CN219918945U - Encryption signature terminal - Google Patents
Encryption signature terminal Download PDFInfo
- Publication number
- CN219918945U CN219918945U CN202320769641.8U CN202320769641U CN219918945U CN 219918945 U CN219918945 U CN 219918945U CN 202320769641 U CN202320769641 U CN 202320769641U CN 219918945 U CN219918945 U CN 219918945U
- Authority
- CN
- China
- Prior art keywords
- signature
- controller
- module
- encryption
- communication connection
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000004891 communication Methods 0.000 claims abstract description 31
- 230000002093 peripheral effect Effects 0.000 claims description 6
- 230000003321 amplification Effects 0.000 description 2
- 230000005540 biological transmission Effects 0.000 description 2
- 238000003199 nucleic acid amplification method Methods 0.000 description 2
- 238000013139 quantization Methods 0.000 description 2
- 238000005070 sampling Methods 0.000 description 2
- 238000012795 verification Methods 0.000 description 2
- 238000011161 development Methods 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
Abstract
The utility model discloses an encryption signature terminal, which comprises a touch screen, wherein the touch screen is in communication connection with a signature controller, and the signature controller is connected with a wireless communication module and a national encryption module; the signature controller is also in communication connection with an NFC sensing module, a Bluetooth sensing module and/or a USB-key reading module; the wireless communication module is accessed to a remote signature server. The encryption signature terminal of the utility model adopts a private key to separate access and field reading mode to complete signature, and after signature, the secondary encryption is realized through the national encryption module, thus ensuring the true reliability of the signature.
Description
Technical Field
The utility model particularly relates to an encryption signature terminal, and belongs to the technical field of network security.
Background
Along with the development of the mobile internet, various terminals are more and more widely applied to electronic commerce and mobile office, the terminals generally interact with other devices in a wireless mode, signature processing is required to be carried out on files in order to ensure the reality and effectiveness of communication between the terminals and a server, at present, the attacks aiming at the terminals are more and more numerous, a plurality of malicious applications can steal private data stored on the terminals by users (obtain private keys of the users), the communication between the terminals and the server is attacked, and the reality and the integrity of the electronic data must be ensured in the mobile office; thus, security protection of the private key is required.
Disclosure of Invention
In order to solve the problems, the utility model provides an encryption signature terminal which adopts a private key to separately access and read on site to complete signature, and after signature, the secondary encryption is realized through a national encryption module, so that the true reliability of the signature is ensured.
The encryption signature terminal comprises a touch screen, wherein the touch screen is in communication connection with a signature controller, and the signature controller is connected with a wireless communication module and a national encryption module; the signature controller is also in communication connection with an NFC sensing module, a Bluetooth sensing module and/or a USB-key reading module; the wireless communication module is accessed to a remote signature server; the signature controller is internally provided with a large part of private keys, the missing parts are stored in the electronic tag, when signature is needed, electronic tag data are obtained through the NFC sensing module, the Bluetooth sensing module and/or the USB-key reading module, the complete private keys are formed for signature, and meanwhile, the private keys are secondarily encrypted and transmitted to the signature server for verification.
Further, an electronic tag with a local private key is stored in the communication connection between the NFC sensing module and the Bluetooth sensing module.
Further, the cryptographic module includes a DMA controller in communication with the signature controller; the DMA controller is connected with the SM1 controller and the random number generator; the SM1 controller is connected with the SSX30-D algorithm chip and the peripheral circuit thereof. After the signature controller obtains the complete private key, sending data to be operated to the SM1 controller through the DMA controller; meanwhile, the DMA controller reads the random number sent by the true random number generator, and the SM1 controller sends the received data to the internal RAM for storage; the SM1 controller sends the received data to the encryption chip, controls the working time sequence of the chip, reads the encryption and decryption result from the chip, stores the encryption and decryption result in the internal FIFO, the DMA controller captures the algorithm ending mark, the DMA controller obtains the data ready mark, reads the data ready mark from the FIFO of the controller, and the signature controller sends the read data out through the wireless communication module; the signature server decrypts and verifies the signature; after the signature server receives the signature, firstly decrypting the signature through the SM1 national encryption module, decrypting the signature through a public key to obtain the signature, then verifying the signature of the message M according to the public parameters and the identity of the terminal participating in the signature, and if the equation is satisfied, receiving the signature by a verifier, namely the signature is valid; otherwise, the signature is considered invalid.
Still further, the random number generator comprises a single chip microcomputer minimum system which is in communication connection with a true random number generator formed by a WNG-8 chip and a peripheral circuit thereof; the WNG-8 chip takes thermal noise as a physical entropy source, and generates a true random number bit sequence through a series of links such as noise amplification, threshold comparison, D trigger sampling quantization and the like; the singlechip minimum system is used as a main control chip of the true random number generator system and mainly completes the functions of random sequence acquisition, forwarding transmission control and the like; enabling the random sequence to be sent to the DMA controller.
Compared with the prior art, the encryption signature terminal provided by the utility model adopts a private key to separate access and field reading mode to complete signature, and after signature, secondary encryption is realized through the national encryption module, so that the true reliability of the signature is ensured.
Drawings
Fig. 1 is a schematic overall structure of embodiment 1 of the present utility model.
Fig. 2 is a schematic diagram of a cryptographic module according to embodiment 1 of the present utility model.
Detailed Description
Example 1:
the encryption signature terminal shown in fig. 1 and 2 comprises a touch screen, wherein the touch screen is in communication connection with a signature controller, and the signature controller is connected with a wireless communication module and a national encryption module; the signature controller is also in communication connection with an NFC sensing module, a Bluetooth sensing module and/or a USB-key reading module; the wireless communication module is accessed to a remote signature server; the signature controller is internally provided with a large part of private keys, the missing parts are stored in the electronic tag, when signature is needed, electronic tag data are obtained through the NFC sensing module, the Bluetooth sensing module and/or the USB-key reading module, the complete private keys are formed for signature, and meanwhile, the private keys are secondarily encrypted and transmitted to the signature server for verification.
And the NFC sensing module and the Bluetooth sensing module are in communication connection, and an electronic tag with a local private key is stored in the communication connection.
The cryptographic module comprises a DMA controller in communication with a signature controller; the DMA controller is connected with the SM1 controller and the random number generator; the SM1 controller is connected with the SSX30-D algorithm chip and the peripheral circuit thereof. After the signature controller obtains the complete private key, sending data to be operated to the SM1 controller through the DMA controller; meanwhile, the DMA controller reads the random number sent by the true random number generator, and the SM1 controller sends the received data to the internal RAM for storage; the SM1 controller sends the received data to the encryption chip, controls the working time sequence of the chip, reads the encryption and decryption result from the chip, stores the encryption and decryption result in the internal FIFO, the DMA controller captures the algorithm ending mark, the DMA controller obtains the data ready mark, reads the data ready mark from the FIFO of the controller, and the signature controller sends the read data out through the wireless communication module; the signature server decrypts and verifies the signature; after the signature server receives the signature, firstly decrypting the signature through the SM1 national encryption module, decrypting the signature through a public key to obtain the signature, then verifying the signature of the message M according to the public parameters and the identity of the terminal participating in the signature, and if the equation is satisfied, receiving the signature by a verifier, namely the signature is valid; otherwise, the signature is considered invalid.
The random number generator comprises a singlechip minimum system which is in communication connection with a true random number generator consisting of a WNG-8 chip and a peripheral circuit thereof; the WNG-8 chip takes thermal noise as a physical entropy source, and generates a true random number bit sequence through a series of links such as noise amplification, threshold comparison, D trigger sampling quantization and the like; the singlechip minimum system is used as a main control chip of the true random number generator system and mainly completes the functions of random sequence acquisition, forwarding transmission control and the like; enabling the random sequence to be sent to the DMA controller.
The above embodiments are merely preferred embodiments of the present utility model, and all changes and modifications that come within the meaning and range of equivalency of the structures, features and principles of the utility model are therefore intended to be embraced therein.
Claims (4)
1. An encrypted signature terminal, characterized in that: the digital signature system comprises a touch screen, wherein the touch screen is in communication connection with a signature controller, and the signature controller is connected with a wireless communication module and a national encryption module; the signature controller is also in communication connection with an NFC sensing module, a Bluetooth sensing module and/or a USB-key reading module; the wireless communication module is accessed to a remote signature server.
2. The cryptographic signature terminal according to claim 1, wherein: and the NFC sensing module and the Bluetooth sensing module are in communication connection, and an electronic tag with a local private key is stored in the communication connection.
3. The cryptographic signature terminal according to claim 1, wherein: the cryptographic module comprises a DMA controller in communication with a signature controller; the DMA controller is connected with the SM1 controller and the random number generator; the SM1 controller is connected with the SSX30-D algorithm chip and the peripheral circuit thereof.
4. A cryptographically signed terminal as claimed in claim 3, wherein: the random number generator comprises a singlechip minimum system which is in communication connection with a true random number generator consisting of a WNG-8 chip and a peripheral circuit thereof.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202320769641.8U CN219918945U (en) | 2023-04-10 | 2023-04-10 | Encryption signature terminal |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202320769641.8U CN219918945U (en) | 2023-04-10 | 2023-04-10 | Encryption signature terminal |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN219918945U true CN219918945U (en) | 2023-10-27 |
Family
ID=88435750
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202320769641.8U Active CN219918945U (en) | 2023-04-10 | 2023-04-10 | Encryption signature terminal |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN219918945U (en) |
-
2023
- 2023-04-10 CN CN202320769641.8U patent/CN219918945U/en active Active
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109472166B (en) | Electronic signature method, device, equipment and medium | |
| JP4550736B2 (en) | Secure communication | |
| CN107592308B (en) | Double-server multi-factor authentication method oriented to mobile payment scene | |
| CN109714176B (en) | Password authentication method, device and storage medium | |
| CN111447053B (en) | Data secure transmission method and system | |
| CN102196375A (en) | Securing out-of-band messages | |
| CN103765809A (en) | Implicitly certified public keys | |
| CN110690956B (en) | Bidirectional authentication method and system, server and terminal | |
| CN110381055B (en) | RFID system privacy protection authentication protocol method in medical supply chain | |
| Cheng et al. | Authenticated RFID security mechanism based on chaotic maps | |
| Zhao et al. | ePUF: A lightweight double identity verification in IoT | |
| CN113595744B (en) | Network access method, device, electronic equipment and storage medium | |
| Lee et al. | A new ultralightweight RFID protocol with mutual authentication | |
| CN115001841A (en) | Identity authentication method, identity authentication device and storage medium | |
| WO2018227471A1 (en) | Secure processing method and apparatus for biometric feature data, sensor, and terminal device | |
| CN105162592B (en) | A kind of method and system of certification wearable device | |
| Yazid et al. | Simple authentication method for vehicle monitoring IoT device with verifiable data integrity | |
| CN112311553B (en) | Equipment authentication method based on challenge response | |
| Baek et al. | Secure and lightweight authentication protocol for NFC tag based services | |
| Long et al. | Anonymous chaotic-based identity authentication protocol in IoT | |
| CN103731828B (en) | A kind of terminal unit and method for electronic certificate authentication | |
| Tsague et al. | An advanced mutual-authentication algorithm using 3DES for smart card systems | |
| CN219918945U (en) | Encryption signature terminal | |
| CN113784342B (en) | Encryption communication method and system based on Internet of things terminal | |
| Fan et al. | Eland: an efficient lightweight anonymous authentication protocol applied to digital rights management system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| GR01 | Patent grant | ||
| GR01 | Patent grant |