CN208539929U - A kind of cloud platform client data encrypting and deciphering system based on national secret algorithm - Google Patents
A kind of cloud platform client data encrypting and deciphering system based on national secret algorithm Download PDFInfo
- Publication number
- CN208539929U CN208539929U CN201820912501.0U CN201820912501U CN208539929U CN 208539929 U CN208539929 U CN 208539929U CN 201820912501 U CN201820912501 U CN 201820912501U CN 208539929 U CN208539929 U CN 208539929U
- Authority
- CN
- China
- Prior art keywords
- cloud platform
- hardware
- equipment
- deciphering
- platform client
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Landscapes
- Small-Scale Networks (AREA)
Abstract
The utility model discloses a kind of cloud platform client data encrypting and deciphering system based on national secret algorithm, which includes: hardware enciphering and deciphering equipment, cloud platform client device, WIFI communication equipment, cloud platform server.Hardware enciphering and deciphering equipment includes: random number generator module, physics unclonable function (PUF) hardware accelerator, national secret algorithm SM4 hardware accelerator;Cloud platform client device: internet of things equipment, car networking equipment, intelligent wearable device, smart home device.The physics unclonable function of this system generates the unique ID of hardware, and in this, as the key of SM4 encryption and decryption cloud platform client device data.By the utility model cloud platform client device is protected with hardware security, promote the security performance of the data of cloud platform client device, and bus communication unit of arranging in pairs or groups in the present system, it is ensured that the data-handling capacity of system.
Description
Technical field
The utility model relates to field of communication security, more particularly, to a kind of cloud platform client based on national secret algorithm
End data encrypting and deciphering system.
Background technique
Currently, cloud platform industry obtains extensive development, the cloud platform of mainstream has Baidu's cloud, A Liyun, rises at present
Interrogate cloud, grand cloud etc..Simultaneously, the use of internet of things equipment, car networking equipment, intelligent wearable device and smart home device
Amount measures quick growth.In this context, many equipment start to access cloud platform, are connected not by cloud platform
Data are collected and exchanged to same equipment simultaneously, and the cloud storage and remote transmission of data can also be completed by cloud platform.
While cloud platform provides convenient to numerous equipment, there is also Partial security hidden danger.In networked devices to cloud
When Platform Server sends data, it may be trapped in transmission channel, and then data is caused to be stolen;If simultaneously by clear data
After being transmitted to cloud platform, while the physical management power of data cloud platform server admin side is transferred to directly also, has been stored in
The private data of cloud platform server can be used by cloud platform manager, and returned data and brought huge safety
With privacy leakage risk.
Physics unclonable function (PUF) refers to after one excitation of a physical entity input, utilizes inevitable
Inherent physical characteristic random difference export a unpredictable response a function.Based on the main of moderator PUF
Principle is two symmetrical delayed digital signal paths of realization on chip, and the delay in control selections path is motivated by one.
Introducing judgment condition is to be transmitted by two pulses while on both paths, and which road compared by arbiter circuit
Diameter faster reaches and generates corresponding output.Fig. 1 is the circuit structure schematic diagram of moderator PUF.
National secret algorithm SM4 is the grouping symmetric cryptographic algorithm of China's autonomous Design, is transported for realizing the enciphering/deciphering of data
It calculates, to guarantee the confidentiality of data and information.The primary condition for guaranteeing the safety of a symmetric cryptographic algorithm is that it has
Enough key lengths are the higher cryptographic algorithms of current safety.
Summary of the invention
The purpose of this utility model is to solve said one or multiple defects, designs a kind of cloud platform based on national secret algorithm
Client data encrypting and deciphering system.
To realize the above goal of the invention, the technical solution adopted is that:
A kind of cloud platform client data encrypting and deciphering system based on national secret algorithm, including hardware enciphering and deciphering equipment, Yun Ping
Platform client device, WIFI communication equipment and cloud platform server;Wherein the cloud platform client device and hardware enciphering and deciphering
Equipment carries out data transmission, and hardware enciphering and deciphering equipment carries out data transmission with WIFI communication equipment, and WIFI communication equipment and cloud are flat
Platform server carries out data transmission;
The hardware enciphering and deciphering equipment includes that random number generator module, physics unclonable function (PUF) are hardware-accelerated
Module, national secret algorithm SM4 hardware accelerator and MCU module;Wherein the output end of random number generation module and physics can not gram
The input terminal of grand function (PUF) hardware accelerator is electrically connected.The output of physics unclonable function (PUF) hardware accelerator
End be electrically connected with the input terminal of national secret algorithm SM4 hardware accelerator, MCU module respectively with random number generator module, physics
Unclonable function (PUF) hardware accelerator, national secret algorithm SM4 hardware accelerator carry out data transmission.The object of this system
It manages unclonable function and generates the unique ID of hardware, and in this, as the key of SM4 encryption and decryption cloud platform client device data.Institute
National secret algorithm SM4 hardware accelerator is stated, for realizing the enciphering/deciphering operation of cloud platform client device data, to guarantee number
According to the confidentiality with information.
Preferably, the hardware enciphering and deciphering equipment further includes several piece external equipments, and described external equipment includes UART
Serial Peripheral Interface (SPI), I/O interface, jtag interface, timer module, PLL phase-locked loop module.
Preferably, the hardware enciphering and deciphering equipment framework be the micro- 10,000,000 gate leve FPGA of MCU+ in middle day, the MCU module with
Physics unclonable function (PUF) hardware accelerator, national secret algorithm SM4 hardware accelerator are all made of AXI bus and are connected
It connects.
Preferably, physics unclonable function (PUF) hardware accelerator is by delay path and delay path tail
The moderator in portion is constituted.Physics unclonable function (PUF) hardware accelerator, for generating the unique ID of hardware device,
And in this, as the enciphering/deciphering key of national secret algorithm SM4 hardware accelerator.
Preferably, the cloud platform client device include internet of things equipment, car networking equipment, intelligent wearable device,
One of smart home device is a variety of.
Compared with prior art, the beneficial effects of the present invention are:
The utility model can protect the safety of cloud platform client device data, protect the data-privacy of user.
Detailed description of the invention
Fig. 1 is the circuit structure schematic diagram of the moderator PUF of the utility model;
Fig. 2 is the structure diagram of the utility model.
Specific embodiment
The attached figures are only used for illustrative purposes and cannot be understood as limitating the patent;
Below in conjunction with drawings and examples, the present invention is further elaborated.
Embodiment 1
A kind of cloud platform client data encrypting and deciphering system based on national secret algorithm, including hardware enciphering and deciphering equipment, Yun Ping
Platform client device, WIFI communication equipment and cloud platform server;Wherein the cloud platform client device and hardware enciphering and deciphering
Equipment carries out data transmission, and hardware enciphering and deciphering equipment carries out data transmission with WIFI communication equipment, and WIFI communication equipment and cloud are flat
Platform server carries out data transmission;
The hardware enciphering and deciphering equipment includes that random number generator module, physics unclonable function (PUF) are hardware-accelerated
Module, national secret algorithm SM4 hardware accelerator and MCU module;Wherein the output end of random number generation module and physics can not gram
The input terminal of grand function (PUF) hardware accelerator is electrically connected.The output of physics unclonable function (PUF) hardware accelerator
End be electrically connected with the input terminal of national secret algorithm SM4 hardware accelerator, MCU module respectively with random number generator module, physics
Unclonable function (PUF) hardware accelerator, national secret algorithm SM4 hardware accelerator carry out data transmission.The object of this system
It manages unclonable function and generates the unique ID of hardware, and in this, as the key of SM4 encryption and decryption cloud platform client device data.Institute
National secret algorithm SM4 hardware accelerator is stated, for realizing the enciphering/deciphering operation of cloud platform client device data, to guarantee number
According to the confidentiality with information.
In the present embodiment, the hardware enciphering and deciphering equipment further includes several piece external equipments, and described external equipment includes
UART Serial Peripheral Interface (SPI), I/O interface, jtag interface, timer module, PLL phase-locked loop module.
In the present embodiment, the hardware enciphering and deciphering equipment framework is the micro- 10,000,000 gate leve FPGA of MCU+ in middle day, the MCU module
AXI bus is all made of with physics unclonable function (PUF) hardware accelerator, national secret algorithm SM4 hardware accelerator to carry out
Connection.
In the present embodiment, physics unclonable function (PUF) hardware accelerator is by delay path and delay path
The moderator of tail portion is constituted.Physics unclonable function (PUF) hardware accelerator, it is unique for generating hardware device
ID, and in this, as the enciphering/deciphering key of national secret algorithm SM4 hardware accelerator.
In the present embodiment, the cloud platform client device includes internet of things equipment, car networking equipment, intelligently wearing is set
One of standby, smart home device is a variety of.
Referring to FIG. 2, the hardware technology scheme that the cloud platform client data of the encrypting and deciphering system encrypts are as follows: in system
After electricity, hardware enciphering and deciphering equipment automatic running, hardware enciphering and deciphering equipment includes: that random number generator module, physics are unclonable
Function (PUF) hardware accelerator, national secret algorithm SM4 hardware accelerator.After the operation of hardware enciphering and deciphering equipment, generating random number
Device module generates a random number and as the Work Incentive of PUF hardware accelerator, subsequent PUF hardware accelerator into
Row operation simultaneously generates the unique ID of hardware, and carries out the unique ID of the hardware as the key of national secret algorithm SM4 hardware accelerator
SM4 operation.After the completion of hardware enciphering and deciphering equipment operation, it is hardware-accelerated that the data of cloud platform client device are input to SM4
Module carries out data encryption, and ciphertext is based on TCL/IP agreement by WIFI communication module after the completion of pending data encryption and is transferred to cloud
Platform Server.
Referring to FIG. 2, the hardware technology scheme that the cloud platform client data of the encrypting and deciphering system is decrypted are as follows: when needs are looked into
It sees in the data of cloud platform server storage, it is necessary first to be based on TCL/IP agreement from cloud platform from by WIFI communication module
Server downloads the data ciphertext of cloud storage.Then random number is extracted from ciphertext, and is input to the random number as excitation
The corresponding key of ciphertext can be obtained in physics unclonable function (PUF) hardware accelerator after the completion of PUF operation.Subsequent state
Close algorithm SM4 hardware accelerator extracts corresponding ciphertext and operation is decrypted, and can be obtained in plain text simultaneously after the completion of decryption operation
Reduction is in cloud platform client device.
Obviously, the above embodiments of the present invention is only to clearly illustrate example of the present invention, and not to be
It is the restriction to embodiments of the present invention.For those of ordinary skill in the art, on the basis of the above description
It can also make other variations or changes in different ways.There is no necessity and possibility to exhaust all the enbodiments.It is all
Made any modifications, equivalent replacements, and improvements etc. within the spirit and principles in the present invention should be included in right of the present invention
It is required that protection scope within.
Claims (5)
1. a kind of cloud platform client data encrypting and deciphering system based on national secret algorithm, which is characterized in that including hardware enciphering and deciphering
Equipment, cloud platform client device, WIFI communication equipment and cloud platform server;The wherein cloud platform client device and hard
Part encryption and decryption equipment carries out data transmission, and hardware enciphering and deciphering equipment carries out data transmission with WIFI communication equipment, and WIFI communication is set
It is standby to carry out data transmission with cloud platform server;
The hardware enciphering and deciphering equipment include random number generator module, physics unclonable function (PUF) hardware accelerator,
National secret algorithm SM4 hardware accelerator and MCU module;The wherein output end of random number generation module and physics unclonable function
(PUF) the input terminal electrical connection of hardware accelerator;The output end of physics unclonable function (PUF) hardware accelerator and state
The input terminal of close algorithm SM4 hardware accelerator is electrically connected, MCU module respectively with random number generator module, physics can not gram
Grand function (PUF) hardware accelerator, national secret algorithm SM4 hardware accelerator carry out data transmission.
2. a kind of cloud platform client data encrypting and deciphering system based on national secret algorithm according to claim 1, feature
Be, the hardware enciphering and deciphering equipment further includes several piece external equipments, described external equipment include UART Serial Peripheral Interface (SPI),
I/O interface, jtag interface, timer module, PLL phase-locked loop module.
3. a kind of cloud platform client data encrypting and deciphering system based on national secret algorithm according to claim 1, feature
It is, the hardware enciphering and deciphering equipment framework is the micro- 10,000,000 gate leve FPGA of MCU+ in middle day, and the MCU module and physics are unclonable
Function (PUF) hardware accelerator, national secret algorithm SM4 hardware accelerator are all made of AXI bus and are attached.
4. a kind of cloud platform client data encrypting and deciphering system based on national secret algorithm according to claim 1, feature
Be, physics unclonable function (PUF) hardware accelerator by delay path and delay path tail portion moderator structure
At.
5. a kind of cloud platform client data encrypting and deciphering system based on national secret algorithm according to claim 1, feature
It is, the cloud platform client device includes internet of things equipment, car networking equipment, intelligent wearable device, smart home device
One of or it is a variety of.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201820912501.0U CN208539929U (en) | 2018-06-12 | 2018-06-12 | A kind of cloud platform client data encrypting and deciphering system based on national secret algorithm |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201820912501.0U CN208539929U (en) | 2018-06-12 | 2018-06-12 | A kind of cloud platform client data encrypting and deciphering system based on national secret algorithm |
Publications (1)
Publication Number | Publication Date |
---|---|
CN208539929U true CN208539929U (en) | 2019-02-22 |
Family
ID=65391492
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201820912501.0U Active CN208539929U (en) | 2018-06-12 | 2018-06-12 | A kind of cloud platform client data encrypting and deciphering system based on national secret algorithm |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN208539929U (en) |
Cited By (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109714307A (en) * | 2018-06-12 | 2019-05-03 | 广东工业大学 | A kind of cloud platform client data encrypting and deciphering system and method based on national secret algorithm |
CN110135187A (en) * | 2019-04-16 | 2019-08-16 | 广东工业大学 | A kind of file encryption-decryption system and encipher-decipher method based on PUF |
CN110134369A (en) * | 2019-04-15 | 2019-08-16 | 深圳市纽创信安科技开发有限公司 | Randomizer, random number generation method and chip |
CN112187447A (en) * | 2020-10-22 | 2021-01-05 | 南方电网科学研究院有限责任公司 | Encryption and decryption algorithm key generation method and device |
CN112688945A (en) * | 2020-12-24 | 2021-04-20 | 联通物联网有限责任公司 | Transmission method and transmission system for terminal data of Internet of things |
CN114143413A (en) * | 2021-11-26 | 2022-03-04 | 佛山芯珠微电子有限公司 | Image data PUF (physical unclonable function) security encryption system and encryption method |
CN114584297A (en) * | 2022-03-01 | 2022-06-03 | 广东工业大学 | Encryption and decryption system and encryption and decryption method based on physical unclonable technology |
-
2018
- 2018-06-12 CN CN201820912501.0U patent/CN208539929U/en active Active
Cited By (11)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109714307A (en) * | 2018-06-12 | 2019-05-03 | 广东工业大学 | A kind of cloud platform client data encrypting and deciphering system and method based on national secret algorithm |
CN109714307B (en) * | 2018-06-12 | 2024-04-12 | 广东工业大学 | Cloud platform client data encryption and decryption system and method based on cryptographic algorithm |
CN110134369A (en) * | 2019-04-15 | 2019-08-16 | 深圳市纽创信安科技开发有限公司 | Randomizer, random number generation method and chip |
CN110134369B (en) * | 2019-04-15 | 2023-05-30 | 深圳市纽创信安科技开发有限公司 | Random number generator, random number generation method and chip |
CN110135187A (en) * | 2019-04-16 | 2019-08-16 | 广东工业大学 | A kind of file encryption-decryption system and encipher-decipher method based on PUF |
CN112187447A (en) * | 2020-10-22 | 2021-01-05 | 南方电网科学研究院有限责任公司 | Encryption and decryption algorithm key generation method and device |
CN112688945A (en) * | 2020-12-24 | 2021-04-20 | 联通物联网有限责任公司 | Transmission method and transmission system for terminal data of Internet of things |
CN114143413A (en) * | 2021-11-26 | 2022-03-04 | 佛山芯珠微电子有限公司 | Image data PUF (physical unclonable function) security encryption system and encryption method |
CN114143413B (en) * | 2021-11-26 | 2023-11-03 | 佛山芯珠微电子有限公司 | Image data PUF (physical unclonable function) secure encryption system and encryption method |
CN114584297A (en) * | 2022-03-01 | 2022-06-03 | 广东工业大学 | Encryption and decryption system and encryption and decryption method based on physical unclonable technology |
CN114584297B (en) * | 2022-03-01 | 2024-02-27 | 广东工业大学 | Encryption and decryption system and encryption and decryption method based on physical unclonable technology |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN208539929U (en) | A kind of cloud platform client data encrypting and deciphering system based on national secret algorithm | |
Li et al. | Lightweight quantum encryption for secure transmission of power data in smart grid | |
CN109714307A (en) | A kind of cloud platform client data encrypting and deciphering system and method based on national secret algorithm | |
CN109787761A (en) | A kind of equipment certification and key distribution system and method based on physics unclonable function | |
CN103905469A (en) | Security control system and method applied to smart grid wireless sensing network and cloud computing | |
CN103051450A (en) | System and method applicable to electric power information collection system for distributing safety tasks | |
CN111770060A (en) | Data transmission method for power internet of things and power internet of things | |
CN110224816A (en) | Anti- quantum calculation application system and short distance energy-saving communication method and computer equipment based on key card and sequence number | |
CN103023646A (en) | Signcryption method capable of gathering signcryption texts | |
CN108964898A (en) | It is a kind of that electricity consumption cryptographic communication system and method are matched based on Quantum Secure Communication | |
CN104378208A (en) | Split prepayment meter achieving safe data transmission through mixed encryption algorithm | |
Yin et al. | Two-step efficient quantum dialogue with three-particle entangled W state | |
Vijayanand et al. | Bit masking based secure data aggregation technique for Advanced Metering Infrastructure in Smart Grid system | |
CN110430047A (en) | Anti- quantum calculation energy-saving equipment cryptographic key negotiation method and system based on unsymmetrical key and MQV | |
Lu et al. | PPPA: A practical privacy-preserving aggregation scheme for smart grid communications | |
CN110519214A (en) | Application system short distance energy-saving communication method, system, equipment based on online static signature and auxiliary verifying signature | |
Zhao et al. | A lightweight secure access protocol for collecting terminals in power internet of things based on symmetric cryptographic algorithm | |
CN113037470A (en) | Quantum encryption data transmission system based on cloud and cluster servers | |
CN110048920A (en) | Anti- quantum calculation wired home short distance energy-saving communication method and system based on key card | |
Chen et al. | Research and Application of Communication Security in Security and Stability Control System of Power Grid | |
Huang et al. | Blockchain-based Data Security Management Mechanism for Power Terminals | |
CN204652399U (en) | Based on the communication relay server safety means of quantum true random number | |
CN103716148A (en) | Signcryption method having key isolation property | |
CN203537409U (en) | Encryption chip | |
CN202353573U (en) | Safety management system for safety chip new key |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
GR01 | Patent grant | ||
GR01 | Patent grant |