KR20230092747A - Electronic apparatus and method for encryption thereof - Google Patents

Abstract

An electronic device is disclosed. The electronic device includes a communication device that communicates with an external device, a memory that stores data, and a processor that supports a TEE (Trusted Execution Environment) function. The processor includes open software from an external device and a signature corresponding to the open software. Upon receiving hash information corresponding to information and open software, the received open software is stored in a protection area corresponding to the SGX function, a secret key corresponding to the open software is generated, and the open software and data stored in the protection area are used. to perform calculations corresponding to open software.

Description

ELECTRONIC APPARATUS AND METHOD FOR ENCRYPTION THEREOF}

The present disclosure relates to an electronic device and an encryption method, and more specifically, to an electronic device and an encryption method capable of preventing leakage of internal data in a CPU supporting a Trusted Execution Environment (TEE) function.

The Trusted Execution Environment (TEE) function is a technology that controls operations based on hardware rather than software, and is an architectural extension designed to increase software security.

Specifically, this is a technology in which a user sets a protection area, the CPU encrypts a part of memory, and data in the protection area is not accessible to anyone other than a program running within the protection area.

Accordingly, even if the OS is hacked by an external attack, the information within the protection area of applications and data in the TEE-applied platform has the advantage of being safe.

As such, although there is a safe advantage in protecting the TEE function, there is a problem in that the above-described function becomes useless when a malicious function is included in an application stored in the corresponding platform.

Accordingly, the present disclosure has been devised to solve the above-described problems, and an object of the present disclosure is to provide an electronic device and an encryption method capable of preventing leakage of internal data in a CPU supporting a TEE (Trusted Execution Environment) function.

The present disclosure is to achieve the above object, and an electronic device according to an embodiment of the present disclosure supports a communication device for communicating with an external device, a memory for storing data, and a Trusted Execution Environment (TEE) function. and a processor that, when receiving open software, signature information corresponding to the open software, and hash information corresponding to the open software from the external device, converts the received open software to the TEE function. It is stored in a protection area, a private key corresponding to the open software is generated, and an operation corresponding to the open software is performed using the open software and the data stored in the protection area.

In this case, the processor divides the private key into a first private key and a second private key, encrypts and stores the first private key with the private key, encrypts the second private key using the signature information, can be saved

In this case, the secret key may be calculated by performing an XOR operation on the first secret key and the second secret key.

Meanwhile, the processor may encrypt the received private key using the TEE function and store the encrypted private key in the protection area.

Meanwhile, the processor may encrypt an operation result corresponding to the open software using the secret key.

In this case, the processor may control the communication device to transmit encryption key information corresponding to the encrypted operation result and the secret key.

In this case, the encryption key information includes first data obtained by encrypting the first private key constituting the private key with the private key, and second data obtained by encrypting the second private key constituting the private key using the signature information. may contain data.

Meanwhile, the processor may store the encrypted operation result and information on the open software in the memory.

In this case, if the data used by the open software is stored in the form of cipher text in the memory, the processor compares the open software information corresponding to the cipher text with the software to perform the operation, and if it is the same software, the cipher text is converted into the secret key. can be decrypted using

Meanwhile, when receiving the open software, the processor may check integrity of the open software, and generate the secret key when the integrity is confirmed.

Meanwhile, when an operation command is input using non-public software, the processor may perform the operation command by using an isomorphic operation corresponding to an isomorphic ciphertext.

Meanwhile, in an encryption method of an electronic device including a processor supporting a TEE (Trusted Execution Environment) function according to an embodiment of the present disclosure, open software, signature information corresponding to the open software, and the open software are stored from the external device. Receiving corresponding hash information, storing the received public software in a protection area corresponding to the TEE function, generating a secret key corresponding to the public software, and storing the public software stored in the protection area. and performing an operation corresponding to the open software using the data.

In this case, the encryption method may further include encrypting an operation result corresponding to the open software using the secret key.

In this case, the encryption method may further include transmitting encryption key information corresponding to the encrypted operation result and the secret key.

In this case, the encryption key information includes first data obtained by encrypting the first private key constituting the private key with the private key, and second data obtained by encrypting the second private key constituting the private key using the signature information. may contain data.

Meanwhile, the encryption method may further include storing the encrypted operation result and information on the open software in a memory.

In this case, if the data used by the open software is stored in the form of ciphertext in the memory, the open software information corresponding to the ciphertext is compared with the software to perform the operation, and if the software is the same, the ciphertext is converted into the secret key. A step of decoding using ? may be further included.

Meanwhile, the encryption method may further include checking integrity of the open software upon receiving the open software.

According to various embodiments of the present disclosure as described above, it is possible to safely protect user data not only from hacking but also from malicious software leakage, such as for the purpose of advertisement or data sale.

The above and other aspects, features, and advantages of the embodiments of the present disclosure will become more apparent from the following description with reference to the accompanying drawings. In the attached drawing:
1 is a diagram for explaining the TEE function of the present disclosure;
2 is a diagram for explaining a configuration of an electronic device according to an embodiment of the present disclosure;
3 is a diagram for explaining a specific configuration of a processor of the present disclosure;
4 is a sequence diagram for explaining an embodiment using an open code of the present disclosure;
5 is a flowchart for explaining an encryption method according to an embodiment of the present disclosure, and
6 is a flowchart for explaining an encryption method according to an embodiment of the present disclosure.

Since the present embodiments can apply various transformations and have various embodiments, specific embodiments will be illustrated in the drawings and described in detail in the detailed description. However, this is not intended to limit the scope to the specific embodiments, and should be understood to include various modifications, equivalents, and/or alternatives of the embodiments of the present disclosure. In connection with the description of the drawings, like reference numerals may be used for like elements.

In describing the present disclosure, if it is determined that a detailed description of a related known function or configuration may unnecessarily obscure the gist of the present disclosure, a detailed description thereof will be omitted.

In addition, the following embodiments may be modified in many different forms, and the scope of the technical idea of the present disclosure is not limited to the following embodiments. Rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the spirit of the disclosure to those skilled in the art.

Terms used in this disclosure are only used to describe specific embodiments, and are not intended to limit the scope of rights. Singular expressions include plural expressions unless the context clearly dictates otherwise.

In this disclosure, “has,” “may have,” “comprises,” or “may include.” Expressions such as, etc. indicate the presence of a corresponding feature (eg, a component such as a number, function, operation, or part) and do not exclude the presence of additional features.

In this disclosure, expressions such as “A or B,” “at least one of A and/and B,” or “one or more of A or/and B” may include all possible combinations of the items listed together. . For example, “A or B,” “at least one of A and B,” or “at least one of A or B” (1) includes at least one A, (2) includes at least one B, Or (3) may refer to all cases including at least one A and at least one B.

Expressions such as "first," "second," "first," or "second," used in the present disclosure may modify various elements regardless of order and/or importance, and may refer to one element as It is used only to distinguish it from other components and does not limit the corresponding components.

A component (e.g., a first component) is "(operatively or communicatively) coupled with/to" another component (e.g., a second component); When referred to as "connected to", it should be understood that the certain component may be directly connected to the other component or connected through another component (eg, a third component).

On the other hand, when an element (eg, a first element) is referred to as being “directly connected” or “directly connected” to another element (eg, a second element), the element and the above It may be understood that other components (eg, a third component) do not exist between the other components.

The expression “configured to (or configured to)” as used in this disclosure means, depending on the situation, for example, “suitable for,” “having the capacity to.” ," "designed to," "adapted to," "made to," or "capable of." The term "configured (or set) to" may not necessarily mean only "specifically designed to" hardware.

Instead, in some contexts, the phrase "device configured to" may mean that the device is "capable of" in conjunction with other devices or components. For example, the phrase "a processor configured (or configured) to perform A, B, and C" may include a dedicated processor (eg, embedded processor) to perform the operation, or by executing one or more software programs stored in a memory device. , may mean a general-purpose processor (eg, CPU or application processor) capable of performing corresponding operations.

In an embodiment, a 'module' or 'unit' performs at least one function or operation, and may be implemented with hardware or software, or a combination of hardware and software. In addition, a plurality of 'modules' or a plurality of 'units' may be integrated into at least one module and implemented by at least one processor, except for 'modules' or 'units' that need to be implemented with specific hardware.

According to various embodiments, operations performed by modules, programs, or other components may be executed sequentially, in parallel, repetitively, or heuristically, or at least some operations may be executed in a different order, may be omitted, or other operations may be added. can

Meanwhile, various elements and regions in the drawings are schematically drawn. Therefore, the technical spirit of the present invention is not limited by the relative size or spacing drawn in the accompanying drawings.

Meanwhile, an electronic device according to various embodiments of the present disclosure may include, for example, at least one of a TV, a monitor, a projector, a set-top box, a smart phone, a tablet PC, a desktop PC, a laptop PC, or a wearable device. Wearable devices can be accessories (e.g. watches, rings, bracelets, anklets, necklaces, glasses, contact lenses, or head-mounted-devices (HMDs)), textiles or clothing integrals (e.g. electronic garments); It may include at least one of a body-attached circuit (eg, a skin pad or tattoo) or a body-implanted circuit.

And, in the present disclosure, “value” is defined as a concept including a vector as well as a scalar value. And in the present disclosure, 'calculate', 'calculate.' Expressions such as, etc. may be replaced by an expression that produces a result of the corresponding calculation or calculation. In addition, unless otherwise stated, an operation for ciphertext to be described later means an isomorphic operation. For example, addition of homomorphic ciphertexts means homomorphic addition of two homomorphic ciphertexts.

Mathematical operations and calculations of each step of the present disclosure described below may be implemented as computer operations by a known coding method and/or coding designed appropriately for the present disclosure to perform the calculations or calculations.

The specific equations described below are illustratively described among possible alternatives, and the scope of the present disclosure should not be construed as being limited to the equations mentioned in the present disclosure.

Hereinafter, with reference to the accompanying drawings, an embodiment according to the present disclosure will be described in detail so that those skilled in the art can easily implement it.

1 is a diagram for explaining the TEE function of the present disclosure.

Referring to FIG. 1 , the electronic device 100 supports a TEE function. Here, the TEE function is a technology applied to the CPU and related to supplementation, and may be referred to as SGX (Software Guard eXtension) or the like. Specifically, when a user sets a protection area, the CPU encrypts a part of the memory, and data in the protection area is not accessible to anyone other than programs running within the protection area.

By designating such a protection area, important information such as hardware encryption passwords, secrets in password management programs, and encryption keys can be protected.

In this way, by using the TEE function, even if hacking occurs, the main information in the protection area is encrypted and stored, so there is an advantage of high safety. In addition, since the above-described operation is performed in a hardware manner, there is also an advantage in that it has a fast calculation capability.

However, this TEE function operates using the software 30 provided by the internal CPU manufacturer. If such software has the purpose of advertising or selling data, the internal security data 20 ) and the resulting calculation result 40, there is a problem that data leakage cannot but occur.

On the other hand, since homomorphic encryption that can be operated in the state of ciphertext has recently been commercialized, in order to prevent the above-mentioned leakage, if all data is stored as homomorphic ciphertext and the software operation is also configured with isomorphic operation, the above-mentioned problem can be solved. there is.

However, processing of homomorphic ciphertext has a high advantage in security, but has a problem of slow operation speed.

The present disclosure uses a homomorphic federation learning method to solve the problems of the existing technology.

Specifically, the homomorphic federation learning of the present disclosure uses the configuration shown in FIG. 1 in terms of hardware, that is, the TEE function, but in order to prevent the malicious operation of the manufacturer (or the software of the corresponding system) that provides the TEE function, the operation code or use a method of processing data by homomorphic encryption processing.

Specifically, openable software (eg, encryption scheme, decryption scheme, etc.) operates using TEE using open algorithms (ie, open software). Since such open software is used, it is possible to verify whether malicious code is included. Alternatively, it is also possible to secure the safety of the software by uploading or managing the open software through a verified company or organization.

In addition, software that has not been disclosed performs processing by homomorphic encryption. As described above, in that the homomorphic encryption method has high complementarity, even if the software processing the ciphertext operates with malicious content, it is impossible to access the original text (or plaintext) of the data without the secret key, so it is impossible to ensure safety. can

As such, the present disclosure can prevent malicious data access of internal software by using the public code and the isomorphic operation method together.

Hereinafter, a specific configuration and operation of an electronic device to which the above-described homomorphic association learning is applied will be described with reference to FIG. 2 .

2 is a diagram for explaining a configuration of an electronic device according to an embodiment of the present disclosure.

Referring to FIG. 2 , the electronic device 100 may include a communication device 110 , a memory 120 and a processor 130 .

The communication device 110 is formed to connect the electronic device 100 with an external device (not shown), and is connected to the external device through a local area network (LAN) and an Internet network, as well as a USB ( A form connected through a Universal Serial Bus) port or a wireless communication (eg, WiFi 802.11a/b/g/n, NFC, Bluetooth) port is also possible. Such a communication device 110 may also be referred to as a transceiver.

The communication device 110 may receive open software from an external device. At this time, the communication device 110 may perform signature information and hash information corresponding to the open software together. Here, the open software is a program in which instructions for performing various calculations on data are stored, and may include various calculation commands for data such as encryption algorithms, decryption algorithms, and statistical algorithms.

And the signature information and hash information are information used to verify open software. Specifically, the hash information may be based on the source code of open software, and may be disclosed so that anyone can obtain the same hash information using the open software. In addition, the signature information is for software information verification, and may be used for encryption key information or software identification, which will be described later.

The communication device 110 may receive or transmit an ID-based secret key generated by another device. Specifically, the communication device 110 may communicate with the key generating device, and the communication device 110 transmits hash information based on the source key of the software to the key generating device, and based on the transmitted hash information, the communication device 110 is ID-based. You can receive a secret key.

Also, the communication device 110 may receive a message from an external device and transmit the generated encrypted text to the external device. At this time, the communication device 110 may transmit encryption key information necessary for decryption of the cipher text together with the generated cipher text.

The memory 120 is a component for storing O/S for driving the electronic device 100, various software, data, and the like. The memory 120 may be implemented in various forms such as RAM, ROM, flash memory, HDD, external memory, memory card, etc., but is not limited to any one.

The memory 120 stores the message to be encrypted (or plain text). Here, the message may be various types of credit information and personal information cited by the user, and may also be information related to use history, such as location information used in the electronic device 100 and Internet usage time information.

In addition, the memory 120 may store various types of information such as received software, and may store intermediate operation results (eg, a quantum resistant secret key, an ID-based secret key, etc.) necessary for the process of the electronic device 100 to be described later. there is.

And the memory 120 may store the cipher text generated in the process described below. Also, the memory 120 may store encrypted text transmitted from an external device.

The memory 120 may include a protection area. Specifically, a protection area corresponding to the TEE function may be included, and data requiring supplementation may be stored in the corresponding protection area. When data is stored in the protection area, the data may be encrypted and stored according to the TEE function even without a separate user command.

The processor 130 controls each component within the electronic device 100 . The processor 130 may be configured as a single device such as a central processing unit (CPU) or an application-specific integrated circuit (ASIC), or a plurality of devices such as a CPU, a graphics processing unit (GPU), or a Trusted Execution Environment (TEE). It may also consist of a device.

The processor 130 determines a driving method. Specifically, the processor 130 may determine whether the operation command requested by the user is based on open software or closed software. As a result of the determination, if it is based on non-public software, the processor 130 may perform calculation processing using the homomorphic encryption method as described above.

Conversely, if it is based on open software, the processor 130 may determine whether or not the corresponding open software is installed. If installed, the processor 130 may perform calculation operations using pre-set open software. If not installed, the communication device 110 may be controlled to receive the open software from an external device.

The processor 130 receives open software, signature information corresponding to the open software, and hash information corresponding to the open software from an external device. Specifically, the aforementioned open software may be stored in a verified storage (or an external device), and the processor 130 may control the communication device 110 to receive corresponding software from the aforementioned storage. At this time, the processor 130 may receive the above-described signature information and hash information for verifying the software together.

When the open software is received, the processor 130 checks the integrity of the open software and generates a secret key when the integrity is confirmed. Specifically, the processor 130 may perform an integrity check on open software, and if there is no problem in the integrity check, the corresponding software may be stored in the memory 120 . Also, the processor 130 may generate a secret key to be applied to corresponding software.

Specifically, the processor 130 may generate a first random key and a second random key, and perform an XOR operation on the generated first random key and the second random key to generate a secret key corresponding to the software or TEE function. there is.

In this case, the processor 130 may control the communication device 110 to receive the ID-based secret key from the key management device. When the ID-based secret key is received in this way, the first random key (or the second random key) is encrypted with the ID-based secret key, the second random key is encrypted with the received signing key, and individually stored, or the corresponding encryption is performed in an external device. The encrypted first random key and the encrypted second random key may be transmitted. In addition, the processor 130 may encrypt the received ID-based secret key using the TEE function and store the encrypted ID-based secret key in a protection area of the memory 120 .

Using such a secret key, the processor 130 may perform an operation of encrypting an operation result by the above-described software or decrypting an encrypted operation result.

The processor 130 performs an operation corresponding to the open software using the open software and data stored in the protection area. At this time, the processor 130 may perform an arithmetic operation corresponding to the above-described open software with the above-described data in a plain text state. To this end, if there is encrypted data, it can be decrypted using the above-described secret key, and an operation operation can be performed in the decrypted state. Also, when data storage is required, the processor 130 may encrypt the data using the aforementioned secret key and store the encrypted data in the memory 120 .

In this case, the processor 130 may store encrypted operation results and information on open software in a memory. Accordingly, in the process of using encrypted and stored data, if the data used by the open software is stored in the form of cipher text in the memory, the processor 130 compares the open software information corresponding to the cipher text with the software to perform the operation, and if the data is the same software The ciphertext can be decrypted using the secret key.

The processor 130 may control the communication device to transmit encryption key information corresponding to the encrypted operation result and the secret key. At this time, the encryption key information may include first data obtained by encrypting the first secret key constituting the secret key with the private key and second data obtained by encrypting the second secret key constituting the secret key using signature information. .

As described above, the present disclosure encrypts a secret key using two pieces of information (ie, an ID-based secret key and certificate information), that is, it is an encryption technique using two pieces of unrelated information and thus has quantum tolerance.

On the other hand, if a calculation command is input using non-public software, the processor 130 may perform the calculation command by using the isomorphic operation corresponding to the isomorphic ciphertext.

As described above, the electronic device 100 according to the present disclosure can safely protect user data from not only hacking but also malicious software from leaking user data for the purpose of advertising or selling data.

Meanwhile, in the illustration and description of FIG. 2, only the basic configuration of the electronic device 100 has been shown and described, but in implementation, the electronic device 100 has other configurations (eg, a display, a control device, camera, speaker, microphone, etc.) may be further included. In addition, in the illustrated example, although the processor 130 is shown as one, in implementation, the processor 130 may include a plurality of processors. Alternatively, it may be composed of one processor 130, and a plurality of processor cores may be included therein.

3 is a diagram for explaining a specific configuration of a processor of the present disclosure.

Referring to FIG. 3 , the processor 130 includes a first processor core 131 and a second processor core 132 .

The first processor core 131 may be composed of a general CPU, GPU, etc., and when an operation command using the non-public software 50 is input, the data 60 is subjected to operation processing using a homomorphic encryption method, The calculation result can be output (80).

The second processor core 132 is a processor core that performs a Software Guard eXtension (SGX) function, and when an operation command using the open software 70 is input, it can perform a calculation operation corresponding to the open software as described above. there is. The second processor core 132 may encrypt the corresponding operation result with the secret key and output the result in an encrypted state (80). Meanwhile, in the illustrated example, it has been illustrated and described as using SGX, but other TEE technologies other than SGX may be used in implementation.

The second processor core 132 may generate a secret key (or master key). In this case, the second processor core 132 may store the above-described secret key using the hybrid encryption method described above. Specifically, the secret key may be generated by XOR operation of two random values, one of the two random values may be encrypted and stored with an ID-based secret key, and the other random value may be encrypted and stored with signature information corresponding to software. there is. Further, the above-described ID-based secret key may be encrypted and stored using the SGX function. Since such a secret key is used, a decryption function can be provided only when the same software is used. That is, a decryption request using other software is not operated because the secret key is different.

Meanwhile, when the above-described application is updated, the second processor core 132 may receive the above-described secret key generation operation again, delete the existing secret key, and generate and store a secret key corresponding to the updated application. there is.

Since the output of the processor 130 is an output result using open software or an output result according to homomorphic encryption, it is possible to use the output result in a method according to an operation method on the side of the electronic device 90 that verifies it.

For example, in the case of a homomorphic encryption method, the electronic device 90 may decrypt an operation result using a secret key corresponding to the homomorphic operation. In this case, an operation result may be obtained, but since neither the processor 130 nor the electronic device 90 processes data in a plain text state, data protection for plain text is possible.

In the case of the SGX (or TEE) method, the electronic device 90 may receive cipher text and encryption key information corresponding to the cipher text. Specifically, the electronic device 90 may restore the secret key using the encryption key. For example, the electronic device 90 may receive an ID-based private key through a key management device and obtain public software certificate information. In addition, the first private key and the second private key in the encryption key information may be restored using the obtained ID-based private key and certificate information, and the restored first private key and the second private key may be XOR-operated to obtain the private key. can be assured

If the secret key is secured in this way, the electronic device 90 can decrypt the cipher text with the corresponding secret key. In this process, since the electronic device 90 only knows the result of the operation, not the plain text state, it is impossible to check the plain text. In addition, since the SGX 132 operates only by executing instructions corresponding to open software, unnecessary operations cannot be performed. In addition, as described above, installed software uses an integrity check and a software signature key, and some of the encryption key information uses the software signature key, making it impossible to perform unnecessary intervention on data.

4 is a sequence diagram for explaining an embodiment using an open code of the present disclosure.

Referring to FIG. 4 , the external device 100 stores open software and various types of information (eg, signature information, hash information) corresponding to the open software. The external device 100 may be a server or electronic device of a verified company or company, and may be open so that anyone can check the source code for the corresponding software. In addition, information on how the above-described signature information and hash information were written and generated using the above-described software may also be disclosed.

The electronic device 100 receives open software, signature information corresponding to the open software, and hash information corresponding to the open software from the external device (S410).

Then, the electronic device 100 checks the integrity of the received open software, and if the integrity is confirmed, stores the received open software in a protection area corresponding to the TEE function (S420). Meanwhile, in implementation, it may be stored in a general area other than a protection area.

Then, the electronic device 100 generates a secret key corresponding to the open software (S430). In this case, the electronic device 100 may request and receive an ID-based secret key from an external key management device in order to generate encryption key information corresponding to the secret key. In such an ID-based secret key, a hash value corresponding to the corresponding open software or a unique value such as serial information or code ID of the software may be used as the above-described ID.

An operation corresponding to the open software is performed using the open software and data stored in the protection area (S440). In this way, the operation using the open software is performed, and since the source of the open software is open as described above, it is difficult to include unnecessary malicious codes. Therefore, it is difficult for the manufacturer of the CPU equipped with the TEE (or SGX) function to arbitrarily execute malicious code.

On the other hand, in the illustrated example, it is shown that only one open software is received and operated, but in implementation, the electronic device 100 may use a plurality of open software, and it is possible to use a separate secret key for each open software. .

Then, the calculation result may be transmitted to the external device 300 (S450). Meanwhile, in the illustrated example, a device that transmits S/W and a device that receives calculation results are shown to be the same, but in implementation, a device that provides software and a device that receives calculation results may be different devices.

5 is a flowchart illustrating an encryption method according to an embodiment of the present disclosure.

Referring to FIG. 5 , open software, signature information corresponding to the open software, and hash information corresponding to the open software are first received from an external device (S410). The aforementioned external device may be a server of a verified external organization or company.

The received open software is stored in a protection area corresponding to the TEE (or SGX) function (S420). Upon implementation, an integrity check is performed on received open software, and only open software whose integrity has been confirmed can be stored in the protection area.

A secret key corresponding to the open software is generated (S430). Specifically, a first random value and a second random value may be generated, and a secret key may be generated by performing an XOR operation on the two generated random values. In this case, one first random value may be encrypted with an ID-based secret key, and a second random value may be encrypted with signature information and provided to an external device using an operation result. In this way, since the secret key is encrypted in a hybrid method, quantum tolerance can be obtained.

An operation corresponding to the open software is performed using the open software and data stored in the protection area (S440). If the data is encrypted, that is, if it has been previously encrypted with corresponding open software, decryption may be performed using the secret key, and operations corresponding to the open software may be performed using the decrypted data. In this way, it is possible to perform a calculation operation faster than performing an operation in a plain text state. In addition, in the process of storing data, since it is encrypted and stored using the above-described secret key, security of the stored data can be secured.

Then, the calculation result may be transmitted to the external device 300 (S450). At this time, the calculation result corresponding to the open software may be encrypted using a secret key, and the encrypted calculation result may be transmitted. In addition, encryption key information corresponding to the secret key may be transmitted together with the operation result.

Here, the encryption key information may include first data obtained by encrypting a first secret key constituting the secret key with a private key and second data obtained by encrypting a second secret key constituting the secret key using signature information. .

Meanwhile, in the illustrated example, a device that transmits S/W and a device that receives calculation results are shown to be the same, but in implementation, a device that provides software and a device that receives calculation results may be different devices.

6 is a flowchart for explaining an encryption method according to an embodiment of the present disclosure.

First, software for performing calculations may be checked (S510). If the software for performing the calculation is open software, the operation described above with reference to FIG. 5 may be performed.

If an operation for non-public software is requested, the following operation may be performed.

Specifically, the arithmetic command may be performed by using the isomorphic arithmetic corresponding to the homomorphic ciphertext.

And the calculation result can be transmitted (S630).

Meanwhile, methods according to at least some of the various embodiments of the present disclosure described above may be implemented in the form of an application that can be installed in an existing electronic device.

In addition, the methods according to at least some of the various embodiments of the present disclosure described above may be implemented with only a software upgrade or hardware upgrade of an existing electronic device.

Also, methods according to at least some of the various embodiments of the present disclosure described above may be performed through an embedded server included in the electronic device or an external server of at least one of the electronic devices.

Meanwhile, according to an embodiment of the present disclosure, various embodiments described above may be implemented as software including instructions stored in a machine-readable storage medium (eg, a computer). A device is a device capable of calling a stored command from a storage medium and operating according to the called command, and may include an electronic device (eg, the electronic device A) according to the disclosed embodiments. When executed by this processor, the processor may directly or use other components under the control of the processor to perform a function corresponding to the instruction, and the instruction may include code generated or executed by a compiler or an interpreter. A device-readable storage medium may be provided in the form of a non-transitory storage medium, where a 'non-transitory storage medium' is a tangible device, and a signal (e.g. : electromagnetic waves), and this term does not distinguish between cases in which data is stored semi-permanently and temporarily stored in storage media. For example, 'non-temporary storage media' means that data is temporarily stored. According to an embodiment, the method according to various embodiments disclosed in this document may be provided by being included in a computer program product, which is a product that is a seller and a buyer. The computer program product is distributed in the form of a machine-readable storage medium (eg compact disc read only memory (CD-ROM)), or through an application store (eg Play Store™) or may be distributed (eg downloaded or uploaded) online, directly between two user devices (eg smartphones) In the case of online distribution, a computer program product (eg downloadable app) At least a part of may be temporarily stored or temporarily generated in a storage medium readable by a device such as a manufacturer's server, an application store server, or a relay server memory.

Various embodiments of the present disclosure may be implemented as software including commands stored in a storage medium readable by a machine (eg, a computer). The device calls the stored commands from the storage medium. And, as a device capable of operating according to the called command, it may include an electronic device (eg, the electronic device 100) according to the disclosed embodiments.

When the above-described command is executed by a processor, the processor may perform a function corresponding to the above-described command by using other components directly or under the control of the above-described processor. An instruction may include code generated or executed by a compiler or interpreter.

Although the preferred embodiments of the present disclosure have been shown and described above, the present disclosure is not limited to the specific embodiments described above, and is common in the art to which the disclosure belongs without departing from the gist of the present disclosure claimed in the claims. Of course, various modifications are possible by those with knowledge of, and these modifications should not be individually understood from the technical spirit or perspective of the present disclosure.

100: electronic device 110: communication device
120: memory 130: processor

Claims (18)

In electronic devices,
a communication device that communicates with an external device;
memory to store data; and
A processor supporting a Trusted Execution Environment (TEE) function;
the processor,
When open software, signature information corresponding to the open software, and hash information corresponding to the open software are received from the external device, the received open software is stored in a protection area corresponding to the TEE function, and the open software An electronic device that generates a corresponding secret key and performs an operation corresponding to the open software using the open software and the data stored in the protection area. According to claim 1,
the processor,
An electronic device that divides the private key into a first private key and a second private key, encrypts and stores the first private key with the private key, and encrypts and stores the second private key using the signature information. According to claim 2,
The secret key is calculated by performing an XOR operation on the first secret key and the second secret key. According to claim 1,
the processor,
An electronic device that encrypts the received private key using the TEE function and stores the encrypted private key in the protection area. According to claim 1,
the processor,
An electronic device that encrypts an operation result corresponding to the open software using the secret key. According to claim 5,
the processor,
An electronic device that controls the communication device to transmit encryption key information corresponding to the encrypted operation result and the secret key. According to claim 6,
The encryption key information,
An electronic device comprising first data obtained by encrypting a first secret key constituting the secret key with the private key, and second data obtained by encrypting a second secret key constituting the secret key using the signature information. According to claim 5,
the processor,
An electronic device that stores the encrypted operation result and information on the open software in the memory. According to claim 8,
the processor,
If data used by the open software is stored in the form of cipher text in the memory, an electronic device that compares open software information corresponding to the cipher text with software to perform an operation, and decrypts the cipher text using the secret key if it is the same software. . According to claim 1,
the processor,
An electronic device that checks integrity of the open software upon receiving the open software, and generates the private key when the integrity is confirmed. According to claim 1,
the processor,
An electronic device that, when an operation command is input using non-public software, performs the operation command by using an isomorphic operation corresponding to an isomorphic ciphertext. In the encryption method of an electronic device including a processor supporting a TEE (Trusted Execution Environment) function,
receiving open software, signature information corresponding to the open software, and hash information corresponding to the open software from the external device;
storing the received open software in a protection area corresponding to the TEE function;
generating a secret key corresponding to the open software; and
and performing an operation corresponding to the open software using the open software stored in the protection area and the data. According to claim 12,
The encryption method further comprising encrypting an operation result corresponding to the open software using the secret key. According to claim 13,
The encryption method further comprising transmitting encryption key information corresponding to the encrypted operation result and the secret key. According to claim 14,
The encryption key information,
and first data obtained by encrypting a first secret key constituting the secret key with the private key, and second data obtained by encrypting a second secret key constituting the secret key using the signature information. According to claim 13,
and storing the encrypted operation result and the information on the open software in a memory. According to claim 16,
If data used by the open software is stored in the form of ciphertext in the memory, comparing open software information corresponding to the ciphertext with software to perform an operation, and decrypting the ciphertext using the private key if the software is the same; Encryption method further comprising a. According to claim 12,
The encryption method further comprising checking integrity of the open software when the open software is received.

Images