TW202318832A - Input encryption - Google Patents

Input encryption Download PDF

Info

Publication number
TW202318832A
TW202318832A TW111105839A TW111105839A TW202318832A TW 202318832 A TW202318832 A TW 202318832A TW 111105839 A TW111105839 A TW 111105839A TW 111105839 A TW111105839 A TW 111105839A TW 202318832 A TW202318832 A TW 202318832A
Authority
TW
Taiwan
Prior art keywords
input
processor
application
encrypted
computing device
Prior art date
Application number
TW111105839A
Other languages
Chinese (zh)
Inventor
泰文 J 理查茲
艾瑞克 W G 麥克米倫
羅伯特 克雷格
梅森 A 剛由盧
可亞 黃
湯瑪斯 史旺納
Original Assignee
美商惠普發展公司有限責任合夥企業
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 美商惠普發展公司有限責任合夥企業 filed Critical 美商惠普發展公司有限責任合夥企業
Publication of TW202318832A publication Critical patent/TW202318832A/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0618Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/82Protecting input, output or interconnection devices
    • G06F21/83Protecting input, output or interconnection devices input devices, e.g. keyboards, mice or controllers thereof
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)
  • Input From Keyboards Or The Like (AREA)

Abstract

In one example in accordance with the present disclosure, a computing device is described. An example computing device includes an operating system to execute an operation based on received input. The example computing device includes a port to receive a connector of an input device and a processor. An example processor is to intercept input received from the input device along a communication path between the port and the operating system and select an encryption key based on an application to receive encrypted input. The example processor is to encrypt the input based on a selected encryption key and transmit encrypted input to the application.

Description

輸入加密技術Enter encryption technology

本發明係有關於輸入加密技術。The present invention relates to input encryption techniques.

發明背景Background of the invention

一輸入裝置允許一使用者向一計算裝置提供資料。例如,經由一鍵盤,一使用者可輸入文本,該計算裝置可將該文本使用於任何多種目的。例如,該文本可被插入到一文字處理文件中或使用於給另一個使用者的電子訊息中。在另一實例中,一麥克風可用以捕獲要與另一計算裝置的使用者共享的音訊輸入。雖然具體提到了特定輸入裝置,但是多種輸入裝置可以耦合到一計算裝置並為該計算裝置提供不同類型的輸入。An input device allows a user to provide data to a computing device. For example, via a keyboard, a user can enter text, which the computing device can use for any of a variety of purposes. For example, the text may be inserted into a word processing document or used in an electronic message to another user. In another example, a microphone may be used to capture audio input to be shared with a user of another computing device. While specific input devices are specifically mentioned, a variety of input devices may be coupled to and provide different types of inputs to a computing device.

發明概要Summary of the invention

依據本發明之一實施例,係特地提出一種計算裝置,其包括:一操作系統,用以基於所接收輸入執行一操作;一埠,用以接收一輸入裝置的一連接器;以及在該計算裝置上的一處理器,用以:沿該埠與該操作系統之間的一通訊路徑截取從該輸入裝置接收的輸入;基於一應用程式選擇一加密金鑰以接收經加密輸入;基於一經選擇加密金鑰加密該輸入;及將經加密輸入傳送到該應用程式。According to an embodiment of the present invention, a computing device is provided, which includes: an operating system for performing an operation based on input received; a port for receiving a connector of an input device; and a processor on the device to: intercept input received from the input device along a communication path between the port and the operating system; select an encryption key to receive encrypted input based on an application; based on a selected encrypting the input with an encryption key; and transmitting the encrypted input to the application.

較佳實施例之詳細說明Detailed Description of the Preferred Embodiment

數以百萬計的人每天使用計算裝置來執行商業、個人及社交運營,並且個人每天與多個計算裝置互動並不少見。計算裝置的實例包括桌上型電腦、膝上型電腦、一體成型裝置、平板電腦及遊戲系統,僅舉幾例。使用者經由例如鍵盤、麥克風、相機及生物識別輸入裝置等之輸入裝置與該等計算裝置互動。這些輸入裝置向計算裝置提供資料,該計算裝置對資料執行操作。Millions of people use computing devices every day to perform business, personal, and social operations, and it is not uncommon for an individual to interact with multiple computing devices on a daily basis. Examples of computing devices include desktops, laptops, all-in-one devices, tablets, and gaming systems, just to name a few. Users interact with these computing devices through input devices such as keyboards, microphones, cameras, and biometric input devices. These input devices provide data to a computing device, which performs operations on the data.

隨著計算裝置在社會中變得越來越普遍,一些發展可以進一步增強它們的整合。例如,保護計算裝置上的輸入是一個經常出現的挑戰。可能包括對操作系統及應用程式施加安全更新以及運行防病毒應用程式。儘管做出了所有這些努力,但資料仍可能通過複雜的攻擊或使用者疏忽而暴露出來。例如,惡意使用者可使用網路釣魚攻擊來安裝一鍵盤記錄器應用程式,該鍵盤記錄器應用程式使該惡意使用者能夠查看計算裝置處的鍵盤輸入。如果計算裝置經由鍵盤記錄器或其他惡意應用程式而受到威脅,則攻擊者可以從諸如鍵盤之輸入裝置擷取輸入。當使用者正在鍵入諸如密碼之安全資訊時,這一點尤其令人擔憂。As computing devices become more pervasive in society, several developments may further enhance their integration. For example, securing inputs on computing devices is a recurring challenge. This may include applying security updates to the operating system and applications and running antivirus applications. Despite all these efforts, data may still be exposed through sophisticated attacks or user negligence. For example, a malicious user may use a phishing attack to install a keylogger application that enables the malicious user to view keystrokes at the computing device. If a computing device is compromised via a keylogger or other malicious application, an attacker can capture input from an input device such as a keyboard. This is especially worrisome when the user is typing in secure information such as a password.

因此,本說明書描述了一種系統,藉此對計算裝置上執行的一應用程式之輸入係加密安全的,從而阻止任何攻擊者查看對此類應用程式的輸入。具體來說,為了阻止攻擊者存取輸入,輸入由直接耦合到一輸入裝置的一處理器所截取。在一實例中,運行在操作系統中的一應用程式,其知曉是否應該接收安全輸入,經由對該處理器的一安全命令觸發安全輸入模式。Accordingly, this specification describes a system whereby input to an application executing on a computing device is cryptographically secure, thereby preventing any attacker from viewing input to such an application. Specifically, to prevent an attacker from accessing the input, the input is intercepted by a processor directly coupled to an input device. In one example, an application running in the operating system, which knows whether secure input should be received, triggers the secure input mode via a secure command to the processor.

在接收到一觸發時,該處理器開始截取該輸入。截取後,該輸入不再通過鍵盤至操作系統之通訊線路發送到操作系統。對於該操作系統中的其他組件而言,除了請求該安全輸入模式的應用程式之外,將看似彷彿使用者沒有鍵入任何輸入。在此實例中,該處理器接收該輸入並使用已在該應用程式與該處理器之間預先共享的一金鑰對其進行加密。加密可以繼續,直到該處理器接收到指出使用者完成鍵入輸入的一信號為止。在此實例中,該輸入由該處理器經由安全通訊直接提供給該應用程式。因此,如果一鍵盤記錄器或應用程式想要獲取此資料,則此類程式必須找到並截取安全通道。即使這樣,該資料也會被加密,因此惡意使用者必須有權存取預共享金鑰才能解密該輸入。Upon receiving a trigger, the processor begins to intercept the input. After interception, the input is no longer sent to the operating system via the keyboard-to-operating system communication line. To other components in the operating system, it will appear as if the user has not typed any input, except for the application program requesting the secure input mode. In this example, the processor receives the input and encrypts it using a key that has been pre-shared between the application and the processor. Encryption can continue until the processor receives a signal indicating that the user is done typing the input. In this example, the input is provided by the processor directly to the application via secure communication. Therefore, if a keylogger or application wants to obtain this data, such a program must find and intercept the secure channel. Even then, the data is encrypted, so a malicious user must have access to the pre-shared key to decrypt the input.

在第二實例中,特別是對於鍵盤輸入,處理器可實現一隨機移位密碼。在此實施方式中,在接收到指出需要安全輸入的一觸發時,該處理器可開始將一移位密碼應用於通過鍵盤輸入的使用者輸入。作為一特定實例,鍵入的「w」可被移位,使得經加密輸入是某個其他值。在此實例中,可將密碼移位輸入解密的金鑰傳遞給應用程式。在此實例中,資料可能會繞過安全通道。然而,與第一個實例一樣,此資料是加密的,在此實例中是通過移位密碼進行。據此,如果鍵盤記錄器截取該資料,該資料將不會代表使用者實際輸入的資料,因為使用者輸入已被移位。在這兩個實例中,計算裝置防止輸入跟踪應用程式並啟用經加密資料輸入。In a second example, particularly for keyboard input, the processor may implement a random shift cipher. In this embodiment, upon receiving a trigger indicating that a security input is required, the processor may begin applying a shift code to user input entered through the keypad. As a specific example, the keyed "w" may be shifted such that the encrypted input is some other value. In this instance, the cryptographic shift input decryption key can be passed to the application. In this instance, the material may bypass the secure channel. However, as in the first example, this material is encrypted, in this case by a shift cipher. Accordingly, if a keylogger intercepts the data, the data will not represent the actual user input because the user input has been shifted. In both examples, the computing device prevents input tracking applications and enables encrypted data input.

具體而言,本說明書描述了一種計算裝置。該計算裝置包括用以基於所接收輸入來執行操作的操作系統。該計算裝置的一埠接收一輸入裝置的一連接器。該計算裝置還包括一處理器。該處理器係用以截取沿該埠與該操作系統之間的一通訊路徑從該輸入裝置接收的輸入。該處理器係用以基於一應用程式選擇一加密金鑰以接收經加密輸入並基於一經選擇加密金鑰對該輸入進行加密。該處理器係用以將經加密輸入傳送到應用程式。Specifically, this specification describes a computing device. The computing device includes an operating system to perform operations based on received input. A port of the computing device receives a connector of an input device. The computing device also includes a processor. The processor is configured to intercept input received from the input device along a communication path between the port and the operating system. The processor is configured to select an encryption key based on an application to receive encrypted input and encrypt the input based on the selected encryption key. The processor is used to send the encrypted input to the application program.

在另一個實例中,計算裝置包括如上所述的該埠及處理器。在此實例中,該處理器係用以授權及識別一應用程式以接收經加密輸入。如上所述,該處理器截取沿該埠與該操作系統之間的一通訊路徑從該輸入裝置接收的輸入。在此實例中,該處理器基於該應用程式選擇一加密金鑰以接收經加密輸入,該加密金鑰對於一特定的經加密通訊會話是唯一的。該處理器基於一經選擇加密金鑰對該輸入進行加密,並將該經加密輸入傳送到該應用程式。該處理器還阻止未經加密輸入的傳輸。In another example, a computing device includes the port and processor described above. In this example, the processor is used to authorize and identify an application to receive encrypted input. As described above, the processor intercepts input received from the input device along a communication path between the port and the operating system. In this example, the processor selects an encryption key to receive encrypted input based on the application, the encryption key being unique to a particular encrypted communication session. The processor encrypts the input based on a selected encryption key and transmits the encrypted input to the application. The processor also prevents the transmission of unencrypted input.

本說明書還描述了用數個指令編碼的一非暫時性機器可讀儲存媒體,其中術語「非暫時性」不含括暫時性傳播信號。該等指令可由一計算裝置的一處理器執行。當由該處理器執行時,該等指令係用以致使該處理器響應一第一觸發啟動一經加密通訊會話。在該經加密通訊會話期間,該等指令係用以致使該處理器授權一應用程式以接收經加密輸入;截取沿該埠與該操作系統之間的一通訊路徑從輸入裝置接收的輸入;選擇對該經加密通訊會話為唯一的一加密金鑰;基於一經選擇加密金鑰對該輸入進行加密;並將經加密輸入傳送到該應用程式。該等指令也可由該處理器執行以響應於一第二觸發終止該經加密通訊會話。This specification also describes a non-transitory machine-readable storage medium encoded with a plurality of instructions, where the term "non-transitory" does not include transitory propagated signals. The instructions are executable by a processor of a computing device. When executed by the processor, the instructions are to cause the processor to initiate an encrypted communication session in response to a first trigger. During the encrypted communication session, the instructions are to cause the processor to authorize an application to receive encrypted input; intercept input received from an input device along a communication path between the port and the operating system; select an encryption key unique to the encrypted communication session; encrypting the input based on a selected encryption key; and transmitting the encrypted input to the application. The instructions are also executable by the processor to terminate the encrypted communication session in response to a second trigger.

現在轉向附圖,圖1是根據一實例的用以執行輸入加密的計算裝置100的一方塊圖。如上所述,於輸入103從一輸入裝置傳送到操作系統106時,計算裝置100保護輸入103,諸如鍵盤輸入,使得惡意程式不會截取及盜用輸入103。Turning now to the drawings, FIG. 1 is a block diagram of a computing device 100 to perform input encryption, according to an example. As described above, computing device 100 protects input 103 , such as keyboard input, as it is transmitted from an input device to operating system 106 , so that malicious programs cannot intercept and misappropriate input 103 .

計算裝置100可以是多種類型,包括桌上型電腦、膝上型電腦、平板電腦、智慧型手機或多種其他計算裝置100中的任何一種。計算裝置100包括操作系統106,操作系統106用以基於所接收輸入接收及執行操作。也就是說,計算裝置100上的操作系統106管理計算裝置記憶體及程序以及可以安裝在計算裝置100上的應用程式108的主機。Computing device 100 may be of a variety of types, including a desktop computer, laptop computer, tablet computer, smartphone, or any of a variety of other computing devices 100 . Computing device 100 includes an operating system 106 for receiving and performing operations based on received input. That is, the operating system 106 on the computing device 100 manages the computing device memory and programs and hosts the applications 108 that can be installed on the computing device 100 .

如上所述,應用程式108及操作系統106的執行及程序取決於使用者輸入。據此,計算裝置100包括埠102,用以接收一輸入裝置的一連接器。該輸入裝置可採用多種形式。輸入裝置的實例包括麥克風、相機、鍵盤及生物識別閱讀器等。從此等輸入裝置,埠102接收輸入103,操作系統106及/或應用程式108將對輸入103採取動作。As noted above, the execution and programming of applications 108 and operating system 106 are dependent on user input. Accordingly, computing device 100 includes port 102 for receiving a connector of an input device. The input device may take a variety of forms. Examples of input devices include microphones, cameras, keyboards, and biometric readers, among others. From these input devices, port 102 receives input 103 upon which operating system 106 and/or application 108 will take action.

作為一特定實例,使用者可以將文本輸入到鍵盤中。該文本可被傳遞到一文字處理應用程式,其中該文本被顯示在一螢幕上。在另一個實例中,一使用者可對著麥克風講話,其音訊信號被傳遞到通訊應用程式108,其中該音訊信號可被記錄及/或傳送給一第三方。儘管具體提到了幾個輸入裝置,但是可根據本文描述的原理來實現多種輸入裝置。因此,埠102可採用多種形式來匹配該輸入裝置的該連接器。例如,埠102可以是一輔助埠或一通用串列匯流排(USB)埠。As a specific example, a user may enter text into a keyboard. The text can be passed to a word processing application, where the text is displayed on a screen. In another example, a user may speak into a microphone and the audio signal is passed to the communication application 108, where the audio signal may be recorded and/or transmitted to a third party. Although a few input devices are specifically mentioned, a variety of input devices can be implemented in accordance with the principles described herein. Therefore, port 102 can take various forms to match the connector of the input device. For example, port 102 may be an auxiliary port or a Universal Serial Bus (USB) port.

如上所述,雖然輸入103可以允許計算裝置100執行某些操作,但輸入103也容易受到惡意攻擊。即,惡意應用程式可能截取輸入103並因此可能獲得對機密資訊的存取權。作為特定實例,使用者可能正在鍵入使用者名稱及密碼以存取一安全文件。在此實例中,一鍵盤記錄器應用程式可以跟踪輸入103,即,使用者名稱及密碼,使得不法使用者知道使用者名稱及密碼並且可以使用其來獲得對該安全文件的未授權存取。As noted above, while input 103 may allow computing device 100 to perform certain operations, input 103 is also vulnerable to malicious attacks. That is, a malicious application may intercept input 103 and thus may gain access to confidential information. As a specific example, a user may be typing a username and password to access a secure file. In this example, a keylogger application can track the input 103, username and password, so that a malicious user knows the username and password and can use them to gain unauthorized access to the secure file.

因此,計算裝置100包括一處理器104,該處理器104阻止這種未授權存取,特別是藉由沿著埠102與操作系統106之間的通訊路徑保護輸入103。如圖1所示,處理器104位於在埠102與操作系統106之間,並充當從一輸入裝置接收的輸入103的守門員。具體地,處理器104截取從該輸入裝置接收的輸入103。如圖1所示,輸入103可以是未加密的。也就是說,其可以表示從該輸入裝置接收到的原始資料。這種未加密的輸入103,如果允許在未加密的情況下通過,則可能容易受到攻擊及盜用。Accordingly, computing device 100 includes a processor 104 that prevents such unauthorized access, in particular by securing input 103 along the communication path between port 102 and operating system 106 . As shown in FIG. 1, processor 104 sits between port 102 and operating system 106 and acts as a gatekeeper for input 103 received from an input device. Specifically, the processor 104 intercepts the input 103 received from the input device. As shown in Figure 1, input 103 may be unencrypted. That is, it may represent raw material received from the input device. Such unencrypted input 103, if allowed to pass unencrypted, may be vulnerable to attack and misappropriation.

處理器104基於應用程式108來選擇加密金鑰以接收經加密輸入105。也就是說,可能有多種應用程式108於計算裝置100上執行,其中的每一個都可以受益於與該輸入裝置之安全及加密的通訊。並非針對所有應用程式108都使用單個加密金鑰,處理器104可以識別一特定的應用程式108,並選擇唯一的並且特別映射到該應用程式108的一加密金鑰。Processor 104 selects an encryption key based on application 108 to receive encrypted input 105 . That is, there may be multiple applications 108 executing on computing device 100, each of which may benefit from secure and encrypted communication with the input device. Rather than using a single encryption key for all applications 108 , the processor 104 can identify a particular application 108 and select an encryption key that is unique and specifically mapped to that application 108 .

作為一特定實例,可以實現一密碼移位,其中從一鍵盤接收的數個鍵擊被移位一定量或基於一特定功能隨機化。在此實例中,用於一第一應用程式的一密碼移位可以將該等鍵擊移位一第一量,而用於一第二應用程式的一密碼移位可以將該等鍵擊移位一第二量。在另一實例中,用於一第一應用程式的一密碼移位可以基於一第一函數隨機化該等鍵擊,而用於一第二應用程式的一密碼移位可以基於一第二函數隨機化該等鍵擊。這樣,處理器104係用以授權及識別已請求經加密輸入105的應用程式108,使得每次該應用程式108請求安全通訊時,用於該應用程式108的相關聯加密金鑰在加密期間被調用及使用。As a specific example, a password shift can be implemented where keystrokes received from a keyboard are shifted by a certain amount or randomized based on a particular function. In this example, a password shift for a first application may shift the keystrokes by a first amount, while a password shift for a second application may shift the keystrokes Bit one second quantity. In another example, a password shift for a first application may randomize the keystrokes based on a first function, while a password shift for a second application may be based on a second function Randomizes the keystrokes. In this way, the processor 104 is used to authorize and identify the application 108 that has requested the encrypted input 105, so that each time the application 108 requests a secure communication, the associated encryption key for the application 108 is encrypted during encryption. call and use.

在一實例中,處理器104可以存取一資料庫,該資料庫包括加密金鑰及應用程式108之間的一映射。例如,第一應用程式108可以與一第一加密金鑰相關聯。在此實例中,當第一應用程式108請求安全通訊並且被處理器104授權及識別時,處理器104可以擷取與第一應用程式108相關聯的加密金鑰。In one example, processor 104 may access a database including a mapping between encryption keys and applications 108 . For example, the first application 108 may be associated with a first encryption key. In this example, the processor 104 may retrieve the encryption key associated with the first application 108 when the first application 108 requests secure communication and is authorized and recognized by the processor 104 .

雖然特別提到了基於資料庫條目的加密金鑰分配,但也可以出現其他形式的加密金鑰分配。例如,加密金鑰對於一特定經加密通訊會話可能是唯一的。也就是說,每次請求安全輸入時,處理器104可以依序地或隨機地選擇用於該經加密通訊會話的一加密金鑰。在此實例中,處理器104可以在認證期間或之後將該加密金鑰傳送到應用程式108。While specific mention is made of cryptographic key distribution based on repository entries, other forms of cryptographic key distribution can occur. For example, an encryption key may be unique to a particular encrypted communication session. That is, each time a secure input is requested, the processor 104 may sequentially or randomly select an encryption key for the encrypted communication session. In this example, processor 104 may transmit the encryption key to application 108 during or after authentication.

在另一個實例中,應用程式108可以在認證期間或之後將該加密金鑰傳送給處理器104。也就是說,應用程式108可以包括元資料或命令,該等元資料或命令傳送到請求安全輸入之處理器104並且指示處理器104使用特定加密方案來保護輸入。在此實例中,處理器104基於來自應用程式108的該等元資料或命令來選擇該加密金鑰。在任一實例中,該加密金鑰的共享允許處理器104及應用程式108在接收時加密及解密該輸入。在任一實例中,該加密金鑰可以經由一安全通道共享,如圖2及3所示。In another example, the application 108 may transmit the encryption key to the processor 104 during or after authentication. That is, the application 108 may include metadata or commands that are communicated to the processor 104 requesting secure input and instructing the processor 104 to secure the input using a particular encryption scheme. In this example, processor 104 selects the encryption key based on the metadata or commands from application 108 . In either example, sharing of the encryption key allows processor 104 and application 108 to encrypt and decrypt the input upon receipt. In either instance, the encryption key can be shared via a secure channel, as shown in FIGS. 2 and 3 .

在任一實例中,在該加密金鑰的通訊之後,處理器104基於該經選擇加密金鑰對輸入103進行加密,並將經加密輸入105傳送到應用程式108。傳輸可以採取多種形式。作為一實例,處理器104可以響應於終止該經加密通訊會話的一觸發,將經加密輸入105作為區塊傳送。例如,當應用程式108是鍵入使用者名稱及密碼的安全視窗時,可以將加密的使用者名稱及密碼作為「鍵入」鍵傳送,或者選擇一使用者界面元件來指示該密碼及使用者名稱已經被鍵入,並且已準備好傳輸。In either example, following communication of the encryption key, processor 104 encrypts input 103 based on the selected encryption key and transmits encrypted input 105 to application 108 . Transmission can take many forms. As an example, processor 104 may transmit encrypted input 105 as blocks in response to a trigger to terminate the encrypted communication session. For example, when the application program 108 is a secure window for entering a username and password, the encrypted username and password may be sent as a "type" key, or a user interface element may be selected to indicate that the password and username have been entered. is typed, and is ready to transmit.

在另一個實例中,處理器104可以在輸入103被接收及加密時傳送經加密輸入105。也就是說,加密可以在接收到輸入103時即時發生。例如,當使用者正在為一文字處理文件鍵入文本時,處理器104可以對該文本進行加密移位並將該經移位文本傳送到應用程式108。在接收到時,應用程式108將經加密輸入105進行解密。In another example, processor 104 may transmit encrypted input 105 when input 103 is received and encrypted. That is, encryption can occur on the fly when input 103 is received. For example, when a user is typing text for a word processing document, processor 104 may cryptographically shift the text and transmit the shifted text to application 108 . Upon receipt, the application 108 decrypts the encrypted input 105 .

在一實例中,使用者可能不知道任何加密,因為顯示的文本可能與鍵入的文本匹配。然而,由於處理器104在將文本發送到文字處理應用程式108之前對該文本進行加密的活動,輸入103受到保護以免受惡意攻擊。除了傳送經加密輸入105之外,處理器104可以阻止未加密輸入的傳輸。也就是說,對於除了請求加密通訊的應用程式108之外的所有其他應用程式,其可能看起來好像沒有輸入被接收。In one example, the user may not be aware of any encryption because the displayed text may match the typed text. However, due to the activity of processor 104 in encrypting the text before sending it to word processing application 108, input 103 is protected from malicious attacks. In addition to transmitting encrypted input 105, processor 104 may prevent transmission of unencrypted input. That is, to all other applications except the one requesting encrypted communication 108, it may appear as if no input was received.

雖然特別提到了對鍵盤輸入進行加密,但其他類型的輸入103可以類似地被加密。例如,處理器104可以接收音訊輸入並使用音訊加密在音訊到達操作系統106或音訊應用程式108之前對其進行編碼。加密金鑰可以如上所述從應用程式108共享到處理器104或從處理器104共享到應用程式108。在任一情況下,音訊應用程式108可以解密音訊信號,使得該音訊信號不易受到沿埠102與應用程式108之間的通訊路徑的攻擊。以類似的方式,視訊資料或其他輸入可以在其從輸入裝置傳遞到應用程式108時被加密,應用程式108將對其進行操作。While encryption of keyboard input is specifically mentioned, other types of input 103 may be similarly encrypted. For example, processor 104 may receive audio input and use audio encryption to encode the audio before it reaches operating system 106 or audio application 108 . The encryption key may be shared from the application 108 to the processor 104 or from the processor 104 to the application 108 as described above. In either case, the audio application 108 can decrypt the audio signal, making the audio signal less vulnerable to the communication path between the port 102 and the application 108 . In a similar manner, video data or other input may be encrypted as it passes from the input device to the application 108, which will operate on it.

在一實例中,處理器104可以與其他組件整合。也就是說,在一個實例中,處理器104可以是單獨的組件,例如中央處理單元(CPU)。在另一個實例中,處理器104可以與包括其他組件以及諸如暫存器、資料庫及/或記憶體資源的一嵌入式控制器整合。In an example, processor 104 may be integrated with other components. That is, in one example, processor 104 may be a separate component, such as a central processing unit (CPU). In another example, processor 104 may be integrated with an embedded controller including other components and resources such as registers, databases, and/or memory.

例如,該嵌入式控制器可以包括各種硬體組件,其可以包括處理器104及記憶體。處理器104可以包括用以從記憶體擷取可執行碼並執行該可執行碼的硬體架構。作為具體實例,如本文所述的控制器可以包括電腦可讀儲存媒體、電腦可讀儲存媒體及處理器104、應用特定積體電路(ASIC)、基於半導體的微處理器、中央處理單元(CPU)、及現場可規劃閘陣列(FPGA)及/或其他硬體裝置。For example, the embedded controller may include various hardware components, which may include a processor 104 and memory. Processor 104 may include hardware architecture for retrieving executable code from memory and executing the executable code. As specific examples, a controller as described herein may include a computer-readable storage medium, a computer-readable storage medium and a processor 104, an application-specific integrated circuit (ASIC), a semiconductor-based microprocessor, a central processing unit (CPU) ), and Field Programmable Gate Array (FPGA) and/or other hardware devices.

記憶體可以包括電腦可讀儲存媒體,該電腦可讀儲存媒體可以含括或儲存電腦可用程式碼以供一指令執行系統、設備或裝置使用或與其結合使用。記憶體可以採用多種類型的記憶體,包括依電性及非依電性記憶體。例如,記憶體可以包括隨機存取記憶體(RAM)、唯讀記憶體(ROM)、光學記憶體碟盤及磁碟等。當由控制器執行時,可執行碼可以使控制器實現本文描述的功能性。因此,本計算裝置100在硬體級別保護輸入資料,確保輸入資料保持安全以防止輸入竊取操作。Memory may include computer-readable storage media that may contain or store computer-usable program code for use by or in connection with an instruction execution system, apparatus, or device. Various types of memory can be used for the memory, including volatile and non-volatile memory. For example, memory may include random access memory (RAM), read only memory (ROM), optical memory disks, magnetic disks, and the like. When executed by the controller, the executable code can cause the controller to implement the functionality described herein. Therefore, the computing device 100 protects the input data at the hardware level to ensure that the input data remains safe to prevent input stealing operations.

圖2是根據一實例用以執行輸入加密之計算裝置100的方塊圖。如上所述,在一個實例中,處理器104利用安全通道210將經加密輸入105傳送到操作系統106。也就是說,處理器104不利用與操作系統106的直接通訊通道,而是通過中間安全通道210傳送受保護且經加密輸入105,以確保經加密輸入105被進一步保護。即,經加密輸入105不僅由於其加密而免受攻擊,而且由於通過具有增強安全特徵的通訊信道而免受攻擊。2 is a block diagram of a computing device 100 for performing input encryption, according to an example. As noted above, in one example, processor 104 utilizes secure channel 210 to communicate encrypted input 105 to operating system 106 . That is, instead of utilizing a direct communication channel with the operating system 106, the processor 104 transmits the protected and encrypted input 105 through an intermediate secure channel 210 to ensure that the encrypted input 105 is further protected. That is, the encrypted input 105 is not only protected from attack due to its encryption, but also from passing through the communication channel with enhanced security features.

在此實例中,當輸入103被接收及加密時,處理器104經由安全通道210將經加密輸入105轉發到應用程式108及/或操作系統106。這樣的安全通道210可以採取多種形式。作為一特定實例,安全通道210可以實現直接記憶體存取、共享記憶體存取或其組合。在共享記憶體存取中,處理器104及操作系統106都可以存取儲存在其上的資料。因此,不是由一個組件(即處理器104或操作系統106)收集資訊,而是兩者都可以存取記憶體。在此實例中,應用程式108使用帶外通訊通道,諸如裝置記憶體映射輸入/輸出視窗,讀取經加密輸入105,而非依賴於操作系統106中的現有輸入通道。這樣做可藉由混淆輸入流向應用程式108的通道來增加安全性。In this example, when input 103 is received and encrypted, processor 104 forwards encrypted input 105 to application 108 and/or operating system 106 via secure channel 210 . Such a safety channel 210 may take a variety of forms. As a specific example, secure channel 210 may implement direct memory access, shared memory access, or a combination thereof. In shared memory access, both the processor 104 and the operating system 106 can access data stored thereon. Thus, instead of one component (ie, processor 104 or operating system 106) collecting information, both can access memory. In this example, application 108 reads encrypted input 105 using an out-of-band communication channel, such as a device memory mapped I/O window, rather than relying on existing input channels in operating system 106 . Doing so may increase security by obfuscating the channeling of input flow to the application 108 .

在另一實例中,安全通道210包括一直接記憶體存取。在此實例中,處理器104可以與CPU分離。在一直接記憶體存取中,處理器104及操作系統106可以獨立於CPU存取儲存經加密輸入105的記憶體。在這種情況下,正在加密輸入103的處理器104將經加密金鑰資料直接寫入目標應用程式108的運行時記憶體。這允許處理器104驗證目標應用程式108是預期應用程式以及驗證目標應用程式108在傳遞經加密輸入105之前按預期運行。此實例還允許處理器104確保目標應用程式108接收到經加密輸入105。In another example, the secure channel 210 includes a direct memory access. In this example, processor 104 may be separate from the CPU. In a direct memory access, the processor 104 and the operating system 106 can access the memory storing the encrypted input 105 independently of the CPU. In this case, the processor 104 that is encrypting the input 103 writes the encrypted key data directly into the runtime memory of the target application 108 . This allows processor 104 to verify that target application 108 is the intended application and to verify that target application 108 is functioning as expected before passing encrypted input 105 . This example also allows processor 104 to ensure that encrypted input 105 is received by target application 108 .

雖然具體提到了不同安全通道210組件,但在其他實例中,可以實施不同組件以進一步確保經加密輸入105在傳送到操作系統106期間被進一步保護。While specific reference is made to different secure channel 210 components, in other examples different components may be implemented to further ensure that encrypted input 105 is further secured during transmission to operating system 106 .

經由此相同的安全通道210,操作系統106及處理器104可以共享用於經加密通訊會話的加密金鑰。也就是說,無論是應用程式108與處理器104共享該加密金鑰還是處理器104與應用程式108共享該加密金鑰,這種共享都可以經由安全通道210來確保沒有惡意使用者獲得對該加密金鑰的未授權存取。Through this same secure channel 210, the operating system 106 and the processor 104 can share encryption keys for encrypted communication sessions. That is to say, whether the application program 108 shares the encryption key with the processor 104 or the processor 104 shares the encryption key with the application program 108, this sharing can ensure that no malicious user obtains the encryption key via the secure channel 210 Unauthorized access to encryption keys.

現在提供一個特定實例,其中處理器104形成一嵌入式控制器的一部分。在此實例中,應用程式108可以通過安全通道210向該嵌入式控制器傳遞一請求以啟動一經加密通訊會話。響應於該請求並響應於一加密金鑰的共享,該嵌入式控制器截取輸入103。在截取時,輸入103被加密並放置在一共享記憶體位置中。應用程式108讀取儲存在該共享記憶體位置的資訊並藉由驗證一簽名及解密輸入以供應用程式108使用來處理資料。A specific example is now provided where processor 104 forms part of an embedded controller. In this example, the application 108 may send a request to the embedded controller via the secure channel 210 to initiate an encrypted communication session. In response to the request and in response to the sharing of an encryption key, the embedded controller intercepts input 103 . Upon interception, the input 103 is encrypted and placed in a shared memory location. The application 108 reads the information stored at the shared memory location and processes the data by verifying a signature and decrypting the input for use by the application 108 .

圖3是根據一實例的用以進行輸入加密的計算裝置100的一方塊圖。如上所述,在一些實例中,該輸入裝置是一鍵盤。當該輸入裝置是一鍵盤並且輸入103是文本輸入時,處理器104可以對該文本輸入進行密碼移位以產生經加密輸入105。移位密碼可以將該文本輸入移位一定量。例如,使用者可以鍵入字母「a」。但是,移位可能會在經加密輸入中輸出字母「f」來代替「a」。這可以發生在所有文本輸入中,使得實際輸入文本被密碼移位混淆。3 is a block diagram of a computing device 100 for input encryption, according to an example. As noted above, in some examples, the input device is a keyboard. When the input device is a keyboard and input 103 is text input, processor 104 may cryptographically shift the text input to generate encrypted input 105 . A shift cipher can shift the text input by a certain amount. For example, a user may type the letter "a". However, a shift might output the letter "f" in place of "a" in the encrypted input. This can happen with all text input such that the actual input text is obfuscated by the cipher shift.

在此實例中,處理器104可以將密碼移位的經加密輸入105直接傳送到操作系統106或應用程式108。也就是說,經加密輸入105可以繞過安全通道210,而直接傳送到操作系統106或應用程式108。在此實例中,即使一惡意應用程式可以截取經加密輸入105,該惡意應用程式也可能無法解譯輸入,因為輸入被加密。In this example, processor 104 may transmit cryptographically shifted encrypted input 105 directly to operating system 106 or application 108 . That is, the encrypted input 105 can bypass the secure channel 210 and be directly transmitted to the operating system 106 or the application 108 . In this example, even if a malicious application could intercept encrypted input 105, the malicious application may not be able to decipher the input because the input is encrypted.

為了解密經加密輸入105,處理器104可以與應用程式108共享密碼移位金鑰307。在一實例中,處理器104經由安全通道210向應用程式108提供密碼移位金鑰307。這樣,密碼移位金鑰307及密碼移位的經加密輸入105沿不同路徑從處理器104傳遞到操作系統106。這樣做可確保惡意應用程式,即使能夠截取密碼移位輸入,也不能解譯經加密輸入105,因為密碼移位金鑰307經由一不同通道(即安全通道210)共享而免受攻擊。To decrypt encrypted input 105 , processor 104 may share cryptographic shift key 307 with application 108 . In one example, the processor 104 provides the cryptographic shift key 307 to the application 108 via the secure channel 210 . In this way, cryptographically shifted key 307 and cryptographically shifted encrypted input 105 are passed from processor 104 to operating system 106 along different paths. Doing so ensures that a malicious application, even if able to intercept the password shift input, cannot decipher the encrypted input 105 because the password shift key 307 is shared via a different channel (ie, secure channel 210 ) from attack.

圖4是根據一實例的用以進行輸入加密的方法400的一流程圖。在步驟401,方法400包括響應於一第一觸發而啟動一經加密通訊會話。具體而言,可能的情況是,計算裝置100上的某些應用程式108被指定為需要加密通訊的應用程式108而其他應用程式108可以在沒有加密通訊的情況下執行。作為一特定實例,經由使用者名稱及密碼提供授權進入一檔案系統的應用程式108可以是需要對使用者名稱及密碼進行加密的應用程式108。因此,一觸發確立在此特定應用程式108處所接收任何輸入都需要加密通訊。FIG. 4 is a flowchart of a method 400 for input encryption, according to an example. At step 401, method 400 includes initiating an encrypted communication session in response to a first trigger. Specifically, it may be the case that certain applications 108 on computing device 100 are designated as applications 108 that require encrypted communications while other applications 108 may execute without encrypted communications. As a specific example, an application 108 that provides authorization to enter a file system via a username and password may be an application 108 that requires encryption of the username and password. Therefore, a trigger establishes that any input received at this particular application 108 requires encrypted communication.

該第一觸發可以採取多種形式。例如, 該第一觸發可以是來自請求一經加密通訊會話之應用程式108的元資料。也就是說,應用程式108本身可以包括指出需要加密的程式碼。在此實例中,應用程式108可以將該元資料傳送到處理器104以啟動該經加密通訊會話。除了加密請求之外,應用程式108還可以傳送要在會話期間使用的加密金鑰。This first trigger can take many forms. For example, the first trigger may be metadata from the application 108 requesting an encrypted communication session. That is, the application 108 itself may include code indicating that encryption is required. In this example, application 108 may transmit the metadata to processor 104 to initiate the encrypted communication session. In addition to the encryption request, the application 108 may also transmit an encryption key to be used during the session.

在另一個實例中,該觸發可以經由使用者輸入。例如,計算裝置100可以包括機械開關,諸如一鍵盤按鈕,其中使用者觸發該經加密通訊會話。作為另一實例,使用者輸入可以經由一使用者界面元件,諸如一圖標,其被規劃為觸發處理器104開始經加密通訊。In another example, the trigger can be via user input. For example, computing device 100 may include a mechanical switch, such as a keyboard button, where a user triggers the encrypted communication session. As another example, user input may be via a user interface element, such as an icon, programmed to trigger processor 104 to initiate encrypted communication.

在步驟402,方法400包括授權應用程式108接收經加密輸入105。具體地,如上所述,處理器104可以認證應用程式108作為一安全措施。在步驟403,方法400包括截取輸入103。在步驟404,方法400包括選擇對該經加密通訊會話是唯一的一加密金鑰。也就是說,如上所述,該加密金鑰對於請求經加密通訊之應用程式108可以是唯一的。At step 402 , method 400 includes authorization application 108 receiving encrypted input 105 . Specifically, as described above, processor 104 may authenticate application 108 as a security measure. At step 403 , method 400 includes intercepting input 103 . At step 404, method 400 includes selecting an encryption key unique to the encrypted communication session. That is, the encryption key may be unique to the application 108 requesting the encrypted communication, as described above.

在一些實例中,該加密金鑰可以不僅對於應用程式108是唯一的,而且對於該經加密通訊會話也可以是唯一的。例如,在某些情況下,處理器104可以隨機或按順序選擇一加密金鑰以用於一特定經加密通訊會話。在另一個實例中,資料庫可以包括各種加密金鑰,每個加密金鑰映射到單個應用程式108。也就是說,每個應用程式108可以具有分配予其之數個加密金鑰。在此實例中,當與特定應用程式108通訊時,處理器104可以依序地或隨機地循環使用分配給特定應用程式108的該等加密金鑰。In some examples, the encryption key may not only be unique to the application 108, but may also be unique to the encrypted communication session. For example, in some cases, processor 104 may randomly or sequentially select an encryption key to use for a particular encrypted communication session. In another example, the database may include various encryption keys, each mapping to a single application 108 . That is, each application 108 may have a number of encryption keys assigned to it. In this example, the processor 104 may cycle through the encryption keys assigned to a particular application 108 sequentially or randomly when communicating with the particular application 108 .

在步驟405,方法400包括對輸入103進行加密,並且在步驟406,方法400包括將經加密輸入105傳送到應用程式108。At step 405 , method 400 includes encrypting input 103 , and at step 406 method 400 includes transmitting encrypted input 105 to application 108 .

在步驟407,方法400包括終止該經加密通訊會話。這樣的終止可以響應於一第二觸發。也就是說,計算裝置100包括一機制,通過該機制可以指示處理器104暫時停止截取輸入103。這可以在使用者從當前正在使用的應用程式108切換並與操作系統106中之另一個應用程式108互動於返回該應用程式108以完成鍵入安全輸入資料之前時使用。在另一個實例中,這可以在使用者停止使用請求經加密輸入105的應用程式108時使用。這種機制也可以取消當前的輸入請求。例如,如果應用程式108在該請求完成之前關閉,則處理器104可以取消該請求。At step 407, method 400 includes terminating the encrypted communication session. Such termination may be in response to a second trigger. That is, computing device 100 includes a mechanism by which processor 104 may be instructed to temporarily stop intercepting input 103 . This can be used when the user switches from the application 108 currently in use and interacts with another application 108 in the operating system 106 before returning to that application 108 to complete entering secure input data. In another example, this can be used when the user stops using the application 108 that requested the encrypted input 105 . This mechanism can also cancel the current input request. For example, processor 104 may cancel the request if application 108 closes before the request is completed.

該第二觸發可以採取多種形式。例如,該第二觸發可以是輸入裝置正在向其提供輸入之應用程式108的停用。例如,使用者可以關閉最初請求經加密通訊的應用程式108的視窗,或者可以切換到尚未請求經加密通訊的另一個應用程式108。這種追踪可以通過使用驅動程式來完成,該驅動程式監視是否選擇了已請求經加密輸入105的應用程式108。響應於該觸發,處理器104可以停止截取及加密輸入103並且可以返回以將未加密輸入傳送到計算裝置100的應用程式108。This second trigger can take a variety of forms. For example, the second trigger may be the deactivation of the application 108 to which the input device is providing input. For example, the user may close the window of the application 108 that originally requested encrypted communication, or may switch to another application 108 that has not yet requested encrypted communication. This tracking can be done by using a driver that monitors whether the application 108 that has requested the encrypted input 105 is selected. In response to the trigger, processor 104 may stop intercepting and encrypting input 103 and may return to transmitting unencrypted input to application 108 of computing device 100 .

在另一實例中,該第二觸發可以是一會話終止鍵擊。例如,在鍵入使用者名稱及密碼之後,使用者可以按下「鍵入」鍵或者可以起動一使用者圖標元件。響應於該鍵擊,處理器104可以停止對輸入103進行截取及加密並且可以返回以將未加密輸入傳送到計算裝置100的應用程式108。In another example, the second trigger may be a session termination keystroke. For example, after entering a username and password, the user may press the "enter" key or may activate a user icon element. In response to the keystroke, processor 104 may stop intercepting and encrypting input 103 and may return to transmitting unencrypted input to application 108 of computing device 100 .

在又一實例中,該第二觸發可以是超時時段的逾期。該超時時段可以定義沒有接收到輸入103的時間量。也就是說,如果處理器104在一段時間內沒有接收到任何輸入103,則可以自動取消請求。例如,使用者可能離開他們的計算裝置100。如果已經過足夠的時間,則處理器104可以終止該經加密通訊會話並返回以傳送所接收未加密輸入。在一個實例中,該超時時段可以指為完成請求而設定的時間段。如果在給定時間段內未完成加密,則可以終止經加密會話。在這些實例的任一個中,處理器104可以向使用者提供該經加密通訊會話已經終止的一通知。In yet another example, the second trigger may be the expiration of a timeout period. The timeout period may define the amount of time that no input 103 is received. That is, if the processor 104 does not receive any input 103 for a period of time, the request may be automatically canceled. For example, a user may step away from their computing device 100 . If sufficient time has elapsed, processor 104 may terminate the encrypted communication session and return to transmit the received unencrypted input. In one example, the timeout period may refer to a time period set for the request to be completed. The encrypted session may be terminated if encryption is not completed within a given time period. In either of these examples, processor 104 may provide a notification to the user that the encrypted communication session has terminated.

圖5是根據一實例的用以執行輸入加密的計算裝置100的方塊圖。在圖5描繪的實例中,計算裝置100包括一管理程式512。在此實例中,不是將經加密輸入105僅傳送給請求經加密通訊的應用程式108,而是經由加密的安全性對所有應用程式108-1、108-2都可用。在此實例中,管理程式512可以接收上述的經加密輸入105。也就是說,處理器104可以對輸入103進行加密並經由一安全通道210將其傳遞給管理程式512,如上結合圖2所述,或者可以對輸入103進行密碼移位並且直接將經加密輸入105傳遞給管理程式512,如上結合圖3所述。在此實例中,管理程式512可以解密使用者輸入並將經解密輸入509傳送到一第一應用程式108-1及一第二應用程式108-2。5 is a block diagram of a computing device 100 to perform input encryption, according to an example. In the example depicted in FIG. 5 , computing device 100 includes a hypervisor 512 . In this example, rather than sending the encrypted input 105 only to the application 108 requesting the encrypted communication, the security through encryption is available to all applications 108-1, 108-2. In this example, hypervisor 512 may receive encrypted input 105 as described above. That is, processor 104 may encrypt input 103 and pass it to hypervisor 512 via a secure channel 210, as described above in connection with FIG. 2, or may cryptographically shift input 103 and pass encrypted input 105 directly Passed to the management program 512, as described above in conjunction with FIG. 3 . In this example, the hypervisor 512 may decrypt the user input and transmit the decrypted input 509 to a first application 108-1 and a second application 108-2.

在此實例中,仍然可以基於計算裝置100的應用程式108來確定加密金鑰。也就是說,處理器104可以識別要接收使用者輸入的應用程式108並且可以選擇特定於那些應用程式108的一加密金鑰。In this example, the encryption key may still be determined based on the application 108 of the computing device 100 . That is, the processor 104 can identify the applications 108 to receive user input and can select an encryption key specific to those applications 108 .

在要接收輸入103的應用程式108的上游實施管理程式512可以使應用程式108的安全通訊可用,否則應用程式108可能對資料盜用毫無準備。例如,安全存取應用程式可以意識到入侵安全存取應用程式上共享的使用者名稱及密碼的需要性,因此可能會觸發經加密通訊。然而,可能不包括用於經加密通訊之一觸發的文字處理應用程式108也可能容易受到安全駭客攻擊。因此,藉由實施管理程式512,即使那些不包括加密觸發的應用程式108也可以接收已經安全傳送的輸入103。Implementing the hypervisor 512 upstream of the application 108 that is to receive the input 103 may enable secure communication for the application 108 that might otherwise be unprepared for data theft. For example, the secure access application may be aware of the need to hack into the shared username and password on the secure access application, thus potentially triggering encrypted communication. However, a word processing application 108 that may not include a trigger for one of the encrypted communications may also be vulnerable to security hacking. Thus, by implementing the hypervisor 512, even those applications 108 that do not include encryption triggers can receive input 103 that has been securely transmitted.

圖6描繪了根據一實例的用以執行輸入加密的非暫時性機器可讀儲存媒體。如在本說明書中所使用者,術語「非暫時性」不含括暫時性傳播信號。為了實現其期望的功能,計算裝置100包括各種硬體組件。具體地,計算裝置100包括處理器104及機器可讀儲存媒體614。機器可讀儲存媒體614通訊地耦合到處理器。機器可讀儲存媒體614包括用以執行指定功能的多個指令616、618、620、622、624、626、628。機器可讀儲存媒體614致使處理器執行指令616、618、620、622、624、626、628的指定功能。機器可讀儲存媒體614可以儲存資料、程式、指令或任何其他可用於操作計算裝置100的機器可讀資料。機器可讀儲存媒體614可儲存計算裝置100之處理器可處理或執行的電腦可讀指令。機器可讀儲存媒體614可以是含有或儲存可執行指令的電子、磁性、光學或其他實體儲存裝置。機器可讀儲存媒體614可以是例如隨機存取記憶體(RAM)、電氣可抹除可規劃唯讀記憶體(EEPROM)、儲存裝置、光碟等。機器可讀儲存媒體614可以是非暫時性機器可讀儲存媒體614。6 depicts a non-transitory machine-readable storage medium used to perform input encryption, according to an example. As used in this specification, the term "non-transitory" does not include transient propagating signals. In order to achieve its desired functionality, computing device 100 includes various hardware components. Specifically, the computing device 100 includes a processor 104 and a machine-readable storage medium 614 . A machine-readable storage medium 614 is communicatively coupled to the processor. The machine-readable storage medium 614 includes a plurality of instructions 616, 618, 620, 622, 624, 626, 628 for performing specified functions. The machine-readable storage medium 614 causes the processor to perform the specified functions of the instructions 616 , 618 , 620 , 622 , 624 , 626 , 628 . The machine-readable storage medium 614 can store data, programs, instructions, or any other machine-readable material that can be used to operate the computing device 100 . The machine-readable storage medium 614 can store computer-readable instructions that can be processed or executed by the processor of the computing device 100 . The machine-readable storage medium 614 may be an electronic, magnetic, optical, or other physical storage device that contains or stores executable instructions. The machine-readable storage medium 614 may be, for example, random access memory (RAM), electrically erasable programmable read-only memory (EEPROM), a storage device, an optical disc, and the like. Machine-readable storage medium 614 may be a non-transitory machine-readable storage medium 614 .

參考圖6,啟動指令616,當由該處理器執行時,致使該處理器響應於一第一觸發而啟動一經加密通訊會話。授權指令618,當由該處理器執行時,可以致使該處理器在該經加密通訊會話期間授權應用程式108接收經加密輸入105。截取指令620,當由該處理器執行時,可以致使該處理器在該經加密通訊會話期間,截取從一輸入裝置沿一埠102與操作系統106之間的一通訊路徑接收的輸入103。選擇指令622,當由該處理器執行時,可以致使該處理器在該經加密通訊會話期間選擇對該經加密通訊會話為唯一的一加密金鑰。加密指令624,當由該處理器執行時,可以致使該處理器在該經加密通訊會話期間基於一經選擇加密金鑰對輸入103進行加密。傳送指令626,當由該處理器執行時,可以致使該處理器在該經加密通訊會話期間將經加密輸入105傳送到應用程式。終止指令628,在由該處理器執行時,可以致使該處理器響應於一第二觸發而終止該經加密通訊會話。Referring to FIG. 6, start instructions 616, when executed by the processor, cause the processor to start an encrypted communication session in response to a first trigger. Authorization instructions 618, when executed by the processor, may cause the processor to authorize the application 108 to receive encrypted input 105 during the encrypted communication session. Intercept instructions 620, when executed by the processor, may cause the processor to intercept input 103 received from an input device along a communication path between a port 102 and the operating system 106 during the encrypted communication session. Select instructions 622, when executed by the processor, may cause the processor to select an encryption key unique to the encrypted communication session during the encrypted communication session. Encryption instructions 624, when executed by the processor, may cause the processor to encrypt input 103 during the encrypted communication session based on a selected encryption key. Send instructions 626, when executed by the processor, may cause the processor to send encrypted input 105 to an application during the encrypted communication session. Terminate instructions 628, when executed by the processor, may cause the processor to terminate the encrypted communication session in response to a second trigger.

100:計算裝置 102:埠 103:輸入 104:處理器 105:經加密輸入 106:操作系統 108:應用程式 108-1:應用程式,第一應用程式 108-2:應用程式,第二應用程式 210:安全通道 307:密碼移位金鑰 400:方法 401,402,403,404,405,406,407:步驟 509:經解密輸入 512:管理程式 614:機器可讀儲存媒體 616:啟動指令 618:授權指令 620:截取指令 622:選擇指令 624:加密指令 626:傳送指令 628:終止指令 100: computing device 102: port 103: input 104: Processor 105: encrypted input 106: Operating system 108: Apps 108-1: Application, first application 108-2: Application, Second Application 210: safe passage 307: password shift key 400: method 401, 402, 403, 404, 405, 406, 407: steps 509: Decrypted input 512: Management program 614: Machine-readable storage medium 616: start command 618: Authorization instruction 620: Intercept command 622: select command 624: encryption instruction 626:Transfer command 628: Terminate command

附圖圖示了本文描述的原理的各種實例並且是說明書的一部分。所示實例僅用於說明,並不限制申請專利範圍的範圍。The drawings illustrate various examples of the principles described herein and are a part of the specification. The examples shown are for illustration only and do not limit the scope of the claimed claims.

圖1是根據一實例的用以執行輸入加密的一計算裝置的一方塊圖。1 is a block diagram of a computing device to perform input encryption, according to an example.

圖2是根據一實例的用以執行輸入加密的一計算裝置的一方塊圖。2 is a block diagram of a computing device to perform input encryption, according to an example.

圖3是根據一實例的用以執行輸入加密的一計算裝置的一方塊圖。3 is a block diagram of a computing device to perform input encryption, according to an example.

圖4是根據一實例的用以執行輸入加密的一方法的一流程圖。4 is a flowchart of a method to perform input encryption, according to an example.

圖5是根據一實例的用以執行輸入加密的一計算裝置的一方塊圖。5 is a block diagram of a computing device to perform input encryption, according to an example.

圖6描繪了根據一實例的用以執行輸入加密的一非暫時性機器可讀儲存媒體。6 depicts a non-transitory machine-readable storage medium for performing input encryption, according to an example.

在整個圖式中,相同的參考編號表示類似但不一定相同的元件。這些圖不一定按比例繪製,並且某些部分的尺寸可能被誇大以更清楚地說明所示實例。此外,圖式提供了與說明書一致的實例及/或實施方式;然而,說明書不限於圖式中提供的實例及/或實施方式。Throughout the drawings, like reference numbers indicate similar, but not necessarily identical, elements. The figures are not necessarily to scale and the dimensions of some parts may have been exaggerated to more clearly illustrate the examples shown. In addition, the drawings provide examples and/or implementations consistent with the description; however, the description is not limited to the examples and/or implementations provided in the drawings.

100:計算裝置 100: computing device

102:埠 102: port

103:輸入 103: input

104:處理器 104: Processor

105:經加密輸入 105: encrypted input

106:操作系統 106: Operating system

108:應用程式 108: Apps

Claims (15)

一種計算裝置,其包括: 一操作系統,用以基於所接收輸入執行一操作; 一埠,用以接收一輸入裝置的一連接器;以及 在該計算裝置上的一處理器,用以: 沿該埠與該操作系統之間的一通訊路徑截取從該輸入裝置接收的輸入; 基於一應用程式選擇一加密金鑰以接收經加密輸入; 基於一經選擇加密金鑰加密該輸入;及 將經加密輸入傳送到該應用程式。 A computing device comprising: an operating system for performing an operation based on received input; a port for receiving a connector of an input device; and a processor on the computing device to: intercepting input received from the input device along a communication path between the port and the operating system; selecting an encryption key based on an application to receive encrypted input; encrypting the input based on a selected encryption key; and Send encrypted input to the application. 如請求項1之計算裝置,其中該處理器係用以實施一安全通道以將該經加密輸入傳送到該應用程式。The computing device of claim 1, wherein the processor is configured to implement a secure channel to transmit the encrypted input to the application program. 如請求項2之計算裝置,其中該安全通道係選自由以下各項所組成的群組: 一直接記憶體存取; 一共享記憶體存取;或 其等組合。 The computing device of claim 2, wherein the secure channel is selected from the group consisting of: - direct memory access; a shared memory access; or other combinations. 如請求項1之計算裝置,其中: 該輸入裝置為一鍵盤;及 該處理器係用以密碼移位該輸入以產生該經加密輸入。 The computing device of claim 1, wherein: the input device is a keyboard; and The processor is used to cryptographically shift the input to generate the encrypted input. 如請求項4之計算裝置,其中該處理器係用以將經密碼移位的該經加密輸入直接傳送到該應用程式。The computing device of claim 4, wherein the processor is configured to directly transmit the cryptographically shifted encrypted input to the application program. 如請求項5之計算裝置,其中該處理器係用以經由一安全通道向該應用程式提供一密碼移位金鑰。The computing device according to claim 5, wherein the processor is configured to provide a cryptographic shift key to the application program through a secure channel. 如請求項1之計算裝置,其中該應用程式係用以在認證期間將該加密金鑰傳送給該處理器。The computing device of claim 1, wherein the application is configured to transmit the encryption key to the processor during authentication. 如請求項1之計算裝置,其更包含一管理程式,用以: 接收該經加密輸入; 解密該經加密輸入;及 將經解密輸入傳送到一第一應用程式及一第二應用程式。 The computing device according to claim 1, further comprising a management program for: receiving the encrypted input; decrypt the encrypted input; and The decrypted input is sent to a first application and a second application. 一種計算裝置,其包含: 一操作系統,用以基於所接收輸入執行一操作; 一埠,用以接收一輸入裝置的一連接器;以及 在該計算裝置上的一處理器,用以: 授權並識別一應用程式以接收經加密輸入; 沿該埠與該操作系統之間的一通訊路徑截取從該輸入裝置接收的輸入; 基於該應用程式選擇一加密金鑰以接收經加密輸入,其中該加密金鑰對於一特定的經加密通訊會話是唯一的; 基於一經選擇加密金鑰加密該輸入; 阻止未加密輸入的傳輸;及 將經加密輸入傳送到該應用程式。 A computing device comprising: an operating system for performing an operation based on received input; a port for receiving a connector of an input device; and a processor on the computing device to: authorize and identify an application to receive encrypted input; intercepting input received from the input device along a communication path between the port and the operating system; selecting an encryption key to receive encrypted input based on the application, wherein the encryption key is unique to a particular encrypted communication session; encrypting the input based on a selected encryption key; block the transmission of unencrypted input; and Send encrypted input to the application. 如請求項9之計算裝置,其中該處理器係用以將該加密金鑰傳送到該應用程式。The computing device according to claim 9, wherein the processor is configured to transmit the encryption key to the application program. 如請求項9之計算裝置,其中該處理器係用以響應於終止該經加密通訊會話的一觸發將該經加密輸入作為一區塊傳送。The computing device of claim 9, wherein the processor is configured to transmit the encrypted input as a block in response to a trigger that terminates the encrypted communication session. 如請求項9之計算裝置,其中該處理器係用以在輸入被接收及加密時傳送經加密輸入。The computing device of claim 9, wherein the processor is configured to transmit encrypted input as the input is received and encrypted. 一種非暫時性機器可讀儲存媒體,其編碼有可由一計算裝置的一處理器執行的指令,該機器可讀儲存媒體包含在由該處理器執行時致使該處理器進行以下動作的指令: 響應於一第一觸發而啟動一經加密通訊會話; 在該經加密通訊會話期間: 授權一應用程式接收經加密輸入; 截取沿一埠與一操作系統之間的一通訊路徑從一輸入裝置接收的輸入; 選擇對該經加密通訊會話為唯一的一加密金鑰; 基於一經選擇加密金鑰加密該輸入;及 將經加密輸入傳送到該應用程式;以及 響應於一第二觸發而終止該經加密通訊會話。 A non-transitory machine-readable storage medium encoded with instructions executable by a processor of a computing device, the machine-readable storage medium comprising instructions that, when executed by the processor, cause the processor to: initiating an encrypted communication session in response to a first trigger; During this encrypted communication session: Authorize an application to receive encrypted input; intercepting input received from an input device along a communication path between a port and an operating system; select an encryption key unique to the encrypted communication session; encrypting the input based on a selected encryption key; and send encrypted input to the application; and The encrypted communication session is terminated in response to a second trigger. 如請求項13之非暫時性機器可讀儲存媒體,其中該第一觸發係選自由以下各項所組成的群組: 來自請求一經加密通訊會話的一應用程式的元資料;及 經由一機械開關的輸入; 經由一使用者界面元件的輸入;或 其等組合。 The non-transitory machine-readable storage medium of claim 13, wherein the first trigger is selected from the group consisting of: Metadata from an application requesting an encrypted communication session; and input via a mechanical switch; input via a user interface element; or other combinations. 如請求項13之非暫時性機器可讀儲存媒體,其中該第二觸發係選自由以下各項所組成的群組: 停用該輸入裝置正在向其提供輸入的一應用程式; 一會話終止鍵擊; 一超時時段的逾期;或 其等組合。 The non-transitory machine-readable storage medium of claim 13, wherein the second trigger is selected from the group consisting of: disable an application to which the input device is providing input; A session termination keystroke; Expiration of a timeout period; or other combinations.
TW111105839A 2021-10-18 2022-02-17 Input encryption TW202318832A (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
PCT/US2021/055354 WO2023069060A1 (en) 2021-10-18 2021-10-18 Input encryption
WOPCT/US21/55354 2021-10-18

Publications (1)

Publication Number Publication Date
TW202318832A true TW202318832A (en) 2023-05-01

Family

ID=86059474

Family Applications (1)

Application Number Title Priority Date Filing Date
TW111105839A TW202318832A (en) 2021-10-18 2022-02-17 Input encryption

Country Status (2)

Country Link
TW (1) TW202318832A (en)
WO (1) WO2023069060A1 (en)

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7243237B2 (en) * 2003-05-02 2007-07-10 Microsoft Corporation Secure communication with a keyboard or related device
US7366916B2 (en) * 2003-09-20 2008-04-29 Avaya Technology Corp. Method and apparatus for an encrypting keyboard
WO2012145235A1 (en) * 2011-04-20 2012-10-26 Medtronic, Inc. Method and system for adjusting a validity timeout of a session key for communication with an implantable medical device
KR101642211B1 (en) * 2012-03-28 2016-07-22 인텔 코포레이션 Method for implementing secure data channel between processor and devices
JP2013242644A (en) * 2012-05-18 2013-12-05 Panasonic Corp Virtual computer system, control method, and program
US10789371B2 (en) * 2016-06-20 2020-09-29 Intel Corporation Technologies for trusted I/O with a channel identifier filter and processor-based cryptographic engine

Also Published As

Publication number Publication date
WO2023069060A1 (en) 2023-04-27

Similar Documents

Publication Publication Date Title
US10462114B2 (en) System and associated software for providing advanced data protections in a defense-in-depth system by integrating multi-factor authentication with cryptographic offloading
US11848753B2 (en) Securing audio communications
US11233653B2 (en) Dongle for ciphering data
RU2371756C2 (en) Safety connection to keyboard or related device
US9954826B2 (en) Scalable and secure key management for cryptographic data processing
EP3198786B1 (en) Secure object access
US9961048B2 (en) System and associated software for providing advanced data protections in a defense-in-depth system by integrating multi-factor authentication with cryptographic offloading
US20180091487A1 (en) Electronic device, server and communication system for securely transmitting information
US10019605B2 (en) Systems, methods and apparatus for secure peripheral communication
CN110868291B (en) Data encryption transmission method, device, system and storage medium
US11677546B2 (en) Methods and systems of securely transferring data
CN101169815A (en) Computer system and data input method
TW202318832A (en) Input encryption
CN108985079B (en) Data verification method and verification system
Nepal et al. Portable Key Management Service for Cloud Storage