the function of PC operating system, need to authorize the USB flash disk subregion (when unauthorized, drive is shown as without storage medium) of opening, the function of common U disk subregion, the hidden partition function (showing without drive) of the proprietary access of application software, traffic encryption/the decipher function of user file and file on PC, finger print identifying, two kinds of modes of wireless strategy authentication are carried out the function in granted access equipment concerning security matters district, equipment is away from operating personnel's real time alarm function, emergency condition is destroyed cipher key function (manual mode, wireless tactful mode, take equipment self-destruction mode apart), by using at a high speed, cryptographic algorithm efficiently, the abrasion equilibrium of storage medium and error correction algorithm make the supporting application software of equipment, the function that equipment firmware and cryptographic algorithm can be upgraded by USB.
" embodiment ", " another embodiment ", " embodiment " that spoken of in this manual, etc., refer to specific features, structure or the feature described in conjunction with this embodiment and be included at least one embodiment that the application's generality describes.In instructions, multiple local appearance statement of the same race is not necessarily to refer to same embodiment.Furthermore, while describing a specific features, structure or feature in conjunction with any embodiment, what advocate is to realize this feature, structure or feature in conjunction with other embodiment also to drop in scope of the present utility model.
Although the utility model is described with reference to the multiple explanatory embodiment of utility model here, but, should be appreciated that, those skilled in the art can design a lot of other modification and embodiments, and these are revised and within embodiment will drop on the disclosed principle scope and spirit of the application.More particularly, in the scope of, accompanying drawing open in the application and claim, can carry out multiple modification and improvement to the building block of subject combination layout and/or layout.Except modification that building block and/or layout are carried out with improving, to those skilled in the art, other purposes will be also obvious.
Claims (7)
1. an encrypted U disk, comprises NAND FLASH storer, usb protocol chip and master controller; Described NAND FLASH storer is connected with described master controller, and described usb protocol chip is connected with master controller; It is characterized in that: described master controller is master control FPGA, described master control FPGA inside is provided with for the NIOS II processor as control core; Described encrypted U disk also comprises that at least a slice is encrypted FPGA, EPCS chip, SDRAM; Described encryption FPGA is connected with described master control FPGA; Described EPCS chip is connected with described master control FPGA; Described SDRAM is connected with described master control FPGA; Described encrypted U disk also comprises fingerprint chip, and described fingerprint chip is connected with described master control FPGA.
2. encrypted U disk according to claim 1, is characterized in that described encrypted U disk also comprises FRAM, and described FRAM is connected with described master control FPGA.
3. encrypted U disk according to claim 1, is characterized in that described master control FPGA inside is provided with Error Correction of Coding module, and described Error Correction of Coding module is connected with described NIOS II processor, and described Error Correction of Coding module is connected with described encryption FPGA.
4. encrypted U disk according to claim 1, is characterized in that described encrypted U disk also comprises SPI NORFLASH storer, and described SPI NOR FLASH storer is connected with described master control FPGA.
5. encrypted U disk according to claim 1, is characterized in that described encrypted U disk also comprises wireless module, and described wireless module is connected with described master control FPGA.
6. encrypted U disk according to claim 5, is characterized in that described encrypted U disk also comprises alarm, and described alarm intercoms by wireless mode mutually with described wireless module.
7. encrypted U disk according to claim 1, is characterized in that described encrypted U disk is portable encryption USB flash disk.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201320627148.9U CN203631135U (en) | 2013-10-11 | 2013-10-11 | Encrypted universal serial bus (USB) flash disk |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201320627148.9U CN203631135U (en) | 2013-10-11 | 2013-10-11 | Encrypted universal serial bus (USB) flash disk |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN203631135U true CN203631135U (en) | 2014-06-04 |
Family
ID=50817592
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201320627148.9U Expired - Lifetime CN203631135U (en) | 2013-10-11 | 2013-10-11 | Encrypted universal serial bus (USB) flash disk |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN203631135U (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104360927A (en) * | 2014-12-11 | 2015-02-18 | 浪潮电子信息产业股份有限公司 | Method for acquiring monitoring information of computer system structure based on NUMA (Non Uniform Memory Access) |
| CN108985078A (en) * | 2018-04-28 | 2018-12-11 | 深圳市江波龙电子有限公司 | Store decryption method, device and the storage equipment, memory apparatus system of equipment |
-
2013
- 2013-10-11 CN CN201320627148.9U patent/CN203631135U/en not_active Expired - Lifetime
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104360927A (en) * | 2014-12-11 | 2015-02-18 | 浪潮电子信息产业股份有限公司 | Method for acquiring monitoring information of computer system structure based on NUMA (Non Uniform Memory Access) |
| CN104360927B (en) * | 2014-12-11 | 2017-05-10 | 浪潮电子信息产业股份有限公司 | Method for acquiring monitoring information of computer system structure based on NUMA (Non Uniform Memory Access) |
| CN108985078A (en) * | 2018-04-28 | 2018-12-11 | 深圳市江波龙电子有限公司 | Store decryption method, device and the storage equipment, memory apparatus system of equipment |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US8938624B2 (en) | Encryption key destruction for secure data erasure | |
| US10503934B2 (en) | Secure subsystem | |
| US8543742B2 (en) | Flash-memory device with RAID-type controller | |
| CN101266590B (en) | Method and system for dynamically switching equipment arrangement | |
| TWI447583B (en) | Data protecting method, memory controller and memory storage device | |
| US8954705B2 (en) | Memory space management method and memory controller and memory storage device and memory storage using the same | |
| US20110302358A1 (en) | Flash-Memory Device with RAID-type Controller | |
| US20120124380A1 (en) | Usb composite device and method therefor | |
| JP2021043708A (en) | Memory system | |
| CN103257938B (en) | Data guard method, Memory Controller and memorizer memory devices | |
| CN101877246A (en) | U disk encryption method | |
| TWI489272B (en) | Data protecting method, and memory controller and memory storage device using the same | |
| US11960756B2 (en) | Management of storage space in solid state drives to support proof of space activities | |
| CN203631135U (en) | Encrypted universal serial bus (USB) flash disk | |
| US11775188B2 (en) | Communications to reclaim storage space occupied by proof of space plots in solid state drives | |
| US11856058B2 (en) | Peer to peer transfer of proof of space plots to or from solid state drives | |
| KR102588600B1 (en) | Data Storage Device and Operation Method Thereof, Storage System Having the Same | |
| CN102789430B (en) | Memorizer memory devices, its Memory Controller and access method | |
| US10296467B2 (en) | Securing writes to memory modules having memory controllers | |
| CN105183660B (en) | Method for reading data, Memory Controller and storage device | |
| CN102004705A (en) | USB storage device based on hardware encryption | |
| CN1435761A (en) | Mobile data memory unit capable of implementing in-line and off-line encryption/decryption | |
| CN104573537A (en) | Data processing method, memory storage device and memory control circuit unit | |
| CN103377132A (en) | Memory space management method, memory controller and memory storage device | |
| CN103236122B (en) | The tax control validity check card of Based PC I Bus Interface Chip and CPLD chip |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CX01 | Expiry of patent term | ||
| CX01 | Expiry of patent term |
Granted publication date: 20140604 |