CN209570939U - A kind of quantum cryptography USBkey - Google Patents
A kind of quantum cryptography USBkey Download PDFInfo
- Publication number
- CN209570939U CN209570939U CN201920253795.5U CN201920253795U CN209570939U CN 209570939 U CN209570939 U CN 209570939U CN 201920253795 U CN201920253795 U CN 201920253795U CN 209570939 U CN209570939 U CN 209570939U
- Authority
- CN
- China
- Prior art keywords
- module
- cpu
- memory
- quantum
- usbkey
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Landscapes
- Storage Device Security (AREA)
Abstract
The utility model discloses a kind of quantum cryptography USBkey, USB shell including having usb interface controller, CPU is set in the USB shell, crypto chip module and memory module, the CPU, crypto chip module and memory module are all connected to the first data/address bus, first data/address bus is connected on the second data/address bus and control bus by IP interface, the usb interface controller is connected to CPU by crypto chip module, pass through the external quantum key generating device of usb interface controller, the CPU is for calling crypto chip module to receive quantum key, and quantum key is stored into memory module.The utility model is that quantum secret communication is provided hardware support in the wireless application of electric system, and the wireless communication of USBkey device illustrates good suitability, and application prospect is preferable.
Description
Technical field
The utility model discloses a kind of quantum cryptography USBkey, are related to field of quantum secure communication.
Background technique
Current Guo Wang company mainly uses optical fiber private network and national commercial cipher algorithm to realize that the safety of sensitive information passes
Defeated, the prior art does not have crack ability still, and information transmission overall security can obtain effective guarantee.But with attack technology
Development, had already appeared the lossless eavesdropping and spoof attack means for optical cable.Meanwhile traditional encryption system, either
Symmetric key technique or public-key technology, the safety of ciphertext place one's entire reliance upon the secret and computational complexity of key.It is close
Key must be made of sufficiently long random binary string, once key is set up, just by ciphertext made of key coding
It can be transmitted on overt channel.With the enhancing of mankind's computing capability and the breakthrough of key cracking trajectory, especially
If following quantum calculation technology is mature, asymmetric SM2 Encryption Algorithm cracks difficulty and time (index rank will be greatly reduced
Difference), attacker is possible to crack out the key of both sides' negotiation by eavesdropping cipher key agreement process, steals core information, tradition
Cryptosecurity system to crack risk growing day by day.Quantum key distribution guarantees communication peace independent of the complexity of calculating
Entirely, but it is based on fundamental principles of quantum mechanics, ensure that from principle and is necessarily found once there is eavesdropping.Quantum secure is logical
Letter is known to the mankind uniquely with the secure communication solution of long-term safety guarantee.In other words, once success is communicating
Both sides establish key, this group key be exactly it is safe, and this key with absolute randomness be from principle can not be by
It cracks.The safety of quantum cryptography system not will receive the threat of the continuous improvement of computing capability and mathematics standard, theoretically
The safe and secret communication that can not be decoded can be achieved, have become the development and application trend for ensureing data transmission security both at home and abroad.
And it is current, quantum secret communication is to dispose quantum key distribution system by fiber direct connection to realize based on quantum
The power business application of communication being theoretically perfectly safe.For the wireless quantum key distribution and management environment of non-fiber direct connection
The simulation of deployment and power business also need further to verify.To realize the distribution of quantum wireless key with management from channel to business
Comprehensive, three-dimensional display, push quantum wireless key distribution and administrative skill in the verification the verifying results of power business, compel to be essential
Research and device development are carried out to quantum key wireless dispatch technology.
Utility model content
The utility model provides a kind of quantum cryptography USBkey the defects of for above-mentioned background technique, by quantum plus
The utilization of close USBkey improves the flexibility of Quantum Secure Communication, saves a large amount of fiber resource, improves the network operation
Economy, reduce development cost.
To achieve the above object, the technical solution adopted in the utility model is as follows: a kind of quantum cryptography USBkey, including band
There is the USB shell of usb interface controller, CPU, crypto chip module and memory module are set in the USB shell, it is described
CPU, crypto chip module and memory module are all connected to the first data/address bus, and first data/address bus is connected by IP interface
It connects in the second data/address bus and control bus, the usb interface controller is connected to CPU by crypto chip module, passes through
The external quantum key generating device of usb interface controller, the CPU are used to that crypto chip module to be called to receive quantum key, and
Quantum key is stored into memory module.
Further, the crypto chip module is model SSX1717.
Further, the CPU is the ARM11 CPU based on Embedded RISC framework, and the host CPU includes independent
Memory protection unit and memory encryption unit.
Further, the memory module includes dma memory, EFLASH memory and Static RAM.
Further, the EFLASH memory module has 32 Programmable Embedded FLASH memories.
Further, the usb interface controller is USB2.0 interface.
It further, further include power module, the power module is used for crypto chip module, CPU and memory module
Power supply.
Further, connection universal serial line interface (UCI), Serial Peripheral Interface (SPI) module (SPI) in the control bus
With E-PORT interface module.
Further, INTC module, TRNG module, PIT module, WDT module and RSA are connected on second data/address bus
Module, the TRNG module are 32 real random number generators, and TRNG module is public and private key to generation for generating random number
Random number is provided with links such as session key agreements.
After quantum USBkey fills machine acquisition key K1 by quantum key, authentication is carried out using quantum key, so
Key agreement is carried out using key K1 and quantum safety service system afterwards, key K2 is obtained, finally by quantum SSL vpn gateway
Exit passageway is established, Intranet is accessed, accesses associated application servers using key K2, wherein key K1 and K2 are relative to quantum
USBkey and types of applications server are with uniformity.
The utility model has the advantages that avoiding the limitation of traditional quantum key distribution based on fiber optic communication, quantum key is expanded
Distribution technology enriches the networking plan of quantum secret communication, improves quantum key distribution in the scope of application of electric system
Flexibility and serious forgiveness, network construction cost is greatly saved, economic benefit is obvious.
Detailed description of the invention
The structural schematic diagram of Fig. 1 the utility model;
Fig. 2 the utility model logical schematic.
Specific embodiment
The implementation of technical solution is described in further detail with reference to the accompanying drawing.Following embodiment is only used for more clear
Illustrate to Chu the technical solution of the utility model, and cannot be used as a limitation the limitation protection scope of the utility model.
As shown in Figure 1, present embodiments providing: a kind of quantum cryptography USBkey, including having usb interface controller
USB shell, is arranged CPU, crypto chip module and memory module in the USB shell, the CPU, crypto chip module and
Memory module is all connected to the first data/address bus, and first data/address bus passes through IP interface (IP Interface) connection the
On two data/address bus and control bus, the usb interface controller is connected to CPU by crypto chip module, is connect by USB
The mouth external quantum key generating device of controller, the CPU will be measured for calling crypto chip module to receive quantum key
Sub-key is stored into memory module.
The crypto chip module is model SSX1717, and the crypto chip module is chip configuration module
(TEST&CCM): chip configuration module is used to control configuration and the operating mode of chip.It is mainly used for selecting chip operation mode
(master slave mode, Dan Duoxin tablet mode, EFLASH test pattern, real random number generator TRNG test pattern) selects boot to set
It is standby, and bus is configured;
The CPU is the ARM11 CPU based on Embedded RISC framework, and the host CPU includes independent memory
Protection location (MPU) and memory encryption unit (MEU);CPU is for information security using 32 RISC cores, including with RISC
Memory protection unit (the memory protection unit (MPU) being combined that core combines.MPU module is empty by memory
Between be divided into 2 fixations and 8 programmable memory areas, it is programmable by flexible, powerful access protected mode data
Memory areas is prevented by encryption/decryption mechanisms of the encryption address of flexible, powerful access protected mode data address to quick
The unauthorized access of sense data is that CPU is mentioned into advanced counteroffensive mechanism.
The memory module includes dma memory, EFLASH memory and Static RAM;
Dma memory is direct memory access, it allows the hardware device of friction speed directly to be linked up, without
Or reduce the participation of CPU to the greatest extent;
The space size of Static RAM (SR-AM) is 20KB, and address space is fixed, and supports 8,16,32
Read and write access;
The EFLASH memory module has 32 Programmable Embedded FLASH memories.
The usb interface controller is USB2.0 interface.
It further include power module, the power module is used for crypto chip module, the power supply of CPU and memory module;
Connection universal serial line interface (UCI), Serial Peripheral Interface (SPI) module (SPI) and E-PORT connect in the control bus
Mouth mold block.
INTC module, TRNG module, WDT module, PIT module and RSA module are connected on second data/address bus;
INTC module receives external interrupt requests in the system for having multiple interrupt sources, and is judged, chooses current
The interrupt requests of highest priority, then this request is sent to the end INTR of CPU;When CPU responds interruption and enters interruption subroutine
Treatment process after, INTC module is still responsible for management to external interrupt requests.Such as when some external interrupt request it is preferential
When grade is higher than the interrupt priority level being presently processing, INTC module can allow this to interrupt the end INTR by reaching CPU, thus
The nesting interrupted is realized, conversely, interruption lower to other ranks is then forbidden.
The TRNG module is 32 real random number generators, and TRNG module is public and private key pair for generating random number
It generates and the links such as session key agreement provides random number;
WDT module is force revert system in the case where program abnormal running;If program normal operation, one section is crossed
Time CPU should issue instruction and allow watchdog reset, restart to count down;If house dog reduces to 0 and is considered as program without just
Often work forces whole system to reset
PIT module provides accurately interrupt signal when normal interruption occurs in system, and the PIT module is arranged two, point
For PIT1 and PIT2, operating mode is similar with WDT module;
Further include Reset module, the Reset module is connected in control bus, the Reset module be used to determine be
Whether system needs to be reset, and is in due course system wake-up reset signal, and records to the reason of generating reset;
Low voltage detector (LVD) and high voltage detector (HVD) are contained in Reset module;
It further include clock module, the clock module (Clock Gen) is connected in control bus, the clock module packet
Containing crystal oscillator (OSC), state and control register and logic unit.
The usb interface controller is USB2.0 interface.
It further include power module, the power module is used for crypto chip module, the power supply of CPU and memory module.
USBkey is by 32 embedded type CPUs, crypto chip module, memory module and a few part compositions of power module, such as
Shown in Fig. 2, it is logically divided into crypto chip, memory, device drives, crypto-engine, Chip Operating System, user interface etc.
Part;It when filling quantum key, is established the link by USB2.0 interface and the service terminal of standard, into operating system, is adjusted
With crypto-engine, crypto chip is called by crypto-engine, key is stored by the driving of equipment and enters depositing for USBkey
In reservoir;
When reading using quantum key, established the link by USB2.0 interface and the service terminal of standard, into operation
System is read the memory of USBkey by device drives, operation is decrypted to quantum key, then key is sent to terminal
The encryption/decryption module interface of device.
The limitation for avoiding traditional quantum key distribution based on fiber optic communication, expands quantum key distribution technology and exists
The scope of application of electric system enriches the networking plan of quantum secret communication, improve quantum key distribution flexibility and
Serious forgiveness, is greatly saved network construction cost, and economic benefit is obvious.
The above is only the preferred embodiment of the utility model, it is noted that for the common skill of the art
For art personnel, without deviating from the technical principle of the utility model, several improvement and deformations can also be made, these change
It also should be regarded as the protection scope of the utility model into deformation.
Claims (8)
1. a kind of quantum cryptography USBkey, which is characterized in that the USB shell including having usb interface controller, outside the USB
CPU is set in shell, and crypto chip module and memory module, the CPU, crypto chip module and memory module are all connected to
First data/address bus, first data/address bus are connected on the second data/address bus and control bus by IP interface, the USB
Interface controller is connected to CPU by crypto chip module, passes through the external quantum key generating device of usb interface controller, institute
CPU is stated for calling crypto chip module to receive quantum key, and quantum key is stored into memory module.
2. a kind of quantum cryptography USBkey according to claim 1, which is characterized in that the crypto chip module is type
Number be SSX1717.
3. a kind of quantum cryptography USBkey according to claim 1, which is characterized in that the CPU is based on embedded
The ARM11 CPU, the CPU of RISC Architecture include independent memory protection unit and memory encryption unit.
4. a kind of quantum cryptography USBkey according to claim 1, which is characterized in that the memory module includes DMA
Memory, EFLASH memory and Static RAM.
5. a kind of quantum cryptography USBkey according to claim 4, which is characterized in that the EFLASH memory module
With 32 Programmable Embedded FLASH memories.
6. a kind of quantum cryptography USBkey according to claim 1, which is characterized in that it further include power module, the electricity
Source module is used for crypto chip module, the power supply of CPU and memory module.
7. a kind of quantum cryptography USBkey according to claim 1, which is characterized in that connected on second data/address bus
INTC module, TRNG module, PIT module, WDT module and RSA module.
8. a kind of quantum cryptography USBkey according to claim 1, which is characterized in that connected in the control bus logical
With serial line interface, Serial Peripheral Interface (SPI) module and E-PORT interface module.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201920253795.5U CN209570939U (en) | 2019-02-28 | 2019-02-28 | A kind of quantum cryptography USBkey |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201920253795.5U CN209570939U (en) | 2019-02-28 | 2019-02-28 | A kind of quantum cryptography USBkey |
Publications (1)
Publication Number | Publication Date |
---|---|
CN209570939U true CN209570939U (en) | 2019-11-01 |
Family
ID=68334396
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201920253795.5U Active CN209570939U (en) | 2019-02-28 | 2019-02-28 | A kind of quantum cryptography USBkey |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN209570939U (en) |
-
2019
- 2019-02-28 CN CN201920253795.5U patent/CN209570939U/en active Active
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US9251380B1 (en) | Method and storage device for isolating and preventing access to processor and memory used in decryption of text | |
CN109726598A (en) | Embedded-type security encryption chip based on Cloud Server | |
CN110753344B (en) | NB-IoT-based smart meter secure access system | |
CN104579679B (en) | Wireless public network data forwarding method for agriculture distribution communication equipment | |
CN103729942A (en) | Method and system for transmitting transmission key from terminal server to key server | |
CN108345806A (en) | A kind of hardware encryption card and encryption method | |
CN201387642Y (en) | Single-phase electronic type multi-rate prepayment electric energy meter | |
CN103679062A (en) | Intelligent electric meter main control chip and security encryption method | |
CN104021104B (en) | A kind of cooperative system and its communication means based on dual-bus structure | |
CN109818745A (en) | Internet of Things information security chip | |
CN110289952A (en) | A kind of quantal data chain secrecy terminal and secret communication network | |
CN106127059B (en) | The realization of credible password module and method of servicing on a kind of ARM platform | |
CN109981275A (en) | Data transmission method, device, system, equipment and storage medium | |
CN105631298B (en) | A kind of ciphering and deciphering device and method | |
CN113259345A (en) | Intelligent power distribution network data secure transmission method, system and storage medium | |
CN104052592A (en) | Secret key backup and transfer method and system based on trusted computing | |
CN110321725A (en) | A kind of method and device for preventing from distorting system data and clock | |
CN110089070A (en) | It is exchanged for code key to establish the technology of secure connection in network function virtualized environment | |
CN102594564A (en) | Equipment for traffic guidance information security management | |
CN209570939U (en) | A kind of quantum cryptography USBkey | |
CN106899545B (en) | A kind of system and method for terminal security communication | |
CN201498001U (en) | Credible calculation platform based on symmetrical key codes | |
CN106533653A (en) | Encrypted chip, encryption method and encryption system | |
CN207573453U (en) | A kind of trustable network video camera based on domestic commercial cipher algorithm | |
CN109726584A (en) | Cloud database key management system |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
GR01 | Patent grant | ||
GR01 | Patent grant |