CN205545303U - Algorithm authentication module - Google Patents
Algorithm authentication module Download PDFInfo
- Publication number
- CN205545303U CN205545303U CN201620061800.9U CN201620061800U CN205545303U CN 205545303 U CN205545303 U CN 205545303U CN 201620061800 U CN201620061800 U CN 201620061800U CN 205545303 U CN205545303 U CN 205545303U
- Authority
- CN
- China
- Prior art keywords
- circuit
- information
- algorithm
- algorithm authentication
- authentication module
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Landscapes
- Storage Device Security (AREA)
Abstract
The utility model discloses an algorithm authentication module, include: the information that the front end circuit sent is received to the communication suppervision circuit, judges that whether received information encrypts, gives algorithm authentication circuit with black store -and -forward to receiving the information of algorithm authentication circuit deciphering, issuing the rear end circuit, not black information is directly forwardded for the rear end circuit, the information that the communication suppervision circuit was forwardded is received to algorithm authentication circuit, and the message routing after decrypting received information and connecing the deciphering gives the communication suppervision circuit, crystal oscillator circuit provides pulse signal for communication suppervision circuit and algorithm control circuit. The utility model discloses use the setting of modular method, the circuit transplantability is strong, can use in different circuit and need not to change without restraint the primary circuit, utilize communication control circuit to judge that the received instruction for still ciphertext instruction of original code instruction, realizes the original code, ciphertext hardware transmission altogether, and circuit structure is simple, the circuit all can be accomplished by NULL, and the circuit realizes easily that just the circuit is with low costs.
Description
Technical field
The utility model relates to a kind of algorithm authentication module.
Background technology
Development along with information technology, online transaction and network operation permeate the life of people the most day by day, but network operation becomes leakage people's privacy and the hidden danger of financial information due to the shortcoming that information is easily intercepted, to this, there has been proposed and use the aspect of ciphertext transmission to solve.With certain special algorithm, plain-text instructions originally is changed original information data be i.e. encrypted so that even if undelegated user obtains the information encrypted, but because of the method not knowing deciphering, still cannot understand information, it is ensured that user information safety.
The most conventional information ciphering method i.e. arranges encryption part at transmission information end, and arranges decryption portion (also referred to as algorithm authentication section) receiving information end, but this set method but exists some problems.Topmost, it is generally not use modular method to set up in hardware setting, hardware portability is poor;Secondly it is then, decryption portion carries out merely algorithm certification and does not judge whether the instruction received is ciphertext instruction the instruction received, even if receiving plain-text instructions be also decrypted work, instruction misinformation may be caused, make the circuit that decryption portion is set must be with ciphertext communication, cannot realize in plain text, ciphertext hardware transport altogether;Last then be, existing decryption portion (also referred to as algorithm authentication section) arranges the most complicated, and circuit structure is huge, it is achieved difficulty is big and cost is high.
Utility model content
The utility model aims to provide a kind of portable high, can realize in plain text, and ciphertext hardware transport altogether, circuit structure is simple, the algorithm authentication module of low cost.
A kind of algorithm authentication module described in the utility model, including:
Telecommunication management circuit, the information that receiving front-end circuit sends, it is judged that whether the information received encrypts, the information of encryption is transmitted to algorithm authentication circuit, and the information of receiving algorithm authentication circuit deciphering, issue back-end circuit, unencrypted information is directly forwarded to back-end circuit;
Algorithm authentication circuit, receives the information that telecommunication management circuit forwards, and the information after deciphering the information received and connecing deciphering is sent to telecommunication management circuit;
Crystal oscillating circuit, provides pulse signal for telecommunication management circuit and algorithm control circuit.
A kind of algorithm authentication module described in the utility model, use modular method to arrange, be usable on any available circuit, it is only necessary to before the back-end circuit receiving instruction, add this algorithm authentication module, circuit transplantability is strong, is usable in different circuit and without without restraint changing primary circuit.Additionally, this module includes communication control circuit, the instruction utilizing communication control circuit to judge to receive instructs as plain-text instructions or ciphertext, ciphertext instruction is only decrypted by this module, plain-text instructions is forwarded directly to back-end circuit, there is not the misinformation to plain-text instructions, be that plain-text instructions is separately provided hardware corridor without avoiding algorithm authentication module, realize in plain text, ciphertext hardware transport altogether.Additionally, this module only has telecommunication management circuit, algorithm authentication circuit and crystal oscillating circuit composition, circuit structure is simple, and described circuit all can complete with integrated chip, and circuit easily realizes and circuit cost is low.
Accompanying drawing explanation
Fig. 1 is the circuit structure block diagram of a kind of algorithm authentication module.
Fig. 2 is the circuit diagram of a kind of algorithm authentication module.
Detailed description of the invention
As it is shown in figure 1, a kind of algorithm authentication module, including: telecommunication management circuit, the information that receiving front-end circuit sends, it is judged that whether the information received encrypts, and the information of encryption is transmitted to algorithm authentication circuit, and the information of receiving algorithm authentication circuit deciphering, issue back-end circuit;Unencrypted information is directly forwarded to back-end circuit;Algorithm authentication circuit, receives the information that telecommunication management circuit forwards, and the information after deciphering the information received and connecing deciphering is sent to telecommunication management circuit;Crystal oscillating circuit, provides pulse signal for telecommunication management circuit and algorithm control circuit.
A kind of algorithm authentication module described in the utility model, its telecommunication management circuit includes, processor, the information that receiving front-end circuit sends, and forwarding needs to be sent to back-end circuit or the information of algorithm authentication circuit;Arithmetic unit, it is judged that whether the information received encrypts;Memory, the information that temporary that receive and needs forward.Algorithm authentication circuit includes, real random number generator, produces the true random number used as key;Cryptographic algorithm device, is decrypted the information received;Memory, the required key used of storage decryption information;Processor, receives cipher-text information that telecommunication management circuit sends and the information received is transmitted to cryptographic algorithm device is decrypted, receive the information after the deciphering of cryptographic algorithm device and the cleartext information being i.e. subject to is transmitted to telecommunication management circuit.
The operation principle of this module is, the information received also is issued the arithmetic unit of telecommunication management circuit and is judged by information that the processor receiving front-end circuit of telecommunication management circuit sends, if this information is cleartext information, then this information is forwarded directly to back-end circuit by the processor of telecommunication management circuit;If this information is cipher-text information, then the processor of telecommunication management circuit forwards this information to algorithm authentication circuit, the processor of algorithm authentication circuit receives this information and forwards it to cryptographic algorithm device, its true random number used as key utilizing that real random number generator produces of cryptographic algorithm is decrypted, and the information after deciphering is sent the processor to method authentication circuit, information after the deciphering that the processor of method authentication circuit will receive is sent to the processor of telecommunication management circuit, and by the processor of telecommunication management circuit, the information after deciphering is sent to back-end circuit.In this module, the cryptographic algorithm device of algorithm authentication circuit can realize SM2/SM3/SM4 cryptographic algorithm to meet the application under different situations.Additionally, telecommunication management circuit and algorithm authentication circuit in this module all can realize with highly integrated chip, telecommunication management circuit is microprocessor, and algorithm authentication circuit is safety chip.
As shown in Figure 2, telecommunication management chip can use the STM32F205 chip with Multi-channel Communication Port and powerful data throughput capabilities to realize the highly effective reaction of system, safety chip then can use built-in PKI, packet and hash close method algorithm accelerating engine, and the SSX1111 chip of physical noise real random number generator.Receive ciphertext instruction time, telecommunication management chip by ciphertext instruction be transmitted to safety chip deciphering, and accept deciphering after plain-text instructions be transmitted to back-end circuit, the information that protects directly is not obtained.Additionally; for protecting information security further; also before key confirmation link, first the instruction received can be carried out signature authentication by safety chip; instructed by the ciphertext of signature authentication and carrying out key confirmation; thus; even if lawless person obtains encryption method that the utility model used and utilizes this kind of encryption method to be encrypted with the key confirmation by algorithm authentication circuit to the control instruction after distorting; but this kind of illegal instruction will be intercepted during signature authentication, really ensure that the transmission safety of command information.Further, owing to the utility model achieves in plain text, ciphertext hardware transport altogether, without being separately provided hardware corridor for plain-text instructions, it is also possible to be only encrypted sensitive information, non-sensibility information sends with plaintext version, reduce module amount of calculation, improve module response speed.
As shown in Figure 2, in order to ensure that this algorithm authentication module preferably can communicate with front-end circuit and back-end circuit, between telecommunication management circuit and front-end circuit and between telecommunication management circuit and back-end circuit, serial communication circuit can be set, realizing the serial communication of telecommunication management circuit and front/rear terminal circuit, the serial communication circuit at this can use serial port chip to realize.In addition, in order to ensure the steady operation of algorithm authentication module, improve the portability of algorithm authentication module, power supply stabilization circuit can be set in algorithm authentication module, this circuit ensure that the stable power-supplying of module, it is to avoid the voltage instability impact to module, and, the input of other DC voltages also can be converted to operating voltage needed for this module by this power supply stabilization circuit, improves the portability of this algorithm authentication module.Simultaneously, this kind of algorithm authentication module can also be applied in ATM, it is arranged between ATM main control unit and banknote processing unit, receive the ciphertext instruction that ATM main control unit sends, the ciphertext instruction using double secret key to be received is decrypted and signature verification, the plain-text instructions by checking obtained after deciphering is transmitted to banknote processing unit, it is ensured that information transmission security, it is to avoid lawless person illegally intercepts and captures or distorts control information and brings loss to bank and bank client.
Claims (9)
1. an algorithm authentication module, it is characterised in that including:
Telecommunication management circuit, the information that receiving front-end circuit sends, it is judged that whether the information received encrypts, the information of encryption is transmitted to algorithm authentication circuit, and the information of receiving algorithm authentication circuit deciphering, issue back-end circuit, unencrypted information is directly forwarded to back-end circuit;
Algorithm authentication circuit, receives the information that telecommunication management circuit forwards, and the information after deciphering the information received and connecing deciphering is sent to telecommunication management circuit;
Crystal oscillating circuit, provides pulse signal for telecommunication management circuit and algorithm control circuit.
A kind of algorithm authentication module the most according to claim 1, it is characterised in that: described telecommunication management circuit includes,
Processor, the information that receiving front-end circuit sends, and forwarding need to be sent to back-end circuit or the information of algorithm authentication circuit;
Arithmetic unit, it is judged that whether the information received encrypts;
Memory, the information that temporary that receive and needs forward.
A kind of algorithm authentication module the most according to claim 1, it is characterised in that: described telecommunication management circuit is microprocessor.
A kind of algorithm authentication module the most according to claim 1, it is characterised in that: described algorithm authentication circuit includes,
Real random number generator, produces the true random number used as key;
Cryptographic algorithm device, is decrypted the information received;
Memory, the required key used of storage decryption information;
Processor, receives cipher-text information that telecommunication management circuit sends and the information received is transmitted to cryptographic algorithm device is decrypted, receive the information after the deciphering of cryptographic algorithm device and the cleartext information being i.e. subject to is transmitted to telecommunication management circuit.
A kind of algorithm authentication module the most according to claim 4, it is characterised in that: described cryptographic algorithm device can realize SM2/SM3/SM4 cryptographic algorithm.
A kind of algorithm authentication module the most according to claim 1, it is characterised in that: described algorithm authentication circuit is safety chip.
A kind of algorithm authentication module the most according to claim 1, it is characterised in that: described algorithm authentication module also includes serial communication circuit, it is achieved the serial communication between algorithm authentication module and front-end and back-end circuit module.
A kind of algorithm authentication module the most according to claim 7, it is characterised in that: described serial communication circuit is serial port chip.
A kind of algorithm authentication module the most according to claim 1, it is characterised in that: described algorithm authentication module also includes power supply stabilization circuit.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201620061800.9U CN205545303U (en) | 2016-01-22 | 2016-01-22 | Algorithm authentication module |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201620061800.9U CN205545303U (en) | 2016-01-22 | 2016-01-22 | Algorithm authentication module |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN205545303U true CN205545303U (en) | 2016-08-31 |
Family
ID=56767530
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201620061800.9U Expired - Fee Related CN205545303U (en) | 2016-01-22 | 2016-01-22 | Algorithm authentication module |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN205545303U (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105515782A (en) * | 2016-01-22 | 2016-04-20 | 广州御银科技股份有限公司 | Algorithm certification module |
-
2016
- 2016-01-22 CN CN201620061800.9U patent/CN205545303U/en not_active Expired - Fee Related
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105515782A (en) * | 2016-01-22 | 2016-04-20 | 广州御银科技股份有限公司 | Algorithm certification module |
| CN105515782B (en) * | 2016-01-22 | 2019-11-01 | 广州御银科技股份有限公司 | A kind of algorithm authentication module |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| KR101725847B1 (en) | Master key encryption functions for transmitter-receiver pairing as a countermeasure to thwart key recovery attacks | |
| CN100517354C (en) | Computer implemented method for securely acquiring a binding key and securely binding system | |
| USH2270H1 (en) | Open protocol for authentication and key establishment with privacy | |
| US10680816B2 (en) | Method and system for improving the data security during a communication process | |
| CN103281193B (en) | Identity authentication method and system and data transmission method and device based on identity authentication system | |
| CN104639516A (en) | Method, equipment and system for authenticating identities | |
| CN102333093A (en) | Data encryption transmission method and system | |
| CN102664898A (en) | Fingerprint identification-based encrypted transmission method, fingerprint identification-based encrypted transmission device and fingerprint identification-based encrypted transmission system | |
| CN102073821B (en) | XEN platform-based virtual safety communication tunnel establishing method | |
| CN109309566B (en) | Authentication method, device, system, equipment and storage medium | |
| CN103051459B (en) | The management method of the transaction key of safety card and device | |
| US20110202772A1 (en) | Networked computer identity encryption and verification | |
| CN105513222B (en) | A kind of note output system and method based on national secret algorithm | |
| Thomas et al. | An encryption protocol for end-to-end secure transmission of SMS | |
| CN103401834A (en) | File security method in limited area based on position information | |
| US20020021804A1 (en) | System and method for data encryption | |
| CN101706854A (en) | USB information security equipment and method for communication between USB information security equipment and mainframe | |
| CN101145230A (en) | Enciphered sign board and composite encryption signing method | |
| WO2020115266A1 (en) | Methods and devices for secured identity-based encryption systems with two trusted centers | |
| CN205545303U (en) | Algorithm authentication module | |
| CN109726584B (en) | Cloud database key management system | |
| JP3967252B2 (en) | Cryptographic communication system and cryptographic communication apparatus | |
| CN101437228B (en) | Method, apparatus and system for implementing wireless business based on smart card | |
| CN105515782B (en) | A kind of algorithm authentication module | |
| US11757856B2 (en) | Cryptographic communication system, cryptographic communication method, and cryptographic communication apparatus |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20160831 Termination date: 20220122 |